IPV4 Subnetting Tips

It always takes a bit to get your head around subnetting for the first time, and even more to answer the exam questions they give as they often are designed to trick you.

For random IPV4 subnetting questions to hone your skills, I suggest you bookmark:

http://www.subnettingquestions.com/

Memorizing the tables help immensely,  although at first appearance they appear daunting.

/24	8	255.255.255.0	256 = 28	Large LAN
/25	7	255.255.255.128	128 = 27	Large LAN
/26	6	255.255.255.192	64 = 26	Small LAN
/27	5	255.255.255.224	32 = 25	Small LAN
/28	4	255.255.255.240	16 = 24	Small LAN
/29	3	255.255.255.248	8 = 23	Smallest multi-host network
/30	2	255.255.255.252	4 = 22	"Glue network" (point to point links)
/31	1	255.255.255.254	2 = 21	Point to point links (RFC 3021)
/32	0	255.255.255.255	1 = 20	Host route

TIPS:

Remember the binary number doubles for each bit.  2, 4, 8, 16, 32, 64, 128, 256 etc

Also remember 8, 16, 24, 32 for the 8 bit block sizes. 

To find the block size, find the first octet that is not 255, then subtract it from 256... eg subnet mask of 255.255.255.224 ...256 - 224 = block size of 32 

Subtract 2 from the block size to get the number of hosts eg 32 - 2 = 30 host IP.
(network and broadcast addresses cannot be used for user IP)

For the slash format, eg /27 subtract 27 from 32 to give a remainder of 5
Then if we count up 5 times doubling, 2, 4, 8, 16, 32 we get to the same block size of 32.

We also see that 224 is equal to 3 subnet bits taken from the octet ( 11100000) in a C class subnet, this will equal 8 subnets (allowing for subnet zero) 1, 2, 4 = 7+1 = 8 subnets.


Some providers have questions relating to old routing kit that did not allow the use of the all "1" subnet or all the "0" subnet (known as 'subnet zero').On all new Cisco routers, the number of subnets is calculated using the formula of 2^n by default. However, for legacy routers network engineers use 2^n - 2 to comply with the almost obsolete RFC 1878 standard. 

Some text books and courses that relate to old routing equipment also refer to the old formula as do some Microsoft Learning courses. If you're planning to take a non-Cisco exam that involves subnetting you should make sure you understand the 'subnet zero' concept' and check what is considered the default correct formula by your examining board

Once you get the patterns 2, 4, 8, 16, 32, 64, 128, 256, 512, 1024, 2048, etc and the masks 255, 254, 252, 248, 240, 224, 192, 128 burnt in it will become way easier :-)

Random Cisco based networking questions - CCNA - Part 7

Here is another set of network based questions and answers to get the grey matter ticking.. have fun :-)




1. STP will work on which of the following devices?

A) Hub
B) Router
C) Switch
D) Repeater

2. What command would you use copy the current configuration to a TFTP host?

A) copy flash tftp
B) copy run tftp
C) copy tftp flash
D) copy nvram tftp

3. You are designing a subnet mask for the 172.22.0.0 network. You want 11 subnets with up to 3300 hosts on each subnet. What subnet mask should you use?

4. What would you do if you're locked out of a router because you forgot the password?

A) Call Cisco support
B) Issue the show run command to view the password
C) Perform the password recovery procedure
D) Press the reset button on the back of the router
5. What does Serial 0 is up, line protocol is down indicate?

A) Keepalive or framing issue
B) Carrier detect is not present
C) The interface is shutdown
D) The interface is functioning correctly

6. With full-duplex Ethernet no collisions can occur.

A) True
B) False

7. How would you disable CDP on a Cisco router or switch?

A) disable cdp
B) shutdown cdp
C) no cdp enable
D) no cdp run
E) You cannot disable CDP

8. What type of ACL is this and what is it performing?

Router(config)#access-list 150 deny tcp any host 172.32.14.2 eq 25

A) Standard ACL, deny all SMTP traffic to host 172.32.14.2
B) Standard ACL, deny all Telnet traffic to host 172.32.14.2
C) Extended ACL, deny all SMTP traffic to host 172.32.14.2
D) Extended ACL, deny all Telnet traffic to host 172.32.14.2
E) Named ACL, deny all SMTP traffic to host 172.32.14.2
9. What does the trace response N mean?

A) Network unreachable
B) Not forwarded due to ACL restriction
C) Protocol unreachable
D) Port could not be reached

10. What is the maximum size of an Ethernet packet when the frames have ISL tagging?(Include the size of headers and CRC)

A: 64 bytes
B: 1500 bytes
C: 1518 bytes
D: 1522 bytes
E: 1548 bytes













1. Correct Answer C 

The Spanning Tree Protocol (STP) is a Data Link layer protocol that ensures a loop-free topology for a bridged LAN. 

Therefore STP will only operate on layer 2 devices such as bridges and switches.

2. Correct Answer B

The current configuration is known as the running-configuration (or 'run' for short). The copy command is in the format "copy " therefore copy from run to the tftp host (i.e. copy run tftp).

3. Correct Answer 255.255.240.0

4. Correct Answer C

To reset the password on a router interrupt the boot sequence, change the configuration register, reboot, copy startup-config to running-config and change the password.  Then reset the configuration register.

5. Correct Answer A

The various states of an interface:

Serial0 is up, line protocol is up - The interface is functioning correctly.

Serial0 is down, line protocol is down - This message usually represents a physical interface problem. The cable may be disconnected. This can also occur if this interface is connected to another router whose interface has been shutdown.

Serial0 is up, line protocol is down - The Physical layer connectivity is not the issue. The line protocol being down is either a clocking issue (keepalives) or a mismatch of the frame types being used on connected devices.

Serial0 is administratively down, line protocol is down - The interface has been manually shutdown using the shutdown command.

6. Correct Answer A

http://en.wikipedia.org/wiki/Full-duplex_Ethernet

7. Correct Answer D

To turn off CDP use the no cdp run command from the global configuration mode.

8. Correct Answer C

Router(config)#access-list 150 deny tcp any host 172.32.14.2 eq 25

Port 25 is SMTP. This extended ACL denies traffic from any source to host 172.32.14.2.

9. Correct Answer A

Cisco Trace Command Response Codes

Response Meaning
 * Timed out
 !H router received packet but did not forward it
 N network unreachable
 P protocol unreachable
 U port unreachable

10. Correct Answer: E

Cisco's proprietary VLAN tagging (ISL) has a maximum frame size of 1548 bytes.
IEEE 802.1q VLAN tagging has a maximum frame size of 1522 bytes.

Stay tuned more to come - have a great day.

I remind myself every morning: Nothing I say this day will teach me anything. 

So if I'm going to learn, I must do it by listening.
Larry King

Random Cisco based networking questions - CCNA - Part 4

Welcome to part 4 of the random networking questions (Cisco based) series.  This set has a few extra spanning tree questions with detailed explanations, have fun :-)


1. What is the default time Bridge Protocol Data Units (BPDUs)  are sent and received by switches?

A) 2 seconds
B) 10 seconds
C) 30 seconds
D) 60 seconds

2. What does the following statement do?

Switch(config-if)#spanning-tree portfast disable

A) Disables spanning-tree on the switch port
B) Disable spanning tree on the switch
C) Changes the spanning-tree switch to portfast mode

3. What determines network addresses (IP) when data link addresses (MAC) are known?

A) Ping
B) ICMP
C) ARP
D) RARP

4. The Cisco Spanning Tree protocol is compatible with IEEE 802.1d?

A) True
B) False

5. What type of switch port can belong to multiple VLANS?

A) Access port
B) Trunk port
C) Voice access port
D) No port can belong to multiple VLANs

6.What will be the IP address of the second subnet given the following?

172.16.0.0 255.255.224.0 (Assume ip subnet-zero is enabled)

A.) 172.16.0.0
B.) 172.16.8.0
C.) 172.16.16.0
D.) 172.16.32.0
E.) 172.16.64.0

Speaking of IP, I sometimes use a simple little site that gives you your own IP and other internet connectivity details   - IP Chicken - handy link  :-)

1. Answer A

http://en.wikipedia.org/wiki/Spanning_tree_protocol#Bridge_Protocol_Data_Units_.28BPDUs.29

Bridge Protocol Data Units (BPDUs) frames are sent out as multicast messages regularly at multicast destination MAC address 01:80:c2:00:00:00. When Bridge Protocol Data Units (BPDUs) are received, the Switch uses a mathematical formula called the Spanning Tree Algorithm (STA) to know when there is a Layer 2 Switch loop in network and determines which of the redundant ports needs to be shut down.

Three types of Bridge Protocol Data Units (BPDUs) are Configuration BPDU (CBPDU), Topology Change Notification (TCN) BPDU and Topology Change Notification Acknowledgment (TCA).

2.  Answer A

The time Spanning Tree Protocol (STP) takes to transition ports over to the Forwarding state can cause problems. PortFast is a Cisco network function which can be configured to resolve this problem by disabling STP from the switchport, thus making it come up quicker.

3. Answer D

Reverse Address Resolution Protocol (RARP) is used by a host computer to request its IPv4 address from an administrative host (DHCP server), it provides the server with its hardware address (MAC address).

http://en.wikipedia.org/wiki/Reverse_Address_Resolution_Protocol


NOTE: Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that automatically provides an Internet Protocol (IP) host with its IP address and other related configuration information such as the subnet mask and default gateway.

4.  Answer B

The original Spanning-Tree protocol was created by Digital Equipment Corporation (DEC) which is now part of Compaq. The IEEE created its own version called IEEE 802.1d which is not compatible with the original version.

Cisco enhanced the original 802.1d specification with features such as Uplink Fast, Backbone Fast, and Port Fast to speed up the convergence time of a bridged network. However these new features are proprietary, and can only be configured on Cisco switches.

5. Answer B

Ethernet interfaces can be configured either as access ports or trunk ports. Trunks carry the traffic of multiple VLANs over a single link and allow you to extend VLANs across the network.

http://en.wikipedia.org/wiki/Virtual_LAN

6. Answer D 

The subnet block size is 256 - 224 = 32
The first subnet will be subnet zero 172.16.0.0
The second subnet will be 172.16.32.0

How did you go? I find a quick review of the questions and answers helps cement the basics and refresh the memory  - I hope these help, stay tuned for more...

The secret of life is not to do what you like but to like what you do.
By: Anonymous

Subnets and subnet masks

One of the most complex tasks TCP/IP has to perform is to determine whether or not a given IP address exists on the same subnet. The task isn’t really that complicated once you understand how TCP/IP uses its IP address and subnet mask, here's a very basic rundown.

An IP address looks something like this: 192.168.10.52. IP addresses always contain four numbers from 0–255, separated by periods. A portion of the IP address is called the network ID and acts as a unique identifier for a particular subnet.

The rest of the IP address is called the host ID and identifies a particular computer or network device on that subnet uniquely. How can you tell which part of the IP address is which? By using the subnet mask. A subnet mask looks a lot like an IP address, with four groups of numbers: 255.255.255.0. Remember, computers are binary machines that can understand only in zeros and ones. For the subnet mask to make sense, you have to translate it and the IP address into binary.
 

TIP: You can switch the Windows Calculator into Scientific view, which enables you to convert numbers from decimal to binary.


Convert all the four groups (octets) of numbers into binary code. For example, an IP address of 192.168.10.41 and a subnet mask of 255.255.255.0 look like this in binary:


Address or Mask 1st octet 2nd octet 3rd octet 4th octet

192.168.10.41 11000000 10101000 00001010 00101001

255.255.255.0 11111111 11111111 11111111 00000000



Everyplace you see a “1” in the subnet mask corresponds to the portion of the IP address that is the network ID. Everyplace you see a “0” in the subnet mask corresponds

to the portion of the IP address that is the host ID. Here, the network ID is 192.168.10, and the host ID is 41.TCP/IP treats everything with an IP address that starts with 192.168.10 as if it were on the same subnet. Any IP address that starts with something other than 192.168.10 is treated as if it existed on another subnet. 

 
Basic TCP/IP Services

A number of the protocols in the TCP/IP suite are considered core protocols, which means they are usually present on any network that uses TCP/IP. The core protocols provide basic services that no network can do without. These services include

_ Data transmission. Is handled by more than one protocol: the User Datagram Protocol (UDP) and the Transport Control Protocol (TCP). Computers use UDP when they need to send a small packet of data and don’t care if the remote computer actually receives the data. Computers use TCP when loads of data needs to be transmitted because TCP allows the remote computer to reply, confirming its receipt of the data.

_ Name resolution. Provided by the Domain Name System, or DNS, protocol. DNS enables people to use easy-to-remember names like www.microsoft.com and allows computers to translate those names to numeric IP addresses.

_ Windows Internet Name System (WINS). Prior versions of Windows also use WINS to convert computer names into IP addresses. Windows Server 2003 is compatible with WINS.


   “ We keep moving forward, opening new doors, and doing new things, because we're curious and curiosity keeps leading us down new paths.”

― Walt Disney
 
References:
Sybex(2003): Mastering Windows Server 2003

More Networking Questions

Five more questions to get the brain thinking again for networking. A mix of all sorts with the answers below - no cheating :-).

 1. What is required for VTP to communicate VLAN information between switches?

A) VTP domain must be identical on all switches
B) One switch needs to be a VTP server
C) A router is required
D) Both A and B are correct
E) None of the above

 2. What is the numerical value of the Bridge Priority held by Cisco Catalyst switches?

A) 32500
B) 32768
C) 100
D) 1024
E) 32700
3. What is the function of asymmetric switching?

A) To prioritise bandwidth to nodes that need it
B) To prevent bottlenecks on the port a server is connected to
C) To allow RAS clients to connect to the network

 4. What IOS command would you issue in privileged-mode to change the router configuration stored on TFTP?

A) config t
B) config mem
C) config net
D) config tftp
5. Where would you place more specific tests in your access list?

A) At the top
B) At the bottom
C) Placement doesn't matter

-->

Clickbank Products

1. Correct Answer: D

Explanation: VTP requires the following to communicate VLAN information between switches.  The VTP domain must be identical on all switches and one switch needs to be a VTP server.

2. Correct Answer: B

Explanation: The Bridge Priority is the numerical value held by switches. All Catalyst switches have a default priority of 32768. To determine the root bridge you combine the priority of each bridge with its MAC. If two switches have the same priority value the lowest MAC address becomes the root bridge.

3. Correct Answer: B

Explanation: An asymmetric switch provides switched connections between ports of different bandwidths. Asymmetric switching is optimized for client-server traffic where multiple clients simultaneously communicate with a server, requiring more bandwidth dedicated to the server port to prevent a bottleneck at that port.

4. Correct Answer: C

Explanation: To change the router configuration stored on TFTP you use configure network (config net)

5. Correct Answer: A

Explanation: Always organise your access lists so the more specific tests are at the top.

How did you go? More to come next week.

CCNA Example Questions Part 1

And now for something different.  Below are 5 random questions that are typically found in Cisco CCNA (Cisco Certified Network Associate) accreditation exams.  Answers at the bottom of the post.

1. What is port 53 used for?

A.) FTP data
B.) FTP program
C.) Telnet
D.) DNS
E.) TFTP

2. What layer of the OSI Reference Model sends and receives bits and specifies the electrical, mechanical, procedural and functional requirements for maintaining a physical link between end systems?

A.) Session
B.) Transport
C.) Network
D.) Data Link
E.) Physical

3. Each port on a switch is a separate broadcast domain?

A.) True
B.) False

4, What would happen if you put the following ACL on an interface?

access-list 1 deny 172.168.0.1
access-list 1 deny 192.5.2.1

A.) All traffic from 172.168.0.1 and 192.5.2.1 would be denied
B.) All traffic would be denied
C.) Nothing
D.) These are not Cisco IOS ACL commands

5. What is the length of the MAC address in bits?

A.) 32 bits
B.) 48 bits
C.) 12 bits
D.) 80 bits

1 minutes explanation of IP address and subnet mask

=================================================================

1. Answer D  DNS uses port 53

2. Answer E  Physical layer

3. Answer B  Switches form individual collision domains but a single broadcast domain

4. Answer B  An access list has an explicit deny all statement at the bottom, to prevent this the general catch all statement access-list 1 permit any  is used at the end of the list.

5. Answer B A MAC address is 48 bits represented as 12 Hexadecimal characters.

How did you go? More questions will be published at random :-)