Standards and Functions
Routing Operations
Section titled “Routing Operations”Default Route
Section titled “Default Route”A default route is the interface through which the router forwards a packet containing a destination IP network address that is not in the routing table of the router.
Host Determination
Section titled “Host Determination”Prior to sending a packet a host will evaluate whether the destination address for a packet is within the same network as itself (by using the subnet mask).
Where a host using the subnet mask determines a destination IP in the same network:
- Packet Encapsulation includes the source IP Address and Destination IP Address
- Host evaluates it’s internal ARP table to determine whether an ARP request is required to determine the destination MAC address
- Frame is encapsulated to include the source MAC address and derived MAC address from the ARP table for destination.
Where a host using the subnet mask determines a destination IP in a different network:
- Packet encapsulation includes the source IP address and Destination IP Address
- Host evaluates it’s configuration to ensure the default gateway is configured
- Host evaluates it’s internal ARP table to determine whether an ARP request is required to determine the default gateway MAC address
- Frame is encapsulated to include the source MAC address and the default gateway MAC address from the ARP table.
Route Determination (Router Forwarding)
Section titled “Route Determination (Router Forwarding)”When a router receives a frame:
- Decapsulation: The router strips the Layer 2 (MAC) header to access the Layer 3 IP packet.
- Layer 3 Immutability: The Source IP and Destination IP addresses remain immutable (unless Network Address Translation (NAT) is involved).
- Route Look-up: The router checks its internal Routing Table to find the longest prefix match for the destination IP address. This determines the exit interface and the next-hop IP address.
- Next-Hop MAC Resolution: The router checks its ARP cache for the next-hop IP address to find the corresponding next-hop MAC address. If not found, it performs an ARP request.
- Re-encapsulation: The router adds a new Layer 2 frame header with:
- Source MAC: The MAC address of the exit interface.
- Destination MAC: The next-hop MAC address.
- Forwarding: The router sends the new frame out the designated exit interface.
Routing Table Lookup Priority
Section titled “Routing Table Lookup Priority”When multiple routes match a destination:
- Longest prefix match wins (most specific route)
- Example: 192.168.1.0/25 is preferred over 192.168.1.0/24
- If prefix lengths are equal, Administrative Distance (AD) determines preference:
| Route Source | AD Value |
|---|---|
| Directly Connected | 0 |
| Static Route | 1 |
| EIGRP Summary | 5 |
| eBGP | 20 |
| EIGRP (internal) | 90 |
| IGRP | 100 |
| OSPF | 110 |
| IS-IS | 115 |
| RIP | 120 |
| EIGRP (external) | 170 |
| iBGP | 200 |
- If AD is equal, use metric (protocol-specific)
Layer 2 Switch Operations
Section titled “Layer 2 Switch Operations”EtherChannel
Section titled “EtherChannel”EtherChannel is used when you are working with switches which require a aggregate and redundant links which in a normal circumstance would create a loop and in an STP scenario cause an election issue. With EtherChannel you are able to not only have redundancy but also split traffic between two links effectively doubling the bandwidth of traffic between links (assuming both channels are running at the same speed).
PAgP (Port Aggregation Protocol): Cisco proprietary
desirable: Actively negotiatesauto: Passively waits for negotiation
LACP (Link Aggregation Control Protocol): IEEE 802.3ad standard (vendor-neutral)
active: Actively negotiatespassive: Passively waits for negotiation- Static (on mode): No negotiation protocol, both sides must be set to
on
EtherChannel Requirements
Section titled “EtherChannel Requirements”- EtherChannels act as one logical interface
- EtherChannels can be
- manually set or alternatively
- Using a protocol like PAgP or LACP to negotiate the requirements.
- EtherChannels require both ports to have:
- the same duplex
- speed
- Access ports or Trunk Ports (Usually would be trunk) -
- Access ports need to be on the same vlans.
- Trunk ports need to have the same allowed vlans and same native vlan
- Same STP Interface Settings
Configuration
Section titled “Configuration”Configuration is important to avoid switching loops. When configuring remember:
on/on- Static EtherChannel (no negotiation protocol)desirable/desirable- PAgP: Both actively negotiatedesirable/auto- PAgP: One actively negotiates, one passively respondsactive/active- LACP: Both actively negotiateactive/passive- LACP: One actively negotiates, one passively respondsonwith ANY protocol mode (auto/desirable/active/passive) - WILL NOT FORM (mismatched configuration)
EtherChannel Load Balancing
Section titled “EtherChannel Load Balancing”Traffic is distributed across member links based on:
- src-mac - Source MAC address
- dst-mac - Destination MAC address
- src-dst-mac - Both source and destination MAC (most common)
- src-ip - Source IP address
- dst-ip - Destination IP address
- src-dst-ip - Both source and destination IP
Note: The hashing algorithm ensures flows stay on the same link to prevent packet reordering.
General
Section titled “General”A Layer 2 switch handles the forwarding of Frames based on the Source and Destination MAC Addresses. This process is independent of ARP but helps facilitate it.
- MAC Learning: A switch builds a MAC Address Table (CAM table) by inspecting the source MAC address of every frame it receives and recording which port that address came from.
- Forwarding:
- If the switch knows the port for the destination MAC address, it unicasts the frame only out that specific port.
- If the switch does not know the port for the destination MAC address (e.g., during the initial ARP Request broadcast), it floods the frame out all ports except the one it was received on. This flooding allows the broadcast to reach all devices on the segment.
2.4 GHz Band:
- Channels 1-14 available (channel 14 restricted in most countries)
- Only 3 non-overlapping channels: 1, 6, 11
- More prone to interference (microwaves, Bluetooth, cordless phones)
5 GHz Band:
- 24+ non-overlapping channels (varies by regulatory domain)
- Less interference
- Shorter range than 2.4 GHz
- Better for high-bandwidth applications
802.11b
Section titled “802.11b”- up to 11Mbps (typically 5-6Mbps)
- 100-150 feet range
- 2.4ghz
- interference prone
802.11a
Section titled “802.11a”- Up to 54Mbps (typically 15-20 Mbps)
- 50-75 feet range
- More expensive
- 5ghz
- not compatible with b
802.11g
Section titled “802.11g”- 54 Mbps speed
- compatible with b
- 100-150 feet range
- 2.4ghz
802.11n (Wi-Fi 4)
Section titled “802.11n (Wi-Fi 4)”- Up to 600 Mbps (with 4 spatial streams)
- 2.4 GHz and/or 5 GHz (dual-band capable)
- 230 feet range (70m indoor)
- MIMO technology
- Backward compatible with a/b/g
802.11ac (Wi-Fi 5)
Section titled “802.11ac (Wi-Fi 5)”- Up to 1.3 Gbps (Wave 1) or 6.9 Gbps (Wave 2)
- 5 GHz only
- MU-MIMO technology
- Beamforming
- Wider channels (80 MHz, 160 MHz)
802.11ax (Wi-Fi 6)
Section titled “802.11ax (Wi-Fi 6)”- Up to 9.6 Gbps theoretical
- 2.4 GHz and 5 GHz
- OFDMA (Orthogonal Frequency Division Multiple Access) for better efficiency
- Target Wake Time (TWT) for IoT battery life
- Better performance in dense/congested environments
- Backward compatible with previous standards
NAT Network Address Translation
Section titled “NAT Network Address Translation”Network Address Translation (NAT) translates IP addresses between a private network and a public network (the Internet). This translation is performed by a router which maintains a translation table of private-to-public address mappings.
-
Outgoing Traffic: When a packet leaves the private network and is destined for the public Internet, the router converts the packet’s private source IP address and port number to a registered public IP address and a new port number, which it records in the table.
-
Return Traffic: When the reply packet returns to the router, the router looks up the public destination address and port in its table and translates it back to the original private IP address and port number before forwarding it to the internal host.
The most common form, Port Address Translation (PAT), conserves public IP addresses by allowing thousands of internal hosts to share a single public IP address using unique port numbers.
NAT Types
Section titled “NAT Types”Static NAT: One-to-one mapping between private and public IP addresses. Used for servers that need consistent external addresses.
Dynamic NAT: Maps private addresses to a pool of public addresses on a first-come, first-served basis.
PAT (Port Address Translation / NAT Overload): The most common form. Allows thousands of internal hosts to share a single public IP address using unique port numbers. This is what most home/small office routers use.