final prep

This is the html version of the file http://security.timothydavidson.com/ccna/ccnanotes.doc.

Google automatically generates html versions of documents as we crawl the web.

CCNA Test Prep Course – Lesson One

Tim Davidson, MBA, CCSP, INFOSEC, MCSE, CNE

[email protected]

http://www.timdavidson.com

Lesson One

o Roster and Introductions

o Why we are here

o Scope of class

§ definition of the word “network” as it applies to this course

· refer to handout on “categorizing networks”

· two or more computers connected by media form a network

· used to share resources such as printers, disk space, and applications

· "sneakernet"

§ CCNA

· syllabus, schedule and curriculum

o Terminology

o Media

o EMI

o Client/server – types of servers

o Peer-to-peer networking

o LAN, WAN, MAN, SAN

o NOS

o NICs

o VPN – using the public Internet to communicate privately

o The OSI networking model, 1984 by ISO

o Pre-OSI we had the TCP/IP protocols, IBM’s Systems Network Architecture (SNA), and Digital Equipment’s

DECNET proprietary model

o refer to handout on “AppleTalk Reference Model”

o refer to handout on “TCP/IP Reference Model”

o refer to handout on “OSI Reference Model”

o ISO recognized a need for an “open system” standard

o The OSI model is not compulsory, but a reference model for vendors

o Why OSI? Simplification!

o Why OSI? Specialization!

o Why OSI? Modularity, thus upgradeability!

o Why OSI? Interoperability!

o Why OSI? Standardization!

o

Lesson One http://webcache.googleusercontent.com/search?q=cache:I05O2Xfe-dIJ:se...

1 of 42 10/3/2010 1:47 PM

The Seven Layers of the OSI networking model

o Peer networking

o The Application layer

o handles the interface between the network and the user

o refer to handout on “Protocols and the OSI Model”

o e.g., Telnet

o e.g., FTP

o e.g., Instant Message software (AIM, MSN, ICQ, Yahoo)

o e.g., IRC (mIRC)

o e.g., America Online (the client software)

o e.g., Microsoft Windows File Shares

o e.g., Microsoft Internet Explorer (a web browser)

o e.g., Network games of Doom, Quake, Unreal (first-person 3D shooter video games)

o The Presentation layer

o ensures that data sent from one device is readable by the peer device

o provides the following coding and conversion schemes:

o data representation: standard formats for image, sound, and video

o e.g., converts .WAV to .MP3

o e.g., converts Sun .RAS raster graphics to .JPG.

o e.g., converts Macintosh .PICT files to .JPG

o QuickTime, MPEG (motion picture experts group), GIF (graphics interchange format), TIFF (tagged image file

format), JPEG (joint photographic experts group)

o characters

o e.g., converts ASCII to IBM EBCDIC (see handout)

o compression

o encryption

o The Session layer

o establishes, manages, and terminates sessions

o a “session” happens when a peer requests a service from a remote device (e.g., RPC)

o sessions are coordinated by protocols

o e.g., ASP (AppleTalk Session Protocol)

o e.g., SCP (Session Control Protocol, by DECnet)

o examples of services that need a session: ftp, telnet and http

o controls data exchange

o data synchronization

o failure recovery

o communication setup and teardown

o Note that a web-browser performs Session, Presentation and Application layer functions all within its single application.

Also, most NICs perform both Physical and Data Link layer functions.

o The Transport layer

o segments the data for transport into MTU size

o error-free host-to-host “transmission” and in the proper sequence

o detects transmission errors

o retransmits if necessary

o handles flow control

§ so that the transmitting device does not send more data than the receiving device can process

o multiplexing enables data from several applications to be transmitted simultaneously


2 of 42 10/3/2010 1:47 PM

§ virtual circuits are established, maintained, and terminated

o provides messaging service for the Session layer

o data transmission can be connection-oriented or connectionless

§ connection-oriented transmission requires that packets be acknowledged as received

§ connectionless transmission does not require acknowledgments

o two transport protocols: TCP and UDP

o TCP = “transmission” control protocol = ACK = connection-oriented

o UDP = user “datagram” protocol = connectionless

§ fast, but unreliable (like the U.S. mail); other connection-less protocols include IP, ICMP, DNS, TFTP and

SNMP

o refer to handout, “why use UDP”

o The Network layer

o logical addressing of data “packets,” such as IP, IPX, and Appletalk

o routing

o connectivity to remote networks

o best path

o e.g., Internet Protocol

o e.g., Internet Control Message Protocol (ICMP or "ping")

o e.g., Internet Gateway Management Protocol (IGMP)

o e.g., IPX/SPX

o The Data Link layer

o LLC sublayer

§ defines how data is packaged for the network: 802.2, 802.3, 802.5 frames, etc.

§ provides error-checking via CRC

§ links the Physical layer with the higher layers

o


3 of 42 10/3/2010 1:47 PM

MAC sublayer

§ defines the media access method (pulses, light emissions, waves, etc.)

§ provides a unique address for the device (MAC address)

§ 12-digit hexadecimal (1 through F)

§ 1st six digits is for the NIC manufacturers

§ last six digits is the unique number assigned to the device (see http://standards.ieee.org/regauth

/oui/index.shtml)

§ on and Ethernet or CSMA/CD network data “frames” are broadcast onto the wire and channeled up every

protocol stack it can find

§ networks are segmented into broadcast domains

o The Physical layer

o physical transmission of data across the network (mechanical, electrical, procedural)

o cables and connectors

o signal transmission

o NICs – convert binary into a pulse (of electricity, light, etc.)

o hubs, repeaters, transceivers, connectors, and wall jacks

o Five-step data encapsulation process.

o Data conversion (upper layers)

o “Segmentation” header with MTUs

o “Packet” header with logical address

o “Frame” header with source & destination MAC addresses

o Bit transmission, from bits to pulses

o References

o See OSI Reference Model at http://www.timdavidson.com.

o See Tim’s notes on today’s topics at http://www.timdavidson.com.


4 of 42 10/3/2010 1:47 PM

Lesson One Labs

Lab 1.1

Relate the following networking descriptions to their correct OSI layer.

1

Bits

Where communications begin

End-to-end transmission

CSMA/CD

Compression

Logical address

Signals

Request for network services

Duplex

CRC

LLC

Frames

Encoding

NIC software functions

Synchronization

Voltage

Services to applications

Internetwork travel

SQL

Data segmentation

Connectionless service

Datagram

Cable

Best path selection

MAC address


5 of 42 10/3/2010 1:47 PM

Formatting

ACK

Hubs

ASCII

Encryption

MTU


6 of 42 10/3/2010 1:47 PM

Lab 1.2

Match the descriptions below to their correct step numbers of the data encapsulation process.

• Conversion to standard data format

• Encoding

• Frame

• Datagram

• Maximum transmission units

• Logical address

• Bit transmission

• Upper layers

• IP header

• Trailer

• Segments

• Packet creation

• Pulses

• Physical address

Step # Event Descriptions

1 data conversion

2 segmentation header added

3packet creation with

network header

4frame header and trailer

for network link

5 bit transmission


7 of 42 10/3/2010 1:47 PM

Lab 1.3

1. Run the command ipconfig /all at the DOS prompt, and answer the following questions:

a. What type of NIC is in the computer?

b. What is the MAC (adapter) address?

c. Which part of the MAC address is the OUI?

d. Which part of the MAC address is the serial number?

e. What is the IP address?

f. What is the subnet mask?

g. What is the default gateway?

2. Open a Web browser and go to http://standards.ieee.org/regauth/oui.

a. In the OUI Search for “Cisco.”

b. What is one of the six-digit OUI codes for Cisco?

c. Search for “3COM.”

d. What is one of the six-digit OUI codes for 3COM?

Lab 1.4

Match the terms in the left column to their correct Transport method, either connection or connectionless:

Description

Transport Method

(connection or connectionless)

ACK

Unreliable

U.S.P.S. mail is an example

Reliable

Datagram

Return receipt for mail is an example

Session


8 of 42 10/3/2010 1:47 PM

Chapter 1 Solutions

Review Questions

1. Which of the following best describes the Presentation layer?

a. Establishes, maintains, and manages sessions between applications

b. Translates, encrypts, or prepares data from the Application layer for network transmission

c. Handles routing information for data packets

d. Provides the electrical and mechanical transmission of data

e. Handles link control and uses the MAC address on the network interface card (NIC)

2. Which of the following best describes the Network layer?

a. Handles routing information for data packets

b. Provides the electrical and mechanical transmission of data

c. Handles link control and uses the MAC address on the NIC

d. Establishes, maintains, and manages sessions between applications

e. Translates, encrypts, or prepares data from the Application layer for network transmission

3. Which of the following best describes the Session layer?

a. Translates, encrypts, or prepares data from the Application layer for network transmission

b. Handles routing information for data packets

c. Provides the electrical and mechanical transmission of data

d. Handles link control and uses the MAC address on the NIC

e. Establishes, maintains, and manages sessions between applications

4. Which of the following best describes the Transport layer?

a. Provides the electrical and mechanical transmission of data

b. Handles link control and uses the MAC address on the NIC

c. Establishes, maintains, and manages sessions between applications

d. Segments and reassembles data and provides either connection-oriented or connectionless communications

e. Translates, encrypts, or prepares data from the Application layer for network transmission

5. Which of the following best describes the Data Link layer?

a. Provides the electrical and mechanical transmission of data

b. Handles link control and uses the MAC address on the NIC

c. Establishes, maintains, and manages sessions between applications

d. Translates, encrypts, or prepares data from the Application layer for network transmission

e. Handles routing information for data packets

6. Which of the following best describes the Physical layer?


b. Translates, encrypts, or prepares data from the Application layer for network transmission

c. Provides the electrical and mechanical transmission of data

d. Handles link control and uses the MAC address on the NIC

e. Provides network services to the user

7. Which of the following best describes the Application layer?


b. Translates, encrypts, or prepares data for network transmission

c. Provides network services to the user

d. Handles routing information for data packets

e. Provides the electrical and mechanical transmission of data


9 of 42 10/3/2010 1:47 PM

8. Which of the following accurately describe the Media Access Control (MAC) address? (Choose all that apply.)

a. It is a physical number set during the manufacturing process.

b. This address is a layer in a network segment.

c. MAC addresses contain 12 hexadecimal numbers.

d. Computers use this address to uniquely identify themselves on the network.

e. An IP address is one example of this type of address.

9. Which of the following accurately describe the network address? (Choose all that apply.)

a. It is a physical number set during the manufacturing process.

b. This address is used when routing communications between different network segments.

c. The Data Link layer uses this address.

d. This address is set at layer 3 of the OSI model.

e. An example of this type of address is an IP address.

10. Connection-oriented services are also known as __________ services.

a. reliable

b. unreliable

c. datagram

11. Connectionless services are also called __________ services.

a. reliable

b. acknowledgment

c. unreliable

12. Which of the following services receive an acknowledgment from the destination? (Choose all that apply.)

a. Datagram

b. Reliable

c. Connection-oriented

d. Connectionless

e. Unreliable

13. Place the following steps of data encapsulation in their correct descending order:

a. Frame headers and trailers added

b. Segment header added

c. Bit transmission

d. Packet creation and network header

e. Data conversion

The correct order is e, b, d, a, c.

14. Which of the following correctly defines a WAN?

a. A network contained within a single geographic location and usually connected by a privately maintained medium

b. A network spread over multiple geographic areas and usually connected by publicly and privately maintained media

c. A network spread over a single metropolitan area

15. Which of the following best describes a LAN?

a. A network that is contained in a single geographic area such as a building or floor in a building

b. A countywide network that spans multiple geographic locations

c. A large network that is connected by both publicly and privately maintained cabling spread over multiple geographic regions


10 of 42 10/3/2010 1:47 PM

16. Which of the following reasons for providing a layered OSI architecture are correct? (Choose all that apply.)

a. To provide design modularity, which allows upgrades to a specific layer to remain separate from the other layers

b. To simplify the networking model by dividing it into 14 layers and 12 sublayers

c. To discourage interoperability between disparate networking models

d. To enable programmers to specialize in a particular layer

e. To allow for standardized interfaces from networking vendors

17. On a network, computers must use a common ___________ in order for communication to occur.

a. protocol

b. operating system

c. manufacturer

d. hardware platform

18. Before networks, what did people use to transfer files?

a. Sneakernet

b. Protocols

c. Interface cards

d. Ethernet

19. A protocol is to a computer as a(n) ___________ is to a person.

a. identity

b. personality

c. language

d. personal philosophy

20. Which of the following are network hardware? (Choose all that apply.)

a. NIC

b. NOS

c. LLC

d. Network media

e. Connectors

21. Which of the following are network software? (Choose all that apply.)

a. Components that map to the Application layer of the OSI model

b. NIC

c. NOS

d. Media connectors

22. All networking vendors follow the OSI model and design seven-layer architectures. True or False?

23. Communications on a network originate at the _____________.

a. destination

b. breaker

c. peak

d. source

24. Transmitted signals are bound for a _____________ computer.

a. destination

b. breaker

c. peak

d. source


11 of 42 10/3/2010 1:47 PM

25. Information transmitted on a network is called a(n) _____________.

a. package

b. expresser

c. data destination

d. data packet

e. E-pack

26. Which of the following are layers of the OSI model? (Choose all that apply.)

a. OSI

b. Physical

c. IEEE

d. Data Link

27. Which layer of the OSI model is responsible for media access and packaging data into frames?

a. Network layer

b. Physical layer

c. Data Link layer

d. Transport layer

28. At which layer of the OSI model will encryption and compression occur?

a. Presentation layer

b. Session layer

c. Application layer

d. Network layer

29. Which of the following lists the layers of the OSI model from layer 7 to layer 1?

a. Application, Session, Transport, Network, Presentation, Data Link, Physical

b. Physical, Data Link, Network, Transport, Session, Presentation, Application

c. Application, Presentation, Session, Transport, Network, Data Link, Physical

d. Presentation, Application, Session, Network, Transport, Data Link, Physical

30. The __________ layer is responsible for finding the best path to route packets within an internetwork.

a. Transport

b. Network

c. Session

d. Data Link

Case Projects

Case Project 1

Moe may not realize that without using the OSI reference model as a discussion tool, he probably could not have learned enough

about protocols to pass the Network+ exam. Learning about network operation without this frame of reference would be nearly

impossible. Also, this knowledge often helps in troubleshooting the network. If something goes wrong on the network,

understanding the layer at which the nonfunctioning element is associated can help you solve the problem.

Case Project 2

Although data encapsulation is often described in terms of the application, transport, network, data link, and physical layers, it can

actually occur at all layers. Encapsulation is the process of wrapping the header information from the higher layer with the header

of the next-lower layer. The five steps of data encapsulation are:

i) data conversion at the upper layers (5,6,7)

ii) segmentation at layer 4

iii) packet creation at layer 3

iv) frame encapsulates packet at layer 2

v) bit transmission at layer 1

Case Project 3

The data link layer controls access to the physical media, however, it is not part of the physical layer. This is especially confusing

since the MAC address is also known as the hardware or physical address. The MAC address is called the hardware or physical

address because it is burned onto the NIC and cannot be changed. The only way to change the MAC address of a device is to

change the NIC card in the device. The MAC address is more specifically operating at the MAC sublayer of the data link layer.

There is also the logical link control (LLC) sublayer in the data link layer. The LLC is concerned with the linking function between

the lower layers and upper layer protocols.

Case Project 4

From 1 to 7: "Please do not throw sausage pizza away."

From 7 to 1: "All people seem to need data processing."

Physical: encoding, bit transmission, signal


12 of 42 10/3/2010 1:47 PM

Data Link: frame, MAC address, access method

Network: packet, routing, best path

Transport: segmentation, connection-oriented vs. connectionless, error-free delivery

Session: synchronization, half-duplex/full duplex, communications setup and teardown

Presentation: formatting, compression, encryption

Application: user/application services, communications origination, FTP/Telnet

Case Project 5

Students could draw two OSI models side by side. An arrow could come down from the top of the first model (source) to the

physical layer and then back up the second model (destination) to the application layer. In some way it could be illustrated that the

data "grows" as it is encapsulated with information with each successive layer as it goes down the first stack. Then, the headers

are stripped off one by one as the data travels up the second (destination) stack until it reaches the user on top of the second

model.


13 of 42 10/3/2010 1:47 PM

CCNA Test Prep Course – Lesson Two


[email protected]


Lesson Two Review

o Counting in binary, decimal and hexadecimal

o Brief review of lesson one

o draw a simple network of two computers and review the OSI model

o when you get to the bottom two layers explain Ethernet and CSMA/CD

o Ethernet

· standardized into IEEE's 802.3

· frame-based

· for local area networks (LANs)

· peers on a network, captive inside a common wire or channel

· a globally unique 48-bit MAC address factory-assigned to the network interface card

· uses a scheme known as carrier sense multiple access with collision detection (CSMA/CD)

o CSMA/CD

· all communication happens on the same wire

· any information sent by one computer is received by all

· computers therefore must continually filter out information that is not intended for them

· collisions happen

· CSMA/CD governs the way the computers share the channel

o the “media” is the wire

o “media access” means “accessing the wire”

o the “carrier” is the device doing the transmitting

o “carrier sense” means the device senses (by “listening”) whether or not it’s okay to transmit on the

wire; e.g., if the wire is idle it’s okay to start transmitting

o “collision detection” means the device tries to avoid collisions by listening before transmitting

· “one speaks, all listen”

o e.g., when Brad starts transmitting, everyone on the wire “hears” Brad’s message

o if Brad’s message has Josh’s MAC address in it, then Josh responds appropriately

o everyone else discards Brads packets

o Weaknesses of CSMA/CD and Ethernet

· the "one speaks, all listen" property is a security weakness

o network sniffers

· bandwidth is shared

o Network Segmentation

o CSMA/CD listens before transmitting packets

o crashes still occur, destroying both packets

o segmentation separates larger networks into smaller ones via bridges, switches, or routers

o Collision Domain

· where data packets can "collide"


14 of 42 10/3/2010 1:47 PM

o Broadcast Domain

o where any computer on a network, captive inside a common wire or channel, can directly transmit to any

other in the domain without having to go through a routing device

o Network devices

o Repeaters

§ used to increase the distance of a network

§ work at the Physical layer of the OSI model

§ some repeaters can connect different network architectures, e.g., twisted pair and coaxial, or Token Ring and

Ethernet

§ work against attenuation (degradation) by cleaning and repeating signals

§ do not reduce network traffic (collisions)

§ do not segment the network

· network segmentation = isolating hosts onto smaller segments to reduce collisions

o

Hubs

§ link different stations on a network

§ operate at the Physical layer of the OSI model

§ generally do not segment the network; if they do they are “intelligent” or “switching” hubs

§ are usually configured in a star topology

§ most Wireless access points are similar to hubs

§ if it boosts the signal it is an active hub (a.k.a. “a multiport repeater”)

§ if it only connects different wires together (no signal regeneration) it is a passive hub

o Bridges

§ forwards or discards traffic based on MAC addresses

§ are similar to repeaters, except bridges read MAC address and make decisions

§ always forward broadcasts; bridges DO NOT block broadcasts

§ Ethernet networks use transparent bridging, which builds a table of MAC addresses

§ Token Ring networks use source-route bridging, in which the source computer determines the best path by

sending out explorer frames

§ translation bridges connect different architectures, such as Ethernet and Token Ring

§ bridges operate at the Data Link layer of the OSI model

o Switches

§ open a virtual circuit between the source and the destination

§ reduce the number of frames transmitted to the rest of a network

§ map MAC addresses to switch ports

§ switches DO NOT block broadcasts

§ operate at the Data Link layer of the OSI model

o Routers

§ operate at the Network layer of the OSI model

§ provide filtering and traffic control on LANs and WANs


15 of 42 10/3/2010 1:47 PM

§ use logical addresses for routing decisions

§ use routing tables

§ create more networks; every interface on a router represents a different network

§ create collision and broadcast domains

§ can connect different network architectures, such as Ethernet and Token Ring

o Brouters

§ a hybrid device that functions both as a bridge for non-routable protocols (e.g., NetBEUI) and as a router for

routable protocols

§ operate at both the Data Link and Network layers

o Gateways

§ used to translate between different protocols

§ packets are rebuilt, thus create the most latency

§ e.g., “Services for Macintosh” installed on a W2K Server

§ usually operate at layer 4 and above in the OSI model

References

o See LAN and WAN devices at http://www.timdavidson.com.

o See 5-4-3 rule at http://www.timdavidson.com.


16 of 42 10/3/2010 1:47 PM

Lesson Two Labs

Lab 2.1

Design and assemble a network using all available networking equipment.

Lab 2.1b - optional

Create a patch cable using UTP.

Create a crossover cable using UTP.

Create a T1 cable using UTP.

Create a T1 crossover cable using UTP.

Create a console cable using UTP.

(Refer to CAT5 pin-out diagram instructions at http://www.timdavidson.com)


17 of 42 10/3/2010 1:47 PM

Lab 2.2

Fill in the Device(s) colum with the device being described. Choose repeater, hub, bridge, switch, brouter, router, or gateway.

Characteristics Device(s)

Operates at upper layers to translate between different

protocol suites

Filters traffic based on MAC address

Introduces the most latency on a network

Boosts the signal, but does not segment the network

Operates differently depending on whether nonroutable or

routable protocols are in use

Creates broadcast domains

Creates a virtual circuit between sender and receiver

Forwards broadcast traffic

Filters traffic based on logical address

Associated with the term "microsegmentation'

Creates subnetworks

Connects computers in a physical star and uses "shared

bandwidth"

Creates collision domains

Operates at layer 1 of the OS! model



Lab 2.3


18 of 42 10/3/2010 1:47 PM

1. Complete the bridging table in Figure 2-2 by filling in the columns in the table.


19 of 42 10/3/2010 1:47 PM

Lab 2.3 (Continued)

2. Complete the switching table in Figure 2-3 by filling in the columns in the table.


20 of 42 10/3/2010 1:47 PM

Chapter 2 Solutions

Review Questions

1. Routers operate at which layer of the OSI model?

a. Data Link

b. Presentation

c. Session

d. Network

2. Bridges operate at which layer of the OSI model?

a. Network

b. Data Link

c. Session

d. Transport

3. Bridges provide which of the following benefits? (Choose all that apply.)

a. Reduced network traffic

b. Reduced broadcast traffic

c. Minimized collisions

d. Faster response time than repeaters

4. Which of the following is an appropriate description of a broadcast storm?

a. Noise on the network

b. A large amount of traffic that passes directly through routers

c. An electrical condition caused by the sun

d. An error condition in which many broadcasts are sent simultaneously across the entire network

5. Which of the following best describes a network segment?

a. A section of the network that has been separated from other segments by a router, bridge, or switch

b. A piece of broken twisted-pair cable

c. A piece of broken coaxial cable

d. A portion of the network that has been isolated with a repeater

6. A router that has eight ports will require how many IP addresses?

a. Four

b. Six

c. Eight

d. Nine

e. Ten

7. If a bridge receives a frame that has a destination MAC address located on the same segment from which it came, what will

happen to the frame at the bridge?

a. It will be forwarded.

b. It will be dropped.

c. The source signal will be repeated on all segments.

d. The destination address will be repeated on all segments.


21 of 42 10/3/2010 1:47 PM

8. Which of the following is not true about bridges?

a. Bridges do not forward broadcast traffic.

b. Bridges segment the network.

c. Bridges reduce the likelihood of a collision.

d. Bridges operate at the Data Link layer.

9. Which of the following is not true about routers?

a. Routers operate at the Network layer.

b. Routers segment the network.

c. Routers reduce broadcast traffic.

d. Routers are faster than repeaters.

10. Which of the following is not true about switches?

a. Switches operate at the Data Link layer.

b. Switches create virtual network segments.

c. Switches do not segment the network.

d. Switches create private connections between two points.

11. Which type of addresses do routers use?

a. Logical

b. Physical

c. MAC

d. Data Link

12. A __________ can reduce broadcast traffic.

a. bridge

b. router

c. repeater

d. connector

13. Which of the following is the correct name for a device that operates at both the Data Link and Network layers of the OSI

reference model?

a. Router

b. Bridge

c. Switch

d. Brouter

e. Hub

14. When two stations broadcast at the same time on a single segment of an Ethernet network, what happens?

a. Contention

b. Crash

c. Collision

d. Interruption

15. Which type of addresses do bridges use?

a. Logical

b. Physical

c. IP

d. TCP

16. When must you change the IP address of a given host on a network segmented with routers?

a. When that computer is moved to a different segment on the network

b. When the network card is replaced

c. When the router is replaced

d. When a bridge is replaced


22 of 42 10/3/2010 1:47 PM

17. Which of the following OSI layers contains media access control information?

a. Physical

b. Data Link

c. Transport

d. Presentation

e. Session

f. Network

18. A switch divides network communications at which layer of the OSI model?

a. Presentation

b. Network

c. Transport

d. Data Link

19. Which of the following devices translates between different protocols?

a. Bridge

b. Switch

c. Router

d. Gateway

20. Rank the following devices from lowest to highest latency.

a. Hub

b. Switch

c. Gateway

d. Router

The correct ranking order is a, b, d, c.

21. Typically, which is the best device for increasing performance on your LAN?

a. Hub

b. Bridge

c. Switch

d. Router

22. What kind of bridges do Ethernet networks use?

a. Translation

b. Source-routing

c. Transparent

d. Brooklyn

23. What kind of bridges will connect an Ethernet network to a Token Ring network?

a. Translation

b. Source-routing

c. Transparent

d. Brooklyn

24. Why don’t repeaters and hubs segment the network?

a. They only work at the Physical layer where there is nothing to filter.

b. They are not considered devices.

c. They operate at the Network layer where segmentation can’t occur.

d. They do segment the network.


23 of 42 10/3/2010 1:47 PM

25. Another name for IP address is ___________ address, and another name for a MAC address is ___________ address.

a. Ethernet, logical

b. physical, Ethernet

c. logical, physical

d. NIC, software

26. What device provides functions similar to a hub in wireless networks?

a. Wireless local area network

b. Optical repeater

c. Virtual local area network

d. Wireless access point

Case Projects

Case Project 1

Routers increase performance on a network by segmenting large networks into smaller networks. Routers keep traffic not meant

for a segment off of that segment and routers do not forward broadcast traffic. Thus, routers minimize collisions and broadcast

traffic. Routers are best used on large networks using routable protocols such as TCP/IP and IPX/SPX. Routers should not be

used to increase network performance on relatively small networks and/or networks using nonroutable protocols such as NetBEUI.

Case Project 2

A bridge or a switch is more appropriate for relatively small networks such as Sampson's. Also, a router will not work with

nonroutable protocols, which apparently Sampson is using. Jennifer is correct.

Case Project 3

A brouter can operate at the Data Link layer like a bridge and the Network layer like a router. When a brouter receives packets

based on a nonroutable protocol such as NetBEUI, the brouter makes forwarding decisions based on the MAC address (layer 2).

When a brouter receives packets based on a routable protocol such as TCP/IP, the brouter makes forwarding decisions based on

the logical address (layer 3).

Case Project 4

Lisa is partially correct. An active hub repeats the signal and is often called a multiport repeater. Moe, however, is technically

correct. A passive hub would not be considered a repeater. Other more sophisticated hubs perform advanced functions not

performed by repeaters. Also, although many other devices boost the network signal and are therefore performing the function that

repeaters do these other devices do many more things and can't be considered repeaters.

Case Project 5

Repeaters do not segment the network. They have nothing to filter on because they only work at the physical layer. Bridges do

segment the network at layer 2 based on MAC addresses. They create collision domains. Routers also segment the network. They

segment at layer 3 based on logical addresses such as IP addresses. Routers create collision domains and also broadcast

domains because they do not forward broadcasts like bridges.

22


24 of 42 10/3/2010 1:47 PM

CCNA Test Prep Course – Lesson Three


[email protected]


Lesson Three

o TCP/IP suite for data transportation, management, and diagnostic capabilities

o Defense Advanced Research Projects Agency (DARPA)

o later, its network, ARPANET, was turned over to the public, especially universities

o TCP/IP maps to a four-layer network model

o Application

o Transport

o Internetwork

o Network Interface

o These TCP/IP layers map to equivalent functions in the OSI reference model

o Application layer = OSI’s Application, Presentation, and Session layers

o Transport layer = OSI’s Transport layer

o Internetwork layer = OSI’s Network layer

o Network Interface = OSI’s Data Link and Physical layers

o Application Layer

o Transport Layer

o UDP

§ unreliable

§ connectionless

§ no guarantees on delivery

§ uses port numbers 1 to 65,535

o TCP

§ reliable

§ connection-oriented

§ guarantees packet delivery

§ three-way handshake

· SYN

· ACK

· ACK

§ flow control

· sliding window

o controls the flow and number of acknowledgments

o the sender controls the window size

· buffering

· congestion avoidance – “hey, you! slow down”


25 of 42 10/3/2010 1:47 PM

§ uses port numbers 1 to 65,535

§ ports with numbers 1023 and under are Well Known Port numbers

· TCP port 20 – FTP data transfer

· TCP port 21 – FTP control port

· TCP port 23 – Telnet

· TCP port 25 – SMTP

· TCP & UDP port 53 – DNS

· TCP port 80 – HTTP Web service

· TCP & UDP port 123 – NTP (time)

· TCP port 110 – POP3

· UDP port 69 TFTP

· UDP port 161 – SNMP

o Example of port communication using FTP

1. the client allocates two TCP ports above 1024

2. it uses the first port to open a command channel to the ftp server on port 21

3. it tells the server the number of its second port

4. the server opens a data channel to the client from tcp port 20 to the specified port

Server Client

TCP 21 (command) <-----"PORT 5151"------------ TCP 5150

TCP 21 (command) --------"OK"-----------------> TCP 5150

TCP 20 (data) -------"Data Channel"-------------> TCP 5151

TCP 20 (data) <------"TCP Ack"------------------ TCP 5151

o Internetwork layer

o provides the IP addresses

o routing tables can be created manually and dynamically

§ static routing tables

o dynamic updates are provided through routing protocols

o IP Discovery Process (including ARP)

o ICMP, “ping” & “trace”

o ARP – resolves IP to MAC

§ use the ARP command on a PC

o RARP – resolves MAC to IP

o Both IP and MAC addresses are required to send data

1.


26 of 42 10/3/2010 1:47 PM

Basic Ethernet and Routing principles

a. Ethernet is a LAN protocol and uses source and destination MAC addresses

· Ethernet can communicate with the following devices:

1. hubs

2. repeaters

3. bridges

4. switches (virtual circuits)

5. routers

· Ethernet exists within collision domains and broadcast domains

b. How are hosts identified?

· How are people identified?

1. by name

2. by social security number

3. by drivers license number

· How are hosts identified?

1. by host names

2. by MAC addresses

3. by IP addresses

c. What if I don’t know a host’s MAC or IP address?

· DNS resolves hostnames to IP addresses

· ARP resolves IP addresses to MAC addresses

· RARP resolves MAC addresses to IP addresses

d. Cache tables

· for speed

· on Windows PC: arp –a

e. What if the destination host is not on the LAN?

· the frame is sent to the “default gateway’s” MAC address

1. the computer checks its ARP cache for the default gateway’s MAC address

2. if the MAC address isn’t cached it runs ARP using the default gateway’s IP address

· the router attempts to locate the destination MAC address on each of its interface networks

1. the router checks its ARP cache for the destination MAC address on each interface

2. if the MAC address isn’t cached it runs ARP on each segment

3. if the MAC address doesn’t exist on any of its segments the router consults its routing table and

forwards the packet to the next appropriate router

a. routers look at destination IP Addresses for routing

2. IP Addresses

a. Organizations

· IANA – Internet Assigned Numbers Authority – http://www.iana.org

· ICANN – Internet Corporation for Assigned Names and Numbers


27 of 42 10/3/2010 1:47 PM

· ARIN – American Registry of Internet Numbers

b. Dotted decimal, e.g., 201.252.203.107

Four binary octets, e.g.,

Hexadecimal, e.g., C9.FC.CB.6B

3. An IP Address can be:

a. a network ß explain this! (IP Address of router interface) (ends in all zeros)

b. a host

c. a directed broadcast ß explain this! (ends in all ones)

4. Two important IP address rules

· you may not have all zeros in either the network or host address

1. e.g., network 00000000 is not allowed

2. e.g., host 00000000 is not allowed

· you may not have all ones in either the network or host address

1. e.g., network 11111111 is not allowed

2. e.g., host 11111111 is not allowed

5. Default Classes of IP Addresses

a. Class A

· 1st octet begins with 0 (zero)

1. e.g.,

2. possible Class A subnet addresses

Note: Why 126 ( ) and not 127 ( )? Because IANA reserved network 127.x.x.x as the loopback address

for diagnostic purposes. Pinging 127.x.x.x is like pinging your own local device.

3. possible Class A host addresses

b.


28 of 42 10/3/2010 1:47 PM

Class B

· 1st octet begins with 10 (one zero)

1. e.g.,

2. possible Class B subnet addresses

3. possible Class B host addresses

c. Class C

· 1st octet begins with 110 (one one zero)

1. e.g.,

2. possible Class C subnet addresses

3. possible Class C host addresses

6. Private IP Addresses

§ 10.x.x.x

§ 172.16.x.x – 172.31.x.x

§ 192.168.x.x

7. Subnet mask defines the network

a. e.g., 10.252.30.50 could be

· network 10 (10.0.0.0) and host 252.30.50 (10.252.30.50)

· network 10.252 (10.252.0.0) and host 30.50 (10.252.30.50)

· network 10.252.30 (10.252.30.0) and host .50 (10.252.30.50)

· or many other possibilities

b. a subnet mask consists of a series of 1 bits that define the network, followed by 0 bits that define the host

· e.g., if IP address = 10.252.30.50


29 of 42 10/3/2010 1:47 PM

ß

ß

The subnet mask above tells us that the first 16 bits of the IP address, 10.252, is the network, and the last 16 bits

of the IP address, 30.50, is the host address.

· e.g., if IP address = 10.252.30.50

ß

ß

The subnet mask above tells us that the first 24 bits of the IP address, 10.252.30, is the network, and the last 8

bits of the IP address, .50, is the host address.

8. “Classful” IP Addresses

a. classful IP addresses rely on default subnet masks:

· default Class A subnet mask:

· default Class B subnet mask:

· default Class C subnet mask:

9.


30 of 42 10/3/2010 1:47 PM

“Classless” IP Addresses (e.g., CIDR – Classless Inter-Domain Routing)

a. classless IP addressing is not restricted to a default mask and use arbitrary numbers of bits to define the network

portion of the address

b. CIDR uses /# to indicate how many bits are in the network address

10. Bitwise-ANDing: “AND” the IP address and subnet mask

a. routers use bitwise-ANDing to determine if hosts are on the same or different networks

b. ANDing depends on the subnet mask and use the following rules:

· 0 + 0 = 0

· 0 + 1 = 0

· 1 + 0 = 0

· 1 + 1 = 1


31 of 42 10/3/2010 1:47 PM

Example 1

Determine if 64.168.1.224 and 64.168.1.1 are on the same network if subnet mask = 255.255.255.0.

§ 1st ip address =

§ netmask =

§ AND result =

§ Network = 64.168.1.0

§ 2nd

ip address =

§ netmask =

§ AND result =

§ Network = 64.168.1.0

The two network numbers match, so these two hosts are on the same network.

The above process seems simple and straight-forward when using “default’ masks. However, it becomes trickier

when using a non-default mask.

c. Example 2

Determine if 64.168.1.224 and 64.168.1.1 are on the same network if subnet mask = 255.255.255.192.

§ ip address =

§ netmask =

§ AND result =

§ Network = 64.168.1.192

§ 2nd

ip address =

§ netmask =

§ AND result =

§ Network = 64.168.1.0

The two network numbers do not match, so these two hosts are on different networks.

11.


32 of 42 10/3/2010 1:47 PM

Counting networks and hosts

à Suppose you have the following subnet mask:

o remember, the ones represent the network and the zeros represent the hosts. Notice that there is only one

network bit:

o theoretically, how many subnets can be created with 1 bit? Answer: 2

o what will the two subnet addresses be? Answer: 0 and 1

à Suppose you had two network bits:

o theoretically, how many subnets can you have with 2 bit? Answer: 4

o what will the 4 subnet addresses be? Answer: 00, 01, 10 and 11.

à Suppose you had three network bits:


o what will the 8 subnet addresses be? Answer:

32

000

001

010

011

100

101

110

111

à Suppose you had four network bits:


o what will the 8 subnet addresses be? Answer:

0000

0001

0010

0011

0100

0101

0110

0111

1000

etc.


33 of 42 10/3/2010 1:47 PM

à 5 bits allows 32 subnets





à etc.

à 16 bits allows 65,536 subnets

à 24 bits allows 16,777,216 subnets

à etc.

You can either commit these numbers to memory, or you can learn a simple formula for counting networks:

TTTN = “Two To The N”

· aka “2 to the power of n”

· aka “2^n

· used to calculate how many subnets are available

“N” = the number of network bits in the subnet mask

e.g., given any IP address with mask: 11111111.00000000.00000000.00000000

TTTN = 28 = 256 networks

Microsoft’s Scientific Calculator

12.


34 of 42 10/3/2010 1:47 PM

Subnetting Theory

a. Subnetting is the act of taking a single network and dividing it into 2 or more subnets.

b. Suppose ARIN gives you a single class C network of 200.200.200.0 /24

· Your network is 200.200.200.0 /24

· Your hosts are 200.200.200.1 /24 through 200.200.200.254 /24

c. Suppose you don’t need that many hosts but you need more networks

d. You can change the default mask from /24 to /26 (or other numbers)

e. remember that adding two network bits gives four additional subnets

note that while we added two more network bits, we also lost two host bitsf.

· instead of 28 -2 hosts, we now have 26

-2 hosts

13. Subnetting a Class C

Let’s run through the steps from the example above.

à ARIN has given you a single class C network of 200.200.200.0 /24

à You need four subnets

a. The first step is to determine how many subnets are needed. For this example we want 4 subnets.

b. Next, determine how many bits to borrow from the host portion of the address.

c. Use TTTN to discover that 2 bits are needed to create four subnets

d. Apply the two bits to the subnet mask.

subnet mask was:

new subnet mask is:

e.


35 of 42 10/3/2010 1:47 PM

This creates the following networks:

11001000.11001000.11001000.00000000 = 200.200.200.0

11001000.11001000.11001000.01000000 = 200.200.200.64

11001000.11001000.11001000.10000000 = 200.200.200.128

11001000.11001000.11001000.11000000 = 200.200.200.192

To determine the available host addresses for our first subnet (200.200.200.0) we fill in the host bits:1.

11001000.11001000.11001000.00000000 = 200.200.200.0 ß the subnet

11001000.11001000.11001000.00000001 = 200.200.200.1 ß 1st available host address

11001000.11001000.11001000.00000010 = 200.200.200.2 ß 2nd

available host address

11001000.11001000.11001000.00000011 = 200.200.200.3 etc.

…

11001000.11001000.11001000.00111110 = 200.200.200.62 ß last available address

11001000.11001000.11001000.00111111 = 200.200.200.63 ß broadcast address

To determine the available host addresses for our second subnet (200.200.200.64) we fill in the host bits:2.

11001000.11001000.11001000.01000000 = 200.200.200.64 ß the subnet


11001000.11001000.11001000.01000010 = 200.200.200.66 ß 2nd


11001000.11001000.11001000.01000100 = 200.200.200.68 etc.

…



To determine the available host addresses for our third subnet (200.200.200.128) we fill in the host bits:3.

11001000.11001000.11001000.10000000 = 200.200.200.128 ß the subnet


11001000.11001000.11001000.10000010 = 200.200.200.130 ß 2nd


11001000.11001000.11001000.10000011 = 200.200.200.131 etc.

…



4.


36 of 42 10/3/2010 1:47 PM

To determine the available host addresses for our last subnet (200.200.200.192) we fill in the host bits:

11001000.11001000.11001000.11000000 = 200.200.200.192 ß the subnet


11001000.11001000.11001000.11000010 = 200.200.200.194 ß 2nd


11001000.11001000.11001000.11000011 = 200.200.200.195 etc.

…



14. VLSM (variable length subnet mask)

a. supported by advanced routing protocols such as RIP version 2, OSPF, and EIGRP

b. RIP version 1 and IGRP do not support VLSM

15. 128 bit IPv6 is the latest version of IP addressing and is expressed in hexadecimal


37 of 42 10/3/2010 1:47 PM

Lesson Three Labs

Lab 3.1

Design and assemble a network using all available networking equipment.


38 of 42 10/3/2010 1:47 PM

Chapter 3 Solutions

Review Questions

1. Which of the following is a reliable communications protocol?

a. UDP

b. TCP

c. IP

d. ICMP

2. Which of the following is used by the TFTP protocol?

a. UDP

b. TCP

c. ICMP

d. Telnet

3. Which of the following is a layer in the TCP/IP protocol stack? (Choose all that apply.)

a. Application

b. Presentation

c. Physical

d. Data Link

e. Internetwork

4. Which of the following is a TCP/IP Application layer protocol? (Choose all that apply.)

a. DNS

b. FTP

c. UDP

d. IP

e. ICMP

5. Which of the following is a TCP/IP Internetwork layer protocol? (Choose all that apply.)

a. ICMP

b. FTP

c. DNS

d. ARP

e. IP

6. Which of the following is a TCP/IP Transport layer protocol? (Choose all that apply.)

a. ARP

b. RARP

c. IP

d. UDP

e. TCP

7. If your Class C address has a three-bit subnet mask, which of the following would be a subnetwork identifier?

a. 203.16.34.33

b. 203.16.34.135

c. 203.16.34.32

d. 203.16.34.240

8. Which of the following would be a broadcast address for a Class C network?

a. 190.15.23.255

b. 190.42.25.255

c. 221.21.23.255

d. 129.21.15.255

9. Which of the following Class C IP addresses is a broadcast (assuming the subnet mask is 255.255.255.224)?

a. 219.129.32.5

b. 219.129.32.63

c. 219.129.32.97

d. 219.129.32.161

10. For a Class B broadcast, which octets will be completely binary ones?

a. 2nd

b. 2nd and 3rd

c. 1st and 2nd

d. 3rd and 4th


39 of 42 10/3/2010 1:47 PM

11. Which of the following is a Class A broadcast?

a. 11.255.255.255

b. 127.75.255.255

c. 193.255.255.255

d. 14.25.255.255

12. What is the purpose of the reserved numbers in a Class D address?

a. Unicast

b. Experimental

c. Broadcast

d. Multicast

13. What is the purpose of the reserved numbers in a Class E address?

a. Unicast

b. Broadcast

c. Multicast

d. Experimental

14. In a Class C address, which octets identify the network?

a. All of them

b. The first octet only

c. The first and second octet

d. The last octet

e. The first three octets

15. Class B addresses allow you to configure how many octets on your network for host IP addresses?

a. One

b. Two

c. Three

d. Four

16. Which of the following are valid network identifiers for Class A addresses?

a. 1-127

b. 1-126

c. 192-223

d. 224-240

e. 128-191

17. What would the value of the first octet of the subnet mask be if the CIDR notation for an address is 192.168.1.16/27?

a. 224

b. 254

c. 255

d. 265

18. What would the value of the last octet of the subnet mask be if the CIDR notation for an address is 192.168.1.16/28?

a. 192

b. 224

c. 240

d. 248

e. 252

19. Assuming that the address 165.24.3.6 uses the correct default mask, what is the host identifier?

a. 165.24

b. 24.3.6

c. 3

d. 3.6

20. How many bits (maximum) can be used from the last octet of a Class C address to subnet your network?

a. 2

b. 4

c. 6

d. 8

21. Which of the following address classes allows you to borrow a maximum of 14 bits to create a subnet mask?

a. Class A

b. Class B

c. Class C

d. None of the above

22. A subnet mask of 255.255.252.0 on a Class B network indicates that _______ bits have been borrowed from the host portion


40 of 42 10/3/2010 1:47 PM

to subnet the network.

a. 2

b. 4

c. 6

d. 8

e. 10

23. Given the following CIDR address and mask, which of the following is a broadcast on its subnetwork 162.17.12.125/24?

a. 162.17.15.255

b. 162.17.12.255

c. 162.17.255.255

d. 255.255.255.255

e. None of the above

24. Given the address 190.14.20.255/20, which of the following statements is true?

a. This is a broadcast address.

b. This is a network address.

c. This is a host address.

d. This address is on network 190.14.20.0.

e. This address is on network 190.14.16.0.

25. Given the address 190.14.20.0/22, which of the following statements is true?

a. This is a broadcast address.

b. This is a network address.

c. This is a host address.

d. This address is on network 190.14.20.0.

e. This address is on network 190.14.16.0.

26. The TCP acknowledgment process is ______________.

a. expectational

b. sequential

c. exceptional

d. sesquicentennial

27. Which of the following are NOT ICMP message types?

a. Echo & destination unreachable

b. Source quench & redirect

c. Relay and reroute

d. Parameter problem & information

e. Timestamp & time exceeded

28. How does CIDR conserve IP addresses?

a. By charging more for IP address assignments

b. By allocating IP network numbers on criteria other than traditional bit boundaries

c. By using traditional octet boundary subnet masks

d. By aggregating routes

29. Which of the following routing protocols support VLSM? (Choose all that apply.)

a. RIP version 1

b. IGRP

c. OSPF

d. EIGRP

30. What is the purpose of summarization?

a. To reduce the number of routing table entries

b. To prevent route flapping

c. To conserve IP addresses

d. To reduce the cost of acquiring IP addresses

Case Projects

Case Project 1

IP addresses beginning with the decimal number 10 are part of the private address ranges. These reserved numbers cannot be

used on networks whose IP addresses are seen on the Internet because many people are using these same numbers and all

"seen" IP addresses must be unique. Private addresses are to be used behind a firewall of some type that will hide the private IP

scheme and present different and unique IP addresses to the outside networks. IP addresses beginning with the decimal number

127 can never be assigned in any circumstances because the entire 127.0.0.0 network is used for loopback testing. If you ping

127.0.0.1 (or any valid IP address on that network), a positive reply means your TCP/IP protocol stack is installed and functioning


41 of 42 10/3/2010 1:47 PM

correctly. IP addresses beginning with 223 and above cannot be used because they are part of Class D and E networks which are

reserved for multicasting and experimentation respectively.

Case Project 2

The purpose of sliding windows is to provide flow control at layer 4 between communicating hosts when TCP is the transport

protocol in use. It allows more than one packet to be sent at once to the receiving host. In essence, the source computer lets the

destination computer know how many data packets it is willing to send before it requires an acknowledgement (ACK) that the data

has been received. Large data transfers require large windows; otherwise, there would be a lot of additional network traffic

generated by ACKs for each communication. Smaller networks that send small amounts of data can use smaller windows. Using

large windows with small data transfers can force the sending computer to wait a disproportionate time for an ACK. It may then

retransmit the data, which could result in getting an ACK for both the original, and the retransmitted data. Devices can dynamically

adjust their window size.

Case Project 3

TCP/IP hosts examine frame headers of packets being transmitted on the network and learn which IP addresses are associated

with which MAC addresses. They put these IP to MAC mappings in their ARP table in RAM. If a host wants to send data, it first

must determine if the destination host is on the same network as it is. It does this by ANDING the IP addresses with their

respective subnet masks. Next, the source puts its own IP and the destination's IP in the network layer header. At the data link

layer both the source and destination MAC addresses are required. While the source computer knows its own MAC it may not

know the destination's MAC. It looks in its ARP table for the correct mapping. If it is not there, the source host will send an ARP

request which is a broadcast. All hosts on the local network (plus the router) will accept the broadcast at the data link layer, but

only the host with the matching destination MAC address will answer with an ARP reply, which is a unicast packet. All hosts will

use the ARP request information to update their ARP tables with the source IP and MAC information. Once it gets an ARP reply,

the source host can send a unicast packet with the data correctly addressed to the destination. If the destination is determined not

to be on the same network in the ANDING process, the source will send the packet to the default gateway. It will need an IP and

MAC address for the default gateway and will ARP for the MAC address if necessary. Source hosts do not ARP for the final

destination host if the destination host is determined to be on a different network. This is because broadcasts are not forwarded

through a router and ARP requests are broadcasts.

Case Project 4

Sometimes companies want to use diskless workstations rather than typical PCs that have hard drives in them. Usually, security is

the reason for not using hard drives. Because IP configuration information is stored on hard drives, diskless workstations cannot

retain this configuration information. Since a source host must have both an IP and MAC address to send data on a TCP/IP

network, the diskless workstation must have some way to obtain its IP address. A device on the network can serve as a RARP

server. A RARP server maintains a table with IP to MAC address mappings. When they boot, RARP clients broadcast a RARP

request in order to obtain an IP address. The RARP server sends a RARP reply back to the client with the desired information. A

workstation holds this IP information in RAM and it remains there until the workstation is shut off. Diskless workstations already

know their MAC address because it is physically burned into the NIC card. The DHCP protocol is based on RARP but it is more

sophisticated. RARP servers rely on a table of IP to MAC mappings so the given computer will always receive the same IP

address. DHCP servers have a range of IP addresses they can assign to any host so a given computer may not always receive

the same IP address. Also, DHCP can assign additional configuration parameters besides IP.


42 of 42 10/3/2010 1:47 PM

final prep

Documents