You should try capturing the packets on each side of a router on your company's network. You will be able to see the change in the hop count or TTL value and the new MAC header. When you analyze a communication, you should examine the network layer to determine the actual source and destination of the packet.
What special feats can routers perform that switches cannot? Because routers operate at layer three of the OSI model, they support forwarding based on network addresses (as opposed to forwarding based on MAC addresses or VLAN designations). Routers can also forward packets based on the best known path (especially in the case of link state routers). In addition, routers can provide detailed filters based on the source and destination network address, as well as the source and destination process (as defined in the port number field in the network header).
When forwarding a packet, switches do not change the packet's contents (such as the network address or the MAC address). In a basic switched environment, all the devices are on the same network.
Like hubs, switches forward all broadcast packets and multicast packets to all ports. After all, these packets are addressed to a group or set of devices.
Switches also forward packets that are addressed to unknown MAC addresses to all active ports. If a MAC address is unknown, switches assume that they have not yet learned about that MAC address. When the intended recipient replies to the packet, switches learn where the MAC address is located.
Switches typically forward packets quickly because they do not make the more complex forwarding decisions that routers make. Although switches are fast, they have do have some inherent disadvantages. For example, consider how a switch would handle the following:
Part of a network is Token Ring, and the other part of the network is Ethernet.
All devices are communicating with one host or port.
A broadcast storm occurs.
A device sends a fragment.
A switched network contains a loop.
Network traffic must be separated into groupings.
A station sends packets to an invalid address.
Unfortunately, these issues can create problems for basic switches. If you must address one of these issues on your company's network, you must purchase a switch with advanced features, such as the following:
Spanning tree protocol for loop resolution
Virtual LANs (VLANs)
Conversely, switches aren’t used to create internetworks (they do not break up broadcast
domains by default); they’re employed to add functionality to a network LAN. The main
purpose of a switch is to make a LAN work better—to optimize its performance—providing
more bandwidth for the LAN’s users. And switches don’t forward packets to other networks
as routers do. Instead, they only “switch” frames from one port to another within the
By default, switches break up collision domains. This is an Ethernet term used to describe
a network scenario wherein one particular device sends a packet on a network segment, forc-
ing every other device on that same segment to pay attention to it. At the same time, a different
device tries to transmit, leading to a collision, after which both devices must retransmit, one
at a time. Not very efficient! This situation is typically found in a hub environment where each
host segment connects to a hub that represents only one collision domain and only one broad-
cast domain. By contrast, each and every port on a switch represents its own collision domain.
So what this means is that a switch is basically just a multiple-port bridge with more brain-
power, right? Well, pretty much, but there are differences. Switches do provide this function,
but they do so with greatly enhanced management ability and features. Plus, most of the time,
bridges only had 2 or 4 ports. Yes, you could get your hands on a bridge with up to 16 ports,
but that’s nothing compared to the hundreds available on some switches!
Hub never break...
Collision Domin (Discus Earlier) and
Broadcast Domain (Discus Earlier)
I am going cover all above write topic step by step in my upcoming post.
Cisco Certified Network Associate Exam
The 640-802 Cisco Certified Network Associate (CCNA) is the composite exam associated with the Cisco Certified Network Associate certification. Candidates can prepare for this exam by taking the Interconnecting Cisco Networking Devices Part 1 (ICND1) v1.0 and the Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 courses. This exam tests a candidate's knowledge and skills required to install, operate, and troubleshoot a small to medium size enterprise branch network. The topics include
connecting to a WAN;
Implementing network security;
Routing and switching fundamentals;
The TCP/IP and OSI models;
Operating and configuring IOS devices;
Extending switched networks with VLANs;
Determining IP routes;
Managing IP traffic with access lists;
Establishing point-to-point connections;
And establishing Frame Relay connections.
The following topics are general guidelines for the content likely to be included on the Cisco Certified Network Associate exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.
Describe how a network works
- Describe the purpose and functions of various network devices
- Select the components required to meet a network specification
- Use the OSI and TCP/IP models and their associated protocols to explain how data flows in a network
- Describe common networked applications including web applications
- Describe the purpose and basic operation of the protocols in the OSI and TCP models
- Describe the impact of applications (Voice Over IP and Video Over IP) on a network
- Interpret network diagrams
- Determine the path between two hosts across a network
- Describe the components required for network and Internet communications
- Identify and correct common network problems at layers 1, 2, 3 and 7 using a layered model approach
- Differentiate between LAN/WAN operation and features
Configure, verify and troubleshoot a switch with VLANs and interswitch communications
- Select the appropriate media, cables, ports, and connectors to connect switches to other network devices and hosts
- Explain the technology and media access control method for Ethernet networks
- Explain network segmentation and basic traffic management concepts
- Explain basic switching concepts and the operation of Cisco switches
- Perform and verify initial switch configuration tasks including remote access management
- Verify network status and switch operation using basic utilities (including: ping, traceroute, telnet, SSH, arp, ipconfig), SHOW & DEBUG commands
- Identify, prescribe, and resolve common switched network media issues, configuration issues, auto negotiation, and switch hardware failures
- Describe enhanced switching technologies (including: VTP, RSTP, VLAN, PVSTP, 802.1q)
- Describe how VLANs create logically separate networks and the need for routing between them
- Configure, verify, and troubleshoot VLANs
- Configure, verify, and troubleshoot trunking on Cisco switches
- Configure, verify, and troubleshoot interVLAN routing
- Configure, verify, and troubleshoot VTP
- Configure, verify, and troubleshoot RSTP operation
- Interpret the output of various show and debug commands to verify the operational status of a Cisco switched network.
- Implement basic switch security (including: port security, trunk access, management vlan other than vlan1, etc.)
Implement an IP addressing scheme and IP Services to meet network requirements in a medium-size Enterprise branch office network.
- Describe the operation and benefits of using private and public IP addressing
- Explain the operation and benefits of using DHCP and DNS
- Configure, verify and troubleshoot DHCP and DNS operation on a router.(including: CLI/SDM)
- Implement static and dynamic addressing services for hosts in a LAN environment
- Calculate and apply an addressing scheme including VLSM IP addressing design to a network
- Determine the appropriate classless addressing scheme using VLSM and summarization to satisfy addressing requirements in a LAN/WAN environment
- Describe the technological requirements for running IPv6 in conjunction with IPv4 (including: protocols, dual stack, tunneling, etc).
- Describe IPv6 addresses
- Identify and correct common problems associated with IP addressing and host configurations
Configure, verify, and troubleshoot basic router operation and routing on Cisco devices
- Describe basic routing concepts (including: packet forwarding, router lookup process)
- Describe the operation of Cisco routers (including: router bootup process, POST, router components)
- Select the appropriate media, cables, ports, and connectors to connect routers to other network devices and hosts
- Configure, verify, and troubleshoot RIPv2
- Access and utilize the router to set basic parameters.(including: CLI/SDM)
- Connect, configure, and verify operation status of a device interface
- Verify device configuration and network connectivity using ping, traceroute, telnet, SSH or other utilities
- Perform and verify routing configuration tasks for a static or default route given specific routing requirements
- Manage IOS configuration files. (including: save, edit, upgrade, restore)
- Manage Cisco IOS.
- Compare and contrast methods of routing and routing protocols
- Configure, verify, and troubleshoot OSPF
- Configure, verify, and troubleshoot EIGRP
- Verify network connectivity (including: using ping, traceroute, and telnet or SSH)
- Troubleshoot routing issues
- Verify router hardware and software operation using SHOW & DEBUG commands.
- Implement basic router security
Explain and select the appropriate administrative tasks required for a WLAN
- Describe standards associated with wireless media (including: IEEE WI-FI Alliance, ITU/FCC)
- Identify and describe the purpose of the components in a small wireless network. (Including: SSID, BSS, ESS)
- Identify the basic parameters to configure on a wireless network to ensure that devices connect to the correct access point
- Compare and contrast wireless security features and capabilities of WPA security (including: open, WEP, WPA-1/2)
- Identify common issues with implementing wireless networks. (Including: Interface, missconfiguration)
Identify security threats to a network and describe general methods to mitigate those threats
- Describe today's increasing network security threats and explain the need to implement a comprehensive security policy to mitigate the threats
- Explain general methods to mitigate common security threats to network devices, hosts, and applications
- Describe the functions of common security appliances and applications
- Describe security recommended practices including initial steps to secure network devices
Implement, verify, and troubleshoot NAT and ACLs in a medium-size Enterprise branch office network.
- Describe the purpose and types of ACLs
- Configure and apply ACLs based on network filtering requirements.(including: CLI/SDM)
- Configure and apply an ACLs to limit telnet and SSH access to the router using (including: SDM/CLI)
- Verify and monitor ACLs in a network environment
- Troubleshoot ACL issues
- Explain the basic operation of NAT
- Configure NAT for given network requirements using (including: CLI/SDM)
- Troubleshoot NAT issues
Implement and verify WAN links
- Describe different methods for connecting to a WAN
- Configure and verify a basic WAN serial connection
- Configure and verify Frame Relay on Cisco routers
- Troubleshoot WAN implementation issues
- Describe VPN technology (including: importance, benefits, role, impact, components)
- Configure and verify a PPP connection between Cisco routers