CCNA Review

RJ-45 Connector types

Cisco device hardware components

IP version 4 header

Version - Contains a 4-bit binary value identifying the IP packet version. For IPv4 packets, this field is always set to 0100.

Differentiated Services (DS) - Formerly called the Type of Service (ToS) field, the DS field is an 8-bit field used to determine the priority of each packet. The first 6 bits identify the Differentiated Services Code Point (DSCP) value that is used by a quality of service (QoS) mechanism. The last 2 bits identify the explicit congestion notification (ECN) value that can be used to prevent dropped packets during times of network congestion.

Time-to-Live (TTL) - Contains an 8-bit binary value that is used to limit the lifetime of a packet. It is specified in seconds but is commonly referred to as hop count. The packet sender sets the initial time-to-live (TTL) value and is decreased by one each time the packet is processed by a router, or hop. If the TTL field decrements

to zero, the router discards the packet and sends an Internet Control Message Protocol (ICMP) Time Exceeded message to the source IP address. The traceroute command uses this field to identify the routers used between the source and destination.

Protocol - This 8-bit binary value indicates the data payload type that the packet is carrying, which enables the network layer to pass the data to the appropriate upper-layer protocol. Common values include ICMP (0x01), TCP (0x06), and UDP (0x11).

Source IP Address - Contains a 32-bit binary value that represents the source IP address of the packet.

Destination IP Address - Contains a 32-bit binary value that represents the destination IP address of the packet.

Internet Header Length (IHL) - Contains a 4-bit binary value identifying the number of 32-bit words in the header. The IHL value varies due to the Options and Padding fields. The minimum value for this field is 5 (i.e., 5×32 = 160 bits = 20 bytes) and the maximum value is 15 (i.e., 15×32 = 480 bits = 60 bytes).

Total Length - Sometimes referred to as the Packet Length, this 16-bit field defines the entire packet (fragment) size, including header and data, in bytes. The minimum length packet is 20 bytes (20-byte header + 0 bytes data) and the maximum is 65,535 bytes.

Header Checksum - The 16-bit field is used for error checking of the IP header. The checksum of the header is recalculated and compared to the value in the checksum field. If the values do not match, the packet is discarded.

Identification - This 16-bit field uniquely identifies the fragment of an original IP packet.

Flags - This 3-bit field identifies how the packet is fragmented. It is used with the Fragment Offset and Identification fields to help reconstruct the fragment into the original packet.

Fragment Offset - This 13-bit field identifies the order in which to place the packet fragment in the reconstruction of the original unfragmented packet.

IP version 6 header

Version - This field contains a 4-bit binary value identifying the IP packet version. For IPv6 packets, this field is always set to 0110.

Traffic Class - This 8-bit field is equivalent to the IPv4 Differentiated Services (DS) field. It also contains a 6-bit Differentiated Services Code Point (DSCP) value used to classify packets and a 2-bit Explicit Congestion Notification (ECN) used for traffic congestion control.

Flow Label - This 20-bit field provides a special service for real-time applications. It can be used to inform routers and switches to maintain the same path for the packet flow so that packets are not reordered.

Payload Length - This 16-bit field is equivalent to the Total Length field in the IPv4 header. It defines the entire packet (fragment) size, including header and optional extensions.

Next Header - This 8-bit field is equivalent to the IPv4 Protocol field. It indicates the data payload type that the packet is carrying, enabling the network layer to pass the data to the appropriate upper-layer protocol. This field is also used if there are optional extension headers added to the IPv6 packet.

Hop Limit: - This 8-bit field replaces the IPv4 TTL field. This value is decremented by one by each router that forwards the packet. When the counter reaches 0 the packet is discarded and an ICMPv6 message is forwarded to the sending host, indicating that the packet did not reach its destination.

Source Address - This 128-bit field identifies the IPv6 address of the receiving host.

Destination Address - This 128-bit field identifies the IPv6 address of the receiving host.

Cisco Route source character C: Directly connected

network L: Link local route (IOS v15

or higher) O: OSPF route D: EIGRP route S: Static route

EX: EIGRP External IA: OSPF inter area E1: OSPF External type type

1 E2: OSPF External type 2 B: BGP R: RIP

TCP header – Stateful protocol

Sequence number (32 bits) - Used for data reassembly purposes. Acknowledgement number (32 bits) - Indicates the data that

has been received. Header length (4 bits) - Known as ʺdata offsetʺ. Indicates the

length of the TCP segment header. Reserved (6 bits) - This field is reserved for the future. Control bits (6 bits) - Includes bit codes, or flags, that indicate the

purpose and function of the TCP segment. Window size (16 bits) - Indicates the number of segments that

can be accepted at one time. Checksum (16 bits) - Used for error checking of the segment

header and data. Urgent (16 bits) - Indicates if data is urgent.

TCP Header control bits

URG - Urgent pointer field significant ACK - Acknowledgement field significant PSH - Push function RST - Reset the connection SYN - Synchronize sequence numbers FIN - No more data from sender

UDP header – Stateless protocol

TCP 3 way handshake

Step 1: SYN bit = 1 Step 2: SYN bit = ACK bit = 1 Step 3: ACK bit = 1

TCP Connection clearance

Addresses The private address blocks are:

o 10.0.0.0 to 10.255.255.255(10.0.0.0/8)

o 172.16.0.0 to 172.31.255.255(172.16.0.0/12)

o 192.168.0.0 to 192.168.255.255(192.168.0.0/16)

Unique address (IPv6) FC00::/7 to FDFF::/7 Loopback addresses: 127.0.0.1 to 127.255.255.255

IPv6: ::1/128 Link local addresses: 169.254.0.0 to

169.254.255.255 (169.254.0.0/16)IPv6: FE80::/64

Test net addresses: 192.0.2.0 to 192.0.2.255(192.0.2.0/24)

Document IPv6 address2001:0DB8::/32 Experimental addresses: 240.0.0.0 to 255.255.255.254 Limited Broadcast address: 255.255.255.255

IPv6 all nodes/hosts multicast (Send to all hosts via this address)FF02::1

IPv6 all routers multicast (Send to all routers via this address)FF02::2

Multicast Addresses: 224.0.0.0 to 239.255.255.255(224.0.0.0/4)

IPv6 FF00::/8 Unspecified Address (IPv6) ::/128 Site local Address (IPv6) FEC0::/10 Currently (2014) available global unicast IPv6 Address: 2000::/3

Solicited-node multicast address

Global routing prefix / Currently global unicast IPv6 address structure

Number of Subnets = 2n (where n = the number of borrowed bits)Number of Valid hosts = 2m - 2 (where m = the number of bits remaining in the host field; 2 are for network and broadcast addresses)

Email protocolsSMTP (port 25) is used

To send email from client (Mail User Agent – MUA) to its email server / first Mail Transfer Agent (MTA) or

To send email from a MTA to another MTA

Post Office Protocol (POP) (port 110) enables an email client to retrieve mail from a mail server and then deleted on the serverIMAP (port 143) enables client to retrieve / sync mail but not delete it on the server

Port statusEthernet0 is up, line protocol is up.

Both the Physical and Data Link characteristics of the interface are functioning correctly.

Ethernet0 is down, line protocol is down.

Physical interface problem. For example, the cable may be disconnected. This problem can also occur if this interface is connected to another router whose interface has been shut down using the shutdown command.

Ethernet0 is up, line protocol is down.

Physical layer connectivity is obviously not the issue. The line protocol being down is usually related to either a clocking issue (such as with keepalives) or a mismatch between the frame types being used on connected devices. For

example, one router being configured to use ARPA frames, and another to use SNAP, encapsulation type mismatch, the interface on the other end could be error-disabled, or there could be a hardware problem.

Ethernet0 is administratively down, line protocol is down.

This output means that a local interface has been manually shut down using the shutdown command. In the example below, the shutdown command is issued for interface serial 0, followed by the show int s0 command.

Check Network Access Layer Issues from Switch # show interface fa0/1 commandOutput from the command line

Runts Malfunctioning NICs are the usual cause of excessive runt frames?

Giants Malfunctioning NICs are the usual cause of excessive runt frames?

CRC There is too much noise on the link and you should inspect the cable for damage and length. You should also search for and eliminate noise sources, if possible.

Collisions

Number of messages retransmitted because of an Ethernet collision. (Only in half-duplex)

Late collisions

Excessive cable lengths are the most common cause of late collisions. Another common cause is duplex misconfiguration.

Port security violation modes

Static secure MAC address: MAC addresses configured in this way are stored in the address table and are added to the running configuration on the switch

Dynamic secure MAC address: MAC addresses that are dynamically learned and stored only in the address table. MAC addresses configured in this way are removed when the switch restarts.

Sticky secure MAC address: AC addresses that can be dynamically learned or manually confiugred, then stored in the address table and added to the running configuration.

DTP Negotiated interface modes

Troubleshoot missing VLANIf there is still no connection between devices in a VLAN, but IP addressing issues have been ruled out, refer to the flowchart.

Troubleshoot Trunks

Should troubleshoot trunks follow below order: Native VLAN mismatches Trunk mode mismatches Allowed VLANs on trunks

Remote network entry identifiers in Routing table

Directly connected network entry identifiers in Routing table

Routing protocols classification

Autonomous System

AS (Autonomous System) is a collection of routers under a common administration such as a company or an organization. An AS is also known as a routing domain.

Interior Gateway Protocols (IGP) - Used for routing within an AS Exterior Gateway Protocols (IGP) - Used for routing between AS

Distance vector protocols Distance - Identifies how far it is to the destination network and is

based on a metric such as the hop count, cost, bandwidth, delay, and more.

Vector - Specifies the direction of the next-hop router or exit interface to reach the destination.

Routing table termsAn ultimate route is a routing table entry that contains either a next-hop IPv4 address or an exit interface.A level 1 route is a route with a subnet mask equal to or less than the classful mask of the network address.A level 1 parent route is a level 1 network route that is subnettedA level 2 child route is a route that is a subnet of a classful network address.

Standard ACL: Sau khi add ACE (entry) vào ACL thì nên reload lại device để thấy thứ tự chuẩn đc processExtended ACL: The order in which the statements are entered during configuration is the order they are displayed and processed

Unlike IPv4, IPv6 Access List has 2 ACE (entry) before "deny any any" permit icmp any any nd-na permit icmp any any nd-ns

DHCPv6nd-na: ICMP Neighbor Discovery (ND) - Neighbor Advertisement (NA)nd-ns: ICMP Neighbor Discovery (ND) - Neighbor Solicitation (NS)

NAT Static address translation (static NAT) - One-to-one address

mapping between local and global addresses.

Dynamic address translation (dynamic NAT) - Many-to-many address mapping between local and global addresses.

Port Address Translation (PAT) - Many-to-one address mapping between local and global addresses. This method is also known as overloading (NAT overloading).

clear ip nat translations syntax

Port forwarding

Network model

STP

Root port: Switch port closest to the root bridge Designated port: All non-root ports that are still permitted to forward

traffic on the network. Alternate and backup port: Ports are configured to be in a blocking

state to prevent loops. Alternate ports are selected only on trunk links where neither end is a root port.

Disabled ports: A disabled port is a switch port that is shut down.

STP Path selection based on Port cost

STP Bridge ID format

The bridge (switch) with lowest ID will be the Root bridge. So that the follow selection order will be: Priority, Extended System ID (VLAN ID), Mac Address

EtherChannel Protocols

Default DR/BDR OSPF Election Process in follow order- The router with the highest interface priority will be DR, the one with the second highest interface priority will be BDR.- If the interface priorities are equal, the router with the highest router ID will be DR, the one with the second highest router ID will be BDR.- If no router ID are configured, the router ID is determined by the highest loopback IP address.- If no loopback interfaces are configured, the router ID is determined by the highest active IPv4 address.The MTU size is the largest network layer packet that the router will forward out each interface