CISCO CCNA Notes Created RoNy OSI Layers [All People Seem To Need Data Processing] Interoperability and Interconnectivity Application Datagrams HTTP, WWW, SMTP, SNMP, FTP, Telnet, EDI. Program-to-Program Communication Presentation Datagrams Date Encryption, Compression, Translation Converting from EDCDIC to ASCII. MIDI, MPEG, GIF, JPEG, PICT, TIFF. Session Datagrams Dialog Control. SQL, X-windows, RPC, NFS, ASP, NetBEUI, NETBIOS. DNA Transport Segments TCP Connection oriented Virtual Circuits, UDP Connectionless, End-to-End, Flow control. SPX Network Packets IP, IPX. ICMP. BootP, ARP, Routing of Packets OSPF, IGRP, EIGRP, RIP. Data Link Layer Frames Bridges and switches. MAC, LLC, Frames. SSAPs & DSAPs. 802.2 802.3, PPP, ISL, Frame relay, FDDI. CDP, HDLC,SDLC Physical Bits Bits. Network Media. Hubs, RJ45, v.24, v.35, EIA/TIA-.449 NIC Port Numbers 0-255 Public Assigned [] 256-1023 Assigned to Companies [] 1023+ User defined FTP 21 Telnet 23 SMTP 25 WWW, HTTP 80 DNS 53 TFTP 69 SNMP 161,162 TCP 6 UDP 17 Editing Shortcut Keys CTRL – P Previous command CTRL – N Forwards the history buffer, next command CTRL – B Back one character CTRL – F Forward one character CTRL – A Cursor to Beginning CTRL – E Cursor to End ESC – B Back one word ESC – F Front one word CTRL – W Erase a word CTRL – U Erase a Line CLASS A 1 - 126 CLASS B 128 - 191 CLASS C 192 - 223 CLASS D 224 - 239 Multicast CLASS E 240 - 254 Experimental
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
CISCO CCNA Notes Created RoNy OSI Layers [All People Seem To Need Data Processing] Interoperability and Interconnectivity Application Datagrams HTTP, WWW, SMTP, SNMP, FTP, Telnet,
EDI. Program-to-Program Communication Presentation Datagrams Date Encryption, Compression, Translation
Converting from EDCDIC to ASCII. MIDI, MPEG, GIF, JPEG, PICT, TIFF.
Port Numbers 0-255 Public Assigned [] 256-1023 Assigned to Companies [] 1023+ User defined FTP 21 Telnet 23 SMTP 25 WWW, HTTP 80 DNS 53 TFTP 69 SNMP 161,162 TCP 6 UDP 17 Editing Shortcut Keys CTRL – P Previous command CTRL – N Forwards the history buffer, next command CTRL – B Back one character CTRL – F Forward one character CTRL – A Cursor to Beginning CTRL – E Cursor to End ESC – B Back one word ESC – F Front one word CTRL – W Erase a word CTRL – U Erase a Line CLASS A 1 - 126 CLASS B 128 - 191 CLASS C 192 - 223 CLASS D 224 - 239 Multicast CLASS E 240 - 254 Experimental
For Subnet 1111 1111 8 bits 255 1111 1110 7 bits 254 1111 1100 6 bits 252 1111 1000 5 bits 248 1111 0000 4 bits 240 1110 0000 3 bits 224 1100 0000 2 bits 192 1000 0000 1 bit 128 For Access Lists Standard IP Access List 1 - 99 Extended IP Access List 100 - 199 IPX Standard Access List 800 - 899 IPX Extended Access List 900 - 999 IPX SAP Access List 1000 - 1099 AppleTalk Standard Access List 600-699 48 bit MAC address Access List 700-799 Standard Access List can act on basis of 1. Source Address Extended Access List can act on basis of 1. Source Address 2. Destination Address
3. Protocol or 4. Port
Flow Control CISCO THREE LAYER 1. Buffering 2. Source Quench Messages 3. Windowing
1. Core Layer Speed, FDDI, ATM
2. Distribution Layer Routers Access list, Queuing, Filtering, Firewalls Routing between VLANS 3. Access Layer Routers & Switches HUBs
1. Store and Forward 1581bytes 2. Cut-Through Only Destination Address 6 bytes 48bit MAC 3. Fragment Free First 64bytes of frames
UTP / STP COAXIAL Thinnet COAXIAL Thicknet
RJ 45 RG 58 BNC Connector RG 8 or 11 BNC Connector 100 m or 330 ft 185 m or 925 ft 500 m or 2500 ft 10Mbs 100Mbs CAT 3 CAT5 10Mbps 10Mbps 10BaseT 10Base2 10Base5 ISDN BRI 2B+D 2 64kbps for data and 1 16Kbps for link 144kbpx PRI 23B+D 23 64kbps for data and 1 64Kbps for link 1.5 Mbps
ISDN ISDN Reference Point 1. E - Existing telephone network 2. I - Concepts, terminology & Services 3. Q - Switching and Signaling
1. R - Non ISDN - TA 2. S - User Terminal & NT2 3. T - NT1 & NT2 4. U - NT1 & Line Terminal Equipment
STP Port States Router Boot Steps 1. Blocking 2. Listening 3. Learning 4. Forwarding
1. POST 2. Looks for IOS in Flash 3. Configuration File in NVRAM 4. No Config file then SETUP
Non ISDN Device TE2 ISDN TE1 Router with builtin NT1 R S/T U U U
TA
NT1
ISDN Switch Service
AD [Administrative Distance] Rates source trustworthiness value between 0 to 255 Connected Interface 0 Static 1 Manual EIGRP 90 Hybrid IGRP 100 Distance Vector BW & Delay of line OSPF 110 Link State RIP 120 Distance Vector Max Hops External EIGRP 170 Unknown 255 (this route will never be used
VTP Modes WAN Protocols
1. Server Mode default 2. Client Mode 3. Transparent
CHAPTER 1 INTERNETWORKING All People Needs To Need Data Processing Flow control Prevents a sending host on one side of the connection from overflowing the
buffers in the receiving host. Cisco Three way handshake in connection oriented communication Windowing controls how much information is transferred from one end to other. Two types of Packets in Network Layer
o Data Packets- Transport user date IP, IPX etc o Route Update packets- Updates neighbor routers RIP OSPF etc
Router breaks Broadcast Domains Router also breaks Collision Domain also accomplished by layer-2 device Data Link Layer is responsible for uniquely identifying each device on a local network. Data Link Layer MAC-> Defines how packets are placed on media LLC -> identifies
Network layer protocol and then encapsulating them. ASIC’s Application Specific Integrated Circuits. Biggest benefit of using switch instead of hub is each switch port is its own collision domain.
So Switch breaks collision domain but cannot break broadcast domain. CSMA/CD Carrier sense Multiple Access / Collision Detect. Frame structure Preamble, DA, SA, Type/Length & FCS AUI cannot support 100 Mbps MII Media Independent Interface 802.3u for 100BaseT specification Data Encapsulation. User data [PDU], Segments, Packets, Frames & Bits CISCO LAYERS
o CORE o DISTRUBUTION o ACCESS
100BaseTX EIA/TIA Cat5 6 100BaseFX fiber 62.5/125 400 meter 100BaseSX fiber 62.5/50 260 meter 100BaseLX fiber /9 3 km CROSSOVER CABLE
o Switch to switch Between HUB and SWITCH o Hub to Hub Router to Router
STRAIGHT CABLE o ROUTER to HUB or SWITCH Important o Server to HUB o Workstation to HUB
WAN Connections o HDLC, PPP, X.25, Frame Relay, ISDN.
Rollover cable is straight cable flip over on other side. CHAPTER 2 SWITCHING TECHNOLOGY
Layer 2 [Data Link] Switching benefits o Hardware based switching o Wire Speed o Low Latency o Low Cost
Switches break up collision domain, but still one big broadcast domain. BRIDGE SWITCH
Software based Hardware based Only one STP per bridge Can have many STP Upto 16 port Can have 100 of ports
Switch Functions o Address learning MAC database o Forwarding/Filtering looks DA and finds exit interface o Loop Avoidance Uses STP for loop avoidance
STP Spanning Tree Protocol o All Cisco switches run the IEEE 802.1d version of STP. o STP Main Task is to stop network loops o There can be only one ROOT BRIDGE in a network o ROOT BRIDGE ports are called designated ports.
ROOT BRIDGE Selection o Depends on Bridge ID = 8 bytes long o Bridge ID = Priority + MAC o Cost of link to determine designated ports, Cost of link =Priority + MAC o Default IEEE STP ver Priority is 32,768 o BPDU’s are used to exchange STP information. Or used to send configuration
messages using multicast frames. o Bridge ID’s of a switch communicates to neighbour switches using BDPU’s.
STP Port States o Blocking (default) No Frame Forwarding but receives BPDU’s o Listening o Learning Does not forward Frames o Forwarding
Switching Types o Store and Forward - Complete data frame o Fragment Free - First 64 bytes of data frame 1518 (default for 1900 switch) o Cut Through - Lowest latency only DA.
Preamble SFD DA SA Type/Length FCS 5MHz clock 6bytes 6bytes
Convergence o Convergence occurs when bridges and switches have transitioned to either the
forwarding or blocking stage
CHAPTER 3 INTERNET PROTOCOL All People Seems To Need Data Processing OSI Model DOD
Application Process / Application Presentation
Session Transport Host to Host Network Internet
Data Link Network Access Physical TFTP is stripped-down version of FTP. Has no directory browsing abilities & no
authentication so it’s insecure. Compact little protocol. SMTP method of mail delivery. LPD Line printer daemon. X windows designed for client-server operations, Graphical user interface SNMP collects and manipulates valuable network information. DNS resolves host name to ip addess BootP used to get ip address from known mac address. (need to manually add addresses) DHCP is like dynamic BootP automatic. Telnet terminal emulation. ARPA finds MAC address from IP RARPA finds IP from MAC used by BootP or DHCP PORT Numbers
o HTTP-81, FTP-21, TFTP-69, DNS-53, Telnet-23, o SMTP-25, SNMP-161/162, TCP-6,UPD-17,POP-110
Port Numbers below 1024 are known as well known ports Numbers above 1024 used by upper layer to setup sessions with hosts. PING Packet Internet Groper uses ICMP echo messages Subnetting
o Reduces network traffic o Optimizes network performance o Facilitates to span large geographic distance
CLASS A CLASS B CLASS C CLASS D CLASS E IP Examples refer book.
CHAPTER 4 CONFIGURATION & IOS Management Commands. Cisco Internetwork Operating System (IOS) Command Line Interface (CLI) Ways to connect to Cisco router
o Console Port (RJ45) o Auxiliary Port modem connection to router o Telnet Program
Router Boot Sequence o POST (Power On Self Test) o Loads Cisco IOS from Flash memory o Valid Configuration File in NVRAM o If no Configuration file then goes in Setup mode.
Setup Mode o Basic to allow connectivity to the router o Extended to configure global parameters & interface configuration
Router> user mode Use enable command to enter privileged mode Router# privileged mode Use disable command to go to user mode from privileged mode Router>logout to exit the console Router Modes
o Terminal to change the running config o Memory to change startup-config in NVRAM o Network to change configuration file stored on a TFTP host.
Keepalive, which is 10 sec by default if both router not configured for the same keepalive time, it will not work for that use router#clear counters s0 command.
COMMANDS o Router(config)#interface ? o Router(config)#int f0/0 o Router#clock set 10:30:00 28 may 2000 o Router#show history
Shows last 10 commands entered by default o Router#show terminal
Shows terminal configurations and history buffer size o Router#terminal history size
Change buffer size (max 256) o Router#sh ver
Show ios file name, amount of DRAM, register value, how long running o Router#show controllers s0
Shows if a DTE or DCE cable is plugged into serial 0 o Router(config-line)#exec-timeout 0 0 or 0 1 o Router(config-line)#logging synchronous
Stop console messages from popping up and disturbing you o Router(config-line)#no login
To allow users to TELNET without password. o Router(config)#enable secret todd new encrypted o Router(config)#enable password todd1 old not encrypted o Router(config)# o Router#copy run start
To save running config to NVRAM o Router#erase startup-config
To erase startup-config in NVRAM o Router#sh int e0
ENCRYPTING YOUR PASSWORD o Router#config t o Router(config)#service password-encryption o Router(config)#enable password todd o Router(config-line)#line aux 0 o Router(config-line)#login o Router(config-line)#password todd o Router(config-line)#line con 0 o Router(config-line)#password todd1 o Router(config)#line vty 0 197 o Router(config-line)#login o Router(config-line)#password todd2 o Router(config-line)#exit
o Router(config)#no service password-encryption o Router(config)#^z o Router#
BANNER o Router(config)#banner motd # o Router(config)#no banner login
CONFIGURING INTERFACE o Router(config)#int e0 o Router(config-if)#ip address 172.16.10.2 255.255.255.0 o Router(config-if)#no shut
SERIAL INTERFACE COMMAND o Router(config)#int s0 o Router(config-if)#clock rate 64000
DESCRIPTION o Router(config)#int e0 o Router(config-if)#description Sales lan in califonia
CHAPTER 5 IP Routing Routing is used for taking a packet from one device and sending it through the network ot
another device on a different network. ROUTING TYPES
o Static Routing – Manually assigning routes o Default Routing – Stub networks only one exit port o Dynamic Routing – Uses Routing protocol like Distance vector RIP, IGRP
o RIP uses only hop count to determine the best path (up to 15). Can perform load balancing for up to six equal-cost links. Sends complete routing table every 30 sec. RIP version 1 uses classful. RIP version 2 uses classless routing RIP Update timer 30 sec RIP Invalid timer 90 sec RIP Flush timer 240 sec
o IGRP uses bandwidth and delay of line as a metric for determining best route max 255 hop with a default of 100. This is called composite metric. Cisco proprietary. IGRP Update timers 90 sec IGRP Invalid timers *3 = 270 sec IGRP Holddown timers *3+10 = 280 sec IGRP Flush timers *7 = 630 sec
Link State [OSPF – 110] o OSPF open shortest path first. Creates three separate table,
o Uses aspects of distance vector and link state for example EIGRP Configuring Static Routing
o Syntax Router(config)#ip route <destination network> <mask> <exit interface> o Router#config t o Router(config)#int e0 o Router(config-if)#ip address 172.16.10.1 255.255.255.0 o Router(config-if)#no shut o Router(config-if)#ip route 172.16.20.0 255.255.255.0 172.16.10.2
o Router(config-if)#ip route 172.16.30.0 255.255.255.0 172.16.10.2 o Router(config-if)#ip route 172.16.40.0 255.255.255.0 172.16.10.2 o Router#show ip route
To see connected networks o Router(config-if)#no ip route 172.16.20.0 255.255.255.0 172.16.10.2
To remove static routing Configuring Default Routing
o Router(config-if)#ip route 172.16.10.0 255.255.255.0 172.16.10.2 o Router(config-if)#ip route 172.16.20.0 255.255.255.0 172.16.10.2 o Router(config-if)#ip route 172.16.30.0 255.255.255.0 172.16.10.2 o Router(config-if)#exit o Router(config)#ip classless
Configuring Dynamic Routing [RIP] o Router#config t o Router(config)#router rip o Router(config-router)#network 172.16.0.0 o Router(config-router)#^z o Router#sh ip route to check routes
o Router(config-router)#passive-interface serial 0
To prevent RIP update broadcasts from being sent out a defined interface. But same interface will receive RIP Updates.
Configuring Dynamic Routing [IGRP] o Router#config t o Router(config)#router igrp 10 [AS Number 1-65535] Autonomous system number o Router(config-router)#network 172.16.0.0 o Router(config-router)#^z o Router#sh ip route to check
o Router(config-router)#variance ?
To load balance over unequal-cost links. o Router(config-router)#traffic-share balanced
To share routes inversely proportional to the metrix o Router(config-router)#traffic-share min
To use routes that has only minimum costs PINHOLE CONGESTION
o In RIP, some times sees 56k link and T1 link as equal cost links this is called pinhole congestion
Routing table includes Network number, exit interface and hop count Slow convergence of distance vector routing protocol can cause inconsistent routing tables
and routing loops. Routing loops can occur because every router is not updated close to the same time.
Max Hop count RIP permits a hop count up to 15, 16 is deemed unreachable. Split Horizon enforces the rule that information cannot be sent back in the direction from
which it was received Route Poisoning sends an update called poison reverse back to router Holddown prevent regular updates messages from reinstalling a route that has gone down.
Holddown also helps prevent routes from changing too rapidly. IGP – Interior Gateway Protocol [exchange info within same AS] EGP – Exterior Gateway Protocol [exchange info between AS’s]
SHOW COMMANDS o show ip route
shows routes and their type like Static, Dynamic etc o show protocol
shows all interfaces and IP Addresses associated. i.e. Ethernet0 is up, line protocol is up
Internet address is 172.16.30.1/24 o show ip protocol
shows you the routing protocols configured on router. Also displays the timers. (holddown, flushed Invalid times)
o Show flash Show the amount of flash and files stored in flash.
o debug ip rip sends routing updates as they are sent and received on the router console
session o debug ip igrp events
Summary of IGRP routing information o debug ip igrp transactions
shows message requests from neighbor routers asking for an update and broadcast sent from your router towards neighbor router
CHAPTER 6 VLAN Virtual LANs
VLANS o By creating VLANs, you are able to create smaller broadcast domains within a switch
by assigning different ports in the switch to different subnetworks. o Routers, by default, send broadcasts only within the originating network, but switches
forward broadcasts to all segments. o RSM router switch modules must be used in conjunction with switches to provice
connections between networks (VLANs). o By using VLANs and creating multiple broadcast groups, administrators now have
control over each port and user. Users can no longer just plug their workstations into any switch port and have access to network resources. The administrator controls each port and whatever resources it is allowed to use.
o Broadcasts sent out from a node in one VLAN will not be forwarded to ports configured in a different VLAN.
o Group of connected switches is called a switch fabric. STATIC VLANs
o Administrator assigns switch ports to the VLAN. More secure. DYNAMIC VLANs
o Uses Intelligent Management software you can enable MAC, protocol, or even application to create dynamic VLANs. VLAN Management database can look up the hardware address and assign and configure the switch port to correct VLAN.
Two different type of link in switched environment o ACCESS Links are only part of one VLAN unaware of VLAN membership. o TRUNK Links carry multiple VLANs. Used to connect switches to other switches, to
routers or ever servers. Support two different identification techniques: ISL & 802.1q.
FRAME TAGGING o A switch fabric is a group of switches sharing the same VLAN information. Frame
identification (frame tagging) uniquely assigns a user-defined ID to each frame. This is referred to as a VLAN ID or color.
VLAN ID Methods o Inter-switch Link (ISL) Cisco proprietary o IEEE 802.1q trunking between cisco and different brand router o LAN emulation (LANE) over ATM o 802.10 (FDDI) over FDDI also cisco proprietary.
Inter-Switch link Protocol ISL o By running ISL, you can interconnect multiple switches and still maintain VLAN
information as traffic travels between switches on trunk links. ISL is an external tagging process, which means the original frame is not altered but instead encapsulated with a new 26-byte ISL header. It also adds a second 4-byte frame check sequence (FCS) field at the end of the frame.
o Frame can be up to 1522 bytes long this is recorded as giant frame because it is over the maximum of 1518 bytes allowed on an Ethernet segment.
TRUNKING o Trunking allows you to make a single port part of multiple VLANs at the same time.
The benefit of trunking is that a server, for example can be in two broadcast domains (VLANs) at the same time. Cisco switches uses DTP to manage trunk negation in the Catalyst-switch engine software release 4.2 or later.
Routing between VLANs o Use Router that has an interface for each VLAN, or Router that supports ISL routing
(least expensive is 2600) o RSM switch module for 5000 series router-on-a-stick
VLAN Trunk Protocol (VTP) o Cisco created VTP to manage all the configured VLANs across switched o Internetwork. VTP allows an administrator to add, delete, and rename VLANs. o Accurate tracking and monitoring VLANs o Allowing VLANs to be trunked over mixed networks o Dynamic reporting of added VLANs to all switches o Plug and Play VLAN adding.
VTP Modes of Operation o Server (default)
Needs at least one server in your VTP domain to propagate VLAN information throughout the domain. Can add, create or delete VLANs in a VTP domain.
o Client Receives information from VTP Server and send and receives updates Cannot make any changes.
o Transparent Does not participate in the VTP domain but still forwards VTP
advertisements. Can add and delete VLANs as the switch keeps its own database and does not share it with other switches. Transparent is considered only locally significant.
Revision Number o VTP server increments the revision number by 1. Switch receives an advertisement
that has a higher revision number it overwrites the database in NVRAM. VTP Pruning
o Helps preserve bandwidth. VTP pruning only sends broadcasts to trunk links that must have the information: any trunk link that does not need the broadcasts will not receive them. When you enable pruning on a VTP server, you enable it for the entire domain.
o By default is turned off on all switches, but by turning it ON in just one VTP server whole domain is on.
CHAPTER 7 Managing a Cisco Internetwork
ROUTER BOOTING PROCESS o POST o IOS in Flash memory o Configuration file in NVRAM o No configuration file then SETUP
Configuration Register Bits (16bit register) o Default is 2102 [Hex value] o Controls how the router boots up. o 2101 boot image from ROM, 2142 Ignore NVRAM contents
Command to change configuration register o Router(config)#config-register 0x0101 o Router(config)#confreg 0x2142
PASSWORD RECOVERY o Interrupt the router boot by performing a break sequence o Change register value to 2142 by confreg 0x2142 command o Reload o Enable o Copy start run and then change the password o Reset the configuration register value to 2102 value by confreg 0x2102 command o Reload the Router.
BACKING CISCO IOS o Ping the TFTP Server then use copy flash tftp command o Router#Ping 192.168.0.10 o Router#Copy flash tftp
RESTORING CISCO IOS o Router#copy tftp flash
BACKUP CISCO CONFIGURATION o Router#copy run start o Router#copy run tftp
RESTORING CISCO CONFIGURATION o Router#copy tftp start o Router#copy tftp run
ERASING THE CONFIGURATION o Router#erase startup-config o only for delete nvram on a 1900 switch
CDP Cisco Discovery Protocol o CDP is a proprietary protocol designed by Cisco to collect information about both
locally attached and remote devices. Useful for troubleshooting and documenting network.
CDP timer (60 default) is how often CDP packets are transmitted to all active interfaces. CDP Holdtime (180 default) is the amount of time that device will hold packets received
from neighbor devices. Router(config)#cdp timer 60 Router(config)#cdp holdtime 180 To see info about directly connected devices. Local interface, name of the device, the remote
Port ID, neighbor device ID, holdtime, and the hardware platform. o Router#show cdp neighbor
IOS Flash
startup-config NVRAM
running-config DRAM
To see detail info about each device connected to the device. o Router#show cdp neighbor detail or sh cdp entry *
To see interface traffic o Router#sh cdp traffic
To see CDP status on router interfaces or switch ports o Router#show cdp interface
To turn of CDP on an interface o Router(config-if)#no cdp enable [turns of CDP on individual interface] o Router(config-if)#no cdp run [turns of CDP completely on a router]
Cisco routers can become TFTP Server host with global config command tftp-server. TELNET into multiple Devices
telnet 192.168.0.10 Press ctrl+shift+6 then X To see the connections made from your router to remote devices
o router#show sessions To see all active consoles and VTY ports
o router#show users To end a Telnet session
o router#Exit or disconnect <no> o router#Clear line <no>
Building a Host Table o router#ip host <name> tcp_port_number ip_address o router#show hosts o to remove hostname from the table
router#no ip host <name> Using DNS to Resolve Names
o router#config t o router(config)#ip domain-lookup [turns on DNS lookup ON by default] o router(config)#ip name-server 192.168.0.70 [sets ip add up to six DNS server] o router(config)#ip domain-name lammle.com [appends domain name to DNS “] o router(config)#^z o router#
CHAPTER 8 Configuring NOVELL IPX
IPX is a connectionless protocol similar to UDP, IPX uses sockets. SPX is connection oriented protocol, RIP hop count = 1/18 of a second like sap it broadcasts every 60 sec SAP Service Access Protocol (broadcasts every 60 sec & won’t cross router by default) NLSP Netware Link Service Protocol NCP Netware Core Protocol GNS Get Nearest Server Server exchange two types of information using two separate protocols: SAP communicates
service information. RIP communicates routing information. IPX Addresses uses 80 bits or 10 bytes. The first 4 bytes always represent the network
address and the last six bytes always represents the node address. 4 byte or 24 bits
Network Address 6 byte or 48 bits MAC Node Address
Netware frame Features Cisco keyword Ethernet_802.3 Default to NetWare 3.11 Novell_ether Ethernet_802.2 Default to NetWare 3.12 Sap Ethernet_II Supports TCP/IP and IPX Arpa Ethernet_SNAP Supports AppleTalk, IPX &
TCP/IP Snap
Token-ring Sap (default) Token-ring_snap Snap Fddi_snap Snap (default) Fddi_802.2 Sap Fddi_raw Novell_fddi
Enabling IPX on Individual Interfaces o router(config-if)#ipx network <number> <encapsulation-type> <secondary> o Router#config t o Router(config)#ipx routing o Router(config)#int e0 o Router(config-if)#ipx network 10
To view the IPX routing table o Show ipx route
To add secondary addresses o Router(config-if)#ipx network 10a encap sap sec o Or use subinterfaces #int e.10 then use #ipx network 10a encap sap
Configuring Multiple Frame Types on Router o Router(config)#int e0 o Router(config-if)#ipx network 10a encap sap sec o Router(config-if)#int e0.10 o Router(config-if)#ipx network 10b encap arpa o Router(config-if)#int e0.20 o Router(config-if)#ipx network 10c encap snap
Monitoring IPX on Cisco Router o To display contents of SAP table
Show ipx servers o To display IPX routing table
Show ipx route o To load balance with IPX
router(config)#ipx maximum-path 2 o To see ipx packets received and transmitted (traffic)
Router#show ipx traffic o To see interface status of IPX (SAP and RIP) on each interface
Router#show ipx interface o To se IPX address, and encapsulation type of individual interface
Router#show ipx interface e0 or sh ipx int e0 o To see IPX address, encapsulation type and routed protocol configured on router and
interface addresses Router#show protocols
o To see information about IPX & RIP packets transmitted & received on router debug ipx routing activity undebug ipx routing activity
o To see IPX & SAP packets that are transmitted & received on router debug ipx sap activity undebug ipx sap activity
o To see IPX address of neighbor router show cdp entry * ping ipx 40.0000.0c8d.5c9d
CHAPTER 9 ACCESS LISTS
Important rules packets follows when compared with an access list o Checks in Sequential order o Only till a match is made. o Implicit “deny” at the end of each access list
Two types of ACCESS List o Standard Access List
Use only source IP Address o Extended Access List
Use both source & destination IP Address, Protocol & Port number or socket number for IPX.
Access list can be applied on an interface with either inbound or outbound list. To add secondary addresses\ INBOUND ACCESS LIST
o Packets are processed through the access list before being routed to the outbound interface
OUTBOUND ACCESS LIST o Packets are routed to the outbound interface and then processed through the access
list. GENERAL RULES
o One access list per interface o Keep more specific tests at the top o New list will be placed at the bottom o You cannot remove one line from the access list o Every list should have at least one permit statement, or you might as well shut the
interface down. o Place IP standard access lists as close to the destination as possible. o Place IP extended access lists as close to the source as possible. o By default there is an implicit deny all at the end of every access list. o –1 in access list says any node (IPX)
1-99 STD IP 800-899 STD IPX 1000-1099 IPX SAP 600-699 Appletalk 100-199 EXT IP 900-999 EXT IPX 1100-1199 Ext MAC 700-799 48bit MAC
Router(config)#access-list 10 deny host 172.16.30.2 BLOCK Size used to specify the range of addresses. i.e. 4 8 16 32 64 Example router(config)#access-list 10 deny 172.16.16.0 0.0.3.255
o Above block size 4 tell to deny the range 172.16.16.0 to172.16.19.0 Any = 0.0.0.0 255.255.255.255 APPLYING STANDARD ACCESS LIST
o Router#config t o Router(config)#access-list 10 deny 172.16.40.0 0.0.0.255 o Router(config)#access-list 10 permit any OR o Router(config)#access-list 10 permit 0.0.0.0 255.255.255.255 o Router(config)#int e0 o Router(config-if)#ip access-group 10 out
CONTROLLING VTY Telnet Access o Router(config)#access-list 50 permit 172.16.10.3 o Router(config)#line vty 0 4 o Router(config)#access-class 50 in
APPLYING EXTENDED ACCESS LIST o Router(config)access-list <no> <permit/deny> <SA> <DA> <port number>
o Router(config)access-list 110 deny any host 172.16.10.5 eq 21 o Router(config)access-list 110 deny any host 172.16.10.5 eq 23 o Router(config)access-list 110 permit ip any any
Monitoring IP Access list o To see all access list on router but will not show which interface is set on
o To see only ip or ipx access list Router#show ip access-list Router#show ipx access-list
o To see which interface have access list set Router#show ip interface Router#show ipx interface
o To see access list and also which interfaces have access list set Show running-config
STANDARD IPX Access list o Router(config)#access-list 810 permit 20 40 o Router(config)#int e0 o Router(config-if)#ipx access-group 810 out
EXTENDED IPX Access list o Router(config)#access-list <no> <permit/deny> <protocol> <source> <socket>
<destination> <socket> Two type of SAP Filters
IPX input SAP filter IPX output SAP filter
o Router(config-if)#ipx input-sap-filter o Router(config-if)#ipx output-sap-filter
CHAPTER 10 WAN Technologies
CPE Customer premises equipment that is owned and located at subscriber’s premises. Demarcation (demarc) Last responsibility of the service provider. CO Central Office WAN Protocol
Frame Relay HDLC PPP X.25 ISDN LAPB
Frame Relay o Typically runs at speed of 64kbps to 1.544 Mbps. Frame relay provides features for
dynamic-bandwidth allocation and congestion control. Frame Relay provides connection oriented via virtual circuits connections. Virtual Circuits are logical connections between two DTEs which is identified by DLCIs. Data link connection identifier. DLCI numbers used to identify a PVC, assigned by provider starts at 16-1007 PVC Permanent Virtual Circuits and SVC Switched Virtual Circuits Frame Relay mappings are usually created statically by service provider.
o Frame Relay Encapsulation type 1. Cisco (default) 2. IETF (Internet Engg Task Force)
o LMI is a signaling std between CPE device and frame relay switch. o 1. Cisco default Gang of four o 2. ANSI o 3. ITU-T q933a
LMI Types
o Two type of sub interfaces 1. Point to Point #int s0.16 point-to-point 2. Multipoint
o Mapping Frame Relay ip address must be mapped to DLCIs. Use Frame Relay map command Use the inverse-arp function
o Frame Relay Congestion Control DE (Discard Eligibility) detects congestion, turn DE bit on in frame relay FECN (Forward-Explicit Congestion Notification) BECN (Backward-Explicit Congestion Notification)
o CIR (Committed Information Rate) Frame Relay provider allows customers to buy a lower amount of bandwidth
than what they really need. This is called CIR. ISDN
o Higher-speed connection. BRI 2B+D 144kbps PRI 23B+D 1.544 kbpx o TE1 Understands ISDN, TE2 Non ISDN, TA Terminal Adapter to convert TE2
wiring to TE1 o SPID Service Profile Identifier one for each B-channel. o isdn switch-type command can be configured either in global configuration or
interface configuration mode. Global will affect all bri interfaces whereas interface configuration will only configure one bri interface.
LAPB o Link Access Procedure Balanced has a tremendous amount of overhead because of its
strict timeout and windowing techniques. HDLC
o High Level Data Link Control was derived from Synchronous SDLC. Each vendor’s HDLC is proprietary for his or her equipment. HDLC is a point to point protocol used on leased lines. No authentication can be used with HDLC. HDLC is the default encapsulation used by Cisco routers.
PPP o Point-to-Point can be used between different vendors. Allows authentication and
multi-link connections and can be run over asynchronous and synchronous links. PPP can be either asynchronous (dialup) or synchronous (ISDN). LCP – Method of establishing, configuring, maintaining and terminating the
NCP – Method of establishing, configuring different Network layer protocols. (IPCP, IPXCP)
PPP Authentication Methods o PAP Password Authentication Protocol.
Less secure, clear text & only once in begining o CHAP Challenge Authentication Protocol.
Periodic checkups, more secure, sends challenge, one-way hash function Configuring PPP on Cisco Router.
o Router(config)#int s0 o Router(config-if)# encapsulation ppp o Router(config-if)#exit o Router(config)#username name password secret-pwd o Router(config-if)#ppp authentication <pap/chap> o Router(config-if)#^z o Router#
Configuring Frame Relay on Cisco Router. o Router# config t o Router(config)# int s0 o Router(config-if)# encapsulation frame-relay <cisco or ietf> o Router(config-if)# frame-relay interface-dlci <16-1007> o Router(config-if)# frame-relay lmi-type <cisco/ansi/q933a> o Router(config-if)# frame-relay keepalive <noofseconds> o Router(config-if)# frame-relay inverse-arp <protocol> <dlci> o Router(config-if)# frame-relay map <protocol> <dlci>
Monitoring Frame Relay o LMI Traffic statistic exchanged between local router & Frame relay switch
Show frame lmi o List all configured PVCs and DLCI numbers
Show frame pvc o LMI DLCI 1023 is Cisco default & LMI DLCI 0 is ANSI o Shows network layer to DLCI Mapping
Show frame map o To verify troubleshoot frame relay connection
debug frame-relay lmi Configuring ISDN with Cisco Routers
o Router#config t o Router(config)#isdn switch-type basic-nel o Router(config)#int bri0 o Router(config)#encap ppp (optional) o Router(config)#isdn spid1 086506610100 8650661 o Router(config)#isdn spid2 086506620100 8650662
Configuring Dialer Information (DDR) o 1. Define static routes
o 2. Specify the traffic #dialer-list 1 protocol ip permit int bri0 dialer-group 1
o 3. Configure the dialer config t, int bri0 ip address 172.16.60.1 255.255.255.0 no shut encap ppp dialer-group 1 dialer-string 8350661 OR dialer map ip 172.16.60.2 name 804B 8350661
o dialer load-threshold command tells the BRI interface when to bring up the second B channel. Below command tell to bring up the second B Channel if either the inbound or outbound traffic load is 50 percent. router(config)#dialer load-threshold 125 either
o dialer idle-timeout command specifies the number of seconds before a call is disconnected. Default is 120 sec router(config)#dialer idle-timeout 180
Verifying ISDN o ping or telnet o show dialer o show isdn active o show isdn status o debug isdn q921 or debug isdn q931 o debug dialer o isdn disconnect int bri0
Appendix A TEST Appendix B Configuring Catalyst 1900 Switch
Two types of Operating system that runs on Cisco Switches o IOS Based o Set Based
Three configuration Options o [M] Menu-based options o [K] CLI o [I] IP Configuration
Setting up password o Press “k” to go to command line interface o >enable o #config t password length 4 – 8 only o (config)#enable password level 1 todd user mode password level 1 o (config)#enable password level 15 toddlamm enable mode password level 15 o (config)#exit
On switch enable password and enable secret password can be same. But not on router. Default switching mode on 1900 is Fragment Free (first 64 bytes), also STP & CDP are
enabled by default. You can create up to 64 VLANs on 1900 switch By default all ports on switch are associated with VLAN1. Setting Hostname
o Press “k” to go to command line interface o >enable o #config t o (config)#hostname Todd1900 o todd1900(config)#
Setting IP Address o To set ip address and default gateway
o To clear MAC Addresses Clear mac-address-table [dynamic/permanent/restricted] [int dest] [int source]
o To configure Port Security todd1900(config)#port secure max-mac-count 1
o To change switching type todd1900#sh port system todd1900#switching-mode <fragment-free/store-and-forward>
CONFIGURING VLANS o 1900todd(config)#vlan 2 name sales o 1900todd(config)#vlan 3 name marketing o 1900todd(config)#vlan 4 name mis o 1900todd(config)#exit o . o 1900todd(config)#int e0/2 o 1900todd(config-if)#vlan-membership static 2 o 1900todd(config)#int e0/4 o 1900todd(config-if)#vlan-membership static 3 o 1900todd(config)#int e0/5 o 1900todd(config-if)#vlan-membership static 4 o 1900todd(config-if)^z o 1900todd#show vlan o 1900todd#show vlan-membership
o 1900todd(config-if)#trunk on o 1900todd(config-if)no trunk-vlan 5 o 1900todd(config)#show trunk a allowed-vlans
CONFIGURING ISL Routing on Router 2621 o Each hosts in their VLAN must use the same subnet addressing. To configure router-on-
stick for inter-VLAN routing you need to complete three steps.
Enable ISL trunking on switch port Enable ISL encapsulation on router’s subinterfaces Assign an IP Address to subinterfaces.
o 2621#config t o 2621(config)#int f0/0.1 o 2621(config-if)#encapsulation isl 1 o 2621(config-if)#ip address 172.16.10.1 255.255.255.0 o o 2621(config)#int f0/0.2 o 2621(config-if)#encapsulation isl 2 o 2621(config-if)#ip address 172.16.20.1 255.255.255.0 o o 2621(config)#int f0/0.3 o 2621(config-if)#encapsulation isl 3 o 2621(config-if)#ip address 172.16.30.1 255.255.255.0 o o 2621(config)#int f0/0 o 2621(config-if)#no shutdown
CONFIGURING VTP o Todd1900#vtp server o Todd1900#vtp domain lammle o Todd1900#vtp password todd o To delete VTP NVRAM database