Chapter 1 – Introduction
In this section of eight lessons, we’re covering layer-3 technologies. These include IP addressing, routing tables, OSPF, and Quality of Service.
We’re starting in this lesson with a review on IP addressing and routing table basics. If you’re already quite comfortable with this, feel free to jump ahead to the next lesson.
Chapter 2 – IP Addresses
There are two types of IP addresses. There’s IPv4, which has been around for a long time, and there’s the newer IPv6.
For now, we’re going to focus completely on IPv4. There’s a whole section on IPv6 coming up later in the series.
Most devices, or hosts, on the network have IP addresses. When one device wants to send a message to another device, it breaks the information into packets.
Each packet has the sending device’s IP address, and the destination device’s IP address.
IP addresses have a clever design. While they look like one single address, they are actually two addresses in one.
One part of the address refers to the host device itself. The other part refers to the network, or subnet that the device connects to.
Think of this example. Here we have two networks, joined by a router. The router’s job is to pass packets between the two different networks.
Each device has a unique IP address. Within each network, the first part of the address is the same. This part refers to the network that the device belongs to.
The second part is unique within the network. This is the individual device’s address.
When the two devices are on the same subnet, the source sends packets straight to the destination.
But often the sender and receiver are on different networks. We can tell because the beginning of the source and destination IPs are different.
In this case, the packet travels to the router, and the router forwards the packet on to the correct network.
We’ll now take a closer look at how the network address and the host address combine to create an IP address.
First, notice that we represent an IP address as four decimal numbers. A dot separates each number. This format, called dotted decimal notation, makes it easy for humans to read.
Each of these numbers is 8 bits long. So to a computer, an IP address is a 32-bit number. That is, 32 zeros and ones in some combination or another.
So how much of the IP address is the network, and how much is the host? Is it a fixed number of bits, or does it depend on the situation?
When we configure a host with an IP address, we also configure a subnet mask. As shown here, it uses dotted decimal notation too, the same as an IP address.
Keep in mind, computers and devices see these addresses as binary numbers. That is, ones and zeros.
Our example looks like this…
If you need a refresher on how binary numbers work, take a look at the video on our channel.
The IP address looks almost random! In contrast, the subnet mask looks very orderly. All the ones are on the left, and all the zeros are on the right.
Let’s draw a line between the ones and zeros of the mask, up through the IP address.
The IP address is now in two parts. The part covered by the mask’s ‘ones’, and the part covered by the mask’s ‘zeros’.
When you look at it like this, it’s quite simple. The part on the left is the network address. The part on the right is the host address.
In this example, we have 24 ones in the subnet mask. That means that this is a 24-bit subnet mask. That leaves eight bits for host addresses.
Eight bits means we can have up to 256 host addresses. We can’t quite use them all… I’ll explain that soon.
The interesting part is that we can change the length of the subnet mask. That is, the number of ones in the mask.
What happens if we change this to a 20-bit subnet mask? We now have 12-bits available for hosts. That allows up to 4096 host addresses. But, there are less bits available to use for subnets.
So when we plan out a network, as we’ll do in the next lesson, we can change the size of the subnet mask to suit our needs.
This is VLSM, or Variable Length Subnet Mask.
Dotted decimal notation is one way of displaying the subnet mask.
Another way, which is usually nicer, is CIDR notation. This stands for Classless Inter-Domain Routing.
This is a forward-slash, followed by the number of ‘ones’ in the mask. In this example, there are 20 ‘ones’. In CIDR notation, this would be /20.
We will use both types of notation throughout this course.
I said earlier that we can’t quite use all the IP addresses in a subnet. There are two special addresses.
These are the very first address, and the very last address in the subnet.
The first address, that is, when the host bits are all zero, is the network address. In this example, we have the address 10.2.3.0. The subnet mask is /24.
A /24 subnet mask is convenient for humans like us to read, as it covers the first three octets of the address in a neat way.
That leaves the host part of the IP address as all zeros. We cannot assign this address to any host.
The second special address is when the host address is all ‘ones’. This is the broadcast address.
Sometimes a host needs to send a packet to all devices in the subnet. That’s what the broadcast address is for – Sending packets to all devices.
We cannot configure a host with a broadcast address.
Let’s see how that’s configured on a Cisco router.
First, we enter configuration mode. Then, we enter interface configuration mode. In this example we’re configuring ‘interface gigabit 0/0’.
We use the ‘ip address’ command to set the IP. Cisco routers and switches generally use the dotted decimal notation for subnet masks.
By default, router interfaces are in the disabled, or ‘shut down’ state. We can enable them with the command ‘no shut’.
And finally, we can exit configuration mode.
We can see a list of interfaces on the router with ‘show ip address brief’. This includes the interface name, as well as its IP address, if it has one.
Here, we can see interface gig 0/0, with the IP address that we configured.
I’d like to remind you that I have another video on IP addressing. It is part of the ‘Introduction to Networking’ series.
So, if you feel that we’ve been moving too fast in this lesson, that video is sure to help!
Chapter 3 – Routers and Layer-3 Switches
Let’s go back to something I said earlier. I said that routers forward packets from one network to another. In a sense, routers connect networks, or subnets together.
But how does the host device know when it needs a router’s help? For that matter, how does it know where the router is? And if a router connects to more than one network, how does it know which one it’s meant to forward the packet to?
One of these questions is easy to answer. How does the host device know where the router is? Devices have a default gateway. The one we’re looking at here is from Windows.
This is the IP address of a router in the local network. So if a device needs a router’s help with forwarding a packet, this is the IP address that it will send the packet to.
Now onto another question. How does a device know it needs a router’s help?
Let’s imagine that a device needs to send a packet to another device. It will look at the network part of the destination address. From this it can see that it’s in a different network to its own.
It now knows the destination device is in a different network, so it knows it needs the help of it’s default gateway.
You might notice that the destination IP is the device in the other network, not the IP address of the router.
So why is this? Why isn’t the destination IP the default gateway’s IP?
That’s the interesting thing about how layer-2 and layer-3 work together. The sender already knows the IP address of the router. That’s the default gateway IP
It then uses a protocol called ARP (Address Resolution Protocol) to find the MAC address of the router.
It then encapsulates the packet with Ethernet headers to make a layer-2 Frame. It then sends the frame to the router’s MAC address.
So, layer-2 operates within a network to deliver a packet from one hop to another. The destination MAC will change with each hop, or router, that the packet passes through. You may recall, this is Frame Rewrite.
So when the router needs to forward the packet on, it repeats the process. It uses ARP to get the destination MAC address, encapsulates the packet into a frame, and then sends it.
That was a simple topology. A more complicated one might look like this…
In this case we have one switch, with a few devices connected. Some are in VLAN 10, and some are in VLAN 20.
Even though they are on the same physical switch, they are still separated, as they are in separate VLANs.
As we know, devices in different VLANs can’t communicate with each other directly. They need a router’s help.
So, we add a router. But which VLAN does it go in? It needs to be in both VLANs.
We could use a separate link for each VLAN, but there’s a more convenient way. We create one link, which is a trunk link. This trunk link carries traffic for both VLAN 10 and VLAN 20.
Notice that while routers focus on layer-3, they still support layer-2 functions. We could even configure an Etherchannel here if we wanted to.
At this point, we would configure two virtual interfaces on the router. These are sometimes called SVIs, or ‘Switched Virtual Interface’. They are a virtual interface that maps a VLAN to an IP address.
With these interfaces, the router can receive packets on one VLAN, and forward them on another. Later in the lab, we’ll explore how to configure it.
That works well, but can we simplify it? We sure can!
Just as routers support layer-2 functions, many switches support layer-3. Not all switches of course, the low-end cheaper ones won’t. But many business-grade switches do.
In our topology, we would start by removing the router.
Then, we configure the SVIs, that’s the virtual interfaces, on the switch. Now the switch will handle routing between VLANs.
Do you want to see how we do this? First, we need to create VLANs 10 and 20.
Now we create the SVI. That’s the virtual interface that provides the bond between VLAN and IP address.
For this we use the command ‘interface vlan …’ and then the VLAN number. This creates an new interface, which is ‘shut down’ by default. That’s why we get this message.
Now, we assign an IP address to the interface. This is exactly the same as if we were configuring a physical interface.
And finally, issue the ‘no shut’ command to enable it.
We still get a log message telling us that the interface is down. Do you want to guess why this is?
This switch in my lab doesn’t have anything plugged in yet. That means there are no interfaces on VLAN 10 that are up. For an SVI to be up, there must be at least one interface up in that VLAN.
Let’s now repeat the process for VLAN 20. You’ll notice it’s the exact same procedure, and this interface is also down.
At this point, I’d like to issue a small warning. Some switches need to have routing enabled. If it’s not enabled, the commands we used will not work.
If you suspect that this applies to your switch, first try the ‘ip routing’ command. With any luck, it’s that simple for you.
In other cases, there may be more complicated steps using the ‘sdm’ command. I have put a link to a Cisco article in the description if you need it.
Now, back to the topology, and I have a question for you. Do you think we need to use a virtual interface when configuring a switch? Could we give a real physical interface an IP if we want to?
The answer is… YES! We can, but the process is a little different.
When we try to add an IP address to a regular switch interface, the switch rejects the command. I did accidentally use a bad IP address here, but that’s not the issue. The problem is, the switch is not accepting the ‘ip address’ command.
This is because a switch interface only operates at layer-2 by default. And as you’ll remember, IP addresses are layer-3.
We can change this default behaviour by issuing the ‘no switchport’ command. ‘Switchport’ refers to a layer2 interface.
By removing this command, we’re changing this to a layer-3 interface. This is often called a routed interface.
Now that we’ve done this, we can add an IP address.
We’ve seen that layer-3 routers can work at layer-2. We’ve also seen that layer-2 switches can work at layer-3. This does blur the lines between routers and switches a bit doesn’t it?
Does that mean that routers and switches are effectively the same? What do you think?
Chapter 4 – The Routing Table
All routers contain a routing table. This table contains a list of every layer-3 network that the router knows about, and how to get there.
I said router here, but the same is true for layer-3 switches. They also have a routing table. From now on, when I say router, you can assume the same is true for a layer-3 switch, unless I say otherwise.
Here we have a simplified example of how this works. There is a router connected to four different networks.
Each network is in the routing table, along with information on how to reach the network.
All four networks are directly connected to the router. In this case, the routing table lists the interface that connects to these networks.
Soon, we’ll see that not all networks connect directly to the router. Even so, they will still appear in the routing table.
The key point here is that the routing table provides ‘signposts’. These sign posts show the way to these networks, so the router knows where to forward packets.
Let’s take a look at a real routing table on a Cisco router. From the command line, we issue the command ‘show ip route’.
There’s a bunch of interesting things to see here.
At the very top of the page is a list of codes. This helps us to decipher some of the information that we see here. We’ll talk more about this in an upcoming lesson.
Right below that is the Gateway of last resort. This is Cisco’s fancy way of saying default gateway.
Why does a router need a default gateway? This is so it can find a way to other networks that it doesn’t know about.
For example, imagine that you want to manage this router over the internet using SSH. The router needs to send SSH packets back across the internet to your workstation.
This router won’t know all the details of the path through the internet. But it will have a default gateway, which is like a signpost pointing the way.
Right now, we’re particularly interested in this main section. Each line represents a route to a network. For example, we see the networks that are directly connected to the router. You’ll also notice that these use CIDR notation.
Notice that our directly connected routes organised as part of the 10.0.0.0 /8 route. This is something Cisco and some other vendors do.
Think of these as large networks that that router has divided into smaller networks. 10.0.0.0 /8 is the main network, and the networks listed beneath are sub-networks or subnets.
These are the actual routes that we’re interested in. To be honest, I never look at the summary headings. I’m only ever interested in the subnet routes.
Most of our routes have either an ‘L’ or a ‘C’ next to them. These mean ‘local’ and ‘connected’.
A local route is an IP address that’s configured on the router. Notice that these have a /32 subnet mask, as it’s referring to a specific IP address. The highlighted example shows 10.0.0.1 as the local route. This is the IP that belongs to interface gig0/0.
A connected route is a network that our router is directly connected to. As you can see, each connected route will pair with a local route. Connected routes also list the interface that connects to the network.
Some of our routes are not connected to this router. Look at 10.250.0.0 /16 for example. The ‘S’ code over on the left means it’s a static route.
Also, it doesn’t have an interface listed. Instead it has ‘via 10.0.0.2’. This means that to reach the 10.250.0.0 /16 network, traffic passes to another router first.
The other router’s IP address is 10.0.0.2. We call this the next-hop as it’s the next device along the path.
We’ve got another special-looking route here. This one is all zeros, with a subnet mask of /0. It looks like a static route, but also has a star symbol next to it. What’s this all about?
This is the default route for the routing table. This is for when the router needs to forward packets, but doesn’t have a route for the destination network.
A good example of this is for routing traffic to the internet. We can’t expect our router to know every possible network on the internet can we? So we have a default route, acting like a signpost, pointing toward the internet.
While internet access is the main reason to have default routes, there are some others too. We’ll take a look at some in the next lesson.
Why don’t we try adding a new route now? We’re adding this route manually, so it’s called a static route. We’ll look at dynamic routes in a later lesson.
Let’s break down what this command did:
- The ‘ip route’ command creates a static route
- 172.16.0.0 is the destination network that we want to reach
- 255.255.0.0 is the subnet mask of the destination network. Notice it’s in dotted-decimal notation
- 10.0.20.200 is the next-hop IP. This is the IP address of the next router in the path
It’s pretty easy right? I guarantee that you will configure many static routes in your lifetime.
Looking at the routing table once again, we can see the new route.
But isn’t this interesting… We have two routes which are almost the same. There is 172.16.0.0 /24, and 172.16.0.0 /16… The only difference is the length of the subnet mask.
Is this even valid? Yes it is!
See, these aren’t the same network. They are two different networks. Yet, they do overlap. When you think about it, 172.16.0.0 /24 is a small part of 172.16.0.0 /16.
Additionally, the next-hop IP addresses for these networks are different.
This raises an interesting question. If our router wanted to forward a packet to, say, 172.16.0.22, which next-hop would it use?
This brings us to the next key point. The longest match always wins. The term for this is Longest Prefix Match, or LPM
To understand this, let’s start with the term Prefix. The prefix is another term for the network part of the IP address.
As we discussed earlier, the subnet mask determines which part of the IP address is the network part. So, the length of the subnet mask determines the length of the prefix.
In our examples, we have a 24-bit prefix, and a 16-bit prefix. Which one’s longer? The 24-bit prefix of course!
So, if a router wanted to forward a packet to 172.16.0.22, it would use this route. That means it would have the next-hop IP of 10.0.10.2.
Make sure you always remember this concept… Longest prefix match always wins! You’ll find that particularly useful in these quiz questions…
I recommend practicing what you’ve learned to build your skills.
To help with that, I’ve created this lab with three challenges for you to try. In the first challenge, you need to configure a layer-3 switch. This needs to pass traffic between VLANs 20 and 30.
In challenge 2, you convert the switch back to layer-2, and add a router. The router now handles passing traffic between VLANs.
And in challenge 3, there is a fault in the network. You need to track it down and fix it.
All challenges come with explanations if you get stuck.
Please continue to the next video, where we will look at designing subnets. This takes a real-world approach that you may find useful at your job. Hope to see you there.