March 7, 2018 | Author: SjanUK | Category: Ip Address, Osi Model, Routing, Transmission Control Protocol, Network Switch
Share Embed Donate

Short Description

Download CCENT...


CCENT (Cisco Certified Entry Network Technician) Certification Exam Notes About CCENT certification: CCENT - Cisco Certified Entry Networking Technician is an entry level Cisco certification. Getting CCENT certified ensures that the candidate has enough knowledge to plan, configure, and operate simple WAN and switched LAN networks using Cisco products. No pre-qualification is necessary to take CCENT exam. 640-822 is the only exam necessary to pass for obtaining CCENT certification. 640-822 is required for achieving CCNA, which covers medium size enterprise branch networks with more complex connections.

Contents OSI Model................................................................................................................................................ 2 TCP/UDP concepts .................................................................................................................................. 4 IP Addressing and Subnetting ................................................................................................................. 4 Router commands................................................................................................................................... 7 Cisco IOS .................................................................................................................................................. 8 i. CDP ................................................................................................................................................. 10 Routing Concepts .................................................................................................................................. 11 NAT........................................................................................................................................................ 12 Switching ............................................................................................................................................... 13 Wireless concepts ................................................................................................................................. 14 Security ................................................................................................................................................. 14 Miscellaneous ....................................................................................................................................... 15 i. Cables ............................................................................................................................................. 15 ii. ARP and RARP................................................................................................................................ 15 iii. Static and Default Routing............................................................................................................ 16 iv. WAN ............................................................................................................................................. 16 v. Basic Utilities (ping, traceroute) .................................................................................................... 17 vi. Others ........................................................................................................................................... 18 Bibliography .......................................................................................................................................... 19


OSI Model 1. The 7 layers of OSI model are: 1.1. The Application Layer: Application layer is responsible for identifying and establishing the availability of intended communication partner and verifying sufficient resources exist for communication. Some of the important application layer protocols are: WWW, SMTP, FTP etc. 1.2. The Presentation Layer: This layer is responsible for presenting the data in standard formats. This layer is responsible for data compression, decompression, encryption, and decryption. Some Presentation Layer standards are: JPEG, MPEG, MIDI, PICT, Quick Time, TIFF. 1.3. The Session Layer: Session Layer is responsible for co-ordinating communication between systems/nodes. The following are some of the session layer protocols and interfaces: a) Network File System (NFS), SQL, RPC (Remote Procedure Call), X-Windows, ASP, DNA SCP. 1.4. The Transport Layer: The Transport Layer is responsible for multiplexing upper-layer applications, session establishment, and tearing-down of virtual circuits. This layer does "flow control" to maintain data integrity. Flow Control prevents the problem of a sending host on one side of the connection overflowing the buffers in the receiving host. 1.5. The Network Layer: There can be several paths to send a packet from a given source to a destination. The primary responsibility of Network layer is to send packets from the source network to the destination network using a pre-determined methods. Routers work at Network layer. 1.6. The Data Link Layer: Data Link Layer is layer 2 of OSI reference model. This layer is divided into two sub-layers: 1.6.1.Logical Link Control (LLC) sub-layer. The LLC sub-layer handles error control, flow control, framing, and MAC sub-layer addressing. 1.6.2.Media Access Control (MAC) sub-layer. The MAC sub-layer is the lower of the two sublayers of the Data Link layer. MAC sub-layer handles access to shared media, such a Token passing or Ethernet. 1.7. Physical Layer: The actual flow of bits take place through Physical layer. At Physical layer, the interface between the DTE and DCE is determined. The following are some of the standard interfaces are defined at Physical layer: A> EIA/TIA-232, EIA/TIA449,V.24,V.35,X.21,G.703,HSSI (High Speed Serial Interface).

2. Few Important things to note about OSI layer functions: 2.1. Application layer is responsible for ensuring the availability of intended communication partner. This layer is also responsible for synchronizing sending and receiving applications. 2.2. Presentation Layer is responsible for negotiating data transfer syntax. 2.3. Session layer is responsible for co-coordinating communication between systems 2.4. Transport layer is responsible for multiplexing upper-layer applications. It is also responsible for establishment and tear down of virtual circuits.


3. Data Link Layer is layer 2 of OSI reference model. This layer is divided into two sub-layers: 3.1. Logical Link Control (LLC) sub-layer. The LLC sub-layer handles error control, flow control, framing, and MAC sub-layer addressing. 3.2. Media Access Control (MAC) sub-layer. The MAC sub-layer is the lower of the two sublayers of the Data Link layer. MAC sub-layer handles access to shared media, such a Token passing or Ethernet.

4. DOD Model maps to OSI model as below: 4.1. Process/ Application maps to OSI's Application, Presentation, Session layers (layers 7,6,5). 4.2. Host-to-Host maps to ISO's Transport layer (layer 4). 4.3. Internet maps to ISO's Network layer (layer 3). 4.4. Network Access maps to ISO's Data Link and Physical Layers (layers 2, 1).

5. Switches work at layer 2 of ISO model, which is Data Link Layer. A switch looks at the destination MAC address before forwarding the frame.

6. TCP and UDP work at transport layer of OSI model or the Host-to-Host layer of DOD Model. SNMP uses UDP over IP.

7. The following are frequently used OSI layer 2 (data link) protocols: 7.1. PPP 7.2. SLIP 7.3. Frame Relay 7.4. HDLC 7.5. Ethernet 7.6. Token Ring

8. The following are some Presentation Layer standards: Graphic and Visual Image: PICT, TIFF, JPEG Movies and Sound: MIDI, MPEG, Quick Time The following are Session layer standards: NFS, SQL,RPC,X-Windows.

9. Physical layer is responsible for bit synchronization. · Repeaters work at Physical layer (Layer 1), · Bridges and simple switches work at Data Link Layer (Layer 2), · Routers work at Network Layer (Layer 3) of ISO Reference Model.

10. Segments is associated with Transport layer, Packets is associated with Network Layer and Frames is associated with Data Link Layer


TCP/UDP concepts 1. FTP (File Transfer Protocol) is used for transferring files from and to a client computer to a host. FTP is a connection oriented protocol. It uses TCP/IP for file transfer. Compare this with UDP protocol used by TFTP 2. Telnet. 2.1. Telnet: 2.1.1.Telnet command works at Layer 7 of your TCP/IP stack. If you are able to Telnet to your remote router, you can be sure that the TCP/IP stack is properly installed. 2.2. Other commands, such as Ping, trace, and ipconfig work at lower layers of the TCP/IP stack. 2.2.1.Telnet is used for terminal emulation that runs programs remotely. 2.3. FTP is used to transfer files. 2.3.1.TCP/IP is the protocol used when you are Telnetting to a remote host. HTTP is used for accessing the World Wide Web services. 3. The default port numbers used for some important services are: 3.1. FTP:21 3.2. Telnet:23 3.3. SMTP:25 3.4. WWW:80 3.5. SSL:443 (Secure socket layer) Note: When you are accessing a Web page, the browser sends the request over the default port number (For WWW, the default port number is 80). For any reason, If you change the default port number that a Web server listens to, users need to specify the port number in the URL. 4. The distinguishing characteristics of a TCP frame are Sequence Number, Acknowledgment Number, and Window. 5. TCP and UDP Protocol Characteristics: 5.1. TCP is a full-duplex, connection-oriented protocol. It incorporates error checking as well. 5.2. UDP (User Datagram Protocol): UDP is a thin protocol. UDP is a connectionless protocol. It doesn't contact the destination before sending the packet and doesn't care whether the packet is reached at the destination. UDP uses port number 6. 6. The port numbers used by different programs are as below: 6.1. DNS: Port#53 6.2. FTP : Port #21 6.3. Telnet: Port #23 6.4. SMTP: Port #25 6.5. SNMP: Port #161

Note: It is also worthwhile to know that FTP, Telnet and SMTP use TCP. DNS, TFTP and SNMP use UDP. 7. UDP is known as unreliable protocol because there is no way for the source to know if any packets are lost during transit to the destination. Important fields that are available with TCP header, but not available with UDP header include sequence number, acknowledgement number, and window size.

IP Addressing and Subnetting 1. IP addresses are written using decimal numbers separated by decimal points. This is called dotted decimal notation of expressing IP addresses. 1.1. The different classes of IP addresses is as below:


1.1.1.Class Format Leading Bit Network address Maximum Maximum hosts pattern Range networks / nodes 1.1.2.Class A N.H.H.H 0 0 - 126 127 16,777,214 1.1.3.Class B N.N.H.H 10 128 - 191 16,384 65,534 1.1.4.Class C N.N.N.H 110 192 - 223 2,097,152 254 1.1.5.Network address of all zeros means "This network or segment". 1.1.6.Network address of all 1s means "all networks", same as hexadecimal of all F’s. 1.1.7.Network number 127 is reserved for loopback tests. 1.1.8.Host (Node) address of all zeros mean "This Host (Node)". 1.1.9.Host (Node) address of all 1s mean "all Hosts (Nodes)" on the specified network. 2. Class B network has the form N.N.H.H, the default subnet mask is 16 bits long. There is additional subnet mask of 7 bits long. 2.1. 7 bits of subnet mask corresponds to (2^7)=128 subnets. 2.2. 9 bits (16-7) of host addresses corresponds to (2^9-2)=512-2 = 510 hosts. 2.3. Some times, the subnet mask is specified with the bits available in the default subnet mask. In this case the bits available in default subnet mask is 16. Therefore, total number of bits available in the subnet mask are 16+7=23. 2.4. If you are given a subnet mask of 23 bits long for a class B address, it is understood that it contains the bits from the default subnet mask as well. 2.5. Class C IP address has the form N.N.N.H. You have 8 bits available for host portion, of which 4 bits are used for subnetting. This means, you have 2^4 = 16 subnets. Similarly, you have 4 bit available for host Ids. This equals 2^4 = 16 host Ids. Out of this, host Ids of all 1s' and all 0s' are reserved. This leaves us with 14 host Ids per subnet. 3. The address range and the corresponding binary values for the first octet of IP classes are as given below: 3.1. Class A: 0-127 binary: 00000000-01111111 3.2. Class B: 128-191 binary: 10000000 – 10111111 3.3. Class C: 192-223 binary: 11000000 – 11011111 3.4. Class D: 224-239 binary: 11100000 – 11101111 Note that the IP address belongs to class B, and hence the applicable binary address range is 10000000 – 10111111. Class

First byte range

A (Hosts)


B (Hosts)


C (Hosts)


D (Multicasts) E (Research)

224-239 240-255

Byte 1 Network Subnet 255 Network Subnet 255 Network Subnet 255

IP Start


IP End

to to to to

Byte 2 Host Portion 0 Network Subnet 255 Network Subnet 255

Byte 3 Host 0 Host 0 Network Subnet 255

Byte 4 Host 0 Host 0 Host 0

Note: Reserved Private Addresses – MUST LEARN

Used by Windows if it cannot find DHCP Server (APIPA)

4. The following are true about the IP address 4.1. Subnet mask: 4.2. Subnet address: 4.3. Broadcast address: 4.4. Lowest valid host address in the given subnet: (A host address of all zeros cannot be used)



6. 7.



4.5. Highest valid host address in the given subnet: (A host address of all ones cannot be used) 4.6. Valid host address range: - The number of distinct IP’s required in an IP network are: 5.1. One each per client computer 5.2. One each per server computer 5.3. One each per router interface. The range of numbers from to are used for multicast packets. This is known as Class D address range. Subnetting: 7.1. Subnetting is nothing but creating networks within a network. Subnetting allows an organization with a single IP address (Class A /Class B /Class C) to have multiple subnetworks, thus allowing several physical networks with in the organization. The subnet mask is computed as below: 7.1.1.Find the Class of the IP address, in this case it is a class B network. Class B network has the form N.N.H.H. Therefore, we have a total of 16 bits (two octets) for assigning to internal networks and hosts. The minimum number of host addresses required is 500 (see the question). The last octet corresponds to 2^8 = 256 hosts which is still less than 500 Hosts.. Therefore, you have to borrow one more bit from the third octet to make it 256*2 = 512 Hosts. This leaves 7 bits in the third octet for assigning subnet addresses. This is equal to 2^7=128 subnets. 7.1.2.Write the 7 bits available for subnetting in third octet in the form 11111110 (last bit being the Host bit). The decimal equivalent of the first seven bits is 2^7+2^6+2^5+2^4+2^3+2^2+2^1 = 128 + 64 +32 + 16 + 8 + 4 + 2 = 254. 7.1.3.Now the subnet mask required is Consider a host IP The available hosts with a 11 bit subnet mask, may be computed as follow: 11 bit subnet mask is equivalent to; It will accommodate 2,046 subnets, each with 30 hosts. The host address of is in the 32 subnet range. The valid hosts for subnet 32 are 33-62. The broadcast address is 63. To find the subnet that a host with 12-bit subnet mask belongs to: A 12-bit subnet mask gives us; 4094 subnets, each with 14 hosts. (Host addresses of all zeros and all 1s can't be assigned). The is in the 48 subnet range. The valid range is through 49 - 62. 63 is a broadcast address. Here is how you get the subnet range: 9.1. Find the subnet mask. In this case, default subnet mask for Class B address is There are additional; 12 bits in the subnet mask. Now the subnet mask looks like: 11111111.11111111.11111111.11110000. This is equal to 9.2. Now, deduct the lowest value octet (Which is non zero), from 256. Here, (256-240)=16. This is the value that the subnets are incremented. Therefore, you will have hosts with values from: to (All 0s and all 1s host addresses can not be used) to to to and so on. Note: It is important to know that subnets are incrementing by a factor of 16.

10. The subnet Id of a host with IP address is The available host address range is - Broadcast address: 11. Variable-Length Subnet Masking: Variable-length subnet masking (VLSM) means implementing more than one mask on the same major class of a network. It allows for a more efficient use of IP address space both in terms of hosts and subnets, and can be essential on a network that does not have an abundance of IP address space. The following routing protocols support VLSM: 11.1. RIP v2 11.2. EIGRP 11.3. IS-IS


11.4. 11.5.


Router commands 1. Key word: COPY This command copies configuration information to specified location. The following are some frequently used COPY commands: 1.1. COPY RUNNING-CONFIGURATION STARTUP-CONFIGURATION (alternatively, you can use an older version of the command, WRITE MEMORY): This command saves the current configuration to NVRAM. 1.2. Alternatively, we can issue the command using short form: 1.2.1.COPY RUNNING STARTUP - Copies configuration from RAM to NVRAM 1.2.2.COPY STARTUP RUNNING - This command merges configuration from NVRAM to RAM. 1.2.3.COPY FLASH TFTP - Copies current IOS from router flash memory to TFTP server. 1.2.4.COPY TFTP FLASH - Copies image file from TFTP server to flash. This is used to upgrade the IOS image file to a newer version, or if your IOS image becomes corrupt.

2. "sh int " is a very useful command. It displays the following information: 2.1. Hardware address 2.2. Status of interface and the line protocol - carrier detect brings up the serial port(which means that physical layer connections are working) and keep alive bring up the line protocol (which means that Data link layer protocol is working). 2.3. MTU, BW, DLY, rely, and load metrics. 2.4. Encapsulation type (layer 2, Data link layer) - HDLC is the default.

3. SHOW command is extensively used for seeing the status and configuration information of the router. Some of the frequently used commands are: 3.1. SHOW RUNNING-CONFIGURATION -This command displays the router's active configuration file, passwords, system name, and interface settings, interfaces IP addresses etc. 3.2. SHOW INTERFACE - Shows status and configuration information of the local interfaces. The first line says something like “TokenRing1 is up, line protocol is up”. The first part “TokenRing1 is up” describes the physical layer components such as electrical cabling and signaling are OK. The second part “line protocol is up” means that the router is detecting keep-alive messages. The router may be put into administratively down status, at which point the line would read, “TokenRing1 is administratively down, line protocol is down.” 3.3. SHOW INTERFACE SERIAL 0 - Shows the serial 0 configuration. 3.4. SHOW INTERFACES - Displays statistics for all interfaces configured on the switch. 3.5. SHOW PROCESS - Displays a router’s CPU utilization. 3.6. SHOW CONFIG - Displays information on the startup configuration. 3.7. SHOW VERSION - Displays information about the system hardware (RAM/ROM), software version, names of configuration files, and boot-images. This command will also show the current configuration register value. 3.8. SHOW IP PROTOCOL: This command will show information on RIP timers including routing update timer (30sec default), hold-down timer (default 180sec). It also displays the number of seconds due for next update (this is fraction of update timer). This command also gives the network number for which IP RIP is enabled, Gateway, and the default metric. 3.9. SHOW IP ROUTE: This command will display the IP routing table entries. In addition, it displays the Gateway of last resort (if one is assigned). It also displays the codes used for


various types of routes. Some of the important codes are: C: directly connected; S: Statically connected I : IGRP R : RIP 3.10. SHOW IP INTERFACE: This command shows you interface-wise information such as IP address assigned to each interface, whether the interface is up, MTU etc. 3.11. DEBUG IP RIP: Debug IP RIP will turn the RIP debugging ON. This will display a continuous list of routing updates as they are sent and received. This leads to lot of overhead, which is the reason that you use "undebug ip rip" to turn-off debugging as soon as you finish with debugging. 3.12. SHOW VERSION: This command displays the current version of the Cisco IOS. In addition, this command displays the following important information: - How long the router has been up (length of time since boot-up). - How the system was started (power on etc.) - From where the system was loaded from (booted via flash , or tftp etc.) - The contents of configuration register. 3.13. SH HOSTS ---> displays the host names and related IP addresses. 3.14. SH INT S0 ---> Among other things, you can see the encapsulation type (layer 2) used. 4. The auxiliary password is used to set the password for the auxiliary port. Assuming that you are at # prompt, the sequence of commands are: 4.1. RouterA#config t 4.2. RouterA(config)#line aux 0 4.3. RouterA(config-line)#login 4.4. RouterA(config-line)#password Now you are set with a password . Type "Z " to take you to the # prompt or "exit" to go back to global configuration "RouterA(config)#" prompt. Similar procedure is applicable for setting vty and console passwords as well. 5. A banner is displayed whenever anyone logs in to your Cisco router. The syntax for configuring the banner is: "banner motd # " . MOTD stands for "Message Of The Day". # symbol signifies the start of the banner message to the router. You will be prompted for the message to be displayed. You need to enter "#" symbol at the end of the message, signifying that the msg has ended. There are five different types of passwords: 5.1. ENABLE PASSWORD - A global command that restricts access to privileged exec mode. This is a non-encrypted password. 5.2. ENABLE SECRET - Assigns a one-way encryptographic secret password, available in versions 10.3 and up. This secret password is used instead of the enable password when it exists. 5.3. Virtual Terminal Password (vty password): The virtual terminal password is used for Telnet sessions into the router. The password can be changed at any time. It can be set up when you configure the router from the console. There can be five distinct passwords corresponding to each vty (vty0 to vty4) or there can be a single password for all vty’s. 5.4. Auxiliary Password: Auxiliary password is used to set password to the auxiliary port. This port is used to access a router through a modem. 5.5. Console Password: Console password is used to set the console port password.

Cisco IOS 1. Cisco router loads the IOS image based on the boot field and the boot system commands in the configuration. Various boot system commands are: 1.1. boot system flash ;IOS image is loaded from flash memory 1.2. boot system tftp ;Boots the system image from the TFTP server. 1.3. boot system rom ; IOS is loaded from rom


1.4. The command to save the running configuration to NVRAM is: copy running-config startup-config (write memory) 2. At times it may be necessary to upgrade the IOS software. You cannot load the router from Flash, and upgrade the flash at the same time. You need to load from other sources such as tftp server or ROM. To load the image from ROM, there are two ways: 2.1. BY using config-register 0X2101 command. This will enable the router to load the IOS from the ROM and Flash image is not used. This way we can load the upgrade to flash, and set back the configuration register to load from flash as usual after the upgrade is completed. 2.2. Another way is by adding the command BOOT SYSTEM ROM to the startup configuration file. 3. Boot system - This is a global command that allows you to specify the source of the IOS software image to load. If you configure more than one source, attempts are made to load the IOS from the first command in the configuration to the last successively. If the first fails, the second boot command is used. 3.1. Boot system rom - Loads IOS from ROM. 3.2. Boot system flash - Loads the first file from flash memory. 3.3. Boot system tftp < tftp_address > - Loads IOS with a filename from a TFTP server. Note: Both "copy star run" and "reload" will load Cisco router configuration into RAM. 4. Router Memory Components: 4.1. ROM (Read Only Memory); Memory containing micro-code for basic functions to start and maintain the router. ROM is not typically used after the IOS is loaded. RXBOOT is located here. 4.2. RAM/DRAM: stores the running configuration, routing tables, and packet buffers. Some routers, such as the 2500 series, run IOS from Flash, not RAM. 4.3. NVRAM (Non-Volatile Ram): Memory that does not lose information when power is lost. Stores the system’s configuration file and the configuration register. NVRAM uses a battery to maintain the data when power is turned off. 4.4. Flash Memory: Stores the compressed IOS (IOS stands for Cisco Internetwork Operating System) image. Flash memory is either EEPROM or PCMCIA card. Flash memory enables you to copy multiple versions of IOS software. This allows you to load a new lever of the operating system in every router in your network and then, to upgrade the whole network to that version at a convenient time. 5. When you first switch on a router, you enter Setup mode. Setup mode is different from configuration mode in that setup mode appears when there is no configuration file present. Upon entering setup mode, you can supply some basic configuration parameters to Cisco router. 6. Router modes of operation: 6.1. User EXEC mode:- This is the LOWEST level of access. This allows examination of router status, see routing tables, and do some diagnostics. However, you cannot change the router configuration, view the configuration files, or control the router in any way. The prompt in this mode is "Router>". 6.2. Privileged (enable) EXEC mode:- This mode allows you to have all the privileges of EXEC (user) mode plus commands that enable you to view configuration files, change the router configuration, perform troubleshooting that could potentially disrupt traffic. The default prompt for this mode is "Router#". Note: When you are working in the privileged mode (at # prompt), you can get back to user mode by typing "disable" at the "#" prompt. 7. The Cisco router can be configured from many locations. 7.1. Console port: During the initial installation, you configure the router from a console terminal connected to the "Console port" of the router. 7.2. Virtual Terminals (vty): A virtual terminal (vty) is typically accessed through Telnet. A router can be accessed through vty after it the initial installation in the network. There are five virtual terminals, namely, vty0, vty1, vty2, vty3, vty4.




10. 11.


7.3. Auxiliary Port: you can configure a router through auxiliary port. Typically, a modem is used to configure the modem through aux port. 7.4. TFTP Server: Configuration information can be downloaded from a TFTP server over the network. 7.5. NMS (Network Management Station): You can also manage router configuration through NMS such as CiscoWorks or HP OpenView. There may be times that you have lost the passwords for accessing the router and need to recover from the lost passwords. ROM Monitor (rommon), stored ROM is used for password recovery. By hitting special Break key within the first 60 seconds of the router power-on, it is possible to recover from lost passwords. Broadly, the sequence of operations is as below (For a 2501 router):Typical sequence of steps involved in password recovery (on 2501 router) is: 8.1. Power cycle the router by turning it OFF and ON. 8.2. Press Break key (key configuration depends on the router type) within 60 seconds of power on. 8.3. Use the rommon (rom-monitor) command o/r 0X2142 8.4. Use rommon command INITIALIZE to load IOS 8.5. Skip the setup mode (by choosing NO to configuration commands). 8.6. Enter privileged mode 8.7. After entering the privileged mode, you can view the passwords by issuing appropriate config commands. During password recovery, the config register and NVRAM are modified. ROM hold the bootstrap code to start up the router and Flash contain the IO image. Each exclamation mark (!) represents that one UDP segment has been successfully transferred. While erasing, you get 'e' displayed on screen. To change the enable password, you use "enable password password". To change the enable secret, you use "enable secret password". The following are some important commands that can be used to edit and review command history buffer. It will be useful to practice these commands. A : Move to the beginning of the command line < ctrl> E : Move to the end of the command line < ctrl> F : Move forward one character, same as using "Right Arrow". < ctrl> B : Move backward one character, same as using "Left Arrow". < ctrl> P : Repeat Previous command, same as using "Up Arrow". < ctrl> N : Repeat Next (more recent) command, same as using "Down Arrow". < esc> B : Moves to beginning of previous word. < esc> F : Moves to beginning of next word. < ctrl>R : Creates new command prompt, followed by all the characters typed at the last one. To configure your router to do look-up for domain name server, the correct syntax is: 12.1. ip name-server Note: Here the ipaddress_of_server is the ip address of the DNS server.

13. To enable the Cisco IOS to forward packets destined for obscure subnets of directly connected networks onto the best route, you use "ip classless" command. 14. By default, Cisco routers support 5 simultaneous telnet sessions. This number can be configured using ios commands.

i. CDP 1. CDP, short for Cisco Discovery Protocol runs over Layer 2 (the data link layer) on all Cisco routers, bridges, access servers, and switches. CDP allows network management applications to discover Cisco devices that are neighbors of already known devices. CDP runs on all LAN and WAN media that support SubNetwork Access Protocol (SNAP). 2. The “no cdp enable” instruction has to be given at the interface configuration mode, where CDP needs to be disabled. (in this case S0/0). 3. The command "show CDP neighbors" displays all the neighboring devices connected and their capability. Several capability codes are: · R - Router H - Host

10 | P a g e

· T - Trans Bridge I - IGMP · B - Source Route Bridge r - repeater · S – Switch 3.1. This command displays the following: 3.1.1.Neighbor Device ID : The name of the neighbor device. 3.1.2.Local Interface : The interface to which this neighbor is heard 3.1.3.Capability: Capability of this neighboring device - R for router, S for switch, H for Host etc. 3.1.4.Platform: Which type of device the neighbor is. (2500 router or anything else) 3.1.5.Port ID: The interface of the remote neighbor you receive CDP information 3.1.6.Holdtime: Decremental hold time in seconds 4. The command "terminal no editing" stops all advance editing features. 5. Important CDP Commands: 5.1. The command “cdp run” in global configuration mode enables CDP globally on the router. 5.2. The command “cdp enable” is used to enable CDP on a particular interface/port. 5.3. The command used to disable CDP is “no cdp enable”. 5.4. The command “ip default-gateway” in global configuration mode can be used to sets the default gateway on a Cisco switch/router.

Routing Concepts 1. Routing protocols job is to maintain routing tables and route packets appropriately. Examples of routing protocols are RIP, IGRP, EIGRP, OSPF. Routers can support multiple independent routing protocols and can update and maintain routing tables for each protocol independently. Routed protocols are used to transport user traffic from source node to destination node. Examples of routed protocols are IP, IPX, AppleTalk. 2. There are broadly three types of routing protocols: 2.1. Distance Vector (Number of hops) - Distance vector routing determines the direction (vector) and distance to any link in the internetwork. Typically, the smaller the metric, the better the path. EX: Examples of distance vector protocols are RIP and IGRP. Distance vector routing is useful for smaller networks. The limitation is that any route which is greater than 15 hops is considered unreachable. One important thing that differentiates distance vector with Link state is that distance vector listens to second hand information to learn routing tables whereas, Link state builds its routing tables from first hand information. Distance vector algorithms call for each router to send its entire routing table to each of its adjacent neighbors. 2.2. Link State Routing: Link State algorithms are also known as Shortest Path First (SPF) algorithms. SPF recreates the exact topology of the entire network for route computation by listening at the first hand information. Link State takes bandwidth into account using a cost metric. Link State protocols only send updates when a change occurs, which makes them more attractive for larger networks. Bandwidth and delay are the most heavily weighed parts of the metric when using Link-State protocols. EX: OSPF and NLSP. Benefits of Link State protocols: · Allows for a larger scalable network · Reduces convergence time · Allows “supernetting” 3. Balanced Hybrid - Balanced Hybrid combines some aspects of Link State and Distance Vector routing protocols. Balanced Hybrid uses distance vectors with more accurate metrics to determine the best paths to destination networks. EX: EIGRP. 3. Distance vector protocol depends only on Hop count to determine the nearest next hop for forwarding a packet. One obvious disadvantage is that, if you have a destination connected through two hops via T1 lines, and if the same destination is also connected through a single hop through a 64KBPS line, RIP assumes that the link through 64KBPS is the best path!

11 | P a g e

4. All RIP, RIP2, and IGRP use distance vector algorithms. · RIP2 transmits the subnet mask with each route. This feature allows VLSM (Variable Length Subnet Masks) by passing the mask along with each route so that the subnet is exactly defined. 5. In RIP, after route convergence, all routes are distributed to the neighbors by a router. 6. Maximum hop count supported by RIP is 15. A hop count of 16 or greater is considered unreachable. 7. The command syntax for configuring RIP version1 on a router is: · Router rip Network Note that the network numbers are specified as either class A, or Class B or Class C; and contain no subnetting information. Example: 7.1. Router rip 7.2. Network 7.3. Network

NAT 1. Given below are the four important forms of NAT (Network Address Translation): 1.1. Static NAT: It is a one-to-one mapping between an unregistered IP address and a registered IP address. 1.2. Dynamic NAT: Usually, Dynamic NAT is implemented, where a pool of public IP addresses is shared by an entire private IP subnet. When a private host initiates a connection, a public IP address is selected. The mapping of the computer’s non-routable IP address matched to the selected IP address is stored in the NAT Table. As long as the outgoing connection is maintained, the private host can be reached by incoming packets sent to the specified public address. When the binding expires, the address is returned to the pool for reuse. 1.3. Overloading: A variation of Dynamic NAT, also known as Network Address Port Translation (NAPT) maps multiple unregistered IP addresses to a single registered IP address by multiplexing streams differentiated by the TCP/UDP port number. 1.4. Overlapping: When Overlapping is employed, the IP addresses used on the internal network are registered IP addresses utilized on another network. To avoid conflict, a NAT Table is built to translate these redundant internal addresses to a unique IP address. Vice versa, when sending packets into the private network, the registered addresses must be translated to an address unique in the network. 2. Important Network Address Translation (NAT) terms of inside local, inside global, outside local, and outside global are explained below: 2.1. Inside local: A private IP address assigned to a host on the inside network. 2.2. Inside global: A public IP address that represents one or more inside local IP addresses to the outside world. 2.3. Outside local: The IP address of an outside host as it appears to the inside network. Not necessarily a legitimate address, it is allocated from an address space routable on the inside. 2.4. Outside global: The IP address assigned to a host on the outside network. The address is allocated from a globally routable address or network space.

12 | P a g e

Switching 1. Switches are data link layer devices that enable multiple physical LAN segments to be interconnected into a single larger network. Two widely used switching methods are storeand-forward switching and cut-through switching. 2. Switches forward packets based on the physical address (such as MAC address) whereas, routers forward packets based on logical address (such as IP address). A frame’s MAC address doesn’t change when being forwarded through a switch. 3. Important types of switching used in Cisco devices: · Store-and-Forward switching: Here the LAN switch copies the entire frame into its buffers and computes the CRC. The frame is discarded if there are any CRC errors. Giant (more than 1518 bytes0 and Runt (less than 64 bytes) frames are also dropped, if found. 3.1. Cut-Through (Real-Time) switching: Here, the LAN switch copies only the destination address into its buffers. It immediately looks up the switching table and starts forwarding the frame. The latency is very less because, the frame is forwarded as soon as the destination address is resolved. 3.2. Fragment-Free switching: Here, the switch waits for the collision window before forwarding the entire frame. The collision window is 64 bytes long. 4. The Catalyst 1900 and 2820 series switches support three types of switching methods: 4.1. FastForward (Cut-through): In this type of switching, the packet is forwarded as soon as the destination address is read. This has least latency. 4.2. FragmentFree (Modified cut-through): This type of switching is useful when your network is experiencing large number of collisions. FragmentFree switching has a latency in between FastForward and the Store-and Forward. 4.3. Store-and-Forward: This method stores the entire frame and checks for errors before forwarding it on to another port. Store-and-forward has the highest latency compared with both FastForward and FragmentFree. The default switching method used by Catalyst 1900 series switches is FastForward. 5. In store-and-forward switching, an entire frame must be received before it is forwarded. This means that the latency through the switch is relative to the frame size—the larger the frame size, the longer the delay through the switch. Cut-through switching allows the switch to begin forwarding the frame when enough of the frame is received to make a forwarding decision. This reduces the latency through the switch. Store-and-forward switching gives the switch the opportunity to evaluate the frame for errors before forwarding it. This capability to not forward frames containing errors is one of the advantages of switches over hubs. Cutthrough switching does not offer this advantage, so the switch might forward frames containing errors. 6. The store and forward switch works by first receives the whole packet before retransmission. Cut-through switch mode retransmits a frame as soon as it reads the destination address. Fragment-free switch mode reads the first 64 bytes before retransmission. Therefore, the latency of cut-through and fragment-free switch modes is constant, whereas that of storeand-forward varies depending on the length of the packet. 7. Cisco 2950 Switch System LED: The system LED shows whether the system is receiving power and functioning properly. 7.1. LED Off: System is not powered up. 7.2. LED color is Green: System is operating normally. 7.3. LED color is Amber: System is receiving power but is not functioning properly. Note: The amber color on a Cisco2950 series switch indicates that the system is malfunctioning. 8. The purpose of port security is to prevent access to the LAN from un-authorized hosts. 9. If no matching MAC entry is found in the MAC table of a switch, the frame will be broadcast to all other ports except the port through which it had arrived. 10. The MAC address table of a switch would be empty to begin with. However, it builds the MAC table learning from the frames that arrive at its ports by adding the MAC address and the corresponding port that it had arrived to the MAC table. 11. Spanning Tree Protocol (STP) 802.1d is used to prevent routing loops. In Cisco Catalyst 5000 series switches, use BDPUs (Bridge Protocol Data Units) to determine the spanning

13 | P a g e

tree topology. STP uses a Tree Algorithm (STA) to prevent loops, resulting in a stable network topology.

Wireless concepts 1. Wired Equivalent Privacy (WEP) is a protocol used to secure IEEE 802.11 wireless networks. It is part of the IEEE 802.11 wireless networking standard. Wireless networks broadcast messages using radio, and therefore more susceptible to eavesdropping than wired networks. WEP was intended to provide confidentiality comparable to that of a traditional wired network. 2. Wi-Fi Protected Access (WPA and WPA2) is a class of systems to secure wireless (Wi-Fi) computer networks. WPA is forward compatible with the IEEE 802.11i standard, and was intended as an intermediate measure to take the place of WEP while 802.11i was prepared. 802.11i includes dynamic key exchange, stronger encryption, and user authentication. It is not backward compatible with WPA. The 802.11i standard is widely known as WPA2. 3. WPA stands for Wi-Fi Protected Access. The key features of the protocol are given below: 3.1. It supports both static and dynamic key distribution 3.2. It provides Device Authentication, as well as User Authentication. 3.3. It uses TKIP (Temporal Key Integrity Protocol) encryption for dynamic key exchange. Note that WPA2 uses AES encryption whereas WPA uses TKIP. AES encryption is a stronger encryption protocol. 3.4. WPA is forward compatible with WPA2.

Security 1. The following are the important characteristics of SDM: 1.1. SDM doesn’t use Telnet/SSH for communicating with the router. Actually, a web server will be running on the router, and the client software will be running on the host computer. 1.2. SDM uses web interface on a PC, and the user needs to connect to the router over an IP network and not through Console. 1.3. The configuration will be written to the router’s running configuration file only after the Finish button is pressed on the SDM wizard. Note that the configuration is not written to the start-up configuration. 1.4. SDM configuration wizard allows DHCP client services to be configured, with an option to add PAT services or not. 2. The Internet architecture provides an unregulated network path to attack innocent hosts. Denial-of-service (DoS) attacks exploit this to target mission-critical services. DoS attacks, are explicit attempts to block legitimate users system access by reducing system availability. Any physical or host-based intrusions are generally addressed through hardened security policies and authentication mechanisms. Although software patching defends against some attacks, it fails to safeguard against DoS flooding attacks, which exploit the unregulated forwarding of Internet packets.

14 | P a g e

Miscellaneous i. Cables 1. There are different types of cables: 1.1. Straight through cable: This is also known as patch cable. A straight through cable is used to connect a computer to a hub or a switch. 1.2. Crossover cable: A crossover cable is used to connect one computer to the other computer B without using a switch or hub. 1.3. Rollover cable: A rollover (also known as console cable) is used to connect to routers for configuration purpose. Note: You can’t connect the Ethernet port on PC to another Ethernet port on a router using a straight through cable. You need crossover cable for this purpose. Also, the PC need to have a network card, and appropriate networking protocol stack properly installed and configured. 2. For connecting a switch to another switch, a crossover cable is required. For connecting a host to a switch, a straight-through cable is used. For connecting a Cisco Router/Cisco Switch console port, a rollover cable is required. 3. 100BaseT (Fast Ethernet) uses IEEE803.2u standard which incorporates CSMA/CD protocol. 4. 10Base2, and 10Base5 use coaxial cable for transmission of digital signals. Therefore, it can’t support simultaneous transmission and reception. On the other hand, 10BaseT and 100BaseT use RJ-45 connectors and Cat 3/4/5 cables. These cables have multiple pairs of wires, and hence support full duplex transmission (Note that the other parts of the network should also support full duplex, like the network card). 5. In normal course, a DTE device is expected to communicated with a DCE device. In such event, the connections between the DCE and DTE devices is straight. However, if the communication need to happen between two DTEs or two DCEs, the signals need to be rolled. This is achieved by rolling the pins in the cable or in the DB-25 adapter. Typically, a DTE to DTE communication can be achieved by: 5.1. By connecting DTE to a rolled RJ-45 cable to a straight DB-25 adapter to DTE, OR 5.2. By connecting a straight RJ-45 cable to a rolled DB-25 adapter to DTE. Similarly, a DTE to DCE communication can be achieved by: 5.2.1.Connecting a DTE to a straight RJ-45 cable to a straight DB-25 adapter to DCE, OR 5.2.2.Connecting a rolled RJ-45 cable to a rolled DB-25 adapter to DCE. Note that rolling the signals twice is same as using straight through cables or adapters without any rolling at all. 6. The maximum allowed cable lengths are as given below: 6.1. 10Base5: 500 meters 6.2. 10Base2: 185 meters 6.3. 10BaseT: 100 meters 6.4. 100BaseT: 100 meters 6.5. 1000BaseT: 100 meters 7. The cable determines the DTE/DCE combination. The router with DCE cable needs to be configured with clock rate for proper functioning of the WAN link.

ii. ARP and RARP 1. ARP (Address Resolution Protocol): IP works at network layer. IP address is a logical address. If a packet is to be delivered to a destination machine, its physical address (MAC address) needs to be known. ARP is a protocol, which enables a machine to obtain its MAC address from a known IP address. 2. RARP (Reverse Address Resolution Protocol): RARP is used to obtain IP address from a known MAC address.

15 | P a g e

iii. Static and Default Routing 1. There are three ways a router learns how to forward a packet: 1.1. Static Routes - Configured by the administrator manually. The administrator must also update the table manually every time a change to the network takes place. Static routes are commonly used when routing from a network to a stub (a network with a single route) network. The command is ip route network mask address/interface [distance] ex: ip route Here, is the destination network or subnet is the subnet mask is the default gateway. 1.2. Default Routes - The default route (gateway of last resort) is used when a route is not known or is infeasible. The command is ip route The default gateway is set to 1.3. Dynamic Routes - As soon as dynamic routing is enabled, the routing tables are automatically updated. Dynamic routing uses broadcasts and multicasts to communicate with other routers. Each route entry includes a subnet number, the interface out to that subnet, and the IP address of the next router that should receive the packet. The commands to enable rip are: router rip network . 2. ISP router is normally configured with static route. 3. A static route is one that is hard coded into the routing tables. Here, the destination network/host, and the next hop information are entered by hand. A static route on a Cisco router is most commonly defined by using the command: Router(config)# ip route A.B.C.D (destination network/host) A.B.C.D (subnet mask) A.B.C.D (next hop) You can also use the port identifier such as e0, s1 etc. to define the next hop address. Optionally, the "distance metric" can be added at the end of the command to change the default weight. 4. The command to configure a static route to network from assuming that the default gateway is is: · ip route Syntax: ip route [administrative_distance] 5. Default route is used when there is no other known route to a given IP packet’s destination. Default route is also known as gateway of last resort. 6. The correct syntax for setting default route is: 6.1. Router(config)#ip route You can also set default route by specifying the interface as below: 6.2. Router(config)#ip route s0 The syntax is: · ip route

iv. WAN 1. WAN (Wide Area Network) devices extend the reach of LAN (Local Area Network) devices. WANT typically span over a wide area, such over multiple cities / countries. WANS are connected over serial lines that operate at lower speeds than LANs. Some of the WAN devices are: 1.1. Routers: Routers are responsible for routing the packets in an internetwork. 1.2. Modems: Modems connect to public telephone circuits through dial-up. 1.3. CSU/DSU: Stands for Channel Service Unit / Data Service Unit. CSU/DSUs are used for connecting to Central Office of a Telephone switching company and provides serial WAN connections.

16 | P a g e

1.4. Communication Servers: These are used for dial in/out to remote users. Provides RAS Remote Access Server) functionality. 1.5. Multiplexors (mux): Multiplexors combine two or more signals before transmitting on a single channel. Multiplexing can be done by sharing "time" or "frequency". 2. WANS are connected over serial lines and typically operate at lower speeds than LANs, and more expensive. Some of the WAN terms are: 2.1. Modems: Modems connect to public telephone circuits through dial-up. 2.2. CPE stands for Customer Premise Equipment. 2.3. Demarc: Demarcation point between carrier equipment and CPE. 3. Typical WAN interfaces, that one come across frequently are: EIA 232, EIA 449, EIA 530, V.35, and X.21. The Cisco router serial interface will be a 60-pin D-shell connector. This in turn is connected to service provider equipment, usually through a CSU/ DSU. Therefore, appropriate conversion cable need to be used when interfacing with a WAN device such a CSU/DSU. CSU/ DSU in turn is connected to the service provider through the cable supplied by the service provider. 4. You need to assign a different network number for each subnet. Also, you need to set aside one network number for each WAN connection.

v. Basic Utilities (ping, traceroute) 1. The syntax for ping command is: "ping " The following are possible responses to "ping" command: Ping Explanation - Response 1.1. 1.2. 1.3. 1.4. 1.5. 1.6.

U destination Unreachable C Congestion experienced ! Successful receipt of echo reply . Time out ? Packet type unknown & Packet time to live exceeded

Note: Ping sends ECMP echo. Ping can be used with almost any type of Network layer protocols including IPX, IP, VINES, AppleTalk etc. 2. Trace command has syntax, "trace ip ". The trace command traces the path to the destination hop by hop. This is achieved by setting the TTL (Time To Live) to 1 for the first packet to send and increasing TTL. This causes the successive next hop devices to send a time out message. This message is used for finding out the route that the packet takes to reach the destination. Important Trace responses are: Trace Explanation – Response 2.1. 2.2. 2.3. 2.4. 2.5. 2.6.

P ……The Protocol was Unreachable N …… The Network was Unreachable U …… The port was Unreachable * …… The packet timed out !H ….. Could not be forwarded due to access list violation Tracert, Ping use ICMP as their base protocol.

3. ICMP (Internet Message Control Protocol) messages are used for basic error reporting between host to host, or host to gateway. It is not used for error reporting between Gateways. ICMP messages are encapsulated using the IP protocol. For example, the command “ping” uses ICMP protocol. In the OSI Reference model, ICMPs are generally

17 | P a g e

considered part of the IP layer. ICMP (Internet Control Message Protocol) sends an ICMP message if the destination is unreachable. Routers can make alternate route decisions based on ICMP messages, if appropriate.

vi. Others 1. HTTP is the protocol used for accessing the World Wide Web services. HTTP operates over TCP/IP. TCP/IP is the protocol, which is used by all internet applications such as WWW, FTP, Telnet etc. IPX/SPX is proprietary protocol stack of Novell NetWare. 2. If a properly configured workstation is unable to access the network information, it is likely that the DHCP information available with the client workstation had become obsolete. Issuing ipconfig command with /release and /renew commands will enable the client workstation to obtain latest changes to the DHCP server. 3. is the local loopback address defined by the Internet Protocol and used for by a host to ping itself to verify the IP connectivity. 4. Important Layer 2 LAN protocols types: 4.1. 802.3 - Layer 2 protocol that defines Ethernet CSMA/CD protocol 4.2. 802.5 - Layer 2 protocol that defines Token Ring protocol Note that 802.3, and 802.5 are examples of layer 2 LAN protocols, whereas, HDLC, PPP are examples of layer 2 WAN protocols. 5. A switch forms a single broadcast domain, whereas, it provides an independent collision domain for each port. Here, three ports of the switch are used, and hence it will have three collision domains. On the other hand, a Hub forms a single collision as well as a single broadcast domain. Therefore, the total number of broadcast domains in this case is two, and the total number of collision domains is four. 6. An administrative distance of 0 represents highest trustworthiness of the route. An administrative distance of 255 represents the lowest trustworthiness of the route. 7. Anytime that you hook up two end-devices like routers, PCs, print servers, etc. to one another, you'll need a crossover cable. A switch or hub already all have their ports crossed over, so hooking up an end-device to a switch uses a straight-through cable. When hooking up two switch ports together, you use a cross-over cable again. 8. BooTP (Bootstrap Protocol): When a diskless workstation is powered on, it broadcasts a BootP request on the network. A BooTP server responds with its IP address, Default gateway, etc. 9. Debugging output takes priority over other network traffic. Also, the debug all command generates more output than any other debug command, and it can severely affect the router's performance. In practically all cases, it is best to use more specific debug commands. Extended Service Set (ESS) is a set of two or more Basic Service Sets (BSSes) working together to form a single wireless network. Stations are able to move between BSS within a single ESS yet remain “connected” to the fixed network and so continue to receive emails etc. As a Station moves into a new BSS, it will carry out a re-association procedure with the new AP (Access Point). 10. For accessing a switch over IP network, you need to do some minimum configuration tasks using Console port on the switch. In the given question, the default gateway needs to be configured on the switch for accessing the management interface (VLAN1) from HostA. 11. For communicating between two hosts directly, you need a cross cable. Also, the subnet mask cannot accommodate the given IP addresses. Therefore, you need to change either the host IP addresses so that they are within a given subnet, or change the subnet address itself so that both the hosts are within the subnet. 12. For using full duplex Ethernet transmission, a switch is required. A Hub cannot support full duplex transmission. In full duplex mode, there will not be any frame collisions. 13. Frame tagging is a technique, where a unique identifier is tagged to each frame as it is forwarded through the switch fabric. 14. IANA (Internet Assigned Numbers Authority) is the organization under the Internet Architecture Board (IAB) of the Internet Society that oversees the allocation of Internet

18 | P a g e



17. 18.


20. 21.

Protocol addresses to Internet service providers (ISPs). ICANN (a non governmental organization) has now assumed responsibility for the tasks formerly performed by IANA. ISPs in turn allot IP addresses to small companies, and businesses. In "ad-hoc" or Independent Basic Service Set (IBSS) configuration there is no backbone infrastructure. An IBSS is one BSS or Basic Service Set. Mobiles can talk to each other without the use of an Access Point (AP). In the Extended Service Set (ESS) configuration, there will be two or more Access Points (APs), and users can freely roam between the Access Points without any disconnection or reconfiguration. BSS will use only one Access Point. In Carrier Sense Multiple Access with Collision Detection (CSMA/CD), a node transmits only after listening to the media, and ensuring that no transmission is taking place. Further, sending nodes detect when a collision occurs and stop transmitting immediately, backing off for a random amount of time before trying again. This results in efficient use of the media since the bandwidth of transmitting the entire frame is not wasted. In Cisco routers, the interfaces are “administratively down” by default. You need to enable an interface to use it. Internet connectivity is normally achieved using a WAN connection. Therefore, you need a serial port for connecting to the Internet. On the other hand, a switch normally requires an Ethernet port for connectivity. IP is the protocol that works at Internet layer. It forwards the packets based on the network address (IP address) in the packets and the routing tables. IP Packets are transported from source network to the destination network by what is known as routing. Hop-by-hop routing model is used by the Internet for delivery of packets. At each hop, the destination IP address is examined, the best next hop is determined by the routing protocol (such as RIP, OSPF or BGP) and the packet is forwarded by one more hop through this route. The same process takes place at the next hop. During this process, the logical addresses remain same. In an IP network, the logical addresses are IP addresses. The hardware interface addresses, such as MAC address change with each hop. IP RIP based networks send the complete routing table during update. The default update interval is 30 seconds. ISL, 802.1Q are the VLAN trunking protocols associated with Fast Ethernet. The VLAN trunking protocol defined by 802.10 is associated with FDDI. LANE (LAN Emulation) is associated with ATM.

Bibliography CertExams Website: (there is no author or year of publication on this site).

19 | P a g e

View more...


Copyright ©2017 KUPDF Inc.