Previous command
Forwards the history buffer, next command
Back one character
Forward one character
Cursor to Beginning
Cursor to End
Back one word
Front one word
Erase a word
Erase a Line
CLASS A
CLASS B
CLASS C
CLASS D
CLASS E
1
128
192
224
240
126
191
223
239
254
Multicast
Experimental
For Subnet
1111 1111
8 bits
1111 1110
7 bits
1111 1100
6 bits
1111 1000
5 bits
1111 0000
4 bits
1110 0000
3 bits
1100 0000
2 bits
1000 0000
1 bit
For Access Lists
Standard IP Access List
Extended IP Access List
IPX Standard Access List
IPX Extended Access List
IPX SAP Access List
AppleTalk Standard Access List
48 bit MAC address Access List
255
254
252
248
240
224
192
128
1
- 99
100 - 199
800 - 899
900 - 999
1000 - 1099
600-699
700-799
1. Source Address
1. Source Address
3. Protocol or
2. Destination Address
4. Port
Flow Control
1. Buffering
2. Source Quench Messages
3. Windowing
LMI Standards
1. ANSI Standard
2. ITU-T Q.933A
3. CISCO (default) gang of four
INTERFACE
Ethernet
Token Ring
FDDI
1.
2.
3.
4.
ROUTING PROTOCOL
RIP
Distance Vector
IGRP
Distance Vector
OSPF
Link State
EIGRP
Hybrid
Frame Switching
1. Store and Forward
2. Cut-Through
3. Fragment Free
1581bytes
Only Destination Address 6 bytes 48bit MAC
First 64bytes of frames
UTP / STP
COAXIAL Thinnet
RG 58 BNC Connector
185 m or 925 ft
10Mbps
10Base2
RJ 45
100 m or 330 ft
10Mbs 100Mbs CAT 3 CAT5
10BaseT
ISDN
BRI
2B+D
PRI 23B+D
1.
2.
3.
4.
COAXIAL Thicknet
RG 8 or 11 BNC Connector
500 m or 2500 ft
10Mbps
10Base5
ISDN
1. E - Existing telephone network
2. I - Concepts, terminology &
Services
3. Q - Switching and Signaling
Non ISDN Device TE2
1.
2.
3.
4.
ISDN TE1
R
S
T
U
144kbpx
1.5 Mbps
Router
with builtin NT1
R
TA
S/T
NT1
U
1.
2.
3.
4.
1.
2.
3.
4.
default
WAN Protocols
1. Frame Relay and X.25
2. LAPB
3. PPP
4. HDLC
5. ISDN
CHAPTER 1
INTERNETWORKING
All People Needs To Need Data Processing
Flow control Prevents a sending host on one side of the connection from overflowing the
buffers in the receiving host.
Cisco Three way handshake in connection oriented communication
Windowing controls how much information is transferred from one end to other.
Two types of Packets in Network Layer
o Data Packets- Transport user date IP, IPX etc
o Route Update packets- Updates neighbor routers RIP OSPF etc
Router breaks Broadcast Domains
Router also breaks Collision Domain also accomplished by layer-2 device
Data Link Layer is responsible for uniquely identifying each device on a local network.
Data Link Layer MAC-> Defines how packets are placed on media LLC -> identifies
Network layer protocol and then encapsulating them.
ASICs Application Specific Integrated Circuits.
Biggest benefit of using switch instead of hub is each switch port is its own collision domain.
So Switch breaks collision domain but cannot break broadcast domain.
CSMA/CD Carrier sense Multiple Access / Collision Detect.
Frame structure Preamble, DA, SA, Type/Length & FCS
AUI cannot support 100 Mbps
MII Media Independent Interface 802.3u for 100BaseT specification
Data Encapsulation. User data [PDU], Segments, Packets, Frames & Bits
CISCO LAYERS
o CORE
o DISTRUBUTION
o ACCESS
100BaseTX EIA/TIA Cat5 6
100BaseFX fiber 62.5/125 400 meter
100BaseSX fiber 62.5/50 260 meter
100BaseLX fiber
/9 3 km
CROSSOVER CABLE
o Switch to switch
Between HUB and SWITCH
o Hub to Hub
Router to Router
STRAIGHT CABLE
o ROUTER to HUB or SWITCH Important
o Server to HUB
o Workstation to HUB
WAN Connections
o HDLC, PPP, X.25, Frame Relay, ISDN.
Rollover cable is straight cable flip over on other side.
CHAPTER 2
SWITCHING TECHNOLOGY
Layer 2 [Data Link] Switching benefits
o Hardware based switching
o Wire Speed
o Low Latency
o Low Cost
Switches break up collision domain, but still one big broadcast domain.
BRIDGE
SWITCH
Software based
Hardware based
Only one STP per bridge
Can have many STP
Upto 16 port
Can have 100 of ports
Switch Functions
o Address learning
MAC database
o Forwarding/Filtering
looks DA and finds exit interface
o Loop Avoidance
Uses STP for loop avoidance
STP Spanning Tree Protocol
o All Cisco switches run the IEEE 802.1d version of STP.
o STP Main Task is to stop network loops
o There can be only one ROOT BRIDGE in a network
o ROOT BRIDGE ports are called designated ports.
ROOT BRIDGE Selection
o Depends on Bridge ID = 8 bytes long
o Bridge ID = Priority + MAC
o Cost of link to determine designated ports, Cost of link =Priority + MAC
o Default IEEE STP ver Priority is 32,768
o BPDUs are used to exchange STP information. Or used to send configuration
messages using multicast frames.
o Bridge IDs of a switch communicates to neighbour switches using BDPUs.
STP Port States
o Blocking
(default)
No Frame Forwarding but receives BPDUs
o Listening
o Learning
Does not forward Frames
o Forwarding
Switching Types
o Store and Forward - Complete data frame
o Fragment Free
- First 64 bytes of data frame 1518 (default for 1900 switch)
o Cut Through
- Lowest latency only DA.
Preamble
SFD
DA
SA
Type/Length
FCS
5MHz clock
6bytes
6bytes
Convergence
o Convergence occurs when bridges and switches have transitioned to either the
forwarding or blocking stage
CHAPTER 3
INTERNET PROTOCOL
All People Seems To Need Data Processing
OSI Model
DOD
Application
Process / Application
Presentation
Session
Transport
Host to Host
Network
Internet
Data Link
Network Access
Physical
TFTP is stripped-down version of FTP. Has no directory browsing abilities & no
authentication so its insecure. Compact little protocol.
SMTP method of mail delivery.
LPD Line printer daemon.
X windows designed for client-server operations, Graphical user interface
SNMP collects and manipulates valuable network information.
DNS resolves host name to ip addess
BootP used to get ip address from known mac address. (need to manually add addresses)
DHCP is like dynamic BootP automatic.
Telnet terminal emulation.
ARPA finds MAC address from IP
RARPA finds IP from MAC used by BootP or DHCP
PORT Numbers
o HTTP-81, FTP-21, TFTP-69, DNS-53, Telnet-23,
o SMTP-25, SNMP-161/162, TCP-6,UPD-17,POP-110
Port Numbers below 1024 are known as well known ports
Numbers above 1024 used by upper layer to setup sessions with hosts.
PING Packet Internet Groper uses ICMP echo messages
Subnetting
o Reduces network traffic
o Optimizes network performance
o Facilitates to span large geographic distance
CLASS A
CLASS B
CLASS C
CLASS D
CLASS E
IP Examples refer book.
CHAPTER 4
CONFIGURATION & IOS Management Commands.
Cisco Internetwork Operating System (IOS)
Command Line Interface (CLI)
Ways to connect to Cisco router
o Console Port (RJ45)
o Auxiliary Port modem connection to router
o Telnet Program
Router Boot Sequence
o POST (Power On Self Test)
o Loads Cisco IOS from Flash memory
o Valid Configuration File in NVRAM
o If no Configuration file then goes in Setup mode.
Setup Mode
o Basic
to allow connectivity to the router
o Extended
to configure global parameters & interface configuration
Router>
user mode
Use enable command to enter privileged mode
Router#
privileged mode
Use disable command to go to user mode from privileged mode
Router>logout
to exit the console
Router Modes
o Terminal
to change the running config
o Memory
to change startup-config in NVRAM
o Network
to change configuration file stored on a TFTP host.
Keepalive, which is 10 sec by default if both router not configured for the same keepalive
time, it will not work for that use router#clear counters s0 command.
COMMANDS
o Router(config)#interface ?
o Router(config)#int f0/0
o Router#clock set 10:30:00 28 may 2000
o Router#show history
Shows last 10 commands entered by default
o Router#show terminal
Shows terminal configurations and history buffer size
o Router#terminal history size
Change buffer size (max 256)
o Router#sh ver
Show ios file name, amount of DRAM, register value, how long running
o Router#show controllers s0
Shows if a DTE or DCE cable is plugged into serial 0
o Router(config-line)#exec-timeout 0 0 or 0 1
o Router(config-line)#logging synchronous
Stop console messages from popping up and disturbing you
o Router(config-line)#no login
To allow users to TELNET without password.
o Router(config)#enable secret todd
new encrypted
o Router(config)#enable password todd1
old not encrypted
o Router(config)#
o Router#copy run start
To save running config to NVRAM
o Router#erase startup-config
To erase startup-config in NVRAM
o Router#sh int e0
ENCRYPTING YOUR PASSWORD
o Router#config t
o Router(config)#service password-encryption
o Router(config)#enable password todd
o Router(config-line)#line aux 0
o Router(config-line)#login
o Router(config-line)#password todd
o Router(config-line)#line con 0
o Router(config-line)#password todd1
o Router(config)#line vty 0 197
o Router(config-line)#login
o Router(config-line)#password todd2
o Router(config-line)#exit
SHOW COMMANDS
o show ip route
shows routes and their type like Static, Dynamic etc
o show protocol
shows all interfaces and IP Addresses associated.
i.e. Ethernet0 is up, line protocol is up
Internet address is 172.16.30.1/24
o show ip protocol
shows you the routing protocols configured on router.
Also displays the timers. (holddown, flushed Invalid times)
o Show flash
Show the amount of flash and files stored in flash.
o debug ip rip
sends routing updates as they are sent and received on the router console
session
o debug ip igrp events
Summary of IGRP routing information
o debug ip igrp transactions
shows message requests from neighbor routers asking for an update and
broadcast sent from your router towards neighbor router
CHAPTER 6
VLAN Virtual LANs
VLANS
o By creating VLANs, you are able to create smaller broadcast domains within a switch
by assigning different ports in the switch to different subnetworks.
o Routers, by default, send broadcasts only within the originating network, but switches
forward broadcasts to all segments.
o RSM router switch modules must be used in conjunction with switches to provice
connections between networks (VLANs).
o By using VLANs and creating multiple broadcast groups, administrators now have
control over each port and user. Users can no longer just plug their workstations into
any switch port and have access to network resources. The administrator controls
each port and whatever resources it is allowed to use.
o Broadcasts sent out from a node in one VLAN will not be forwarded to ports
configured in a different VLAN.
o Group of connected switches is called a switch fabric.
STATIC VLANs
o Administrator assigns switch ports to the VLAN. More secure.
DYNAMIC VLANs
o Uses Intelligent Management software you can enable MAC, protocol, or even
application to create dynamic VLANs. VLAN Management database can look up the
hardware address and assign and configure the switch port to correct VLAN.
Two different type of link in switched environment
o ACCESS Links are only part of one VLAN unaware of VLAN membership.
o TRUNK Links carry multiple VLANs. Used to connect switches to other switches, to
routers or ever servers. Support two different identification techniques: ISL & 802.1q.
FRAME TAGGING
o A switch fabric is a group of switches sharing the same VLAN information. Frame
identification (frame tagging) uniquely assigns a user-defined ID to each frame. This
is referred to as a VLAN ID or color.
VLAN ID Methods
o Inter-switch Link (ISL) Cisco proprietary
o IEEE 802.1q trunking between cisco and different brand router
o LAN emulation (LANE) over ATM
o 802.10 (FDDI) over FDDI also cisco proprietary.
Inter-Switch link Protocol ISL
o By running ISL, you can interconnect multiple switches and still maintain VLAN
information as traffic travels between switches on trunk links. ISL is an external
tagging process, which means the original frame is not altered but instead
encapsulated with a new 26-byte ISL header. It also adds a second 4-byte frame
check sequence (FCS) field at the end of the frame.
o Frame can be up to 1522 bytes long this is recorded as giant frame because it is over
the maximum of 1518 bytes allowed on an Ethernet segment.
TRUNKING
o Trunking allows you to make a single port part of multiple VLANs at the same time.
The benefit of trunking is that a server, for example can be in two broadcast domains
(VLANs) at the same time. Cisco switches uses DTP to manage trunk negation in the
Catalyst-switch engine software release 4.2 or later.
Routing between VLANs
o Use Router that has an interface for each VLAN, or Router that supports ISL routing
(least expensive is 2600)
o RSM switch module for 5000 series router-on-a-stick
VLAN Trunk Protocol (VTP)
o Cisco created VTP to manage all the configured VLANs across switched
o Internetwork. VTP allows an administrator to add, delete, and rename VLANs.
o Accurate tracking and monitoring VLANs
o Allowing VLANs to be trunked over mixed networks
o Dynamic reporting of added VLANs to all switches
o Plug and Play VLAN adding.
VTP Modes of Operation
o Server (default)
Needs at least one server in your VTP domain to propagate VLAN
information throughout the domain. Can add, create or delete VLANs in a
VTP domain.
o Client
Receives information from VTP Server and send and receives updates
Cannot make any changes.
o Transparent
Does not participate in the VTP domain but still forwards VTP
advertisements. Can add and delete VLANs as the switch keeps its own
database and does not share it with other switches. Transparent is considered
only locally significant.
Revision Number
o VTP server increments the revision number by 1. Switch receives an advertisement
that has a higher revision number it overwrites the database in NVRAM.
VTP Pruning
o Helps preserve bandwidth. VTP pruning only sends broadcasts to trunk links that
must have the information: any trunk link that does not need the broadcasts will not
receive them. When you enable pruning on a VTP server, you enable it for the entire
domain.
o By default is turned off on all switches, but by turning it ON in just one VTP server
whole domain is on.
CHAPTER 7
Managing a Cisco Internetwork
ROUTER BOOTING PROCESS
IOS
Flash
o POST
o IOS in Flash memory
startup-config
NVRAM
o Configuration file in NVRAM
running-config
DRAM
o No configuration file then SETUP
Configuration Register Bits (16bit register)
o Default is 2102 [Hex value]
o Controls how the router boots up.
o 2101 boot image from ROM, 2142 Ignore NVRAM contents
Command to change configuration register
o Router(config)#config-register 0x0101
o Router(config)#confreg 0x2142
PASSWORD RECOVERY
o Interrupt the router boot by performing a break sequence
o Change register value to 2142 by confreg 0x2142 command
o Reload
o Enable
o Copy start run and then change the password
o Reset the configuration register value to 2102 value by confreg 0x2102 command
o Reload the Router.
BACKING CISCO IOS
o Ping the TFTP Server then use copy flash tftp command
o Router#Ping 192.168.0.10
o Router#Copy flash tftp
RESTORING CISCO IOS
o Router#copy tftp flash
BACKUP CISCO CONFIGURATION
o Router#copy run start
o Router#copy run tftp
RESTORING CISCO CONFIGURATION
o Router#copy tftp start
o Router#copy tftp run
ERASING THE CONFIGURATION
o Router#erase startup-config
o only for delete nvram on a 1900 switch
CDP Cisco Discovery Protocol
o CDP is a proprietary protocol designed by Cisco to collect information about both
locally attached and remote devices. Useful for troubleshooting and documenting
network.
CDP timer (60 default) is how often CDP packets are transmitted to all active interfaces.
CDP Holdtime (180 default) is the amount of time that device will hold packets received
from neighbor devices.
Router(config)#cdp timer 60
Router(config)#cdp holdtime 180
To see info about directly connected devices. Local interface, name of the device, the remote
Port ID, neighbor device ID, holdtime, and the hardware platform.
o Router#show cdp neighbor
Netware frame
Ethernet_802.3
Ethernet_802.2
Ethernet_II
Ethernet_SNAP
Features
Default to NetWare 3.11
Default to NetWare 3.12
Supports TCP/IP and IPX
Supports AppleTalk, IPX &
TCP/IP
Cisco keyword
Novell_ether
Sap
Arpa
Snap
Token-ring
Sap (default)
Token-ring_snap
Snap
Fddi_snap
Snap (default)
Fddi_802.2
Sap
Fddi_raw
Novell_fddi
Enabling IPX on Individual Interfaces
o router(config-if)#ipx network <number> <encapsulation-type> <secondary>
o Router#config t
o Router(config)#ipx routing
o Router(config)#int e0
o Router(config-if)#ipx network 10
To view the IPX routing table
o Show ipx route
To add secondary addresses
o Router(config-if)#ipx network 10a encap sap sec
o Or use subinterfaces #int e.10 then use #ipx network 10a encap sap
Configuring Multiple Frame Types on Router
o Router(config)#int e0
o Router(config-if)#ipx network 10a encap sap sec
o Router(config-if)#int e0.10
o Router(config-if)#ipx network 10b encap arpa
o Router(config-if)#int e0.20
o Router(config-if)#ipx network 10c encap snap
Monitoring IPX on Cisco Router
o To display contents of SAP table
Show ipx servers
o To display IPX routing table
Show ipx route
o To load balance with IPX
router(config)#ipx maximum-path 2
o To see ipx packets received and transmitted (traffic)
Router#show ipx traffic
o To see interface status of IPX (SAP and RIP) on each interface
Router#show ipx interface
o To se IPX address, and encapsulation type of individual interface
Router#show ipx interface e0 or sh ipx int e0
o To see IPX address, encapsulation type and routed protocol configured on router and
interface addresses
Router#show protocols
o To see information about IPX & RIP packets transmitted & received on router
debug ipx routing activity
undebug ipx routing activity
o To see IPX & SAP packets that are transmitted & received on router
debug ipx sap activity
undebug ipx sap activity
o To see IPX address of neighbor router
show cdp entry *
ping ipx 40.0000.0c8d.5c9d
CHAPTER 9
ACCESS LISTS
Important rules packets follows when compared with an access list
o Checks in Sequential order
o Only till a match is made.
o Implicit deny at the end of each access list
Two types of ACCESS List
o Standard Access List
Use only source IP Address
o Extended Access List
Use both source & destination IP Address, Protocol & Port number or socket
number for IPX.
Access list can be applied on an interface with either inbound or outbound list.
To add secondary addresses\
INBOUND ACCESS LIST
o Packets are processed through the access list before being routed to the outbound
interface
OUTBOUND ACCESS LIST
o Packets are routed to the outbound interface and then processed through the access
list.
GENERAL RULES
o One access list per interface
o Keep more specific tests at the top
o New list will be placed at the bottom
o You cannot remove one line from the access list
o Every list should have at least one permit statement, or you might as well shut the
interface down.
o Place IP standard access lists as close to the destination as possible.
o Place IP extended access lists as close to the source as possible.
o By default there is an implicit deny all at the end of every access list.
o 1 in access list says any node (IPX)
1-99 STD IP
800-899 STD IPX
1000-1099 IPX SAP
600-699 Appletalk
100-199 EXT IP 900-999 EXT IPX 1100-1199 Ext MAC
700-799 48bit MAC
Router(config)#access-list 10 deny host 172.16.30.2
BLOCK Size used to specify the range of addresses. i.e. 4 8 16 32 64
Example router(config)#access-list 10 deny 172.16.16.0 0.0.3.255
o Above block size 4 tell to deny the range 172.16.16.0 to172.16.19.0
Any = 0.0.0.0 255.255.255.255
APPLYING STANDARD ACCESS LIST
o Router#config t
o Router(config)#access-list 10 deny 172.16.40.0 0.0.0.255
o Router(config)#access-list 10 permit any OR
o Router(config)#access-list 10 permit 0.0.0.0 255.255.255.255
o Router(config)#int e0
o Router(config-if)#ip access-group 10 out
CONTROLLING VTY Telnet Access
o Router(config)#access-list 50 permit 172.16.10.3
o Router(config)#line vty 0 4
o Router(config)#access-class 50 in
APPLYING EXTENDED ACCESS LIST
o Router(config)access-list <no> <permit/deny> <SA> <DA> <port number>
CHAPTER 10
WAN Technologies
CPE Customer premises equipment that is owned and located at subscribers premises.
Demarcation (demarc) Last responsibility of the service provider.
CO Central Office
WAN Protocol
Frame Relay
HDLC
PPP
X.25
ISDN
LAPB
Frame Relay
o Typically runs at speed of 64kbps to 1.544 Mbps. Frame relay provides features for
dynamic-bandwidth allocation and congestion control. Frame Relay provides
connection oriented via virtual circuits connections.
Virtual Circuits are logical connections between two DTEs which is identified by
DLCIs. Data link connection identifier.
DLCI numbers used to identify a PVC, assigned by provider starts at 16-1007
PVC Permanent Virtual Circuits and SVC Switched Virtual Circuits
Frame Relay mappings are usually created statically by service provider.
o Frame Relay Encapsulation type
1. Cisco (default)
2. IETF (Internet Engg Task Force)
o LMI is a signaling std between CPE device and frame relay switch.
o 1. Cisco default Gang of four
LMI Types
o 2. ANSI
o 3. ITU-T q933a
Verifying ISDN
o ping or telnet
o show dialer
o show isdn active
o show isdn status
o debug isdn q921 or debug isdn q931
o debug dialer
o isdn disconnect int bri0
Appendix
TEST
Appendix
B
Configuring Catalyst 1900 Switch
Two types of Operating system that runs on Cisco Switches
o IOS Based
o Set Based
Three configuration Options
o [M] Menu-based options
o [K]
CLI
o [I]
IP Configuration
Setting up password
o Press k to go to command line interface
o >enable
o #config t
password length 4 8 only
o (config)#enable password level 1 todd
user mode password level 1
o (config)#enable password level 15 toddlamm
enable mode password level 15
o (config)#exit
On switch enable password and enable secret password can be same. But not on router.
Default switching mode on 1900 is Fragment Free (first 64 bytes), also STP & CDP are
enabled by default.
You can create up to 64 VLANs on 1900 switch
By default all ports on switch are associated with VLAN1.
Setting Hostname
o Press k to go to command line interface
o >enable
o #config t
o (config)#hostname Todd1900
o todd1900(config)#
Setting IP Address
o To set ip address and default gateway
(Config)#ip address 172.16.10.16 255.255.255.0
(config)#ip default-gateway 172.16.10.1
o To see current ip configuration
Show ip
o To setup interface description
(config)#int e0/1
(config-if)#description Finance_VLAN
(config-if)#int f0/26
(config-if)#description trunk_to_Building_4
o To see description and configuration of interfaces
(config)#show interface or show int e0/1
(config)#show run
o 1900todd(config-if)#trunk on
o 1900todd(config-if)no trunk-vlan 5
o 1900todd(config)#show trunk a allowed-vlans
CONFIGURING ISL Routing on Router 2621
o Each hosts in their VLAN must use the same subnet addressing. To configure router-onstick for inter-VLAN routing you need to complete three steps.
o
o
o
o
o
o 2621(config)#int f0/0.2
o 2621(config-if)#encapsulation isl 2
o 2621(config-if)#ip address 172.16.20.1 255.255.255.0
o
o 2621(config)#int f0/0.3
o 2621(config-if)#encapsulation isl 3
o 2621(config-if)#ip address 172.16.30.1 255.255.255.0
o
o 2621(config)#int f0/0
o 2621(config-if)#no shutdown
CONFIGURING VTP
o Todd1900#vtp server
o Todd1900#vtp domain lammle
o Todd1900#vtp password todd
o To delete VTP NVRAM database
Todd1900#delete vtp
o To turn on VTP Pruning
Todd1900#vtp pruning enable
RESTORING, BACKUP & DELETING 1900 IOS
o Todd1900#copy tftp://tftp_host_ip_address/IOS_filename opcode
o Todd1900#copy nvram tftp://192.168.0.120/1900en
o Todd1900#delete nvram
CDP with 1900
o Todd1900# show cdp
o Todd1900(config)#cdp timer 60
default
o Todd1900(config)#cdp holdtime 120
default