CCNA ALL IN ONE

BASICS OF CCNABY

SRIPATI MAHAPATRA

THREE WAY HANDSHAKE

Host A sends a TCP SYNchronize packet to Host B

Host B receives A's SYN Host B sends a SYNchronize-

ACKnowledgement Host A receives B's SYN-ACK Host A sends ACKnowledge Host B receives ACK. 

TCP socket connection is ESTABLISHED.

SLIDING WINDOWS IN TCP

WINDOWS RESIZING(WINDOWING)

ROUTER

MANUFACTURER

TYPES

ISR VS NORMAL ROUTER

SONET

CISCO, NORTEL, MULTICOM, CYCLADES, JUNIPER, DLINK, LINKSYS etc.

Access Layer Router (800, 1600, 1700, 1800, 2500, 2600, 2800)Distribution Layer Router (2600, 2800, 3600, 3700, 3800)Core Layer Router (64000, 7200, 7300, 7400, 7500, 7600, 10000, 12000)

ISR router will do lot of services compared with normal router. For example terminating VPN Sections, VoIP support, and bridging LAN/WAN cards. Basically ISR routers are modular routers, you can insert WAN T1/E1, SONET, etc

Synchronous Optical Networking (SONET) or Synchronous Digital Hierarchy (SDH) are standardized multiplexing protocols that transfer multiple digital bit streams over optical fibre using lasers or light-emitting diodes (LEDs).

INTERFACES

ROUTER MODES

CLI

LAN Interface (Ethernet, Fast Ethernet, Gigabyte Ethernet) – RJ 45WAN Interface (Serial Interface) DB -50Modem Interface - RJ 11AUX PortConsole Port

Router> User modeRouter# Privileged modeRouter(config)# Global configuration modeRouter(config-if)# Interface modeRouter(config-subif)# Sub interface modeRouter(config-line)# Line modeRouter(config-router)# Router configuration mode

The CLI is the medium that allow interacting with the system by typing commands.

Connecting to a Cisco Router Using ConsoleStep 1: Attach a console cable to the console port (Rj-45) located at the back of the router.

Step 2: Open a new HyperTerminal instance from Start-All Programs-Accessories-Communications-HyperTerminal, enter a random name to this connection and choose the com port to use for connecting to the router. Adjust the following port settings to the com port:Bits per second: 9600 Data bits: 8 Parity: none Stop bits: 1 Flow control: Hardware

Step 3: After pressing [Enter] a few times you will see the Router> prompt. Go to menu view-font of the HyperTerminal and select courier font with font size 14.Write enable to enter into privileged mode (after issuing the correct enable secret). Here are the steps:[Router name]>[Router name]>enablePassword: ……….[Router name]#

Connecting to a Cisco Router Using TelnetNote that in order to be able to telnet onto a router, a telnet password must have been configured on the router and also telnet access should not be disabled on the specific router.Before installing a new router you must provide a password for the telnet access on the router, otherwise you will not be able to telnet to it.Use the console to connect to the router:[Router name] enablePassword: ……….[insert enable secret here][Router name]# sh runPress [enter] until you see a sentence like: line vty 0 4 (see the example below). Below this sentence you should see a password. If not then you should provide a password. If a password is set but no exec line is seen like in the example below, then telnet is blocked and you should unblock it.Example:Line vty 0 4Password surpassNo exec

a. To Provide a telnet Password

Router#config tRouter(Config)#line vty 0 4Router(Config)#loginRouter(Config)#password [password name]Press [Ctrl][z] and issue sh run to ensure that password has been set

b. To Unblock telnet Access on Router

Router#config tRouter(Config)#line vty 0 4Router(Config)#execC:\>telnet 10.176.100.2Password: ……….[Router name]>enablePassword: ……….[Router name]#

Backing Up Router Configuration To copy the configuration from the router to the TFTP server you can use the copy run tftpcommand. It will backup the router configuration thats stored in DRAM. Then you will be asked to enter the address of the TFTP server and the name of the destination file on TFTP server like this: [Router name] #copy run tftp — to copy the running configuration to TFTP server Address or name of remote host []? 172.16.10.2 — the ip address of TFTP server Destination filename [routername-confg]? /Backup/Router01.cfg — the folder path on the server where the configuration file will be stored)

Restoring Router Configuration In this section I’ll show you how to restore a running router with basic configuration and also how to restore a new router with no basic configuration — both of which scenarios you’ll probably run into.

1. Restoring a Running Router with Basic Configuration In case the router has the basic configuration (i.e. router ports are assigned to subnet), use the command copy TFTP run and then complete the rest of the requirements like this: [router name]# show run — to see the running configuration [router name]#copy tftp run — to copy the configuration file from TFTP server to the running configuration of the router Address or name of remote host []?172.16.10.2 — TFTP server address Source filename[]?/Backup/Router01.cfg — the configuration file to be copied to the router [router name]#show run [router name]#show interfaces [router name]#copy run start

We issue show run command to verify that the configuration has been copied to the router. Useshow interfaces command to ensure that the interfaces where we have cables connected to them are up. Issue the command copy run start to copy the configuration from running configuration (DRAM) to Startup configuration (NVRAM).

Restoring a New Router with No Basic Configuration a. Provide basic router configuration In case we install a new router with no configuration, then we have to incorporate this router into the subnet before restoring the final configuration. We have to assign an IP address and subnet mask to interface Vlan1. First we have to go through the old configuration files either from the old router or from the tfrp server and look for the IP address and subnet that the router was configured with, on its previous location. This information will look like this: interface vlan1 ip address [ip address] [subnet]

Make a note of both IP address and subnet and then log onto your new router with the console cable using a hyperterminal. Issue passwords and then issue the following: [Router name]#config t [Router name](Config)#int vlan1 [Router name](Config-if)#ip address [ip address] [subnet] [Router name](Config-if)#no shutdown Press [CTRL][Z] [Router name]# show run — to see that IP address on vlan1 has been set

b. Copy configuration from TFTP server to the router [Router name] #copy TFTP run Address or name of remote host []?172.16.10.2 Source filename[]?/Backup/Router01.cfg [router name]#show run [router name]#show interfaces [router name]#copy run start

BACKUP AND RESTORE IOS IN CISCO ROUTER

BACKING UP IOS

RESTORE IOS IN PRIVILEGED MODE

router# copy flash: tftp:Source filename []? c2600-i-mz.122-28.binYou can check the file name using command show flash in user privilege modeAddress or name of remote host []? 1.0.0.1Destination filename [c2600-i-mz.122-28.bin]? Xyz.bin

DONE………….

Router#copy tftp: flash:Address or name of remote host []? 1.0.0.1Source filename []? xyz.binDestination filename [xyz.bin]? myrouter.bin

DONE……………

RESTORE IOS IN ROMMON MODE

rommon 1> IP_ADDRESS=x.x.x.x   rommon 2> IP_SUBNET_MASK=x.x.x.x   rommon 3> DEFAULT_GATEWAY=x.x.x.x  rommon 4> TFTP_SERVER=x.x.x.x   rommon 5> TFTP_FILE=myrouter.bin rommon6> tftpdnld Do you wish to continue? y/n: [n]: y

Done ………….

The administrative functions include:

– Hostname• Assigns a name to the Router.• Does not affect the functioning of the Router.• Router(config)# hostname George

– Banner• Warns an unauthorized user who is trying to connect to the

Router.• Router(config)#banner motd .• welcome to Cisco .

– Password

• Secures the Router from unauthorized access.• Is categorized into five types namely, console, auxiliary,

telnet, enable password, and enable secret.• Service password encryption is the command to encrypt

password

Console Password

Telnet password To encrypt password

Auxillary Password

Line console 0Password nopassLoginExit

Line vty 0 4Password nopass “Service password-encryption”Login use it after exit cmdExit

Line aux 0Password nopassLoginExit

ROUTER INTERFACE

BRINGING UP AN INTERFACE

• Assist a Router to communicate with other devices in the network.

• Act as ports.• Require network address and media type for configuration.• Are configured using the interface [type][slot/port]

command.

• Bringing up an interface means enabling an interface and involves assigning an IP address to it.

• The no shutdown command is used to enable an interface and the shutdown command is used to disable an interface.

• The show interface command in the privileged mode allows checking the status of a specific interface.

• The ip address command is used to assign an IP address for an enabled interface.

VIEWING AND SAVING CONFIGURATION

DELETING COFIGURATION AND RELOADING THE ROUTER

• The copy running-config startup-config command is used to save the configuration file manually.

• The show running-config command is used to display the current configuration.

• The show startup-config command is used to display the configuration that will be used when the Router would be reloaded.

• The erase startup-config command is used to delete the saved

configuration in the Router.

• The reload command is used to reboot the Router in EXEC

privileged mode.

SHOW COMMANDS

Router#show clock Displays time set on deviceRouter#show hosts Displays local host-to-IP addresscache. These are the names andaddresses of hosts on the network towhich you can connectRouter#show users Displays all users connected todeviceRouter#show history Displays history of commands usedRouter#show flash Displays info about Flash memoryRouter#show version Displays info about loadedsoftware versionRouter#show arp Displays the ARP tableRouter#show protocols Displays status of configured LayerRouter#show startup-config Displays configuration saved inNVRAMRouter#show running-config Displays configuration currentlyrunning in RAM

ENHANCED EDITING COMMANDS

Ctrl-A - Moves the cursor to the beginning of the line. Ctrl-B - Moves the cursor back one character. Ctrl-D - Deletes the character at the cursor. Ctrl-E - Moves the cursor to the end of the command line. Ctrl-F - Moves the cursor forward one character. Ctrl-K - Deletes all characters from the cursor to the end of the command line. Ctrl-L and Ctrl-R - displays the system prompt and command line. Ctrl-T - Transposes the character to the left of the cursor with the character located at the cursor. Ctrl-U and Ctrl-X - Deletes all characters from the cursor back to the beginning of the command line. Ctrl-W - Deletes the word to the left of the cursor. Ctrl-Y - Recalls the most recent entry in the delete buffer. The delete buffer contains the last ten items you have deleted or cut. Ctrl-Y can be used in conjunction with Esc Y. Ctrl-Z - Ends configuration mode and returns you to the EXEC prompt. Ctrl-P or Up Arrow Recalls commands in the history buffer in a backward sequence, beginning with the most recent command. Repeat the key sequence to recall successively older commands. Ctrl-N or Down Arrow Returns to more recent commands in the history buffer after recalling commands with Ctrl-P or the Up Arrow. Repeat the key sequence to recall successively more recent commands.

Serial interface (S0, S1 etc) - 60 pin/26 pin(smartserial) ISDN interface(BRI0 etc) - RJ45

AUI (Attachement Unit Interface) (E0) - 15 pin 10baseT - RJ45

Console - RJ45 – Local Auxiliary - RJ45 – Remote

A bootstrap program is located here. It is same as the BIOS of the PC. Bootstrap program current version is 11.0. POST , Mini –IOS and rom Monitor also found here in rom

Internetwork Operating System (IOS) developed by Cisco is stored here. IOS is Command line interface.

WAN interfaces

LAN interfaces – Ethernet

Administration interfaces

INTERNAL COMPONENTSRom

Flash

NVRAM

RAM

Processor

Non volatile RAM, similar to Hard Disk It is also known as Permanent Storage or Start-up Configuration. Generally size of NVRAM is 32 KB.

It is also known as Temporary Storage or running configuration. Minimum size of RAM is 2MB. The size of RAM is greater than NVRAM in the Router.

Motorola Processor 70 MHz, RISC based processor (Reduced Instruction Set Computer)

Power on Self Test (verifies) the hardware

Contact the ROM Loads the Bootstrap Program

IOS found in Flash Loading IOS

Flash contacts the NVRAM

NVRAM configuration copied into RAM

BOOT SEQUENCE

COLLISION DOMAIN

BROADCAST DOMAIN

VLSM

A collision domain is a physical network segment where data packets can collide with one another when being sent on a shared medium, in particular, when using the Ethernet networking protocol. A network collision occurs when more than one device attempts to send a packet on a network segment at the same time.

A broadcast domain is a logical division of a computer network, in which all nodes can reach each other by broadcast at the data link layer. A broadcast domain can be within the same LAN segment or it can be bridged to other LAN segments.

A variable length subnet mask (VLSM) allows you to subnet Class A, B, or C addresses using different length masks for the various subnets. It is beneficial because it allows more efficient use of an assigned address space.

DCE

DTE

Data Communication Equipment

Generate clocking (i.e. Speed).

Master

Example of DCE device in Leased line setup : V.35 & G.703 Modem & Exchange (Modem & MUX)

Example of DCE device in Dial up setup : Dialup Modem

Data Termination Equipment

Accept clocking (i.e. Speed).

Slave

Example of DTE device in Leased line setup : Router

PPP

HDLC

Point to Point Protocol

Open Standard Protocol works with same and different company Routers i.e. Cisco-Nortel, Cisco-Multicom.

Supports Authentication

Supports Compression

High level Data link control

Vendor proprietary Protocol (works with same company Router only, i.e. Cisco-Cisco, Nortel-Nortel, etc.)

No Support for Authentication

No Support for Compression

ROUTING TYPES

STATIC ROUTING

DYNAMIC ROUTING

DEFAULT ROUTING

With static routing, you -- as the administrator -- manually enter the routes and tell the router, for each IP network, what next hop that traffic should be delivered to.

With dynamic routing, you -- as the administrator -- configure a routing protocol on your network interfaces. Your routing protocol learns about other routers automatically. Your router and the other routers exchange routes, and each learns about the networks that the other is connected to. When new networks are added or removed, the routers update each other.

A default route is a static route that simply says all traffic to go through the interface and not network specific. The routing command is :-ip route 0.0.0.0 0.0.0.0 next-hop-router-IP address

ROUTING PROTOCOLS

FUNCTIONS

Route learning and building Routing tablesBest Path SelectionConvergenceRouting Loop PreventionRoute Validation

ROUTING METRICSUsed by a router to find out the best path amongst all the available paths. A routing metric stores the following details:

BandwidthNetwork DelayHop CountLoad (measured by x/255)MTUReliability (measured by x/255)

Routing Types

ClassfulClassless

Protocol Basics

Loop Prevention Mechanism

Administrative Distance (AD)

Routing Loop

Autonomous System (AS)

Split Horizon:-

Split Horizon with Poison Reverse :-

Triggered updates :-

Route Poisoning :-

Is a method to select the best route in a particular network using the distance range from 0-255. The value 0 means the route is more trusted and 255 means the route is unreachable.

Is the condition when the routing table is not updated properly, due to failed synchronization between two nodes. And the endless loop is known as count-to-infinity problem.

Consists of different network which are managed by administrative domain.Interior gateway protocols work within a AS and exterior gateway protocols (BGP) work between AS to AS.

A mechanism prevent a router from advertising the route back to the interface from which it learnt about. This mechanism involves advertising all the routes by a routing protocols in an interface. This mechanism sent an update as soon as a route is failed instead of waiting until the update timer expires. This mechanism broadcast a failure subnet information with an infinite distance metric to avoid loop in a network.

Administrative Distance

Administrative distance defines the reliability of a routing protocol. when there are two or more different routes to the same destination from two different routing protocols.

DISTANCE VECTOR PROTOCOL

LINK STATE PROTOCOL

This type of routing protocol requires that each router simply inform its neighbours of its routing table. For each network path, the receiving routers pick the neighbour advertising the lowest cost, then add this entry into its routing table for re-advertisement. Ex – RIP, IGRP

Using this type of routing protocol when a network link changes state (up to down, or vice versa), a notification, called a link state advertisement (LSA) is flooded throughout the network. All the routers note the change, and recompute their routes accordingly. This method is more reliable, easier to debug and less bandwidth-intensive than Distance-Vector. It is also more complex and more compute- and memory-intensive. Ex- OSPF, EIGRP

PROTOCOL TYPES

RIPv1

RIPv2

RIPng

RIP TIMERS

Classful routing protocolSlow convergence Unsuitable for large networkRouting loopsNo route authenticationSupports maximum 15 hops

Support CIDRRoute authentication is possible

Extended version of RIPv2Supports IPv6UDP based protocolDoes not support authentication

Update timer – 30 secondsInvalid timer – 180 secondsHold-down timer – 180 secondsFlush timer – 240 seconds

IGRP

EIGRP

Type of IGP invented by Cisco to overcome the limitations of RIP, as it supports maximum 255 hops and can use in large network.Update time – 90 secondsHold-down time -280 secondsInvalid rime – 270 secondsFlush time - 630 seconds

Cisco proprietary protocolClassless routing protocolAdministrative distance is 90Updates are sent through multicast IP address Maximum hop count is 224Supports IP, IPX, and AppleTalk protocols.Hello packets are send in every 5 secondsConvergence rate is fast.

EIGRP

For LAN 5 Sec(Hello) 3*Hello(hold-timer)

For WAN 60 Sec(Hello) 3*Hello(hold-timer)

OSPF

10 Sec(Hello) 4*Hello(Dead-interval)

EIGRP TABLES

EIGRP Terminology

Neighbor Table

Topology Table

Routing Table

Feasible Distance : -

Reported Distance :-

Successor :-

Feasible Successor :-

Contains information about directly neighbors.

Contains entries for all the destination along with feasible distance and the calculated metric.

Entries with the best path for each destination from the topology table are moved into the routing table.

Is the metric of the best route to a destination

The cost of the route advertised by the neighbor.

The neighbor with the best metric to the destination.

The neighbor with the 2nd best metric to the destination.

OSPF

OSPF TableNeighbor Table

Database Table

Routing information Table

Open standard protocolSuccessor of RIPClassless routing protocolUnlimited hop countFast convergenceRouting authentication possibleUse multicast IP address to update information. (224.0.0.5)Administrative Distance is 110Hello packets are sent at every 10 seconds.Hierarchical design with multiple areas and area 0 is called the backbone area.

Contains information about directly connected adjacent routers.

Contains information about entire view of the topology with respect to each other.

Contains information about the best path calculated by the shortest path first algorithm.

OSPF packet types

OSPF Areas

ROUTER ID

HelloDBD(Database Descriptor)LSR(Linkstate Request)LSU( Linkstate Update)LSACk(Linkstate Acknowledgement)

It contains a group of network and routers, which share the same Area ID. The area ID is used to identify area to which the OSPF packet belongs.

Is an IP address configured on the Cisco routers that uniquely identifies the router in the network

Access Control List

TYPES

Ip access control lists is used in router to identify and control traffic. They are aSequential list of permit and deny conditions that apply to ip address or upper Layer protocol.

The access control list can be of two types 1) Standard access control list 2) Extended access control list

And are available in two ways 1) Numbered Acl 2) Named Acl

And filter the traffic in two ways 1) Inbound Filter 2) Outbound Filter

STANDARD ACCESS CONTROL LIST

EXTENDED ACCESS CONTROL LIST

A standard access control list can only define the source ip of the traffic.and is the older one.

They have the format : access_list [number] [permit or deny] [source_address]

The number can be 1-99 in case standard Acl

An extended access control list can define the source and destination ip Of the traffic, as well as port no .

They have the format : access_list [number] [permit or deny] [protocol ] [source] [destination] [port]

The number can be 100-199 in case extended Acl

FRAME RELAY

DLCI

LMI

Frame Relay is a standardized wide area network technology that specifies the physical and logical link layers of digital telecommunications channels using apacket switching methodology. Originally designed for transport across Integrated Services Digital Network (ISDN) infrastructure.

Data link connection identifiers (DLCIs) are numbers that refer to paths through the Frame Relay network. They are only locally significant, which means that when device-A sends data to device-B it will most-likely use a different DLCI than device-B would use to reply.

Local Management Interface (LMI) is a signaling standard used between routers and frame relay switches. Communication takes place between a router and the first frame relay switch it's connected to. Information about keepalives, global addressing, IP Multicast and the status of virtual circuits is commonly exchanged using LMI.

VIRTUAL CIRCUITS

SVC

PVC

In telecommunications and computer networks, a virtual circuit (VC), synonymous with virtual connection and virtual channel, is a connection oriented communication service that is delivered by means of packet mode communication.

A switched virtual circuit (SVC) is a virtual circuit that is dynamically established on demand and is torn down when transmission is complete, for example after a phone call or a file download. SVCs are used in situations where data transmission is sporadic and/or not always between the same data terminal equipment (DTE) endpoints.

A permanent virtual circuit (PVC) is a virtual circuit established for repeated/continuous use between the same DTE. In a PVC, the long-term association is identical to the data transfer phase of a virtual call.

BREAKING PASSWORD IN CISCO ROUTER

1 - Use the power switch in order to turn off the router, and then turn the router back on2- Press Ctrl+Break or Ctrl+Shift+F6+C on the terminal keyboard within 60 seconds of power up in order to put the router into ROMMON3 - Type confreg 0x2142 at the rommon 1> prompt in order to boot from Flash.This step bypasses the start up configuration where the passwords are stored.4 - Type reset at the rommon 2> prompt. The router reboots, but ignores the saved configuration. 5 -Type no after each setup question, or press Ctrl-C in order to skip the initial setup procedure.6 - Type enable at the Router> prompt. You are in enable mode and should see the Router# prompt. 7- Type configure memory or copy startup-config running-config in order to copy the non-volatile RAM (NVRAM) into memory.Important: Do not type copy running-config startup-config or write. These commands erase your start-up configuration.8 - Type configure terminal. The hostname(config)# prompt appears.

9- Type enable secret <password> in order to change the enable secret password. For example:hostname(config)#enable secret Cisco 10- Issue the no shutdown command on every interface that you use.If you issue a show ip interface brief command in privilege EXEC mode, every interface that you want to use should display up up. For example:Router#show ip interface brief 11- Type config-register <configuration_register_setting>. Where configuration_register_setting is either the value you recorded in step 2 or 0x2102. For example:hostname(config)#config-register 0x2102 12-Press Ctrl-z or end in order to leave the configuration mode. The hostname# prompt appears. 13- Type write memory or copy running-config startup-config in order to commit the changes.

CDP

COMMANDS

Cisco Discovery Protocol (CDP) is a proprietary layer 2 management protocol for networks. CDP provides network device inventory, connectivity information, and IP next hop info. It works on LANs and WANs

cdp run and cdp no run - to enable and disable CDP globallycdp enable and no cdp enable - to enable and disable cdp per interfaceshow cdp neighbors - to view see what routers and switches are connected to you on the LAN or WAN.show cdp interfaces - to see which of your interfaces are participating in the CDP exchangeshow cdp entry - to look at a particular switch or router that is a neighbor

SPANNING TREE PROTOCOL

RAPID SPANNING TREE PROTOCOL

Using the spanning tree algorithm, STP provides path redundancy while preventing undesirable loops in a network that are created by multiple active paths between stations. Loops occur when there are alternate routes between hosts. To establish path redundancy, STP creates a tree that spans all of the switches in an extended network, forcing redundant paths into a standby, or blocked, state. STP allows only one active path at a time between any two network devices (this prevents the loops) but establishes the redundant links as a backup if the initial link should fail.

Same as STP but faster convergence time.

To configure Cisco IOS DHCP, follow these steps, which include sample commands:

Configure an IP address on the router's Ethernet port, and bring up the interface. (On an existing router, you would have already done this.)Router(config)# interface ethernet0/0 Router(config-if)#ip address 1.1.1.1 255.0.0.0 Router(config-if)# no shutdownCreate a DHCP IP address pool for the IP addresses you want to use.Router(config)# ip dhcp pool mypoolSpecify the network and subnet for the addresses you want to use from the pool.Router(dhcp-config)# network 1.1.1.0 /8 Specify the DNS domain name for the clients.Router(dhcp-config)#domain-name mydomain.comSpecify the primary and secondary DNS servers.Router(dhcp-config)#dns-server 1.1.1.10 1.1.1.11Specify the default router (i.e., default gateway).Router(dhcp-config)#default-router 1.1.1.1Specify the lease duration for the addresses you're using from the pool.Router(dhcp-config)#lease 7Exit Pool Configuration Mode.Router(dhcp-config)#exithow to exclude IP addresses .100 and below:Router(config)#ip dhcp excluded-address 1.1.1.0 1.1.1.100