KnowledgeComputers.net has hundreds of used Cisco Routers & Switches ready to be shipped WORLDWIDE!
~~~~Click to Home Page~~~
CCNA 2.0 Study Guide
Brought to you by Knowledge Computers.net
The two most significant things to study on the test are the OSI model
and TCP/IP addressing and subnetting.
If you know both of those very, very well, then you are guaranteed about
50% on the exam. The rest comes from
this sheet.
The last bit of advice is that you didn’t believe me on the importance of knowing the OSI model, learn it backwards, forwards, sideways, and be prepared to answer really nit-picky questions about it.
OSI Model
Application
File,
print, message, database, and applications
Determines
availability of the target host.
www,
email, ftp, telnet, edi, quake
Presentation
Data
Encryption, compression, and translation services
Determines
the syntax of the data transfer.
Pict,
tiff, jpet, midi, mpeg, quicktime, etc
Session
Dialog
control, coordinates the comunications
Nfs, sql, rpc, x windows, asp (appletalk
session protocol), DNA SCP (digital whatzit)
Transport
End-to-end
communication
Responsible for hiding the communications
from the higher layers.
TCP
/ UDP
Network
Routing
IP /
ICMP, BootP, ARP, RARP
Routers
Data Link
Framing
Ethernet II, 802.5 (token ring), 802.3, 802.2
(802.3 with dsap and ssap logical link control fields)
Media access control: MAC: 48 bits, 3 bytes
vendor + 3 bytes serial number
WAN:
High-level datalink control HDLC (cisco
default for serial links)
Synchronous Data Link Control SDLC (uses
polling)
Link Access Procedure, Balanced LAPB
x.25, slip, ppp, isdn, Frame Relay
Bridges / Switches
Physical
Wire…
v.24,
v.35, x.21, g.703, hssi, etc
Repeaters
/ Hubs
DOD Model
Process/application à application,
presentation, session
Host-to-host à transport
Internet à network
Network access à Datalink / physical
LAN
Ethernet
802.3
CSMA/CD | Ethernet_II | 802.2
10base2/thinnet:
185 meters
10base5/thicknet:
500 meters
10baseT: can
run above 10Mbps 200ish meters
5-4-3
rule: 5 segments, 4 repeaters, 3 segments populated
100BaseTX: 100 meters, up to 2 repeaters. Packets between 512 and 1518.
FDDI
100 Mbps
token passing
with dual counter-rotating rings
Token-ring
802.5
4 / 14 Mbps
ATM
53-byte cells
Flow Control
Contention:
CSMA/CD : Carrier Sense Multiple Access, Collision Detect
Token Passing:
Token Ring, Fiddi
Polling: SDLC,
some HDLC, some HP ethernet stuff
SWITCHING
Store – and – forward
Buffers whole
frame before forwarding
Cut-Through
Forward frame
as soon as destination address is available
Fragment Free
Does Cut-Through after 64 bytes are received
to stop collision packets from being forwarded.
802.1d Spanning-Tree
Protocol STP
detect and
eliminates loops in routed network
STA: Spanning
Tree Algorithm
Sends
out BPDUs: Bridge protocol data units
VLAN: Virtual Lans
Create ‘logical’ networks by location, function
or department.. or protocol, or whatever.
Done with a switch using Frame-Tagging (can
be used between switches if you have ISL inter-switch link) Frame-Tagging uses unique user-defined
identifiers while within the switch fabric, and is very scalable.
TCP/IP
Port numbers:
TCP: protocol
number 6
ftp:
21
telnet:
23
smtp:
25
UDP: protocol
number 17
Dns:
53
Tftp:
69
Snmp:
141
0-255: public
assigned
256 – 1023:
assigned to companies
1023+ user
defined / source addresses
IP Addressing:
Class leading bits decimal
range of first byte
A 0 1-127
B 10 128-191
C 110 192-223
Learn the rest of the
stuff…. Way out of scope of this.
NOTE:
Cisco considers the mask to
be the bits beyond what is ‘normal’ for that class address, not the entire
number of bits in the subnet mask, sometimes….
IPX
Protocl Stack:
Application,
presentation, session à RIP, SAP, NCP, NLSP, etc…
Transport à IPX, SPX
Network à IPX
Data link à ODL Open Data Link
Physical à whatever
IPX
Connectionless,
and communicates via sockets
Each host runs
its own internal ipx network in addition to any lan network
Addressing:
10
byte address
first
4 bytes are network – need to be unique, otherwise whatever..
last
6 bytes are node - usually just use the
MAC address
SPX
Sequence Packet
eXchange
Connection
oriented protocol
Creates virtual
circuits, with specific connection IDs
RIP
Routing
information protocol
Distance vector
protocol that establishes routes between ipx networks
Judges based on
ticks (1/18 second units) and hops
Broadcast every
60 seconds
Used to provide
each server with a complete network map
SAP
Service
advertising protocol
Servers use it
to advertise, clients use it to locate services
Broadcast every
60 seconds
NLSP
NetWare Link
Services Protocol
Link-state protcol to replace RIP and SAP someday…
NCP
NetWare Core
Protocol
Provides access
to server resources
Netware in a nutshell
-Strict
client-server model (nobody is both)
-Servers
provide files, printing, messaing, applications, and databases
-Every netware server (or cisco router)
creates a SAP table of all services offered by all servers
-A client issues a GNS (GetNearestServer
request) broadcast to find out what is on the local SAP
Netware frame types Features
802.3
default on NetWare <=3.11
802.2
default on NetWare 3.12+
ethernet_ii supports
tcp/ip and ipx
ethernet_SNAP appletalk,
tcp/ip, and ipx
--- all of these are incompatible… god love’m
Routing Protocols
RIP: Routing Information
Protocol
Distance –
vector routing protocol
Updates every
30 seconds
Route invalid
timer 90 seconds: time before route considered invalid.
Route flush
timer: 240 seconds: route removed from table
Can use metrics
(1-15) to weight against some interfaces
15 hop limit
OSPF: Open Shortest Path First
Link-state
routing
Very
infrequent broadcast updates
Extremely
granular metrics
NLSP: Novell’s Link State Protocol
Link-state
IGRP: Interior Gateway Routing Protocol
(cisco proprietary)
Distance-vector
Metrics
and hop count from 1-255
Measures
delay in units of 10 milliseconds
Measures
bandwidth – on serial connection this needs to be set, default is T1
Measures
reliability as 1-255 (255 optimal):
Measures
load: 0-255 (0 = no-load)
Allows
multi-path routing (dual links of equal bandwidth to 1 location)
Implements
hold-downs, split horizons, and poision reverse updates
Update
timer is 90 seconds, invalid timer is 270 seconds (3 times update)
Hold
down timer is 280 (3 times update +10 seconds)
flush timer is 630 seconds
(7 times update)
administrative distances:
(reliability of information)
0 = direct connection, 1 = static, 100 =
igrp, 110 =ospf, 120 = rip, 255 = unknown
EIGRP: Enhanced IGRP
Hybrid
routing protocol
Uses
distance vectors, however they are triggered by changes, not timers.
Faster
convergence, multiprotocol support
Distance- vector:
Uses
second-hand info
Problems
detecting /closing routing loops (counting to infinity)
Judges ‘best’
based on hop counts
Convergence can
get pretty lengthy
Split horizion:enforces that
inforation is not sent back in direction it came from
Route poisoning: Helps prevent incorrect
updates by setting route down explicitly
Hold-downs: prevents routes from changing too
quickly, to allow time for stabilization
Link-state:
No-second hand
info, and understands entire network
Uses LSP packets to build ‘personal’ copy of
entire network structure to route from
LSP: link-state
packets or “hello packets”
Chooses ‘best’
path based on: bandwidth, congestion, metrics, etc.
Update times
can be set very lengthy as changes cause triggered udpates.
EXTERIOR routing protocols
EGP: Exterior Gateway
Protocol
Polls neighbors
exchanges info about AS with
neighbors
distance vector
very simple
BGP: Border Gateway
Protocol
Can detect
routing loops
Can work
between AS
Other Random Cisco protocols
CDP: Cisco Discovery
Protocol
Runs SNAP:
SubNetwork Access Protocol at the datalink layer.
-
this allows routers running different protocols to still communicate
-
60 second updates, 180 second hold time
Cisco IOS Commands
#show cdp interface
interface
information, encapsulation info, and timing information
#show cdp entry <name or * for all>
shows
detailed information about other routers on network
#show cdp neighbors
shows
summary information that is being exchanged
#show cdp neighbor detail
extended
listing of info for all routers
#show cdp traffic
shows
packets sent / received amount neighbors
WAN:
POTS
Plain Old Telephone Service. (politely is: pstn: public switched
telephone network)
Demarc: end of
responsbility for provider, start for customer
CPE: customer
premise equipment
Local loop:
wire from CO to demarc
CO: Central
Office: provider POP : point of presence
SDLC
Synchronous
Data-Link Control
Used originally
for SNA
Point –to-point
or multipoint
Bounded or
unbounded media, half or full duplex
Circuit or
packet-switched networks
2 node
types. Primay or Secondary (controlled
by primary)
HDLC
High-Level
Data-Link Control protocol
This is the default communication method for
cisco routers of sync links, and is proprietary
This came after SDLC, and was modified into
LAP and LAPB.
HDLC transfer modes:
NRM: Normal Response Mode: secondaries only
speak when spoken to by pri
ARM:
Async Response Mode: sec. can speak on own
ABM:
Async Balanced Mode: nodes can be both pri and sec
LAPB:Link
Access Procedure Balanced: built into x.25
DDR
Dial on demand
Routing
·
be sure and setup route as static, and with specified distance over 200
to make sure it is ‘last resort’
X.25
Point-to-point
communication between DTE and DCE
DTE:
Data Terminal Equipment (router or terminal, or whatever)
DCE:
Data Circuit-Terminating Equipment (csu/dsi or modem)
PSE:
Packet Switching Exchange: switches inside carriers network
Addresses
defined by x.121 as a 14 digit number
DNIC:Data
Network Identified Code is first 4 bits of address
Rest
of address is assigned by the administrator
Full-duplex
protocol
‘overbuilt’
with lots of error checking
Created
SVC or PVC connections (switched or Permanent virtual circuits)
PLP
Packet
layer protocol
x.25’s
network layer protocol
modes:
call setup, data transfer, idle, call clearing, restarting
LAPB
Link
Access Procedure Balanced
Makes
sure frames are error free and sequenced
Types
of frames:
I information sequencing, flow control, error detect, recovery
S supervisory handles requests for, and suspension of transmittion
U unnumbered link setup and disconnections and error reporting
Setting
up X.25 on Cisco
#interface
<interface>
#encap
x25
#x25
address <14 digit number>
to
set the address
#x25
ips <bytes>
to
configure Input Packet Size
#x25
ops <bytes>
to
configure Output Packet Size
#x25
win <integer>
to
configure Window Input Size
#x25
wout <integer>
to
configure Window Output Size
Frame Relay
Shared
Bandwidth
Can setup a CIR
(Committed Information Rate)
Assumed
error-checking is handled at another, higher, layer
PVCs are
created at layer 2.
DLCIs: Data-link connection Identifiers : are
used to identify virtual circuit connections.
DLCI address are assigned by the provider and
then mapped to IP addresses by the router
LMI: Local
management Interface
These are
autodetected in current IOS versions….. however:
Keyword Meaning
Cisco: defined by industry group, and default
ANSI: Annex D defined by T1.617
Q933a: Defined by ITU-T Annex A Q.933A
LMI can be used
to determine the global significance of the DLCI numbers.
Setup of Frame
Relay on Cisco
#interface
<interface>
#encapsulation
frame-relay [ietf, or default is cisco]
use default to talk to other cisco routers,
use ietf encapsulation to talk to non-cisco.
#frame-relay
interface-dlci <dlci number>
to
map dlci number to current interface, or subinterface
Then
specify an IP address for that subinterface
Optionally
you can hard-code the address on the other end.
#encap
frame-relay [ietf]
#no
inverse-arp
turns
off auto addressing features
#ip
address <ip address> <subnet mask>
#frame-relay
map ip <address> <metric ? > [cisco] [broadcast]
this
lets you mix encap types, and allow broadcast over interface
Monitoring
Frame Relay
#show
frame ?
ip
ip statistics
lmi lmi stats
map map table
pvc pvc stats – this one displays the DLCI #
route route info
traffic protocol stats
PPP
Point to Point
Protocol
Userfull for
dial-up or sync links (ISDN)
Authenticate
using PAP: password authentication protocol or
CHAP:
Challenge Handshake Authentication Protocol
ISDN
Integrated
Services Digital Network
Terminal
equipment types:
TE1:
understands ISDN
TE2:
predates ISDN and needs a TA (terminal adapter) to work
ISDN reference
points:
R:
between non-isdn device and TA
S:
between terminal and NT2 device
T:
point between NT1 and NT2
U:
point between NT1 and carrier line
termination device
ISDN protocol
codes:
E:
existing telephone network
I:
concepts, terms, and services
Q:
switching and signaling
ISDN service
levels:
Connect
to lines with SPIDs (service Profile Identfiers) (phone numbers..)
BRI:
Basic Rate Interface: 2B + 1D
B
= 64kbs, D=14Kbps = 128kbs plus control
PRI:
Primary Rate Interface: 23B + 1D
Total
of 1.544Mbps
Configuring
ISDN BRI
#isdn
switch-type ?
tons
of proprietary switch types
#interface
<interface>
typicaly
bri0, or something like that.
#encap
ppp
ppp
is method used to setup isdn phone calls
#isdn
spid1 <spid1>
#isdn
spid2 <spid2>
Configuring
ISDN PRI
#controller
<interface> <location>
typicaly
something like #controller T1 1/0
#framing
efs
sets
Extended Super Framing, this is normal for T1/ PRI line
#linecode
b8zs
line-conding mechanism to assist with timing
by preventing strings of zeros
#pri-group
timeslots <value from 1-24>
sets
number of timeslots
Access lists:
Basics:
Access lists
must be created, then applied to an interface
Access lists
can filter incoming or outgoing from an interface
Packets are
compared only until a match is made
Packets that do
not meet any criteria on the list are discarded
Wildcard masking:
Nifty, acts
like a reverse subnet mask:
Example:
0.0.0.255 would wildcard all hosts on class C network
0.0.0.0
would indicate no wildcarding
keywords:
host:
0.0.0.0 : just specified host
any:
255.255.255.255: absolutely anything
* when using keyword it comes before IP
address, when using mask it comes after!!!!
List number scheme
List number range meaning
1-99
ip standard list
100-199
ip extended access list
800-899
ipx standard
900-999
ipx extended access list
1000-1099 IPX
SAP access list
IP access list creation
#access-list <number
of list> <permit | deny> <source address> [<mask>]
IP extended access list
#access-list
<number> <permit |deny> <protocol> <source>
<destination> <port>
source and destination
can be masked
port can be ‘eq’ for
equal, ‘neq’ not equal, ‘log’ logged, or assorted other things
port can also be
keyworeded: www, smtp, finger, ftp, telnet, etc…..
ipx access list
#access-list <number>
<permit|deny> <source network number> <destination network
number>
no wildcarding needed with ipx
-1 is used to indicate ‘any network address’
extended ipx access lists
#access-list <number>
<permit|deny> <protocol> <source> <socket>
<destination> <socket>
-1 still indicates ‘any’ for socket or source
address
IPX SAP access lists
#Access-list <number>
<permit|deny> <source> <service type>
service type is numeric value
Applying Access list to
Interface
#interface
<interface>
#ip
access-group <number of list> <in | out>
Monitoring:
#show access-list
shows the lists and how many matches for each
line
#clear access-list
counters <access list number>
clears statistics
Logging:
Keyword log can be placed at the end of
extended access lists, and info will be logged to console by default, or could
be re-directed to a error-log server
Logs include: access list number, source and
destination port/address and number of packets.
Displaying access list
info
#Show ip interface
<interface>
displays which list is
enabled for the interface, both incoming and outgoing
#show running-config
shows just about
everything….including details of what makes up each access-list
CISCO Info:
Startup sequence
Bootstrap
from Rom
Cisco
IOS from Flash
From
tftp
From
Rom
Configuration
File from NVRAM
From
tftp server
From
console
Editing commands
Toggle
on/off: Terminal editing /
terminal no editing
Control
+
A move to beginning of line
E end
F forward
B back
P previous
N most recent
Show
history
Terminal
history size set buffer size
Arrow
keys also work to edit and scroll through buffer
Passwords
Enable secret: one-way crypto password, has priority over ‘normal’ enable password
#config
terminal
#enable
secret <password>
Enable
password: password to
switch to priv mode
#config
terminal
#enable
password <password>
Virtual
terminal password: password to
allow telnet into router
#config
terminal
#line vty 0 <max number of logins>
#login
#password
<whatever password>
Banner
#banner
motd <end Char>
yadda,
yadda, yadda <end Char>
Hostname
#config
t
#hostname
<router hostname>
hostname resolution
#ip
host <target hostname> <target host ip address>
this
acts like a host file to allow static name resolution
#show
hosts
displays
configured hosts / ip addresses
#ip
domain-lookup
#ip
name-server <dns ip>
to configure DNS, use the 2 commands
above. You can have up to 6 dns addresses
#no
ip domain-lookup
disable
dns lookkup
Interface Naming
S Serial
E Ethernet
T TokenRing
F Fiddi
Number as card/port or for 7000 series as VIP card/port (from 0) /interface (from 0)
Static Routing for IP
Config
with:
#Ip
route <network> <mask> <address|interface> [distance]
Display
with:
#Show
ip route
#Show
ip route static
Remove
ip routes with:
#No
ip route <network>
Default
route / route of last resort : (set network and mask to all 0s)
#Ip route 0.0.0.0 0.0.0.0 <address>
IP
classless:
With IP classless ‘on’ packets are forward on
a best-guess directly connected network instead of having them dropped.
-
this is used with default routes
Testing:
#ping
<address>
works
with IP, ipx, appletalk, apollo, vines, and decnet
#ping
<fill out info as prompted>
extended ping: works with ip, appletalk, and
ipx to provide much more info
#trace
<protocol> <address>
works
with: ip, appletalk, clns, oldvines (cisco), vines (banyan).
- remember that TCP is not on any of these
lists… it is a higher-level protocol.
Subinterfaces:
How to bind multiple conflicting commands to
1 interface… use subinterfaces.
Syntax
is to place a period, then a integer after the device name.
Example: #int e0.100
Configuring Dynamic
Routing for IP
RIP:
#router
rip
#network
<network we want to advertise>
-optional
#passive <interface>
lets you run rip without advertising
connection
-optional #neighbor <specific neighbor
router>
lets info go over non-broadcast media (like
WAN links)
-optional
#debug ip rip or undebug ip rip
This
shows all updates to the console (sent or received advertisements)
-optional
#no router rip
Disables
rip routing
IGRP
#router
igrp <autonomous system number 1-65535>
turns
on igrp and allows setting of AS number
#network
<network we want to advertise>
-optional
#debug ip igrp events #undebug ip
igrp events
logs
to console when/what events are done
-optional#debug
ip igrp transactions #undebug ip igrp
transactions
detailed
log to console of what happens in each event
display routing
info:
#show
ip route
This displays all routes on the router,
including how the route was ‘learned’
R =
rip, C = connected, S = static, I = igrp, o = ospf, etc
#show
ip route <protocol>
displays
routes ‘learned’ from specified protocol only
#show
ip protocol
displays
protocol and detailed info on timing, sources of info, filters, etc.
#show
ip interface
shows
all lots of info on all interfaces
#show
ip interface <interface>
shows
info specific to the interface
IPX configuration
#ipx routing
to enable ipx
routing
#interface
<interface>
select an
interface before providing specifc info for configuring ipx
#ipx network <ipx network address>
[encapsulation <keyword for type>] [secondary]
-
secondary indicates if more than one encapsulation type is used on 1
interface, recomened to use sub-interfaces
table of info for configuring encapsulation
types
interface type frame type keyword
ethernet 802.3 novell-ether
(default)
802.2
sap
ethernet_II arpa
ethernet_snap snap
token ring token-ring sap (default)
token-ring_snap snap
fddi fddi_snap snap (default)
802.2
sap
fddi_raw novell-fddi
Show IPX
servers
#show ipx
servers
this displays
the contents of the SAP, listing all servers and services
show IPX route
#show IPX route
shows the IPX
routing table
#ipx maximum
paths <2-512>
enable multiple paths to 1
destination
#show ipx
traffic
generates
traffic statistics on ipx network usage
#show ipx
interface <interface>
detailed info
on specific interface
#debug ipx
<all kinds of things>
lots of debug
information available
Sources for IOS
software:
Flash Memory
Default
and normally good idea
#show
flash
lists
all versions stored in flash, but does not specify which is running
#show
version
specifies
which version of IOS you are running currently
Tftp server
Somewhat menu driven way to store and
retrieve information to/from tftp server
#copy
flash tftp –lets you backup your ios saved in flash
#copy tftp flash -lets you download new versions or restore over bad versions
tftp to backup
/ restore config info
#copy
tftp running-config
#copy
running-config tftp
Configuring
fallback sources for IOS software
#boot
system flash <ios_filename>
to boot from flash
#boot
system tftp <ios_filename> <tftp_address>
to boot from remote tftp
server
#boot
system rom
to boot from hard-coded ios version, this is
a ‘last resort’ kinda thing to do
IOS Commands that have
little to do with routing
#show version
os
version, uptime, how it was last started up, where ios was loaded from
hardware
type and revision as well as detected interfaces
#show processes
shows pid, Queue priority, status (TY), runtime in milliseconds, stack space, proc
name
#show memory
shows
processor and I/O memory and watermarks / freespace
#show stacks
shows
cause of last crash, and esoteric info
#show buffers
reveals
size of buffers for small / middle / big / very big / large / huge
#show flash
reveals
size and amount free, as well as what is stored.
#show
running-config
shows
the running configuration file
#show
startup-config
shows
the startup configuration file
#show interface
shows
the hardware and their status, including usage stats
#show interface
<interface>
shows
hardware status and usage for specific interface
#show protocol
shows
protocols enabled and routing info for each interface
#show ip
protocol
shows
more detail than show protocol
*Special thanks to THConsulting
for compiling this information for these future CCNA Graduates
Call Now to order
1-800-967-6609
OR
Certified Professionals on
staff to answer your questions
2004