Академический Документы
Профессиональный Документы
Культура Документы
640-607
CCNA 3.0
Version 1
www.testking.com -1-
640-607
CCNA FOUNDATIONS .................................................................................................. 4 OSI Model....................................................................................................................... 4 Upper Layer .................................................................................................................... 5 Lower Layers .................................................................................................................. 5 Data Link Layer Tasks.................................................................................................... 6 Network Layer Tasks...................................................................................................... 7 Transport Layer Tasks .................................................................................................... 8 LAN Physical Layer Implementations............................................................................ 8 CISCO DEVICE BASICS.............................................................................................. 10 Command Modes .......................................................................................................... 10 Basis Switch Commands............................................................................................... 11 Switch Configuration using the Command Line .......................................................... 11 Basic Router Information.............................................................................................. 12 Common CLI Error Messages ...................................................................................... 12 Basic Router Commands............................................................................................... 13 Advance Router Configuration ..................................................................................... 14 OBTAINING NETWORK INFORMATION .............................................................. 16 CDP............................................................................................................................... 16 CDP Related Commands .............................................................................................. 16 Telnet Application ........................................................................................................ 17 Router Basics ................................................................................................................ 18 Router components ....................................................................................................... 18 CATALYST 1900 SWITCH .......................................................................................... 21 Functions....................................................................................................................... 21 Frame Decisions............................................................................................................ 21 Avoiding Loops ............................................................................................................ 21 Spanning Tree Protocol................................................................................................. 22 Spanning Tree Path Cost............................................................................................... 23 Spanning Tree Protocol elections ................................................................................. 23 Spanning Tree States..................................................................................................... 24 How Frame Are Sent .................................................................................................... 24 Switch communication.................................................................................................. 25 Catalyst 1900 Switch Configuration............................................................................. 25 Configuration commands.............................................................................................. 26 Virtual LANs ................................................................................................................ 27 TCP/IP ............................................................................................................................. 28 TCP Connection Establishment .................................................................................... 29 Windowing.................................................................................................................... 29 TCP/IP Internet Layer................................................................................................... 29 ICMP............................................................................................................................. 30 IP Addressing Basics .................................................................................................... 30 www.testking.com -2-
640-607 Address Classes ............................................................................................................ 31 Broadcast....................................................................................................................... 32 Subnetting ..................................................................................................................... 33 Configuring IP Addresses ............................................................................................. 35 ROUTING 101 ................................................................................................................ 36 Route Selection ............................................................................................................. 36 Routing Protocols.......................................................................................................... 37 Administrative Distance................................................................................................ 37 Routing Protocol Classes .............................................................................................. 37 RIP ................................................................................................................................ 40 IGRP ............................................................................................................................. 40 ACCESS LISTS .............................................................................................................. 42 Access List Types ......................................................................................................... 42 Access List Guidelines.................................................................................................. 42 Standard IP Access List ................................................................................................ 43 Extended IP Access Lists.............................................................................................. 45 Verifying and Monitoring Access Lists........................................................................ 46 NOVELL INTERNETWORK PACKET EXCHANGE (IPX) PROTOCOL SUITE ........................................................................................................................................... 47 IPX ................................................................................................................................ 47 Encapsulation Types ..................................................................................................... 48 CISCO AND WIDE AREA NETWORK (WAN) ........................................................ 50 WAN Connection Types............................................................................................... 50 WAN Layer 2 Encapsulation ........................................................................................ 50 HDLC............................................................................................................................ 51 PPP................................................................................................................................ 51 ISDN ............................................................................................................................. 52 FRAME RELAY............................................................................................................. 54 LMI ............................................................................................................................... 54 Subinterface Connection Types .................................................................................... 55 Obtain Frame Relay Information .................................................................................. 56 LABS ................................................................................................................................ 57 Lab 1 Configure a name and passwords for a router ................................................. 57 Lab 2 Configuring Router Interfaces ......................................................................... 59 Lab 3 Configuring Static Routes................................................................................ 61 Lab 4 Configuring RIP and Restoring Configuration................................................ 62 Lab 5 Configuring IGRP............................................................................................ 63 Lab 6 Access List....................................................................................................... 64
www.testking.com -3-
640-607
CCNA Foundations
OSI Model
One of the keys to understanding Cisco is the OSI model. The OSI model permits people to understand how internetwork works and it serves as a guideline or framework for creating and implementing network standards, devices, and internetworking schemes. Some of the advantages of the OSI model include: It allows for the breaking down of complex operation into simple elements; Enables engineers to specialize the design and development of modular elements; and It provides standards for plug and play and multivendor integration.
Application Appliction (Upper) Layers Presentation Session Transport Layer Network Layer Data Flow Layers Data Link Layer Presentation Layer Media Access Control (MAC) Sublayer Logical Link Control (LLC) Sublayer
To assist in remembering the OSI model layers in the proper area you might want to try either of the following sentences: All Application People Presentation Seem Session To Transport Need Network Data Data Link Processing Physical www.testking.com -4-
640-607
Or from the bottom of the OSI model to the top Please Do Not Throw Sausage Pizza Away.
Upper Layer
Upper Layers The upper layers of the OSI model deal with user interface, data formatting, and application access. Specifically these layers do the following: Application Layer this is where the user/applications access the network. Presentation layer determines how data is presented and special processing such as encryption. Session Layer controls the establishment the establishing, managing and terminating communications sessions between presentation layers.
Lower Layers
The four lower layers are in charge of how data is transferred across a physical wire, through internetwork devices, to desired end station, and finally to the application on the other side. Specifically these layers do the following: Transport provides for both reliable and unreliable delivery and error correction before retransmit. Network provides logical addressing which device us for path destinations Data Link Combines bits into bytes and bytes into frames, provided access to media using MAC addresses, and error detection. Physical responsible to move bits between devices and specifies voltage, wire speed and pin-out cables. Encapsulation The method of passing data down the stack and adding headers and trailers is called encapsulation. For the each of the lower four layers the unit are as follows: Transport Network Data Link Physical Segment Packet Frame Bits
www.testking.com -5-
640-607 Collision vs Broadcast Domains Collision domain is a group of devices connected to the same physical media such that if two devices access the media at the same time, the result is a collision of the two signals. Broadcast Domains is a group of devices in the network that receive one anothers broadcast messages.
640-607 2. All devices connected to the same bridge/switch are part of the same broadcast domain. 3. All segments must use the same data link layer implementation: Ethernet and all Token Ring. 4. In switched environment, there can be one device per segment, and each device can send frames at the same time, thus allowing the primary pathway to be shared.
www.testking.com -7-
640-607
www.testking.com -8-
640-607 Ethernet Cabling Specifications Cable 10Base5 10BaseT 100BaseTX 100BaseFX Coax Thick Cat 3,4,5 UTP, 2 pair Cat 5 UTP, 2 pair Multimode fiber Maximum Segment Length 500 meters 100 meters 100 meters 400 meters Topology Bus Star Star Point-to-point Connector AUI RJ-45 RJ-45 Duplex media interface connector (MIC) ST
www.testking.com -9-
640-607
Command Modes
Cisco IOS software uses a command-line interface as its traditional console environment. There is two default access levels: user EXEC level and privileged EXEC level. The user EXEC level allows user access to a limited number of basic monitoring commands. Privileged EXEC level provides access to all router commands. This can be passwordprotected to allow only authorized users to configure or maintain the router. When a device is in EXEC mode, this is represented by the > symbol. The following represents this: hostname> More commands are accessible from the privilege EXEC mode, to change the device to this mode you would issue the enable command. The switch or router prompt will change to he following: hostname# To return to the user EXEC mode you will need to type disable.
www.testking.com -10-
640-607
640-607 You will also need to configure the ip address of the switch this achieved as follows: testking(config)# ip address 10.5.5.11 255.255.255.0
640-607 You did not enter enough of the keywords or values required. Solution Reenter the command followed by a question mark (?) with no space between the command and the question mark. $ Invalid input detected at ^ marker Reason for error The command was entered incorrectly. The caret (^) marks the place of the error. Solution Enter a question mark (?) to display all the commands that are available in this command mode. When you are in the command line there are a number of shortcuts or hot keys you can use. Command Line Editing Key Sequence Ctrl-a Ctrl-e Ctrl-f Ctrl-b Esc-f Esc-b Ctrl-d Ctrl-k Ctrl-x Ctrl-w Ctrl-u Ctrl-r Backspace Tab
Description Moves the cursors to the beginning of the line. Moves the cursors to the end of the line. Moves the cursors forward one character. Moves the cursors backward one character Moves the cursors forward one word Moves the cursors backward one word Deletes a single character. Deletes everything to the right of the cursor. Deletes everything to the left of the cursor. Deletes a word. Deletes a line. Refreshes the command line and everything typed up to this point. Removes one character to the left of the cursor. Completes a partially entered command if enough characters have been entered to make it unambiguous.
www.testking.com -13-
640-607 show running-configuration this commands is used to display the configuration that is being used by the IOS and that is located in the RAM. show startup-configuration this commands displays the backup configuration that is located in the NVRAM. This is the file that is used to configure the router during startup.
640-607 To add a Message of the Day you would use the banner motd command. Space and a delimiting character would follow this command. An example follows: testking(config)#banner motd * Information Department You must be authorized to use this system! * In order to secure your router you can use passwords. Passwords can be used for both the priviledge EXEC mode and on individual lines. All passwords are case sensitive. To configure a login password for console terminal you would do the following to set the password as england: testking(config)#line console 0 testking(config-line)#login testking(config-line)#password england To set a password for an incoming Telnet session you would do the following: testking(config)#line vty 0 4 testking(onfig-line)#password london To further secure your router you can provide an enable password. These passwords restricts access to privilege EXEC mode. To encrypt the enable password you would need to use the enable secret command. An example of both commands follows: testking(config)#enable password washington testking(config)#enable secret boston
www.testking.com -15-
640-607
640-607
To obtain additional information you can use either the show cdp neighbours detail command or show cdp entry * command. show cdp entry command will display the following information: Neighbor device ID Layer 3 protocol information The devices platform The devices capabilities The local interface type and outgoing remote port ID The hold time value in seconds OIS type and version
show cdp traffic this command displays the number of CDP packets sent and received and the number of errors. show cdp interface - this command displays the configuration information and the interface status of the local device.
Telnet Application
CDP only provides information about directly connected devices. To obtain information about remote devices you will need to use the Telnet application. On a router there is no need to use neither telnet nor connect to establish a Telnet session. All you need to do is enter the IP address. For a Catalyst switch you will need to enter the telnet command followed by the IP address of the remote device. show sessions this command shows a list of devices that you are connected to. This will allow you to verify Telnet connectivity. This commands displays the following for each device: Host name IP address Byte count Amount of time the device has been idle Connection name assigned to the session
show user this command displays whether the console port is active, and to list all all active Telnet sessions, with the IP address or IP alias of the originating host. Local connections are represented by con and remote connections are represented vty. www.testking.com -17-
640-607
Ctrl-Shift-6, all together, followed by x will suspend the Telnet connection resume this command will resume one session. If there was more than one session before only the last active session will be resumed. resume sessionnumber (where sessionnumber will be the actual session number) this command will resume a specific Telnet session. You can use the show sessions command to determine the required session number. To can end a Telnet session you can use the following commands: exit or logout EXEC command while on the remote device to log out of the console session. disconnect EXEC command while on the local device to end the Telnet session. If you want to disconnect one single session you can use the disconnect sessionnumber (where sessionnumber will be the actual session number) command. clear line this command will close a Telnet session from a foreign host. You will need to use the show user command to determine which users are on the device. This will provide you with the lines that need to be disconnected. Other useful TCP/IP tools that you can use are the ping command and the traceroute command. The ping command verifies connectivity and traceroute will show the route that packets travel.
Router Basics
Booting Sequence of a router Step 1 POST Step 2 Load and run bootstrap code Step 3 Find the IOS software Step 4 Load the IOS software Step 5 - Find the configuration Step 6 Load the configuration Step 7 Run
Router components
Routers have the following components: www.testking.com -18-
640-607
RAM contains the software and data structures that allow the router to function. ROM read only memory. Contains microcode for basic functions to start and maintain the router Flash memory the primary use is to contain the IOS software image NVRAM this stores the configuration Configuration Register this controls how the router boots up. Interfaces
ROM microcode contains: Bootstrap code POST code ROM monitor Partial IOS
show version this command will be display the configuration register value. copy running-configuration tftp this will copy the running configuration to a tftp server. This will store a copy of the configuration on a location other than the device. copy running-configuration startup-configuration this command will move the running configuration to the startup-configuration (NVRAM). This can be done to save changes to the configuration. copy startup-configuration running-configuration this command will move the startup configuration (NVRAM) to the running-configuration (RAM). As previously stated the Flash memory contains the IOS image. To obtain information about your router memory and image file you can use the show flash command. This command can provide the following: Total amount of memory on the router Memory available System image file name The size of the file in Flash
The name of the Cisco image file contains different parts. An example is c2500-js1_120-3.bin. c2500 shows the platform that the image runs. js j means that this is an enterprise image and s shows an extended capabilities. www.testking.com -19-
640-607 1 means the file is not compressed and can be moved. 120-3 represents the version number of the image. .bin means that this is a binary executable file. copy tftp flash this command will download a new image from a network server to the Flash memory.
www.testking.com -20-
640-607
Frame Decisions
When a switch receives a frame that is its MAC table, the frame will only be sent to the port that is associated with that MAC. When a switch receives a multicast frame or a broadcast frame it is sent to all other ports. This process is referred to as flooding.
Avoiding Loops
Switched and bridge networks are designed with redundant links and devices. This can eliminate single points of failure that would cause a failure of the entire network. This redundant design can cause many problems. The possible problems are: Without some form of loop avoidance there is a distinct possibility that each switch will flood the network with broadcasts continuously. These broadcasts www.testking.com -21-
640-607 can lead a broadcast storm that can cause a waste of bandwidth and severely impacts network and host performance. Many copies of nonbroadcast frames may delivered to the destination device. This could cause unrecoverable errors. MAC address table could become instable as it receives of the same frame being received on different ports.
Loop avoidance can address each of these problems. Broadcast storms are eliminated through a loop avoidance solution would prevent one of the interfaces from transmitting or receiving during normal operations. This can be achieved through using the Spanning Tree. This will be discussed in greater detail. Database instability results when multiple copies of a frame arrive one different ports of a switch. This can be eliminated through a loop avoidance solution would prevent one of the interfaces from transmitting or receiving during normal operations. This can be achieved through using the Spanning Tree. This will be discussed in greater detail. A large complex bridged or switched network with multiple switches can cause multiple loops to occur in the switched network. A loop avoidance mechanism is required to eliminate this. This is the main reason for the Spanning Tree Protocol.
www.testking.com -22-
640-607 Each nonroot bridge will have on root port the root port is the one with lowest cost path to the root bridge. These root ports are in the forwarding state. Spanning Tree path cost is an accumulated cost based on bandwidth. If the cost is the same then it is the port with the lowest port number. On each segment there is one designated port once again the designated port is selected on the bridge that has the lowest path cost to the root bridge. As these ports are in the forwarding state they are responsible for forwarding the traffic of the segment. Nondesignated ports are in a blocking state so as to break a loop in the topology. As a result it cannot forward traffic. Devices running the Spanning Tree Protocol exchange Bridge Protocol Data Unit (BPDU). BPDU are multicast message are sent by default is sent every 2 seconds that contain configuration information including the bridge ID. This ID most often contain 2 bytes for priority and 6 bytes that contain the MAC address of the device.
The Catalyst Switch 1900 use the old calculations whereas other Catalyst switches , such as 2900XL, use the revised calculations
www.testking.com -23-
640-607
These states are moved through by Spanning Tree to maintain a loop free topology. Normally a port is either a blocking state or a forwarding state. When a change is sensed ports temporarily change to the listening and learning states. All ports start in the blocked state. These port still receive BPDUs. Ports move to the listening state. The move to this state to ensure if the transitions it they will not create a loop. Next the port will populate its MAC address table in the learning state but will not forward frames. Finally the port begin receiving and sending frames once it moves into the forwarding state. The default time to move from the blocking state to the forwarding state is 50 seconds. The time it takes for a device to transition between the listening to learning and learning to forwarding is called forward delay. The default Spanning Tree timers are as follows: Timer Hello Time Forward Delay Max age Default 2 seconds 30 seconds 20 seconds
640-607 Fragment-free this mode (also referred to as modified cut-through) reads the first 64 bytes of the forwarding frame. In this way collisions can be fiilterd out as they usually occur within the first 64 bytes. The Catalyst 1900 default mode is fragment free switching.
Switch communication
Half-duplex transmission mode implements Ethernet carrier sense multiple access collisions detect (CMSA/CD). This mode is prone to collisions as one line is used for both receiving and sending transmissions. A good parallel is a one lane bridge over a river where cars in one direction must wait for the cars coming the other way are done before moving. Full-duplex Ethernet significantly increase bandwidth are separate circuits (of a twisted pair) are used to transmit and receive frames. This arrangement is collision free. Therefore you effectively double the wires initial bandwidth. Each full duplex connection only uses one port. This is achieved by using point-to-point Ethernet and Fast Ethernet connections.
As the CCNA exam deals with the use of the CLI so will this study guide. The default configuration settings of the Catalyst Switch is as follows: IP address 0.0.0.0 CDP Enabled Switching mode fragment-free 100BaseT port auto detect duplex mode Spanning Tree Enabled Console password none
www.testking.com -25-
640-607
Configuration commands
config term this command will put the switch into the global configuration mode. For example: switch# conf term switch(config)# To configure a specific interface (port) you would do the following: switch(config)# interface e0/1 switch(config-if)# To configure the IP address and subnet mask on the switch you would do the following: switch(config)# ip address {address} {mask} Where address is the IP address and mask is the subnet mask. To configure the default gateway you would do the following: switch(config)# ip default-gateway {ip address} IP address is the IP address of the default gateway such as 10.5.5.3. To configure the duplex mode of an interface you would do the following: switch(config)# interface e0/1 switch(config-if)#duplex {auto|full|full-full-control|half} auto sets the duplex mode to autonegotiation. This is the default for 100 Mbps TX ports. full sets the mode to full-duplex. full-flow-control sets the mode to full-duplex with flow control. half set the mode to half duplex mode. This is default option for 10 Mbps TX ports. show version user EXEC command to display basic information about hardware and the IOS software version. Also included is memory information and uptime. copy nvram tftp this command will upload the running configuration to a TFTP server. copy tftp nvram downloads the configuration file from the TFTP server.
www.testking.com -26-
640-607
Virtual LANs
A VLAN (Virtual Local Area Network) is a switched network that is logically segmented by communities of interest without regard to the physical location of users. Each port on the Switch can belong to a VLAN. Ports in a VLAN share broadcasts. Ports that do not belong to that VLAN do not share these broadcasts thus improving the overall performance of the network. VLANs remove the physical constraints of workgroup communications. Layer 3 routing provides communications between VLANs. In other words users can be in totally different physical locations and still be on the same VLAN. Likewise users in the same physical location can be on different VLANs. VLANs provide the following benefits: Reduced administration costs from solving problems associated with moves and changes - As users physically move they just have to be re-patched and enabled into their existing VLAN Workgroup and network security - You can restrict the number of users in a VLAN and also prevent another user from joining a VLAN without prior approval from the VLAN network management application. Controlled Broadcast activity - Broadcasts are only propagated within the VLAN. This offers segmentation based on logical constraints. Leveraging of existing hub investments - Existing hubs can be plugged into a switch port and assigned a VLAN of their own. This segregates all users on the hub to one VLAN. Centralized administration control - VLANs can be centrally administrated.
Inter-Switch Links (ISL) is a Cisco proprietary protocol used to interconnect switches and to maintain VLAN information as traffic goes between switches. ISL provides VLAN capabilities while maintaining full wire-speed performance over Fast Ethernet links in full- or half-duplex mode. It operates in a point to point environment. show spantree this command will display the Spanning Tree Protocol configuration status of the switch.
www.testking.com -27-
640-607
TCP/IP
Another important concept for someone preparing for the CCNA exam is the Transmission Control Protocol/Internet Protocol (TCP/IP) stack. In particular Layer 3 and Layer 4. The TCP/IP model compares to the OSI model as follows: OSI Model Application Presentation Session Transport Layer Network Layer Data Link Layer Presentation Layer Transport Layer Internet Layer Data Link Layer Presentation Layer Application TCP/IP Model
The TCP/IP application layer enables the following operations: Email Network Management File Transfer Name Management Remote login At the transport layer the following two protocols operate: TCP connection orientated protocol/ reliable protocol. UDP User Datagram Protocol is connectionless and unacknowledged protocol.
www.testking.com -28-
640-607
TCP and UDP both use ports to pass information to the application layers. The most common ports used are: Port 21 23 25 53 69 161 520 Application FTP Telnet SMTP DNS TFTP SNMP RIP
TCP UDP
Windowing
TCP controls the flow of data with windowing. The receiving device reports how many octets it is prepare to receive, a window, from the sending device. TCP window size can change during the duration of the connection. Each acknowledgement contains how many bytes the receiving device can receive. If the window size is set to zero it means the buffer of the receiving device is full and cannot receive any more data. The sending device will not send additional data until an acknowledgement has a window bigger than zero.
640-607
1. Internet Protocol (IP) is a connectionless protocol that provides for a best effort delivery of datagrams. The content of the datagram is not a concern, rather route to a destination is. 2. Internet Control Message Protocol (ICMP) provides control and messaging capabilities. 3. Address Resolution Protocol (ARP) determines the data link layer address (MAC address) of the destination device for known destination IP address. 4. Reverse Address Resolution Protocol (RARP) determines the source network address (IP address for example) when source data link layer address (MAC Address) is known. This is used when a device does not know its own IP address when it comes onto a network.
ICMP
ICMP messages are passed in IP datagram and are implemented to send error and control messages. The ICMP messages include: Address request Address Reply Destination Unreachable Echo Echo Reply Information Request Information Reply Parameter Problem Redirect Subnet Mask Request Time Exceeded Timestamp Timestamp Reply
IP Addressing Basics
A host or node is a computer or device on a TCP/IP network. Every TCP/IP node is uniquely identified by its IP address. An IP address consists of a network ID and a host ID. If two different hosts belong to the same network, they have the same network ID. The two hosts will have different host ID's and can communicate with each other locally www.testking.com -30-
640-607 without going through a router. If two hosts have different network ID's, they belong to different segments on the network. They must communicate with each other remotely through a router or default gateway. An IP address consists of 32 binary bits, where each bit is either a 0 or 1. We write the 32 bits into four 8-bit numbers (octets) separated by a periods. For Example: 11000001 . 00001010 . 00011110 . 00000010 (IP address in binary form) To convert the IP address from binary to decimal form, we convert each of the four 8-bit numbers in each octet according to the following table: Decimal Value Octet Value 128 x 64 x 32 x 16 x 8 x 4 x 2 x 1 x
So the first octet in the above binary number would be translated as: Decimal Value Octet Value 128 1 64 1 32 0 16 0 8 0 4 0 2 0 1 1
Everywhere a 1 appears in the table, the decimal value in that column is added to determine the decimal value of the entire octet. Or 128 + 64 + 1 = 193 Using the same table to translate the other three octets would give us the following result. 00001010 = 8 + 2 = 10 00011110 = 16 + 8 + 4 + 2 = 30 00000010 = 2 So in decimal form, the above IP address is: 193.10.30. 2
Address Classes
An IP address consists of two parts, one identifying the network and one identifying the host. The Class of the address determines which part is the network address and which part is the host address. There are 5 different address classes. The decimal notation of the very first octet can distinguish classes. The following Address Class table illustrates how you can determine to which class and address belongs. www.testking.com -31-
640-607
Class Range of Network Numbers A 1.0.0.0 to 126.0.0.0 B 128.0.0.0 to 191.255.0.0 C 192.0.0.0 to 223.255.255.0 D 224.0.0.0 to 239.255.255.255 E 240.0.0.0 to 247.255.255.255 Please note 127 is reserved for local testing.
Network Bits Default Subnet Mask 8 255.0.0.0 16 255.255.0.0 24 255.255.0.0 Multicast Research The local loopback is 127.0.0.1.
The two parts of IP address of 172.16.122.204 is as follows: Network number 172.16 (first 16 bits) and Host number is 122.204 (the remaining 16 bits). If you are required to determine how many hosts are available for given IP address you can use the following formula: 2N 2 (where N is the number of bits are in the host portion) For example: 172.128.0.0 As this is a Class B address the first 16 bits are used for the network. As a result 16 bits remain for host. 216 2 = 65534 available host address.
Broadcast
Cisco IOS software support three types of broadcasts: Flooding Directed broadcasts All subnet broadcast Flooded broadcast are considered local and are represented by 255.255.255.255. Directed broadcast are sent to a particular network and are allowed to transit by a router. Directed broadcasts have 1 in the host portion of the address. If you want to send a broadcast to the third subnet of the 172.16 network the address would be 172.16.3.255. To send a broadcast to all the subnets of 172.16 network the address would be 172.16.255.255. www.testking.com -32-
640-607 If you are provided with an IP address and a subnet mask address you can determine the subnet address, the broadcast address, the first usable address and the last usable address. There is usually a question or two on exams that will require this process. 172 172.16.2.160 255.255.255.192 172.16.2.128 9 172.16.2.191 172.16.2.129 172.16.2.190 Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 10101100 11111111 8 10101100 10101100 10101100 10101100 16 00010000 11111111 00010000 00010000 00010000 00010000 2 00000010 11111111 00000010 00000010 00000010 00000010 160 3 10100000 11000000 10000000 10111111 10000001 10111110 1 2 4 5 6 7
Write the 32 bit address in binary notation. Write the 32 bit subnet mask in binary just below it. Draw a vertical line just after the last contiguous subnet mask 1. In arrow just below, place all 0s for the remaining free spaces (to the right of the line). This will be subnet mask. In the next row, to right of the line, place all 1s until you reach 32 bit boundary. This will be the broadcast address. On the right side of the line on the next row, places all 0s in the remaining free spaces until you reach the last free space. Place a 1 in that freed space. This will be your first usable address. On the right side of the line on the next row, places all 1s in the remaining free spaces until you reach the last free space. Place a 0 in that freed space. This will be your first usable address. Copy down all the bits you wrote in Step 1 for the bit fields of the left of the line in all four lines. Convert the bottom four rows to dotted-decimal.
Subnetting
Subnetting is the process used to divide the total available IP addressed (hosts) for your Network into smaller subnetworks (subnets). For example, the Network ID we used in the discussion above (193.10.30.0). This network would consist of 256 possible IP addresses (193.10.30.0 - 193.10.30.255). We know this because in a Class C address, only the last octet is available for host IDs (0000000 - 11111111) or (0-255). Since 0 is used to identify the whole network and 255 is reserved for broadcasts, which leaves us with 254 possible hosts (193.10.30.1 - 193.10.30.254). Suppose we wanted to divide those 254 addresses up into 6 smaller subnets. Using what is referred to as a Subnet Mask can do this. By looking at the above table we can see Class C addresses all have a default subnet mask of 255.255.255.0. Since the last octet of the subnet mask is 0, it means that the Host IDs have not been subdivided into smaller www.testking.com -33-
640-607 subnets. However, if we choose to divide our network into a few smaller segments (subnets), then we would change the default subnet mask by replacing the last octet with one of the valid subnet masks. If you are asked to determine subnet masks, number of subnets and the number of host you can refer to the charts below. For some situations will be required to memorize these charts so that you can reproduce them. Class B Subnet Table Number of Bits 2 3 4 5 6 7 8 9 10 11 12 13 14 Class C Subnet Table Number of Bits 2 3 4 5 6 Subnet Mask 255.255.255.192 255.255.255.224 255.255.255.240 255.255.255.248 255.255.255.252 Number of Subnets 2 6 14 30 62 Number of Hosts 62 30 14 6 2 Subnet Mask 255.255.192.0 255.255.224.0 255.255.240.0 255.255.248.0 255.255.252.0 255.255.254.0 255.255.255.0 255.255.255.128 255.255.255.192 255.255.255.224 255.255.255.240 255.255.255.248 255.255.255.252 Number of Subnets 2 6 14 30 62 126 254 510 1022 2046 4094 8190 16382 Number of Hosts 16382 8190 4094 2046 1022 510 254 126 62 30 14 6 2
Whenever you are asked to determine subnet masks, number of hosts and number of subnets you can either use the charts provided above or you can use the method illustrated previously in this guide (converting address and subnet mask to binary).
www.testking.com -34-
640-607
Configuring IP Addresses
Switches To configure a 1900 switch with an IP address you would use the ip address command. For example: Switch(config)#ip address {ip address} {subnet-mask} {ip address} would be the dotted decimal number. {subnet-mask} would be subnet mask related to the IP address. To establish a default gateway for your switch you would us the ip default command. For example: switch(config)#ip default-gateway {ip-address} {ip-address} - would be the IP address of the device which is the default gateway.
Router To establish a logical address on a router interface you would use the ip address command. For example: router(config-if)#ip address {ip-address} {subnet-mask} The {ip-address} {subnet-mask} parameters are the same as they are for a switch.
www.testking.com -35-
640-607
Routing 101
Route Selection
A router has two methods that it can forward packets to a non-directly connected device: Dynamic routes Once a routing protocol is configured on a router it will automatically learn routes. Whenever the network topology changes the routing protocol will update the route information. Static routes These are routes that an administrator manually enters into the router. If a change occurs in the network topology then the administrator will need to manually change the static routes to reflect the new network topology.
To configure a static route you would us the ip route command. The ip route command parameters are: ip route {network} {mask} {address|interface} [distance] [permanent] {network} - is the destination ip address {mask} is the related subnet mask {address is the address of the next hop rotuer interface} is the name of the interface used to get to the destination network [distance] you may provide an administrative distance for the route. More information on administrative distance will be provided shortly [permanent] you may use this argument to specify that the route will remain even if the router is shut down. If you wanted to establish a static route to 172.16.2.0, subnet mask of 255.255.255.0, and the next hoop router was 172.16.1.2 the command would be as follows: router(config)#ip route 172.16.2.0 255.255.255.0 172.16.1.2 To assign a default route to the same location you would enter the following command: router(config)#ip route 0.0.0.0 0.0.0.0 172.16.1.2
A routing protocols are network layer protocols. They gather information from packets to ascertain information and to maintain their information. Routed protocols, on the other hand, are transport mechanisms for traffic through the use of the packets fields and www.testking.com -36-
640-607 formats. Once a routing protocol has determined the route, routed protocols, such as TCP/IP and IPX, are used by the router to route the traffic.
Routing Protocols
Routing protocols have two major types: Exterior Gateway Protocols (EGP) These protocols are used to communicate information between autonomous systems (AS). An example of EGP is BGP (Border Gateway Protocol). Interior Gateway Protocols (IGP) IGP are the routing protocols inside an AS. Examples of IGP are RIP (Routing Information Protocol) and IGRP (Interior Gateway Routing Protocol).
Administrative Distance
Administrative Distances are used to determine the trustworthiness of a route of each route source. The route with the lowest administrative distance will be the one used for routing. Administrative distances can be form 0 to 255. The default administrative distance are indicated in the table below: Source of Route Connected Interface Static Route address EIGRP IGRP OSPF RIP External EIGRP Unknown/Unbelievable Default Distance 0 1 90 100 110 120 170 255
Distance Vector Distance vector based routing algorithms pass periodic copies of a routing table from router to router. Routers send their routing table to all of their directly connected neighbors. This allows for the routers to communicate topology changes and it also allows routers to know the topology of the network through second hand information. RIP and IGRP are Distance Vector Routing Protocols. Routing table updates must occur when the network topology has changed. As with the network discovery process, topology change notification must occur router to router. When an update is received from a neighboring router, the update is compared to its own routing table. Routing tables will only be change if a route with a smaller hop count is discovered. Distance vector routing protocols are open to the following problems: Routing Loop this can occur when the network is slow to converge from a topology change. As a result, inconsistent route information can occur. Counting to infinity can cause packets to be sent around the network continuously when the required route is down.
These problems can be avoid with the following techniques: Defining a maximum number of hops - Specify a maximum distance vector metric as infinity. 16 with RIP and 256 with IGRP. Split Horizon - If you learn a protocols route on an interface, do not send information about that route back out that interface. Route Poisoning - Information past out on an interface is marked as unreachable by setting the hop count to 16 for RIP Hold Down Timers - Routers ignore network update information for some period of time. The timers can been reset when: 1. The timer expires. 2. Infinity is finally defined as some maximum number. 3. Another update is received indicating that the original route to the network has been restored.
www.testking.com -38-
640-607 Link State The Link State Routing algorithm maintains a more complex table of topology information. Routers using a link state routing protocol have a complete understanding and view of the entire network. The Link State algorithm uses Link State Packets (LSP) to inform other routers of distant links. All routers exchange LSP to build a total view of the network. OSPF is a Link State Routing Protocol. When the topology changes, the first routers to find out sends LSP to all other routers on the internetwork. All routers then re-calculate the best path to any affected route. Link State routing protocols are more intensive in terms of power, memory, and bandwidth required. The differences between distance vector and link state are as follows: Distance Vector gets all its information second hand or gossip whereas link state routing obtains a total topology of the internetwork. Distance Vector determines the best path by counting hops. Links State uses a complex bandwidth analysis. Distance Vector updates topology changes every 30 seconds as default, which causes a slow convergence time. Link State can be triggered by topology changes resulting in faster convergence times. Link state is harder to setup.
Problems with Link State Link-state (OSPF) needs lots of processing power to rebuild the routing database (tree). Network bandwidth, is another problem. Link-state info can flood the network. Balanced hybrid approach combines the aspect of the link state and distance vector algorithms. EIGRP is an example of this approach. To configure dynamic routing protocols you use the following commands: router(config)#router {protocol}[keyword] {protocol} RIP, IGRP, OSPF, or EIGRP [keyword] stands for a autonomous system. IGRP requires this parameter. Router(config-router)#network {network number} {network number} specifies the directly connected network. www.testking.com -39-
640-607
RIP
If you want to enable RIP on a router that is directly connected to the following networks, 192.168.2.0 and 10.0.0.0 you would use the following commands: router(config)#router rip router(config-router)#network 192.168.2.0 router(config-router)#network 10.0.0.0 Display RIP associated information The show ip protocols command displays values associated with routing timers and network information associated with the entire routers. The show ip route command displays the contents of the IP routing table. The debug ip rip command displays RIP routing updates as they are sent and received.
IGRP
IGRP is an advance distance vector routing protocol. It offers a number of features that other distance vector protocols do not have. These features are: Increased scalability. IGRP default hop count is 100 and its maximum hot count is 255 hops. Sophisticated metric. It uses a composite metric. More will follow on this point. Multiple path support. IGRP can maintain up to six unequal cost paths betweens a source and destination.
As stated before IGRP uses a composite routing metric. This metric includes the following parts: Bandwidth the lowest bandwidth value in the path. Delay the cumulative interface delay on the path. Reliability the reliability between source and destination, determine by the exchange of keepalives. Load the load on a link between the source and destination based on bits per second. www.testking.com -40-
By default only bandwidth and delay are used by the IGRP metric. To configure IGRP you would use the following combination of commands: router(config)#router igrp {autonomous-system} router(config-router)#network {network-number} To enable IGRP on a router, on autonomous system 100, that connects to network 192.168.1.0 and 10.0.0.0 the commands would be: router#config t router(config)#router igrp 100 router(config-router)#network 192.168.1.0 router(config-router)#network 10.0.0.0 To change the default load balance of IGRP, which is 1 (equal sharing), you use the variance command to configure un-equal cost load balancing by defining the difference between the best metric and worst acceptable metric. In addition you can use the traffic share command to control how traffic is distributed among IGRP load sharing routes. Display IGRP related information The show ip protocol command displays parameters, filters, and network information about the entire router. In addition, it will also provide the autonomous system, routing timers, networks, and administrative distances. The show ip route command displays the contents of the IP routing table. The table contains a list of all known networks and subnets associated with each entry. The debug ip igrp events command will display a summary of the IGRP routing information. By default a router assumes all directly connected subnets are listed in its routing table. If the router receives a packet for an unknown destination address, the packet will be dropped. This can be changed with the ip classess command. With the ip classess command configured if a packet is received for an unknown destination then the packet will be sent to the default route and not dropped.
www.testking.com -41-
640-607
Access Lists
Access list can be used to control network traffic. Specifically Access Control Lists (ACLs) are used in routers to classify traffic. Once the traffic is recognized it can then utilized to filter traffic to control the traffic in a network. These filters can be used to either filter the flow in or out of a router interface. Access lists are most often used to filter packets.
Access lists can have the following applications: Inbound access lists packets are checked before they are process onto an outbound interface. This is the most efficient form of access list, as a packet that is dropped will not be looked up in the routing table. If the packet is accepted it will then be processed for transmission. Outbound access lists The packet is sent to the outbound interface from the inbound interface then the accessed list is applied before the packet is routed.
www.testking.com -42-
640-607 You can only have one access list per protocol for each direction on each interface. An interface can have more than one access list as long as there is only on per protocol. Access list are implemented from the top down. Specific references should appear before general one as more frequent conditions should appear before the less frequent ones. There is an implicit deny at the end of every access list. If an access list does not have a permit statement there is an implicit deny all. Create the access list before it is applied to the interface. If an access list is applied before it is created then all traffic is permitted. Access list only applies to traffic being processed through the router. Traffic from the router is not filtered.
Protocol IP Access List Standard Extended Named IPX Access List Standard Extended Named
Number Range 1 to 99 100 to 199 Name (Cisco IOS 11.2 and later) 800 to 899 900 to 999 Name (Cisco IOS 11.2 and later)
640-607
Wildcard Mask A wildcard mask is 32 bit, 4 octet, address that can be used on a router to allow you to apply an access list to a specific IP address or a specific range of IP addresses. Wildcard masking for IP address bits uses the numbers 1 and 0 to indicate how to treat the corresponding IP address bits: O in the wildcard mask indicates that the corresponding bit in the IP address must checked. 1 in the wildcard mask indicates that the corresponding bit in the IP address must be ignored. In the chart below please find some example of wildcard masks and what the mean. 128 64 32 0 0 0 0 0 1 0 0 0 1 1 1 1 1 1 1 1 16 0 1 0 1 1 8 0 1 1 0 1 4 0 1 1 0 1 2 0 1 1 0 1 1 0 1 1 0 1 Meaning Check all address bits (match all) Ignore the last 6 address bits Ignore the last 4 address bits Check last 2 address bits Do not check address (ignore bits in octet)
To apply the access list you will need to first identify the interface and then apply it to the interface. The following commands are used: router(config)#interface serial 0 router(config-if)#ip access-group {access-list-number}{in|out} {access-list-number} this would be the number of the access list that you want to apply. {in|out} you can specify if the access list is in or out. By default it is out if it is not specified. The previous commands are the ones used to apply an access list to a physical interface, if you want to apply an access to a virtual interface the commands are slightly different. A virtual interface is called virtual terminal lines (vty). By default, there are five such virtual terminal lines, numbered vty 0 to vty 4. These are used to Telnet to the command line interface (CLI) of a router. In the case for virtual terminal lines the commands are: router(config)# access-list {number 1-99} {permit|deny} {source-address} {wildcardmask} router(config)#line vty 0 4 router(config-line)#access-class {access-list-number}{in|out} www.testking.com -44-
640-607 {access-list-number} this would be the number of the access list that you want to apply. in prevents a router from receiving Telnet sessions from the IP address in the access list. out prevents the router vty ports from initiating Telnet connections to addresses defined in the access list.
Then you would apply the access list with the following command: router(config-if)#ip access-group {access-list-number}{in|out} www.testking.com -45-
640-607
www.testking.com -46-
640-607
IPX
IPX is a: Does not require an acknowledgment for each packet as it is Connectionless datagram protocol. It is much like IP and UDP. Layer 3 protocol that defines the network layer address. This includes a network.node designator.
Novell Netware has its own proprietary: IPX RIP to make possible exchange of routing information. Service Information Protocol (SAP) to advertise and find network services. An example is GNS (Get Nearest Server). Netware Core Protocol (NCP) to provide client to server connections and application level services. Sequenced Packet Exchange (SPX) is a Layer 4 connection orientated protocol. IPX and SPX are very similar to IP and TCP.
Novell IPX addressing uses a two-part address the network number (32 bits) and the node number (48 bits). The node number is most often the MAC address of network interface.
www.testking.com -47-
640-607
Encapsulation Types
IPX has its own encapsulation types but they do Cisco equivalents. These equivalents are listed in the table below. Media Type Ethernet IPX Encapsulation Ethernet_802.3 Ethernet_802.2 Ethernet_II Ethernet_SNAP Token-Ring_SNAP Token-Ring FDDI_SNAP FDDI_802.2 FDDI_Raw Cisco Encapsulation novell-ether (default) sap ARPA snap snap (default) sap snap (default sap novell-fddie
The ipx routing command enables IPX routing and SAP services. An optional node address can be specified for the serial interface. If no node address is specified, the Cisco router uses the MAC address of the LAN interface. The proper syntax is: router(config)#ipx routing [node] The ipx maximum-paths command enables load sharing. The default is 1, meaning no load sharing is enabled. The syntax is: router(config)#ipx maximum-paths {paths} {paths} represents the maximum number of parallel paths to the destination. Default is 1 (no sharing) and the maximum is 512. To enable IPX routing on an interface you would us the ipx network command. That is: router(config)#ipx network {network} [encapsulation encapsulation-type] {network} this would be the network number. [encapsulation encapsulation-type] this would help specify an encapsulation type (arpa, novell-ether, novell-fddi, sap and snap). Standard IPX Access Lists Standard IPX access lists permit or deny packets based upon the source and destination IPX addresses. This differs from IP where it only looks at the source address. There are www.testking.com -48-
640-607 no wildcard masks with IPX and you can use either the Node Address or Network Address. To configure it you would use the following command: router(config)# access-list 810 permit 4b 5c The same, other than wildcard mask, commands are used to create and enable IPX Standard Access Lists and Extended Access Lists as are used for IP.
www.testking.com -49-
640-607
640-607 X.25/Link Access Procedure, Balance (LAPB) a standard that controls connections between DTE and DCE. Frame Relay is the industry standard for switched data link protocol that handles virtual circuits. This is the next generation of X.25. Asynchronous Transfer Mode (ATM) the international standard for cell relay in which multiple services types are conveyed in fixed-length cells.
HDLC
As stated earlier Cisco has its own version of HDLC. Cisco HDLC frame includes a proprietary type field that is used to indicate protocol. This makes possible multiple network layer protocols to share the same serial link. To enable this use the following command: router(config-if)#encapsulation hdlc
PPP
PPP is a data link layer protocol with network services. As a result PPP can be broken into sublayers: data link layer and physical layer. PPP use Network Control Program (NCP) to encapsulate multiple protocols. PPP session consists of the three stages: 1. Link Establishment 2. Authentication Phase (optional) 3. Network layer protocol phase To enable PPP authentication you will use the following commands: router(config)#hostname {name} The router must have name. {name} will be the name you select for the router. If you wanted to call your router testking you would use the following command: router(config)#hostname testking
www.testking.com -51-
640-607 Next you need to provide the router with the name and password that should be expected from the remote router. You would use the following command: testking(config)#username {name} password {password} Both parameters are case sensitive. The final step is to configure PPP authentication. The command would be as follows: testking(config-if)#ppp authentication {chap|chap pap|pap chap|pap}
ISDN
Integrated Services Digital Network (ISDN) is a digital service designed to run over existing telephone networks. ISDN can support both data and voice simultaneously. ISDN encompasses the OSI Physical, Data Link, and Network Layers. ISDN networking can provide up to 128 Kbps with a PPP Multilink connection to corporate networks or the Internet. A Basic Rate Interface (BRI) connection can also be used as a backup line in case the primary link goes down. In this case you have to set the desirability of the ISDN link to be very low. In other words only use if there is no other way. ISDN has the following benefits over standard telephone connections: Data transfer is faster than typical modems Call setup is faster ISDN can carry voice, video, and data traffic
ISDN Protocols These protocols deal with ISDN issues: E Specifies ISDN on the existing telephone network. I Specifies Concepts, terminology, and Services. Q Specifies switching and signaling.
ISDN Function Groups Devices connected to the ISDN network are known as terminals and have the following types:
www.testking.com -52-
640-607 TE1 Terminal Equipment type 1 understands ISDN standards. Such as a BRI Interface on a router. TE2 Terminal Equipment type 2 predates ISDN standards. To use a TE2, you must have a Terminal Adapter (TA).
ISDN Reference Points ISDN uses four different reference points to define logical interfaces. They are as follows: R Defines the reference point between non ISDN equipment and a TA S Defines the reference point between user terminals and an NT2 T Defines the reference point between NT1 and NT2 devices U Defines the reference point between NT1 devices and Line Termination Equipment. (North America Only)
ISDN offers the following benefits: Full-time connectivity is spoofed on routers using DDR SOHO sites can be cheaply supported Can be used as a backup for leased lines Using modem cards can eliminate modem racking
ISDN can either be Basic Rate ISDN (BRI) or Primary Rate ISDN (PRI). BRI is 2 64 Kbps B Channels for data and one 16 Kbps D Channel for link management and connects to NT1 for 4-wire connection. PRI is 23 B Channels and 1 D Channel in the US or 30 B Channel and 1 D Channel in Europe. Occasionally when configuring ISDN you will need to configure a Service Profile ID (SPID). A SPID is a series of characters which can look like phone numbers. These numbers will identify your connection to the Switch at the CO. The SPIDs are processed during each call setup operation.
www.testking.com -53-
640-607
Frame Relay
Frame relay is a fast WAN protocol that operates at the Physical and Data Link layers (mostly Data Link layer) of the OSI model. Frame relay is used between DTE and DCE devices. Uses Packet Switching. DTE consists of terminals, PCs, routers and bridges, all of which are customer owned end node devices. The service provider owns DCE devices such as packet switchers. Frame Relay uses Permanent Virtual Circuits (PVCs). Data Link Connection Identifier (DLCI) is used to identify connection. Frame Relay offers speeds between 56 Kbps and 2,078 Mbps. However, the default setting for a serial DCE interface is T1. Frame Relay uses a CRC, bad packets are discarded and the receiving station requests re-transmission of any missing frames. Data Link Connection Identifiers (DLCI) Used to identify the virtual circuits. DLCIs can be set to a number between 16 and 1007.
LMI
Local Management Interfaces (LMI) Provide information about the DLCI values and the status of virtual circuits. The default is Cisco but there are 3 possible settings: Cisco (Default) ANSI Q933a
To set up frame relay on an interface just set the encapsulation to frame-relay. Frame relay encapsulation can either be Cisco (Default) or IETF. You must use Cisco encapsulation to connect two Cisco routers or IETF if a third party router is involved. Frame Relay configuration is done in the interface configuration mode. Although LMI type is configurable, the Cisco router will try to autosense which LMI type the switch is using: router(config-if)#encapsulation frame-relay {cisco|ietf} To assign a DLCI to an interface you would type: router(config-if)#frame-relay interface-dlci {number 16-1007} To set the LMI type you enter: router(config-if)#frame-relay lmi-type {cisco|ansi|q933a}
www.testking.com -54-
640-607 A keepalive interval must be set to enable LMI on an interface. This is 10 seconds by default and can be set by typing: router(config-if)#frame-relay keepalive {number of seconds} Frame Relay Maps The Frame Relay Map tells the network protocol how to get from a specific protocol and address pair to the correct DLCI. There are two ways to make this happen, you can use the frame-relay map command or you can use the inverse-arp function. The frame-relay map command can be used to show which routers are reachable. router(config-if)#frame-relay inverse-arp {protocol} {dlci} router(config-if)#frame-relay map {protocol} {protocol address} {dlci} [broadcast] [cisco|ietf] With frame-relay you can use subinterfaces to allow multiple virtual circuits on a single serial interface and each subinterface can be treated as a separate interface. You use the interface s0.interface number command: router(config-if)#interface s0.{subinterface-number} {point-to-point|multipoint}
Committed Information Rate (CIR) the rate, in bits per second, at which the Frame Relay switch agrees to transfer data.
www.testking.com -55-
640-607
www.testking.com -56-
640-607
Labs
Lab 1 Configure a name and passwords for a router
You have been tasked to change some of the configurations on one of your companys router. Specifically you tasks are: 1. 2. Task 1 You will need to log onto your router. You should see a prompt that looks like: Router> In order to configure parameters you will need to be the privileged EXEC mode. Therefore the first step will be to use the enable command. Router>enable Router# It is now necessary to enter the global configuration mode. To do this you will need to do the following: Router#config terminal Now you are ready to change the name of your router. You will need to do the following: Router(config)#hostname test_king test_king(config)# Task 2 You now need to configure a password for the router. You will need to do the following: test_king(config)#enable password Paris test_king(config)# You know you need to backup these configuration changes to the startup configuration. You will need to do the following: www.testking.com -57Change the name of the router to test_king. Restrict access to privileged EXEC mode. The password should be Paris.
640-607 test_king(config)#copy running-configuration startup-configuration test_king(config)# You have completed the tasks assigned to you. It is now time to exit the global configuration mode and the privilege EXEC mode. You will need to do the following: test_king(config)#exit test_king#disable test_king>exit You report back to your supervisor and he says that he forgot to tell you that he also wanted an enable secret password (Denmark) and he wanted a copy of the most current running configuration on the TFTP server (10.1.1.1). You will need to log onto your router. You will need to begin with the enable secret password. You return and take the following actions to start: test_king> test_king>enable Password:***** test_king#config t test_king(config)# Now it is time to configure the new secret password. You will need to do the following: test_king(config)#enable secret Denmark test_king(config)# Now you need to save this change to the startup configuration and then copy the running configuration to TFTP server. You will need to do the following: test_king(config)#copy running startup test_king(config)#copy running-config tftp Address or name of remote host []? 10.1.1.1 Destination filename [running-config]? test_king.fg test_king(config)# Now it is time to exit the router. You will need to do the following: test_king(config)#exit test_king#disable test_king>exit
www.testking.com -58-
640-607
www.testking.com -60-
640-607
www.testking.com -61-
640-607
640-607
www.testking.com -63-
640-607
www.testking.com -64-