Andrew CrouthamelCisco CCNA Training Notes SOLD TO THE FINE [email protected] Cisco CCNA Routing and Switching Training Notes 100-101 ICND1, 100-102 ICND2 200-120 CCNA Andrew Crouthamel 1 Andrew Crouthamel Cisco CCNA Training Notes Table of Contents Table of Contents About ShrikeCast and Andrew Crouthamel About Cisco Certification and CCNA Useful Networking Tools and Learning Resources When do I use a Network? What are Networks? The History of the Internet How the Internet is Designed How to Communicate Sizes of Networks Protocols OSI and TCP/IP Models All About Applications Common Protocols Roles of the Transport Layer TCP and UDP Protocols Internet Protocol and IPv4 Networks and Subnets Introduction to Routing IPv4 Basics IPv4 Address Types IPv4 Subnetting IPv6 Addressing Basics IPv6 Unicast and Multicast IPv6 Testing Connections Data Link Layer Basics Physical Layer Basics Network Media Topology Basics Ethernet Basics Address Resolution Protocol (ARP) Switch Basics IOS Device Basics IOS Command Basics Switch Configuration Basics Switch Security Basics Switch Port Security VLAN Basics 2 Andrew Crouthamel Cisco CCNA Training Notes Creating VLANs VLAN Trunks VLAN Security Layer 3 Switching Routing Basics Routing Table Basics Router-on-a-stick Configuration Static Routing Basics Static Routing Configuration Dynamic Routing Protocols Basics Distance Vector Routing Protocols RIP Configuration Open Shortest Path First (OSPF) OSPFv2 Single-Area Configuration OSPF Multi-Area Basics OSPF Multi-Area Configuration EIGRP Basics EIGRP Configuration EIGRP Metrics and DUAL EIGRP Tuning and Security Access Control Lists (ACLs) Standard IPv4 ACL Configuration Extended IPv4 ACL Configuration Dynamic Host Configuration Protocol (DHCP) DHCP Configuration Network Address Translation (NAT) NAT Configuration Spanning Tree Protocol (STP) Spanning Tree Configuration Redundancy Protocols Link Aggregation Basics Wireless Basics and Security IOS Naming Scheme IOS Licensing WAN Basics Serial Point-to-Point WAN Encapsulation PPP Configuration Frame Relay Basics Frame Relay Configuration PPPoE Configuration VPN Basics GRE Tunnel Configuration 3 all certifications update ● CCNA ○ 100-101 ICND1 (CCENT) ■ Modules 1 & 2 of Cisco Networking Academy ■ AND ○ 200-101 ICND2 (CCNA) ■ Modules 3 & 4 of Cisco Networking Academy ■ OR ○ 200-120 CCNA (ICND1 & ICND2) ■ Modules 1 & 2 & 3 & 4 of Cisco Networking Academy .Andrew Crouthamel Cisco CCNA Training Notes 4 Syslog Basics SNMP Basics NetFlow Basics Credits About ShrikeCast and Andrew Crouthamel ● Started in 2011 to share IT knowledge ● Shrike comes from the bird ○ Impales insect and small mammals on spikes to help it rip apart and preserve for later ● Andrew has been in IT for 10 years now ○ CCNA ○ CCNA Security ○ CCAI ○ VCP5 ○ CompTIA Security+ ○ CompTIA Network+ ○ CompTIA A+ ● Majority has been involved in networking and security ● LinkedIn: http://www.com/in/andrewcrouthamel/ About Cisco Certification and CCNA ● Current Cisco Certification Levels ○ Entry ○ Associate ○ Professional ○ Expert ○ Architect ● Cisco Certification Tree ● Recertification policy ○ Pass one test from same level or above.linkedin. com/ ● GNS Labs .net/ ● Angry IP Scanner .http://kitty.Andrew Crouthamel Cisco CCNA Training Notes Useful Networking Tools and Learning Resources ● Wireshark .greenend.org ● Packet Tracer http://www.cisco.chiark.com/ When do I use a Network? ● World economies going global ● Instant communications across the world ○ Facebook ○ Twitter ● TV.angryip.9bis.html ● GNS3 .com/web/learning/netacad/course_catalog/PacketTracer.org/ ● Cisco Learning Network . Phone.net/ ● TFTP32 .http://tftpd32.http://gns3vault.org.wireshark.cisco.http://www.http://www.gns3.net ● PuTTY .https://learningnetwork.http://www. everything uses networks ○ Smartphones ● Communications ○ Social Networks ○ News ○ Blogs ○ Internet Radio ○ Podcasts ○ Instant Messaging ○ Wikis ○ VoIP ○ eBooks (rise of Kindle and self-publishing) ● Banking ● Shopping ○ Mail order catalogs ○ Traditional stores ○ Auction sites ■ eBay ● Education revolution ○ Online classes ○ Online colleges 5 .uk/~sgtatham/putty/ ● KiTTY . Internet.jounin.http://www. Andrew Crouthamel Cisco CCNA Training Notes ○ Coursera & Udacity ● Business needs ○ Remote access ■ IPsec ■ SSL-VPN ○ Connections between locations ■ Site-to-site IPsec VPN ● Gaming ○ Online game matches ■ Xbox Live ■ PSN ○ Online distribution ■ Steam ○ Rise of independent developers and publishing ● Internet of Things ○ No longer PCs. greater chance of corruption ○ Size of data packages needs to be determined ○ Reliability is key now ● Network elements ○ Rules (Protocols) ■ HTTP/HTTPS ■ SMTP ■ POP ■ XMPP ■ OSCAR ■ SIP ■ FTP ■ Telnet ■ SSH 6 . everything getting connected ■ QoS important What are Networks? ● Communication needs ○ Sender and receiver ○ Method ○ Language ○ Speed ○ Confirmation ● Quality ○ Acceptable quality needs to be determined ○ More times data is transmitted. TCP/IP protocols ■ Shut down around 1985 with NSFNET introduction ● 1980s ○ CSNET (Computer Science Network) ■ 1981-1984 ■ Project of National Science Foundation ■ Used to connect institutions that could not get funding or authorization to connect directly into ARPANET ■ Rose awareness for the national network ○ NSFNET (National Science Foundation Network) ■ 1985-1995 ■ Project of National Science Foundation ■ Provide connections for researchers to supercomputers funded by NSF ■ Started with a 56Kbps backbone. OC3. then to a 45Mbps T3. OC48 . OC12. military later ■ Military split off with MILNET in 1983 ■ E-mail. FTP.Andrew Crouthamel Cisco CCNA Training Notes 7 ○ Medium ■ Wired ■ Wireless ○ Messages ■ Segments ■ Packets ■ Frames ○ Devices ■ Switches ■ Routers ● Network symbols ● Converged Networks The History of the Internet ● Victorian Internet ○ Telegraph (1830-40s) ○ Submarine cables (1850s-60s) ○ Gave rise to phone networks ● Began in 1950s ○ Mainframe computer connections ● Late 1960s into 1980s ○ ARPANET (Advanced Research Projects Agency Network) ■ 1969-1985 (latest 1989) ■ Project of DARPA (Defense Advanced Research Projects Agency) ■ Connected universities at first. upgraded to 1.5Mbps T1. More common with dial-up ■ Lease from T2 ● Convergence ○ QoS (Quality of Service) ■ Classification ■ Priorities ■ Based on traffic type.Regional . protocol ● UDP .Backbone ISPs ■ Own the cable ■ Verizon ■ Sprint ■ AT&T ○ T2 .Andrew Crouthamel Cisco CCNA Training Notes 8 ■ BGP protocol ■ Commercial ISPs started around this time.less sensitive ○ HTTP ○ FTP ● Network Security ○ Confidentiality ○ Integrity ○ Availability ● Future of Networking ○ Convergence . transitioning traffic to several commercial backbone networks ● MCI ● Sprint How the Internet is Designed ● Circuit Switching ● Packet Switching ● Tiered ISP structure ○ T1 .more sensitive ○ VoIP ○ Video ● TCP .Local .Tier 1 .Common ISPs ■ Lease from T1 ○ T3 . using the NSFNET to route traffic ● 1990s ○ Internet ■ April 30. 1995 the original NSFNET Backbone Service was decommissioned. 264) ■ VoIP (SIP) Sizes of Networks ● Terminology varies ● PAN (Personal Area Network) ● LAN (Local Area Network) ○ Homes .Andrew Crouthamel Cisco CCNA Training Notes 9 ○ Mobility ○ Security How to Communicate ● Parts needed for communicating ○ Source ○ Encoder ○ Transmitter ○ Medium ○ Receiver ○ Decoder ○ Destination ● Segmentation ○ Breaking up data into smaller pieces ● Multiplexing ○ Having several communications on the same medium ● Components ○ Devices ■ End devices ● Generate and receive the data ■ Intermediary devices ● Help determine where data needs to go based on addresses in data ○ Media ■ Copper ■ Fiber ■ Radio ■ Each has its own encoding method ○ Services ■ Web (HTTP) ■ Files (FTP) ■ Video (H. Andrew Crouthamel ● ● ● ● ● ● ● ● Cisco CCNA Training Notes ○ Businesses ○ Buildings MAN (Metropolitan Area Network) WAN (Wide Area Network) ○ Connects LANs together Internet is a network of networks on a global scale ○ Called an Internetwork ○ ISP (Internet Service Provider) Intranet is a network of networks in a single organization NIC (Network Interface Card) ○ Adapter in a host device to connect to network Physical Port ○ Also known as a jack. where cable plugs into on wall Interface ○ Name of a NIC on an intermediary device Network symbols Protocols ● ● ● ● ● ● Protocols are rules on how to communicate Format of message How to share information Error handling Setup and termination of sessions Most are ratified by organizations such as ○ IEEE (Institute of Electrical and Electronics Engineers) ■ Usually media specifications and standards ○ IETF (Internet Engineering Task Force) ■ Usually protocols ■ RFC (Requests For Comments) ● Sometimes they are grouped into suites or stacks ● Examples ○ HTTP (Hypertext Transfer Protocol) ■ Application Protocol ○ TCP (Transmission Control Protocol) ■ Transport Protocol ○ IP (Internet Protocol) ■ Network Protocol ● Protocols work together to accomplish communications 10 . Data ○ Transport Layer .Logical Addresses (IP Addresses) ○ Data Link .Bits ● Most layers encapsulate the previous layer with more data ● OSI Model ○ ISO (International Organization for Standardization) ○ 7 .Network ○ 2 . as data gets to each layer.Presentation ○ 5 .Physical ○ OSI Model layers are often referred to by their number ● Most layers have an addressing method ○ Transport .Packet ○ Data Link .Frame ○ Physical .Data Link ○ 1 .Physical Addresses (MAC Addresses) ● As data goes down the layers. then back up the model at the receiver ● At each layer data is called a PDU (Protocol Data Unit) ● Specific layer terminology ○ Application Layer .Ports ○ Network .Segment ○ Network Layer .Session ○ 4 . the destination address for that layer is .Andrew Crouthamel Cisco CCNA Training Notes 11 OSI and TCP/IP Models ● Layered approach helps protocols work together ● Protocol Models ○ TCP/IP Model ● Reference Models ○ OSI Model ● TCP/IP Model ○ IETF (Internet Engineering Task Force) ○ Application ○ Transport ○ Internet ○ Network Access ● Data goes down the model to the media. it is encapsulated and new addresses specific to that layer are added on ● Intermediary devices read the destination addresses to determine where to send the data ● On a receiving device.Transport ○ 3 .Application ○ 6 . Andrew Crouthamel Cisco CCNA Training Notes 12 read and the data is decapsulated from that layer ○ Decapsulated . connections from one device to another ● Application examples ○ DNS ○ HTTP ○ SMTP ○ FTP ○ Telnet ● Protocols.Rip off the header ● Then data is sent to the next layer up All About Applications ● Applications are the software and services on a computer ○ Often includes Presentation and Session layers as the TCP/IP model has ● Presentation Layer ○ Conversion of data to make it useful for layers below ○ Compression of data ○ Encryption/decryption ○ File formats are good examples of the Presentation Layer ● Session Layer ○ Creates and tears down sessions. Applications. and Services can all be the same name ○ Telnet ○ SCP ○ TFTP ● Processes on your computer are applications ○ Some use network connections ■ taskmgr ■ netstat -an ● Protocols ○ Message types ○ Message syntax ○ Message transit methods ● Client-server model ○ Client is the one making the request ■ Good example is a personal PC running a client such as a web browser ○ Server is the one responding to requests ■ Running the services ● Also called daemons ■ Good example is a server PC running Apache ○ Servers can have client software on them ○ Peer-to-Peer Model . only for E-mail servers Client and servers will check their host files first. then DNS cache. if not both end up running as a server and a client.TCP Ports 20 and 21. and TCP Ports 137 and 139 ○ TFTP (Trivial File Transfer Protocol) .TCP port 443 ○ SMTP (Simple Mail Transfer Protocol) .TCP Port 22 ○ FTP (File Transfer Protocol) .UDP Ports 67 and 68 ○ SMB (Server Message Block)/CIFS (Common Internet File System) . only then checking network servers ipconfig /displaydns ipconfig /flushdns Hierarchy system ■ Root servers . or 21 and random port ○ DHCP (Dynamic Host Configuration Protocol) .TCP/UDP Port 53 ○ HTTP (Hypertext Transfer Protocol) . ■ Can create a network Peer-to-Peer with a crossover cable Common Protocols ● Protocols to know ○ DNS (Domain Name System) .TCP Port 110 ○ Telnet .Andrew Crouthamel Cisco CCNA Training Notes 13 ■ One of.Records of top-level domain servers ● Also known as the Root Hint servers .TCP Port 80 ○ HTTPS (Hypertext Transfer Protocol over SSL or Hypertext Transfer Protocol Secure) . device IP address ■ NS .UDP Ports 161 and 162 ● DNS ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Very old protocol but one of the most important protocols in use today Modern technologies such as VMware rely heavily on it Resolves domain names to IP addresses DNS resolution is done before data connection to server for a service is initiated Required for the World Wide Web to work nslookup Record types ■ A (IPv4) or AAAA (for IPv6) .TCP Port 445 or UDP Ports 137 and 138.TCP Port 25 ○ POP (Post Office Protocol) .Generic record.Canonical name.Mail exchange record.TCP Port 23 ○ SSH . also known as an alias ● Often used for web servers so multiple websites can be hosted on the same IP ■ MX .UDP Port 69 ○ SNMP (Simple Network Management Protocol .Name server record ■ CNAME . html is often hidden from the URL) ○ GET.co.com. ■ Second-level domain servers ● andrewcrouthamel.uk. POST.Andrew Crouthamel Cisco CCNA Training Notes 14 ■ Top-level domain servers .Creates connection to mail server ■ EHLO .com. . .org.Message body ○ SMTP is for sending mail from a client and inter-MTA transfers ○ POP is for receiving mail to a client from a MDA ○ Secure options now.com. PUT message types ○ Secure version HTTPS ● SMTP/POP ○ Also very old protocols ○ Used for sending/receiving E-mail ○ Clients are known as MUA (Mail User Agent) ○ MDA (Mail Delivery Agent) is the server that actually sends the data back to the client and often stores the mailbox data ○ MTA (Mail Transfer Agent) is a mail routing server to get mail to the correct MDA ○ SMTP Commands ■ HELO . runs on other ports ● Telnet ○ Allows for CLI (Command-Line Interface) access ■ Also known as “terminal access” ■ Used to access routers. ● HTTP ○ Also very old protocol ○ The World Wide Web (which runs on the Internet) is mostly run by HTTP ○ Web browsers download and interpret HTTP and other protocols and languages to display web pages ○ Transmits HTML or similar files (index. etc.Sender address ■ RCPT TO .Newer version of HELO ■ MAIL FROM . switches.Records of second-level domain servers ● . HTTP later had that capability added ○ FTP is often the fastest method of transferring a file ○ Two modes ■ Active .Ports 20 and 21 .Recipient address ■ DATA . ○ Commands and data are plaintext ○ Secure version is SSH ● SSH ○ Secure Shell ○ Provides encryption for CLI access ● FTP ○ Also very old protocol ○ Designed for sending and receiving files. . etc. servers.net. etc. youtube. disk usage. transferring files or configurations to or from devices ○ TFTP32 SNMP ○ Used for retrieving and setting values on computers.Ports 21 and random ● Control on 21 ● Data on random ○ Secure version is SFTP or FTPS DHCP ○ Originally BOOTP ○ Allows a client to automatically get an IP address and other information ○ Messages ■ Discover ■ Offer ■ Request ■ Acknowledge SMB/CIFS ○ Originally SMB. anything ○ Writing values via SNMP is commonly considered insecure and a bad idea ○ Reading values via SNMP is very common on a timed interval for retrieving health information from a device (CPU usage. networking equipment. memory usage. data is broken up into PDUs called segments ○ This is done to enable multiplexing and increase transmission reliability ● Establishes sessions using stateful communication protocols such as TCP .) ○ MRTG and Zenoss Roles of the Transport Layer ● ● ● ● 15 Provides segmentation and control of data Reassembles data at receiving end Identifies applications and services based on port number After being sent from above layers. etc.Andrew Crouthamel ● ● ● ● Cisco CCNA Training Notes ● Control on 21 ● Data on 20 ■ Passive . or CIFS natively ○ Often used for file transfers and printer sharing ○ Default file transfer protocol for Windows ○ Usually slow and considered bloated ■ FTP is almost always many times faster TFTP ○ Commonly used for router or switch maintenance. now CIFS ○ Microsoft protocol ○ Linux can speak it with Samba for SMB. it can track incoming data.Finish connection ● Three-way handshake ○ SYN ○ SYN/ACK ○ ACK .0-1023 ■ Most common applications and services are in here ■ Doom 666 ○ Registered Ports .Acknowledgement ○ PSH .Reset connection ○ SYN .Push ○ RST . etc. keep note on what it received. but slower data transmissions (HTTP. DNS. FTP.) UDP good for unreliable. each window or tab has its own randomly generated port number ● Port Numbers ○ Assigned by IANA (Internet Assigned Numbers Authority) ○ Well Known Ports . so returning data can be routed to the correct application ○ Web browsers are a good example.Synchronize sequence numbers ○ FIN . but faster data transmissions (VoIP.1024-49151 ■ Other common services and games ■ Sometimes used as dynamic ports on a client ○ Dynamic/Private Ports .) With TCP.Urgent ○ ACK . acknowledge those receipts and force retransmission of missed segments ● Clients often generate a random port number per application when communicating to a server. etc.49152-65535 ■ Also known as ephemeral ports ■ Free-for-all ■ Commonly used as dynamic ports on a client ● DNS uses UDP and TCP ○ UDP for requests and responses ○ TCP for zone transfers between servers TCP and UDP Protocols ● Connection oriented communications ● TCP provides reliability to communications with an added overhead ● Options field ○ URG .Andrew Crouthamel Cisco CCNA Training Notes ● ● ● ● ● ● 16 Provides reliable delivery using protocols such as TCP Can re arrange data into proper order if received out of order Flow control TCP good for reliability. it waits until a timeout for the acknowledgement to determine that a segment was missed ● Flow control ○ Window size is the amount of bytes sent before and Acknowledgement is sent ○ Window size can be adjusted on the fly if there are bottlenecks at one side ○ If both sides support SACK (Selective Acknowledgements). the entire window size will be retransmitted ● UDP ○ Connectionless communications ○ UDP provides unreliable communications without much overhead ○ No reassembly if received out of order. only the missing segment is retransmitted ■ Otherwise. called FRR (Fast Retransmit and Recovery) ■ Otherwise.Andrew Crouthamel Cisco CCNA Training Notes 17 ● Four-way session teardown ○ FIN ○ ACK ○ FIN ○ ACK ● Reassembly ○ Packets can take various routes to get to destination ○ Sometimes they arrive out of order ○ Acknowledgement numbers during data transmission reflect how many bytes were sent ○ Acknowledgements usually happen after several packets are sent ○ If segment never received. which is common. will often harass the sender for missing segment. segments are passed up the layers as-is ○ Lost or damaged segments are not re sent ○ Sometimes the above two are handled via software to provide pseudo-TCP functionality with UDP Internet Protocol and IPv4 ● Layer 3 provides ○ Addressing ○ Encapsulation ○ Routing ○ Decapsulation ● Layer 3 Protocols ○ IPv4 (Internet Protocol version 4) ○ IPv6 (Internet Protocol version 6) ○ IPX (Novell Internetwork Packet Exchange) ○ AppleTalk ● Properties . UDP ○ Fragment Offset ■ If a packet is fragmented.ICMP ● 06 .TCP ● 17 . then encapsulates IP header onto it ● IPv4 Header ○ Source Address ■ 32-bit binary number assigned to source NIC ○ Destination Address ■ 32-bit binary number assigned to destination NIC ○ TTL (Time-to-Live) ■ 8-bit binary value that defines how many “hops” the packet can take before being dropped ● Starts high. the offset is used to determine how to reconstruct the data Networks and Subnets ● Many sizes and design options to choose from for your networks ● Networks can be broken down by ○ Location ○ Department ○ Collaboration ● Reasons for networks and subnetting ○ Logical separation ○ Security ○ Broadcast traffic reduction ○ Address management ● IP addresses are broken into Network and Host portions ○ The subnet mask (also known as bit mask) determines where the separation occurs . counts down to 0 ○ ToS (Type-of-Service) ■ 8-bit binary value used for Quality of Service ○ Protocol ■ 8-bit binary value used to define the Layer 4 protocol in use ● 01 .Relies on Layer 4 ○ Media Independent .Relies on Layer 4 ○ Best Effort .Andrew Crouthamel Cisco CCNA Training Notes 18 ○ Connectionless .Relies on Layer 2 ● MTU is a Layer 2 setting which gets passed up to Layer 3 so it can determine how large packets need to be ○ If a router or other device receives a packet that is too large it usually will fragment ● Takes Layer 4 segment and header. which is the same as a Default Gateway. converted to decimal.0/0 for destiantion network ○ If there is no route match and no Default Route. with a dot between each ○ 11000000101010000000000100000001 turns into . packets are discarded ● Routing process (for every packet) ○ Decapsulate (rip off) Layer 2 ○ Read the destination IP in the Layer 3 header ○ Check routing table ○ Encapsulate Layer 2 ● Routing protocols allow routers to share route information ○ They add dynamic routes into the routing table ○ Routing protocols learned in CCNA ■ RIP (Routing Information Protocol) ■ EIGRP (Enhanced Interior Gateway Routing Protocol) ■ OSPF (Open Shortest Path First) ● Routes that are manually entered by an administrator are known as static routes IPv4 Basics ● 32-bit address ● Notated in dotted decimal format ○ Four groups of 8 bits.Andrew Crouthamel Cisco CCNA Training Notes 19 Introduction to Routing ● Gateways and routing are required to communicate between networks ○ Any devices on the same network can communicate without the need for a router ● Routers read the IP addresses in the header to determine where traffic needs to go when routing between networks ● Default gateways are the escape point for a network.0. route delete ○ Intermediary devices such as routers have either static or dynamic routes in them ○ Routes have three basic parts ■ Destination network ■ Next-hop or Exit interface ■ Metric ○ Many routers have a Default Route. route add. each device should have only one configured ○ ipconfig or ipconfig /all ● Routes determine who to send traffic to for a certain network ○ End devices can have static routes added ■ route print.0. also known as the Gateway of Last Resort ■ Often shows 0. it gives you a subnet mask. reserved and cannot be used by a host ○ Common way to refer to a network by “name” ● Broadcast Address ○ Last IP of a network.1. ○ Important for subnetting and Classless Inter-Domain Routing (CIDR.1.00000001.10101000.0 /26 network” ● Calculating Addresses ○ Number of prefix bits starts from the left and is called the network bits ○ The remaining bits on the right side are called the host bits ○ All 0’s on the host bits is the network address ○ All 1’s on the host bits is the broadcast address .00000001 which turns into 192. “It’s the 10. ex. reserved and cannot be used by a host ○ All hosts respond to traffic on this IP ● Host Address ● Network Prefixes ○ Prefix length is the number of bits in the network portion of the address ○ When converted to decimal.0.Andrew Crouthamel ● ● ● ● Cisco CCNA Training Notes 20 11000000.1 ○ Each 8-bit group is called an octet Often the network and host separation happens as one of the end of an octet Every 8 bits is also called a byte Binary to Decimal Conversion ○ Uses positional notation ■ 128 64 32 16 8 4 2 1 ■ 1 1 0 0 0 0 0 0 ■ = 192. 1 ■ Does 64 fit into 64? Yes. add up the positions ■ Binary is a base 2 numbering system so bits can only be on or off. 1 or 0 ○ Do binary to decimal conversion for each octet of an IP address to get dotted decimal notation Decimal to Binary Conversion ○ Same positional notation system as above but in reverse ○ Similar to long division from grade school ■ Does 128 fit into 192? Yes. pronounced see-dur) ○ Common to refer to a network combining the Network Address and Prefix. 0 ○ Do decimal to binary conversion for each octet of an IP address to get binary notation IPv4 Address Types ● Network Address ○ First IP of a network. 1 ■ Does 0 fit into 0? No.168. 254.0.one to many ■ Basic functionality is to be sent to all machines.0.Andrew Crouthamel Cisco CCNA Training Notes 21 ○ All remaining bits in-between are the usable addresses ○ Show example of IP address in binary with network/host division ● Packet Types ○ Unicast .0 ■ Catch-all for traffic.255. you will need to specially retransmit the traffic in your router (Bonjour has this problem) ■ Some situations have multicast clients register with a server or switch. used to test the driver/NIC (Network Interface Card) ■ Not routable ○ Link-Local .0.0. If you need to send multicast over VLANS/subnets.255.255 ■ RFC .168.0.255.0.1918 ■ Not routable on the Internet ■ NAT .0.0.1.one to one ○ Multicast .224.one to all ■ Limited broadcast .254 ■ RFC .255.0.255.255 .16.0/8.0. so traffic only goes to specific computers. but only certain machines listen and respond. 172. as well as translate between different IP subnets if needed ○ Public Addresses .0 to 255.255 .0.168.Gets forwarded by routers ● IP Ranges ○ Host Addresses .10.240.0 to 169.Network Address Translation.Does not get forwarded by routers ■ Directed broadcast .127.0.0.1 ■ Sends traffic to your own IP stack on the host you run it from.0/12 ■ RFC .1700.0. works like a limited broadcast.254.The remaining IPs from the Host Addresses.1700 ○ Experimental Addresses .192.255. 192.790 ○ Multicast Addresses .255 ■ Automatically self-assigned to a host when no DHCP (Dynamic Host .0 to 223.0/16.255.255.0.169. used as the route pointing to your “default gateway” or “gateway of last resort” ■ The reasoning for this will make more sense when we get into subnetting and the ANDing process ■ Not routable ○ Loopback .255.0. 3330 ■ Not routable ○ Private Addresses . minus the Private Addresses ● Special IPv4 Addresses ○ Default route . allows you to “hide” many private IPs behind a public IP.255 ■ RFC . like a bunch of unicasts ○ Broadcast .255.0 to 239.0. everyone used “Public IPs”.777.0. 254 hosts per net ○ Class D (multicast) ■ First octet 224-239 ○ Class E (reserved) ■ First octet 240-255 ● Now use classless subnetting to make smaller networks.097.Subnet was based on first octet and there was no Network Address Translation (NAT).2.255.534 hosts per net ○ Class C ■ First octet 192-223 ■ /24 .384 nets.0 ■ 2.214 hosts per net ○ Class B ■ First octet 128-191 ■ /16 . VLSM.0. etc ● Parts of a subnet ○ Network address ■ All host bits set to 0 ○ First host address ■ All host bits set to 0 except last host bit set to 1 .0. so one bit borrowed.2. 2 buts.Andrew Crouthamel Cisco CCNA Training Notes 22 Configuration Protocol) server is found ■ Also called the APIPA (Automatic Private IP Addressing) address ■ Not routable ○ TEST-NET Address . etc ● Good for logical or physical dividing of a network to simplify management and security ○ Access Control Lists (ACLs) ● Router (or Layer 3 switching) needed to communicate between subnets ● You have network bits and host bits in an address ● Prefix and subnet mask are same thing ○ Prefix refers to number of network bits ○ Subnet mask is dotted decimal conversion of the prefix ● Subnets are created by “borrowing” from the host bits ● Based on powers of two. 16.255.255 ■ Set aside for teaching purposes IPv4 Subnetting ● Used to have Classful Networking .0.150 nets.255.0.0 to 192. NAT. four subnets. ○ Class A ■ First octet 1-127 ■ /8 .255.192. 65.0 ■ 16. two subnets created.255.255.0 ■ 128 nets. 2^n-2 (n = number of host bits) ■ Hosts cannot use network and broadcast addresses ● Basic steps ○ Write binary placeholders down ○ Mark out the 1 and 0 bits for the network portion of an IP ○ Draw a vertical line after the last prefix bit ○ Count from 0 upwards by the placeholder to the left of the line ○ One can use these basic steps to either determine network address of an IP/prefix. or create properly sized subnets by counting up by the chosen placeholder ● Variable Length Subnet Masks (VLSM) ○ Same idea as classless subnetting. but you can subnet a subnet ○ Good for organization of IP schemes in large environments ○ Efficient.2^n (n = number of network bits) ■ n can also be number of bits borrowed to determine number of subnets created from existing network ○ Number of hosts . no wasting of IP space due to subnets that are too large and reduced broadcast issues IPv6 Addressing Basics ● Designed to solve IPv4 exhaustion ● 128-bit addressing ● Hexadecimal notation ○ Hex digits are 0-9 and A-F for 16 possible bits ○ Sets of 4 hex digits in 8 places ■ Separated by colons : ○ 4 hex digits = 16 binary digits ○ Leading zeros 0000:0000:000 can be truncated ○ One section of zeros can be truncated with two colons ■ 1234:0000:0000:0000:4321 ■ 1234::4321 ● Header simplified ● No dotted decimal subnet mask. only notated with prefix length ○ 1234:000:000:4321/64 .Andrew Crouthamel Cisco CCNA Training Notes 23 ○ Last host address ■ All host bits set to 1 except last host bit set to 0 ○ Broadcast address ■ All host bits set to 1 ● Formulas ○ Number of subnets .2^n (n = number of host bits) ■ Includes network and broadcast address ○ Number of valid hosts . Andrew Crouthamel Cisco CCNA Training Notes 24 ● Unicast ○ Uniquely identifies an interface on an IPv6 device. not routable ■ Used to communicate on same subnet ■ Used for routing protocol communication and default gateway address ○ Loopback ■ Same as IPv4 loopback. when borrowing host bits . routable addresses ■ Static or DHCP ○ Link-local ■ Unique only on same subnet. ○ Global unicast ■ Globally unique. to test the TCP/IP stack and NIC ■ Cannot be assigned to an interface ■ All zeros except last bit is 1 ● ::1/128 or ::1 ○ Unspecified address ■ Used as a source address when device does not yet have a permanent address or the source is irrelevant ■ Cannot be assigned to an interface ■ All zeros ● ::/128 or :: ○ Unique local ■ Similar to IPv4 RFC 1918 addresses ■ Used for local addressing at a location ■ Not routable to the global IPv6 ■ FC00::/7 to FDFF::/7 ■ Not recommended by the IETF to be used like IPv4 NAT/PAT ○ IPv4 embedded ■ Used for transition from IPv4 to IPv6 ● Multicast ○ Send to multiple destinations ● Anycast ○ A unicast address assigned to multiple devices ○ Packets sent to the anycast address are routed to the nearest device ● IPv6 Subnetting ○ Not done to conserve IPs but only for logical organization reasons ○ Can look cleaner since you can just count up in hexadecimal in the Subnet ID ■ 2001:0DB8:ACAD:0000::/64 ■ 2001:0DB8:ACAD:0001::/64 ■ 2001:0DB8:ACAD:0002::/64 ○ Can also borrow from the Interface ID like in IPv4. and default gateway address from the RA ■ SLAAC and DHCPv6 ● Device will use the prefix. prefix-length. and default gateway from an IPv6 router without DHCPv6 ○ Uses Router Advertisement (RA) messages (ICMPv6) ○ RAs are periodically sent to all IPv6 devices from routers ■ Every 200 seconds by default to the all-nodes multicast group ○ IPv6 devices do not have to wait for the RA messages ■ Can send a Router Solicitation (RS) message using the all-routers multicast group address ■ Router will then respond with a router advertisement ○ To enable a router for IPv6 routing “ipv6 unicast-routing” must be entered in global configuration ○ RA message will describe how to configure ■ SLAAC only ● Device will use the prefix. ipv6 address 2001:db8:abcd:1::1/64 ○ Can be provided dynamically ■ Stateless Address Autoconfiguration (SLAAC) ■ DHCPv6 ● Stateless Address Autoconfiguration (SLAAC) ○ Retrieve prefix. ■ Currently /48s are assigned to all individuals and companies ○ Subnet ID ■ Used by organizations ○ Interface ID ■ Same as the host portion of an IPv4 address ○ Configuration ■ Usually can use ipv6 instead of ip to configure ■ ex. prefix length. prefix-length.Andrew Crouthamel Cisco CCNA Training Notes 25 IPv6 Unicast and Multicast ● Global Unicast Addresses ○ Has three parts: ■ Global routing prefix ■ Subnet ID ■ Interface ID ○ Global Routing Prefix ■ Network portion of the address assigned by the provider. and default gateway address from the RA and obtain other parameters such as DNS servers from DHCPv6 ■ DHCPv6 only . but obtain all parameters from DHCPv6 ● DHCPv6 ○ Similar to DHCP in IPv4 ○ In the ICMPv6 RA ■ Option 1 specifies using SLAAC only ■ Option 2 specifies using SLAAC and DHCPv6 ■ Option 3 specifies using DHCPv6 only ○ With SLAAC only or SLAAC with DHCPv6. ipv6 address link-local-address 2001:db8:abcd:1::1/64 ● Verifying IPv6 Configuration ○ show interface ○ show ipv6 interface brief ○ show ipv6 route ● Multicast Addresses ○ Have the prefix FF00::/8 ○ Assigned multicast ■ Reserved addresses for group of devices ■ Used with specific protocols ■ FF02::1 .Andrew Crouthamel Cisco CCNA Training Notes 26 ● Device will not use information in the RA message. ■ 16-bits = FFFE ■ 24-bit OUI + 16-bit FFFE + 24-bit Device Identifier ● Dynamic Link-Local Addresses ○ Created using FE80::/10 prefix and the Interface ID ● Static Link-Local Addresses ○ ex.All-nodes multicast group ● All IPv6 devices join this group ● Acts like broadcast for IPv4 ● RA messages go to this group ■ FF02::2 All-routers multicast group ● All IPv6 routers join this group ● Acts like broadcast for IPv4 ● RS messages go to this group ● Solicited Node Multicast ○ Matches only the last 24 bits of the IPv6 global unicast address ○ FF02:0:0:0:0:FF00::/104 plus the last 24 bits of the IPv6 unicast address . the client must determine its own Interface ID using EUI-64 or generating a random number ● EUI-64 ○ Extended Unique Identifier (EUI) ○ Users the 48-bit Ethernet MAC address from the client and inserts 16 bits into the middle to create the Interface ID. host unreachable ■ 2 . it will send an NA in response . it discards and sends Time Exceeded to the source host ○ ICMPv6 is similar.port unreachable ○ ICMPv6 has similar Destination Unreachable messages ○ ICMPv4 Time Exceeded ■ Packet cannot be forwarded because TTL reached 0 ■ When a router receives and decrements the TTL to 0. it sends Time Exceeded but does not have TTL.Andrew Crouthamel Cisco CCNA Training Notes 27 IPv6 Testing Connections ● ICMP ○ Often used for testing ○ ICMPv4 Destination Unreachable ■ 0 . it uses the hop limit field ○ ICMPv4 Redirect Message ■ Notifies the host that a better route is available for a destination ○ ICMPv6 has the same message ○ ICMPv6 has four new protocols ■ Part of the Neighbor Discovery Protocol (ND/NDP) ● Router Solicitation ● Router Advertisement ● Neighbor Solicitation ● Neighbor Advertisement ■ Router Solicitation ● When a host uses SLAAC.network unreachable ■ 1 . address resolution is used to determine MAC of a destination ○ NS will be sent to the solicited node address ○ NA will be sent in response with MAC address ● To perform DAD ○ A device will send an NS with its own IP as the targeted address ○ If another device has it.protocol unreachable ■ 3 . providing parameters for a host ■ Neighbor Solicitation and Neighbor Advertisement ● Used for address resolution and Duplicate Address Detection (DAD) ● Similar to ARP. the host will send an RS message ■ Router Advertisement ● Sent by a router in response to an RS. ::1 ■ Test connectivity to other devices ● Either local (LAN) or external (WAN) ○ Traceroute ■ Uses the TTL of IPv4 and the hop limit of IPv6 to map the route a packet will take ■ TTL/hop limit will start at 1 ● First router will decrement and send a Time Exceeded ■ TTL/hop limit will then be set to 2 ● First router will decrement to 1.Andrew Crouthamel Cisco CCNA Training Notes 28 ● Testing Commands ○ Ping ■ Local loopback to test TCP/IP stack of device ● IPv4 .1 ● IPv6 . send a Time Exceeded ■ Process repeats until destination is reached ■ Traceroute application records this data and presents it as a printout to the user Data Link Layer Basics ● ● ● ● TCP/IP network access layer is the same as OSI Layers 1 and 2 Packages packets into frames Does media access control and error detection Two sublayers ○ Logical Link Control (LLC) ■ Identifies which protocol is used for the frame ■ Places identifier into the frame ○ Media Access Control (MAC) ■ Provides data link layer addressing ■ Delimiting of data according to physical signaling needs of medium to be transmitted across ● Can change for each link between each device from source to destination ○ ex.0. pass it on ● Second router will decrement to 0.127. Fiber -> Ethernet -> Frame Relay -> Wi-Fi ○ Encapsulates and de-encapsulates each hop ● Generally standardized and defined by a number of organizations.0. unlike higher level which is mostly by IETF ○ Institute of Electrical and Electronics Engineers (IEEE) ○ International Telecommunication Union (ITU) ○ International Organization for Standardization (ISO) ○ American National Standards Institute (ANSI) ● Header . 3 ○ Supports 10Mbps.2 and 802. what rules to follow Address ○ Only used on media link between two communicating devices ○ Specific to one interface on one device ■ Has to be unique Common protocols ○ Ethernet ○ Point-to-Point Protocol (PPP) ○ 802. application data Trailer ○ Control information for error detection at end of PDU ○ Transmitting device creates a cyclic redundancy check (CRC) and places it in the Frame Check Sequence (FCS) field ○ Receiving device calculates its own CRC and checks the FCS field if configured to do so ■ Drops frame if CRC is different Media Access Control ○ Topology ■ How the connections between devices is to operate ○ Media Sharing ■ How the devices share the media.Andrew Crouthamel ● ● ● ● ● ● Cisco CCNA Training Notes 29 ○ Control information in beginning of PDU ○ Fields ■ Start Frame ● Indicates beginning of frame ■ Source and Destination Address ● Indicates source and destination devices ■ Type ● Indicates upper layer service ■ Priority/Quality of Service ● Indicates a particular service level ■ Logical connection control ■ Physical link control ■ Flow control ■ Congestion control Data ○ IP header.11 Wireless ○ High-Level Data Link Control (HDLC) ○ Frame Relay Ethernet Frame ○ Most common LAN protocol ○ IEEE 802. transport layer header. 1Gbps. and 10Gbps ○ Uses CSMA/CD as the media access method . 100Mbps. 11 Wireless ○ Uses same 802. then further encoded and transmitted in certain patterns by the physical layer Three basic network media ○ Copper cable ■ Electrical pulses ○ Fiber-optic cable ■ Patterns of light ○ Wireless ■ Patterns for radio waves Many organization define physical layer standards . not IEEE standards ○ Uses logical connections between nodes to separate them from physical architecture ● 802.2 LLC and 48-bit addressing scheme as other 802 LANs ○ Uses CSMA/CA as the media access method ■ Slightly slower by design.Andrew Crouthamel Cisco CCNA Training Notes 30 ○ Uses Ethernet MAC address. nodes wait random amount of time before transmitting. hopefully preventing a collision ● This is because collision detection is not reliable on wireless Physical Layer Basics ● ● ● ● ● ● ● ● ● ● All communications need some sort of physical connection Can be wired. using radio waves of various of specifications Wired is the backbone of almost all networks ○ Requires switches to provide user connectivity Wireless is now very common ○ Requires Wireless Access Points (WAP) to support devices Many homes receive a home router from their ISP which will include wired and wireless functionality Network Interface Cards (NICs) connect a device to a network ○ Can be wired or wireless. placed into packets by the network layer. encapsulated as frames by the data link layer. than CSMA/CD for Ethernet ■ Uses a random backoff timer for all nodes wishing to transmit ● When airwaves become clear. 48 bit hexadecimal identifier ● Point-to-Point Protocol (PPP) ○ Used to deliver between two nodes ○ Used on many Serial WAN connections ○ Defined in RFCs. using electrical pulses with a cable of various specifications Can be wireless. supporting a variety of specifications Defines how to encode and transmit the bits of data from the upper layers over a specified media type ○ Data is segmented by the transport layer. Mbps or kb/s. type of traffic. such as 4B/5B or 8B/10B Asynchronous transmission ○ Transmitted without an associated clock signal. like ZIP files ○ Manchester encoding ■ A 0 is a high to low voltage transition ■ A 1 is a low to high voltage transition ■ Used by older versions of Ethernet ○ Non-Return to Zero (NRZ) ■ Either zero or one.Andrew Crouthamel ● ● ● ● ● ● ● ● Cisco CCNA Training Notes 31 ○ International Organization for Standardization (ISO) ○ Telecommunications Industry Association/Electronic Industries Association (TIA/EIA) ○ International Telecommunication Union (ITU) ○ American National Standards Institute (ANSI) ○ Institute of Electrical and Electronics Engineers (IEEE) ○ Federal Communication Commission (FCC) ○ European Telecommunications Standards Institute (ESTI) ○ Regional and local standards groups Comprised of physical components. same bandwidth capability) Goodput . hardware devices. no neutral position ■ A 0 and 1 represented by different specific voltages ■ Common encoding ○ Faster transmission methods use more advanced encoding methods. less bits can be used to represent a larger amount of bits ■ Think compression. latency affect throughput ○ Different protocols will have different throughputs on the same medium (and such. time spacing may be arbitrary ○ Requires start and stop flags Synchronous transmission ○ Transmitted with an associated clock signal Modulation ○ Frequency Modulation (FM) ○ Amplitude Modulation (AM) ○ Pulse-Coded Modulation (PCM) Bandwidth is the capacity of a medium to transmit data ○ Measured in bits per second ■ Kbps. Mb/s ○ Maximum bandwidth differs based upon physical media type Throughput ○ Measure of the transfer of bits over a medium during a period of time ○ Factors such as amount of traffic. media Data is taken and encoded into a defined pattern or code ○ Allows data to be more efficiently transmitted. such as host to host or switch to switch . such as host to switch ■ Crossover ● Used to connect similar devices together. used for connecting most devices.Andrew Crouthamel Cisco CCNA Training Notes 32 ○ Throughput minus traffic overhead Network Media ● Copper Cabling ○ Transmitted as electrical pulses ○ Interference ■ Electromagnetic Interference (EMI) ● Fluorescent lights ■ Radio Frequency Interference (RFI) ● Microwaves ■ Crosstalk ● Wires picking up electrical signals of adjacent neighbors ■ Use of twisted pairs and shielding combat interference ■ Separation of wires from EMI/RFI sources ○ Unshielded Twisted-Pair (UTP) ■ Four pairs of color-coded wires ○ Shielded Twisted-Pair (STP) ■ Same as UTP but with wire mesh or foil ● One option is to have foil or wire mesh surrounding the bundle of pairs ● Second option is to have foil or wire mesh surrounding each twisted pair and entire bundle of pairs ○ Coaxial Cable ■ Single copper conductor in center ■ Conductor surrounded by flexible plastic insulation ■ Plastic insulation surrounded by copper mesh ■ Copper mesh surrounded by a jacket ● UTP Cabling ○ Four pairs of color-coded wires twisted together and in a flexible plastic sheath ○ Cat 5 ○ Cat 5e ○ Cat 6 ○ Cat 6a ○ RJ-45 connection ○ Types of UTP ■ Straight-through ● Most common. Andrew Crouthamel Cisco CCNA Training Notes 33 ● Often no longer needed. supports both fiber types ■ Lucent Connector (LC) ● Gaining popularity. with Auto-MDIX functionality ■ Rollover ● Cisco cable used for console connection ● Fiber Optic Cabling ○ Made of glass fiber ○ Flexible but fragile. not restrained to a cable ■ Encryption now helps solve some of this problem . used for shorter distances ○ Connectors ■ Straight-Tip (ST) ● Older connector used with multimode ■ Subscriber Connector (SC) ● Very popular. cannot bend sharp corners ○ Immune to EMI and RFI ○ Uses ■ Backbone of larger networks ■ Fiber-to-the-home ■ Long distances ■ Underwater ○ Composition ■ Core . supports both fiber types ■ Many other types that are falling out of favor or now obsolete ○ Troubleshooting ■ Misalignment ■ End gap ■ End finish ● Wireless Media ○ Coverage is highly dependant on frequency used and material of walls and floors ○ Interference can be an issue as many devices operate on 2.Glass surrounding core and acts as a mirror ■ Jacket .Glass fiber ■ Cladding .PVC protection ○ Light pulses generated by two devices ■ Lasers ■ Light Emitting Diodes (LEDs) ○ Single-Mode fiber (SMF) ■ Uses laser ■ Often used for long distance runs ○ Multi-Mode fiber (MMF) ■ Uses LED ■ More economical.4 Ghz ○ Security is an issue due to all transmissions being out in the open. Andrew Crouthamel Cisco CCNA Training Notes 34 ○ IEEE Standards ■ 802.4 GHz ● 11 Mb/s ■ IEEE 802.11n ● 2.11 ● WLAN technology.16 ● Worldwide Interoperability for Microwave Access (WiMAX) ■ Each have their strengths and weaknesses ○ Wireless Access Points (APs) ■ Provides access for wireless devices.4 and 5 GHz ● 250 Mb/s and 1. firewall.11b ● 2. or other features. and 60 GHz ● 7 Gb/s Topology Basics ● Different Data Link protocols have different topologies ● Physical Topology ○ How devices physically are connected ● Logical Topology ○ How a network transfers frames from one device to the next ● WAN Topologies ○ Point-to-Point .11g ● 2.11a ● 5 GHz ● 54 Mb/s ■ IEEE 802.4 GHz.3 Gb/s ■ IEEE 802.4 or 5 GHz ● 100-600 Mb/s ■ IEEE 802. known as Wi-Fi. a pure AP does not provide DHCP.4 GHz ● 54 Mb/s ■ IEEE 802.11ad (WiGig) ● 2. ○ Wireless NIC adapters ■ Provides wireless functionality to devices ○ Wi-Fi Standards ■ IEEE 802. 5 GHz. has many variants (a/b/g/n/ac) ■ 802.11ac ● 2.15 ● WPAN technology. routing. known as Bluetooth ■ 802. One side talks at a time as the other listens ○ Full . when clear transmit is acceptable.Legacy Ethernet ○ Ring . when clear transmit is acceptable. If a collision of multiple transmits is detected.Andrew Crouthamel Cisco CCNA Training Notes 35 ■ Physical could be one cable interconnecting devices ■ Logical is similarly one connection between devices. Fiber Distributed Data Interface (FDDI) ● Duplex ○ Half .Token Ring. ● WiFi ○ Controlled access ■ Each node has a slot of time to use ● Token Ring ● Fiber Distributed Data Interface (FDDI) Ethernet Basics ● Most common LAN technology now ● Operates on Data Link layer ● Supports many speeds ○ 10 Mb/s .Both sides can talk at the same time and listen at the same time ○ 10/100 offered Half/Full. but could span physical connections ○ Hub and Spoke ■ ○ Mesh ● LAN Topologies ○ Star . meaning when enabled for Full they were really 20/200 ○ Gigabit is Full only ● Media Access Control methods ○ Contention-based access ■ All nodes compete for the use but have a method in place to deal with collisions (most modern networks) ■ Carrier sense multiple access with collision detection (CSMA/CD) ● Monitors for signal on the wire.Modern Ethernet ○ Extended Star .Modern Ethernet ○ Bus . all devices stop and wait a random amount of time to retransmit. ● Switching in modern networks eliminates the need for CSMA/CD due to the collision domain being limited between host and intermediary device ● Ethernet ■ Carrier sense multiple access with collision avoidance (CSMA/CA) ● Monitors for signal in the air. Andrew Crouthamel ● ● ● ● ● ● ● ● ● ● ● ● Cisco CCNA Training Notes 36 ○ 100 Mb/s ○ 1000 Mb/s (1 Gb/s) ○ 10.000 Mb/s (40 Gb/s) ○ 100.XXXX. 24 bit generated by vendor “burned into” NIC ○ Must be unique ○ Formatted with dashes.3 ■ Data encapsulation ● Frame delimiting in beginning ● Addressing with MAC address ○ 48 bits. or decimals ● Error detection with CRC in trailer ■ Media access control ● Placement and removal of frames onto the media ■ Implemented in hardware DIX Ethernet standard now referred to as Ethernet II.3ac extended maximum size to 1522 bytes to allow for VLANs Ethernet frame fields ○ Preamble ○ Start Frame Delimiter ○ Destination MAC Address ○ Source MAC Address ○ Length ○ Data ○ Frame Check Sequence (FCS) Uses Hexadecimal system. the most common frame Minimum frame size is 64 bytes Maximum frame size is 1518 bytes Less than 64 bytes is a collision fragment or runt frame and is discarded IEEE 802.000 Mb/s (10 Gb/s) ○ 40. colons.XXXX.000 Mb/s (100 Gb/s) Two sublayers ○ LLC ■ Handles communication between upper and lower layers ■ Takes IP packet and adds control information ■ Implemented in software ○ MAC ■ IEEE 802. base 16 Cisco uses XXXX. many other operating systems use XX:XX:XX:XX:XX:XX or XX-XX-XX-XX-XX-XX Used on Layer 2 Unicast address is the unique address of the destination or source NIC Broadcast address is all F’s ○ FF-FF-FF-FF-FF-FF . 24 bit vendor code assigned by IEEE. Only upgradable through software if managed ■ Unmanaged and managed versions ■ Some models are stackable with special cables. ports. MAC does not (usually) Address Resolution Protocol (ARP) ● Address Resolution Protocol (ARP) helps a node determine the MAC address of the next device it needs to send to on the Ethernet link. logical) addresses ○ IP can change. etc. ● ARP has requests and replies ● Resolves IPv4 addresses to MAC addresses ● Maintains a table of mappings ● There is also a Reverse ARP ● Commands ○ On a Cisco router: show ip arp ○ On Windows 7: arp -a . etc. called ARP poisoning Switch Basics ● Most devices now are connected to a switch instead of a hub or in-line as was the case many years ago ● Ethernet is a logical bus topology usually deployed in a star or extended star physical topology ● Switch types ○ Fixed ■ Cannot add new features. physical) and IP (Layer 3. ports. or fiber cables ○ Modular ■ Has a main chassis with board slots ■ Choice of management consoles.Shows all ARP entries ○ On Windows 7: netsh interface ip delete arpcache . switch forwards the frame on all ports .Deletes all ARP entries ● Causes some overhead due to broadcast functionality ○ Switches reduce broadcast traffic if configured for VLANs ● Can easily spoof ARP replies.Andrew Crouthamel Cisco CCNA Training Notes 37 ● Multicast addresses start with 01-00-5E ● Devices will have both MAC (Layer 2. boards. firewall features. ● Individual ports can be sometimes swapped out for different types ○ Called Switch Form-Factor Pluggable (SFP) Modules ● Operation ○ Use MAC addresses to decide what ports to send traffic to ○ Builds a MAC address table as it learns what traffic is coming from which ports ○ If no destination port is in MAC table. all responding MAC addresses get recorded to the MAC table for that port Switches can automatically negotiate speed. but catches most errors and collisions without a CRC.Andrew Crouthamel ● ● ● ● Cisco CCNA Training Notes 38 except originating port ○ Responding device gets recorded into MAC table for future use ○ If there is another switch downstream on one port. no buffering of full frame or error checking ■ Faster ■ Variants ● Fast-forward ○ Reads the destination MAC and then forwards right away. Memory Buffering ○ Port-based ■ A queue for each port ■ Can cause delay for other frames on other ports ○ Shared ■ A common queue for all ports ■ Dynamically allocated memory per port ■ Allows for larger frames to be transmitted IOS Device Basics . no buffering of full frame or error checking ● Fragment-free ○ Stores the first 64 bytes of the frame before forwarding. duplex. slower than fast-forward. and MDIX settings (on newer ones) ○ Can also manually set these values for each port on a managed switch Medium Dependent Interface (MDI/MDIX) ○ mdix auto ○ MDI/MDIX refers to how the transmit/receive wires are arranged on on a port of a internetworking device ■ Transmit on one side connects to receive on the other ○ MDI for hosts and routers. runs a Cyclic Redundancy Check (CRC) and then forwards if valid ■ Slower ○ Cut-through ■ Reads the destination MAC and then forwards right away. ○ Faster than store-and-forward. MDIX for switches ○ Auto-MDIX in newer switches now detects and swaps a port to MDI/MDIX as needed Forwarding methods ○ Store-and-forward ■ Switch receives the whole frame. Andrew Crouthamel Cisco CCNA Training Notes 39 ● Cisco’s Internetwork Operating System (IOS) is the term for the Operating System software installed on most Cisco products ● Stored on flash, non-volatile ● Loaded into RAM on boot ● Connecting to IOS ○ Console - Looks like an RJ-45 ethernet connection but blue ■ Bits per sec: 9600 ■ Data bits: 8 ■ Parity: none ■ Stop bits: 1 ■ Flow control: none ○ Telnet ○ SSH ○ AUX - Older modem connection method ● Privilege modes - Different looking prompt for each ○ User executive (User EXEC) ■ Limited, basic show commands ■ Router> ○ Privileged executive (Privileged EXEC) ■ Similar to “root” on Linux, can show anything and access global configuration mode ■ Use enable to enter mode ■ Use disable to leave mode ■ Router# ○ Global configuration mode ■ Needs do preceding commands from the executive modes, such as do show run ■ Can access submodes for configuration of interfaces and such ■ Use configure terminal or config t to enter mode ■ Command exit takes you out of a config submode one level, end takes you back to Privileged EXEC ■ Router(config)# ● Commands are similar to those in other OS ○ command arguments ○ show running-config ○ description ISP Connection ● You can use Tab key to auto-complete commands ○ show run<TAB> becomes show running-config ● You can use the question mark to get a list of compatible commands or arguments ○ sh? displays show ○ show? displays running-config, startup-config ● CLI will display problems with command, use of Tab and question mark help reduce problems Andrew Crouthamel Cisco CCNA Training Notes 40 ● Up and Down arrows cycle through last entered commands ● Simple command examples ○ show running-config ○ show startup-config ○ show interfaces ○ show ip interfaces brief ○ show version ● Spacebar or Enter can be used at the --More-- prompt. Enter will scroll one line, space bar a full page IOS Command Basics ● Choose a naming convention for hostnames ● Hostname configuration commands ○ enable ○ config t ○ hostname MySwitch ● Passwords ○ Enable password ■ Access to privileged EXEC mode, non-encrypted or poorly encrypted in config ■ enable password MyPassword ■ service password-encryption ● Hides password from onlookers in config but can easily be decrypted ○ Enable secret ■ Access to privileged EXEC mode, encrypted in config ■ enable secret MyPassword ○ Console password ■ Access to console ■ line console 0 ■ password MyPassword ■ login ○ VTY password ■ Access over Telnet/SSH ■ line vty 0 15 ■ password MyPassword ■ login ● Banners ○ banner motd # message # ■ Shown to all connections ○ banner login # message # Andrew Crouthamel Cisco CCNA Training Notes 41 ■ Shown to only services that have login defined ● Saving ○ copy running-config startup-config ○ write memory ● reload ● erase <ConfigName> ○ For NVRAM ● delete vlan.dat ○ For flash memory ● One can use TFTP to copy IOS files from flash to a server ● show flash ● copy flash: tftp: ● c1900-universalk9-mz.SPA.152-4.M3.bin ● 192.168.1.100 ● Selecting a new IOS file to boot from ○ boot system flash0://c1900-universalk9-mz.SPA.152-4.M3.bin Switch Configuration Basics ● Boot sequence ○ Power-On Self-Test (POST) from ROM ○ Loads boot loader from ROM ○ Starts the CPU ○ Initializes flash ○ Loads the IOS from flash and continues booting the OS ● Can recover from a forgotten password or system crash with boot loader ○ Connect a PC to the console port ○ Restart switch ○ Within 15 seconds press and hold the Mode button while the System LED is flashing green ○ Continue to hold Mode until the System LED turns amber and then solid green ○ Release the Mode button ○ The console will display “switch:” as the prompt ● LEDs ○ System LED - Power up/down ○ Redundant Power System (RPS) LED - Power up/down ○ Port Status LED - Link up/down, amber means blocked ○ Port Duplex LED - Green is full duplex, off is half ○ Port Speed LED - Green is 100 Mbps, blinking green is 1 Gigabit, off is 10 Mbps ○ Power of Ethernet (PoE) LED - Power up/down ● VLAN 1 is default management VLAN ○ Recommended to change it, but do not remove VLAN 1 completely 168.168.99.Andrew Crouthamel Cisco CCNA Training Notes 42 ● To manage a switch.0 ○ no shutdown ○ ip default-gateway 192.Will display result if device has cryptographic features enabled ○ ip domain-name mydomain. flooding all .1.Shows detailed information on interface configuration Switch Security Basics ● Secure Shell (SSH) ○ Encrypts shell access ○ SSH uses TCP port 22 ○ Telnet uses TCP port 23 ○ Recommended remote access method ● SSH Configuration ○ show ip ssh .255.1 255. causing a switch to learn too many and causing a CAM table overflow ■ This crashes the switch or puts it into fail-open mode ● Fail-open mode makes the switch act like a hub.1 ● Speed and duplex configuration ○ interface f0/1 ○ duplex auto ○ speed auto ● MDIX configuration ○ interface f0/1 ○ mdix auto ● show interfaces . a Switch Virtual Interface (SVI) must be configured ○ This is essentially an interface/IP for a specific VLAN ● SVI configuration ○ vlan 99 ○ name Management ○ interface f0/1 ○ switchport access vlan 99 ○ interface vlan 99 ○ ip address 192.com ○ crypto key generate rsa ○ username UserLogin password UserPassword ○ line vty 0 15 ○ transport input ssh ○ login local ● Common Security Attacks ○ MAC Address Flooding ■ Generating thousands of MAC addresses and sending them out onto the wire.255. usually with a different DNS server. using up all available leases ■ Attacker then sets up their own DHCP server to provide leases to clients.Learned during operation. so attacker can capture whatever they want ■ Can be mitigated with port security options ○ DHCP Spoofing ■ Attacker floods DHCP server with requests.Remove it from a dynamic port status ○ Static MAC security .Enables globally ○ ip dhcp snooping vlan . stored in address table and . stored in address table ○ Sticky MAC security .Andrew Crouthamel Cisco CCNA Training Notes 43 frames everywhere.Learned during operation. default gateway set to the attack computer.Only configured MAC address is allowed ■ switchport port-security mac-address ○ Dynamic MAC security .Enables specific VLAN ○ ip dhcp snooping trust .On specific interfaces ● Port security ○ switchport mode access . redirecting all traffic through it for capture ■ Can be mitigated with DHCP snooping and port security options ○ CDP ■ CDP is enabled on all ports by default ■ Provides useful information to an attacker capturing data on their access port ■ Can be mitigated by disabling CDP or disabling it on access ports ● Best Practices ○ Use secure communications methods ○ Encrypt passwords in configuration file ○ Control physical access to devices ○ Shut down unused ports ○ Use port security features ○ Use Access Control Lists (ACLs) ● Security Tools ○ nmap ○ Nessus ○ Metasploit ○ Brute force crackers ○ Kali (BackTrack) Linux distro Switch Port Security ● Disable unused ports ○ shutdown ○ Can use interface-range command to apply to many ports at once ● DHCP snooping tells the switch what ports can respond to DHCP requests ○ ip dhcp snooping . different from defining a trunk.Same as Protect but with violation notification ■ Shutdown . often paired with a Data VLAN on an access port for a workstation ■ Often configured with a special command.ntp.Used for VoIP phones. the default VLAN upon initialization ○ Native .org or more specific sub-pools such as us.On an 802. although operation is essentially the same ○ Management . by default this is VLAN 1 ■ Each trunk link can have a different native VLAN ID . Violation notification ■ switchport port-security violation ○ show port-security ○ show interface .pool. servers.Allow device to be queried for time data ○ show ntp associations . unknown source addresses are dropped until MACs are removed or limit is raised.This is the default mode. untagged traffic is put onto this VLAN.1Q trunk port.Andrew Crouthamel Cisco CCNA Training Notes 44 running config ■ switchport port-security mac-address sticky ■ switchport port-security maximum 2 ○ Port Security Violation Modes ■ Protect .Most common VLAN.Display NTP information VLAN Basics ● ● ● ● ● Virtual LANs.ntp.org also commonly used ○ ntp server . and other data devices ○ Voice .Display peers connected ○ show ntp status .Displays secure-shutdown status ● Network Time Protocol (NTP) ○ Retrieves time information from local or remote servers ○ Common to use domain controllers or other servers on a domain to ensure all are synchronized ○ pool. Immediately shuts down a port when an unknown MAC is seen.Used for remote administration of internetwork devices ○ Default .Displays err-disabled status ○ show port-security interface .Use specified server for time data ○ ntp master . or VLANs segment your network on the Layer 2 boundary Often used to segment based on logical business group or type of device ACLs can be used to limit access between VLANs improving security Performance is improved by reducing broadcast domains VLAN types ○ Data .All ports are member of VLAN 1. No violation notification ■ Restrict .Once the limit of MAC addresses is reached. for PCs. 0x8100 for Ethernet ■ User priority .12-bits which identifies the VLAN number.1Q information is inserted Creating VLANs ● Standard Range VLANs are numbered from 1 to 1005 ○ 1002 to 1005 reserved for Token Ring and FDDI ○ VLAN 1 and 1002 to 1005 are automatically created ○ VLANs are in vlan.dat on the flash memory card ■ Must be manually deleted when resetting device to factory defaults ● Extended Range VLANs are numbered from 1006 to 4094 ○ Not written to vlan.QoS value ■ Canonical Format Identifier (CFI) .1Q ○ Trunks allow multiple VLANs to be transmitted across one link.1-bit for Token Ring over Ethernet ■ VLAN ID (VID) .Andrew Crouthamel Cisco CCNA Training Notes 45 ● show vlan or show vlan brief ● VLAN Trunks ○ Standard is IEEE 802. 4096 VLAN IDs are supported ○ A new FCS is created after 802. usually between internetwork devices such as switches ○ Links with workstation PCs and VoIP phones are special trunks with a Data and Voice VLAN on them ○ Without VLANs each port would need to be a different LAN when connecting between switches and thus highly inefficient ● 802.dat ○ Not learned through VTP ● VLAN Trunking Protocol (VTP) helps with VLAN management ○ Cisco proprietary ○ GARP VLAN Registration Protocol (GVRP) is the standard alternative for other brands ● vlan <number> ○ name <name> ● interface f0/1 ○ switchport mode access ○ switchport access vlan <number> ● Deleting VLANs ○ no vlan <number> ● show vlan brief ● show interfaces vlan <number> .1Q ○ New 4-byte VLAN tag is inserted into original Ethernet frame header ○ Fields ■ Type . Andrew Crouthamel Cisco CCNA Training Notes 46 VLAN Trunks ● VLAN Trunks allow multiple VLANs on one link ○ Otherwise each VLAN would need a separate physical link for uplinks ● interface f0/1 ○ switchport mode trunk ○ switchport trunk native vlan 99 ● show interfaces f0/1 switchport ● Dynamic Trunking Protocol (DTP) ○ Allows nodes to negotiate trunk status ○ Cisco proprietary ○ Considered insecure ○ Auto ■ switchport mode dynamic auto ■ Allows interface to become a trunk ■ Neighbor must be in desirable or trunk mode ■ Considered the passive mode ■ Default mode for all interface ○ Desirable ■ switchport mode dynamic desirable ■ Interface actively tries to become a trunk ■ Neighbor must be in desirable. inner is is victim VLAN ○ Switch reads native VLAN. sends it out to other switches ○ Second switch reads victim VLAN and floods it to destination . or trunk mode ■ Considered the active mode ■ Default mode on old devices ○ switchport nonegotiate ■ Prevents interface from using DTP ○ show dtp interface ● Show commands ○ show interfaces trunk VLAN Security ● Attackers can spoof being a switch and turn their link into a trunk if it is configured for Auto mode ○ Allows them to access other VLANs ● Double-tagging ○ Injecting a frame with two VLAN tags ○ Outer tag is same as native VLAN. auto. unique management VLAN ● Change the native VLAN to something other than the default. they have similar hardware. across great distances. 1 ● Do not use DTP.255.255.0 ■ no shutdown ○ Create a VLAN interface ■ interface vlan 10 ■ ip address 192.255.Physical port configured as a router port ○ Layer 3 EtherChannel . between VLANs.1 255. set all ports to access or trunk mode ● Define which VLANs are allowed on the trunk ○ switchport trunk allowed vlan <numbers> ● Define which VLANs are to be pruned via VTP Layer 3 Switching ● Switches operate at Layer 2 ● Layer 3 switching is another term for routing essentially.Andrew Crouthamel Cisco CCNA Training Notes 47 ● Best to separate management from user traffic ○ Use a separate.1 255.168.10. just specialized on function ● Default gateways are used on nodes to offer a destination for unknown packets ○ Without default gateways each node would need to know the destination for everything ● Nodes can be configured with an IP either statically or dynamically .255.0 ■ no shutdown Routing Basics ● Routing is a process that determines the best path for traffic to take from one network to another ● Allows communication between buildings. ● Routers are similar to computers. etc.168. but very quickly at wire speeds ● Preferred method for traversing VLANs in networks ○ Dedicated routers are now mostly just for WAN links and specialized connections ● Cisco switches use Cisco Express Forwarding (CEF) ● Layer 3 interfaces ○ Switch Virtual Interface (SVI) .10.For VLANs ○ Routed Port .Several ports acting as one ● Configuration ○ Create a port dedicated to a single subnet ■ interface f0/1 ■ no switchport ■ ip address 192. sending the packet to the destination interface ● Steps ○ PC puts source and destination IP into packet header ○ PC looks in ARP cache for MAC of L2 destination ○ PC does an ARP request if not there ○ PC puts source and destination MAC into frame header ○ PC sends to router ○ Router reads destination MAC.Andrew Crouthamel Cisco CCNA Training Notes 48 ● Routers work by reading the destination IP address of a packet and referencing the routing table. different protocols have different Administrative Distances (AD). matches it to the interface ○ Router reads destination IP address ○ Router looks in route table for a match ○ Router checks ARP cache for MAC of next hop destination ○ Router performs an ARP request if not in ARP cache ○ Router rebuilds frame header ○ Router sends to next hop ● Router makes decisions based on best path ○ Directly connected networks first ○ Remote networks second ○ Default gateway last ○ Dynamic routing protocols are also prioritized based on trust ■ EIGRP ■ OSPF ■ RIP ● Two paths to same network can be load balanced if cost is the same ● Multiple dynamic routing protocols can be configured and in use. lower is better ○ Directly connected is 0 ○ Static route is 1 ○ EIGRP is 90 ○ OSPF is 110 ○ RIP is 120 ● Route table contains entries of ○ Directly connected networks ○ Remote networks ■ Static route ■ Dynamic route ● Route table entries ○ Route source ○ Destination network ○ Administrative distance ○ Metric ○ Next-hop ○ Route timestamp . 2. it searches the level 2 child routes and traffic is forwarded on a subsequent match ○ If it matches a level 1 parent route but not a level 2 child route. matches from top down and stops at the first match ○ If it matches a level 1 ultimate route.3 ○ encap dot1q 3 .255.0 ○ int fa0/0.255. traffic is dropped ○ If it matches nothing in the route table.1 255. traffic is forwarded ○ If it matches a level 1 parent route.Equal or less than the classful mask of the network ○ Level 1 parent route .Subnetted level 1 route. heading entry for smaller subnets ○ Level 2 child routes .Uses letters to designate where it was learned from ○ Destination network ○ Administrative distance ○ Metric ○ Next hop ○ Route timestamp ○ Outgoing interface ● Kinds of routes ○ Ultimate route .Andrew Crouthamel Cisco CCNA Training Notes 49 ○ Outgoing interface ● Directly connected interfaces must be no shutdown to show Routing Table Basics ● Route table sections ○ Route source . traffic is dropped Router-on-a-stick Configuration ● On the switch create a trunk interface ○ int fa0/1 ○ switchport mode trunk ○ switchport trunk native vlan 99 ● On the router create subinterfaces on the same trunk interface with the respective subnets for the associated VLAN it will route ○ Match the subinterface number with the VLAN number to make life easy ○ int fa0/0 ○ no shut ○ int fa0/0.Contains a next-hop IP or exit interface ○ Level 1 route .168.2 ○ encap dot1q 2 ○ ip address 192.Subnet of a classful network address ● When searching for a route. 3.16.1 f0/1 .168.255.0.0 255.168.0.0 ○ int fa0/0.Andrew Crouthamel Cisco CCNA Training Notes 50 ○ ip address 192.0.255.0/0) ■ Also known as Gateway of Last Resort ○ Summary ■ Can be used to match multiple subnets if networks are contiguous and use the same next hop ○ Floating ■ A route with a higher administrative distance than the normal route ■ Takes over for the “more trusted” route with a lower AD if the link fails ■ Manual method of failover routes Static Routing Configuration ● ip route <subnet> <subnet mask> <next hop IP> <exit interface> ● ip route 192.99 ○ encap dot1q 99 native ● Show commands ○ show interfaces f0/1 switchport ○ show interface ○ show ip interface ○ show run Static Routing Basics ● Routers know of routes via static or dynamic routes ● Pros ○ Static routes are not advertised to other routes unless specifically configured to do so ○ Static routes are more secure due to administrator intervention needed to input them ● Cons ○ Static routes are difficult to manage due to the mentioned administrator intervention ○ Failover abilities are limited ○ Does not scale well with large networks ○ Human error causes many issues ● Types of static routes ○ Standard ■ Normal static route used for subnets ○ Default ■ Matches all packets (0.0 172.255.10.255.1 255. 1 f0/1 ● IPv6 equivalent of 0.Andrew Crouthamel Cisco CCNA Training Notes 51 ● Exit interface may be used exclusively on point to point connections ● On multiple access networks such as Ethernet.0. next hop IP is required and exit interface is not required ○ Providing the exit interface is recommended for performance ○ A router must do an additional lookup to determine the exit interface if not provided ● Default route is same as a standard route but with 0.0 172.0.0.0.0.0.16.0.0 is ::/0 ● Floating statics can be configured by appending a high AD value to the end of a static route ● Summary routes ○ Allows one route to match for multiple subnets that are contiguous ○ Often called supernetting ○ Summarizing steps ■ Write out the subnets in question in binary ■ Find the number of bits starting from the left side of each subnet that are the same for all subnets ■ This will be the new prefix or subnet mask ■ Perform the ANDing process of one network against the new prefix to determine the new network ID ■ Enter a static route for this new summary network ● Show commands ○ ping ○ traceroute ○ show ip route ○ show ip interface brief ○ show cdp neighbors detail ○ show run ○ Make sure interfaces are no shutdown Dynamic Routing Protocols Basics ● Dynamic routing protocols have been around for many decades ● One of the first was Routing Information Protocol (RIP) which was still taught in CCNA up to the last revision ○ Dates back to 1980’s ○ RIPv1 was classful ○ RIPv2 was classless ● Other protocols have been developed to provide faster/better routing decisions and failover capabilities ○ Open Shortest Path First (OSPF) ○ Intermediate System-to-Intermediate System (IS-IS) .0.0.0 0.0 as the destination ● ip route 0. slowly converging their routing tables Routing protocols are in different classifications ○ Legacy ■ RIPv1 .Classless ○ Path-Vector ■ BGP . a network is away ■ Usually slower convergence ■ Sends periodic updates of entire route table ■ RIPv2 . Also uses many variables such as link speed to help determine best path ■ Usually faster convergence ■ Sends up/down link updates only when changes occur ■ OSPF .Andrew Crouthamel ● ● ● ● Cisco CCNA Training Notes 52 ○ Interior Gateway Routing Protocol (IGRP) .Classless Most are interior gateway protocols.Classful ○ Distance Vector ■ Based on number of “hops” or routers.Classless ○ Link-State ■ Gathers information on all connections in the network and builds an internal map.Classless ■ EIGRP .Cisco proprietary Routing protocols provide ○ Discovery of networks ○ Automatic route updating ○ Best path determination ○ Failover and load balancing ○ Ease of administration for new networks or changes ○ Reduction of human error RIP operation steps ○ Upon boot router adds directly connected networks to route table ○ Sends an update out all configured interfaces with known connected networks in its route table ○ Receives an update from a neighbor router about other networks and adds that to the routing table with a metric of 1 ○ Repeats process between other routers during each periodic update. deprecated ○ Enhanced IGRP (EIGRP) .Classful ■ IGRP .Cisco proprietary.Classless ■ IS-IS . BGP is the exception Distance Vector Routing Protocols ● Distance vector protocols are not aware of the entire network topology like link-state . IPv6. backup routes are inserted immediately when needed ○ Layer 3 independence ■ Can support IPv4.0 . RIP sends updates out all interfaces that have RIP enabled (via the network command) ● Default gateway information can be distributed with default-information originate Open Shortest Path First (OSPF) ● Uses the Shortest Path First (SPF) algorithm . AppleTalk RIP Configuration ● ● ● ● ● ● Configuration is rather simple router rip version 2 .You define the local networks that are to be shared via RIP It is recommended for performance and security that passive-interface is used on interfaces that do not connect to a router ○ By default.Andrew Crouthamel ● ● ● ● ● ● ● Cisco CCNA Training Notes 53 protocols They share updates of their full routing tables to each other every so many seconds ○ RIP is 30 by default Older protocols such as RIPv1 broadcast the updates Newer protocols such as RIPv2 and EIGRP use multicast RIP uses the Bellman-Ford algorithm RIP includes the following features ○ Updates sent every 30 seconds to a multicast address (224. when packets exceed that they drop from the network to prevent looping floods IGRP and EIGRP use the Diffusing Update Algorithm (DUAL) EIGRP includes the following features ○ Bounded triggered updates ■ Does not send periodic updates like RIP.Can often cause problems with mixed RFC 1918 networks network 192.168. only when needed and only to the neighbors that need to know ○ Hello keepalive ○ Topology table ■ Saves backup paths for failures ○ Fast convergence ■ Due to topology table.9) ○ Hop count is used as the metric for routes ○ Hop of 15 is the maximum.Always enable unless you’re in 1990 no auto-summary . IPX.10.0.0. Topology table ○ Forwarding database . fast. efficient.Routers are in different Autonomous Systems (AS).Acknowledges an LSU Operation steps ○ Router learns about directly connected networks ○ Exchange hello packets with neighbors ○ Build a Link-State Packet (LSP) with information on each link ○ Flood the LSP to neighbors ○ Routers collect the LSPs from neighbors and construct a topology map ○ They then run their SPF algorithm and create an SPF Tree.Request more information on an entry ○ Link-state update .Establish and maintain adjacency with neighbor ■ Every 10 seconds usually. which is used to populate the routing table Areas ○ Single-area .Contains short list of LSDB used for checking against local LSDB ○ Link-state request . very scalable. only routers in one AS communicate to each other.Reply to LSR and to announce new information ○ Link-state acknowledgement . 30 on Frame Relay ■ Sent to 224.Neighbors ○ Link-state database (LSB) .All routers are in one area and communicate to each other ○ Multiarea .Populates routing table Packets ○ Hello .5 or FF02::5 multicast address ■ Includes a dead timer to remove neighbors after certain time if no hello packet is received ○ Database description .0. dates back to the late 1980s OSPFv2 is used for IPv4. OSPFv3 is used for IPv6 Classless. Routers bordering the different AS offer connectivity between them States ○ Down ○ Init ○ Two-Way ○ ExStart ○ Exchange ○ Loading ○ Full Designated Routers (DR) and Backup Designated Routers (BDR) are used as central data repositories instead of having all routers share all data with each other and flood the .0.Andrew Crouthamel ● ● ● ● ● ● ● ● ● ● ● Cisco CCNA Training Notes 54 Much more complex but more feature-rich Uses a calculation of link cost based on a variety of variables to determine best path Open standard from the IETF. supports security Databases ○ Adjacency database . highest IPv4 address of any interface ○ See comment earlier about using loopbacks for management access.000 ○ 100.0. it is also highly useful for this purpose ● Within the ospf configuration prompt use a similar command as RIP and EIGRP to define networks to share ○ network 192.0 0. but can be configured in other ways to do more powerful matches ● passive-interface is also used as with RIP ● OSPF link cost is calculated by default with ○ Reference bandwidth / interface bandwidth ○ Reference bandwidth by default is 100.000 bps / interface bandwidth in bps ○ Due to the use of 100 Mbps as the reference. as the command value is expressed in Mbps ○ Interfaces have default bandwidth values.Andrew Crouthamel Cisco CCNA Training Notes 55 network ○ Used on multi-access networks ○ Highest interface priority or highest router ID or IPv4 address wins ○ Election only occurs on initial network boot OSPFv2 Single-Area Configuration ● router ospf <process id> ● Process ID is local to the router. both 100 Mbps and 1 Gbps (as well as higher speeds) both have a cost of 1 ■ This is due to OSPF rounding up to the next integer of a calculated cost ○ Reference bandwidth can be changed with auto-cost reference-bandwidth 1000 to support 1 Gbps links for example.168.10. Usually 1 unless running multiple OSPFs to share between AS’ ● Router IDs uniquely identify an OSPF router and allow it to participate in Designated Router election ○ During initial boot of an OSPF network (if all routers turned on at once) highest ID becomes DR.Any 32 bit number written as an IPv4 address ○ If no router-id is specified. second highest is BDR ○ router-id <id IP> . especially for WAN links ■ Make sure to set bandwidth values for all interfaces instead of using the defaults ○ You can also set the cost manually with ip ospf cost <value> ● Change the OSPF priority . highest IPv4 address of any loopbacks is chosen ○ If no loopbacks are present.0.544 Mbps for serial ■ This may not be optimal due to the many different bandwidth available.000.255 area 0 ○ Second IP is a wildcard mask.000. can be any number from 1 to 65535. an “inverse” of the subnet mask. such as 1. 1.0 192. a “Single-Area” OSPF instance ● Multi-Area help reduce processing and memory overhead for large environments with large routing tables ● Advantages ○ Smaller routing table ○ Less link-state update overhead (fewer LSA’s exchanged) ○ Lower frequency of SPF calculations ● Two areas .Andrew Crouthamel ● ● ● ● ● ● Cisco CCNA Training Notes 56 ○ ip ospf priority 255 Default static route ○ ip route 0.168.0.Generates a hash that is sent ○ OSPFv3 does not have any authentication built-in.0 0.0.Plaintext password sent over the network ○ MD5 . it relies on native IPv6 capabilities (IPsec) ■ ipv6 ospf authentication ipsec spi Configure MD5 Authentication ○ ip ospf message-digest-key 1 md5 MyPassword ○ area 0 authentication message-digest ○ Can also be applied in an interface instead of globally Show commands ○ show ip ospf neighbor ○ show ip protocols ○ show ip ospf ○ show ip ospf interface brief ○ show ip ospf interface ○ show ip route ospf ○ clear ip ospf 1 process ○ IPv6 commands essentially the same but have ipv6 in them OSPFv3 uses IPv6 Link-Local addresses ■ Best to manually configure so they are easier to remember ○ ipv6 router ospf 1 .Basically the same as IPv4 ○ Show commands are the same but with ipv6 OSPF Multi-Area Basics ● Previous examples have shown all routers in one area.0.No password ○ Simple password .0.1 fa0/1 or ipv6 route ::/0 ○ default-information originate Modifying intervals ○ ip ospf hello-interval 5 ○ ip ospf dead-interval 10 Supports three types of authentication ○ Null . All interfaces in the same area ○ Backbone router .Andrew Crouthamel ● ● ● ● Cisco CCNA Training Notes 57 ○ Backbone (Transit) Area .Connects to an external network of some kind. the first five are required for Multi-Area OSPF LSA Types ○ Type 1 ■ Router link entries ■ Flooded within the area they originated ○ Type 2 ■ Contains router ID and IP address of the DR and all routers on the segment ■ Created for every multiaccess network in the area ■ Flooded within the area they originated ○ Type 3 ■ Collective data from type 1 LSAs ■ Created for every network learned ■ Flooded from one area to another ■ Used to advertise networks from other areas ○ Type 4 ■ Generated by an ABR when an ASBR exists within an area ■ Advertises external networks into a routing domain ○ Type 5 ■ Describes routes to networks outside of the OSPF AS ■ Generated by the ASBR ■ Flooded to everyone in the AS OSPF Multi-Area Configuration ● Demo of multiarea config ● Route summarization ○ Useful for limiting number of Type 3 LSAs flooded onto backbone.Usually area 0 ○ Area Border Router (ABR) .End users network. for example ○ What would be 50 Type 3 LSAs to be flooded for 50 networks. can be reduced to one or two advertisements to be flooded .Routers or switches involved in fast transit of IP packets from one place to the next. similar to the Distribution or Core layer for switch hierarchy ○ Regular (Non-backbone) Area .Connects to multiple areas ○ Autonomous System Boundary Router (ASBR) . a non-OSPF network LSAs act as database records and provide network details 11 types of LSAs. must talk to a Backbone area to get to other Regular areas Router types ○ Internal router . Andrew Crouthamel Cisco CCNA Training Notes 58 ○ Can only be configured on ABRs or ASBRs ○ Either interarea or external route summarization ■ Interarea route summarization ● Occurs on ABRs ● Does not apply to external routes ● area 0 range 10.10 ■ FF02::A ○ Updates ■ Does not send periodic updates ■ Partial .0 ■ External route summarization ● Occurs on ASBRs ● Does not apply to internal routes EIGRP Basics ● Released in 1992 as a Cisco proprietary protocol ● Basic functionality has now been released as an IETF standard ● Uses Diffuse Update Algorithm (DUAL) ○ Guarantees loop-free and backup paths ○ Stores all backup paths ready to use ● Establishes neighbor adjacencies like OSPF ● Reliable Transport Protocol (RTP) used to deliver EIGRP packets ○ Unique to EIGRP ○ Offers reliable and unreliable transit ■ Cannot use UDP/TCP due to protocol independence ■ Update packet is sent reliably ■ Hello packet is sent unreliably ○ Unicast and Multicast ■ 224.0 255.0.0.0.0.0.Term for partial updates sent to only routers that need it ○ Load balancing ■ Equal or unequal cost ○ Can route many different protocols via Protocol-Dependent Modules (PDMs) ■ IPv4 ■ IPv6 ■ IPX ■ AppleTalk ○ Authentication supported ● Router ID ○ Used by both IPv4 and IPv6 ○ Used for identification of originating router during redistribution of external routes .Link up or down ■ Bounded .0. 0.1 ○ passive-interface fa0/5 ○ show ipv6 eigrp neighbors ○ show ipv6 protocols ○ show ipv6 route ● Default routes ○ redistribute static . highest loopback.0. prevent EIGRP from sending packets out interfaces where no routers are ○ no auto-summary ○ show ip eigrp neighbors ○ show ip protocols ○ show ip route ● IPv6 ○ ipv6 unicast-routing ○ int fa0/1 ○ ipv6 address FE80::1 link-local ○ ipv6 router eigrp 1 ○ eigrp router-id 10.0 0.168.0.Andrew Crouthamel ● ● ● ● ● Cisco CCNA Training Notes 59 ○ Uses defined router-id. but then uses classful address.Can omit the wildcard mask.0.1. or highest interface as Router ID Hello packets ○ Unreliable delivery ○ Multicast Update packets ○ Reliable delivery ○ Unicast or multicast Acknowledgment packets ○ Unreliable delivery ○ Unicast Query packets ○ Reliable delivery ○ Unicast or multicast Reply packets ○ Reliable delivery ○ Unicast EIGRP Configuration ● IPv4 ○ router eigrp 1 ○ eigrp router-id 10.255 . I prefer being specific ○ passive-interface fa0/1 .0.1 ○ network 192.Same as other protocols.0. and K4 and K5 represent reliability ○ 1 = on. K4 and K5 are set to 0 . rounded down ● Delay ○ Default ○ Microseconds ○ Sum of all delays in a path ○ Divides sum of all delays by 10 ● Reliability ○ Optional ○ Not recommended due to frequent topology changes ○ Fraction of 255 (255/255 is 100% reliability) ● Load ○ Optional ○ Not recommended due to frequent topology changes ○ Fraction of 255 (255/255 is full saturation) ● Metrics are K1 to K5.000.000 and divides by lowest interface bandwidth. K2 represents load. K2.Andrew Crouthamel Cisco CCNA Training Notes 60 ● Show commands ○ IPv4 ■ show ip eigrp neighbors ■ show ip route ■ show ip protocols ■ show ip interface brief ■ show ip eigrp interfaces ○ IPv6 ■ show ipv6 eigrp neighbors ■ show ipv6 route ■ show ipv6 protocols ■ show ipv6 interface brief ■ show ipv6 eigrp interfaces EIGRP Metrics and DUAL ● Bandwidth ○ Default ○ Kilobits per second ○ Set your bandwidth values on your interfaces! Don’t let it use the defaults! ■ conf t ■ int fa0/1 ■ bandwidth 1536 ○ Uses slowest bandwidth in a path ○ Takes 10. K1 and K3 represent bandwidth and delay. 0 = off ○ K1 and K3 are set to 1. Andrew Crouthamel Cisco CCNA Training Notes 61 ● show ip protocols .Shows metric values of an interface ● DUAL ○ Diffusing Update Algorithm (DUAL) determines the best loop-free path and backup paths ○ Terms ■ Successor ● Neighboring router that is used for forwarding packets ■ Feasible Successor (FS) ● Neighboring router that has a loop-free backup path to the same network as the Successor and satisfies the Feasibility Condition (FC) ■ Feasible Distance (FD) ● The lowest calculated metric to reach the destination network ■ Reported Distance (RD) or Advertised Distance (AD) ● The total metric to a destination network ■ Feasible Condition or Feasibility Condition (FC) ● Condition is met when a neighbors Reported Distance (RD) to a network is less than the local routers feasible distance ○ Decision process is done by the DUAL Finite State MAchine (FSM) ○ show ip eigrp topology ○ show ip eigrp topology all-links EIGRP Tuning and Security ● Tuning ○ EIGRP only uses 50 percent of a link's bandwidth for EIGRP packets ○ int fa0/1 ○ ip bandwidth-percent eigrp 1 75 ○ ipv6 bandwidth-percent eigrp 1 75 ○ ip hello-interval eigrp 1 2 ○ ip hold-time eigrp 1 65535 ○ ipv6 hello-interval eigrp 1 2 ○ ipv6 hold-time eigrp 1 65535 ○ Change number of load balancing paths used ■ router eigrp 1 ■ maximum-paths 4 ● Security .Shows k values ● Configuration ○ config t ○ router eigrp 1 ○ metric weights tos k1 k2 k3 k4 k5 ● show interfaces . Looks at source and/or destination IP.255. source and/or destination port. try to match as much as possible with one entry .0 ○ any can be used instead of 255.255 To improve performance. usually use ○ Standard .Match the bit value in the address ○ 1 bit .255.Andrew Crouthamel ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Cisco CCNA Training Notes 62 Uses MD5 authentication to ensure routing information is correct conf t key chain MyKeys key 0 key-string MyPassword int fa0/1 ip authentication mode eigrp 1 md5 ip authentication key-chain eigrp 1 MyKeys ipv6 authentication mode eigrp 1 md5 ipv6 authentication key-chain eigrp 1 MyKeys Access Control Lists (ACLs) ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● Similar idea to a “firewall rule” Restricts access in a variety of ways. except IPv6 which uses prefix-length Wildcard masks ○ 0 bit .1–99 and 1300–1999 ○ Extended .Ignore the bit value in the address ○ host can be used instead of 0. depending on type of ACL Can be implemented on routers or Layer 3 switches Improves security by assisting in restricting traffic in addition to VLAN segmentation Uses rules to inspect TCP/UDP traffic and act upon what it finds in the header ○ Usually source and/or destination IP and/or port ○ Fancier devices can do Layer 7 inspection now Can be applied to inbound or outbound traffic on every interface Always have an implied “deny any” at the end of the list Matches first entry Types ○ Standard . additional options Both Standard and Extended can use either name or number to identify them ○ For numbers.Only looks at source IP ○ Extended .0.100–199 and 2000–2699 Place standard ACLs nearest the destination you want to control Place extended ACLs nearest the source you want to control Entries in an ACL are called Access Control Entries (ACE) ACEs use wildcard masks like OSPF.0. keep ACEs as minimal as possible. protocol type. 168.100 ● show ip interface ● show access-lists Extended IPv4 ACL Configuration ● Creating a numbered Extended ACL ○ access-list 100 deny tcp 192.1.0.100 ○ access-list 1 permit 192.168.0.0 0. same as IPv4 Extended ACL No wildcard masks.0.168.1.1.0.168.255 ● Applying to an interface ○ interface fa0/1 ○ ip access-group 1 out ● Creating a named Standard ACL ○ ip access-list standard myaclname ● Comments ○ access-list 1 remark some comments about the acl ○ Allows easy identification ● ACLs can be edited by copy/paste into a text editor.0 0. only prefix ipv6 traffic-filter .1.100 0.Command used to apply to an interface ipv6 access-list myaclname show ipv6 interface Standard IPv4 ACL Configuration ● Creating a numbered Standard ACL ○ access-list 1 deny 192.0.0 any eq 80 ○ access-list 100 permit tcp 192.0.168.255 any eq 80 ● Applying to an interface ○ interface fa0/1 ○ ip access-group 100 out ● Creating a named Extended ACL ○ ip access-list extended myaclname ● Comments ○ access-list 100 remark some comments about the acl .1.Andrew Crouthamel ● IPv6 ○ ○ ○ ○ ○ Cisco CCNA Training Notes 63 Named ACLs only. or sequence numbers for Named ACLs ○ show access-lists 1 ○ ip access-lists standard ○ no 10 ○ 10 deny host 192. Server acknowledges receipt and repeats IP to client ● DHCPv6 specifics ○ Stateless Address Autoconfiguration (SLAAC) or DHCP ○ SLAAC can allow a client to get an IP without a DHCP server ○ Operation ■ Client sends Router Solicitation (RS) to router ■ Router sends Router Advertisement (RA) with prefix to client ■ Client creates its own IPv6 address with that basic information ● Either with EUI-64 or randomly generated DHCP Configuration ● Most other networking products have you define a range to use for the IP pool.Permanently assigns an IP to a client from a pool ○ Dynamic .Client broadcasts for a DHCP server ○ DHCPOFFER .Assigns or “leases” an IP to a client for a period of time ■ The most common method ● DHCP Steps ○ DHCPDISCOVER .1. or sequence numbers for Named ACLs ○ show access-lists 100 ○ ip access-lists extended ○ no 10 ○ 10 deny host tcp 192.“Reservations”.DHCP server responds with an IP to the client ○ DHCPREQUEST .Client acknowledges receipt and repeats IP to server.100 any eq 80 ● show ip interface ● show access-lists Dynamic Host Configuration Protocol (DHCP) ● Dynamic Host Configuration Protocol (DHCP) ● Assigns IP addresses and other IP options automatically to nodes ● Allocation methods ○ Manual .Andrew Crouthamel Cisco CCNA Training Notes 64 ○ Allows easy identification ● ACLs can be edited by copy/paste into a text editor. then it uses the rest of the subnet ● First exclude addresses and ranges you do not want in the pool ● Next configure your pool . also used for renewals ■ Renewals happen at half the lease expiration timeframe ○ DHCPACK . only one specific IP is given to the client ○ Automatic . Cisco has you define exclusions first.168. 0 default router 192. everyone used “public” addresses ○ It was determined in the 1990’s that we would soon run out of IPv4 addresses.The address of the destination as seen from the inside network ○ Outside global .Also known as NAT overloading.0 255.Send DHCP requests to a different server not on the subnet ip address dhcp .Andrew Crouthamel ● ● ● ● ● ● ● ● ● ● ● ● Cisco CCNA Training Notes 65 Last add DHCP options to the pool ip dhcp pool mypoolname network 192. which has now happened ○ NAT provides several “private” ranges of IP addresses that can only be used internally ○ Traffic is then translated to a”public” IP when accessing the internet ○ This also provides for some minimal security in that your internal addresses are hidden and non routable on the internet ● Types of addresses ○ Inside local .The address of the destination as seen from the outside network ● Types of NAT ○ Static . common for servers accessing the Internet ○ Dynamic .1.Make interface a DHCP client on the router or switch Show commands ○ show ip dhcp conflict ○ show interface ○ show ip interface ○ show run Network Address Translation (NAT) ● Network Address Translation (NAT) helps solve the issue with IPv4 address exhaustion ○ Before RFC 1918.168. IPv6 wouldn’t need .1.One-to-one translation. commonly used with Dynamic NAT for DHCP clients ● IPv6 ○ You would think that with 340 trillion trillion trillion addresses.255.168.1.255.Many-to-many or many-to-one translation.com show run | section dhcp show ip dhcp binding show ip dhcp server statistics ip helper-address . common for DHCP clients accessing the Internet ○ Port Address Translation (PAT) .1 domain-name mydomain.1 dns-server 192.168.Internal address of the client being translated ○ Inside global . this translates the port when a port is already in use.The address of the destination ○ Outside local . 10 192.255.0.168.000.0 ○ access-list 1 permit 192.0. but added later ○ Unique Local Addresses (ULA) ■ RFC 4193 ■ Meant to provide local-only communications.Andrew Crouthamel Cisco CCNA Training Notes 66 NAT.000.0 0.168.000.000.1.1.168.000.255.168.000.2.255 ○ ip nat inside source list 1 pool mypoolname ○ show ip nat translations ○ show ip nat statistics ○ clear ip nat statistics ○ clear ip nat translation * ● PAT ○ ip nat pool mypoolname 192.255 ○ ip nat inside source list 1 pool mypoolname overload ○ show ip nat translations ○ show ip nat statistics ○ clear ip nat statistics ○ clear ip nat translation * .1.10 192.outside) 4.1.1.2.255.0.168.1.255. but not to solve any IP address space issues ■ FC00::/7 ■ Known as “local IPv6 addresses” NOT “IPv6 link-local addresses” ● Can’t wait to start having those troubleshooting conversations.000.255.000.168.255.0 0.000 ■ Originally it was supposed to not have any NAT.2 192.254 netmask 255.255 ○ show ip nat translations ○ show ip nat statistics ○ clear ip nat statistics ● Dynamic NAT ○ int fa0/0 ○ ip nat inside ○ int fa0/1 ○ ip nat outside ○ ip nat pool mypoolname 192.000. do you? ■ Non routable on the Internet ○ NAT64 allows for IPv6 devices to talk to IPv4 devices via NAT ■ Beyond scope of CCNA NAT Configuration ● Static NAT ○ static (inside.1.99 netmask 255.0.0 ○ access-list 1 permit 192.254 netmask 255.000.168.000. but it does have an implementation of it ■ 340. 99 1234 4. such as webservers ○ ip nat inside source static tcp 192. quickly taking down a network ○ Can also receive duplicate unicast frames at a device ● Spanning Tree Protocol and other protocols have been developed to combat this issue ● Spanning Tree works by negotiating a port to “disable” (blocking) if a loop is detected ○ This disability is temporary and can be lifted if the primary link fails ● There are actually multiple versions of STP such as MSTP. frames loop forever causing processing and sometimes bandwidth to overload ○ Can also cause broadcast storms. RSTP.2.1. ■ Public address is translated via a static NAT to internal address.2. backup root is second lowest Bridge ID ○ Bridge ID is determined by priority value.Andrew Crouthamel Cisco CCNA Training Notes 67 ● Port Forwarding ○ Allows access to your internal network (or hopefully DMZ) from the public internet or other untrusted network via one or more ports. ● Root and backup root bridges are elected upon initial boot of the network ○ STP enabled switches exchange STP BPDU’s ○ Root bridge has the lowest Bridge ID.2 4321 ● Show commands ○ show ip nat translations ○ show ip nat statistics ○ clear and debug ○ debug ip nat detailed Spanning Tree Protocol (STP) ● Building a network that is fault tolerant and redundant causes other problems ● Redundant links cause loops in the network ○ Ethernet has no TTL field like IP.168. lowest MAC. etc. and extended system ID of switch ● Then Spanning Tree Algorithm on each non-root switch calculates shortest path to the root ○ All roads lead to root ○ STA considers both path and port costs (speed) ○ Lowest calculated path cost wins ○ Ports are then assigned roles . for only one or more define ports ○ Inside interface for LAN needs ■ ip nat inside ○ Outside interface for WAN needs ■ ip nat outside ○ You can also change the port from inside to outside ■ Useful for when running multiple similar servers off one IP. 30-50 seconds ○ PVST+ ■ Cisco proprietary.Port is shut down ● Port costs ○ 10 Gbps = 2 ○ 1 Gbps = 4 ○ 100 Mbps = 19 ○ 10 Mbps = 100 ○ Can override port costs with spanning-tree cost # on an interface ● Path cost ○ Sum of all port costs from switch to root bridge ○ Lowest path is preferred and becomes root port ● Re-election ○ All switches assume they are root bridge upon boot ○ Switches continually send BPDU’s every 2 seconds ○ If a switch with a lower MAC is inserted into a network it can cause a reconfiguration and may cause some dropped frames as links are changed ● Forcing a root bridge ○ Default is Bridge Priority is 32768 ○ Set Bridge Priority to 0 ● Extended System ID ○ Used for VLAN information ○ Can have a different root bridge for each VLAN ● Spanning Tree Flavors ○ STP ■ Original version. Only one end of a link is blocked ■ Disabled . Loop Guard ○ 802.All non-root ports. The root bridge has all designated ports ■ Alternate and backup .Andrew Crouthamel Cisco CCNA Training Notes 68 ■ Root . BackboneFast.1w) ■ Improvement over STP to provide faster convergence ■ Replaced STP ■ Preferred standard protocol ■ Uses Edge Ports to designate ports that will never be connected to other switches (access ports) ● Same as PortFast .1w ○ Rapid Spanning Tree Protocol (RSTP) (IEEE 802. includes 802.Ports that are put in blocking mode to prevent a loop. BPDU Filter. Root Guard. UplinkFast. BPDU Guard. adds VLAN instance capabilities to STP ■ Supports PortFast. does not support VLAN instances ■ Replaced with RSTP ■ Very slow response to an failure.1D-2004 ■ Update of STP.Closest to the root bridge ■ Designated . Root Guard. Root Guard. same as an RSTP Edge Port ○ Used for access ports that do not connect to switches ○ spanning-tree portfast .Global config option.Learns MAC addresses to start frame forwarding ■ Forwarding .Listens for the path to root ■ Learning . Loop Guard ■ Preferred Cisco proprietary protocol ○ Multiple Spanning Tree Protocol (MSTP) ■ IEEE standard based on Cisco proprietary MISTP ■ Multiple VLANs on one STP instance ■ Supports PortFast.Administratively disabled. BPDU Filter.Starts out blocked ■ Listening . BPDU Guard. shut down Spanning Tree Configuration ● spanning-tree vlan 1 ● Changing Bridge ID ○ spanning-tree vlan 1 root primary ○ spanning-tree vlan 1 root secondary ○ spanning-tree vlan 1 priority 24576 ○ spanning-tree vlan 1 priority 24576 ● PortFast ○ Transitions port to forwarding immediately. enables on all ports that are not trunks ● Show commands ○ show spanning-tree active ○ show spanning-tree . BPDU Guard.Interface config option ○ spanning-tree bpduguard default .Andrew Crouthamel Cisco CCNA Training Notes 69 ● Immediately transition to forwarding state ■ Link Types ● Point-to-Point ○ Direct connection to another switch. enables on all ports that are not trunks ● BPDU Guard ○ spanning-tree bpduguard enable . BPDU Filter. adds VLAN instance capabilities to RSTP ■ Supports PortFast.Normal operation ■ Disabled . Loop Guard ○ Common port states ■ Blocking .Global config option. half duplex ○ Rapid PVST+ ■ Cisco proprietary. full duplex ● Shared ○ Connection to a hub.Interface config option ○ spanning-tree portfast default . allows for an active/backup designation and load balancing ○ ICMP Router Discovery Protocol (IRDP) ■ RFC 1256.Andrew Crouthamel Cisco CCNA Training Notes 70 ● Rapid PVST+ ○ spanning-tree mode rapid-pvst ● Show commands ○ show cdp neighbors ○ show spanning-tree ○ show spanning-tree vlan 1 Redundancy Protocols ● End devices cannot be configured with more than one default gateway ● When that gateway fails. costs may be reduced by using link aggregation ● Link aggregation provides the ability to “bundle” ports together into groups (Link Aggregation Group. supported by multiple vendors and is more scalable than VRRPv2 ○ Gateway Load Balancing Protocol (GLBP) ■ Cisco proprietary. but if the router handling IP traffic for a subnet fails. LAG) and add their bandwidth together essentially . connectivity is lost ● STP helps deal with switching failures. allows for an active/backup designation ○ HSRP for IPv6 ■ Cisco proprietary for IPv6. legacy protocol ● show standby . allows for an active/backup designation ○ Virtual Router Redundancy Protocol version 2 (VRRPv2) ■ Standard protocol that offers similar functionality to HSRP ○ VRRPv3 ■ Same as VRRPv2 but provides IPV6 as well as IPv4.Show HSRP state ● show glbp .Show GLBP state Link Aggregation Basics ● Faster speed requirements traditionally were met with increased port speed and cable specifications ● While still true. allows for active/backup and load balancing ○ GLBP for IPv6 ■ Cisco proprietary for IPv6. connectivity still is lost ● Solution is to have hot standby devices that automatically take over for a failed device ● Variety of hardware redundancy protocols ○ Hot Standby Router Protocol (HSRP) ■ Cisco proprietary. 8 Gbps with Gigabit ○ Up to six EtherChannel groups ○ Packets are sent between EtherChannel ports to negotiate ■ Sent every 30 seconds ○ Ports must be configured with same speed.Andrew Crouthamel ● ● ● ● ● ● ● Cisco CCNA Training Notes 71 ○ Also provides failover capability within the bundled link ■ If one link in a group fails.Active sending of PAgP packets to negotiate a channel ■ PAgP auto . the rest will still work ○ Overrides STP blocking the duplicate links but still ensure compatibility Link aggregation options ○ Link Aggregation Control Protocol (LACP) ■ IEEE standard 802. no PAgP packets used ■ PAgP desirable . no LACP packets used ■ LACP active . duplex.Forces channel. auto) ■ On .1ax. and VLAN settings ○ Modes ■ Similar to trunking modes (trunk. auto) ■ On .Active sending of LACP packets to negotiate a channel ■ LACP passive .Passive receiving of LACP packets to negotiate a channel EtherChannel Configuration ○ interface range fa0/1-2 ○ channel-group 1 mode on LACP Configuration ○ interface range fa0/1-2 ○ channel-group 1 mode active show etherchannel Wireless Basics and Security ● Devices needed ○ Wireless NIC ○ Wireless router (common for home use) .Passive receiving of PAgP packets to negotiate a channel LACP details ○ Modes ■ Similar to trunking modes (trunk.Forces channel.1ad ○ EtherChannel (Port Aggregation Protocol. or from switch to server ○ Many server NIC drivers allow for “NIC teaming” if there are multiple ports. desirable. PAgP) ■ Cisco proprietary Can use between switches. desirable. which allows for LAG configuration to communicate with a defined LAG on a switch EtherChannel details ○ Provides full-duplex connectivity with up to 8 ports in a group ■ 800 Mbps with Fast Ethernet. previous version 802. When two devices connect directly (laptop to laptop for example) ○ Infrastructure . etc. security. Cisco/Meraki. SonicWALL. or act as a “hive mind” ● Common for larger businesses and offices ○ Many business that sell AP solutions. power. Aerohive. protocol version. usually looks like a dish of some kind ■ Yagi ● Looks like an old TV antenna. used for long distances ● Modes ○ Ad hoc . ○ Antennas ■ Omnidirectional ● Standard “rubber duck” antenna most commercial products use ■ Directional ● Communicates in one direction. etc. common for business use ■ Autonomous APs ● Individual APs that are configured independently ● Common for homes and small offices ■ Controller APs ● Require either a server (controller) to configure and operate. ○ Duration ■ The remaining duration needed to receive next frame ○ Address1 ■ MAC of receiving device ○ Address2 ■ MAC of transmitting device .Andrew Crouthamel Cisco CCNA Training Notes 72 ○ Wireless Access Point (WAP). Netgear. or communicate between themselves to select an AP to be the controller. a pseudo-triangle that points in one direction. Aruba.When devices connect to an AP ■ Basic Service Set (BSS) ● A single AP connecting all clients ● Common in homes and small offices ■ Extended Service Set (ESS) ● Multiple APs connecting clients ○ APs broadcast one or more Service Set Identification (SSID) ○ AP signal coverage overlaps to provide good quality coverage ○ APs use different channels to avoid data collisions ● Common in larger businesses and offices ● Header ○ Frame Control ■ Type of wireless frame. the receiver knows of the same code and can reconstruct the signal ■ Used by 802. WPA2 ■ Channel settings .Anyone can connect ○ Shared key .11b. cordless phones. GPS ○ Frequency-hopping spread spectrum (FHSS) ■ Similar to DSSS but rapidly changes frequency channels ■ Receiving node must know which channel to listen on . WPA. CDMA cellular.AP does not send out SSID. network shows on client for selection ○ Active client .Client must have the secret key ○ 802. 13 in Europe Discovering a network ○ Passive client . client must be configured with connection settings Security modes ○ Open .Andrew Crouthamel ● ● ● ● ● Cisco CCNA Training Notes 73 ○ Address3 ■ Optional MAC of destination such as default gateway ○ Sequence Control ■ Sequence number and fragment number ○ Address4 ■ Only used in ad hoc mode ○ Payload ■ Data from application ○ FCS ■ CRC for Layer 2 error detection Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) ○ Similar to CSMA/CD but without collision detection since that is unreliable in wireless ○ Wifi is half-duplex Management frames ○ Used to connect to an AP ■ Discover ■ Authenticate ■ Associate ○ Association parameters ■ SSID .802.11a/b/g/n/ac/ad ■ Security mode .1X .WEP.AP sends out SSID beacon.11 in North America.Network name ■ Password ■ Network mode .Username and password authentication checked against a local or remote server database. often used in large businesses Channel management methods ○ Direct-sequence spread spectrum (DSSS) ■ Spreads a signal over a larger frequency band reducing interference ■ A signal is multiplied by a known code. clients wait until attacker stops sending CTS frames Rogue Access Points ○ Issue in offices. 15.11a/g/n/ac Channel selection ○ 1. if someone brings in a home router and connects it at their desk Original mitigation techniques ○ SSID cloaking .ACL of MAC addresses allowed on wireless network Authentication methods ○ Wired Equivalent Privacy (WEP) ■ Original 802.11n can use channel bonding to turn two 20 MHz channels into one 40 MHz channel DoS attacks ○ Spoofed disconnect . 12.Andrew Crouthamel ● ● ● ● ● Cisco CCNA Training Notes 74 ■ Used by walkie-talkies and 900 MHz cordless phones.3.4. uses WEP but with Temporal Key Integrity Protocol (TKIP) or Advanced Encryption Standard (AES) to encrypt data better ○ IEEE 802.11 specification ■ Uses RC4 encryption ■ Can now be hacked within 5 minutes ○ Wi-Fi Protected Access (WPA) ■ Wi-Fi Alliance standard.0. Bluetooth ○ Orthogonal frequency-division multiplexing (OFDM) ■ Creates subchannels that are orthogonal to each other to allow overlapping ■ Very efficient at channel usage ■ Used by 802.11i/WPA2 ■ Wi-Fi Alliance calls it WPA2 ■ Uses AES for encryption ■ Suggested setting IOS Naming Scheme ● Software release families share code and apply to certain hardware ● Software releases within a family include 12. clients can still try to guess the connection ○ MAC address filtering .Disable the SSID beacon. clients reconnect causing a lot of traffic ○ CTS flood .1 . 11 are non-overlapping and good choices ○ Check nearby channel use though ○ Sometimes better to use 3 and 8 or similar ones “in-between” the main channels most people use ○ 802. 6. 15.Attacker floods Clear to Send (CTS) frames to a bogus STA.Attacker sends “disassociate” commands to all clients. maintenance release number.VoIP features ○ Advanced Security .4 image name ○ Image Name ○ Feature set ○ Run location and compression ○ Train number. IPX.Receives bug fixes from mainline as well as new features ○ 12.Always associated with a technology train (T) ○ Technology .Andrew Crouthamel Cisco CCNA Training Notes 75 ● Bug fixes and feature additions to software releases are called IOS trains ● Software families may have two or more trains ● For example. train identifier ○ File extension ● Parts of a 15.Entry-level package ○ IP Voice . 12.4 ○ Improved features and hardware support ○ Consolidated features ○ Simplified numbering system ● 15. rebuild numbers ○ File extension IOS Licensing . ATM. maintenance release.4(21a) ● Pre-v15 packages ○ IP Base .0 was released after 12.4 and 12.0 now has new release system ○ New releases.0 image name ○ Image Name ○ Image Designation ○ Run location and compression ○ Cisco signature ○ Major release. T for standard maintenance schedules ● Parts of a 12. ● 15.4T ● Number is composed of ○ Train number ○ Maintenance number ○ Rebuild number ○ 12. T trains available 2 or 3 times per year ○ Extended Maintenance (EM) releases every 16 to 20 months ○ EM releases include all features and fixes of T releases ○ EM for long term maintenance schedules. MPLS.VPN features such as IPsec. ○ Enterprise Base . minor release.Appletalk. etc.SSH/SSL. firewall. etc. IDS/IPS ○ Service Provider (SP) .4 has two trains ○ Mainline . often found in the demarc ■ Puts data on the local loop ○ Data Terminal Equipment (DTE) ■ Owned by the subscriber ■ Transfers data from LAN to DCE for transfer to the WAN ○ Demarcation Point ■ Often a common closet in a building where all phone and data .0 feature sets are now included and unlocked with a license key ● Steps ○ Purchase license from Cisco ○ Use Cisco License Manager (CLM) or the Cisco License Registration Portal to retrieve the license file ○ Apply to router with license install Location ● show version ● show license ● Evaluation license process ○ conf t ○ license accept end user agreement ○ license boot module ModuleName technology-package PackageName ○ reload ● Backup a license ○ license save flash0: ● Uninstall a license ○ license boot module ModuleName technology-package PackageName disable ○ reload ○ license clear FeatureName ○ no license boot module ModuleName technology-package PackageName disable WAN Basics ● WANs are owned by service providers.Andrew Crouthamel Cisco CCNA Training Notes 76 ● With 15. organizations lease a connection ● Needed to interconnect LANs ○ Can also use the public internet with a VPN tunnel ● WANs operate on layer 1 and 2 ○ Common now to get a “Metro Ethernet” connection that integrates easily with your network ● Terms ○ Customer Premises Equipment (CPE) ■ Subscriber owns equipment or leases from provider ○ Data Communications Equipment (DCE) ■ Owned by the provider. etc inside the providers network Equipment ○ Dialup modem ■ Legacy method. often called the “last mile” ○ Central Office (CO) ■ Local service provider building that connects to the larger provider network ○ Toll network ■ All of the equipment. converts data into voice frequencies for transmission over phone lines ○ Access server ■ Concentrator for dialup connections ○ Broadband modem ■ Used with DSL. bandwidth would be wasted ■ Loss of connection could occur due to network changes and failures ○ Packet ■ All traffic shares the medium ■ Packets of data have addressing data to let internetwork devices know where to send the data ■ Lack of transmission by one location allows for more bandwidth to be used by others ■ Traffic can be rerouted due to network changes and failures Many options for WAN connectivity Private options ○ Leased Line . or fiber Internet access ○ CSU/DSU ■ CSU offers termination for the digital signal ■ DSU converts the line frames into LAN frames ■ Often one device integrated into a router or similar device ○ WAN switch ■ Used by a provider ○ Router ■ Provides access to the WAN through compatible interfaces such as serial connections ○ Core router/Multilayer switch ■ Backbone router in the core of a WAN Circuit vs Packet Switching ○ Circuit ■ Legacy method. cable. one dedicated connection would be created from point A to point B ■ If traffic was not being sent over connection.Andrew Crouthamel ● ● ● ● Cisco CCNA Training Notes 77 terminations occur for providers ■ Spot where responsibility changes hands from provider to subscriber ○ Local Loop ■ The cable that connects to the CO. cabling. etc.Andrew Crouthamel ○ ○ ○ ○ ○ ● Public ○ ○ ○ ○ Cisco CCNA Training Notes 78 ■ Been around since the 1950s ■ Dedicated line ■ Legacy method PSTN ■ Public Switched Telephone Network ■ “Dialup” ■ Legacy method ISDN ■ Integrated Services Digital Network ■ Circuit-switched method ■ 128 kbps maximum ■ Legacy method Frame Relay ■ Uses PVCs which are identified by a data-link connection identifier (DLCI) ■ Supports virtual circuits (VCs) ATM ■ Asynchronous Transfer Mode ■ Can transfer any kind of data ■ Uses cells instead of frames. 53 bytes in size ■ Needs 20 percent more bandwidth than Frame Relay due to overhead MPLS ■ Multiprotocol Label Switching (MPLS) ■ Can carry any traffic including ATM. usually the former is greater Cable ■ Uses existing coaxial cable network ■ Shared trunk ■ Data-over-Cable Service Interface Specification (DOCSIS) ● Specifies Layer 1 and 2 Fiber ■ New infrastructure being installed by Verizon. meaning download bandwidth is different from upload speed. Frame Relay. Google. ■ Labels tell a router what to do with a packet Options DSL ■ Digital Subscriber Line ■ Combines existing telephone cables into one “cable” that runs Time Division Multiplexing (TDM) to accomplish fast T3+ data rates ■ Uses a filter to allow only low frequencies to the telephone. thus allowing one to share the line for voice and data ■ Most common implementation is asynchronous (ADSL). and others Satellite ■ Expensive and slow. usually a last resort or used in very remote areas . ● Service provider networks ○ Synchronous Optical Networking (SONET) or Synchronous Digital Hierarchy (SDH) ○ SONET is an American ANSI standard. IPsec. often at a similar price to their existing dial up connections ■ Dedicated wireless routers may be purchased to integrate cellular internet into an existing LAN ○ VPN ■ Virtual Private Network ■ Site-to-site and remote access options ■ Many different technologies. sequentially. PPTP. SDH is a European ETSI and ITU standard ■ Essentially the same technology ● Dense Wavelength Division Multiplexing (DWDM) ○ Bidirectional ○ 80 different channels/wavelengths ○ 10 Gbps per channel ○ Used in submarine cables Serial Point-to-Point ● Common type of WAN ● Frequently used for T1 connections ● Serial means bits are one after another. etc.Andrew Crouthamel Cisco CCNA Training Notes 79 ○ Cellular ■ 3G/4G is now offering data rates to customers higher than previously available in rural areas. L2TP. and is the preferred method for modern technologies ○ Other technologies such as parallel printer cables transmitted many bits at once over several wires ● Standards ○ RS-232 ■ Most serial ports on a PCs ■ Both 9 and 25 pin variants ■ Used for many devices ■ Being phased out in favor of USB ○ V.35 ■ Used mostly for modems and T1 routers ○ HSSI ■ Used for T3 routers and other high speed WANs ● Time Division Multiplexing (TDM) ○ Allows for multiple communications to share one link . allowing multi protocol support ■ If cross vendor connection is needed. PPP is suggested ● PPP ○ Should be used when connecting to a non-Cisco vendor .25/Link Access Procedure. DS1. replaced with PPP ○ X. used in service providers to transfer various protocols ● HDLC ○ Developed by International Organization for Standardization (ISO) ○ ISO 13239 ○ Defines a framing method to provide flow control and error control via acknowledgements ○ Uses frame delimiter to mark beginning and end of each frame ○ Version implemented on Cisco products has additions that are Cisco proprietary.Andrew Crouthamel Cisco CCNA Training Notes 80 ○ Eliminated the need for wasteful circuit-switched networks ○ Implemented on the physical layer. Balanced (LAPB) ■ Specifies connections between a DTE and DCE ■ Largely replaced with Frame Relay ○ Frame Relay ■ Uses Virtual Circuits (VCs) ■ Connects networks together via Layer 2 ○ ATM ■ Discussed previously. no need for specific protocols ○ Divides the bandwidth into time slots. allocating channels to each time slot ● CPE is usually a router which is the DTE ● DCE is a device used to convert data from the DTE to a form usable on the WAN ● Bandwidth is usually broken down into Digital Signal Level Numbers (DS0. etc.) ○ DS0 is 64 kbps ■ Same bandwidth needed for an uncompressed digital phone call ○ 24 DS0’s can be bundled to get a DS1 (T1) ○ 28 DS1’s can be bundled to get a DS3 (T3) ○ etc WAN Encapsulation ● Protocols ○ HDLC ■ Default encapsulation ○ PPP ■ Uses HDLC but includes security such as PAP and CHAP ■ Used for router-to-router or client-to-network connections ○ Serial Line Internet Protocol (SLIP) ■ Point-to-point protocol. 1 255.0. authentication.255. error detection ○ Session establishment ■ Phase 1 .0.If quality goes under 80%. link will shutdown Multilink .NCP negotiation for Layer 3 protocol ● Configuration ○ int fa0/1 ○ encapsulation hdlc ● show interfaces serial ● show controllers PPP Configuration ● ● ● ● ● ● conf t int s0/0/0 encap ppp compress predictor ppp quality 80 .255.Send traffic over multiple links to same destination ○ int multilink 1 ○ ip address 10.Establish link and negotiate configuration ■ Phase 2 . IPX. etc. compression.0 ○ ppp multilink ○ ppp multilink group 1 ○ int s0/0/0 ○ ppp multilink ○ ppp multilink group 1 ● show interfaces serial ● show ppp multilink ● Authentication . IPv6.Andrew Crouthamel Cisco CCNA Training Notes 81 ○ Provides ■ Framing for transporting multiple protocols ■ Link Control Protocol (LCP) for establishing the connection ■ Network Control Protocol (NCPs) for allowing multiple Layer 3 protocols ● IPv4. AppleTalk. ■ Link quality monitoring and management ■ Security through PAP and CHAP authentication ○ LCP provides ■ Packet size ■ Configuration errors ■ Link termination ■ Link failure ■ Negotiation of encapsulation formats.Link quality check ■ Phase 3 . Andrew Crouthamel Cisco CCNA Training Notes 82 ○ PAP vs CHAP ■ PAP uses a username and password sent in plain text ■ CHAP uses a three way handshake with a shared secret for encryption ○ PAP configuration ■ Username and password configured below on one router. must be the expected username and password received from the other router ■ conf t ■ username R1 password MyPassword ■ int s0/0/0 ■ encap ppp ■ ppp authentication pap ■ ppp pap sent-username R2 password MyPassword ○ CHAP configuration ■ Username and password configured below on one router. cheaper alternative to dedicated leased lines Uses PVCs which are identified by a data-link connection identifier (DLCI) Supports virtual circuits (VCs) Being phased out in favor of MPLS and VPN over public Internet Can be broken into smaller pieces for purchase. such as 4 kbps instead of the 64 kbps for dedicated lines ● Cheaper because providers can place multiple customers on one circuit ● Encapsulates Layer 3 protocol ● Virtual Circuits (VCs) ○ Connection between two DTEs is a VC ○ Called a VC because there is no dedicated connection. it’s a virtually switched connection like other packet-switched networks ○ Switched Virtual Circuits (SVC) . must be the hostname and password received from the other router ■ conf t ■ username R1 password MyPassword ■ int s0/0/0 ■ encap ppp ■ ppp authentication chap ● Show commands ○ debug ppp ○ debug ppp packet ○ debug ppp authentication ○ show interfaces serial 0/0/0 ○ show controllers Frame Relay Basics ● ● ● ● ● Good. Andrew Crouthamel ● ● ● ● ● ● Cisco CCNA Training Notes ■ Created by sending messages to the network ○ Permanent Virtual Circuits (PVCs) ■ Preconfigured by the carrier. status messages.Towards destination ○ Backward Explicit Congestion Notification (BECN) .Very expensive ○ Partial mesh . global addressing. flow control Committed Information Rate (CIR) ○ Guaranteed bandwidth customer pays from provider ○ Providers can also allow bursting of traffic over the CIR Flow Control bit ○ Simple.0.Sometimes used for large networks Uses Inverse ARP to resolve IP to DLCI Can override Inverse ARP with static mappings ○ frame-relay map … [ietf] [cisco] ■ Use ietf when connecting to other vendors Local Management Interface (LMI) ○ Keepalive to provide information about connections between DTE and DCE ○ Every 10 seconds ○ show frame-relay lmi ○ Can also do multicasting. it warns of congestion ○ DE bit in header can be set to 1 to identify lower priority traffic and may be discarded if necessary Frame Relay Configuration ● ● ● ● ● ● ● ● conf t frame-relay switching int s0/0/0 ip address 10.252 encap frame-relay [cisco] [ietf] frame-relay intf-type dce clock rate 9600 bandwidth 1536 83 .255.1 255. most common ○ Defined by DLCIs ■ Defined by provider as well ■ No significance beyond the local link ■ Each side could have a different DLCI ○ Many VCs can be on one physical line Topologies ○ Star (hub and spoke) .Towards network ○ When set to 1.0.Most common ○ Full mesh . does not do it per-VC ○ Forward Explicit Congestion Notification (FECN) .255. 1 255.Required to ensure fragmentation does not occur due to additional PPPoE header dialer pool 1 int fa0/1 pppoe enable pppoe-client dial-pool-number 1 VPN Basics ● Allow for secure remote access from the road.0. L2TP.2 100 [broadcast] show frame-relay map Split horizon becomes an issue when using multiple VCs with routing protocols ○ Can be solved by disabling split-horizon.0. SSL.Andrew Crouthamel Cisco CCNA Training Notes 84 ● ● ● ● frame-relay interface-dlci 100 frame-relay map ip 10. PPTP ○ Site-to-site is usually handled through firewall hardware.0. or between two locations ○ Remote access is usually handled through VPN software on the client and either VPN hardware or operating system as the main site ■ May be IKE/IPsec.0.0 ○ bandwidth 1536 ○ frame-relay interface-dlci 100 ● Show commands ○ show interfaces ○ show frame-relay lmi ○ show frame-relay pvc ○ clear frame-relay inarp ○ show frame-relay map ○ debug frame-relay lmi PPPoE Configuration ● ● ● ● ● ● ● ● ● ● ● conf t interface dialer 1 encap ppp ip address negotiated ppp chap hostname ProviderRouter ppp chap password ProviderPassword ip mtu 1492 .255. or using subinterfaces ■ Same as doing so on a switch ○ interface s0/0/0. although server operating systems can do it as well .100 point-to-point ○ ip address 10.255. 3DES. ○ Provides ■ Confidentiality (encryption) ■ Data Integrity ■ Authentication ■ Anti-Replay Protection ○ Encryption Algorithms ■ Note: DES (56 bit) and 3DES (168 bit) are no longer considered secure. ATM.“Shared key”.Andrew Crouthamel Cisco CCNA Training Notes 85 ■ Usually IKE/IPsec.. For comparison. but L2TP and PPTP also possible ● Cheap solution if looking to save money and not purchase a connection from a provider ○ May not be as reliable. also. and fast ● Asymmetric . SHA. more bits is more secure. AES. no quality guarantee since it traverses public internet ● Original VPNs used Generic Routing Encapsulation (GRE) which offered no authentication or encryption ● IPsec now provides authentication and encryption of various kinds to ensure data integrity and security ○ DES. AES 128/192/256 ○ Internet Protocol Security (IPsec) ○ Runs on Layer 3.Uses Rijndael cipher which won a contest run by the National Institute of Standards and Technology of the United States (NIST) to replace the aging DES algorithm ● AES-128 would take about 100 billion years to crack with brute force. the universe is about 13 billion years old. especially with AES-256. ■ More encryption (more bits) means more security but slower . but some are designed to work with certain encryption algorithms ○ Such as DH Group 5 or 14 and AES-256 ■ Advanced Encryption Standard (AES) . 512 bit and 768 bit RSA has been cracked and not recommended ● Recommended to use AES and 2048 bit RSA (if using RSA) ■ Symmetric vs Asymmetric ● Symmetric . And. Frame Relay ○ Modular and allows for different algorithms to be used ■ MD5. etc. but uses an asymmetric algorithm (Diffie-Hellman) to share keys to enable the symmetric encryption ● Many different bit levels for additional Diffie-Hellman security. DES. each side has same key/password ○ Decently secure. it re-keys every 8-24 hours usually based on configuration. 3DES.Different key for encryption and decryption ○ Considered more secure but much slower ■ IPsec uses symmetric encryption.. So someone would have to crack that 100 billion year algorithm within 8-24 hours. authenticating and encrypting IP packets ■ Thus. almost all applications can be secured with IPsec ■ Can run over any Layer 2 protocol such as Ethernet. And then there’s AES-256. starting to be considered insecure due to work on hacking it ● SHA .Uses TCP 443 ○ Convenient since it can get around many firewalls in hotels and such ○ Client software for PCs also seem to be less buggy ○ Industry appears to be transitioning to SSL as the preferred method due to ease of use ○ Cisco offers ■ Cisco AnyConnect Secure Mobility Client with SSL ● Requires AnyConnect client installed ■ Cisco Secure Mobility Clientless SSL VPN ● Requires a web browser GRE Tunnel Configuration ● ● ● ● ● ● ● ● IETF RFC 2784 Offers no authentication or encryption Can be useful for routing other protocols through a network Stateless conf t int Tunnel0 tunnel mode gre ip ip address 192.168.255.Certificates may be shared with each side ○ Confidentiality ■ Authentication Header (AH) . there are also 256. 384.Encrypts packet ● IPsec .SHA-1 is a 160 bit key.Andrew Crouthamel Cisco CCNA Training Notes 86 encryption/decryption ● VoIP and video may not work well with VPNs offering high level of encryption ○ Data Integrity ■ Two common hashing algorithms used to ensure data integrity ● MD5 .2 255.255.0 .128 bit key. each side has a pre-shared key/password configured ■ RSA signature .Most common implementation.Does not encrypt packet ■ Encapsulating Security Payload (ESP) . and 512 bit versions ○ Authentication ■ PSK . uses client software on PC ○ Cisco offers ■ Cisco Easy VPN ● Requires Cisco VPN Client installed ● SSL .100.Uses UDP 500/4500 ○ Traditional method. Notice ○ 6 .Optional.8.1 ● tunnel destination 8.99 .2.Sends 0-4 level messages only ○ logging trap warning .168.8.Alert ○ 2 . even with SNMPv3 available now (which offers enhanced security) .Debug ● Configuration ○ conf t ○ logging 192. as well as set settings of devices ○ Setting of configurations not often used due to security concerns. 1901-1908. defines which interface IP is stamped on log messages ● Timestamps ○ conf t ○ service timestamps log datetime ● Show commands ○ show logging SNMP Basics ● Simple Network Management Protocol (SNMP) ● IETF RFC 1157.Andrew Crouthamel Cisco CCNA Training Notes 87 ● tunnel source 4. 2273-2275 ● Used to retrieve metrics and settings.Error ○ 4 .Emergency ○ 1 .Same as above ○ logging source-interface fa0/1 .1.Warning ○ 5 .8 ● Show commands ○ show ip interface brief ○ show interface tunnel ○ show ip ospf neighbor Syslog Basics ● ● ● ● Many systems produce log data in a standardized format IETF RFC 3164 UDP 514 Levels ○ 0 .Informational ○ 7 .2.Send syslog to server ○ logging trap 4 .Critical ○ 3 . enabling a new interface. ○ I like to think of MIBs as: MIBs are to OIDs as DNS is to IPs ● Retrieval of SNMP values are often done from an SNMP server on a schedule of X number of seconds. very wasteful ■ Uses a “community string” as a shared password to offer some form of security ■ Used mostly for “get” requests to retrieve values ○ SNMPv2c ■ RFC 1901-1908 ■ Used in most production networks ■ Queries are much more efficient. RFC 1157 ■ Not often used anymore ■ When a server queries a device.Andrew Crouthamel Cisco CCNA Training Notes 88 ● UDP 161 for retrieval. called “polling”. data format. sent to the devices and requesting a variety of OID values ○ Uses UDP 161 ● SNMP Traps are sent from a device to the SNMP server when something changes. polling only OID values it needs ■ Uses a “community string” as a shared password to offer some form of security ■ Used mostly for “get” requests to retrieve values ○ SNMPv3 ■ RFC 2273-2275 ■ Becoming more popular but device support is still not complete ■ Provides authentication and encryption ■ Sees more use than 1 or 2c for “set” requests to set values ● Separate community strings can be set for “get” (ro) and “set” (rw) ● Configuration ○ snmp-server community MyPassword ro ○ snmp-server location The Location of Device ○ snmp-server contact Contact Person ○ snmp-server community MyPassword ACL .1.Define server to send traps to and SNMP version ○ snmp-server enable traps . usually something like a hardware failure.99 version 2c MyPassword . traps sent on UDP 162 ● Uses Object Identifiers (OID) assigned by ISO which define the metrics that can be retrieved or set on a device ● Management Information Base (MIB) files are hierarchical collections of OIDs that describe the OIDs available for a device. and usually describe just one OID change ○ Uses UDP 162 ● Versions ○ SNMPv1 ■ Old.Restrict SNMP via ACL ○ snmp-server host 192.168. valid ranges. unplugging a cable. etc. it polls the entire tree. etc. so one flow capture will only see one direction.Common ports are 99.1. 9996 ○ ip flow-export version 5 ● Show commands ○ show ip cache flow ○ show ip flow interface ○ show ip flow export Credits ● Thank you to all my backers! ● They came from all over the world: ○ Australia ○ Austria ○ Bahrain ○ Brazil ○ Canada ○ Estonia ○ Finland . byte counts.Andrew Crouthamel Cisco CCNA Training Notes 89 ● Show commands ○ show snmp ○ show snmp community NetFlow Basics ● Provides statistics on traffic flowing through a router or Layer 3 switch ○ Source/destination. etc. ● Flexible NetFlow is the latest version ○ Uses Version 9 export format ■ Template-based ○ Many commands introduced with IOS 15. 2055.168. port.99 2055 .1 ● Netflow is unidirectional ○ Clients send/receive traffic. one must configure two flow captures on an interface to get both directions ● Configuration ○ conf t ○ int fa0/1 ○ ip flow ingress ○ ip flow egress ○ exit ○ ip flow-export destination 192. Andrew Crouthamel ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Cisco CCNA Training Notes Germany Greenland Ireland Luxembourg Netherlands New Zealand Norway Peru Russian Federation Singapore Slovenia Sweden Switzerland United Kingdom United States ● Backers: ○ @TwirX ○ Aaron Newark ○ ACP ○ ACS ○ Adam Cornwell ○ Adam Kuyper ○ Adiel ○ Ajay Patel-UTSA Association of Information Systems ○ Alex Broque ○ Alex Gonzalez ○ Alex Wilkinson ○ Andrew Green ○ Andy Bradford ○ Andy Mc ○ Anthony Parker ○ Anthony Z Foster ○ Aref Mourtada ○ Arysta ○ Ashley ○ BT ○ B. Paggen ○ bakednoodle ○ Bart Fibrich ○ Ben Doyle ○ Ben Ellett ○ Ben Story 90 . Kravchuk Dale Virgin Damian Van Dooren Dan Metzger Daniel Brown Daniel Hatke Daniel L Daniel T.Andrew Crouthamel ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Cisco CCNA Training Notes Betsy Nickel BigDave Bill Bradford Bill Wood Billy Bennett Blake Johnson Bob Zabaga Brandon Karis Brandon Pierce Brendan Best @ Grey Earth Brett Kuhlman Callen Trail Carlo M. Cau5tik chalberg Chase Hoffman Chris Chris Dudek Chris O'Grodnick Chris Padilla Chrisg Gibbs Christine Oei Christopher Green Christopher Thomas Cody Wilson Compupaq Computer Chip dot Biz Connor Ness Core Systems Technology Craig Arnold D Choo D. Briggs Darrell Stanley Darth Vader David L David Rose 91 . Nguyen Henrik Lindhe Hush Ian Barker Ian Fosso Ian W Stearns Ickypoopy Imran Lone inux 92 .Andrew Crouthamel ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Cisco CCNA Training Notes Deep Breath Technologies Derek "skwerl" Gray Derek Boge Derek Degenhardt Dimitry Dok Dominic Dominic A Dominic Kallas Dominic Watkins Douglas Philips Dr.FB Creations Firas Alnemer For I Am CJ Franklin Leung Fred söderberg Galen Muir GenericName21 Geoffrey Cameron George Vanburgh George Velios Gerzain Maldonado Padilla Gordon Dexter Hai D. Laronski Duane G. Dustin Adams dyung Ed Knudsen Eddi Hughes Electronic Production Services Elias-John Fernandez-Aubert Eric Ness Eric Rivas Espen Alexander Strømme Farrukh Bashir . net J. Villarreal Joseph Taylor Josh Connors Josh Vazquez 93 . James Gannon James Geiger James Godwin Jamey Rush Jamie MacFarlane Jamie Mitchell Jamie Piperberg Jase Jason Bob Gerschwin Samperi Jason Carpenter Jason Chen Jason Colby Jason Mills Javier Umpierrez Jay Johnson Jerad Jackson Jeremy Jethro Nederhof Jim Pacek Joe Ficocello Joe Zang Joel Anderson Joel Francois John John Bergoon John Miller John Shumway Jon Schillinger Jonathan Allen Jonathan Bucud Jonathan Gonzalez Jonathan Hazan Jonathan Tite Jordan Harder Jordan R.Andrew Crouthamel ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Cisco CCNA Training Notes io Networks ipSpace. Cyganowski Jack Jacob W. Andrew Crouthamel ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Cisco CCNA Training Notes Joshua Graham Joshua M. Cowles Joshua Michael Hublar Joshua Miller Joshua R. Aulik Justin Clay Justin Kahrs Justin Los Keith Gates Ken Reinertson Kenneth J Bass Kenneth Katz Kevin Clack Kevin Low Kevin Vo Kieran Innes Kirk MacArthur kkfong Kris Amundson Kurtis Kylar Grey Kyle Reilly Kyle Root L. Nick Lee Holbrook Leron Culbreath Lester Covax Loren C Gordon Louis T. Luke Wallis LV Lynn Dixon Maikel Lodewijk [NL] Marc Tinnemeyer Marcus Daniels Marion Dominador Cravens Marlon Cook Marvin Bricker Matt Baird Matt Bloomfield Matt Byrd Matt Forman Matt Robinson 94 Andrew Crouthamel ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Matt Tatum Matthew Breckenridge Matthew Swinburne Matthew Wagner Melissa Bernetsky Michael Boutin Michael Edwards Michael Fletcher Michael J. Biase Michael Jacobson Michael Kahnoski MICHAEL L WALK3R Michael Lycett Michael Mayer Michael Pena Michael Richards Michael Segal Michael Stubbs Michel Fortier Miguel Carrero Mikael Ljungman Mike Kraus - Cisco MikeIT Millar Clelland Mooch Page Nathan Strebel Nathan Thorpe NETHINKS GmbH Netwurx Nicholas Boller Nicholas Robinson-Wall Nick Stadler Norm M. Zastre Oskar Andersson Patrick McGirr PatrickH Paul C. Cook Paul Fischer Paul J. Turner Pete Baldridge Peter Thorne Philipp Bieber Rafael Bianco Nacif Cisco CCNA Training Notes 95 Andrew Crouthamel ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Cisco CCNA Training Notes Ray Perkins Raymond Hernandez Reggie L. Richard Clyne Richard Hiers Rick Guyton Riffy Divine Rob Bruner Rod MacPherson Rolf Røsand Roman Belogurov Ross Parlette Ross Wilson Rudy Brunetti Rudy Giacchetti Ryan "ryanknapper" Knapper Ryan Broadfoot Ryan Heath Ryan Holder S. Bearden Sam Aschwanden Sam Girtman Schoemaker IT Scott Olson Scott Reed Sean R ShaTT Shawn Morford Si B. Sid McLaughlin Simon Wagner SJM Steffann spkujis Sriram Sriram Sridharan Stan Yamane Stan Zieg Stephen Bush Stephen W. Chen Steven Fitkin Steven M. Miano Steven Nuhn Stewart Lewis Jr 96 com William D Lipira William Lee William Sanderson William Woodward Zafo129 Zedd Epstein zot171 ..J.And those who wished to be anonymous! 97 .net Van Johnson Victor Bredholt Vidar Salte Warren T Ridings Wee Eng Hin WettestHat.Andrew Crouthamel ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ ○ Cisco CCNA Training Notes Syed Asad Zahoor T.com The Cabalse Group The Source Computing Group Theodore Runk Tim Kelsch Tim Miller Tim Reynolds TJ333 Tom Cannon Tom Nielsen Tony Miller Tony Testa Tuncay Sagir uebi.. Pile Tafsir Thiam TapIT Solutions TechFleece.
Report "Cisco CCNA Routing and Switching Training Notes.pdf"