How can we connect to Cisco router and switch using telnet.

Hello all,

Telnet is an application layer protocol. and It needs a Telnet server(in application layer) running on remote port. and a telnet client(also in application layer) connects to the server.

Switch is in layer 2. and router is in layer 3. We can connect to both switch and router using Telnet. implies there is a TELNET server running running in switch and router (by default on port 23).
1. how can an application layer program run in layer2 & 3 ?
2. The concept of PORT (telnet = 23) is in computers only. Then on which port does this telnet server running because there is no concept of ports in ROUTERS & switches ?

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

KishoreKumar

It is reasonable that ROUTER has an IP address because it operates in NETWORK layer.
But switch operates in datalink layer. Then how come it has logical IP address?

gojericho0

The telnet application is not being run at layer 2 and 3. Lets assume your setup looks like this:

PC -> Router

The PC will launch the telnet client. In order to send information to the router you will need the IP address (layer 3) of the Router. That information will then be encapsulated around the telnet applicaiton

[IP][Data (Telnet App)]

With the IP you now have the logical address of the Router, but you will need the MAC (layer 2) in order to communicate to the Routers NIC card. Once you know the MAC address that will encapsulate the IP address and Telnet application.

[MAC Address][Data]

This frame will then be sent on the wire to the router. The router will see the MAC address and realize that packet is trying to access its mac address. The router will then stip the MAC address of and check the IP address

[IP Address][Data]

The router will once again see the IP address of the packet is the same as the routers IP address so it strips the IP address off and finds the telnet application

[Telnet]

The router has a telnet server running (application) that accepts communications on port 23. Ports are used to allow an specific application to talk to an IP address. There can be many different ports assigned to an IP address therefore many applications can be used at once

darkuser

the switch usually has a"vlan1" interface.

once you apply a layer3 address to it viola !!!!

lildeezul

I take a stab at this one.

You are correct Switches do operate at the layer 2 ( data link layer).

But switches have what is called a managment vlan, or defualt vlan. Every port on the switch are in the defualt vlan, unless someone else configured a new vlan.

but you assing logical ip adress to the switch vlan, not each and every single ethernet port.

For instance, A 2950-12 has 12 fast ethernet ports.
all 12 ports are in vlan1 (defualt)

when you assign an ip address you configure it like this.

config# int vlan1
config-if# ip address 192.168.10.1 255.255.255.0

( or whatever ip address you want)

this assign ip address to the vlan1 ( all 12 ports by defualt)

so when connected to the port 1, or port 2, or port 3, or ect.
the switch port ip address is that of its vlan, ( 192.168.10.1)

hope this clear things up.

You assign ip address to vlans, not indvidual ports.

mikearama

jericho / dark / deezul... are you guys all sitting in cubicles next to each other? *W*

Looks like you guys all said: "on your mark, get set... post!"

3 correct answers in the span of 3 minutes. Jericho Wins!!! Dark, for the shortest answer, you took second. You type with one finger?

KishoreKumar

lildeezul wrote:

so when connected to the port 1, or port 2, or port 3, or ect.
the switch port ip address is that of its vlan, ( 192.168.10.1)

hope this clear things up.

You assign ip address to vlans, not indvidual ports.

This is fine. I'm not saying we can assign one IP to each port. My doubt is how can we assign an IP to a switch. Logical IP is the concept that comes in the layer3. and Switch is in L2. So, It should be dumb and should not understand anything other than MAC address.

tiersten

KishoreKumar wrote:

It should be dumb and should not understand anything other than MAC address.

A basic unmanaged switch will do what you expect.

gojericho0

A layer2 switch will only look at layer2 traffic that transverses it. Meaning if host A is communicating to host B with a switch in between. This layer 2 switch will only look at layer 2 headers (Data Link Header) and not see any higher layers of the IP stack.

Now the switch itself can still have applications, ip address configured to itself in order to manage the switch through telnet

The difference is the first example is passive traffic (not destined for switch). This is why a switch can be considered a layer 2 device.

The second example is when you are communicating directly to the switch. If it did not have higher layers you would never be able to manage your switch through a network using applications like telnet

mikearama

KishoreKumar wrote:

It should be dumb and should not understand anything other than MAC address.

Hey, I've got a D-Link 8-port switch like that. You can have it.

Okay, so from a switching standpoint, you are absolutely correct... a switch cares nothing about layer 3 information.

As has been clearly explained, however, current switches have had the benefit of a "network card" built into them. They're still not layer 3 devices, they just have the ability to carry an IP address now. Note, they're still not layer 3 devices. (Gettin it?) Being able to manage a switch by IP does NOT make it into a router. (Clear?) From a functional standpoint, everything is layer 2, and from clients, it does only understand MAC addresses... you can just reach it now by telnet/icmp. (Phew!)

Mike

KishoreKumar

gojericho0 wrote:

[IP][Data (Telnet App)]
[MAC Address][Data]
sending frames.....

absolutely fine.

gojericho0 wrote:

1. The router will then stip the MAC address.
[IP Address][Data (Telnet App)]
2. The router will identify IP. and then strip it also.
leaving [Data (Telnet App)]
3. we are left with TELNET Data.

fine till here.

Now you said

gojericho0 wrote:

The router has a telnet server running (application) that accepts communications on port 23.

NO, ROUTER can operate till layer 3 only.It can understand only L1,L2 & L3. Then How can we have a telnet server (application layer) running on port 23( transport layer)?

mikearama

KishoreKumar wrote:

gojericho0 wrote:

The router has a telnet server running (application) that accepts communications on port 23.

NO, ROUTER can operate till layer 3 only.It can understand only L1,L2 & L3. Then How can we have a telnet server (application layer) running on port 23( transport layer)?

Ah, I see where you're going with this.

Here's where you're going astray:

Let's concede that a router can only "route" based on L1 to L3 (well, L3 for certain... let's just ignore L1 and L2 for now). HOWEVER, routers are capable of running applications.

Telnet, DHCP, IOS, HTTP, NTP, FTP... just to name a few.

So don't let it cause you grief that you can telnet to a router... it'll still only route based on L3, but they are capable of so much more.

Mike

Sepiraph

KishoreKumar wrote: »

Hello all,

Telnet is an application layer protocol. and It needs a Telnet server(in application layer) running on remote port. and a telnet client(also in application layer) connects to the server.

Switch is in layer 2. and router is in layer 3. We can connect to both switch and router using Telnet. implies there is a TELNET server running running in switch and router (by default on port 23).
1. how can an application layer program run in layer2 & 3 ?
2. The concept of PORT (telnet = 23) is in computers only. Then on which port does this telnet server running because there is no concept of ports in ROUTERS & switches ?

The answer you can looking for is because of the Management VLAN

The management VLAN is used to establish an IP connection to the switch from a workstation connected to a port in the VLAN. This connection supports a VSM, SNMP, and Telnet session. By default, the active management VLAN is VLAN 1, but you can designate any VLAN as the management VLAN using the Management VLAN window. Only one management VLAN can be active at a time.

If you have access to a non-L3 switch, you can test this by creating another vlan and assign an ip address to it, do "no shut", then do "sh ip int bri", you'll see that it is up/down.