You are on page 1of 132

CCNA CHEAT SHEETS CCNA: ACCESS CONTROL LIST (ACL) CHEAT SHEET Overview An ACL consists of sequential series

of statements known as an Access Control Entry (ACE). Each ACE specifies a matching criteria and an action which can be either permit or deny. The matching criteria can be various things such as source/destination address or protocol such as TCP or UDP. For an individual ACE all configured matching values must match in order for that ACE to be considered as match. It recommended to include the most relevant ACE in the beginning of the ACL. If a packet does not match any of the access control entries in an ACL then it matches an Implicit Deny ACE that is present at the bottom in all ACLs. The Implicit Deny ACE is a deny all statement that denies all packets. In case this behavior is not required and packets that do not match any ACE must be forwarded, an ACE must be specified at the bottomof ACL that permits all packets. This type of ACE is known as explicit permit. A Access Control List is a multipurpose tool that is typically used as filtering tool. ACLs can be used for _ Filtering traffic entering and existing an interface _ Controlling access to VTY lines _ Route update filtering _ As a traffic classification tool when used with QoS _ Dial-on-demand routing (DDR) with ISDN _ Restricting output of debug commands Types of Access-lists: There are two types of IP Access Lists 1. Standard ACL Traffic is filtered based on source address of the IP packet. Since only the source address is matched, therefore, standard ACLs are efficient in filtering traffic closet to the destination 2. Extended Traffic can be filtered based on source address as well as destination address and other filed in IP header including source and destination protocol and port number, ToS and IP Precedence bits and TCP flags, TTL value. Numbered and Named ACLs An ACL can be identified as either named or numbered. Numbered standard ACLs range 1-to-99 and 1300-to-1999 and extended ACL ranges from 100-to-199 and 2000-to-2699 ACL Rule Only one ACL per interface, per protocol, per direction is allowed Inbound packets are always processed by an ACL (if applied) before being routed. Outbound packets are routed before processed by an ACL (if applied) ACLs are processed in sequential order, therefore most specific traffic match must occur in the beginning of the ACL Wildcard Mask

Address filtering uses wildcard masking indicate whether to check or ignore corresponding IP address bit when comparing address bits in an ACL entry Wildcard masks are sometimes referred as an inverted mask because 1 and 0 means the opposite of subnet mask. Wildcard mask bit 0 means check the corresponding bit and 1 means ignore the corresponding bit ACL Syntax An ACL is implemented in two steps:define an ACL with access-list or ip access-list command apply the ACL under specific interface in the required direction with ip access-group command STEP-1: Define an ACL Standard ACL: Access-list acl-number {permit|deny} {host|source source-wildcard|any} Extended ACL:access-list acl-number {permit|deny} protocol source wildcard [operator [port]] destination wildcard [operator [port]] [precedence precedence] [tos tos] Named Standard ACL:ip access-list standard name {permit|deny} {source [source-wildcard] | any} [log] Named Extended ACL:ip access-list extended name {permit|deny} protocol source wildcard [operator [port]] destination wildcard [operator [port]] [precedence precedence] [tos tos] STEP-2: Apply the ACLinterface ip access-group {number|name} {in|out}

Configuration example: Standard ACL: Configuration Example: Standard ACL Requirement: Web-Server 10.1.1.10 behind R2 should not be accessible by hosts 192.168.1.10 & 11 Router R2: access-list 10 deny host 192.168.1.10 access-list 10 deny host 192.168.1.11 access-list 10 permit any ! interface serial0/0 ip address 172.16.12.2 255.255.255.0 ip access-group 10 in Requirement: Any access on port 80 should not be allowed from host 192.168.1.10 and 11 to webserver 10.1.1.10. Other hosts on the 192.168.1.0/24 network should be allowed access the web server only on port 80 Router R1: access-list 101 deny tcp host 192.168.1.10 host 10.1.1.10 eq 80 access-list 101 deny tcp host 192.168.1.11 host 10.1.1.10 eq 80 access-list 101 permit tcp 192.168.1.0 0.0.0.255 host 10.1.1.10 eq 80 !

interface fastethernet0/0 ip address 192.168.1.1 255.255.255.0 ip access-group 101 in Configuration Example: Named Extended ACL Requirement: Only 192.168.1.10 should be allowed access to web-server 10.1.1.10 on port 80 and 3389. Other hosts should be allowed access only on port 8080. Router R1: ip access-list extended web-server-acl permit tcp host 192.168.1.10 host 10.1.1.1 eq 80 permit tcp host 192.168.1.10 host 10.1.1.1 eq 3389 permit tcp any host 10.1.1.10 eq 8080 ! interface fastethernet0/0 ip address 192.168.1.1 255.255.255.0 ip access-group web-server-acl in Troubleshooting Command 1. show running-configuration | include access-list 2. show access-list [name | number] CCNA: IP version 6 IP version 6 (IPv6) Why IPv6? IPv4 has the following issues: 1. Address depletion 2. Large internet routing tables 3. Lack of true end-to-endness - IPv4 is patched to deal with the address depletion issue - NAT hides the true source of the network IPv6 provides the following benefits over IPv4: _ Address space: 2^128 = 3.4 x 1038 addresses _ Global route aggregation _ Elimination of NAT _ Broadcast elimination _ Compatibility for IPv4 network _ Improved security with built-in IPSec _ Stateless Auto-configuration IPv6 Address and Representation An IPv6 address is divided into 8-octets, each consisting of 4 hexadecimal digits separated by a colon. For example: 1. 2345:AF45:00AA:0000:0000:0079:90AB:CDEF 2. FA00:0001:0000:0000:0000:0000:0000:1234 IPv6 address can be shorten:

_ Omitting leading zeros. The address in example number one and two can be written as: 2345:AF45:AA:0:0:79:90AB:CDEF, FA00:1:0:00:0:0:0:1234 _ Replacing consecutive zeros with a double colon (::). The address in example number two can be written as: FA00:1::1234 Replacing the consecutive zero is actually a two step process. First the leading zeros are omitted, then the consecutive zeros are replaced with double colon Network Addressing Typically 64-bit network and 64-bit host The network portion is further subdivided into: _ 48-bit Global Routing Prefix: allows routing to the site in internet _ 16-bit Subnet ID: allows an administrator to create subnet within a site An IPv6 address is usually presented as: Global Routing Prefix (Usually Assigned by ISP) 48-bits Subnet ID 16-bits Host ID (Usually Interface ID) 64-bits IPv6 addresses dont use the lengthy subnet mask notation; instead CIDR notation is used to indicate the prefix length. For example: FA00:1::/48 mean that 48-bits network Address Types There are three types of IPv6 addresses: 1. Unicast o Address for a single interface o Packet destined for that address is delivered specifically to that interface 2. Multicast o Packet sent to multicast address goes to all SUSCRIBERS. Example: FF02:9 3. Anycast o Multiple devices share the same address o Router decides what is the closet and send to that system o An Anycast address cannot be Source Address (SA) of a packet o It is often used to replicate important network resources such as DNS root servers, web servers and multicast rendezvous points (RPs) Address Assignment IPv6 addresses can be assigned in three possible ways: 1. Static configuration with ipv6 address command 2. Via DHCP for IPv6 3. Stateless Auto-configuration with ipv6 address auto-config command Host Address Assignment The host address can be assigned in two ways: 1. Static assignment with ipv6 address command 2. EUI-64 address assignment with ipv6 address eui-64 command. Host address is calculated from the MAC address The EUI-64 address is calculated in two steps: 1. Invert the seventh most significant bit in MAC address

2. Insert the FFFE in the middle Example: Consider the MAC Address 1234.5679.9012: 1. Invert the 7th most significant bit o 1=0001 and 2=0010. Inverting the 7th bit gives us: 0001 0000 = 10. The MAC address becomes: 1034.5679.9012 2. Insert FFFE in the middle o The required host address is: 1034:56FF:FE78:9012 Configuration Example: Static IPv6 Address Assignment Router R1: ipv6 unicast-routing Turn on IPv6 Addressing ! interface FastEthernet0/0 ipv6 address 155:1::1/64 ipv6 enable R1#sh ipv6 interface FastEthernet0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::CA00:4FF:FEB4:0 Link Local Address Global unicast address(es): 155:1::1, subnet is 155:1::/64 Unicast Address Joined group address(es): FF02::1 FF02::1:FF00:1 FF02::1:FFB4:0 MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled ND DAD is enabled, number of DAD attempts: 1 ND reachable time is 30000 milliseconds Configuration Example: EUI-64 Address Assignment Router R1: Ipv6 unicast-routing ! interface FastEthernet0/0 mac-address 1234.5678.9012 ipv6 address 155:1::/64 eui-64 ipv6 enable R1#sh ipv6 interface FastEthernet0/0 is up, line protocol is up IPv6 is enabled, link-local address is FE80::1034:56FF:FE78:9012 Global unicast address(es): 155:1::1034:56FF:FE78:9012, subnet is 155:1::/64 Host ID created with EUI-64 address Joined group address(es): FF02::1 FF02::1:FF78:9012 MTU is 1500 bytes ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled

ND DAD is enabled, number of DAD attempts: 1 ND reachable time is 30000 milliseconds IPv6 Transition Techniques Dual Stack: This architecture contains both IPv4 and IPv6 Internet layers with separate protocol stacks containing separate implementations of Transport layer protocols such as TCP and UDP. IPv6 over IPv4 tunneling: Tunneling allow the encapsulation of IPv6 traffic in IPv4 packets for the transmission of IPv6 traffic over IPv4 infrastructure. Tunneling can be used in a variety of ways: Router-to-Router: In this configuration IPv6/IPv4 routers connected through IPv4 infrastructure can tunnel IPv6 packets. Host-to-Router or Router-to-Host: In host-to-router tunneling IPv6/IPv4 hosts can tunnel IPv6 packets to an intermediary IPv6/IPv4 router that is reachable via an IPv4 infrastructure. This type of tunnel spans the first segment of the packet's end to-end path. In router-to-host tunneling IPv6/IPv4 routers can tunnel IPv6 packets to their final destination IPv6/IPv4 host. This tunnel spans only the last segment of the end-to-end path. Host-to-Host: IPv6/IPv4 hosts that are interconnected by an IPv4 infrastructure can tunnel IPv6 packets between themselves. In this case, the tunnel spans the entire end-to-end path that the packet takes. Types of Tunnels Static: These are manually configured tunnel, unlike automatic tunnels the IPv4 address of the tunnel endpoint is not derived are not derived from addresses that are encoded in the next-hop address when forwarding the packet. IPv6 addresses are manually configured on each tunnel interface, and so are the IPv4 tunnel source and IPv4 tunnel destination configured. Static tunnels create a permanent link between two IPv6 domains over an IPv4 infrastructure. Automatic: These types of tunnel do not require manual configuration. Automatic tunnel includes the following types ISATAP: Intra-Site Automatic Tunnel Addressing Protocol is used to provide unicast IPv6 connectivity between IPv6/IPv4 hosts across an IPv4 intranet. ISATAP is designed for transporting IPv6 packets within a site where an IPv6 infrastructure is not yet available, ISATAP tunnels allow individual IPv4 or IPv6 dual-stack hosts within a site to communicate with other such hosts on the same virtual link, basically creating an IPv6 network using the IPv4 infrastructure. ISATAP is designed for transporting IPv6 packets within a site, not between sites. ISATAP uses unicast addresses that include a 64-bit IPv6 prefix and a 64-bit interface identifier. The interface identifier is created in modified EUI-64 format in which the first 32 bits contain the value 000:5EFE to indicate that the address is an IPv6 ISATAP address. 6to4 Tunnels: These are point-to-multipoint tunnels used for connecting isolated IPv6 domains over IPv4 infrastructure. 6to4 treats the entire IPv4 Internet as a single NBMA virtual link. An automatic 6to4 tunnel may be configured on an edge router in an isolated IPv6 network, which creates a tunnel on a per-packet basis to an edge router in another IPv6 network over an

IPv4 infrastructure. The tunnel destination is determined by the IPv4 address of the border router extracted from the IPv6 address that starts with the prefix 2002::/16, where the format is 2002:edge-router-IPv4-address::/48. Following the embedded IPv4 address are 16 bits that can be used to number networks within the site. The edge router at each end of a 6to4 tunnel must support both the IPv4 and IPv6 protocol stacks. 6to4 tunnels can be configured between edge routers or between a edge router and a host. CCNA: ROUTER INTERFACES, CABLES & CONNECTORS Key Characteristics: Console interfaces are primarily used to configure routers. Console Interfaces uses a Roll-Over Cable (special null modem cable configuration), (usually) with an RJ-45 on one side and a RS-323 (DB-9) interface on other side. The cable configuration is also very simple; each pin connects to the other side in reserve order, that is, pin-1 connected to pin-8 and so forth. Basic Configuration: configure terminal line console 0 password login stopbits default value=1 databits default=8 The following depicts a roll-over cable configuration: The baud rate can be changed from romon mode. The following syntax depicts the actual configuration: rommon 1 > baudrate ranges from 9600 to 115kbps

AUX Port

The AUX port is usually used for Dial-In services on the router. A Null-Modem cable is used to connect the AUX port with modem. Before the modem is configured, TTY line must be initialized to: 1. allows reverse telnet to the router 2. line speed must be configured for the router to communicate with the modem Basic Configuration: configure terminal line 1 AUX port is (usually) line 1 speed ranges from 9600 to 115200 in bits per seconds stopbit usually 1, improves throughput by reducing async framing overhead flowcontrol hardware enable the hardware based flow control transport input Ethernet Interface Also called the LAN interface. Types: Straight or Cross Over Cable. Straight Cable is used for communication between different devices (e.g., switch and workstation). Cross Over cable is used to connect similar devices (e.g., routers and workstation or two workstations). The following depicts the straight and cross over cables: Basic Configuration: configure terminal interface media type this command is only available on interface with dual media type capability speed <10 | 100 | 1000 | auto> duplex ip address

Serial Interface Also called WAN interfaces. They provide versatile speed ranges from 64kbps to OC-786. The OC series interfaces are only supported in higher platforms like 7600 series. The low end model (2600/3700/3800/2900/3900 series) usually support interfaces speed up to T3/E3. Serial interface come in variety of formats including: RS-232, V.35, RS-449/422 and RS-530/422. Usually V.35 is used and maximum speed is up to 2048 kbps Basic Configuration: configure terminal interface serial encapsulation default is HDLC clock rate required on DCE end only ip address Virtual Terminal Lines (VTY) Usually used for remote management of routers or switches. Basic Configuration: configure terminal line vty the range depends on the hardware platform transport input password login

CCNA: Wireless Local Area Nework (WLAN) What is aWLAN? WLAN allows a set of computers to communicate and share information without the need of physical media. WLAN uses Air as the transport medium WLAN Standards and Governing Bodies IEEE: Standardization of wireless LANs (802.11). IEEE has rectified the 5 major WLAN standards: 802.11, 802.11b, 802.11a, 802.11g, 802.11n Wi-Fi Alliance: An industry consortium that encourages interoperability of products that implement WLAN standards through theirWi-Fi certified program Radio Frequency (RF) Terminologies RF Propagation: movement of RF signal through a medium. Fresnel Zone: to maximize the receiver strength, one needs to minimize the effect of the out-ofphase signal by eliminating obstacles from the RF line of sight (LoS) or forbidden region because an obstacle will disturb the RF signal Fresnel Zone (FZ): D is the distance between transmitter (TX) and receiver (RX). d is the radius of the FZ Diffraction: the phenomenon when RF waves bent around sharp object creating new wave fronts. The higher the frequency of transmission, the higher the loss will be Reflection: RF waves reflect from uniformly smooth non-absorbing obstacles they meet Scattering: RF energy is reflected out of a non-uniform surface in multiple directions Absorption: the RF energy is absorbed when it hits objects like water, wood and even people Attenuation: the loss of radio signal strength, it limits the range of radio signals and is affected by the materials a signal must travel through (e.g. air, wood, concrete,). Free space loss is a type of attenuation that is the natural loss of the radio signal when propagating through the air without obstructions, the signal gets weaker and weaker when traveling away from the AP. Diversity: use two or more antennas to improve the quality and reliability of a wireless link. Used especially in indoor environments, where there is not a clear line-of-sight (LOS) between transmitter and receiver Radio Frequency (RF) Terminologies

Service Set Service Set: is a logical grouping of (wireless) devices. WLANs provide network access by broadcasting a signal across a wireless radio frequency (RF) carrier Service Set Identifier: A receiving station can be within range of a number of transmitters. The transmitter prefaces its transmissions with a service set identifier (SSID). The receiver uses the SSID to filter through the received signals and locate the one it wants to listen to Independent Basic Service Set (IBSS): An IBSS consists of a group of 802.11 stations communicating directly with one another. An IBSS is also referred to as an ad-hoc network because it is essentially a simple peer-to-peerWLAN Basic Service Set (BSS): requires a specialized station known as an access point (AP). The AP is the central point of communications for all stations in a BSS. The client stations do not communicate directly with other client stations. Rather, they communicate with the AP, and the AP forwards the frames to the destination stations Extended Service Set (ESS): Multiple infrastructure BSSs can be connected with a distribution system (DS). The collection of BSSs interconnected via the DS is known as the ESS. The DS does not have to be via a wired connection. The 802.11 specification leaves the potential for this link to be wireless. However, DS is usually a wired network. ESS also allows the facility of roaming to wireless clients WLAN Modes There are twoWLAN mode: 1. Ad-hoc Mode: wireless clients communicate directly. Ad-hoc mode only supports the IBSS 2. Infrastructure Mode: requires an AP. Supports BSS and ESS WLAN Frequencies WLAN uses the Industrial, Scientific, Mechanical (ISM) band. The ISM band consists of the following frequency ranges: 1. 2.4GHz: 802.11b/g/n WLANs 2. 5GHz: 802.11a/n Media Access WLAN control the media access with CSMA/CA (Carrier Sense Multiple Access/Collision Avoidance) algorithm. The CSMA/CA can be summarized in the following key points:

1. Listen to ensure that the medium (space) is not busy (no radio waves currently are being received at the frequencies to beused) 2. Set a random wait timer before sending a frame to statistically reduce the chance of devices all trying to send at the same time 3. When the random timer has passed, listen again to ensure that the medium is not busy. If it isnt, send the frame 4. After the entire frame has been sent, wait for an acknowledgment 5. If no acknowledgment is received, resend the frame, using CSMA/CA logic to wait for the appropriate time to send again Deployment Guidelines The following is checklist or a basic guideline for wireless LAN deployment: 1. Decide if an Ad-hoc mode or Infrastructure mode deployment is required 2. In case of infrastructure mode, make sure availability of basic network services including DHCP, DNS, VLAN and internet (ifrequired) 3. Configuration/Verification of AP settings including SSID and clients can connect to the specified SSID 4. Configure Security for Wireless LAN and verify if the client can connect Securly. Wired Equivalent Privacy (WEP): uses static (64-bit) pre-shared keys. Keys had to be exchanged manually and cannot be changed without human intervention. Only 40-bit were actually used for derivation of key therefore, it was easily crackable Wi-Fi Protected Access (WPA): WPA includes the option to use dynamic key exchange, using the Temporal Key Integrity Protocol (TKIP). WPA allows for the use of either IEEE 802.1X user authentication or simple device authentication using pre-shared keys. And the encryption algorithm uses the Message Integrity Check (MIC) algorithm WPA2: includes dynamic key exchanges and stronger encryption (the AES algorithm) and user authentication. WAP2- is not backward compatible with WPA Troubleshooting WLANs RF Interference: occupies the (air) medium causing delay in sending and receiving data, collisions and resulting retransmission. RF interference is usually caused by high noise level. Noise level should be less then -85dBm for the band users are operating in Coverage Black Holes: if the wireless survey is not conducted properly, this could result in limited or no RF signal coverage causing decrease wireless performance and service interruption. If the signal strength is less than -75dBm and high retries are greater than 10 percent, this is an indication of RF coverage issue High Utilization: is caused by larger number of simultaneous active users or application such as wireless IP telephony may cause the access point (AP) to reach it maximum capacity. This result is lower throughput per user even signal strength is excellent due to additional overhead of retransmitted data frames. This problem can be solved by increasing the number of AP and creating smaller radio cells (also called the micro-cells). Another approach is to move applications like IP telephony to different band. For example: IP telephony using 802.11a (5GHz) and data using 802.11b/g (2.4GHz)

CCNA: EIGRP CHEAT SHEET Key Characteristics Type: Advance Distance Vector or Hybrid Algorithm: Diffusing Update Algorithm(DUAL) Standard: Cisco Propriety Administrative Distance: 1. Internal Routes = 90 2. External Routes = 170 3. Summary Routes = 5 Metric: Composite Transport Protocol/Protocol Number: IP/88 Routed Protocol Support: IP, IPX and AppleTalk Authentication: Yes (MD5 only) Supports VLSM and Route Summarization: Yes Fastest Convergence Router ID (RID) RID should be a valid IP address, not a 32-bit dotted decimal number Cisco Routers uses the following criteria to select a router ID: 1. RID configured with router-id command 2. If manual RID not configured, select the highest number IP address on any loopback interface inup/up state 3. If loopback interfaces not configured, select the highest number IP address on any non-loopback interface in up/up state Route Types and Preference Internal Routes: routes advertised within the same AS External Routes: routes imported from another routing domain or AS Internal Routes are denoted with D External Routes are denoted with EX Routes Preference: 1. Internal Routes (90) > External Routes (170) Metric Calculation EIGRP uses a composite metric. Composite metric consists of bandwidth, load, delay, reliability and MTU By default, only bandwidth and delay are considered Metric=256 x [(10^7/minimum-bandwidth) +cumulative delay] Bandwidth is in kbps and delay is in micro-seconds Minimum bandwidth represents least bandwidth along the entire route Cumulative Delay represents the sum of all delay values for all links in the route EIGRP Table Types EIGRP maintains three types of tables: 1. Neighbor Table: keeps state information regarding neighbors, and is displayed using the show ip eigrp neighbors command

2. Topology Table: EIGRP Update messages fill the routers EIGRP topology tables. Topology table can be displayed with show ip eigrp topology command 3. (IP) Routing Table: Based on the contents of the topology table, each router chooses its best routes and installs these routes in its respective IP routing table. The IP routing table is displayed with show ip route command Neighbor Discovery EIGRP sends hellos on multicast address 224.0.0.10 to discover potential neighbors. Hellos always use unreliable delivery To become neighbors EIGRP routers must be agree on the following parameters: 1. Autonomous System (AS) number 2. Same primary subnet 3. Authentication (if used) 4. K-values must match Packet Types Hello: used in neighbor discovery/recovery process, are always multicast and use unreliable delivery (no acknowledgement is required) Acknowledgment: are hello packets without any data and are always unicast & use unreliable delivery Update: Convey route information. Updates are non-periodic, partial, bounded, can be unicast or multicast and use reliable delivery Query and Reply: used by DUAL finite state machine. Queries can be unicast or multicast and replies are always unicast, using RTP. Topology Exchange EIGRP exchanges topology updates on multicast address 224.0.0.10 using Reliable Transport Protocol (RTP) If an acknowledgment is not received for the multicast update, the update is then retransmitted as unicast to the un-responsive neighbor. After 16 unicast re-transmission, the neighbor is declared dead EIGRP updates are: 1. Non-Periodic: updates are sent only when some topological or metric change has occurred 2. Partial: only relevant changes are advertised 3. Bounded: updates are sent to affecting neighbors Timers Hello Time: 5 seconds for link faster than T1 and 60 seconds for T1 and slower links Hold Time: 3 times the hello. 15 seconds for links faster than T1 and 180 seconds for T1 and slower links Smooth Round Trip Time (SRTT): the average time elapsed (in milliseconds) between the transmission of packet to neighbor and the receipt of acknowledge Retransmission Timeout (RTO): time between subsequent unicast messages. It is the time that router will wait for an acknowledgement after sending unicast packet sent after a multicast has failed DUAL Terms and Route Selection Adjacency: logical session between two neighbors over which route information is exchanged Reported Distance (RD): is the distance (metric) towards a destination as advertised by an upstream neighbor.

Feasible Distance (FD): Lowest calculated distance (metric) to the destination from local routers perspective. Some books/texts use Advertised Distance instead of Reported Distance. Successor: A particular route with the best metric is a successor. It may also refer to a router that is being used as the next-hop for that particular route. With two or more successors (routes) if FDs are the same, load balancing happens automatically Feasible Successor (FS): Backup router with loop-free path for a particular route. FS is a neighbor whos Reported or Advertised Distance (AD/RD) is less than the current Feasible Distance (FD) for that particular route. Feasible Successor is one who meets the feasible condition Feasible Condition (FC): RD of a particular route from a neighbor which is not the current successor for that route must be less than the FD for that particular route. The logic is simple: if a neighbors metric for a route is less than mine, then I know the neighbor doesn't have a loop going through me. Equal and Unequal Cost Load Balancing EIGRP support equal and unequal cost load balancing . Equal cost load balancing is enabled by default. Routes with equal feasible distance are installed by default in the routing table Variance is used to achieve unequal cost load balancing. Default value for variance is: 1, which will cause the EIGRP to select the best/lowest cost path only . Variance defines the multiplier by which a metric may differ from the lowest cost route. By default 4-paths are allowed but can be extended to 16-paths with maximum-paths command Variance is given by: higher costmetric / lower costmetric Rule for Variance: 1. Load balance path should lead to successor or feasible successor (that is if it met the Feasibility Condition) Configuration Example: network statement and authentication

Configuration Example: network statement and authentication Router R1: key chain EIGRP_KC key 1 key-string cisco ! interface loopback 0 ip address 10.1.1.1 255.255.255.255 ! interface serial 0/0 ip address 192.168.12.1 255.255.255.252 ip authentication eigrp 100 md5 ip authentication key-chain eigrp 100 EIGRP_KC ! router eigrp 100

no auto-summary network 192.168.12.0 network 10.1.1.0 Router R2: key chain EIGRP_KC key 1 key-string cisco ! interface loopback 0 ip address 10.2.2.2 255.255.255.255 ! interface serial 0/0 ip address 192.168.12.2 255.255.255.252 ip authentication eigrp 100 md5 ip authentication key-chain eigrp 100 EIGRP_KC ! router eigrp 100 no auto-summary network 192.168.12.0 network 10.2.2.0 R1#sh ip route | b Gateway Gateway of last resort is not set 192.168.12.0/30 is subnetted, 1 subnets C 192.168.12.0 is directly connected, Serial0/0 10.0.0.0/32 is subnetted, 2 subnets D 10.2.2.2 [90/2297856] via 192.168.12.2, 00:00:14, Serial0/0 C 10.1.1.1 is directly connected, Loopback0 Configuration Example: variance and unequal cost load balancing

Router R1: interface loopback 0 ip address 10.1.1.1 255.255.255.255 ! interface serial 0/0 ip address 192.168.12.1 255.255.255.252 ! interface fastethernet0/0 ip address 192.168.21.1 255.255.255.252 ! router eigrp 100

variance 15 network 10.1.1.0 network 192.168.12.0 network 192.168.21.0 no auto-summary Router R2: interface loopback 0 ip address 10.2.2.2 255.255.255.255 ! interface serial 0/0 ip address 192.168.12.2 255.255.255.252 ! interface fastethernet0/0 ip address 192.168.21.2 255.255.255.252 ! router eigrp 100 variance 15 network 10.2.2.0 network 192.168.12.0 network 192.168.21.0 no auto-summary R1#sh ip route eigrp 10.0.0.0/32 is subnetted, 2 subnets D 10.2.2.2 [90/156160] via 192.168.21.2, 00:03:21, FastEthernet0/0 [90/2297856] via 192.168.12.2, 00:03:21, Serial0/0 R2#sh ip route eigrp 10.0.0.0/32 is subnetted, 2 subnets D 10.1.1.1 [90/156160] via 192.168.21.1, 00:03:06, FastEthernet0/0 [90/2297856] via 192.168.12.1, 00:03:06, Serial0/0 CCNA: EIGRP CHEAT SHEET Troubleshooting Command 1. show ip protocols 2. show ip eigrp neighbors 3. show ip eigrp interfaces 4. show ip eigrp topology 5. show ip route 6. debug eigrp packets [hello | ack | query | reply | update] 7. debug eigrp fsm CCNA: IP Addressing and IP Services What is an IP Address? An IP (version 4) address consists of 32-bits (divided in 4-octets) and usually written in dotted decimal format Each octet consists of 8-bits or 1-byte An IP address is necessary for an inter-networking device to communicate and exchange information with each other An IP address is divided into two parts: Network and Host Classes of IP Addresses Class A: 0.0.0.0 to 127.255.255.255

Class B: 128.0.0.0 to 191.255.255.255 Class C: 192.0.0.0 to 223.255.255.255 Class D: 224.0.0.0 to 239.255.255.255 Class E: 240.0.0.0 to 255.255.255.255 Class E is reserved and can not be assigned. Class D is reserved for multicast application. Only Class A, B and C are available to address assignment Class A has 8-bits reserved for network, allowing for 28 networks and 224 hosts. The network mask for Class A networks is 255.0.0.0 Class B has 16-bits reserved for network, allowing 216 networks and 216 hosts. The network mask for Class B networks is 255.255.0.0 Class C has 24-bits reserved for network, allowing 224 networks and 28 hosts. The network mask for Class C networks is 255.255.255.0 Configuration Example: IPv4 address assignment Router R1: interface fastethernet0/0 ip address 192.168.1.1 255.255.255.0 Reserved Addresses RFC 1918 define thes following reserved address spaces to be used in private network: 10.0.0 / 8 172.16.0.0 / 12 192.168.0.0 / 16 Apart from above mentioned addresses, 0.0.0.0 is used to assign and denote default routes. It cannot be assigned to a host. 127.0.0.0 is reserved for loopback and it is used for testing purposes IP Subnetting Subnetting allows sub-dividing the flat address spaces (Class A,B and C) into smaller networks called Subnets A number of bits (according to the requirement) are taken from the host portion of an IP address to create the subnetworks. The following figure depicts the number of bits and address format when Subnetting is used Example: Network 192.168.1.0 needs to be subnetted to allow room for 8 additional subnetworks. 192.168.1.0 is class C address, which implies the subnet mask is 255.255.255.0.

IP Subnetting Step 1: How many bits to borrow to create the required subnets. 2n = number of subnets, where the exponent n is bits borrowed from the host portion. Thus we need 3 bits create 8 subnets as 23 = 8 subnets. Step 2: Calculate the new subnet mask

Previous subnet mask = 11111111. 11111111. 11111111.00000000 or 255.255.255.0 3 additional bits added, so the new subnet mask = 11111111. 11111111. 11111111.11100000 or 255.255.255.224 Step 2: Subnet Magic Number subtract the last nonzero octet of the subnet mask from 256 256-224 = 32 Step 3 - List the subnet address, host range and the broadcast address. The first subnet address will be 192.168.1.0/27 and the following subnets will be with increments of 32, the subnet Magic Number we calculated in the previous step. As shown in the table, once we have listed the subnet addresses, calculating the host range and broadcast address is relatively simple. The broadcast address will be the last address of the subnet and one less the preceding subnet address. The host range will start from the next address after the subnet address for example for the subnet 192.168.1.32/27 the host range will start at 192.168.1.33 and end at one less the broadcast address Summary: Subnets=2n Where: n=number of bits required for Subnetting Used to calculate the subnets Host=2h-2 where h=remaining bits in host portion Used to calculate usable host addresses Subnet Address Host Range Broadcast Address 192.168.1.0/27 192.168.1.1 -192.168.1.30 192.168.1.31 192.168.1.32/27 192.168.1.33 -192.168.1.62 192.168.1.63 192.168.1.64/27 192.168.1.65 -192.168.1.94 192.168.1.95 192.168.1.96/27 192.168.1.97 - 192.168.1.126 192.168.1.127 192.168.1.128/27 192.168.1.129 - 192.168.1.158 192.168.1.159 192.168.1.160/27 192.168.1.161 - 192.168.1.190 192.168.1.191 192.168.1.192/27 192.168.1.193 - 192.168.1.222 192.168.1.223 192.168.1.224/27 192.168.1.225 - 192.168.1.254 192.168.1.255 Variable Length Subnet Mask (VLSM) VLSM occurs when an internetwork uses more than one mask in different subnets of a single Class A, B or C network. It allows more granular distribution of IP addressing and avoids address wastage. For example: On point-to-point links only two IP addresses are required and thus using subnet mask of /24 which is used throughout an internetwork is not a scalable solution. For routing protocols to support VLSM, routing protocol must advertise the subnet number and the subnet mask. The routing protocol is assumed classless if VLSM is supported and vice versa An IP address is necessary for an inter-networking device to communicate and exchange information with each other . RIP version 2, EIGRP, and OSPF support VLSM and therefore are classless Problems with VLSM: Overlapping subnets: For example: Consider 172.16.4.1/23 and 172.16.5.1/24 The first, last and broadcast host for 172.16.4.1/23 are: 172.16.4.1, 172.16.5.254 and 172.16.5.255 The first, last and broadcast host for 172.16.5.1/23 are: 172.16.5.1, 172.16.5.254 and 172.16.5.255 Solution: The only solution is re-number one of the overlapping VLSM subnets Dynamic Host Configuration Protocol (DHCP) A host can be assigned an IP address in two ways:

1. Static configuration: 2. Dynamic configuration DHCP is used to assign IP addresses dynamically. It is based on BOOTP procotol Uses UDP as the delivery protocol. Server uses port number 67 and client uses port 68. The following process occurs when a client request IP address from a DHCP server: 1. client broadcasts a DISCOVERmessage 2. DHCP server reply back with an OFFER message to the client 3. client then REQUEST the DHCP server for the IP address 4. DHCP server send either ACK or NACK; either an IP address is assigned or the request is denied The address assignment process is depict in the following diagram DHCP Client Configuration Example on Cisco IOS

Router R1: interface fastethernet0/0 ip address dhcp <- Configures the interface as the DHCP client to dynamically obtain IP interface fastethernet 0/1 ip address 192.168.1.1 255.255.255.0 ip dhcp pool POOLA network 192.168.1.0 255.255.255.0 dns-server 192.168.1.100 192.168.1.101 default-router 192.168.1.1 domain-name ABC.COM Domain Naming System (DNS) DNS is used to resolve IP address to (easily remembered) names Uses both TCP and UDP as the transport protocol with port number 53 Configuration Example: DNS Client Configuration The name servers used belong to www.OpenDNS.comand are illustrated for education purpose only The 208.67.220.220 is the primary name server and 208.67.222.222 is the secondary name server CCNA: NAT CHEAT SHEET Key Characteristics Standard:RFC3022 Short term solution to overcome the address requirement to connect with internet Enables an organization to use Private AddressingScheme(definedinRFC1918) and Still connect to the internet Private Address Space Private IPaddressing is defined in RFC1918 according which the following Ipaddress blocks Can be used within an organization for private use:

1.10.0.0.0/8 2.172.16.0.0/12 3.192.168.0.0/16 NAT Address Types Inside Local Address: the IP Address assigned to the host on the inside network.This address is usually from the RFC1918 Private address space. Inside Global Address: It is the Ipaddress ofan inside host(oragroupofhosts) as it appears to The outside network. It is usually an address that is globally routable. Outside Local Address: the IP address assigned to an outside host as it appears to the inside network. The address is allocated from an address space routable on inside network Outside Global Address: the IP address of an outside host assigned by the owner/administrator of the host. Allocated from a globally routable address space. Types of NAT There are 3 types: 1.Static NAT A single local IPaddress is mapped to single global IPaddress. Also called one-to-one NAT 2.Dynamic NAT A pool of global addresses is used to translate local IP addresses. Each inside host is assigned a global address for the duration of the session. If the session is timed-out, the specific IPaddress is available to use for other inside hosts 3.Port Address Translation

Also called overloading NAT.If a large number of host need to access the internet, then static and dynamic NAT are not feasible solutions as a large number of public IP addresses will be required.PAT actually translates multiple local addresses to asingle global address using different ports. Configuration Example: Static NAT Router R1: interface fastethernet0/1

ipaddress 192.168.1.1 255.255.255.0 ip nat inside ! interface fastethernet0/0 ipaddress 10.1.1.1 255.255.255.0 ip nat outside ! ip nat inside source static 192.168.1.10 172.16.1.1 R1#sh ip nat translation Pro Inside global Inside local Outside local Outside global ---172.16.1.1 192.168.1.10 -----Configuration Example: Dynamic NAT Router R1: interface fastethernet0/1 ipaddress 192.168.1.1 255.255.255.0 ipnatinside ! interface fastethernet0/0 ipaddress 10.1.1.1 255.255.255.0 ipnatoutside ! ipaccess-list standard INSIDE-HOSTS permit 192.168.1.0 0.0.0.255 ! ipnatpool NAT-POOL 155.1.1.1 155.1.1.254 netmask255.255.255.0 ! ipnatinside source list INSIDE-HOSTS pool NAT-POOL R1#sh ipnattranslation Pro Inside globalInside local Outside local Outside global ---155.1.1.1 192.168.1.1 --------155.1.1.2 192.168.1.2 --------155.1.1.3 192.168.1.3 -----Configuration Example: Port Address Translation Router R1: interface fastethernet0/1 ipaddress 192.168.1.1 255.255.255.0 ipnatinside ! interface fastethernet0/0 ipaddress 10.1.1.1 255.255.255.0 ipnatoutside ! ipaccess-list standard INSIDE-HOSTS permit 192.168.1.0 0.0.0.255 ! ip nat inside source list INSIDE-HOSTS interface fastethernet0/0 overload R2#sh ip nat translation Pro Inside global Inside local Outside local Outside global

Icmp10.1.1.1:5 192.168.1.1 10.1.1.3:5 10.3.3.3:5 icmp10.1.1.1:6 192.168.1.2 10.1.1.4:6 10.3.3.4:6 tcp10.1.1.1:41683 192.168.1.3:41683 10.1.1.3:23 10.3.3.3:23 tcp10.1.1.1:51780 192.168.1.3:51780 10.3.1.4:80 10.3.3.4:80 Troubleshooting Command 1.show ip nat translation 2.show ip nat translation verbose 3.debug ip nat [detailed CCNA: OSI TCP/IP CHEAT SHEET Open System Interconnect (OSI) Model It is model to sub-divide the communication system into smaller parts Layers provide service to upper layers and vice versa There are seven OSI layers Layer-1 or Physical Layer: defines the physical and electrical specification for the devices. Data unit is in Bits Layer-2 or Data Link Layer: provides the functional and procedural means to transfer. The data unit at this layer is called Frames. Also provide the error correction that may occurred at layer-1. Data link layer is subdivided into: 1. Media Access Control (MAC) layer: defines the addressing schemes at layer-2 2. Logical Link Control (LLC): defines the flow control and acknowledgment methods Layer-3 or Network Layer: defines the (end-to-end) logical address, traffic forwarding and path determination. The data unit at the layer is called Packet. Layer-4 or Transport Layer: ensures transparent transfer of data between end users by providing reliable (or unreliable) transfer services. Reliable delivery is ensured by means error correction and flow control. The data unit is called Segment. Layer-5 or Session Layer: responsible for connection setup, maintenance and tear down between network entities. Data unit called Datagrams. A session could be: 1. Simplex: data transfer in one direction only 2. Half-Duplex: bi-directional communication but only one network device can transmit in the given time 3. Full-Duplex: bi-directional communication and both devices can transmit at the given time Layer-6 or Presentation Layer: responsible for inter-host communication. Receives data from application layer and converts to suitable format. For example: character conversion, encryption/decryption, compress and terminal emulation. Data unit called Datagrams Layer-7 or Application Layer: responsible for application-to-application communication. Data unit called Datagrams OSI and TCP/IP Model and Protocols TCP/IP Model TCP/IP is framework for computer network protocols created by DARPA in 1970s. It has four layers:

Link Layer: is analogous to Data Link layer of the OSI model. TCP/IP was designed to be hardware independent hence implemented on the top of the virtually any hardware networking device Internet Layer: has two functions 1. Host Addressing and Identification 2. Packet Routing Transport Layer: responsible for end-to-end delivery of traffic along with error control segmentation, congestion control, flow control and application addressing (in term of port numbers) Application Layer: It refer to the session, presentation and application layers of the OSI reference model

Troubleshooting OSI model uses bottomup approach Layer 1 (physical) problems Interface administrative shutdown Faulty or broken cables Broken or faulty pins/connectors No power No cable connected or wrong interface Failing or damaged interface Incorrect cable for the interface When there is a physical layer problem, the following states are applicable to router interfaces: 1. Administratively down/down not configured 2. Down/down L1 Layer 2 (data link) problems Incorrect configuration on the interface Clock rate missing or incorrect Incorrect layer 2 protocol settings

Faulty network card Interface shut down In case of a layer-2 problem, the following states are applicable to router interface: 1. Up/Down Layer 3 (network) problems Mis-configured routing protocol Incorrect IP/network addressing Incorrect subnet masking Usually both physical and line protocol are in up/up state

Example: Let us consider a simple network running RIP version 2 (as shown figure). The network numbers are 10.0.0.0, 11.0.0.0, 12.0.0.0, and 13.0.0.0. We know that each router should be able to see all of the networks. For Router A, we know that networks 10.0.0.0 and 11.0.0.0 are directly connected to the router. Networks 12.0.0.0, and 13.0.0.0 should be in the routing table as a RIP route. In order for this to happen all of the interfaces connected to the other routers should be up/up and the correct routes should be in the routing table Rather than checking to see if the cables are attached first check to see if the router can see the other networks RouterA# show ip route | begin Gateway Gateway of last resort is not set C 10.0.0.0/24 is directly connected, 10.0.0.1 We can see that only the directly connected Ethernet network can be seen. The WAN network is not there. Start at layer 1 and check that the router can see the cable RouterA# show controllers serial 0 HD unit 0, idb = 0x1AE828, driver structure at 0x1B4BA0 buffer size 1524 HD unit 0, V.35 DTE cable So we can see that the cable is attached. It is a DTE cable, so we know we do not need to use the clock rate command on this interface. If the cable on the other end was DCE then it should have the clock rate command configured on it. Next we need to check layer 2. The interface has a cable attached but is it showing up/up? RouterA#show ip interface brief Interface IP-Address OK? Method Status Protocol Serial0 11.0.0.1 YES unset administratively down down Ethernet0 10.0.0.1 YES unset up up Troubleshooting Somebody has neglected to open or no shutdown the serial interface. This can easily be corrected with the no shut command RouterA#config terminal RouterA(config)#interface serial 0 RouterA(config-if)#no shutdown

%LINK-3-UPDOWN: Interface Serial0, changed state to up RouterA(config-if)#end %LINK-3-UPDOWN: Interface Serial0, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down We should now look at the interfaces to see if there is a difference RouterA#show ip interface brief Interface IP-Address OK? Method Status Protocol Serial0 11.0.0.1 YES unset up down Ethernet0 10.0.0.1 YES unset up up Okay, so now the interface is administratively up; however, it is showing as up/down. If the serial interface cannot see keepalives from the other interface then it will remain up/ down. We need to examine the configuration on our serial interface and compare it with its neighbor on Router B RouterA#show run interface serial 0 interface Serial0 ip address 11.0.0.1 255.255.255.0 no ip directed-broadcast encapsulation ppp The encapsulation type is set to PPP that is not the default HDLC. The diagram indicates that this side should be using PPP. On Router B, we would also check to make sure the interfaces are up/up We can see that the interface connected to Router A is down down. We can check the configuration on the interface to see what could be wrong RouterB#show run interface serial 0 interface Serial0 ip address 11.0.0.2 255.255.255.0 no ip directed-broadcast clock rate 128000 clock rate present We can immediately see a difference between the configurations on Router A and Router B. Router A's serial interface shows that the encapsulation is set to PPP. Router B does not show an encapsulation type because it is left at the default for Cisco which is HDLC RouterB#show interface serial 0 Serial1 is down, line protocol is down Hardware is HD64570 Internet address is 12.0.0.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 1000 usec, rely 255/255, load 1/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec) RouterB#show ip interface brief Interface IP-Address OK? Method Status Protocol Serial0 11.0.0.2 YES unset up Down Serial1 12.0.0.1 YES unset down Down Ethernet0 unassigned YES unset administratively down Down Ethernet1 unassigned YES unset administratively down Down Bri0 unassigned YES unset administratively down Down Bri0:1 unassigned YES unset administratively down Down Bri0:2 unassigned YES unset administratively down Down Troubleshooting

We can now change the encapsulation type (layer 2) to HDLC RouterA#config t RouterA(config)#interface serial 0 RouterA(config-if)#encapsulation hdlc RouterA(config-if)#end %LINK-3-UPDOWN: Interface Serial0, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up %SYS-5-CONFIG_I: Configured from console by console So now we are satisfied that layers 1 and 2 are now operational. To confirm, we ping Router A from Router B RouterA#ping 11.0.0.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 11.0.0.2, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms We can now check the routing table for Router A to see if it can see the rest of the network RouterA#show ip route | begin Gateway Gateway of last resort is not set C 10.0.0.0/24 is directly connected, 10.0.0.1 C 11.0.0.0/24 is directly connected, 11.0.0.1 R 12.0.0.0/24 [120/1] via 11.0.0.2, 00:01:33, Serial0 This is better than before; however, we still can only see as far as network 12.0.0.0. We could check on Router B, but since network 13.0.0.0 is connected to Router C, we can start there Both interfaces are up/up, so we know that the Ethernet interface can see its own network (13.0.0.0) and that the serial interface is capable of advertising the route. Layers 1 and 2 appear fine, so we can check layer 3. We could type in the show run command; however, we could be more specific than that RouterC#show ip protocols Routing Protocol is "rip" Sending updates every 30 seconds, next due in 19 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Redistributing: rip Default version control: send version 2, receive version 2 Interface Send Recv Triggered RIP Key-chain Ethernet0 2 2 Serial0 2 2 Automatic network summarization is not in effect Maximum path: 4 Routing for Networks: 12.0.0.0 14.0.0.0 Routing Information Sources: Gateway Distance Last Update 12.0.0.1 120 00:00:17 Distance: (default is 120) RouterB#show ip interface brief

Interface IP-Address OK? Method Status Protocol Serial0 11.0.0.1 YES unset up Up Ethernet0 10.0.0.1 YES unset up Up RouterC#show ip interface brief Interface IP-Address OK? Method Status Protocol Serial0 12.0.0.2 YES unset up Up Ethernet0 13.0.0.1 YES unset up Up Troubleshooting The problem appears to be that although network 13.0.0.0 is attached to ethernet 0, the router has been configured to advertise network 14.0.0.0.We can easily correct this problem RouterC#configure terminal RouterC(config)#router rip RouterC(config)#version 2 RouterC(config-router)#no network 14.0.0.0 RouterC(config-router)#network 13.0.0.0 RouterC(config-router)#^Z %SYS-5-CONFIG_I: Configured from console by console RouterC#show ip protocols Routing Protocol is "rip" Sending updates every 30 seconds, next due in 19 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Redistributing: rip Default version control: send version 2, receive version 2 Interface Send Recv Triggered RIP Key-chain Ethernet0 2 2 Serial0 2 2 Automatic network summarization is in effect Maximumpath: 4 Routing for Networks: 12.0.0.0 13.0.0.0 Routing Information Sources: Gateway Distance Last Update 12.0.0.1 120 00:00:17 Distance: (default is 120) We are now advertising the correct networks. We should check that Router C can see all of the networks before we move on RouterC#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route Gateway of last resort is not set C 12.0.0.0/24 is directly connected, 12.0.0.2

C 13.0.0.0/24 is directly connected, 13.0.0.1 R 11.0.0.0/24 [120/1] via 12.0.0.1, 00:07:13, Serial0 R 10.0.0.0/24 [120/2] via 12.0.0.1, 00:06:37, Serial0 We can go back to Router A to see if it can see all of the networks RouterA#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route Gateway of last resort is not set C 10.0.0.0/24 is directly connected, 10.0.0.1 C 11.0.0.0/24 is directly connected, 11.0.0.1 R 12.0.0.0/24 [120/1] via 11.0.0.2, 00:04:17, Serial0 R 13.0.0.0/24 [120/2] via 11.0.0.2, 00:04:34, Serial0 All the routes are now visible CCNA: OSPF CHEAT SHEET Key Characteristics Type: Link State Algorithm: Dijkstras (Shortest Path First) Algorithm Standard: RFC 2328 Administrative Distance: 110 Metric: Cost Protocol/Protocol Number: IP/89 Authentication: Yes (MD5 and Plain Text) Supports VLSM and Route Summarization Support for IPv6 (RFC 2740) Fast Convergence Metric Calculation Cost = 100 Mbps / Link Speed OSPF cost can be modified in three ways: 1. (config-if)#ip ospf cost 2. (config-if)#bandwidth 3. (config-router)#auto-costreference-bandwidth Neighbor Process To become neighbors OSPF routers must be agree on the following parameters 1. Area ID 2. Same subnet 3. Authentication (if used) 4. Hello Interval and Dead Interval 5. Area Type (Stub, NSSA) 6. Router IDs must be unique OSPF Neighbor States

Down: Previously known neighbor has failed Init: an interim state in which Hello has been heard from the neighbor but that Hello does not list the local routers RID Two-way: the neighbor has sent a Hello that lists the local routers RID in the list of seen routers Full: Both routers complete the database exchange process and have identical LSDB. Fully adjacent Router ID (RID) Router ID must be configured before an OSPF process could be started. Cisco Routers uses the following criteria to select arouter ID: 1. RID configured with router-id command 2. If manual RID not configured, select the highest number IP address on any loopback interface in up/up state 3. If loopback interfaces not configured, select the highest number IP address on any non-loopback interface in up/up state Router Types Internal Router: whose (all) interfaces resides within the same area Backbone Router: A router that resides in the backbone area Area Border Router: an ABR connect two or more Areas ASBR: Autonomous System Boundary Router or an ASBR connects an external routing domain to an OSPF routing domain Route Types and Preference Intra-Area Routes: A route to a network in the same area as the router. Denoted by O in the routing table. Inter-Area Routes: A route to a network in another area as the router. Denoted by O IA in the routing table External Route: A route to network that is external to the OSPF routing domain. Denoted by E1 or E2 in the routing table. Routes Preference: 1. Intra-Area (O) > Inter-Area (O IA) 2. Inter-Area (O IA) > External Type-1 (E1) 3. External Type-1 (E1) > External Type-2 (E2) Areas OSPF runs SPF algorithm and requires a lot of processing power and memory. If the size of network is too large this could cause slower convergence and can lead to following problems: 1. more memory is required to maintain the link state database 2. more processing power is required to process the link state database 3. the links state database grows exponentially with the size of OSPF domain 4. a single change in network topology (for example: link up/down) would trigger all routers to rerun the SPF (again) to calculate the shortest path To cope with these problems, areas are configured. There are two basic types: 1. Backbone Area or Area 0: All other area must be connected to area 0 2. Non-backbone Area: any other area with area-id other than zero Timers Hellos are sent to multicast address: 224.0.0.5 (ALLSPFRouters) Broadcast Multi-access = 10 seconds Point-to-Point & NBMA = 30 seconds

Dead Timer = Four Times the hello interval Broadcast = 40 seconds NBMA and P2P = 120 seconds To change hello and dead intervals use the command config-if)# ip ospf hello-interval seconds and config-if)# ip ospf dead-interval seconds Designated Router (DR) / Backup DR (BDR) Election There are two problems with multi-access networks: 1. For N routers, it requires N(N-1)/2 adjacencies 2. Flooding of this excess LSAs would be chaotic itself for the network DR/BDR addresses the challenge of adjacency creation and LSA flooding on multi-access networks only No election on P2P and P2MP network type The following criteria is used for DR/BDR election: 1. Router with highest interface priority is elected as DR 2. Any other router with second highest priority is elected as BDR 3. If priority is equal, highest RID is used as tie-breaker 4. The DR/BDR election is held between two or more neighbors who reach the TWO-WAY state The priority ranges from 0-to-255 and default value is 1 Priority of 0 means that router will not take part in DR and BDR election DR is never preempted even if a router with better priority is present. Manual reset is required for preemption If a router becomes active and it checks for an active DR and BDR on the network. If there already is an active DR and BDR on the segment, the new router simply accepts them. If there is not, then an election is held for DR/BDR selection After the DR/BDR have been elected, the other router known as DROthers establish adjacencies with DR and BDR only Neighbors are still tracked on multicast address: 224.0.0.5 but DROthers multicast updates to AllDRRouters address: 224.0.0.6. Only DR and BDR listen to this address and DR in-turn flood updates to DROthers on 224.0.0.5 DR/BDR is property of a routers interface not the router itself Virtual Links It is link through non-backbone area to backbone area. Used to connect: 1. an area to backbone area through non-backbone area 2. a partitioned backbone area through non-backbone area Rules: 1. A virtual link can only be configured between ABRs 2. The transit area must have full routing information and it cannot be stub Single Area

Router R1:

interface loopback 0 ip address 10.1.1.1 255.255.255.255 ! interface serial 0/0 ip address 192.168.12.1 255.255.255.0 ! router ospf 100 router-id 1.1.1.1 network 192.168.12.0 0.0.0.255 area 0 network 10.1.1.1 0.0.0.0 area 0 Router R2: interface loopback 0 ip address 10.2.2.2 255.255.255.255 ! interface serial 0/0 ip address 192.168.12.2 255.255.255.0 ! router ospf 100 router-id 2.2.2.2 network 192.168.12.0 0.0.0.255 area 0 network 10.2.2.2 0.0.0.0 area 0 Configuration Example R2# show ip route | begin Gateway Gateway of last resort is not set C 192.168.12.0/24 is directly connected, Serial0/0 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 10.2.2.0/24 is directly connected, Loopback0 O 10.1.1.1/32 [110/65] via 192.168.12.1, 00:00:02, Serial0/0 Multi-Area

Router R1: interface loopback 0 ip address 10.1.1.1 255.255.255.255 ! interface serial 0/0 ip address 192.168.12.1 255.255.255.0 ! interface serial 0/1

ip address 192.168.13.1 255.255.255.0 ! router ospf 100 router-id 1.1.1.1 network 192.168.12.1 0.0.0.0 area 0 network 192.168.13.1 0.0.0.0 area 1 network 10.1.1.1 0.0.0.0 area 0 Router R2: interface loopback 0 ip address 10.2.2.2 255.255.255.255 ! interface serial 0/0 ip address 192.168.12.2 255.255.255.0 ! router ospf 100 router-id 2.2.2.2 network 192.168.12.2 0.0.0.0 area 0 network 10.2.2.2 0.0.0.0 area 0 Router R3: interface serial 0/0 ip address 192.168.13.3 255.255.255.0 ! interface loopback 0 ip address 10.3.3.3 255.255.255.255 ! router ospf 100 router-id 3.3.3.3 network 192.168.13.3 0.0.0.0 area 1 network 10.1.1.3 0.0.0.0 area 1 R2# show ip route | begin Gateway Gateway of last resort is not set C 192.168.12.0/24 is directly connected, Serial0/0 O IA 192.168.13.0/24 [110/128] via 192.168.12.1, 00:00:03, Serial0/0 10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks O IA 10.3.3.3/32 [110/129] via 192.168.12.1, 00:00:12, Serial0/0 C 10.2.2.0/24 is directly connected, Loopback0 O 10.1.1.1/32 [110/65] via 192.168.12.1, 00:00:12, Serial0/0 OSPF Troubleshooting Command 1. show ip protocols 2. show ip ospf [] 3. show ip route [ospf] 4. show ip ospf interface [brief | ] 5. show ip ospf neighbor 6. show ip ospf database 7. debug ip ospf [hello | adjacency | events] CCNA: RIP CHEAT SHEET Key Characteristics

Type: Distance Vector Algorithm: Bellman Ford Standard: RFC 1058 (Version 1), RFC 2453 (Version 2) Administrative Distance: 120 Metric: Hop Count (16 is infinite) Transport Protocol/Port Number: UDP/520 Routed Protocol Support: IP Support for IPv6: Yes (RIPng only) Supports VLSM & Route Summarization: Yes (RIPv2 and RIPng only) Authentication: Yes (MD5 supported with RIPv2 and RIPng only) Convergence: Slower Metric Calculation RIP uses hop count as the metric. Each router increments one hop before advertising to neighbor Routes with least hop count is installed in routing table Hop count of 16 is considered infinite and such routes are not installed and advertised Load Balancing RIP only support only equal cost load balancing Routes with equal hop count are installed automatically in the IP routing table RIP Versions RIP has two versions RIP version 1: 1. classful protocol 2. updates are broadcast 3. no support for summarization 4. no authentication support RIP version 2: 1. classless protocol 2. updates are multicast to address 224.0.0.9 3. support for VLSM and summarization (major network boundary) 4. MD5 authentication support 5. Supports Triggered updates and Route tags The RIP version can be changed with version <1|2> command under RIP configuration process Updates Types RIP sends periodic updates at a specified timer interval These updates include full routing table Disadvantages of Periodic Updates: 1. If updates are sent to frequently it will cause unnecessary bandwidth and CPU utilization. 2. If sent too less, convergence takes longer and routing loops could occur Routing Loop Avoidance Techniques Split Horizon: Updates received in an interface cant be sent out the same interface. Split Horizon with Poison Reverse: Updates sent back with infinite metric (hop count 16) for every update received in an interface

Count to Infinity: To avoid continuous looping of a (bad) routing update. RIP sets the count to infinity with a hop count of 16. Triggered Updates: supported with RIP version 2. Also known as the flash updates. If a metric is changed it is immediately advertised to neighbors without waiting for the regular scheduled update timer Timers Update: send every 30 seconds Invalid: Interval of time in seconds after which a route is declared invalid; it should be at least three times the value of the update argument. A route becomes invalid when there is an absence of updates that refresh the route. Default 180 seconds Holddown: Interval in seconds during which routing information regarding better paths is suppressed. Default 180 seconds Flush: Also called the garbage collector timer. It is set to 240 seconds (60 seconds longer than invalid timer). It specifies the time after which route is removed from routing table The timers command is used to change default values Configuration Example: RIP version 1

Router R1: interface loopback 0 ip address 10.1.1.1 255.255.255.255 ! interface serial 0/0 ip address 192.168.12.1 255.255.255.0 ! router rip network 192.168.12.0 network 10.0.0.0 Router R2: interface loopback 0 ip address 172.16.2.2.255.255.255.0 ! interface serial 0/0 ip address 192.168.12.2 255.255.255.0 ! router rip network 192.168.12.0 network 172.16.0.0 R1#sh ip route | be Gateway Gateway of last resort is not set C 192.168.12.0/24 is directly connected, Serial0/0 R 172.16.0.0/16 [120/1] via 192.168.12.2, 00:00:17, Serial0/0 Due to auto summarization

10.0.0.0/24 is subnetted, 1 subnets C 10.1.1.0 is directly connected, Loopback0 Configuration Example: RIP version 2 Router R1: interface loopback 0 ip address 10.1.1.1 255.255.255.255 ! interface serial 0/0 ip address 192.168.12.1 255.255.255.0 ! router rip version 2 network 192.168.12.0 network 10.0.0.0 Router R2: interface loopback 0 ip address 172.16.2.2.255.255.255.0 ! interface serial 0/0 ip address 192.168.12.2 255.255.255.0 ! router rip version 2 network 192.168.12.0 network 172.16.0.0 R1#sh ip route | be Gateway Gateway of last resort is not set C 192.168.12.0/24 is directly connected, Serial0/0 R 172.16.0.0/16 [120/1] via 192.168.12.2, 00:00:58, Serial0/0 Due to auto summarization 10.0.0.0/24 is subnetted, 1 subnets C 10.1.1.0 is directly connected, Loopback0 Troubleshooting Commands 1. show ip protocols 2. show ip route 3. debug ip rip 4. debug ip rip events 5. debug ip rip database CCNA: VLAN, Trunking, VTP, STP, RSTP, Switch Security and Troubleshooting Basic Terms Collision Domain: defines a set of interfaces whose frames could collide with each other Broadcast Domain: defines a set of devices, whose frames are received by every device on the network when any one of them sends traffic Virtual LANs (VLANS) VLAN allows segmentation of a switch into multiple broadcast domains. Without VLANs, a switch can only function

in a single broadcast domain. Due to the segmentation, VLANs offer the following advantages: Ease of administration Confinement of broadcast domains Security VLAN Trunking Protocol (VTP) VTP manages the addition, deletion and renaming of VLANs across the network from central point of control VTP Domains: VTP is organized into management domains or areas with common VLAN requirements A switch can belong to only one VTP domain Switches in different domains dont share the VTP information VTP Modes: Server, Client and Transparent Server: can create, delete, modify and advertise VLAN information Transparent: can create, delete and modify VLAN information but does not advertise Client: cannot delete, add or modify VLAN information. Accepts and advertise VTP updates VTP switches uses an index called VTP Configuration Revision number VTP revision always starts from Zero Incremented before an advertisement is sent out Is over-written if a higher revision number advertisement is received (either by VTP client or server) Stored in NVRAM therefore cannot be altered VTP advertisement can be secured with MD5 authentication VLAN Trunking Trunks allow carrying traffic for more than one VLAN on the same link. There are two types of trunks supported on Cisco switches: 1. Inter Switch Link (ISL): encapsulated original frame into 30-bytes ISL frame (26-bytes for ISL and 4-bytes for CRC). Cisco propriety method 2. IEEE 802.1Q: an open standard. Instead of encapsulating it embeds tag 4-bytes in the Ethernet frame. Also supports native VLAN Spanning Tree Protocol (STP) Terms

Bridging Loop: formed due to redundant paths in the network. These redundant paths cause the broadcast traffic to loop around indefinitely causing what is known as the broadcast storm.

Bridge ID: is an 8-byte field. Consists of bridge priority (2-byte) and MAC-address (6-byte). The bridge ID is now extended to include the VLAN ID to avoid un-necessary consumption of MACaddresses Bridge Protocol Data Units (BPDU): STP uses special frames called BPDUs to pass STP information. Two types 1. Configuration BPDU: Used for STP computation 2. Topology Change Notification (TCN) BPDU: Used to announce changes in the network topology Root Bridge: A reference point for all bridges in network Root Port: One port for each nonroot switch that always points to the current root bridge. Designated Port: One port for each segment Blocking Port: A port that is neither a root port nor a designated port. STP Convergence Defined in IEEE 802.1 D standard. Used to avoid bridging loops. STP convergence takes place in three steps: 1. Elect the Root Bridge: the root bridge is selected with the lowest bridge ID. Essentially switch with lowest priority becomes the root. If the bridge priorities are equal, switch with lowest MACaddress becomes the root 2. Elect the Root Port: each non-root switch must select one Root Port. The root port is a port with least Root Path Cost (cumulative cost of all links leading to the root bridge). 3. Elect the Designated Port: for each LAN segment, a designated port is selected. It is responsible to forward traffic to and from that segment. A port is selected as designated when it has the least cumulative root path cost among all ports on segment. STP Port States There are five port states: 1. Disabled Ports that are administratively shutdown by the network administrator or not enabled due to some error. 2. Blocking A port after initialization, begins in Blocking state to avoid bridging loops The port is not allowed to send or receive traffic and only allowed to receive STP Ports that are put in standby mode to remove bridging loops after STP computation enter blocking state 3. Listening A port is moved from blocking to listening if the switch thinks that the port can be selected as Root Port or Designated Port Still cannot send and receive traffic but is now allowed to send BPDUs inaddition to receiving them. In this state the port is allowed to become Root Port or designated port because the switch can advertise the port by sending BPDUs to other switches If a port losses it status as Root Port or Designated port it is put in blocking state 4. Learning After a period of time called FORWARD DELAY (15 seconds)u in listening state, the port is allowed to move in learning state Port can send and receive BPDUs Port can learn and add MAC addresses to CAM table which previously was not allowed. Port cannot send and receive any data frames 5. Forwarding

After another FORWARD DELAY in learning state, the port is moved into forwarding state Port can send and receive BPDUs Port can learn MAC addresses Port can send and receive data frames Port can only be in forwarding if there is no loop and it is either designated port or root port STP Timers 1. Hello Time It is the time interval between Configuration BPDUs sent by root bridge The default time is 2-seconds It is the time interval configured on Root Bridge. All non-root bridges adapt the root bridge hello time interval Switches also have a locally configured Hello time that is used for Topology Change Notification (TCN) 2. Forward Delay The time interval that a switch port spends in the Listening state and the Learning state The default time is 15 seconds 3. Max (maximum) Age The time interval that a switch stores the BDPU before aging it out The default value is 20 seconds STP Path Selection Criteria If a bridge receives multiple BDPUs with equal parameters, the following are used as a tie breakers for path selection: 1. Lowest Root Bridge ID 2. Lowest Root Path Cost to root bridge 3. Lowest Sender (neighbor) Bridge ID 4. Lowest Sender Port ID STP Enhancements Port Fast: usually enabled on port that connects to server or end user workstation. It allows the port to transition immediately to the forwarding state bypassing the forward delays in listening and learning states. Uplink Fast: used to speed up convergence time when direct failure of a root port. If the Root Port fails, the Port with the next-lowest Root-Path Cost is unblocked and used without any delay. Used on access-layer switches Backbone Fast: Optimizes convergence when an Indirect link failure occurs. Allows convergence to be reduced from 50 seconds to 30 seconds when an indirect link failure occurs. Used to determine if there are alternative paths to the Root Bridge. Should be enabled on all switches to allow the propagation of link failures throughout the network. Switches detect indirect topology changes when inferior BPDU is detected. Detection of alternative path is done with Root Link Query (RLQ) protocol Protecting the STP Topology: Unexpected BPDUs Root Guard: When enabled on an Interface, it ignores any received superior BPDUs to prevent switch connected to this port to become Root Bridge. The port receiving the new superior BPDU is put in ROOT-INCO NSISTENT state ceasing forwarding and receiving of frames until the superior

BPDUs cease. When the superior BPDUs are no longer received, the port is cycled through the normal STP states to return to normal use. BPDU Guard: it is enabled on ports with PortFast. If a BPDU is received, the port is put in ERRDISABLE state. The port then must manually shut/no shut or automatically recovered with ERRDISABLE timeout function. Can be enabled globally or per-interface basis Protecting STP Topology: Unexpected Loss of BPDUs Loop Guard: It Keeps track of BPDU activity on non designated Ports. While BPDUs are received the port is allowedto behave normally. If there is loss of BPDUs, the Port is moved into Loopinconsistent State. When LoopGuard is not enabled on a blocking port and there is sudden loss of BPDUs that port is transitioned through STP states and put into forwarding which may cause loops. UDLD: UDLD interactively monitors a port to see if the link is truly bidirectional. Unidirectional links result in loss of BPDUs on a port that may transition to forwarding state from blocking state Rapid Spanning Tree Protocol (RSTP) IEEE defined an improved version of STP in standard 802.1s. Procedures inherited from traditional STP include: 1. Election of Root Bridge and same tie-breaking criteria 2. Election of Root Port on Non-Root with the same rules 3. Election of Designated Port RSTP Port Roles Root Port: with best root path cost to root bridge Designated Port: with best root path cost to root on the segment Alternative Port: provides alternative path less desirable then root port. Alternative/backup to root port Backup Port: provides a redundant but less desirable connection to a segment RSTP Port States RSTP defines port states according to what port does with incoming frame. If incoming frames are ignored or dropped, so are outgoing frames 1. Discarding Incoming frames are dropped No MAC addresses are learned This state combines 802.1D Disabled, Blocking and Listening states 2. Learning Incoming frames are dropped but MAC addresses are learned 3. Forwarding Incoming frames are forwarded according to CAM table RSTP Port Types and Convergence 1. Edge Similar to PortFast feature Ports connecting to end-users Ports in edge mode are immediately put in forwarding state If an edge port receives a BPDU, it loses 2. Root The port that has best cost to the root. Only one root port can be selected and active at any time Alternative root ports can exists but will only be active if the primary root port fails 3. Point-to-Point (P2P)

Any port that connects to another switch and becomes a designated port. A quick handshake with the neighboring switch rather than a timer expiration decides the port state. BPDUs are exchanged back and forth in the form of a proposal and an agreement One switch port proposes to become designated and if other switch agrees it replies with an agreement message Point-to-Point ports are determined with duplex setting Full duplex port are considered P2P because only two-switches can be present on the link RSTP convergence occurs quickly with handshake message 4. Shared Half duplex port is considered shared medium with possibly more than two switches present Traditional STP style convergence takes place on shared medium Switch Security The following securitysmethod are support on Cisco Catalyst switches 1. Access Control List: Cisco IOS Switches support Standard and Extended ACLs and Named ACLs. In addition, Named MAC ACLs are also supported to filter traffic based on layer-2 addresses. Named MAC ACLs also support filtering of Non-IP traffic 2. IEEE 802.1X Port Based Authentication: allows client-server based access control authentication. Prevents un-authorized access to network unless properly authenticated. Until the client is authentication only CDP, STP and Extensible Authentication Protocol over LAN (EAPoL) is allowed to pass through the specified port 3. Port Security: allows only specified number of MAC-address to access the port. MAC addresses must be defined or could be learned when the client is first connected to the port. If a port security violation occurs, one of the following three action can be configured: Protect: traffic from unknown MAC-address is dropped and no notification is generatedPort can send and receive BPDUs Restrict: traffic from unknown MAC-address is dropped and notification is generated. Usually an SNMP trap is generatedPort can send and receive data frames Shutdown: the port is transited to ERROR-DISABLED state and the port is shutdown. An SNMP trap or syslog message is also generated. A port can be recovered from ERROR-DISABLED by either configuring: errdisable recovery cause command or manually applying shutdown and no shutdown command to the interface Configuration Example: Creating VLANs 1. configure terminal 2. vlan 3. name 4. interface 5. switchport mode access 6. switchport access vlan 7. end 1. configure term 2. vlan 100

3. name Sales 4. interface fastethernet 0/1 5. switchport mode access 6. switchport acces vlan 100 7. end VLANs can also be created directly by applying the switchport access vlan command to an interface The switchport mode access command statically configures the port in access mode Verification and Troubleshooting 1. show vlan brief 2. show switchport interface 3. show running-configuration Configuration Example: Trunking

1. configure terminal 2. interface 3. switchport trunk encapsulation 4. switchport mode 5. switchport nonnegotiate The switchport nonegotiate command disables the negotiation of trunking between the pair of switches. Usually used on interface that connect to routers as they dont support the dynamic trunking protocol Tunking Mode: Trunk: Always trunking Dynamic Desirable: Initiates negotiating messages and respond to negotiation messages (active mode) Dynamic Auto: Only respond to negotiation messages (passive mode) DIAGRAM # 1 Switch SW-1: 1. configure terminal 2. vlan 100 3. names Sales 4. interface range fastethernet 0/1 - 15 5. switchport mode access 6. switchport acces vlan 100 7. interface gigabitethernet 0/0 8. switchport trunk encapsulation dot1q 9. switchport mode trunk Switch SW-2: 1. configure terminal 2. vlan 100 3. names Sales

4. interface range fastethernet 0/1 - 15 5. switchport mode access 6. switchport acces vlan 100 7. interface gigabitethernet 0/0 8. switchport trunk encapsulation dot1q 9. switchport mode dynamic desirable Verification and Troubleshooting 1. show vlan brief 2. show interface status 3. show interfaces trunk Configuration Example: VTP 1. configure terminal 2. vtp mode 3. vtp domain 4. vtp version <1 | 2> 5. vtp password 6. vtp pruning 7. end Switch SW-1: 1. configure terminal 2. vlan 100,200,300,400,500,600 3. vtp mode server 4. vtp domain CCNA 5. vtp version 2 6. vtp password ccna-lab 7. vtp pruning 8. end Switch SW-2: 1. configure terminal 2. vtp mode client 3. vtp domain CCNA 4. vtp version 2 5. vtp password ccna-lab 6. End Verification and Troubleshooting: VTP SW2# show vtp status VTP Version : 2 Configuration Revision : 8 Maximum VLANs supported locally : 36 Number of existing VLANs : 11 VTP Operating Mode : Client VTP Domain Name : CCNA VTP Pruning Mode : Enabled VTP V2 Mode : Enabled VTP Traps Generation : Disabled MD5 digest : 0xFD 0x93 0x2B 0xB2 0x8F 0x46 0xFD 0xC3 Configuration last modified by 10.1.1.1 at 3-1-02 00:06:17 When MD5 is configured, the digest should be same on both switches The number of VLAN in show vlan brief should be equal to VLANs configured on VTP server

Configuration Example: STP and RSTP 1. spanning-tree vlan root [primary|secondary] diameter hello-time 2. spanning-tree vlan priority makes a switch to become root for specified vlan priority range is 0 to 61440 and increments with a value of 4094 3. spanning-tree vlan hello-time 4. spanning-tree vlan forward-time 5. spanning-tree vlan max-age 6. spanning-tree mode [pvst| mst | rapid-pvst] 7. interface 8. spanning-tree link-type [point-to-point] Related to Rapid-PVST 9. spanning-tree [vlan ] port-priority 10. spanning-tree [vlan ] cost 1. show spanning-tree vlan 2. show spanning-tree summary 3. show spanning-tree interface 4. show spanning-tree detail detail summary of interfaces 5. show spanning-tree active stp on active interfaces 6. show spanning-tree summary [totals] For diagram # 1, let us consider the following scenario: 1. SW2 should be the Root Bridge for VLAN 100 and SW is the backup root 2. SW 1 should be root for VLAN 200. 3. The hello and forward delay times should be 5 and 25 seconds respectively for VLAN 100 Switch SW-1: 1. configure terminal 2. spanning-tree vlan 100 root secondary 3. spanning-tree vlan 200 priority 4096 Switch SW-2: 1. configure terminal 2. spanning-tree vlan 100 root primary 3. spanning-tree vlan 100 hello-time 5 4. spanning-tree vlan 100 forward-time 25 Verification and Troubleshooting: STP SW1#show spanning-tree vl 100 root Root ID Priority 4096 Address c204.0e00.0001 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Verification and Troubleshooting: STP SW2#show spanning-tree vlan 100 brief VLAN100 Spanning tree enabled protocol ieee Root ID Priority 8192 Address c205.0e00.0001 This bridge is the root Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 8192

Address c205.0e00.0001 Hello Time 5 sec Max Age 20 sec Forward Delay 25 sec Aging Time 300 Interface Designated Name Port ID Prio Cost Sts Cost Bridge ID Port ID FastEthernet1/1 128.42 128 19 FWD 0 8192 c205.0e00.0001 128.42 FastEthernet1/2 128.43 128 19 FWD 0 8192 c205.0e00.0001 128.43 FastEthernet1/12 128.53 128 19 FWD 0 8192 c205.0e00.0001 128.53 SW2# Configuration and Troubleshooting: Port Security 1. interface 2. switchport mode access 3. swithcport security 4. swithcport security maximum 5. swithcport security mac-address [ | sticky] 6. switchport port-security violation {protect | restrict | shutdown} 1. show port-security 2. show port-security [interface ] 3. show port-security address SW1# show port-security Secure Port MaxSecureAddr Current Addr SecurityViolation Security Action (Count) (Count) (Count) Fa1/1 1 1 0 Shutdown Fa1/2 2 1 0 Restrict Total Addresses in System: 21 Max Addresses limit in System: 128 SW1# show port-security interface fastethernet 1/1 Port Security: Enabled Port status: SecureUp Violation mode: Shutdown Maximum MAC Addresses: 1 Total MAC Addresses: 1 Configured MAC Addresses: 1 Aging time: 20 mins Aging type: Inactivity Secure Static address aging: Enabled Security Violation count: 0 =====================================================================================

CCNA Quick Notes


Quick Notes - LAN

What is carrier sense multiple access collision detect (CSMA/CD)? CSMA/CD describes the Ethernet access method. In CSMA/CD, many stations can transmit on the same cable, and no station has priority over any other. Before a station transmits, it listens on the wire to make sure no other station is transmitting. If no other station is transmitting, the station transmits across the wire. CSMA/CD is all about devices taking turns using the wire.

What are MAC addresses? For computers to identify each other on the data link layer, they need a MAC address (hardware address). All devices on a LAN must have a unique MAC address. A MAC address is a 48-bit (six octet) address burned into a network interface card. The first three octets (24 bits) of the MAC address indicate the vendor that manufactured the card. This is called the Organization Unique Identifier (OUI). The last three octets of the MAC address are the unique host address. An example of a MAC address is 00-80-C6E7-9C-EF.

What are the three types of LAN traffic? The three types of LAN traffic are: Unicasts Broadcasts Multicasts

What are unicast frames? Unicast frames are the most common type of LAN traffic. A unicast frame is a frame intended for only one host. In unicast frames, the only station that processes the frame is the station that has its own MAC address in the destination portion of the packet.

What are broadcast frames? Broadcast frames are frames intended for everyone. Stations view broadcast frames as public service announcements. All stations receive and process broadcast frames. In large networks, broadcasts can bring the network to a crawl, because every computer must process them.

What is the destination address of broadcast frames? The destination address of broadcast frames (Layer 2 broadcast addresses) is FF-FF-FF-FF-FF-FF, or all 1s in binary.

What are multicast frames? Multicast frames address a group of devices that have a common interest. These frames allow the source to send only one copy of the frame on the network even though it is intended for several stations. Only stations that have a card that is configured to receive multicast frames process them. All other stations discard multicast frames.

What devices can you use to segment a LAN at Layer 1, Layer 2, and Layer 3? Three devices you can use to segment a LAN are: Hubs/repeaters (Layer 1) Bridges/switches (Layer 2) - physical addresses Routers (Layer 3) - logical addresses

What happens when you segment the network with hubs/repeaters? Because hubs and repeaters operate at the physical layer of the OSI model, segmenting a network with these devices appears as an extension to the physical cable. Hubs and repeaters are transparent to devices. They are unintelligent devices. All devices that connect to a hub/repeater share the same bandwidth. Hubs/repeaters create a single broadcast and collision domain.

What is the advantage of segmenting a network with bridges/switches? Bridges/switches operate at Layer 2 of the OSI model and filter by MAC address. Each port on a bridge/switch provides full-dedicated bandwidth and creates a single collision domain. Because bridges/switches operate at Layer 2 of the OSI model, they cannot filter broadcasts, and they create a single broadcast domain. For the CCNA test, remember that switches create more collision domains and fewer collisions.

What is the difference between bridges and switches? Bridges and switches function the same way; the only difference is in how they are implemented. Bridges are implemented by software and usually have a couple of network ports. Switches are implemented in hardware by ASIC chips and have many ports.

What are the advantages and disadvantages of segmenting the LAN with routers?

An advantage of segmenting the LAN with routers is that each interface on a router creates a single broadcast and collision domain. Routers operate at Layer 3 of the OSI model and do not propagate broadcasts. Some disadvantages are that routers are not transparent and are implemented in software, thus introducing latency in the network.

What is the Maximum Transmission Unit (MTU) for an Ethernet frame? 1500 bytes is the MTU for an Ethernet frame. You will notice that some publications state that the MTU for Ethernet is 1518 bytes. This is correct also. But what is the true answer? The MTU for Ethernet, including the header, source and destination address, data, and CRC is 1518 bytes. The MTU for the data portion of the frame is 1500 bytes.

What three major functions do Layer 2 switches provide? The three major functions that Layer 2 switches provide are Address learning Packet forwarding/filtering Loop avoidance by spanning tree

What are some advantages of switches? Some advantages of switches are as follows: They increase available network bandwidth. They reduce the number of users per segment. They provide dedicated bandwidth to each segment. Transparent bridging (switching) provides five bridging functions to determine what to do when it receives a frame.

What are these five processes? The five processes are: Learning Flooding Filtering Forwarding Aging

In transparent bridging, what is the learning process? The first process a bridge goes through when it is powered on is the learning process. The MAC address table on the bridge contains no entries, and the bridge goes through the learning process to record all workstations on every interface. In the learning process, the bridge records the source MAC address and source port number in the MAC address table every time it sees a frame.

In transparent bridging, what is the flooding process? When a bridge is first turned on, it has no MAC address in its table. When a switch receives a unicast frame, it knows the source address and port from which the unicast frame came, but no entry exists in its table for the destination address. This is called an unknown unicast frame. When a switch receives an unknown unicast frame, it sends the frame out all forwarding interfaces on the bridge except the interface that received the frame. This process is the flooding process.

In transparent bridging, what is the filtering process? The filtering process occurs when the source and destination addresses reside on the same interface on the bridge. Because the bridge does not need to forward a frame in which the destination and source addresses reside on the same interface, it filters the frame and discards it.

In transparent bridging, what is the forwarding process? The forwarding process occurs when a switch receives a unicast frame and has an entry of the destination address in its MAC table. The switch then forwards the frame to the interface where that destination address resides.

In transparent bridging, what occurs during the aging process? Every time a bridge learns a source address, it time-stamps the entry. When the bridge sees a frame from this source, it updates the time stamp. If the bridge does not hear from the source for a specific amount of time (called the aging timer), the bridge deletes the entry from its MAC address table. This process is the aging process.

What is the default aging time in transparent bridges? The default aging timer is 5 minutes.

What is the Spanning-Tree Protocol (STP)? STP is a loop-prevention bridge-to-bridge protocol. Its main purpose is to dynamically maintain a loopfree network. It does this by sending out Bridge Protocol Data Units (BPDUs), discovering any loops in the topology, and blocking one or more redundant links.

How does STP maintain a loop-free network? STP maintains a loop-free network by Electing a root bridge Electing a root port on each nonroot bridge Electing designated ports Putting in the blocking state any port that is not a root port or designated port

What two key concepts does STP calculation use to create a loop-free topology? The two key concepts that STP uses to calculate a loop-free topology are Bridge ID (BID) Path cost

In spanning tree, what is a Bridge ID (BID)? A BID is an 8-byte field that is composed of the bridge's 6-byte MAC address and a 2-byte bridge priority.

What is the default bridge priority in a Bridge ID for all Cisco switches? 32,768

In spanning tree, what is path cost? Path cost is a calculation to determine the link's bandwidth. It is a value assigned to each port that is based on the port's speed.

What is the spanning tree path cost for each of the following? 10 Mbps 100 Mbps 1 Gbps The path costs are as follows: 10 Mbps - 100

100 Mbps - 19 1 Gbps - 4

When calculating a loop-free environment, what four-step decision sequence does spanning tree use to determine what will be the root bridge and which ports will forward or block? The four-step decision sequence that spanning tree uses to determine the root bridge and which port will forward is as follows: Step 1. The lowest root BID Step 2. The lowest path cost to the root bridge Step 3. The lowest sender BID Step 4. The lowest port ID

How do bridges pass spanning tree information between themselves? Bridges pass STP information using special frame called Bridge Protocol Data Units (BPDUs).

How often do bridges send BPDUs out active ports? The default time that bridges send BPDUs out active ports is 2 seconds. Note: All ports on a switch listen for BPDUs in case there is a topology change.

In STP, how is a root bridge elected? In STP, the bridge with the lowest BID is elected the root bridge. All ports on the root bridge are placed in the forwarding state and are called designated ports. Note: The BID is a 6-byte field that is composed of a default priority (32,768) and a MAC address. Because all Cisco switches use the default priority, the switch with the lowest MAC address is elected the root bridge. As a rule of thumb, lower will always win in spanning tree.

After bridges elect the root bridge, what do they do next? After electing the root bridge, switches elect root ports. A root port is the port on nonroot bridges that is closest to the root bridge. Every nonroot bridge must select one root port.

How do nonroot bridges decide which port they will elect as a root port? Nonroot bridges use root path cost to determine which port will be the root port. Root path cost is the cumulative cost of all links to the root bridge. The port with the lowest root path cost is elected the

bridge's root port and is placed in the forwarding state.

What is the difference between path cost and root path cost? Path cost is the value assigned to each port. It is added to BPDUs received on that port to calculate the root path cost. Root path cost is defined as the cumulative cost to the root bridge. In a BPDU, this is the value transmitted in the cost field. In a bridge, this value is calculated by adding the receiving port's path cost to the value contained in the BPDU.

If a nonroot bridge has two redundant ports with the same root path cost, how does the bridge choose which port will be the root port? If a nonroot bridge has redundant ports with the same root path cost, the deciding factor is the port with the lowest port ID (port number).

After the root bridge and root ports are selected, the last step in spanning tree is to elect designated ports. How do bridges elect designated ports? In spanning tree, each segment in a bridged network has one designated port. This port is a single port that both sends and receives traffic to and from that segment and the root bridge. All other ports are placed in a blocking state. This ensures that only one port on any segment can send and receive traffic to and from the root bridge, ensuring a loop-free topology. The bridge containing the designated port for a segment is called the designated bridge for that segment. Designated ports are chosen based on cumulative root path cost to the root bridge. Note: Every active port on the root bridge becomes a designated port.

If a bridge is faced with a tie in electing designated ports, how does it decide which port will be the designated port? In the event of a tie, STP uses the four-step decision process discussed in Question 30. It first looks for the BPDU with the lowest BID; this is always the root bridge. If the switch is not the root bridge, it moves to the next step: the BPDU with the lowest path cost to the root bridge. If both paths are equal, STP looks for the BPDU with the lowest sender BID. If these are equal, STP uses the link with the lowest port ID as the final tiebreaker.

What are the four spanning tree port states? The four spanning tree port states are Blocking

Listening Learning Forwarding Remember that root and designated ports forward traffic and that nondesignated ports block traffic but still listen for BPDUs. Important note: There is another port state - Disabled - (No frames forwarded, no BPDUs heard). If it shows up in the answer options - select it along with the others.

What is the STP blocking state? When a switch starts, all ports are in the blocking state. This is to prevent any loops in the network. If there is a better path to the root bridge, the port remains in the blocked state. Ports in the blocked state cannot send or receive traffic, but they can receive BPDUs.

What is the STP listening state? Ports transition from a blocked state to a listening state. In this state, no user data is passed. The port only listens for BPDUs. After listening for 15 seconds (if the bridge does not find a better path), the port moves to the next state, the learning state.

What is the STP learning state? In the STP learning state, no user data is being passed. The port quietly builds its bridging table. The default time in the learning state is 15 seconds.

What is the STP forwarding state? After the default time in the learning state is up, the port moves to the forwarding state. In the forwarding state, the port sends and receives data.

What is STP forward delay? The forward delay is the time it takes for a port to move from the listening state to the learning state or from the learning state to the forwarding state. The default time is 30 seconds.

What is the hello time in STP timers? The hello time is the time interval between the sending of BPDUs. The default time is 2 seconds.

What is the Max Age timer? The Max Age timer is how long a bridge stores a BPDU before discarding it. The default time is 20 seconds (ten missed hello intervals).

What is the default time a port takes to transition from the blocking state to the forwarding state? The default time a port takes to transition from the blocking state to the forwarding state is 50 seconds: 20 seconds for Max Age, 15 seconds for listening, and 15 seconds for learning.

What does STP do when it detects a topology change in the network due to a bridge or link failure? If spanning tree detects a change in the network due to a bridge or link failure, at least one bridge interface changes from the blocking state to the forwarding state, or vice versa.

Quick Notes - WAN The three WAN connection types available are leased lines, circuit-switched, and packet-switched. Define the differences between each connection type. Leased lines are dedicated point-to-point lines that provide a single preestablished WAN communication path from the customer's network to the remote network. Leased lines are usually employed over synchronous connections. They are generally expensive and are always up. Circuit-switched connections are dedicated for only the duration of the call. The telephone system and ISDN are examples of circuitswitched networks. Packet-switched connections use virtual circuits (VCs) to provide end-to-end connectivity. Packet-switched connections are similar to leased lines, except that the line is shared by other customers. A packet knows how to reach its destination by programming of switches. Frame Relay is an example of a packet-switched connection. Define customer premises equipment (CPE), and give an example. CPE is equipment that is located on the customer's (or subscriber's) premises. It is equipment owned by the customer or equipment leased by the service provider to the customer. An example is your router. What is the demarcation point (demarc)? The demarc is the point where the CPE ends and the local loop begins. It is the last responsibility of the service provider and is usually an RJ-45 jack located close to the CPE. Think of the demarc as the boundary between the customer's wiring and the service provider's wiring. What is the local loop? The local loop is the physical cable that extends from the demarc to the central office. Describe the central office (CO). The CO is the telco switching facility that connects the customer to the provider's switching network. The CO is sometimes referred to as a point of presence. It is the point where the local loop gains access to the

service provider's access lines. What is the toll network? All the telco switches, COs, and trunk lines inside the WAN provider's network are the toll network. What are synchronous links? Synchronous links have identical frequencies and contain individual characters encapsulated in control bits, called start/stop bits, that designate the beginning and end of each character. Synchronous links try to use the same speed as the other end of a serial link. What are asynchronous links? Asynchronous links send digital signals without timing. Asynchronous links agree on the same speed, but there is no check or adjustment of the rates if they are slightly different. Only 1 byte per transfer is sent. List some typical Layer 2 encapsulation methods for WAN links. . High-Level Data Link Control (HDLC) Point-to-Point Protocol (PPP) Serial Line Internet Protocol (SLIP) X.25/Link Access Procedure, Balanced (LAPB) Frame Relay Asynchronous Transfer Mode (ATM) Describe HDLC. HDLC was derived from Synchronous Data Link Control (SDLC). It is the default encapsulation type on point-to-point dedicated links and circuit-switched connections between Cisco routers. It is an ISOstandard bit-oriented data-link protocol that encapsulates data on synchronous links. HDLC is a connection-oriented protocol that has very little overhead. HDLC lacks a protocol field and therefore cannot encapsulate multiple network layer protocols across the same link. Because of this, each vendor has its own method of identifying the network-layer protocol. Cisco offers a propriety version of HDLC that uses a type field that acts as a protocol field, making it possible for multiple network-layer protocols to share the same link. By default, Cisco uses HDLC as its default encapsulation method across synchronous lines (point-to-point links). If a serial line uses a different encapsulation protocol, how do you change it back to HDLC? To change a serial line back to HDLC, use the following interface command on the serial interface you want to change: Router(config-if)#encapsulation hdlc What is the Point-to-Point Protocol (PPP)? PPP is an industry-standard protocol that provides router-to-router or router-to-host connections over synchronous and asynchronous links. It can be used to connect to other vendors' equipment. It works with several network-layer protocols, such as IP and IPX. PPP provides authentication through PAP or CHAP. Describe X.25/LAPB. X.25/LAPB is an ITU-T standard that has a tremendous amount of overhead because of its strict timeout and windowing techniques. LAPB is the connection-oriented protocol used with X.25. It uses the ABM

(Asynchronous Balance Mode) transfer mode. X.25/LAPB was used in the 1980s when WAN links were not as error-free as they are today. X.25 is a predecessor of Frame Relay. X.25 supports both switched and permanent virtual circuits. What is Frame Relay? An industry standard, Frame Relay is a switched data link layer protocol that uses virtual circuits to identify the traffic that belongs to certain routers. It provides dynamic bandwidth allocation and congestion control. How do you view the encapsulation type on a serial interface? To view the encapsulation type on a serial interface, use the show interface serial interface-number command: RouterB#show interface serial 0 Serial0 is up, line protocol is up Hardware is HD64570 Internet address is 192.168.1.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec) Last input 00:00:00, output 00:00:03, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/1/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 9 packets input, 1730 bytes, 0 no buffer Received 8 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 7 packets output, 1584 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 output buffer failures, 0 output buffers swapped out 5 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up

Quick Notes - INTERNETWORKING What are the three layers of the Cisco Hierarchical Model? The three layers of the Cisco Hierarchical Model are:1 The access layer The distribution layer The core layer

In the Cisco Hierarchical Model, what is the function of the access layer? Sometimes referred to as the desktop layer, the access layer is the point at which users connect to the network through low-end switches. Some functions of the access layer include: Connectivity into the distribution layer Shared Bandwidth MAC Address filtering (switching) Segmentation

What is the function of the distribution layer in the Cisco Hierarchical Model? The distribution layer is also known as the workgroup layer. It is the demarcation point between the access and core layers of the network. Its primary function is to provide routing, filtering, and WAN access. The distribution layer determines how packets access the core, so it is the layer at which to implement policy-based connectivity. Some functions include the following: Collection point for access layer devices Broadcast and multicast domain segmentation Security and filtering services such as firewalls and access lists Providing translation between different media types Inter-VLAN routing

What is the role of the core layer in the Cisco Hierarchical Model? The core layer is the backbone of the network. Its main function is to switch traffic as fast as possible. Therefore, it should not perform any filtering to slow down traffic. The ISO's OSI Reference Model contains seven layers. What are they? Include the layer number and name of each layer in your answer. The seven layers of the OSI model are as follows: Layer 7 - Application layer

Layer 6 - Presentation layer

Layer 5 - Session layer

Layer 4 - Transport layer

Layer 3 - Network layer

Layer 2 - Data link layer

Layer 1 - Physical layer

What are some reasons that the industry uses a layered model? Here are some reasons why the industry uses a layered model: It encourages industry standardization by defining what functions occur at each level. It allows vendors to modify or improve components at only one layer versus rewriting the whole protocol stack. It helps interoperability by defining standards for the operations at each level. It helps with troubleshooting.

What does the application layer (Layer 7) of the OSI model do, and what are some examples of this layer? The application layer is the layer that is closest to the user. This means that this layer interacts directly with the software application. The application layer's main function is to identify and establish communication partners, determine resource availability, and synchronize communication. Some examples include the following: TCP/IP applications such as Telnet, File Transfer Protocol (FTP), Simple Mail Transfer Protocol (SMTP), WWW, and HTTP. OSI applications such as Virtual Terminal Protocol, File Transfer, Access, and Management (FTAM), and Common Management Information Protocol (CMIP).

In the OSI model, what are the responsibilities of the presentation layer (Layer 6)? Give some examples of this layer. Also known as the translator, the presentation layer provides coding and conversion functions to application layer data. This guarantees that the application layer on another system can read data

transferred from the application layer of a different system. Some examples of the presentation layer are: Compression, decompression, and encryption JPEG, TIFF, GIFF, PICT, QuickTime, MPEG, and ASCII

What are the functions of the session layer (Layer 5)? Give some examples. The session layer is responsible for creating, managing, and ending communication sessions between presentation layer entities. These sessions consist of service requests and responses that develop between applications located on different network devices. Some examples include SQL, RPC, NFS, X Window System, ZIP, NetBIOS names, and AppleTalk ASP.

What is the transport layer (Layer 4) responsible for? Give some examples of transport layer implementations. The transport layer segments and reassembles data from upper-layer applications into data streams. It provides reliable data transmission to upper layers. End-to-end communications, flow control, multiplexing, error detection and correction, and virtual circuit management are typical transport layer functions. Some examples include TCP, UDP*, and SPX. Note: watch out for end-to-end on communications on the exam! Transport layer.

* Error correction does not apply to UDP - connection-less - unreliable.....

What is flow control, and what are the three methods of implementing it? Flow control is the method of controlling the rate at which a computer sends data, thus preventing network congestion. The three methods of implementing flow control are Buffering Congestion avoidance Windowing Almost certain to be on the exam.

Describe the function of the network layer (Layer 3), and give some examples of network layer implementations.

The network layer provides internetwork routing and logical network addresses. It defines how to transport traffic between devices that are not locally attached. The network layer also supports connection-oriented and connectionless service from higher-layer protocols. Routers operate at the network layer. IP, IPX, AppleTalk, and DDP are examples of network layer implementations.

Are network layer addresses physical or logical? Network layer addresses are logical addresses specific to the network layer protocol being run on the network. Each network layer protocol has a different addressing scheme. They are usually hierarchical and define networks first and then host or devices on that network. An example of a network address is an IP address, which is a 32-bit address often expressed in decimal format. 192.168.0.1 is an example of an IP address in decimal format.

How do routers function at the network layer of the OSI model? Routers learn, record, and maintain awareness of different networks. They decide the best path to these networks and maintain this information in a routing table. The routing table includes the following: Network addresses, which are protocol-specific. If you are running more than one protocol, you have a network address for each protocol. The interface the router uses to route a packet to a different network. A metric, which is the distance to a remote network or the weight of the bandwidth, load, delay, and reliability of the path to the remote network. Routers create broadcast domains. One interface on a router creates a single broadcast domain and collision domain. However, an interface on a switch creates only a single collision domain.

In addition to learning the remote network and providing a path to the network, what other functions do routers carry out? Routers perform these tasks: Routers, by default, do not forward broadcasts or multicasts. Routers can perform bridging and routing functions. If a router has multiple paths to a destination, it can determine the best path to the destination. Routers forward traffic based on Layer 3 destination addresses.

Routers can connect Virtual LANs (VLANs). Routers can provide quality of service for specified types of network traffic.

What is the responsibility of the data link layer (Layer 2)? The data link layer provides functional and procedural means for connectionless mode among network entities, and for connection mode entities it provides the establishment, maintenance, and release of data link connections among network entities and for the transfer of data link service data units. The data link layer translates messages from the network layer into bits for the physical layer, and it enables the network layer to control the interconnection of data circuits within the physical layer. Its specifications define different network and protocol characteristics, including physical addressing, error notification, network topology, and sequencing of frames. Data link protocols provide the delivery across individual links and are concerned with the different media types, such as 802.2 and 802.3. The data link layer is responsible for putting 1s and 0s into a logical group. These 1s and 0s are then put on the physical wire. Some examples of data link layer implementations are IEEE 802.2/802.3, IEEE 802.5/802.2, packet trailer (for Ethernet, the FCS or CRC), FFDI, HDLC, and Frame Relay.

The IEEE defines what two sublayers of the data link layer? The two sublayers of the data link layer are The Logical Link Control (LLC) sublayer The Media Access Control (MAC) sublayer These two sublayers provide physical media independence.

For what is the LLC sublayer responsible? The Logical Link Control (802.2) sublayer is responsible for identifying different network layer protocols and then encapsulating them to be transferred across the network. An LLC header tells the data link layer what to do with a packet after it is received.

What functions does the Media Access Control (MAC) sublayer provide? The MAC sublayer specifies how data is placed and transported over the physical wire. The LLC layer

communicates with the network layer, but the MAC layer communicates downward directly to the physical layer. Physical addressing (MAC addresses), network topologies, error notification, and delivery of frames are defined at this sublayer.

What are some network devices that operate at the data link layer? Bridges and switches are network devices that operate at the data link layer. Both devices filter traffic by MAC addresses.

What is the function of the OSI model's physical layer (Layer 1)? Give some examples of physical layer implementations. The physical layer defines the physical medium. It defines the media type, the connector type, and the signaling type (baseband versus broadband). This includes voltage levels, physical data rates, and maximum cable lengths. The physical layer is responsible for converting frames into electronic bits of data, which are then sent or received across the physical medium. Twisted pair, coaxial cable, and fiberoptic cable operate at this level. Other implementations at this layer are repeaters/hubs, RJ-45.

The Ethernet and IEEE 802.3 standards define what three physical wiring standards that operate at 10 Mbps? These physical wiring standards operate at 10 Mbps: 10Base2 10Base5 10BaseT

What are collision domains? In Ethernet segments, devices connect to the same physical medium. Because of this, all devices receive all signals sent across the wire. If two devices send a packet at the same time, a collision occurs. In the event of a collision, the two devices run a backoff algorithm and resend the packet. The devices retransmit up to 15 times. The first station to detect a collision issues a jam signal. When a jam signal is sent from a workstation, it affects all of the machines on the segment, not just the two that collided; when the jam signal is on the wire, no workstations can transmit data. The more collisions that occur in a

network, the slower it will be, because the devices will have to resend the packet. A collision domain defines a group of devices connected to the same physical medium.

What are broadcast domains? A broadcast domain defines a group of devices that receive each others' broadcast messages. As with collisions, the more broadcasts that occur on the network, the slower your network will be. This is because every device that receives a broadcast must process it to see if the broadcast is intended for it.

What devices are used to break up collision and broadcast domains? Switches and bridges are used to break up collision domains. They create more collision domains and fewer collisions. Routers are used to break up broadcast domains. They create more broadcast domains and smaller broadcast areas.

How do the different layers of the OSI model communicate with each other? Each layer of the OSI model can communicate only with the layer above it, below it, and parallel to it (a peer layer). For example, the presentation layer can communicate with only the application layer, session layer, and presentation layer on the machine it is communicating with. These layers communicate with each other using protocol data units (PDUs). These PDUs control information that is added to the user data at each layer of the model. This information resides in fields called headers (the front of the data field) and trailers (the end of the data field). What is data encapsulation? A PDU can include different information as it goes up or down the OSI model. It is given a different name according to the information it is carrying (the layer it is at). When the transport layer receives upper layer data, it adds a TCP header to the data; this is called a segment. The segment is then passed to the network layer, and an IP header is added; thus, the data becomes a packet. The packet is passed to the data link layer, thus becoming a frame. This frame is then converted into bits and is passed across the network medium. This is data encapsulation. For the CCNA test, you should know the following: Application layer -- Data Transport layer -- Segment Network layer -- Packet

Data link layer -- Frame There is also the Physical Layer -- Bits

What is the difference between a routing protocol and a routed protocol? Routing protocols determine how to route traffic to the best location of a routed protocol. Examples of routing protocols are RIP, EIGRP, OSFP, and BGP. Examples of routed protocols are IP and IPX.

What 3 devices are used to segment a LAN? Router Switch Bridge

Quick Notes - CABLING TECHNOLOGY What is a straight-through cable, and when would you use it? A straight-through cable is the same at both ends. A straight-through cable uses pins 1, 2, 3, and 6. The send and receive wires are not crossed. You should use a straight-through cable when connecting dissimilar devices. Examples include connecting PCs to switches or hubs or a router to a switch or a hub.

What is a crossover cable, and when would you use it? A crossover cable is a cable that has the send and receive wires crossed at one of the ends. On a Category 5 cable, the 1 and 3 wires and the 2 and 6 wires are switched on one of the cable's ends. You should use a crossover cable when connecting similar devices, such as connecting a router to a router, a switch to a switch or hub, a hub to a hub, or a PC to a PC. Important tip -- Router (think of it as a PC) to PC via 10BaseT (NIC) uses a "crossover cable". (contradicts the rule)

How do you set up a console session to a Cisco device? To set up a console session to a Cisco device, you connect a rollover cable to the console port on the Cisco device. You then connect the other end to your PC and configure a terminal emulation application to the following com settings: 9600 bps, 8 data bits, no parity, 1 stop bit, and no flow control.

What is the maximum cable length for each of the following? 10Base2 10Base510 BaseT 10BaseFL 100BaseT The maximum cable lengths are as follows: 10Base2 (thinnet) 185 meters 10Base5 (thicknet) 500 meters 10BaseT 100 meters 10BaseFL 2000 meters (400 meters in a shared environment and 2000 meters in a point-to-point environment) 100BaseT 100 meters

What does Base stand for in 10BaseT and 100BaseT? Base in 10BaseT and 100BaseT stands for baseband. Baseband is a network technology in which only one carrier frequency (signal) is used.

What is the difference between baseband and broadband? Baseband is a network technology in which only one carrier frequency is used (such as Ethernet). Broadband is a network technology in which several independent channels are multiplexed into one cable (for example, a T1 line).

Quick Notes - ACCESS LISTS Besides named access lists, what are the two types of IP access lists? The two types of IP access lists are standard and extended.

What criteria do standard IP access lists use to filter packets? Standard IP access lists filter packets by the source address. This results in the packet's being permitted or denied for the entire protocol suite based on the source network IP address.

What criteria do extended IP access lists use to filter packets? Extended IP access lists filter packets by source address, destination address, protocols, and port numbers.

In what two ways can IP access lists be applied to an interface? Access lists can be applied as inbound or outbound access lists. Inbound access lists process packets as they enter a router's interface and before they are routed. Outbound access lists process packets as they exit a router's interface and after they are routed.

How many access lists can be applied to an interface on a Cisco router? Only one access list per protocol, per direction, per interface can be applied on a Cisco router. Multiple access lists are permitted per interface, but they must be for a different protocol.

How are access lists processed? Access lists are processed in sequential, logical order, evaluating packets from the top down, one statement at a time. As soon as a match is made, the permit or deny option is applied, and the packet is not applied to any more access list statements. Because of this, the order of the statements within any access list is significant.

What is at the end of each access list? At the end of each access list, an implicit deny statement denies any packet not filtered in the access list.

What are the number ranges used to define standard and extended IP access lists? The number ranges used to define standard and extended IP access lists are as follows: Standard IP access lists 1 to 99 and 1300 to 1999 Extended IP access lists 100 to 199 and 2000 to 2699

When implementing access lists, what are wildcard masks? Wildcard masks define the subset of the 32 bits in the IP address that must be matched. Wildcards are used with access lists to specify a host, network, or part of a network. Wildcard masks work exactly the opposite of subnet masks. In subnet masks, 1 bits are matched to the network portion of the address, and 0s are wildcards that specify the host range. In wildcard masks, when 0s are present, the octet address must match. Mask bits with a binary value of 1 are wildcards. For example, if you have an IP address 172.16.0.0 with a wildcard mask of 0.0.255.255, the first two portions of the IP address must match 172.16,

but the last two octets can be in the range 1 to 255.

What is the IOS command syntax used to create a standard IP access list? Here is the command syntax to create a standard IP access list: access-list access-list-number {permit deny} source-address [wildcard mask]access-list-number is a number from 1 to 99. For example: RouterA(config)#access-list 10 deny 192.168.0.0 0.0.0.255

After you create a standard or extended IP access list, how do you apply it to an interface on a Cisco router? To apply an access list to an interface on a Cisco router, use the ip access-group interface command: ip access-group access-list-number {in out}For example:RouterA(config)#int s0RouterA(config-if)#ip accessgroup 10 in Create a standard access list that permits the following networks: 192.168.200.0192.168.216.0192.168.232.0192.168.248.0 There are two ways to do this. First, you can create one access list that contains an entry for each network: access-list 10 permit 192.168.200.0 0.0.0.255access-list 10 permit 192.168.216.0 0.0.0.255access-list 10 permit 192.168.232.0 0.0.0.255access-list 10 permit 192.168.248.0 0.0.0.255 A second way to do this is to create a single entry with wildcard masks: access-list 10 permit 192.168.200.0 0.0.48.255 To see how this one statement denies all the networks, you must look at it in binary: .200= 11001000.216= 11011000.232= 11101000.248= 11111000 All the bits match except the third and fourth bits. With wildcard masks, these are the bits you want to match. Therefore, your wildcard mask would be 00110000 in binary, which is 48.

What is the Cisco IOS command syntax used to create an extended access list? Here is the Cisco IOS command syntax to create an extended access list: access-list access-list-number {permit deny} protocol source-address source-wildcard [operator port] destination-address destinationwildcard [operator port] protocol examples include IP, TCP, UDP, ICMP, GRE, and IGRP. operator port can be lt (less than), gt (greater than), eq (equal to), or neg (not equal to) and a protocol port number. Create an extended access list denying web traffic to network 192.168.10.0.

The following commands deny web traffic to network 192.168.10.0: access-list 101 deny tcp any 192.168.10.0 0.0.0.255 eq wwwaccess-list 101 permit ip any any

What IOS command can you use to see whether an IP access list is applied to an interface? The IOS command to see whether an IP access list is applied to an interface is show ip interface interface-type interface-number For example: RouterA#show ip interface s0 Serial0 is up, line protocol is up Internet address is 192.168.1.2/24 Broadcast address is 255.255.255.255 Address determined by non-volatile memory MTU is 1500 bytes Helper address is not set Directed broadcast forwarding is enabled Multicast reserved groups joined: 224.0.0.9 Outgoing access list is not set Inbound access list is 10 Proxy ARP is enabled Security level is default Split horizon is enabled ICMP redirects are always sent ICMP unreachables are always sent ICMP mask replies are never sent IP fast switching is enabled IP fast switching on the same interface is enabled IP Feature Fast switching turbo vector IP multicast fast switching is disabled IP multicast distributed fast switching is disabled IP routecache flags are Fast Router Discovery is disabled IP output packet accounting is disabled IP access violation accounting is disabled TCP/IP header compression is disabled RTP/IP header compression is disabled Probe proxy name replies are disabled Policy routing is disabled Network address translation is disabled Web Cache Redirect is disabled BGP Policy Mapping is disabled

How can you display all access lists on a Cisco router? To display all access lists on a Cisco router, use the show access-list command: RouterA#show accesslistStandard IP access list 10 deny 192.168.0.0, wildcard bits 0.0.0.255Extended IP access list 101 permit tcp any any eq www permit udp any any eq domain permit udp any eq domain any permit icmp any any deny tcp 192.168.10.0 0.0.0.255 any eq wwwRouterA#

How do you figure out wildcard questions? Identify the class192.68.12.0 - Class C24 bits for networks/29 tells us that we need an additional 5 bits29 24 = 5 bits5 bits = 128 + 64 + 32 + 16 + 8 = 248Default subnet mask for Class C network = 255.255.255.0New subnet mask for /29 network = 255.255.255.248To find the wildcard value:255.255.255.255 255.255.255.248 - ---------------

0.0.0.7Same logic for Class B172.31.0.0 /1916 bits for networks/19 tells us we need an additional 3 bits19 16 = 3 bits3 bits = 128 + 64 + 32 = 224Default subnet mask for Class B network = 255.255.0.0New subnet mask for /19 network = 255.255.224.0To find the wildcard value:255.255.255.255255.255.224.0 ---------------0.0.31.255

Quick Notes - FRAME RELAY What protocol does Frame Relay rely on for error checking? Frame Relay does not rely on any certain protocol for error checking. Instead, it relies on upper-layer protocols to provide error checking. For example, Frame Relay relies on TCP to provide error checking in an IP network.

At what layers of the OSI model does Frame Relay operate? Frame Relay operates at the two lower layers of the OSI model (data link and physical).

What is the difference between switched virtual circuits (SVCs) and permanent virtual circuits (PVCs)? SVCs are virtual circuits that are dynamically established when data needs to be transferred and that are terminated when data transmission is complete. SVCs consist of four states: call setup, data transfer, idle, and call termination. PVCs are permanently established virtual circuits that operate in one of two states: idle or data transfer. When the PVC is idle, the connection between the DTE devices is still active.

What is a Data Link Connection Identifier (DLCI)? A DLCI is a number that identifies the logical circuit between the router and the Frame Relay switch. It is the Frame Relay Layer 2 address. The Frame Relay switch maps DLCIs between each pair of routers to create a PVC. For IP devices at the end of each virtual circuit to communicate, their IP addresses need to be mapped to DLCIs. If you are running Cisco IOS 11.2 or later, mapping is done automatically using Inverse ARP. DLCIs have local significance. Think of DLCIs as the MAC address of the Frame Relay network.

What is the committed information rate (CIR)?

The CIR is the committed information rate, by the service provider, in bits per second, at which data will be transferred. The service provider sends any data in excess of this rate if its network has capacity at that time.

How does Frame Relay use Inverse ARP? Frame Relay uses Inverse ARP as a way to dynamically map a network layer address to a DLCI. With Inverse ARP, the router can discover the network address of a device associated with a VC.

What is the Local Management Interface (LMI)? The LMI is a signaling standard between a CPE device (a router) and the Frame Relay switch that is responsible for managing and maintaining status between the devices. It is autosensed with Cisco IOS Release 11.2 and later.

In Frame Relay, what is Forward Explicit Congestion Notification (FECN)? The FECN is the bit in the Frame Relay header that signals to anyone receiving the frame (switches and DTEs) that congestion is occurring in the same direction as the frame. Switches and DTEs can react by slowing the rate at which data is sent in that direction.

What is Backward Explicit Congestion Notification (BECN)? The BECN is the bit in the Frame Relay header that signals to switches and DTEs receiving the frame that congestion is occurring in the direction opposite (backward) that of the frame. If switches and DTE devices detect that the BECN bit in the Frame Relay header is set to 1, they slow the rate at which data is sent in that direction.

In the Frame Relay header, what is the discard eligibility (DE) bit? If congestion is detected on the Frame Relay network, the DE bit is turned on in the Frame Relay header. The DE bit is turned on for frames that are in excess of the CIR. The DE bit tells a switch which frames to discard if they must be discarded.

What is the default LMI type for Cisco routers that are configured for Frame Relay? The default LMI for Cisco routers configured for Frame Relay is Cisco. If you are running Cisco IOS Release 11.2 or later, the Cisco router tries to autosense which LMI type the Frame Relay switch is using. If it cannot autosense the LMI type, the router uses Cisco as its LMI type. The three types of LMIs supported by Cisco routers are: Cisco ANSI Q933a

When a router receives LMI information, it updates its VC status to one of three states. What are these three states? The three states that a VC uses to update its status are as follows: Active state The connection is active, and routers can exchange data. Inactive state The local connection to the Frame Relay switch is working, but the remote router's connection to the Frame Relay switch is not working. Deleted state Indicates that no LMIs are being received from the Frame Relay switch or that there is no service between the router and the Frame Relay switch.

How do you enable Frame Relay on a Cisco router? To enable Frame Relay on a Cisco router, you must first enable the serial interface for Frame Relay encapsulation with the encapsulation frame-relay interface command:

RouterB(config)#int s 0

RouterB(config-if)#ip address 192.168.1.1 255.255.255.0

RouterB(config-if)#encapsulation frame-relay

The default encapsulation for a serial interface configured for Frame Relay is cisco. If you are connecting to a nonCisco router, how do you change the encapsulation type? If you are connecting to a non-Cisco router in a Frame Relay network, you need to specify ietf as the

encapsulation type:

RouterB(config-if)#ip address 192.168.1.1 255.255.255.0

RouterB(config-if)#encapsulation frame-relay ietf

If you are using Cisco IOS Release 11.1 or earlier, or if you do not want to autosense the LMI type, how do you define the LMI type on a Cisco router? To define the LMI type on a Cisco router, use the frame-relay lmi-type {ansi cisco q933a} interface command:

RouterB(config-if)#ip address 192.168.1.1 255.255.255.0

RouterB(config-if)#encapsulation frame-relay

RouterB(config-if)#frame-relay lmi-type ansi

If Inverse ARP is disabled on your router, how do you reenable it? Inverse ARP is enabled by default on a Cisco router. If it is disabled, reenable it by using the following command:

RouterB(config-if)#frame-relay inverse-arp [protocol] [dlci] Supported protocols indicated by the protocol option include ip, ipx, decnet, appletalk, vines, and xns.

If a remote router does not support Inverse ARP, you must define the address-to-DLCI table statically. How do you create these static maps? To define static maps on a Cisco router, use the following command:

RouterA(config-if)#frame-relay map protocol protocol-address dlci [broadcast] [ietf cisco] [payloadcompress packet-by-packet]

where: protocol defines the supported protocol bridging or LLC.

protocol-address is the remote router's network layer address.

dlci defines the remote router's local DLCI.

broadcast specifies whether you want to forward broadcasts over the VC, permitting dynamic routing protocols over the VC. ietf cisco is the encapsulation type.

How do you display the encapsulation type, DLCI, LMI type, and whether the device is a DTE or DCE on a serial interface? To display the interface's encapsulation type, DLCI number, LMI type, and whether the device is a DTE or DCE, use the show interface interface-type interface-number command: RouterA#show int s0

Serial0 is up, line protocol is up Hardware is HD64570 Internet address is 192.168.1.2/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation FRAME-RELAY, loopback not set, keepalive set (10 sec) LMI enq sent 3, LMI stat recvd 0, LMI upd recvd 0, DTE LMI up LMI enq recvd 5, LMI stat sent 0, LMI upd sent 0 LMI DLCI 1023 LMI type is CISCO frame relay DTE Broadcast queue 0/64, broadcasts sent/dropped 0/0, interface broadcasts 0 Last input 00:00:05, output 00:00:07, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: weighted fair

What Cisco IOS command displays the LMI traffic statistics and LMI type? The show frame-relay lmi command displays the LMI traffic statistics and LMI type: RouterA#show frame-relay lmi

LMI Statistics for interface Serial0 (Frame Relay DTE)

LMI TYPE = CISCO Invalid Unnumbered info 0

Invalid Prot Disc 0 Invalid dummy Call Ref 0

Invalid Msg Type 0 Invalid Status Message 0

Invalid Lock Shift 0 Invalid Information ID 0

Invalid Report IE Len 0 Invalid Report Request 0

Invalid Keep IE Len 0 Num Status Enq. Rcvd 1748

Num Status msgs Sent 1748 Num Update Status Sent 0

Num St Enq. Timeouts 0

routera#

How do you display the current Frame Relay map entries and information about these connections on a Cisco router? To view the current map entries and information about the connections, use the show frame-relay map command:

RouterA#show frame-relay map

Serial0 (up): ip 192.168.1.2 dlci 100(0x64,0x1840), dynamic,

Broadcast, status defined, active

How do you clear dynamic Frame Relay maps that were created by Inverse ARP?

Use the clear frame-relay-inarp privileged EXEC command to clear dynamic Frame Relay maps created by Inverse ARP.

Quick Notes - ROUTING How do OSPF-enabled routers build adjacencies and exchange their routing tables? OSPF-enabled routers build adjacencies by sending Hello packets out through all OSPF-enabled interfaces.

If these routers share a command link and agree on parameters set within their Hello packets then they become neighbors. If these parameters differ then the routers do not become neighbors and communication stops.

OSPF routers form adjacencies with certain routers. These routers are determined by the layer 2 (data link) media type and as soon as the adjacencies are formed each router sends LSAs (Link State Advertisements) to all adjacent routers. The LSAs describe the state of each router's links. There are multiple LSA types and a route that receives an LSA from a neighbor records the LSA in a link-state database and floods a copy of the LSA to all its other neighbors.

When all databases are complete - then each router uses the SPF (Shortest-Path First) algorithm to calculate a loop-free topology and builds its routing table based on this topology. It is important to note that the Hello protocol is bidrectional and is the means by which neighbors are discovered and acts as keepalives between neighboring routers. It also establishes and maintain neighbor relationships and elects the DR (Designated Router) and BDR (Backup Designated Router) to represent the segment on Broadcast and NBMA (nobroadcast multiaccess) networks.

Note: Hello protocols are sent periodically sent out each OSPF-enabled interface using IP multicast address 224.0.0.5. The default interval on NBMA (nonbroadcast multiaccess) networks is 30 seconds. The default interval on Broadcast, Point-to-point, and point-to-multipoint networks is 10 seconds.

What are LSAs (link-state advertisements)?

LSAs are sent out all OSPF-enabled router interfaces describing the state of the router's links. They are also packets that OSPF uses to advertise changes in the condition of a link or other OSPF routers.

Name two LSA (link-state advertisement) types? Type 1 LSAs are router LSAs and are generated by each router for the area to which the router belongs. These LSAs describe the states of the router'links to the area (area 0 for example) and are flooded within a single area (area 0 for example).

Type 2 LSAs are network LSAs and are generated by the DR (Designated Router) and the BDR (Backup Designated Router). They describe the routers attached to a particular network and are flooded within a single area (area 0 for example).

What is the routing metric OSPF is based on? Bandwith. Formula: Cost = 100,000,000 / bandwidth in bits per seconds The cost of a 100 MBbps connection would be: 1000,000,000 / 100,000,000 =1

Based on the schema above -- if adjacencies are established with only with the DR (Designated Router) and BDR (Backup Designated Router)- what is the circuit count? Formula: 2(n - 1) where n is the number of routers in the network.

2(5 - 1) = 8 circuits. A circuit can also be thought of as an adjacency or connection. Count four going into the DR and 4 going into the BDR for a total of 8.

Note: OSPF avoids synchronizing between every pair of routers in the network by using a DR and BDR. This way adjacencies are formed only to the DR and BDR, and the number of LSAs sent over the network is reduced. Now only the DR and BDR have four adjacencies, and all the other routers have two.

On an OSPF-enabled router -- what is the router ID and where does an OSPF-enabled router receive its router ID? To initialize - OSPF must be able to define a router ID. The most common and stable source for a router ID is the IP address set on the logical loopback interface that is always available. If no logical interface is defined -- then the router receives its ID from the highest IP address on the physical interfaces.

Note: If two loopback addresses are defined -- it will use the highest loopback address. Think highest logical or highest physical interface address.

Name five OSPF network types: Broadcast networks: Ethernet/Token Ring. OSPF-enabled routers on broadcast networks elect a DR (Designated Router) and BDR (Backup Designated Router). All the routers in the network form adjacencies with the DR and BDR. Note: OSPF packets are multicast to the DR and BDR.

NBMA (nonbroadcast multiaccess) networks: Frame Relay/X.25/ATM. NBMA networks can connect more than two routers but have no broadcast functionality. These networks elect an DR and BDR. Note: OSPF packets are unicast.

Point-to-point networks: A physical DS1 (T1) for example.

Point-to-point networks connect a pair of routers and always becomes adjacent.

Point-to-multipoint networks: Point-to-multipoint networks are a special configuration of NBMA networks in which networks are treated as a collection of point-to-point links. Point-to-multipoint networks do not elect a DR or BDR. Note: OSPF packets are multicast.

Virtual links: Virtual links area special configuration that the router interprets as unnumbered point-to-

point networks. The network administrator creates/defines virtual links.

What is routing? Routing is the process in which items are forwarded from one location to another. Routing is a hop-byhop paradigm. A Cisco router performs routing and switching functions. Describe what each function does. Routing is a way to learn and maintain awareness of the network topology. Each router maintains a routing table in which it looks up the destination Layer 3 address to get the packet one step closer to its destination.The switching function is the actual movement of temporary traffic through the router, from an inbound interface to an outbound interface.

What are the three types of routes you can use in a Cisco router? The three types of routes are static routes, dynamic routes, and default routes.

What is the difference between static and dynamic routes? Static routes are routes that an administrator manually enters into a router. Dynamic routes are routes that a router learns automatically through a routing protocol.

How do you configure a static route on a Cisco router? To configure a static route on a Cisco router, enter the ip route destination-network [mask] {next-hopaddress outbound-interface} [distance] [permanent] global command. Here's an example: RouterB(config)#ip route 172.17.0.0 255.255.0.0 172.16.0.1

This example instructs the router to route to 172.16.0.1 any packets that have a destination of 172.17.0.0 to 172.17.255.255

What is a default route? Also known as the gateway of last resort, a default route is a special type of static route with an all-zeros

network and network mask. The default route is used to route any packets to a network that a router does not directly know about to a next-hop router. By default, if a router receives a packet to a destination network that is not in its routing table, it drops the packet. When a default route is specified, the router does not drop the packet. Instead, it forwards the packet to the IP address specified in the default route.

How do you configure the default route on a Cisco router? To configure a default route on a Cisco router, enter the following global configuration command: ip route 0.0.0.0 0.0.0.0 [ip-address of the next-hop router outbound-interface] For example: RouterB(config)#ip route 0.0.0.0 0.0.0.0 172.16.0.2

What is a routing protocol? A routing protocol defines the set of rules used by a router when it communicates with neighboring routers. Routing protocols listens for packets from other participants in order to learn and maintain a routing table.

What are the two major types of routing protocols? The two major types of routing protocols are Interior Gateway Protocol (IGP)

Exterior Gateway Protocol (EGP)

IGP is used to exchange routing information among routers in the same autonomous system (AS). EGP is used to communicate between ASs.

Note: For more information about autonomous systems, see Interconnecting Cisco Network Device (Cisco Press).

What is administrative distance? Administrative distance (AD) is an integer from 0 to 255 that rates the trustworthiness of routing information received on a router from a neighboring router. The AD is used as the tiebreaker when a router has multiple paths from different routing protocols to the same destination. The path with the lower AD is the one given priority.

What are the three classes of routing protocols? The three classes of routing protocols are Distance vector Link-state Balanced hybrid

What is the AD for each of the following? Directly connected interface

Static route

EIGRP

IGRP

OSPF

RIP

External EIGRP

Unknown

The ADs are as follows: Directly connected interface 0

Static route 1 EIGRP 90 IGRP 100 OSPF 110 RIP 120 External EIGRP 170 Unknown 255

How do distance vector routing protocols function? Also known as Bellman-Ford-Fulkerson algorithms, distance vector routing protocols pass complete routing tables to neighboring routers. Neighboring routers then combine the received routing table with their own routing table. Each router receives a routing table from its directly connected neighbor. Distance vector routing tables include information about the total cost and the logical address of the first router on the path to each network they know about.

How do distance vector routing protocols keep track of any changes to the internetwork? Distance vector routing protocols keep track of an internetwork by periodically broadcasting updates out all active interfaces. This broadcast contains the entire routing table. This method is often called routing by rumor. Slow convergence of distance vector routing protocols can cause inconsistent routing tables and routing loops.

What are some mechanisms that distance vector protocols implement to prevent routing loops and inconsistent routing tables? Here are some of the ways distance vector routing protocols prevent routing loops and inconsistent routing tables: Maximum hop count Split horizon

Route poisoning Holddowns

What is maximum hop count? If a loop is in an internetwork, a packet loops around the internetwork forever. Maximum hop counts prevent routing loops by defining the maximum number of times a packet will loop around the internetwork. RIP uses a hop count of up to 15, so anything that requires 16 hops is unreachable. Anytime a packet passes through a router, it is considered one hop.

What is split horizon? The rule of split horizon is that it is never useful to send information about a route back in the direction from which the original update came.

What is convergence? Convergence is when all routers have consistent knowledge and correct routing tables.

What is route poisoning? With route poisoning, when a distance vector routing protocol notices that a route is no longer valid, the route is advertised with an infinite metric, signifying that the route is bad. In RIP, a metric of 16 is used to signify infinity. Route poisoning is used with holddowns.

What are hold-down timers? Hold-down timers prevent regular update messages from reinstating a route that might have gone bad. Hold-down timers also tell routers to hold for a period of time any changes that might affect routes.

What are triggered updates? When a router notices that a directly connected subnet has changed state, it immediately sends another routing update out its other interfaces rather than waiting for the routing update timer to expire. Triggered updates are also known as Flash updates.

What is IP RIP? IP RIP is a true distance vector routing protocol that sends its complete routing table out all active interfaces every 30 seconds. IP RIP uses a hop count as its metric to determine the best path to a remote network. The maximum allowable hop count is 15, meaning that 16 is unreachable. There are two versions of RIP. Version 1 is classful, and version 2 is classless. IP RIP can load-balance over as many as six equal-cost paths.

What four timers does IP RIP use to regulate its performance? Here are the four timers that IP RIP uses to regulate its performance: Route update timer Time between router updates. The default is 30 seconds. Route invalid timer Time that must expire before a route becomes invalid. The default is 180 seconds. Route hold-down timer If IP RIP receives an update with a hop count higher than the metric recorded in the routing table, the router goes into holddown for 180 seconds. Route flush timer Time from when a route becomes invalid to when it is removed from the routing table. The default is 240 seconds.

How do you enable RIP on a Cisco router? To enable RIP on a Cisco router, start by using the router global configuration command, followed by the rip protocol. This selects RIP as the routing protocol. Then you assign the network command, followed by the directly connected network number(s) you want to activate RIP on. Here's an example: RouterB(config)#router rip

RouterB(config-router)#network 192.168.1.0

RouterB(config-router)#network 192.168.2.0

How do you stop RIP updates from propagating out an interface on a router? Sometimes you do not want RIP updates to propagate across the WAN, wasting valuable bandwidth or giving out valuable information about your internetwork. The easiest way to stop RIP updates from

propagating out an interface is to use the passive-interface global configuration command.

How do you display the contents of a Cisco IP routing table? The show ip route command displays the Cisco routing table's contents.

What is Interior Gateway Routing Protocol (IGRP)? IGRP is a Cisco proprietary distance vector routing protocol. IGRP has a default hop count of 100 hops, with a maximum hop count of 255. IGRP uses bandwidth and line delay as its default metric, but it can also use reliability, load, and MTU.

How do you enable IGRP on a Cisco router? The way you enable IGRP on a Cisco router is similar to the way you enable RIP, except you specify IGRP as the protocol and add an autonomous system number. For example: RouterA(config)#router igrp 10 (10 is the AS number)

RouterA(config-router)#network 192.168.0.0

RouterA(config-router)#network 192.168.1.0

RouterA(config-router)#network 192.168.2.0

What four timers does IGRP use to regulate its performance? The four timers IGRP uses to regulate its performance are as follows:

Route update timer Time between router updates The default is 90 seconds.

Route invalid timer Time that must expire before a route becomes invalid . The default is 270 seconds.

Route hold-down timer If a destination becomes unreachable, or if the next-hop router increases the

metric recording in the routing table, the router goes into holddown for 280 seconds.

Route flush timer[md]Time from when a route becomes invalid to when it is removed from the routing table. The default is 630 seconds.

What are three types of LAN traffic? Unicasts - intended for one host. Broadcasts - intended for everyone. Multicasts - intended for a only a subset or group within an entire network.

What are unicast frames? Unicast frames are the most common type of network traffic. A unicast frame is a frame intended for only one host. The only station that processes this frame is one station that has its own MAC address in the destination portion of packet.

What are broadcast frames? Broadcast frames are frames intended for everyone. Stations view broadcast frames as public service announcements. All stations receive and process broadcast frames. In large networks, broadcasts can cause serious performance degradation in network hosts - (broadcast storm). The destination address of broadcast frames (Data Link / Layer 2 broadcast addresses is FF-FF-FF-FF-FFFF or alternatively all 1s in binary (11111111).

What are multicast frames? Multicast frames address a group of devices that have a common interest. These frames allow the source to send only one copy of the frame on the network even though it is intended for several stations. Only stations that have a card that is configured by software to receive multicast frames for a particular multicast group can process a frame to that multicast address - all other stations discard multicast frames. An example of a multicast frame is: 01:00:5E:01:01:01/ The "01" at the beginning of the address signifies that it is an Ethernet multicast frame.

What three major functions do Data Link Layer / Layer 2 Switches perform? Address learning Packet forwarding/filtering Loop avoidance by spanning tree

What will occur when you attempt to segment a network with hubs and repeaters? Basically, hubs and repeaters become extensions of the physical cable plant. All devices that connect to either a hub or a repeater share the same bandwidth and by definition hubs and repeaters create a single

broadcast and collision domain. Think of both devices are pass-through devices much like a electrical power-strip. Hubs and repeaters reside on the Physical Layer / Layer 1 of the OSI model where they pass 0s and 1s along the wire or up to the Data Link Layer. CSUs / Channel Service Units fall into the same category. All are regarded as unintelligent devices. No addressing takes place on the Physical layer.

What is the advantage of segmenting a network with bridges or switches? Bridges and switches function on the Data Link Layer / Layer 2 of the OSI model and filter by MAC address. Each port on either device provides full, dedicated bandwidth and creates a single collision domain. Very important: Because bridges and switches operate a Layer 2 -- they cannot filter broadcasts, and they create a single broadcast domain. (Note: each nailed-up port on a switch is a single Collision Domain - there will be a schematic on the exam to test your knowledge on broadcast and collision domains.) Also, bridges are implemented by software and normally have a couple of network ports; whereas switches are implemented in hardware by ASIC chips and have many ports. Think Data Link Layer / Layer 2 of the OSI model - physical addresses / MAC addresses List some advantages Layer 2 switches have over bridges: High-speed backplane - multiple simultaneous conversations. Data-buffering capabilities are used to store-and-forward packets to the correct port(s). Lower latency than bridges. Remember that switches are implemented in hardware not software. Much faster. Higher port count or density.

What are the pros can cons of segmenting a LAN with routers?

Pros: Each interface on a router creates a single broadcast and collision domain. Routers function or operate on the Network Layer / Layer 3 of the OSI model and do not propagate broadcasts*. (* very important concept)

Cons: Routers are not transparent and are implemented in software thereby introducing latency in the network.

Remember: Routers = Network Layer / Layer 3 on the OSI model - Logical addressing (IP address).

Functions: Two key functions: routing and switching. The routing component is responsibile for learning and maintaining awareness of the network topology. The switching function is the process of moving packets from an inbound interface (Ethernet 0 for example) to an outbound interface (Serial 0 for example). Path selection is a key term.

What three devices are used to segment a LAN? Router - logical addressing - IP address Switch - physical addressing - MAC address Bridge - physical addressing - MAC addres

What is microsegmentation? Each workstation or network device on the network has its own dedicated segment - also known as a Collision Domain - to a switch. Each device gets the segments full bandwidth and does not have to share the dedicated segment with other devices. Collisions are reduced because each segment is its own Collision Domain.

Important: Full-duplex transmission is achieved by microsegmentation. Each device can send and receive at the same time which doubles the amount of bandwidth between nodes.

What are the three switching methods in Cisco Catalyst switches? The three frame operating modes to handle frame switching are Store-and-forward Cut-through Fragment-free

What is the Cisco Catalyst store-and-forward switching method? In the store-and-forward switching method, the switch receives the entire frame before it forwards it. The switch reads the cyclic redundancy check (CRC) to make sure the frame is not bad. If the frame is good, the switch forwards it. Because the switch stores the frame before forwarding it, latency is introduced in the switch. Latency through the switch varies with the size of the frame.

What is the Cisco Catalyst cut-through switching method? In cut-through switching mode, the switch only checks the frame's destination address and immediately begins forwarding the frame out the appropriate port. Because the switch checks the destination address in only the header and not the entire frame, the switch forwards a collision frame or a frame that has a bad CRC.

What is the Cisco Catalyst fragment-free switching method? Also known as modified cut-through, fragment-free switching checks the first 64 bytes before forwarding the frame. Ethernet specifications state that collisions should be detected during the first 64 bytes of the frame. By reading the first 64 bytes of the frame, the switch can filter most collisions, although late collisions are still possible.

What is the default switching mode in Cisco Catalyst 1900 switches? The default switching mode for the Catalyst 1900 is fragment-free.

What is half-duplex transmission mode? Half-duplex transmission is the default mode that Ethernet functions in. In half-duplex transmission, a device can only send or receive--not do both at once. In half-duplex mode, stations are susceptible to collisions, and efficiency is rated at 50 to 60 percent.

What is full-duplex transmission mode? In full-duplex mode, a station can send and receive at the same time. In full-duplex mode, collision detection is disabled. This mode offers 100 percent efficiency in both directions. On a Cisco Catalyst 1900 switch, what are the default duplex settings for 10BaseT/100BaseT ports, default switching mode, and default protocols? The factory default settings for a Catalyst 1900 switch are as follows: IP address: 0.0.0.0 CDP enabled Switching mode: fragment-free 10BaseT ports: half-duplex 100BaseT ports: autonegotiate Spanning tree enabled No console password

What are the two configuration modes in a Catalyst 1900 switch? Configuring a Catalyst 1900 switch is similar to configuring a router. The two configuration modes available are global configuration mode and interface configuration mode.

How do you configure an IP address and subnet mask on a Catalyst 1900 switch? To configure an IP address and subnet mask on a Catalyst 1900 switch, use the ip address address mask global configuration command: Cat1900(config)#ip address 192.168.0.2 255.255.255.0

Why would you want to assign an IP address to a Layer 2 device, such as a switch? You would assign an IP address to a Layer 2 device for management and configuration. With an IP address enabled on a Cisco switch, you can Telnet into it and change the configuration. You can also enable SNMP on the device and remotely monitor the switch.

How do you configure a default gateway on a Cisco Catalyst 1900 switch? To configure a default gateway on a Catalyst 1900 switch, use the ip default-gateway ip address global configuration command. The following example configures the switch to use IP address 192.168.0.1 as its default gateway:

Cat1900(config)#ip default-gateway 192.168.0.1 To remove the default gateway, use the no ip default-gateway command.

On a Catalyst 1900 switch, what command can you use to view the switch's IP address, subnet mask, and default gateway? The show ip command displays the switch's IP address, subnet mask, and default gateway. Here's an example: Cat1900#show ipIP Address: 192.168.0.2 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.0.1 Management VLAN: 1 Domain name: Name server 1: 0.0.0.0 Name server 2: 0.0.0.0 HTTP server : Enabled HTTP port : 80 RIP : Enabled Cat1900#

How do you change the duplex mode on a Catalyst 1900 switch? To change the duplex mode on a Catalyst 1900 switch, use this command: duplex {auto full full-flow-control half} The following example changes the duplex speed for Ethernet interface 1 on the switch to full duplex: Cat1900(config)#interface e0/1 Cat1900(config-if)#duplex full

How do you change the duplex mode on a Catalyst 1900 switch? To change the duplex mode on a Catalyst 1900 switch, use this command: duplex {auto full full-flow-control half}

The following example changes the duplex speed for Ethernet interface 1 on the switch to full duplex: Cat1900(config)#interface e0/1 Cat1900(config-if)#duplex full

What command can you use to view the duplex settings and spanning tree state of a Catalyst switch? You use the show interface type module/port EXEC command to view the duplex settings and spanning tree state. This example shows the output for the show interface command on Ethernet interface 0/1: Cat1900#show interface e0/1 Ethernet 0/1 is Suspended-no-link beatHardware is Built-in 10Base-TAddress is 0010.F621.F681MTU 1500 bytes, BW 10000 Kbits802.1d STP State: Forwarding Forward Transitions: 1 Port monitoring: Disabled Unknown unicast flooding: Enabled Unregistered multicast flooding: Enabled Description:Duplex setting: Full duplex Back pressure: Disabled

What command can you use to check for frame check sequence (FCS) or late collision errors? The show interface type module/port EXEC command displays FCS or late collision errors. Cat1900#show interface e0/1 Receive Statistics Transmit Statistics ------------------------------------- ------------------------------------Total good frames 0 Total frames 0Total octets 0 Total octets 0 Broadcast/multicast frames 0 Broadcast/multicast frames 0Broadcast/multicast octets 0 Broadcast/multicast octets 0Good frames forwarded 0 Deferrals 0Frames filtered 0 Single collisions 0 Runt frames 0 Multiple collisions 0No buffer discards 0 Excessive collisions 0 Queue full discards 0Errors:

Errors: FCS errors 0 Late collisions 0 Alignment errors 0 Excessive deferrals 0 Giant frames 0 Jabber errors 0 Address violations 0 Other transmit errors 0

How do you display the MAC address table on a Catalyst 1900 switch? The show mac-address-table EXEC command displays the MAC address table and also tells you whether the MAC address entry is dynamic, permanent, or static. Here's an example: Cat1900#show mac-addresstable Address Dest Interface Type Source Interface List ---------------------------------------------------------------------0080.C6E7.9CEF Ethernet 0/21 Dynamic All0030.80EF.988C Ethernet 0/22 Dynamic All 0040.05A2.5E92 Ethernet 0/11 Dynamic All

What are dynamic addresses on a Catalyst switch? Dynamic addresses are addresses that the switch learns about dynamically through the learning process. If the switch does not see a MAC address for a certain amount of time, it drops the MAC address.

What are permanent MAC addresses on a Catalyst switch? Permanent MAC addresses are entered manually by the administrator and are not aged out.

On a Catalyst 1900 switch, how do you make a MAC address permanent? To make a MAC address permanent, use the mac-address-table permanent mac-address type module/port global command. The following example makes MAC address 0080.C6E7.9CEF permanent in the CAM table for port 0/21: Cat1900(config)#mac-address-table permanent 0080.C6E7.9CEF Ethernet 0/21

What is the maximum number of MAC addresses a Catalyst 1900 can store in its MAC address table? The maximum number of MAC addresses a Catalyst 1900 can store in its MAC address table is 1024.

What are static MAC addresses in a Catalyst 1900 switch? On a Catalyst 1900 switch, static addresses allow you to restrict a MAC address to a specific port.

How do you restrict a MAC address to a specific port on a Catalyst 1900 switch? To restrict a MAC address to a specific port, use the mac-address-table restricted static mac-address type

module/port src-if-list global command: Cat1900(config)#mac-address-table restricted static aaaa.aaaa.aaaa e0/1 This restricts MAC address aaaa.aaaa.aaaa to Ethernet port 0/1.

What EXEC command can you use to show the port security configurations on a Catalyst 1900 switch? The show mac-address-table security command displays the port security configurations: Cat1900#show mac-address-table security Action upon address violation : Suspend Interface Addressing Security Address Table Size Clear Address ------------------------------------------------------------------------------Ethernet 0/1 Disabled N/A NoEthernet 0/2 Disabled N/A NoEthernet 0/3 Enabled 100 NoEthernet 0/4 Disabled N/A NoEthernet 0/5 Disabled N/A NoEthernet 0/6 Disabled N/A NoEthernet 0/7 Disabled N/A NoEthernet 0/8 Disabled N/A NoEthernet 0/9 Disabled N/A No

What Catalyst command can you use to display information about the IOS software version and hardware information about the switch? The show version EXEC command displays the IOS software version and hardware information about the switch. The following example shows the output of the show version command on a Catalyst switch: Cat1900#show version Cisco Catalyst 1900/2820 Enterprise Edition SoftwareVersion V9.00.04 written from 192.168.000.001Copyright (c) Cisco Systems, Inc. 1993-1999Cat1900 uptime is 0day(s) 01hour(s) 34minute(s) 47second(s)cisco Catalyst 1900 (486sxl) processor with 2048K/1024K bytes of memoryHardware board revision is 1Upgrade Status: No upgrade currently in progress.Config File Status: No configuration upload/download is in progress27 Fixed Ethernet/IEEE 802.3 interface(s)Base Ethernet Address: 00-10-F6-21-F6-80 show version will show up on the exam for sure - router or switch.

What Catalyst command do you use to back up the running configuration to a TFTP server? Use the copy nvram tftp://host/dst_file command to back up the running configuration to a TFTP server: Cat1900#copy nvram tftp://192.168.0.3/cat1900.cfg Configuration upload is successfully completed Cat1900#

How do you restore a configuration file from a TFTP server on a Catalyst 1900 switch? To restore a configuration file from a TFTP server, use the copy tftp://host/src_file nvram command: Cat1900#copy tftp://192.168.0.3/cat1900.cfg nvram TFTP successfully downloaded configuration file Cat1900#

What Catalyst 1900 command would you use to restore the switch to its factory settings? To restore a 1900 series switch to its factory settings, use the delete nvram command. Note: For some reason I think this one was on my exam.

Quick Notes - Network Management What is the Cisco Discovery Protocol (CDP)? CDP is a Cisco proprietary protocol that runs on all Cisco IOS-enabled devices. It is used to gather information about directly connected neighboring devices. CDP operates at Layer 2 of the OSI model and is media-independent. With CDP, you can tell the hardware type, device identifier, address list, software version, and active interfaces on neighboring Cisco devices. CDP is enabled by default on all Cisco equipment. It uses a nonroutable SNAP frame to communicate between devices.

Note: Because CDP is media-independent it can operate over most media types. The only media types CDP cannot operate over are X.25, because it doesn't support SNAP encapsulation, and Frame Relay point-to-multipoint interfaces.

What are three reasons to disable CDP? Three reasons to disable CDP are as follows: . To save network bandwidth by not exchanging CDP frames. . If you are connecting to non-Cisco devices. . Security. CDP broadcasts information about the device every 60 seconds. Sniffers and other devices can view these broadcasts to discover information about your network.

How do you disable CDP on Cisco routers? Two commands disable CDP on a Cisco router. To disable CDP on the entire device, use the no cdp run global command:

RouterB(config)#no cdp run To disable CDP on an interface only, use the no cdp enable interface command:

RouterB(config)#int e0

RouterB(config-if)#no cdp enable This disables CDP on Ethernet interface 0.

What does the show CDP command display? The show CDP command displays global CDP information about the device. It tells you when the device will send CDP packets and the CDP holdtime:

RouterB#show cdp

Global CDP information:

Sending CDP packets every 60 seconds

Sending a holdtime value of 180 seconds

Note: For the CCNA test, remember that the default time a device will send out CDP information is 60 seconds and the default holdtime is 180 seconds.

On a Cisco router, what does the show cdp neighbors command display?

The show cdp neighbors command displays the following:

Device ID (name of the device)

The local interface (local outgoing port)

The holdtime displayed in seconds

The device's capability code (this tells you if the device is a router, switch, or repeater)

Hardware platform of the neighboring device (what type of Cisco device it is and the model)

Port ID of the neighboring device (remote port)

RouterB#show cdp neighbors

Capability Codes:

R - Router, T - Trans Bridge, B - Source Route Bridge

S - Switch, H - Host, I - IGMP, r - Repeater

Device ID Local Intrfce Holdtme Capability Platform Port ID

RouterA Ser 0 146 R 2505 Ser 0

What does the show cdp neighbors detail command display? The show cdp neighbors detail and show cdp entry * commands show the same output. They both display the following:

Device ID (host name) of the remote neighbor

Layer 3 address of the remote device (if the device has more than one Layer 3 address on its interface, only the primary address is shown)

Device platform and capabilities Local interface and outgoing port ID

Remote device holdtime in seconds

IOS type and version

RouterB#show cdp neighbors detail

-------------------------

Device ID: RouterA

Entry address(es):

IP address: 192.168.2.1

Platform: cisco 2505, Capabilities: Router

Interface: Serial1, Port ID (outgoing port): Serial1

Holdtime : 164 sec Version :Cisco Internetwork Operating System Software

IOS (tm) 2500 Software (C2500-D-L), Version 12.0(13), RELEASE SOFTWARE

(fc1)Copyright (c) 1986-2000 by cisco Systems, Inc.Compiled Wed 06-Sep-00 01:08 by Linda

What does the show cdp traffic command display? The show cdp traffic command displays information about interface traffic. This includes the number of CDP packets sent and received and CDP errors:

RouterB#show cdp traffic

CDP counters :

Packets output: 105, Input: 103

Hdr syntax: 0, Chksum error: 0, Encaps failed:

No memory: 0, Invalid packet: 0, Fragmented: 0

What does the show cdp interface command display? The show cdp interface command displays the status of CDP on all interfaces on your device: RouterB#show cdp interface

Ethernet0 is up, line protocol is down

Encapsulation ARPA

Sending CDP packets every 60 seconds Holdtime is 180 seconds

Serial0 is up, line protocol is up

Encapsulation HDLC

Sending CDP packets every 60 seconds Holdtime is 180 seconds

Serial1 is up, line protocol is up

Encapsulation HDLC

Sending CDP packets every 60 seconds Holdtime is 180 seconds

What Cisco IOS router command can you use to see a neighbor router's IP address? To see a neighbor router's IP address, you must use the show cdp neighbor detail or show cdp entry * user mode or EXEC command. (This one will probably be on the exam)

What IOS command do you use to view the active outbound telnet sessions for the current user on a Cisco router? The show sessions command displays the active outbound telnet sessions from that particular user on your router.

RouterA#show sessions

Conn Host Address Byte Idle Conn Name

* 1 192.168.1.2 192.168.1.2 0 0 192.168.1.2

What key sequence do you use to suspend a Telnet session on a remote system and return to your local router? To suspend a Telnet session, press Ctrl-Shift-6, and then press X.

How do you end a remote Telnet session on a Cisco router? To end a Telnet session, use the exit or logout command while you're on the remote device: RouterB>exit

[Connection to 192.168.1.2 closed by foreign host]

RouterA#

Upon using the ping EXEC command, you receive one of the following responses:

I What does each of these responses mean?

. = Each period indicates that the network server timed out while waiting for a reply.

! =Each exclamation point indicates the receipt of a reply.

? =Unknown packet type.

C =A congestion experienced packet was received.

U =A destination unreachable error PDU was received.

I = The user interrupted the test.

What is the trace EXEC command used for?

RouterA#trace 192.168.2.2

Type escape sequence to abort.

Tracing the route to 192.168.2.2

1 192.168.2.2 16 msec 16 msec * Note: If trace responds with a * it means the probe timed out. If it responds with a ? it means it received an unknown packet type.

What are the two ways in which a Cisco router resolves host names to IP addresses? A Cisco router resolves host names using either a host table on each router or a DNS server.

What is the main purpose of RAM on a Cisco router? On most Cisco routers, the IOS is loaded into RAM, as well as the running configuration. It is also used to hold routing tables and packet buffers.

What is the function of ROM on a Cisco router? On a Cisco router, ROM is used to start and maintain the router.

What is Flash memory used for on a Cisco router? Flash memory is used to store the Cisco IOS software image and, if there is room, multiple configuration files or multiple IOS files. On some routers (the 2500 series), it is also used to run the IOS.

What is the function of NVRAM on a Cisco router? Nonvolatile Random-Access Memory (NVRAM) is used to hold the saved router configuration. This configuration is not lost when the router is turned off or reloaded.

What is the main purpose of the configuration register on a Cisco router? The configuration register's main purpose is to control how the router boots up. It is a 16-bit software register that by default is set to load the Cisco IOS from Flash memory and to look for and load the startup-config file from NVRAM.

What Cisco IOS command would you use to view the current configuration register value? The show version command is used to display the router's current configuration register: RouterA#show version

Cisco Internetwork Operating System SoftwareIOS (tm) 2500 Software (C2500-D-L),

Version 12.0(13), RELEASE SOFTWARE (fc1)Copyright (c) 1986-2000 by cisco Systems, Inc.Compiled Wed 06-Sep-00 01:08 by lindaImage text-base: 0x030388F8, data-base: 0x00001000 Configuration register is 0x2102

How do you change the configuration register on a Cisco router? To change the configuration register on a Cisco router, use the config-register global command.

What Cisco IOS command displays the contents of Flash memory? The show flash command displays the contents of Flash memory. This includes the images stored in Flash memory, the images' names, bytes used in Flash memory, bytes available, and the total amount of Flash memory on your router:

RouterA#show flash

System flash directory:File Length Name/status

1 6897716 c2500-d-l.120-13.bin[6897780 bytes used, 1490828 available, 8388608 total]8192K bytes of processor board System flash (Read ONLY)

What IOS command would you use to copy the running configuration on a router to a TFTP server? To copy the running configuration to a TFTP server, use the copy running-config tftp privileged EXEC command:

RouterB#copy run tftp

Address or name of remote host []? 192.168.0.2

Destination filename [routerb-confg]?

!!

780 bytes copied in 6.900 secs (130 bytes/sec) This gives you a backup of your running config on a TFTP server.

How do you erase the router's configuration and bring it back to the factory default? The erase startup-config privileged EXEC command erases your router's configuration, thus bringing it back to its factory defaults:

RouterB#erase startup-config

Erasing the nvram filesystem will remove all files! Continue? [confirm]

[OK]Erase of nvram: complete Note: In order to complete the process, you need to reload the router. An older IOS command that you can use to accomplish the same results is write erase.

How do you restore a configuration file from a TFTP server into your Cisco router's RAM? The copy tftp running-config privileged EXEC command merges the saved and running configuration into your router's RAM, so any commands not explicitly change or removed will remain in the running configuration. RouterB#copy tftp running-config

Address or name of remote host []? 192.168.0.2

Source filename []? routerb-confg

Destination filename [running-config]?

Accessing tftp://192.168.0.2/routerb-confg...

Loading routerb-confg from 192.168.0.2 (via Ethernet0):

[OK - 780/1024 bytes] 780 bytes copied in 4.12 secs (195 bytes/sec)

RouterB# 01:40:46: %SYS-5-CONFIG: Configured from tftp://192.168.0.2/routerb-confg

How do you back up a Cisco router IOS? To back up the current IOS image on your router, use the copy flash tftp privileged EXEC mode command:

RouterB#copy flash tftp

Source filename [routerb-flash]? flash:c2500-d-l.120-13.bin

Address or name of remote host []? 192.168.0.2

Destination filename [c2500-d-l.120-13.bin]?

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!6897716 bytes copied in 90.856 secs (76641 bytes/sec)

How do you upgrade or restore the Cisco router IOS?

To upgrade or restore the Cisco router IOS, use the copy tftp flash privileged EXEC mode command.

How you make a Cisco router a TFTP server? To configure a Cisco router as a TFTP server, use the tftp-server global configuration command.

What is the boot sequence of a Cisco router? The boot sequence of a router is as follows: hardware /power on

load run bootstrapfind the IOS software

load the softwarefind the config (default NVRAM)

load the configuration (startup-config) into RAM

Run the IOS

What can you configure on a router in setup mode? ip addresses

routed protocols

enable password

Important Config Register Notes: 2100 manual boot rommon>

2101 boot from ROM

2102 normal/password recovery

2105 boot system command - config-register NVRAM

2142 bypass NVRAM

ctrl-break = ROM monitor mode

router(config)#boot system flash ios filename

router(config)#boot system tftp filename ip address

router(config)#boot system ROM

Note the router prompt for boot commands. Copy commands = router# Quick Notes - IOS COMMANDS What two EXEC modes are supported in the Cisco IOS? The two EXEC modes are: User EXEC mode (user mode) Privileged EXEC mode (enable or privileged mode)

In the IOS, what is User EXEC mode? User EXEC mode is the first mode you enter when you log into the IOS. This mode is limited and is mostly used to view statistics. You cannot change a router's configuration in this mode. By default, the greater-than sign (>) indicates that you are in user mode. This is how the router prompt looks in user mode: Router>

In the IOS, what is privileged EXEC mode? In privileged EXEC mode, you can view and change the configuration in a router. To enter privileged

mode, enter the enable command while in user mode. The pound symbol (#) indicates that you are in privileged mode. This mode is usually protected with a password. You also see the output of the prompt:

Router>enable Password: Router#

When you are in privileged EXEC mode, how do you return to user EXEC mode? You return to user EXEC mode using the disable, exit, or end IOS commands. Here is an example of using the disable command:

Router#disable Router>

What two types of content-sensitive help are available in the Cisco IOS? Word help and command syntax help are the two types of content-sensitive help. Word help uses a question mark and identifies commands that start with a character or sequence of characters. For example, the following router output shows the use of word help for any IOS command that starts with the letters cl:

Router#cl? clear clock Command syntax help is when you use a question mark after a command so that you can see how to complete the command.

For example: Router#clock ? set Set the time and date

On a Cisco router, what does the show version command display? The show version command displays the system hardware's configuration, including RAM, Flash memory, software version, configuration register, and boot images. Here is an example of the show version command:

Router#show version Cisco Internetwork Operating System SoftwareIOS (tm) 2500 Software (C2500-D-L), Version 12.0(13), RELEASE SOFTWARE (fc1)Copyright (c) 1986-2000 by Cisco Systems, Inc.Compiled Wed 06-Sep-00 01:08 by lindaImage text-base: 0x030388F8, data-base: 0x00001000 ROM: System Bootstrap, Version 5.2(5), RELEASE SOFTWAREBOOTFLASH: 3000 Bootstrap Software (IGS-RXBOOT), Version 10.2(5), RELEASE SOFTWARE (fc1) Router uptime is 50 minutesSystem restarted by power-onSystem image file is "flash:c2500-d-l.120-13.bin" cisco 2505 (68030) processor (revision C) with 8192K/2048K bytes of memory.Processor board ID 02073409, with hardware revision 00000000(text omitted)32K bytes of nonvolatile configuration memory.8192K bytes of processor board System flash (Read ONLY) Configuration register is 0x2102

On a Cisco router, how do you display the configuration running in RAM? You display the configuration running in RAM using the show running-config privileged mode command. For example:

Router#show running-config Building configuration... Current configuration: ! version 12.0service timestamps debug uptimeservice timestamps log uptimeno service passwordencryption ! hostname Router ! enable password cisco ! --More--

On a Cisco router, how do you view the configuration stored in NVRAM? You view the configuration stored in NVRAM using the show startup-config privileged mode command.

What Cisco router command would you use to view a list of the most recently used commands?

The show history command, by default, displays the last ten commands used. You can also use the up arrow key (or Ctrl-P) to display the last command you entered and the down arrow key (or Ctrl-N) to display the previous commands you entered. The following is an example of the show history command:

Router#show history en show running-config show running-config show history enable show version show time show history Router#

Command history is enabled by default and records ten commands in its history buffer for the current session. How do you edit the number of commands that are stored in the router's history buffer? To edit the number of command lines stored for the current session, use the terminal history [size number-of-lines] command in privileged EXEC mode. For example, the following changes the history size to 20 lines:

Router#terminal history size 20 Note: The maximum number of lines you can set for the current session is 256, but doing so wastes router memory. To turn off terminal history, use the terminal no history privileged mode command. If you want to set the history size longer than the current session, go to the console interface and enter the history [size number-of-lines] interface command as a more permanent way of changing the history buffer. This command is unavailable on a Catalyst 1900 switch.

On a Cisco router, name the enhanced editing commands that are used to do the following: Move the cursor to the beginning of the line Move the cursor to the end of the line Move the cursor forward one character Move the cursor back one character

Move the cursor back one word Delete a line Complete a line Display a line versus a screen Move the cursor to the beginning of the line Ctrl-A Move the cursor to the end of the line Ctrl-E Move the cursor forward one character Ctrl-F Move the cursor back one character Ctrl-B Move the cursor back one word Esc-B Delete all characters from the cursor to the beginning of the command line - Ctrl-U Complete a line - Tab Display a line versus a screen - Enter

What are global commands on a Cisco router? Global configuration commands are commands that affect the entire router. They can be executed only in global configuration mode.

How do you enter global configuration mode? To enter global configuration mode, you enter the config terminal command from privileged EXEC mode. Here is an example of this command: Router#config terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#

How do you configure a name on a Cisco router? The hostname name global configuration command is used to configure a name on a Cisco router. For example, the following command changes the router's host name to RouterA:

Router(config)#hostname RouterA RouterA(config)#

How do you add a message-of-the-day (MOTD) banner on a Cisco router? To add a message-of-the-day banner to a Cisco router, enter the banner motd # text # global configuration command. The pound signs (#) are delimiting characters. They can be any character of your

choice, but they must be the same and cannot be included in your text. They signify the beginning and end of your text. The following example shows the banner motd command:

RouterA(config)#banner motd # Enter TEXT message. End with the character '#'.Warning only authorized users many access this Router. #

RouterA(config)# Note: The MOTD banner is displayed to anyone connecting to the router via Telnet, console port, or auxiliary port.

On a Cisco router, how do you add a password to the console terminal? To add a password to the console terminal, use the line console 0 global configuration command, followed by the login and password password line subcommands:

RouterA(config)#line console 0 RouterA(config-line)#login RouterA(config-line)#password CCNA In this example, the login subcommand forces the router to prompt for authentication. Without this command, the router will not authenticate a password. The password CCNA command sets the console password to CCNA. The password you set is case-sensitive.

How do you add a password for Telnet access on a Cisco router? To add a password for Telnet access, enter the line vty 0 4 global configuration command, the login command, and finally the password line subcommand. The password is case-sensitive. In this example, the Telnet password is set to CCNA:

RouterA(config)#line vty 0 4 RouterA(config-line)#login RouterA(config-line)#password CCNA

What command do you use to add a password to the auxiliary interface on your Cisco router? To add a password to the auxiliary interface, use the line aux global configuration command, followed by the login and password subcommands. is the number of the auxiliary port you want to add a password

to. The password is case-sensitive. The following example sets the password for the auxiliary port to CCNA: RouterA(config)#line aux 0 RouterA(config-line)#login RouterA(config-line)#password CCNA

On a Cisco router, how do you set a password to restrict access to privileged EXEC mode? You set a password to restrict access to privileged EXEC mode using the enable password global configuration command:

RouterA(config)#enable password CCNA This example sets the password to enter privileged mode to CCNA.

By default, when you view the router's configuration, the enable password is not encrypted. What command can you enter to use an encrypted enable password? To use an encrypted enable password, use the enable secret password global configuration command, where password is a case-sensitive password you assign:

RouterA(config)#enable secret Cisco If you have an enable password on your router, the IOS will allow you to use the same password as your enable password for your secret password, but this is not recommended. This is because the enable password is not encrypted and anyone can view it. If you have both an enable and secret password configured on your router, the router will use the secret password and not the enable password.

When you view the configuration on Cisco routers, only the enable secret password is encrypted.

How do you encrypt user mode and the enable password? To encrypt user mode and the enable password, use the service password-encryption global command:

RouterA(config)#service password-encryption

How do you configure Cisco router interfaces? To configure an interface on a Cisco router, use the interface interface-type number global command,

where interface-type number is the interface type and number you want to configure. For example, if you want to configure the second serial interface on your router, you would enter the following:

RouterA(config)#interface serial 1 RouterA(config-if)# Cisco interfaces start with 0 instead of 1. So the first interface would be number 0. The prompt also changes to RouterA(config-if)# to tell you that you are in interface mode. If you have a router with module slot, such as the Cisco 3600, you would enter into interface mode by entering the slot/port number. For example, if you have a Cisco 3600 router with two module serial interfaces and you want to configure the first serial interface on the second module you would enter interface s1/0.

How do you administratively disable an interface on a Cisco router? You administratively disable an interface on a Cisco router by issuing the shutdown interface configuration command. In this example, the serial interface is issued the shutdown command: RouterA(config)#int s0 RouterA(config-if)#shutdown 00:27:14: %LINK-5-CHANGED: Interface Serial0, changed state to administratively down To administratively enable an interface, use the no shutdown interface command.

What are some of the things the show interface interface-type number command displays? The show interface command displays the following: Whether the interface is administratively down Whether the line protocol is up or down An Internet address (if one is configured) MTU and bandwidth Traffic statistics on the interface Interface encapsulation type

RouterA#show interface s0 Serial0 is down, line protocol is down Hardware is HD64570 Internet address is 192.168.1.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation HDLC, loopback not set, keepalive set (10 sec) Last input never, output never, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0 (size/max/drops); Total output drops: 0 Queueing strategy: weighted fair Output queue: 0/1000/64/0 (size/max total/threshold/drops) Conversations 0/0/256 (active/max active/max total) Reserved Conversations 0/0 (allocated/max allocated) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute

output rate 0 bits/sec, 0 packets/sec 0 packets input, 0 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 0 packets output, 0 bytes, 0 underruns 0 output errors, 0 collisions, 2 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions DCD=up DSR=up DTR=down RTS=down CTS=up

On your Cisco router, you enter show interface s0 and notice that the port is administratively down. What does this mean, and how do you fix it? When an interface is administratively down, it has been shut down manually. To remedy this, enter the interface command no shut.

What two commands can you use to show the clock rate on a serial interface? To view the clock rate on a serial interface, you can use the show running-config enable command and the show controllers enable command.

Assuming that you are using no CSU/DSU and you are using back-to-back DTE/DCE serial cables, what command would you use to set the serial interface on a router to provide clocking to another router at 64 Kbps? The command to set the serial interface on a router to provide clocking to another router at 64 Kbps is clock rate 64000. Setting the clock rate on an interface makes it a DCE interface.

What Cisco IOS router command would you use to find out whether a serial interface is a DCE or DTE interface (providing clocking)? To see whether a serial interface is providing clocking, use the enable command show controllers serialinterface-type serial-number. The following example shows that serial interface 0 is providing clock rate at 56 Kbps:

RouterA#show controllers s 0 HD unit 0, idb = 0xCCE04, driver structure at 0xD2298buffer size 1524 HD unit 0, V.35 DCE cable, clockrate 56000cpb = 0x81, eda = 0x4940, cda = 0x4800RX ring with 16 entries at 0x814800

Quick Notes - PPP PPP can be used over what physical WAN interfaces? PPP can be used on the following:

Asynchronous serial interfaces High-Speed Serial Interface (HSSI) ISDN Synchronous serial interfaces

PPP is a data link layer protocol that provides network-layer services. What are the two sublayers of PPP? The two sublayers of PPP are the following:

Network Core Protocol (NCP) is the component that encapsulates and configures multiple network layer protocols. Some examples<>

Link Control Protocol (LCP) is used to establish, configure, maintain, and terminate PPP connections.

What features does LCP offer to PPP encapsulation? LCP offers authentication, callback, compression, error detection, and multilink to PPP encapsulation.

The two methods of authentication on PPP links are: Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP)

PAP is the less-secure of the two methods; passwords are sent in clear text and are exchanged only upon initial link establishment.

CHAP is used upon initial link establishment and periodically to make sure that the router is still communicating with the same host. CHAP passwords are exchanged as MD5 encrypted values.

What two protocols are available for compression on PPP links? The two protocols available for compression are Stacker and Predictor.

What three phases are used to establish a PPP session? The three phases used to establish a PPP session are the following: Step 1. Link establishment--Each PPP device sends LCP packets to configure and test the link (Layer 1).

Step 2. Authentication phase (optional)--If authentication is configured, either PAP or CHAP is used to authenticate the link. Authentication must take place before the network layer protocol phase can begin (Layer 2).

Step 3. Network layer protocol phase--PPP sends NCP packets to choose and configure one or more network layer protocols to be encapsulated and sent over the PPP data link (Layer 3).

Note on authentication: Hostname and passwords are case-sensitive.

How do you enable PPP encapsulation on a Cisco router serial interface? To enable PPP encapsulation on a serial interface, enter the encapsulation ppp interface command: RouterB(config-if)#encapsulation ppp

How do you enable PPP authentication using PAP or CHAP on a Cisco router? To enable PPP authentication on a Cisco router, follow these steps:

Step 1. Make sure that each router has a host name assigned to it using the hostname command.

Step 2. On each router, define the username of the remote router and password that both routers will use with the username name password password command.

Step 3. Configure PPP authentication with the ppp authentication {chap chap pap pap chap pap} interface command. (If both PAP and CHAP are enabled, the first method you specify in the command is used. If the peer suggests the second method or refuses the first method, the second method is used.)

For example:

RouterB(config)#hostname RouterB

RouterB(config)#username RouterA password cisco

RouterB(config)#int s0

RouterB(config-if)#ppp authentication chap pap

What is the default encapsulation on a Cisco serial interface?

HDLC

Quick Notes - ISDN In ISDN, what do E-series protocols specify? E-series protocols specify telephone network standards for ISDN. Examples include International ISDN addressing and the International Telephone plan.

What do protocols that begin with I deal with? I-series protocols deal with concepts, terminology, and general methods of ISDN, such as service aspects,

user network interfaces, and network aspects.

What do ISDN protocols that begin with Q specify? Q-series protocols specify how switching and signaling (call setup) should operate. For example, ISDN protocol Q.921 is used for LAPD on the D channel, and protocol Q.931 is used for the ISDN network layer between the terminal and switch.

What is the data transfer speed for ISDN BRI? The data transfer rate for ISDN BRI is 128 Kbps. The total transfer rate for ISDN BRI is 144 Kbps. This consists of two 64 Kbps (128 Kbps) Bearer (B) channels plus one 16 Kbps Delta (D) channel. The B channels can be used for data transfer and voice transmission. The D channel carries control and signaling information for fast call setup and operates at the first three layers of the OSI model.

What is the total rate in Mbps for ISDN PRI? The total rate for ISDN PRI in the U.S. and Japan is 1.544 Mbps. PRI consists of 23 64 Kbps B channels and one 64 Kbps D channel. In Europe, PRI consists of 30 B channels and one D channel for a total rate of 2.048 Mbps. In ISDN, the D channel appears to always be up and is what makes the call to the ISDN switch.

What signaling protocol does the ISDN switch use to set up a path and pass the called number to the terminating ISDN switch? The ISDN local switch uses the SS7 protocol to set up a path and pass the called number to the terminating ISDN switch.

Devices connecting to an ISDN network are known as terminal equipment (TE) and network termination (NT) equipment. What do the TE1 and TE2 equipment types refer to? TE1 refers to a device that has a native ISDN interface. That is, it can plug directly into an ISDN network.

TE2 refers to equipment that does not have an ISDN interface and that requires a terminal adapter (TA) to plug into an ISDN network.

To what do ISDN NT1 and NT2 termination types refer? Network Terminal 1 converts BRI signals into a form used by the ISDN line. It implements the physical layer specifications and connects the devices to the ISDN network. NT2 is the point where all ISDN lines are aggregated and switched using a customer-switching device.

What is the function of the TA? The terminal adapter converts non-ISDN signals into ISDN signals. Devices that are not native to ISDN connect to a TA to access the ISDN network.

What does the ISDN R reference point define? The R reference point defines the point between a non-ISDN-compatible device and a TA.

What does the ISDN S point reference? The S point references the points or customer equipment that connects to the NT2 or customer-switching device.

What does the ISDN T reference point define? ISDN T reference points refer to the point between NT1 and NT2 devices. T and S reference points are electronically the same and reference the outbound connection from the NT2 to the ISDN network.

What is the ISDN U reference point? The U reference point is the point between the NT1 and the ISDN network.

What happens when you connect a router with a U interface into an NT1? If you connect a router with a U interface into an NT1, you will damage the interface. This is because the U interface on a Cisco router already has a built-in NT1.

What are SPIDs? Service provider or profile identifiers (SPIDs) are used to identify your router to the switch at the central office (the ISP). They are a series of characters that look like phone numbers and are not always required.

How do you enable ISDN on a Cisco router? To enable ISDN on a Cisco router, first you need to define the switch type your router will be connecting to. The switch type is the type of switch used by your service provider. To define the ISDN switch type, enter the isdn switch-type switch-type global or interface command. Specifying the isdn switch-type global command specifies the ISDN switch type for the entire router. The second step is to enter the SPIDs provided by your service provider by entering the isdn spid1 spid-number and isdn spid2 spidnumber interface commands. The following example enables ISDN on a router, specifying AT&T basicrate switches as the switch type:

RouterA(config-if)#isdn switch-type basic-5ess

RouterA(config-if)#isdn spid1 123456789123

RouterA(config-if)#isdn spid2 123456789124

If you have DDR enabled on your router, when does the router decide when to bring up the ISDN line and send traffic? If DDR is enabled on your router, it brings up the ISDN line when it sees "interesting traffic".

How do you enable DDR on a Cisco router? To enable DDR on a Cisco router, you first need to define static routes with the ip route command. Next,

specify interesting traffic, and finally, configure the dialer information.

How do you specify interesting traffic? As an administrator, you define that interesting traffic can be based on protocol type or addresses for source or destination hosts. To define interesting traffic, use the following command: dialer-list dialergroup protocol protocol-name {permit deny list access-list-number} dialer-group is the number that identifies the dialer list. protocol-name can be IP, IPX, AppleTalk, DECnet, or Vines.

RouterA(config)#dialer-list 10 protocol ip list 100

RouterA(config)#access-list 100 permit tcy any any eq www

RouterA(config)#access-list 100 permit tcy any any eq smtp

RouterA(config)#access-list 100 permit tcy any any eq dns

The last step in configuring DDR on a Cisco router is to configure the dialer information. How do you do this? Do the following to configure the dialer information: Step 1. Choose the interface. Step 2. Configure an IP address on the interface. Step 3. Configure the encapsulation type. Step 4. Bind interesting traffic to the interface by using the dialer-group group-number interface command.

What command can you use to view the call in progress? The show isdn active command shows the call in progress and the number dialed:

show isdn st

RouterA#Global ISDN Switchtype = basic-5ess

ISDN BRI0 interface dsl 0, interface ISDN Switchtype = basic-5ess

Layer 1 Status:

ACTIVE

Layer 2 Status: TEI = 64, Ces = 1, SAPI = 0, State =

MULTIPLE_FRAME_ESTABLISHED

Layer 3 Status: 0 Active Layer 3 Call(s) Activated dsl 0 CCBs = 0

The Free Channel Mask: 0x80000003

Total Allocated ISDN CCBs = 0

How can you view the number of times the dial string has been successfully reached on a Cisco router?

The show dialer command displays information about the interface configured for DDR, the number of times the dialer string has been successfully reached, and the fast and idle timer values for each B channel.

Quick Notes - VLANS What are VLANs? VLANs are broadcast domains in a Layer 2 network. Each broadcast domain is like a distinct virtual bridge within the switch. Each virtual bridge you create in a switch defines a broadcast domain. By default, traffic from one VLAN cannot pass to another VLAN. Each of the users in a VLAN is also in the same IP subnet, and each switch port can belong to only one VLAN.

What are the three characteristics of a typical VLAN setup? The three characteristics of a typical VLAN setup are: Each logical VLAN is like a separate physical bridge. VLANs can span multiple switches. Trunks carry traffic for multiple VLANs.

What are trunk links? By default, each port on a switch can belong to only one VLAN. For devices that are in VLANs (that span multiple switches) to talk to other devices in the same VLAN, you must use trunking or have a dedicated port per VLAN. Trunk links allow the switch to carry multiple VLANs across a single link.

What are the two methods you can use to assign a port to a VLAN? The two methods to assign a port to a VLAN are Statically Dynamically

What is Inter-Switch Link (ISL)? ISL is a Cisco proprietary protocol used to interconnect switches that have multiple VLANs. It maintains VLAN information as traffic goes between switches, allowing the traffic to enter the correct VLAN. ISL operates in a point-to-point environment.

At which layer of the OSI model does ISL function? ISL functions at Layer 2 of the OSI model. It encapsulates a data frame with a new ISL header and CRC. Because ISL operates at Layer 2 of the OSI model, it is protocol-independent.

What type of tagging method does ISL use? Many network professions refer to the way ISL tags frames as an external tagging mechanism. This is

because ISL encapsulates each frame and does not modify the original packet. Many network professions refer to the way ISL tags frames as an external tagging mechanism. This is because ISL encapsulates each frame and does not modify the original packet.

How many extra bytes does ISL add to an existing Ethernet frame? ISL adds a 26-byte ISL header and a 4-byte CRC to each frame, extending each Ethernet frame by 30 bytes. ISL tagging is implemented in ASICs, so tagging is done at wire speed.

What is VTP? VLAN Trunking Protocol (VTP) is a Layer 2 messaging protocol that maintains VLAN configuration consistency throughout a common administrative domain by managing VLANs' additions, deletions, and name changes across multiple switches. Without VTP, you would have to add VLAN information in all switches in your network.

What is a VTP domain? A VTP domain is one or more interconnected switches that share the same VTP environment. A switch can be in only one VTP domain, and all VLAN information is propagated to all switches in the same VTP domain.

What are the three VTP modes? The three VTP modes are Server Client Transparent

What is VTP server mode? A switch in VTP server mode can add, delete, and modify VLANs and other configuration parameters for the entire VTP domain. This is the default mode for all Catalyst switches. VLAN configurations are saved

in NVRAM. When you change VLAN configuration in server mode, the change is dynamically propagated to all switches in the VTP domain.

What is VTP client mode? In VTP client mode, a switch cannot create, delete, or modify VLANs. Also, a VTP client does not save VLAN information and configuration in NVRAM. In client and server mode, VLAN information is synchronized between switches in the VTP domain.

What is VTP transparent mode? In transparent mode, a switch can add, modify, and delete VLANs. This information is not transmitted to other switches in the VTP domain. They affect only the local switch. VTP transparent mode is used when a switch does not need to participate in the VTP domain but needs to propagate VTP information to other switches.

How often are VTP advertisements flooded throughout the management domain? VTP advertisements are flooded throughout the management domain every 5 minutes or whenever a change occurs in VLAN configuration.

What is included in VTP advertisements? VTP advertisements include the following: VTP revision number VLAN names and numbers Information about switches that have ports assigned to each VLAN

What is one of the most important components of the VTP advertisement? The revision number is one of the most important components of the VTP advertisement. Every time a VTP server modifies its VLAN configuration, it increments the configuration number by 1. The largest configuration number in the VTP domain contains the most current information. When a client receives a

revision number higher than its current number, it updates its VLAN configuration.

On a Catalyst 1900 switch, how do you reset the configuration number? To reset the configuration numbers on a Catalyst 1900, use the delete vtp privileged EXEC command, and then reset the switch.

What is VTP pruning? By default, a trunk link carries traffic for all VLANs in the VTP domain. Even if a switch does not have any ports in a specific VLAN, traffic for that VLAN is carried across the trunk link. VTP pruning uses VLAN advertisements to determine when a trunk connection is needlessly flooding traffic to the trunk links that the traffic must use to access the appropriate network device.

How many VLANs with a separate spanning tree per VLAN does the Catalyst 1900 support? The Catalyst 1900 supports 64 VLANs with a separate spanning tree per VLAN.

What VLAN number are CDP and VTP advertisements sent across? CDP and VTP advertisements are sent on VLAN 1, which is also known as the management VLAN.

What must you remember before you create VLANs on a Catalyst switch? Before you create VLANs on a Catalyst 1900 switch, the switch must be in VTP server mode or VTP transparent mode.

How do you configure the VTP operation mode on a Catalyst 1900? To configure VTP on a Catalyst 1900, use the vtp [server transparent client] global configuration command:

Cat1900(config)#vtp server

How do you configure a VTP domain on a Catalyst 1900 switch? To configure a VTP domain on a Catalyst 1900 switch, use the vtp domain domain-name global command:

Cat1900(config)#vtp domain cisco

How do you configure a VTP domain password on a Catalyst 1900? Use the vtp password password global command to configure a VTP domain password. This example sets the VTP password to cisco:

Cat1900(config)#vtp password cisco

What does the show vtp privileged EXEC command display? The show vtp privileged EXEC command displays the following: VTP version The number of existing VLANs on a switch and the maximum number of locally supported VLANs VTP domain name, password, and operating mode Whether VTP pruning is enabled The last time VLAN configuration was modified. Here's an example of show vtp output:

Cat1900#show vtp

VTP version: 1

Configuration revision: 0

Maximum VLANs supported locally: 1005

Number of existing VLANs: 5

VTP domain name : cisco

VTP password : cisco

VTP operating mode : Server

VTP pruning mode : Disabled

VTP traps generation : Enabled

Configuration last modified by: 192.168.0.2 at 00-00-0000 00:00:00

What command do you use to add a VLAN on a Catalyst switch? To add a VLAN on a Catalyst switch, use the vlan vlan-number [name vlan_name] global command. The following example adds VLAN 10 with a name of Sales: Cat1900(config)#vlan 10 name Sales

What Catalyst 1900 command can you use to verify VLAN information? To verify VLAN information, use the show vlan vlan-number privileged EXEC command.

How do you view spanning tree information for a particular VLAN? A Catalyst 1900 switch can have a maximum of 64 VLANs with a separate instance of spanning tree per VLAN. To view spanning tree information for a particular VLAN use the "show spandtree vlan-id" command.

Quick Notes - TCP / IP What are the four layers of the TCP/IP layer model? The four layers of the TCP/IP layer model are: Application (process) Host-to-host (transport) Internet

Network Access (physical and data link)

What two protocols function at the transport (host-to-host) layer of the TCP/IP model? The two protocols that function at the host-to-host layer of the TCP/IP model are TCP and UDP. (TCP is a connection-oriented, reliable protocol. UDP is a connectionless and unacknowledged protocol.)

What are the protocol numbers for TCP and UDP? The protocol number for TCP is 6. The protocol number for UDP is 17.

How many bytes are in the header for TCP and UDP packets? A TCP header contains 20 bytes, and a UDP header contains 8 bytes.

What are TCP and UDP port numbers? To pass information (such as e-mail) to upper layers, TCP and UDP use port numbers. These port numbers are used to keep track of different conversations among different hosts at the same time. Originating source port numbers are dynamically assigned by the source host, which is a number greater than 1023.

What is the number range for "well-known" port numbers? Defined in RFC 1700, the well-known port numbers are 1 to 1023.

What are the steps for the TCP three-way handshake? The steps for the TCP three-way handshake are as follows: Step 1. The source host sends a SYN to the destination host. Step 2. The destination host replies with a SYN/ACK to the source host. Step 3. The source host replies with an ACK.

What are some protocols that operate at the TCP/IP Internet layer? Some protocols that operate at the TCP/IP Internet layer are IP ICMP ARP RARP

What is the Internet Protocol (IP)? IP is a connectionless protocol that provides best-effort delivery routing of datagrams.

What is the Internet Control Message Protocol (ICMP)? ICMP is a management protocol for IP. ICMP messages are carried in IP datagrams and are used to send error and control messages. An example of a utility that uses ICMP is ping.

What is the Address Resolution Protocol (ARP)? ARP is used to resolve a known IP address to a MAC address. In order for a host to communicate with another host, it must know the MAC address of the destination host (if they are on the same network) or next hop router. This is the reason for ARP.

What is the Reverse Address Resolution Protocol (RARP)? RARP is a protocol used to find the IP address of a station that knows its MAC address. It is mainly used for diskless workstations that boot up and need an IP address. An RARP request is a broadcast packet.

What are the IP address ranges for Class A, Class B, and Class C addresses? The address ranges are as follows: Class A 1.0.0.0 to 126.0.0.0Class B 128.0.0.0 to 191.255.0.0Class C 192.0.0.0 to 223.255.255.0

What does RFC 1918 define? RFC 1918 defines reserved (private) networks and addresses that are not routed on the Internet. These addresses are 10.0.0.0 to 10.255.255.255, 172.16.0.0 to 172.31.255.255, and 192.168.0.0 to 192.168.255.255. They are used as internal private addresses. Private addresses are widely used today, along with proxy servers and Network Address Translation to assist with "stretching" the current IP address space.

Cisco IOS software supports what three kinds of broadcasts? The three kinds of broadcasts that Cisco IOS software supports are: Flooding Directed broadcast All-subnet broadcast Flooded broadcasts are local broadcasts that have an address of 255.255.255.255. They are not propagated by a router. Direct broadcasts are directed to a specific network. They contain all 1s in the host portion of the address. Routers forward these broadcasts. An example is 192.168.0.255/24. All-subnet broadcast are broadcast messages to all hosts within a subnet and to all subnets within a network. An example is 192.168.255.255/24. With Cisco IOS release 12.0, a router does not forward all subnet broadcasts. You can use the ip directed-broadcast command to enable all subnet broadcasts.

How do you assign an IP address to a Cisco router? To assign an IP address to a router, use the ip address address subnet-mask interface configuration command. Here's an example:

RouterB(config)#inter e0

RouterB(config-if)#ip address 172.16.0.1 255.255.0.0

RouterB(config-if)#no shut Note: By default all interfaces on a Cisco router are administratively disabled. To enable them you must use the "no shut" interface command.

How do you manually assign IP addresses to host names in a Cisco router? The ip host name [tcp-port-number] address [address] global configuration command lets you assign IP addresses to host names in a Cisco router. [tcp-port-number] is an optional parameter; the default value is Telnet. Here's an example:

RouterB(config)#ip host cisco 172.16.0.1

What Cisco IOS command can you use to program the router to use a DNS server to resolve host names? The ip name-server server-address [[server-address2]...[server-address6]] command lets you program the Cisco router to resolve host names with a DNS server. Here's an example:

RouterB(config)#ip name-server 172.16.0.250

If you enter a command that a Cisco router does not recognize, the router tries to resolve the command you just entered with a DNS server. How do you turn off this DNS domain lookup? To turn off DNS domain lookup, use the no ip domain-lookup global command. Here's an example: RouterB#enb

Translating "enb"...domain server (255.255.255.255)% Unknown command or computer name, or unable to find computer address

RouterB#config t

Enter configuration commands, one per line. End with CNTL/Z.

RouterB(config)#no ip domain-lookup

For different VLANs to communicate with each other, they need to be routed (a router!). To perform inter-VLAN

routing, what two things must occur? To perform inter-VLAN routing, the following must occur: The router must know how to reach all VLANs being interconnected. The router must have a separate physical connection on the router for each VLAN, or trunking must be enabled on a single physical connection.

How do you enable ISL trunking on a Cisco router? To enable ISL trunking on a Cisco router, you must do the following: Step 1 Configure subinterfaces on the router's physical Fast Ethernet or Gigabit interface. (ISL trunking works only on Fast Ethernet or Gigabit interfaces.) Step 2 Assign an IP address to the subinterface. Step 3 Enable ISL encapsulation for the particular VLAN with the encapsulate isl vlan# subinterface command. Here's an example:

RouterB(config)#int f0/0

RouterB(config-subif)#ip address 172.16.0.1 255.255.0.0

RouterB(config-subif)#encapsulation isl 1

=================================================================================