Upload
athimoolam
View
251
Download
0
Embed Size (px)
Citation preview
8/8/2019 Bong Ccna1
1/103
LIST OF COMMANDS Used in CCNA
Available CommandsUser/Privileged Exec Commands
clear frame-relay-inarp configure terminal copy running-config startup-config copy startup-config running-config disable disconnect enable exit help ping show cdp
show cdp interface show cdp interface show cdp neighbors show cdp neighbors show configuration show controllers show frame-relay lmi show frame-relay map show frame-relay pvc show frame-relay route
show history show interfaces show interfaces (including bri0:1, bri0:2) show ip access-lists show ip interface show ip interface show ip route show ipx route show ipx servers show isdn active
show isdn history show isdn status show running-config show startup-config show version terminal editing terminal history terminal history size terminal no editing
8/8/2019 Bong Ccna1
2/103
terminal no history traceroute
Global Configuration Commands access-list deny/permit access-list deny/permit
access-list deny/permit host banner banner exec banner incoming banner login banner motd cdp holdtime cdp timer cdp run dialer-list protocol ip deny/permit
enable password enable secret end exit help hostname interface bri interface ethernet (with subinterfaces) interface serial (with subinterfaces) ip route ip routing ipx routing isdn switch-type line console 0 line vty line vty router rip router igrp router eigrp router ospf
Ethernet Interface Commands cdp enable description exit help ip access-group in/out ip address ipx network
8/8/2019 Bong Ccna1
3/103
ipx network encapsulation ipx network encapsulation secondary shutdown
Serial Interface Commands cdp enable
clock rate description encapsulation frame-relay encapsulation hdlc encapsulation ppp exit frame-relay interface-dlci frame-relay inverse-arp frame-relay map ip help
ip access-group ip address ipx network ipx network encapsulation ipx network encapsulation secondary shutdown
BRI Commands description dialer fast-idle dialer idle-timeout dialer map ip dialer string dialer-group exit help ip address isdn spid1 isdn spid2 isdn switch-type shutdown
Line/Console Commands exit help login password
Router Commands network
8/8/2019 Bong Ccna1
4/103
Switch User/Privileged Mode Commands configure configure terminal disable enable exit help ping show cdp show cdp interface show cdp interface show cdp neighbors show cdp neighbors show history show interfaces show interfaces show ip show running-config show spanning-tree show spanning-tree show version show vlan show vlan show vlan-membership show vtp
Switch Global Commands cdp holdtime cdp timer enable password level 15 end exit help hostname interface ip address
ip default-gateway spanning-tree ... switchport access vlan vlan vlan name vtp client/server/transparent
Switch Ethernet/Fast Ethernet Commands cdp enable
8/8/2019 Bong Ccna1
5/103
description exit help shutdown vlan-membership static
Uses of the OSI ModelYou should be familiar with the OSI model, because it is the most widely used method for talabout network communications. However, remember that it is only a theoretical model that dstandards for programmers and network administrators, not a model of actual physical layersUsing the OSI model to discuss networking concepts has the following advantages:
Provides a common language or reference point between network professionals Divides networking tasks into logical layers for easier comprehension Allows specialization of features at different levels
Aids in troubleshooting Promotes standards interoperability between networks and devices Provides modularity in networking features (developers can change features without
changing the entire approach)However, you must remember the following limitations of the OSI model.
OSI layers are theoretical and do not actually perform real functions. Industry implementations rarely have a layer-to-layer correspondence with the OSI lay Different protocols within the stack perform different functions that help send or receiv
overall message. A particular protocol implementation may not represent every OSI layer (or may sprea
across multiple layers).
OSI Model LayersThe following table compares the functions performed at each OSI model layer.
Layer Description and Keywords Protocols Devices Encapsulatio
Application
User interface Communication partner
identification
HTTP Telnet FTP
TFTP SNMP
Messages and
Packets
Presentation Data format (file formats) Encryption, translation,
and compression Data format and exchange
JPEG, BMP,TIFF, PICT
MPEG, WMV, AVI
ASCII, EBCDIC
Packets
8/8/2019 Bong Ccna1
6/103
MIDI, WAV
Session
Keeps data streamsseparate (sessionidentification)
Set up, maintain, and tear down communicationsessions
SQL NFS ASP
RPC X window
Packets
Transport
Reliable (connection-oriented) and unreliable(connectionless)communications
End-to-end flow control Port and socket numbers
Segmentation,sequencing, andcombination
TCP(connection-oriented)
UDP(connectionless)
Segments,Datagrams,and Packets
Network
Logical addresses Path determination
(identification andselection)
Routing packets
IP IPX AppleTalk DECNET
Router Packets andDatagrams
DataLink
LogicalLinkControl(LLC)
Convert bits into bytesand bytes into frames
MAC address, a.k.a.burned in address (BIA),hardware address
Logical network topology Media access Flow control
Acknowledgements Buffering
Windowing Parity and CRC
LAN protocols:802.2 (LLC),802.3(Ethernet),802.5 (TokenRing), 802.11(Wireless)
WAN protocols:HDLC, PPP,Frame Relay,ISDN, ATM
NICsSwitches Bridges
FramesMediaAccessControl
(MAC)
Physical Move bits across media Cables, connectors, pin
positions Electrical signals
(voltage, bit
EIA/TIA 232(serialsignaling)
V.35 (modemsignaling)
CableConnectorsHubs andrepeaters
Bits
http://c/Program%20Files/TESTOUT/resources/cisco/c801/01flwack.wmvhttp://c/Program%20Files/TESTOUT/resources/cisco/c801/01flwbuf.wmvhttp://c/Program%20Files/TESTOUT/resources/cisco/c801/01flwwin.wmvhttp://c/Program%20Files/TESTOUT/resources/cisco/c801/01flwbuf.wmvhttp://c/Program%20Files/TESTOUT/resources/cisco/c801/01flwwin.wmvhttp://c/Program%20Files/TESTOUT/resources/cisco/c801/01flwack.wmv8/8/2019 Bong Ccna1
7/103
synchronization) Physical topology
(network layout)
Cat5 RJ45
Connection-oriented vs. ConnectionlessYou should know the following facts about connection-oriented communication:
Connection-oriented protocols are reliable. They perform session initiation, error detecand error correction. They identify and retransmit lost packets.
A connection-oriented protocol is a good choice where reliable, error-free communicatmore important than speed.
The three phases of connection-oriented communication are:1. Session initialization (connection establishment),2. Session maintenance (data transfer), and3. Session termination (connection release).
You should also know the following facts about connectionless communication: Connectionless services assume an existing link between devices and allow transmissio
without extensive session establishment. Connectionless communications include no error checking or acknowledgement
mechanisms. Connectionless communications use no error checking, session establishment, or
acknowledgements. Connectionless protocols allow quick, efficient communication. However, data errors a packet loss might occur.
TCP/IP ProtocolsThe following table lists several protocols in the TCP/IP protocol suite.
Protocol Description OSI ModelLayer(s)DOD ModelLayer
FTPFile Transfer Protocol (FTP) provides a generic method of transferring files. It can include file security throughusernames and passwords, and it allows file transfer between dissimilar computer systems.
Application,Presentation,Session
Application/Process
TFTP Trivial File Transfer Protocol (TFTP) is similar to FTP. Itlets you transfer files between a host and an FTP server.However, it provides no user authentication and uses UDP
Application,Presentation,Session
Application/Process
8/8/2019 Bong Ccna1
8/103
instead of TCP as the transport protocol.
HTTP
The Hypertext Transfer Protocol (HTTP) is used by Webbrowsers and Web servers to exchange files (such as Web pages) through the World Wide Web and intranets. HTTPcan be described as an information requesting and
responding protocol. It is typically used to request and sendWeb documents, but is also used as the protocol for communication between agents using different TCP/IP protocols.
Application,Presentation,Session
Application/
Process
SMTPSimple Mail Transfer Protocol (SMTP) is used to routeelectronic mail through the internetwork. E-mailapplications provide the interface to communicate withSMTP or mail servers.
Application,Presentation,Session
Application/Process
SNMP
Simple Network Management Protocol (SNMP) is a protocoldesigned for managing complex networks. SNMP letsnetwork hosts exchange configuration and statusinformation. This information can be gathered bymanagement software and used to monitor and manage thenetwork.
Application,Presentation,Session
Application/Process
TelnetRemote Terminal Emulation (Telnet) allows an attachedcomputer to act as a dumb terminal, with data processing taking place on the TCP/IP host computer. It is still widelyused to provide connectivity between dissimilar systems.
Application,Presentation,Session
Application/Process
NFS
Network File System (NFS) was initially developed by
Sun Microsystems. It consists of several protocols thatenable users on various platforms to seamlessly access files from remote file systems.
Application,Presentation,Session
Application/Process
TCP
Transmission Control Protocol (TCP) operates at theTransport layer. It provides connection-oriented services and performs segment sequencing and service addressing. Italso performs important error-checking functions and isconsidered a host-to-host protocol.
Transport Host-to-Host(Transport)
UDP
User Datagram Protocol (UDP) is considered a host-to-host protocol like TCP. It also performs functions at the Transportlayer. However, it is not connection-oriented like TCP. Because of less overhead, it transfers data faster, but is notas reliable.
Transport Host-to-Host(Transport)
DNS
Domain Name System (DNS) is a system that isdistributed throughout the internetwork to provide address/name resolution. For example, the name "www.testout.com"would be identified with a specific IP address.
Transport Host-to-Host(Transport)
8/8/2019 Bong Ccna1
9/103
IP
Internet Protocol (IP) is the main TCP/IP protocol. It is aconnectionless protocol that makes routing path decisions,based on the information it receives from ARP. It alsohandles logical addressing issues through the use of IPaddresses.
Network Internet
ICMP Internet Control Message Protocol (ICMP) works closely withIP in providing error and control information that helpsmove data packets through the internetwork.
Network Internet
IGMP
IGMP (Internet Group Membership Protocol) is a protocol for defining host groups. All group members can receivebroadcast messages intended for the group (calledmulticasts). Multicast groups can be composed of deviceswithin the same network or across networks (connected witha router).
Network Internet
ARP Address Resolution Protocol (ARP) creates a completeInternet address by combining the logical network addresswith the physical address. It works with other protocols to provide logical name address resolution.
Network Internet
RARP Both BOOTP (Bootstrap Protocol) and RARP (Reverse Address Resolution Protocol) are used to discover the IPaddress of a device with a known MAC address. BOOTP isan enhancement to RARP, and is more commonlyimplemented than RARP. As its name implies, BOOTP isused by computers as they boot to receive an IP address froma BOOTP server. The BOOTP address request packet sent by the host is answered by the server.
Network Internet
BOOTP Network Internet
DHCP
The Dynamic Host Configuration Protocol (DHCP)simplifies address administration. DHCP servers maintaina list of available and assigned addresses, andcommunicate configuration information to requestinghosts. DHCP has the following two components.
A protocol for delivering IP configuration parameters from a DHCP server to a host
A protocol specifying how IP addresses are assigned
Network Internet
OSPFOpen Shortest Path First (OSPF) is a route discovery protocol that uses the link-state method. It is more efficient than RIP in updating routing tables, especially on largenetworks.
Network Internet
RIP Routing Information Protocol (RIP) is a route discovery protocol that uses the distance-vector method. If the network
Network Internet
8/8/2019 Bong Ccna1
10/103
is large and complex, OSPF should be used instead of RIP.The TCP/IP protocol suite was developed to work independently of the Physical layer implementation. You can use a wide variety of architectures with the TCP/IP protocol suite.
IP Address Classes A single IP address identifies both the network address and the host address. The subnet masused to separate the network and host addresses.IP addresses have a defaultclass. The address class identifies the range of IP addresses and adefault subnet mask used for the range. The following table shows the default address class feach IP address range.
Class Address Range First Octet Range Default SubnetMask
A 1.0.0.0 to 126.255.255.255 1-126
(00000001--01111111
binary)
255.0.0.0
B 128.0.0.0 to191.255.255.255 128-191
(10000000--10111111binary)
255.255.0.0
C 192.0.0.0 to223.255.255.255 192-223
(11000000--11011111binary)
255.255.255.0
D 224.0.0.0 to239.255.255.255 224-239
(11100000--11101111
binary)
n/a
E 240.0.0.0 to255.255.255.255 240-255
(11110000--11111111binary)
n/a
When using the default subnet mask for an IP address, you have the following number of avahost addresses:
Class A addresses give you 16,777,214 hosts per network. Class B addresses give you 65,534 hosts per network. Class C addresses give you 254 hosts per network.
Special AddressesThe following address ranges have been reserved for private use.
10.0.0.0 to 10.255.255.255 172.16.0.0 to 172.31.255.255 192.168.0.0 to 192.168.255.255
Use addresses in these ranges for your private networks. Routers connected to the Internet typ
8/8/2019 Bong Ccna1
11/103
filter messages within these ranges and prevent them from being propagated to the Internet.You should also understand the following special addresses.
IP Address Use
0.0.0.0This network address is used by routers to specify the "default" routeUsing a generic value reduces the number of routing table entries.(Some older routers use this address as a broadcast address.)
All bits of the network portion of an address set to 0
An address with all bits of the network portion of an address set to 0refers to a host on "this" network. Examples:
0.65.77.233--Specific host on a Class A network 0.0.77.52--Specific host on a Class B network 0.0.0.69--Specific host on a Class C network
All bits of the host portionof an address set to 0
An address with all bits of the host portion of an address set to 0 refe
to the network itself. Examples: Class A network address: 115.0.0.0 Class B network address: 154.90.0.0 Class C network address: 221.65.244.0
All bits of the host portionof an address set to 1
An address with all bits of the host portion of an address set to 1 is abroadcast message for all hosts on the network. Examples:
115.255.255.255--Broadcast to all hosts on Class A network
115.0.0.0 154.90.255.255--Broadcast to all hosts on Class B network
154.90.0.0 222.65.244.255--Broadcast to all hosts on Class C network
221.65.244.0
127.0.0.0This network address is reserved for the loopback address. (Note:Thisaddress isnot included in the range of Class A or Class B addresses.)The address 127.0.0.1 refers to the local host.
255.255.255.255 This address is used to indicate a broadcast message intended for allhosts on this network.
Service Data Units and EncapsulationEncapsulation is the process of breaking a message into packets, adding control and other
8/8/2019 Bong Ccna1
12/103
information, and transmitting the message through the transmission media. You need to know following five-step data encapsulation process:
1. Upper layers prepare thedata to be sent through the network.2. The Transport layer breaks the data into pieces calledsegments, adding sequencing and
control information.3. The Network layer converts the segments intopackets, adding logical network and device
addresses.4. The Data Link layer converts the packets intoframes, adding physical device addressing
information.5. The Physical layer converts the frames intobits for transmission across the transmission
media.The following short descriptions can help you remember the steps of the data encapsulation p
1. Upper layers--data 2. Transport layer--segments 3. Network layer--packetscontaininglogical addresses4. Data Link layer--framing t hat addsphysical addresses5. Physical layer--bits
Ethernet Architecture FactsThe following table shows specifics of the Ethernet architecture.
TopologyPhysical topologies--bus, star, cascading star Logical topology--bus ( physical bus, logical bus; physical star, logical bus), star
( physical star, logical star )
Media AccessMethod
CSMA/CD--Carrier Sense, Multiple Access/Collision Detection (contention)Devices use the following process to send data.
1. Because all devices have equal access to the transmission media (multaccess), a device with data to send first listens to the transmissionmedium to determine if it is free (carrier sense).
2. If it is not free, the device waits a random time and listens again to the transmission medium. When it is free, the device transmits its message
3. If two devices transmit at the same time, a collision occurs. The sendin
devices detect the collision (collision detection) and send a jam signal.4. Both devices wait a random length of time before attempting to resendoriginal message (calledbackoff ).
TransmissionMedia
Thick coaxial, thin coaxial, twisted-pair, fiber-opticThe most common Ethernet implementations use unshielded twisted-pair cab(UTP). Each cable consists of eight wires, twisted into four pairs. UTP cables
http://c/Program%20Files/TESTOUT/resources/cisco/c801/m04_ptbs.wmvhttp://c/Program%20Files/TESTOUT/resources/cisco/c801/m04_ptbs.wmvhttp://c/Program%20Files/TESTOUT/resources/cisco/c801/m04_ltbs.wmvhttp://c/Program%20Files/TESTOUT/resources/cisco/c801/m04_ltst.wmvhttp://c/Program%20Files/TESTOUT/resources/cisco/c801/m04_ptbs.wmvhttp://c/Program%20Files/TESTOUT/resources/cisco/c801/m04_ltbs.wmvhttp://c/Program%20Files/TESTOUT/resources/cisco/c801/m04_ltst.wmv8/8/2019 Bong Ccna1
13/103
classified by categories:
Cat3, rated up to 10 Mbps Cat4, rated up to 16 Mbps Cat5, rated up to 100 Mbps Cat5e, rated up to 1,000 Mbps (gigabit)
UTP cables are connected with RJ-45 connectors.
Frame Type
Frame size = 64 to 1518 bytes (this is the same for all Ethernet standards)Four frame types are supported:
Ethernet 802.3--This frame type is the original Ethernet frame type. Ethernet 802.2--This frame type accommodates standards set by the IE
802.2 committee related to the logical link control (LLC) sublayer. It ismore current frame type than 802.3.
Ethernet II--This frame type provides the ability to use TCP/IP as a transport/network layer protocol. Other Ethernet frame types operatestrictly with IPX/SPX as a transport/network layer protocol.
Ethernet SNAP--This frame type (SubNetwork Address Protocol) is anenhanced version of Ethernet 802.2 that allows for greater compatibilitwith other network architectures such as Token Ring. This frame type asupports TCP/IP.
Physical
Address
The MAC address (also called theburned-in address) is used as the Data Linklayer physical device address. The MAC address is a 12-digit hexadecimalnumber. Each digit ranges from 0-9 or A-F.The MAC address FFFFFFFFFFFF is the broadcast address. Packets address the broadcast address will be processed by all devices.
Ethernet StandardsThe following table compares the characteristics of various Ethernet implementations.
Category Standard Bandwidth Cable Type Maximum SegmentLength
Ethernet
10Base5 10 Mbps Coaxial(thicknet) 500 meters
10Base2 10 Mbps Coaxial(thinnet) 185 meters
10BaseT 10 Mbps (half duplex)20 Mbps (full
Twisted pair (Cat3, 4, or 5) 100 meters
8/8/2019 Bong Ccna1
14/103
duplex)
FastEthernet
100BaseTX100 Mbps (half duplex)200 Mbps (fullduplex)
Twisted pair (Cat5) 100 meters
100BaseT4100 Mbps (half duplex)200 Mbps (fullduplex)
Twisted pair (Cat5) 100 meters
100BaseFX100 Mbps (half duplex)200 Mbps (fullduplex)
Fiber optic412 meters (half duplexmultimode cable)2,000 meters (full duplexsinglemode cable)
GigabitEthernet
1000BaseSX(short)
1,000 Mbps (half
duplex)2,000 Mbps (fullduplex)
Fiber optic 220 to 550 metersdepending on cable quality
1000BaseLX (long)1,000 Mbps (half duplex)2,000 Mbps (fullduplex)
Fiber optic 550 to 5,000 metersdepending on cable quality
1000BaseCX (shortcopper)
1,000 Mbps (half duplex)2,000 Mbps (fullduplex)
Special copper 25 meters, used withinwiring closets
1000BaseT 1,000 Mbps (half duplex)2,000 Mbps (fullduplex)
Twisted pair (Cat5e) 100 meters
Half- and Full-DuplexWith the original Ethernet standards, all devices shared the same cable. This caused two prob
Collisions occur when two devices transmit at the same time. Devices needed to be abldetect and recover from collisions.
Each device could either transmit or receive data at any given time. This meant that thedevice was either receiving data or listening for incoming data. Devices were not able send and receive at the same time (much like using a one-lane road for traffic in twodifferent directions).
These two problems were solved in the following ways:
8/8/2019 Bong Ccna1
15/103
Using twisted pair cable, multiple strands of wires are combined into a single cable. Decan use different wires to send and receive data (allowing them to do both simultaneou
Using switches, devices are given a dedicated communication path. With a single devicconnected to a switch port, collisions are eliminated.
With these problems solved, you can turn off collision detection. Devices can transmit and redata simultaneously, and can begin transmitting data as soon as they have data to send.Devices with collision detection turned on operate inhalf-duplex mode; devices with collisiondetection turned off operate infull-duplex mode.
Mode Description Bandwidth
Half-duplex
Collision detection is turned on The device can only send or receive at
any given time Devices connected to a hub must use
half-duplex communication
Up to the rated bandwidth (10 Mbps for 10BaseT, 100 Mbps for 100BaseT, etc.)
Full-duplex
Collision detection is turned off The device can send and receive at the
same time Requires full-duplex capable NICs Requires switches with dedicated
switch ports (a single device per port)
Double the rated bandwidth (20 Mbps for10BaseT, 200 Mbps for 100BaseT, etc.)
Upgrading to FastEthernetFast Ethernet was designed to be as compatible with 10BaseT Ethernet as possible. This proveasy migration path from 10BaseT to 100BaseT/100BaseT4 (and even to Gigabit Ethernet). Mnew networking devices that are Fast or Gigabit Ethernet capable also support 10BaseT standDevices autosense the specifics of the network configuration and set themselves to use the facommunication method possible.If your network uses 10BaseT and has Cat5 cable, you can slowly migrate from 10BaseT toFastEthernet (remember that FastEthernet uses Cat5 cable). As you replace components suchNICs and hubs with FastEthernet devices, portions of the network will begin operating atFastEthernet speeds.You can begin your upgrade with:
Critical components, such as hubs, switches, and server NICs Segments that service mission-critical applications Workstations that have heavy bandwidth requirements
8/8/2019 Bong Ccna1
16/103
Bridge FactsYou should understand the following concepts relating to the operation of bridges.
Bridges connect two media segments that use the same protocol. Bridges examine the source address to determine the media segment of network device Bridges operate at the Data Link layer of the OSI model. Bridges maintain a table of device addresses and their corresponding segments. Each segment connected by a bridge can have the same network address. Messages within a media segment are prevented from crossing over to another segmen
Bridges offer the following advantages: Bridges prevent wasted bandwidth by eliminating unnecessary traffic between segmen Bridges increase the maximum network length. Bridges forward packets for multiple upper-layer protocols. Bridges can link segments with dissimilar transmission media and media access metho
Bridges have the following limitations: Bridges cannot link multiple architectures because different frame types are used. Bridges cannot translate upper-layer protocols. Bridges cannot forward packets to different networks based on the network address. Bridges do not filter broadcast packets.
Use bridges to isolate traffic to a segment, or to prevent unwanted traffic from crossing over segments, or to slow WAN links. When designing the placement of bridges on the network, f the 80/20 rule.
At least 80% of network traffic should stay within a segment. No more than 20% of network traffic should pass through the bridge to another segmen
Switch FactsSwitches provide functionality similar to bridges, but typically on a larger scale and with high performance.
Switches are associated with the Data Link layer of the OSI Model. Switches build a forwarding database in a manner similar to bridges. Switches examin
source and destination Data Link (MAC) address in each packet to build the database amake forwarding decisions.
Switches connect multiple segments or devices and forward packets to only one specif You can connect a single device to a switch port or multiple devices to a switch port by
a hub.Switches offer the following advantages over a non-switched network.
Switches create separate collision domains. Switches provide guaranteed bandwidth between devices (if dedicated ports are used). Switches can be used to provide collision-free networking (i.e. if only one device is co
to each switch port).
8/8/2019 Bong Ccna1
17/103
Switches enable full-duplex communication. Switches induce less latency than other segmentation solutions. Switches can simultaneously switch multiple messages. Switches can mix 10 Mbps- and 100 Mbps-capable devices (if the switch is a 100 Mbp
switch). Ethernet switches can be implemented without re-cabling.
Bridge and Switch Forwarding Facts Both bridges and switches build a forwarding database. The database is a list of Data Link (Maddresses and the port used to reach the device. Bridges and switches can automatically learndevices to build the forwarding database. A network administrator can also program the devi
database manually. Bridges and switches use the following process to dynamically build the forwarding database: The process begins by examining the source address of an incoming packet. If the sour
address is not in the forwarding database, an entry for the address is made in the databaThe port it came in on is also recorded.
The destination address is then examined. If the destination address is not in the database, the packet is sent out all ports ex
for the one on which it was received. If the destination address is in the database, the packet is forwarded to the appro
port if the port is different than the one on which it was received.
Broadcast packets are forwarded to all ports except the one on which they were rTransparent bridges forward packets only if the following conditions are met.
The frame contains upper-layer data (data from the LLC sublayer on up). The frame's integrity has been verified (a valid CRC). The frame is not addressed to the bridge.
How switches forward packets depends on the switch type. The following table compares thedifferent methods the switch uses to forward packets (Cisco switches support all three metho
Method Characteristics
Store-and- forward
Store-and-forward switches: Receive the entire frame. Verify the frame's integrity (check the CRC). Frames with errors are n
forwarded. Forward the frame to the destination device. Introduce more latency (delay) than cut-through switches.
8/8/2019 Bong Ccna1
18/103
Cut-through
Cut-through switches:
Read the destination device address. Forward the packet without verifying frame integrity. Are faster than store-and-forward switches (less latency).
Fragment-free
Fragment-free switches:
Read the first 64 bytes of a frame. Verify that the packet is not a fragment. Forward non-fragmented frames. Introduce some latency, but not as great as store-and-forward switchin
Newer switches can monitor each port and determine which method to use. They can automaswitch to store-and-forward if the number of errors on a port exceeds a configurable threshol
Message Routing FactsKeep in mind the following points about how a packet is addressed as it travels through aninternetwork.
On an Ethernet network, the Data Link layer address is the MAC address. On an IPnetwork, the IP address is the Network layer address.
Both Data Link physical addresses and Network logical addresses are used. The Network address contains both a logical network address and a logical device add
IP (Network) addresses are contained in the IP header; MAC (Data Link) addresses are
contained in the Ethernet frame header. Both the source and destination Network and Data Link addresses are typically containin the packet.
The Data Link destination address indicates the physical address of the next hop on theroute.
Data Link addresses in the packet change as the packet is delivered from hop to hop. The Network destination addresses indicate the address of the final destination device. Network addresses remain constant as the packet is delivered from hop to hop. A router uses the logical network address specified at the Network layer to forward me
to the appropriate LAN segment.
Segmentation FactsLAN segmentation is the process of dividing the network to overcome problems such as excecollisions, broadcast traffic, or heavy network traffic. By segmenting a LAN, you can increasnetwork performance, maximize bandwidth, and reduce congestion. As you segment the network, you will need to consider the collision and broadcast domains onetwork.
8/8/2019 Bong Ccna1
19/103
A collision domain is any network or subnetwork where devices share the same transmismedium and where packets can collide. Collisions naturally increase as the number of devices in a collision domain increase.
A broadcast domain is any network or subnetwork where computers can receive frame-lebroadcasts from their neighbors. As you add devices to a network segment, the amounbroadcast traffic on a segment also increases.Note:A special condition called abroadcast storm happens when broadcast traffic is sent, regenerated, and responded to. In thiscondition, the amount of broadcast traffic consumes network bandwidth and preventsnormal communications. Faulty devices or improper configuration conditions can leadbroadcast storm.
Segmentation may increase the number of both the collision and broadcast domains. Memberwithin collision or broadcast domains differs depending on the connection device used.
Device Collision Domain Broadcast Domain
Hub All devices connected to the hub are in thesame collision domain All devices are in the same broadcastdomain
Bridge or Switch
All devices connected to a single port are in thesame collision domain (each port is its owncollision domain)
All devices connected to the bridge or the switch are in the same broadcastdomain
Router All devices connected to a single interface arein the same collision domain All devices accessible through aninterface (network) are in the samebroadcast domain
In considering a network expansion solution, it is important to identify the connectivity problyou need to resolve, and then identify the device that is best suited for that situation. The maidifferences between routers, switches, and bridges is the range of services each performs andlayer at which they operate.Device CharacteristicsRouter Routers perform the following functions that are not performed by bridges or switch
Route packets between separate networks Modify packet size through fragmentation and combination Route packets based on service address
Choose a router if you need to:
Connect your network to a WAN (such as the Internet) Filter broadcast traffic (prevent broadcast storms) Connect two separate networks that use the same protocol Improve performance in the event of a topology change (routers recover faster
bridges or switches) Reduce the number of devices within a domain (increase the number of broadc
domains)
8/8/2019 Bong Ccna1
20/103
Enforce network security Dynamically select the best route through an internetwork Connect two networks of different architectures (e.g. Ethernet to token ring)
Switch
Choose a switch if you need to:
Provide guaranteed bandwidth between devices Reduce collisions by decreasing the number of devices in a collision domain (i
create multiple collision domains) Implement full-duplex communication Connect two network segments or devices using the same protocol Provide improved performance over a current bridged network Switch traffic without the cost or administration involved with routers
Bridge
Choose a bridge if you need to:
Isolate data traffic to one network segment Route traffic from one segment to another (with the same network ID) Link unlike physical media (e.g. twisted pair and coaxial Ethernet) of the same
architecture type Link segments that use the same protocol Create segments without the expense and administration of routers
In most cases where you might use a bridge, choose a switch instead.In general, follow these guidelines to make decisions about the appropriate connectivity devi
Use a bridge to segment the network (divide network traffic) and to provide fault tolera Use a switch to reduce collisions and offer guaranteed bandwidth between devices. Use a router to filter broadcast messages, implement security, or connect between diffe
networks.
Connection FactsCisco routers and switches do not have monitors, and they do not directly support keyboards mouse commands. Therefore, you need to connect the router to either a dedicated terminal orconfigure it. There are several options you can use to gain access the console. These include:
Connecting through the Console port Connecting through the LAN or WAN with a virtual terminal connection Connecting through the Auxiliary port (available on some routers)
You can connect to routers and switches using the following cable types:
Cable Type Pin-outs Use
8/8/2019 Bong Ccna1
21/103
Rollover Cable
1 -->82 --> 7 3 -->64 -->5 5 -->46 -->3 7 -->28 -->1
Connect a rollover cable to a serial
connector.Connect the RJ-45 end to the console portconnect the serial end to the serial port of PC.Use HyperTerminal to make the consoleconnection.
Straight-through Ethernet Cable
1 -->12 -->23 -->36 -->6
Connect an Ethernet port on a router to anEthernet port on a hub or switch.If the router has an AUI port, connect oneend to an AUI transceiver beforeconnecting to the router.
Crossover Ethernet Cable
1 -->
32 -->63 -->16 -->2
Connect an Ethernet port on a router to thNIC in a PC.Connect two switches (or hubs) together.If the router has an AUI port, connect oneend to an AUI transceiver beforeconnecting to the router.
When connecting routers through a serial port, use the appropriate serial cable.When connecting to a Cisco device through the console port, you can use the HyperTerminal program included with Windows to make a console connection with the router. Default consosettings are:
9600 baud (or a rate supported by your router) Data bits = 8 (default) Parity = None (default) Stop bits = 1 (default) Flow control = None
8/8/2019 Bong Ccna1
22/103
Command Mode Prompts and CommandsMode Prompt To Enter To Exit
User EXEC Router> Press , log in exit, logout, or disconnect
PrivilegedEXEC Router# enable disable (exitdisconnects)GlobalConfiguration
Router(config)# config terminal exit, Z*
Line Router(config-line)# line exit, Z*
Interface Router(config-if)# interface exit, Z*
SubinterfaceRouter(config-subif)# interface . exit, Z*
Router Router(config-router)# router exit, Z*
SetupNone,interactivedialog
setup or erase startup-config + reload ^C
ROM Monitor rommon>
ROM Monitor mode lets you configure your router if the router can't find a valid systemimage, or if the boot sequence is interrupted when
you start the router. It is an emergencycommand-line access to the router. To go to EXECmode from this mode, type continue at the prompt.
RXBoot
RXBoot mode lets a router boot with a limitedversion of the IOS when it cannot find a validIOS image in Flash. You enter RXBoot mode bymodifying the configuration register beforerebooting the router.
*^Z ( + Z) exits all configuration modes to privileged EXEC mode. exit "backs up" oneconfiguration mode.
Command Help FactsHelp is available in all router modes. It is context sensitive, so the information you see depen
8/8/2019 Bong Ccna1
23/103
what you are doing. Cisco bases this on the mode you are in and the words or partial words ywith the ?.
To... Use...Show list of all commands available in the currentmode ?
Show commands that begin with specific letter(s) xx? (no space between the letter and ?)Show keywords for a command command ? (space between command anGet the full command from a partial command partial command + (no space)Note:Typing ? acts as a return, and repeats the last command you entered after the Helpinformation displays. You do not need to retype the command after you ask for help on it.When you use Help to display the possible keywords for a command, you will see the follow types of items.
When you see... Supply...WORD (incaps) Type a one-word response
LINE (in caps) Type a multiple-word responsekeyword Identifies a specific keyword that must be typed as shown Enter a number within the range in brackets Enter a hexadecimal number within the range in brackets
The command is complete as typed, press Enter to execute thecommand A.B.C.D Enter an IP address
Editing Features FactsThis feature uses the same keystrokes as UNIX emacs editing. The following lists summarizerouter advanced editing features.
Use this ... To ...
+ A Move to the beginning of theline + E Move to the end of the line + BLeft arrow Go back one character
+ FRight arrow Go forward one character
8/8/2019 Bong Ccna1
24/103
+ B Go back one word + F Move forward one word terminal editing Turn advanced editing on terminal no editing Turn advanced editing off
When you are in advanced editing mode, the $ indicator appears after the prompt. As you typcommands longer than the command line appear to scroll under the prompt.
Command History Command List By default, the IOS automatically saves the last 10 commands in the command history bufferThe command history is specific to the configuration mode you are in.
Use . . . To . . .
+ A Move cursor to beginning of line + E Move cursor to the end of line + Z Quit a configuration mode + B Move cursor back one character + B Move cursor back one word + F Move the cursor ahead one word + P or Up arrow Show the previous command + N or Down arrow Show the next command terminal history Turn the command history on terminal no history Turn the command history off terminal history size Set the size of the history buffer
show history Show all the commands in the historybuffer
Controlling Screen Output As you work with the router at the console and make configuration changes, response messagoften displayed on the screen. The following table describes various ways to control the respomessages shown.
Problem SolutionWhen making configuration changes, the following message isconstantly displayed (sometimes as you are typing):
Use:
8/8/2019 Bong Ccna1
25/103
%SYS-5-CONFIG_1: Configured fromconsole by console
no logging console
to turn these messages off.
When working with the router through a Telnet session, when youuse a debug command, output will not be shown.
Use:
terminal monitor
to send debug output to the telnet session.
When viewing debug information, you want to review previousinformation, or debug information is shown too quickly for you toexamine it.
Use:
logging buffered
to send logging information to RAM, then use:
show log
to view information onescreen at a time.
Startup FactsThe following graphic details the process used to boot the router.
8/8/2019 Bong Ccna1
26/103
When you turn the router on, it runs through the following boot process.1. The Power-On Self Test (POST) checks the router's hardware. When the POST compl
successfully, the System OK LED indicator comes on.2. The router checks the configuration register to identify where to load the IOS image fr
setting of 0x2102 means that the router will use information in the startup-config file tlocate the IOS image. If the startup-config file is missing or does not specify a locationwill check the following locations for the IOS image:
1. Flash (the default location)2. TFTP server 3. ROM (used if no other source is found)
3. The router loads the configuration file into RAM (which configures the router). The rocan load a configuration file from:
1. NVRAM (startup-configuration file)2. TFTP server 3. If a configuration file is not found, the router starts in setup mode
Setup Mode FactsIf the router is brand new, it has no startup-config file. Therefore, when it boots, it immediateenters Setup mode. Setup mode is a special, guided routine that asks you a series of questionsuses your responses to make basic configuration entries.There are two ways to enter setup mode:
8/8/2019 Bong Ccna1
27/103
Boot the router without the startup-config file. This happens when you erase the currenstartup-config file, or when you boot a new router.
Use the setup command from privileged mode.You can exit setup mode without answering all the questions by pressing + C. Theinformation you've entered to that point will not be saved.
Note: By default, new Cisco routers have no passwords set, and all interfaces are in shutdownuntil they're enabled.
Router Memory Be sure you understand the difference between the following types of router storage.
Memory Type Characteristics
ROM (read-onlymemory)
Preprogrammed, non-writable memory containing the bootstrap startup program, an older, smaller-scale version of the operating system (IOS) softw
and the Power-on Self-Test (POST) programFlash Non-volatile but programmable memory containing the proprietary Ciscooperating system (IOS) imagesRAM (randomaccess memory)
Volatile memory containing the running operating system and current(unsaved) configuration information
NVRAM (non-volatile RAM)
Non-volatile but persistent memory that contains the backup copy of the starconfiguration (startup-config) file and virtual configuration register
The contents of non-volatile memory (such as ROM, flash, and NVRAM) remain when the ris powered off (however, you must modify the configuration registry and NVRAM during
password recovery). The contents of volatile memory (RAM) are lost when the router is powdown.
Copy Command ListThe router can load a configuration file from:
NVRAM (startup-configuration file by default value 0x2102) TFTP server
Changes to the configuration are stored in RAM in the running-config file. To save your configuration changes permanently, and to load different versions of the configuration files frvarious locations, use the copy command in privileged EXEC mode.
Use . . . To . . .Router#copy run start Save the contents of the running-config file to NVRAMRouter#copy start run Copy the startup-config file into RAMRouter#copy run tftp Save the contents of the running-config file to a TFTP server
8/8/2019 Bong Ccna1
28/103
Router#copy start tftp Save the contents of the startup-config file to a TFTP server Router#copy tftp start Copy a configuration file from the TFTP server into NVRAMRouter#copy tftp run Copy a configuration file from the TFTP server into RAM
Router(config)#tftp-server
flash
Configure a Cisco router as a TFTP server. When using thiscommand, you must specific the location (flash or rom) of the IOimage file as well as the IOS image file name.
You can also use the erase command to delete the configuration files--but be very careful noterase files you need!
Use . . . To . . .Router#erase flash Delete the contents of Flash memory (deletes the IOS image)Router#erase start Erase the contents of the startup-config file
Router#erase nvram Delete the contents of NVRAM (which also erases startup-config)Router#reload Restarts the router You can also use the following commands to manage system files:
Use . . . To . . .
show version Display information about hardware and firmwareincluding the configuration register valueconfigure memoryor copy startup-config running-config
Copy configuration information from another source (likeNVRAM)
configure terminal Configure information into the RAM of a router
IOS Boot and Upgrade Location Command ListThe router can load an IOS image from the following locations:
Flash TFTP server
ROM (limited version of the IOS software)Use the boot system command in global configuration mode to identify alternate locations foIOS image. Use the copy command to archive, upgrade, or replace an IOS image.
Use . . . To . . .
Router(config)#boot system flash Identify an IOS image file in flash touse at boot.
8/8/2019 Bong Ccna1
29/103
Router(config)#boot system tftp
Identify an IOS image file on a TFTPserver to use at boot.
Router(config)#boot system rom (IOS versions 11.2 andbelow)Router(config)#boot system flash bootflash: (IOS versions
12.0 and above
Specify to use the limited IOS versionstored in ROM at boot.
Router#copy flash tftp Back up (copy) the IOS image fromFlash to the TFTP server.
Router#copy tftp flash Restore the IOS image from backup on the TFTP server to Flash.Note:When you use the boot system command, you are not making backup copies of the IOSimage, nor are you replacing the default IOS search order. You are directing the router where for the IOS image on boot-up. It tries each location in turn, until it finds a valid IOS image. Ifis not found, it returns to the default load sequence.
Show Command List (Basic)The following list summarizes common information you can display using common showcommands.
Use this command... To...
show version View hardware configuration, running IOS version, ROM bootstrapversion, and RAM and processor informationshow running-config View the currently running configuration file
show startup-configor show config
View the startup configuration file stored in NVRAM (the saved copy o the configuration file)
show flash* View the size of the configuration files and the available flash memoryView information for all IOS image files stored on the router show history View the commands in the command history listshow protocolsor show interfaces
or show ip interfaces
View the IP addresses assigned to a specific interface
show protocolsor show interfaces
View the status of all interfaces
*The show flash command is not enabled in the simulations.
8/8/2019 Bong Ccna1
30/103
Router and Interface Identification Command ListDuring initial setup, you can configure a host name for your router. This is the name that appin the EXEC prompt. Unlike the router itself, the router interfaces do not have specific nameschange the prompt. However, you can add a description to the configuration file that helps yoidentify the interface.
Use . . . To . . .Router(config)#hostname Change the host name of the router Router(config)#int serial 0Router(config)#int ser 0Router(config)#int ser0Router(config)#int s0
Go to interface configuration mode for the first serialinterface. Use the Ethernet (e, eth) keywords to switch toEthernet interface mode.
Router(config-if)#description Set a description for a specific interface
ExamplesThe following set of commands sets the hostname of the router to ATL1:Router#config tRouter(config)#hostname ATL1 ATL1(config)#
The following set of commands adds a description of "ATL to NYC" for the first serial interf the router:
Router(config)#int ser 0Router(config-if)#description ATL to NYC
Note:To undo any configuration change, use the same command preceded by the no keyword followed by the command. For example, to remove a description from an interface, use the focommand:
Router(config-if)#no description
Notice that in many cases you can leave off additional parameters when using the no comma
Router Password FactsThe following table list three of the most common passwords that you can configure on yourPasswordType Description
Console Controls the ability to log on to the router through a console connection
Line Controls the ability to log on to the router using a virtual terminal (VTY) or Telconnection
8/8/2019 Bong Ccna1
31/103
EXEC mode
Controls the ability to switch to configuration modes. There are two different passwords that might be used:
The enable password is stored in clear text in the configuration file. The enable secret password is stored encrypted in the configuration file.
The router always uses the enable secret password if it exists. Be aware of the following recommendations for configuring router passwords:
Passwords are case-sensitive. For security reasons, you should not use the same password for both your enable and e
secret passwords. You can set the enable, enable secret, and line passwords in setup mode. However, ther
other passwords that you cannot set in setup mode. Cisco routers support Terminal Access Controller Access Control System (TACACS) a
Remote Authentication Dial-In User Service (RADIUS) to centrally validate users
attempting to gain access to the router.
Password Command ListUse . . . To . . .
Router(config)#enable secret
Set theencrypted passwordused for privilegedmode access.The enablesecret isalways usedif it exists.
Router(config)#enable password
Set theunencrypted password for privilegedmode access.This password isused if theenable secretis not set.
Router(config)#line con 0 Switch to thelineconfiguration
8/8/2019 Bong Ccna1
32/103
mode for theconsole.
Router(config)#line vty
Switch to thelineconfiguration
mode for thevirtual terminal.Specify oneline number or a range of line numbers(line vty 04).
Router(config-line)#password
Set the line
password (for either consoleor VTYaccess).
Router(config-line)#login Require the password for line access.
Router(config)#no enable secretRouter(config)#no enable passwordRouter(config-line)#no loginRouter(config-line)#no password
Remove the password. Theno logincommanddisables passwordchecking.
Router(config)#service password-encryption Encrypt all passwords.
Note:If you do not use the login command in line mode, a password willnot be required for access,even though one is set. Access to the router console through a telnet session is controlled by the login and the passwoentries. To prevent VTY access, there must be a login entrywithout a password set. Access is allowebased on the following conditions:
no login, no password = access is allowed without a password login, no password = access is denied (the error message indicates that a password is
required but none is set) no login, password = access is allowed without a password login, password = access is allowed only with correct password
8/8/2019 Bong Ccna1
33/103
Password RecoveryPassword recovery is the process of discovering or resetting forgotten router passwords. In threcovery process, you modify theconfiguration register to bypass the startup-config file and boot the router with a limited IOS version. You can then load the existing startup-config file and vmodify the current password settings.
The exact process you use to recover lost passwords depends on the router model. List belowgeneral steps you would take for the 2500 series routers:
1. Establish a console connection to the router.2. Turn the router off and on.3. Within 60 seconds, use the keyboard to send a break sequence to the router. For a Win
system, the break sequence is typically one of the following: Break + F5 Shift + F5 ^$B (Shift + 6, Shift + 4, Shift + b)
4. At the prompt, type o. Record the value for the configuration register (usually 0x2102)5. Type o/r 0x2142 to change the configuration register setting. (On some routers, use the
confreg command followed by the appropriate register value to make the change.)6. Type i to reboot. With the configuration register changed, the router reboots bypassing
startup-config file. 7. The router will automatically enter Setup mode. At this point you can:
Use Setup mode to configure the router (including the passwords). Quit Setup mode (using Ctrl + C) and change only the existing passwords.
1. Type copy start run to load the startup-config file.2. Enter configuration mode to change the passwords.3. Type config-register 0x2102 to change the configuration register back to t
default.4. Exit configuration mode and use copy run start to save the changes to the
passwords.8. Use the reload command to restart the router normally.
Banner Command List Banners display messages that anyone logging into the router can see. The following four typbanners display at various times during the login or startup sequence.
Use . . . To . . .Router(config)#banner Router(config)#banner motd
Set the Message-of-the-day (MOTD) banner. The MOTDbanner displays immediately after a connection is made.
Router(config)#banner login Set the login banner. The login banner displays after theMOTD banner and before the login prompt.
Router(config)#banner exec Set the EXEC banner. The exec banner displays after asuccessful login.
http://c/Program%20Files/TESTOUT/resources/cisco/c801/confreg.htmhttp://c/Program%20Files/TESTOUT/resources/cisco/c801/confreg.htm8/8/2019 Bong Ccna1
34/103
Router(config)#banner incoming Set the incoming banner. The incoming banner displays for a reverse telnet session.
Router(config)#no banner Removes the specified banner
Note:The banner command without a keyword defaults to set the MOTD banner.
Follow the banner command with a delimiting character. The delimiter encloses the banner teand helps the router identify the beginning and ending of the banner. This allows you to consmultiple-line banners.ExampleThe following commands set the MOTD, login, and EXEC banners, using # as the delimitingcharacter and inserting a hard return between each banner:Router(config)#banner motd # This is the Message-of-the-day banner!#Router(config)#banner login # This is the Login banner!#Router(config)#banner exec # This is the Exec banner!#
Interface Command ListUse the following commands to configure interfaces and view interface information.
Use . . . To . . .Router>sh ip int View the IP configuration of all interfaces.
Router(config)#int eth0Router(config)#int serial 0Enter configuration mode for an interface.Note:You can include or omit the space between theinterface keyword and the interface number.
Router(config)#ip address Assign an IP address to the interface.
Router(config)#no shutdown Enable an interface (remove the shutdown command)
Router#ping Test communication with a specific interface using its IPaddress.Example
The following set of commands configures the IP address 192.168.1.229 with a mask of 255.255.255.0 for the first Serial interface on the router and activates the interface.Router(config)#int ser 0Router(config-if)#ip address 192.168.1.229 255.255.255.0Router(config-if)#no shutdown
8/8/2019 Bong Ccna1
35/103
Interface StatusesYou can use the interface status to troubleshoot connectivity problems and quickly see whethlink between the router and the network is operational. The following table summarizes some possible conditions indicated by the interface status.A status of... Indicates...administratively down, line protocol isdown
The interface is shut down (with the shutdowncommand)
down, line protocol downHardware or network connection problem (Physicallayer)No carrier detect signal
up, line protocol is downConnection or communication problem (Data Linklayer)No keepalives
up, line protocol is up The link is functionalEven though the interface status shows "up, line protocol is up," you might need to performadditional tasks for router-to-router communication to take place (such as assigning an IPaddress). The interface status indicates whether Data Link layer communications are enabledHowever, most networking tasks occur at higher layers (Network through Application layers
Back-to-Back Configuration Facts
When you configure a router to connect to a network through a serial interface, the router muconnected to a device (such as a CSU/DSU or another router) that provides clocking signals. you configure two routers in a back-to-back configuration through their serial ports, one routinterface must be configured to provide the clocking signals for the connection.
The router providing clocking is known as the DCE (data circuit-terminating equipmen The router not providing clocking is known as the DTE (data terminal equipment).
The DCE interface is identified in two ways: The cable connecting the two routers has both a DCE and a DTE end. Connect the DC
the cable to the interface you want to be the DCE device.
The DCE interface is configured to provide a clocking signal with the clock rate comm the clock rate command is not issued, clocking is not provided, and the line between throuters will not change to up.
CDP Command ListThe Cisco Discovery Protocol (CDP) is a protocol that Cisco devices use to learn and shareinformation about each other. Cisco devices, such as routers and switches, can discover neighCisco devices through CDP.
8/8/2019 Bong Ccna1
36/103
By default, CDP is enabled on all interfaces. CDP only shares information with directly connected (neighboring) devices. CDP works when there is a valid Data Link layer connection. CDP works regardless of the Network layer and other protocols used. It can discover
information on LANs, Frame Relay, and other network architectures.Use the following commands to customize and view CDP information.
Use . . . To . . .Router(config)#cdp holdtime Specify the amount of time that information in a
packet is still valid (default = 180 seconds)Router(config)#cdp timer Specify how often CDP packets are exchanged (defa
= 60 seconds)Router(config)#cdp run Enable CDP on the router
Router(config)#no cdp run Disable CDP on a router, to prevent the router fromexchanging CDP packets
Router(config-if)#cdp enable Turns CDP for an interface on
Router(config-if)#no cdp enable Turns CDP for an interface off
Router#show cdp View CDP information
Router#show cdp interface
Show information about neighbors accessed throughan interface
Show CDP configuration information for the router including the holdtime, encapsulation, and CDPexchange interval
Router#show cdp neighbors
Show information about all neighboring Cisco devicincluding:
Device ID Local interface Holdtime Capability
Platform Port ID
Router#show cdp neighbors detail Shows all information for the show cdp neighborscommand and adds:
Network address Enabled protocols
8/8/2019 Bong Ccna1
37/103
Software version
ExamplesThe following commands turns on CDP for the router and configures it to send CDP packets
90 seconds.
Router(config)#cdp runRouter(config)#cdp timer 90
The following commands turns off CDP on the router's first Ethernet interface.Router(config)#int eth 0Router(config-if)#no cdp enable
Switch ComponentsSwitches connect multiple segments or devices and forward packets to only one specific port
Modern switches can also be used to create virtual LANs (VLANs) and perform some tasks previously performed only by routers (Layer 3 switches). An important characteristic of a swmultiple ports, all of which are part of the same network segment.In this course, you will learn how to configure the Catalyst 2950 series switch. Each switch pa single LED. The color of the LEDs change to give you information about how the switch isworking. Port LEDs mean different things based on the mode selected with the Mode button.
Mode Meaning
StatSolid green = OperationalFlashing green = Link activityOff = Non-functional
Util All switch port lights act as a meter to indicate overall utilization. The more lights thalit, the higher the utilization.
DuplexSolid green = Full duplexOff = Half duplex
Speed Solid green = 100 MbpsOff = 10 MbpsOn a simple LAN, you can connect the switch to the network, connect devices, and it willautomatically begin switching traffic to the correct ports. The switch comes preconfigured toout-of-the-box without configuration. To customize the switch configuration, connect to the sin one of the following ways:
Console connection Telnet session Web management software (connect through the LAN through a Web browser)
Note:You must configure an IP address for the switch to manage it through a Telnet or Websession.
8/8/2019 Bong Ccna1
38/103
Switch Configuration ModesLike a router, the switch has similar configuration modes, with some differences to account fswitch functionality not included in routers. The following graphic illustrates some of theconfiguration modes of the switch.
Like a router, the switch has multiple interface modes depending on the physical (or logical)interface type. For this course, you should be familiar with the following switch interface mo
FastEthernet (100 Mbps Ethernet)
GigabitEthernet (1 GB Ethernet) VLAN (Logical management interface)
Note:When switching to interface configuration mode, follow the interface type and number (FastEthernet0) with the port number (/14). Ports are numbered beginning with 1 (not 0).In addition to the special interface modes, Catalyst switches include a vlan database configurmode. Configuration tasks that you can perform in this mode overlap configuration tasks youcomplete in the vlan configuration mode. You should understand the following about these twmodes:
Enter the vlan database configuration mode from the privileged user prompt. Enter vlamode from the global configuration prompt.
The vlan database mode allows you to configure a subset of features supported by the vconfiguration mode. In other words, there will be some configuration tasks that you ca perform in vlan database mode. You can always use the vlan configuration mode to peall VLAN configuration tasks.
Changes made in the vlan database configuration mode do not take effect until you savchanges, either before or while exiting the configuration mode. On the other hand, chamade in vlan mode take place immediately.
8/8/2019 Bong Ccna1
39/103
Changes made in the vlan database configuration mode are not stored in the regular swconfiguration file.
Note:Do not confuse the vlan configuration mode with the interface vlan configuration modeYou will learn more about using each of the configuration modes throughout this section.
Switch Configuration Command ListUsing the switch command line interface is similar to using the router command line interfacyou are familiar with router configuration, you will probably be able to guess how to complemany switch configuration tasks. Use the same options to get help, to move between configurmodes, to set the hostname, and to save and load configuration files.The following table lists common switch configuration commands.
Task CommandMove to privileged mode from user mode switch>enableMove to user mode from privileged mode switch#disableMove to global configuration mode switch#configure terminal
Move to interface configuration mode
switch(config)#interface fastethernet0/14switch(config)#interface gigabitethernet 0/17 switch(config)#interface con 0switch(config)#interface vty 0 4switch(config)#interface vlan 1
Leave the current configuration mode, or exit the system switch(config-if)#exit
Exit all configuration modes switch(config)#^ZShow the current switch configuration switch#show running-configShow switch information such assoftware version and hardwarecomponents
switch#show version
Show interface status andconfiguration information
switch#show interfacesswitch#show interfaces fastethernet 0/14
Save the current switch configuration switch#copy running-config startup-configLoad a configuration file from another location switch#copy tftp://1.0.0.0/my_config.cfg
Set the enable password (tocisco ) switch(config)#enable password ciscoSet the secret password (tocisco ) switch(config)#enable secret ciscoSet the default gateway switch(config)#ip default-gateway 1.1.1.1Set the switch hostname switch(config)#hostname ATL
8/8/2019 Bong Ccna1
40/103
Set a description for a port switch(config-if)#description IS_VLANEnable CDP on the switch switch(config)#cdp runEnable CDP on a port switch(config-if)#cdp enable
Set CDP parameters switch(config)#cdp holdtime 181switch(config)#cdp timer 66
Set the port speedswitch(config-if)#speed 10switch(config-if)#speed 100switch(config-if)#speed auto
Set the duplex modeswitch(config-if)#duplex half switch(config-if)#duplex fullswitch(config-if)#duplex auto
Switch IP Address FactsOne task that is different for switches than for routers is configuring the IP address. Keep in m the following facts about IP addresses configured on switches:
Basic switches operate at Layer 2, and therefore do not need an IP address to function. fact, a switch performs switching functions just fine without an IP address set.
You only need to configure a switch IP address if you want to perform in-bandmanagement of the switch from a Telnet or Web session.
The switch itself has only a single (active) IP address. Each switch port doesnot have an IPaddress (unless the switch is performing Layer 3 switching, a function which is notsupported on 2950 switches). The IP address identifies the switch as a host on the netwbut is not required for switching functions.
To configure the switch IP address, you set the address on the management VLAN logical intThis is a logical interface defined on the switch to allow management functions. By default, tVLAN is VLAN 1 on the switch. Use the following commands to configure the switch IP ad
switch#config terminalswitch(config)#interface vlan 1switch(config-if)#ip address 1.1.1.1 255.255.255.0switch(config-if)#no shutdown
Note:To enable management from a remote network, you will also need to configure the defagateway on the switch using the following command (notice that the default gateway is set inglobal configuration mode):
switch(config)#ip default-gateway 1.1.1.254
Frame Tagging Facts Although you can create VLANs with only one switch, most networks involve connecting m
8/8/2019 Bong Ccna1
41/103
switches. The area between switches is called theswitch fabric . As a frame moves from switch toswitch within the switch fabric, each switch must be able to identify the destination virtual LAOne way to identify the VLAN is for the switch to use a filtering table that maps VLANs to Maddresses. However, this solution does not scale well. For large networks, switches append a ID to each frame. This process, calledframe tagging or frame coloring, identifies the VLAN of thedestination device.Remember the following facts regarding switch frame tagging (or coloring).
VLAN IDs identify the VLAN of the destination device. Tags are appended by the first switch in the path, and removed by the last. Only VLAN-capable devices understand the frame tag. Tags must be removed before a frame is forwarded to a non-VLAN-capable device. Tag formats and specifications can vary from vendor to vendor. When designing VLAN
you might need to stick with one switch vendor. Cisco's proprietary protocol is called tInter-Switch Link (ISL) protocol. Use 802.1q-capable switches to ensure a consistent tagging protocol.
VLAN Facts A virtual LAN (VLAN) can be defined as:
Broadcast domains defined by switch port rather than network address A grouping of devices based on service need, protocol, or other criteria rather than phy
proximityUsing VLANs lets you assign devices on different switch ports to different logical (or virtualLANs. Although each switch can be connected to multiple VLANs, each switch port can be a
to only one VLAN at a time. The following graphic shows a single-switch VLAN configurat
8/8/2019 Bong Ccna1
42/103
Be aware of the following facts about VLANs: In the graphic above, FastEthernet ports 0/1 and 0/2 are members of VLAN 1. FastEth
ports 0/3 and 0/4 are members of VLAN 2. In the graphic above, workstations in VLAN 1 willnot be able to communicate with
workstations in VLAN 2, even though they are connected to the same physical switch. Defining VLANs creates additional broadcast domains. The above example has two br
domains, each of which corresponds to one of the VLANs. By default, switches come configured with several default VLANs:
VLAN 1 VLAN 1002 VLAN 1003 VLAN 1004 VLAN 1005
By default, all ports are members of VLAN 1.Creating VLANs with switches offers the following administrative benefits.
You can create virtual LANs based on criteria other than physical location (such asworkgroup, protocol, or service)
You can simplify device moves (devices are moved to new VLANs by modifying the passignment)
You can control broadcast traffic and create collision domains based on logical criteria You can control security (isolate traffic within a VLAN) You can load-balance network traffic (divide traffic logically rather than physically)
Creating VLANs with switches offers the following benefits over using routers to create distinetworks.
Switches are easier to administer than routers Switches are less expensive than routers Switches offer higher performance (introduce less latency)
A disadvantage of using switches to create VLANs is that you might be tied to a specific venDetails of how VLANs are created and identified can vary from vendor to vendor. Creating amight mean you must use only that vendor's switches throughout the network. When usingmultiple vendors in a switched network, be sure each switch supports the 802.1q standards ifwant to implement VLANs.Despite advances in switch technology, routers are still needed to:
Filter WAN traffic Route traffic between separate networks Route packets between VLANs
VLAN Command ListTo configure a simple VLAN, first create the VLAN, and then assign ports to that VLAN. Th following table shows common VLAN configuration commands.
8/8/2019 Bong Ccna1
43/103
Task Command(s)
Define a VLAN (You can create VLANs in either vlandatabase mode or by using the vlan command in globalconfiguration mode.)
switch#vlan database*switch(vlan)#vlan 2 namename **switch(vlan)#exit OR applyswitch(config)#vlan 2switch(config-vlan)#namename **
Assign ports to the VLAN switch(config-if)#switchport accessvlan number ***Show a list of VLANs on the system switch#show vlanShow information for a specific VLAN switch#show vlan idnumber *Notice that the vlan database command is issued in privileged EXEC mode.**Giving the VLAN a name is optional.***If you have not yet defined the VLAN, it will be created automatically when you assign the port to the VLA
ExampleThe following commands create VLAN 12 named IS_VLAN, identifies port 0/12 as having oworkstations attached to it, and assigns the port to VLAN 12.
switch#config tswitch(config)#vlan 12switch(config-vlan)#name IS_VLANswitch(config-vlan)#interface fast 0/12switch(config-if)#switchport access vlan 12
TrunkingTrunking is a term used to describe connecting two switches together. Trunking is important you configure VLANs that span multiple switches as shown in the diagram.
8/8/2019 Bong Ccna1
44/103
Be aware of the following facts regarding trunking and VLANs: In the above graphic, each switch has two VLANs. One port on each switch has been a
to each VLAN. Workstations in VLAN 1 can only communicate with workstations in VLAN 1. This m
that the two workstations connected to the same switch cannot communicate with eachCommunications within the VLAN must pass through the trunk link to the other switch
Trunk ports identify which ports are connected to other switches. Trunk ports are automatically members of all VLANs defined on the switch.
Typically, Gigabit Ethernet ports are used for trunk ports.When trunking is used, frames that are sent over a trunk port are tagged with the VLAN IDnumber so that the receiving switch knows to which VLAN the frame belongs. Cisco support trunking protocols that are used for tagging frames.
Trunking Protocol Characteristics
Inter-Switch Link(ISL)
A Cisco-proprietary trunking protocol.ISL can only be used between Cisco devices.ISL tags each frame with the VLAN ID.Catalyst 2950 switches donot support ISL.
802.1Q An IEEE standard for trunking and therefore supported by a wide range of devices.With 802.1Q trunking, frames from the default VLAN 1 are not tagged.Frames from all other VLANs are tagged.
Cisco switches have the ability to automatically detect ports that are trunk ports, and to negot the trunking protocol used between devices. Switches use the Dynamic Trunking Protocol (Ddetect and configure trunk ports. For example, when you connect two switches together, theyautomatically recognize each other and select the trunking protocol
8/8/2019 Bong Ccna1
45/103
Trunking Command ListThe following table lists important commands for configuring and monitoring trunking on aswitch.
Command Function
Switch(config-if)#switchport mode trunk
Enables trunking on the interface. The port willnot use
DTP on the interface.
Switch(config-if)#switchport trunk encapsulation dot1qSwitch(config-if)#switchport trunk encapsulation isl
Sets the trunking protocol to use
2950 switches onlysupport 802.1Q and therefore you will not
use this command on2950 switches
Switch(config-if)#switchport mode dynamic auto
Enables automatic trunking discoveryand configuration.
The switch uses DTP toconfigure trunking.
Switch(config-if)#switchport mode dynamic desirable
Enables dynamic trunkingconfiguration.
If a switch is connected,it will attempt to use the desired trunking protocol (802.1Q for 2950 switches).
If a switch is notconnected, it willcommunicate as anormal port.
Switch(config-if)#switchport mode access Disables trunkingconfiguration on the port.
You must disable trunking before youcan assign a port to a
8/8/2019 Bong Ccna1
46/103
VLAN.
Switch#show interface trunkSwitch#show interface fa0/1 trunk
Shows interface trunkinginformation with the following:
Mode Encapsulation Trunking status VLAN assignments
VTP FactsThe VLAN Trunking Protocol (VTP) simplifies VLAN configuration on a multi-switch netw propagating configuration changes to other switches. With the VTP, switches are placed in on the following three configuration modes.
Mode Characteristics
Server A switch in server mode is used to modify the VLAN configuration. Configuratioinformation is then broadcast to other VTP devices.
Client A switch in client mode receives changes from a VTP server and passes VTPinformation to other switches. However, you cannot modify the VLAN configura from a switch in client mode.
Transparen t
A switch in transparent mode does not receive VTP configuration information froother switches. It passes VTP information to other switches as it receives theinformation. You can modify VLAN configuration information from a switch in transparent mode, but the changes apply only to the local switch (changes are not to other devices).
Keep in mind the following facts about VTP: To make VLAN changes on a switch, the switch must be in either server or transparent If you cannot modify the VLAN configuration, the switch is in client mode. By default, switches are configured in server mode. Use the vtp mode command to configure the VTP mode of the switch. Use the show vtp status command to view the current vtp mode of the switch.
Spanning Tree FactsTo provide for fault tolerance, many networks implement redundant paths between devices umultiple switches. However, providing redundant paths between segments causes packets to passed between the redundant paths endlessly. This condition is known as abridging loop.To prevent bridging loops, the IEEE 802.1d committee defined a standard called the spanning
8/8/2019 Bong Ccna1
47/103
algorithm (STA), or spanning tree protocol (STP). With this protocol, one bridge (or switch) each route is assigned as the designated bridge. Only the designated bridge can forward packRedundant bridges (and switches) are assigned as backups.The spanning tree algorithm provides the following benefits:
Eliminates bridging loops
Provides redundant paths between devices Enables dynamic role configuration Recovers automatically from a topology change or device failure Identifies the optimal path between any two network devices
The spanning tree algorithm automatically discovers the network topology, and creates a singoptimum path through a network by assigning one of the following roles to each bridge or swThe bridge role determines how the device functions in relation to other devices, and whethedevice forwards traffic to other segments.
Role Characteristics
Root Bridge
The root bridge is the master or controlling bridge. The root bridge periodicallybroadcasts configuration messages. These messages are used to select routes andreconfigure the roles of other bridges if necessary. There is only one root bridge network. It should be assigned by the network administrator.When selecting the root bridge, select the bridge that is closest to the physical ceof the network.
Designated Bridge
A designated bridge is any other device that participates in forwarding packets through the network. They are selected automatically by exchanging bridgeconfiguration packets.To prevent bridging loops, there is only one designated bridge per segment.
Backup Bridge
All redundant devices are classified as backup bridges. Backup bridges listen tonetwork traffic and build the bridge database. However, they will not forward packets. A backup bridge can take over if the root bridge or a designated bridge
Devices send special packets called Bridge Protocol Data Units (BPDUs) out each port. BPDand received from other bridges are used to determine the bridge roles, verify that neighbor dare still functioning, and recover from network topology changes. Devices participating in thspanning tree algorithm use the following process to configure themselves:
1. At startup, switches send BPDUs (Bridge Protocol Data Units) out each port.2. Switches use information in the BPDUs to elect a root bridge.3. Switches on redundant paths are configured as either designated (active) or backup(inactive) switches.4. After configuration, switches periodically send BPDUs to ensure connectivity and disc
topology changes. As the switch participates in the configuration process, and while it operates, each of its ports placed into one of five states. The port state determines whether the port receives and forwardnormal network messages.
8/8/2019 Bong Ccna1
48/103
Port State Description
Disabled A device in the disabled state is powered on but does not participate in listening tonetwork messages or forwarding them. A bridge must be manually placed in thedisabled state.
BlockingWhen a device is first powered on, it is in the blocking state. In addition, backupbridges are always in a blocking state. The bridge receives packets and BPDUs seall bridges, but will not process any other packets.
Listening
The listening state is a transitionary state between blocking and learning. The portremains in listening state for a specific period of time. This time period allows net traffic to settle down after a change has occurred. For example, if a bridge goes doall other bridges go to the listening state for a period of time. During this time thebridges redefine their roles.
Learning A port in the learning state is receiving packets and building the bridge database(associating MAC addresses with ports). A timer is also associated with this state
port goes to the forwarding state after the timer expires.Forwarding
The root bridge and designated bridges are in the forwarding state when they canreceive and forward packets. A port in the forwarding state can both learn and forward.
Note:When you use spanning tree on a switch with multiple VLANs, each VLAN runs a sepainstance of the spanning tree protocol.
Spanning Tree Command ListYou can configure multiple paths with switches to provide fault-tolerance. As you know, hav
multiple paths means that the network is susceptible to data transmission (bridging) loops. Libridges, switches can run the spanning tree algorithm to prevent such loops from forming. By default, the spanning tree protocol is enabled on all Cisco switches. Switch port configuraautomatic when the switch is connected to the network and powered on. Use the followingcommands to customize the spanning tree protocol.
Command FunctionSwitch(config)#no spanning-treevlan number Disables spanning tree on the selected VLAN.
Switch(config)#spanning-tree vlannumber root primary Forces the switch to be the root of the spanning tree.
Switch#show spanning-tree
Show spanning tree configuration information. Todetermine if the VLAN is functioning properly, verify tha the first line of the output is:VLAN1 is executing the IEEE compatible spanning tree protocol.
Example
8/8/2019 Bong Ccna1
49/103
The following commands disable spanning tree for VLAN 12 and force the switch to be the r the spanning tree for VLAN 1.
Switch(config)#no spanning-tree vlan 12Switch(config)#spanning-tree vlan 1 root primary
EtherChannel FactsEtherChannel combines multiple switch ports into a single, logical link between two switcheEtherChannel:
You can combine 2-8 ports into a single link. All links in the channel group are used for communication between the switches. Use EtherChannel to increase the bandwidth between switches. Use EtherChannel to establish automatic-redundant paths between switches. If one link
fails, communication will still occur over the other links in the group. Use EtherChannel to reduce spanning tree convergence times.
Use the channel-group command for a port to enable EtherChannel as follows:Switch(config)#interface fast 0/12Switch(config-if)#channel-group 1 mode on
Each channel group has its own number. All ports assigned to the same channel group will beviewed as a single logical link.Note:If you do not use the channel-group command, the spanning tree algorithm will identifylink as a redundant path to the other bridge and will put one of the ports in blocking state.
8/8/2019 Bong Ccna1
50/103
Port Security FactsThe basic function of a switch is to pass packets from one host to another. Under normal oper the switch learns the MAC address of the device(s) connected to each of its ports. When a deconnected to the switch port, the MAC address of the frame from the connected device is pla forwarding table. Under normal circumstances, there are no restrictions on the devices that caattached to a switch port.With switch port security, you configure the switch to allow only specific devices to use a giv port. You identify the MAC address of allowed devices. Any devices not explicitly identifiednot be allowed to send frames through the switch. To configure port security, take the followigeneral actions on the port:
Explicitly configure the port as anaccess port (a port with attached hosts, not with an
attached switch). Enable switch port security. Identify the MAC addresses that can use the switch.
The following commands list the switch port configuration commands:
Command Functionswitch(config-if)#switchport mode access Identifies the port as an access port.switch(config-if)#switchport port-security Enables port security.switch(config-if)#switchport port-security mac-address
h.h.h
Identifies the allowed MAC address (h.h.h
is a hexadecimal number).
switch(config-if)#switchport port-security maximumnumber
Configures the maximum number of MAC addresses that can be allowed fo
![Questions [Ccna1]](https://img.pdfslide.net/doc/110x75/553e307b4a795905308b48bd/questions-ccna1.jpg)
