Anda di halaman 1dari 21

CISCO CCNA Notes Created RoNy

OSI Layers [All People Seem To Need Data Processing]


Interoperability and Interconnectivity
Application
Datagrams
HTTP, WWW, SMTP, SNMP, FTP, Telnet,
EDI. Program-to-Program Communication
Presentation
Datagrams
Date Encryption, Compression, Translation
Converting from EDCDIC to ASCII. MIDI,
MPEG, GIF, JPEG, PICT, TIFF.
Session
Datagrams
Dialog Control. SQL, X-windows, RPC, NFS,
ASP, NetBEUI, NETBIOS. DNA
Transport
Segments
TCP Connection oriented Virtual Circuits, UDP
Connectionless, End-to-End, Flow control. SPX
Network
Packets
IP, IPX. ICMP. BootP, ARP, Routing of
Packets OSPF, IGRP, EIGRP, RIP.
Data Link Layer
Frames
Bridges and switches. MAC, LLC, Frames.
SSAPs & DSAPs. 802.2 802.3, PPP, ISL,
Frame relay, FDDI. CDP, HDLC,SDLC
Physical
Bits
Bits. Network Media. Hubs, RJ45, v.24, v.35,
EIA/TIA-.449 NIC
Port Numbers
0-255 Public Assigned [] 256-1023 Assigned to Companies [] 1023+ User defined
FTP
21
Telnet
23
SMTP
25
WWW, HTTP
80
DNS
53
TFTP
69
SNMP
161,162
TCP
6
UDP
17
Editing Shortcut Keys
CTRL P
CTRL N
CTRL B
CTRL F
CTRL A
CTRL E
ESC B
ESC F
CTRL W
CTRL U

Previous command
Forwards the history buffer, next command
Back one character
Forward one character
Cursor to Beginning
Cursor to End
Back one word
Front one word
Erase a word
Erase a Line

CLASS A
CLASS B
CLASS C
CLASS D
CLASS E

1
128
192
224
240

126
191
223
239
254

Multicast
Experimental

For Subnet
1111 1111
8 bits
1111 1110
7 bits
1111 1100
6 bits
1111 1000
5 bits
1111 0000
4 bits
1110 0000
3 bits
1100 0000
2 bits
1000 0000
1 bit
For Access Lists
Standard IP Access List
Extended IP Access List
IPX Standard Access List
IPX Extended Access List
IPX SAP Access List
AppleTalk Standard Access List
48 bit MAC address Access List

255
254
252
248
240
224
192
128
1
- 99
100 - 199
800 - 899
900 - 999
1000 - 1099
600-699
700-799

Standard Access List can act on basis of


Extended Access List can act on basis of

1. Source Address
1. Source Address
3. Protocol or

2. Destination Address
4. Port

Flow Control
1. Buffering
2. Source Quench Messages
3. Windowing

CISCO THREE LAYER


1. Core Layer
Speed, FDDI, ATM
2. Distribution Layer Routers
Access list, Queuing, Filtering, Firewalls
Routing between VLANS
3. Access Layer
Routers & Switches HUBs
Breaking Collision Domain, Workgroups

LMI Standards
1. ANSI Standard
2. ITU-T Q.933A
3. CISCO (default) gang of four

10Base2 Thinnet 185m 50ohm terminator


10Base5 Thicknet 500m 50ohm terminator
10BaseT Ethernet 100m RJ45 UTP/STP
100BaseFX
100BaseSX
100BaseLX
62.5/125
62.5/50
??/9 micron core

INTERFACE
Ethernet

Token Ring
FDDI

CISCO ENCAPSULATION NAMES


NOVELL IPX NAME
CISCO IOS NAME
Ethernet_II
Arpa
Supports tcpip & ipx
Ethernet_802.2
Sap
Ethernet_SNAP
Snap
Supports appletalk tcpip & ipx
Ethernet_802.3
Novell-ether
Token-Ring
Sap (default)
Token-Ring_SNAP
Snap
Fddi_Snap
Snap (default)
Fddi_802.3
Sap
Fddi_Raw
novell-fddi

1.
2.
3.
4.

ROUTING PROTOCOL
RIP
Distance Vector
IGRP
Distance Vector
OSPF
Link State
EIGRP
Hybrid

Frame Switching
1. Store and Forward
2. Cut-Through
3. Fragment Free

1581bytes
Only Destination Address 6 bytes 48bit MAC
First 64bytes of frames

UTP / STP

COAXIAL Thinnet
RG 58 BNC Connector
185 m or 925 ft
10Mbps
10Base2

RJ 45
100 m or 330 ft
10Mbs 100Mbs CAT 3 CAT5
10BaseT
ISDN
BRI
2B+D
PRI 23B+D

1.
2.
3.
4.

Routing Loops Solutions


Define Max Hops.
?
Split Horizon
Route Poisoning
Hold-Down Timers

COAXIAL Thicknet
RG 8 or 11 BNC Connector
500 m or 2500 ft
10Mbps
10Base5

2 64kbps for data and 1 16Kbps for link


23 64kbps for data and 1 64Kbps for link

ISDN
1. E - Existing telephone network
2. I - Concepts, terminology &
Services
3. Q - Switching and Signaling
Non ISDN Device TE2

1.
2.
3.
4.

ISDN TE1

R
S
T
U

144kbpx
1.5 Mbps

ISDN Reference Point


Non ISDN - TA
User Terminal & NT2
NT1 & NT2
NT1 & Line Terminal Equipment

Router
with builtin NT1

R
TA
S/T
NT1
U

ISDN Switch Service

1.
2.
3.
4.

STP Port States


Blocking
Listening
Learning
Forwarding

1.
2.
3.
4.

Router Boot Steps


POST
Looks for IOS in Flash
Configuration File in NVRAM
No Config file then SETUP

AD [Administrative Distance] Rates source trustworthiness value between 0 to 255


Connected Interface 0
Static
1
Manual
EIGRP
90
Hybrid
IGRP
100
Distance Vector
BW & Delay of line
OSPF
110
Link State
RIP
120
Distance Vector
Max Hops
External EIGRP 170
Unknown
255 (this route will never be used
VTP Modes
1. Server Mode
2. Client Mode
3. Transparent

default

WAN Protocols
1. Frame Relay and X.25
2. LAPB
3. PPP
4. HDLC
5. ISDN

CHAPTER 1
INTERNETWORKING
All People Needs To Need Data Processing
Flow control Prevents a sending host on one side of the connection from overflowing the
buffers in the receiving host.
Cisco Three way handshake in connection oriented communication
Windowing controls how much information is transferred from one end to other.
Two types of Packets in Network Layer
o Data Packets- Transport user date IP, IPX etc
o Route Update packets- Updates neighbor routers RIP OSPF etc
Router breaks Broadcast Domains
Router also breaks Collision Domain also accomplished by layer-2 device
Data Link Layer is responsible for uniquely identifying each device on a local network.
Data Link Layer MAC-> Defines how packets are placed on media LLC -> identifies
Network layer protocol and then encapsulating them.
ASICs Application Specific Integrated Circuits.
Biggest benefit of using switch instead of hub is each switch port is its own collision domain.
So Switch breaks collision domain but cannot break broadcast domain.
CSMA/CD Carrier sense Multiple Access / Collision Detect.
Frame structure Preamble, DA, SA, Type/Length & FCS
AUI cannot support 100 Mbps
MII Media Independent Interface 802.3u for 100BaseT specification
Data Encapsulation. User data [PDU], Segments, Packets, Frames & Bits
CISCO LAYERS
o CORE
o DISTRUBUTION
o ACCESS
100BaseTX EIA/TIA Cat5 6
100BaseFX fiber 62.5/125 400 meter
100BaseSX fiber 62.5/50 260 meter
100BaseLX fiber
/9 3 km
CROSSOVER CABLE
o Switch to switch
Between HUB and SWITCH
o Hub to Hub
Router to Router

STRAIGHT CABLE
o ROUTER to HUB or SWITCH Important
o Server to HUB
o Workstation to HUB
WAN Connections
o HDLC, PPP, X.25, Frame Relay, ISDN.
Rollover cable is straight cable flip over on other side.
CHAPTER 2
SWITCHING TECHNOLOGY
Layer 2 [Data Link] Switching benefits
o Hardware based switching
o Wire Speed
o Low Latency
o Low Cost
Switches break up collision domain, but still one big broadcast domain.
BRIDGE
SWITCH
Software based
Hardware based
Only one STP per bridge
Can have many STP
Upto 16 port
Can have 100 of ports
Switch Functions
o Address learning
MAC database
o Forwarding/Filtering
looks DA and finds exit interface
o Loop Avoidance
Uses STP for loop avoidance
STP Spanning Tree Protocol
o All Cisco switches run the IEEE 802.1d version of STP.
o STP Main Task is to stop network loops
o There can be only one ROOT BRIDGE in a network
o ROOT BRIDGE ports are called designated ports.
ROOT BRIDGE Selection
o Depends on Bridge ID = 8 bytes long
o Bridge ID = Priority + MAC
o Cost of link to determine designated ports, Cost of link =Priority + MAC
o Default IEEE STP ver Priority is 32,768
o BPDUs are used to exchange STP information. Or used to send configuration
messages using multicast frames.
o Bridge IDs of a switch communicates to neighbour switches using BDPUs.
STP Port States
o Blocking
(default)
No Frame Forwarding but receives BPDUs
o Listening
o Learning
Does not forward Frames
o Forwarding
Switching Types
o Store and Forward - Complete data frame
o Fragment Free
- First 64 bytes of data frame 1518 (default for 1900 switch)
o Cut Through
- Lowest latency only DA.

Preamble
SFD
DA
SA
Type/Length
FCS
5MHz clock
6bytes
6bytes
Convergence
o Convergence occurs when bridges and switches have transitioned to either the
forwarding or blocking stage

CHAPTER 3
INTERNET PROTOCOL
All People Seems To Need Data Processing
OSI Model
DOD
Application
Process / Application
Presentation
Session
Transport
Host to Host
Network
Internet
Data Link
Network Access
Physical
TFTP is stripped-down version of FTP. Has no directory browsing abilities & no
authentication so its insecure. Compact little protocol.
SMTP method of mail delivery.
LPD Line printer daemon.
X windows designed for client-server operations, Graphical user interface
SNMP collects and manipulates valuable network information.
DNS resolves host name to ip addess
BootP used to get ip address from known mac address. (need to manually add addresses)
DHCP is like dynamic BootP automatic.
Telnet terminal emulation.
ARPA finds MAC address from IP
RARPA finds IP from MAC used by BootP or DHCP
PORT Numbers
o HTTP-81, FTP-21, TFTP-69, DNS-53, Telnet-23,
o SMTP-25, SNMP-161/162, TCP-6,UPD-17,POP-110
Port Numbers below 1024 are known as well known ports
Numbers above 1024 used by upper layer to setup sessions with hosts.
PING Packet Internet Groper uses ICMP echo messages
Subnetting
o Reduces network traffic
o Optimizes network performance
o Facilitates to span large geographic distance
CLASS A
CLASS B
CLASS C
CLASS D
CLASS E
IP Examples refer book.
CHAPTER 4
CONFIGURATION & IOS Management Commands.
Cisco Internetwork Operating System (IOS)
Command Line Interface (CLI)
Ways to connect to Cisco router
o Console Port (RJ45)
o Auxiliary Port modem connection to router
o Telnet Program
Router Boot Sequence
o POST (Power On Self Test)
o Loads Cisco IOS from Flash memory
o Valid Configuration File in NVRAM
o If no Configuration file then goes in Setup mode.
Setup Mode
o Basic
to allow connectivity to the router
o Extended
to configure global parameters & interface configuration

Router>
user mode
Use enable command to enter privileged mode
Router#
privileged mode
Use disable command to go to user mode from privileged mode
Router>logout
to exit the console
Router Modes
o Terminal
to change the running config
o Memory
to change startup-config in NVRAM
o Network
to change configuration file stored on a TFTP host.
Keepalive, which is 10 sec by default if both router not configured for the same keepalive
time, it will not work for that use router#clear counters s0 command.
COMMANDS
o Router(config)#interface ?
o Router(config)#int f0/0
o Router#clock set 10:30:00 28 may 2000
o Router#show history
Shows last 10 commands entered by default
o Router#show terminal
Shows terminal configurations and history buffer size
o Router#terminal history size
Change buffer size (max 256)
o Router#sh ver
Show ios file name, amount of DRAM, register value, how long running
o Router#show controllers s0
Shows if a DTE or DCE cable is plugged into serial 0
o Router(config-line)#exec-timeout 0 0 or 0 1
o Router(config-line)#logging synchronous
Stop console messages from popping up and disturbing you
o Router(config-line)#no login
To allow users to TELNET without password.
o Router(config)#enable secret todd
new encrypted
o Router(config)#enable password todd1
old not encrypted
o Router(config)#
o Router#copy run start
To save running config to NVRAM
o Router#erase startup-config
To erase startup-config in NVRAM
o Router#sh int e0
ENCRYPTING YOUR PASSWORD
o Router#config t
o Router(config)#service password-encryption
o Router(config)#enable password todd
o Router(config-line)#line aux 0
o Router(config-line)#login
o Router(config-line)#password todd
o Router(config-line)#line con 0
o Router(config-line)#password todd1
o Router(config)#line vty 0 197
o Router(config-line)#login
o Router(config-line)#password todd2
o Router(config-line)#exit

o Router(config)#no service password-encryption


o Router(config)#^z
o Router#
BANNER
o Router(config)#banner motd #
o Router(config)#no banner login
CONFIGURING INTERFACE
o Router(config)#int e0
o Router(config-if)#ip address 172.16.10.2 255.255.255.0
o Router(config-if)#no shut
SERIAL INTERFACE COMMAND
o Router(config)#int s0
o Router(config-if)#clock rate 64000
DESCRIPTION
o Router(config)#int e0
o Router(config-if)#description Sales lan in califonia
CHAPTER 5
IP Routing
Routing is used for taking a packet from one device and sending it through the network ot
another device on a different network.
ROUTING TYPES
o Static Routing Manually assigning routes
o Default Routing Stub networks only one exit port
o Dynamic Routing Uses Routing protocol like Distance vector RIP, IGRP
Link State OSPF,
Hybrid - EIGRP
DYNAMIC ROUTING PROTOCOL
Distance Vector [RIP-120, IGRP-100]
o RIP uses only hop count to determine the best path (up to 15). Can perform load
balancing for up to six equal-cost links. Sends complete routing table every 30 sec.
RIP version 1 uses classful. RIP version 2 uses classless routing
RIP Update timer 30 sec
RIP Invalid timer 90 sec
RIP Flush timer 240 sec
o IGRP uses bandwidth and delay of line as a metric for determining best route max
255 hop with a default of 100. This is called composite metric. Cisco proprietary.
IGRP Update timers
90 sec
IGRP Invalid timers
*3 = 270 sec
IGRP Holddown timers
*3+10 = 280 sec
IGRP Flush timers
*7 = 630 sec
Link State [OSPF 110]
o OSPF open shortest path first. Creates three separate table,
1 directly attached, 2 topology and 3 routing table.
Hybrid [EIGRP-90]
o Uses aspects of distance vector and link state for example EIGRP
Configuring Static Routing
o Syntax Router(config)#ip route <destination network> <mask> <exit interface>
o Router#config t
o Router(config)#int e0
o Router(config-if)#ip address 172.16.10.1 255.255.255.0
o Router(config-if)#no shut
o Router(config-if)#ip route 172.16.20.0 255.255.255.0 172.16.10.2

o Router(config-if)#ip route 172.16.30.0 255.255.255.0 172.16.10.2


o Router(config-if)#ip route 172.16.40.0 255.255.255.0 172.16.10.2
o Router#show ip route
To see connected networks
o Router(config-if)#no ip route 172.16.20.0 255.255.255.0 172.16.10.2
To remove static routing
Configuring Default Routing
o Router(config-if)#ip route 172.16.10.0 255.255.255.0 172.16.10.2
o Router(config-if)#ip route 172.16.20.0 255.255.255.0 172.16.10.2
o Router(config-if)#ip route 172.16.30.0 255.255.255.0 172.16.10.2
o Router(config-if)#exit
o Router(config)#ip classless
Configuring Dynamic Routing [RIP]
o Router#config t
o Router(config)#router rip
o Router(config-router)#network 172.16.0.0
o Router(config-router)#^z
o Router#sh ip route
to check routes
o Router(config-router)#passive-interface serial 0
To prevent RIP update broadcasts from being sent out a defined interface. But
same interface will receive RIP Updates.
Configuring Dynamic Routing [IGRP]
o Router#config t
o Router(config)#router igrp 10
[AS Number 1-65535] Autonomous system number
o Router(config-router)#network 172.16.0.0
o Router(config-router)#^z
o Router#sh ip route
to check
o Router(config-router)#variance ?
To load balance over unequal-cost links.
o Router(config-router)#traffic-share balanced
To share routes inversely proportional to the metrix
o Router(config-router)#traffic-share min
To use routes that has only minimum costs
PINHOLE CONGESTION
o In RIP, some times sees 56k link and T1 link as equal cost links this is called pinhole
congestion
Routing table includes Network number, exit interface and hop count
Slow convergence of distance vector routing protocol can cause inconsistent routing tables
and routing loops. Routing loops can occur because every router is not updated close to the
same time.
Max Hop count RIP permits a hop count up to 15, 16 is deemed unreachable.
Split Horizon enforces the rule that information cannot be sent back in the direction from
which it was received
Route Poisoning sends an update called poison reverse back to router
Holddown prevent regular updates messages from reinstalling a route that has gone down.
Holddown also helps prevent routes from changing too rapidly.
IGP Interior Gateway Protocol [exchange info within same AS]
EGP Exterior Gateway Protocol [exchange info between ASs]

SHOW COMMANDS
o show ip route
shows routes and their type like Static, Dynamic etc
o show protocol
shows all interfaces and IP Addresses associated.
i.e. Ethernet0 is up, line protocol is up
Internet address is 172.16.30.1/24
o show ip protocol
shows you the routing protocols configured on router.
Also displays the timers. (holddown, flushed Invalid times)
o Show flash
Show the amount of flash and files stored in flash.
o debug ip rip
sends routing updates as they are sent and received on the router console
session
o debug ip igrp events
Summary of IGRP routing information
o debug ip igrp transactions
shows message requests from neighbor routers asking for an update and
broadcast sent from your router towards neighbor router

CHAPTER 6
VLAN Virtual LANs
VLANS
o By creating VLANs, you are able to create smaller broadcast domains within a switch
by assigning different ports in the switch to different subnetworks.
o Routers, by default, send broadcasts only within the originating network, but switches
forward broadcasts to all segments.
o RSM router switch modules must be used in conjunction with switches to provice
connections between networks (VLANs).
o By using VLANs and creating multiple broadcast groups, administrators now have
control over each port and user. Users can no longer just plug their workstations into
any switch port and have access to network resources. The administrator controls
each port and whatever resources it is allowed to use.
o Broadcasts sent out from a node in one VLAN will not be forwarded to ports
configured in a different VLAN.
o Group of connected switches is called a switch fabric.
STATIC VLANs
o Administrator assigns switch ports to the VLAN. More secure.
DYNAMIC VLANs
o Uses Intelligent Management software you can enable MAC, protocol, or even
application to create dynamic VLANs. VLAN Management database can look up the
hardware address and assign and configure the switch port to correct VLAN.
Two different type of link in switched environment
o ACCESS Links are only part of one VLAN unaware of VLAN membership.
o TRUNK Links carry multiple VLANs. Used to connect switches to other switches, to
routers or ever servers. Support two different identification techniques: ISL & 802.1q.

FRAME TAGGING
o A switch fabric is a group of switches sharing the same VLAN information. Frame
identification (frame tagging) uniquely assigns a user-defined ID to each frame. This
is referred to as a VLAN ID or color.

VLAN ID Methods
o Inter-switch Link (ISL) Cisco proprietary
o IEEE 802.1q trunking between cisco and different brand router
o LAN emulation (LANE) over ATM
o 802.10 (FDDI) over FDDI also cisco proprietary.
Inter-Switch link Protocol ISL
o By running ISL, you can interconnect multiple switches and still maintain VLAN
information as traffic travels between switches on trunk links. ISL is an external
tagging process, which means the original frame is not altered but instead
encapsulated with a new 26-byte ISL header. It also adds a second 4-byte frame
check sequence (FCS) field at the end of the frame.
o Frame can be up to 1522 bytes long this is recorded as giant frame because it is over
the maximum of 1518 bytes allowed on an Ethernet segment.
TRUNKING
o Trunking allows you to make a single port part of multiple VLANs at the same time.
The benefit of trunking is that a server, for example can be in two broadcast domains
(VLANs) at the same time. Cisco switches uses DTP to manage trunk negation in the
Catalyst-switch engine software release 4.2 or later.
Routing between VLANs
o Use Router that has an interface for each VLAN, or Router that supports ISL routing
(least expensive is 2600)
o RSM switch module for 5000 series router-on-a-stick
VLAN Trunk Protocol (VTP)
o Cisco created VTP to manage all the configured VLANs across switched
o Internetwork. VTP allows an administrator to add, delete, and rename VLANs.
o Accurate tracking and monitoring VLANs
o Allowing VLANs to be trunked over mixed networks
o Dynamic reporting of added VLANs to all switches
o Plug and Play VLAN adding.
VTP Modes of Operation
o Server (default)
Needs at least one server in your VTP domain to propagate VLAN
information throughout the domain. Can add, create or delete VLANs in a
VTP domain.
o Client
Receives information from VTP Server and send and receives updates
Cannot make any changes.
o Transparent
Does not participate in the VTP domain but still forwards VTP
advertisements. Can add and delete VLANs as the switch keeps its own
database and does not share it with other switches. Transparent is considered
only locally significant.
Revision Number
o VTP server increments the revision number by 1. Switch receives an advertisement
that has a higher revision number it overwrites the database in NVRAM.
VTP Pruning
o Helps preserve bandwidth. VTP pruning only sends broadcasts to trunk links that
must have the information: any trunk link that does not need the broadcasts will not
receive them. When you enable pruning on a VTP server, you enable it for the entire
domain.

o By default is turned off on all switches, but by turning it ON in just one VTP server
whole domain is on.
CHAPTER 7
Managing a Cisco Internetwork
ROUTER BOOTING PROCESS
IOS
Flash
o POST
o IOS in Flash memory
startup-config
NVRAM
o Configuration file in NVRAM
running-config
DRAM
o No configuration file then SETUP
Configuration Register Bits (16bit register)
o Default is 2102 [Hex value]
o Controls how the router boots up.
o 2101 boot image from ROM, 2142 Ignore NVRAM contents
Command to change configuration register
o Router(config)#config-register 0x0101
o Router(config)#confreg 0x2142
PASSWORD RECOVERY
o Interrupt the router boot by performing a break sequence
o Change register value to 2142 by confreg 0x2142 command
o Reload
o Enable
o Copy start run and then change the password
o Reset the configuration register value to 2102 value by confreg 0x2102 command
o Reload the Router.
BACKING CISCO IOS
o Ping the TFTP Server then use copy flash tftp command
o Router#Ping 192.168.0.10
o Router#Copy flash tftp
RESTORING CISCO IOS
o Router#copy tftp flash
BACKUP CISCO CONFIGURATION
o Router#copy run start
o Router#copy run tftp
RESTORING CISCO CONFIGURATION
o Router#copy tftp start
o Router#copy tftp run
ERASING THE CONFIGURATION
o Router#erase startup-config
o only for delete nvram on a 1900 switch
CDP Cisco Discovery Protocol
o CDP is a proprietary protocol designed by Cisco to collect information about both
locally attached and remote devices. Useful for troubleshooting and documenting
network.
CDP timer (60 default) is how often CDP packets are transmitted to all active interfaces.
CDP Holdtime (180 default) is the amount of time that device will hold packets received
from neighbor devices.
Router(config)#cdp timer 60
Router(config)#cdp holdtime 180
To see info about directly connected devices. Local interface, name of the device, the remote
Port ID, neighbor device ID, holdtime, and the hardware platform.
o Router#show cdp neighbor

To see detail info about each device connected to the device.


o Router#show cdp neighbor detail or sh cdp entry *
To see interface traffic
o Router#sh cdp traffic
To see CDP status on router interfaces or switch ports
o Router#show cdp interface
To turn of CDP on an interface
o Router(config-if)#no cdp enable
[turns of CDP on individual interface]
o Router(config-if)#no cdp run
[turns of CDP completely on a router]
Cisco routers can become TFTP Server host with global config command tftp-server.
TELNET into multiple Devices
telnet 192.168.0.10
Press ctrl+shift+6 then X
To see the connections made from your router to remote devices
o router#show sessions
To see all active consoles and VTY ports
o router#show users
To end a Telnet session
o router#Exit or disconnect <no>
o router#Clear line <no>
Building a Host Table
o router#ip host <name> tcp_port_number ip_address
o router#show hosts
o to remove hostname from the table
router#no ip host <name>
Using DNS to Resolve Names
o router#config t
o router(config)#ip domain-lookup
[turns on DNS lookup ON by default]
o router(config)#ip name-server 192.168.0.70 [sets ip add up to six DNS server]
o router(config)#ip domain-name lammle.com [appends domain name to DNS ]
o router(config)#^z
o router#
CHAPTER 8
Configuring NOVELL IPX
IPX is a connectionless protocol similar to UDP, IPX uses sockets.
SPX is connection oriented protocol,
RIP hop count = 1/18 of a second like sap it broadcasts every 60 sec
SAP Service Access Protocol (broadcasts every 60 sec & wont cross router by default)
NLSP Netware Link Service Protocol
NCP Netware Core Protocol
GNS Get Nearest Server
Server exchange two types of information using two separate protocols: SAP communicates
service information. RIP communicates routing information.
IPX Addresses uses 80 bits or 10 bytes. The first 4 bytes always represent the network
address and the last six bytes always represents the node address.
4 byte or 24 bits
6 byte or 48 bits MAC Node Address
Network Address

Netware frame
Ethernet_802.3
Ethernet_802.2
Ethernet_II
Ethernet_SNAP

Features
Default to NetWare 3.11
Default to NetWare 3.12
Supports TCP/IP and IPX
Supports AppleTalk, IPX &
TCP/IP

Cisco keyword
Novell_ether
Sap
Arpa
Snap

Token-ring
Sap (default)
Token-ring_snap
Snap
Fddi_snap
Snap (default)
Fddi_802.2
Sap
Fddi_raw
Novell_fddi
Enabling IPX on Individual Interfaces
o router(config-if)#ipx network <number> <encapsulation-type> <secondary>
o Router#config t
o Router(config)#ipx routing
o Router(config)#int e0
o Router(config-if)#ipx network 10
To view the IPX routing table
o Show ipx route
To add secondary addresses
o Router(config-if)#ipx network 10a encap sap sec
o Or use subinterfaces #int e.10 then use #ipx network 10a encap sap
Configuring Multiple Frame Types on Router
o Router(config)#int e0
o Router(config-if)#ipx network 10a encap sap sec
o Router(config-if)#int e0.10
o Router(config-if)#ipx network 10b encap arpa
o Router(config-if)#int e0.20
o Router(config-if)#ipx network 10c encap snap
Monitoring IPX on Cisco Router
o To display contents of SAP table
Show ipx servers
o To display IPX routing table
Show ipx route
o To load balance with IPX
router(config)#ipx maximum-path 2
o To see ipx packets received and transmitted (traffic)
Router#show ipx traffic
o To see interface status of IPX (SAP and RIP) on each interface
Router#show ipx interface
o To se IPX address, and encapsulation type of individual interface
Router#show ipx interface e0 or sh ipx int e0
o To see IPX address, encapsulation type and routed protocol configured on router and
interface addresses
Router#show protocols
o To see information about IPX & RIP packets transmitted & received on router
debug ipx routing activity
undebug ipx routing activity
o To see IPX & SAP packets that are transmitted & received on router
debug ipx sap activity
undebug ipx sap activity
o To see IPX address of neighbor router
show cdp entry *
ping ipx 40.0000.0c8d.5c9d

CHAPTER 9
ACCESS LISTS
Important rules packets follows when compared with an access list
o Checks in Sequential order
o Only till a match is made.
o Implicit deny at the end of each access list
Two types of ACCESS List
o Standard Access List
Use only source IP Address
o Extended Access List
Use both source & destination IP Address, Protocol & Port number or socket
number for IPX.
Access list can be applied on an interface with either inbound or outbound list.
To add secondary addresses\
INBOUND ACCESS LIST
o Packets are processed through the access list before being routed to the outbound
interface
OUTBOUND ACCESS LIST
o Packets are routed to the outbound interface and then processed through the access
list.
GENERAL RULES
o One access list per interface
o Keep more specific tests at the top
o New list will be placed at the bottom
o You cannot remove one line from the access list
o Every list should have at least one permit statement, or you might as well shut the
interface down.
o Place IP standard access lists as close to the destination as possible.
o Place IP extended access lists as close to the source as possible.
o By default there is an implicit deny all at the end of every access list.
o 1 in access list says any node (IPX)
1-99 STD IP
800-899 STD IPX
1000-1099 IPX SAP
600-699 Appletalk
100-199 EXT IP 900-999 EXT IPX 1100-1199 Ext MAC
700-799 48bit MAC
Router(config)#access-list 10 deny host 172.16.30.2
BLOCK Size used to specify the range of addresses. i.e. 4 8 16 32 64
Example router(config)#access-list 10 deny 172.16.16.0 0.0.3.255
o Above block size 4 tell to deny the range 172.16.16.0 to172.16.19.0
Any = 0.0.0.0 255.255.255.255
APPLYING STANDARD ACCESS LIST
o Router#config t
o Router(config)#access-list 10 deny 172.16.40.0 0.0.0.255
o Router(config)#access-list 10 permit any OR
o Router(config)#access-list 10 permit 0.0.0.0 255.255.255.255
o Router(config)#int e0
o Router(config-if)#ip access-group 10 out
CONTROLLING VTY Telnet Access
o Router(config)#access-list 50 permit 172.16.10.3
o Router(config)#line vty 0 4
o Router(config)#access-class 50 in
APPLYING EXTENDED ACCESS LIST
o Router(config)access-list <no> <permit/deny> <SA> <DA> <port number>

o Router(config)access-list 110 deny any host 172.16.10.5 eq 21


o Router(config)access-list 110 deny any host 172.16.10.5 eq 23
o Router(config)access-list 110 permit ip any any
Monitoring IP Access list
o To see all access list on router but will not show which interface is set on
Router#show access-list
Router#show access-list <number>
o To see only ip or ipx access list
Router#show ip access-list
Router#show ipx access-list
o To see which interface have access list set
Router#show ip interface
Router#show ipx interface
o To see access list and also which interfaces have access list set
Show running-config
STANDARD IPX Access list
o Router(config)#access-list 810 permit 20 40
o Router(config)#int e0
o Router(config-if)#ipx access-group 810 out
EXTENDED IPX Access list
o Router(config)#access-list <no> <permit/deny> <protocol> <source> <socket>
<destination> <socket>
Two type of SAP Filters
IPX input SAP filter
IPX output SAP filter
o Router(config-if)#ipx input-sap-filter
o Router(config-if)#ipx output-sap-filter

CHAPTER 10
WAN Technologies
CPE Customer premises equipment that is owned and located at subscribers premises.
Demarcation (demarc) Last responsibility of the service provider.
CO Central Office
WAN Protocol
Frame Relay
HDLC
PPP
X.25
ISDN
LAPB
Frame Relay
o Typically runs at speed of 64kbps to 1.544 Mbps. Frame relay provides features for
dynamic-bandwidth allocation and congestion control. Frame Relay provides
connection oriented via virtual circuits connections.
Virtual Circuits are logical connections between two DTEs which is identified by
DLCIs. Data link connection identifier.
DLCI numbers used to identify a PVC, assigned by provider starts at 16-1007
PVC Permanent Virtual Circuits and SVC Switched Virtual Circuits
Frame Relay mappings are usually created statically by service provider.
o Frame Relay Encapsulation type
1. Cisco (default)
2. IETF (Internet Engg Task Force)
o LMI is a signaling std between CPE device and frame relay switch.
o 1. Cisco default Gang of four
LMI Types
o 2. ANSI
o 3. ITU-T q933a

o Two type of sub interfaces


1. Point to Point
#int s0.16 point-to-point
2. Multipoint
o Mapping Frame Relay ip address must be mapped to DLCIs.
Use Frame Relay map command
Use the inverse-arp function
o Frame Relay Congestion Control
DE (Discard Eligibility) detects congestion, turn DE bit on in frame relay
FECN (Forward-Explicit Congestion Notification)
BECN (Backward-Explicit Congestion Notification)
o CIR (Committed Information Rate)
Frame Relay provider allows customers to buy a lower amount of bandwidth
than what they really need. This is called CIR.
ISDN
o Higher-speed connection. BRI 2B+D 144kbps PRI 23B+D 1.544 kbpx
o TE1 Understands ISDN, TE2 Non ISDN, TA Terminal Adapter to convert TE2
wiring to TE1
o SPID Service Profile Identifier one for each B-channel.
o isdn switch-type command can be configured either in global configuration or
interface configuration mode. Global will affect all bri interfaces whereas interface
configuration will only configure one bri interface.
LAPB
o Link Access Procedure Balanced has a tremendous amount of overhead because of its
strict timeout and windowing techniques.
HDLC
o High Level Data Link Control was derived from Synchronous SDLC. Each vendors
HDLC is proprietary for his or her equipment. HDLC is a point to point protocol used
on leased lines. No authentication can be used with HDLC. HDLC is the default
encapsulation used by Cisco routers.
PPP
o Point-to-Point can be used between different vendors. Allows authentication and
multi-link connections and can be run over asynchronous and synchronous links. PPP
can be either asynchronous (dialup) or synchronous (ISDN).
LCP Method of establishing, configuring, maintaining and terminating the
point-to-point connection.
=> Authentication, Compression, Error detection, Multilink
NCP Method of establishing, configuring different Network layer protocols.
(IPCP, IPXCP)
PPP Authentication Methods
o PAP Password Authentication Protocol.
Less secure, clear text & only once in begining
o CHAP Challenge Authentication Protocol.
Periodic checkups, more secure, sends challenge, one-way hash function
Configuring PPP on Cisco Router.
o Router(config)#int s0
o Router(config-if)# encapsulation ppp
o Router(config-if)#exit
o Router(config)#username name password secret-pwd
o Router(config-if)#ppp authentication <pap/chap>
o Router(config-if)#^z
o Router#

Configuring Frame Relay on Cisco Router.


o Router# config t
o Router(config)# int s0
o Router(config-if)# encapsulation frame-relay <cisco or ietf>
o Router(config-if)# frame-relay interface-dlci <16-1007>
o Router(config-if)# frame-relay lmi-type <cisco/ansi/q933a>
o Router(config-if)# frame-relay keepalive <noofseconds>
o Router(config-if)# frame-relay inverse-arp <protocol> <dlci>
o Router(config-if)# frame-relay map <protocol> <dlci>
Monitoring Frame Relay
o LMI Traffic statistic exchanged between local router & Frame relay switch
Show frame lmi
o List all configured PVCs and DLCI numbers
Show frame pvc
o LMI DLCI 1023 is Cisco default & LMI DLCI 0 is ANSI
o Shows network layer to DLCI Mapping
Show frame map
o To verify troubleshoot frame relay connection
debug frame-relay lmi
Configuring ISDN with Cisco Routers
o Router#config t
o Router(config)#isdn switch-type basic-nel
o Router(config)#int bri0
o Router(config)#encap ppp (optional)
o Router(config)#isdn spid1 086506610100 8650661
o Router(config)#isdn spid2 086506620100 8650662
Configuring Dialer Information (DDR)
o 1. Define static routes
#ip route 172.16.50.0 255.255.255.0 172.16.60.2
#ip route 172.16.60.0 255.255.255.0 bri0
o 2. Specify the traffic
#dialer-list 1 protocol ip permit
int bri0
dialer-group 1
o 3. Configure the dialer
config t,
int bri0
ip address 172.16.60.1 255.255.255.0
no shut
encap ppp
dialer-group 1
dialer-string 8350661
OR
dialer map ip 172.16.60.2 name 804B 8350661
o dialer load-threshold command tells the BRI interface when to bring up the second
B channel. Below command tell to bring up the second B Channel if either the
inbound or outbound traffic load is 50 percent.
router(config)#dialer load-threshold 125 either
o dialer idle-timeout command specifies the number of seconds before a call is
disconnected. Default is 120 sec
router(config)#dialer idle-timeout 180

Verifying ISDN
o ping or telnet
o show dialer
o show isdn active
o show isdn status
o debug isdn q921 or debug isdn q931
o debug dialer
o isdn disconnect int bri0

Appendix

TEST

Appendix
B
Configuring Catalyst 1900 Switch
Two types of Operating system that runs on Cisco Switches
o IOS Based
o Set Based
Three configuration Options
o [M] Menu-based options
o [K]
CLI
o [I]
IP Configuration
Setting up password
o Press k to go to command line interface
o >enable
o #config t
password length 4 8 only
o (config)#enable password level 1 todd
user mode password level 1
o (config)#enable password level 15 toddlamm
enable mode password level 15
o (config)#exit
On switch enable password and enable secret password can be same. But not on router.
Default switching mode on 1900 is Fragment Free (first 64 bytes), also STP & CDP are
enabled by default.
You can create up to 64 VLANs on 1900 switch
By default all ports on switch are associated with VLAN1.
Setting Hostname
o Press k to go to command line interface
o >enable
o #config t
o (config)#hostname Todd1900
o todd1900(config)#
Setting IP Address
o To set ip address and default gateway
(Config)#ip address 172.16.10.16 255.255.255.0
(config)#ip default-gateway 172.16.10.1
o To see current ip configuration
Show ip
o To setup interface description
(config)#int e0/1
(config-if)#description Finance_VLAN
(config-if)#int f0/26
(config-if)#description trunk_to_Building_4
o To see description and configuration of interfaces
(config)#show interface or show int e0/1
(config)#show run

o To configure Port Duplex


(config)#int f0/26
(config-if)#duplex <auto/full/half/full-flow-control>
o To erase Switch Configuration
Todd1900#delete nvram
Managing MAC Address Table
o To configure permanent hardware address to an interface (fix source)
Todd1900(config)#mac-address-table permanent 00a0.2448.60a5 e0/4
o To configure restricted hardware address (fix source & fix interface on switch)
Todd1900(config)#mac-address-table restricted static 00a0.2448.60a5 e0/2
e0/5
o To see MAC Table
Todd1900#sh mac-address-table
o To clear MAC Addresses
Clear mac-address-table [dynamic/permanent/restricted] [int dest] [int source]
o To configure Port Security
todd1900(config)#port secure max-mac-count 1
o To change switching type
todd1900#sh port system
todd1900#switching-mode <fragment-free/store-and-forward>
CONFIGURING VLANS
o 1900todd(config)#vlan 2 name sales
o 1900todd(config)#vlan 3 name marketing
o 1900todd(config)#vlan 4 name mis
o 1900todd(config)#exit
o .
o 1900todd(config)#int e0/2
o 1900todd(config-if)#vlan-membership static 2
o 1900todd(config)#int e0/4
o 1900todd(config-if)#vlan-membership static 3
o 1900todd(config)#int e0/5
o 1900todd(config-if)#vlan-membership static 4
o 1900todd(config-if)^z
o 1900todd#show vlan
o 1900todd#show vlan-membership
VLAN NAME
Status
Port
-------------------------------------------1
default
Enabled
1,3, 6 12, AUI, A, B
2
sales
Enabled
2
3
marketing
Enabled
4
4
mis
Enabled
5
1002
fddi-default
Suspended
--------------------------------------------

o 1900todd(config-if)#trunk on
o 1900todd(config-if)no trunk-vlan 5
o 1900todd(config)#show trunk a allowed-vlans
CONFIGURING ISL Routing on Router 2621
o Each hosts in their VLAN must use the same subnet addressing. To configure router-onstick for inter-VLAN routing you need to complete three steps.

Enable ISL trunking on switch port


Enable ISL encapsulation on routers subinterfaces
Assign an IP Address to subinterfaces.
2621#config t
2621(config)#int f0/0.1
2621(config-if)#encapsulation isl 1
2621(config-if)#ip address 172.16.10.1 255.255.255.0

o
o
o
o
o
o 2621(config)#int f0/0.2
o 2621(config-if)#encapsulation isl 2
o 2621(config-if)#ip address 172.16.20.1 255.255.255.0
o
o 2621(config)#int f0/0.3
o 2621(config-if)#encapsulation isl 3
o 2621(config-if)#ip address 172.16.30.1 255.255.255.0
o
o 2621(config)#int f0/0
o 2621(config-if)#no shutdown
CONFIGURING VTP
o Todd1900#vtp server
o Todd1900#vtp domain lammle
o Todd1900#vtp password todd
o To delete VTP NVRAM database
Todd1900#delete vtp
o To turn on VTP Pruning
Todd1900#vtp pruning enable
RESTORING, BACKUP & DELETING 1900 IOS
o Todd1900#copy tftp://tftp_host_ip_address/IOS_filename opcode
o Todd1900#copy nvram tftp://192.168.0.120/1900en
o Todd1900#delete nvram
CDP with 1900
o Todd1900# show cdp
o Todd1900(config)#cdp timer 60
default
o Todd1900(config)#cdp holdtime 120
default

Anda mungkin juga menyukai