CCNA Enterprise 200 301 Modul1

JOGJAKARTA, 18 – 22 September 2023
Instructor
 Foryanto Jaya Wiguna
 Formal Education:
§ 2007: Bachelor of Computer System, Esa Unggul University (S1)
§ 2000 : Diploma of Technic Control, Bogor of Agricultural Institute (A.Md)
 Working Experiences
§ 2000 – 2001 : IT System Support, PT. Sarijaya Permana Sekuritas
§ 2001 – 2003 : System Administrator, PT. Cakrawala Dunia Pariwisata Indonesia
§ 2003 – 2006 : System Administrator (Linux, Windows and Network), PT. TorGanda
§ 2006 – 2007 : System Administrator (Linux, Windows and Network), PT. BDA+ Design
§ 2007 – 2012 : Post and Pre Sales Network, PT. Metrocom Global Solusi
§ 2012 – 2013 : Pre Sales Network, PT. Sisindokom Lintas Buana
§ 2013 – Now : Trainer Cisco, Juniper at many Training Centers
§ 2013 – Now : Free Lancer as IT Consultant at many Companies
§ 2013 – Now : IT Network Consultant , CV. Multi Kreasindo
 Professional Certifications
HP-AIS, Extreme Network Associate (ENA), CCNA, CCNP (Routing-Switching and Voice), CCIE-Written
(Routing-Switching),JNCIA-JUNOS, JNICIS-ENT, JNCIP-DC, JNCIA-Cloud, Fortinet NSE1, NSE2, NSE3
 HandPhone/WhatsApp : +62-81382734574
 e-mail : foryanto@gmail.com
 Linkedin : linkedin.com/in/foryantojwiguna/
Course Structure
- Module 1: Network Fundamentals
- Module 2: Network Access
- Module 3: IP Connectivity
- Module 4: IP Services
- Module 5: Security Fundamentals
- Module 6: Automation and Programmability
Course Focus
• Objectives are to gain the knowledge and pass the exam – both which will help to achieve IT career goals
• Network Fundamentals – routers, switches, cabling, TCP and UDP, IPv4 and IPv6
• Network Access – VLANs and trunking, EtherChannel
• IP Connectivity – IP routing, OSPFv2
• IP Services – NTP, DHCP, QoS, SNMP
• Security Fundamentals – VPNs, wireless security, port security
• Automation and Programmability – REST APIs, Puppet, Chef, JSON, SDN
• Additional Materials:
- https://learningnetwork.cisco.com/s/certification-exam-tutorials
- https://learningnetwork.cisco.com/s/learning-plan-detail-
standard?ltui__urlRecordId=a1c3i0000005hsQAAQ&ltui__urlRedirect=learning-plan-detail-standard
Exam Details
- Required exam 200-301
- Number of questions 120
- Question types: Multiple Choice (single and multiple answers), drag-and-drop, Sim, Simlet, Testlet
- Length of test 120 minutes
- Recommended experience – Good grasp of networking fundamentals - One or more years of hands-on
experience working in a junior network administrator/ network support technician job role with Cisco
network equipment
- Passing score – not published by Cisco but approximately 800-850 out of 1000
- Specialized CCNA certification exams are retired as of Feb 24th 2020
• Added topics include Next generation firewalls and IPS, Spine-Leaf, Cloud, more detailed wireless
infrastructure, first hop redundancy protocol, TFTP/FTP, expanded security infrastructure, automation and
programmability
• Removed topics include OSI model, VTP, switch stack, EIGRP, BGP, GRE, WAN access
Cisco CCNA
200-301
Thank you and good luck!

PRETEST CCNA (30 Menit)
http://gdlrn.in/PreTestCCNA
!!! Install app Cisco Packet Tracer:
1. Buka skillsforall.com dan klik LOGIN di pojok kanan atas (bisa Continue with
Google account ATAU sign up pakai email lain)
2. Cek email untuk verify
3. Pastikan bisa login di skillsforall.com
4. Download app Cisco Packet Tracer dari CCNA shared folder
5. Install app Cisco Packet Tracer dan Login menggunakan user di
Skillsforall.com
6. buka app Cisco Packet Tracer dan Open file: CCNA-Lab-Day-1.pkt
Module 1: Network Fundamentals
• Lesson 1: Explain the role and function of network • Lesson 8: Configure and verify IPv6 addressing and
components prefix
• Lesson 2: Describe characteristics of network

topology architectures • Lesson 9: Compare IPv6 address types
• Lesson 3: Compare physical interface and cabling • Lesson 10: Verify IP parameters for Client OS
types
(Windows, Mac OS, Linux)
• Lesson 4: Identify interface and cable issues

(collisions, errors, mismatch duplex, and/or speed) • Lesson 11: Describe wireless principles
• Lesson 5: Compare TCP to UDP

• Lesson 12: Explain virtualization fundamentals
(virtual machines)
• Lesson 6: Configure and verify IPv4 addressing and
subnetting
• Lesson 13: Describe switching concepts
• Lesson 7: Describe the need for private IPv4
addressing
Lesson 1: Explain the role and function of network components
• Routers
• L2 and L3 switches
• Next-generation firewalls and IPS
• Access points
• Controllers (Cisco DNA Center and
WLC)
• Endpoints
• Servers
• L2 and L3 Switches
• Layer 2 device (L3 switches are essentially Layer
2 switches with router functionality)
• Forwards frames based on destination MAC
address
• Uses MAC address table, and Frames to determine
how to forward traffic
• Multiple collision domains
• Uses application specific integrated circuit (ASIC)
for hardware based bridging
• Routers
• Layer 3 device
• Creates multiple broadcast domains (set of
all devices on a network segment)
• Uses dynamic routing table to determine how
to forward packets
• Can filter packets with access control lists (ACLs)
• Can be an edge device and connect to Internet
or wide area network (WAN)
• Next-generation firewalls (NGFW)
and IPS
• Provides full Layer 7 inspection
• Provide Network Address Translation
(NAT)
• Provide stateful inspection
• Provide Virtual Private Networks
(VPN)
• Intrusion prevention system (IPS)
• ‘Watches’ the network traffic as it crosses
the network
• Can report on what it finds (security
concerns)
• Malware inspection
• Access points
• Wireless – Wifi – 802.11a/b/g/n
• Mounted on ceilings or walls
• Internal or external antennas
• Standalone or ‘lightweight’ (managed by
WLC)
• Acts as bridge so Layer 2
• Controllers (Cisco DNA Center and WLC)
• Wireless LAN Controller (WLC)
• Manages access points
• Deploy SSIDs to groups of APs
• Digital Network Architecture (DNA) Center
• Cisco SDN Controller
• Centrally manage devices configuration
through applications
• Endpoints
• End user compute (EUC) device
• Has IP address and serves a purpose
on the network
• PCs, laptops, IP phones, printers,
tablets
• Servers
• Provides a specific service that is
consumed by endpoints
• Has IP address and is usually located
in the data center
• Web server, application server, DHCP
server, DNS server, etc
components prefix

types


(virtual machines)
subnetting
addressing
Lesson 2: Describe characteristics of network topology
architectures
• 2 tier
• 3 tier
• Spine-leaf
• WAN
• Small office/home office (SOHO)
• On-premises and cloud
architectures
3 tier
• Hierarchical and logical design
• Avoids the need for a fully meshed network in which all
nodes are connected
• Core
• ‘Center’ of network
• High availability, minimal latency and fast convergence
• Aggregation point for all other areas of network
• Layer 2 / Layer 3
• Distribution / aggregation
• Aggregates traffic from all nodes and uplinks from the access layer
• Perform routing, access lists, security devices
• Layer 2 / Layer 3
• Access / Edge
• Point of entry into the network for end user devices
• Layer 2
architectures
2 tier (Collapsed Core)
• Combines core and distribution layers, usually
in a single device
• Usually deployed for a smaller size company or
branch office
• Reduces costs by not having to purchase
separate hardware
• Distribution layer can also sometime be
referred to as the aggregation layer
architectures
Spine-leaf
• Spine
• Connects to each leaf
• Spines do not connect to each other
• Leaf
• Connects to each spine
• Leafs do not connect to each other
• Traffic always traverses the same number of
devices which keeps latency predictable
• Fully redundant connectivity
• Top-of-rack switching
• The actual rack in the data center where devices
are installed
• Each leaf switch would sit a the top of the rack
• Servers would sit below the leaf and be wired to
connect to it
architectures
WAN
• Connects networks that are in different local
calling areas
• Lease data communication circuits from a public
carrier
• Can be national or international
• Demarcation point (DMARC)
• Physical point at which a telecommunications
company’s public network ends and the
customer’s private network begins.
• Customer Premise Equipment (CPE) – The first
piece of customer equipment that will receive the
carriers connection
• CSU/DSU – Channel service unit / Data service
unit – device between Demarc and CPE – provides
clocking of the line to the router
architectures
WAN – Connection Bandwidth
Type Information Bandwidth
DS0 Basic digital signaling rate, 1 DS0 = 1 voice/data line 64 Kbps
T1 Also known as a DS1, 24 DS0 circuits bundled 1.544 Mbps
E1 European equivalent of a T1, 30 DS0 circuits bundled 2.048 Mbps
T3 Also known as a DS3, 28 DS1 circuits bundled 44.736 Mbps
OC-3 Optical Carrier – Fiber – 3 DS3 circuits bundled 155.52 Mbps
OC-12 Optical Carrier – Fiber – 4 OC3 circuits bundled 622.08 Mbps
OC-48 Optical Carrier – Fiber – 4 OC12 circuits bundled 2488.32 Mbps
architectures
Small office/home office (SOHO)
• Generally for a single worker or a very small
number of workers
• Connectivity is through services such as DSL or
cable for Internet access
• Uses virtual private network (VPN) to connect
over the Internet to corporate network
• SOHO Router – Device that connects to the
Internet and is usually equipped with many
functions - switch, wireless, firewall, etc
architectures
On-premises and cloud
• On-premises - Corporate IT infrastructure
equipment is on-site, usually at a data center the
company owns
• Cloud – company utilizes another companies IT
infrastructure is a separate data center (providers
are AWS, Microsoft Azure, etc)
• Provides access to data anywhere anytime
• Streamlines IT operations by only purchasing
necessary services
• Decreases the need for onsite IT equipment
• Very scalable – can increase/decrease quickly
components prefix

types


(virtual machines)
subnetting
addressing
Lesson 3: Compare physical interface and cabling types
• Single-mode fiber, multimode fiber,
copper
• Connections (Ethernet shared
media and point-to-point)
• Concepts of PoE
Copper
• Twisted pair
• Two or more pairs of copper wire twisted together and housed in
a single protective sheath.
• Wire that carries electricity transmits and receives electromatic
energy and nearby wires can interfere with each other creating
crosstalk
• To reduce crosstalk, the wires are twisted
• Unshielded Twisted Pair (UTP) – uses a plastic sheath – good for
telephone wiring and LAN communications
• Shielded Twisted Pair (STP) – protective sheathing around the
copper wire and wrapped in foil to cut down interference –
supports longer distances
• Coaxial/RG-6
• routers television signals and is standard for Cable TV (CATV)
• Twinaxial
• “Twinax” similar to coax but with two inner conductors and used
for application data
Copper
• Termination standards
• TIA/EIA-568A
• TIA/EIA-568B
• Difference is in the pin assignments

• TIA/EIA-568B is more commonly used
• Both sides of the cable need to be the same
• Crossover cable
• Used to connect two devices directly together that are at
the same layer of the OSI model
• ‘switch to switch’ ‘router to router’
• Transmit pairs of the cable are ‘crossed over’ to the
receive pairs
• Most modern switches and routers use medium
dependent interface crossover (MDI-X) which can detect a
similar device and will automatically cross the pairs over
Connector types
• Registered jack (RJ) (Copper)
• RJ11
• 6 pin (2 conductors in use)
• Commonly used for telephone cable
• RJ45
• 8 pin (8 conductors in use)
• Commonly used for ethernet LAN
cabling
• F-type connector
• Cable modem, cable TV, coax
• RG6 type
• Media converters
• Copper to fiber or vice versa
• Scenario is when you have a fiber run and
the switch to connect it to only has
copper ports
Fiber
• Fiber optic cable carries light pulses
• Can support high data rates and long
distances
• Moderately more expensive harder to
install
• Low attenuation and EMI immune
• Types
• Single-mode (SMF)
• Small core (9 microns) light travels in one ray
• Optimal for very fast transmissions
• Used over long distances (100km)
• Multimode (MMF)
• Usually 62.5 micron core light travels down
the core in many rays (called modes)
• Less distance capability and is less expensive
Ethernet standards
• Copper
• 10Base-T (IEEE 802.3) – 10 Mbps with category 3 unshielded twisted pair (UTP) wiring, up to 100 meters long.
• 100Base-TX (IEEE 802.3u) – known as Fast Ethernet, uses category 5, 5E, or 6 UTP wiring, up to 100 meters long.
• 1000Base-CX (IEEE 802.3z) – Gigabit Ethernet uses copper twisted-pair cabling. Up to 25 meters long.
• 1000Base-T (IEEE 802.3ab) – Gigabit Ethernet that uses Category 5 UTP wiring. Up to 100 meters long.
• 10GBase-T (802.3.an) – 10 Gbps connections over category 5e, 6, and 7 UTP cables.
• 40GBASE-T (802.3bq) - 40 Gbps on 4-twisted pairs cable, Category 8 wiring. Up to 30 meters
• Fiber
• 100Base-FX (IEEE 802.3u) – a version of Fast Ethernet that uses multi-mode optical fiber. Up to 412 meters long.
• 100BASE-SX – Less expensive version of 100Base-FX using LED optics. Distance limited to 300 meters.
• 1000Base-SX (IEEE 802.3z) – 1 Gigabit Ethernet running over multimode fiber-optic cable. 220-550 meters depending on cable type
• 1000Base-LX (IEEE 802.3z) – 1 Gigabit Ethernet running over single-mode fiber. Distance of 5 kilometers. Using multi-mode distance is 550 meters.
• 10GBASE-SR (IEEE 802.3ae) - 10 Gigabit Ethernet running over multi-mode fiber. Distance of 26 – 400 meters (Short Range)
• 10GBASE-LR (IEEE 802.3ae) - 10 Gigabit Ethernet running over single-mode fiber. Distance of 10 kilometers (Long Range)
• Wavelength-Division Multiplexing
• Multiple types of signals bidirectional over the same strand of fiber using different wavelengths
• Coarse wavelength division multiplexing (CWDM)
• Four 3.125 Gbit/s carriers over four different wavelengths
• Dense wavelength division multiplexing (DWDM)
• Up to 160 signals for 1.6 Tbit/s total throughput!!
• Power over Ethernet
• Both power and data can be transmitted over an
Ethernet connection!
• Used for VoIP phones, wireless APs, security
cameras, etc
• PoE (802.3af) – 15.4w power
• PoE+ (802.3at) – up to 25.5w power
• Switch and device need to support the same PoE
standards and switch has finite amount of power
• Can also use a power injector to power a PoE
device
components prefix

types

(collisions, errors, mismatch duplex, and/or • Lesson 11: Describe wireless principles
speed)
• Lesson 5: Compare TCP to UDP • Lesson 12: Explain virtualization fundamentals

(virtual machines)
subnetting

addressing
Lesson 4: Identify interface and cable issues (collisions, errors,
mismatch duplex, and/or speed)
• Collisions, errors, mismatch duplex,

and/or speed
• Show interface
• Will show switchport interface status with
lots of info – up/down, duplex/speed,
errors, etc
• Defaulting an interface will reset counters
• Duplex
• Full or half
• Same on both sides, auto is widely
used
• Speed
• 10, 100, 1000
• Same on both sides, auto is widely
used
• Interface errors or alerts
• CRCs
• Giants/Runts
• Dirty optical cables
• Always keep fiber optic cable ends in
their casing until they need to be used
or the run the risk of getting ‘dirty’
• Can clean the ends with glass cleaner
and blow out the insert with canned
air
• If you have a fiber cable tester, use
before installing the cable
• Open/short
• Open circuit – not completed
• Partial break in a wire or issue on a
patch panel punch down
• Cable tester will identify this issue
• Collisions
• Transmit pair of wires is the same on both sides of
the connection
• Half-duplex
• When a collision happens, a retransmit happens
• Most modern switches operate in full-duplex by
default
• If you find one or both sides of connection at half-
duplex, manually configure it for full-duplex
• Duplexing issues
• Found when speed and/or duplex are set statically
and do not match on both sides
• If duplex is half on one side and full on the other
there will be errors on both sides
• If speed is mismatched, the link will not even come
up
components prefix

types


(virtual machines)
subnetting
addressing
Lesson 5: Compare TCP to UDP
• Compare TCP to UDP

• TCP and UDP
• Both Layer 4 (Transport Layer)
• Both use Multiplexing
• Allows receiving hosts to choose the correct app
based on port number
• TCP = Transmission Control Protocol
• Connection oriented and feature rich
• Error Recovery (Reliability)
• Numbering and acknowledging data with sequence
and acknowledgement header fields
• Flow Control using Windowing
• Uses window sizes to protect buffer space
• Connection Establishment and Termination
• Initiate port numbers and sequence and
acknowledgement field
• Ordered Data Transfer
• Continuous stream of bytes from an upper layer
process that is segmented for transmission and
delivered to upper layer processes at the receiving
device with the bytes in the same order
TCP Header Fields
Field Description
Source Port Port number of the app on the host sending the data
Destination Port Port number of the application requested on the destination host
Sequence Number Number used by TCP that puts the data back in the correct order or retransmits
data during a sequencing process
Acknowledgement Number TCP octet that is expected next
Header Length Number which indicates where the data begins
Reserved Setting is 0
Code Bits/Flags Controls functions used to setup and terminate a session
Window Window size the sender is willing to accept
Checksum Cyclic Redundancy Check (CRC) checking the header and data fields
Urgent If on, indicates the offset from the current sequence number
Options If 0, no options are present
Data Handed to TCP protocol at transport layer which includes headers
• UDP = User Datagram Protocol
• Connectionless
• No reliability, no windowing, no
reordering, etc
• Smaller headers, doesnt slow down
• Used for real time media such as voice
and video
Layer 7 - Application
Layer 6 - Presentation
Layer 5 - Session
Layer 4 - Transport
Layer 3 - Network
Layer 2 - Data Link
Layer 1 - Physical
• TCP Connection Establishment

• Agrees on port numbers and window
size
• Known as a ‘3 way’ handshake
• Must be agreed upon before data
transfer can happen
Transmission Control Protocol
(TCP)/ User Datagram Protocol
(UDP) headers
• TCP flags
• Determines how the data is
processed
• Acknowledgement and Push flags
are ON
• Payload is the data
• This is the whole reason!
Differences between TCP and UDP
TCP UDP
Connection oriented Connectionless
Feature rich Low overhead
Sequenced unsequenced
Acknowledgements No acknowledgements
Windowing flow control No windowing or flow contorl
Reliable Unreliable
Usage: Web traffic, application traffic Usage: Voice, video, real-time
Application, Port number
FTP data and control, 20 & 21 TFTP, 69
SSH, 22 DHCP, 67 & 68
Telnet, 23 SNMP, 161
SMTP, 25 RTP Based voice/video 16384 - 32767
DNS, 53 DNS, 53
components prefix

types


(virtual machines)
subnetting
addressing
Lesson 6: Configure and verify IPv4 addressing and subnetting
• Configure and verify IPv4

addressing and subnetting
IPv4 IP Addressing Term Description
Bit One digit – a 1 or 0
• An IP address is a numeric address Byte Eight bits
assigned to each machine on a Octet One section of an IP address. Eight
network bits
Network Address IP address used in routing to send
• 32 bits in length, divided into four packets to another network
sections called octets (10.10.10.0)
• Dotted decimal (10.10.10.10) Broadcast Address IP address used by application and
hosts to send a packet to all devices
• Binary (10101100.00010000.00110101) on the network (10.10.10.255)
• Hexadecimal (AC.10.1E.38)
• 232 or 4,294,967,296 total addresses!
Automatic Private IP Addressing
(APIPA)
• Enables computers to automatically
self-configure an IP address and
subnet mask when their DHCP server
isn't reachable.
• The IP address range for APIPA
is 169.254. 0.1-169.254. 255.254, with
the subnet mask of 255.255.
• Can only communicate with own
computer
• Known as a link-local address
Unicast
• One-to-one transmission from one point in the network to another point; that is, one sender
and one receiver, each identified by a network address.
• Good for events such as file transfers
Broadcast
• Delivers a message to all nodes in the network using a one-to-all association; a single packet
from one sender is routed to all of the endpoints associated with the broadcast address. Does
not go outside of the subnet.
• Hex: ff:ff:ff:ff:ff:ff, or all 1’s in binary | Used in many areas including DHCP and ARP
Multicast
• Delivers a message to a group of nodes that have expressed interest in receiving the message
using a one-to-many-of-many association; packets are routed simultaneously in a single
transmission to many recipients. Multicast differs from broadcast in that the destination
address designates a subset, not necessarily all, of the accessible nodes.
• 224.0.0.0 – 239.255.255.255 |Used in video streaming applications
Anycast
• Delivers a message to any one out of a group of nodes, typically the one nearest to the source
using a one-to-one-of-many association where packets are routed to any single member of a
group of potential receivers that are all identified by the same destination address.
• Used geographically across the Internet, DNS lookups for example
Loopback
• Always up virtual interfaces that can
be used for routing IDs as well as
troubleshooting
• 127.0.0.1 is an example
• Can use on local computer to test own
Network card and configuration
Default gateway
• Device with IP address on the local
network which has the ability to route
traffic to different networks if the
destination does not reside it its own
network
Classes of Networks
• 2 reserved addresses per network
• Network ID
• All binary 0’s in host part (0 in decimal)
• Network broadcast
• All binary 1’s in the host part (255 in decimal)
• Packets sent to this address are sent to all devices on the network
• First usable address is 1 after the network ID

• Last usable address is 1 before the broadcast ID
• Classless (variable-length subnet mask)
• Very flexible and widely used today
*Class D is for multicast

and uses 224.0.0.0
addressing
*Class E is reserved and

ranges from 240.0.0.1 to
254.255.255.254
IPv4 subnetting
• Takes a Class A, B, or C network and
divides it into smaller groups
• Subnet = subdivided network
Default Subnet Network Bits

• 255.0.0.0 8
• 255.255.0.0 16
• 255.255.255.0 24
CIDR Notation for Subnet Masks • Example:

• Classless Inter Domain Routing Subnet Mask: 255.255.255.0 (decimal form)
11111111 11111111 11111111 00000000 (binary)
• Allows flexibility that the classful Count the ones = 24
option does not give This is a /24 subnet
• Example:
Subnet Mask: 255.255.255.224 (decimal form)
11111111 11111111 11111111 11100000 (binary)
Count the ones = 27
This is a /27 subnet
Binary Decimal
Converting from binary value to CIDR
00000000 0
11111111 11111111 11111111 00000000 10000000 128
255.255.255.0 or /24 11000000 192
11100000 224
11111111 11110000 00000000 00000000 11110000 240
255.240.0.0 or /12 11111000 248
11111100 252
11111111 11111111 10000000 00000000 11111110 254
255.255.128.0 or /17 11111111 255
Converting from CIDR to binary

/28
11111111 11111111 11111111 11110000
255.255.255.240
Address 8.1.4.5 /16 199.1.1.100 /24
Variable Length Subnet Masks (VLSM) Mask 255.255.0.0 255.255.255.0
• Allows significant flexibility for network # Network bits 8 24
subnet sizes # Host bits 16 8
• Need to be able to analyze and choose # Subnet bits 8 0
appropriate subnet masks # Hosts / subnet 216-2 = 65534 28-2 = 254
• Compare 1st octet of address to class table for # Subnets 28 = 256 20 = 1
Network bits
• Subtract prefix length from 32 to find Host
bits
• Subtract # of combined network and host bits
from 32 to find Subnet bits
• S = # of subnet bits
• H = # of host bits
• # of subnets = 2S
• # of hosts per subnet = 2H-2
Quick Subnetting – necessary for speed on the exam
IP 192.168.4.221 /17
Subnet 255.255.128.0
Network 192.168.0.0
Bcast 192.168.127.255
First IP 192.168.0.1
Last IP 192.168.127.254
IP 10.1.15.7 /29
Subnet 255.255.255.248
Network 10.1.15.0
Bcast 10.1.15.8
First IP 10.1.15.1
Last IP 10.1.15.7
components prefix

types


(virtual machines)
subnetting
addressing
Lesson 7: Describe the need for private IPv4 addressing
• Describe the need for private IPv4

addressing
Public vs private
• TCP/IP RFC 1918 defines a set of private
networks that can be used for
internetworks that do not connect to the
Public IP addresses
Internet.
• This set of private networks will never be
assigned by ICANN (Internet Corporation
for Assigned Names and Number) to any
organization for use as registered public
network numbers.
• Any org can use these network numbers.
However, no org is allowed to advertise
these networks using a routing protocol
on the Internet.
• Network Address Translation (NAT)

• Map multiple local private addresses to a
public one before transferring the
information.
• Could be one to one or many to one
• Organizations that want multiple devices
to employ a single IP address use NAT.
• Port Address Translation (PAT)
• Type of NAT
• Many IPs can be mapped to one using
ports
•
components prefix

types


(virtual machines)
subnetting
addressing
Lesson 8: Configure and verify IPv6 addressing and prefix
• Configure and verify IPv6

addressing and prefix
IPv6 Benefits
• Primary goal of IPv6 is to significantly increase the
number of available IP addresses.
• ARIN (American Registry for Internet Numbers)
and ICANN (Internet Corporation for Assigned
Names and Number) running out of public IPv4
address to hand out
• Mobile devices are exponentially increasing the
need for more IP addresses 340 Trillion Trillion Trillion
340,282,366,920,938,463,463,374,607,431,768,211,456
• Encapsulation enhancements which allows for
faster forwarding rates by routers IPv6 uses a 128-bit IP address, rather than the 32 bits
• Stateless autoconfiguration allows a device to defined by IPv4.
DYNAMICALLY acquire and IP address WITHOUT a
DHCP server A 128-bit address structure provides well over 1038
possible IP addresses.
• Security feature which allows two devises to build
a secure tunnel without user intervention
•
Details of an IPv6 address
Shorthand Notation FE00:0000:0000:0001:0000:0000:0000:0056

• Omit leading zeros will become
• Represent one or more quartets of all FE00:0:0:1::56
zeros with a double colon (::) (can only
do once)
Address Assignment
• Static Address Assignment
• Specify all 128 bits manually
• Specify the first 64 bits manually and use
Extended unique identifier (EUI-64) for the
remaining 64 bits
• Device will use the MAC address of its
interface along with adding “FFFE” and
inverting the 7th bit of interface ID to generate
a unique 64-bit interface ID.
• Stateless Autoconfiguration
• DHCPv6 • Extension of DHCPv6
• Similar to IPv4 version and known as stateful • No DHCP server necessary!
autoconfiguration • Uses router advertisement info as well as
• Client will detect a router via neighbor EUI-64
discovery, if router advertisement messages • Designed for devices such as cell phones
contain DHCPv6, client will send out a DHCP and IoT enabled devices
solicit message
ICMPv6
Similar to ICMP in IPv4 helps with troubleshooting (PING,
traceroute, etc) but has enhancements!
• Router solicitation and advertisement • Neighbor Discovery Protocol (ND)

• Uses Multicast (NOT broadcast) • Uses Multicast (NOT broadcast)
• Devices can query routing devices on a segment • Replaces ARP in IPv4
• Gives devices the information they need to auto- • Router Solicitation (RS) and Router
configure themselves Advertisement (RA)
• This communication will have source and
destination MAC addresses in the frames
• Duplicate Address Detection (DAD) • Gives devices the information they need to
auto-configure themselves or update
• In the RARE chance that two devices would auto
assign themselves the exact same address appropriate tables
• Once host has an IPv6 address, it sends out 3 DADs
to see if anyone else has that address
components prefix

types


(virtual machines)
subnetting
addressing
Lesson 9: Compare IPv6 address types
• Compare IPv6 address types

Compare IPv6 address types IPv6 Header

• Unicast and multicast still used such
as in IPv4
• Broadcast is eliminated
• Anycast is introduced
• Multiple addresses of any type can be
assigned to a device interface: unicast,
multicast, anycast
• IPv4 header is 20 bytes, IPv6 is 40 bytes
(even though its address is 128 bit vs 32
with IPv4)
• Fields are minimized and streamlined
• IPv6 is fixed at 40 bytes (IPv6 header can
be variable length)
Global unicast address (2000::/3) Multicast (FF00::/8)
• Most typical IPv6 address • Works like Multicast in IPv4, only packets tuned
in will receive
• Routable on the Internet (like IPv4 public
• One-to many
addresses)
• Always start with FF
Link-local address (FE80::/10) Anycast

• Similar to Automatic Private IP Address (APIPA) • Similar to multicast where an anycast address
(169.254….) identified multiple interfaces on multiple devices
• Packet is only delivered to ONE device – the
• Not meant to be publicly routed closest one based on routing distance
• Primarily used by routers (not client devices)
Unique local address (FC00::/7)
• Similar to IPv4 private addressing, but are nearly
globally unique
• Designed to replace site local addresses
Special Addresses
Address Description
0:0:0:0:0:0:0:0 Shorthand is ::. And same as IPv4 0.0.0.0. Is source address of
host before receiving an IP
0:0:0:0:0:0:0:1 Shorthand is ::1 and same as IPv4 127.0.0.1 Used for loopback
0:0:0:0:0:0:172.16.10.1 IP address in a mixed IPv4 / IPv6 environment
2000::/3 Global unicast address range
FC00::/7 Unique local unicast range
FE80::/10 Link-local unicast range
FF00::/8 Multicast range
3FFF:FFFF::/32 Reserved for examples and documentation
2001:0DB8::/32 Reserved for examples and documentation
2002::/16 Used with 6to4 tunneling (IPv4 to IPv6 transition system)
components prefix

types


(virtual machines)
subnetting
addressing
Lesson 10: Verify IP parameters for Client OS
• Verify IP parameters for Client OS

Manual Configuration
• Access the network interface and input
the IP address, subnet mask, and default
gateway
Dynamic Configuration
• Utilize Dynamic Host Control Protocol
(DHCP) server which has a scope of IP
addresses
• Client reaches out to DHCP server and
gains an IP, subnet mask , and gateway, as
well as potentially other info such as DNS
and NTP
• Preferred method for clients
Configure TCP/IP on OS
• Windows 10
• Control panel -> Network and Internet
-> Network and Sharing Center ->
Change adapter settings -> right click
Ethernet -> Properties
• Linux
• (command line) ifconfig eth0
10.10.10.2 netmask 255.255.255.0
• MacOS
• System preferences -> network ->
advanced -> TCP/IP tab
Verify IP address settings

• Windows – Open command prompt
and type ipconfig. Can also use
ipconfig /all for more detailed info
• Linux – ifconfig via command line.
Can also use Network Manager
nmcli.
• MacOS – ifconfig via terminal
Additional verification tools
• Ping
• Uses ICMP to query by IP address or by name
• Some devices block ICMP so a failed ping doesn’t
necessarily mean the device you are trying to
reach is is down
• nslookup/dig
• Tool to help diagnose DNS problems
• Use dig for Unix/Linux
• You can set the DNS server to query by using
the server= argument
Additional verification tools
• traceroute/tracert
• Windows is tracert
• Linux/Unix is traceroute
• Performs a ping on each hop to a destination
IP address
• Helps you map the path to the destination device
components prefix

types


(virtual machines)
subnetting
addressing
Lesson 11: Describe wireless principles
• Nonoverlapping Wi-Fi channels

• SSID
• RF
• Encryption
• Wireless technologies allow users to connect to the
network without using an ethernet cable
• Use radiated energy waves (radio waves) to transmit

data (vs ethernet which uses electrical signals)
• Site surveys are completed to determine where and

how many access points should be installed to provide a
certain level of coverage
• Wireless is installed in most office buildings and allows

users to move from location to location and stay on the
network at all times
• Used in warehouses and distribution centers as forklifts

pick up product and move it from one area to another
• Used to cover outdoor areas

• 802.11 standards
• To send data over wireless, the IEEE has developed the
802.11 specification which defines half-duplex
operations
using the same frequency for send and receive
operations on a WLAN.
• 802.11a
• Frequency 5.0 Ghz
• Divided into multiple parts for indoor/outdoor use
• Bandwidth 5/10/20MHz
• Data Rate 6, 9, 12, 18, 24, 36, 48, 54 Mbps with OFDM
• Many (12-13) non-overlapping channels
• 802.11b
• Bandwidth 22MHz
• Data Rate 1, 2, 5.5, 11 Mbps
• 1, 6, 11 non-overlapping channels
• 802.11g
• Bandwidth 5/10/20MHz
• Data Rate 1, 2, 5.5, 11 Mbps with DSSS
• Data Rate 6, 9, 12, 18, 24, 36, 48, 54 Mbps with OFDM
• 1, 6, 11 non-overlapping channels
• Backwards compliant with 802.11b but at lower rates
• 802.11 standards
• 802.11n (WiFi 4)
• Frequency 2.4/5.0 Ghz
• Bandwidth 20/40MHz
• Data Rate up to 288 on 20MHz
• Data Rate up to 600 on 40MHz
• Backward compatible with 802.11b, g, a.
• Multiple-Input, Multiple-Output (MIMO)
• Uses multiple antennas to send/receive which increases throughput
• Channel aggregation
• Combine two 20Mhz channels to 1 40Mhz channel
• 802.11ac (WiFi 5)
• Bandwidth 20/40/80/160MHz
• Data Rate approx. 7Gbps on eight 160MHz channels
• Multi-User MIMO (MU-MIMO) (downstream only)
• AP can communicate concurrently with multiple clients enabling
faster data rates
• 802.11ax (WiFi 6)
• Frequency 2.4/5.0/6.0 Ghz
• Bandwidth 20/40/80/160MHz
• Data Rate up to 9,608 on 160MHz
• 8 bi-directional MU-MIMO streams
• High Efficiency (HE) – designed for high density environments
• Frequencies and range
• The FCC (US based) licenses certain frequency
bands for uses such as AM and FM radio.
• Some of these bands are left unlicensed.
• Wireless utilizes two of these unlicensed
bands:
• 2.4GHz
• 11 overlapping channels within this band.
• 3 are used: 1, 6, 11 (non-overlapping)
• Bigger range, less speed
• 5GHz
• Many non-overlapping channels
• Smaller range, more speed
• Channel bonding is used to get the higher
frequencies
Service Set Identifier (SSID)
• Name of the wireless network you would join, tied to a WLAN, and WLAN ties
to a VLAN
• Basic Service Set Identifier (BSSID)
• AP that only offers one SSID and multiple APs offer that SSID use BSSID to tell them
apart – uses name with MAC address of AP
• Basic service set

• One device sets a network name and radio parameters, and the other uses it to
connect
• The area in which a device is reachable
• Extended service set

• When more than one AP is connected to a common network
• Provides larger coverage area
• Allows clients to move from one AP to the other and still be on the same LAN
• To provide enough APs for adequate bandwidth per client
• Extended Service Set Identifier (ESSID)

• The network name shared across access points
• Roaming
• When a client moves from one AP to another and stays on the same SSID they ‘roam’
to the other AP
• Is able to keep the same IP address
• This generally happens then they are walking to another area of a building or are on
a device such as a forklift or golf cart
• Encryption Standards
• WiFi Protected Access (WPA) • Personal
• Cisco answer to WEP (which just used a pre-shared key • WPA2/3 using a pre-shared key (PSK)
and not secure)
• Enterprise
• Encryption - Dynamic key exchange using Temporal Key
Integrity Protocol (TKIP) • WPA2/3 using an authentication server
• 802.1x user authentication or pre-shared keys for authentication
• WPA2
• CCMP block cipher mode – Counter mode with cipher
block chaining message authentication code protocol
• AES for encryption
• Message Integrity Check (MIC) with CBC-MAC
• Very secure but it is possible to be brute-forced
• WPA3
• GCMP Block Cipher Mode
• Galois Counter Mode Protocol
• Stronger encryption than WPA2
• AES for encryption
• MIC with Galios Message Authentication Code (GMAC)
• PSK Mutual Authentication (Client and AP)
• Simultaneous Authentication of Equals (SAE)
• Diffee-Hellman key exchange with authentication
components prefix

types


(virtual machines)
subnetting
addressing
Lesson 12: Explain virtualization fundamentals (virtual machines)
• Virtual machines
Virtual network concepts
• Virtual desktop
• Virtual end user compute device which exists in a
virtualization platform such as VMWare Horizon
View
• Virtual Desktop Infrastructure (VDI) is the overall
system that maintains the virtual desktop
environment
• Many companies embracing this technology
• Give you access to your desktop from anywhere!
• vSwitch
• ensures connections between virtual
machines as well as connecting virtual and
physical networks.
• Located within the virtual host
• Virtual network interface card (vNIC)
• Each Virtual Machine (VM) has a vNIC
Virtual network concepts
• Network function virtualization (NFV)
• Collapses multiple network functions into one
virtual host and manage from hypervisor
• Virtual switch, firewall, etc
• Hypervisor
• Hardware, software, or firmware capable of creating
virtual machines and then managing and allocating
resources to them.
• Type 1
• Bare metal hypervisor
• Entire server and OS dedicated to virtualization, hypervisor can
directly access all hardware
• Most common for general use
• Examples include VMWare ESXi, Citrix Xen, Microsoft Hyper-V
• Type 2
• Desktop virtualization
• Runs on top of desktop OS as an application
• Used for IT/Dev testing, minimal features, simple, cheap
• Examples include Vmware Workstation/Fusion, KVM
components prefix

types


(virtual machines)
subnetting
addressing
Lesson 13: Describe switching concepts
• MAC learning and aging

• Frame switching
• Frame flooding
• MAC address table
MAC address learning, flooding, filtering
1. PC A sends frame to PC D, the frame has source
address of PC A MAC address
2. Switch receives frame, inspects source address
and records it in MAC address table on port it was
received on (called source address learning)
3. Switch forwards frame to destination MAC
address (PC D) but this MAC is not in the MAC
address table, so the switch floods the frame to all
ports except the one it received the frame on
4. PC D responds to PC A, switch receives the frame
5. Switch records the source MAC on the port it
received it on
6. Forward filter decision can be made based on
destination MAC
7. Frame is forwarded to port 1 directly
Media access control (MAC) address
tables
• A table of MAC addresses known by the switch and
the interface they were learned on (outgoing
interface)
• Switch checks the MAC address table each time
a frame is received
• If it doesn’t have the source MAC address, it adds
it to the table
• If it has the destination MAC address it forwards it
out the corresponding interface
• If it doesn’t it sends the frame out all interfaces
and which ever interface responds back with the
reply, the switch then takes the source mac of that
frame and adds it to the MAC address table
• Inactivity Timer – Timer is set to 0 for new entries.
Each time the switch receives a frame with the
address, timer is reset to 0. If switch starts to run out
of space, it will remove the frames with the
oldest timers
Operation Modes
• Store-and-Forward Switching • Fragment-Free Switching
• Switch receives the frame into buffer of • Modified form of cut-through switching
inbound port • Makes sure the frame is at least 64 bytes long
before forwarding it
• Checks frame for errors (FCS checksum),
called a cyclic redundancy check (CRC) • A frame smaller than 64 bytes is called a runt
• Switch calculates the CRC value and compares • Goal is to not forward runt frames
it to what was in the FCS (which was
computed by the sending device)
• If the values are the same, the switch
forwards the frame
• If different, the switch drops the frame
• Cut-Through Switching
• Designed to improve performance for frame
forwarding
• Switch reads the destination MAC and
forwards the frame
Thank You !!!

CCNA Enterprise 200 301 Modul1

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CCNA Enterprise 200 301 Modul1

Uploaded by

Copyright:

Available Formats

JOGJAKARTA, 18 – 22 September 2023

Thank you and good luck!

• Lesson 2: Describe characteristics of network

• Lesson 4: Identify interface and cable issues

• Lesson 5: Compare TCP to UDP

• Lesson 2: Describe characteristics of network

• Lesson 4: Identify interface and cable issues

• Lesson 5: Compare TCP to UDP

• Lesson 2: Describe characteristics of network

• Lesson 4: Identify interface and cable issues

• Lesson 5: Compare TCP to UDP

• Difference is in the pin assignments

• Lesson 2: Describe characteristics of network

• Lesson 4: Identify interface and cable issues

• Lesson 5: Compare TCP to UDP • Lesson 12: Explain virtualization fundamentals

• Lesson 7: Describe the need for private IPv4

• Collisions, errors, mismatch duplex,

• Lesson 2: Describe characteristics of network

• Lesson 4: Identify interface and cable issues

• Lesson 5: Compare TCP to UDP

• Compare TCP to UDP

Layer 2 - Data Link

• TCP Connection Establishment

• Lesson 2: Describe characteristics of network

• Lesson 4: Identify interface and cable issues

• Lesson 5: Compare TCP to UDP

• Configure and verify IPv4

• First usable address is 1 after the network ID

*Class D is for multicast

*Class E is reserved and

Default Subnet Network Bits

CIDR Notation for Subnet Masks • Example:

255.255.128.0 or /17 11111111 255

Converting from CIDR to binary

• Lesson 2: Describe characteristics of network

• Lesson 4: Identify interface and cable issues

• Lesson 5: Compare TCP to UDP

• Describe the need for private IPv4

• Network Address Translation (NAT)

• Lesson 2: Describe characteristics of network

• Lesson 4: Identify interface and cable issues

• Lesson 5: Compare TCP to UDP

• Configure and verify IPv6

Details of an IPv6 address

Shorthand Notation FE00:0000:0000:0001:0000:0000:0000:0056

• Router solicitation and advertisement • Neighbor Discovery Protocol (ND)

• Lesson 2: Describe characteristics of network

• Lesson 4: Identify interface and cable issues

• Lesson 5: Compare TCP to UDP

• Compare IPv6 address types

Compare IPv6 address types IPv6 Header

Link-local address (FE80::/10) Anycast

• Lesson 2: Describe characteristics of network

• Lesson 4: Identify interface and cable issues

• Lesson 5: Compare TCP to UDP

• Verify IP parameters for Client OS

Verify IP address settings

• Lesson 2: Describe characteristics of network

• Lesson 4: Identify interface and cable issues

• Lesson 5: Compare TCP to UDP

• Nonoverlapping Wi-Fi channels

• Use radiated energy waves (radio waves) to transmit

• Site surveys are completed to determine where and

• Wireless is installed in most office buildings and allows