31 days before your ccent certification exam · 2013-12-04 · odom’s cisco ccent/ccna icnd1...
TRANSCRIPT
Cisco Press • 800 East 96th Street • Indianapolis, Indiana 46240 USA
31 Days Before Your
CCENT Certification
Exam
Second EditionAllan Johnson
ii 31 Days Before Your CCENT Certification Exam
31 Days Before Your CCENT Certification ExamSecond Edition
A Day-By-Day Review Guide for the ICND1 (100-101) Certification Exam
Allan Johnson
Copyright© 2014 Cisco Systems, Inc.
Published by:
Cisco Press
800 East 96th Street
Indianapolis, IN 46240 USA
All rights reserved. No part of this book may be reproduced or transmitted in any form or by any
means, electronic or mechanical, including photocopying, recording, or by any information storage and
retrieval system, without written permission from the publisher, except for the inclusion of brief quota-
tions in a review.
Printed in the United States of America
First Printing December 2013
Library of Congress Control Number: 2013953096
ISBN-13: 978-1-58720-453-1
ISBN-10: 1-58720-453-3
Warning and Disclaimer
This book is designed to provide information about exam topics for the Cisco Certified Entry
Networking Technician (CCENT) Exam 100-101 ICND1. Every effort has been made to make this book
as complete and as accurate as possible, but no warranty or fitness is implied.
The information is provided on an “as is” basis. The authors, Cisco Press, and Cisco Systems, Inc. shall
have neither liability nor responsibility to any person or entity with respect to any loss or damages
arising from the information contained in this book or from the use of the discs or programs that may
accompany it.
The opinions expressed in this book belong to the author and are not necessarily those of Cisco
Systems, Inc.
Special Sales
For information about buying this title in bulk quantities, or for special sales opportunities (which may
include electronic versions; custom cover designs; and content particular to your business, training
goals, marketing focus, or branding interests), please contact our corporate sales department at corp-
[email protected] or (800) 382-3419.
For government sales inquiries, please contact [email protected].
For questions about sales outside the U.S., please contact [email protected].
iii
Feedback Information
At Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each
book is crafted with care and precision, undergoing rigorous development that involves the unique
expertise of members from the professional technical community.
Readers’ feedback is a natural continuation of this process. If you have any comments regarding how
we could improve the quality of this book, or otherwise alter it to better suit your needs, you can con-
tact us through email at [email protected]. Please make sure to include the book title and ISBN
in your message.
We greatly appreciate your assistance.
Publisher Paul Boger
Associate Publisher Dave Dusthimer
Business Operation Manager, Cisco Press Jan Cornelssen
Executive Editor Mary Beth Ray
Managing Editor Sandra Schroeder
Senior Development Editor Christopher Cleveland
Senior Project Editor Tonya Simpson
Copy Editor John Edwards
Technical Editor Steve Stiles
Editorial Assistant Vanessa Evans
Cover Designer Mark Shirar
Composition Bronkella Publishing
Senior Indexer Erika Millen
Proofreader Megan Wade-Taxter
Trademark Acknowledgments
All terms mentioned in this book that are known to be trademarks or service marks have been appro-
priately capitalized. Cisco Press or Cisco Systems, Inc. cannot attest to the accuracy of this informa-
tion. Use of a term in this book should not be regarded as affecting the validity of any trademark or
service mark.
iii
About the Author
Allan Johnson entered the academic world in 1999 after ten years as a business owner/operator to dedicate his efforts to his passion for teaching. He holds both an MBA and an M.Ed. in occupational training and development. He taught CCNA courses at the high school level for seven years and has taught both CCNA and CCNP courses at Del Mar College in Corpus Christi, Texas. In 2003, Allan began to commit much of his time and energy to the CCNA Instructional Support Team, providing services to Networking Academy instructors worldwide and creating training materials. He now works full time for Cisco Networking Academy as a learning systems developer.
About the Technical Reviewer
Steve Stiles is a Cisco Networking Academy Instructor for Rhodes State College and a Cisco Certified Instructor Trainer, having earned CCNA Security and CCNP level certifica-tions. He was the recipient of the 2012 Outstanding Teacher of the Year award by the Ohio Association of Two Year Colleges and co-recipient of the Outstanding Faculty of the Year award at Rhodes State College.
iv 31 Days Before Your CCENT Certification Exam
v
Dedication
For my wife, Becky. Without the sacrifices you made during the project, this work would not have come to fruition. Thank you for providing me the comfort and resting place only you can give.
Acknowledgments
When I began to think of whom I would like to have as a technical editor for this work, Steve Stiles immediately came to mind. With his instructor and industry background, as well as his excellent work building activities for the new Cisco Networking Academy cur-riculum, he was an obvious choice. Thankfully, when Mary Beth Ray contacted him, he was willing and able to do the arduous review work necessary to make sure that you get a book that is both technically accurate and unambiguous.
This book is a concise summary of the work of Cisco Press CCNA authors. Wendell Odom’s Cisco CCENT/CCNA ICND1 100-101 Official Cert Guide and Anthony Sequeira’s Interconnecting Cisco Network Devices, Part 1 (ICND1) Foundation Learning
Guide were two of my main sources. The different approaches that these two authors—both CCIEs—take toward the CCNA material gives the reader the breadth and the depth needed to master the CCNA exam topics.
The Cisco Networking Academy authors for the online curriculum and series of Companion Guides take the reader deeper, past the CCNA exam topics, with the ultimate goal of not only preparing the student for CCNA certification, but also for more advanced college-level technology courses and degrees. Thank you especially to Amy Gerrie and her team of authors—Rick Graziani, Wayne Lewis, and Bob Vachon—for their excellent treat-ment of the material; it is reflected throughout this book.
Mary Beth Ray, executive editor, amazes me with her ability to juggle multiple projects at once, steering each from beginning to end. I can always count on her to make the tough decisions. Thank you, Mary Beth, for bringing this project to me.
This is my fifth project with Christopher Cleveland as development editor. His dedication to perfection pays dividends in countless, unseen ways. Thank you again, Chris, for providing me with much needed guidance and support. This book could not be a reality without your persistence.
vi 31 Days Before Your CCENT Certification Exam
vii
Contents at a Glance
Introduction xxiii
Day 31 Network Devices, Components, and Applications 1
Day 30 Networking Models and Data Flow 17
Day 29 Ethernet and Media Access Control 31
Day 28 Switching Concepts and Operation 41
Day 27 Basic Switch Configuration 53
Day 26 VLAN Concepts 63
Day 25 VLAN and Trunking Configuration 71
Day 24 The IPv4 Address 79
Day 23 IPv4 Subnetting and VLSM 85
Day 22 IPv6 Addressing Concepts 95
Day 21 Implementing IPv6 Addressing 109
Day 20 Basic Routing Concepts 117
Day 19 Dynamic Routing Protocols 125
Day 18 Basic Router Configuration: IPv4 133
Day 17 Basic Router Configuration: IPv6 145
Day 16 Static and Default Route Configuration 153
Day 15 Single-Area OSPFv2 169
Day 14 Single-Area OSPFv3 185
Day 13 Inter-VLAN Routing Configuration 195
Day 12 DHCP Configuration 205
Day 11 ACL Concepts 221
Day 10 Basic ACL Configuration 227
Day 9 NAT 237
Day 8 Basic Device Security 249
Day 7 Switch Security Configuration 259
Day 6 Troubleshoot IP Addressing Issues 267
Day 5 Troubleshoot VLAN Issues 273
Day 4 Troubleshoot Trunking Issues 277
Day 3 Troubleshoot ACL Issues 281
Day 2 Troubleshoot Layer 1 Issues 287
Day 1 CCENT Skills Review and Practice 295
Exam Day 307
Post-Exam Information 309
Index 311
viii 31 Days Before Your CCENT Certification Exam
ix
Contents
Introduction xxiii
Day 31: Network Devices, Components, and Applications 1
CCENT 100-101 ICND1 Exam Topics 1
Key Points 1
Devices 1
Switches 2
Routers 3
Physical Layer 4
Network Media Forms and Standards 4
LAN Device Connection Guidelines 6
LANs and WANs 7
Networking Icons 8
Physical and Logical Topologies 8
Cisco Borderless Network 9
Hierarchy in a Borderless Network 10
Network Documentation 11
Classification of Network Applications 12
User Application Interaction 12
Common Network Applications 13
Growth of Network-Based Applications 13
Quality of Service 14
Increased Network Usage 14
The Impact of Voice and Video on the Network 14
Study Resources 15
Day 30: Networking Models and Data Flow 17
CCENT 100-101 ICND1 Exam Topics 17
Key Points 17
The OSI and TCP/IP Models 17
OSI Layers 18
TCP/IP Layers and Protocols 19
Protocol Data Units and Encapsulation 20
The TCP/IP Application Layer 21
The TCP/IP Transport Layer 22
TCP Header 23
Port Numbers 23
Error Recovery 24
Flow Control 25
Connection Establishment and Termination 25
UDP 26
The TCP/IP Internet Layer 27
The TCP/IP Network Access Layer 27
Data Encapsulation Summary 29
Study Resources 30
Day 29: Ethernet and Media Access Control 31
CCENT 100-101 ICND1 Exam Topics 31
Key Topics 31
Ethernet Overview 31
Legacy Ethernet Technologies 32
CSMA/CD 33
Legacy Ethernet Summary 34
Current Ethernet Technologies 34
UTP Cabling 34
Benefits of Using Switches 36
Ethernet Addressing 36
Ethernet Framing 37
The Role of the Physical Layer 38
Study Resources 39
Day 28: Switching Concepts and Operation 41
CCENT 100-101 ICND1 Exam Topics 41
Key Topics 41
Evolution to Switching 41
Switching Logic 42
Collision and Broadcast Domains 43
x 31 Days Before Your CCENT Certification Exam
xi
Frame Forwarding 43
Switch Forwarding Methods 44
Symmetric and Asymmetric Switching 44
Memory Buffering 44
Layer 2 and Layer 3 Switching 44
Accessing and Navigating the Cisco IOS 45
Connecting to Cisco Devices 45
CLI EXEC Sessions 46
Using the Help Facility 46
CLI Navigation and Editing Shortcuts 47
Command History 48
IOS Examination Commands 48
Subconfiguration Modes 49
Storing and Erasing Configuration Files 49
Study Resources 51
Day 27: Basic Switch Configuration 53
CCENT 100-101 ICND1 Exam Topics 53
Key Topics 53
Basic Switch Configuration Commands 53
Half-Duplex, Full-Duplex, and Port Speed 55
Automatic Medium-Dependent Interface Crossover (auto-MDIX) 56
Configuring SSH Access 56
Verifying Network Connectivity 58
Study Resources 61
Day 26: VLAN Concepts 63
CCENT 100-101 ICND1 Exam Topics 63
Key Points 63
VLAN Concepts 63
Traffic Types 64
Types of VLANs 65
Voice VLAN Example 65
Trunking VLANs 66
Dynamic Trunking Protocol 68
Study Resources 69
Day 25: VLAN and Trunking Configuration 71
CCENT 100-101 ICND1 Exam Topics 71
Key Points 71
Sample Topology 71
VLAN Configuration and Verification Commands 72
Configuring and Verifying Trunking 75
Study Resources 78
Day 24: The IPv4 Address 79
CCENT 100-101 ICND1 Exam Topics 79
Key Topics 79
IPv4 Addressing 79
Header Format 79
Classes of Addresses 80
Purpose of the Subnet Mask 81
Private and Public IP Addressing 82
Study Resources 83
Day 23: IPv4 Subnetting and VLSM 85
CCENT 100-101 ICND1 Exam Topics 85
Key Topics 85
Subnetting in Four Steps 85
Determine How Many Bits to Borrow 86
Determine the New Subnet Mask 87
Determine the Subnet Multiplier 87
List the Subnets, Host Ranges, and Broadcast Addresses 87
Subnetting Example 1 88
Subnetting Example 2 88
Subnetting Example 3 89
VLSM 89
Summarizing Subnet Addresses 91
Study Resources 93
xii 31 Days Before Your CCENT Certification Exam
xiii
Day 22: IPv6 Addressing Concepts 95
CCENT 100-101 ICND1 Exam Topics 95
Key Topics 95
Overview and Benefits of IPv6 95
The IPv6 Protocol 96
IPv6 Address Types 97
Unicast 98
Multicast 104
Anycast 106
Study Resources 106
Day 21: Implementing IPv6 Addressing 109
CCENT 100-101 ICND1 Exam Topics 109
Key Topics 109
Representing the IPv6 Address 109
Conventions for Writing IPv6 Addresses 109
Conventions for Writing IPv6 Prefixes 110
IPv6 Subnetting 111
Subnetting the Subnet ID 111
Subnetting into the Interface ID 112
EUI-64 Concept 112
Stateless Address Autoconfiguration 113
Migration to IPv6 114
Study Resources 115
Day 20: Basic Routing Concepts 117
CCENT 100-101 ICND1 Exam Topics 117
Key Topics 117
Packet Forwarding 117
Path Determination and Switching Function Example 118
Routing Methods 119
Classifying Dynamic Routing Protocols 120
IGP and EGP 121
Distance Vector Routing Protocols 121
Link-State Routing Protocols 122
xiv 31 Days Before Your CCENT Certification Exam
Classful Routing Protocols 122
Classless Routing Protocols 122
Study Resources 123
Day 19: Dynamic Routing Protocols 125
CCENT 100-101 ICND1 Exam Topics 125
Key Topics 125
Dynamic Routing Metrics 125
Administrative Distance 126
IGP Comparison Summary 128
Routing Loop Prevention 128
Link-State Routing Protocol Features 129
Building the LSDB 129
Calculating the Dijkstra Algorithm 130
Convergence with Link-State Protocols 131
Study Resources 132
Day 18: Basic Router Configuration: IPv4 133
CCENT 100-101 ICND1 Exam Topics 133
Key Topic 133
Basic Router Configuration with IPv4 133
Study Resources 142
Day 17: Basic Router Configuration: IPv6 145
CCENT 100-101 ICND1 Exam Topics 145
Key Topic 145
Basic Router Configuration with IPv6 145
Verifying IPv4 and IPv6 Network Connectivity 148
Study Resources 151
Day 16: Static and Default Route Configuration 153
CCENT 100-101 ICND1 Exam Topics 153
Key Topics 153
Static and Default Routing Overview 153
xv
IPv4 Static Route Configuration 154
IPv4 Static Routes Using the “Next-Hop” Parameter 156
IPv4 Static Routes Using the Exit Interface Parameter 157
IPv4 Default Route Configuration 158
IPv4 Summary Static Route Configuration 161
IPv6 Static Routing 162
IPv6 Static Route Configuration 164
IPv6 Default Route Configuration 165
IPv6 Summary Static Route Configuration 166
Study Resources 167
Day 15: Single-Area OSPFv2 169
CCENT 100-101 ICND1 Exam Topics 169
Key Topics 169
OSPF Operation 169
OSPF Message Format 169
OSPF Packet Types 170
Neighbor Establishment 170
Link-State Advertisements 172
OSPF DR and BDR 173
OSPF Algorithm 173
Link-State Routing Process 174
Single-Area OSPFv2 Configuration 175
The router ospf Command 176
The network Command 176
Router ID 177
Passive Interfaces 177
Modifying the OSPF Metric 178
Verifying OSPFv2 180
Study Resources 184
xvi 31 Days Before Your CCENT Certification Exam
Day 14: Single-Area OSPFv3 185
CCENT 100-101 ICND1 Exam Topics 185
Key Topics 185
OSPFv2 Versus OSPFv3 185
Similarities Between OSPFv2 and OSPFv3 185
Differences Between OSPFv2 and OSPFv3 186
Single-Area OSPFv3 Configuration 186
The Router ID in OSPFv3 188
Verifying OSPFv3 189
Study Resources 192
Day 13: Inter-VLAN Routing Configuration 195
CCENT 100-101 ICND1 Exam Topics 195
Key Topics 195
Inter-VLAN Routing Concepts 195
Legacy Inter-VLAN Routing 195
Router on a Stick 196
Multilayer Switch 197
Router on a Stick Configuration and Verification 197
Multilayer Switch Inter-VLAN Routing Configuration and Verification 200
Creating Additional SVIs 200
Configuring a 2960 to Route Between VLANs 201
Study Resources 204
Day 12: DHCP Configuration 205
CCENT 100-101 ICND1 Exam Topics 205
Key Topics 205
DHCPv4 205
DHCPv4 Configuration Options 206
Configuring a Router as a DHCPv4 Server 206
Configuring a Router to Relay DHCPv4 Requests 210
Configuring a Router as a DHCPv4 Client 211
xvii
DHCPv6 212
SLAAC 212
Stateless DHCPv6 214
Stateful DHCPv6 214
Stateless and Stateful DHCPv6 Operation 214
DHCPv6 Configuration Options 216
Configuring a Router as a Stateless DHCPv6 Server 216
Configuring a Router as a Stateful DHCPv6 Server 217
Study Resources 218
Day 11: ACL Concepts 221
CCENT 100-101 ICND1 Exam Topics 221
Key Topics 221
ACL Operation 221
Defining an ACL 221
Processing Interface ACLs 221
List Logic with IP ACLs 222
Planning to Use ACLs 223
Types of ACLs 224
ACL Identification 225
ACL Design Guidelines 225
Study Resources 226
Day 10: Basic ACL Configuration 227
CCENT 100-101 ICND1 Exam Topics 227
Key Topics 227
Configuring Standard Numbered ACLs 227
Standard Numbered ACL: Permit Specific Network 228
Standard Numbered ACL: Deny a Specific Host 228
Standard Numbered ACL: Deny a Specific Subnet 229
Standard Numbered ACL: Deny Telnet or SSH Access to the Router 229
Configuring Extended Numbered ACLs 230
Extended Numbered ACL: Deny FTP from Subnets 231
Extended Numbered ACL: Deny Only Telnet from Subnet 231
xviii 31 Days Before Your CCENT Certification Exam
Configuring Named ACLs 231
Standard Named ACL Steps and Syntax 232
Standard Named ACL: Deny a Single Host from a Given Subnet 232
Extended Named ACL Steps and Syntax 233
Adding Comments to Named or Numbered ACLs 233
Verifying ACLs 234
Study Resources 236
Day 9: NAT 237
CCENT 100-101 ICND1 Exam Topics 237
Key Topics 237
NAT Concepts 237
A NAT Example 239
Dynamic and Static NAT 240
NAT Overload 240
NAT Benefits 241
NAT Limitations 241
Configuring Static NAT 242
Configuring Dynamic NAT 243
Configuring NAT Overload 244
Verifying NAT 245
Troubleshooting NAT 246
NAT for IPv6 247
IPv6 Private Address Space 247
Purpose of NAT for IPv6 247
Study Resources 248
Day 8: Basic Device Security 249
CCENT 100-101 ICND1 Exam Topics 249
Key Topics 249
Network Security Overview 249
Physical Security 249
Types of Security Vulnerabilities 250
xix
Mitigating Network Attacks 250
Security Best Practices 250
Securing the IOS 251
Passwords, Authentication, Timers, and SSH 251
Banners 253
Disable Services 255
HTTP Service 255
CDP 255
Small Services 256
Network Time Protocol 256
Study Resources 258
Day 7: Switch Security Configuration 259
CCENT 100-101 ICND1 Exam Topics 259
Key Topics 259
Configuring Port Security 259
Restoring a Port After a Violation 261
Changing the Native and Management VLANs 263
Shutting Down and Securing Unused Interfaces 264
Study Resources 264
Day 6: Troubleshoot IP Addressing Issues 267
CCENT 100-101 ICND1 Exam Topics 267
Key Topics 267
Troubleshooting Methodology 267
Default Gateway 267
Duplicate IP Addresses 268
DHCP Issues 268
Resolve IPv4 Address Conflicts 268
Test Connectivity Using a Static IP Address 269
Verify Switch Port Configuration 269
Test DHCPv4 Operation on the Same Subnet or VLAN 269
Inter-VLAN Routing and IP Addressing Issues 269
Study Resources 271
xx 31 Days Before Your CCENT Certification Exam
Day 5: Troubleshoot VLAN Issues 273
CCENT 100-101 ICND1 Exam Topics 273
Key Topics 273
VLAN Troubleshooting 273
Disabled VLANs 274
Study Resources 275
Day 4: Troubleshoot Trunking Issues 277
CCENT 100-101 ICND1 Exam Topics 277
Key Topics 277
Trunking Troubleshooting Overview 277
Check Both Ends of a Trunk 277
Check Trunking Operational States 278
Study Resources 279
Day 3: Troubleshoot ACL Issues 281
CCENT 100-101 ICND1 Exam Topics 281
Key Topics 281
Troubleshooting ACLs 281
Problem 1: Host Has No Connectivity 282
Problem 2: Denied Protocols 283
Problem 3: Telnet Is Allowed #1 284
Problem 4: Telnet Is Allowed #2 284
Problem 5: Telnet Is Allowed #3 285
Study Resources 286
Day 2: Troubleshoot Layer 1 Issues 287
CCENT 100-101 ICND1 Exam Topics 287
Key Topics 287
Media Issues 287
Interface Status and the Switch Configuration 288
Interface Status Codes 288
Duplex and Speed Mismatches 289
Common Layer 1 Problems On “Up” Interfaces 290
CDP as a Troubleshooting Tool 291
Study Resources 293
xxi
Day 1: CCENT Skills Review and Practice 295
Key Topics 295
Introduction 295
Topology Diagram 295
Addressing Table 296
VLANs and Port Assignments Table 296
ISP Configuration 297
Implementation 297
IPv4 Addressing Configuration Requirements 297
HQ-Sw Configuration Requirements 297
HQ Configuration Requirements 298
B1 and B2 Configuration Requirements 298
Staff 299
Verification 299
Your Notes 300
Answer Scripts 302
CCENT Skills Challenge 305
Exam Day 307
What You Need for the Exam 307
What You Should Receive After Completion 307
Summary 308
Post-Exam Information 309
Receiving Your Certificate 309
Determining Career Options 309
Examining Certification Options 310
If You Failed the Exam 310
Summary 310
Index 311
xxii 31 Days Before Your CCENT Certification Exam
Icons Used in This Book
Command Syntax Conventions
The conventions used to present command syntax in this book are the same conventions used in the IOS Command Reference. The Command Reference describes these conventions as follows:
Boldface indicates commands and keywords that are entered literally as shown. In actual configuration examples and output (not general command syntax), boldface indicates commands that are manually input by the user (such as a show command).
Italic indicates arguments for which you supply actual values.
Vertical bars (|) separate alternative, mutually exclusive elements.
Square brackets ([ ]) indicate an optional element.
Braces ({ }) indicate a required choice.
Braces within brackets ([{ }]) indicate a required choice within an optional element.
DesktopComputer
LANMedia
WANMedia
WirelessMedia
Router Multilayer Switch
Laptop Server
IP Phone
LAN Switch
WirelessRouter
Firewall Hub
WirelessAccess Point
xxiii
Introduction
You are almost there! If you’re reading this Introduction, you’ve probably already spent a considerable amount of time and energy pursuing your CCENT certification. Regardless of how you got to this point in your travels through your CCENT studies, 31 Days Before
Your CCENT Certification Exam most likely represents the last leg of your journey on your way to the destination: to become a Cisco Certified Entry Networking Technician. However, if you are like I am, you might be reading this book at the beginning of your studies. If such is the case, this book provides you with an excellent overview of the mate-rial that you must now spend a great deal of time studying and practicing. However, I must warn you: Unless you are extremely well-versed in networking technologies and have con-siderable experience configuring and troubleshooting Cisco routers and switches, this book will not serve you well as the sole resource for CCENT exam preparation. Therefore, let me spend some time discussing my recommendations for study resources.
Study Resources
Cisco Press offers an abundance of CCNA-related books to serve as your primary source for learning how to install, configure, operate, and troubleshoot small- to medium-size routed and switched networks.
Primary ResourcesFirst on the list must be Wendell Odom’s Cisco CCENT/CCNA ICND1 100-101 Official
Cert Guide (ISBN: 9781587143854). If you do not buy any other books, buy this one. Wendell’s method of teaching, combined with his technical expertise and down-to-earth style, is unsurpassed in our industry. As you read through his books, you sense that he is sitting right there next to you walking you through the material. The practice exams and study materials on the DVD in the back of the book are worth the price of the book. There is no better resource on the market for a CCNA candidate.
Next on the list must be Anthony Sequeira’s Interconnecting Cisco Network Devices,
Part 1 (ICND1) Foundation Learning Guide (ISBN: 9781587143762). This book is indis-pensable to those students who take the first of two Cisco-recommended training class for CCNA preparation: Interconnecting Cisco Network Devices 1 (ICND1). These courses, available through Cisco Training Partners in a variety of formats, are usually of a very short duration (one to six weeks) and are geared toward the industry professional already working in the field of networking. Anthony’s book serves the reader well as a concise, but thorough, treatment of the CCENT exam topics. His method and approach often differ and complement Wendell’s approach. I recommend that you also refer to this book.
If you are a Cisco Networking Academy student, you are blessed with access to the online version of the CCNA Routing and Switching curriculum and the wildly popular Packet Tracer network simulator. Although there are currently two paths for the CCNA curriculum, I used the Introduction to Networking (ITN) and Routing and Switching Essential (RSE) courses in my daily review of the exam topics. ITN introduces basic concepts of computer networks, including deep dives into the seven layers of the OSI model, IP addressing, and the fundamentals of Ethernet. Successfully completing the course means that you should be able to build small LANs and implement basic addressing and configurations on routers
xxiv 31 Days Before Your CCENT Certification Exam
and switches. RSE expands on ITN, taking the student further into basic router and switch configuration. Successfully completing the course means that you should be able to config-ure and troubleshoot routers and switches using a variety of technologies including RIPv2, single-area OSPF, VLANs, and inter-VLAN routing for both IPv4 and IPv6 networks. To learn more about CCNA Routing and Switching courses and to find an Academy near you, visit www.netacad.com.
However, if you are not an Academy student but would like to benefit from the extensive authoring done for these courses, you can buy any or all the CCNA Routing and Switching Companion Guides (CG) and Lab Manuals (LM) of the Academy’s popular online cur-riculum. Although you will not have access to the Packet Tracer network simulator soft-ware, you will have access to the tireless work of an outstanding team of Cisco Academy Instructors dedicated to providing students with comprehensive and engaging CCNA prepa-ration course material. The titles and ISBNs for the CCNA Routing and Switching CGs and LMs are as follows:
Introduction to Networks Companion Guide (ISBN: 9781587133169)
Introduction to Networks Lab Manual (ISBN: 9781587133121)
Routing and Switching Essentials Companion Guide (ISBN: 9781587133183)
Routing and Switching Essentials Lab Manual (ISBN: 9781587133206)
You can find these books at www.ciscopress.com by clicking the Cisco Networking Academy link.
Supplemental ResourcesIn addition to the book you hold in your hands, there are four more supplemental resources I recommend to augment your final 31 days of review and preparation.
First, a plug for my own book, the CCENT Practice and Study Guide, Exercises,
Activities and Scenarios to Prepare for the ICND1/CCENT (100-101) Certification
Exam (ISBN: 9781587133459). The subtitle is a concise summary of what you will get. Although an appropriate resource for anyone, this book is specifically geared toward the Cisco Networking Academy instructors and students who want a resource to supplement the online curriculum. Mirroring the chapter layout of the first two online courses, the CCENT PSG offers exercises that help you learn the concepts and configurations that are crucial to your success as a CCENT candidate.
Second, Wendell Odom and Sean Wilkins have created over 250 structured labs that are available in the Cisco CCENT ICND1 100-101 Network Simulator (ISBN: 9780789750433). These simulations map precisely to chapters in his book, but are also a great practice resource for anyone. The four types of labs in this product present you with progressively more difficult real-world challenges. Skill builder labs help you practice short, focused configuration tasks. Subnetting exercises help you improve the speed and accuracy of your subnetting calculations. Complex Configuration Scenario labs present realistic multilayered, multitechnology configuration tasks. Finally, challenging Troubleshooting Scenario labs provide you with an opportunity to test your problem identification and resolution skills. If you need that extra edge or are struggling with a particular configuration or troubleshoot-ing concept, you’ll find these simulations very helpful.
xxv
Third, Eric Rivard is the author of Cisco CCENT ICND1 100-101 Flash Cards and Exam
Practice Pack (ISBN: 9781587203992). The text portion of the book includes over 450 flash cards that quickly review exam topics in bite-sized pieces. Also included is over 100 pages in the Quick Reference Guide, which is designed for late-stage exam preparation. And on the included CD, you will find a test engine with over 150 CCENT practice exam ques-tions.
NOTE: If you are certain that you will be also pursuing your CCNA certification, the more economical purchase might be to buy the Cisco CCNA Routing and Switching 200-120
Flash Cards and Exam Practice Pack (ISBN: 9781587204005). The first half of this book is a repeat of the CCENT version.
Fourth, there is Scott Empson’s very popular CCNA Routing and Switching Portable
Command Guide, Third Edition (ISBN: 9781587204302). This guide is way more than just a listing of commands and what they do. Yes, it summarizes all the CCNA certification-level IOS commands, keywords, command arguments, and associated prompts. But it also pro-vides you with tips and examples of how to apply the commands to real-world scenarios. Configuration examples throughout the book provide you with a better understanding of how these commands are used in simple network designs.
The Cisco Learning NetworkFinally, if you have not done so already, you should now register with The Cisco Learning Network at https://learningnetwork.cisco.com. Sponsored by Cisco, The Cisco Learning Network is a free social learning network where IT professionals can engage in the common pursuit of enhancing and advancing their IT careers. Here you will find many resources to help you prepare for your CCNA exam as well as a community of like-minded people ready to answer your questions, help you with your struggles, and share in your triumphs.
So which resources should you buy? That question is largely up to how deep your pockets are or how much you like books. If you’re like I am, you must have it all! I admit it. My bookcase is a testament to my Cisco “geekness.” But if you are on a budget, choose one of the primary study resources and one of the supplemental resources, such as Wendell Odom’s certification book and my practice study guide. Whatever you choose, you will be in good hands. Any or all of these authors will serve you well.
Goals and Methods
The main goal of this book is to provide you with a clear and succinct review of the CCENT objectives. Each day’s exam topics are grouped into a common conceptual frame-work and use the following format:
A title for the day that concisely states the overall topic
A list of one or more CCENT 100-101 ICND1 Exam Topics to be reviewed
A Key Topics section to introduce the review material and quickly orient you to the day’s focus
An extensive review section consisting of short paragraphs, lists, tables, examples, and graphics
xxvi 31 Days Before Your CCENT Certification Exam
A Study Resources section to provide you with a quick reference for locating more in-depth treatment of the day’s topics
The book counts down starting with Day 31 and continues through exam day to provide post-test information. You will also find a calendar and checklist that you can tear out and use during your exam preparation inside the book.
Use the calendar to enter each actual date beside the countdown day and the exact day, time, and location of your CCENT exam. The calendar provides a visual for the time that you can dedicate to each CCENT exam topic.
The checklist highlights important tasks and deadlines leading up to your exam. Use it to help you map out your studies.
Who Should Read This Book
The audience for this book is anyone finishing his or her preparation for taking the CCENT 100-101 ICND1 exam. A secondary audience is anyone needing a refresher review of CCENT exam topics—possibly before attempting to recertify or sit for another certifica-tion to which the CCNA is a prerequisite.
Getting to Know the CCENT 100-101 ICND1 Exam
For the current certifications, announced in spring 2013, Cisco created the ICND1 (100-101) and ICND2 (200-101) exams, along with the CCNA (200-120) exam. To become CCENT certified, you only need to pass the ICND1 exam. To become CCNA Routing and Switching certified, you must pass both the ICND1 and ICND2 exams, or just the CCNA exam. The CCNA exam simply covers all the topics of the ICND1 and ICND2 exams, giving you two options for gaining your CCNA Routing and Switching certification. The two-exam path gives people with less experience a chance to study for a smaller set of topics at one time. The one-exam option provides a more cost-effective certification path for those who want to prepare for all the topics at once. This book focuses exclusively on the CCENT path, using the entire list of topics published for the CCENT 100-101 ICND1 exam.
Currently for the CCENT exam, you are allowed 90 minutes to answer 50–60 questions. Use the following steps to access a tutorial at home that demonstrates the exam environ-ment before you go to take the exam:
Step 1. Visit www.vue.com/cisco.
Step 2. Look for a link to the certification tutorial. Currently, it can be found on the right side of the web page under the heading “Related Links.”
Step 3. Click the certification tutorial link.
When you get to the testing center and check in, the proctor verifies your identity, gives you some general instructions and then takes you into a quiet room containing a PC. When you’re at the PC, you have a few things to do before the timer starts on your exam. For instance, you can take the tutorial to get accustomed to the PC and the testing engine. Every time I sit for an exam, I go through the tutorial even though I know how the test
xxvii
engine works. It helps me settle my nerves and get focused. Anyone who has user-level skills in getting around a PC should have no problems with the testing environment.
When you start the exam, you are asked a series of questions. Each question is presented one at a time and must be answered before moving on to the next question. The exam engine does not let you go back and change your answer. The exam questions can be in one of the following formats:
Multiple choice
Fill-in-the-blank
Drag-and-drop
Testlet
Simlet
Simulation
The multiple-choice format simply requires that you point and click a circle or check box next to the correct answer or answers. Cisco traditionally tells you how many answers you need to choose, and the testing software prevents you from choosing too many or too few.
Fill-in-the-blank questions typically only require you to type numbers. However, if words are requested, the case does not matter unless the answer is a command that is case sensi-tive (such as passwords and device names when configuring authentication).
Drag-and-drop questions require you to click and hold, move a button or icon to another area, and release the mouse button to place the object somewhere else—typically in a list. For some questions, to get the question correct, you might need to put a list of five things in the proper order.
Testlets contain one general scenario and several multiple-choice questions about the sce-nario. These are ideal if you are confident in your knowledge of the scenario’s content because you can leverage your strength over multiple questions.
A simlet is similar to a testlet in that you are given a scenario with several multiple-choice questions. However, a simlet uses a network simulator to allow you access to a simulation of the command line of Cisco IOS Software. You can then use show commands to examine a network’s current behavior and answer the question.
A simulation also uses a network simulator, but you are given a task to accomplish such as implementing a network solution or troubleshooting an existing network implementation. You do this by configuring one or more routers and switches. The exam then grades the question based on the configuration you changed or added. A newer form of the simula-tion question is the GUI-based simulation, where a graphical interface like that found on a Linksys router or the Cisco Security Device Manager are simulated.
xxviii 31 Days Before Your CCENT Certification Exam
What Topics Are Covered on the CCENT Exam?The topics of the CCENT 100-101 ICND1 exam focus on the following seven key catego-ries:
Operation of IP Data Networks
LAN Switching Technologies
IP Addressing for IPv4 and IPv6
IP Routing Technologies
IP Services
Network Device Security
Troubleshooting
Although Cisco outlines general exam topics, it is possible that not all topics will appear on the CCENT exam and that topics that are not specifically listed might appear on the exam. The exam topics provided by Cisco and included in this book are a general framework for exam preparation. Be sure to check the Cisco website for the latest exam topics.
Registering for the CCENT 100-101 ExamIf you are starting your 31 Days to Your CCENT Certification Exam today, register for the exam right now. In my testing experience, there is no better motivator than a scheduled test date staring me in the face. I’m willing to bet that it’s the same for you. Don’t worry about unforeseen circumstances. You can cancel your exam registration for a full refund up to 24 hours before taking the exam. So if you’re ready, you should gather the following information in Table I-1 and register right now!
Table I-1 Personal Information for CCENT 100-101 ICND1 Exam Registration
Item Notes
Legal Name
Social Security or Passport Number
Cisco Certification ID or Test ID1
Cisco Academy Username2
Cisco Academy ID Number2
Company Name
Valid Email Address
Voucher Number2
Method of Payment
1Applies to exam candidates who have previously taken a Cisco certification exam
2Applies to Cisco Networking Academy students only
xxix
To register for an exam, visit Pearson VUE online at www.vue.com/cisco. The process and available test times will vary based on the local testing center you choose.
Remember, there is no better motivation for study than an actual test date. Sign up today.
This page intentionally left blank
Day 29Ethernet and Media Access Control
CCENT 100-101 ICND1 Exam Topics Determine the technology and media access control method for Ethernet networks.
Key Topics
Ethernet has continued to evolve from the 10BASE2 flavor, capable of speeds up to 10Mbps, to the newest 10GigE (10 Gigabit Ethernet), capable of speeds up to 10Gbps. Since 1985, the IEEE has continued to upgrade the 802.3 standards to provide faster speeds without changing the underlying frame structure. This feature, among others, has made Ethernet the choice for LAN implementations worldwide. Today we review Ethernet tech-nologies and operation at both the data link and physical layers.
Ethernet Overview
802.3 is the IEEE standard for Ethernet, and both terms are commonly used interchange-ably. The terms Ethernet and 802.3 both refer to a family of standards that together define the physical and data link layers of the definitive LAN technology. Figure 29-1 shows a comparison of Ethernet standards to the OSI model.
Figure 29-1 Ethernet Standards and the OSI Model
Data LinkLayer
PhysicalLayer
PhysicalLayer
LLCSublayer
MACSublayer
Eth
erne
t
IEE
E 8
02.3
(Eth
erne
t)
IEE
E 8
02.3
u(F
astE
ther
net)
IEE
E 8
02.3
z(G
igab
itEth
erne
t)
IEE
E 8
02.3
ab(G
igab
itEth
erne
t ove
r C
oppe
r)
Toke
n R
ing/
iEE
E 8
02.6
FD
DI
IEEE 802.2
OSI Layers LAN Specification
Ethernet separates the functions of the data link layer into two distinct sublayers:
Logical Link Control (LLC) sublayer: Defined in the 802.2 standard
Media Access Control (MAC) sublayer: Defined in the 802.3 standard
32 31 Days Before Your CCENT Certification Exam
The LLC sublayer handles communication between the network layer and the MAC sub-layer. In general, LLC provides a way to identify the protocol that is passed from the data link layer to the network layer. In this way, the fields of the MAC sublayer are not popu-lated with protocol type information, as was the case in earlier Ethernet implementations.
The MAC sublayer has two primary responsibilities:
Data encapsulation: Includes frame assembly before transmission, frame parsing upon reception of a frame, data link layer MAC addressing, and error detection.
Media Access Control: Because Ethernet is a shared media and all devices can trans-mit at any time, media access is controlled by a method called Carrier Sense Multiple Access with Collision Detection (CSMA/CD) when operating in half-duplex mode.
At the physical layer, Ethernet specifies and implements encoding and decoding schemes that enable frame bits to be carried as signals across both unshielded twisted-pair (UTP) copper cables and optical fiber cables. In early implementations, Ethernet used coaxial cabling.
Legacy Ethernet Technologies
Ethernet is best understood by first considering the two early Ethernet specifications—10BASE5 and 10BASE2. With these two specifications, the network engineer installs a series of coaxial cables connecting each device on the Ethernet network, as shown in Figure 29-2.
Figure 29-2 Ethernet Physical and Logical Bus Topology
TopologyPhysical: BusLogical: Bus
The series of cables creates an electrical circuit, called a bus, which is shared among all devices on the Ethernet. When a computer wants to send some bits to another computer on the bus, it sends an electrical signal and the electricity propagates to all devices on the Ethernet.
With the change of media to UTP and the introduction of the first hubs, Ethernet physical topologies migrated to a star, as shown in Figure 29-3.
Day 29 33
Figure 29-3 Ethernet Physical Star and Logical Bus Topology
TopologyPhysical: StarLogical: Bus
Hub
Regardless of the change in the physical topology from a bus to a star, hubs logically oper-ate similarly to a traditional bus topology and require the use of CSMA/CD.
CSMA/CD
Because Ethernet is a shared media where every device has the right to send at any time, it also defines a specification for how to ensure that only one device sends traffic at a time. The CSMA/CD algorithm defines how the Ethernet logical bus is accessed.
CSMA/CD logic helps prevent collisions and also defines how to act when a collision does occur. The CSMA/CD algorithm works like this:
1. A device with a frame to send listens until the Ethernet is not busy.
2. When the Ethernet is not busy, the sender(s) begin(s) sending the frame.
3. The sender(s) listen(s) to make sure that no collision occurred.
4. If a collision occurs, the devices that had been sending a frame each send a jamming signal to ensure that all stations recognize the collision.
5. After the jamming is complete, each sender randomizes a timer and waits that long before trying to resend the collided frame .
6. When each random timer expires, the process starts again from the beginning.
When CSMA/CD is in effect, it also means that a device’s network interface card (NIC) is operating in half-duplex mode—either sending or receiving frames. CSMA/CD is disabled when a NIC autodetects that it can operate in—or is manually configured to operate in—full-duplex mode. In full-duplex mode, a NIC can send and receive simultaneously .
34 31 Days Before Your CCENT Certification Exam
Legacy Ethernet Summary
Today , you might occasionally use LAN hubs, but you will more likely use switches instead of hubs. However, keep in mind the following key points about the history of Ethernet:
The original Ethernet LANs created an electrical bus to which all devices connected.
10BASE2 and 10BASE5 repeaters extended the length of LANs by cleaning up the electrical signal and repeating it—a Layer 1 function—but without interpreting the meaning of the electrical signal.
Hubs are repeaters that provide a centralized connection point for UTP cabling—but they still create a single electrical bus, shared by the various devices, just like 10BASE5 and 10BASE2.
Because collisions could occur in any of these cases, Ethernet defines the CSMA/CD algorithm, which tells devices how to both avoid collisions and take action when colli-sions do occur.
Current Ethernet Technologies
Refer to Figure 29-1 and notice the different 802.3 standards. Each new physical layer stan-dard from the IEEE requires many differences at the physical layer. However, each of these physical layer standards uses the same 802.3 header, and each uses the upper LLC sublayer as well. Table 29-1 lists today’s most commonly used IEEE Ethernet physical layer stan-dards.
Table 29-1 Today’s Most Common Types of Ethernet
Common Name Speed Alternative Name Name of IEEE
Standard
Cable Type,
Maximum Length
Ethernet 10Mbps 10BASE-T 802.3 Copper, 100 m
Fast Ethernet 100Mbps 100BASE-TX 802.3u Copper, 100 m
Gigabit Ethernet 1000Mbps 1000BASE-LX 802.3z Fiber, 550 m
Gigabit Ethernet 1000Mbps 1000BASE-T 802.3ab Copper, 100 m
10GigE (Gigabit Ethernet)
10Gbps 10GBASE-T 802.3an Copper, 100 m
UTP Cabling
The three most common Ethernet standards used today— 10BASE-T (Ethernet), 100BASE-TX (Fast Ethernet, or FE), and 1000BASE-T (Gigabit Ethernet, or GE)—use UTP cabling. Some key differences exist, particularly with the number of wire pairs needed in each case and in the type (category) of cabling.
Day 29 35
The UTP cabling used by popular Ethernet standards includes either two or four pairs of wires. The cable ends typically use an RJ-45 connector. The RJ-45 connector has eight spe-cific physical locations into which the eight wires in the cable can be inserted, called pin positions or, simply, pins.
The Telecommunications Industry Association (TIA) and the Electronics Industry Alliance (EIA) define standards for UTP cabling, color-coding for wires, and standard pinouts on the cables. Figure 29-4 shows two TIA/EIA pinout standards, with the color-coding and pair numbers listed.
Figure 29-4 TIA/EIA Standard Ethernet Cabling Pinouts
Pair 2
Pinouts1 = G/W2 = Green3 = O/W4 = Blue5 = Blue/W6 = Orange7 = Brown/W8 = Brown
Pinouts1 = O/W2 = Orange3 = G/W4 = Blue5 = Blue/W6 = Green7 = Brown/W8 = Brown
Pair 3 Pair 1 Pair 4
1 2 3 4 5 6 7 8
T568A
Pair 3
Pair 2 Pair 1 Pair 4
1 2 3 4 5 6 7 8
T568B
For the exam, you should be well prepared to choose which type of cable (straight-through or crossover) is needed in each part of the network. In short, devices on opposite ends of a cable that use the same pair of pins to transmit need a crossover cable. Devices that use an opposite pair of pins to transmit need a straight-through cable. Table 29-2 lists typical devices and the pin pairs they use, assuming that they use 10BASE-T and 100BASE-TX.
Table 29-2 10BASE-T and 100BASE-TX Pin Pairs Used
Devices That Transmit on 1,2 and Receive on 3,6 Devices That Transmit on 3,6
and Receive on 1,2
PC NICs Hubs
Routers Switches
Wireless access points (Ethernet interfaces) —
Networked printers (printers that connect directly to the LAN) —
1000BASE-T requires four wire pairs because Gigabit Ethernet transmits and receives on each of the four wire pairs simultaneously.
However, Gigabit Ethernet does have a concept of straight-through and crossover cables, with a minor difference in the crossover cables. The pinouts for a straight-through cable are the same—pin 1 to pin 1, pin 2 to pin 2, and so on. The crossover cable crosses the same two-wire pair as the crossover cable for the other types of Ethernet—the pair at pins 1,2 and 3,6—as well as crossing the two other pairs (the pair at pins 4,5 with the pair at pins 7,8).
36 31 Days Before Your CCENT Certification Exam
Benefits of Using Switches
A collision domain is a set of devices whose frames could collide. All devices on a 10BASE2, 10BASE5, or any network using a hub risk collisions between the frames that they send, so all devices on one of these types of Ethernet networks are in the same colli-sion domain and use CSMA/CD to detect and resolve collisions.
LAN switches significantly reduce, or even eliminate, the number of collisions on a LAN. Unlike hubs, switches do not create a single shared bus. Instead, switches do the following:
They interpret the bits in the received frame so that they can typically send the frame out the one required port, rather than all other ports.
If a switch needs to forward multiple frames out the same port, the switch buffers the frames in memory, sending one at a time, thereby avoiding collisions.
In addition, switches with only one device cabled to each port of the switch allow the use of full-duplex operation. Full-duplex means that the NIC can send and receive concurrently, effectively doubling the bandwidth of a 100Mbps link to 200Mbps—100Mbps for sending and 100Mbps for receiving.
These seemingly simple switch features provide significant performance improvements as compared with using hubs. In particular:
If only one device is cabled to each port of a switch, no collisions can occur.
Devices connected to one switch port do not share their bandwidth with devices con-nected to another switch port. Each has its own separate bandwidth, meaning that a switch with 100Mbps ports has 100Mbps of bandwidth per port.
Ethernet Addressing
The IEEE defines the format and assignment of LAN addresses. To ensure a unique MAC address, the first half of the address identifies the manufacturer of the card. This code is called the organizationally unique identifier (OUI) . Each manufacturer assigns a MAC address with its own OUI as the first half of the address. The second half of the address is assigned by the manufacturer and is never used on another card or network interface with the same OUI. Figure 29-5 shows the structure of a unicast Ethernet address.
Figure 29-5 Structure of a Unicast Ethernet Address
24 Bits 24 Bits
6 Hex Digits 6 Hex Digits
00 60 2F 3A 07 BC
Organizationally UniqueIdentifier (OUI)
Vendor Assigned(NIC Cards, Interfaces)
Size, in bits
Size, in hex digits
Example
Day 29 37
Ethernet also has group addresses, which identify more than one NIC or network interface. The IEEE defines two general categories of group addresses for Ethernet:
Broadcast addresses: The broadcast address implies that all devices on the LAN should process the frame and has a value of FFFF.FFFF.FFFF.
Multicast addresses: Multicast addresses are used to allow a subset of devices on a LAN to communicate. When IP multicasts over an Ethernet, the multicast MAC addresses used by IP follow this format: 0100.5exx.xxxx. The xx.xxxx por-tion is divided between IPv4 multicast (00:0000–7F.FFFF) and MPLS multicast (80:0000–8F:FFFF). Multiprotocol Label Switching (MPLS) is a CCNP topic.
Ethernet Framing
The physical layer helps you get a string of bits from one device to another. The framing of the bits allows the receiving device to interpret the bits. The term framing refers to the defi-nition of the fields assumed to be in the data that is received. Framing defines the meaning of the bits transmitted and received over a network.
The framing used for Ethernet has changed a couple of times over the years. Each iteration of Ethernet is shown in Figure 29-6, with the current version shown at the bottom.
Figure 29-6 Ethernet Frame Formats
Preamble7
SFD1
Destination6
Source6
Length2
Data and Pad46 – 1500
FCS4
IEEE 802.3 (Original)
Preamble8
Destination6
Source6
Type2
Data and Pad46 – 1500
FCS4
DIX
Preamble7
SFD1
DestinationBytes 6
Source6
Length/Type 2
Data and Pad46 – 1500
FCS4
IEEE 802.3 (Revised 1997)
The fields in the last version shown in Figure 29-6 are explained further in Table 29-3.
38 31 Days Before Your CCENT Certification Exam
Table 29-3 IEEE 802.3 Ethernet Field Descriptions
Field Field Length
in Bytes
Description
Preamble 7 Synchronization
Start Frame Delimiter (SFD) 1 Signifies that the next byte begins the Destination MAC field
Destination MAC Address 6 Identifies the intended recipient of this frame
Source MAC Address 6 Identifies the sender of this frame
Length 2 Defines the length of the data field of the frame (either length or type is present, but not both)
Type 2 Defines the type of protocol listed inside the frame (either length or type is present, but not both)
Data and Pad 46–1500 Holds data from a higher layer, typically a Layer 3 PDU (generic), and often an IP packet
Frame Check Sequence (FCS)
4 Provides a method for the receiving NIC to determine whether the frame experienced transmission errors
The Role of the Physical LayerWe have already discussed the most popular cabling used in LANs—UTP. But to fully understand the operation of the network, you should know some additional basic concepts of the physical layer.
The OSI physical layer accepts a complete frame from the data link layer and encodes it as a series of signals that are transmitted onto the local media.
The delivery of frames across the local media requires the following physical layer elements:
The physical media and associated connectors
A representation of bits on the media
Encoding of data and control information
Transmitter and receiver circuitry on the network devices
There are three basic forms of network media on which data is represented:
Copper cable
Fiber
Wireless (IEEE 802.11)
Bits are represented on the medium by changing one or more of the following characteris-tics of a signal:
Amplitude
Frequency
Phase
Day 29 39
The nature of the actual signals representing the bits on the media will depend on the signaling method in use. Some methods might use one attribute of a signal to represent a single 0 and use another attribute of a signal to represent a single 1. The actual signaling method and its detailed operation are not important to your CCNA exam preparation.
Study Resources
For today’s exam topics, refer to the following resources for more study.
Resource Location Topic
Primary Resources
Network Basics 10 All
Introduction to Networks 5 All
ICND1 Official Cert Guide 2 Building Physical Ethernet Networks with UTP
Sending Data in Ethernet Networks
ICND1 Foundation Learning Guide 3 All
Supplemental Resources
CCENT Practice and Study Guide 5 All
Flash Cards 3 Relevant Questions
CCNA R&S Portable Command Guide 4 All
This page intentionally left blank
Index
Symbols
10BASE-T, 34-35
10GigE (Gigabit Ethernet), 34
100BASE-TX, 34-35
802.3 standards, 34
1000BASE-T, 34-35
2960 Catalyst switch configuration, 201-203
A
access control lists. See ACLs
access layer switches, 2
access-list command, 228
accessing Cisco IOS
CLI EXEC sessions, 46
CLI navigation and editing shortcuts, 47-48
command history, 48
connecting to Cisco devices, 45-46
help, 46
IOS examination commands, 48
subconfiguration modes, 49
ACLs (access control lists)
defining, 221
design guidelines, 225-226
extended numbered ACLs, configuring, 230-231
identifying, 225
interface processing, 221-222
matching logic, 222-223
named ACLs, configuring, 231-233
standard numbered ACLs, configuring, 227-230
troubleshooting, 281
denied protocols, 283-284
host connectivity issues, 282-283
Telnet, 284-286
types of, 224
verifying, 234-235
AD (administrative distance), 126-127
Address Resolution Protocol (ARP), 20
addresses. See IPv4 addressing; IPv6 addressing
addressing table for CCENT skills review, 296
administrative distance (AD), 126-127
any keyword, 229
anycast addresses, 106
Application layer (OSI), 18
application layer (TCP/IP), 19-21
applications
batch applications, 12
common network applications, 13
growth of, 13
increased network usage, 14
quality of service (QoS), 14
Video over IP, 15
Voice over IP (VoIP), 14-15
interactive applications, 12
real-time applications, 12
user interactions, 12
area keyword, 176
ARP (Address Resolution Protocol), 20
ARPANET, 18
assigned multicast addresses, 104
assigning VLANs to interfaces, 73-75
asymmetric switching, 44
attacks, mitigating, 250
authentication, 251-253
Index
312 auto-cost reference-bandwidth command
auto-cost reference-bandwidth com-mand, 179, 188
automatic medium-dependent interface crossover (auto-MDIX), 56
auto-MDIX (automatic medium-depen-dent interface crossover), 56
AUX ports, 3
B
B1 configuration requirements, 298-299
B2 configuration requirements, 298-299
backup designated routers (BDR), 173
bandwidth command, 179
banner command, 254
banner login command, 54
banner motd command, 54, 135
banners, 253-255
batch applications, 12
BDR (backup designated routers), 173
bidirectional, 55
bits to borrow, determining, 86
black hole VLANs, 65
broadcast addresses, 37, 87
broadcast domains, 43
buffering memory, 44
Building Your I.T. Career: A Complete Toolkit for a Dynamic Career in Any Economy (Moran), 309
C
cables (UTP), 34-35
Catalyst 2960 switch configuration, 201-203
CDP (Cisco Discovery Protocol)
disabling, 255
as troubleshooting tool, 291-292
certificates
adding to resumes, 309
certificate support website, 309
certification options, 310
receiving, 309
certified score reports, 307
choosing switches, 2
Cisco Borderless Network, 9-11
Cisco Discovery Protocol (CDP), dis-abling, 255
Cisco IOS, accessing
CLI EXEC sessions, 46
CLI navigation and editing shortcuts, 47-48
command history, 48
connecting to Cisco devices, 45-46
help, 46
IOS examination commands, 48
subconfiguration modes, 49
classes of addresses, 80-81
classful routing protocols, 122
classless routing protocols, 122-123
clear interface command, 140
clear ip nat translation command, 245
CLI (command-line interface), 41
EXEC sessions, 46
navigation and editing shortcuts, 47-48
clients
client-server interaction, 12
DHCPv4 client configuration, 211-212
collusion domains, 43
command history, 48
command-line interface. See CLI
configuration 313
commands. See specific commands
comments, adding to ACLs (access con-trol lists), 233
common network applications, 13
configuration
B1 and B2 configuration requirements, 298-299
Catalyst 2960 switches, 201-203
configuration files, storing and erasing, 49-50
DHCPv4, 206
DHCPv4 clients, 211-212
DHCPv4 servers, 206-210
relaying DHCPv4 requests, 210-211
DHCPv6
stateful DHCPv6 servers, 217-218
stateless DHCPv6 servers, 216-217
dynamic NAT (Network Address Translation), 243-244
extended numbered ACLs, 230-231
HQ configuration requirements, 298
HQ-Sw configuration requirements, 297-298
IPv4 addressing
configuration requirements, 297
default routing, 158-161
static routing, 154-158
summary static routing, 161-162
IPv4 routers, 133-135
banner motd command, 135
command syntax, 134
copy run start command, 136
copy running-config startup-config command, 136
enable secret class command, 135
hostname command, 135
interface status codes, 137-138
service-password encryption com-mand, 135
show interface command, 138-142
show ip interface brief command, 137
show ip route command, 136-137
show running-config command, 136
IPv6 addressing
default routing, 165
static routing, 162-164
summary static routing, 166-167
IPv6 routers
EUI-64 method, 146
full IPv6 address and link-local address configuration, 146-147
ipv6 unicast-routing command, 145-146
network connectivity, verifying, 148-151
show ipv6 interface command, 147-148
ISPs for CCENT skills review, 297
multilayer switches, 200-203
named ACLs, 231-233
NAT overloading, 244
native and management VLANs, 263
OSPFv2, 175-180
OSPFv3, 186-187
port security, 259-261
router on a stick, 197-200
SSH (Secure Shell), 56-57
standard numbered ACLs, 227
denying specific host, 228-229
denying specific subnet, 229
denying Telnet or SSH access to router, 229-230
permitting specific network, 228
static NAT (Network Address Translation), 242
switches
automatic medium-dependent interface crossover (auto-MDIX), 56
314 configuration
basic switch configuration com-mands, 53-55
full-duplex communication, 55
half-duplex communication, 55
network connectivity, verifying, 58-61
port speed, 55
SSH (Secure Shell) access, 56-57
switch ports, verifying, 269
VLANs
default configuration, 72
trunking, 75-78
configuration files, storing and erasing, 49-50
configure terminal command, 49, 53
connectionless protocols, 26
connectivity, verifying, 58-61
console ports, 3
convergence with link-state protocols, 131
copper cable, 4-5
copy run start command, 136
copy running-config startup -config command, 54, 136
core layer switches, 2-3
crypto key generate rsa command, 57
crypto key zeroize rsa command, 57
CSMA/CD algorithm, 33
cut-through switching, 44
D
DAD (Duplicate Address Detection), 105, 212
DARPA (Defense Advanced Research Projects Agency), 18
data encapsulation, 29
Data link layer (OSI), 19
data VLANs, 65
database description (DBD) packets, 170
DBD (database description) packets, 170
debug ip nat command, 246
default administrative distances, 127
default gateways, troubleshooting, 267-268
default-router command, 207
default routing
IPv4 configuration, 158-161
IPv6 configuration, 165
overview, 153-154
default VLANs
configuration, 72
explained, 65
Defense Advanced Research Projects Agency (DARPA), 18
defining ACLs (access control lists), 221
denied protocols, troubleshooting, 283-284
deny statement, 231
denying
FTP from subnets, 231
hosts, 228-229, 232
SSH access, 229-230
subnets, 229
Telnet, 229-231
designated routers (DR), 173
designing ACLs (access control lists), 225-226
determining
how many bits to borrow (subnets), 86
subnet masks, 87
subnet multiplier, 87
dynamic NAT (Network Address Translation) 315
device security
IOS security
banners, 253-255
passwords, 251-253
network security
attack mitigation, 250
best practices, 250
physical security, 249
types of vulnerabilities, 250
NTP (Network Time Protocol), 256-257
services, disabling
Cisco Discovery Protocol (CDP), 255
HTTP, 255
small services, 256
DHCPACK packets, 206
DHCPDISCOVER packets, 205, 210
DHCPNAK packets, 206
DHCPOFFER packets, 205
DHCPREQUEST packets, 206
DHCPv4, 13, 20, 205
configuration options, 206
DHCPv4 clients, 211-212
DHCPv4 servers, 206-210
relaying DHCPv4 requests, 210-211
IP addresses, obtaining, 205-206
testing, 269
troubleshooting, 268-269
DHCPv6, 113
ADVERTISE messages, 215
configuration options
stateful DHCPv6 servers, 217-218
stateless DHCPv6 servers, 216-217
INFORMATION-REQUEST messages, 215
operation, 214-215
REQUEST messages, 215
SLAAC, 212-214
SOLICIT messages, 215
stateful DHCPv6, 214
stateless DHCPv6, 214
Dijkstra Shortest Path First (SPF) algo-rithm, 130-131
disabled VLANs, troubleshooting, 274-275
disabling
services
Cisco Discovery Protocol (CDP), 255
HTTP, 255
small services, 256
VLANs, 274-275
distance vector routing protocols, 121-122
distribution layer switches, 2
DNS (Domain Name System), 13, 19
dns-server command, 207
documentation, 11-12
domain-name command, 207
Domain Name System (DNS), 13, 19
domains, 43
dot1q keyword, 198
double colon (::) in IPv6 routing, 165
DR (designated routers), 173
DROTHER routers, 173
DTP (Dynamic Trunking Protocol), 68
dual-stacking, 114
duplex auto command, 53
duplex mismatches, 289-290
Duplicate Address Detection (DAD), 105, 212
duplicate IP addresses, troubleshooting, 268
Dynamic Host Configuration Protocol. See DHCP
dynamic NAT (Network Address Translation), 240, 243-244
316 dynamic routing protocols
dynamic routing protocols, 119-120
dynamic routing metrics, 125-126
link-state routing protocols
convergence, 131
Dijkstra Shortest Path First (SPF) algorithm, 130-131
link-state database (LSDB), build-ing, 129
routing loop prevention, 128-129
Dynamic Trunking Protocol (DTP), 68
E
EGP (exterior gateway protocols), 121
eHWIC (enhanced high-speed WAN interface card) slots, 3
EIA (Electronics Industry Alliance), 35
EIGRP, 128
Electronics Industry Alliance (EIA), 35
enable password cisco command, 54
enable password command, 55, 251
enable secret class command, 54, 135
enable secret command, 251
enabling VLANs, 274-275
encapsulation command, 198
encapsulation process, 20-21
end command, 54
enhanced high-speed WAN interface card (eHWIC) slots, 3
erase nvram command, 50
erase startup-config command, 50
erasing configuration files, 49-50
error recovery, 24-25
Ethernet
addressing, 36-37
common Ethernet technologies, 34
CSMA/CD algorithm, 33
explained, 20, 31-32
framing, 37-38
legacy Ethernet technologies, 32-34
physical layer, 38-39
switches, 36
UTP cabling, 34-35
EUI-64, 112, 146
evolution to switching, 41-42
exams
certified score reports, 307
exam day requirements, 307
post-exam information
adding certificates to resumes, 309-310
certificate support website, 309
certification options, 310
failing exams, 310
receiving certificates, 309
skills review and practice, 295
addressing table, 296
answer scripts, 302-305
B1 and B2 configuration require-ments, 298-299
HQ configuration requirements, 298
HQ-Sw configuration require-ments, 297-298
IPv4 addressing configuration requirements, 297
ISP configuration, 297
skills challenge, 305
topology diagram, 295
verification, 299
VLANs and port assignments table, 296
Exec banner, 253
EXEC sessions, 46
exit command, 53-54
exit interface parameter (IPv4 static routing), 157-158
HTTP (Hypertext Transfer Protocol) 317
extended ACLs (access control lists), 224
extended numbered ACLs (access con-trol lists), configuring, 230-231
Extended Unique Identifier (EUI), 112
exterior gateway protocols (EGP), 121
F
failing exams, 310
Fast Ethernet, 34
FDDI (Fiber Distributed Data Interface), 9
Fiber Distributed Data Interface (FDDI), 9
fiber-optic cable, 4-5
File Transfer Protocol (FTP), 13, 20
files (configuration files), storing and erasing, 49-50
flow control, 25
forwarding frames, 43-44
forwarding packets
explained, 117
path determination and switching func-tion example, 118-119
fragment free switching, 44
frame forwarding, 43-44
Frame Relay, 20
framing, 37-38
FTP (File Transfer Protocol), 13, 20
denying, 231
FTTP (Hypertext Transfer Protocol), 13
full-duplex communication, 55
G
gateways, troubleshooting, 267-268
Gigabit Ethernet, 34
global unicast addresses, 98-101
Graziani, Rick, 95
growth of network applications, 13
increased network usage, 14
quality of service (QoS), 14
Video over IP, 15
Voice over IP (VoIP), 14-15
H
half-duplex communication, 55
headers
IPv4 addressing, 79-80
link header, 29
TCP headers, 23
Hello packets, 170-172
help, Cisco IOS, 46
hierarchical network design, 10-11
hold-down timers, 128
hop count, 125
host keyword, 229
host ranges, listing, 87
hostname command, 53, 135
hosts
connectivity issues, troubleshooting, 282-283
denying, 228-229, 232
hot keys, 47-48
HQ configuration requirements, 298
HQ-Sw configuration requirements, 297-298
HTTP (Hypertext Transfer Protocol), 13, 20
disabling, 255
318 ICMP (Internet Control Message Protocol)
I
ICMP (Internet Control Message Protocol), 20
icons, 8
identifying ACLs (access control lists), 225
IDs
interface IDs, 112
subnet IDs, 111-112
IETF (Internet Engineering Task Force), 95
IGP (interior gateway protocols), 121, 128
IMAP (Internet Message Access Protocol), 20
inside global addresses, 238
inside local addresses, 238
interactive applications, 12
interface fastethernet command, 53
interface g0/1.10 command, 198
interface IDs, 112
interface keyword, 244
interface range command, 55
interface status codes, 137-138
interface vlan 123 command, 53
interface vlan command, 200,-202
interfaces
assigning VLANs to, 73-75
shutting down, 264
troubleshooting, 288
common problems on “up” inter-faces, 290
duplex and speed mismatches, 289-290
interface status codes, 288
interior gateway protocols (IGP), 121, 128
Internet Control Message Protocol (ICMP), 20
Internet Engineering Task Force (IETF), 95
Internet layer (TCP/IP), 19, 27
Internet Message Access Protocol (IMAP), 20
Internet Protocol (IP), 20
internetworks, 7
inter-VLAN routing, 269-270
legacy inter-VLAN routing, 195
multilayer switches, 197, 200-203
router on a stick, 196-200
upstream routing, 203
IOS security
banners, 253-255
passwords, 251-253
IP (Internet Protocol), 20
ip access-group command, 228, 232-233
ip access-list extended command, 233
ip access-list standard command, 232
ip address command, 53, 147
ip address dhcp command, 211
IP addresses
DHCPv4, 205-206
DHCPv6, 212-214
duplicate addresses, troubleshooting, 268
inter-VLAN routing and IP addressing, troubleshooting, 269-270
IPv4 address conflicts, 268-269
static IP addresses, testing connectivity with, 269
ip default-gateway command, 54
ip dhcp excluded-address command, 206
ip dhcp pool command, 206
IPv6 addressing 319
ip domain-name command, 57
ip forward-protocol udp command, 211
ip helper-address address command, 210
ip http authentication enable command, 54
ip http server command, 54
ip ospf cost command, 180
ip route command, 154
ip routing command, 203
IP telephony traffic, 64
ipconfig command, 58-59
ipconfig/all command, 209
ipconfig/release command, 210
ipconfig/renew command, 210
IPv4 addressing, 79
classes of addresses, 80-81
compared to IPv6, 96
configuration requirements, 297
conflicts, 268-269
default route configuration, 158-161
header format, 79-80
network connectivity, verifying, 148-151
private and public IP addressing, 82-83
router configuration, 133-135
banner motd command, 135
command syntax, 134
copy running-config startup-config command, 136
copy run start command, 136
enable secret class command, 135
hostname command, 135
interface status codes, 137-138
service-password encryption com-mand, 135
show interface command, 138-142
show ip interface brief command, 137
show ip route command, 136-137
show running-config command, 136
static route configuration, 154-156
exit-interface parameter, 157-158
next-hop parameter, 156-157
subnet masks, 81-82
subnetting steps, 85
determining how many bits to bor-row, 86
determining new subnet mask, 87
determining subnet multiplier, 87
example 1, 88
example 2, 88
example 3, 89
listing subnets, host ranges, and broadcast addresses, 87
summarizing subnet addresses, 91-93
VLSM (variable-length subnet masking), 89-91
summary static route configuration, 161-162
IPv4-mapped IPv6 addresses, 103-104
ipv6 address autoconfig command, 217
ipv6 address dhcp command, 217
IPv6 addressing
anycast addresses, 106
compared to IPv4, 96
EUI-64 configuration, 112
default route configuration, 165
explained, 95-96
global unicast addresses, 98-101
IPv4-mapped IPv6 addresses, 103-104
link-local addresses, 101
loopback addresses, 102
migrating to, 114
multicast addresses
assigned multicast addresses, 104
solicited-node multicast addresses, 104-105
320 IPv6 addressing
NAT for IPv6
private address space, 247
purpose of, 247-248
network connectivity, verifying, 148-151
prefixes, 110-111
router configuration
EUI-64 method, 146
full IPv6 address and link-local address configuration, 146-147
ipv6 unicast-routing command, 145-146
network connectivity, verifying, 148-151
show ipv6 interface command, 147-148
stateless address autoconfiguration, 113
static route configuration, 162-164
subnetting
interface ID, 112
subnet ID, 111-112
summary static route configuration, 166-167
unicast addresses, 98
unique local addresses (ULAs), 102-103
unspecified addresses, 102
writing conventions, 109-111
IPv6 Fundamentals (Graziani), 95
ipv6 nd managed-config-flag command, 214
ipv6 nd other-config-flag command, 214
ipv6 ospf area command, 186
ipv6 route command, 164
ipv6 router ospf command, 188
ipv6 unicast-routing command, 113, 145-146, 186, 216
isl keyword, 198
ISPs, configuration for CCENT skills review, 297
J-K-L
keyboard shortcuts, 47-48
LAN device connection guidelines, 6
LANs (local area networks)
device connection guidelines, 6
explained, 7
Layer 1 issues, troubleshooting
CDP, 291-292
interface status and switch configura-tion, 288
CDP, 291-292
common problems on “up” inter-faces, 290
duplex and speed mismatches, 289-290
interface status codes, 288
media issues, 287
Layer 2 switching, 44
Layer 3 switching, 44
lease command, 207
legacy Ethernet technologies, 32-34
legacy inter-VLAN routing, 195
line console command, 54
line vty command, 54
link header, 29
link-local addresses, 101
link-state acknowledgment (LSAck) packets, 170
link-state advertisements (LSA), 170-172
link-state database (LSDB), building, 129
link-state request (LSR) packets, 170
link-state routing process (OSPFv2), 174-175
native VLANs 321
link-state routing protocols, 122
convergence, 131
Dijkstra Shortest Path First (SPF) algo-rithm, 130-131
link-state database (LSDb), building, 129
link-state update (LSU) packets, 170-172
link trailer, 29
local area networks (LANs)
device connection guidelines, 6
explained, 7
logical topologies, 8-9
Login banner, 253
login command, 54, 251
login local command, 253
login local vty command, 57
loopback addresses, 102
LSA (link-state advertisements), 170-172
LSAck (link-state acknowledgment) packets, 170
LSDb (link-state database), building, 129
LSR (link-state request) packets, 170
LSU (link-state update) packets, 170-172
M
management VLANs
configuring, 263
explained, 65
matching logic (ACLs), 222-223
mdix auto command, 54
media, 4-6
media issues, troubleshooting, 287
memory buffering, 44
message format (OSPFv2), 169
Message of the Day (MOTD), 253
metrics
dynamic routing metrics, 125-126
OSPFv2, 178-180
migrating to IPv6, 114
mitigating network attacks, 250
Moran, Matthew, 309
MOTD (Message of the Day), 253
multicast addresses, 37
assigned multicast addresses, 104
solicited-node multicast addresses, 104-105
multicast traffic, 64
multilayer switches, 197, 200-203
N
named ACLs (access control lists), 224, 231-233
NAT (Network Address Translation), 237-238
benefits, 241
dynamic NAT, 240, 243-244
example, 239
limitations, 241
NAT for IPv6
overloading, 240-241, 244
private address space, 247
purpose of, 247-248
static NAT, 240-242
terminology, 239
topology, 238
troubleshooting, 246-247
verifying, 245
native keyword, 198
native VLANs
configuring, 263
explained, 65
322 NDP (Neighbor Discovery Protocol)
NDP (Neighbor Discovery Protocol), 104, 213
Neighbor Discovery Protocol (NDP), 104, 213
neighbor establishment (OSPFv2), 170-172
Neighbor Solicitation (NS) message, 212
netbios-name-server command, 207
network access layer (TCP/IP), 19, 27-28
Network Address Translation. See NAT
network applications
batch applications, 12
common network applications, 13
growth of, 13
increased network usage, 14
quality of service (QoS), 14
Video over IP, 15
Voice over IP (VoIP), 14-15
interactive applications, 12
real-time applications, 12
user interactions, 12
network command, 176, 186, 207
network connectivity, verifying, 58-61, 148-151
network documentation, 11-12
Network layer (OSI), 19
network management traffic, 64
network media, 4-6
network security
attack mitigation, 250
best practices, 250
physical security, 249
types of vulnerabilities, 250
Network Time Protocol (NTP), 256-257
networking icons, 8
networking models
OSI model
encapsulation process, 20-21
explained, 17-18
layers, 18-19
PDUs (protocol data units), 20-21
TCP/IP model
application layer, 19-21
connection establishment and ter-mination, 25
data encapsulation summary, 29
error recovery, 24-25
explained, 17-18
flow control, 25
Internet layer, 19, 27
layer functions, 19
network access layer, 19, 27-28
port numbers, 23-24
protocols, 19-20
transport layer, 19, 22-23
User Datagram Protocol (UDP), 26
next-hop parameter (IPv4 static rout-ing), 156-157
no passive-interface command, 178
no service dhcp command, 208
no shutdown command, 53, 198, 200, 202, 264
normal data traffic, 64
NS (Neighbor Solicitation) message, 212
NTP (Network Time Protocol), 256-257
ntp server command, 257
numbered ACLs (access control lists), 224
numbers of ports, 23-24
ports 323
O
Open Shortest Path First. See OSPFv2; OSPFv3
operational states (trunks), 278-279
organizationally unique identifier (OUI), 36
OSI model
encapsulation process, 20-21
explained, 17-18
layers, 18-19
PDUs (protocol data units), 20-21
physical layer, 38-39
OSPFv2, 128, 169
algorithm, 173
configuration, 175-180
designated routers, 173
link-state advertisements, 172
link-state routing process, 174-175
message format, 169
metric modifications, 178-180
neighbor establishment, 170-172
OSPFv3 versus
differences, 186
similarities, 185
packet types, 170
verification, 180-184
OSPFv3
configuration, 186-187
OSPFv2 versus
differences, 186
similarities, 185
router ID, 188-189
verification, 189-192
OUI (organizationally unique identifier), 36
outside global addresses, 238
outside local addresses, 238
overload keyword, 244
overloading NAT (Network Address Translation), 240-241, 244
P
packet forwarding
explained, 117
path determination and switching func-tion example, 118-119
packet types (OSPFv2), 170
passive-interface command, 177-178, 188
passive-interface default command, 178
password cisco command, 54
passwords, 251-253
PAT (Port Address Translation), 240-241, 244
PDUs (protocol data units), 20-21
peer-to-peer interaction, 12
permit statement, 231
physical layer, 4, 38-39
LAN device connection guidelines, 6
network media, 4-6
Physical layer (OSI), 19
physical network security, 249
physical topologies, 8-9
ping command, 58-60, 148-149, 269
POP (Post Office Protocol), 13, 20
Port Address Translation (PAT), 240-241, 244
port-based memory, 44
ports
AUX ports, 3
console ports, 3
port assignments for CCENT skills review, 296
port-based memory, 44
324 ports
port numbers, 23-24
port speed, 55
restoring after security violations, 261-262
security, 259-261
verifying configuration, 269
positive acknowledgment, 24
post-exam information
adding certificates to resumes, 309-310
certificate support website, 309
certification options, 310
failing exams, 310
receiving certificates, 309
Post Office Protocol (POP), 13, 20
prefixes (IPv6), 110-111
Presentation layer (OSI), 18
private IP addressing, 82-83
Privileged EXEC mode, 46
processing ACLs (access control lists), 221-222
protocol data units (PDUs), 20-21
protocols. See specific protocols
public IP addressing, 82-83
Q
QoS (quality of service), 14
quad-zero route, 158
quality of service (QoS), 14
R
RA (Router Advertisement) message, 212
range command, 73
real-time applications, 12
receiving certificates, 309
reference bandwidth, 178
relaying DHCPv4 requests, 210-211
reliability, 24-25
remark keyword, 228, 233
restoring ports after security viola-tions, 261-262
resumes, adding certificates to, 309-310
RIP (Routing Information Protocol), 126, 128, 169
route poisoning, 129
Router Advertisement (RA) message, 212
router ID
in OSPFv2, 177
in OSPFv3, 188-189
router-id command, 177, 188
router on a stick, 196-200
router ospf command, 176
Router Solicitation (RS) message, 212
routers, 3. See also routing
IPv4 router configuration, 133-135
banner motd command, 135
command syntax, 134
copy run start command, 136
copy running-config startup-config command, 136
enable secret class command, 135
hostname command, 135
interface status codes, 137-138
service-password encryption com-mand, 135
show interface command, 138-142
show ip interface brief command, 137
show ip route command, 136-137
show running-config command, 136
show cpd commands 325
IPv6 router configuration
EUI-64 method, 146
full IPv6 address and link-local address configuration, 146-147
ipv6 unicast-routing command, 145-146
network connectivity, verifying, 148-151
show ipv6 interface command, 147-148
routing. See also routers
classful routing protocols, 122
classless routing protocols, 122-123
distance vector routing protocols, 121-122
dynamic routing protocols
AD (administrative distance), 126-127
dynamic routing metrics, 125-126
routing loop prevention, 128-129
dynamic versus static routing, 119-120
EGP (exterior gateway protocols), 121
IGP (interior gateway protocols), 121, 128
link-state routing protocols, 122, 129
convergence, 131
Dijkstra Shortest Path First (SPF) algorithm, 130-131
link-state database (LSDb), build-ing, 129
methods, 119-120
packet forwarding
explained, 117
path determination and switching function example, 118-119
Routing Information Protocol (RIP), 126, 169
RS (Router Solicitation) message, 212
Running-config file, 50
S
scavenger class, 64
score reports (exams), 307
sdm prefer lanbase-routing command, 202
Secure Shell. See SSH
security
network security
attack mitigation, 250
best practices, 250
physical security, 249
types of vulnerabilities, 250
port security
configuring, 259-261
restoring after security violations, 261-262
Server Message Block (SMB), 13
servers
DHCPv4 server configuration, 206-210
stateful DHCPv6 server configuration, 217-218
stateless DHCPv6 server configuration, 216-217
service password-encryption com-mand, 54, 135, 252
services, disabling
Cisco Discovery Protocol (CDP), 255
HTTP, 255
small services, 256
Session layer (OSI), 18
shared memory, 44
shortcuts, 47-48
Shortest Path First (SPF) algorithm, 130-131, 173
show access-lists command, 234
show cdp interface command, 292
show commands, 48
show cpd commands, 291-292
326 show history command
show history command, 48
show interface command, 138-142, 287, 289
show interface status command, 274, 287, 289
show interfaces command, 274
show interfaces switchport command, 274, 279
show interfaces trunk command, 277-278
show ip dhcp conflict command, 269
show ip interface brief command, 137, 180, 199
show ip interface command, 234
show ip nat statistics command, 245
show ip nat translations command, 245-246
show ip ospf command, 177, 182, 189
show ip ospf database command, 189
show ip ospf interface brief command, 183, 189
show ip ospf interface command, 189
show ip ospf interfaces command, 177
show ip ospf neighbor command, 181, 189
show ip protocols command, 126, 177, 180, 189
show ip route command, 125, 136-137, 180, 199
show ip route ospf command, 189
show ip ssh command, 57
show ipv6 interface command, 147-148, 217
show ipv6 ospf command, 189
show ipv6 ospf database command, 189
show ipv6 ospf interface brief com-mand, 189
show ipv6 ospf interface command, 189
show ipv6 ospf neighbor command, 189
show ipv6 protocols command, 189
show ipv6 route command, 164
show ipv6 route ospf command, 189
show mac address-table command, 274
show ntp status command, 257
show port-security command, 260
show running-config command, 136, 235, 270
show vlan brief command, 72-74, 274
show vlan command, 274
show vlan id command, 274
show vlans command, 199
shutdown command, 202, 264
shutting down unused interfaces, 264
Simple Mail Transfer Protocol (SMTP), 13, 20
Simple Network Management Protocol (SNMP), 20
skills review and practice, 295
addressing table, 296
answer scripts, 302-305
B1 and B2 configuration requirements, 298-299
HQ configuration requirements, 298
HQ-Sw configuration requirements, 297-298
IPv4 addressing configuration require-ments, 297
ISP configuration, 297
skills challenge, 305
topology diagram, 295
verification, 299
VLANs and port assignments table, 296
SLAAC (Stateless Address Autoconfiguration), 113, 212-214
subnets 327
small services, disabling, 256
SMB (Server Message Block), 13
SMTP (Simple Mail Transfer Protocol), 13, 20
SNMP (Simple Network Management Protocol), 20
solicited-node multicast addresses, 104-105
speed
port speed, 55
speed mismatches, 289-290
speed auto command, 53
SPF (Shortest Path First) algorithm, 130-131, 173
split horizon, 128
SSH (Secure Shell), 251-253
access, denying, 229-230
configuring, 56-57
remote access, 150-151
standard ACLs (access control lists), 224
standard numbered ACLs (access con-trol lists), configuring, 227
denying specific host, 228-229
denying specific subnet, 229
denying Telnet or SSH access to router, 229-230
permitting specific network, 228
Startup-config file, 50
stateful DHCPv6, 214, 217-218
stateless address autoconfiguration, 113
Stateless Address Autoconfiguration (SLAAC), 113, 212-214
stateless DHCPv6, 214-217
states
stateful DHCPv6, 214, 217-218
stateless address autoconfiguration, 113
Stateless Address Autoconfiguration (SLAAC), 113, 212-214
stateless DHCPv6, 214-217
trunking operational states, 278-279
static IP addresses, testing connectivity with, 269
static NAT (Network Address Translation), 240-242
static routing, 119-120
IPv4 configuration, 154-156
exit-interface parameter, 157-158
next-hop parameter, 156-157
IPv6 configuration, 162-164
overview, 153-154
store-and-forward switching, 44
storing configuration files, 49-50
stub networks, 153
subconfiguration modes, 49
subnet IDs, 111-112
subnet masks
binary values, 82
determining, 87
purpose of, 81-82
subnet multiplier, determining, 87
subnets
denying, 229
IPv4 subnetting steps, 85
determining how many bits to bor-row, 86
determining new subnet mask, 87
determining subnet multiplier, 87
example 1, 88
example 2, 88
example 3, 89
listing subnets, host ranges, and broadcast addresses, 87
summarizing subnet addresses, 91-93
VLSM (variable-length subnet masking), 89-91
328 subnets
IPv6 subnetting
interface ID, 112
subnet ID, 111-112
subnet IDs, 111-112
subnet masks
binary values, 82
determining, 87
purpose of, 81-82
subnet multiplier, determining, 87
summarizing subnet addresses, 91-93
summary static routing
IPv4 configuration, 161-162
IPv6 configuration, 166-167
SVIs (switch virtual interfaces), creat-ing additional, 200-201
switch virtual interfaces (SVIs), creat-ing additional, 200-201
switches
access layer switches, 2
benefits of, 36
broadcast domains, 43
choosing, 2
Cisco IOS, accessing
CLI EXEC sessions, 46
CLI navigation and editing short-cuts, 47-48
command history, 48
connecting to Cisco devices, 45-46
help, 46
IOS examination commands, 48
subconfiguration modes, 49
collusion domains, 43
configuring
automatic medium-dependent interface crossover (auto-MDIX), 56
basic switch configuration com-mands, 53-55
configuration commands, 53-55
full-duplex communication, 55
half-duplex communication, 55
network connectivity, verifying, 58-61
port speed, 55
SSH (Secure Shell) access, 56-57
core layer switches, 2-3
distribution layer switches, 2
evolution to switching, 41-42
frame forwarding, 43-44
port configuration, verifying, 269
security
native and management VLANs, configuring, 263
port security, configuring, 259-261
ports, restoring after security vio-lations, 261-262
unused interfaces, shutting down, 264
subconfiguration files, storing and eras-ing, 49-50
SVIs (switch virtual interfaces), creating additional, 200-201
switching logic, 42-43
troubleshooting
common problems on “up” inter-faces, 290
duplex and speed mismatches, 289-290
interface status codes, 288
switching logic, 42-43
switchport access vlan 123 command, 53
switchport access vlan command, 264, 274
switchport mode access command, 53, 259, 264
switchport mode dynamic auto com-mand, 279
switchport mode dynamic desirable command, 68
triggered updates 329
switchport mode trunk command, 68
switchport mode trunk dynamic auto command, 68
switchport nonegotiate command, 68
switchport port-security command, 259
switchport port-security mac-address command, 259
switchport port-security mac-address sticky command, 259
switchport port-security maximum command, 259
switchport port-security violation com-mand, 260
switchport trunk native vlan command, 264
symmetric switching, 44
T
TCP (Transmission Control Protocol), 20
TCP headers, 23
TCP/IP model
application layer, 19-21
data encapsulation summary, 29
explained, 17-18
Internet layer, 19, 27
layer functions, 19
network access layer, 19, 27-28
protocols, 19-20
transport layer, 19
connection establishment and ter-mination, 25
error recovery, 24-25
features, 22
flow control, 25
port numbers, 23-24
TCP headers, 23
User Datagram Protocol (UDP), 26
Telecommunications Industry Association (TIA), 35
Telnet, 19
denying, 229-231
troubleshooting, 284-286
terminal history command, 48
terminal history size 50 command, 48
terminal no history command, 48
terminal no history size command, 48
testing DHCPv4 operation, 269
TIA (Telecommunications Industry Association), 35
Time to Live (TTL) field, 129
timers, 251-253
Token Ring, 9
topologies, 8-9
topology diagram for CCENT skills review, 295
traceroute command, 149-150
tracert command, 60-61
traffic types, 64
Transmission Control Protocol (TCP), 20
transport input ssh command, 251
transport input ssh vty command, 57
transport layer
OSI, 19
TCP/IP, 19
connection establishment and ter-mination, 25
error recovery, 24-25
features, 22
flow control, 25
port numbers, 23-24
TCP headers, 23
User Datagram Protocol (UDP), 26
triggered updates, 129
330 troubleshooting
troubleshooting
ACLs, 281
denied protocols, 283-284
host connectivity issues, 282-283
Telnet, 284-286
default gateways, 267-268
DHCP, 268-269
duplicate IP addresses, 268
inter-VLAN routing and IP addressing, 269-270
Layer 1 issues
CDP, 291-292
common problems on “up” inter-faces, 290
duplex and speed mismatches, 289-290
interface status and switch con-figuration, 288
media issues, 287
methodology, 267
NAT (Network Address Translation), 246-247
trunking
operational states, 278-279
show interfaces trunk command, 277-278
VLANs, 273
disabled VLANs, 274-275
troubleshooting commands, 274
trunking
configuring, 75-78
DTP (Dynamic Trunking Protocol), 68
explained, 66-67
troubleshooting
operational states, 278-279
show interfaces trunk command, 278
verifying, 75-78
TTL (Time to Live) field, 129
tunneling, 114
U
UDP (User Datagram Protocol), 20, 26
ULAs (unique local addresses), 102-103
unicast addresses, 98
unique local addresses (ULAs), 102-103
unspecified addresses, 102
unused interfaces, shutting down, 264
upstream routing, 203
User Datagram Protocol (UDP), 20, 26
User EXEC mode, 46
username password command, 57
UTP cabling, 34-35
V
variable-length subnet masking (VLSM), 89-91
verification, 299
ACLs (access control lists), 234-235
multilayer switches, 200-203
NAT (Network Address Translation), 245
network connectivity, 58-61, 148-151
OSPFv2, 180-184
OSPFv3, 189-192
router on a stick, 197-200
switch port configuration, 269
VLAN assignments, 74-75
VLAN creation, 73
VLAN trunking, 75-78
Video over IP, 15
virtual local area networks. See VLANs
VLANs (virtual local area networks)
assigning to interfaces, 73-75
benefits of, 63-64
black hole VLANs, 65
write erase command 331
for CCENT skills review, 296
configuration and verification com-mands, 72-75
creating, 72-73
data VLANs, 65
default configuration, 72
default VLANs, 65
enabling/disabling on switch, 274-275
inter-VLAN routing. See inter-VLAN routing
management VLANs, 65, 263
native VLANs, 65, 263
reasons for using, 63
traffic types, 64
troubleshooting, 273
disabled VLANs, 274-275
troubleshooting commands, 274
trunking
configuring, 75-78
DTP (Dynamic Trunking Protocol), 68
explained, 66-67
troubleshooting, 277-279
verifying, 75-78
verifying assignments, 74-75
verifying creation of, 73
voice VLANs, 65-66
VLSM (variable-length subnet masking), 89-91
Voice over IP (VoIP), 14-15
voice VLANs, 65-66
VoIP (Voice over IP), 14-15
vulnerabilities (security), types of, 250
W-X-Y-Z
WANs (wide area networks), 7
wide area networks (WANs), 7
wildcard mask, 176
windowing, 25
wireless media, 4-5
write erase command, 50