| Protocol | Protocol Number |
| EIGRP | 88 |
| OSPF | 89 |
In this type of communication, first device send data and second device receive it. Second device never send any information to first device. Broadcast systems like FM radio work in this way.
In this type of communication, when first device send data, second device receives it and when second devices send data, first device receives it. But both devices can’t send or receive data at the same time. This type of communication is using in "walkie-talkie".
In this type of communication, first and second device can send and receive data simultaneously. Phones and mobile phones are using this type of communication.
Note: In Ethernet communication we can set both end half or full duplex depending up on the requirements. That is Ethernet can work on both mode.
Before begin configuration we need to see the current status of switch. This can be don using verity of ‘show’ commands. Some of them are given below
Now, lets set the interface attributes
The syntax is as follows:
interface type mod/port
speed {10 | 100 | 1000 | auto} ;This command tells transmission speed. It can be set depending on Speed of Interface. Normally Switch detects the speed correctly. Default configuration is “auto” ie. automatically detect the speed
duplex {half | full | auto} ;set the duplex of interface. Default is auto. But it is better to hardcode by command on both side. If you set duplex to auto then make it on both side. Also, if you set duplex make sure that it is typed on both side, otherwise mismatch will happen. If you don’t know about duplex, please check here
mdix auto ;This is the default setting. . This permit switch to automatically discover if a crossover connection is needed. we can change the setting by “no mdix auto” command
media-type {sfp | rj45} ;detects automatically. sfp used for fiber optic ports
Sample configuration is given below:
SW1(config)#interface fa0/1
SW1(config-if)#speed 100
SW1(config-if)#duplex full
SW1(config-if)#no shut (to enable the interface)
Ok. That’s enough. But the problem is, we have to type it on all interface. Hmm… It has an easy way – use the ‘range’ command
SW1(config)#int range fa 0/1 - 4 , fa0/15 ;comma is surrounded by space. This will select the specified range of interfaces i.e. from fa0/1 to fa0/4 and fa0/15 at the same time. Now we can set any attributes to that interface.
SW1(config-if-range)#shut
SW(config-if)#power inline {auto|never} :to automatically discover power need by port or disable power
SW(config-if)#power inline {consumption mw | static max mw} : to give power specifically
Inline Power and PoE are used to provide power to IP phones, wireless access points etc. by the catalyst switch trough the same data cable.
In the reality, as you may know, out of 8 channels in the UTP cable, only 4 is used for data transmission. So these methods use the rest to provide power to the devices. 
Cisco Provides 3 methods to deliver current through the Ethernet cable:
| Property | Inline Power | 802.3af | 802.3at PoE+ |
| Standard | Cisco Proprietary | IEEE standard | IEEE standard |
| Maximum power delivery | 7W/port | 15.4W/port | 34.20 W |
| Cable speed | 10/100 only | Compatible with gigabit Ethernet | Compatible with gigabit Ethernet |
| Compatibility | Incompatible with all non-Cisco devices that accept power over Ethernet | Not compatible with Cisco inline power – the power negotiation process is completely different | Backward compatible with 802.3af |
The devices connecting to the port are divided into different classes depending up on the power consumption:
| Class | Max Power | |
| 0 | 15.4 W | Default |
| 1 | 4.0 W | |
| 2 | 7.0 W | |
| 3 | 15.4 W | |
| 4 | Undefined | Future Use |
Switch#show power inline ;to see the current status of ports
Switch(config-if)#power inline {auto|never|delay}
Switch(config-if)#power inline {consumption mw | static max mw} ;to give power specifically
Note: We don’t need to type any command. Cisco switch detect all cisco devices and power needed by the devices automatically using CDP.
VTP stands for VLAN Trunking Protocol. Unlike the name implies, VTP is used for replication of VLAN information. That means, we just need to create VLANs or edit VLAN information only on one switch. Then VTP will transfer that information through the trunk link to all other switches which make the administration centralized.
VTP works based on the revision number. By default, VTP revision number is 0 on all switches. If we change any VLAN information on a switch, like… adding VLAN, deleting VLAN, renaming VLAN, etc.. the revision number increases. When other switches get the VTP update, it check the VTP revision number contained in the update with its on VTP revision number. If the local revision number is lower than the one it received, it replace the whole VLAN database with the currently received database.
VTP has three modes – Server, Client and Transparent. Depending upon VTP mode in which the switch operates, it gets the features as follows:
By default cisco switches comes with VTP server mode. Because of there is no VTP Domain name applied to new switches, they act as server for themselves. Also, switches doesn’t participate in VTP until they hear VTP advertisement from another switch.
To see the current VTP status, use the following command
SW1#show vtp status
Now lets make VTP run on every switch as in the figure.
SW1# vtp domain TestDomain
SW2# vtp domain TestDomain
SW3# vtp domain TestDomain
Note: If there is no domain name exist in all switches, then if we configure domain name on SW1, all switches get it automatically.
SW1# vtp mode server
SW2# vtp mdoe transparent
SW3# vtp mode client
eg: SW1# vtp password P1ssw0rd
Note: if we want to set the password, set it on all switches
Default VTP version is 1. if we want to change it to version 2, then do the following command on all switches
eg: SW1# vtp version 2
If we accidently connect a switch with higher revision number and same domain name to the network, all the switches will replace their database to it’s database. Then network connection may not available to users.
Solution:
Before attaching the switch to the network, reset its revision number to zero. Do one of the following to reset revision number to 0
Private VLAN is the technique of dividing single VLAN into different sub VLANs. This is generally used in the ADSL networks. Also, we can use it to simplify the IP address assignment because all ports are in the same subnet, although they are logically separated in the data link layer.
Private VLAN contains two components
Secondary VLANs can be one of these:
Now lets, Create these VLANs as in the figure
Sw1(config)# vlan 100
Sw1(config-vlan)#private-vlan community
Sw1(config)# vlan 200
Sw1(config-vlan)#private-vlan community
Sw1(config)# vlan 300
Sw1(config-vlan)#private-vlan isolated
Sw1(config)# vlan 500
Sw1(config-vlan)#private-vlan primary
Sw1(config-vlan)#private-vlan association 100,200,300
To proceed to next step, we must understand about different types of ports
There are mainly two types of port in Private VLAN - Promiscuous port and Host port. Host port is further divides into two types - Isolated port and Community port.
Now, lets assign these different types of port to different VLANs we created. Remember, every ports except Promiscuous port are host port. So the VLAN which we assign these ports determines whether it is isolated port or community port.
SW1(config)#int range e0/1 - 2
SW1(config-if-range)#switchport
SW1(config-if-range)#switchport mode private-vlan host
SW1(config-if-range)#switchport private-vlan host-association 500 300
SW1(config)#int range e1/0 - 1
SW1(config-if-range)#switchport
SW1(config-if-range)#switchport private-vlan host-association 500 100
SW1(config)#int range e1/2 - 3
SW1(config-if-range)#switchport
SW1(config-if-range)#switchport private-vlan host-association 500 200
SW1(config)#int e0/0
SW1(config-if)#switchport
SW1(config-if)#switchport mode private-vlan promiscuous
SW1(config-if)#switchport private-vlan mapping 500 100,200,300
#hostname client1.ciscofriend.com
#ifconfig eth0 192.168.1.22 (set the IP of Ethernet 0 interface to 192.168.1.22)
#ifconfig eth0 netmask 255.255.255.0 (set the subnet mask)
#ifconfig eth0 hw ether 00:00:00:00:00:11 (To change the MAC address of eth0 interface)
#route add default gw 192.168.1.1 (To change the default gateway)
#ifup eth0
#ifdown eth0
| Port | TCP | UDP | Description |
| 20 | x | FTP-Data | |
| 21 | x | FTP (login access) | |
| 22 | x | x | SSH |
| 23 | x | Telent | |
| 25 | x | SMTP (Mail, MTA) | |
| 49 | x | TACACS+ | |
| 53 | x | x | DNS |
| 69 | x | TFTP | |
| 80 | x | x | HTTP (Web) |
| 110 | x | x | POP3 (email); generally uses TCP) |
| 119 | x | NNTP (Usenet News) | |
| 123 | x | NTP | |
| 139 | x | x | NetBIOS (Microsoft) |
| 143 | x | x | IMAP |
| 161 | x | x | SNMP (Network Monitor) |
| 179 | x | BGP | |
| 443 | x | x | HTTPS |
| 465 | x | SMTPS (Secure Mail over SSL) | |
| 993 | x | x | IMAP (Secure IMAP over SSL) |
| 995 | x | x | POP3S (Secure POP3 over SSL) |
| 1645,1812 | x | RADIUS Authentication | |
| 1646,1813 | x | RADIUS Accounting |
Before starting installation process, make sure that the IP address computer name are correct. Now use server manager to add rolls or type “oobe” in the command prompt. Now the following window will appear:
Press add roles and now press next
Select the Active directory Domain Services check box and press next . This tells the server we want to install active directory
Press next
press next
press install
now we may close this wizard, if we close we need to type “dcpromo” on the command prompt and continue installation. Otherwise, press the link in the window highlighted by blue
Note : all the above steps can be done just typing “dcpromo” in the command prompt.
We are using normal mode. So press next. Advanced mode installation can be used to install read only domain controller
Press next if we are not using NT4 computers
Now Select “Create a new domain in a new forest” because we are creating new domain. If we have existing domain and we want to add additional domain controller, add child domain etc. we must use the other option
Enter the domain name for our new domain
Enter the forest functional level. If forest functional level /domain functional level is higher, more features will be enabled. I will explain about forest and domain functional level in another post.
Enter the domain functional level. As above, higher is better
Select DNS because we don’t have another DNS server. If we have another one, we can use that one.
Note: If static IP not given already, it will give the warning. We can also give the IP address here. if error occurs again, that means you didn’t given IPv6 address. To solve this problem, either give IPv6 address or disable IPv6 addressing by removing check mark in the configuration window of Network card
Press yes and next
Press next if we don’t want to change the location of active directory files. NTDS is the active directory database
Give the password to restore active directory if any problem occurs and press next
This window gives the summary of the answer we already given. If we want, we can press the export button to save the answer file for future installation or command line installation
Now active directory installation starts and tick the check box reboot on completion
After that reboot, we can see the role is installed in server manager. Also check the computer properties for details
Before joining/upgrading the Windows Server 2003 to Windows server 2008 domain, we need to upgrade the schema. To check the scheme is in old version or not, do the following:
Open windows registry by type regedit on the command prompt and go to
Hkey_local_machine > system > current control set > services > ntds> schema version
now check the version :
If it is 31, it means we need to upgrade the schema. To upgrade the schema and make it ready for windows server 2008, do the following:
In the Windows Server 2008 DVD, go to sources > adprep directory and do the following commands
d:\souces\adprep> adprep /forestprep
d:\souces\adprep> adprep /domainprep /gpprep
notes:
Now, we can join the server to Windows Server 2008 domain or if it is already a domain controller, we can upgrade it to Windows Server 2008
ASA(config)#policy-map global_policy
ASA(config-pmap)#class inspection_default
ASA(config-pmap-c)#inspect icmp
On Server
#yum install httpd
Note: if you don’t know how to setup yum you can see this post
For example, if DVD is mounted to /cdrom directory, then
#cp –vrf /cdrom /var/www/html/
Note: alternatively, we can mount the DVD directly to the web accessible, /var/www/html/ path
#service httpd start
Note: if firewall is on, turn off firewall or add exception to port 80
On the installation system
Note: boot.iso not ship with DVD now. So we need to download it from redhat site. Alternatively we can use CentOS netinstall.iso, both are same
http://mirrors.hns.net.in/centos/6.0/isos/x86_64/CentOS-6.0-x86_64-netinstall.iso
http://mirrors.hns.net.in/centos/6.0/isos/i386/CentOS-6.0-i386-netinstall.iso
'linux repo=http://192.168.1.10/cdrom ip=192.168.1.20 netmask=255.255.255.0 gateway=192.168.1.1 dns=192.168.1.1'
Note: if more than one DNS server is available specify it using comma. DNS server address is optional. Here IP is the address of the current system
1. Mount the CD/DVD to a folder
# mkdir /cdrom
# mount -t iso9660 -o ro /dev/cdrom /cdrom
2. Create a repository file for that folder in /etc/yum.repos.d/
# nano /etc/yum.repos.d/cdrom.repo
Now add the following content to the file and save the file
[cdrom]
name=CD repo
baseurl=file:///cdrom
gpgcheck=0
Now we can install software using the yum command
sudo touch /etc/nologin
Note: Now, only root can login to the system. Login as root and delete that file to allow other users to login
rm /etc/nologin
