CCNA study
OSI Model
Application
File, print, message, database, and applications
Determines availability of the target host.
Www, email, FTP, telnet, edi, quake
Presentation
Data Encryption, compression, and translation services
Determines the syntax of the data transfer.
Pict, tiff, jpeg, midi, mpeg, quicktime, etc
Session
Dialog control, coordinates the comunications
Nfs, sql, rpc, x windows, ASP (appletalk session protocol), DNA SCP (
digital
whatzit)
Transport
End-to-end communication
Responsible for hiding the communications from the higher layers.
TCP / UDP
Network
Routing
IP/ICMP, BootP, ARP, RARP
Routers
Data Link
Framing
Ethernet II, 802.5 (token ring), 802.3, 802.2 (802.3 with dsap and ssa
p logical
link control fields)
Media Access control: MAC: 48 bits, 3 bytes vendor + 3 bytes serial nu
mber
WAN:
High-level datalink control HDLC (cisco default for serial links)
Synchronous Data Link Control SDLC (uses polling)
Link Access Procedure, Balanced LAPB
x.25, slip, ppp, isdn, Frame Relay
Bridges / Switches
Physical
Wire?nbsp;
v.24, v.35, x.21, g.703, hssi, etc
Repeaters / Hubs
DOD Model
Process/application?nbsp;application, presentation, session
Host-to-host?nbsp; transport
Internet ?nbsp; network
Network access?nbsp; Datalink / physical
LAN
Ethernet
802.3 CSMA/CDEthernet_II 802.2
10base2/thinnet: 185 meters
10base5/thicknet: 500 meters
10baseT: can run above 10Mbps 200ish meters
5-4-3 rule: 5 segments, 4 repeaters, 3 segments populated
100BaseTX:100 meters, up to 2 repeaters.Packets between 512and
1518.
FDDI
100 Mbps
token passing with dual counter-rotating rings
Token-ring
802.5
4 / 16 Mbps
ATM
53-byte cells
Flow Control
Contention: CSMA/CD : Carrier Sense Multiple Access, Collision
Detect
Token Passing: Token Ring, Fiddi
Polling: SDLC, some HDLC, some HP ethernet stuff
SWITCHING
Store ?nbsp;and ?nbsp;forward
Buffers whole frame before forwarding
Cut-Through
Forward frame as soon as destination address is available
Fragment Free
Does Cut-Through after 64 bytes are received to stop collision packe
ts from
being forwarded.
802.1d Spanning-Tree Protocol STP
detect and eliminates loops in routed network
STA: Spanning Tree Algorithm
Sends out BPDUs: Bridge protocol data units
VLAN:
Virtual Lans
Create 'logical' networks by location, function or department.. Or pro
tocol, or
whatever.
Done with a switch using Frame-Tagging (can be used between switches I
f you
have ISL inter-switch link)Frame-Tagging uses unique user-defined id
entifiers
while within the switch fabric, and is very scalable.
TCP/IP
Port numbers:
TCP: protocol number 6
ftp: 21
telnet: 23
smtp: 25
UDP: protocol number 17
Dns: 53
Tftp: 69
Snmp: 161
TCP Addressing:
0-255: public assigned
256 ?nbsp;1023: assigned to companies
1023+ user defined / source addresses
IP Addressing:
Class leading bits decimal range of first byte
A 01-127
B 10128-191
C 100192-223
Learn the rest of the stuff? Way out of scope of this.
NOTE:
Cisco considers the mask to be the bits beyond what is 'normal' for th
at class
address, not the entire number of bits in the subnet mask, sometimes?
IPX
Protocl Stack:
1. Application, presentation, session - RIP, SAP, NCP, NLSP, etc?nbsp;
2. Transport -IPX, SPX
3. Network-IPX
4. Data link-ODL Open Data Link
5. Physical -whatever
IPX
Connectionless, and communicates via sockets
Each host runs its own internal ipx network in addition to any lan n
etwork
Addressing:
10 byte address
first 4 bytes are network ?nbsp;need to be unique, otherwise whatever..
Last 6 bytes are node- usually just use the MAC address
SPX
Sequence Packet eXchange
Connection oriented protocol
Creates virtual circuits, with specific connection Ids
RIP
Routing information protocol
Distance vector protocol that establishes routes between ipx network
s
Judges based on ticks (1/18 second units) and hops
Broadcast every 60 seconds
Used to provide each server with a complete network map
SAP
Service advertising protocol
Servers use it to advertise, clients use it to locate services
Broadcast every 60 seconds
NLSP
NetWare Link Services Protocol
Link-state protcol to replace RIP and SAP someday?nbsp;
NCP
NetWare Core Protocol
Provides access to server resources
Netware in a nutshell
1.Strict client-server model (nobody is both)
2. Servers provide files, printing, messaing, applications, and data
bases
3. Every netware server (or cisco router) creates a SAP table of all
services
offered by all servers
4. A client issues a GNS (GetNearestServer request) broadcast to fin
d out
what is on the local SAP
Netware frame types & Features
1.802.3 default on NetWare 3.11
2.802.2 default on NetWare 3.12+
3.ethernet_ii - supports tcp/ip and ipx
4.ethernet_SNAP-appletalk, tcp/ip, and ipx
Routing Protocols
RIP:
Routing Information Protocol
Distance ?nbsp;vector routing protocol
Updates every 30 seconds
Route invalid timer 90 seconds: time before route considered invalid
.
Route flush timer: 240 seconds: route removed from table
Can use metrics (1-15) to weight against some interfaces
15 hop limit
OSPF:
Open Shortest Path First
Link-state routing
Very infrequent broadcast updates
Extremely granular metrics
NLSP:
Novell's Link State Protocol
Link-state
IGRP:
Interior Gateway Routing Protocol (cisco proprietary)
Distance-vector
Metrics and hop count from 1-255
Measures delay in units of 10 milliseconds
Measures bandwidth ?nbsp;on serial connection this needs to be set, defau
lt is T1
Measures reliability as 1-255 (255 optimal):
Measures load: 0-255 (0 = no-load)
Allows multi-path routing (dual links of equal bandwidth to 1 locatio
n)
Implements hold-downs, split horizons, and poision reverse updates
Update timer is 90 seconds, invalid timer is 270 seconds (3 times upd
ate)
Hold down timer is 280 (3 times update +10 seconds)
flush timer is 630 seconds (7 times update)
administrative distances: (reliability of information)
0 = direct connection, 1 = static, 100 = igrp, 110 =ospf, 120 = rip, 2
55 =
unknown
EIGRP:
Enhanced IGRP
Hybrid routing protocol
Uses distance vectors, however they are triggered by changes, not tim
ers.
Faster convergence, multiprotocol support
Distance- vector:
Uses second-hand info
Problems detecting /closing routing loops (counting to infinity)
Judges 'best' based on hop counts
Convergence can get pretty lengthy
Split horizion: enforces that inforation is not sent back in directi
on it came
from
Route poisoning: Helps prevent incorrect updates by setting route do
wn
eXPlicitly
Hold-downs: prevents routes from changing too quickly, to allow time
for
stabilization
Link-state
No-second hand info, and understands entire network
Uses LSP packets to build 'personal' copy of entire network strUCtur
e to route
from
LSP: link-state packets or "hello packets"
Chooses 'best' path based on: bandwidth, congestion, metrics, etc.
Update times can be set very lengthy as changes cause triggered udpa
tes.
EXTERIOR routing protocols
EGP:
1. Exterior Gateway Protocol
2. Polls neighbors
3. Exchanges info about AS with neighbors
4. Distance vector
5. Very simple
BGP:
1.Border Gateway Protocol
2.Can detect routing loops
3.Can work between AS
Other Random Cisco protocols
CDP:
1.Cisco Discovery Protocol
2.Runs SNAP: SubNetwork Access Protocol at the datalink layer.
3.This allows routers running different protocols to still communi
cate
4.60 second updates, 180 second hold time
#show cdp interface
interface information, encapsulation info, and timing information
#show cdp entry
shows detailed information about other routers on network
#show cdp neighbors
shows summary information that is being exchanged
#show cdp neighbor detail
extended listing of info for all routers
#show cdp traffic
shows packets sent / received amount neighbors
WAN:
POTS
Plain Old Telephone Service.(politely is: pstn: public switched tel
ephone
network)
Demarc:
end of responsbility for provider, start for customer
CPE:
customer premise equipment
Local loop:
wire from CO to demarc
CO:
Central Office: provider POP : point of presence
SDLC
1.Synchronous Data-Link Control
2.Used originally for SNA
3.Point o-point or multipoint
4.Bounded or unbounded media, half or full duplex
5.Circuit or packet-switched networks
6.2 node types.Primay or Secondary (controlled by primary)
HDLC
1.High-Level Data-Link Control protocol
2.This is the default communication method for cisco routers of sy
nc links,
and is proprietary
3.This came after SDLC, and was modified into LAP and LAPB.
4.HDLC transfer modes:
5.NRM: Normal Response Mode: secondaries only speak when spoken to
by pri
6.ARM: Async Response Mode: sec. Can speak on own
7.ABM: Async Balanced Mode: nodes can be both pri and sec
8.LAPB:Link Access Procedure Balanced: built into x.25
DDR
1.Dial on demand Routing
2.Be sure and setup route as static, and with specified distance o
ver 200 to
make sure it is 'last resort'
X.25
1. Point-to-point communication between DTE and DCE
2. DTE: Data Terminal Equipment (router or terminal, or whatever)
3. DCE: Data Circuit-Terminating Equipment (csu/dsi or modem)
4. PSE: Packet Switching Exchange: switches inside carriers network
5. Addresses defined by x.121 as a 14 digit number
6. DNIC:Data Network Identified Code is first 4 bits of address
7. Rest of address is assigned by the administrator
8. Full-duplex protocol
9. 'overbuilt' with lots of error checking
10. Created SVC or PVC connections (switched or Permanent virtual
circuits)
PLP
1.Packet layer protocol
2.X.25's network layer protocol
3.Modes: call setup, data transfer, idle, call clearing, restartin
g
LAPB
1.Link Access Procedure Balanced
2.Makes sure frames are error free and sequenced
3.Types of frames:
4.I information sequencing, flow control, error detect, recovery
5.S supervisory handles requests for, and suspension of transmitti
on
6.U unnumbered link setup and disconnections and error reporting
Setting up X.25 on Cisco
#interface
#encap x25
#x25 address
to set the address
#x25 ips
to configure Input Packet Size
#x25 ops
to configure Output Packet Size
#x25 win
to configure Window Input Size
#x25 wout
to configure Window Output Size
Frame Relay
1.Shared Bandwidth
2.Can setup a CIR (Committed Information Rate)
3.Assumed error-checking is handled at another, higher, layer
4.PVCs are created at layer 2.
DLCIs:
1.Data-link connection Identifiers : are used to identify virtual
circuit
connections.
2.DLCI address are assigned by the provider and then mapped to IP
addresses by the router
LMI:
1.Local management Interface
2.These are autodetected in current IOS versions?. However:
3.KeyWord Meaning
4.Cisco: defined by industry group, and default
5.ANSI: Annex D defined by T1.617
6.Q933a: Defined by ITU-T Annex A Q.933A
LMI can be used to determine the global significance of the DLCI num
bers.
Setup of Frame Relay on Cisco
#interface
#encapsulation frame-relay [ietf, or default is cisco]
use default to talk to other cisco routers, use ietf encapsulation
to talk to
non-cisco.
#frame-relay interface-dlci
to map dlci number to current interface, or subinterface
Then specify an IP address for that subinterface
Optionally you can hard-code the address on the other end.
#encap frame-relay [ietf]
#no inverse-arp
turns off auto addressing features
#ip address
#frame-relay map ip [cisco] [broadcast]
this lets you mix encap types, and allow broadcast over interface
Monitoring Frame Relay
#show frame ?
Ipip statistics
lmi lmi stats
map map table
pvc pvc stats ?nbsp;this one displays the DLCI #
route route info
traffic protocol stats
PPP
1.Point to Point Protocol
2.Userfull for dial-up or sync links (ISDN)
3.Authenticate using PAP: password authentication protocol or
4.CHAP: Challenge Handshake Authentication Protocol
ISDN
1.Integrated Services Digital Network
2.Terminal equipment types:
3.TE1: understands ISDN
4.TE2: predates ISDN and needs a TA (terminal adapter) to work
ISDN reference points:
1. R: between non-isdn device and TA
2. S: between terminal and NT2 device
3. T: point between NT1 and NT2
4. U: point between NT1 andcarrier line termination device
ISDN protocol codes:
1. E: existing telephone network
2. I: concepts, terms, and services
3. Q: switching and signaling
ISDN service levels:
1. Connect to lines with SPIDs (service Profile Identfiers) (phone
numbers..)
2. BRI: Basic Rate Interface:2B + 1D
3. B = 64kbs, D=16Kbps = 128kbs plus control
4. PRI: Primary Rate Interface: 23B + 1D
5. Total of 1.544Mbps
Configuring ISDN BRI
#isdn switch-type ?
Tons of proprietary switch types
#interface
typicaly bri0, or something like that.
#encap ppp
ppp is method used to setup isdn phone calls
#isdn spid1
#isdn spid2
Configuring ISDN PRI
#controller
typicaly something like #controller T1 1/0
#framing efs
sets Extended Super Framing, this is normal for T1/ PRI line
#linecode b8zs
line-conding mechanism to assist with timing by preventing strings
of zeros
#pri-group timeslots
sets number of timeslots
Access lists:
Basics:
1.Access lists must be created, then applied to an interface
2.Access lists can filter incoming or outgoing from an interface
3.Packets are compared only until a match is made
4.Packets that do not meet any criteria on the list are discarded
Wildcard maSKINg:
Nifty, acts like a reverse subnet mask:
Example: 0.0.0.255 would wildcard all hosts on class C network
0.0.0.0 would indicate no wildcarding
keywords:
host: 0.0.0.0 : just specified host
any: 255.255.255.255: absolutely anything
* when using keyword it comes before IP address, when using mask it
comes
after!
!!!
List number scheme
List number range & meaning
1-99 -ip standard list
100-199 -ip extended access list
800-899 -ipx standard
900-999 -ipx extended access list
1000-1099 - IPX SAP access list
IP access list creation
#access-list [
]
IP extended access list
#access-list
source and destination can be masked
port can be 'eq' for equal, 'neq' not equal, 'log' logged, or assorte
d other things
port can also be keyworeded: www, smtp, finger, ftp, telnet, etc?.
Ipx access list
#access-list
ion
network number
no wildcarding needed with ipx
-1 is used to indicate 'any network address'
extended ipx access lists
#access-list
-1 still indicates 'any' for socket or source address
IPX SAP access lists
#Access-list
service type is numeric value
Applying Access list to Interface
#interface
#ip access-group
Monitoring:
#show access-list
shows the lists and how many matches for each line
#clear access-list counters
clears statistics
Logging:
Keyword log can be placed at the end of extended access lists, and inf
o will be
logged to console by default, or could be re-directed to a error-log s
erver
Logs include: access list number, source and destination port/address
and
number of packets.
Displaying access list info
#Show ip interface
displays which list is enabled for the interface, both incoming and o
utgoing
#show running-config
shows just about everything?including details of what makes up each
access-list
CISCO Things:
Startup sequence
Bootstrapfrom Rom
Cisco IOS from Flash
From tftp
From Rom
Configuration Filefrom NVRAM
From tftp server
From console
Editing commands
Toggle on/off:Terminal editing / terminal no editing
Control +
A move to beginning of line
E end
F forward
B back
P previous
N most recent
Show history
Terminal history size set buffer size
Arrow keys also work to edit and scroll through buffer
Passwords
Enable secret: one-way crypto password, has priority over 'normal' en
able
password
#config terminal
#enable secret
Enable password:password to switch to priv mode
#config terminal
#enable password
Virtual terminal password:password to allow telnet into router
#config terminal
#line vty 0
#login
#password
Banner
#banner motd
yadda, yadda, yadda
Hostname
#config t
#hostname
hostname resolution
#ip host
this acts like a host file to allow static name resolution
#show hosts
displays configured hosts / ip addresses
#ip domain-lookup
#ip name-server
to configure DNS, use the 2 commands above.You can have up to 6 dns
addresses
#no ip domain-lookup
disable dns lookkup
Interface Naming
1. S Serial
2. E Ethernet
3. T TokenRing
4. F Fiddi
Number as card/portor for 7000 series as VIP card/port (from 0) /in
terface
(from 0)
Static Routing for IP
Config with:
#Ip route [distance]
Display with:
#Show ip route
#Show ip route static
Remove ip routes with:
#No ip route
Default route / route of last resort :
(set network and mask to all 0s)
#Ip route 0.0.0.0 0.0.0.0
IP classless:
With IP classless 'on' packets are forward on a best-guess directly co
nnected
network instead of having them dropped.
- this is used with default routes
Testing:
#ping
works with IP, ipx, appletalk, apollo, vines, and decnet
#ping
extended ping: works with ip, appletalk, and ipx to provide much mo
re info
#trace
works with: ip, appletalk, clns, oldvines (cisco), vines (banyan).
- remember that TCP is not on any of these lists?
nbsp;it is a higher-le
vel protocol.
Subinterfaces:
How to bind multiple conflicting commands to 1 interface?nbsp;use subin
terfaces.
Syntax is to place a period, then a integer after the device name.
Example: #int e0.100
Configuring Dynamic Routing for IP
RIP:
#router rip
#network
-optional #passive
lets you run rip without advertising connection
-optional #neighbor
lets info go over non-broadcast media (like WAN links)
-optional #debug ip ripor undebug ip rip
This shows all updates to the console (sent or received advertiseme
nts)
-optional #no router rip
Disables rip routing
IGRP
#router igrp
turns on igrp and allows setting of AS number
#network
-optional #debug ip igrp events #undebug ip igrp events
logs to console when/what events are done
-optional#debug ip igrp transactions#undebug ip igrp transactions
detailed log to console of what happens in each event
Display routing info:
#show ip route
This displays all routes on the router, including how the route was
'learned'
R = rip, C = connected, S = static, I = igrp, o = ospf, etc
#show ip route
displays routes 'learned' from specified protocol only
#show ip protocol
displays protocol and detailed info on timing, sources of info, fil
ters, etc.
#show ip interface
shows all lots of info on all interfaces
#show ip interface
shows info specific to the interface
IPX configuration
#ipx routing
to enable ipx routing
#interface
select an interface before providing specifc info for configuring ip
x
#ipx network [encapsulation
]
[secondary]
?nbsp;secondary indicates if more than one encapsulation type is used on 1
interface, recomened to use sub-interfaces
Table of info for configuring encapsulation types
interface typeframe type keyword
ethernet 802.3novell-ether (default)
802.2 sap
ethernet_II arpa
ethernet_snap snap
token ringtoken-ring sap (default)
token-ring_snap snap
fddi fddi_snap snap (default)
802.2 sap
fddi_raw novell-fddi
Show IPX servers
#show ipx servers
this displays the contents of the SAP,
listing all servers and servi
ces
show IPX route
#show IPX route
shows the IPX routing table
#ipx maximum paths
enable multiple paths to 1 destination
#show ipx traffic
generates traffic statistics on ipx network usage
#show ipx interface
detailed info on specific interface
#debug ipx
lots of debug information available
Sources for IOS software:
Flash Memory
Default and normally good idea
#show flash
lists all versions stored in flash, but does not specify which is r
unning
#show version
specifies which version of IOS you are running currently
Tftp server
Somewhat menu driven way to store and retrieve information to/from
tftp
server
#copy flash tftp ets you backup your ios saved in flash
#copy tftp flash-lets you download new versions or restore over b
ad
versions
tftp to backup / restore config info
#copy tftp running-config
#copy running-config tftp
Configuring fallback sources for IOS software
#boot system flash
to boot from flash
#boot system tftp
to boot from remote tftp server
#boot system rom
to boot from hard-coded ios version, this is a 'last resort' kinda
thing to do
IOS Commands that have little to do with routing
#show version
os version, uptime, how it was last started up, where ios was loade
d from
