MINI CCNA

Abul Bayan Ahmed

Etisalat Technology Academy
 Course Outline - HW – 2T - Pr

1) Introduction to Networking
2) Networking devices and their application.
3) Layer of Networks – OSI Model
4) LAN , WAN , WLAN , MAN , SAN , VPN & Internet
5) Switching and routing basic
6) Cisco IOS Basic Commands
7) DNS , DHCP , VLAN ,SVI , Port assignment , VTP and IP Addressing (Lab
Time)
8) Demo Lab Configurations in Packet Tracer.
 Network Definition

A network is a collection of
network devices (i.e. switches and
routers) along with end systems
(i.e. PCs and servers). Networks
carry many types of data (i.e.
voice, video and data) to/from
many locations (i.e. Branch Office,
Home Office, etc.).
Network History
Network History continued
Networking Devices
Network Topology
Local-area Networks (LANs)
Wide-area Networks (WANs)
Metropolitan-Area Network
(MANs)
 Storage-Area Networks
(SANS)
• A SAN is a dedicated, high-
performance network used to
move data between servers
and storage resources.
• Because it is a separate,
dedicated network, it avoids
any traffic conflict between
clients and servers.
 Virtual Private Networks
(VPNs)

A VPN is a private network that is

constructed within a public network
infrastructure such as the global
Internet. Many businesses also have a
virtual private network (VPN) that uses
a public network (usually the Internet)
to connect remote sites or users
together. This allows the LAN network to
expand.
 Benefits of VPNs
• A VPN is a service that offers
secure, reliable connectivity over a
shared public network
infrastructure such as the Internet.
• VPNs maintain the same security
and management policies as a
private network.
• They are the most cost-effective
method of establishing a point-to-
point connection between remote
users and an enterprise customer's
network.
 Intranet and Extranet VPN

• A VPN is a service that offers secure, reliable connectivity over a shared

public network infrastructure such as the Internet.
• VPNs maintain the same security and management policies as a private
network.
• They are the most cost-effective method of establishing a point-to-point
connection between remote users and an enterprise customer's network.
Importance of Bandwidth
Bandwidth Pipe Analogy
Bandwidth Highway Analogy
Bandwidth Measurements
Bandwidth Limitations
OSI Model
OSI Layers
OSI Layers

•Provides connectivity and path selection between two host

•Provides Logical address
•No error correction, best effort delivery.
OSI Layers
OSI Layers
OSI Layers
OSI Layers
OSI Layers
 Layered/Peer-to-Peer Communication
• For data to travel from the source to the destination, each layer of the OSI model at
the source must communicate with its peer layer at the destination.
• During this process, the protocols of each layer exchange information, called
protocol data units (PDUs), between peer layers.

28
TCP/IP Model
 OSI Model - Encapsulation
Five conversion steps in order to encapsulate data:
1. Build the data – Layers 7 - 5
2. Package the data for end-to-end transport –
Layer 4
3. Add the network address to the header –
Layer 3
4. Add the data link layer header and trailer –
Layer 2
5. Convert to bits for transmission – Layer 1

30
Names for Data at Each Layer
Summary
 SWITCHES

•A switch is sometimes described as a multiport bridge.

•Like bridges, switches learn certain information about the data packets that are received from various computers
on the network.
•Switches use this information to build forwarding tables to determine the destination of data being sent by one
computer to another computer on the network.
Benefits of a switch over a hub include the following:
•Reduce congestion
•Maximize bandwidth
•Reduce collision domain size
•Microsegmentation

33
SWITCHES

34
 SWITCHES
• L2-switching is Hardware based bridging (uses ASICs) – Very fast
• Provide scalability up to gigabit speeds and low-latency
• Creates micro-segmentation (each device in one collision domain)
• Full duplex communication
• MAC addresses are stored in CAM or Switching table

35
 Micro-segmentation
• One port to each host (port density to be more)
• Eliminates the impact of collisions
• The available bandwidth can reach closer to 100% (dedicated 10/100Mbps)
• Still a single large broadcast domain

36
 ROUTERS

• Routing: Determine the best/optimal path to reach a destination network

• A router links a private or business local area network to the Internet. Data traveling through the router,
called packets, is then sent off to a destination via the best available route.
• Forwards data packets based on the destination L3-network address
• Operates at high rate of latency (due to routing overhead)
• Separates segments into unique broadcast and collision domains
• Segments here are referred to as “subnets”
• Will not forward broadcast or multicast frames by default
• Routers are mainly used as WAN devices.
• Routers use WAN connections to communicate with each other.
• Routers are the backbone devices of large intranets and of the Internet.
• They operate at Layer 3 of the OSI model, making decisions based on network addresses.

37
 Routers & PCs
• A router is a special type of computer.
• It has the same basic components as a standard desktop PC.
• It has a CPU, memory, a system bus, and various input/output interfaces.
• Routers connect and allow communication between two networks and determine the best path for data to
travel through the connected networks.
• Routers need the Internetwork Operating System (IOS) software to run configuration files.

38
 Router Internal Components
The main internal components of the router are random-access memory (RAM), nonvolatile random-access
memory (NVRAM), flash memory, read-only memory (ROM), and interfaces.

39
 Router Interfaces
• LAN interfaces allow routers to connect to the LAN media. This is usually
some form of Ethernet.
• WANs provide connections through a service provider to a distant site or to
the Internet.

40
 Router Management Ports
• Console
– Used for initial configuration
– Troubleshooting
– Debugging
– Monitoring the system
– Displays startup and error messages by default (console only)
– Do not depend on network connections

41
 What is an IP address

A way to identify machines on a network

A unique identifier
 IP usage

Used to connect to another computer

Allows transfers of files and e-mail

 IP structure

IP addresses consist of four sections

Each section is 8 bits long

Each section can range from 0 to 255

Written, for example, 128.35.0.72

 IP structure

These four sections represent the machine itself and the network it is
on

The network portion is assigned.

The host section is determined by the network administrator

 IP structure

5 Classes of IP address A B C D and E

Class A reserved for governments

Class B reserved for medium companies

Class C reserved for small companies

 IP structure

Class D are reserved for multicasting

Class E are reserved for future use

IP structure

Class A begins 1 to 126

Class B begins 128 to 191

Class C begins 192 to 223

 Reserved addresses

Addresses beginning 127 are reserved for loopback and internal

testing

xxx.0.0.0 reserved for network address

xxx.255.255.255 reserved for broadcast

 Subnetting - Why?

Division of local networks

Greater number of networks

Simplifies addressing
 Subnetting - How

Bits borrowed from host field

Network Network Host Host

Network Network Subnet Host

Network Network Subnet Subnet/Host

 Subnetting -Example

130.5.0.0 - Network address

130.5.2.144 - Host address
255.255.255.0 - Subnet Mask
130.5.2.0 - Subnet
 The Internet Protocol

Running out!!

Upgraded to IPv6
VLAN
 Network Design
Network Center

• IP planning requirements:
− Each “Net” hosts in an IP subnet
• Wiring requirements:
− The wiring only between the network center and
Building 1 Buildings Building 3

Net A Net B Building 2 Net B Net C

Net C Net A
 Network Design：Without VLAN
Network Center

Net A Net B Net C Net A Net B Net C

Building 1 Building 2 Building 3

 Network Design：Without VLAN
Network Center

Disadvantages:

Increase the costs of equipment and wiring.

Net A Net B Net C Net A Net B Net C

Building 1 Building 2 Building 3

 Network Design：With VLAN
Network Center

Learning Objectives:
After this Chapter, You can design Switching Network
with VLAN.

Net A Net B Net C Net A Net B Net C

Building 1 Building 2 Building 3

VLAN Overview
 VLAN ( Virtual LAN )

• Only switch can create VLAN

• By default, switch‘s all ports belong to VLAN 1

• One VLAN —— One Broadcast Domain

• VLAN works in Layer 2

 By default, all port in same Broadcast domain
(VLAN1)

After 3 New VLANs worked

Vlan10 Vlan20 Vlan30

Logical topology :
Three switches, three broadcast domains.
 VLAN ID
• Switch uses numbers to identify the VLAN.

VLAN ID Sort Application User Action

0 Reserved System Can’t View and Use

1 Normal Default VLAN Can Use, Can’t Delete

2—1001 Normal Ethernet Can Add, Use and Delete

1002—1005 Normal FDDI, Token Ring Can Use, Can’t Delete

1006—1024 Reserved System Can’t View and Use

1025—4094 Extended Ethernet Can Add, Use and Delete

4095 Reserved System Can’t View and Use

 VLAN Switch Port Modes

• Static VLAN

• Voice VLAN
 Static VLAN
• Manually assign Port-based VLAN

F0/1 F0/2 F0/3 F0/4

Switch
V10 V10 V20 V20

PC1 PC2 PC1 PC2

VLAN 10 VLAN 10 VLAN 20 VLAN 20

The most commonly used

 Voice VLAN
• Voice VLAN to forward all voice traffic.
Internal
component

Phone
ASIC
Voice VLAN
100
P2

P1 3 port P3
switch
Static VLAN 10
 VLAN Control Broadcast Domain
• Same VLAN

F0/1 F0/2 F0/3 F0/4

Switch
V10 V10 V10 V10

PC1 PC2 PC3 PC4

192.168.1.2/24 192.168.1.3/24 192.168.1.4/24 192.168.1.5/24
 VLAN Control Broadcast Domain
• Different VLAN

F0/1 F0/2 F0/3 F0/4

Switch
V10 V10 V20 V20

PC1 PC2 PC3 PC4

192.168.1.2/24 192.168.1.3/24 192.168.2.2/24 192.168.2.3/24
 VLAN
Trunking
 Intra-VLAN Access on different Switches
• Requirements: PCs in same Net can access each other.

F0/1 F0/2 F0/3 F0/4 F0/5 F0/6 F0/1 F0/2 F0/3 F0/4 F0/5 F0/6
S1 10 10 20 20 30 30 30 30 20 20 10 10 S2

Net A Net B Net C Net C Net B Net A

Building1 Building2

Solution: Without Trunk

 Intra-VLAN Access on different Switches
• Logical Topology

Advantages:
• Dedicated link
S1
• The Frame is unchanged S2
10 10 20 20 30 30 30 30 20 10
Disadvantages:
20 10

• Waste port
• Additional cabling cost
Net A Net B Net C Net C Net B Net A
Building1 Building2

Solution: Without Trunk

 Intra-VLAN Access on different Switches
 Requirements: PCs in same Net can access each other.

One Link carrying Multiple VLANs

Advantages:
• Save port
S1
• Save cabling S2
Disadvantages:
Trunk Trunk
• Shared Link
• Frame will be changed
Net A Net B Net C (Delay, CPU) Net C Net B Net A
Building1 Building2

Solution: With Trunk

 VLAN Trunking Operation
• Trunk port
• Send —— tagged frame with the VLAN ID
• Receive —— strips off the VLAN ID

V10 Frame V10 Frame

S1 10 20 30 V10 Frame 30 20 10
Frame S2
Trunk Trunk

Frame

A1 B1 C1 C2 B2 A2

A1 A2
 VLAN Trunking Operation
 Trunk port
•Send —— tagged frame with the VLAN ID
•Receive —— strips off the VLAN ID
V20 Frame V20 Frame

V30 Frame V30 Frame

S1 10 20 30 30
Frame 20
Frame 10 S2
Trunk Trunk

Frame Frame

A1 B1 C1 B1 B2 C2 B2 A2
C1 C2
 Trunking Protocols

V10 Frame
V20 Frame
V30 Frame
S1 10 20 30 30 20 10 S2
Trunk 802.1Q or ISL Trunk

A1 B1 C1 C2 B2 A2
VLAN and Trunk
Configuration
VLAN configuration (Static VLAN)

1. Create the VLANs.

2. Assign switch ports to VLANs.

3. Verify VLAN configuration

 1. Create the VLANs
• Add the VLANs in Global configuration mode
Switch(config)# vlan vlan-id
• vlan-id：2-1001 or 1025-4094
• Enter VLAN configuration mode after “Enter”
Switch(config)# vlan 10 [Enter]
Switch(config-vlan)#
• Create multiple VLANs use one command
Switch(config)# vlan 20,30,40-45
 Named VLAN

• Named VLAN in VLAN configuration mode

Switch(config-vlan)# name vlan-name
• vlan-name: Describe this VLAN
• Named VLAN is optional configuration
• Default VLAN name is: VLANXXXX
• XXXX: Four decimal numbers , it is VLAN ID with leading zeros.
• Example:
• VLAN2—VLAN0002；VLAN100 —VLAN0100
 Example: Add VLANs
• Task: Create 3 VLANs(10,20,30), correspond to NetA, NetB,
NetC.

Switch(config)# vlan 10
Switch(config-vlan)# name NetA
Switch(config)# vlan 20
Switch(config-vlan)# name NetB
Switch(config)# vlan 30
Switch(config-vlan)# name NetC
 2. Assign switch ports to VLANs
1. Assign ports to access mode
Switch(config-if)#switchport mode access

• Optional configuration, recommended for security.

2. Assign a ports to a static VLAN

Switch(config-if)# switchport access vlan vlan-id

• vlan-id is a previously configured VLAN.

 Example: Assign a switch port to one VLAN

• Task: F0/1 — VLAN10；F0/2 — VLAN20

F0/1 F0/2 F0/3 F0/4 F0/5 F0/6 F0/7 F0/8 F0/9 F0/10 F0/11 F0/12
Switch 10 20

Switch(config)# interface f0/1

Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
Switch(config)# interface f0/2
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 20
 Example: Assign multiple ports to one VLAN

• Task1: Assign the ports from F0/3 to F0/6 to VLAN 30

F0/1 F0/2 F0/3 F0/4 F0/5 F0/6 F0/7 F0/8 F0/9 F0/10 F0/11 F0/12
Switch 10 20 30 30 30 30

Switch(config)# interface range f0/3 - 6

Switch(config-if-range)# switchport mode access
Switch(config-if-range)# switchport access vlan 30
 Example: Assign multiple ports to one VLAN

• Task2: Assign the ports F0/8, F0/10, F0/12 to VLAN 30

F0/1 F0/2 F0/3 F0/4 F0/5 F0/6 F0/7 F0/8 F0/9 F0/10 F0/11 F0/12
Switch 10 20 30 30 30 30 30 30 30

Switch(config)# interface range f0/8, f/10, f0/12

Switch(config-if-range)# switchport mode access
Switch(config-if-range)# switchport access vlan 30
 3. Verify VLAN configuration

• show vlan
•Display the details of the VLAN.

• show vlan brief

•Display one line for each VLAN with VLAN name, status and its ports.

• show interface f0/1 switchport

• Display the status of a switching port.
 Verify default VLAN configuration

Switch# show vlan brief

VLAN Name Status Ports

---- ------------------- ----- -----------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig1/1, Gig1/2
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Switch#
 Verify current VLAN configuration

Switch# show vlan brief

VLAN Name Status Ports

---- ------------------- ----- -----------------
1 default active Fa0/7, Fa0/9, Fa0/11, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24,Gig1/1
Gig1/2
10 A-department active Fa0/1
20 B-department active Fa0/2
30 C-department active Fa0/3, Fa0/4, Fa0/5, Fa0/6
Fa0/8, Fa0/10, Fa0/12
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
Switch#
 Verify the status of a switch port
Switch# show interface f0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: static access
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 10 (A-department)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
……(Ignore)
Switch#
Back to the beginning……
 Network Design：With VLAN
Network Center

access

trunk trunk
trunk

access access access

Net A Net B Net C Net A Net B Net C

Building 1 Building 2 Building 3

 Network Design：With VLAN
Network Center

Problem:
• Waste port
Solution:
trunk
• Router-on-a-stick
trunk
trunk

Net A Net B Net C Net A Net B Net C

Building 1 Building 2 Building 3

 Basic Router “Cisco IOS
command”
• Router>enable
• Router#config t
• Router(config)#hostname xxxx
• xxx(config)#service password-encryption
• xxx(config)#enable password cisco
• xxx(config)#banner motd zxxxxz
• NOTE: Must start and end with the same character.
• xxx(config)#no ip domain-lookup
Enter Privileged Exec Mode
Enter global configuration mode
Configure hostname
Encrypt all passwords
Set enable password to “cisco”
Set a message of the day
lookups for mistyped commands.
 Basic Router “Cisco IOS
command”
• xxx(config)#line vty 0 4
• xxx(config-line)#password class
• xxx(config-line)#login
• xxx(config-line)#line con 0
• xxx(config-line)#password class
• xxx(config-line)#login
• xxx(config-line)#loggin sync
• xxx(config-line)#line aux 0
• xxx(config-line)#password class
• xxx(config-line)#login
• NOTE: Not available in Packet Tracer!
• xxx(config-line)#end
Configure virtual terminal lines 0-4 (5 lines/sessions)(Telnet)
Set the VTY password as “class”
Instruct the router to use the password to gain access
Configure console port
Set the console port password as “class”
Instruct the router to use the password to gain access
Set the router to use synchronous command line entries
Configure auxiliary line
Set the auxiliary line password as “class”
Instruct the router to use the password to gain access
Finished
 Basic Router “Cisco IOS command”
• Configuring the basics of an interface:
• Fast Ethernet:
• xxx#config t
• xxx(config)#int fa0/0
• xxx(config-if)#ip address X.X.X.X X.X.X.X
• xxx(config-if)#description xxxxxxx
• xxx(config-if)#no shut
• Serial:
• xxx#config t
• xxx(config)#int S0/0/0
• xxx(config-if)#ip address X.X.X.X X.X.X.X
• xxx(config-if)#description xxxxxxx
• xxx(config-if)#clock rate 2000000
• xxx(config-if)#no shut
Enter global configuration mode
Enter fast Ethernet configuration mode
Enter the IP address and subnet mask of the interface.
Enter the interface description
Turn the interface on
Enter global configuration mode
Enter Serial configuration mode
Enter the IP address and subnet mask of the interface.
Enter the interface description
Enter the clock rate for the serial line, only on the DCE end
Turn the interface on
 Domain Name Service
• Domain Name Service (DNS)
– A popular and important naming service
– Based on the client/server model, DNS translates names into IP
addresses
• Use the ip host command to manually provide name
resolution on a Cisco router
• Lookup
– By default, a Cisco router will try several times to find an IP address
for a name if you enter one

94
 Domain Name Service

• Configuring DNS Lookup

– The command to configure a DNS lookup on a Cisco router is ip
name-server
• The ip domain-lookup command enables DNS if it has previously been
disabled

95
Domain Name System

96
 Dynamic Host Configuration Protocol

• Allows a host to obtain an IP address using a defined range of IP

addresses on a DHCP server.
• As hosts come online, contact the DHCP server, and request an
address.
DHCP Initialization Sequence

Client collects DHCP offer

responses from the server.
DHCP

99
DHCP Features

Automatic allocation
Manual allocation Dynamic
allocation

100
DHCP Operation

101
DHCP Messages Transmitting

102
Configuring DHCP

103
Configuring DHCP Excluding IP

104
Verifying DHCP

105
DHCP Relay

106
 Packet Tracer Lab
Configure Small Network with Following :

1. Basic IOS Command

2. DNS
3. DHCP
4. VLAN
5. SVI
6. Port assignment
7. VTP and
8. IP Addressing
Queries ?