CYBRARY STUDY GUIDE
Prepare Yourself to Pass the CCNA Exam
Although it is well known that the Cisco CCNA exam will include routing simulation, much of the exam is dedicated to question and answer. The contents of this study guide are designed to help you prepare for the questions you will see on the exam. Given that the CCNA is a VERY difficult exam, it is highly recommended that in order to best prepare for it, you complete our CCNA course, and then review all of the material within this study guide.
If you're in need of a comprehensive study guide to help you pass the CCNA exam, you're in luck. This free resource contains all of the reference models, objectives and definitions you'll need to know in order to earn your CCNA certification. Start reviewing for your exam today with our CCNA exam study guide or learn more with our CCNA course.
The OSI Reference Model
Using the OSI model to discuss networking concepts has the following advantages:
- Provides a common language or reference point between network professionals
- Divides networking tasks into logical layers for easier comprehension
- Allows specialization of features at different levels
- Aids in troubleshooting
- Promotes standards of interoperability between networks and devices
- Provides modularity in networking features (developers can change features without changing the entire approach)
Functions Performed at Each OSI Model Layer
The following table compares the functions performed at each OSI model layer:
Application (Layer 7)
The Application layer integrates network functionality into the host operating system, and enables network services.
- Protocols: HTTP, Telnet , FTP, TFTP, SNMP, DNS, DHCP, SMTP
- PDU: Data
- Devices: Computers / User Interface
Presentation (Layer 6)
The Presentation layer formats or “presents” data into a compatible form. Presentation layer ensures:
- Formatting and translation of data between systems.
- Negotiation of data transfer syntax between systems, through converting character sets to the correct format.
- Encapsulation of data into message envelopes by encryption and compression.
- Restoration of data by decryption and decompression.
- Protocols: SSL, TLS, JPEG, TIFF
- PDU: Data
Session (Layer 5)
The Session layer’s primary function is managing the sessions in which data is transferred. Functions at this layer include:
- Management of multiple sessions (each client connection is called a session). A server can concurrently maintain thousands of sessions.
- Assignment of the session ID number to each session to keep data streams separate.
- Set up, maintain, and tear down communication sessions.
- Protocols: TCP
- PDU: Data
Transport (Layer 4)
Transport layer functions include:
- End-to-end flow control.
- Port and socket numbers.
- Segmentation, sequencing, and combination.
- Connection services, either reliable (connection-oriented) or unreliable (connectionless) delivery of data.
- Protocols: TCP, UDP
- PDU: segment (MTU 1500 bytes)
Network (Layer 3) The Network layer describes how data is routed across networks and on to the destination. Network layer functions include:
- Identifying hosts and networks using logical addresses.
- Maintaining a list of known networks and neighboring routers.
- Determining the next network point to which data should be sent. Routers use a routing protocol to take into account various factors such as the number of hops in the path, link speed, and link reliability to select the optimal path for data.
- Protocols: RIP, RIPV2, IGRP, EGP, IGP, EIGRP, OSPF, OSPFV3
- PDU: Packet Devices: routers, layer 3 switches, firewalls, brouters
Data Link (Layer 2) – Logical Link Control – Media Access Control (MAC) The Data Link layer defines the rules and procedures for hosts as they access the Physical layer. These rules and procedures specify or define:
- How hosts on the network are identified (physical or MAC address).
- How and when devices can transmit on the network medium (media access control and logical topology).
- How to verify that the data received from the Physical layer is error free (parity and CRC).
- How devices control the rate of data transmissions between hosts (flow control).
- Protocols: PPP, SLIP, L2TP, CDP
- PDU: Frame Devices: switches, nics, multilayer switch, bridges, WAPs
Physical (Layer 1) The Physical layer of the OSI model sets standards for sending and receiving electrical signals between devices. Protocols at the Physical layer identify:
- How digital data (bits) are converted to electric pulses, radio waves, or pulses of lights.
- Specifications for cables and connectors.
- The physical topology.
- Protocols: SONET, DSL, T1, Ethernet
- PDU: Bits Devices: hubs, repeaters, nics, modems, cables, cable connectors, media converters
The Three-Way Handshake
To establish a connection, TCP uses a three-way handshake. Before a client attempts to connect with a server, the server must first bind to and listen at a port to open it up for connections: To establish a connection, the three-way (or 3-step) handshake occurs:
- SYN: The active open is performed by the client sending a SYN to the server
- SYN-ACK: In response, the server replies with a SYN-ACK. Includes rules/parameters between hosts
- ACK: Finally, the client sends an ACK back to the server. Notify client that connection agreement has been accepted
Flow Control and Windowing
Flow Control: TCP users an end-to-end flow control protocol to avoid having the sender send data too fast for the TCP receiver to receive and process it reliably. For example, if a PC sends data to a Smartphone that is slowly processing received data, the Smartphones must regulate the data flow so as not to be overwhelmed. Sliding Window: uses a sliding window flow control protocol. In each TCP segment, the receiver specifies…
…the amount of received data (in bytes) that it is willing to buffer for the connection. The sending host can send only up to that amount of data before it must wait for an acknowledgment and window update from the receiving host.
Advantages and Disadvantages of Repeaters and Hubs
Advantages of Repeaters and Hubs:
- Repeaters and hubs can extend a network total distance
- Repeaters and hubs do not seriously affect network performance
- Certain repeaters can connect networks using different physical media. Disadvantages of Repeaters and Hubs:
- Repeaters and hubs cannot connect different network architectures, such as Token Ring and Ethernet.
- Repeaters and hubs do not reduce network traffic
- Repeaters and hubs do not segment the network
Advantages and Disadvantages of Bridges
Advantages of Bridges:
- Bridges can extend a network by acting as a repeater
- Bridges can reduce network traffic on a segment by subdividing network communications
- Bridges increase the available bandwidth to individual nodes because fewer nodes share a collision domain
- Bridges reduce collisions
- Some bridges connect networks using different media types and architectures. Disadvantages of Bridges:
- Because bridges do more than repeaters by viewing MAC addresses, the extra processing makes them slower than repeaters - and hubs. Bridges forward broadcast frames indiscriminately, so they do not filter broadcast traffic
- Bridges are more expensive than repeaters and hubs.
Advantages and Disadvantages of Switches
Advantages of Switches:
- Switches increase available network bandwidth
- Switches reduce the workload on individual computers
- Switches increase network performance
- Networks that include switches experience fewer frame collisions because switches create collision domains for each connection (a process called micro segmentation)
- Switches connect directly to workstations. Disadvantages of Switches:
- Switches are significantly more expensive than bridges
- Network connectivity problems can be difficult to trace through a switch
- Broadcast traffic may be troublesome.
Advantages and Disadvantages of Routers
Advantages of Routers:
- Routers can connect different network architectures, such as Ethernet and Token Ring
- Router can choose the best path across an internetwork using dynamic routing techniques
- Routers reduce network traffic by creating collision domains
- Routers reduce network traffic by creating broadcast domains Disadvantages of Routers:
- Routers are more expensive than other devices
- Dynamic router communications (inter-router communication) cause additional network overhead, which results in less bandwidth for user data.
- Routers are slower than other devices because they must analyze a data transmission from the Physical through the Network layer, whereas bridges and switches only read two layers of information: the Physical and Data Link
Collision and Broadcast Domains
Collision Domains: Only one device in the collision domain may transmit at any one time, and the other devices in the domain listen to the network in order to avoid data collisions. Each connection from a single PC to a Layer 2 switch is ONE Collision domain. For example, if 5 PCs are connected with separate cables to a switch, we have 5 Collision domains. If this switch is connected to another switch or a router, we have one collision domain more. If 5 Devices are connected to a Hub, this is ONE Collision Domain. Each device that is connected to a Layer 1 device (repeater, hub) will reside in ONE single collision domain. (shared bandwidth). Broadcast Domains: Broadcasting sends a message to everyone on the local network (subnet). No matter how many hosts or devices are connected together, if…
…they are connected with a repeater, hub, switch or bridge, all these devices are in ONE Broadcast domain. A Router is used to separate Broadcast-Domains. So, if a router stands between all these devices, we have TWO broadcast domains. An example for Broadcasting would be a DHCP Request from a Client PC. The Client is asking for a IP Address, but the client does not know how to reach the DHCP Server. So the client sends a DHCP Discover packet to EVERY PC in the local subnet (Broadcast). But only the DHCP Server will answer the Request.
CSMA-CD and CSMA-CA
CSMA-CD: (Carrier Sense Multi-Access with Collision Detection) is a media access method in which an host detects if a signal is being transmitted. If no signal is detected on the wire, then the host will transmit. There does exist the possibility that two or more hosts may sense the absence of a signal and transmit at the same time. If this happens, there is a collision. CSMA-CA: (Carrier Sense Multi-Access with Collision Avoidance) stands for…
…Collision Sense Multiple Access with Collision Avoidance. This is used for wireless media access control. It uses a send and reply like the TCP three way hand shake, RTS – request to send, and CTS – Clear to send) After each message is sent the hosts associated to the wireless access point run a randomization algorithm which sets a random priority on who gets to send next. That along with many control fields help to mitigate some of the interferences and other radio related wireless problems.
Half-Duplex vs. Full-Duplex
How does half duplex differ from full-duplex communications?
- Half-duplex communications need that each participant only transmits when the other is listening
- By using full-duplex communications, both parties can transmit simultaneously
- The benefit of full-duplex mode is less delay in transmitting a message, because a computer could receive and transmit information simultaneously
Ethernet Addressing (Mac Address)
What is Ethernet Addressing?
- Reference as Media Access Control
- Size: 48 bit hex-decimal address (6 byte)
- First set of 24 bits is considered to be the OUI (organization unique identifier)
- Second set of 24 bits is considered to be the MAC (unique per vendor) You should also know the following facts about Ethernet: The maximum cable length for UTP Ethernet “T” implementations are 100 meters for all standards. Ethernet standards support a maximum of 1024 hosts on a single subnet. 10GBase standards ending in W (i.e. 10GBaseSW) are used for SONET implementations. You may also see 10Base2 and 10Base5 Ethernet implementations, both of which are older implementations using coaxial cable. You will not be required to know these for the CCNA exam.
How to Convert Binary Numbers to Decimal Numbers
The most popular, and easiest way to convert a binary number to decimal is using a table like so:
MAGIC CHART – DECIMAL CHART 128
0 + 0 + 32 + 16 + 8 + 0 + 0 + 1 = 57 To convert a binary number to a decimal number
- Determine the decimal value for each of the bits
- Add up the bit values
- 00111001 =57
- 57 = 00111001 Checking results = you can use addition or subtraction, if you use addition please only add values that have a 1 value, if you are using subtraction – take the total value of the chart and subtract anywhere that have 0’s Bit = 0 or 1 Nibble = 4 bits = 0101, 0000, 1111 Byte = 8 bits = 1 octet = 11111111, 00000000, 10101010
Baseband vs. Broadband
The baseband transmission model differs from broadband communications in the following ways:
- The baseband transmission method uses the media in such a way that the entire capacity of the cable is taken up by a single transmission
- In broadband communications the communicators use different frequencies to separate their messages from others by using the same media at the same time
Ethernet standards are defined by the work of the IEEE 802.3 committee. The following table compares the characteristics of various Ethernet implementations.
Coaxial Cable Facts
Coaxial cable has the following advantages and disadvantages: Advantages
- Highly resistant to EMI (electromagnetic interference)
- Highly resistant to physical damage
- Inflexible construction (difficult to install)
- Unsupported by newer networking standards The table below describes the different coaxial cable grades:
Grade Uses Resistance Rating RG-58 10Base2 Ethernet networking (also called Thinnet) 50 ohms RG-59 Cable TV and cable networking 75 ohms RG-6 Cable TV, satellite TV, and cable networking RG-6 has less signal loss than RG-59, and is a better choice for networking applications, especially where longer distances (over a few feet) are involved. 75 ohms RG-8 10Base5 Ethernet networking (also called Thicknet) 50 ohms The table below describes the types of connectors used with coaxial cable.
Twisted Pair Facts
Twisted pair cables support a wide variety of fast, modern network standards. Twisted pair cabling is composed of the following components:
- PVC or plenum plastic insulation surrounds each wire. Plenum cable is fire resistant and non-toxic. It must be used when wiring above ceiling tiles. PVC cable cannot be used to wire above ceilings because it is toxic when burned.
- Twisted pair cable can be classified according to the makeup of the outer sheath:
- Shielded Twisted Pair (STP) has a grounded outer copper shield around the bundle of twisted pairs or around each pair. This provides added protection against EMI.
- Unshielded Twisted Pair (UTP) does not have a grounded outer copper shield. UTP cables are easier to work with and are less expensive than shielded cables. The table below describes the different unshielded twisted pair (UTP) cable types (categories):
Type Connector Description Phone cable RJ-11 Used to connect a PC to a phone jack in a wall outlet to establish a dial-up Internet connection. Has two pairs of twisted cable (a total of 4 wires). Cat 3 RJ-45 Designed for use with 10 megabit Ethernet or 16 megabit token ring. Cat 5 RJ-45 Supports 100 megabit Ethernet and ATM networking. Cat 5 specifications also support gigabit (1000 Mb) Ethernet. Cat 5e RJ-45 Similar to Cat 5 but provides better EMI protection. Supports 100 megabit and gigabit Ethernet. Cat 6 RJ-45 Supports 10 gigabit Ethernet and high-bandwidth, broadband communications. Cat 6 cables often include a solid plastic core that keeps the twisted pairs separated and prevents the cable from being bent too tightly. Additional standards for Cat 6 include Cat 6a (advanced) and Cat 6e (enhanced) which provide better protection against EMI. Each type of UTP cable can be substituted for any category below it, but never for a category above. For example, Cat 6 can be substituted for a task requiring Cat 5e; however, neither Cat 5 nor Cat 3 should be used for this particular task. The table below describes the two types of connectors used with twisted pair cables.
Fiber Optic Facts
Fiber Optic Facts:
To connect computers using fiber optic cables, you need two fiber strands. One strand transmits signals, and the other strand receives signals. Fiber optic cabling is composed of the following components:
- The core carries the signal. It is made of plastic or glass.
- The cladding maintains the signal in the center of the core as the cable bends.
- The sheathing protects the cladding and the core. Fiber optic cabling offers the following advantages and disadvantages:
- Totally immune to EMI (electromagnetic interference)
- Highly resistant to eavesdropping
- Supports extremely high data transmission rates
- Allows greater cable distances without a repeater
- Very expensive
- Difficult to work with
- Special training required to attach connectors to cables Multi-mode and single mode fiber cables are distinct from each other and not interchangeable. The table below describes multi-mode and single mode fiber cables. Type Description Single Mode
- Transfers data through the core using a single light ray (the ray is also called a mode)
- The core diameter is around 10 microns
- Supports a large amount of data
- Cable lengths can extend a great distance (up to 62 miles)
- Transfers data through the core using multiple light rays
- The core diameter is around 50 to 100 microns
- Cable lengths are limited in distance (14,000 – 18,000 feet)
Fiber Optic Cabling Connector Types
Fiber optic cabling uses the following connector types:
Straight-Through, Crossover and Rolled Cables
For each of the following situations, determine whether a straight-through, crossover, or rolled cable would be used:
Host to Host
Host to switch or hub
Router direct to host
Switch to switch
Router to switch or hub
Hub to hub
Hub to switch
Crossover · Host to a router console serial communication (COM) port
Data Encapsulation Steps
What are the eight steps involved with data encapsulation?
Step 1 The user data is sent from an application to the application layer. Step 2 The application layer adds the application layer header (Layer 7 header) to the user data. The Layer 7 header and the original user data become the data that is passed down to the presentation layer. Step 3 The presentation layer adds the presentation layer header (Layer 6 header) to the data. This then becomes the data that is passed down to the session layer. Step 4 The session layer adds the session layer header (Layer 5 header) to the data. This then becomes the data that is passed down to the transport layer. Step 5 The transport layer adds the transport layer header (Layer 4 header) to the data. This then becomes the data that is passed down to the network layer. Step 6 The network layer adds the network layer header (Layer 3 header) to the data. This then becomes the data that is passed down to the data link layer. Step 7 The data link layer adds the data link layer header and trailer (Layer 2 header and trailer) to the data. A Layer 2 trailer is usually the frame check sequence (FCS), which is used by the receiver to detect whether the data is in error. This then becomes the data that is passed down to the physical layer. Step 8 The physical layer then transmits the bits onto the network media.
Cisco Three-Layer Hierarchical Model
Cisco Three-Layer Hierarchical Model:
The Core Layer: The core layer provides an optimized and reliable transport structure by forwarding traffic at very high speeds. Devices at the core layer should not be burdened with any processes that stand in the way of switching packets at top speed. This includes the following:
- Access-list checking
- Data encryption
- Address translation The Distribution Layer: The distribution layer is located between the access and core layers. The purpose of this layer is to provide boundary definition using access lists and other filters to limit what gets into the core. Therefore, this layer defines policy for the network. A policy is an approach to handling certain kinds of traffic, including the following:
- Routing updates
- Route summaries
- VLAN traffic Use these policies to secure networks and to preserve resources by preventing unnecessary traffic. The Access Layer: The access layer…
…supplies traffic to the network and performs network entry control. End users access network resources by way of the access layer. Acting as the front door to a network, the access layer employs access lists designed to prevent unauthorized users from gaining entry.
The TCP/IP & DoD Model
The following table below illustrates the TCP/IP and D0D Model:
Process/Application Application Presentation Session
Internet Network Network Access Data Link Physical
All About the Application Layer Protocols
The table below illustrates the Application Layer Protocols:
Host-to-Host Layer and Internet Layer Protocols
Host-to-Host Layer and Internet Layer Protocols:
Host-To-Host Protocols: Transport Control Protocol (TCP) Allows users to access resources on another machine. All data is seen in clear text (not recommended for use) User Datagram Protocol (UDP) Similar to Telnet but it sets up a secure session (recommended over telnet). All data is encrypted during the session
TCP UDP Sequenced Unsequenced Reliable Unreliable Connection-oriented Connectionless (best effort delivery) Builds virtual circuit Low overhead ACK (acknowledgements) NACK (no acknowledgements) Windowing, flow control No windowing, no flow control
Port Numbers TCP UDP Telnet – 23 SNMP – 161 SMTP – 25 TFTP – 69 HTTP – 80 DNS – 53 FTP – 20, 21 DHCP – 67 DNS – 53 NTP – 123 HTTPS – 443
SSH – 22
POP3 – 110
IMAP 4 – 143
Internet Layer Protocols:
- Internet Protocol (IP) – analyze each packet to decide where the packet is sent
- Internet Control Message Protocol (ICMP) – Use to gives status updates about a host or network
- Address Resolution Protocol (ARP) – resolves IP addresses to MAC addresses
IP Addressing and IPV4 Address Type
Network Classes Ranges Class A 0-127 Class B 128-191 Class C 192-223 Class D – Multicast Addresses 224-239 Class E – Experiment Addresses 240-255 Loopback Address – Reserve for testing 127.0.0.1 Private IP Addressing Network Classes Ranges Class A 10.0.0.0 – 10.255.255.255 Class B 172.16.0.0 – 172.31.255.2555 Class C 192.168.0.0 – 192.168.255.255 IPV4 Address Types
Classifications Loopback Use to test IP stack on local computer Layer 2 broadcast Sent to all hosts on the LAN Broadcasts Sent to all hosts on the Network Unicast Sent to one host Multicast Sent to many host on different networks (group)
Rules to follow for Subnetting:
- What is my default subnet mask
- How many networks can I have
- How many hosts can I have
- What is my network address
- What is my valid range
What is my broadcast address Formula: 2x = the number of networks x = the number of 1’s 2y – 2 = the number of hosts y= the number of 0’s RESERVED = NETWORK /BROADCAST
192.168.100.37/25 Class C Example below:
b. 21 = 2 network
c. 27 = 128 – 2 = 126 host
d. Block size – 256 –
(subnet mask) 256-128 = 128
192.168.100.0 192.168.100.128 Fhost
Address range: 192 – 223 Number of network bits: 24 Number of networks: 2,097,152 Number of host bits: 8 Number of hosts per network: 28 = 256 Number of Useable Hosts per network: 28 – 2 = 254 Default Subnet Mask: 255.255.255.0 or /24
Example Address Class: C IP Address: 220.127.116.11 / 24 Subnet Mask: 255.255.255.0 Network Address is: 18.104.22.168 Broadcast Address is: 22.214.171.124 Number of Useable host addresses: 126.96.36.199 – 188.8.131.52 172.16.0.0/17 – Class B Example a. 11111111.11111111.10000000.00000000
0 b. 21 = 2 network c. 215 = 32,768 -2 = 32,766 d. Block size – 256 – (subnet mask) 256-128 = 128 Network = 172.16.0.0 | 172.16.128.0 Fhost 172.16.0.1 | 172.16.0.1 Lhost 172.16.127.254 | 172.16.255.254 Bcast 172.16.127.255 | 172.16.255.255
Class B Address range: 128 – 191
- Number of network bits: 16
- Number of networks: 16,384
- Number of host bits: 16
- Number of hosts per network: 216 = 65,536
- Number of Useable Hosts per network: 216 – 2 = 65,534
- Default Subnet Mask: 255.255.0.0 or /16
Address Class: B IP Address: 184.108.40.206 / 16 Subnet Mask: 255.255.0.0 Network Address is: 220.127.116.11 Broadcast Address is: 18.104.22.168 Number of Useable host addresses: 22.214.171.124 – 126.96.36.199 172.16.0.0/16 – Class A Example 11111111.11111111.0000000.00000000
0 0 28 = 256 network = 65,536 -2 = 65,534 Block size – 256 – (subnet mask) 256-255 = 1 Network =
Address Class: A IP Address: 188.8.131.52 / 8 Network Address is: 184.108.40.206 Broadcast Address is: 220.127.116.11 Subnet Mask: 255.0.0.0 Number of Useable host addresses: 18.104.22.168 – 22.214.171.124
The Magic Chart – Decimal Chart
128 64 32 16 8 4 2 1 =255
Checking results = you can use addition or subtraction, if you use addition please only add values that have a 1 value, if you are using subtraction – take the total value of the chart and subtract anywhere that have 0’s IP Address: 192.168.50.109 Bit = 0 or 1 Nibble = 4 bits = 0101, 0000, 1111 Byte = 8 bits = 1 octet = 11111111, 00000000, 10101010
Class CCIDR Notation
Default subnet Mask /
Number of Networks
Number of host /
00000000 = 0
256 host / 254
10000000 = 128
128 host / 126
11000000 = 192
64 host /
62 /27 11100000 = 224 8 32 host /
30 /28 11110000 = 240 16 16 host /
14 /29 11111000 = 248 32 8 host /
6 /30 11111100 = 252 64 4 host /
2 /31 11111110 = 254 128 2 host/
1 /32 11111111 = 255 0 0
The chart below displays the power of 2’s:
Variable Length Subnet Masking (VLSM)
VLSM enables a network number to be configured with different subnet masks on different interfaces.
- Conserves IP addresses.
- More efficient use of available address space.
- Allows for more hierarchical levels within an addressing plan.
Steps for VLSM:
- List the number of hosts required per network beginning with the largest to the smallest.
- Convert the subnet mask to binary.
- Draw a line where the network portion ends.
- Ask yourself the question… How many bits do I need to support the required number of hosts?
- Move the line to show your new network portion.
- Determine your new magic number.
- Finish subnetting using the new magic number. The starting address is always the first network. You cannot go past the next network of the previous level.The following pictures illustrate the VLSM process:
How to Perform Route Summarization
To Summarizing networks IP address or route into a single address and mask can be done in three steps. Let’s use the following four networks below as an example:
Example 17016.0.0/16 126.96.36.199/16 188.8.131.52/16 184.108.40.206/16 Step 1: List the networks in binary format: 220.127.116.11/16 = 10101010.00010000 00000000 00000000 18.104.22.168/16 = 10101010.00010001.00000000.00000000 22.214.171.124/16 = 10101010.00010010.00000000.00000000 126.96.36.199/16 = 10101010.00010011.00000000.00000000 Step 2: Count from the left, the number of most matching bits to determine the subnet mask for the summary route or IP address. 188.8.131.52/16 = 10101010.00010000 00000000 00000000 184.108.40.206/16 = 10101010.00010001.00000000.00000000 220.127.116.11/16 = 10101010.00010010.00000000.00000000 18.104.22.168/16 = 10101010.00010011.00000000.00000000 You can see from the example that there are 12 left-most matching bits match. This is the prefix (CIDR), or subnet mask, for the summarized route or IP address: /12 or 255.240.0.0.
Modes and Router Configurations
Router#configure terminal Router(config)# Router(config)#hostname R1 ß-configure Passwords R1(config)#enable password cisco R1(config)#enable secret ciscoexam
R1(config)#line vty 0 4 R1(config-line)#password remote ß-configure Telnet R1(config-line)#login
R1(config)#line console 0 R1(config-line)#password rollover ß- configure Console R1(config-line)#login
ß- configure banner Enter TEXT message. End with the character ‘~’. @@@@@@@@@@@@@@@@@@@@@@@@@@@@@ WARNINGS DO NOT ATTEMPT TO CONNECT!!! @@@@@@@@@@@@@@@@@@@@@@@@@@@@@ ~ R1(config)#
ß- configure ip addresses and descriptions
interface fa0/0 R1(config-if)#ip address 192.168.10.65 255.255.255.240 R1(config-if)#description connection to LAN1 R1(config-if)#no shut …. R1(config-if)#exit R1(config)#interface fa0/1 R1(config-if)#ip address 192.168.20.129 255.255.255.248 R1(config-if)#description connection to LAN2 R1(config-if)#no shut
R1(config-if)#exit R1(config)#interface eth0/1/0 R1(config-if)#ip address 22.214.171.124 255.255.255.252 R1(config-if)#description connection to R2 R1(config-if)#no shut
R1#copy run start
ß saves configs from RAM to NVRAM
Components of Cisco Router and Switch
Random Access Memory (RAM):
- Stores routing tables- Holds ARP cache
- Holds fast-switching cache
- Performs packet buffering as shared RAM
- Maintains packet-hold queues
- Provides temporary memory for the configuration file of a router while the router is powered on
- Loses content when a router is powered down or restarted Nonvolatile Random AccessMemory (NVRAM):
- Provides storage for the startup configuration file• •Retains content when a router is powered down or restarted Flash Memory (Flash):
- Holds the IOS image
- Allows software to be updated without removing and replacing chips on the processor- Retains content when a router is powered down or restarted- Can store multiple versions of IOS software
- Is a type of electrically erasable programmable read-only memory (EEPROM) Read Only Memory (ROM):
- Maintains instructions for power…
…on self test (POST) diagnostics
- Stores the bootstrap program and the basic operating system software
- Requires replacing pluggable chips on the motherboard for software upgrades
Checking Network Connectivity and Troubleshooting
Ping: Determines whether IP connectivity exist Trace Route: Trace route displays the…
…path the packet takes to reach its destination.
Static Routing, Dynamic Routing and Default Routing
- Routers can be configured to route traffic based on static routes that have to be manually entered by an administrator Static routing is a good choice for networks that: never change, are small in size or have only one router, or have only one way out of the network. Topology change requires manual update
- Default Routes
R1(config)#ip route 0.0.0.0
R1(config)#ip route 0.0.0.0 0.0.0.0
- Dynamic routes that are created dynamically by a routing protocol:
- Dynamic routing is a good choice if a network has multiple routers, is part of a larger network, or if the network changes frequently
- Relies on routing protocol to determine how to communicate with neighboring routers and maintains those networks in routing tables.
Routed and Routing Protocols
- A routed protocol is a protocol that is routable over multiple networks like the internet. TCP/IP
- A routing protocol is a protocol used by routers to share information with each other Routing protocols describe the following: How updates are sent, what knowledge is sent, when to send the knowledge, RIP, EIGRP, OSPF, and ISIS. The tables below provide an illustration of the routed and routing protocols:
- Classful routing– RIP is a classful routing protocol, it does not send or receive subnet masks, it assumes classful subnet masks
- Periodic updates– RIP broadcasts routing updates every 30 seconds. It broadcasts the entire routing table in the update.
- Triggered updates– RIP also broadcasts updates when there is a change in the topology, like a network going up or down.
- Metric– RIP’s metric is hop count. RIP’s maximum distance is 15 hops. 16 hops is infinity and is used to mark a route as dead.
- Administrative Distance– RIP’s administrative distance is 120. AD ranks the trustworthiness, or reliability of the route, the lower the administrative distance the better the route.
- Hold Down Timer– RIP uses a hold down timer of 180 seconds so that it does not propagate bad routes and does not have a count-to-infinity routing loop. Route is flushed at 240 seconds.
- Load Balancing– Default load balancing across 4 equal cost routes. Can go up to 6 routes. Remaining RIPv1 characteristics below:
- Count to infinity– is prevented by hold down timers and by RIPs maximum metric of 15 hops.
- Routing Loops– are prevented by: Hold Down Timer, Split Horizon Rule, Route Poisoning, Route Poisoning with Poison Reverse, as well as TTL.
- Automatic Route Summarization. RIP automatically summarizes routes into classful network ranges because it will not allow non-classful network configuration or the propagation of non-classful subnet masks. It can only advertise classful networks.
- Transport Layer– RIP sends out updates on UDP port 520
OS CLI commands to use with RIP
- routerA(config)#router rip activate RIP
add a participating network and interface
to stop RIP from sending updates out of an interface
- router#show running-config to verify your configuration
- router#show ip route to verify your routing table
- router#show ip protocols to…
…verify your RIP
to save your configuration
RIPv2 vs RIPv1
RIPv2 Differences from RIPv1
- VLSM and CIDR – is supported by sending the subnet mask and the next hop address in its routing updates.
- Multicasts – its routing updates to 126.96.36.199. instead of broadcasting to 255.255.255.255 like RIPv1
- Authentication – RIPv2 supports md5 authentication
- Updates – RIPv2 sends and receives version 2 updates only. RIPv1 sends version 1 updates and receives both 1 and 2; however version 2 information is ignored. RIPv2 Similarities to RIPv1…
- Auto Summarizes by default (You will need to turn this off if you have discontiguous networks)
- Distance Vector Protocol
- Hop Count is the metric with a maximum of 15 hops, 16 is infinity and is dropped.
- VLSM & CIDR – EIGRP has support for variable length subnet masks (VLSM) and classless inter domain routing (CIDR).
- DUAL algorithm – The diffusing update algorithm or DUAL, provides guaranteed and optimized loop free routes.
- Successor & Feasible Successor routes – The successor route is the best route to a destination network. If available, DUAL and the EIGRP topology database will also calculate a guaranteed loop free backup route called the Feasible Successor route.
- Partial & Bounded Updates – for faster convergence times. No periodic updates like RIP. EIGRP only sends information when there is a change in the network, like a network link going down. EIGRP does not send the entire routing table, just the information that has changed and only to those routers that need the new information.
- Routing Metrics – EIGRP’s routing metric is not…
…based on hop count like RIP, it is based instead on: Bandwidth, Load, Delay and Reliability, with Bandwidth and then Delay being the most important factors. EIGRP also features MTU and Hop Count as metric vectors, though they are not used in route calculations.
EIGRP Multiple Tables
- Routing Table – the best “loop free” network routes are placed in the routing table
- Neighbor Table – neighbor adjacencies are maintained in this table
- Topology Table –
- maintains “loop free” backup routes known as successor routes and feasible successor routes
OS CLI Commands to Use with EIGRP
- router(config)# router eigrp <AS/ID-number>
- router(config-router)# no auto-summary
- router(config-router)# redistribute static
- router(config-router)# exit
- router(config-router)# end The following show commands are useful in verifying and troubleshooting EIGRP operation and configuration, as well as identifying the successor and feasible successor routes:
- router# show ip eigrp neighbor
- router# show ip eigrp topology
- router# show running-config
- router# show ip protocols
- router# show ip route
- Algorithm – Dijsktra’s SPF algorithm
- Metric – Cost, which is based on the bandwidth of a link
- Administrative Distance – 110
- Process-ID number – the process-id number is declared when OSPF is started/configured and is a number from 1 to 65535. The process id number does NOT need to match other OSPF routers in the area in order to create adjacencies
- Wildcard bits/mask – The wildcard mask is the inverse of a network subnet mask (e.g. 255.255.255.0 is 0.0.0.255). It is declared after the network number in the network command (see commands below)
- Area number – The area number is a number from 0-255, declared at the end of the network command after the wildcard bits. Routers in the same area will exchange routing information or Link State Updates or LSUs
- Hello Interval – Hello packets are sent every…
…10 seconds by default. In order for OSPF routers to establish neighbor adjacencies and exchange routing information successfully, the hello interval needs to match all OSPF routers in the OSPF area.
- Dead Interval – The dead interval is 40 seconds by default. The dead interval should be 4 times the hello interval, and needs to match all OSPF routers in the area
- Multiple Tables – Routing Table, Topology Table, and Neighbor Adjacency Table
- DR and BDR Elections – In broadcast multi-access networks (Ethernet), routers in the OSPF area will elect a Designated Router (DR) and a Backup Designated Router (BDR). The DR will be the receiver and distributor of Link-State Packets to other routers in the OSPF area. The BDR will wait, and be ready to take over the duties of the DR in case it fails.
OS CLI Commands to Use with OSPF
router(config)# router ospf
router# show ip ospf neighbor router# show ip ospf interface router# clear ip ospf process router# show running-config router# show ip protocols router# show ip route
Access Lists Overview
Access Lists Overview
- Limit network traffic
- Provide traffic flow control
- Provide basic level of security
- Decide which types of traffic to forward or block
- Control which areas a client can access
- Screen hosts to permit or deny them access
- Standard Access Lists Overview
- Checks source address
- Permits or denies entire protocol suite Create the ACL Standard ACL (1-99) – checks source IP address – checks who you are not where you are going Example: access-list 12 permit 192.168.50.0 0.0.0.25…
- Apply the ACL A standard ACL is applied inbound or outbound on the router interface that is closest to the destination of the traffic. Extended Access Lists Overview
- Checks source and destination address
- Permits or denies specific protocols and applications Source and destination TCP and UDP ports Protocol type (IP, ICMP, TCP, UDP, or protocol number) Create the ACL Extended ACL (100-199) – checks source and destination IP address – checks who you are and where you are going Example: access-list 103 permit tcp 192.168.50.0 0.0.0.255 any eq 80 Apply the ACL An extended ACL is applied inbound or outbound on the router interface that is closest to the source of the traffic.
OS CLI Commands to Use with Standard Access List
Standard access list command format: access-list <1-99> <deny | permit>
router(config)#interface fastethernet 0/0 router(config-if)#ip access-group 1 out router(config)#interface fastethernet 0/1 router(config-if)#ip access-group 1 in Deny or permit all hosts: router(config)#access-list 1 deny any router(config)#access-list 1 permit any