Τιμή μετοχής

Η Ευρωπαϊκή Ενωση ιδρύει την «Αστυνομία Σκέψης»

Φρίκη προκάλεσαν οι ανακοινώσεις που έκανε ο επίτροπος της Κομισιόν για τη Δικαιοσύνη, ο φιλοφασιστικών απόψεων Ιταλός Φράνκο Φρατίνι, παρουσιάζοντας μια ακόμη δέσμη μέτρων της ΕΕ με στόχο την περαιτέρω συρρίκνωση των πολιτικών και ατομικών ελευθεριών των πολιτών της Ευρώπης, με πρόσχημα τη δήθεν «καταπολέμηση της τρομοκρατίας».

Θύελλα αντιδράσεων έχει ήδη ξεσπάσει στις μεγαλύτερες ευρωπαϊκές χώρες.

«Πρόκειται για ένα νέο μέτρο που θέτει όλο τον κόσμο υπό παρακολούθηση και καθιστά τον καθένα ύποπτο» δήλωσε ο Τόνι Μπάνιαν, εκπρόσωπος της βρετανικής οργάνωσης υπεράσπισης των πολιτικών ελευθεριών «Στέιτγουοτς» αναφερόμενος στο ευρω-φακέλωμα των επιβατών αεροπλάνων.

«Κίνδυνο να ποινικοποιηθεί η έκφραση πολιτικών απόψεων» διαπίστωσε επίσης σχετικά με τις προτάσεις της Κομισιόν για αστυνόμευση των γραφομένων στα έντυπα και στο Ιντερνετ.

«Η χρήση προσωπικών δεδομένων σε τόσο μεγάλη έκταση θα μετατρέψει την ΕΕ στην πιο επιτηρούμενη περιοχή του κόσμου!» υπογράμμισε.

«Βλέπουμε ήδη μπροστά μας τον μεγάλο κίνδυνο να καθορίζουν σε λίγα χρόνια οι βάσεις δεδομένων των υπηρεσιών ασφαλείας το επίπεδο ελευθερίας κάθε πολίτη να ταξιδεύει.

Στις ΗΠΑ ήδη από σήμερα πολιτικές δραστηριότητες, όπως είναι η αντίθεση στον πόλεμο του Ιράκ, οδηγούν στον αποκλεισμό ανθρώπων από πτήσεις» δήλωσε η Γερμανίδα βουλευτής των Πρασίνων Σίλκε Στόκαρ.

«Τα θεμελιώδη δικαιώματα στην ΕΕ απειλούνται με συνεχείς περιστολές, με πρόσχημα την καταπολέμηση της τρομοκρατίας» αναφέρει σε ανακοίνωσή του ο αντιπρόεδρος της Επιτροπής Ελευθεριών του Ευρωπαϊκού Κοινοβουλίου και επικεφαλής των ευρωβουλευτών του ΠΑΣΟΚ Στ. Λαμπρινίδης.

Χειροπέδες στην ελευθερία
Στραγγαλισμό της ελευθερίας του λόγου συνιστούν οι προτάσεις της Κομισιόν να ποινικοποιηθεί η «δημόσια πρόκληση για τέλεση τρομοκρατικών αδικημάτων», η «στρατολόγηση στην τρομοκρατία ακόμη και μέσω του Διαδικτύου», ο «εξοπλισμός σε όλη την ΕΕ των νομικών συστημάτων με τα κατάλληλα εργαλεία για την παραπομπή στη Δικαιοσύνη των εγκληματιών που προπαγανδίζουν τη βία», η «διάδοση προπαγάνδας μίσους» και διάφορα άλλα παρόμοια.

Προσπαθώντας να παραπλανήσει τους Ευρωπαίους πολίτες ως προς τους πολιτικούς στόχους της, η Κομισιόν φέρνει ως παράδειγμα τις οδηγίες κατασκευής βομβών που μπορεί να βρει κανείς στο Ιντερνετ για να κρύψει το τεράστιο πολιτικό ζήτημα που εγείρουν οι νόμοι που επιδιώκει να ψηφιστούν.

Το ΡΚΚ για τον κουρδικό λαό είναι η πρωτοπορία του εθνικοαπελευθερωτικού του αγώνα, όπως και η Χαμάς για την πλειονότητα των Παλαιστινίων και των Αράβων.

Αν κάποιος Ευρωπαίος γράψει ένα άρθρο υπέρ του ΡΚΚ ή της Χαμάς, τότε με βάση τους νόμους που εισηγείται η Κομισιόν θα... συλλαμβάνεται, θα καταδικάζεται και θα φυλακίζεται ως... «εγκληματίας», επειδή ο κάθε αστυνομικός και ο κάθε δικαστής θα έχει το δικαίωμα να κρίνει ότι η υποστήριξη του ένοπλου απελευθερωτικού αγώνα του ΡΚΚ συνιστά «δημόσια πρόκληση για τέλεση τρομοκρατικών αδικημάτων», αφού για να πετύχει την απελευθέρωση του Κουρδιστάν το ΡΚΚ φυσικά και θα πλήξει τουρκικούς στόχους, θα σκοτώσει Τούρκους στρατιώτες κ.λπ.

Σύσσωμος ο ελληνικός Τύπος θα είχε π.χ. οδηγηθεί στις φυλακές τη δεκαετία του 80, όταν οι Ιρλανδοί αγωνιστές του IRA πέθαιναν από απεργίες πείνας στα βρετανικά κάτεργα και όλοι σχεδόν οι Ελληνες δημοσιογράφοι έγραφαν υπέρ τους, ενώ το Λονδίνο τους χαρακτήριζε «τρομοκράτες».

Ακόμη πιο ύπουλη πολιτικά είναι η δίωξη της «προπαγάνδας μίσους». Ακόμη και η απλή υποστήριξη της θεωρίας της ταξικής πάλης μπορεί να ερμηνευθεί ως «προπαγάνδα μίσους» από ευρωπαϊκά καθεστώτα τελείως άλλης πολιτικής κουλτούρας, όπως ήταν π.χ. το φασίζον πολωνικό καθεστώς των αδελφών Κατσίνσκι ή όπως είναι οι κυβερνήσεις κρατών με ζωντανό φιλοναζιστικό παρελθόν, όπως οι Βαλτικές Χώρες.

ΤΑΞΙΔΙΩΤΕΣ - ΔΕΣΜΩΤΕΣ
19 προσωπικά δεδομένα θα αποθηκεύονται για 13 ολόκληρα χρόνια

Ολα τα ολοκληρωτικά καθεστώτα, όλες τις εποχές, ήθελαν να ελέγχουν τις μετακινήσεις των πολιτών τους. Ακριβώς αυτό επιδιώκει να κάνει όμως και η ΕΕ σήμερα, με την εξωφρενική απαίτηση της Κομισιόν να καταγράφονται, να αποθηκεύονται για... 13 (!) ολόκληρα χρόνια και να διανέμονται σε όλες τις αρχές ασφαλείας και τις μυστικές υπηρεσίες όλων των χωρών - μελών της ΕΕ, δεκαεννιά (!) προσωπικά δεδομένα κάθε επιβάτη αεροπορικής πτήσης. Δεκαεννέα!

Σε τι συνεισφέρει στην καταπολέμηση της «τρομοκρατίας» το να ειδοποιείται αυτοστιγμεί η Ασφάλεια της Εσθονίας ότι ένας τυχαίος Ελληνας πολίτης πήγε για τουρισμό στη Νορβηγία; Σε τίποτα απολύτως. Ενδιαφέρει όμως την κυβέρνηση μιας χώρας, αν ένας πολιτικός της αντίπαλος βρέθηκε στο ίδιο αεροπλάνο με την ερωμένη του, αν με την πιστωτική του κάρτα έβγαλε εισιτήρια κάποιου ατόμου που δεν δικαιολογείται. Ενδιαφέρει τον Γάλλο μεγαλοεπιχειρηματία να έχει ανά πάσα στιγμή τη λίστα των μετακινήσεων ενός Γερμανού ή Αγγλου ανταγωνιστή του.

Επικίνδυνη εκτροπή
Αυτές είναι πρακτικές αστυνομικού κράτους. Ολος ο πληθυσμός είναι ύποπτος και παρακολουθείται. Οι κινήσεις του σε όλο και περισσότερους τομείς καταγράφονται.

Ολες οι τηλεφωνικές και ηλεκτρονικές επικοινωνίες πλέον καταγράφονται έπειτα από απόφαση της ΕΕ - υποτίθεται ακόμη όχι ως προς το περιεχόμενο, αλλά ως προς το ποιος επικοινώνησε με ποιον και ποια ακριβώς ώρα και ημέρα. Στους δρόμους οι κάμερες μας καταγράφουν επειδή περπατάμε - στην Αγγλία καταγράφουν μέχρι και όλα τα οχήματα που κινούνται στο οδικό δίκτυο της χώρας. Παρακολουθούν όλες τις οικονομικές μας συναλλαγές...

Ολα αυτά και πολλά άλλα έχουν ως μοχλό εφαρμογής αποφάσεις της ΕΕ και των κυβερνήσεων των χωρών που τη συναπαρτίζουν. Το όραμα μιας «Ευρώπης των λαών» έχει μετατραπεί σε έναν εφιαλτικό «Ευρωπαϊκό Μεγάλο Αδελφό» που πνίγει τις ελευθερίες των λαών της ΕΕ...

ΓΙΩΡΓΟΣ ΔΕΛΑΣΤΙΚ

Πηγή: Έθνος

 Νέο site απο τον πρωταθλητή

Link to ChampionsDay.gr - HOME

Η έννοια του Master στα Ελληνικά δεδομένα είναι παραπλήσια με την έννοια "Θεός του Καράτε". Ητοι, μπορείς να το παίζεις θεός του καράτε μέχρι να φας ξύλο από κάποιον που ΠΡΑΓΜΑΤΙΚΑ ξέρει καράτε.

"Η σκληρή δουλειά είναι επιταγή που εξαργυρώνεται στο  μέλλον. Η τεμπελιά είναι μετρητά."
       Ανώνυμος

re ti ma8enei kaneis me ligi parapano koubenta.

.

.

.

.

.

.

.

.

.

.

.

avisos ta twn an8ropinwn sxesewn.

Αντιγράφω απο το forum της EAsports: 

There is a profile for the Xbox360 Controller. If you look in My Documents\NBA LIVE 07\configs you will see a controller configuration for the XBox360 controller.. But if you open the file up in a text editor it says ioconfig_mgr_displayname "Controller". So there is a default profile for the Xbox360 controller, its just that the folks thought "Controller" was a great name for the Xbox360 controller. If you want to, you can change the display name and it will show in the game, just make sure you save.

Long story short, the profile for the Xbox360 controller is listed as "Controller" in the preset controller configurations.

Source

 «Είμαι μαύρος και περήφανος» είχε τραγουδήσει στο ρεφρέν του «Say it loud I'm black and I'm proud» το «θερμό» καλοκαίρι του '68 στο Ντάλας. Οι μαύροι που ήταν ανάμεσα στο κοινό ύψωσαν τις γροθιές τους στον αέρα κάνοντας το τραγούδι ύμνο της μαύρης δύναμης. Ετσι, οι ταραχές του '68 στις ΗΠΑ απέκτησαν τη δική τους μουσική επένδυση.

Ελευθεροτυπία

Νέες δυνατότητες για τους καταναλωτές

Οσοι κατοικούν σε περιοχές από τις οποίες θα περνάει δίκτυο οπτικών ινών θα μπορούν:
*Να σταματήσουν να πληρώνουν το πάγιο στον ΟΤΕ, επιλέγοντας κάποιον από τους ανταγωνιστές του αρκεί αυτός να προσφέρει χαμηλότερες τιμές.
*Να έχουν πρόσβαση στο Ιντερνετ με εξαιρετικά υψηλές ταχύτητες. Η γρήγορη πρόσβαση στο Διαδίκτυο θα επιτρέψει το λανσάρισμα και νέων υπηρεσιών, όπως την παρακολούθηση ταινιών μέσω Διαδικτύου.
Εκτεταμένα και δαπανηρά σχέδια ανάπτυξης ιδιόκτητων δικτύων υλοποιούν αυτή την περίοδο η FORTHnet, η Hellas On Line μαζί με τις Αττικές Τηλεπικοινωνίες, η Tellas, η On Telecom και η Vivodi. Αθροιστικά, έχουν απλώσει στους δρόμους της Αθήνας οπτικές ίνες μήκους άνω των 1.000-1.200 χιλιομέτρων.
Στην υπόθεση, εμπλέκονται και δημόσιοι οργανισμοί, όπως η Τραμ Α.Ε., η οποία διαθέτει οπτική ίνα περίπου 30 χιλιομέτρων σε όλο το μήκος της διαδρομής που ακολουθούν τα τρένα.
Αυτό το διάστημα, βρίσκεται σε εξέλιξη ένας σιωπηρός «διαγωνισμός». Η διοίκηση της Τραμ δέχεται προτάσεις για να παραχωρήσει αυτό το δίκτυο σε κάποια τηλεπικοινωνιακή εταιρεία έναντι «ενοικίου». Με αυτό τον τρόπο η Τραμ Α.Ε. θα εξασφαλίσει μια καινούρια πηγή εσόδων, ενώ η ιδιωτική εταιρεία που θα επικρατήσει θα κερδίσει χρόνο στην ανάπτυξη του δικτύου της.

Source

το καζανάκι χάλασε το καζανάκι πάει.

OSI Reference

1.Identify and describe the functions of each of the seven layers of the OSI reference model.

The seven layers of the OSI reference model are; Application, Presentation, Session, Transport, Network, Data Link, and Physical.

Application

The Application layer identifies and establishes the availability of the intended communication partner. Synchronizes sending and receiving applications, establishes agreements on error-recovers and controls data integrity; determines if sufficient resources for the intended communication exist.

Presentation

The Presentation layer negotiates data transfer syntax for the application layer, it is responsible for encryption. Standards like PIC, JPG, TIFF, and XDR, are considered presentation layer standards.

Session

The Session Layer is responsible for coordinating communications between systems, maintaining sessions for as long as needed and performing security, logging and administrative functions.

Session Layer standards are SQL, NFS

Transport

The Transport Layer provides transport of data from the upper layers. This layer abstracts the actual network data transfer from applications. Protocols at this layer are dealing with issues of connection reliability, flow control and error detection.

Tear Down Virtual Circuits

Data at the Transport Layer is split into Segments.

Network

The Network layer provides a mechanism for addressing and routing of data through an internetwork. The Network layer fragments packets that are too large for downstream MTU’s.

The Network layer translates logical addresses (IP / IPX) or names into physical addresses (MAC). Adds a Network Layer header with the logical addressing information.

Data at the Network Layer is split into Packets or Datagrams

Data-Link

The Data-Link Layer specifies the topology such as Ethernet or Token Ring and frames data according to that topology.

The Data Link Layer provides error free transfer of data frames from one node to another over the physical layer.

The MAC address is involved at this layer.

Data at the Data-Link Layer is split into Frames

Physical

The Physical Layer is concerned with the actual interpretation of the bit stream into an electrical signal that can be carried across the physical medium.

This layer specifies the physical medium properties.

2. Describe connection-orientated network service and connectionless network service, and identify the key differences between them.

Connection orientated communication is supported by TCP on port 6. This is similar to a telephone conversation where you must place a call and the other party must answer therefore establishing a connection. It is reliable as a session is guaranteed and acknowledgements at the transport layer are received..

Connectionless orientated communication is supported by UDP on port 17. This is similar to sending a postcard. You don’t need to contact the other person first, you just write your message and mail it. It is not guaranteed and no acknowledgements are sent or received. It is faster though than connection orientated. It is up to the application or higher layers to check that the data was received.

3. Describe data link addresses and network addresses, and identify the key differences between them.

Data link addresses are addresses that operate at the network layer. A MAC address is a data link layer address and these are built in by the manufacturer and cannot usually be changed. They can be virtualizes for Adapter Fault Tolerance or HSRP.

Switches and Bridges operate at the Data Link layer and use Data Link addresses to switch/bridge.

Data Link addresses are flat in structure.

Network addresses operate at the Network Layer. These are IP addresses or IPX addresses that are used by Routers to route packets. Network addresses are made up of two parts, the Network address and the Host address.

Network addresses are host specific and one must be bound to each interface for every protocol loaded on the machine.

There is no fixed relationship between the host and the Network Address.

4. Identify at least 3 reasons why the industry uses a layered model.

The industry uses a layered model mainly to split a task down into functions so developers can concentrate on one layers functions. They are

· It clarifies the general functions, rather than specific on who to do it.

· It makes the complexity of networking into more manageable sub layers.

· It uses standard interfaces to enable ease of interoperability.

· Developers can change the features of one layer without changing all the code.

· It allows specialization that helps industry progress.

· It eases troubleshooting.

5. Define and explain the 5 conversion steps of data encapsulation.

Data encapsulation is the process in which the information in a protocol is wrapped, or contained, in the data section of another protocol.

In the OSI model each layer encapsulates the layer immediately above it as the data flows down the protocol stack.

At a transmitting device, the data encapsulation method is as follows;

1. User information is converted to data. (Application Layer)

2. Data is converted to segments (Transport Layer)

3. Segments are converted to Packets or Datagrams (Network Layer)

4. Packets or Datagrams are converted to Frames (Data Link Layer)

5. Frames are converted to bits. (Physical Layer)

6. Define flow control and describe the three basic methods used in networking.

Flow control is a function that prevents network congestion by ensuring that transmitting devices do not overwhelm receiving devices with data.

There are a number of possible causes of network congestion. For example, a high-speed computer might generate traffic faster than the network can transfer it, or faster than the destination device can receive and process it.

There are three commonly used methods for handling network congestion:

· Buffering

· Source Quench Messages

· Windowing

Buffering

Buffering is used by network devices to temporarily store bursts of data that cannot be processed fast enough by the node.

This is adequate for small bursts but large data bursts can fill up the buffer memory and this results in the buffer discardarding packets once it is full.

Source Quench Messages

A Source Quench Message is sent by a receiving device to indicate to the sender that its buffer is full. One source quench message is sent for every packet dropped.

The sending device will receive the Source Quench Message and reduce its data rate until no more Source Quench Messages are received.

The sending device will then gradually increase its data rate so long as no further Source Quench Messages are received.

Windowing

Windowing is a flow control scheme where the sending device requires an acknowledgement from the receiving device after a certain number of packets have been transmitted. The number is called the Window Size.

If the Window Size is 3, the sending device will send three packets and then wait for an acknowledgement from the receiving device before transmitting any more data.

If the receiving device doesn’t receive all of the packets it will not send an acknowledgement therefore after a specified timeout the sending device will re-send the packets at a lower transmission speed.

7. List the key internetworking functions of the OSI Network layer and how they are performed in a router.

· Establishes network addresses.

· Selects the best path through an internetwork

· Uses a routing protocol between routers

· Uses a routed protocol to carry user packets

· Uses a two part address

· Sets up and maintains routing tables

· Discovers Networks

· Adapts to internetwork topology changes

· Contains broadcasts.

WAN Protocols

8. Differentiate between the following WAN services: Frame Relay, ISDN/LAPD, HDLC, & PPP

Frame Relay

Frame relay is a fast WAN protocol that operates at the Physical and Data Link layers of the OSI model. Works between DTE and DCE devices. Uses Packet Switching.

DTE consists of terminals, PC’s, routers and bridges all which are customer owned end node devices. DCE devices such as packet switchers are owned by the service provider.

Frame Relay uses PVC’s and SVC’s but most usually PVC’s. The connection is identified ny a Data Link Connection Identifier (DLCI).

ISDN/LAPD

Integrated Services Digital Network (ISDN) is a digital service designed to run over existing telephone networks. ISDN can support both data and voice simultaneously. ISDN is referenced by a ITU-T group of protocols that encompass the OSI Physical, Data Link, and Network Layers.

HDLC

The High Level Data Link Control Protocol is a link layer protocol that is the standard encapsulation type for Cisco Serial interfaces.

SDLC was modified to produce HDLC.

Maps to 802.2

PPP

The Point to Point Protocol is a data link protocol that can be used over either asynchronous (dial-up) or synchronous (ISDN) media. It used the Link Control protocol (LCP) to maintain the data link. It has a number of features including Authentication using either PAP or CHAP and compression.

PPP is set on the interface by typing.

Router(config-if)#encapsulation ppp

PPP must be enabled on both ends of the interface to allow communication.

9. Recognize key Frame Relay terms and features

Frame Relay offers a service between 56kbps and 2,078Mbps over fibre links. Frame Relay uses a CRC, bad packets are discarded and the receiving station requests re-transmission of any missing frames.

It uses Data Link Connection Identifiers (DLCI) to identify the virtual circuits. To assign a DLCI to an interface you type.

Router(config-if)#frame-relay interface-dlci 16

The number can be between 16 and 1007

Local Management Interfaces (LMI) provide information about the DLCI values and the status of virtual circuits. The default is Cisco but they can be set to;

· Cisco (Default)

· Ansi

· Q944a

They are assigned by typing

Router(config-if)#frame-relay lmi-type ansi

Would set the LMI type to ansi.

To set up frame relay on an interface just set the encapsulation to frame-relay

Frame relay encapsulation can either be Cisco (Default) or IETF. To set type.

Router(config-if)#encapsulation frame-relay ietf

This sets the frame relay encapsulation to ietf

You must use Cisco Encapsulation to connect two Cisco routers or ietf if a third party router is involved.

10. List commands to configure Frame Relay LMIs, maps, and subinterfaces.

To set the LMI type you type from the interface configuration.

Router(config-if)#frame-relay lmi-type {cisco/ansi/q933a}

Cisco is the default

A keepalive interval must be set to enable LMI on an interface. This is 10 seconds by defualt and can be set by typing

Router(config-if)#frame-relay keepalive 20

To set the keepalive to 20 seconds.

The Frame Relay Map tells the network protocol how to get from a specific protocol and address pair to the correct DLCI.

There are two ways to make this happen, you can use the frame-relay map command or you can use the inverse-arp function.

Subinterfaces allow multiple virtual circuits on a single serial interface and each sub-interface can be treat as a separate interface. You use the interface s0.interface number command

Router(config)#int s0.?

<0-4294967295> Serial interface number

Router(config)#int s0.16 ?

Multipoint Treat as a multipoint link

Point-to-point Treat as a point-to-point link

It is worthwhile creating a subinterface that matches the DLCI identifier.

11. List commands to monitor Frame Relay operation in the router.

Router#show frame-relay ip - Show frame relay ip statistics

Router#show frame-relay lmi - Show LMI statistics

Router#show frame-relay map - Show map table

Router#show frame-relay pvc - Show PVC Statistics Also DLCI Info

Router#show frame-relay route - Show frame relay routes

Router#show frame-relay traffic - Show protocol statistics

The Show Interface command also shows Frame Relay information on a specific interface.

12. Identify PPP operations to encapsulate WAN data on Cisco routers.

PPP is enabled at the Interface configuration mode by typing

Router(config-if)#encapsulation ppp

There are then several sub PPP commands such as authentication, multilink, compression, callback etc..

The Show Interface command lists the encapsulation method on an interface. Also Show Running-Config displays the PPP commands allocated to an interface.

13. State a relevant use and context for ISDN networking.

ISDN networking can be used by SOHO users providing up to 128Kbps with PPP Multilink connection to corporate networks or the Internet. A BRI connection can also be used as a backup line in case the primary link goes down. In this case you have to set the desirability of the ISDN link to be very low. In other words only use if there is no other way.

14. Identify ISDN protocols, function groups, reference points, and channels.

ISDN Protocols

These protocols deal with ISDN issues;

· E – Specify ISDN on the existing telephone network.

· I – Specify Concepts, terminology, and Services.

· Q – Specify switching and signalling.

ISDN Function Groups

Devices connected to the ISDN network are known as terminals and have the following types;

· TE1 – Terminal Equipment type 1 understands ISDN standards. Like a BRI Interface on a router.

· TE2 – Terminal Equipment type 2 predate ISDN standards. To use a TE2, you must have a Terminal Adapter (TA).

ISDN Reference Points

ISDN uses four different reference points to define logical interfaces. They are as follows;

· R – Defines the reference point between non ISDN equipment and a TA

· S – Defines the reference point between user terminals and an NT2

· T – Defines the reference point between NT1 and NT2 devices

· U – Defines the reference point between NT1 devices and Line Termination Equipment. (North America Only)

ISDN Channels

ISDN can either be Basic Rate ISDN (BRI) or Primary Rate ISDN (PRI).

BRI is 2 * 64Kbps B Channels for data and one 16Kbps D Channel for link management.

PRI is 23 * B Channels and 1 * D Channel in the US or 30 * B Channel and 1 * D Channel in Europe.

15. Describe Cisco’s implementation of ISDN BRI.

Cisco implements BRI using a BRI RJ45 interface on a router enables as a TE1 device. The following are also a feature of Cisco BRI

· Multiprotocol support.

· Available on several router series.

· SNMP support with ISDN MIB Group.

· Multiple bearer channels.

· Bandwidth on demand.

· Optional incoming call screening.

· PPP with compression options.

· Services only when needed by using DDR.

IOS

16. Log into a router in both user and privileged modes.

When you first log into a router you are prompted with the prompt Router> This is called User EXEC mode and only contains a limited feature set.

Entering the command ENABLE and the password will put you in Privileged EXEC Mode that is indicated by the prompt Router# From this mode you can now use all of the available commands and enter Global Configuration Mode.

17. Use the context-sensitive help facility.

IOS has a built in Context-sensitive help. The main tool is the ? symbol. If you are unsure of how a command or the entire syntax for a command, typing in a partial command followed by a ? provides you with the available options.

For example if you require to use the CLOCK command and are unsure of the syntax you can enter;

CLOCK ?

This will return the text.

read-calendar Read the hardware calendar into the clock

set Set the time and date

update-calendar Update the hardware calendar from the clock

These are the available options for the CLOCK command.

Also the ? can be used if you are unsure of how an individual command ends or which commands are available.

For example if you enter the command,

SHOW RUN?

This will return the text

running-config

Or you could enter the command

SHOW R?

Which would return the text

registry reload rhosts rif

rmon route-map rtr running-config

The above commands are all the available commands from SHOW that start with R.

18. Use the command history and editing features.

Ctrl-W - Erases a word

Ctrl-U – Erases a line

Ctrl-R – Redisplays a line

Ctrl-A – Moves the cursor to the beginning of the current line

Ctrl-E – Moves the cursor to the end of the current line

Ctrl-F (or right arrow) – Move forward one character

Ctrl-B (or left arrow) – Move back one character

Ctrl-P (or up arrow) – Repeat previous command entry

Ctrl-N (or down arrow) – Most recent command recall

ESC+B – Move backward one word

ESC+F – Move forward one word

Ctrl-Z – Ends Configuration Mode and returns to the Privileged EXEC Mode.

TAB Key – Finished a partial command

Router> show history – Shows command buffer

Router> terminal history size – Set command buffer size

Router> terminal no editing – Disable advanced editing features

Router> terminal editing - Re-enables advanced editing

$ Indicates along line.

19. Examine router elements (RAM, ROM, CDP, show).

Routers operate with the following elements;

· RAM

This is the working area for the Router. It contains Routing Tables, ARP Cache etc. It also holds the Routers Running-Config file.

The contents of RAM are lost when you power down.

To view info about IOS in RAM type

Router#show version

To view info about programs in RAM type

Router#show processes

To view the active configuration file type

Router#show running-configuration / write terminal

To view tables and buffers type

Router#show memory / show stacks / show buffers

· NVRAM

Non-Volatile RAM stores the routers startup-config file. NVRAM content is retained when you power down or reload.

To view the contents type

Router#show startup-configuration / show config

· FLASH

Flash is an EPROM. Flash memory holds the operating system image (IOS). Having Flash allows you to update software without removing or adding chips.

Flash content is retained when you power down or reload. Multiple copies of IOS can be stored on Flash memory.

To view the contents type

Router#show flash

· ROM

ROM contains the power on diagnostics, a bootstrap program and operating system software. To perform upgrades the physical chips must be removed.

- CDP

Cisco Discovery Protocol is a proprietary protocol to allow you to access configuration information on other routers and switches with a single command. It uses SNAP at the Data-Link Layer.

By default CDP send out a broadcast every 60 seconds and it holds this information for 180 seconds.

CDP is enabled by default.

CDP is enabled globally by entering global config mode and typing.

Router(config)#cdp run

CDP is disabled on a specific interface by entering the interface configuration mode and typing.

Router(config-if)#no cdp enable

At the Interface config mode you can only enable or disable CDP. At the global config mode you can also set the holdtime and timer. For Example

Router(config)#cdp timer 30

Router(config)#cdp holdtime 120

This will change the CDP timer to broadcast every 30 seconds and the amount of time the receiving devices hold onto your CDP broadcasts (holdtime) to 120 seconds.

Showing CDP Entries

When CDP is enabled you can view details of other Cisco devices by typing.

Router#show cdp neighbors

This displays the platform and protocol information on your neighbouring devices also its capabilities such as Router, Switch etc…

20. Manage configuration files from the privileged exec mode.

Router configuration information can be generated by several means.

From privileged EXEC mode you can enter the configure command to configure the running configuration from either a Terminal (Console), Memory (NVRAM), or Network (TFTP)

· Router#conf term – Configure manually from the console terminal

· Router#config mem – Load the configuration file from NVRAM, same as copy startup running.

· Router#config net – Load the configuration from a TFTP server, same as copy TFTP startup

You can also use the copy command

· Router#copy running startup – Copies the running config (RAM) to the Startup config (NVRAM). Used after real time changes via config term have been made that require to be saved.

· Router#copy running tftp – Makes a backup of the running config file to a TFTP server.

· Router#copy tftp running – Loads configuration information from a TFTP server.

To use a TFTP server you must specify the TFTP server’s hostname or IP address and the name of the file.

21. Control router passwords, identification, and banner.

Passwords

There are five different password that can be used when securing your Cisco Router, Enable Secret, Enable Password, Virtual Terminal Password, Auxiliary password, and console password.

1. Enable Secret

This is a cryptographic password which has precedence over the enable password when it exists. Can be set up during setup mode or from global config.

Router(config)#enable secret andrew

Sets the secret password to andrew. Password is prompted for to enter Priv EXEC mode.

2. Enable Password

Used when there is no Enable Secret and when you are using older software. Can be set up during setup mode or from global config.

Router(config)#enable password mason

Sets the enable password to mason. The enable and enable secret password cannot be the same.

3. Virtual Terminal Password

Used for Telnet sessions to the Router. Must be specified or you will not be able to log in to the router. Can be set up during setup mode or from global config.

Router(config)#line vty 0 4

Router(config-line)#login

Router(config-line)#password microsoft

Sets the telnet login password to be microsoft. Line vty 0 4 specifies the number of Telnet sessions allowed in the router.

4. Auxiliary Password

Used for connections via the Aux port on the Router.

Router(config)#line aux 0

Router(config-line)#login

Router(config-line)#password novell

5. Console Password

Used for connections via the console port on the Router.

Router(config)#line con 0

Router(config-line)#login

Router(config-line)#password oracle

Passwords can be encrypted so that users on the system cannot see them. This is achieved by typing.

Router(config)#service password-encryption

SET ALL PASWORDS HERE

Router(config)#no service password-encryption

Router Identification

The Router can be assigned a name by entering.

Router(config)#hostname MyRouter

MyRouter(config)#

If no name is entered the default is for t to be called ”Router”

A login banner can be displayed. This is displayed by entering global configuration mode and typing.

Router(config)#banner motd #

You are then prompted to enter a text message and finish it with whatever character you placed after the motd, in this case a #

You can give each interface a description to help identify the interface. This is done in interface configuration mode by typing.

Router(config-if)#description Ethernet LAN to Gresley

This will label the interface with the string.

22. Identify the main Cisco IOS commands for router startup.

Upon boot the Router runs a POST check on the Hardware, Finds and loads the IOS software, Finds and loads the startup-config file.

If no valid startup-config file exists the router enters setup mode.

Commands relating to startup

· Router#show startup-config – Shows the config file stored in NVRAM

· Router#show running-config – Shows the config file stored in RAM

· Router#erase startup-config – Erases the config file from NVRAM

· Router#reload – Power cycles the Router

· Router#setup – Enters Setup Mode.

23. Enter an initial configuration using the setup command.

The setup mode is either manually started by entering Router#setup or by booting a server with no valid startup-config file in NVRAM.

Basically setup mode asks you questions to set up the router such as hostname, passwords and IP addresses for interfaces.

You are presented with the script at the end before it is applied. It is then copied to NVRAM and becomes the startup-config and running-config file on the Router.

24. Copy and manipulate configuration files.

As outlines in objective 20 the configuration files can be copied and manipulated between running-config, startup-config and a TFTP server for backup.

Enter the copy command to do this.

25. List the commands to load Cisco IOS software from: flash memory, a TFTP server, or ROM.

IOS can be booted from either Flash, a TFTP server or ROM. The default location is Flash but a fallback mode can be set.

This can be done by entering global config mode and typing.

· Router(config)#boot system flash IOS_filename – To boot from flash

· Router(config)#boot system tftp IOS_filename tftp_address – To boot from a TFTP server.

· Router(config)#boot system rom – To boot from ROM

The example above would tell the Router to look at Flash first, then TFTP, then ROM.

You can also use the configuration register value displayed in show version to set the boot mode.

26. Prepare to backup, upgrade, and load a backup Cisco IOS software image.

The IOS software image lives in Flash memory on the Router. A subset also resides in ROM but this is only used when the copy in Flash is corrupt. A tftp server can also be specified as a fallback so it hits Flash, TFTP, ROM.

The ROM subset allows basic functions and enters ROM Monitor mode to boot.

To back up the current version of IOS you can simply type

Router#copy flash tftp

You will be asked for the hostname or ip address of the tftp server and a filename for the IOS software image.

To upgrade the current version of IOS stored in Flash you can type

Router#copy tftp flash

You will be asked for the hostname or ip address of the tftp server and a filename for the IOS software image.

To load the new version on the IOS software you can type.

Router#config t - Enter Global Config Mode

Router(config)#no boot system flash old_ios_name - Removes the old image

Router(config)#boot system flash new_ios_name - Set the new boot image

27. Prepare the initial configuration of your router and enable IP.

Fresh out of the box a Router will load IOS but not have a Startup-Config. This can also be accomplished by typing.

Router#erase startup

This will erase the startup-config and cause the router when reloaded to go straight into setup mode.

To enable IP you have to be in the interface configuration mode and then type.

Router(config-if)#ip address 172.18.16.10 255.255.248.0

This sets the IP address to 172.18.16.10 and the Subnet Mask to 255.255.248.0

It would then be handy to set up a vty password to enable telnet sessions onto the Router.

Network Protocols

28. Monitor Novell IPX operation on the router.

Ping ipx {host address} - Diagnose basic IPX network connectivity.

Show ipx interface {interface} - Displays the status of the IPX interfaces configured on the

Router and the parameters configured on each interface.

Show ipx route - List the entries in the IPX routing table.

Show ipx servers - List the servers discovered through SAP advertisements.

Show ipx traffic - Display information about the IPX traffic.

29. Describe the two parts of network addressing, then identify the parts in specific protocol address examples.

The two parts to every Network address is the Network id and the Host ID.

In TCP/IP this is decided by the subnet mask. For 172.18.16.6 with a default SM of 255.255.0.0 the network id is 172.18 and the host id is 16.6.

In IPX/SPX the first 8 hex digits represent the network id and the remaining 12 hex digits represent the host id (the MAC address) for example 00017C80.0200.8609.33E9

00017C80 would be the network id and 0200.8609.33E9 would be the host id.

30. Create the different classes of IP addresses [and subnetting].

IP Adresses are split into 5 classess. These are Class A, Class B, Class C, Class D, and Class E.

Class D is used for multicast addresses and Class E is used for research projects.

We generally only use the first three classes of IP addresses, Class A, Class B, and Class C.

Class A – 1-127

Class A addresses by default use the first octet as the network address and the last three octets as the host address. Therefore this generally supports 126 true class A networks (128 – 0 and 127) and up to 16,777,214 hosts (2^24 –2)

The leading bit pattern is always 0 and the default Subnet Mask is 255.0.0.0

Class B – 128 - 191

Class B addresses by default use the first and second octet as the network address and the last two octets as the host address. Therefore this generally supports 16,382 networks (16 bits – 2 high order bits = 14. 2^14 = 16,384) and up to 65,534 hosts (2^16 –2)

The leading bit pattern is always 10 and the default subnet mask is 255.255.0.0

Class C – 192- 223

Class C addresses by default use the first, second, and third octet as the network address and the last octet as the host address. Therefore this generally supports 2,097,152 (24 bits – 3 high order bits = 21. 2^21 = 2,097,152) and up to 254 hosts (2^8 – 2)

The leading bit pattern is always 110 and the default subnet mask is 255.255.255.0

Subnetting

Subnetting an IP address is when you move the Network Address portion of the IP Address into the Host Address Section to facilitate more networks but less hosts.

For example with the address 182.16.52.10 and SM of 255.255.224.0

We know that this is a Class B address and it should use 16 bits here for the subnet. The value of 224 is made up of 3 bits out of the host address (1*128) + (1*64) + (1*32).

So therefore we are now left with only 13 bits for the host and three bits are used for the subnet.

Using these figures and a simple formula we can deduce that with this example there will be 8190 hosts available and 6 subnets.

There are 13 bits for the host so 2^13 –2 = 8190

There are 3 bits for the subnet so 2^3 – 2 = 6

Just forget about the default mask and work everything out from the right of the subnet mask values.

Remember

(2^number of bits) – 2 = number of Hosts or Subnets

The valid subnets will be 256-224(SM)=32

32, 64, 96, 128, 160, 192

The Subnet Broadcast address is always the last address in this case it would be 182.16.31.255 for the 32 subnet. The network address would be 182.16.32.0 aka the two reserved addresses.

31. Configure IP addresses.

To configure an IP address you have to enter interface config mode and type.

Router(config-if)#ip address 172.18.16.2 255.255.0.0

This will set the IP address on the interface to 172.18.16.2 with a SM of 255.255.0.0

It could also be displayed as 172.18.16.2 / 8

32. Verify IP addresses.

IP addresses can be verified by either using Telnet, Ping, Or Trace

· Telnet - verifies the application-layer software between source and destination stations. This is the most complete test mechanism available.

· Ping - Uses the ICMP protocol to verify the hardware connection at the logical address of the network layer.

Commands returned

! - Successful receipt of an echo reply

. - Times out waiting for datagram reply

U - Destination unreachable error

C - Congestion-experienced packet

I - Ping interrupted (for example, Ctrl-Shift-6 X)

? - Packet type unknown

& - Packet Time to Live exceeded

· Trace - Uses Time-To-Live (TTL) values to generate messages from each router used along the path. This is very powerful in its ability to locate failures in the path from the source to the destination.

Commands returned

!H -The probe was received by the router, but not forwarded, due to an access list.

P - The protocol was unreachable.

N - The network was unreachable.

* - Time out.

You can allocate an IP address a host name by using.

Router(config)#ip host {hostname} {ip address}

Router(config)#ip hosts baird 172.18.16.53

Then you can show the hosts and ping or trace by name.

Router#sh hosts

The command Router(config)#ip name-server sets a DNS server.

33. List the required IPX address and encapsulation type.

Interface Type Novell Frame Type Cisco Keyword

Ethernet Ethernet_802.3 Novell-ether (Default)

Ethernet_802.2 Sap

Ethernet_II Arpa

Ethernet_Snap Snap

Token Ring Token Ring Sap (Default)

Token Ring_Snap Snap

FDDI Fddi_Snap Snap (Default)

Fddi_802.3 Sap

Fddi_Raw Novell-fddi

Serial HDLC HDLC (Default)

34. Enable Novell IPX protocol and configure interfaces.

To enable IPX on an interface you have to go to the interface configuration mode and type the following command.

Router(config-if)#ipx network 2000

This adds IPX to the interface and sets the IPX network number to 2000. You do not have to enter an IPX host address as this is assigned by the MAC of the interface.

You can also enter encap after the network number to set the encapsulation type. If this is not entered the default frame type for the interface is used.

Sub Interfaces can be addressed using

Router(config)#int e0.100

This specifies a sub interface of number 100 on the Ethernet 0 interface to display

Router(config-subif)#ipx network 2300 encap sap

This sets the sub interface to IPX network 2300 using sap encapsulation which is Ethernet_802.2

The command Router(config)#ipx routing enables IPX routing.

35. Identify the functions of the TCP/IP transport layer protocols.

TCP/IP uses the DOD Model which is ;

Process Application - Maps to Application, Presentation, Session

Host to Host - Maps to Transport

Internet - Maps to Network

Network Access - Maps to Data Link and Physical

TCP/IP Transport Layer (OSI) or Host to Host (DOD) protocols are TCP and UDP

Transmission Control Protocol

TCP is a connection oriented transport layer protocol with built in reliability. Takes large blocks of data and breaks it down into segments. It numbers and sequences each segment so the destination’s TCP protocol can re-assemble back into the original order.

TCP uses acknowledgement via sliding windows.

Has a large overhead due to built in error checking

Works at Port 6

User Datagram Protocol

UDP is a connectionless oriented transport protocol for use when the upper layers provide error-recovery and reliability.

UDP does not sequence data or re-assemble it into any order after transmission.

Works at Port 17

36. Identify the functions of the TCP/IP network layer protocols.

TCP/IP Network Layer (OSI) or Internet (DOD) protocols are IP, ARP, RARP, BOOTP, and ICMP

Internet protocol

IP provides routing and a single interface to the upper layers. No upper layer protocol and no lower layer protocol have any functions relating to routing.

IP recieves segments from the transport layer and fragments them into packets including the hosts IP address.

Address Resolution Protocol

ARP is responsible for resolving MAC addresses to IP addresses. It stores these in its arp cache for later use.

It does this to inform a lower layer of the destination MAC address.

Reverse Address Resolution Protocol

RARP resolves IP addresses to MAC addresses on diskless workstations.

Boot Strap Protocol

BootP is used also for diskless workstations when it requires an IP address.

Internet Control Message Protocol

ICMP is a management protocol and messaging service provider for IP. Its messages are carried as IP datagram’s.

ICMP is used in the following events;

· Destination Unreachable

If a router cannot send an IP packet any further it uses an ICMP echo to send a message back to the sender notifying it that the remote node is unreachable.

· Buffer Full

If a routers memory buffer is full ICMP will send out this message to the originator.

· Hops

Each IP datagram is assigned a path. This consists of hops. If it goes through the maximum number of hops the packet is discarded and the discarding router send an ICMP echo to the host.

· Ping

Ping uses ICMP echo messages to check connectivity.

37. Identify the functions performed by ICMP.

As Above in Objective 36

38. Configure IPX access lists and SAP filters to control basic Novell traffic.

IPX access lists operate in the same way as IP access lists. Standard Lists use the numbers 800-899, extended IPX access lists use 900-999 and SAP filters use 1000-1099.

Standard IPX Access-Lists

Standard IPX access lists permit or deny packets based upon the source and destination IPX addresses. This differs to IP where it only looks at the source address.

There are no wildcard masks with IPX and you can use either the Node Address or Network Address

Router(config)#access-list 810 permit 30 10

The above line will only allow packets from network 30 to reach network 10.

These are applied in a similar way to IP from the interface config mode.

Router(config-if)#ipx access-group 810 out

-1 Means any IPX network Address

Extended IPX Access Lists

Extended IPX Access Lists can filter based upon

· Source Network/Node

· Destination Network/Node

· IPX Protocol (SAP, SPX etc)

· IPX Socket

Access List {number 900-999} {permit/deny} {protocol} {source} {socket} {destination} {socket}

IPX SAP Filters

IPX Sap Filters are used to filter out SAP broadcasts. They use the number range 1000-1099.

Access-list {number 1000-1099} {permit/deny} {source} {service type}

For example

Router(config)#access-list 1010 permit 22.0000.0000.0001 0

Router(config)#int e0

Router(config-if)#ipx input-sap-filter 1010

This would allow only the server on IPX network 22.0000.0000.0001 to be seen by the outside world.

The service code of 0 matches all services.

Routing

39. Add the RIP routing protocol to your configuration.

RIP is a distance vector routing protocol that uses hop count as its metric. The maximum hop count is 15 so 16 hops is deemed unreachable.

RIP updates are broadcast every 30 seconds by default.

RIP is enabled by typing.

Router(config)#router rip

This puts you in router configuration mode. You then have to associate attached networks with the RIP process. You only associate directly attached networks.

Router(config-router)#network 172.18.16.0

This would add the 172.18.16.0 network to the routing process.

40. Add the IGRP routing protocol to you configuration.

IGRP is a distance vector routing protocol designed by Cisco. The maximum hop count is 255 and it uses a combination of variables to determine a composite metric.

· Bandwidth

· Delay

· Load

· Reliability

· Maximum Transmission Unit (MTU)

Routing updates are sent at 90 second intervals by default.

IGRP is enabled by typing

Router(config)#router igrp 12

Where 12 is the autonomous system number.

You then have to associate directly connected networks in the same way as you did with RIP

Router(config-router)#network 172.18.16.0

This would add the 172.18.16.0 network to the routing process.

41. Explain the services of separate and integrated multiprotocol routing.

In a separate multiprotocol routing environment each protocol operate like ships in the night. Each protocol is not aware of the other protocols on the same router.

RIP and OSPF are separate routing protocols.

With an integrated multiprotocol routing environment each protocol is aware of the other protocols and they share the results of the routing algorithm.

EIGRP is an integrated routing protocol that integrates support for IP, AppleTalk and IPX using a distance vector algorithm based on IGRP.

42. List problems that each routing type encounters when dealing with topology changes and describe techniques to reduce the number of these problems.

Distance Vector Concept

Distance vector based routing algorithms pass periodic copies of a routing table from router to router. Regular updates between routers communicate topology changes.

Each router receives a routing table from its direct neighbour and increments all learned routes by one.

This is the way that the algorithm learns the internetwork topology, via second hand information. Distance Vector algorithms do not allow a router to know the exact topology of an internetwork.

RIP and IGRP are Distance Vector Routing Protocols.

Distance Vector Topology Changes

When the topology in a distance vector network changes, routing table updates must occur. As with the network discovery process topology change notification must occur router to router.

Distance Vector protocols call for each router to send its entire routing table to each of its adjacent neighbours.

When a router receives an update from a neighbouring router, it compares the update to its own routing table. If it learns about a better route (smaller hop count) to a network from its neighbour, the router updates its own routing table.

Problems with Distance Vector

Distance Vector routing protocols are prone to Routing Loops and counting to infinity.

Routing loops can occur if the internetwork’s slow convergence on a new configuration causes inconsistent routing entries.

Counting to infinity continuously loops packets around the network, despite the fundamental fact that the destination network is down.

To over come these you can implement

· Defining a maximum number of hops.

Specify a maximum distance vector metric as infinity. 16 with RIP and 256 with IGRP.

· Split Horizon

If you learn a protocol’s route on an interface, do not send information about that route back out that interface.

· Route Poisoning

Information past out on an interface it was learned from is marked as unreachable by setting the hop count to 16 for RIP

· Hold Down Timers

Routers ignore network update information for some period.

Link State Concepts

The Link State Routing algorithm maintains a more complex table of topology information. Routers using a link state routing protocol have a complete understanding and view of the entire network. The Link State algorithm uses Link State Packets (LSP) or Hello Packets to inform other routers of distant links.

All routers exchange LSP to build a total view of the network.

OSPF is a Link State Routing Protocol

Distance Vector Topology Changes

When the topology changes the first routers to find out send LSP to all other routers on the internetwork. All routers then re-calculate the best path to any affected route.

Link State routing protocols are more intensive in terms of power, memory, and bandwidth required.

Differences between Distance Vector and Link State

· Distance Vector gets all its information second hand or gossip whereas link state routing obtains a total topology of the internetwork.

· Distance Vector determines the best path by counting hops. Links State uses a complex bandwidth analysis.

· Distance Vector updates topology changes every 30 seconds as default which casues a slow convergence time. Link State can be triggered by topology changes resulting in faster convergence times.

43. Describe the benefits of network segmentation with routers.

As Objective 48

Network Security

44. Configure standard and extended access lists to filter IP traffic.

Access lists are a list of conditions that control access to an interface. They filter the traffic to say only allow outbound www traffic and not ftp.

A few rules

· Each packet is compared with each line of the access list in sequential order.

· Once a match is made it is acted upon and no further comparisons take place.

· There is an implicit deny at the end of each access list.

Access List Numbers to Know

1 – 99 - IP Standard Access Lists

100-199 - IP Extended Access Lists

800-899 - IPX Standard Access Lists

900-999 - IPX Extended Access Lists

1000-1099 - IPX SAP Access List

Standard IP Access List

A standard ip access list analyse the source address of the packet and match it against the access list.

access-list {number 1-99} {permit or deny} {source address}

These have to be entered at the Global Config mode and can use a wildcard mask (inverted subnet mask) eg

Router(config)#access-list 1 permit 172.18.0.0 0.0.255.255

The above command will permit only traffic from the 172.18.0.0 networks. This could be 172.18.232.123 and 172.18.2.9 but not 172.19.x.x

There can be more than one list per number but only one number per interface.

You apply the list to an interface by entering the interface configuration mode and typing.

Router(config-if)#ip access-group 1 out

This applies the access list number 1 to all outbound traffic on the selected interface.

Out means packets leaving the interface and in means packets entering the interface.

Extended IP Access Lists

Extended IP access lists operate the same as standard IP access lists but they use the number from 100-199 instead of 1-99. Also more options are available instead of only the source address.

You can now specify the ;

· Source Address

· Destination Address

· IP Protocol (TCP, UDP, ICMP etc…)

· Port Information (www, dns, ftp, etc..)

Access-list {number 100-199} {permit or deny} {protocol} {source} {destination} (eq) {port}

For example

Router(config)#access-list 100 deny tcp 172.18.16.0 0.0.0.255 any eq ftp

The above example will deny any ftp traffic from 172.18.16.x to any destination address.

ANY can be used to specify any source or destination address

which is the same as 0.0.0.0 255.255.255.255

HOST can be used to specify a host.

Host 172.18.16.2 is the same as 172.18.16.2 255.255.255.255

Extended IP access lists are applied to an interface in the same way as standard IP access lists.

45. Monitor and verify selected access list operations on the router.

Access lists can be viewed globally and also which interfaces they are related to.

Router#show access-lists - Displays all access lists running on the router.

Router#show ip access-lists - Displays all IP access lists running on the router.

Router#show ip int - Shows the IP interface information and indicates any

Outbound or inbound access lists.

Router#sh run - Shows the running config and which access lists are

globally set up and to which interfaces.

LAN Switching

46. Describe the advantages of LAN Segmentation.

LAN’s have a lot of broadcast traffic, they also work using a contention method. So segmenting the LAN reduces the collision domains and broadcast domains thus increasing the bandwidth available to each user.

47. Describe LAN segmentation using bridges.

Bridges segment LAN’s by learning the MAC address of the nodes on each directly connected interface. This helps segment LAN’s because the Bridge looks at destination MAC address and forwards the frame to the correct interface.

The downside is that frames with unrecognised MAC addresses are forwarded to every interface. Broadcasts are blocked by Bridges.

MAC Address learning is specified in 802.1.

48. Describe LAN segmentation using routers.

Routers can be used to segment LAN’s via routing between two or more Ethernet interfaces. Broadcasts will be filtered and the packets will be routed based upon the destination network address (IP or IPX). More advanced layer 3 features can be used.

49. Describe LAN segmentation using switches.

Switches are advanced multiport bridges that can either segment LAN’s or provide total end to end non-contentious bandwidth to clients. They support Full Duplex. VLAN’s can be used. Switches work on the MAC address (Data Link Address) in the same way as Bridges but they switch in hardware (Wire Speed) whereas a bridge bridges in software so they are much faster.

50. Name and describe the two switching methods.

The two switching methods are Cut-Through Switching and Store and Forward switching. These are explained in Objective 57.

51. Describe full- and half-duplex Ethernet operation.

Full Duplex has the capability to simultaneously send and receive data at the full bandwidth. So a 100Mbps link could send 100Mbps and receive 100Mbps theoretically using 200Mbps bandwidth.

Half Duplex operation has the capability to only send in one direction at a time to the full bandwidth.

52. Describe network congestion problem in Ethernet networks.

Ethernet networks generally operate using broadcasts. This caused problems in older bus networks due to broadcast storms reducing each client’s bandwidth. The CSMA/CD contention method also states that only one node can transmit at the same time so the more nodes the lower the actual bandwidth was to each node.

53. Describe the benefits of network segmentation with bridges.

As Objective 47.

54. Describe the benefits of network segmentation with switches.

As Objective 49.

55. Describe the features and benefits of Fast Ethernet.

Fast Ethernet is explained in the 802.3u standard which defines the specifications for the data link and physical layer.

Fast Ethernet is based on the Ethernet’s CSMA/CD contention method but is ten times faster.

Because of the slot time used in CSMS/CD networks the total segment distance must also be reduced.

Fast Ethernet Specifications

· 100BaseTX

100BaseTX uses a two-pair Category 5 UTP cable with an RJ45 connector and the same pin out as in 10BaseT. 100BaseTX supports full duplex operation.

· 100BaseFX

100BaseFX uses a two strand fibre cable of which one strand transmits and the other receives. Supports full duplex operation.

· 100BaseT4

100BaseT4 uses four-pair Cat 3, 4, or 5 UTP cabling and RJ45. Allows the use of voice grade cabling to run at 100Mbps.

Fast Ethernet has its advantages due to been ten times faster than 10BaseT and can be used on existing Cat5 cabling using existing Ethernet contention methods. It protects the investment in current cabling and experience.

56. Describe the guidelines and distance limitations of Fast Ethernet.

As with all networks there are certain rules that must be followed and these apply to 100BaseT as well.

· For 100BaseTX using Cat5 UTP the max distance is 100 Meters

· For 100BaseFX using Fibre the max distance is 412 Meters Half Duplex or 2 Kilometers Full Duplex.

57. Distinguish between cut-through and store-and-forward LAN Switching.

Switches use either store-and-forward switching or cut-through switching for LAN switching (forwarding) traffic.

Store-and-Forward Switching

With Store and Forward switching the switch copies the entire frame into its buffer and computers the CRC.

The frame is discarded if a CRC error is detected or if the frame is a runt (less than 64 bytes including the CRC) or a giant (more than 1518 bytes including the CRC).

The LAN switch then looks up the destination address in its switching table and determines the outgoing interface.

The frame is then sent to the interface.

Store-and-Forward switching is standard on Cisco Catalyst 5000 switches.

Latency using Store and Forward switching is dependant upon the frame size and is slower than Cut-through switching.

Cut-Through Switching

With Cut-Through switching the switch copies only the Destination Address which is the first 6 bytes after the preamble into its buffer.

The LAN switch then looks up the destination address in its switching table and determines the outgoing interface.

The frame is then sent to the interface.

A cut-through switch provides reduced latency because it begins to forward the frame as soon as it reads the destination address and determines the outgoing interface.

Some switches can be configured to perform cut-through switching on a per-port basis until a user-defined error threshold is reached, when they will automatically change to store-and-forward mode. When the error rate falls below the threshold, the port automatically changes back to store-and-forward mode.

Low Latency.

58. Describe the operation of the Spanning Tree Protocol and its benefits.

Ethernet Bridges and Switches implement IEEE 802.1d Spanning Tree Protocol (STP) specification to prevent loops in a network.

A network often provides more than one route for a packet to get to a destination node. The existence of redundant paths gives rise to a routing problem in the form of a loop. The spanning Tree protocol is executed between the switches. To detect and automtically remove redundant paths from the network.

The Spanning Tree Protocol establishes a root node and constructs a network topology such that there is only one path for reaching each node. It shuts down redundant interfaces and nodes exchange data with each other to inform the STP of loops or topology changes.

If a STP node fails STP re-works the topology and open another interface to ensure connectivity.

59. Describe the benefits of Virtual LANs.

A VLAN (Virtual Local Area Network) is a switched network that is logically segmented by communities of interest without regard to the physical location of users. Each port on the Switch can belong to a VLAN. Ports in a VLAN share broadcasts. Ports that do not belong to that VLAN do not share these broadcasts thus improving the overall performance of the network. VLANs remove the physical constraints of workgroup communications.

Layer 3 routing provides communications between VLANs.

VLANs provide the following benefits:

· Reduced administration costs from solving problems associated with moves and changes

As users physically move they just have to be re-patched and enabled into their existing VLAN

· Workgroup and network security

You can restrict the number of users in a VLAN and also prevent another user from joining a VLAN without prior approval from the VLAN network management application.

· Controlled Broadcast activity

Broadcasts are only propagated within the VLAN. This offers segmentation based on logical constraints.

· Leveraging of existing hub investments

Existing hubs can be plugged into a switch port and assigned a VLAN of their own. This segregates all users on the hub to one VLAN.

· Centralised administration control

VLANs can be centrally administrated.

60. Define and describe the function of a MAC address.

MAC addresses are 48 bits in length and are expressed as 12 hexadecimal digits. The firs 6 digits specify the manufacturer and the remaining 6 are unique to the host. No two MAC addresses are the same in the world (Burned In Address).

Ultimately all communication is made to the MAC address of the card. Protocols such as ARP and RARP are used to determine the IP to MAC address relationship.

gyrisame apo tis diakopes 3 meres mono

xaxaxaxa kala itan i bitina, i stemnitsa, to menalo, i treli sokolata sto menalo kai i 8ea.............

kai molis 1:30 apo tin a8ina

kaloooooo alla opos pada ligo...

Untill we meet again then.

ΧΤΑΠΟΔΙ-ΚΑΡΧΑΡΙΑΣ 1-0