The Data Link Layer

The Data Link layer provides the physical transmission of the data and handles error notification, network topology, and flow control. This means that the Data Link layer will ensure that messages are delivered to the proper device on a LAN using hardware addresses, and translates messages from the Network layer into bits for the Physical layer to transmit. The Data Link layer formats the message into pieces, each called a data frame, and adds a customized header containing the hardware destination and source address. This added information forms a sort of capsule that surrounds the original message in much the same way that engines, navigational devices, and other tools were attached to the lunar modules of the Apollo project. These various pieces of equipment were useful only during certain stages of space flight and were stripped off the module and discarded when their designated stage was complete. Data traveling through networks is similar.
It’s important for you to understand that routers, which work at the Network layer, don’t care at all about where a particular host is located. They’re only concerned about where networks are located, and the best way to reach them—including remote ones. Routers are totally obsessive when it comes to networks. And for once, this is a good thing! It’s the Data Link layer that’s responsible for the actual unique identification of each device that resides on a local network. For a host to send packets to individual hosts on a local network as well as transmitting packets between routers, the Data Link layer uses hardware addressing. Each time a packet is sent between routers, it’s framed with control information at the Data Link layer, but that information is stripped off at the receiving router and only the original packet is left completely intact. This framing of the packet continues for each hop until the packet is finally delivered to the correct receiving host. It’s really important to understand that the packet itself is never altered along the route; it’s only encapsulated with the type of control information required for it to be properly passed on to the different media types.
The IEEE Ethernet Data Link layer has two sublayers:
Media Access Control (MAC) 802.3 Defines how packets are placed on the media. Contention media access is “first come/first served” access where everyone shares the same bandwidth—hence the name. Physical addressing is defined here, as well as logical topologies. What’s a logical topology? It’s the signal path through a physical topology. Line discipline, error notification (not correction), ordered delivery of frames, and optional flow control can also be used at this sublayer.
Logical Link Control (LLC) 802.2 Responsible for identifying Network layer protocols and then encapsulating them. An LLC header tells the Data Link layer what to do with a packet once a frame is received. It works like this: A host will receive a frame and look in the LLC header to find out where the packet is destined for—say, the IP protocol at the Network layer. The LLC can also provide flow control and sequencing of control bits.
The switches and bridges I talked about near the beginning of the chapter both work at the Data Link layer and filter the network using hardware (MAC) addresses. We will look at these in the following section.

The Network Layer

The Network layer (also called layer 3) manages device addressing, tracks the location of devices on the network, and determines the best way to move data, which means that the Network layer must transport traffic between devices that aren’t locally attached. Routers (layer 3 devices) are specified at the Network layer and provide the routing services within an internetwork.
It happens like this: First, when a packet is received on a router interface, the destination IP address is checked. If the packet isn’t destined for that particular router, it will look up the destination network address in the routing table. Once the router chooses an exit interface, the packet will be sent to that interface to be framed and sent out on the local network. If the router can’t find an entry for the packet’s destination network in the routing table, the router drops the packet. Two types of packets are used at the Network layer: data and route updates. Data packets Used to transport user data through the internetwork. Protocols used to support data traffic are called routed protocols; examples of routed protocols are IP and IPX.
Route update packets Used to update neighboring routers about the networks connected to all routers within the internetwork. Protocols that send route update packets are called routing protocols; examples of some common ones are RIP, EIGRP, and OSPF. Route update packets are used to help build and maintain routing tables on each router.
Network addresses Protocol-specific network addresses. A router must maintain a routing table for individual routing protocols because each routing protocol keeps track of a network with a different addressing scheme. Think of it as a street sign in each of the different languages spoken by the residents that live on a particular street. So, if there were American, Spanish, and French folks on a street named “Cat,” the sign would read: Cat/Gato/Chat.
Interface The exit interface a packet will take when destined for a specific network. Metric The distance to the remote network. Different routing protocols use different ways of computing this distance.

The Presentation Layer

The Presentation layer gets its name from its purpose: It presents data to the Application layer and is responsible for data translation and code formatting. This layer is essentially a translator and provides coding and conversion functions. A successful data-transfer technique is to adapt the data into a standard format before transmission. Computers are configured to receive this generically formatted data and then convert the data back into its native format for actual reading (for example, EBCDIC to ASCII). By providing translation services, the Presentation layer ensures that data transferred from the Application layer of one system can be read by the Application layer of another one.

The OSI has protocol standards that define how standard data should be formatted. Tasks like data compression, decompression, encryption, and decryption are associated with this layer. Some Presentation layer standards are involved in multimedia operations too. The following serve to direct graphic and visual image presentation:

PICT A picture format used by Macintosh programs for transferring QuickDraw graphics. TIFF Tagged Image File Format; a standard graphics format for high-resolution, bitmapped images.

JPEG Photo standards brought to us by the Joint Photographic Experts Group.

Other standards guide movies and sound: MIDI Musical Instrument Digital Interface (sometimes called Musical Instrument Device Interface), used for digitized music.

MPEG Increasingly popular Moving Picture Experts Group standard for the compression and coding of motion video for CDs. It provides digital storage and bit rates up to 1.5Mbps.

QuickTime For use with Macintosh programs; manages audio and video applications. RTF Rich Text Format, a file format that lets you exchange text files between different word processors, even in different operating systems.

The Application Layer

The Application layer of the OSI model marks the spot where users actually communicate to the computer. This layer only comes into play when it’s apparent that access to the network is going to be needed soon. Take the case of Internet Explorer (IE). You could uninstall every trace of networking components from a system, such as TCP/IP, NIC card, etc., and you could still use IE to view a local HTML document—no problem. But things would definitely get messy if you tried to do something like view an HTML document that must be retrieved using HTTP, or nab a file with FTP. That’s because IE will respond to requests such as those by attempting to access the Application layer. And what’s happening is that the Application layer is acting as an interface between the actual application program—which isn’t at all a part of the layered structure—and the next layer down, by providing ways for the application to send information down through the protocol stack. In other words, IE doesn’t truly reside within the Application layer—it interfaces with Application-layer protocols when it needs to deal with remote resources.
The Application layer is also responsible for identifying and establishing the availability of the intended communication partner, and determining whether sufficient resources for the intended communication exist. These tasks are important because computer applications sometimes require more than only desktop resources. Often, they’ll unite communicating components from more than one network application. Prime examples are file transfers and e-mail, as well as enabling remote access, network management activities, client/server processes, and information location. Many network applications provide services for communication over enterprise networks, but for present and future internetworking, the need is fast developing to reach beyond the limits of current physical networking. Today, transactions and information exchanges between organizations are broadening to require internetworking applications such as the following:
World Wide Web (WWW) Connects countless servers (the number seems to grow with each passing day) presenting diverse formats. Most are multimedia and can include graphics, text, video, and sound. (And as pressure to keep up the pace mounts, websites are only getting slicker and snappier. Keep in mind, the snazzier the site, the more resources it requires. You’ll see why I mention this later.) Netscape Navigator and IE simplify both accessing and viewing websites. E-mail gateways Versatile; can use Simple Mail Transfer Protocol (SMTP) or the X.400 standard to deliver messages between different e-mail applications.
Electronic data interchange (EDI) A composite of specialized standards and processes that facilitates the flow of tasks such as accounting, shipping/receiving, and order and inventory tracking between businesses.
Special interest bulletin boardsInclude the many Internet chat rooms where people can “meet” (connect) and communicate with each other either by posting messages or by typing a live conversation. They can also share public-domain software.
Internet navigation utilities Include applications such as Gopher and WAIS, as well as search engines such as Google and Yahoo!, which help users locate the resources and information they need on the Internet.
Financial transaction services Target the financial community. They gather and sell information pertaining to investments, market trading, commodities, currency exchange rates, and credit data to their subscribers.

Internetworking Models

When networks first came into being, computers could typically communicate only with computers from the same manufacturer. For example, companies ran either a complete DECnet solution or an IBM solution—not both together. In the late 1970s, the Open Systems Interconnection (OSI) reference model was created by the International Organization for Standardization (ISO) to break this barrier.

The OSI model was meant to help vendors create interoperable network devices and software in the form of protocols so that different vendor networks could work with each other. Like world peace, it’ll probably never happen completely, but it’s still a great goal. The OSI model is the primary architectural model for networks. It describes how data and network information are communicated from an application on one computer, through the network media, to an application on another computer. The OSI reference model breaks this approach into layers.

In the following section, I am going to explain the layered approach and how we can use this approach in helping us troubleshoot our internetworks.

The Layered Approach

A reference model is a conceptual blueprint of how communications should take place. It addresses all the processes required for effective communication and divides these processes into logical groupings called layers . When a communication system is designed in this manner, it’s known as layered architecture . Think of it like this: You and some friends want to start a company. One of the first things you’ll do is sit down and think through what tasks must be done, who will do them, what order they will be done in, and how they relate to each other. Ultimately, you might group these tasks into departments. Let’s say you decide to have an order-taking department, an inventory department, and a shipping department. Each of your departments has its own unique tasks, keeping its staff members busy and requiring them to focus on only their own duties. In this scenario, I’m using departments as a metaphor for the layers in a communication system. For things to run smoothly, the staff of each department will have to trust and rely heavily upon the others to do their jobs and competently handle their unique responsibilities. In your planning sessions, you would probably take notes, recording the entire process to facilitate later discussions about standards of operation that will serve as your business blueprint, or reference model. Once your business is launched, your department heads, armed with the part of the blueprint relating to their department, will need to develop practical methods to implement their assigned tasks. These practical methods, or protocols, will need to be compiled into a standard operating procedures manual and followed closely. Each of the various procedures in your manual will have been included for different reasons and have varying degrees of importance and implementation. If you form a partnership or acquire another company, it will be imperative that its business protocols— its business blueprint—match yours (or at least be compatible with it). Similarly, software developers can use a reference model to understand computer communication processes and see what types of functions need to be accomplished on any one layer. If they are developing a protocol for a certain layer, all they need to concern themselves with is thespecific layer’s functions, not those of any other layer. Another layer and protocol will handle the other functions. The technical term for this idea is binding.

The communication processes that are related to each other are bound, or grouped together, at a particular layer.

Which encapsulation types are configurable on a Cisco switch for a trunk? (Select two answer choices)

A. VTP
B. ISL
C. CDP
D. 802.1Q
E. 802.1p
F. LLC
G. IETF

Answer: B, D
Explanation:
Trunks are used to carry traffic belonging to multiple VLANs between devices over the same link. A device can determine which VLAN the traffic belongs to by its VLAN identifier. The VLAN identifier is a tag that is encapsulated with the data. ISL and 802.1q are two types of encapsulations used to carry data from multiple VLANs over trunk links.
ISL is a Cisco proprietary protocol for interconnecting multiple switches and maintaining VLAN information as traffic goes between switches. ISL provides VLAN trunking capabilities while maintaining full wire speed performance on Ethernet links in full-duplex or half-duplex mode. ISL operates in a point-to-point environment and will support up to 1000 VLANs. In ISL, the original frame is encapsulated and an additional header is added before the frame is carried over a trunk link. At the receiving end, the header is removed and the frame is forwarded to the assigned VLAN. .ISL uses Per VLAN Spanning Tree (PVST) which runs one instance of Spanning Tree Protocol (STP) per VLAN. PVST allows for optimal root switch placement for each VLAN and supports load balancing of VLANs over multiple trunk links.
802.1Q is the IEEE standard for tagging frames on a trunk and supports up to 4096 VLANs. In 802.1Q, the trunking device inserts a four-byte tag into the original frame and re-computes the Frame Check Sequence (FCS) before sending the frame over the trunk link. At the receiving end, the tag is removed and the frame is forwarded to the assigned VLAN. 802.1Q does not tag frames on the native VLAN. It tags all other frames transmitted and received on the trunk. While configuring a 802.1 trunk, you must make sure that the same native VLAN is configured on both sides of the trunk. IEEE 802.1Q defines a single instance of spanning tree running on the native VLAN for all the VLANs in the network which is called Mono Spanning Tree (MST). This lacks the flexibility and load balancing capability of PVST available with ISL. However, PVST+ offers the capability to retain multiple Spanning Tree topologies with 802.1Q trunking.

Which one of the following protocols allows the information about the configuration of a new VLAN to be distributed across entire switched network?

A. STP
B. VTP
C. EIGRP
D. SNMP
E. CDP
F. None of the above

Answer: B

Explanation:

"The basic goals of VLAN Trunking Protocol (VTP) are to manage all configured
VLANs across a switched internetwork and to maintain consistency throughout that network. VTP allows an administrator to add, delete, and rename VLANs-information that is then propagated to all other switches in the VTP domain."

Incorrect Answers:
A. STP is the Spanning Tree Protocol, used to prevent bridging loops in a LAN.
C. EIGRP is a routing protocol used to exchange routing information, not VLAN
information.
D. SNMP is the Simple Network Management Protocol, used to provide information to remote network management stations.
E. CDP is the Cisco Discovery Protocol, which is used to exchange information between Cisco devices. It can only be used between Cisco routers and switches.

What are some of the characteristics of a typical VLAN arrangement? (Select all that apply)

A. VLANs logically divide a switch into multiple, independent switches at Layer 2.
B. Trunk links can carry traffic for multiple VLANs.
C. VLAN implementation significantly increases traffic due to added trunking
information.
D. A VLAN can span multiple switches.
E. VLANs typically increase the number of switches needed
F. VLANs typically decrease the number of switches needed

Answer: A, B, D

Explanation:
VLANs give you the power of making virtual LAN networks to subdivide collision
domains into smaller units of functionality, without being limited by physical location.

A is correct because that is the exact function of a VLAN. B is correct because trunk links are used to carry traffic for multiple VLANs. D is correct because a VLAN can and often does span across multiple switches. VTP makes this possible.

Incorrect Answers:
C. Although trunking information does indeed add some level of overhead, the overall
traffic overhead is greatly reduced though the use of VLANs.
E, F. The number of total switches needed in a network is the result of the number of devices on the entire LAN that need to be connected. Whether VLANs are used or not will have little, if any, impact on the total number of switches needed in a LAN.

A new VLAN needs to be created for an existing network. Which of the following are the minimum tasks that must be accomplished in order to create?

A. The VLAN must be created
B. The VLAN must be named
C. An IP address and subnet mask must be configured for the new VLAN
D. The desired ports must be added to the new VLAN
E. The VLAN must be added to the existing VTP Domain

Answer: A, B, D

Explanation:
The best answers are A, B, D. In order to create a simple VLAN, you must create the VLAN, name it, and then assign ports to it. These are the minimum requirements for a functioning VLAN.

Incorrect Answers:
C. Although an IP address is often configured, it is not required in order to create a functioning VLAN.
E. By default, the VLAN will already be added to the VTP domain. Even if the new
VLAN was not part of the VTP domain, it would still work as a new VLAN on the
switch.

What is a characteristic of ISL and 802.1q frame tagging in a switched LAN environment?

A. They are used to find the best path through a network.
B. They allow the exchange of filtering tables.
C. They specify different implementations of the Spanning-Tree Protocol.
D. They allow the exchange of routing tables
E. They provide inter-switch VLAN communication.

Answer: E

Explanation: A trunk link is the other type of Layer 2 port supported on Cisco
switches. When a trunk port is configured, it begins marking frames as they
exit the port to indicate which VLAN each frame is associated with. The trunk port can also read the markings, called tags, as they enter the trunk port. This enables the switch to send a frame only to the ports for the given VLAN associated with the incoming frame.
The main purpose of trunking is to carry traffic between switches and maintain the VLAN information. Unlike an access link, the trunk link does not belong to a single VLAN but instead can carry traffic from several VLANs over a point-to-point link between two devices that understand the protocol.
Two forms of trunking are used for Cisco switches on Ethernet networks: An IEEE industry standard called IEEE 802.1Q. This is a frame-tagging mechanism that adds a VLAN identifier to the frame by inserting a tag at Layer 2. Another form of trunking on Cisco switches is called Inter-Switch Link (ISL), which is a Cisco proprietary trunking mechanism. ISL uses a frame encapsulation method that adds a header to identify the VLAN.

Incorrect Answers:
A, D. These are the functions of routers, not switches.
B. Filtering tables can be used on certain Catalyst switches via the use of VLAN access control lists, but this information is never shared between switches.
C. A separate STP instance is created for each VLAN, but the STP implementation
remains the same.

Which of the following a true statements regarding the use of VLANs to segment a network? (Select three.)

A. They increase the size of collision domains
B. They allow logical grouping of users by function.
C. They can enhance network security.
D. They increase the size of the broadcast domain while decreasing the number of collision domains.
E. They increase the number of broadcast domains while decreasing the size of the broadcast domains.
F. They simplify switch administration.

Answer: B, C, E

Explanation:
VLANs are used to segment a LAN into multiple, smaller LANs. This can be used to enhance security as local traffic from one VLAN will not be passed to users in other VLANS.

Incorrect Answers:
A. VLANs are used to decrease the size of a collision domain, not increase it.
D. The opposite is true.
F. The default operation of a switch is to allow all traffic and to enable all ports in VLAN
1. The use of VLANs will increase the complexity of the switch environment, making for more difficult administration.

A new switch is installed into an existing LAN and a new VTP trunk is set up with an existing switch. Which VLANs will be allowed on this new trunk?

A. All defined VLANs are allowed on the trunk by default.
B. Each VLAN, or VLAN range, that is specified with the switchport mode command.
C. Each VLAN, or VLAN range, that is specified with the vtp domain command.
D. Each VLAN, or VLAN range, that is specified with the vlan database command.


Answer: C


Explanation:
By default, all VLANs that are configured to be in the same VTP domain will be allowed
by the VTP trunk.
A. Only the VLANs contained in the same VTP domain will traverse the trunk.
B, D. These commands do not have any influence on the VLANs that will be allowed
over a trunk.

You are bringing up a new Cisco Catalyst switch, and wish to connect it via a trunk to another switch from a different vendor, which uses the IEEE?

A. Switch(config)# switchport trunk encapsulation isl
B. Switch(config)# switchport trunk encapsulation ietf
C. Switch(config-if)# switchport trunk encapsulation isl
D. Switch(config-if)# switchport trunk encapsulation ietf
E. Switch(config-if)# switchport trunk encapsulation dot1q

Answer: E

Explanation: The only real choices for setting up switching trunks are ISL and
802.1Q. ISL is Cisco proprietary, while 802.1Q uses the IEEE defined standard for
trunking between switches. To configure the 802.1Q standard, the keyword "dot1q" is used in Cisco switches.

Incorrect Answers:
A, B, D. These are not valid options in a Cisco switch.
C. ISL is a Cisco proprietary method for setting up trunks, and will only work between Cisco switches.

Which of the following steps are necessary in order to add a new VLAN to a switched network?

A. Create the VLAN.
B. Name the VLAN.
C. Configure an IP address for the VLAN.
D. Add the desired ports to the new VLAN.
E. Add the VLAN to the VTP domain.

Answer: A B D

Explanation: The following are the basic requirements for creating VLANs:
* Creating the VLAN numbers and names
* Configuring each port's assigned VLAN.

Incorrect Answers:
C. This is an optional feature, but not a necessary step for creating a VLAN.
E. Adding any VLAN to a Virtual Trunking Protocol (VTP) domain may be desired in a complex multi-switch and multi-VLAN network. However, it is not a necessary step for creating stand-alone VLANs on a single switch.

Refer to the topology and partial configuration output shown in the graphic. The ip subnet-zero configuration command is also in effect?

A. 10.10.0.1
B. 10.10.0.17
C. 200.2.2.17
D. 200.2.2.18
E. 199.99.9.33
F. 199.99.9.57

Answer: F


Explanation:
Regarding NAT operation, Cisco defines these terms as follows:
1. Inside local address - The IP address assigned to a host on the inside network. This is the address configured as a parameter of the computer's OS or received via dynamic address allocation protocols such as DHCP. The address is likely not a legitimate IP address assigned by the Network Information Center (NIC) or service provider.

Inside global address - A legitimate IP address assigned by the NIC or service provider that represents one or more inside local IP addresses to the outside world. In this case, the NAT pool is used to distribute the Inside Global IP addresses.
3. Outside local address - The IP address of an outside host as it appears to the inside network. Not necessarily a legitimate address, it is allocated from an address space routable on the inside.
4. Outside global address - The IP address assigned to a host on the outside network by the host's owner. The address is allocated from a globally routable address or network space.

Which router console commands are used to manage telnet sessions to other routers?

A. TestKingD# disconnect 3
B. TestKingD# exit session 2
C. TestKingD# kill connection 1
D. TestKingD# show sessions
E. TestKingD# show connection all
F. TestKingD# resume 4

Answer: A, D, F

Explanation:
Function Command Options
Telnet to another device Use telnet exec command.
Just type the host or IP address from
exec mode.
Suspend a Telnet session Press the key sequence Ctrl-Shift-6,
then x
Discover currently suspended Telnet
session
Use the where exec command
Use the show sessions exec command
Resume a suspended Telnet session Use the resume command, with no
parameter, to reconnect to the most
recently suspended Telent.
Use the resume x command, where x
is the number of the suspended
Telent session based on the output of
show sessions.
Just press Enter in exec mode to
resume to the most recently
suspended Telent session.
Terminate a suspended telnet Resume connection, and log out
using the quit command.
Use the disconnect command on the
router you Telnnetted from.

You wish to limit telnet access into your Cisco router to only a single host. In order to accomplish this, access list 1 has been written to allow?

You wish to limit telnet access into your Cisco router to only a single host. In order to accomplish this, access list 1 has been written to allow host 172.16.1.224 access to the router vty lines. What command would assign this access- list to the Virtual Terminal Lines?


A. router(config-line)# ip access-group 1 in
B. router(config-line)# access-class 1 in
C. router(config-line)# ip access-list 1 in
D. router(config-line)# access-line 1 in

Answer: B


Explanation:
To restrict incoming and outgoing connections between a particular vty (into a Cisco device) and the addresses in an access list, use the access-class command in line configuration mode.

Example:
The following example defines an access list that permits only the host 172.16.1.224 to connect to the virtual terminal ports on the router, as described in this question:

access-list 1 permit 172.16.1.224 0.0.0.0
line 1 5 access-class

You wish to increase the security of all of the routers within your network. What can be done to secure the virtual terminal interfaces on a router?

A. Administratively shut down the interface.
B. Physically secure the interface.
C. Create an access list and apply it to the virtual terminal interfaces with the
access-group command.
D. Configure a virtual terminal password and login process.
E. Enter an access list and apply it to the virtual terminal interfaces using the access-class
command.

Answer: D, E


Explanation:
There are a total of 5 logical Virtual terminal interfaces in a Cisco router (lines 0-4) and they are used for remote access into the device via telnet. Configuring these interfaces correctly with a login and password information can be used for security, as each user will be prompted for a password in order to obtain access. A second method is to use the "access-class" command. Combined with an access list, this command can be used to specify the hosts or networks that will be allow access to the device.

Incorrect Answers:
A. Virtual terminal interfaces are logical interfaces that can not be manually shut down.
B. Virtual terminal lines are logical interfaces that reside within a router, so there is nothing that can be physically secured.
C. This command is used with access-lists for LAN and WAN interfaces, but is not used for the VTY lines.

Explanation: This question only involves the configuration of the gateway router to the ISP

Explanation: This question only involves the configuration of the gateway router to
the ISP, nothing else. You have two choices to accomplish this: the command "ip
route" or the command "ip default-network". Both of these methods will configure
a default route to the ISP as desired.
Incorrect Answers:
B, D. RIP and OSPF are interior routing protocols. The T1 Internet connection that is
being set up here is between two different Autonomous Systems. The only routing
protocol that could be potentially used is BGP, but that is not an option.
C. This command will only set up a static route to the 207.134.6.0/24 network. We wish
to set up a static default route.