Bibila 2.0 Extended Ccna Cheat Sheet

Contents
Chapter Summary CCNA 1 .......................................................................................................................................... 7

Chapter 1: Explore the Network ......................................................................................................................................... 7
1.1 Globally Connected ..................................................................................................................................................... 7
Networking Today......................................................................................................................................................... 7
Providing Resources in a Network .............................................................................................................................. 7
1.2 LANs, WANs, and the Internet.................................................................................................................................. 8
Network Components ................................................................................................................................................... 8
LANs and WANs ........................................................................................................................................................... 9
The Internet, Intranets, and Extranets ....................................................................................................................... 9
Internet Connections................................................................................................................................................... 10
1.3 The Network as a Platform ...................................................................................................................................... 10
Converged Networks................................................................................................................................................... 10
Reliable Network ......................................................................................................................................................... 11
1.4 The Changing Network Environment ..................................................................................................................... 11
Network Trends........................................................................................................................................................... 11
Networking Technologies for the Home .................................................................................................................... 11
Network Security......................................................................................................................................................... 12
Summary ...................................................................................................................................................................... 13
Section 1.1 New Terms and Commands .................................................................................................................... 13
Chapter 2 – Sections & Objectives .................................................................................................................................... 15
2.1 IOS Bootcamp ........................................................................................................................................................... 15
Cisco IOS ..................................................................................................................................................................... 15
Cisco IOS Access ......................................................................................................................................................... 16
Navigate the IOS ......................................................................................................................................................... 16
The Command Structure............................................................................................................................................ 17
2.2 Basic Device Configuration ...................................................................................................................................... 17
Hostnames .................................................................................................................................................................... 17
Limit Access to Device Configurations ..................................................................................................................... 17
Save Configurations .................................................................................................................................................... 18
2.3 Address Schemes ....................................................................................................................................................... 18
Ports and Addresses .................................................................................................................................................... 18
1|Page
Configure IP Addressing ............................................................................................................................................ 19
Summary ...................................................................................................................................................................... 20
Section 2.1 New Terms and Commands........................................................................................................................ 20
3.1 Rules of Communication .......................................................................................................................................... 22
The Rules ..................................................................................................................................................................... 22
3.2 Network Protocols and Standards ........................................................................................................................... 23
Protocols....................................................................................................................................................................... 23
Protocol Suites ............................................................................................................................................................. 23
Standard Organizations ............................................................................................................................................. 24
Reference Models ........................................................................................................................................................ 24
3.3 Data Transfer in the Network .................................................................................................................................. 25
Data Encapsulation ..................................................................................................................................................... 25
Data Access .................................................................................................................................................................. 25
3.4 Chapter Summary..................................................................................................................................................... 26
Summary ...................................................................................................................................................................... 26
4.1 Network Access ......................................................................................................................................................... 28
Physical Layer Protocols Physical Layer Connection ............................................................................................. 28
Physical Layer Protocols Purpose of the Physical Layer ........................................................................................ 29
Physical Layer Protocols Physical Layer Characteristics ....................................................................................... 29
4.2 Network Media .......................................................................................................................................................... 29
Copper Cabling ........................................................................................................................................................... 29
UTP Cabling ................................................................................................................................................................ 30
Fiber-Optic Cabling .................................................................................................................................................... 31
Wireless Media ............................................................................................................................................................ 32
4.3 Data Link Layer Protocols ....................................................................................................................................... 32
Purpose of the Data Link Layer ................................................................................................................................ 32
4.4 Media Access Control ............................................................................................................................................... 33
Topologies .................................................................................................................................................................... 33
2|Page
WAN Topologies ......................................................................................................................................................... 33
LAN Topologies ........................................................................................................................................................... 34
Data Link Frame ......................................................................................................................................................... 34
4.5 Chapter Summary..................................................................................................................................................... 34
Summary ...................................................................................................................................................................... 34
5.1 Ethernet Protocol ...................................................................................................................................................... 37
Ethernet Frame ........................................................................................................................................................... 37
Ethernet MAC Addresses ........................................................................................................................................... 38
5.2 LAN Switches ............................................................................................................................................................ 38
The MAC Address Table............................................................................................................................................ 38
Switch Forwarding Methods ...................................................................................................................................... 39
Switch Port Settings .................................................................................................................................................... 39
5.3 Address Resolution Protocol .................................................................................................................................... 39
MAC and IP................................................................................................................................................................. 39
ARP .............................................................................................................................................................................. 40
ARP Issues ................................................................................................................................................................... 40
5.4 Chapter Summary..................................................................................................................................................... 41
Chapter Summary Summary ..................................................................................................................................... 41
Commands ..................................................................................................................................................................... 42
Configure basic Networking ...................................................................................................................................... 42
Troubleshoot basic Networking............................................................................................................................ 43
Troubleshoot networks with SPAN ...................................................................................................................... 44
Port Security .................................................................................................................................................................. 44
Troubleshooting Port Security .............................................................................................................................. 45
Configure vlans ............................................................................................................................................................. 45
Layer2 Switch Vlan Config ...................................................................................................................................... 45
Layer3 Switch Vlan Config ...................................................................................................................................... 46
3|Page
Router (on a Stick) Vlan Config ............................................................................................................................ 46
Troubleshoot Vlans on a switch ............................................................................................................................ 46
VTP ............................................................................................................................................................................... 47
Troubleshoot VTP ..................................................................................................................................................... 47
STP ................................................................................................................................................................................... 47
Troubleshoot STP ..................................................................................................................................................... 48
Etherchannel (Link Aggregation).............................................................................................................................. 48
Troubleshoot Etherchannel (Link Aggregation) ............................................................................................... 48
TODO: Configure a Serial............................................................................................................................................ 49
ACLs ................................................................................................................................................................................. 49
Interface ACLs............................................................................................................................................................ 50
Troubleshooting ACLs ............................................................................................................................................. 50
NAT .................................................................................................................................................................................. 50
SNAT ............................................................................................................................................................................ 51
DNAT ........................................................................................................................................................................... 51
PAT ............................................................................................................................................................................... 51
Troubleshooting NAT .............................................................................................................................................. 52
DHCP Server................................................................................................................................................................... 52
Troubleshooting DHCP ........................................................................................................................................... 53
HSRP ................................................................................................................................................................................ 53
Troubleshooting HSRP ............................................................................................................................................ 53
SLAs.................................................................................................................................................................................. 54
Troubleshooting SLAs ............................................................................................................................................. 54
Device Management .................................................................................................................................................... 54
Firmware Management ........................................................................................................................................... 55
License Management ............................................................................................................................................... 55
Reset Password ......................................................................................................................................................... 56
Telnet / Console ........................................................................................................................................................ 57
SSH ............................................................................................................................................................................... 57
Clock ............................................................................................................................................................................ 58
Disable unused services .......................................................................................................................................... 58
Radius .......................................................................................................................................................................... 59
TACACS+..................................................................................................................................................................... 59
4|Page
Syslog .......................................................................................................................................................................... 60
SNMP ........................................................................................................................................................................... 60
CDP - Cisco Discovery Protocol ............................................................................................................................. 60
LLDP - Link Layer Discovery Protocol .................................................................................................................. 61
PPP ................................................................................................................................................................................... 61
Troubleshooting PPP ............................................................................................................................................... 62
MLP .............................................................................................................................................................................. 62
PPPoE........................................................................................................................................................................... 63
GRE ................................................................................................................................................................................... 64
Troubleshooting GRE ............................................................................................................................................... 64
RIPv2 ................................................................................................................................................................................ 64
Troubleshooting RIPv2............................................................................................................................................ 65
EIGRP ............................................................................................................................................................................... 65
EIGRP with ipv6 ......................................................................................................................................................... 66
OSPF ................................................................................................................................................................................. 67
OSPF with ipv6 (OSPFv3) ........................................................................................................................................ 67
Troubleshooting OSPF............................................................................................................................................. 67
BGP................................................................................................................................................................................... 68
CLI ..................................................................................................................................................................................... 69
Default Behavior ....................................................................................................................................................... 69
Modes .......................................................................................................................................................................... 69
Filters ........................................................................................................................................................................... 69
Navigation .................................................................................................................................................................. 70
Packet Types .................................................................................................................................................................. 70
Ethernet Frame .......................................................................................................................................................... 70
IPv4 Header ................................................................................................................................................................ 71
TCP Segment.............................................................................................................................................................. 72
UDP Segment............................................................................................................................................................. 72
To Sort and Misc ........................................................................................................................................................... 73
IPv6 Configuration .............................................................................................................................................................. 73
Enabling IPv6 ............................................................................................................................................................... 73
IPv6 Routing: ............................................................................................................................................................... 73
MANAGING STATIC ROUTING FOR CISCO NETWORKING ...................................................................................... 74
5|Page
MANAGING ROUTING INFORMATION PROTOCOL FOR CISCO NETWORKING ........................................................... 74
MANAGING ENHANCED INTERIOR GATEWAY ROUTING PROTOCOL FOR CISCO NETWORKING ............................. 75
MANAGING OPEN SHORTEST PATH FIRST FOR CISCO NETWORKING .................................................................... 75
VIEWING ROUTING INFORMATION FOR CISCO NETWORKING ............................................................................. 76
6|Page
Chapter Summary CCNA 1
Chapter 1: Explore the Network

1.1 Globally Connected
 Explain how networks affect the way we interact, learn, work, and play.
 Explain how host devices can be used as clients, servers, or both.
1.2 LANs, WANs, and the Internet
 Explain the use of network devices.
 Compare the devices and topologies of a LAN to the devices and topologies of a WAN.
 Describe the basic structure of the Internet.
 Explain how LANs and WANs interconnect to the Internet.
1.3 The Network as a Platform
 Explain the concept of a converged network.
 Describe the four basic requirements of a reliable network.
1.4 The Changing Network Environment
 Explain how trends such as BYOD, online collaboration, video, and cloud computing are changing the way we interact.
 Explain how networking technologies are changing the home environment.
 Identify basic security threats and solutions for both small and large networks.
 Describe the importance of understanding the underlying switching and routing infrastructure of a network.
1.1 Globally Connected
Networking Today
 Network has no boundary and supports the way we:
 Learn
 Communicate
 Work
 Play
Providing Resources in a Network
 Networks of Many Sizes

 Small Home / Office Networks
 Medium to Large Networks
 World Wide Network
 Clients and Servers
 Clients request and display information
 Servers provide information to other devices on the network
 Peer-to-Peer
 Computers can be both server and client at the same time.
 What are the advantages?
 What are the disadvantages?
7|Page
1.2 LANs, WANs, and the Internet
Network Components
 End Devices
 Either the source or destination of a message
 Name some end devices
 Intermediary Network Devices
 Connect multiple individual networks to form an internetwork
 Connect the individual end devices to the network
 Ensure data flows across the network
 Provide connectivity
 Network Media
 Provide the pathway for data transmission
 Interconnect devices
 Name the three types of media
 Network Representations
 What do the symbols represent?
 Topology Diagrams
 Physical
 Logical
8|Page
LANs and WANs
 Local Area Networks
 Spans across small geographical area
 Interconnects end devices
 Administrated by a single organization
 Provide high speed bandwidth to internal devices
 WAN Area Networks
 Interconnects LAN
 Administrated by multiple service providers
 Provide slower speed links between LANS
 Can you name more network types?
The Internet, Intranets, and Extranets

 The Internet
 Worldwide collection of interconnected networks
 Not owned by any individual or group
 Intranets and Extranets

9|Page
Internet Connections
 Internet Access Technologies
 Internet Service Provider (ISP)
 Broadband cable
 Broadband Digital Subscriber Line (DSL)
 Wireless WANs
 Mobile Services
 Business DSL
 Leased Lines
 Metro Ethernet
 Types of Internet Connections
 Home and Small Office
 Business
1.3 The Network as a Platform
Converged Networks
 Traditional Separate Networks
 Each network with its own rules and
 The Converging Network
 Capable of delivering data, voice, and video over the same network infrastructure
10 | P a g e
Reliable Network
 Four Basic Characteristics of Network Architecture
 Fault Tolerance
 Scalability
 Quality of Service (QoS)
 Security
1.4 The Changing Network Environment

Network Trends
 Top trends include:
 Bring Your Own Device (BYOB)
 Online Collaboration
 Video Communications
 Cloud Computing
Networking Technologies for the Home

 Technology Trends in the Home
 Smart home
 Powerline Networking
 Uses existing electrical wiring to connect devices
 Wireless Broadband
 Wireless Internet Service Provider (WISP)
 Wireless Broadband Service using cellular technology
11 | P a g e
Network Security
 Security Threats
 Viruses, worms, and Trojan horses
 Spyware and adware
 Zero-day attacks, also called zero-hour attacks
 Hacker attacks
 Denial of service attacks
 Data interception and theft
 Identity theft
 Security Solutions
 Antivirus and antispyware
 Firewall filtering
 Dedicated firewall systems
 Access control lists (ACL)
 Intrusion prevention systems (IPS)
 Virtual Private Networks (VPNs)
Network Architecture
 Cisco Network Architecture
Support technologies and applications
Ensure connectivity across any combination of networks
 CCNA
A first step to a networking career
12 | P a g e
1.5 Chapter Summary
Summary
 Explain how multiple networks are used in everyday life.
 Describe the topologies and devices used in a small to medium-sized business network.
 Explain the basic characteristics of a network that supports communication in a small to medium-sized business.
 Explain trends in networking that will affect the use of networks in small to medium-sized businesses.
Section 1.1 New Terms and Commands
 client
 collaborative learning spaces
 global communities
 human network
 network collaboration services
 network of networks
 peer-to-peer network
 server

 broadband cable
 broadband DSL
 business DSL
 cable
 cellular
 dedicated leased line
 dial-up telephone
 DSL
 end devices
 extranet
 hardware
 intermediary devices
 internetworking devices
 Internet Service Provider (ISP)
 Intranet
 leased lines
 Local Area Network (LAN)
 logical topology diagrams
 medium
 Metropolitan Area Network (MAN)
 metro Ethernet
 network access devices
 network interface card (NIC)
 network media
 physical port, interface
 physical topology diagrams

 satellite
 security devices
 service provider (SP)
 software
 Storage Area Network (SAN)
 TelePresence endpoint
 teleworkers
 topology diagram
 VoIP phones
 Wide Area Network (WAN)
 Wireless LAN (WLAN)
13 | P a g e
 availability
 circuit switched networks
 content security
 converged network
 data confidentiality
 data integrity
 delay
 Denial of Service (DoS)
 encrypting data
 fault tolerance
 hierarchical layered structure
 intelligent information network
 network architecture
 network bandwidth
 network congestion
 network infrastructure security
 packet loss
 packet switched networks
 packets
 Quality of Service (QoS)
 queue
 redundancy
 routing function
 scalability
 user authentication

 access control lists (ACL)
 adware
 Bring Your Own Deice (BYOD)
 cloud computing
 data centers
 data interception and theft
 hacker attacks
 identity theft
 intrusion prevention systems (IPS)
 multiple layers of security

 multitasking
 online collaboration
 person-to-person video calling
 powerline networking
 server clusters
 server farms
 smart home technology
 spyware
 Trojan horses
 video conferencing
 virtual private networks (VPNs)
 virtualization
 viruses
 wireless broadband service
 wireless internet service provider (WISP)
 wireless local area networks (WLAN)
 worms
 zero-day attacks
14 | P a g e
Chapter 2 – Sections & Objectives
2.1 IOS Bootcamp
 Explain the purpose of Cisco IOS.
 Explain how to access a Cisco IOS device for configuration purposes.
 Explain how to navigate Cisco IOS to configure network devices.
 Describe the command structure of Cisco IOS software.
2.2 Basic Device Configuration
 Configure hostnames on a Cisco IOS device using the CLI.
 Use Cisco IOS commands to limit access to device configurations.
 Use IOS commands to save the running configuration.
2.3 Address Schemes

 Explain how devices communicate across network media.
 Configure a host device with an IP address.
 Verify connectivity between two end devices.
2.1 IOS Bootcamp
Cisco IOS

 Operating Systems
 PC OS allows users to interact with the computer
 User-computer interaction in PC OSs are often done via mouse, keyboard and monitor
 Cisco IOS is also an Operating System
 Cisco IOS allows users to interact with Cisco devices.
 Cisco IOS enables a technician to:

 Use a keyboard to run CLI-based network programs.
 Use a keyboard to enter text and text-based commands.
 View output on a monitor.
 All Cisco networking devices come with a default IOS.
 It is possible to upgrade the IOS version or feature set.
15 | P a g e
Cisco IOS Access
 Access Methods
 Console
 Auxiliar
 Virtual Terminal (Telnet / SSH)
 Terminal Emulation Programs
 PuTTY
 Tera Term
 SecureCRT
Navigate the IOS


 Cisco IOS Modes of Operation
 Initial configuration must be done via console connection.
 Configuration is then done via various CLI command modes.
 Primary Command Modes

 User EXEC Mode
 Privileged EXEC Mode
 Configuration Command Modes
 The Configure Terminal command enters the Global Configuration Mode.
 Sub-configuration modes are accessible from the Privileged EXEC Mode.
 Examples are: swtich(config-line)# and switch(config-if)#
 Navigate Between IOS Modes
 Navigation between modes is also done via commands.
 The enable command enters the Privileged EXEC Mode.
 The exit commands exits to the parent command mode.
16 | P a g e
The Command Structure
 Basic IOS Command Structure
 The general syntax for a command is the command followed by any appropriate keywords and arguments.
 Keyword – a specific parameter defined in the operating system
 Argument – not predefined; a value or variable defined by the user
 IOS Command Syntax
 Provides the pattern or format that must be used when entering a command.
 The Cisco IOS Command Reference is the ultimate source of information for a particular IOS command.
 IOS Help Feature
 The IOS has two forms of help available: Context-Sensitive Help and Command Syntax Check.
 Hotkeys and Shortcuts
 Commands and keywords can be shortened to the minimum number of characters that identify a unique selection.
 Line editing keyboard shortcuts such as Ctrl-A are also supported.
2.2 Basic Device Configuration
Hostnames
 Device Names
 Hostnames allow devices to be identified by network administrators over a network or the Internet.
 Very important and should also be displayed in the topology.
 Configure Hostnames
 IOS hostnames should:
 Start with a letter
 Contain no spaces
 End with letter or digit
 Use only letters, digits or dashes
 Be less than 64 characters in length
Limit Access to Device Configurations

 Secure Device Access
 Secure privileged EXEC and user EXEC access with a password.
 Secure virtual terminal lines with a password.
 Configure Passwords
 Use strong passwords.
 Avoid re-using passwords
 Encrypt Passwords
 Cisco IOS displays passwords in plain text by default.
 Passwords should be encrypted.
 Banner Messages
 Important part of the legal process in the event that someone is prosecuted for breaking into a device.
 Wording that implies that a login is “welcome” or “invited” is not appropriate.
 Often used for legal notification because it is displayed to all connected terminals.
17 | P a g e
Save Configurations
 Save the Running Configuration File
 File stored in NVRAM that contains all of the commands that will be used upon startup or reboot
 NVRAM does not lose its contents when the device is powered off.
 Alter the Running Configuration
 File stored in RAM that reflects the current configuration, modifying affects the operation of a Cisco device immediately.
 RAM loses all of its content when the device is powered off or restarted.
 Capture Configuration to a Text File
 Configuration files can also be saved and archived to a text document.
 The configuration can then be edited with any text editor and placed back in the device.
2.3 Address Schemes

Ports and Addresses
 IP Addresses
 Each end device on a network must be configured with an IP address.
 Enable devices to establish end-to-end communication on the Internet.
 The structure of an IPv4 address is called dotted decimal notation and is represented by four decimal numbers between
0 and 255.
 IPv6 is the most recent version of IP and the replacement for the more common IPv4.
 Interface and Ports
 Network communications depend on interfaces and the cables that connect them.
 Different types of network media have different features and benefits.
 Ethernet is the most common local area network (LAN) technology.
 SVI provides a means to remotely manage a switch over a network.
18 | P a g e
Configure IP Addressing
 Manual IP Address Configuration for End Devices
 To manually configure an IPv4 address on a Windows host, open the Control Panel > Network Sharing Center > Change
adapter settings and choose the adapter.
 Next right-click and select Properties to display the Local Area Connection Properties shown in Figure 1.
 Automatic IP Address Configuration for End Devices
 DHCP enables automatic IPv4 address configuration for every end device that has DHCP enabled. No extra
configuration is needed.
 Switch Virtual Interface Configuration
 To configure an SVI on a switch, use the interface vlan 1 global configuration command. Vlan 1 is not an actual physical
interface but a virtual one.
Verifying Connectivity

 Interface Addressing Verification
 Cisco IOS supports commands to allow IP configuration verification.
 End-To-End Connectivity Test

 The ping command can be used to test connectivity to another device on the network or a website on the Internet.
19 | P a g e
2.4 Chapter Summary
Summary
 Explain the features and functions of Cisco IOS Software.
 Configure initial settings on a network device using the Cisco IOS software.
 Given an IP addressing scheme, configure IP address parameters on end devices to provide end-to-end connectivity in a small
to medium-sized business network.
 kernel
 shell
 Command-line interface (CLI)
 Graphical user interface (GUI)
 Cisco IOS
 Firmware
 Console
 Out-of-band
 SSH
 Telnet
 Auxiliary port (AUX)
 PuTTY
 Tera Term
 SecureCRT
 OS X Terminal
 Cisco IOS modes
 User EXEC mode
 Privileged EXEC mode
 Global Configuration Mode
 Line configuration mode
 Interface configuration mode
 enable command
 disable command
 exit command
 end command
 Key combination – Ctrl+Z
 Context-Sensitive Help
 Command Syntax Check

 CLI Hot Keys and Shortcuts
 Hostnames

 hostname name
 Strong passwords
 enable secret class
 line console 0
 password cisco
 login
 line vty 0 15
 service password-encryption
 banner motd # the message of the day #
 Startup configuration
 Random Access Memory (NVRAM)
 Running configuration
 Random Access Memory (RAM)

 show running-config
 copy running-config startup-config
 reload
20 | P a g e
 IPv4 address
 Subnet mask
 Default gateway
 Physical ports
 Virtual interface
 Copper
 Fiber Optics
 Wireless
 Ethernet
 Local Area Network (LAN)
 Layer 2 switch
 Layer 3 addresses
 Switch virtual interface (SVI)
21 | P a g e
 3.1 Rules of Communication
 Describe the types of rules that are necessary to successfully communicate.
 3.2 Network Protocols and Standards
 Explain why protocols are necessary in communication.
 Explain the purpose of adhering to a protocol suite.
 Explain the role of standards organizations in establishing protocols for network interoperability.
 Explain how the TCP/IP model and the OSI model are used to facilitate standardization in the communication process.
 3.3 Data Transfer in the Network
 Explain how data encapsulation allows data to be transported across the network.
 Explain how local hosts access local resources on a network.
3.1 Rules of Communication
The Rules
 Rule Establishment
 Identified sender and receiver
 Common language and grammar
 Speed and timing of delivery
 Confirmation or acknowledgment requirements
 Message Encoding
Process of converting information into another acceptable form
 Message Formatting and Encapsulation
 Message Size
 Message Timing
 Access method
 Flow control
 Response timeout
 Message Delivery Options
 Unicast
 Multicast
 Broadcast
22 | P a g e
3.2 Network Protocols and Standards
Protocols
 Rules that Govern Communications
 Network Protocols
 The role of protocols
 How the message is formatted or structured
 The process by which networking devices share information about pathways with other networks
 How and when error and system messages are passed between devices
 The setup and termination of data transfer sessions
 Protocol Interaction
Example: web server and client
Protocol Suites
 Protocol Suites and Industry Standards
 TCP/IP is an open standard
 Can you name other protocol suites?
 TCP/IP Protocol Suites
Can you name some of the protocols from the TCP/IP protocol suite.
 TCP/IP Communication Process
Can you describe the process?
23 | P a g e
Standard Organizations
 Open Standards
Name some advantages of open standards
 Internet Standards
Name a few standard organizations
 Electronics and Communications Standards Organizations
Name a few organizations
Reference Models
 The Benefits of Using a Layered Model
Name some benefits
 The OSI Reference Model
 Provides list of functions
 Describes interactions between layers
 OSI Model and TCP/IP Model Comparison
 Similar: transport and network layers
 Contrast: relationship between layers
24 | P a g e
3.3 Data Transfer in the Network
Data Encapsulation
 Message Segmentation
 Segmentation – Break communication into pieces
 Multiplexing – interleaving the pieces
 Protocol Data Units
What are PDUs called at each layer?
 Encapsulation and de-encapsulation process
Data Access
 Network Addresses
 Source IP address
 Destination IP address
 Deliver the IP packet from the original source to the final destination, either on the same network or to a remote network.
 Data Link Addresses
 Source data link address
 Destination data link address
 Deliver the data link frame from one network interface card (NIC) to another NIC on the same network
 Devices on the Same Network
 Devices on a Remote Network
25 | P a g e
3.4 Chapter Summary
Summary
 Explain how rules are used to facilitate communication.
 Explain the role of protocols and standards organizations in facilitating interoperability in network communications.
 Explain how devices on a LAN access resources in a small to medium-sized business network.
 access method
 acknowledgement
 broadcast
 decoder
 encapsulation
 encoder
 flow control
 message
 message delivery options
 message encoding
 message formatting
 message formatting and encapsulation
 message size
 message timing
 multicast
 protocols
 receiver
 response timeout
 segmenting
 transmission medium
 transmitter
 unacknowledged
 unicast

 Advanced Research Projects Agency Network (ARPANET)
 AppleTalk
 application protocol
 Electronic Industries Alliance (EIA)
 Hypertext Markup Language (HTML)
 IEEE 802.3
 IEEE 802.11
 Institute of Electrical and Electronics Engineers (IEEE)
 International Corporation for Assigned Names and Numbers (ICANN)
 International Telecommunications Union-Telecommunication Standardization Sector (ITU-T)
 Internet Architecture Board (IAB)
 Internet Assigned Numbers Authority (IANA)
 Internet Engineering Task Force (IETF)
 internet protocol
 Internet Society (ISOC)
 Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX)
 Media Access Control (MAC)
 network access protocols
 network protocol suite
 protocol model
 protocol stack
 proprietary protocol
 reference model
 Request for Comments (RFC)
 standards organization
 standards-based protocol
26 | P a g e
 Telecommunications Industry Association (TIA)
 Transmission Control Protocol/IP (TCP/IP)
 transport protocol

 Address Resolution Protocol (ARP)
 bits
 data
 data encapsulation
 data link address
 de-encapsulation
 default gateway
 destination data link address
 destination IP address
 frame
 Multiplexing
 network address
 packet
 protocol data unit (PDU)
 source IP address
 source data link address
 Segment
 segmentation
27 | P a g e
 4.1 Physical Layer Protocols
 Identify device connectivity options.
 Describe the purpose and functions of the physical layer in the network.
 Describe basic principles of the physical layer standards.
 4.2 Network Media
 Identify the basic characteristics of copper cabling.
 Build a UTP cable used in Ethernet networks (scope – does not include cabling area discussion).
 Describe fiber-optic cabling and its main advantages over other media.
 Connect devices using wired and wireless media.
 4.3 Data Link Layer Protocols
Describe the purpose and function of the data link layer in preparing communication for transmission on specific media.
 4.4 Media Access Control
 Compare the functions of logical topologies and physical topologies.
 Describe the basic characteristics of media access control methods on WAN topologies.
 Describe the basic characteristics of media access control methods on LAN topologies.
 Describe the characteristics and functions of the data link frame.
4.1 Network Access
Physical Layer Protocols Physical Layer Connection
Types of Connections
Network Interface Cards
28 | P a g e
Physical Layer Protocols Purpose of the Physical Layer
 The Physical Layer
 Accepts a complete frame from the data link layer
 Encodes it as a series of signals that are transmitted onto the local media
 Physical Layer Media
Describe the media types
 Physical Layer Standards
Physical Layer Protocols Physical Layer Characteristics

 Functions
 Physical components
 Encoding
 Signaling
 Data Transfer
 Bandwidth – capacity to a medium to carry data
 Throughput – measure of the transfer of bits across the media
 Types of Physical Media
4.2 Network Media

Copper Cabling
 Characteristics of Copper Cabling
 Inexpensive, easy to install, low resistance to electric current
 Distance and signal interference
 Copper Media
 Unshielded Twisted-Pair Cable
 Shielded Twisted-Pair Cable
 Coaxial Cable
 Copper Media Safety
Fire and electrical hazards
29 | P a g e
UTP Cabling
 Properties of UTP Cabling
 Cancellation of EMI and RFI signals with twisted pairs
 UTP Cabling Standards

 TIA/EIA-568
 IEEE: Cat5, Cat5e, Cat6, Cat6e
 UTP Connectors
 Types of UTP Cable
 Rollover
 Crossover
 Straight-through
 Testing UTP Cables

 Cable Pinouts
30 | P a g e
Fiber-Optic Cabling
 Properties of Fiber-Optic Cabling
 Transmits data over longer distances
 Flexible, but thin strands of glass
 Transmits with less attenuation
 Immune to EMI and RFI
 Fiber Media Cable Design
 Types of Fiber Media

Single mode and multimode
 Fiber-Optic Connectors
 Testing Fiber Cables
 Fiber versus Copper
31 | P a g e
Wireless Media
 Properties of Wireless Media
– Data communications using radio or microwave frequencies
 Types of Wireless Media
– Wi-Fi, Bluetooth, WiMax
 Wireless LAN
– Wireless Access Point
– Wireless NIC adapters
4.3 Data Link Layer Protocols

Purpose of the Data Link Layer
 The Data Link Layer
– What is this layer responsible for?
 Data Link Sublayers
– LLC communicates with the network layer
– MAC defines the media access processes
 Providing Access to Media
 Data Link Layer Standards
– IEEE
– ITU
– ISO
– ANSI
32 | P a g e
4.4 Media Access Control
Topologies
 Controlling Access to the Media
 Physical and Logical Topologies
WAN Topologies
 Common Physical WAN Topologies
– Point-to-point– Hub and spoke
 – Mesh
 Physical Point-to-Point Topology
 Logical Point-to-Point Topology
33 | P a g e
LAN Topologies
 Physical LAN Topologies
 Half and Full Duplex
 Media Access Control Methods
 Contention-Based Access
– CSMA/CD vs. CSMA/CA
Data Link Frame

 The Frame
– Header
– Data
– Trailer
 Frame Fields
 Layer 2 Address
 LAN and WAN Frames

– 802.11 Wireless Frame
– PPP Frame
– HDLC
– Frame Relay
– Ethernet Frame
4.5 Chapter Summary

Summary
 Explain how physical layer protocols and services support communications across data networks.
 Build a simple network using the appropriate media.
 Explain how the Data Link layer supports communications across data networks.
 Compare media access control techniques and logical topologies used in networks.
 Access Point (AP)
 American National Standards Institute (ANSI) Bandwidth
 CENELEC (European Committee for Electrotechnical Standardization)
 CSA (Canadian Standards Association)
 Copper cable
 European Telecommunications Standards Institute (ETSI) Encoding
 Federal Communication Commission (FCC) in the USA
 Fiber-optic cable
 Gigabits per second (Gb/s)

 Goodput
 Integrated Service Router (ISR)
 International Organization for Standardization (ISO)
 International Telecommunication Union (ITU)
34 | P a g e
 Internet Engineering Task Force (IETF)
 JSA/JIS (Japanese Standards Association)
 Kilobits per second (kb/s)
 Latency
 Manchester encoding
 Megabits per second (Mb/s)
 Modulation
 Network Interface Cards (NICs)
 OSI Physical Layer
 Signaling
 Telecommunications Industry Association/Electronic Industries Association (TIA/EIA)
 Throughput
 Wireless
 Wireless Local Network (WLAN)

 Cancelation
 Category 5 cable (Cat 5)
 Enhanced Category 5 cable (Cat5e)
 Category 6 cable (Cat6)
 Category 6a cable (Cat6a)
 Category 7 cable (Cat7)
 Cladding
 Coaxial
 Coaxial cabling
 Core
 Coverage area
 Crosstalk
 Dispersion
 Duplex Multimode LC Connector
 Electromagnetic interference (EMI)

 End gap
 End finish
 Enterprise networks
 Fiber-to-the-home (FTTH)
 Interference
 Jacket
 Lasers
 Light Emitting Diodes (LEDs)
 Long-haul networks
 Misalignment
 Multi-mode fiber (MMF)
 Optical fiber cable
 Radio frequency interference (RFI)

 RJ45 connector
 Rollover
 Shared medium
 Shielded twisted pair cabling (STP)
 Signal attenuation
 Single-mode fiber (SMF)
 ST, SC, and LC fiber-optic connectors
 Submarine networks
 TIA 568A
 TIA 568B
 TIA/EIA 568 standard
 Unshielded twisted pair (UTP)
 Wireless Access Point (AP)
 Wireless NIC adapters
35 | P a g e
 American National Standards Institute (ANSI)
 Data link layer (layer 2)
 Ethernet interface
 Frames
 International Organization for Standardization (ISO)
 International Telecommunication Union (ITU)
 Logical Link Control (LLC)
 Media Access Control (MAC)
 Serial interface
 802.11 frame
 802.11 Wireless
 Bus
 Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)
 Carrier Sense Multiple Access/Collision Detection (CSMA/CD)
 Collision
 Contention-based access
 Control
 Controlled access
 Cyclic Redundancy Check (CRC) value
 Data
 Error Detection
 Ethernet
 Extended Star
 Frame Check Sequence (FCS) Frame Relay
 Frame Relay
 Frame start and stop indicator flags
 Full-Duplex Communications
 Half-Duplex Communications
 HDLC
 Header
 Hub and Spoke
 Logical Point-to-Point Topology
 Logical Topology
 Media Access Control

 Media Sharing
 Mesh
 Physical Point-to-Point Topology
 Physical Topology
 Point-to-Point
 Point-to-Point Protocol (PPP)
 Quality of Service (QOS)
 Ring
 Star
 Topology
 Trailer
 Type
 Virtual circuit
36 | P a g e
 5.1 Ethernet Protocol
 Explain how the Ethernet sublayers are related to the frame fields.
 Describe the Ethernet MAC address.
 5.2 LAN Switches
 Explain how a switch operates.
 Explain how a switch builds its MAC address table and forwards frames.
 Describe switch forwarding methods.
 Describe the types of port settings available for Layer 2 switches.
 5.3 Address Resolution Protocol
 Compare the roles of the MAC address and the IP address.
 Describe the purpose of ARP.
 Explain how ARP requests impact network and host performance.
5.1 Ethernet Protocol
Ethernet Frame
 Ethernet Encapsulation
 Ethernet operates in the data link layer and the physical layer.
 Ethernet supports data bandwidths from 10Mbps through 100Gbps.
 Ethernet standards define both the Layer 2 protocols and the Layer 1 technologies.
 MAC Sublayer
 MAC constitutes the lower sublayer of the data link layer.
 Responsible for Data encapsulation and Media access control.
 Ethernet Evolution
 Ethernet has been evolving since its creation in 1973.
 The Ethernet frame structure adds headers and trailers around the Layer 3 PDU to encapsulate the message being
sent.
 Ethernet Frame Fields
 The minimum Ethernet frame size is 64 bytes and the maximum is 1518 bytes.
 Frame smaller than the minimum or greater than the maximum are dropped.
 Dropped frames are likely to be the result of collisions or other unwanted signals and are therefore considered invalid.
37 | P a g e
Ethernet MAC Addresses
MAC Addresses and Hexadecimal
– MAC address is 48-bit long and expressed as 12 hexadecimal digits.
 MAC Addresses: Ethernet Identity

– IEEE requires a vendor to follow two simple rules:
1. Must use that vendor’s assigned OUI as the first three bytes.
2. All MAC addresses with the same OUI must be assigned a unique value in the last three bytes.
 Frame Processing
 The NIC compares the destination MAC address in the frame with the device’s physical MAC address stored in RAM.
 If there is a match, the framed is passed up the OSI layers.
 If there is no match, the device discards the frame.
 MAC Address Representations
 MAC addresses can be represented with colons, dashes or dots and are case-insensitive.
 00-60-2F-3A-07-BC, 00:60:2F:3A:07:BC, 0060.2F3A.07BC and 00-60-2f-3a-07-bc are all valid representations of the
same MAC address.
 Unicast MAC Address
 Unique address used when a frame is sent from a single transmitting device to a single destination device.
 The source MAC address must always be a unicast.
 Broadcast MAC Address
 Used to address all nodes in the segment.
 The destination MAC address is the address of FF-FF-FF-FF-FF-FF in hexadecimal (48 ones in binary).
 Multicast MAC Address
 Used to address a group of nodes in the segment.
 The multicast MAC address is a special value that begins with 01-00-5E in hexadecimal.
 The remaining portion of the multicast MAC address is created by converting the lower 23 bits of the IP multicast group
address into 6 hexadecimal characters.
5.2 LAN Switches

The MAC Address Table
 Switch Fundamentals
 An Ethernet Switch is a Layer 2 device.
 It uses MAC addresses to make forwarding decisions.
 The MAC address table is sometimes referred to as a content addressable memory (CAM) table.
 Learning MAC Addresses
 Switches dynamically build the CAM by monitoring source MACs.
 Every frame that enters a switch is checked for new addresses.
 The frame is forwarded based on the CAM.
 Filtering Frames
 Since the switch knows where to find a specific MAC address, it can filter the frames to that port only.
 Filtering is not done is the destination MAC is not present in the CAM.
38 | P a g e
Switch Forwarding Methods
 Frame Forwarding Methods on Cisco Switches
 Store-And-Forward
 Cut-Through
 Cut-Through Switching
 Fast-forward switching
 Lowest level of latency immediately forwards a packet after reading the destination address.
 Typical cut-through method of switching.
 Fragment-free switching
 Switch stores the first 64 bytes of the frame before forwarding.
 Most network errors and collisions occur during the first 64 bytes.
 Memory Buffering on Switches
 Port-based memory
 Share memory
Switch Port Settings

 Duplex and Speed Settings
 Full-duplex – Both ends of the connection can send and receive simultaneously.
 Half-duplex – Only one end of the connection can send at a time.
 A common cause of performance issues on Ethernet links is when one port on the link operates at half-duplex and the
other on full-duplex.
 Auto-MDX
 Detects the type of connection required and configures the interface accordingly.
 Helps reducing configuration errors.
5.3 Address Resolution Protocol

MAC and IP
 The combination of MAC and IP facilitate the End-to-End communication.
 Layer 2 addresses are used to move the frame within the local network
 Layer 3 addresses are used to move the packets through remote networks.
 Destination on Same Network
– Physical address (MAC address) is used for Ethernet NIC to Ethernet NIC communications on the same network.
 Destination on Remote Network
– Logical address (IP address) is used to send the packet from the original source to the final destination.
39 | P a g e
ARP
 Introduction to ARP
 ARP allows the source to request the MAC address of the destination.
 The request is based upon the layer 3 address of the destination (known by the source).
 ARP Functions
 Resolving IPv4 addresses to MAC addresses
 Maintaining a table of mappings
 ARP uses ARP Request and ARP Reply to perform its functions.
 Removing Entries from an ARP Table
 Entries are removed from the device’s ARP table when its cache timer expires.
 Cache timers are OS dependent.
 ARP entries can be manually removed via commands.
 ARP Tables
 On IOS: show ip arp
 On Windows PCs: arp -a
ARP Issues
 ARP Broadcasts
– ARP requests can flood the local segment.
 ARP Spoofing
– Attackers can respond to requests and pretend to be providers of services. Example: default gateway
40 | P a g e
5.4 Chapter Summary
Chapter Summary Summary
 Explain the operation of Ethernet.
 Explain how a switch operates.
 Explain how the address resolution protocol enables communication on a network.
 IEEE 802.2
 IEEE 802.3
 LLC Sublayer
 MAC Sublayer
 Data Encapsulation
 Frame Delimiting
 Cyclic Redundancy Check
 Carrier Sense Multiple Access (CSMA)
 Ethernet II
 Frame Check Sequence (FCS)
 Preamble
 EtherType
 Runt
 Collision Fragment
 Jumbo
 Baby Giant Frame
 Hexadecimal
 Organizationally Unique Identifier (OUI)

 burned-in address (BIA)
 ipconfig /all command
 ifconfig command
 Unicast MAC Address
 Broadcast MAC Address
 Multicast MAC Address
 Content Addressable Memory (CAM)
 Store-and-forward
 Cut-through
 Fast-forward switching
 Fragment-free switching
 Port-based Memory Buffering
 Shared Memory Buffering
 Half-duplex
 Full-duplex
 Auto-MDIX
 Address Resolution Protocol (ARP)

 ARP Table
 ARP Cache
 ARP Request
 ARP Reply
 show ip arp, arp –a
 ARP spoofing
41 | P a g e
Commands
Configure basic Networking
Command Description
(config)# interface g1/0 Enter their interface config mode
(config-if)# description Link to Somehost Human readable link description
(config-if)# ip address 10.23.42.5 255.255.0.0 Add IPv4 address to interface.
(config-if)# mac address 1234.5678.90AB Overwrite MAC address.
(config-if)# no mac address Remove MAC overwrite.
(config-if)# ipv6 address 2001:41d0:8:e115::ccc/64 Add IPv6 address to interface.
(config-if)# ipv6 address 2001:41d0:8:e115::/64 eui-64 Add IPv6 address based on MAC to interface.
(config-if)# ip address dhcp Get IPv4 address via dhcp.
(config-if)# ipv6 address autoconfig [default] Get IPv6 address [and default route] via autoconfig
(config-if)# ip dhcp client client-id asccii SW2 Set hostname transmitted as dhcp client to SW2
(config)# interface g1/0 - 2 Configure both interfaces at once.
(config-if)# [no] shutdown En- or Disable interface. Often shutdown is the default.
(config)# ip default-gateway 10.23.42.1 Set 10.23.42.1 as the default gateway
(config)# ip route 10.20.30.0 255.255.255.0 {1.2.3.4,e0/0} [ad] Add static route via next hop or interface
(config)# ipv6 route 2001:41d0:8:e115::/64 [g1/1] [next hop] You can also set both. TODO: Why would you?
(config)# ip host the-space.agency 178.32.222.21 Create a static host entry on this device.
(config)# ipv6 unicast-routing Globally enable ipv6 routing.
42 | P a g e
Troubleshoot basic Networking
Command Description
# show interfaces [if-name] Show interfaces mac, bandwidth, mtu, packet stats...
# show ip[v6] route [static] Show routes and how they were learned.
# show ip[v6] interface [if-name] Show interfaces ip/arp/icmp/nd... configuration
# show ip[v6] interface brief [if-name] Only show ip, status and operational status
# show protocols [if-name] Much like show ip int brief, w/ cidr, w/o ok/method
# show mac address-table Show the mac address table of a switch.
# clear mac address-table [dynamic] Clear the dynamically learned mac address table entries.
# show arp Show {ip,ipx,appletalk}-mac bindings
# show ip arp [{ip, mac, if-name}] Show ip-mac bindings
# clear [ip] arp 192.168.1.1 Remove arp entry for ip
# debug arp Show debug messages when receiving/sending arp packets
# undebug all Disable all previously enabled debugs
# show ipv6 neighbors Show neghbor discovery table cache
# ping 1.2.3.4 [source g1/1]
# traceroute 1.2.3.4 [source g1/1]
# show control-plane host open-ports netstat -tulpn on this cisco device, basically
43 | P a g e
Troubleshoot networks with SPAN
Command Description
(config)# monitor session 23 source interface g1/1 {rx,tx,both} Define SPAN #23 input as g1/1
(config)# monitor session 23 destination interface g1/2 Define SPAN #23 output as g1/2
# show monitor Show all configured SPANs
Port Security
Command Description
(config-if)# switchport mode {access, trunk}
(config-if)# [no] switchport port-security En/Disable port-security
(config-if)# switchport port-security maximum 1 Number of allowed MACs.
(config-if)# switchport port-security mac-address 1234.5678.9abc Manually allow a MAC on this port.
(config-if)# switchport port-security mac-address sticky Allow learning of connected macs until mac reached.
(config-if)# switchport port-security violation shutdown Shutdown port when other device gets connected.
(config-if)# shutdown (config-if)# no shutdown Reenable if after port-security violation.
(config)# errdisable recovery cause psecure-violation Reenable if automatically after problem is fixed.
(config)# errdisable recovery interval 42 Recheck every 42 seconds. (min 30, default 300)
44 | P a g e
Troubleshooting Port Security
Command Description
# show port-security [interface g1/1] port status, violation mode, max/total MACs,...
# show port-security address Secure MACs on ports.
# show errdisable recovery Check if autorecovery is enabled. Disabled by default.
Configure vlans
TODO: auto negotiation
Note: Even when a switch port is changed from access to trunk, its access vlan is maintained in the config. When automatic trunk negotiation fails (e.g.
because I unplug a link between to switches and put it into my laptop) the configured access vlan becomes active once again and I might be able to
reach network parts I'm not supposed to. Always disable DTP / trunk auto negotiation.
Layer2 Switch Vlan Config
Command Description
(config)# [no] vlan 23 [delete vlan or] create vlan and enter config-vlan mode
(config-vlan)# name TelephoneSanitizer Name this vlan TelephoneSanitizer
(config)# int g1/1
(config-if)# switchport mode access Make frames out this port untagged
(config-if)# switchport access vlan 23
(config)# int g1/2
(config-if)# switchport mode trunk Make frames out this port tagged by default
(config-if)# switchport trunk encapsulation dot1q Sometimes the default is ciscos old isl.
(config-if)# switchport trunk native vlan 256 Except for vlan 256, which is still untagged.
45 | P a g e
Layer3 Switch Vlan Config
Command Description
(config)# interface vlan 23 enter interface config mode
(config-if)# ip address 1.2.3.4 255.255.255.0 set device ip in vlan 23
(config-if)# no shutdown virtual interfaces are disabled by default
(config-if)# int g
(config)# no vlan 23 delete vlan 23
Router (on a Stick) Vlan Config
Command Description
(config)# interface g1/1.10 Create subinterface g1/1.10 on g1/1
(config-subif)# encapsulation dot1q 10 enable ieee 802.1Q vlan tagging with vlan 10 on the subinterface
(config-subif)# ip address 10.0.10.1 255.255.255.0
# show vlans Show vlans and their trunk interfaces
Troubleshoot Vlans on a switch
Command Description
# show vlan [{id 23, name TelephoneSanitizer}] [brief] Show vlan settings for all switch ports
# show interfaces g1/1 switchport Verify mode and vlan of g1/1
# show interfaces g1/1 trunk Show trunk settings and state
# show run interface vlan 1 Quick way to search the running config.
# show interface status Show trunk mode / access vlan
46 | P a g e
Command Description
# show dtp interface g1/1 Show current DTP mode for g1/1
VTP
Command Description
(config)# vtp mode [server, client, transparent]
(config)# vtp domain
(config)# vtp password
(config)# vtp pruning
Troubleshoot VTP
Command Description
show vtp status show vtp domain, pruning, mode and more
show vtp password
STP
Command Description
(config)# spanning-tree vlan 1 root {primary, secondary} Make this device the primary/secondary root bridge.
(config)# spanning-tree portfast bpduguard default Enable bpdu guard for all portfast enable interfaces
(config)# spanning-tree portfast default Enable portfast for all non-trunk interfaces
(config-if)# spanning-tree bpduguard enable enable gpduguard on this interface
(config-if)# spanning-tree portfast enable portfast on this interface
47 | P a g e
Troubleshoot STP
Command Description
# show spanning-tree [vlan 1] Who's the root and how do I get there?
# show spanning-tree summary Is global portfast/bpduguard configured?
# show running-config interface g1/1 Is portfast/bpduguard configured on this interface?
# show spanning-tree interface g1/1 portfast Is portfast active on this interface?
Etherchannel (Link Aggregation)
How to set LACP? TODO: Look at modes again
Command Description
(config)# interface range g1/1 - 2 configure g1/1 and g1/2 at the same time
(config-if-range)# channel-group 1 mode {on, active, passive} Add both interfaces to etherchanenl 1
(config)# interface port-channel 1 Configure virtual interface for etherchannel 1
(config-if)# switchport mode trunk Put etherchannel 1 in trunk mode
(config-if)# switchport trunk allowed vlan 10,20,30 Add tagged vlans 10,20,30 on ethercahnnel 1
Troubleshoot Etherchannel (Link Aggregation)
Command Description
# show interface port-channel 1 Has the combined bandwidth and members as extra info.
# show etherchannel summary Show etherchannel protocols and members as a list
# show etherchannel port-channel 1 Show per member state and stats
48 | P a g e
TODO: Configure a Serial
ACLs
#1-#99, #1300-#1999: Standard IPv4 ACL
#100-#199, #2000-#2699: Extended IPv4 ACL
Default mask for standard ACLs: 0.0.0.0
Command Description
(config)# access-list 23 permit 1.2.3.4 [0.0.255.255] Create ACL #23 or append a rule to ACL #23, allow 1.2.x.x
(config)# no access-list 23 Delete entire ACL #23
(config)# ip[v6] access-list resequence local_only 5 10 Renumber ACL Rules, put first on #5, increment by 10.
(config)# ip access-list {standard, extended} 23 Create ACL and/or enter config mode for ACL #23
(config)# ip access-list {standard, extended} local_only Create ACL and/or enter config mode for ACL 'local_only'
(config-std-nac1)# permit 10.20.30.0 0.0.0.255 Append rule to standard ACL 'local_only'
(config-std-nac1)# 5 permit 10.20.30.0 0.0.0.255 Append rule to ACL at sequence number 5.
(config-std-nac1)# no <sequence#> Remove rule with sequence# from ACL
(config-ext-nac1)# deny tcp any any
(config-ext-nac1)# permit udp host 10.20.30.40 any lt 1024
(config-ext-nac1)# permit udp host 10.20.30.40 any eq dns
(config-ext-nac1)# deny udp host 10.20.30.40 any
(config-ext-nac1)# permit ip any any
49 | P a g e
Interface ACLs
Command Description
(config)# inter g1/1 Enter if-config mode for g1/1
(config-if)# ip access-group 23 out Apply ACL #23 to outgoing packets, not send by the router
(config-if)# ip access-group 42 in Apply ACL #42 to incoming packets
(config-if)# ip access-group local_only in Overwrite the used ACL, only one ACL per if + proto + direction!
(config-if)# ipv6 traffic-filter 23 out The v6 syntax of course differs...
# show ip interface g1/1 | incl access list Show ACLs on g1/1 (When none set shows not set for v4 and nothing for v6)
Troubleshooting ACLs
Command Description
# show [ip[v6]] access-lists Show all configured ACLs
# show access-list 10 Display all rules in ACL #10 and how often they matched.
NAT
Termin Definition
inside local
inside global
outside global
outside local
Command Description
(config)# int g1/1 Enter if-config mode for g1/1
50 | P a g e
Command Description
(config-if)# ip address 1.2.3.4 255.255.255.240 configure 1.2.3.4/28 on g1/1
(config-if)# ip nat outside Packets going out, need to change their src, incoming their dest ip.
(config)# int g1/2 Enter if-config mode for g1/2
(config-if)# ip address 10.10.23.1 255.255.255.0 configure 10.10.23.1/24 on g1/2
(config-if)# ip nat inside Packets going out, need to change their dest, incoming their src ip.
SNAT
Command Description
(config)# ip nat inside source static 10.10.23.2 1.2.3.5 SNAT - statically map an internal ip 1:1 to an external ip.
DNAT
Command Description
(config)# access-list 42 permit 10.10.23.0 0.0.0.255 Create an ACL identifying 10.10.23/24
(config)# ip nat pool POOL 1.2.3.5 1.2.3.10 netmask 255.255.255.240 Create an IP Address Pool for NATing
(config)# ip nat inside source list 42 pool POOL DNAT IPs matching ACL #42 1:1 with IPs from nat pool 'POOL'.
Note the missing overload.
PAT
The overload keyword means, that one or a couple of external IPs are to be used for multiple internal IPs. Higher level information like connection port
numbers are used to identify the correct internal destination for incoming packets. Cisco calls this PAT, while this is what your average joes home router
would call NAT.
Command Description
(config)# access-list 10 permit 10.10.0.0 0.0.255.255 Create an ACL identifying 10.10/16
(config)# ip nat inside source list 10 interface g1/1 overload PAT IPs matching ACL #10 many:1 with g1/1s public IP
51 | P a g e
Troubleshooting NAT
Command Description
# show ip nat translations Show nat table entries if any
# show ip nat statistics Show translations are actually used and interfaces are marked in/out correctly.
# clear ip nat translation {ip, *} Clear dynamic translations. Doesn't mess with SNAT!
# debug ip nat [detailed]
Is the ACL correct? Is there a route to the address? Note: NAT Table entries are kept for 24h after the last use by default.
DHCP Server
Command Description
(config)# ip dhcp excluded-address 10.30.4.1 10.30.4.100 Don't distribute these IPs in leases
(config)# ip dhcp pool PCs Creat and/or enter dhcp config for pool 'PCs'
(dhcp-config)# network 10.30.4.0 /24 define pool addresses
(dhcp-config)# default-router 10.2.1.1 define default-gateway to be distributed in the leases
(dhcp-config)# dns-server 10.30.4.1
(dhcp-config)# domain-name acme.com
(dhcp-config)# lease lease validity time
(config)# int g1/1 Enter interface config mode on client facing interface
(config-if)# ip helper-address 192.168.1.1 Relay DHCP Requests to this host
52 | P a g e
Troubleshooting DHCP
Command Description
# debug ip dhcp server packet
# show dhcp lease Show dhcp lease information
# show ip dhcp pool Show pool size and addresses in use
# show ip dhcp binding Show which mac got which ip
# sh run | section dhcp See if ip dhcp exclude-address / pool stuff is wrong.
# sh run int g1/1 See if ip helper-address is wrong.
HSRP
Command Description
(config-if)# standby [group-number] ip Join HSRP Group
(config-if)# standby [group-number] priority (optional) Set prio of this router.
(config-if)# standby [group-number] preempt (optional) Preempt other routers when this router becomes active
(config-if)# standby {1,2} (optional) Set HSRP Version
Troubleshooting HSRP
Command Description
# show standby HSRP Groups, their VIPs, state, active router, standby router, preemption.
53 | P a g e
SLAs
Command Description
(config)# ip sla 23 Create ip sla test #23 and enter its config mode.
(config-ip-sla)# icmp-echo 1.2.3.4 Define icmp-echo test.
(config-ip-sla)# frequency 42 frequency in seconds.
(config)# ip sla schedule 23 life {forever, seconds} start-time now Start test #23 now and until manually stopped.
Troubleshooting SLAs
Command Description
# show ip sla configuration Show all configured ip sla configs
# show ip sla statistics Show sla results
Device Management
Command Description
(config)# hostname R1 Set hostname to R1
(config)# enable password Set enable passwort.
(config)# enable secret Same, but with hashing.
(config)# service password-encryption Very weak encryption of passwords passwords.
# copy flash0: tftp: Copy something from flash to tftp. Wizard asks for details. Works both ways.
# write # copy running-config startup-config
# write erase # erase startup-config
# reload restart the device and load the startup-config
54 | P a g e
Command Description
# copy running-config tftp: copy running-config to an tftp server. (interactive)
# copy running-config Merge source config into the running config.
# setup initial configuration dialog
# show version ios, bootloader and hardware infos, uptime, configuration register
# show {running,startup}-config
Firmware Management
Note: flash: is the main flash memory on all iOS devices
Command Description
(config)# boot system flash:filename.bin Boot filename.bin from flash memory.
(config)# boot system tftp://10.20.30.40/filename.bin Boot filename.bin from tftp.
(config)# boot system rom Boot ROM monitor as a backup.
(config)# config-register 0x2342 Set the 16bit Configuration Register value used after reboot.
# show file systems Lists available file systems
# show flash0: List fs content and free space.
License Management
Command Description
# license save flash:licenses.lic Save a copy of all licenses.
# license install flash0:license.xml Install a license.
(config)# license boot module technology-package active a evaluation right-to-use license.
55 | P a g e
Command Description
# reload Reboot to activate the package and right to use license.
(config)# license boot module technology-package disable deactive a technology-package.
# reload Reboot without that technology-package.
# license clear Remove license from the license storage.
(config)# no license boot module technology-package disable Remove the no longer needed line from the config.
# reload I don't even know why this is needed. Fu cisco.
# show license active licenses
# show license feature technology packe and feature licenses supported.
# show license udi product id and serial number needed to order licenses
Reset Password
Command Description
> confreq Show the configuration register in rom monitor
> confreq 0x2142 Set the configuration register in rom monitor to not load startup-conf
> reset Reboot in rom monitor
# copy startup running
(config)# enable secret foobar Overwrite forgotten password
(config)# config-register 0x2102 Do load startup-config after boot again.
# save
56 | P a g e
Telnet / Console
Command Description
(config)# banner login "Insert snarky banner." Make sure to include legal terms to sound smart.
(config)# banner motd "Insert snarky banner." Set Login Banner.
(config)# line vty 0 4 Enter config mode for vty 0 to 4 (up to 15 allowed).
(config)# line console 0 Enter config mode for the console port
(config-line)# login Require login on telnet/console connection.
(config-line)# password Enable Telnet and set vty login password.
(config-line)# access-class 10 in Set ACL to limit inbound IPs allowed to access vty
(config-line)# access-class 42 in Overwrite the used ACL, only one ACL per vty + direction!
(config-line)# exec-timeout 10 Autologout after 10 Minutes
(config-line)# login local Require login on telnet/console connection via local users.
(config)# username h.acker secret C1sco123 Create local user with encrypted password.
SSH
Command Description
(config)# hostname Foobar Required to generate SSH keys.
(config)# ip domain-name example.com Required to generate SSH keys.
(config)# crypto key generate rsa modulus 2048 Generate keys like it's 1995! Potentially takes forever.
(config)# ip ssh version 2 Force SSHv2
(config-line)# transport input ssh Force ssh, disable telnet.
# show ip ssh SSH version, timeout time, auth retries..
57 | P a g e
Command Description
# show ssh List of active connections
Clock
Command Description
# show clock Show time and date
(config)# clock set 23:50:42 10 Jan 2017 Update clock
(config)# clock timezone EST 0 Update timezone to EST
(config)# ntp server 10.20.30.40 Configure upstream ntp server.
(config)# ntp master [stratum] Enable ntp server.
# show ntp associations ntp connections.
# show ntp status synchronized?, statum, ...
Disable unused services
Command Description
# show control-plane host open-ports Show open ports
(config)# no ip http server Stop the http server (but not https).
(config)# no cdp enable Stop CDP
# auto secure
58 | P a g e
Radius
Command Description
(config)# username password Local backup user.
(config)# aaa new-model Enable aaa services.
(config)# radius server Add and define Radius conf.
(config-radius-server)# address ipv4 [auth-port ] Use this hostname/ip of server.
(config-radius-server)# key Radius PSK
(config)# aaa group server radius Create authentication group.
(config-sg-radius)# server name Using the radius config.
(config)# aaa authentication login group local Allow that group and local users in.
TACACS+
Command Description
(config)# username password Local backup user.
(config)# aaa new-model Enable aaa services.
(config)# tacacs server Add and define TACACS conf.
(config-server-tacacs)# address ipv4
(config-server-tacacs)# [port ]
(config-server-tacacs)# key
(config)# aaa group server tacacs+ Multiple possible.
(config-sg-tacacs+)# server name
(config)# aaa authentication login group local Allow that group and local users in.
59 | P a g e
Syslog
Command Description
# logging 10.20.30.40 Log to this syslog server (name or ip)
# logging trap informational Only log messages with min. informational sev.
service sequence-number | Needed for seqence number in syslog messages service time stamps log [datetime, log] | Needed for date and time in syslog
messages
Command Description
# show logging syslog status, local logging buffer
SNMP
Command Description
(config)# snmp-server contact admin@example.com Contact email
(config)# snmp-server location RZ-Hamburg Where is the device
(config)# snmp-server community [ro, rw] Add community
(config)# snmp-server host 10.20.30.40 SNMP notifications recipient
Command Description
# show snmp community
# show snmp location
# show snmp contact
# show snmp host
CDP - Cisco Discovery Protocol
Command Description
# [no] cdp run Enables cdp globaly and on all interfaces (default)
60 | P a g e
Command Description
# (config-if)# [no] cdp enable Enable cdp on an interface
# show cdp neighbors [detail] List connected cisco devices (name, local/remote port, [ip] ..)
# show cdp entry *
LLDP - Link Layer Discovery Protocol
Command Description
# [no] lldp run Enables lldp globaly and on all interfaces
(config-if)# [no] lldp transmit Enable lldp packet transmission on interface
(config-if)# [no] lddp receive Enable lldp packet reception on interace
PPP
Command Description
(config)# username fnord password pass Create users for pap auth.
(config)# inteface S0/0/0
(config-if)# clock rate 125000 Baud rate. Only on DCE cable!
(config-if)# bandwidth 125 Logical speed used for routing cost calc, RSVP...
(config-if)# encapsulation ppp Default is HDLC
(config-if)# ppp authentication pap Require remote to authenticate via pap
(config-if)# ppp pap sent-username fnord password pass Authenticate to remote pap
(config)# hostname routy1 Required for CHAP, used as chap client username
(config)# username routy2 password foobar Create users for chap auth for routy2
61 | P a g e
Command Description
(config)# inteface S0/0/0
(config-if)# no ppp authentication pap Remove in favor of chap
(config-if)# no ppp pap sent-username fnord password pass Remove in favor of chap
(config-if)# ppp authentication chap Require remote to authenticate via chap
Note: When routy1 connects to routy2 it looks in it's local user database for a user named routy2 and uses that users password. This means the
passwords have to be the same on both sides and the usernames must be the other sides hostname.
Troubleshooting PPP
Command Description
# show controllers S0/0/0 interface, connected type of cable, clock rate
# show interfaces encapsulation, logical bandwidth
# show ppp all session state, auth type, peer ip and name
# debug ppp authentication
MLP
Command Description
(config)# interface Multilink23 Create and configure virtual if
(config-if)# ip address 10.20.30.40 255.255.255.0
(config-if)# ppp multilink Enable mlp
(conifg-if)# ppp multilink group 23 Make phys ifs with mlp #23 join.
(config)# interface s0/0/0 Configure phys ifs
(config-if)# no ip address Remove ip addrs.
(config-if)# encapsulation ppp
62 | P a g e
Command Description
(config-if)# ppp multilink
(config-if)# ppp multilink group 23 Join mlp group #23.
Troubleshooting MLP
Command Description
show ppp multilink Physical IFs,
PPPoE
Command Description
(config)# interface Dialer23 Create and configure virtual dialer interface.
(config-if)# ip address negotiated Get IP via PPP/IPCP
(config-if)# encapsulation ppp
(config-if)# dialer pool 23 The dialer interface is a member of one dialer pool...
(config)# interface s0/0/0
(config-if)# no ip address
(config-if)# pppoe-client dial-pool-number 23 ... the pool is a group of one or more physical interfaces.
Troubleshooting PPPoE
Command Description
# show ip interface brief is the dialer if up? Does the dialer have an IP via IPCP?
# show pppoe session Are PPPoE sessions established? Which ports.
63 | P a g e
GRE
Note: We can run OSPF and other routing protocols through this gre tunnel, as gre supports multicast.
Command Description
(config)# interface tunnel23
(config-if)# ip address 192.168.1.1 255.255.255.0 transit net
(config-if)# tunnel source 10.20.30.40 local, can be linklocal
(config-if)# tunnel destination 6.5.4.3 remote, can be linklocal
tunnel mode gre ip ip mtu
Troubleshooting GRE
Command Description
# show ip interface brief tunnel23 Line hould be up, given a route to the destination.
# show inteface tunnel23 Tunnel source, dest, protocol
# show ip route Should include the transit net as directly connected.
RIPv2
Command Description
(config)# router rip Enable RIP and enter it's config mode
(config-router)# version 2 Set RIPv2, which is Classless
(config-router)# network 192.168.0.0 Advertise connected networks which are within .
(config-router)# network 0.0.0.0 Advertise all connected networks.
(config-router)# timers basic
(config-router)# no auto-summary Don't summarize a smaller subnet route in a bigger one.
64 | P a g e
Command Description
(config-router)# passive-interface g1/1 Don't send RIP updates out this interface
(config-router)# passive-interface default Don't send RIP updates on any if by default
(config-router)# no passive-interface g1/2 Overwrite passive-interface default
(config-router)# default information originate Advertise the default route.
(config-if)# no ip rip advertise 123
Troubleshooting RIPv2
Command Description
# show ip[v6] protocols Show rip timers, interfaces, networks,
# show ip rip database Routes learned by rip, used to combile the routing table
# show ip route Show learned routes
# clear ip route * Get rid of all routes
EIGRP
Note: The network command enables any interface with an ip in that net to send and receive EIGRP updates. Also it enables routes to this nets to start
beeing advertised.
Command Description
# show run &#124 section eigrp Show EIGRP settings.
# show interfaces g1/1 Show configured/default bandwith and delay.
(config-if)# bandwidth Overwrite bandwidth used for eigrp metric.
(config-if)# delay Overwrite deplay used for eigrp metric.
(config)# router eigrp 23 Add and conf EIGRP AS#23
65 | P a g e
Command Description
(config-router)# network 10.20.30.0 0.0.0.255 Announce routes to 10.20.30.0/24
(config-router)# no shutdown On some iOS versions it's off by default.
(config-router)# [no] eigrp router-id Defaults to highest loopback ip
(config-router)# [no] passive-interface g1/2 Disable EIGRP here. Ignore incoming pkgs.
(config-router)# [no] passive-interface default Disable EIGRP on all ifs by default.
(config-router)# maximum-paths Default 4, must match, number of loadbalanced paths.
(config-router)# variance 4 Default 1, Max 4:1 variance for unequal lb.
(config-router)# no auto-summary Don't summarize a smaller subnet route in a big one.
# show ip[v6] eigrp neighbors Neighbor addr, if, hold time, uptime, queued pkgs
# show ip[v6] eigrp interfaces [if-name] If, Number of peers, pending routes, queued pkgs
# show ip[v6] route [eigrp] Routes starting with D were learned via EIGRP
# show ip[v6] eigrp topology [all-links] Topology table, as#, router-id
EIGRP with ipv6
Command Description
(config)# ipv6 unicast-routing Enable v6 routing on the router
(config)# ipv6 router eigrp 23 Configure eigrp as #23
(config-rtr)# no shutdown Enable this eigrp routing process.
(config-if)# [no] ipv6 eigrp 23 Enable eigrp with ipv6 for as #23 on this if.
66 | P a g e
OSPF
cost = reference bandwidth / interface bandwidth
The default reference bandwith is 100Mbps. Everything faster has a cost of 1.
Command Description
(config)# router ospf 1 1 is the pid, not the area.
(config-router)# router-id 1.2.3.4 Defaults to highest IPv4 on lo, then other ifs.
(config-router)# network 10.20.30.0 0.0.0.255 area 0 enable interfaces for ospf with matching IPs
(config-router)# (no) passive-interface g1/1 Stop in- and egress ospf hello packets.
(config-router)# passive-interface default Mark all ifs passive by default.
default-information orginate (always) auto-cost reference bandwidth <refbw in Mb/s> | (config-if)# ip ospf cost 23 | overwrite if cost to 23 bandwidth |
interface bandwidth
OSPF with ipv6 (OSPFv3)
Command Description
(config)# ipv6 unicast-routing
(config)# ipv6 router ospf
(config-router)# router-id Required if we don't have any v4 addrs configured.
(config-if)# ipv6 ospf area Required for OSPFv3.
The networks command does not exist, non mentioned commands are the same.
Troubleshooting OSPF
Command Description
# show run | sect ospf
# show ip(v6) protocols Other protocols with lower AD?
67 | P a g e
Command Description
# show ipv6 ospf reference bandwidth, router id, networks, interface per area
# show ip(v6) ospf neighbor neighbor IDs, IPs and via interface.
# show ip(v6) ospf neighbor detail dr, bdr, timers, ...
# show interface brief admin down? link?
# show ip(v6) ospf interface brief ospf enabled interfaces
# show ip(v6) ospf interface g1/1 ospf related infos for g1/1, passive?
# show ip(v6) route (ospf) ospf routes are marked O, show route ad and cost
BGP
Note: In other routing protocols the network statement is used to determin the interfaces over which the protocol should talk to its neighbors. In BGP it
indicates only which routes should be advertised to the BGP neighbors. The network needs to match an exact route in the routing table or it will still not
be announced.
Command Description
(config)# router bgp Create routing process.
(config)# neighbor remote-as BGP does not auto discover neighbors.
(config)# network [mask ] Advertise this network.
Command Description
# show run | sect bgp
# show ip bgp summary neighbors IPs, ASs and session states, bgp version
# show ip bgp neighbors [peer-ip] tcp sessions and timers, bgp parameters
# show ip bgp routing infos received from all peers
68 | P a g e
CLI
Default Behavior
Here I'll collect crazy default behaviors and how to fix them, I guess..
Command Description
(config)# no ip domain-lookup Don't try to telnet unknown single word commands
Modes
Mode Prompt enter
User > N/A
Exec # > enable
Config (config)# # configure terminal
Interface (config-if)# (config)# interface g1/0
Line (config-line)# (config)# line vty 0 4
DHCP (dhcp-config)# (config)# ip dhcp pool Foobar
Filters
Name Function
include hostname find a line including 'hostname'
section interface find a section including 'interface'
begin interface Show remaining config starting with the first line containing 'interface'
exclude ! exclude all line containing ! (comments)
69 | P a g e
Navigation
Sequence Function
Ctrl-Shfit-6 Kill many commands
Ctrl-Shift-6 x Move telnet session to background
Esc-B Ctrl-Left arrow
Esc-F Ctrl-Right arrow
Ctrl-R Redraw the current line
Ctrl-U Erase line
Ctrl-W Delete the word left of the cursor
Ctrl-C Drop back to Exec, does not kill processes..
Ctrl-A Move Cursor to the beginning of the line
Ctrl-E Move Cursor to the end of the line
Tab Autocompletion
? Help, can be entered mostly everywhere
Packet Types
Ethernet Frame
Field Field Length Description
Preamble 8 bytes Alternating 1s and 0s used to synchronize
Destination MAC (DA) 6 bytes MAC of recipient
Source MAC (SA) 6 bytes MAC of sender
802.1Q tag (optional) 4 bytes Optional vlan tag. Starts with 0x8100 to mark 802.1Q mode in type location.
70 | P a g e
Type or Length 2 bytes Layer three type OR length if smaler then 1536 bytes.
Data 46 - 1500 bytes Payload
Frame check sequence (FCS) 4 bytes 32 bit CRC Checksum
IPv4 Header
Version 4 bits IP Version, always four
Internet Header Length (IHL) 4 bits Length of the header
Service Type 8 bits Desired QOS information (DSCP and ECN)
Total Length 2 bytes Packet length, including this header
Identification 2 bytes A unique ID
Flag 3 bits fragmentation behaviour
Fragment Offset 13 bits
TTL 1 byte TTL, decreased by every router by one.
Protocol 1 byte Layer four type
Header Checksum 2 bytes
Options (optional) 16 bytes
Padding max. 31 bits Pad to the nearest 32 bit boundary
71 | P a g e
TCP Segment
Source Port 2 bytes
Destination Port 2 bytes
Squence Number 4 bytes Unique Number for this Segment
Next expected sequence number, acknowledge all prior

Acknowledgement Number 4 bytes
Segments.
Header size in multiples of 4 bytes, sometimes also called

Header Lenght 4 bits
Data Offset.
Reserved 3 bits N/A
Control Flags like SYN, ACK, FIN, RST and Flags for
Flags 9 bits
congestion controll.
Window size 2 bytes bytes sender is currently willing to receive
Checksum 2 bytes Header Checksum
Points to the last 'urgent' byte in the Segment, used when

Urgent Pointer 2 bytes
URG flag is set.
Options 0 - 320 bits The Size is determined by Header Lenght. TODO:
Data variable
UDP Segment
Source Port 2 bytes
Destination Port 2 bytes
Length 2 bytes Length of the whole Segment
Checksum (optional) 2 bytes Checksum of the whole Segment
72 | P a g e
Data variable
To Sort and Misc
| # disconnect | Disconnect background telnet session | telnet 1.2.3.4 23 | ssh -l h.acker 1.2.3.4 | (config-if)# duplex {full, auto} | Set duplex mode or set it
to autonegotiation. (config-if)# speed {100, auto} | Set speed or set it to autonegotiation.
IPv6 Configuration
Enabling IPv6
Initialize IPv6
# conf t
Configure an andress on an interface
(config)# interface [interface]

(config-if)# ipv6 address [ipv6 prefix]/[prefix length] eui-64
(config-if)# ipv6 address [link-local] link-local //not required
(config-if)# no shutdown
(config-if)# exit
Note, the ipv6 prefix will look like a netid will usually end in 0, the wui-64 command allocates the unique portion of the computer to the
address. This in a whole will be the same as witing
Example:
(config-if)# ipv6 address 2001:DB8:ACAD:A::/64 eui-64
IPv6 Routing:
Static Route
(config)# ipv6 route [ipv6 prefix]/[prefix length] [next hop ipv6 address]
Default IPv6 static route
(config)# ipv6 route ::/0 [interface]

EIGRP Dynamic Routing
Enable ipv6 routing:

Start eigpr protocol
(config)# ipv6 router eigrp [AS-number]

Configure EIGRP for a 32-bit address for the router ID.
(config-rtr)# eigrp router-id [32 bit ip id] //feks 1.1.1.1

Enable:
(configure-rtr)# no shutdown
73 | P a g e
MANAGING STATIC ROUTING FOR CISCO NETWORKING
When working with your routers on your Cisco network, it’s very likely that you’ll want to have your routers
route data. The first step in having your router pass data from one interface to another interface is to
enable routing; just use these commands.
Router1>enable
Router1#configure terminal
Router1(config)#ip routing
Whether or not you choose to use a dynamic routing protocol, you may add static routes to your router. The
following will add a static route to Router1 to send data to the 192.168.5.0/24 network using the router with
the IP address of 192.168.3.2.
Router1>enable
Router1(config)#ip route 192.168.5.0 255.255.255.0 192.168.3.2
MANAGING ROUTING INFORMATION PROTOCOL FOR CISCO NETWORKING
Routing Information Protocol (RIP) is widely used, with version 2 allowing you to use Variable Length Subnet
Masks (VLSM) across your network. The following code will enable routing, enable RIP, set RIP to version 2,
disable route summarization, defines the distributed network from this router as 192.168.5.0/24, and rather
than broadcasting routes, it will send RIP data directly to 192.168.1.1.
Router2>enable
Router2(config)#router rip
Router2(config-router)#version 2
Router2(config-router)#no auto-summary
Router1(config-router)#network 192.168.5.0
Router2(config-router)#neighbor 192.168.1.1
74 | P a g e
MANAGING ENHANCED INTERIOR GATEWAY ROUTING PROTOCOL FOR CISCO NETWORKING
Enhanced Interior Gateway Routing Protocol (EIGRP) is the updated version of IGRP. The following code will
enable EIGRP using an autonomous-system (AS) number of 100, distribute two networks and disables auto
summary.
Router2>enable
Router2(config)#router eigrp 100
Router2(config-router)#no auto-summary
MANAGING OPEN SHORTEST PATH FIRST FOR CISCO NETWORKING
Open Shortest Path First (OSPF) is a link state protocol which is widely used. OSPF uses the address of the
loopback interface as the OSPF identifier, so this example will set the address of the loopback interface,
then enable OSPF with a process ID of 100, and distributing a network of 192.168.255.254 and a network of
192.168. 5.0/24
Router2>enable
Router2(config)#interface loopback 0
Router2(config-if)#ip address 192.168.255.254 255.255.255.0
Router2(config-if)#exit
Router2(config)#router ospf 100

Router2(config-router)#network 192.168.255.254 0.0.0.0 area 0
Router2(config-router)#network 192.168.5.0 0.0.0.255 area 0
75 | P a g e
VIEWING ROUTING INFORMATION FOR CISCO NETWORKING
After setting up any routing protocol that you want to implement – RIP, OSPF, or EIGRP – you can view all of
your routing information through the ip route command. The following is an example of the output of this
command. The output includes a legend showing the codes for each routing protocol, and the specific routes
are identified by the source protocol.
Router2>enable
Password:
Router2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
D 192.168.10.0/24 [90/284160] via 192.168.1.1, 00:04:19, FastEthernet0/0
O 192.168.10.0/24 [110/11] via 192.168.1.1, 00:01:01, FastEthernet0/0
R 192.168.10.0/24 [120/1] via 192.168.1.1, 00:00:07, FastEthernet0/0
C 192.168.5.0/24 is directly connected, FastEthernet0/1
C 192.168.1.0/24 is directly connected, FastEthernet0/0
S 192.168.3.0/24 [1/0] via 192.168.1.1
76 | P a g e

Bibila 2.0 Extended Ccna Cheat Sheet

Încărcat de

Informații document

Descriere originală:

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Bibila 2.0 Extended Ccna Cheat Sheet

Încărcat de

Drepturi de autor:

Formate disponibile

Contents

Chapter Summary CCNA 1 .......................................................................................................................................... 7

Chapter 1: Explore the Network

Providing Resources in a Network

 Networks of Many Sizes

The Internet, Intranets, and Extranets

1.4 The Changing Network Environment

Networking Technologies for the Home

Section 1.2 New Terms and Commands

 physical topology diagrams

Section 1.4 New Terms and Commands

 multiple layers of security

2.3 Address Schemes

 Cisco IOS enables a technician to:

Navigate the IOS

 Primary Command Modes

Limit Access to Device Configurations

2.3 Address Schemes

 End-To-End Connectivity Test

 Command Syntax Check

Section 2.2 New Terms and Commands

 Random Access Memory (RAM)

Section 3.2 New Terms and Commands

Section 3.3 New Terms and Commands

Network Interface Cards

Physical Layer Protocols Physical Layer Characteristics

4.2 Network Media

 UTP Cabling Standards

 Testing UTP Cables

 Types of Fiber Media

4.3 Data Link Layer Protocols

 Physical and Logical Topologies

Data Link Frame

 LAN and WAN Frames

4.5 Chapter Summary

 Gigabits per second (Gb/s)

Section 4.2 New Terms and Commands

 Electromagnetic interference (EMI)

 Radio frequency interference (RFI)

 Media Access Control

– MAC address is 48-bit long and expressed as 12 hexadecimal digits.

 MAC Addresses: Ethernet Identity

5.2 LAN Switches

Switch Port Settings

5.3 Address Resolution Protocol

Section 5.2 New Terms and Commands

Section 5.3 New Terms and Commands

(config)# interface g1/0 Enter their interface config mode

(config-if)# description Link to Somehost Human readable link description

(config-if)# ip address 10.23.42.5 255.255.0.0 Add IPv4 address to interface.

(config-if)# mac address 1234.5678.90AB Overwrite MAC address.

(config-if)# no mac address Remove MAC overwrite.

(config-if)# ipv6 address 2001:41d0:8:e115::ccc/64 Add IPv6 address to interface.

(config-if)# ip address dhcp Get IPv4 address via dhcp.

(config)# interface g1/0 - 2 Configure both interfaces at once.

(config)# ip default-gateway 10.23.42.1 Set 10.23.42.1 as the default gateway

(config)# ipv6 unicast-routing Globally enable ipv6 routing.

# show ip[v6] interface [if-name] Show interfaces ip/arp/icmp/nd... configuration

# show mac address-table Show the mac address table of a switch.

# show arp Show {ip,ipx,appletalk}-mac bindings

# show ip arp [{ip, mac, if-name}] Show ip-mac bindings

# clear [ip] arp 192.168.1.1 Remove arp entry for ip