Professional Documents
Culture Documents
(200 - 125)
Page 1 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Contents
CISCO DEVICE SYMBOLS ....................................................................................................................... 6
CISCO System History ............................................................................................................................. 7
CISCO Career Certification ...................................................................................................................... 7
The Network ................................................................................................................................................. 7
Network Devices ................................................................................................................................... 8
Collision Domain ...................................................................................................................................... 9
Broadcast Domain ..................................................................................................................................... 9
Types of Networks .................................................................................................................................. 10
LAN (Local Area Network) ................................................................................................................ 10
WAN (Wide Area Network) ............................................................................................................... 10
MAN (Metropolitan Area Network) ................................................................................................... 10
TAN (Tiny Area Network) ................................................................................................................. 10
CAN (Campus Area Network) ............................................................................................................ 10
SAN (Storage Area Network) ............................................................................................................. 10
PAN (Personal Area Network) ........................................................................................................... 10
HAN (Home Area Network) ............................................................................................................... 10
Telecommunications methods ................................................................................................................ 11
Addressing method ................................................................................................................................. 11
Internet Protocol (IP) Addressing ........................................................................................................... 12
Versions of IP address......................................................................................................................... 12
IP Types .................................................................................................................................................. 13
IP Ranges ................................................................................................................................................ 13
IP Scopes................................................................................................................................................. 14
MAC Address (Media Access Control) .................................................................................................. 14
Subnetting ............................................................................................................................................... 15
Converting decimal into binary........................................................................................................... 15
Subnet Mask........................................................................................................................................ 16
Router Booting Process........................................................................................................................... 18
Basic Command-line Interface................................................................................................................ 19
Troubleshooting and Show commands ................................................................................................... 20
Secure CISCO Router and Switch .......................................................................................................... 21
Cisco Discovery Protocol (CDP) ............................................................................................................ 22
Page 2 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Page 3 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Page 4 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Page 5 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Page 6 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
The Network
What is Network?
➢ Network is an interconnection between two or more computers or devices for the purpose
of sharing resources.
Resources
Page 7 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Network Devices
▪ Network Devices are the components that are used to interconnect
multiple computing devices to form a network, in order to share files or resources.
Repeater
o An electronic device that receives incoming electrical or wireless or optical signals that
are weak or lower in strength and retransmits it at a higher level or higher power. The
physical layer of the OSI model (Layer 1).
Hub
o It is a device which is used to connect multiple computers in order to create a single LAN
network. A hub has 4, 8, 12, 24, 48 ports. This is belongs to physical layer of the OSI
model (Layer 1).
Bridge
o It is a device which is used to connect to different computing device and also used to
divide a large network into small segments. This is belongs to Data Link layer of the OSI
reference model (Layer 2).
Switch
o A network switch generally contains more intelligence. Switches are capable of
inspecting data packets as they are received by determining the source and destination
devices of each packet, and forwarding them appropriately. By delivering messages only
to the connected device intended. Switch operates at the Data Link layer of the OSI
model (Layer 2).
Router
o Routers are used to connect two or more networks together. Routers have sophisticated
routing table which can determine the best route to get information from one network to
another. Routers are used to create separate broadcast domains. Routers belongs to the
Network Layer of the OSI model (Layer 3).
Page 8 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Single collision domain Each port has a collision domain Each port has a collision domain
Single broadcast domain Single broadcast domain Each port has a broadcast domain
Collision Domain
• A collision domain is a set of interfaces for which a frame is sent by one interface could
result in a collision with a frame sent by any other interfaces in the same collision
domain.
Broadcast Domain
• A broadcast domain is a set of interfaces for which a broadcast frame is sent by one
interface and it’s received by all other interfaces in the same broadcast domain.
Page 9 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Types of Networks
LAN (Local Area Network)
• LAN is a network which is implemented in a single geographical location.
Page 10 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Telecommunications methods
➢ Half Duplex
▪ Communication in both directions, but one direction at a time.
E.g. Walkie-Talkie
➢ Simplex
▪ Communication in one direction only.
E.g. a Radio Broadcast
Addressing method
➢ Unicast
▪ Communication between a sender and a receiver.
➢ Multicast
▪ Communication between a sender and selected group of receivers.
➢ Broadcast
▪ Communication between a sender and all receivers in a network.
Page 11 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
IPv4
o An IP address (Internet Protocol) is a binary number that uniquely identifies computer and
other devices on a TCP/IP address can be private for use on a local area network (LAN)-
or public-for use on the internet or other wide area network (WAN).
o - IP addresses can be determined the statically-assigned to a computer by a system
administrator or dynamically assigned by DHCP (Dynamic Host Configuration Protocol).
o - Two IP addressing standards are in use today. The IPv4 standard is most familiar to
people and supported everywhere on the network, but the newer IPv6 standard is gradually
replacing it. IPv4 addresses consist of 4bytes (32bits), while IPv6 are 16bytes (128bits)
long.
Page 12 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
IP Types
➢ Static IP
➢ Dynamic IP
➢ APIPA
IP Ranges
➢ Public Range
o Used in the internet / WAN connections for registered networks.
o Have to buy from an ISP.
➢ Private Range
o Used in the intranet / LAN connections for unregistered networks.
o No need to buy from an ISP.
o Can be assign by the network admin or DHCP server.
Page 13 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
IP Scopes
1.0.0.0 - 126.255.255.255
Class A 10.0.0.0 - 10.255.255.255
Loopback / Stack testing
127.0.0.0 -- 127.255.255.255
Class B 128.0.0.0 - 191.255.255.255
172.16.0.0 - 172.31.255.255
Class C 192.0.0.0 - 223.255.255.255
192.168.0.0 - 192.168.255.255
o This is a hardware address which is burned-in to the Network Interface Card. This
address cannot be changed. (MAC is a Physical address)
Page 14 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Subnetting
We use subnetting to reduce IP wastages. Subnetting is all about taking the default
mask of the IP and extending it. (Extending – Increasing the network bits and decreasing the host bits.)
On a WAN link,
192.168.1.0/24
192.168.1.1 192.168.1.2
128 + 64 + 32 + 16 + 8 + 4 + 2 + 1
192
168
1
1
Page 15 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Subnet Mask
Classful Classless
*Fixed Length Subnet Mask *Variable Length Subnet Mask
(FLSM) (VLSM)
-Class A -Class A
Prefix /8
Subnet Mask 255.0.0.0 Prefix /9 to /15
-Class B -Class B
Prefix /16
Subnet Mask 255.255.0.0 Prefix /17 to /23
-Class C -Class C
Prefix /24
Subnet Mask 255.255.255.0 Prefix /25 to /32
Example Prefix
/3 /30
/5 /34
/11
/13
/15
/21
/25
/27
Page 16 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
*192.168.1.0 /24
128 + 64 + 32 + 16 + 8 + 4 + 2 + 1
1 1 0 0 0 0 0 0 Subnet mask :
Network address :
Frist address :
Last address :
Broadcast address :
Page 17 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Step 01 – The router performs a power-on-self-test (POST) to discover the hardware components and
verify that all components are working properly.
Step 02 – The router copies a bootstrap program from ROM into RAM and runs the bootstrap program.
Step 03 – The bootstrap program decides which IOS image to load into RAM loads that IOS. After
loading the IOS image, the bootstrap program hands over control of router hardware to newly loaded IOS.
Step 04 – After the bootstrap program loaded to IOS, Now IOS find the configuration file (Typically the
startup-config file in the NVRAM) and load it into RAM as the running-config.
Page 18 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Basic modes
➢ User mode: hostname>
Hostname> enable
Basic configuration
Hostname configuration
Hostname (config) #Hostname (any name)
Banner configuration
Hostname (config) #banner motd $ welcome $
Router Configuration
G.M # Interface GigEthernet 0/0
#IP address 192.168.1.1 255.255.255.0
#No shutdown
Switch configuration
G.M #Interface VLAN 1
#No shutdown
Page 19 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Page 20 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Page 21 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
The Cisco Discovery Protocol is a proprietary Data Link Layer and Network Layer protocol developed by
Cisco Systems. It is used to share information about other directly connected Cisco equipment, such as
the operating system version and IP address. CDP can also be used for On-Demand Routing, which is a
method of including routing information in CDP announcements so that dynamic routing protocols do not
need to be used in simple networks.
o Global CDP information: Sending CDP packets every 60 seconds
Sending a hold time value of 180 seconds
CISCO
CISCO CISCO
Page 22 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
o An industry Standard protocol that allows network devices supporting Link layer
discovery protocol (that are layer 2 adjacent) to dynamically discover one or other.
CISCO
NON-CISCO NON-CISCO
The Trivially File Transfer Protocol (TFTP) is an internet software utility for transferring files that is the
simpler to use than the file Transfer protocol (FTP) but less capable.it is use where user authentication
and directory visibility are not required. TFTP uses the user datagram protocol (UDP) rather than the
transmission control protocol (TCP) TFTP is described formally in request for comment (RFC) 1350.
TFTP Command
▪ Save file from RAM to TFTP
Hostname #Copy running-config tftp:
Page 23 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Cabling
Transmission media
WIRED WIRELESS
*Coaxial
-Thin *Infrared
-Thick *Bluetooth
*Twisted Pair *Wi-Fi
-Shielded Twisted Pair
-Unshielded Twisted *Wi-Max
pair
*Fiber Optic
-Single mode Fiber
-Multi mode Fiber
Network Devices
MAC NON_MAC
*N I C *Hub
*Router *Bridge
*Network Printer *Switch
Page 24 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
➢ Crimping Tool
➢ Cable Tester
➢ Punch down tool
➢ RJ-45 Connectors
➢ UTP-cable
STRIGHT THROUGH CABLE CROSSOVER CABLE ROLLOVER CABLE
(mac to non-mac) (mac-mac/non-mac-non-mac) (console)
White orange - white orange White Orange - white Green White orange - Brown
Orange - Orange Orange - Green Orange - White brown
White green - White green White Green - White Orange White Green - Green
Blue - Blue Blue - Blue Blue - White Blue
White Blue - white Blue White Blue - White Blue White Blue - Blue
Green - Green Green - Orange Green - White green
White Brown - white brown White Brown - White Brown White Brown - Orange
Brown - Brown Brown – Brown Brown - White Orange
Page 25 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Application
Presentation Application
Session
Transport Transport
Network
Network
Data link
Physical Network interface
Page 26 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Application
Presentation Software layer
Session
Transport
Network hardware layer
Data link
Physical
Page 27 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
APPLICATION LAYER
PROTOCOL inside TCP / IP
Application
Presentation Application
Session
Page 28 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
▪ Application Layer
• Provides and Interface between software running on a computer and the network itself. Example
for this layer.
HTTP : Hypertext Transfer protocol
TELNET : Telecommunication Transfer Protocol
FTP : File Transfer Protocol
TFTP : Trivial file Transfer Protocol
SMTP : Simple Mail Transfer Protocol
SNMP : Simple Network Management protocol
DHCP : Dynamic Host Configuration Protocol
DNS : Domain Name System
Page 29 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Page 30 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Routed Protocols
- Routed protocols acts as data carries and defines logical addressing.
Ex. IP, IPX, APPLE Talk…etc.
Routing Protocols
-Routing protocols perform path determination (routing).
-Devices work at network layer are router, Multilayer switch.
Ex. RIP, EIGRP, OSPF, BGP...etc.
Page 31 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Page 32 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Switching
• Address Learning
• Forward and Filtering
• Loop Avoidance
Address Learning
-Layer 2 switches and bridges remember the source MAC address of each frame
received on an interface, and enter this information into a MAC-table called a
forward and filter table.
SW1
Port MAC address
Fa 0/1 AAAA
Fa 0/2 BBBB
SW2 Fa 0/3 DDDD
EEEE
Fa 0/4 CCCC
Fa 0/1 AAAA
BBBB
CCCC
Fa 0/2 DDDD
Fa 0/3 EEEE
Page 33 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Loop Avoidance
-If multiple connection between switches are created for redundancy purposes, network loops can
occur, spanning-tree protocol (STP) is used to stop network loops while still permitting
redundancy.
Bridging Loops
*Redundant link between switches provide redundancy also possibility to
create loops when switches do broadcast
*Broadcast storm
*MAC table instability
*multiple frame transmission
*Bridging loops
Page 34 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Page 35 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Page 36 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Verifying spanning-tree
PM #Show spanning-tree
P.M #Show spanning-tree vlan (VLAN ID)
PM #Show spanning-tree root
Page 37 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Uplink fast
- Uplink fast is for speeding convergence when a direct link failure on an uplink switch
face.
- When uplink fast is enable it is enable for the entire switch.
Listening : 15 sec
Learning : 15 sec
Forwarding : 20 sec
1 sec
Page 38 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Backbone fast
-Backbone fast can reduce the maximum convergence delay only from 15 to 30
second.
BPDU GUARD
- BPDU guard prevents loops if another switch is attached to a port fast (access) port.
- When BPDU guard is enable on an interface it is put into an error disable state (basically
shutdown) if a BPDU received on that interface.
- It can be enable at ether config mode effects all (Port fast interface) or at interface mode.
- Port fast does not need to be enable for it to be configure at a specific interface.
GM #Spanning-tree portfast bpdu guard default
PM #Spanning-tree bpdu guard enable
BPDU filter
GM #Spanning-tree portfast bpdu filter default
- If a port fast interface received any BPDUs it is taken out of port fast status.
- The interface still sends some BPDU at the link up.
- If a BPDU is received the interface losses its port fast status
- BPDU filtering is disable
*IM #Spanning-tree bpdu filter enable
- The interface doesn’t send any BPDU + ignores the received one.
- The port is not shutdown this basically disable STP on the interface.
Page 39 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
RSTP
* IEEE 802.1W is a standard way of speeding STP convergence.
* Inbuilt features of port fast, uplink fast, backbone fast path calculation remains same as STP.
RSTP port states
Comparison between 802.1D & 802.1W
STP port steps RSTP port steps
Disable Discarding
Blocking Discarding
Listing Discarding
Learning learning
Forwarding forwarding
Discarding : frames are dropped, no addresses are learned (link down/blocking/during sync)
Learning : frames are dropped, but addresses are learned
Forwarding : frame is forwarded.
Page 40 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Point-to-Point
VLAN
- Divides a single broadcast into multiple broadcast domain.
- A layer 2 security.
- VLAN 1 is the default.
- VLAN can be created from 2 – 1002.
- Can be configured on a manageable switch only.
Benefits for VLAN
- Limit the number of broadcast.
- Better performance.
- Security.
Page 41 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
TYPES of VLANs
- Static VLAN.
- Dynamically VLAN.
Static VLAN
- Static VLANs are based on port number.
- Need to manually assign a port on a switch through a VLAN.
- One port can be a member of only one VLAN.
VLAN config
GM #vlan ………………………
#Name …………………….
Assign port to vlan
GM #Interface ….. ………….
#Switchport mode access
#Switchport access vlan ………..
GM #Interface range ……….. ……….
#Switchport mode access
#Switchport access vlan ………….
Dynamic VLAN
- Dynamically VLANs are based on the MAC address of a pc.
- Switch automatically assign the port to a VLAN.
- Each port can be a member of multiple VLANs.
- For dynamic VLAN configuration, a software called VMPS. (VLAN member policy server) is
needed.
Page 42 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
TRUNKING
- A single VLAN can span over multiple switches.
Types of links / ports
▪ Access link
- Connecting to end devices.
- Port of one VLAN.
▪ Trunk links
- Does not belong to any VLAN.
- Carries multiple VLAN traffic.
- Link between 2 switches.
Frame Tagging
- In order to make sure that same VLAN users on different switches communicate with each other
there is a method of tagging happens on trunk links.
- Tag is added before a frame is send and removed once it is received on trunk link.
- Frame tagging happens only on the trunk links.
Trunking protocols
Trunk configuration
*Switch 2950 & below (option 1) *Switch 3550-above (option 2)
G.M #Interface Fastethernet 0/0 G.M #Interface fastethernet 0/0
#switchport mode trunk #Switchport trunk encapsulation dot1q
#Switchport mode trunk
Page 43 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
INTER-VLAN Routing
- Packets in one VLAN cannot across another VLAN.
- To transfer packets between vlan you must use layer 3 devices.
- Router must have a physical or logical connection to each VLAN so that it can forward packets
Between them.
- Inter-VLAN routing can be performed by on external router that connects to each of the VLANs
on switch.
Inter-vlan methods
- Ligancy method (spate physical gateway on a router).
- Router on a stick.
- Using multilayer switch (layer 3).
Inter-VLAN routing using a router (router on a stick)
Router configuration
G.M #Interface fastethernet 0/0
#No shutdown
G.M #Interface fastethernet 0/0
#Encapsulation dot1q (vlan ID)
#IP address 192.168.1.1 255.255.255.0
Page 44 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Extended vlan
- Cisco refers to be vlan between 1025 – 4096 on extended range vlan.
- Cisco catalyst switches support extended range VLANs under the following, VTP cannot be
used for vlan management (VTP must be configured in transparent mode or it will be off)
Voice vlan
-a vlan that be configured on a cisco catalyst switch for the purpose of carrying voice packets to
End from IP phones.
G.M #Interface fastethernet 0/0
#Switchport voice vlan (vlan ID)
Default vlan configuration
- The voice vlan feature is disabled by default.
- You should configure voice vlan on switch access port.
- The voice vlan should be present and be active on the switch for the IP phone to connect the
communication on the voice vlan.
-The port fast feature is automatically enabled when voice vlan is configured.
- Use PM #Show vlan command to see whether the vlan is present.
Page 45 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Native vlan
- If a packet is received on a dot1q link that doesn’t have vlan tag it is assured
that it belongs to native vlan.
- Default NATIVE vlan s is VLANs.
Page 46 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
2. CLIENT
* Can’t be used to create modify and delete vlans
file.
* Updates its vlan data base based on received
advertisement.
* Forward received VTP massage.
* Can originate VTP advertisement
Ether channel
- Used to aggregate bandwidth between multiple L2 & L3 interfaces.
- Ether channel increases bandwidth for provides redundancy by aggregating individual links
between switches.
- Ether channel load balance traffic over all the links in the bundling.
- Up to 8 links can be used to combine into one logical link.
- Ether chancel can be configured as layer 2 or layer 3.
- Port channel is the logical instance of the physical interfaces.
Ether channel mode
- Ether channel can be dynamically configured between switches using two protocols.
*PAgP (port aggregation protocol) – cisco propriety
*LACP (link aggregation control protocol) –open standard
Guidelines for Ether channel configuration
- Interfaces in the channel do not have to be physically next to each other or on the same module.
- All ports must be on same speed for duplex.
- All port in the bundle should be enabled.
- None of the bundle ports can be a spam port.
- Assign an IP address to the logical port channel interface not the physical ones. (if using a
layer3 ether channel).
- Put all bundle ports in the same vlan or make them all trunks.
- If they are trunks they must all carry he same vlans and use the same Trunking mode.
- The configuration you apply to the port channel interface a effects the entire Ether channel.
-the configuration you apply to a physical interface effects only that interface.
PAgP port Negotiation
PAgP ON AUTO DESIRABLE
ON √ × ×
AUTO × × √
DESIRABLE × √ √
Page 48 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
ACTIVE × √ √
Fa 0/11 Fa 0/11
Fa 0/12 Fa 0/12
PORT SECURITY
- It means blocking unknown person login to the switch by default the MAC address will be
dynamically appear on your database which can stop by on your port-security.
- There 3 violations are,
1. Shutdown : It put the port into error –disable state.
2. Restrict : Ignores all the traffic interface and count the violation.
3. Protect : Ignores all the traffic interface and doesn’t count the violation.
Page 50 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Routing
-Forwarding of packets from one network to another network.
Routing
IGP EGP
Classful Classless
-R I P -R I P V2
-I G R P -EIGRP
-IS – IS
-OSPF
Page 51 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
- It’s used to exchange routing information with routers in the same autonomous system.
Administrative distance
Page 52 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Static route
Advantages are
▪ IP configure by administrative.
▪ It is secured and fast.
▪ No band with usage.
▪ No much CPU process.
Disadvantages are
▪ Administrative has to understand the whole network before implementing.
▪ If one route is down in a network.
▪ If can’t be implemented to a usage network.
▪ The administrative has to reconfigure all the router in the network.
Page 53 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Default route
➢ A default routing protocol its configure for unknown
destination
Page 54 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
RIP V1 RIP V2
Open standard. Open standard.
Class full routing protocol. Class less routing protocol.
Updates are broadcast via Uses multi caste address of 224.0.0.9
255.255.255.255 Metric hop count.
Metric hop count. Maximum hop count 15.
Maximum hop count 15.
Advantages of RIP
▪ Used for small organization.
▪ Exchange interior routing table for every 30 seconds.
▪ No authentication.
▪ Supports authentication.
Disadvantages of RIP
▪ Bandwidth utilization is very high has broadcast for every 30 seconds.
▪ Works only on hop count not considering bandwidth.
▪ Not scalable on hop count is only 15.
▪ Slow convergence.
GM #Router rip
#Network _ _ _ _ _ _ _ _
#Version 2
Page 55 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Page 56 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
A B
224.0.0.10 (hello)
Updates
Updates
Best port
Best port
EIGRP table
1. Neighbor table
▪ Contains distance directly connected neighbors.
2. Topology table
▪ List of all the best routs learn from each neighbor.
3. Routing table
▪ The best route for destination.
➢ Update are through multicast 224.0.0.10
➢ Hello packets are send every 5 seconds.
➢ Convergence rate is fast.
➢ Supports IP, IPX and apple talk protocol.
➢ Supports equal cost and un equal cost load balancing.
➢ It was dual (Diffusing update algorithm).
Page 57 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
K values
K1 :1
K2 :0
K3 :1
K4 :0
K5 :0
Flexible distance
A calculation made by EIGRB to determine the best loop minimize free port to network
Advertise distance
Cost from the next hop router to the destination
EIGRB also free calculate the second-best route is stratified the flexibility
Neighbor AD FD
R2 100 1100
R3 100 600
Successor a route : The primary route to a network based on the having the lowest flexible distance
of all route in the EIGRP topology table.
Feasible successor a route : A backup a route to a network based on the route having the second
lowest feasible distance in the EIGRP topology table
*the feasible condition must be met.
Page 58 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Feasible condition : Before a route can become a feasible successor a route its
advertised distance has to be lower than the disable distance of the
successor route.
Hello
224.0.0.5
Hello
224.0.0.5
- Adjacency are routers that, are neighbors have exchange link state update(LSUs) and data description (DD)
DD
DD
Page 59 of 91
LSUs
ATN Education copy rights @ 2018
LSUs
CCNA
(200 - 125)
Summary D B D Exchange
Summary D B D state
DD
Thanks for Information LS
LS
Ack Ack
I need the complete entry for 40.0.0.0, 50.0.0.0
LS
Request Here is entry for 40.0.0.0, 50.0.0.0 loading
LS
Request state
I need the complete entry for 10.0.0.0, 20.0.0.0 LS
Request
Here is entry for 10.0.0.0, 20.0.0.0
LS
Update Thanks for Information
LS state
Ack
Router ID.
- It’s the name of the router can configure manually using router ID command.
- The highest IP address of the active physical interface of the routers router ID.
- If logical interface configures the highest ip address of the logical interface is router ID
OSPF process.
- To become a neighbor hello, are, subnet mask and authentication should be match.
OSPF table
1. Neighbor table
- It also known as adjacency table.
- Conations list of directly connected router (neighbors).
Page 60 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
2. Database table
- Typically refer to as LSDB (link state database).
- Contains information about all the possible router to the networks with the area.
3. Routing table
- Contain list of best ports of each destination.
Page 61 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
OSPF AREA
- All the routers maintain same database
- Any changes import all the routers
- Area is logical grouping of router
- Minimize the size of database
- Restrict any changes within that areas (not flood outside areas)
- Routers within the same area participation in algorithms.
- OSPF avoids Hierarchical networks deigns with multiple different areas.
RULES
- Must have one area called as area “zero-0” (its backbone area)
- All the area must connect to area zer0
- At least one area border router should be there.
- Interface of the both routers facing must be in the same area.
Advantage of OSPF
- Open standard
- No hop count limitation
- Loop free
- Fast convergence
Disadvantages of OSPF
- Complex designs
- Consumes more CPU discovers
- Supports only equal cost balancing
- Support only IP protocol does not work on IPvX and Appletalk.
Page 62 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
10.0.0.0 update
Page 63 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
0. 0. 0. 255
Number Named
Page 64 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
ACL RULES
- Works in sequential order.
- All deny statement should be given first.
- There should be at least on permit statement.
- Can have one access list per interface per direction.
- To access list per interface one in “inbound” direction and one in “outbound” direction.
- Any time a new earlier added to the access list. If will be replace of the bottom of the list (using
a text editor for access list is highly suggested)
- You can’t remove one line from on access list
Page 65 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Static NAT
- One to one mapping done manually.
- For every private IP needs on register IP address.
Static (ISP) GM #IP route (public network) (subnet mask) (next hop IP)
Default (R1) GM #IP route (any network) (any subnet) (next hop IP)
G.M #IP nat inside source static (private range) (public range)
R1 configuration
G.M #Interface fastethernet 0/0
#IP nat inside
GM #Interface serial 0/0/0
#IP nat outside
Page 66 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Page 67 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
IPV6
Page 68 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
MULTICAST
- In IPV6 multicast address will be starting with FF00:: /18
ANYCAST
- An anycast address is an address that is assign to a set of interfaces that typically belong to
different nodes.
- Similar to multicast, identify multiple interfaces but sends to only one which ever it finds first.
- Unique local & global unicast address can be used as any cast
GM #Interface fastethernet 0/0
#IPv6 address (ipv6 – prefix/ prefix length any cast)
Page 69 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Assign IPv6
*static configures (manual)
GM #Interface fastethernet 0/0
#IPv6 address FC00:11:11:11::1 /64
*auto configure
- State full (via DHCP)
- Stateless (devices get IPv6 address by including the MAC address)
IPV6 Routing
- IPv6 user the same type of routing protocols as IPV4
- With some slight modification to account for specific requirement of IPv6
Page 70 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
RIPng
- Same as IPv4
- Distance vector is hop radiator
- Updated features of IPv6
*users ipv6 for transport
*ipv6 prefix, next hop ipv6 address
*user the multicast group FF 02: 9 for RIP updates
*updates are sent on UDP port 521
RIPng configuration
GM #IPv6 router rip (process ID)
GM #Interface (interface type) (no)
#IPv6 rip (process ID) enable
PM #Show ipv6 protocols
Page 71 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
OSPF V3
OSPF V3 configuration
GM #IPv6 router ospf (process ID)
#Router-id (router ID)
GM #Interface (types) (ID)
#IPv6 ospf (process ID) area (area no)
PM #Show ipv6 ospf neighbor
EIGRP V3
GM #Interface loopback (no)
#IP address (IP) (mask)
GM #IPv6 router eigrp (autonomous system)
#No shutdown
#eigrp router-id (ID) - default take optional
GM #Interface (types) (no)
#IPv6 (protocol) (autonomous system)
PM #Show ipv6 eigrp neighbor
PM #Show ipv6 route
Page 72 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
FHRP
*our first hop router was suddenly down FHRP helps to connect a router to
redundancy and get back easier.
HSRP : Hot Standby Router protocol
VRRP : Virtual Router Redundancy Protocol
GLBP : gateway load Balancing protocol
5. Group
Mac address 0000.0C07.ACxx 0000.5E00.01xx 0007.B4xx.xxxx
9. Preempt
By default, preempt it By default, preempt is on By default, preempt it
disable if active router in VRRP if active router disable if active router is
is down & up again is down & up again it will down & up again
preempted should be automatically become a preempted should be
configured to become master router. configured to become an
an active router again active router again
Page 73 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
HSRP configuration
Definition DHCP : Perfect method of letting IPv6 address to host on large network reduced the
work or network support staff and virtually eliminates entry errors.
Page 74 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
DHCP process
DHCP discover (IP address Request)
DHCP configuration
R1 configuration
GM #Interface fast Ethernet 0/0
#IP address (IP address) (subnet mask)
#No shutdown
GM #IP dhcp pool (name)
#Network (network address) (subnet)
#Default-router (IP address)
#dns-server (IP address)
#dns-server (IP address)
GM #IP dhcp excluded-address (IP address)
#IP dhcp excluded-address (IP address)
#IP dhcp excluded-address (IP address)
R2 configuration
GM #Interface fastethernet 0/1
#IP address dhcp
#No shutdown
PM #Show IP interface brief
Page 75 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Page 76 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
QOS mechanism
* Clarification : Supported by a class oriented QOS mechanism.
* Marking : Used to packets based on clarification
* Conjunction management : Used to priorities the permission of the packets with a queuing
mechanism on each interface.
* Conjunction avoidance : Used to drop packets easily to avoid conjunction later in the
network
* Policing : Used to enforce a rate limit by dropping or marking down
packets.
* Shaping : Used to enforce a rate limit by delaying packets using buffers.
Page 77 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
WAN
2. Circuit switched
3. Packet switched
Page 78 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Leased line
• Permanent connection for the destination.
• Used for short or long distance.
• Bandwidth is fixed.
• Available 24/7
• Uses analog circuit.
• Always same port is used for destination.
• Chargers are fixed whether used or not.
Packet switched
• Uses existing service provider to provide connectivity.
• Cost effective solution for leased line.
Leased line VS Frame relay
• Number of interfaces
• Cost
• Ease of management
Virtual circuit
▪ Connections in Frame Relay are provided by Virtual Circuit.
▪ Multiple logical connections on same physical connection.
DLCI (Data Link Connection Identifier)
▪ Identifier virtual circuit.
▪ Range (16-1007) given by service provider.
▪ Local DLCI maps with remote IP access.
▪ Manual or Automatic mapping.
LMI (Local Management Interface)
▪ Keep alive message used between router and frame relay switch for checking the connectivity.
LMI Types
▪ Cisco (default)
▪ ANSI
▪ Q933.A
Frame Relay Network Types
• Point to Point
• Point to Multipoint
SLA (Service Level Agreement)
▪ An agreement between a service provider and their customers describe in the level of service the
provider guaranties for a specific connection.
CIR (Committed Information Rate)
▪ A bandwidth amounts a service provider guaranties to be available on a certain percentage of the
time on a customer virtual circuit.
Page 79 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Router configuration
GM #Interface serial (serial no)
#No shutdown
#Encapsulation frame-relay
FRS configuration
GM #Frame-relay switching
#No shutdown
#Encapsulation frame-relay
Page 80 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Router configuration
GM #Interface serial (serial no)
#No shutdown
#IP address (IP) (Subnet)
#Encapsulation frame-relay
FRS configuration
Page 81 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
VPN Types
Side to Side VPN
• Allow a company to connect its remote sites to the co-operate backbone securely internet.
Remote Access VPN
• Allow remote users like telecommunicates to securely access to cooperate network where ever
and whenever they need to
Security on VPN
• VPN users IPsec to provide secure communication over internet.
IPsec is an industry wide standard suite of protocol and algorithm.
Allow for secure data transmission over an IP based network.
Page 82 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Data Confidentiality
o Ensure no one see the information (uses strong encryption algorithm)
Data Integrity
o Ensure that the data has not been altered during transmission (uses hashing algorithms)
Page 83 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Cable
Internet connection using cable
• Uses the existing Cable T.V. (CATV) to send data
• Back end connectivity is build based on fiber or coaxial cable.
• Uses cable modem
• Supports high speed and longer distance compared to DSL.
GRE Configuration
G.M #Interface tunnel (Tunnel no)
#IP address (IP) (subnet)
#Tunnel source (source physical interface IP)
#Tunnel destination (destination physical interface IP)
Drawbacks GRE
• Classic GRE tunnel (Point to Point)
• Manual tunnels
• Not scalable
• No encryption
• Static IP on all end points
Page 84 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Page 85 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
IPsec VPN
VPN Example
• VPN replace dedicated point to point links with excluded point to point links that share common
infrastructure
• Customer use VPN’s primary to reduce their operational cost
Example: F.25, frame relay, ATM, GRE, DMVPN, IPsec, IPLS, L2TPV3
What is IPsec?
• Internet protocol security (IPsec) is a of protocols develop by the internet engineering task force
(IETF)
• Allows 2 or more host to communicate in secure manner by authenticating & encrypting each IP
packet of a communication session,
❖ Scale from small to very large networks
❖ Is available in cisco IOS software version 11.3(T) & later
• Included in PIX firewall version 5.0, ASA firewall
• Ensuring packets received only once security service where the receiver can reject old or
duplicate packets in order to defined reply attacks
Page 86 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
VPN types
Site to site VPN
• Allow a company to connect its remote sites to the co-operate backbone securely internet
Remote site VPN
• Allow remote clusters to securely access the co-operate network where ever & whenever they
need to
Page 87 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Monitoring
SYS log
-the router can use SYS log forward log message external Sys log servers 4 storage
GM #Logging (syslog server IP)
#Logging trap (security types)
PM #Show logging
SERCURITY NAMES
0 Emergency
1 Alerts
2 Critical
3 Errors
4 Warning
5 Notification
6 Information
7 Debugging
Manager
Information
Base
Page 88 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
AAA
• Authentication : who are you?
• Authorization : which resources the user is allowed to access and witch operation the
user is allowed to performed.
• Accounting : what did you to spend it on
Page 89 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Page 90 of 91
ATN Education copy rights @ 2018
CCNA
(200 - 125)
Layer 2 security
1. Layer to attacks
• MAC table over flow attacks
• VLAN attacks
• Spoofing attacks (MAC, IP, ARP, and DHCP)
2. Rough network devices
• Wireless hub
• Wireless routers
• Access switches
• Hubs
3. Switch security
• Port security
• DHCP snooping
• IP source guard
• Dynamic ARP inspection
• Strom control
Page 91 of 91
ATN Education copy rights @ 2018