CCNA Exam 640-802 Version 9.3

1

CCNAExam 640-802Version 9.3

[email protected]

2

Basic network components Transmission media

Connectors

NIC (Network Interface Card)

Protocols

Addresses

Hub / Switch

Modem

Router

3

Transmission media 10Base2

10Base5

10BaseT

10BaseTX

100BaseFX fiber optics

10BaseT

Base – signaling type10 – Bandwidth of 10MbpsT – Twisted pair cableF - Fiber

10Base2

Base – signaling type10 – Bandwidth of 10Mbps2 – Support 200 meters

4

5

10Base2

10Base5

10BaseT

10BaseTX

100BaseFX

Name Thinnet Thicknet Cat 3,4,5

Cat 5e,6,7 Fiber optics

Users per segment 30 208 1 1

Max length 185 500 100 100

Capacity 10Mbps 10Mbps

Topology Star / Bus

Star / Bus

OHMS 50 100

6

Cable type Transmission speed

Cat1

Cat 2 Up to 4 Mbps

Cat 3 Up to 10 Mbps 16 MHz

Cat 4 Up to 16 Mbps 20MHz

Cat 5 10 Mbps to 100 Mbps 100MHz

Cat 5e 100 Mbps to 1000 Mbps

100MHz

Cat 6 Up to 10 Gbps 250MHz

Cat 6a Up to 10 Gbps 500MHz

Cat 7 Up to 10 Gbps 600MHz

Cat 7a Up to 100 Gbps 1000MHz

7

Connecting cables

Straight through cable

Crossover cable

Rollover cable

8

Straight through cable This cable is used to connect two different types of devices.

This is used to connect MAC device and Non MAC device.

Switch

Router

Host

Host Hub

Switch

Hub

Router

9

10

Crossover cable This cable is used to connect same devices.

This is used to connect MAC to MAC or Non-MAC to Non-Mac.

Switch

Router

Hub

Hub Switch

Hub

Router

Switch

11

12

Rollover cable

This cable is used to connect Router console port to PC serial(COM) port.

This cable is called Null modem cables.

13

14

Network Interface Card (NIC)

This provide network communication to a LAN.

It contain buffer.

It contain unique 48bit MAC( Media Access Controller ) address.

15

Protocol

Protocol is a set of rules and regulations.

Two device to establish communication both should be same protocol.

16

Addresses

Addresses are used to identify the device.

There are two type of addresses.

MAC – Pre define IP – User define

17

OSI Layer

Open System Interconnect Layer.

This is describe how data is communicated from one to another system.

Allow multiply vendor development and standardize.

18

OSI Layer types

Application layer

Presentation layer

Session layer

Transport layer

Network layer

Data link layer

Physical layer

19

20

7. Application Layer

Program to program communication.

Provides network services to use application.

Function

s

21

6. Presentation Layer

Data translation and code formatting including compression and encryption.

Ensure application layer can be use data.

MPEG, MIDI, TIFF, JPEG, TXT, Quick time movie

Function

s

Standar

ds

22

5. Session Layer

Establish and maintain session across the network.

Organize communication through simplex, half and full duplex mode.

Function

s

23

4. Transport Layer Segments data and adds port numbers.

Data is ensured at this layer by maintaining flow control.

Error correction and detection.

Defined reliable and unreliable end to end data communication.

Connection orient communication.

Acknowledge and are received for every segment.

Call setup, data transfer and call termination.

Connection parameters are synchronized.

Windowing technique used to control outstanding data segment and to increase throughput.

24

3. Network Layer

Data packet done here.

Responsible for sending DATA.

Assigns IP addresses.

Maintain routing table.

Find the best path.

Router

Function

s

Device

25

2. Data Link Layer

Framing of the packets is done here.

Handles error notification, network topology and flow control.

Provides access to LAN medium in an orderly manner.

Adds MAC address to frames.

Switch, Bridge and NIC

Function

s

Devices

26

1. Physical Layer

Sending and receive bits.

Places data on the Network media.

Communication directly with the media.

Hub, Repeater, Cable and Connector

Function

s

Devices

27

Term Definition

FTP File Transfer Protocol

TFTP Trivial File Transfer Protocol

WWW World Wide Web

HTTP Hyper Text Transfer Protocol

SMTP Simple Mail Transfer Protocol

Voip Voice Over Internet Protocol

SNMP Simple Network Management Protocol

POP3 Post Office Protocol

NFS Network File System

RPC Remote Procedure Call

NETBIOS Network Basic Input/output System

TCP Transmission Control Protocol

28

Term Definition

UDP User Datagram Protocol

SPX Sequence Packet Protocol

IP Internet Protocol

IPX Internet Packet Exchange

ARP Address Resolution Protocol

RARP Reverse Address Resolution Protocol

ICMP Internet Control Message Protocol

RIP Routing Information Protocol

OSPF Open Shortest Path First

NCP Network Control Program

SMB Server Message Block

29

Layer Protocols /Services

Application FTP, TFTP, Telnet, WWW, HTTP, POP3, SMTP, Voip, SNMP, NCP, SMB, Apple Talk

Presentation NCP, AFP, TDI

Session NFS, SQL, RPC, NETBIOS, ZIP. SCP

Transport TCP, UDP, SPX, NWlink, NetBEUI

Network IP, IPX, ARP, RARP, ICMP, RIP, OSPF, NWlink, NetBEUI

Data Link

Physical

30

Protocol Service Port Number

TCP WWW/HTTP 80

FTP 20 , 21

Telnet 23

SMTP 25

HTTPS 443

UDP DHCP 67 , 68

SNMP 161

TFTP 69 69

DNS 53 53

ICMP

IP

31

TCP/IP Layers

OSI Layer TCP/IP Layer

Application, Presentation, Session layers

Application layer

Transport layer Transport layer

Network layer Internet layer

Data link , Physical layers Network Access layer ( Data link)

32

Data Encapsulation Sequence

Data Segment Packets Frames Bits

33

Cisco Hierarchical Model

34

35

Communication methods

Unicast

Broadcast

Multicast

36

Unicast

One to one communication.E.g.: Telephone

37

Broadcast

One to any communication.E.g.: Radio, TV

38

Multicast

One to many communication.E.g.: Video conference

39

Addresses

Hardware

Ex: MAC address

Software

Ex: IP address

Ad

dre

sses

40

MAC Addresses

48bit hexadecimal predefined address by manufactures.

E.g.: A1 - b5 – 56 - f3 - c8 – 33 - 60

• OUI• Organizationally Unique Identifier• Defined by “INA”.• There are blocks for all

manufactures.E.g.: CISCO, DELL, IBM…

Manufacture

41

IP Addresses

Privet

Public

Rangers

IPV4

IPV6

Versions

Dynamic

Static

Types

42

IP Rangers

Privet-Reserved for LAN / INTRANET.-governed by a body called INTERNIC.

Public-Defined with routing over the internet.-Reserved for WAN.-Given by ISPs.

43

IP Types

Dynamic-Addresses which are automatically assigned by a DHCP service.-These are randomly assigned.

Static-Addresses which are manually assigned in the properties of TCP/IP by administrator.-These addresses will not changed unless we change them.

44

IP Versions

IPV4E.g.: 192.168.10.100

IPV6E.g.:fe00.0000.0000.1258.0000.0000.0000.abfd

8bit 4 = 32bitOctal(8bit)

Hexa Decimal(16bit)16bit 4 = 128bit

45

IPV4 Classes

Class A

Class B

Class C

Class D

Class E

46

Class A

Network range 1.0.0.0 - 126.0.0.0

Subnet mask 255.0.0.0

Networks 126

Host per network 16777214

Privet range 10.0.0.1 - 10.255.255.254

E.g.: 10 . 1 . 1 . 1 255 . 0 . 0 . 0

Network ID

Host

127.0.0.1 to 127.255.255.255 is reserved for loopback testing purposes.

47

Class B

Network range 128.0.0.0 - 191.255.0.0


Networks 16384


Privet range 172.16.0.1 - 172.31.255.254

E.g.: 172. 16 . 0 . 1 255 . 255 . 0 . 0

Network ID

Host

169.254.0.1 - 169.254.255.254 is reserved for APIPA( Automatic Privet IP Address )

48

Class C

Network range 192.0.0.0 - 223.255.255.0


Networks 2097152


Privet range 192.168.0.1 - 192.168.255.254

E.g.: 192. 168 . 1 . 1 255 . 255 . 255 . 0

Network ID

Host

49

Class D

224.0.0.0 - 239.253.255.255 is reserved for multicasting services and applications.

Class E

240.0.0.0 - 255.255.255.255 is reserved for future use and research purposes( E.g.: NASA ).

50

1 - 126

Class A

128 - 191Class B

192 - 223Class C

51

SUBNETTING

52

Break a large network to sub networks is called Subnetting.

Once you have break a network, you need a router to connect these sub networks.

53

Advantages of Subnetting

Reduce network traffic.

Optimize network performance.

Simplified management.

Facilitated spanning of large geographical distance.

54

192.168.0.0 / 24

255.255.255.0

8bit 8bit 8bit

172.16.0.0 / 16

255.255.0.0 8bit 8bit

11.0.0.0 / 8

255.255.255.0 8bit

Subnet prefix

55

Subnetting class C

56

192.168.0.0 / 26

llllllll llllllll llllllll ll000000

255 . 255 . 255 . 192

N = 2n

= 22

= 4

Host per network = 2n - 2

= 26 - 2

= 62

l l l l l l l l128 64 32 16 8 4 2 1

Therefor 128+64 = 192

n = on bits (l)

n = off bits (0)

1

3

2

26 = 24 + 2

57

Magic number = 256 – 192

= 64

4

Network ID 1st IP Last IP Broadcast IP

192.168.0.0 0 + 1 = 1 63 - 1 = 62 64 - 1 = 63

192.168.0.64 64 + 1 = 65 127 - 1 = 126 128 - 1 = 127

192.168.0.128 128 + 1 = 129 191 - 1 = 190 192 - 1 = 191

192.168.0.192 192 + 1 = 193 255 - 1 = 254 255

5

2

1

Constant number

58

Subnetting class B

59

172.16.0.0 / 19

llllllll llllllll lll00000 00000000

255 . 255 . 224 . 0

N = 2n

= 23

= 8


= 213 - 2

= 8190

l l l l l l l l128 64 32 16 8 4 2 1

Therefor 128+64+32 = 224

n = on bits (l)

n = off bits (0)

1

3

2

19 = 16 + 3

60


= 32

4

5

Constant number

Network ID 1st IP Last IP Broadcast ID

172.16.0.0 0.1 31.254 31.255

172.16.32.0 32.1 63.254 63.255

172.16.64.0 64.1 95.254 95.255

172.16.96.0 96.1 127.254 127.255

172.16.128.0 128.1 159.254 159.255

172.16.160.0 160.1 191.254 191.255

172.16.192.0 192.1 223.254 223.255

172.16.224.0 224.1 255.254 255.255

61

Subnetting class A

62

10.0.0.0 / 11

llllllll lll00000 00000000 00000000

255 . 224 . 0 . 0

N = 2n

= 23

= 8


= 221 - 2

= 2097152

l l l l l l l l128 64 32 16 8 4 2 1

Therefor 128+64+32 = 224

n = on bits (l)

n = off bits (0)

1

3

2

11 = 8 + 3

63


= 32

4

5Constant number

Network ID 1st IP Last IP Broadcast ID

10.0.0.0 0.0.1 31.255.254 31.255.255

10.32.0.0 32.0.1 63.255.254 63.255.255

10.64.0.0 64.0.1 95.255.254 95.255.255

10.96.0.0 96.0.1 127.255.254 127.255.255

10.128.0.0 128.0.1 159.255.254 159.255.255

10.160.0.0 160.0.1 191.255.254 191.255.255

10.192.0.0 192.0.1 223.255.254 223.255.255

10.224.0.0 224.0.1 255.255.254 255.255.255

64

Router

65

Internetwork Operating Systems( IOS )

This is a kernel of the Cisco and most switches.

It’s a command line interface(CLI).

66

Internal components of a Router

67

Router memory elements

Boot ROM

Flash

RAM

NVRAM (Non Volatile RAM)

68

Boot ROM

It stores the router’s bootstrap startup program.

It stores OS software.

It stores mini IOS image ( RX Boot ) with extremely limited capabilities.

It sores POST( Power on diagnostic test programs) routines and core level OS for maintenance.

69

RAM

Stores running configuration program.

Provides caching.

RAM is a volatile memory and looses its information when router is turns off.

The configuration present in RAM is called Running configuration.

70

Flash

Store IOS.

This is a erasable and reprogrammable memory.

An EPROM holds the most of the IOS image.

It maintains everything when router is turned off.

71

NVRAM

Stores startup configuration files.

A rewritable memory area holds router’s configuration file.

NVRAM retains the information whenever router is rebooted.

Once configuration is saved, it will be saved in NVRAM and this configuration is called Startup configuration.

72

Router Ports

73

LAN Ports

WAN PortsBRI port ISDN connections

AUX Dial up connections

Serial port Lease line and Frame-Relay connectivity

Console port Direct access with the router

74

75

Router boot sequence

The router performs a power-on self-test (POST) to discover and verify the hardware.

The router loads and run bootstrap code from ROM.

The router finds the IOS or other software and loads it.

The router finds the configuration file and loads it into running configuration.

76

77

Router configuration

78

RJ-45 connector

Rollover cable

RJ_45 to DB-9 Adaptor

79

80

Router modes

Setup mode

User mode

Privileged / Enable mode

Global configuration mode

ROM monitor mode

81

Router> User mode

Router# Privileged / Enable mode

Router(config)# Global configuration mode

82

User mode

Used to:

o PING commands.o Router informationo RAM, ROM, NVRAM information

83

Enable / Privileged mode

Used to:

o View router information.o Setting up clock and date.o Debugging, saving any data configured in

router and terminal configuration.

84

Global configuration mode

Used to:

o Name setting for the router.o Interface configuration setting.o Password setting.o Routing protocol setting.o Access list setting.

85

Routing Protocol

86

Routing

Router is used to talking packet from one device to another device and sending it through the network to another device on a different network with the help of router.

87

Minimum requirements for routing

Destination network address and its subnet.

Neighbor routers from which it can learn about remote networks.

Possible routers to all remote networks.

The best route to each remote network.

How to maintain and verify routing information.

88

Types of routing

Static

Default

Dynamic

89

Static routing

In static routing, the administrator have to manually add routers in each router’s routing table.

Administration distance is 1 with next hop IP address and 0 with exit interface.

Manual configuration for each destination.

To configure know destination network and its subnet mask.

90

Static route command

R1(config)#ip route 150.50.0.0 255.255.0.0 200.100.10.2 1

Destination network

Destination subnet mask

Next hop ip address

Administrative distance

91

Remove the Static routing

R1(config)#no ip route 150.50.0.0 255.255.0.0 200.100.10.2 1

R1(config)#no ip route 20.1.1.128 255.255.0.128 200.100.10.2 1

92

Advantages of Static routing

No overhead on the router CPU.

No bandwidth usage between routers.

Security ( Administrator only allows routing )

93

Disadvantages

The Admin must really understand the internetwork and how each router is connected.

If one network is added to the network , the admin must add a route to it on all routers.

It is not feasible in large networks because it would be a fulltime job.

94

Default Routing

Default routing is used to send packet s with a remote destination network not in the routing table to the next hop router.

You can only use default routing on stub networks which means that they have only one exit port out of the network.

Administrative distance is 0.

95

96

Dynamic Routing

This is the process of using protocols to find and update routing tables on routers.

This is easier than other two.

The function of dynamic routing protocol is advertise directly connected network and exchange the information between the routers.

97

Routing protocols

IGP ( Interior Gateway Protocol )

Used to exchange routing information with routers in the same autonomous systems(AS). An AS is a collection of networks under a common administrative domain.( E.g.: RIP, IGRP, EIGRP, OSPF, ISIS )

EGPs ( Exterior Gateway Protocol )

Used to communicate between ASs. EGP is a border Gateway Protocol( BGP ).

98

Autonomous System

An Autonomous system is a collection of networks under a common administrative domain.

IGPs operate within an autonomous system where as EGP connects different autonomous systems.

Every autonomous system has a Distinct number.

IANA (Internet Assigned Numbers Authority) is responsible for allocating this number.

We can use any number unless the organization plans for an EGP.

99

Dynamic routing protocol

ClassfullRouting

protocol don’t advertise the subnet mask

RIPV1IGRP

ClasslessRouting protocol advertise

subnet mask

RIPV2EIGRPOSPFISIS

100

Flavors of dynamic routing protocols

Type Protocol

Distance Vector Protocol RIP , IGRP

Link State Protocol OSPF , ISIS

Hybrid Protocol EIGRP

101

Distance Vector Protocol

Link State Protocol Hybrid

Advertise Periodic advertise RIP = Every 30 sec IGRP = Every 90 sec

Advertise only at network trigger. That is new information at routing table

Advertise full routing table

Advertise updates only

Advertise only directly connected routers

Flood the advertisement

Convergence Has high convergence time

Convergence is low

Limit Has a limit RIP = Max 15 hops IGRP = Max 255 hops

No limit

Network Small network Large network

Routing loop Routing loop is problem No routing loops

Neighbor relation

Don not establish neighbor relation

Formal way to establish neighbor relation

Com

bin

ati

on o

f both

DV

P a

nd L

SP

102

Summarization (Router Aggregation)

Reduce the number of routing entry in the routing table called Summarization.

Advantages – Reduction in the size of the routing table

means. Less overhead in terms of network traffic, CPU

and memory. Greater flexibility in addressing the networks.

103

Variable Length Subnet Mask(VLSM)

VLSM is used within an organization instead of CIDR ( Classless Inter Domain Routing ) which is used within the internet.

104

Classless Inter Domain Routing ( CIDR )

CIRD is the new addressing scheme for the internet which allows for more efficient allocation of IP addresses than the old Class A, B and C addressing scheme.

105

Why we need CIRD ?

With a new network being connected to the internet every 30 minutes the internet was faced with 2 critical problems.

o Running out of IP addresseso Running out of capacity in the global

routing tables.

106

Running out of IP addresses

107

RIP

108

RIPV1Classfull

Broadcast

No support for VLSM

No authentication

No support for discontinuous networks

RIPV2Classless

It uses Multicast address 224.0.0.9 to send updates

Support VLSM

Allows MD5 authentication

Support for discontinuous networks

109

Routing Information Protocol Version 1

RIPV1

110

Administrative distance is 120.

Classfull routing protocol.

Update time is 30 seconds.

Distance vector protocol.

It uses Hop count to calculate matric value.

It uses lowest hop to select the best path.

It uses broadcast address 255.255.255.255 sent updates.

Support maximum 15 hops.

16th hop is unreachable and un-sharable.

Advertise classfull network.

111

Network A

Router 1 is going to reach to the network A

Path 1 : Router 1 Router 0 Router 4 = 2HopsPath 2 : Router 1 Router 4 = 1HopPath 3 : Router 1 Router 2 Router 3 Router 4 = 3 Hops

So RIPV1 is used Path 2 as the best path.

112

RIPV1 Configuration

R1(config)#router rip To enable routing protocol rip

R1(config-route)#network 10.0.0.0 Advertise Class A default network



R1(config-route)#^Z To save

R1#copy run start





R2(config-route)#^Z

R2#copy run start

R1#show ip route

R2R1200.100.10.1 / 24

200.100.10.1 / 24

S0

S1

L1

L0

L1

L010.1.1.1

/ 8

172.16.10.9. / 30

150.50.1.1 / 16

20.1.1.140 / 26

113

R 20.0.0.0 / 8 [120/1] connected via 200.100.10.2

R# Debug ip rip Display sending and received updates

RIP V1 updates sending “255.255.255.255”

10.0.0.0

172.168.0.0

200.100.10.0

RIP route


ClassfullMetric [ one hop count]

R# Show ip router rip To display only RIP routers

114

Routing Information Protocol Version 2

RIPV2

115

RIPV2 Configuration





R1(config-route)#version2

R1(config-route)#no auto summary





R2(config-route)#version2

R2(config-route)#no auto summary

R1#show ip route

R2R1200.100.10.1 / 24

200.100.10.1 / 24

S0

S1

L1

L0

L1

L010.1.1.1

/ 8

172.16.10.9. / 30

150.50.1.1 / 16

20.1.1.140 / 26

116

R 20.1.1.128 / 26 [120/1] connected via 200.100.10.2

R# Debug ip rip Display sending and received updates

RIP V2 updates sending 224.0.0.9 update

10.0.0.0

172.168.0.0

200.100.10.0

Classless route

R# Show ip router rip To display only RIP routers

117

Remove RIP

R(config)#no router rip

118

OSPF

119

Open Shortest Path First (OSPF) Link state routing protocol

Administrator distance is 110

Support VLSM

Support manual summarization

It uses cost to calculate metric value

It uses SPF algorithm to select best path

It uses multicast address 224.0.0.5 and 224.0.0.6 to send and receive updates

Sending incremental updates

120

It uses Hello protocol to establish neighbor relation

It uses router ID to establish neighbor relation

It uses area to communicate

It maintain three type of tables

o Routing tableo Neighbor tableo Database table

Router IDPriority [ Default value is 1 ]Hello interval [ 10 sec ]Dead interval [ 40 sec ]Authenticating bitStub area flagProcess ID

conta

ins

121

Single area OSPF

The entire interface in the network belongs to same area called single area.

e0

e0

S1

S0

Area 1

122

Multi area OSPF

In multiarea, all the areas must connect to the Area o (Black Bone Area) directly of virtually ( Area 3 is virtually connected to the area 0 )

e0

e0

S1

S0

Area 0

Area 3

Area 2

Area 1

e0

Virtual link

123

OSPF cost calculating

Interface bandwidth is Bandwidth 64kpbs

Cost = 108 / Bandwidth

= 108/64*1000

= 1562

124

Router ID calculating

Once OSPF is configured router automatically calculate the router ID.

This router has 2 physical interfaces e0 and s0. router ID for this router is highest IP address of physical interfaces 200.10.1.1

e0 S0 200.10.1.1 /25

100.10.1.1 / 25

125

In this router has 2 physical interfaces and 2 logical interfaces.

Route ID for this router is highest IP address for logical interface 2.2.2.2

e0 S0 200.10.1.1 /25

100.10.1.1 / 25

L1L0

2.2.2.2/30

1.1.1.1/30

126

OSPF Network Command

Network [sub network address] [wildcard mask] area [number]

Broadcast address 255.255.255.255Subnetmask 255.255.255.252 (-)

Wildcard Mask 0. 0. 0. 3

127

OSPF Configuration

R1(config)#router ospf 10 10 is the process ID

R1(config-route)#network 10.0.0.0 0.255.255.255 area 1



R2(config)#router ospf 10 10 is the process ID




R1#show ip route

R2R1200.100.10.1 / 24

200.100.10.1 / 24

S0

S1

L1

L0

L1

L010.1.1.1

/ 8

172.16.10.9. / 30

150.50.1.1 / 16

20.1.1.140 / 26

R# Show ip ospf interface To trouble shooting

128

O 20.0.0.128 / 26 [110 / 65]

OSPF route

R# Show ip router ospf Display only ospf routers

Classless


Metric [cost]

R# Show ip ospf neighbor Display neighbor table & it contain

R# Show ip ospf database Display database table

R# Debug ip ospf adj Display ospf adjacency

129

Remove OSPF

R(config)#no router ospf 10

130

EIGRP

131

Enhanced Interior Gateway Routing Protocol ( OSPF )

Hybrid protocol

Administrative distance 90

Classless protocol

Cisco proprietary protocol

It uses bandwidth, delay, reliability, Loading & MTU to calculate Metric Value.

It uses for unequal cost load balancing.

It uses Multicast address 224.0.0.10 to send updates

It uses autonomous system numbers

132

It maintain three types of tables

o Routing table [ Successor path ]o Neighbor tableo Topology table [ Successor & Feasible successor path]

133

EIGRP Configuration

R1(config)#router eigrp 30 30 Autonomous number must same

R1(config-route)#network 10.0.0.0



R1(config-route)#network no auto-summary

R2(config)#router eigrp 30 30 Autonomous number must same




R1(config-route)#network no auto-summary

R1#show ip route eigrp

R2R1 200.100.10.1 / 24

200.100.10.1 / 24

S0

S1

L1

L0

L1

L010.1.1.1

/ 8

172.16.10.9. / 30

150.50.1.1 / 16

20.1.1.140 / 26

134

D 20.1.1.128 / 26 [ 90 / 26903010 ]

Trouble shooting

EIGRP route

R# Show ip eigrp neighbor Display eigrp neighbor table

R# Show ip eigrp topology Display eigrp topology table

R# Show debug eigrp neighbor

135

Adjacency process RIP EIGRP

RIP / EIGRP timerUpdate timer

30s 90s

Invalid timerTime taken to identify invalid network

90s 270s

Flush timerTime taken to remove invalid network form routing table

240s 630s

Hold down timerSame as flush timer

240s 280s

136

Routing loop

Distance vector routing protocol subject of routing loop.

There are 3 ways to avoid the routing loops.

o Split Horizono Route poisoningo Hold down

137

Split horizon Split horizon says don’t send update to same interface. That is where the updates is originated.

R2R1 200.100.10.1 / 24

200.100.10.1 / 24

S0blocked

S1

L1

L0

L1

L010.1.1.1

/ 8

172.16.10.9. / 30

150.50.1.1 / 16

20.1.1.140 / 26

Update200.00.10.010.0.0.0172.16.0.0

138

Routing poisoning

If the network is failed change the metric value to unreachable value.

R2R1 200.100.10.1 / 24

200.100.10.1 / 24

S0

S1

L1

L0

L1

L010.1.1.1

/ 8

172.16.10.9. / 30

150.50.1.1 / 16

20.1.1.140 / 26Fail

Before network failsRouting tableR 172.16.0.0 / 16 [120/1]

After network failsRouting tableR 172.16.0.0 / 16 [120/26]

139

Hold-Down

If the network is failed, remove the entry from routing table.

R2R1 200.100.10.1 / 24

200.100.10.1 / 24

S0

S1

L1

L0

L1

L010.1.1.1

/ 8

172.16.10.9. / 30

150.50.1.1 / 16

20.1.1.140 / 26Fail


After network failsRouting tableNo entry for network172.16.0.0

140

Passive Interface Command

This command is used to control the routing updates.

R2R1 200.100.10.1 / 24

200.100.10.1 / 24

S0

S1

L1

L0

L1

L010.1.1.1

/ 8

172.16.10.9. / 30

150.50.1.1 / 16

20.1.1.140 / 26Fail


After network failsRouting tableNo entry for network172.16.0.0

R1(config)#router ripR1(config-router)#passive-interface serial 0

141

Bandwidth Command Specify the bandwidth to the Interface serial 0. by default serial interface bandwidth is T1 speed (1.54Mbps).

Define the speed 128kbps to the interface serial 0

R2R1 200.100.10.1 / 24

200.100.10.1 / 24

S0

S1

L1

L0

L1

L010.1.1.1

/ 8

172.16.10.9. / 30

150.50.1.1 / 16

20.1.1.140 / 26

R1(config)#interface serial 0R1(config-if)#bandwidth 128000

128kbps

128kbps

142

Network Manageme

nt

143

Backup and Restore the IOS and Configuration file

Before you upgrade or restore a IOS and configuration file, you should copy the existing file to a TFTP host as a backup in case the new file does not work.

You can use any TFTP host to perform this function.

By default the Flash memory is a router is use to store the IOS and NVRAM is used to store the Configuration file.

144

Router

E010.1.1.1/24

TFTP Server10.1.1.2/24Default gateway10.1.1.1

Ethernet

• Router Ethernet IP address and TFTP server IP address has to be same subnet and both should have sane subnet mask .

• Default gateway address to the TFTP server is always router E0 IP address 10.1.1.1

145

Considerations

o Check the physical connectivity between router and TFTP server[Ping, show ip interface brief].

o Document the IOS image file name.o Verify the hard disk capacity of TFTP server.o Verify the flash memory capacity [show

flash].

146

IOS Backup

R1#copy flash tftp

Remote host name(or)IP address? 10.1.1.2

[TFTP server IP address]

Source file name. C2500.121.10.bin

Destination file name and then Enter.

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!1!

[Output cut]

Upload to server done

Flash copy took 00:10:30[hh:mm:ss]

147

Restore and Upgrade IOS

Router #copy tftp flash

****NOTICE****

Flash loader helper v1.0

This process will accept the copy option and then terminate

The current system image to use the ROM based image for the copy

Router functionality will not be available during that time

If you are logged in via telnet this connection will terminate

Users with console access can see the results of the copy operation

---***---

Proceed? [Confirm] Press Enter

148

Remote host name (or) IP Address? 10.1.1.2

[TFTP server IP address]

source file name? C2500.1251.jas10.bin

Destination file name. Enter

Erasing device

Eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee

Loading c2500-1251.jas10.bin from 10.1.1.2(via Ethernet)

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!![output cut]

[OK-735532/800526 bytes]

149

Backup configuration file

R1#copy start tftp

Address or name of remote host[]? 10.1.1.2

Destination filename[running-config]?R2

!!

501 bytes copied in 9.236sec (35bytes/sec)

150

Restore configuration file

R1#copy tftp start

Address or name of remote host[]? 10.1.1.2

Source filename[]? R2

Destination filename [running-config]? Enter

Accessing tftp://10.1.1.1/R2

Loading R2 from 10.1.1.1 (via Ethernet0):

!!

[OK-501/4096 byte]

501 byte copied in 3.200 sec (62 bytes/sec)

151

Cisco Discovery Protocol( CDP )

This is used to collect the directly and remotely connected Cisco devices information.

This is proprietary protocol designed by Cisco.

R2R1200.100.10.1 / 24

200.100.10.1/ 24

S0

S1128kbps

152

153

CDP timer

Global CDP information

o Sending CDP packets every 60 secondso Sending a holdtime value of 180 seconds

R# Show cdpR# show cdp details To see CDP details

154

Changing CDP Timer Value

Disable CDP under interface

R(config)# cdp timer 90R(config)# cdp holdtime 240

R(config)#interface serial 0R(config)#no cdp enable

155

Troubleshooting commands

Show run Display the running-config file

Show start Display the startup-config file

Show version Display the IOS type and versions well as the configuration

Show cdp neighbor Shows the directly connected neighbors and the details about them

Show cdp neighbor detail Shows the IP address and IOS versions and type and includes all of the information from the show cdp neighbor command

Ping Tests IP connectivity to a remote device

Trace or traceroute Tests the connection to a remote device and shows the path it took through the internet

work to find the remote device

156

CDP

157

Access Control

List

158

Access control list, gather basic statics on packet flow and security policies can be implemented.

Sensitive devices can also be protected from unauthorized access.

It is a basic Firewall.

It blocks unwanted incoming and outgoing traffic.

159

Access Control List

Standard Access List

• It contain only the source IP address in an IP packet to filter the network.

• This is permits or denies an entire suite of protocol.

• Range is 1 to 99.

Extended Access List

• It contains source and destination IP address, protocol field in the network layer header and port number at the Transport layer header.

• Range is 100 to 199.

160

Once you create an access list, you apply it to an interface with either an Inbound or an Outbound list.

Inbound Outbound

First packet are processed through the access list and then routed to the destination.

First packets are routed to the outbound interface and then processed through the access list.

E0E1

PC1 PC2

Inbound Access List

E0E1

PC1 PC2

Outbound Access List

161

ACL Considerations

You can only assign one access list per interface, per control, or per direction.

This means that if you are creating IP access lists, you can only have one inbound access list and one.

Design your access list so that the more specific tests are at the top of the access list.

Anytime a new list is added the bottom of the list.

You can’t remove one line from an access list.

By default end of the access list is deny all.

Create access lists and then apply them to an interface.

162

ACL Process

ACL always compared with each add every line of the access list in sequential order that is it will always start with line 1, then go to the line 2, then 3 and so on.

ACL compared lines one by one of the access list only until a match is made. Once the packet is matched , a line of the access list adds then does not compare next lines.

By default “deny” at the end of each access list. If a packet does not match any lines in the access list, it will drop the packets.

163

Standard Access List

e0

S1

S0

172.16.10.1/30

10.1.1.1/30

200.100.10.1/24

200.100.10.2/24

192.168.10.1/24

192.168.10.3/24Gateway 192.168.10.1

192.168.10.2/24Gateway 192.168.10.1

pc1

pc2e0

L0

L1

Ethernet

R1 R2

Standard ACL Lab

164

Block only packets from PC1 to Router R1.

o Source is PC1 [192.168.10.2]o Destination is R1o Define and apply close to destination router

R1 configurationDefine

R1(config)#access-list 10 deny 192.168.10.2R1(config)#access-list 10 permit any

ApplyR1(config)#interface serial 0R1(config-if)#ip access-group 10

Access-list number = 10

165

R1(config)#access-list 10 deny 192.168.102R1(config)#access-list 10 permit any

R1(config)#interface serial 0R1(config-if)#ip access group 10

R1#show access-list Display all the access list configured on routerR1#show access-list 10 Display only access-list 10R1#show ip interface Display access list applied to an interface and

Inbound / Outbound

Pc1:/> Ping 200.100.10.1 0%Pc1:/> Ping 10.1.1.1 0%Pc1:/> Ping 172.16.10.1 0%


166

Remove the access-list

You can’t remove a single line from access list. If you try to remove , it will remove entire access list

R1(config)#no access-list 10

167

Block only packets from 192.168.10.0/24 network to router R1

o Source is 192.168.10.0/24o Destination is Router R1o Define and apply close to destination router

R1 configurationDefine

R1(config)#access-list 30 deny 192.168.10.0 0.0.0.255R1(config)#access-list 30 permit any

ApplyR1(config)#interface serial 0R1(config-if)#ip access-group 30

Source network

Wild card

168

R1(config)#access-list 30 deny 192.168.102 0.0.0.255R1(config)#access-list 30 permit any

R1(config)#interface serial 0R1(config-if)#ip access group 30

R1#show access-list R1#show access-list 10 R1#show ip interface



169

Extended Access List

e0

S1

S0

172.16.10.1/30

10.1.1.1/30

200.100.10.1/24

200.100.10.2/24

192.168.10.1/24

192.168.10.3/24Gateway 192.168.10.1

192.168.10.2/24Gateway 192.168.10.1

pc1

pc2e0

L0

L1

Ethernet

R1 R2

Extended ACL Lab

Configure VTY password ***** Your password

170

Block only Telnet traffic from PC1 to router R1 loopback 0 interface.

o Source is PC1 [192.168.10.2]o Destination is R1 loopback 0 172.16.10.1o Protocol is TCPo Service is Telnet and port is 23o Define and apply ACL to router R2

Command format

R(config)#Access-list [number][deny/permit][protocol][source][destination]eq[service name or port]

R2(config)#Access-list 101 deny tcp host 192.168.10.2 host 172.16.10.1 eq 23

171

R2(config)#access-list 101 deny tcp host 192.168.10.2 host 172.16.10.1 eq 23

R2(config)#access-list 101 permit ip any any

R2(config)#interface Ethernet 0

R2(config)#ip access-group 101

Access list 101 is applied to interface Ethernet 0 Inbound

Only telnet traffic is blocked from PC1 other traffics are permitted.

172

Remove the access-list

R2(config)#no access-list 101

173

Block only networks 192.168.10.0/24 to access WEB(WWW) traffic

o Source is network 192.168.10.0/24o Destination is anyo Protocol is TCPo Service and port number is WWW [80]

R1(config)#access-list 105 deny 192.168.10.0 0.0.0.255 any eq WWWR1(config)#access-list 105 permit ip any anyR1(config)#interface serial 0R1(config-if)#ip access-group 105 in

PC1:>/telnet 072.16.10.1 PC1:>/telnet 072.16.10.1…………….. …………….Connection refused by host Connection refused by host

174

WAN PROTOCO

L

175

WAN connectivity types

Dedicated line – Lease line and DSL (Digital Subscriber Link)

Circuit switching – Dial up and ISDN (Integrated System Digital Network )

Packet switching – Frame relay and X.25

Cell switching - ATM

176

WAN Protocols and Encapsulation types

High Density Link Controller ( HDLC )

Point to point protocols ( PPP )

Frame Relay

177

High Density Controller ( HDLC )

This is a Cisco proprietary protocol.

It is default encapsulation used by Cisco routers over synchronous serial links.

HDLC is a point to point protocol used on leased lines.

No authentication can be used with HDLC.

178

Point to Point Protocol (PPP)

This is a data link protocol that can be used over either asynchronous serial (dial up) or synchronous serial (ISDN) media and that uses the LCP( Link Control Protocol ) to build and maintain data link connections.

PPP uses,o Authenticationo Compressiono Multilinko Error detection

Password Authentication Protocol (PAP)

Challenge Authentication Protocol (CHAP)

179

Password Authentication Protocol (PAP) This is less secure than CHAP.

Passwords are sent in a clear text and it is only performed upon the initial link establishment.

When the PPP link is first established, the remote node sends back to the sending router the user name and password until authentication is acknowledged.

180

Internet based leased line

172.16.10.1 S0

Router A(ISDN)

Router B(Zoom)

172.16.10.2 S0

1.1

1.21.3

1.4 5.1

5.25.3

5.4

E01.S0

181

#config t

(config)#int E 0

(config-if)#ip address 192.168.1.50 255.255.255.0

(config-if)#no shutdown

(config-if)#exit

(config)#int S 0


(config-if)#clock rate 56000 ( for DCE )

(config-if)#bandwidth 64

(config-if)#no shut

(config-if)#exit

(config-if)#ip routing

(config-if)#ip route 192.168.5.0 255.255.255.0 172.16.1.2

(config-if)#int S0

(config-if)#encapsulation ppp

(config-if)#ppp authentication PAP

(config-if)#ppp PAP sent-username password cisco

For router A

182

#config t

(config)#int E 0



(config-if)#exit

(config)#int S 0




(config-if)#no shut

(config-if)#exit



(config-if)#int S0


(config-if)#ppp authentication PAP

(config-if)#ppp PAP sent-username password cisco

For router B

183

Challenge Authentication Protocol ( CHAP )

CHAP is use at the initial startup of a link and at periodic checkup on the link to make sure the router is still communicating with the same host.

After PPP finished its initial phase, local router sends a challenge request to the remote device.

The remote device sends a value calculated using a one-way hash function called MD5.

The local router checks this hash value to make sure it matches.

If the value don’t match, then the link immediately terminates.

Passwords are sends in Encrypted format.

184

Internet based leased line

172.16.1.1 S0

Router A(ISDN)

Router B(Zoom)

172.16.10.2 S0

1.1

1.21.3

1.4 5.1

5.25.3

5.4

E01.S0

185

#config t

(config)#int E 0



(config-if)#exit

(config)#int S 0




(config-if)#no shut

(config-if)#exit



(config-if)#int S0


(config-if)#ppp authentication CHAP

(config-if)#ppp CHAP hostname zoom

(config-if)#ppp CHAP password cisco

For router A

186

#config t

(config)#int E 0



(config-if)#exit

(config)#int S 0




(config-if)#no shut

(config-if)#exit



(config-if)#int S0


(config-if)#ppp authentication CHAP

(config-if)#ppp CHAP hostname winsys

(config-if)#ppp CHAP password cisco

For router B

187

Integrated Service Digital Network ( ISDN )

This is used in circuit switching WAN technology and it is a synchronous serial line.

ISDN contain 2 channels.

o Channel D – Establish the link o Channel B – Carry the data

188

Benefits of ISDN

Can carry voice, video and data simultaneously.

Has faster call setup than modem.

Has faster data rates than modem connection.

Used as a backup line.

Used for voice conference.

Used for Small office and Home office (SOHO).

189

Types of ISDN lines

Basic Rate Interface ( BRI )

Primary Rate Interface ( PRI )

190

Basic Rate Interface ( BRI )

BRI has two B-channel and one D-channel.

B-channel + D-channel

2 * 64kbps + 1 * 16kbps

128kbps + 16kbps

144kbps Total channel capacity

48kbps Framing and Synchronization

192kbps Total Link Capacity

Maximum data transfer speed of ISDN BRI is 128kbps

191

Dial on Demand Routing (DDR)

This is used to allow 2 or more Cisco routers to dial an ISDN dial-up connection on an as needed basis.

This is only used for low-volume, periodic network connections using either a Public Switch Telephone Network ( PSTN ) or ISDN.

This was designed to reduce WAN cost if you have to pay on a per minute or per packet basis.

DDR works when a packet received on an Interface meets the requirements of an access list defined by administrator which defines interesting traffic.

192

How DDR works?

I. Route to the destination network is determined.

II. Interesting packets dictate a DDR cell.

III. Dialer information is looked up.

IV. Traffic is transmitted.

V. Call is terminated when no more traffic is being transmitted over a link and the idle-timeout periods ends.

193

DDR configuration

R1(config-if)#dialer-group 5

R1(config-if)#exit

R1(config-if)#dialer-list 5 protocol ip permit

R1(config-if)#dialer-group 2

R1(config-if)#exit

R1(config)#dialer-list 2 protocol ip list 10

R1(config)#access-list 10 permit host 192.168.20.2

R1(config)#access-list 10 permit host 200.100.10.2

194

Troubleshooting commands

Router#show dialer shows the number of times the dialer string has been reached, the Idle-timeout values of each B channel, the length of call, and the name of the router to which the interface is connected.

Router#show isdn active shows the number called and whether a call is in progress

Router#show isdn status shows if you are SPIDs are valid and if you are connected and communicated with the provider’s switch.

Router#show dialer shows layer 3 to layer 2 mapping.

Router#debug dialer shows you the call setup teardown procedures

Router#debug isdn q921 shows layer-2 processes (local router to local switch)

Router#debug isdn q931 shows layer-3 processes (local router to remote switch)

195

Multilink PPP

This is a specification that enables the bandwidth aggregation of multiple B channels into one logical pipe.

Its mission is comparable to that of Cisco’s BOD.

More specifically, the Multilink PPP feature provides load-balancing functionality over multiple wide area network (WAN) links, while providing multivendor interoperability, packets fragmentation and proper sequencing and load calculation on both inbound and outbound traffic.

196

The command to enable PPP multilink

Router A (config-if)#ppp multilinkRouter A (config-if)#dialer load threshold 50 either

197

198

Ra

Rb

Rc

192.168.10.2/24

192.168.10.1/24

10.12.1.2

20.12.1.2

E0

E0

E0BRI 0

BRI 1

BRI 0

BRI 0

SPID 1 - 00333300

SPID 1 - 00222200

Profile 1 – 10.12.1.1Profile 2 – 20.12.1.1

Configuration for a dialer profile

199

Router A(config)#isdn switch-type basic-net3

Router A(config)#interface BRI0

Router A(config-if)#encapsulation ppp

Router A(config-if)#dialer pool-member1

Router A(config-if)#ppp authentication chap

Router A(config-if)#multilink

Router A(config)#interface BRI1


Router A(config-if)#dialer pool-member1

Router A(config-if)#ppp authentication chap

Router A(config-if)#multilink

Router A(config)#interface Dialer1

Router A(config-if)#ip address 10.12.1.1 255.255.255.0


Router A(config-if)#dialer remote-name Router B

Router A(config-if)#dialer string 2222 class remote

Router A(config-if)#dialer load threshold 50 either

Router A(config-if)#dialer pool 1

Router A(config-if)#dialer group 1

200

Router A(config-if)# ppp authentication chap

Router A(config-if)#ppp multilink

Router A(config)#map-class dialer remote

Router A(config-map-class)#dialer isdn speed 56

Router A(config)# interface Dialer2

Router A(config-if)#ip address 20.13.1.1 255.255.255.0


Router A(config-if)#dialer remote-name Router C

Router A(config-if)#dialer string 3333 class remote

Router A(config-if)#dialer load threshold 50 either

Router A(config-if)#dialer pool 1

Router A(config-if)# dialer-group 1

Router A(config-if)# ppp authentication chap

Router A(config-if)# ppp multilink

Router A(config)#map-class dialer remote

Router A(config-map-class)#dialer isdn speed 56

Router A(config)#ip route 10.12.1.2 255.255.255.255 Dialer1

Router A(config)#ip route 20.12.1.2 255.255.255.255 Dialer2

Router A(config)#ip route 10.13.1.0 255.255.255.0 10.12.1.2

Router A(config)#dialer-list 1 protocol ip permit

201

Frame Relay

This is a connection-oriented, layer 2 networking technology.

It operates at speeds from 56kbps to 45Mbps.

This is very flexible and offers a wide array of deployment options.

This operates statistically multiplexing multiple data streams over a single physical link.

Each data stream is known as a Virtual Circuit ( VC ).

202

VC Flavors

Permanent (PVC) Switched (SVC)

Implies, permanent, nailed up circuits

A data connection is made only when there is traffic to send across the link

Don’t tear down or reestablish dynamically

Establish dynamically and can reroute around the network

203

Each VC tagged with and identifier to keep it unique.

This identifier known as a Data Link Connection Identifier ( DLCI ) is determined on a per-leg basis during the transmission.

In other word it is locally significant.

It must be unique and agreed upon by 2 adjacent frame relay devices.

As long as the 2 agree, the value can be any valid number, and the number doesn’t have to be the same end to end (from router to router across a Telco Network).

204

Valid DLCI numbers are 16-1007.

For DLCI purposes, 0-15 is reserved, as are 1008-1023.

The DLCI also defines the logical connection between the Frame Relay (FR) switch and the customer premises equipment (CPE).

205

Data Link Connection Identifiers ( DLCI )

Frame Relay virtual circuits (PVC) are identified by the DLCIs.

A FR service providers such as telephone company, typically assigns DLCI values which are used by FR to distinguish between different virtual circuits on the network.

Because many virtual circuits can be terminated on one multipoint FR interface, many DLCIs are often affiliated with it.

DLCI locally significant to the router.

This is used to identify the connectivity between local router and local switch.

206

Frame Relay Encapsulation

To enable FR on the interface, simply issue the command encapsulation frame relay.

There are 2 types of Frame Relay Encapsulation.

Cisco – both are cisco routers IETF – one end is non cisco router

207

Local Management Interface( LMI )

This is a signaling standard between a CPE device (router) and a frame switch.

The LMI is responsible for managing and maintaining status between these devices.

LMI messages provide information about,

Keepalives – Verify data is flowing Multicasting – Provides a local DLCI PVC Multicast addressing – Provides DLCI status Status of virtual circuits – Provides DLCI status

Router A(config-if)#frame-relay Imi-type? Cisco ansi q933a

208

Committed Information Rate( CIR )

This means, the average rate you want to transmit.

Generally this is not the same as the CIR provides by the Telco.

this is amount you want to send on periods of no congestion.

CIR defines Bits per seconds.

209

Frame Relay Configuration

Router A configuration

R1(config)#interface serial 0

R1(config)#ip address 10.1.1.1 255.255.255.0

R1(config)#no shutdown

R1(config-if)#encapsulation frame-relay(Cisco/ietf)

R1(config-if)#frame relay interface-dlci 100

R1(config-if)#frame-relay Imi-type(cisco/Ansi/Q933a)

R1(config-if)#no-frame-relay inverse-arp

R1(config-if)#frame-relay map ip 10.1.1.2 100

210

Router B configuration

R1(config)#interface serial 0

R1(config)#ip address 10.1.1.2 255.255.255.0

R1(config)#no shutdown

R1(config-if)#encapsulation frame-relay

R1(config-if)#frame relay interface-dlci 200

R1(config-if)#frame-relay Imi-type(cisco/Ansi/Q933a)

R1(config-if)#no-frame-relay inverse-arp

R1(config-if)#frame-relay map ip 10.1.1.2 200

Education

CCNA Exam 640-802 Version 9.3