200-120 cisco certified network associate ccna

Cisco Certified Network Associate CCNA

WHAT IS CCNA?

Cisco Certified Network Associate

PREPARING FOR THE CCNA EXAM-TESTBELLS.COM

Internetworking &OSI Model IPv4 & Subnetting VLSM & Summarization Basic Configuration on Router

http://www.testbells.com/200-120.html





Cisco Icons and Symbols

What Is a Network?

Interpreting a Network Diagram

Network User Applications

– E-mail (Outlook, POP3, Yahoo, and so on)

– Web browser (IE, Firefox, and so on)

– Instant messaging (Yahoo IM, Microsoft Messenger, and so on)

– Collaboration (Whiteboard, Netmeeting, WebEx, and so on)

– Databases (file servers)

Impact of User Applications on the Network – Batch applications

• FTP, TFTP, inventory updates

• No direct human interaction

• Bandwidth important, but not critical

– Interactive applications

• Inventory inquiries, database updates.

• Human-to-machine interaction.

• Because a human is waiting for a response, response time is important but not critical, unless the wait becomes excessive.

– Real-time applications

• VoIP, video

• Human-to-human interaction

• End-to-end latency critical

Characteristics of a Network

– Speed

– Cost

– Security

– Availability

– Scalability

– Reliability

– Topology





Network Structure Defined by Hierarchy

Distribution

Layer

Core Layer

Access

Layer

Understanding Host-to-Host Communications

– Older model

• Proprietary

• Application and combinations software controlled by one vendor

– Standards-based model

• Multivendor software

• Layered approach

Why a Layered Network Model?

Reduces complexity

Standardizes interfaces

Facilitates modular engineering

Ensures interoperable technology

Accelerates evolution

Simplifies teaching and learning

OSI Model & IPv4

Data Flow

Layers

Transport Layer

Data Link

Network Layer

Physical

Application

(Upper)

Layers

Session

Presentation

Application

IPv4,IPv6

Encapsulation

tcp,udp

Keeping different

applications’

data separate

User Interface

•How data is presented

•Special processing

such as encryption

Telnet,msn,skype,

Bit torrent,FTP,etc

ASCII

EBCDIC

JPEG

Operating System/

Application Access

Scheduling Transport Layer

Data Link

Network Layer

Physical

EXAMPLES

Session

Presentation

Application

Role of Application Layers

TCP

UDP

SPX

802.3 / 802.2

HDLC

EIA/TIA-232

V.35

IP

IPX

Presentation

Application

Session EXAMPLES

Role of Data Flow Layers

• Reliable or unreliable delivery

• Error correction before retransmit

• Combines bits into bytes and

bytes into frames

• Access to media using MAC address

• Error detection not correction

• Move bits between devices

• Specifies voltage, wire speed and

pin-out cables

Transport

Data Link

Physical

Network Provide logical addressing which

routers use for path determination

Encapsulating Data

Transport

Data Link

Physical

Network

Upper Layer Data

Upper Layer Data TCP Header

Data IP Header

Data LLC Header

0101110101001000010

Data MAC Header

Presentation

Application

Session

Segment

Packet

Bits

Frame

PDU

FCS

FCS

(Protocol Data Unit)

Data

Introduction to TCP/IP

Department of Defense (DoD)


TCP (Transmission Control Protocol) is a set of rules (protocol) used along with the Internet Protocol (IP) to send data in the form of message units between computers over the Internet. While IP takes care of handling the actual delivery of the data, TCP takes care of keeping track of the individual units of data (called packets) that a message is divided into for efficient routing through the Internet.

User Datagram Protocol (UDP) is one of the core protocols of the Internet protocol suite. Using UDP, programs on networked computers can send short messages sometimes known as datagrams (using Datagram Sockets) to one another. UDP is sometimes called the Universal Datagram Protocol or Unreliable Datagram Protocol.

http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci212839,00.html

http://searchvoip.techtarget.com/sDefinition/0,,sid66_gci214031,00.html

http://searchnetworking.techtarget.com/sDefinition/0,,sid7_gci212736,00.html

http://en.wikipedia.org/wiki/Internet_protocol_suite

http://en.wikipedia.org/wiki/Internet_protocol_suite

http://en.wikipedia.org/wiki/Packet

http://en.wikipedia.org/wiki/Datagram_Sockets

IP Address

Private IP

IP Address Version 4

• http://www.testbells.com/200-120.html





IP Address When we first set the IP Address to the IP Address that is to say it is.

1. Network IP What is IP Address. 2. Broadcast IP is the IP Address you. 3. Range host IP address can be used or the number of host Per Subnet. What is 4.Subnet Mask IP Address. 5. Subnet Ex.1 192.168.22.50/30 Ex.2 192 .168.5.33 / 27 which IP address should be assigned to the PC host?

A.192.168.5.5

B.192.168.5.32

C. 192.168.5.40

D. 192.168.5.63

E. 192.168.5.75

IP Address

Ex.3 What is an IP address that actually works.

10.10.10.0/13

a) 244.0.0.1/24

b) 10.159.255.255/12

c) 10.127.255.255/13

d) 10.179.0.255/15

IP Address 4.Which of the following addresses can be

assigned to network hosts when given a subnet mask of 255.255.255.224?(select three options.)

A. 201.45.116.159

B. 134.178.18.62

C. 192.168.16.91

D. 92.11.178.93

E. 217.63.12.24

F. 15.234.118.63

IP Subnet-Zero

Classless Inter-Domain Routing

Variable Length Subnet Masks ( VLSM )

• Networks that we use are not necessarily the same size as always.

• LAN IP address for the device needs more than 2.

• Point-to-point connection. (Point-to-Point) needs only 2 IP is sufficient.

• VLSM Subnet division to allow more than one time for each set of IP to IP to

size as required.

• VLSM can reduce the number of allocated IP address into the IP is used

effectively.

• VLSM also allows the Router to run faster because of the smaller size of the

Routing Table.

Variable Length Subnet Masks ( VLSM )

Summarization Summarization, also called route aggregation, allows routing protocols to

advertise many networks as one addres

Summarization

• There are two main EXEC modes for

entering commands.

Cisco IOS Software EXEC Mode

Cisco IOS Software EXEC Mode (Cont.)

Overview of Router Modes

Saving Configurations

wg_ro_c#

wg_ro_c#copy running-config startup-config

Destination filename [startup-config]?

Building configuration…

wg_ro_c#

• Copies the current configuration to NVRAM

– Sets the local identity or message for the accessed router or interface

Configuring Router Identification

Configuring a Router Password

Other Console-Line Commands

Router(config)#line console 0 Router(config-line)#exec-timeout 0 0

Router(config)#line console 0 Router(config-line)#logging synchronous

• Prevents console session timeout

• Redisplays interrupted console input





Router(config)#interface type number

Router(config-if)#

• type includes serial, ethernet, token ring, fddi, hssi, loopback, dialer, null, async, atm, bri, tunnel, and so on

• number is used to identify individual interfaces

Router(config-if)#exit

• Quits from current interface configuration mode

Router(config)#interface type slot/port

Router(config-if)#

• For modular routers, selects an interface

Configuring an Interface

•Enter Global Configuration Mode

Router(config-if)#clock rate 64000

Router(config-if)#

Router(config)#interface serial 0

Router(config-if)#

Router#configure terminal

Router(config)#

Router(config-if)#bandwidth 64

Router(config-if)#exit

Router(config)#exit

Router#

Specify Interface

Set Clock Rate (on DCE interfaces only)

Set Bandwidth (recommended)

Configuring a Serial Interface

Router(config)#interface ethernet 2

Router(config-if)#media-type 10baset

• Selects the media-type connector for the Ethernet interface

Ethernet media-type Command



Router(config-if)#no shutdown

%LINK-3-UPDOWN: Interface Seria0, changed state to up

%LINEPROTO-5-UPDOWN: Line Protocol on Interface Serial0, changed state to up

• Enables an interface that is administratively shut down



Router(config-if)#shutdown

%LINK-5-CHANGED: Interface Serial0, changed state to administratively down

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down

• Administratively turns off an interface

Disabling or Enabling an Interface

Configuring the Router IP Address

wg_ro_c#configure terminal

wg_ro_c(config)#interface ethernet 0

wg_ro_c(config-if)#ip address 192.168.1.1 255.255.255.0

wg_ro_c(config-if)#no shutdown

wg_ro_c(config-if)#exit

Router show interfaces Command Router#show interfaces

Ethernet0 is up, line protocol is up

Hardware is Lance, address is 00e0.1e5d.ae2f (bia 00e0.1e5d.ae2f)

Internet address is 10.1.1.11/24

MTU 1500 bytes, BW 10000 Kbit, DLY 1000 usec, rely 255/255, load 1/255

Encapsulation ARPA, loopback not set, keepalive set (10 sec)

ARP type: ARPA, ARP Timeout 04:00:00

Last input 00:00:07, output 00:00:08, output hang never

Last clearing of "show interface" counters never

Queueing strategy: fifo

Output queue 0/40, 0 drops; input queue 0/75, 0 drops

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

81833 packets input, 27556491 bytes, 0 no buffer

Received 42308 broadcasts, 0 runts, 0 giants, 0 throttles

1 input errors, 0 CRC, 0 frame, 0 overrun, 1 ignored, 0 abort

0 input packets with dribble condition detected

55794 packets output, 3929696 bytes, 0 underruns

0 output errors, 0 collisions, 1 interface resets

0 babbles, 0 late collision, 4 deferred

0 lost carrier, 0 no carrier

0 output buffer failures, 0 output buffers swapped out

Interpreting the Interface Status

Verifying a Serial Interface Configuration

Router#show interface serial 0

Serial0 is up, line protocol is up

Hardware is HD64570

Internet address is 10.140.4.2/24

MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec, rely 255/255, load 1/255

Encapsulation HDLC, loopback not set, keepalive set (10 sec)

Last input 00:00:09, output 00:00:04, output hang never

Last clearing of "show interface" counters never

Input queue: 0/75/0 (size/max/drops); Total output drops: 0

Queueing strategy: weighted fair

Output queue: 0/1000/64/0 (size/max total/threshold/drops)

Conversations 0/1/256 (active/max active/max total)

Reserved Conversations 0/0 (allocated/max allocated)

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

(output omitted)

BW 64 Kbit,

Serial Interface show controller Command

Router#show controller serial 0

HD unit 0, idb = 0x121C04, driver structure at 0x127078

buffer size 1524 HD unit 0, V.35 DTE cable

.

.

.

• Shows the cable type of serial cables

V.35 DTE Cable

Config DHCP





Setting Secure Shell (SSH)

Doing the do Command

Using the Pipe

Cisco’s Security Device Manager

Basic Configuration on Router

Basic config

1.Hostname

2.Line console

3.Enable password

4.Enable secret

5.Line vty

6.Banner motd

7.Interface

Configuration Register Values รหัสของ bootstrap ทั่วไป 0x2102

It was written as a binary number.

0010 0001

0 0 = 9600

0 1 = 4800

1 0 = 2400

1 1 = 1200 There are two values 0 = load config จาก NVRAM

4 = skip การ load config

There are three values

0 = Rommon [>]

1 = Rx-boot [router(boot)]

2 = IOS [router>]

Password Recovery

Lab Password Recovery

Lab Backup&Restore Config

– Address learning

– Forward/filter decision

– Loop avoidance

Ethernet Switches and Bridges

Forward/Filter Decisions

Port Security Switch(config)#interface fastEthernet 0/1

Switch(config-if)#switchport port-security ?

mac-address Secure mac address

maximum Max secure addresses

violation Security violation mode

<cr>

Switch(config-if)#switchport port-security maximum 1

Switch(config-if)#switchport port-security violation shutdown

– Redundant topology eliminates single points of failure.

– Redundant topology causes broadcast storms, multiple frame copies, and MAC address table instability problems.

Loop Avoidance

• Host X sends a broadcast. • Switches continue to propagate broadcast traffic over and

over.

Broadcast Storms

• Host X sends a unicast frame to router Y.

• MAC address of router Y has not been learned by

either switch yet.

• Router Y will receive two copies of the same frame.

Multiple Frame Copies

• Host X sends a unicast frame to router Y. • MAC address of router Y has not been learned by either switch. • Switches A and B learn the MAC address of host X on port 0. • The frame to router Y is flooded. • Switches A and B incorrectly learn the MAC address of host X on port 1.

MAC Database Instability

• Provides a loop-free redundant network topology by

placing certain ports in the blocking state.

Spanning-Tree Protocol

• One root bridge per network

• One root port per nonroot bridge

• One designated port per segment

• Nondesignated ports are unused

Spanning-Tree Operation

• Bpdu = Bridge Protocol Data Unit (default = sent every two seconds)

• Root bridge = Bridge with the lowest bridge ID

• Bridge ID =

• In the example, which switch has the lowest bridge ID?

Spanning-Tree Protocol Root Bridge Selection

• Spanning-tree transits each port through

several different states:

Spanning-Tree Port States

Spanning-Tree Path Cost

Spanning-Tree Switch#show spanning-tree vlan 1

VLAN0001

Spanning tree enabled protocol ieee

Root ID Priority 32769

Address 0001.96DC.1A62

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32769 (priority 32770 sys-id-ext 1)

Address 0010.1116.A3A4

Aging Time 300

Interface Role Sts Cost Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Fa0/1 Desg FWD 19 128.3 Shr

Fa0/2 Root FWD 19 128.3 Shr

Switch(config)#spanning-tree vlan 1 priority 4096

Lab Spanning-Tree Switch#show spanning-tree Switch#show version

• IP address: 0.0.0.0

•CDP: enabled

•100baseT port: autonegotiate duplex mode

• Spanning tree: enabled

•Console password: none

Catalyst Default Configuration

Configuration Switch

ลบ config

# erase start-up

# reload

ตรวจสอบ config

#show running-config

#show spanning-tree

#show vlan

#show interfaces status

#show mac-address-table

#show ip int brief

Vlan 1 default

การ config

Switch#config t

Switch(config)#vlan 2

Switch(config-vlan)#name Sales

Switch (config-vlan)#vlan 3

Switch (config-vlan)#name Marketing

Switch(config)#interface FastEthernet 0/1-24

Switch(config-if)#switchport mode access

Switch(config-if)#switchport access vlan 2

Configuration Switch 2960

Config trunk

Switch#config terminal

Switch(config)#interface fastethernet 0/3

Switch(config-if)#switchport mode trunk

Switch(config-if)#switchport trunk encapsulation dot1q ,isl

The Switch 2960 is set on the trunk encapsulation dot1q already do not need to be set #switchport trunk encapsulation dot1q.

Configuration Switch 2950,2960

Cisco only

Lab Config VLAN

80

• Forwards advertisements

• Synchronizes

• Not saved in NVRAM

• Creates VLANs

• Modifies VLANs

• Deletes VLANs

• Sends/forwards advertisements

• Synchronizes

• Saved in NVRAM

• Creates VLANs

• Modifies VLANs

• Deletes VLANs

• Forwards advertisements

• Does not synchronize

• Saved in NVRAM

VLAN Trunking Protocol

• VTP advertisements are sent as multicast frames.

• VTP servers and clients are synchronized to the latest revision number.

• VTP advertisements are sent every 5 minutes or when there is a change.

VTP Operation

Configuration Switch 2950,2960 VLAN Trunking Protocol (VTP)

Switch#vlan database

Switch(vlan)#vtp server, client , transparent

Switch(vlan)#vtp domain jodoi

Switch(vlan)#vtp password password

หรือ Switch#config ter

Switch(vlan)#vtp mode server, client , transparent

Switch(vlan)#vtp domain jodoi

Switch(vlan)#vtp password password

Switch#show vtp status

Lab Config VTP

Configuring Inter-VLAN Routing

Lab Config Inter-VLAN Routing

Wide Area Networks

Wan Connection

- lease line HDLC ,PPP Sync

- Circuit Switch (isdn) HDLC ,PPP Async

- Packet Switch Frame Relay Sync

- Cell Switch ATM Async

DTE Data terminal equipment Brant

DCE Data Circuit equipment females

#Show controller Serial 0/0 To determine whether a DTE or DCE.

2 is a side cisco

router DTE DCE CSU DSU

HQ#show interfaces s0/0 Serial0/0 is up, line protocol is up (connected) HQ#ping 10.10.10.6 !!!!!

Configuration Router WAN hdlc

HQ(config)#interface s0/0 HQ(config-if)#ip address 10.10.10.5 255.255.255.252 HQ(config-if)#encapsulation hdlc HQ(config-if)#clock rate 125000 HQ(config-if)#bandwidth 512 HQ(config-if)#description link-to-B1 HQ(config-if)#no shutdown

B1(config)#interface s0/0 B1(config-if)#ip address 10.10.10.6 255.255.255.252 B1(config-if)#encapsulation hdlc B1(config-if)#bandwidth 512 B1(config-if)#description link-to-HQ B1(config-if)#no shutdown

Lab Config WAN hdlc

• Passwords sent in clear text

• Peer in control of attempts

PPP Authentication Protocols

• Hash values, not actual passwords, are sent across link.

• The local router or external server is in control of attempts.

Challenge Handshake Authentication Protocol

HQ B1 S0/0

S0/0

Configuration WAN PPP PAP

HQ(config)#username aaa password 1234 HQ(config)#username bbb password 5678 HQ(config)#interface s0/0 HQ(config-if)#ip address 10.10.10.5 255.255.255.252 HQ(config-if)#encapsulation ppp HQ(config-if)#ppp pap sent-username ccc password 1234 HQ(config-if)#clock rate 125000 HQ(config-if)#bandwidth 512 HQ(config-if)#description link-to-B1 HQ(config-if)#no shutdown

#debug ppp authen #no debug all Username and password are small but effective results.

pap

B1(config)#username ccc password 1234 B1(config)#username ddd password 5678 B1(config)#interface s0/0 B1(config-if)#ip address 10.10.10.6 255.255.255.252 B1(config-if)#encapsulation ppp B1(config-if)#ppp pap sent-username aaa password 1234 B1(config-if)#bandwidth 512 B1(config-if)#description link-to-HQ B1(config-if)#no shutdown

Lab Config WAN PPP PAP

bkk B1 S0/0

S0/0

chap Configuration WAN PPP CHAP

Chap password must match

bbk(config)#username B1 password cisco bbk(config)#interface s0/0 bbk(config-if)#ip address 10.10.10.10 255.255.255.252 bbk(config-if)#encapsulation ppp bbk(config-if)#ppp authentication chap bbk(config-if)#no shutdown

B1(config)#username bbk password cisco B1(config)#interface s0/0 B1(config-if)#ip address 10.10.10.9 255.255.255.252 B1(config-if)#encapsulation ppp B1(config-if)#ppp authentication chap B1(config-if)#clock rate 125000 B1(config-if)#no shutdown

Chap username ใส่เป็นชื่อ hostname และ password ทั้ง 2 ฝั่งต้องตรงกัน

Lab Config WAN PPP CHAP

Frame Relay Overview

– Connections made by virtual circuits

– Connection-oriented service

Frame Relay Stack OSI Reference Model Frame Relay

Physical

Presentation

Session

Transport

Network

Data-Link

Application

EIA/TIA-232, EIA/TIA-449, V.35, X.21,

EIA/TIA-530

Frame Relay

IP/IPX/AppleTalk, etc.

Frame Relay Terminology

• Frame Relay default: nonbroadcast, multiaccess (NBMA)

Selecting a Frame Relay Topology

Frame Relay

Point-to-point (no sub interface)

HQ(config)#interface s0/0

HQ(config-if)#ip address 10.10.10.1 255.255.255.252

HQ(config-if)#encapsulation frame-relay ietf (cisco , ietf )

HQ(config-if)#frame-relay interface-dlci 100

HQ(config-if)#frame-relay lmi-type ansi (cisco , ansi , q933a)

HQ(config-if)#no shutdown

Configuration Router

Lab Config Point-to-point (no sub interface)

Frame Relay

Point-to-point ( sub interface)


HQ(config-if)#no ip address

HQ(config-if)#encapsulation frame-relay ietf

HQ(config-if)#frame-relay lmi-type ansi


HQ(config)#interface s0/0.1 point-to-point

HQ(config-subif)#ip address 10.10.10.1 255.255.255.252

HQ(config-subif)#frame-relay interface-dlci 100


Lab Config Point-to-point (sub interface)

Frame Relay

Point-to-multipoint ( sub interface)


HQ(config-if)#no ip address

HQ(config-if)#encapsulation frame-relay ietf

HQ(config-if)#frame-relay lmi-type ansi


HQ(config)#interface s0/0.1 multipoint

HQ(config-subif)#ip address 10.10.10.1 255.255.255.0

HQ(config-subif)#frame-relay map ip 10.10.10.2 100 broadcast




Lab Config Point-to-multipoint (sub interface)

IP Routing Routing -Static -Dynamic

Config static route (Config)# ip route ________ ________ ________ ( Network ip ) ( subnet mask) ( gateway ip )

Ex R2 (config)# ip route 192.168.1.0 255.255.255.0 10.10.10.1 R1 (config)# ip route 192.168.2.0 255.255.255.0 10.10.10.2 Default route (Config)# ip route 0.0.0.0 0.0.0.0 ________ ( gateway ip )

IP Routing Ex b1(config)#ip route 111.111.111.0 255.255.255.0 222.222.222.222 b1(config)#ip route 22.22.22.0 255.255.255.0 222.222.222.222 b1(config)#ip route 33.33.33.8 255.255.255.252 222.222.222.222 b1(config)#ip route 44.44.44.8 255.255.255.248 222.222.222.222 or b1(config)#ip route 0.0.0.0 0.0.0.0 222.222.222.222

Lab Config Routing

Digital Subscriber Line

VPI and VCI values in the configuration of ADSL.

PPPoE Configuration !

interface FastEthernet4

pppoe enable group global

pppoe-client dial-pool-number 1

!

interface Dialer 0

ip address negotiated

ip mtu1452

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication chap callin

ppp chap hostname Todd

ppp chap password 0 lammle

!

Virtual Private Networks

Types of VPNs

There are three different categories of VPNs:

• Remote access VPNs Remote access VPNs allow remote users like telecommuters to securely access the corporate network wherever and whenever they need to.

• Site-to-site VPNs Site-to-site VPNs, or intranet VPNs, allow a company to connect its remote sites to the corporate backbone securely over a public medium like the Internet instead of requiring more expensive WAN connections like Frame Relay.

• Extranet VPNs Extranet VPNs allow an organization’s suppliers, partners, and customers to be connected to the corporate network in a limited way for business-to-business (B2B) communications.

Virtual Private Networks four of the most common tunneling protocols

Layer 2 Forwarding (L2F) Layer 2 Forwarding (L2F) is a Cisco-proprietary tunneling protocol, and it was their first tunneling protocol created for virtual private dial-up networks (VPDNs). VPDN allows a device to use a dial-up connection to create a secure connection to a corporate network. L2F was later replaced by L2TP, which is backward compatible with L2F.

Point-to-Point Tunneling Protocol (PPTP) Point-to-Point Tunneling Protocol (PPTP) was created by Microsoft to allow the secure transfer of data from remote networks to the corporate network.

Layer 2 Tunneling Protocol (L2TP) Layer 2 Tunneling Protocol (L2TP) was created by Cisco and Microsoft to replace L2F and PPTP. L2TP merged the capabilities of both L2F and PPTP into one tunneling protocol.

Generic Routing Encapsulation (GRE) Generic Routing Encapsulation (GRE) is another Cisco-proprietary tunneling protocol. It forms virtual point-to-point links, allowing for a variety of protocols to be encapsulated in IP tunnels.

Virtual Private Networks

IP Routing Dynamic routing -Interier Gateway Protocol (IGP) Autonomous System (AS) เดียวกัน

-Exterier Gateway Protocol (EGP) Autonomous System (AS) ต่างกัน ใน CCNA จะเรียนเฉพาะ IGP

Interier Gateway Protocol (IGP)

-Distance vector rip , igrp update table ช่วงเวลาหนึ่ง -Link-state ospf ,IS-IS เก็บข้อมูลเป็น database

-Balancing Hybrid EIGRPเก็บข้อมูลแบบ link-state แต่ท า routing แบบ distance vector

Selecting the Best Route with Metrics

Configuration Router Routing Information Protocol (RIP)

(config)#router rip

(config)#version 2 (config)#network ____________ Ex

172.16.1.30/24 Mojor network will 172.16.0.0



(config)#router rip

(config)#version 2

(config-router)#network 172.16.0.0



(major network)

Routing Information Protocol (RIP) # a. Rip hop in the route calculation. Way less that way (config) #router rip (config-router) #version 2: version 1 does not support

triggered. #debug ip rip #show ip protocol to determine routing. #show ip route would be up to the R.


Routing rip Router#show ip route

10.0.0.0/30 is subnetted, 1 subnets

C 10.10.10.0 is directly connected, Serial0/0

R 20.0.0.0/8 [120/1] via 10.10.10.2, 00:00:10, Serial0/0

C 192.168.1.0/24 is directly connected, FastEthernet0/0

R 192.168.2.0/24 [120/1] via 10.10.10.2, 00:00:10,Serial0/0

R 192.168.3.0/24 [120/2] via 10.10.10.2, 00:00:10, Serial0/0

EIGRP (Enhanced IGRP) classFul

(config)#router eigrp ______________

(config)#router eigrp 102

(config-router#network ______________

(config-router#network 192.168.1.0

(config-router)#no auto-sum


(major network)

( AS Number )

EIGRP

EIGRP (Enhanced IGRP) classless



(config-router)#network ______________

(config-router)#network 192.168.1.0 0.0.0.255

(config-router)#no auto-sum

( AS Number )

( Network ip) (wildcard)

Routing eigrp Router#show ip route

D 10.0.0.0/8 [90/11023872] via 20.20.20.1, 00:00:08, Serial0/0

20.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

D 20.0.0.0/8 is a summary, 00:00:08, Null0

C 20.20.20.0/30 is directly connected, Serial0/0

D 192.168.1.0/24 [90/11026432] via 20.20.20.1, 00:00:08, Serial0/0

D 192.168.2.0/24 [90/2172416] via 20.20.20.1, 00:00:08, Serial0/0


EIGRP

Router#show ip eigrp ?

interfaces IP-EIGRP interfaces

neighbors IP-EIGRP neighbors

topology IP-EIGRP Topology Table

traffic IP-EIGRP Traffic Statistics

Lab Config Routing

OSPF (Open Shorted Path First )

config#router ospf ___________

config#router ospf 101

config-router#network _________ _________ area _______

config-router#network 192.168.1.0 0.0.0.255 area 0

#show ip ospf neighbor Used to see who is the sender. LSA

link-state Keep data database Are transferred LSA (link-state advertisements)

The data were generated routing the algolithm

SPF ( Shorted Path First ) And consideration of the Cost (cost = )


( process-id )

(network id) ( wildcard ) ( area-id )

10 BW

8

OSPF (Open Shorted Path First ) # ต่อ

Ex 192.168.3.126/27

config#router ospf 101

config-router#network 192.168.3.96 0.0.0.31 area 0

EIGRP (Enhanced IGRP) classFul



(config-router#network ______________

(config-router#network 192.168.1.0


(major network)

( AS Number )

OSPF Network Types

Routing ospf Router#show ip route


C 10.10.10.4 is directly connected, Serial0/0


O 20.20.20.8 [110/128] via 10.10.10.6, 00:00:29, Serial0/0


O 30.30.30.12 [110/128] via 10.10.10.6, 00:00:29, Serial0/0



O 192.168.2.8 [110/65] via 10.10.10.6, 00:00:29, Serial0/0


O 192.168.3.16 [110/129] via 10.10.10.6, 00:00:29, Serial0/0


O 192.168.4.240 [110/129] via 10.10.10.6, 00:00:29, Serial0/0

Routing Protocol Comparison Chart

Lab Config Routing

Default Administrative Distance

RIPv1 vs. RIPv2

IGRP vs RIP

Access Control lists

- Standard 1-99 ,1300-1999

- Extended 100-199 , 2000-2699

Standard access list (1-99)

Config#access-list _______ ______ ______ ______

Ex

Config#access-list 1 deny 192.168.12.100 0.0.0.0

Config#access-list 1 permit any

Config#interface S0

Config#ip access-group 1 in

Access Control Lists

(access number) (permit,deny) (SA) (wildcard)

Standard access list (1-99)

#show ip interface S0 To determine whether the access-list is set or not.

Ex Block telnetConfig#access-list 2 deny 192.168.1.2 0.0.0.0

Config#access-list 2 permit any

Config#line vty 0 4

(config-line)#access-class 2 in


Extended access list (100-199)

config#access-list __________ _________ ___________ ____ ______

_____ ________ __________ _________

Ex

Config#access-list 101 deny tcp 192.168.1.0 0.0.0.255 10.10.10.2 0.0.0.0 eq 23

Config#access-list 101 permit ip any any

config#interface S0

config-if#ip access-group 101 in

(access number) (permit,deny) (protocol tcp,udp,icmp) SA wildcard

DA wildcard Eq,Neq,lt,gt Port number


Name access list

Config#ip access-list _______

Ex Standdard

config#ip access-list standard Internet

config# permit 192.168.40.25 0.0.0.0

config#permit 192.168.40.26 0.0.0.0

config#interface e0

config-if#ip access-group internet in

Standard

Extended Name

Ex Extended

config#ip access-list extended BlockVirus2

config#deny tcp any any eq 135

Config#deny tcp any any eq 4899

Config#permit ip any any

config#interface S0

config-if#ip access-group BlockVirus2 in


Well-Known Port

DHCP Server ---> UDP/68 Web Server ---> TCP/80 (HTTP) Secure Web Server ---> TCP/443 (HTTPS) POP3 Server ---> TCP/110 IMAP Server ---> TCP/143 SNMP Server ---> UDP/161 LDAP Server ---> TCP/389 Web Proxy Serve ---> TCP/3128 or TCP/8080

ECHO Server ---> TCP/7 DISCARD Server ---> TCP/9 DAYTIME Server ---> TCP/13 CHARGET Server ---> TCP/19 FTP Server ---> TCP/21 SSH Server ---> TCP/22 Telnet Server ---> TCP/23 SMTP Server ---> TCP/25 DNS Server ---> TCP/53 and UDP/53 The Well Known Ports are those from 0 through 1023.

Cisco’s WirelessTechnologies

802.11b Standard

802.11a Standard

802.11g Standard

802.11 Comparison

Range Comparisions

BSS & ESS

Independent Basic Service Set (IBSS)

Wireless Mesh Networking

WLAN Security

Internet Protocol Version 6

IPv6 Address Types

Special Addresses

Configuring with IPv6

Corp(config)#ipv6 unicast-routing

Corp(config-if)#ipv6 enable

IPv6 Routing Protocols RIPng

Router1(config-if)#ipv6 rip 1 enable

EIGRPv6

Router1(config)#ipv6 router eigrp 10

Router1(config-if)#ipv6 eigrp 10

OSPFv3

Router1(config)#ipv6 router osfp 10

Router1(config-rtr)#router-id 1.1.1.1

Router1(config-if)#ipv6 ospf 10 area 0.0.0.0

NAT

- Static

- dynamic

- Overloading

Static

Config#ip nat inside source static 192.168.1.2 10.10.10.3

(Config)#interface e0

(Config-if)#ip nat inside

#debug ip nat เพื่อตรวจสอบดูว่ามีการท า nat static หรือไม่

Network AddressTranslation

(Config)#interface S0

(Config-if)#ip nat outside

Preview

• routerB#debug ip nat

• 00:28:33: NAT: s=192.168.4.2->10.10.10.6, d=10.10.10.1 [1276]

• 00:28:33: NAT*: s=10.10.10.1, d=10.10.10.6->192.168.4.2 [1276]

• 00:28:34: NAT*: s=192.168.4.2->10.10.10.6, d=10.10.10.1 [1277]

• 00:28:34: NAT*: s=10.10.10.1, d=10.10.10.6->192.168.4.2 [1277]

• 00:28:35: NAT*: s=192.168.4.2->10.10.10.6, d=10.10.10.1 [1279]

• 00:28:35: NAT*: s=10.10.10.1, d=10.10.10.6->192.168.4.2 [1279]

• 00:28:36: NAT*: s=192.168.4.2->10.10.10.6, d=10.10.10.1 [1281]

• 00:28:36: NAT*: s=10.10.10.1, d=10.10.10.6->192.168.4.2 [1281]

• 00:28:42: NAT*: s=192.168.4.2->10.10.10.6, d=10.10.10.1 [1283]

• 00:28:42: NAT*: s=10.10.10.1, d=10.10.10.6->192.168.4.2 [1283]

Dynamic

Config#ip nat pool name pool start ip end ip netmask netmask

Ex

Config#ip nat pool ISP 10.10.10.4 10.10.10.8 netmask 255.255.255.0

Config#access-list 1 permit 192.168.1.0 0.0.0.255

Config#ip nat inside source list 1 pool ISP

(Config)#interface e0 (Config)#interface S0

(Config-if)#ip nat inside (Config-if)#ip nat outside


Overloading

Config#access-list 1 permit 192.168.1.0 0.0.0.255

Config#ip nat inside source list 1 interface S0 overload

หรือ สามารถท า overloading แบบ dynamic

Config#ip nat inside source list 1 pool name pool overload

(Config)#interface e0 (Config)#interface S0

(Config-if)#ip nat inside (Config-if)#ip nat outside


Preview

• routerB#debug ip nat

• 00:41:39: NAT: s=192.168.4.2->10.10.10.2, d=192.168.1.1 [1789]

• 00:41:39: NAT*: s=192.168.1.1, d=10.10.10.2->192.168.4.2 [1789]

• 00:41:40: NAT*: s=192.168.4.2->10.10.10.2, d=192.168.1.1 [1790]

• 00:41:40: NAT*: s=192.168.1.1, d=10.10.10.2->192.168.4.2 [1790]

• 00:41:41: NAT*: s=192.168.4.2->10.10.10.2, d=192.168.1.1 [1792]

• 00:41:41: NAT*: s=192.168.1.1, d=10.10.10.2->192.168.4.2 [1792]

• 00:41:42: NAT*: s=192.168.4.2->10.10.10.2, d=192.168.1.1 [1794]

• 00:41:42: NAT*: s=192.168.1.1, d=10.10.10.2->192.168.4.2 [1794]

• 00:41:43: NAT*: s=192.168.4.2->10.10.10.2, d=192.168.1.1 [1795]

• 00:41:43: NAT*: s=192.168.1.1, d=10.10.10.2->192.168.4.2 [1795]

• 00:41:44: NAT*: s=192.168.4.2->10.10.10.2, d=192.168.1.1 [1797]

• 00:41:44: NAT*: s=192.168.1.1, d=10.10.10.2->192.168.4.2 [1797]

Preview routerB#debug ip nat

• 00:52:12: NAT*: s=192.168.4.3->10.10.10.2, d=10.10.10.1 [2332]

• 00:52:12: NAT*: s=10.10.10.1, d=10.10.10.2->192.168.4.3 [2332]

• 00:52:13: NAT*: s=192.168.4.3->10.10.10.2, d=10.10.10.1 [2333]

• 00:52:13: NAT*: s=10.10.10.1, d=10.10.10.2->192.168.4.3 [2333]

• 00:52:14: NAT*: s=192.168.4.3->10.10.10.2, d=10.10.10.1 [2337]

• 00:52:14: NAT*: s=10.10.10.1, d=10.10.10.2->192.168.4.3 [2337]

• 00:52:15: NAT*: s=192.168.4.3->10.10.10.2, d=10.10.10.1 [2339]

• 00:52:15: NAT*: s=10.10.10.1, d=10.10.10.2->192.168.4.3 [2339]

• 00:52:16: NAT*: s=192.168.4.3->10.10.10.2, d=10.10.10.1 [2340]

• 00:52:16: NAT*: s=10.10.10.1, d=10.10.10.2->192.168.4.3 [2340]

• 00:52:17: NAT*: s=192.168.4.3->10.10.10.2, d=10.10.10.1 [2342]

• 00:52:17: NAT*: s=10.10.10.1, d=10.10.10.2->192.168.4.3 [2342]

Ex Static NAT • ip nat inside source list 7 interface Serial0 overload

• ip nat inside source static tcp 192.168.42.30 5900 203.149.9.218 5900 extendable

• ip nat inside source static udp 192.168.42.30 5900 203.149.9.218 5900 extendable














• ip nat inside source static tcp 192.168.42.5 80 203.149.9.218 80 extendable http://www.testbells.com/200-120.html






200-120 cisco certified network associate ccna

Documents

network structure

layered network model

network batch applications

internet protocol ip

tcpip introduction

video human

realtime applications

ipv6 encapsulation tcp