Quality Of Service QOS – Explained with Example

Understanding QoS

How qos works

Quality of service

The Provision of sufficient Quality of Service (QoS) across IP networks has become a necessary criterion in enterprise IT infrastructure of the future. It has been deemed a necessity especially for voice and the streaming of video over the network.
Let us try and understand why the quality of service (QoS) is vital in today’s and future network, how it (QOS) works and its benefits.

A few commonly used applications running on your network system are sensitive to delay. These applications usually utilize the UDP protocol rather than TCP.

The basic difference between the TCP and UDP protocol in relation to time and sensitivity is that TCP will retransmit packets that are lost in traffic while UDP does not. This immeasurably shows that TCP should be used in the transmission of files for its great feature of re-transmitting,re-ordering of lost or malformed file, TCP helps to recreate these files on the destination PC.

For example; an IP phone call;  packets are transmitted in as an ordered stream, losing even a few packets will result in the voice quality becoming choppy and unintelligible.

Additionally, packets are sensitive to what’s known as jitter.

Jitter is the variation in delay of a streaming application.

Packet loss, delay or jitter are normally caused by enormous traffic or over-use of your network bandwidth which is above what it can handle, but if your network has plenty of it, that should be any problem, delays or lost packets.
In a situation where you are dealing with large enterprise networks, there will be times where links become hugely congested to the point where routers and switches start dropping packets because they are coming in/out faster than what can be processed. As a result, your streaming applications are going to suffer. This is where QoS comes in.

How does QoS work?

Quality of Service assists in the management of packet loss, delay and jitter on your network infrastructure.
Bandwith usage is growing huge day by day as the internet continue to expand. Since we’re working with a finite amount of bandwidth, our foremost priority is to identify those applications that would benefit most.

As a network administrator, you need to prioritize the use of bandwidth for certain applications. Once you discover the applications that need to have priority over bandwidth on a network, the next step is to identify that traffic.

There are several ways to identify or mark the traffic:
1. Class of Service (CoS) –
2. Differentiated Services Code Point (DSCP) are two examples.
CoS will mark a data stream in the layer 2 frame header while DSCP will mark a data stream in the layer 3 packet header.
Various applications can be marked differently, which allows the network equipment to be able to categorize data into different groups.

After you categorized data steams into different groups, you then use that information to create a policy that will provide preferential or higher priority of transmission to some data over others. This is called queuing.

Let us take an example:

In your network policy, if voice traffic is tagged and given access to the majority of network bandwidth on a link,
the routing or switching device will move voice packets/frames to the front of the queue and transmit them immediately.
But if the policy marks voice data with a lower priority, it will wait (be queued) until there is sufficient bandwidth to transmit.
When the queue becomes too much, the lower-priority packets/frames are the first to get dropped.

But, be it as it may, in today’s enterprise networks, QoS policy favors voice and video streams because they are the most commonly used!…also in our ever-increasing IoT, much priority and bandwidth leverage are given to highly time-sensitive data such as temperature, humidity, and location awareness etc.
QoS play an increasingly important role in making sure that certain data streams are given priority over others in order to operate efficiently.

The figure above shows the internals of a router, how packets are processed during transmission on a link:

Step 1. The network router enabled with QOS tools makes a forwarding (routing) decision on packets.
Step 2. The queuing tool uses classification logic to determine which packets go into which output queue.
Step 3. The router holds the packets in the output queue waiting for the outgoing interface to be available to send the next message.
Step 4. The queuing tool’s scheduling logic chooses the next packet, effectively prioritizing one packet over another.

Multi-Protocol Label Switching (MPLS) Explained with Examples

What is Multi-Protocol Label Switching (MPLS)?

Multiprotocol Label Switching (MPLS) is a type of network data traffic technique which carries data from one network device to the next using short path labels instead of long and complex network router lookups in a routing table.

Ok…simple said; MPLS is best summarized as a middleman protocol between Layer 2 and Layers 3 in the OSI model. Some tech pundits calls it “Layer 2.5 networking protocol”.

In the traditional OSI model, Layer 2 covers protocols like Ethernet and which can traffic IP packets over LANs or point-to-point WANs only.
Then; Layer 3 takes care of the Internet-wide addressing and routing using IP protocols…

Now..MPLS sits between these traditional layers (2&3), providing additional features for the transport of data across the network. It simply uses packet-forwarding technology known as labels in order to make data forwarding decisions.


In a traditional IP network, each network router performs an IP lookup on the routed data or packet, the router determines a next-hop based on its routing table, and forwards the packet to the next-hop. Every router does the same on the same data or packet each making its own independent routing decisions, until the final destination is reached.

In an MPLS enabled network, MPLS does “label switching”; which means the first router or network device does a routing lookup, but instead of finding a next-hop, it finds the final destination router.

MPLS configured router applies a “label” on the data, other routers use the label to route the traffic without needing to perform any additional IP lookups. At the final destination router the label is removed and the packet is delivered via normal IP routing.

What is a label? What is the structure of the label?

A label is a short, four-byte, fixed-length, locally-significant identifier which is used in order to identify a Forwarding Equivalence Class (FEC).
The label which is put on a particular packet represents the FEC to which that packet is assigned.

To actually make MPLS work, you need a preset paths which are called label-switched paths (LSPs). An LSP is required for any MPLS forwarding to occur.
An LSP is essentially a unidirectional tunnel of MPLS information exchange among routers in an MPLS network.
MPLS router operates on a preset paths for various source to destination.
To accomplisg real efficiencies over typical IP routing, every router on the LSP must be able to switch the packet forward.

What is important here is that every router along the LSP from router 1 to router 6 must have the same view of the LSP.

MPLS Router Roles/Positions

Label switch router/ (LSR) or transit router:
This the router(s) in an MPLS network that performs routing based only on the labelling and swapping of packets..
The LSR router are normally located in the middle of an MPLS network. It is responsible for switching the labels used to route packets.

When an LSR receives a packet, it examines and indexes the label included in the packet header so as to determine the next hop on the label-switched path (LSP) and a corresponding label for the packet from its lookup table.
The old label is then removed from the header and replaced with the new label before the packet is routed forward.

Label edge router
A label edge router (LER, also known as edge LSR or “ingress node”) is a router that operates at the edge of an MPLS network and acts as the entry and exit points for the network.These edge router places an MPLS label on an incoming packet and send it forward into the MPLS domain.
The same job is performed upon receiving a labelled packet which is destined to exit the MPLS domain, the LER removes the label and forwards the IP packet using normal IP address.

Provider router
In an MPLS based virtual private network (VPN) environment, LERs that functions as ingress and/or egress routers to the VPN are often called PE (Provider Edge) routers. Devices that function only as transit routers are similarly called P (Provider) routers.
The job of a P router is significantly easier than that of a PE router, so they can be less complex and may be more dependable because of this.

Label Distribution Protocol
Labels are distributed between LERs and LSRs using the Label Distribution Protocol (LDP).
LSRs in an MPLS network regularly exchange label and reachability information with each other using standardized procedures in order to build a complete picture of the network they can then use to forward packets.
CE is the “Customer Edge”, the customer device or router a PE router talks to.

Cisco Dynamic Trunking Protocol (DTP) Explained

Understanding Dynamic Trunking Protocol (DTP)

The Dynamic Trunking Protocol (DTP) is a Cisco proprietary protocol that is automatically enabled on Catalyst 2960 and Catalyst 3560 Series switches. DTP is used to negotiate forming a trunk link between two or more Cisco devices before actually forming the trunk connection. The main benefit of DTP is to increase traffic on a trunked link.
A Non-Cisco network device or Switch from other vendors do not support DTP. DTP manages trunk negotiation only if the port on the neighbor switch is configured in a trunk mode that supports DTP.

Switch trunk interfaces support different trunking modes. An interface can be set to Trunking, nontrunking, or to Negotiate. Ethernet Trunk negotiation is managed by the Dynamic Trunking Protocol (DTP), which operates on a point-to-point basis between network devices.

The default DTP configuration for Cisco Catalyst 2960 and 3560 switches is in “dynamic auto” or “dynamic desirable” mode.

For you to enable trunking between a Cisco switch to a non-Cisco switch or device that does not support DTP, use the switchport mode trunk and switchport nonegotiate interface configuration mode commands. This causes the interface to become a trunk but not generate DTP frames.

In order to avoid misconfigurations and wrongly forwarded of DTP frames by a non-Cisco device, turn off DTP on interfaces on a Cisco switch connected to devices that do not support DTP.

In the diagram below:

The Fa0/1 ports on Cisco switch1 and Cisco Switch2 are set to dynamic auto, dynamic desirable so the negotiation results in the trunking state. This creates an active trunk link.

dtp with dynamic auto and desirable

dtp with dynamic desirable and desirable

How to configure dynamic desirable mode

Sw1#configure terminal
Sw1(config)#interface fa0/1
Sw1(config-if)#switchport mode dynamic desirable

How to configure dynamic auto mode

Sw1#configure terminal
Sw1(config)#interface fa0/1
Sw1(config-if)#switchport mode dynamic auto

In the diagram below,  the link between switches Switch1 and Switch2 becomes a trunk because the Fa0/1 ports on Cisco switch1 and Non-Cisco switch2 are configured to ignore all DTP advertisements and to come up in and stay in trunk port mode.

How to configure trunk mode

Sw1#configure terminal
Sw1(config)#interface fa0/1
Sw1(config-if)#switchport mode trunk

How to configure trunk mode with nonegotiate

Sw1#configure terminal
Sw1(config)#interface fa0/1
Sw1(config-if)#switchport mode trunk
Sw1(config-if)#switchport nonegotiate


In the diagram below: The F0/1 ports on Cisco switch1 and Cisco Switch2 are set to dynamic auto, so the negotiation results in the access mode state. This creates an inactive trunk link.

DTP Negotiated Interface Modes Explained:
Switches support different trunking modes with the help of DTP:
• Switchport mode access: This puts the interface (access port) into permanent nontrunking mode and negotiates to convert the link into a nontrunk link. The interface becomes a nontrunk interface, regardless of whether the neighboring interface is a trunk interface.
• Switchport mode dynamic auto: This enables the interface to convert the link to a trunk link. The interface becomes a trunk interface if the neighboring interface is set to trunk or desirable mode. The default switchport mode for newer Cisco switches Ethernet interfaces is dynamic auto. Note that if two Cisco switches are left to the common default setting of auto, a trunk will never form.
• Switchport mode dynamic desirable: This places the interface in an active attempt to convert the link to a trunk link. The interface becomes a trunk interface if the neighboring interface is set to trunk, desirable, or auto mode.
• Switchport mode trunk Puts the interface into permanent trunking mode and negotiates to convert the neighboring link into a trunk link. The interface becomes a trunk interface even if the neighboring interface is not a trunk interface.
• Switchport nonegotiate: This mode prevents the interface from generating DTP frames. You can use this command only when the interface switchport mode is access or trunk. You must manually configure the neighboring interface as a trunk interface to establish a trunk link.

Also, Read VLAN Trunking Protocol

RIP Routing Loop Explained

Split Horizon, Route Poisoning and Holddown Explained

Split Horizon
RIP as a distance vector protocols is also susceptible to routing loops (network problem which enable a data packet to continually being routed through the same routers over and over. The data packets continue to be routed within the network in an endless circle.) .

Split horizon is one of the features of distance vector routing protocols that prevents routing loops. This feature prevents a router from advertising a route back onto the interface from which it was learned or received.

example network topology.

routing loop split horizon

Using the above diagram, R2 has a route to the subnet that is advertised to router R1 by using RIP.
R1 receives the update and stores the route in its routing table.
R1 knows that the routing update for that route has come from R2, so it won’t advertise the route back to router R2, because, if the route to the network goes down, router R1 could receive a route to the subnet from R2.

Router R1 now believes that R2 has the route to reach the subnet, and uses that route. R2 receives update packets from R1 and sends them back to R2, because both routers thinks that each has a route to reach the subnet, this will go on forever; this what is called a routing loop.

Route Poisoning
Route poisoning is another method distance vector routing protocols use to prevent routing loops.
When a router detects that one of its directly connected routes has failed, the router sends the advertisement for that route with an infinite metric of 16 (“poisoning the route”).
Any router on the network that receives the update will realise that the route has failed and doesn’t use it anymore.

Consider the following example.

route poisening

Note this; R1 is directly connected to the subnet.
R1 has RIP enabled and the subnet is advertised to R2.
When the R1’s Fa0/1 interface fails, a route update advertisement is sent by R1 to R2, indicating that the route has failed.
The route will be labelled with a metric of 16, which is more than the RIP’s maximum hop count of 15, so R1 considers the route to be unreachable.

Holddown is another loop-prevention mechanism use by distance vector routing protocol.
This feature prevents a router from learning new information about a failed route. When a router receives update information about an unreachable route, a holddown timer is instantly started.
The router overlooks all routing updates for that route until the timer expires (180 seconds is default for RIP). The only routing updates permitted during that period are updates sent from the router that initially advertised the route.
If R1 router advertises the update, the hold-down timer is stopped and the routing information is processed.
Lets use the following network topology below as an example:

RIP hold down timer

The hold down time starts by R2 after it received a failed (unreachable) route update advertisenmt from R1..
During that time all updates from any other routers about that route are ignored to prevent routing loops.
If interface Fa0/1 on R1 comes back up, R1 will advertises the route once more. R2 process that update even while the hold-down timer is still running, because the update is sent by the same router that originally advertised the route.

DHCP Snooping Explained


The Dynamic Host Configuration Protocol (DHCP) allocates IP addresses dynamically,
it leases addresses to connected devices and the addresses can be reused when no longer needed.

All connected Hosts and end devices that require IP addresses obtained through DHCP must communicate with a DHCP server across the LAN.

DHCP snooping acts like a firewall between trusted DHCP servers and untrusted hosts . DHCP snooping acts as a guardian or in the form of network security .
DHCP snooping enables the switching or network device, which can be either a switch or a router, to monitor DHCP messages received from untrusted devices connected to the switching device.

When DHCP snooping is enabled on a switched network or VLAN, it examines all DHCP messages sent from untrusted hosts associated with the network or VLAN and extracts their IP addresses and lease information.

dhcp snooping explained

DHCP Snooping Binding Database

All extracted information will be used to build and maintain the DHCP snooping database, also known as the binding table.
Only verified hosts from this database are allowed access to the network.

The database contains an entry for each untrusted host with a leased IP address if the host is associated with a VLAN that has DHCP snooping enabled.

The database does not contain entries for hosts connected through trusted interfaces.
Each entry in the DHCP snooping binding database includes the MAC address of the host, the leased IP address, the lease time, the binding type, and the VLAN number and interface information associated with the host.

Features of DHCP snooping

•DHCP snooping validates incoming messages received from untrusted sources and filters out invalid messages.

•DHCP snooping Builds, maintains and stores information about untrusted hosts these includes their IP-MAC address binding, the lease time for the IP address, type of binding, VLAN name, and interface for each host.

All these information are extracted, maintained and stored in the DHCP snooping binding database to be validated.

•DHCP snooping uses the binding database to validate subsequent requests from untrusted hosts.

Dynamic ARP inspection (DAI) and IP Source Guard also use information stored in the DHCP snooping binding database.

By default, DHCP Snooping is disabled, DHCP Snooping can be enabled on a single VLAN or a range of VLANs across the network.

DHCP Packet Validation

Switches validates DHCP packets received on the untrusted interfaces of all configured VLANs with DHCP snooping enabled.
The switch then forwards the DHCP packet or packet will be dropped if its fails validation.

When the DHCP snooping service detects a violation, the packet is dropped, and a message is logged that includes the text :


If the switch is configured to send logs to a syslog server.

Messages alerts thats is likely to appear:


The above message indicates that the source frame and embedded client hardware address in a DHCP request differ, and seems to be unfortunately common.

If you see these, consider investigating a few of them to verify that the issue is indeed a poor vendor DHCP client or IP forwarding implementation, and determine your policy going forward.


Such messages are  usually serious . This message indicate that a client is being spoofed, or worse . sounds like a rogue DHCP server is in operation.

The following conditions must be met before the switch will forward a packet:

•When the switch receives a packet (with a DHCPOFFER, DHCPACK, DHCPNAK, or DHCPLEASEQUERY packet) from a DHCP server outside the network or firewall.

•The switch receives a packet on an untrusted interface, and the source MAC address and
the DHCP client hardware address do not meet validation rules. This check can only be performed if the DHCP snooping MAC address verification option is turned on.

•The switch receives a DHCPRELEASE or DHCPDECLINE message from an untrusted host with an entry in the DHCP snooping binding table, and the interface information in the binding table does not match the interface on which the message was received.

•The switch receives a DHCP packet that includes a relay agent IP address that is not


1. The network device sends a DHCPDISCOVER packet to request an IP address.

2. The switching device forwards the packet to the DHCP server.

3. The server sends a DHCPOFFER packet to offer an address. If the DHCPOFFER packet is from a trusted interface, the switching device forwards the packet to the DHCP client.

4. The network device sends a DHCPREQUEST packet to accept the IP address.

5. The switching device adds an IP-MAC placeholder binding to the database. The entry is considered a placeholder until a DHCPACK packet is received from the server. Until then,
the IP address could still be assigned to some other host.

6. The server sends a DHCPACK packet to assign the IP address or a DHCPNAK packet to deny the address request.

7. The switching device updates the DHCP snooping database according to the type of packet received (If the switching device receives a DHCPACK packet, it updates lease information for the IP-MAC bindings in its database.
If the switching device receives a DHCPNACK packet, it deletes the placeholder.)

How to Enable DHCP Snooping

This example shows how to enable DHCP snooping globally and on VLAN 8 and to configure a rate limit of 100 packets per second on a port:

Sw1(config)# ip dhcp snooping
Sw1(config)# ip dhcp snooping vlan 8
Sw1(config)# ip dhcp snooping information option
Sw1(config)# interface gigabitethernet0/1
Sw1(config-if)# ip dhcp snooping limit rate 100

DHCPv6 Snooping

What is Link Layer Discovery Protocol (LLDP)?

Understanding LLDP and LLDP-MED

The smooth running operation of the various networking devices in a LAN or switched network means that all protocols and applications are enabled and that all devices and are configured correctly.
However, the larger the network gets, the more difficult it will be for the network administrator to control, manage and sort out configuration problems.

This is where the IEEE 802.1AB Link Layer Discovery Protocol (LLDP) steps in.

If your network is running only Cisco network devices (routers, bridges, access servers, and switches), is a known fact that Cisco Discovery Protocol (CDP) which runs over layer 2 (data link layer) can be used for network management of applications and to automatically discover and learn about other Cisco devices connected to the network.

The Link Layer Discovery Protocol (LLDP) is a protocol that can be used to support a non Cisco devices on your network.

LLDP is a neighbor discovery protocol that is used for network devices to advertise information about themselves to other devices on the network and learn about each other.

LLDP like CDP, runs over the data-link layer of your network that includes a non Cisco devices or different network layer protocols.


How does LLDP work?

LLDP enabled network devices regularly exchange LLDP advertisements with their network neighbors and store these information in their internal database (MIB).
A Network Management Software – NMS can use SNMP to access this information to build an inventory of the network devices connected on the network,and  other applications.

Features of LLDP

LLDP have some features it uses in advertising,discovering and learning neighbor devices. These attributes contain type, length, and value descriptions and are referred to as TLVs.

TLVs are used by LLDP to receive, send and gather information to and from their neighbors. Details such as configuration information, device capabilities, and device identity are information advertised using this protocol.

Cisco Catalyst switch supports the following basic management TLVs:

•Port description TLV

•System name TLV

•System description TLV

•System capabilities TLV

• Management address TLV

These organizationally specific LLDP TLVs are also advertised to support LLDP-MED.

•Port VLAN ID TLV ((IEEE 802.1 organizationally specific TLVs)

•MAC/PHY configuration/status TLV(IEEE 802.3 organizationally specific TLVs)

How to configure LLDP

Disabling and Enabling LLDP on an Interface
LLDP is disabled globally on all supported interfaces. You must enable LLDP globally to allow a device to send LLDP packets. However, no changes are required at the interface level.

You can configure individual interface to selectively not to send and receive LLDP packets with the no lldp transmit and no lldp receive commands.

This example shows how to globally enable LLDP.

Switch# configure terminal
Switch(config)# lldp run
Switch(config)# end

This example shows how to globally disable LLDP.

Switch# configure terminal
Switch(config)# no lldp run
Switch(config)# end

Understanding LLDP-MED

LLDP for Media (LLDP-MED) is an extension to LLDP that operates between endpoint devices such as IP phones and network devices such as switches.
LLDP-MED specifically supports voice over IP (VoIP) applications and provides additional TLVs for capabilities discovery, network policy, Power over Ethernet, inventory management, and location information. By default, all LLDP-MED TLVs are enabled.

Configuring LLDP-MED TLVs
By default, the Cisco catalyst switch only sends LLDP packets until it receives LLDP-MED packets from the end device.
The switch continues to send LLDP-MED packets until it only receives LLDP packets.

This example shows how to enable a TLV on an interface when it has been disabled.

Switch# configure terminal
Switch(config)# interface GigabitEthernet1/0/1
Switch(config-if)# lldp med-tlv-select inventory management
Switch(config-if)# end

Related Posts:

What is Syslog? Syslog Explained.

System Message Logging – SYSLOG

Modern network devices have advanced from simple transmitting of messages (email.documents, multimedia etc), network devices like Cisco routers and switches provide the features for network administrators to reading system messages from their internal buffer about network situation at a particular time.

The way do this is by using Syslog server.

Cisco network devices (Routers and Switches) use Syslog to send system messages and debug output to a local logging process inside the device. These system messages can even be sent across the network to a syslog server or to an internal buffer so that you can view them at your convenience at a later time right through the device command line interface. Whichever way you choose is configurable.

You can use the following destinations for syslog messages:

• The logging buffer (RAM inside the router or switch)
• The console line
• The terminal lines
• A syslog server

syslogging in the network

So you know, all system messages and debug output generated by the router or switch IOS go out only the console port by default and are also logged in buffers in RAM. To accomplish the sending of messages from Cisco routers, to the VTY lines, use the terminal monitor command.

Basically, by default, you will see something like this on your console line:

*Oct 21 17:33:50.565:%LINK-5-CHANGED:Interface FastEthernet0/0, changed
state to administratively down
*Oct 21 17:33:51.565:%LINEPROTO-5-UPDOWN:Line protocol on Interface
FastEthernet0/0, changed state to down

Cisco router would send a summarized version of the message to the syslog server that would look something like this:

Seq no:timestamp: %facility-severity-MNEMONIC:description

A detail explanation on what this means:
seq no : This a sequence number of the message, but not by default. for you to know the time the message was sent, you’ve got to configure it.
Timestamp : This means Data and time of the message or event, which also need to be configured
Facility : The facility to which the message refers.
Severity : this a single-digit code from 0 to 7 that shows the severity of the message.
MNEMONIC : Text string that uniquely describes the message.
Description : Text string containing detailed information about the event being reported.

Example of Real syslog message:

Apr 10 14:10:01.052: %MESKING-5-UPDOWN: Line protocol on Interface FastEthernet0/0,
changed state to down

= A timestamp: *Apr 10 14:10:01.052
The facility on the router that generated the message: %MESKING
The severity level: 5
A mnemonic for the message: UPDOWN
The description of the message: Line protocol on Interface FastEthernet0/0, changed state to down

Syslog Severity levels Explained:

Emergency (severity 0)  System is unusable.
Alert (severity 1)  Immediate action is needed.
Critical (severity 2)  Critical condition.
Error (severity 3)  Error condition.
Warning (severity 4)  Warning condition.
Notification (severity 5)  Normal but significant condition.
Information (severity 6)  Normal information message.
Debugging (severity 7)  Debugging message.

How to Configure and Verifying Syslog.

Cisco devices send all log messages according to the severity level you configure or chosen to the console.
These messages also go to the buffer, and both happen by default.
You can disable and enable these features with the following commands, to enable use:

Router(config)#logging ?

The above command with a question mark will display all the option to choose from.

Router(config)#logging console
Router(config)#logging buffered

The configuration above can be used to enable the console and buffer to receive all log message of all severity, just know that this is the default setting for all Cisco IOS devices.

If you want to disable the defaults, use the following commands:

Router(config)#no logging console
Router(config)#no logging buffered

A Syslog server saves copies of console messages and can time-stamp them for viewing at a later time. This feature can be enabled with the following command:

HQ(config)#service timestamps log datetime msec

The above command will save all the console messages in one location to be viewed at your convenience! use the logging host ip_address command.

syslogging in the network

You can set a limit to a number of messages sent to the syslog server, based on severity with the following command:

SF(config)#logging trap warnings

The command above shows that you can use either the number or the actual severity level name—and they are in alphabetical order, not severity order, Cisco router will send messages for levels 0 through 4 (warnings)

What is Stateless DHCPv6? Explained with Examples

Stateless DHCPv6 Server and Client Autoconfiguration.

During the SLAAC process, the client receives information to create an IPv6 global unicast address.
This includes the default gateway information from the source IPv6 address in the RA message, which is the link-local address of the router.
A stateless DHCPv6 server can be used to provide information that might not be included in the RA message (DNS server address and the domain name).

Stateless DHCPv6 Server Configuration command terms:

The ipv6 dhcp server interface command binds the DHCPv6 pool to the interface.
The O flag needs to be changed from 0 to 1 using the interface command ipv6 nd other-config-flag.

Stateless DHCPv6 Server Configuration

we use the topology below to configure stateless DHCP servers and clients.

dhcp sever config

R1(config)#ipv6 unicast-routing
R1(config)#ipv6 dhcp pool Stateless_DHCP
R1(config-dhcpv6)#dns-server AAAA:BBBB:CCCC:DDDD::FFFF
R1(config-dhcpv6)#domain-name orbitCO.com
R1(config)#interface s0/0/0
R1(config-if)#ipv6 address 2001:df6:adac:1::1/64
R1(config-if)#ipv6 dhcp server Stateless_DHCP
R1(config-if)#ipv6 nd other-config-flag

Stateless DHCPv6 Client Configuration

we use the same topology below to configure stateless DHCP client.

dhcp sever config
Stateless DHCPv6 Client Configuration command terms.

The ipv6 enable command is used to enable for a global unicast addressing.
The ipv6 address autoconfig command enables automatic configuration of IPv6 addressing using SLAAC

R2(config)#interface s0/0/0
R2(config-if)#ipv6 enable
R2(config-if)#ipv6 address autoconfig

Stateless DHCPv6 Verification

R2#show ipv6 interface s0/0/0
Serial0/0/0 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::2
No Virtual link-local address(es):
Stateless address autoconfig enabled
Global unicast address(es):
    2001:DF6:ADAC:1::2, subnet is 2001:DF6:ADAC:1::/64 [EUI/CAL/PRE]
       valid lifetime 2591259 preferred lifetime 604059
Joined group address(es):
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 30000)
ND RAs are suppressed (periodic)
Hosts use stateless autoconfig for addresses.

From the display above, the show ipv6 interface command shows that the router has “Stateless address autoconfig enabled” and has an IPv6 global unicast address (2001:DF6:ADAC:1::2) and displays the subnet address (2001:DF6:ADAC:1::/64) as well.
The IPv6 global unicast address was created using SLAAC which includes the prefix which can be found in the RA message.
The Interface ID was generated using EUI-64 which is displayed to the right of the subnet address.
The Duplicate Address Detection (DAD) is used in verifying that no one else on your network is using the same address you created.

How to Configure DHCPV6 Stateful Auto-configuration (Server and Client .

DHCP Snooping Explained

IPv6 Routing Protocols Explained

IPv6 Explained

What is Stateful DHCPv6: DHCPv6 Autoconfiguration- Server and Client.

How to Configure DHCPV6 Stateful Auto-configuration (Server and Client )

DHCPv6 Server command Terms:

IPv6 dhcp pool: This command creates a pool and enters the router in DHCPv6 configuration mode.
Address : This command is used to indicate the pool of addresses to be allocated by the server. The lifetime option indicates the valid and preferred lease times in seconds.
IPv6 dhcp server interface : This command binds the DHCPv6 pool to the interface.
The M flag needs to be changed from 0 to 1 using the interface command ipv6 nd managed-config-flag.

 DHCPV6 Server stateful Autoconfiguration Example:

We use the diagram below as an example topology:

dhcp sever config

R1(config)#ipv6 unicast-routing
R1(config)#ipv6 dhcp pool Stateful_DHCP
R1(config-dhcpv6)#address prefix 2001:df6:adac:1::/64 lifetime infinite infinite
R1(config-dhcpv6)#dns-server AAAA:BBBB:CCCC:DDDD::FFFF
R1(config-dhcpv6)#domain-name orbitCO.com
R1(config)#interface s0/0/0
R1(config-if)#ipv6 address 2001:df6:adac:1::1/64
R1(config-if)#ipv6 dhcp server Stateful_DHCP
R1(config-if)#ipv6 nd managed-config-flag

How to configure DHCPV6 Client Stateful Autoconfiguration

DHCPv6 Client command Terms:

IPv6 enable interface : This command allows the router to receive a link-local address in order to send RS messages and participate in DHCPv6.
IPv6 address dhcp interface : This command enables the router as a DHCPv6 client on this interface. This Configuration allows a router to act as a DHCP client.

Example DHCPv6 Client topology configuration:

dhcp sever config
R2(config)#interface s0/0/0
R2(config-if)#ipv6 enable
R2(config-if)#ipv6 address dhcp

How to verify DHCPv6 Server configuration

Use the show ipv6 dhcp pool command to verifies the name of the DHCPv6 pool and its parameters. The number of active clients is 1, which reflects client R2 receiving its IPv6 global unicast address from this server.

R1#show ipv6 dhcp pool
DHCPv6 pool: Stateful_DHCP
Address allocation prefix: 2001:DF6:ADAC:1::/64 valid 4293967297 preferred 4293967297 (1 in use, 0 conflicts)
Domain name: orbitCO.com
Active clients: 1
Use the show ipv6 dhcp binding command, this displays the automatic binding between the link-local address of the client and the address assigned by the server.

R1#show ipv6 dhcp binding
Client: FE80::2
DUID: 000300018C2054EC6F18
Username: unassigned
IA NA: IA ID 0x00070001, T1 43200, T2 69120
Address: 2001:DF6:ADAC:1:2CFA:91CD:C683:D1F5
preferred lifetime INFINITY, , valid lifetime INFINITY,

How to verify Stateful DHCPv6 Client configuration

Use the The show ipv6 dhcp interface command to view the interfaces that were configured via DHCP. This command also displays the link-local address of the DHCP server.

R2#show ipv6 dhcp interface
Serial0/0/0 is in client mode
    Prefix State is IDLE
    Address State is OPEN
    Renew for address will be sent in 10:32:14
    List of known servers:
       Reachable via address: FE80::1
       DUID: 000300018C2054FF38A0
       Preference: 0
       Configuration parameters:
         IA NA: IA ID 0x00070001, T1 43200, T2 69120
            Address: 2001:DF6:ADAC:1:B0A4:64F:CA3F:FA2D/128
                   preferred lifetime INFINITY, valid lifetime INFINITY
       Domain name: orbitCO.com
       Information refresh time: 0
Prefix Rapid-Commit: disabled
Address Rapid-Commit: disabled

How to Configure DHCPv6 Host Stateful Auto-configuration Example

How to Configure DHCPv6 Stateless Auto-configuration (Server/Client)

DHCP Snooping Explained

EIGRPv6 Explained

OSPFv3 Explained

RIPv6 or RIPng Explained

How to Cable LANs and WANs

Cabling LANs and WANs.

When planning the installation of LAN cabling, choosing the cables necessary to make a successful LAN or WAN connection requires consideration of the different media types.
There are many different Physical layer implementations that support multiple media types:
• UTP (Category 5, 5e, 6, and 7)
• Fiber-optics
• Wireless
Each media type has its advantages and disadvantages. Some of the factors to consider are:
• Cable length – Does the cable need to span across a room or from building to building?
• Cost – Does the budget allow for using a more expensive media type?
Bandwidth – Does the technology used with the media provide adequate bandwidth?
• Ease of installation – Does the implementation team have the ability to install the cable or is a vendor required?
• Susceptible to EMI/RFI – Is the local environment going to interfere with the signal?

Making LAN Connections

UTP cabling connections are specified by the Electronics Industry Alliance/Telecommunications Industry Association (EIA/TIA).


The RJ-45 connector is the male component crimped on the end of the cable. When viewed from the front, the pins are numbered from 8 to 1.
When viewed from above with the opening gate facing you, the pins are numbered 1 through 8, from left to right.
This orientation is important to remember when identifying a cable.

rj45 connector

rj45 connector explained

Types of Interfaces

In an Ethernet LAN, devices use one of two types of UTP interfaces – MDI or MDIX.

The MDI (media-dependent interface) uses the normal Ethernet pinout. Pins 1 and 2 are used for transmitting and pins 3 and 6 are used for receiving.
Devices such as computers, servers, or routers will have MDI connections.

The devices that provide LAN connectivity – usually hubs or switches – typically use MDIX (media-dependent interface, crossover) connections.
The MDIX connection swaps the transmit pairs internally. This swapping allows the end devices to be connected to the hub or switch using a straight-through cable.

Typically, when connecting different types of devices, use a straight-through cable. And when connecting the same type of device, use a crossover cable.

Straight-through UTP Cables

A straight-through cable has connectors on each end that are terminated the same in accordance with either the T568A or T568B standards.

Identifying the cable standard used allows you to determine if you have the right cable for the job. More importantly, it is a common practice to use the same color codes throughout the LAN for consistency in documentation.

Use straight-through cables for the following connections:
Switch to a router Ethernet port
Computer to switch
Computer to hub

straight through cable

Crossover UTP Cables

For two devices to communicate through a cable that is directly connected between the two, the transmit terminal of one device needs to be connected to the receiving terminal of the other device.

The cable must be terminated so the transmit pin, Tx, taking the signal from device A at one end, is wired to the receive pin, Rx, on device B. Similarly, device B’s Tx pin must be connected to device A’s Rx pin. If the Tx pin on a device is numbered 1, and the Rx pin is numbered 2, the cable connects to pin 1 at one end with pin 2 at the other end. These “crossed over” pin connections give this type of cable its name, crossover.

To achieve this type of connection with a UTP cable, one end must be terminated as EIA/TIA T568A pinout, and the other end terminated with T568B pinout.

Crossover cables directly connect the following devices on a LAN:
• Switch to switch
• Switch to hub
• Hub to hub
• Router to router Ethernet port connection
• Computer to computer
• Computer to a router Ethernet port

crossover cable


Use straight-through cables for connecting:
• Switch to router
• Computer to switch
• Computer to hub

Use crossover cables for connecting:
• Switch to switch
• Switch to hub
• Hub to hub
• Router to router
• Computer to computer
• Computer to router

MDI/MDIX Selection

Many devices allow the UTP Ethernet port to be set to MDI or MDIX. This can be done in one of three ways, depending on the features of the device:

1. On some devices, ports may have a mechanism that electrically swaps the transmit and receive pairs.
The port can be changed from MDI to MDIX by engaging the mechanism.

2. As part of the configuration, some devices allow for selecting whether a port functions as MDI or as MDIX.

3. Many newer devices have an automatic crossover feature.
This feature allows the device to detect the required cable type and configures the interfaces accordingly. On some devices, this auto-detection is performed by default.
Other devices require an interface configuration command for enabling MDIX auto-detection.

Making WAN Connections

By definition, WAN links can span extremely long distances. These distances can range across the globe as they provide the communication links that we use to manage e-mail accounts, view web pages, or conduct a
teleconference session with a client.

Wide area connections between networks take a number of forms, including:
• Telephone line RJ11 connectors for dial-up or Digital Subscriber Line (DSL) connections
• 60 pin Serial connections
Cisco routers use one of two types of physical serial cables.
Both cables use a large Winchester 15 Pin connector on the network end. This end of the cable is used as a V.35 connection to a Physical layer device such as a CSU/DSU.

The first cable type has a male DB-60 connector on the Cisco end and a male Winchester connector on the network end.
The second type is a more compact version of this cable and has a Smart Serial connector on the Cisco device end.
It is necessary to be able to identify the two different types in order to connect successfully to the router.

Data Communications Equipment and Data Terminal Equipment – DCE/DTE

DCEs and DTEs are used in WAN connections. The communication via a WAN connection is maintained by providing a clock rate that is acceptable to
both the sending and the receiving device. In most cases, the telco or ISP provides the clocking service that synchronizes the transmitted signal.

The following terms describe the types of devices that maintain the link between a sending and a receiving device:
• Data Communications Equipment (DCE) – A device that supplies the clocking services to another device. Typically,
this device is at the WAN access provider end of the link.
• Data Terminal Equipment (DTE) – A device that receives clocking services from another device and adjusts accordingly.
Typically, this device is at the WAN customer or user end of the link.
If a serial connection is made directly to a service provider or to a device that provides signal clocking such as a channel service unit/data service unit (CSU/DSU), the router is considered to be data terminal equipment (DTE) and will use a DTE serial cable.

For example, if a device connected via a WAN link is sending its signal at 1.544 Mbps, each receiving device must use a clock,  sending out a sample signal every 1/1,544,000th of a second. The timing, in this case, is extremely short.
The devices must be able to synchronize to the signal that is sent and received very quickly.

By assigning a clock rate to the router, the timing is set. This allows a router to adjust the speed of its communication operations,  thereby synchronizing with the devices connected to it.

Networking Books and Resources

Local Area Network

Wide Area Network