Create New Article

Wiki Search

Personal tools

Advanced TCP/IP Topics

From Proprofs

Advanced TCP/IP Topics

You are here: Home > Schools > Cisco > CCNA Certification > Wiki Home >CCNA Wiki

Cisco CCNA ICND Study Guide

By Cbrzana

Table Of Contents

Advanced TCP/IP Topics

Scaling the IP Address Space for the Internet

Due to rapid increase in internet use, it was feared that IP addresses would be used up by the mid-1990s.


  • Increase size of IP address (IPv6), 128 bits
  • Network Address Translation (NAT) and private addressing
  • Use private networks internally and still communicate w/ Internet
  • Classless Interdomain Routing (CIDR) allows ISPs to reduce wasting of IPs by assigning a company a subset of a network number rather than the entire network.


  • Help scalability of internet routers (fewer routes need to exist in routing table)
  • Assign subset of network numbers depending on customer needs

Private Addressing

  • Private addresses defined in RFC 1918, set of networks that will never be assigned to any organization as a registered network number.

Range of IP Addresses Class Number of Networks to A 1 to B 16 to C 256

Changes the private IP addresses to publicly registered IP address inside each IP packet
Static NAT: Configures a 1-1 mapping between the private address and the registered address that is used on its behalf.
:Inside local = private address Inside Global = public address
Dynamic NAT: 1-1 mapping between inside local and inside global address. However, this mapping occurs dynamically.
1. Sets up pool of possible inside global addresses
2. Router applies criteria to determine if NAT should be applied
3. If it should be applied, add entry to NAT table
4. Translate source IP address and forward the packet
*Dynamic mappings cleared out after set timeout expires with no activity, or you can use the command: clear ip nat translation * command

Port Address Translation (PAT)
Allows more internal IP addresses than there are Outside IP addresses. Without PAT, Nat only supports internally the number available externally.
-> If just NAT used, and all IPs already assigned, discard packet. User must try again until a NAT entry becomes available
Overloading NAT with PAT
Allows scaling to support many client machines, and access to the internet with only a few public addresses.
* NAT table retains internal IP and port, and translates to global IP and port.
* Since port field is 16 bits, support more than 65,000 port numbers
* Can also translate overlapped/inappropriately assigned network numbers.
* Must translate both source and destination if used

NAT Configuration

ip nat [inside | outside]
ip nat inside source
ip nat outside source
ip nat inside destination list
ip nat pool
ip nat inside source list

Command Description
show ip nat statistics Lists counters for packets and NAT table entries
show ip nat translations Displays the NAT table
clear ip nat translation Clears some/all of the dynamic entries
debug ip nat Issues a log message describing each packet whose IP address is translated with NAT

Assume Router NAT performs the translation:
config tnterface FastEthernet 0/0
ip address [address][mask]
ip nat inside

interface Serial 0/0
ip address [address][mask]
ip nat outside

ip nat inside source static
ip nat inside source static

show ip nat translations  Displays inside global/inside local IP addresses
show ip nat statistics  Displays total active translations, outside/inside interfaces

Dynamic NAT Configuration

Each interface still needs to be designated as either inside or outside, but static entries no longer needed.

ip nat pool [pool name] [start address] [end address] netmask [subnet mask]
ip nat inside source list [ACL #] pool [pool name]

To configure NAT overloading:

ip nat inside source list [list #] interface serial 0/0 overload

Misc TCP/IP Topics

ICMP: Provides a variety of information about network’s health and operational status.

  • Actual messages sit inside IP packet.
  • Echo request/echo reply sent and received by ping command
  • (Refer to Ultimate CCNA INTRO Guide for additional information)

IOS trace command uses Time to Live (TTL) and the Time Exceeded messages.

  • Sets TTL to 1, so next hop sets it to 0 and replies with time exceeded. This is how trace learns, or "traces", the route. Next packet sent, increment the TTL to learn the next hop.

Redirect ICMP Message: If default route exists, but is later discovered to have a better route, router will send a redirect message to the host to tell it to use the better route. The host can either accept the better route or disregard it.

Secondary Addressing

If running out of subnets/addresses, you have the ability to use multiple subnets of the same interface in order to increase the number of supported devices on that subnet/segment.

If you were to issue a show running-config command:

ip address secondary

ip address


FTP establishes connection on port 21, transfers data on port 20.
* Uses TCP
* Transfer includes any get/put command.

TFTP uses small amount of memory and takes little time to load.
* Use UDP.
* Uses application layer recovery.

MTU and Fragmentation

TCP defines maximum length for IP packet (Maximum Transmission Unit, or MTU)
* Varies based on configuration and the interface’s characteristics.
* By default, calculates based on max size of the data portion of the L2 frame
* 1500 for Ethernet interfaces
* If packet larger than allowed MTU, fragments packet into smaller pieces
* IP header contains fields that aid in reassembling the packet
* To change, can use mtu interface subcommand or ip mtu
* mtu sets the MTU regardless of L3 protocol
* ip mtu command takes precedence if both used, unless mtu command set after ip mtu is (in which case ip mtu resets to current settings)

ISL and 802.1q Configuration

Use multiple logical subinterfaces on 1 physical interface that connects the router to the switch.

interface fastethernet 0.[subinterface]
ip address [address] [subnet]
encapsulation isl [VLAN ID]

(note that this uses native vlan, in which no VLAN ID is used on a certain trunk, which by default is VLAN 1)

interface fastethernet 0
ip address [address][subnet mask]

interface fastethernet 0.2
ip address [address][subnet mask]
encapsulation dot1q [VLAN ID]

<<                              Table Of Contents                               Next Page>>>

Top 5 Contributors to this article

UsersArticle Contributions
james 6 contribs

Home  |  Site Map  |  Contact
Copyright © 2005-2014 - Privacy & Terms