useful ccna material

8/2/2019 Useful Ccna Material

1/93

The Bryant Advantage

Introduction To Cisco NetworkingCourse Guide

Chris Bryant, CCIE # 12933

www.thebryantadvantage.com


2/93

Copyright Information:

Cisco, Cisco Systems, CCIE, and Cisco Certified Internetwork

Expert are registered trademarks of Cisco Systems, Inc., and/or itsaffiliates in the U.S. and certain countries.

All other products and company names are the trademarks, registered

trademarks, and service marks of the respective owners. Throughoutthis book, The Bryant Advantage has used its best efforts todistinguish proprietary trademarks from descriptive names by

following the capitalization styles used by the manufacturer.

Disclaimer:

This publication, The Bryan t Advan t age I n t rodu c t ion To Cisco N e t w o r k i n g , is designed and intended to assist candidates in

preparation for the Introduction to Cisco Networking Technologiesexam for the Cisco Certified Network Associate certification. Allefforts have been made by the author to make this book as accurate

and complete as possible, but no guarantee, warranty, or fitness are

implied, expressly or implicitly. The enclosed material is presented onan as is basis. Neither the author, Bryant Instructional Services, or

the parent company assume any liability or responsibility to anyperson or entity with respect to loss or damages incurred from the

information contained in this workbook.

This Course Guide is an original work by the Author. Any similaritiesbetween materials presented in this Study Guide and actual CCNAexam questions are completely coincidental.

Copyright 2004, The Bryant Advantage.


3/93

Sect i on One: The I n t e rne tw o rk i ng Model s

The OSI Reference Model

Application

Presentation

Session

Transport

Network

Data Link

Physical

The OSI Reference Model is a structured set of guidelines for

communications between two end users in a network. Its used inapplication development and understanding how an internetworkactually works. The OSI model is broken down into seven layers,

examined here from the top level down to the bottom.

The OSI model layers are generally referred to by their layer number,starting from the bottom. The Physical layer is referred to as Layer

One, the Data Link layer as Layer Two, the Network layer as LayerThree, and so on.

The layers youll be primarily working with in your Cisco career andexam prep are the first three layers. Switching occurs at Layer Two,and routing at Layer Three. However, its vital that you understand

what all seven layers do for your Intro and ICND exams.

The App l ica t ion Layer

The top layer of the OSI model, the Application Layer is the layer that

the end user actually interacts with. The Application layer should notbe confused with the application itself. The Application layer ensures

that the remote communication partner is available, that the needed

communication resources exist (a modem, for example), and that bothends of the communication agree on procedures involving data

integrity, privacy, and error recovery.

The sender or receiver can also be authenticated at this level.

1


4/93

Heres an example of how the Application layer works. Lets sayyoure surfing the web, and you type in www.cisco.com. The browser

that youre using is the application, and the application simply says Iwant to view www.cisco.com. The browser isnt actually going outand getting the application; its simply making a request for data in a

format that a remote application can understand.

When trying to decide if a protocol is an Application layer protocol, just

remember that protocols that require the end user to enter a requestare Application layer protocols. These include Telnet, SMTP (email),

HTTP and WWW, NFS (Network File System), and FTP (File TransferProtocol). The protocols POP3 and SMTP, used in email, are alsoApplication layer protocols.

The Present a t ion Layer

The Presentation Layer is just what it sounds like: The OSI model

layer thats concerned with properly presenting the information. Atthe Presentation Layer, the communication systems must agree on

how the data is to be presented.

Have you ever opened a file in a word processing application, and yougot pages of unrecognizable characters? Thats a Presentation Layer

problem. The applications have not agreed on how the data is to bepresented.

There are four primary facets that the Presentation Layer is concernedwith:

1. Compatibility with the operating system2. Proper encapsulation of data for network transmission.

3. Data formatting (ascii, binary)4. Data encryption and compression.

Several of the protocols the Presentation Layer is concerned with willbe familiar to you. They are JPEG, ASCII, GIF, MPEG, MIDI, EBCDIC,

and TIFF.

2


5/93

The Session Layer

The Session Layer handles the construction and teardown of theconnection between the two end points involved in the communication.

Some sessions last just long enough to send a unidirectional message,where other sessions will be of longer duration.

A helpful way to remember what the Session Layer does is to considerit as the manager of the communication between a local and a

remote system.

Protocols that run at the Session layer include Remote Procedure Calls

(RPC), SQL, NFS, and ZIP, the AppleTalk Zone Information Protocol.

Sessions are related to certain ports, a number that is associated withan upper layer application. Port numbers that are static and often-

used are referred to as well-known port numbers.

The Tran spor t Layer The Transport Layers main purpose is to establish a connectionbetween end-to-end systems, segment data received from the upper

layers of the OSI model, and to make sure the data gets to thedestination in the correct order and free of errors.

At the Transport Layer, there are two methods for transporting data:connection-oriented, referring to TCP, and connectionless, referringto UDP.

TCP, the connection-oriented packet delivery method, provides several

additional services at the Transport layer to prevent lost data:

Flow Control

TCP uses a series of acknowledgements to enforce flow control. Withflow control, when one router receives a packet, it sends an

acknowledgement, or ack, back to the sender. If the sender doesnot receive an ack for a segment it sent, the segment will be resent

and reassembled in the correct order at the receiver. This preventsthe receivers buffer from being overburdened, since packets that are

not received due to a full buffer are not acknowledged. (A buffer is apart of the routers memory used to hold packets awaiting processing.)

3


6/93

Intro Exam Tip

It sounds odd that the receiver is actually controlling how quickly the

sender can send the information, but thats exactly what happens withflow control. Remember that the sender isnt controlling the flow; the

receiver is controlling the speed of the flow by sending (and notsending) acknowledgements back to the sender.

The Three-Way Handshake

One term often heard when discussing TCP is the three-wayhandshake. The connection is actually built before data is

transmitted, which is why TCP is referred to as connection-oriented,or reliable.

When a sender and receiver participate in a TCP connection, here arethe steps of the three-way handshake:

1. The sender requests synchronization with the receiver.2. The request is acknowledged, and the rules of the connection are

agreed upon. The receiver then requests synchronization withthe sender, resulting in a bidirectional (two-way) connection.

3. The sender acknowledges the connection agreement and that

the connection now exists, and data can now be transferred overthe newly constructed connection.

Windowing

If the sender waits for an ack from the receiver before sending another

data segment, the transmission is going to be unacceptably slow. Forthis reason, TCP allows windowing. This term refers to data sentduring the time after the sender sent a packet, but before it completes

processing the acks it received.

The term size of the window refers to the number of packets thesender can transmit before it must wait for an ack. If the size of the

window is three, the sender can transmit three data segments before

it must wait for an ack.

4


7/93

User Datagram Protocol (UDP)

UDP is referred to as connectionless because there is no handshakebefore transmission, and the data channel does not exist before the

data is sent; its just sent. No acknowledgements are sent orexpected. UDP makes no guarantee of delivery, only a best effort.

UDP does not use windowing or flow control.

Port Numbers

Both TCP and UDP use port num bersto keep the conversations

involving different protocols separate. Many protocols use the sameport number for all their conversations; these protocols are said tohave well-known port num bers. Other protocols will use a randomly

selected port number.

Besides TCP and UDP, SPX is also a Transport Layer protocol.

The Netw ork Layer

The Network Layer (often referred to as Layer 3; IP addresses areoften referred to as Layer 3 addresses) is aware of the address of

neighbor nodes in the network, and is responsible for selecting thebest route to transmit data between devices that are not local to each

other. The Network Layer is the layer at which routingtakes place.

The end-to-end delivery of packets is defined at the Network Layer.

Operations at this layer will be examined in detail in later sections,since this is one of the two layers youll be most concerned with in

your Cisco exams. For now, know that protocols that run at theNetwork layer include IP, IPX, and AppleTalk DDP.

The Data L ink Layer

The Data Link Layer concerns itself with the actual media that will beused to transport the data. The protocol is determined by the mediatype.

The Data Link Layer is generally referred to as Layer 2, and MACaddresses as Layer 2 addresses. Error control and notification are

performed on frames at this level.

5


8/93

Switches operate at this layer, as do bridges. (Layer 3 Switches doexist, but when operating at Layer 3, theyre not switching or bridging.

Theyre routing. There are no Layer 3 switches referred to on theIntro exam, but you should be familiar with the term.)

The Sub lay ers Of The Data L ink Layer

The Data Link layer has two sublayers of its own. The first, The

Logical Link Control (LLC), tells the Data Link layer how to handle aincoming packet. For example, a host would look in the LLC header to

see which Layer 3 protocol the frame is destined for.

The second, the MAC sublayer, deals with the physical media. MAC

addresses are defined here.

The Phy sical Layer

Also referred to as the bit layer, physical characteristics andspecifications for cabling, pins, electrical currents, and connectors are

all defined at the Physical Layer.

Physical Layer specifications include RJ-45, Ethernet, V.35, and

EIA/TIA-232 and 449.

The Data Encapsu la t i on Process

As data is passed from the Application Layer to the Physical layer, alayer-specific header is added at each layer. The informationcontained in the header is specific to the protocol and the layer that

added it. These headers are called protocol data units(PDUs).

There are five basic steps to the data encapsulation process. The

procession is logical, beginning at the top layer of the OSI model andworking its way down to the physical media.

First, the application data and headers themselves are created. This

occurs when the application has data to send.

Second, the data is packaged for transport. The Transport Layer,running TCP or UDP, places a transport header in front of the data.

Third, the destination and source Layer 3 addresses are added. This

occurs at the Network Layer.

6


9/93

Fourth, the destination and source Layer 2 addresses are added. Thisoccurs at the Data Link layer.

Fifth and finally, the Physical Layer transmits the frames onto themedia.

Data, Fram es, and Packets Oh,My !

Youll hear these terms thrown around quite a bit while preparing foryour Intro and ICND exams. Theyre not interchangeable terms, and

you should know which terms are used at which layers of the OSImodel.

At the top three OSI layers, the data is referred to as just that data.

At the Transport Layer, the data is placed into s e g me n ts . A segment

includes the TCP or UDP header, but not the Layer 3 or Layer 2addresses. (The data couldnt have those at this point, since the

Transport Layer is Layer 4.)

The Network Layer, layer 3, uses packe ts . The packets contain IP

headers, but not data link headers.

The Data Link Layer, layer 2, uses f r a me s , which are converted into

b i t s by the Physical Layer for transmission onto the media.

The TCP / I P Pro toco l Arch i tec tu r e

Layer Name Prot ocols

Application HTTP, SMTP

Transport TCP, UDP

Internetwork IP

Network Interface Frame Relay, Ethernet

The four layers of the TCP/IP architecture can be compared to certainlevels of the OSI model. Its important to know what each level of the

TCP/IP protocol architecture does, and how these layers map to theOSI model.

The Application Layer performs much the same tasks as the

Application, Presentation, and Session layers of the OSI model.Remember the web browser example from the OSI model section? In

7


10/93

the TCP architecture, the web browser would not only request theinformation from the remote device, but it also defines how the file

that is received from the remote device should be opened andpresented.

The Transport layer in the TCP/IP architecture is similar to theTransport layer in the OSI model. This layer can use TCP or UDP as

well.

The Internetwork layer in the TCP/IP architecture uses IP addresses to

determine how packets should be routed. Remember that the OSImodel uses IP addresses, or Layer 3 Addresses, at the Networklayer. The two layers do much the same thing.

The Network Interface layer in the TCP/IP architecture serves to define

the protocols and the hardwareneeded to actually deliver the dataacross the network. The Network Interface model does the work of

both the Data Link and Physical Layers in the OSI model.

8


11/93

9


12/93

I n t r o Ex a m Ti p

When answering questions regarding networking models, take an extramoment to make sure WHICH networking model the question is asking

you about.

Sa me -L ay e r I n t e ra c t i o n v s . Ad ja ce n t -L ev e l I n t e ra c t i o n

Both of these terms refer to the OSI model. The major difference

between the two is that one type of interaction takes place on a single

computer, and the other takes place between two communicatingcomputers.

When remote computers communicate, the local layers of the OSImodel talk to the same layer on the remote computer. For example,

when two computers talk, the Application Layer on the local machineis communicating with the Application Layer on the remote machine,

and so forth.

10


13/93

11


14/93

Adjacent-level interaction is just what it sounds like. The importantconcept to know is that this type of interaction takes place on a single

computer.

12


15/93

Wh y Use I n te rn e tw o rk i n g Mo d el s?

One question often asked by newcomers to networking theory is whythese models are used in the first place. There are several goodreasons.

Breaking the entire networking process into logical segments, or

layers, makes it easier to understand. As a whole, this can be a highly

complex operation; broken up into smaller parts, the process becomesmuch easier to learn.

The OSI model makes life easier for vendors as well. First, agreeingon the OSI model makes it simpler for vendors to create products that

will work on many networks, and that will work together on the samenetwork. In this fashion, products can be created faster as well.

Vendors can also create software that use the higher levels of the OSI

model, or the lower layers.

13


16/93

Sect i on Tw o : I n t roduc t i on To Eth e rne t

Whenever youre on a Local Area Network (LAN), the odds are that

youre using an Ethernet network. Ethernet is by far the first choice

and the most widely used LAN technology in the world.

Ethernet runs at both the Physical and Data Link layers of the OSI

model, so well be taking a look at both layers in this section. Letsbegin with the Physical layer, examining several different types of

cabling.

How Bi t s Are Sen t Over Ethe rne t Cab l ing

A standard Ethernet cabling type is Category 5 Unshielded Twisted-Pair, commonly known as CAT 5 UTP. The connector on the end of a

typical Cat 5 UTP cable is an RJ-45 connector. This type of connectorhas a tab on the bottom that snaps into place when the connector iscorrectly placed into the device. (You can usually hear the snap

sound, unless youre in a very loud wiring closet!)

The cable will contain separate wires inside; the endpoints of thesewires are referred to as pins. While you now know that bits are sent

over these wires, its important to know that the same set of pins isalways used to transmit, and a separate set of pins is always used to

receive.

Pins 1 and 2 Transmit

Pins 3 and 6 Receive

Note that the cabling type is referred to as twisted-pair. Why

bother twisting the wires inside the cable? Twisting the cables reducesthe amount of electromagnetic interference that the wires themselves

cause. (If EMI is a real problem, fiber-optic cable is your best bet, and

also your most expensive.)

Crossover Cab les vs . St r a igh t -Throu gh Cab les

A straight-through cable is used to connect a PC to a switch or hub. In

a straight-through cable, the wire connected to Pin 1 on one side isconnected to Pin 1 on the other, the wire connected to Pin 2 on oneside is connected to Pin 2 on the other, and so forth.

14


17/93

You may have occasion to connect two devices directly with Ethernet,which can cause a problem since both devices will use the same pair of

wires for transmitting data. The 2950 switches in your lab room arean example of such a connection. Regular straight-through cables willnot allow two such switches to directly communicate.

The cable type needed here is a crossover cable. The wire connected

to Pin 1 on one side will no longer be connected to Pin 1 on the other.

Here is the order of the wires in a crossover cable:

Local Cable End Pin 1 Pin 2 Pin 3 Pin 6

Remote Cable End Pin 3 Pin 6 Pin 1 Pin 2

The Or ig ina l Eth e rne t Stand ards

The first Ethernet standards were 10Base5 and 10Base2. Thenetworking devices youll soon be introduced to repeaters, hubs, and

switches were not part of this standard. The sole physicalcomponents were the Ethernet cards in the computers and coaxial

cable. The cable made up a bu s that all the connected devices woulduse. (This type of bus is referred to as a shared bus.)

If only one of the hosts on this network wanted to send data, there

would be no problem. When two hosts would send at the same time,though, a co l l i s ion would occur. When the signals would collide, both

would be rendered unusable. A standard had to be created that would

have the hosts follow rules relating to when they could send data andwhen they could now. This standard is Carr ie r Sense Mul t ip leAccess w i t h Co l l i s ion Detect ion , referred to as CSMA/CD.

Intro Exam Tip

The ending numbers in the terms 10Base5 and 10Base2 allegedlyrefer to the limit on the length of the cable, expressed in units of 100

meters.

This is true for 10Base5; the limit on the cable length is 500 meters.Its not quite accurate for 10Base2, though; the limit on that cable is

185 meters, NOT 200 meters.

15


18/93

If two of the three computers send data at the same time, a collisionoccurs. To avoid this, CSMA/CD forces computers to listen to the

Ethernet before sending in order to make sure that no other host onthe wire is sending. When the Ethernet segment is not busy, the

device that wants to send data can do so. The sender will thencontinue to listen, to make sure that sending the data didnt cause a

collision.

If a collision is heard, both of the senders will send aj am signalover

the Ethernet. This jam signal indicates to all other devices on theEthernet segment that there has been a collision, and they should notsend data onto the wire. (A second indication of a collision is the noise

created by the collision itself.)

After sending the jam signal, each of the senders will wait a random

amount of time before beginning the entire process over. The randomtime helps to ensure that the same thing doesnt happen again

immediately.

16


19/93

St r eng th en ing The Signa l W i th Repeate rs

We noted earlier that 10Base5 and 10Base2 have different cablelength maximums. Regardless of the length of the cable, there is

another problem that arises as the signal travels across the cable.

A t tenua t i on is the gradual weakening of a signal as it travels along

the cable. You can compare this to listening to a local radio station asyou drive out of the city. As you drive away from the stations tower,

the signal slowly gets weaker and other, stronger signals begin toaffect it as well. Eventually, the signal is lost.

Repeaters serve to strengthen the signal so it can cover moreground. A repeater doesnt just amplify the signal; a repeater will

actually listen to the original signal and will then generate a brandnew, clean signal that matches the one it received.

Intro Exam Tip

Since the repeaters strengthen the electrical signal itself, a repeater is

considered a Layer One device.

Seeing Stars (And Rings)

Ethernet is a shared bus topology, but what other physical network

types exist? There is a ringtopology, where the networked computers

are each connected to two others, forming a physical ring. Theresalso a startopology, where all the computers are connected to acentral device.

Youll sometimes hear Ethernet referred to as physical star, logical

bus. Thats because the computers are connected to a central device,whether that be a hub or switch; however, as youve seen, Ethernets

methodology is that of a logical bus.

17


20/93

Th e H u b I s I n t r o d u ce d I n t o Et h e r n e t N et w o r k s

The next step in Ethernets evolution was 10BASE-T. A device called ah ub was introduced.

Hubs were a step forward from the 10Base5 and 10Base2configurations, but the collision issue still exists with hubs. In this

example, only one of the three computers can transmit with no dangerof collisions. If two of these computers transmit, there is a danger ofcollisions.

The collision possibility exists because there is still a single shared bus.The next step, introducing the LAN switch into Ethernet networks,

would eliminate collision possibilities.

Intro Exam Tip

A hub is basically an advanced repeater, but its still a repeater. Hubsare considered Layer One devices.

18


21/93

LAN Sw i tches and Eth e rne t a t t he Da ta L ink Layer

LAN switches actively help prevent collisions. A switch does not act asa shared bus; each switch port is treated as a separate bus. If a

single computer is connected to each switch port, collisions cannot

occur.

Well be spending more time with LAN switches later in the Course.For now, note that when only one computer is connected to each

switch port in question, all computers can send data to each other withno danger of collisions.

Intro Exam Tip

Become familiar with the drawing used to symbolize a Cisco switch.

Youll be introduced to the symbol for a Cisco router later in theCourse.

19


22/93

How Sw i tches Make Fu l l -Dup lex Eth e rne t Poss ib le

Remember that in the original Ethernet specifications we discussed,there was a shared bus. This made it impossible for a device to sendand receive a frame at the same time, since this would result in a

collision. Ethernet ports that do not send and receive at the sametime are said to be running in ha l f - dup lex m ode .

As mentioned in the last section, if a device is the ONLY deviceconnected to a switch port, a collision cannot occur. Therefore, this

device can be permitted to send and transmit simultaneously.Ethernet ports that have the capability to send and transmit at the

same time are running in f u l l - dup lex m ode .

The Dat a Link Layer s Er r or Det ec t ion Serv ice

The Data Link layer performs error detection via the Frame CheckSequence (FCS) or the Cyclical Redundancy Check (CRC) in its trailer.

This field contains a value determined by the sender. Its determinedby running a complex mathematical formula on the data.

You dont have to know the formula, but what you do have to know is

that the receiver will run the same formula on the data that the senderdid. If the values are the same, there is no problem with the frame.

If the values are different, the data has corrupted.

I n t r o Ex a m Ti p

Note that error detectionand error recoveryare two very different

things. When the Data Link layer performs error detection, it does notperform error recovery on the frame. The frame is simply discarded.

When you see the terms error detection and error recovery in anexam questions, read the question twice to make sure you understand

which one youre talking about. The terms are not interchangeable.

20


23/93

Exam in ing The Da t a L ink Layer s Address ing Schem e

Address ing also comes into play at the Data Link layer. Theaddresses at Layer 2 are MAC addresses. These addresses are 6 byteslong, and are referred to by a 12-digit hexadecimal number.

Intro Exam Tip

On the job and in Cisco documentation, MAC addresses are expressedin dotted hexadecimal; for example, a123.b456.c789.

On occasion, you may see them expressed in another format, with

dashes between every other hexadecimal number. Just rememberthat a123.b456.c789 and a1-23-b4-56-c7-89 represent the same

MAC address. Its just the format of the address that is different.

There are several types of MAC addresses you should be familiar with.

The first and most common is a unicast MAC address. This would bethe MAC address of a computer, or router, or switch; it is a unique

MAC address and cannot be duplicated.

How is this address kept unique? When a LAN interface card iscreated, the MAC address will actually be burned into the card. (Thisis why MAC addresses are sometimes referred to as burned-inaddresses, or BIAs.) The first half of the address represents the

manufacturer; the second half is a number that this particularmanufacturer has never used on another LAN card. This guarantees

that every device has a unique MAC address.

The first half of the address, the part that refers to the manufacturer,is referred to as the Organizationally Unique Identifier the OUI.

MAC Address OUI

a123.b456.c789 A123.b4

We now know that unicast MAC addresses represent one, and only

one, device on the network. Broadcast addressesare the opposite;frames sent to a broadcast address will be sent to every device on the

Local Area Network. The broadcast MAC address is FFFF.FFFF.FFFF.

Multicast addressesare used to send data to a group of users, but notall users. Users have to be added to a multicasting group to receive

multicast traffic.

21


24/93

Conver t ing Hexadecim a l To Decim a l

You may be asked to perform hexadecimal-to-decimal conversion onyour Intro exam. Lets take a look at how to perform this conversion.

You may see the letters a through f in a hexadecimal number, suchas the hex number a7 or 1a. The letters have the following

decimal values:

a 10

b 11

c 12

d 13

e 14

f 15

Note that the letter values stop at 15. Thats because hexadecimaldeals with powers of 16.

Take the previous example a7. The 7 refers to the units of onein the number; the a refers to the units of 16. The decimal

conversion of this hexadecimal number is:

(a x 16) + ( 7 x 1)

We know that a equals 10 in decimal; 10 x 16 = 160. Since 7 x 1

= 7, just add 160 to 7 to get the decimal equivalent for this hexnumber.

This conversion is a little awkward at first, so lets go through another

example. The other example was 1a, meaning we have one unit of16 and ten units of 1. Add these two values, 16 and 10, and thedecimal equivalent of the hex number 1a is 26.

Another example: ec. Since e = 14 and c = 12, this gives us 14 X16, which equals 224, and 12 x 1, which equals 12. Add 224 and 12,

and the decimal equivalent of the hex number ec is 236.

Decimal-to-binary and binary-to-decimal conversion is coveredextensively in the Binary Math section.

22


25/93

Sect i on Th ree : I n t roduc t i on To W ide -A rea

N et w o r k s ( W A N s)

In Section Two, we learned about Local Area Networks (LANs). LANs

are typically found at a single location, such as a school or officebuilding. To allow LANs to communicate with other LANs, there has to

be a larger network in between. These are Wide-Area Networks

(WANs).

A point-to-point WAN connection is just what it sounds like: aconnection over a large geographical distance that has only one sourceand only one destination. Point-to-point WANs use two main Data

Link protocols, HDLC and PPP.

HDLC (High-Level Data Control) is the default for most WANconnections. HDLC has one major drawback in that it does not have

an authentication or encryption scheme. PPP does have authenticationand encryption options. These are covered in the ICND Course and

are not part of the Intro exam.

The Phy s ical Setu p Of A Typ ica l W AN

Note that routers are found on each end of the WAN. Where switches

may be used to connect LANs at a single location, routers are used toconnect LANs separated by larger geographical distances.

24


26/93

The router and the CSU/DSU are considered custom er prem ise

equipment, since its these physical elements of the WAN that arefound on the customers site. The CSU/DSU connects to both therouter and the phone company.

The other term of note is the demarcation point. This is the point at

which responsibility for cables and equipment switches from the

telephone company to the local customer, and vice versa. Thedemarcation point is typically the CSU/DSUs cable connection to the

telco. (I say typically because some of the longest discussions Iveever had on the phone were with phone companies who somehowthought my client was responsible for the phone lines.)

Theres a part of the entire WAN communication scheme that needs to

be looked at a little closer, and thats the relationship between therouter and the CSU/DSU.

The WAN circuit will operate at a certain speed, depending on what

your customers needs and how much theyre willing to pay for it. TheCSU/DSU at each end of the connection will be configured to run atthis particular speed. It would make no sense for the router to

transmit at a higher speed; therefore, the CSU/DSU will tell the router

at what rate to send the data. The CSU/DSU does this by sending aclock rat eto the router.

25


27/93

For Fut ur e Referen ce

As you progress through your Cisco studies, youll want to start

assembling your own practice lab. You can actually simulate a WANbetween two Cisco routers by directly connecting their Serial interfaces

with a DTE/DCE cable. One of the two interfaces will be configured asthe DCE, and supply clock rate to the DTE; in this way, a Cisco router

can effectively serve as a CSU/DSU in a practice lab.

On a DTE/DCE cable, the ends are usually marked clearly. Once in awhile, youll find one that isnt. To see whether the cable end attached

to a serial connector is the DTE or DCE end, use the show con t r o l l er sser ia l command.

I n t rodu c t ion To Fram e Re lay

Point-to-point connections are great, but theyre expensive. A morecommon WAN technology is Frame Relay, which is used to reach

multiple destinations from a single source.

Frame Relay is sparsely mentioned on the Intro exam. However, it isan important part of most WANs, and is an important topic on all yourfuture Cisco exams. Heres an introduction to Frame Relay.

Frame Relay is a Layer 2 connectivity method that delivers one majorbenefit over point-to-point links: cost .

Frame Relay uses v i r t ua l c ir cu i t s, either permanent or on-demand,

which is a logical path between two DTEs. There will not be a directphysical connection between the two DTEs. Instead, a logicalconnection is formed through a path of DCEs. This path is referred to

as a f ram e re lay cloud .

26


28/93

Many users will share the same frame relay cloud. The frame relay

service provider guarantees a certain amount of bandwidth will beavailable to a given user at any time. The more guaranteed bandwidthdesired, the more it costs, but its still cheaper than a dedicated point-

to-point link.

A PVC can be f u l l -mesh or pa r t i a l -mesh . A full mesh describes atopology where every router has a logical connection to every other

router in the frame relay network.

27


29/93

More common is the partial-mesh configuration, where a single router(the hub ) has a logical connection to every other router (the spokes) ,

but the spokes do not have a logical connection to each other.Communication between spokes will go through the hub.

DLCI Addr essing

Frame Relay VCs use Data-Link Connection Identifiers (DLCIs) as their

addresses. Unlike other Cisco technologies, VCs have only a singleDLCI in their header. They do not have a source and destination.

The reason is that DLCIs have loca l sign i f icance on ly . The sameDLCI can be used on different access links in the same network, butthe same DLCI cannot be used on multiple access links on the same

router.

28


30/93

Sect i on Fou r : I n t roduc t i on To LAN Sw i t ch ing

Operating at Layer Two, LAN switches help reduce the number of

collisions in a network. Before we look into how switches do this, letstake a look at general switching theory.

The basic purpose of a switch is to receive a Layer 2 frame on a switchport, examine the source and destination MAC address, and perform

one of three operations:

A. If the destination is a unicast but the destination address is

unknown, forward the frame out all ports excep t t he po r t onw h i ch t he f r am e w as rece i ved .

B. If the destination is a unicast and the destination is known, andthe exit port for that destination is not the same port on which

the frame was received, forward the frame out the correct portand no others. (If the port to reach the destination is the same

port on which the source resides, the frame is said to be filtered it is not forwarded out any port.)

C. If the destination is a broadcast or multicast, forward the frame

out all ports except the frame on which it was received.

A MAC address becomes known by being placed into the MAC

Address Table.

How The MAC Address Table Is Built

The basic operation of the switch revolves around the MAC address

table, sometimes referred to as the bridging table. The switch isconstantly referring to this table to decide whether to forward or filter

a frame.

When a frame is received, the switch does not just look at thedestination. The switch also looks at the source to see whether the

MAC table has an entry for the source. If it does not, the switch willmake an entry in its MAC table noting upon which port that source

address can be reached. If there is already an entry for the sourceMAC address, the source then examines the destination address. This

method of examining source addresses is the main fashion in whichthe MAC table is built.

28


31/93

Pretty dry theory, eh? It becomes much clearer by examining theprocess step by step.

A frame is sent from HostA to HostB. HostAs MAC address isaaaa.aaaa.aaaa and is connected to the switch on port fast0/1, and

HostBs MAC is bbbb.bbbb.bbbb and is connected to port fast0/2. Theswitch was just added to the network and has no entries in its MAC

table.

When the switch receives this frame, it will first examine the sourceaddress and check its MAC table for an entry for that host. Since thetable is empty, theres no entry for HostA. The switch will now make

an entry in its MAC table indicating that HostA, with MAC addressaaaa.aaaa.aaaa, can be reached on port fast0/1:

Device MAC Address Port

HostA aaaa.aaaa.aaaa 0/1

HostB ? ?

29


32/93

The switch now knows what port to forward frames on that aredestined for HostA. The frame is destined for HostB, though, and the

switch does not have any idea what port that host can be found on.The switch will now forward that frame out every single port exceptthe port that the fram e was received on.

HostB will now respond. The frame comes in on port fast0/2. The

switch checks the MAC table for Host B, sees that it does not have anentry for that host, and makes an entry in its MAC table, which nowlooks like this:



HostB bbbb.bbbb.bbbb 0/2

30


33/93

The switch now looks in its MAC table for an entry for HostA. There isone, so the frame will be forwarded out port 0/1 only. When HostA

replies, instead of the flooding of frames that took place the first timeframes were sent to HostB, the switch now has an entry for HostB aswell, and can send the frames directly to HostB via port fast0/2.

The switch also uses the MAC table to determine when to filter frames.The switch will always filter frames when the source and destination

can be found off the same port.

Once HostC begins to send packets to HostB, the switchs MAC table

will look like this:



HostB bbbb.bbbb.bbbb 0/2

HostC cccc.cccc.cccc 0/1

31


34/93

The switch has seen packets come in on port 0/1 with a sourceaddress of both aaaa.aaaa.aaaa and cccc.cccc.cccc, so the switch

knows that HostA and HostC can both be found off port 0/1.

If HostA then transmits to HostC, or vice versa, the switch will receive

these frames. There is no reason for the switch to forward theseframes back out the same port, or any other port. The switch will filter

frames when the source and destination are reachable via the same

port.

Broadcasts And Multicasts

Broadcasts are forwarded out all interfaces except the port on which itwas received. Broadcasts have a MAC address of FFFF.FFFF.FFFF. By

default, multicasts are handled in the same fashion, although they donot share that MAC address with broadcasts.

32


35/93


36/93

I n t rodu c t ion To The Spann ing T ree Pro t oco l

In almost every switching network, there will be path redundancy that is, there will be more than one way to get to a given destination.If all the paths were available at all times, loops would form. The

Spann ing Tree Pro t oco l ( STP) prevents these loops from occurringby placing ports along the most desirable path into forwarding mode,

while ports along less-desirable paths are placed into blocking mode.

In this fashion, only one path is available and a loop cannot occur.

If a problem arises with the available path, STP will run the spanning-tree algorithm to recalculate the available paths and determine thebest path. Ports along the new best path will be brought out of

blocking mode and into forwarding mode, while ports along less-desirable paths are placed into blocking mode. In this fashion, only

one path is available and a loop cannot occur.

If a problem arises with the available path, STP will run the spanning-tree algorithm to recalculate the available paths and determine the

best path. Ports along the new best path will be brought out ofblocking mode and into forwarding mode, with the end result againbeing a single path between LAN segments.

STP is covered in-depth in the ICND Prep Course. For now, know thatSTP is a loop-prevention feature in Cisco switches, where ports along

the most-desirable route are put into forwarding mode, and ports

along less-desirable routes are put into blocking mode.

Bonus Mate r ia l ! The detailed operation of Spanning Tree Protocol isnot part of the Intro curriculum. For those of you that want to know

how it works, theres a step-by-step illustration of the STP process atthe end of this section!

34


37/93

I n t rodu c t ion To V ir t ua l LANs ( VLANs) And T runk ing

By default, switches forward broadcasts. Consider a situation whereyou have 8 different devices connected to a switch. Since switchesflood broadcasts by default; the broadcast will be sent out all

interfaces except the one it was received on. As the number ofdevices connected to the switch increases, the amount of bandwidth

taken up with unnecessary broadcasts increases.

The Default Behavior Of A Switch Receiving A Broadcast:

If your users are grouped into multiple departments, there is no need

to users not in their department to receive these broadcasts.Preventing those broadcasts from reaching unnecessary users cansave a great deal of bandwidth. Or perhaps for security purposes,

the departments need to be kept separate on the switch, and unableto be reached from ports in other departments.

VLANs allow this kind of logical grouping. A VLAN is simply a group of

ports placed into its own, smaller broadcast domain. Layer 2 switcheswill forward frames between ports in the same VLAN, but will not do so

between ports not in the same VLAN.

35


38/93

Consider the previous example. Three VLANs have been created;VLAN 10, 20, and 30. Broadcasts sent by a host in VLAN 10 will only

be forwarded to other hosts in VLAN 10. Hosts in other VLANs willnever see the broadcasts.

Switches Do Not Forward Broadcasts Between VLANs.

The problem that arises is that notraffic is going to be sent betweenVLANs. A PC in VLAN 10 will be unable to communicate with a PC in

VLAN 30, and vice versa. Communication between devices in different

VLANs requires the use of a Layer 2 / Layer 3 switch, or a router.

The switch currently focused on in the Intro exam, the 2950, cannotperform this task; use of a router will be required. The configurationto allow this is outside the scope of the Intro course.

36


39/93

Trunk ing refers to allowing VLAN traffic to flow over interconnectedswitches in the same network. In order for a switch to know what

VLAN a frame received from another switch is destined for, a tag isplaced on the frame indicating the destination VLAN. In this fashion, aVLAN with members on multiple switches can communicate.

Cisco switches can generally use one of two trunking protocols, ISLand IEEE 802.1q, commonly referred to as dot1q. Note that the

2950 switch does n o t support ISL trunking, but many other Ciscoswitches do.

ISL is the Cisco-proprietary trunking protocol. For this reason, it can

only be used between two Cisco switches. The entire frame isencapsulated with an ISL header and trailer.

Dot1q is the industry standard for trunking; if a non-Cisco switch isinvolved in the trunk, this is the trunking protocol to use. Dot1q does

not encapsulation the entire frame. Instead, a 4-byte header is addedto the Ethernet header, indicating the VLAN to which the frame is

intended.

37


40/93

Bonus Mate r ia l !

NOTE: The fo l l ow ing m ate r ia l is no t t ested on

th e Ci sco I n t roduc t i on To Netw o rk ing

e x am i n at i o n . I t i s p r o v i d ed t o f u r t h e r y o u r

un ders tand ing o f t he Spann in g Tree Pro t oco l .

The Spanning Tree Process

STP must first determine a r oo t b r i dge for every LAN. When a switchis first powered on, it believes it is the root bridge for every single

LAN. Since your network has multiple switches, and they all believethey are the root bridge for every LAN, there must be an election

process to determine the true root bridge for each LAN.

The election process is carried out by the exchange of BPDUs (BridgeProtocol Data Units). The BPDU contains the following data:

A. The Cur r en t Roo t Br idge s Br idge I D (B I D) . The BID is acombination of the bridges priority and MAC address. At the

beginning of the election process, every switch thinks it is the

root, so this will at first be the sending routers BID. As theelection progresses, this BID will be the BID of the switch thatthis switch considers to be the root bridge. The bridge with the

lowest BID will be the root bridge. The default priority value is32768 for all switches; therefore, since the lowest BID wins, the

switch with the lowest MAC address will become the root bridgeunless the priority is changed.

B. Cost To Reach Root From Th is Br idge: STP considers thepath to have the lowest cost to be the best path.

C. BI D Of The BPDUs Sender : This simply identifies whichswitch sent the BPDU.

When a BPDU reaches a frame, it examines the BID of the switch that

the sending switch thinks is the root bridge. If that BID is lower thanthat of the receiver, the receiver begins sending BPDUs announcing

that switch as the root bridge. If the incoming BID is higher than thatof the receiver, the receiver continues to announce itself as the root.

This process continues until every switch has agreed on the rootbridge.

38


41/93

In the following example, two switches held an election to determinewhich of them is the root bridge for Virtual LAN 10. (Virtual LANs, or

VLANs, are discussed later in this chapter.) When VLAN 10 isconfigured, both switches think they are the root bridge for that VLAN.

The switches send each other BPDUs, containing the BID for each

router. Remember, the lowest BID wins. Since the routers priorities

for VLAN 10 will be the same, the lowest MAC address will result in thelowest BID.

39


42/93

To view the results of the election, the command show spann ing -t r ee VLAN 10 is used:

40


43/93

Examining the output from show spann ing - t r ee v lan 10 on bothswitches, we note the following:

A. The root bridge is indicated by the message this bridge is theroot on SW1.

B. There are three paths traffic destined for VLAN 10 could take;port 0/19, 0/20, and 0/22. On the root bridge, all three ports

are in Forwarding mode. This is the expected and desired

behavior.C. On the non-root bridge, SW2, only one of the ports is in

forwarding mode, fast 0/19. This is the expected and desiredbehavior. This is the r o o t p o r t , the port with the lowest cost tothe root. Since all three ports in this case have the same cost,

the tiebreaker is the port priority, found under the prio.nbrfield.

Note the two fields Root ID and Bridge ID. The Root ID

information will be the same on every switch once the election isfinished and the root bridge has been elected. The Bridge ID will be

different on every switch; this is the BID, MAC address, and timerinformation of the local switch.

I n The REAL Wo r ld

Leaving root bridge selection up to Ciscos defaults is not good networkdesign. In a network with 100 switches, the same switch would end

up being the root switch for every LAN in the network.

Once the root bridge and root ports on non-root bridges have been

determined, there is one final set of ports that need to be put intoforwarding mode. If an Ethernet segment has multiple bridges, only

one bridge should be forwarding onto that segment. The bridge withthe lowest cost to the root bridge will be elected the des igna ted

b r i dge for that segment, and its port on that Ethernet segment is the

des igna ted por t .

41


44/93


45/93

process, lets examine the actions of each switch as it receives BPDUsfrom the other two switches.

Switch As Behavior During The Root Bridge Election:

Switch A receives BPDUs from Switch B and Switch C, each claimingthey are the root bridge. Switch A examines their BIDs, and sees thatits own BID is lower than either of the other bridges BIDs. Switch A

will continue to advertise itself as the root bridge.

43


46/93

Switch Bs Behavior During The Root Bridge Election:

Switch B receives BPDUs from Switch A and Switch C, each claimingthey are the root bridge. Switch B examines the BIDs from these

switches. SwitchB sees it has a lower bid than Switch C, but a higherbid than Switch A. Switch B recognizes Switch A should be the root

bridge due to its lower BID. Switch B will now send BPDUs namingSwitch A as the root bridge.

44


47/93

Switch Cs Behavior During The Root Bridge Election:

Switch C receives BPDUs from Switch A and Switch B. Switch C will

see that it has a higher BID than Switch A, and also that Switch B isnaming Switch A as the root bridge. Switch C will now recognize

Switch A as the root bridge and will send BPDUs naming Switch A as

the root bridge.

All three bridges now recognize Switch A as the root bridge.Accordingly, ports 0/1 and 0/2 on Switch A are now placed into

Forwarding mode.

Next, the root ports on each non-root bridge must be selected. Eachnon-root bridge has two different ports that it can reach the root

bridge through, but the cost is lower on the directly connected ports.Those ports will now be selected as the root port on their respective

switches.

The Current Port Status On All Three Switches:

Bridge Type Forwarding Ports

SwitchA Root All

SwitchB Non-Root Port 0/1

SwitchC Non-Root Port 0/1

45


48/93

Finally, either Switch B or Switch C must be elected the designatedbridge of the LAN segment connecting them. Switch B is advertising

to Switch C that it can reach the root with a cost of 175; Switch C isadvertising to Switch B that it can reach the root with a cost of 100.The lowest cost will win the election, resulting in Switch C becoming

the designated bridge, and port 0/2 on Switch C is the designated portfor that LAN segment.

46


49/93

The Final Bridge And Port Assignments And States:

Bridge Type Forwarding Ports Blocking Ports

SwitchA Root Bridge All, by default None, by default

SwitchB Non-Root 0/1 (Root Port) 0/2

SwitchC Designated Bridge 0/1 (Root Port),0/2 (Designated Port)

None

47


50/93

Sect i on Fi ve : I n i t i a l Rou t e r

Con f ig u r a t ion , The Cisco Boot

Pr ocess, Passw or d Secur i t y .

Terminology Used In This Chapter:

ROM: Read-Only Memory. ROM stores the routers bootstrap startupprogram, operating system software, and power-on diagnostic test

programs.

Flash Memor y : Generally referred to as flash, the IOS images are

held here. Flash is erasable and reprogrammable ROM. Flash memorycontent is retained by the router on power-down or reload.

RAM: Random-Access Memory. Stores operational information such

as routing tables and the running configuration file. RAM contents arelost when the router is powered down or reloaded.

NVRAM: Non-volatile RAM. NVRAM holds the routers startupconfiguration file. NVRAM contents are not lost when the router is

powered down or reloaded.

I OS: Internetwork Operating System. The routers operating system

software.

48


51/93

The Rout er Boot Process

When a Cisco router powers up, it first runs a POST (Power-On Self

Test). The POST is a series of diagnostic tests designed to verify thebasic operation of the network interfaces, memory, and the CPU.

After the router passes the POST, it looks for a source from which toload a valid Internetwork Operating System (IOS). The router has

three sources from which it can load an IOS image:

1. Flash memory (the default).

2. A TFTP server. (Trivial File Transfer Protocol)3. Read-Only Memory (ROM)

For the router to look for the IOS from a TFTP server or from ROM, a

change must be made to the configuration register, discussed in alater section.

Once the IOS is found, the router looks for a valid startupconfiguration file. By default, the router will look for the startup

configuration file in Non-volatile RAM (NVRAM).

The router can be configured to load the startup configuration file from

a TFTP server as well. If the startup file cannot be loaded from the

TFTP server, the router will attempt to load it from NVRAM.

If no valid startup configuration file is found, the router enters setup

mode, where the router run the system configuration dialogue, a

series of questions involving basic router setup. This mode requiresuser input.

49

In The REAL World

When configuring a router from scratch, most engineers prefer to do sofrom the Command Line Interface (CLI) than going through Setup mode.

The first question the router will ask is, Would you like to enter theinitial configuration dialog? To avoid going through Setup mode andconfigure the router from the CLI, answer N to that question, and Yto the next question, Would you like to terminate autoinstall?

After youve configured a few routers in Setup mode and from the CLI,decide for yourself which method you prefer.


52/93

User Exec and Enable Modes

A prompt appears to press RETURN ( the key) to begin,

interface status messages appear, and the prompt looks like this:

Press RETURN to get started!

Cisco Internetwork Operating System Software

Copyright (c) 1986-2000 by cisco Systems, Inc.%LINEPROTO-5-UPDOWN: Line protocol on Interface Ethernet0, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial1, changed state to down%LINK-5-CHANGED: Interface Ethernet0, changed state to administratively down

%LINK-5-CHANGED: Interface Serial0, changed state to administratively down

%LINK-5-CHANGED: Interface Serial1, changed state to administratively down%LINK-5-CHANGED: Interface TokenRing0, changed state to administratively down

Router>

The router is in user EXEC mode.

This mode is user exec mode . The main use for this mode is to use

it as a platform to log into pr i v i l eged exec m ode , the mode in whichthe startup and running configuration of the router can be changed.

Router>Router>enableRouter#

The enable command takes the user from user exec to privileged exec mode. Privileged execmode is indicated by the # ollowin the routers hostname, which is currently router.

To go back to user exec from privileged exec, use the l ogou tcommand.

Router#logout

Router con0 is now available

Press RETURN to get started.

Router>

The user is back in user exec mode.

50


53/93

Rout e r Modes

Global configurat ion m odeis entered by typing con f i gu re t e rm ina l in

privileged exec mode. (con f ig t and con f t do the job.)

Once a command is set in global configuration mode, it is set once

and affects t he en t i r e r ou te r .

Examining the configuration of a global command, beginning in user exec mode.

Router>enable

Router#conf t

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#hostname R3

R3(config)#^ZR3#

Looking at that configuration from the top line down:

The enable command takes the router into privileged exec mode, where changes to

the running configuration can be made.

conf tis short forconfigure terminal, meaning that all commands that are entered

after this are written to the running configuration, kept in RAM.

The global commandhostname is run. Note that it takes effect immediately, as seenon the next line of the configuration.

CTRL-Z appears as ^Z on the screen. This command takes the user back to

privileged exec mode, as seen on the last line.

The h o s t n a m e command is now written to the running configuration,which is kept in RAM; this will be lost if the router loses power before

the current running configuration is saved.

To copy the running configuration over the current startingconfiguration, thereby retaining changes made since the last save, run

copy run s ta r t in global configuration mode.

R3#copy run startBuilding configuration...

[OK]

51


54/93

I nterface Configurat ion Modeis entered from global configurationmode. Use the i n te r face command followed by the interface to beconfigured:

R3#conf t

Enter configuration commands, one per line. End with CNTL/Z.R3(config)#interface ?

Async Async interface

BVI Bridge-Group Virtual InterfaceDialer Dialer interface

Ethernet IEEE 802.3

Group-Async Async Group interfaceLex Lex interface

Loopback Loopback interfaceNull Null interfaceSerial Serial

TokenRing IEEE 802.5

Tunnel Tunnel interface

Virtual-Template Virtual Template interface

R3(config)#interface serial0

R3(config-if)#

Cisco IOS Help is accessed with the ? to display all possible options of the

interface command. CCNA candidates will be primarily concerned with the Dialer,Ethernet, Loopback, and Serial interfaces.

At the bottom of the configuration, after entering interface serial0 to configure that

interface, the prompt changes to config-if, indicating the router is now in interface

mode.

I OS HELP

IOS Help is called with the question mark symbol. By typing the ?after a command and a space, the various options for that command

are shown, as was illustrated in the previous example.

IOS Help can also be accessed by typing part of a command andentering a question mark without leaving a space between the two.

52


55/93

Examining both uses of IOS Help.

R3#conf?

Configure

The question mark is entered directly afterconf, which then lists all possible commands

in this mode that begin with that string of letters.

R3#conf ?

memory Configure from NV memory

network Configure from a TFTP network hostoverwrite-network Overwrite NV memory from TFTP network host

terminal Configure from the terminal

When the question mark is preceded by a command AND a space, IOS Help will then

list all available options for the command.

Conf igu r ing Rou te r Passw ords

The first two passwords to configure are the enable secre t and

enab le passw ord . If the names sound alike, thats because theyhave the same function. The user will be prompted to enter thispassword when entering privileged exec mode. The enable passwordis for older routers, also referred to as legacy routers. The enable

secretpassword will be used by the majority of the users.

If both passwords are in effect, the enab le passw ord will not be

used.

53

Examining the configuration and operation of the enable secretpassword.

R3#conf tR3(config)#enable secret GETYOURCCNA

R3(config)#^Z

R3#logout

The enable secretpassword has been set. Users will be prompted for this password when

attempting to enter privileged exec mode. To test this, the current user has been logged

out with the logout command.

R3 con0 is now available


R3>en

Password:R3#The user was prompted for the enable secret password before being allowed into

privileged exec mode. The password does not appear as it is being keyed in.


56/93

A password can also be set for the console. Enter line configurationmodewith the command l ine conso le 0 , enter l og in to have the userprompted for a password when logging on to the console, and the

passwo rd command is used to set the password.

Examining the logon process for a router with a console and enable secret password.

First, the console password is configured:

R3#conf t

Enter configuration commands, one per line. End with CNTL/Z.R3(config)#line console 0

R3(config-line)#login

R3(config-line)#password CISCO

R3(config-line)#^ZR3(config)#logout

R3 con0 is now available


User Access Verification

Password: < CISCO was entered here >

R3>enPassword: < GETYOURCCNA was entered here. >

R3#

The user is now prompted for the console password before user exec mode can be

accessed. After entering that password, the user is prompted for the enable secret

password to enter privileged exec mode.

54


57/93

Encrypting All Router Passwords In The Running Configuration

After configuring a console password and a telnet password, the

passwords appear in the running configuration in clear-t ext.

,

R3#show config

< output truncated for clarity >

!line con 0

password GETYOURCCNA

login

line aux 0line vty 0 4

password CISCO

login!

end

By default, only the enable secret password will be encrypted in therunning configuration. To encrypt all passwords in the running config,

use the global command serv ice passw ord -enc ryp t ion .

R3#conf t

R3(config)#service password-encryption

R3#show config

service password-encryption

!

line con 0

password 7 10692C2D3C3827392F27040Alogin

line aux 0line vty 0 4

password 7 14343B382F2B

login!

end

The passwords are now encrypted and cannot be read from the

running configuration.

55


58/93

Cisco Discovery Protocol

Cisco Discovery Protocol (CDP) runs by default between all directly

connected Cisco devices.

R2#show cdp neighbor

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge

S - Switch, H - Host, I - IGMP, r - Repeater

Device ID Local Intrfce Holdtme Capability Platform Port ID

R1 BRI0 167 R 2521 Dialer1

Show cdp ne ighbor displays all directly connected Cisco routers and

switches. CDP is Cisco-proprietary, so it will not display non-Ciscodevices.

This command is particularly helpful when troubleshooting Ciscoswitches. Theres no need to trace wiring in a rack of Cisco devices to

see what routers are connected to a Cisco switch when show cdp

ne ighbor can be used.

CDP can be disabled at both the global and interface level. To disable

CDP at the interface level, run no cdp enab le on the interface, andcdp enab le to turn it back on.

By default, the cdp t im e r defines how often CDP packets are

transmitted, and cdp ho ld t im e defines how long a device will hold areceived packet.

To turn CDP off for the entire router, run no cdp run . To view the

current global status of CDP, run show cdp .

56


59/93

Displaying CDP information, and disabling CDP at the interface and global level.

R2#show cdpGlobal CDP information:

Sending CDP packets every 60 secondsSending a holdtime value of 180 seconds

CDP is running by default.

R2#conf t

R2(config)#cdp timer 45

R2(config)#cdp holdtime 100

The CDP timers are changed.

R2#show cdp

Global CDP information:

Sending CDP packets every 45 secondsSending a holdtime value of 100 seconds

The CDP values have been successfully changed. show cdp interface will give the timer

information for each interface on the router.

R2#conf t

R2(config)#interface bri0R2(config-if)#no cdp enable

CDP is disabled on the BRI interface. This does NOT have to be done to keep the line from

dialing, as will be shown.

R2#conf t

R2(config)#no cdp run

CDP is disabled globally.

R2#show cdp

% CDP is not enabled

CDP has been successfully disabled.

57


60/93

58

CDP Packets Do NOT Make An I SDN L ink Dia l Or Stay Up!

Occasionally, ISDN links that dial mysteriously or stay up after dialingare blamed on CDP packets making the line dial. This does NOT

happen.

CDP has been reenabled on R2 at both the global and BRI interfacelevel. R1 and R2 do not see themselves as directly connected,according to show cdp neighbo r . This is because the line is down.

R2#show cdp

Global CDP information:Sending CDP packets every 45 seconds

Sending a holdtime value of 100 secondsR2#show cdp nei

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge

S - Switch, H - Host, I - IGMP, r - Repeater

Device ID Local Intrfce Holdtme Capability Platform Port ID

< No CDP Neighbors are shown. >

Aping is sent from R1 to R2, bringing the line up. (IP traffic is still defined asinteresting.) R1 and R2 will now exchange CDP packets andshow cdp neighborsdisplays the opposite router:

R1#p ing 172 .12 .21 .2

Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 172.12.21.2, timeout is 2 seconds:

.!!!!Success rate is 80 percent (4/5), round-trip min/avg/max = 36/36/36

R1#show cdp neighborDevice ID Local Intrfce Holdtme Capability Platform Port ID

R2 Dia ler1 84 R 250 0 BRI 0

No interesting traffic is sent over the line, but CDP packets are still going over the line.

The CDP packets clearly do not keep the line up. When the CDP holddown timer expires,

the routers no longer see each other as CDP neighbors.

R1# show d ia l erBRI0:1 - dialer type = ISDN

Idle timer (120 secs), Fast idle timer (20 secs)Wait for carrier (30 secs), Re-enable (15 secs)D ia ler s ta te i s i d le

R1#show cdp neighborDevice ID Local Intrfce Holdtme Capability Platform Port ID< When the CDP holdtime expires, the neighbor R2 is no longer seen. The ISDN line is

down, and CDP neither kept the line up nor made it dial. >


61/93

Physical I n t e r faces, Log ical I n t e r faces , and I P Addressing

The Frame Relay section and labs gave you a taste of the different

kinds of network interfaces that are available. Lets take a closer lookat each.

Physical interfaces are just that. If youre putting an IP address on orconfiguring a whole interface, such as Ethernet0 or Serial1, youre

configuring a physical interface.

There are two main types of logical interfaces, multipoint and point-to-point. Logical interfaces give you the ability to put a single physical

interface into more than one network, or to allow for future networkadditions.

Lets say you have a single Serial interface going out to your FrameRelay cloud. You know that in the future, you may have to configure a

point-to-point link on that interface, but for now, you need to be ableto communicate with two other devices on that same link. You can

configure a multipoint interface to the two devices you need tocommunicate with now, and you will be able to configure a point-to-

point logical interface in the future.

Certain routing issues do arise when multipoint and point-to-point links

are configured. You will configure both kinds of interfaces and beshown these issues in the labs for the routing protocol section.

59


62/93

Sect ion Six : TCP an d UDP

For your Intro exam and a solid foundation for your ICND study, you

need a solid understanding of the differences between TCP and UDP,

and which protocols run them. Well also take a look at IP addressingas we move on to Layer Three.

To begin our comparison of TCP and UDP, lets take a look at themakeup of each.

The TCP Header Fields

The UDP Header F ie lds

Obviously, theres a lot more going on with TCPs fields than UDPs

fields. This is because TCP performs offers many more features than

UDP. We went over several TCP features earlier in the course, butthey bear reviewing.

60


63/93

TCP, the connection-orientedpacket delivery method, provides severaladditional services to prevent lost data:Flow Con t ro l

TCP uses a series of acknowledgements to enforce flow control. Withflow control, when one router receives a packet, it sends anacknowledgement, or ack, back to the sender. If the sender does

not receive an ack for a segment it sent, the segment will be resentand reassembled in the correct order at the receiver. This prevents

the receivers buffer from being overburdened, since packets that arenot received due to a full buffer are not acknowledged.

In effect, flow control allows the receiver to tell the sender when to

slow down.

W i n d o w i n g

If the sender waits for an ack from the receiver before sending another

data segment, the transmission is going to be unacceptably slow. Forthis reason, TCP allows windowing. This term refers to data sent

during the time after the sender sent a packet, but before it completesprocessing the acks it received.

The term size of the window refers to the number of packets the

sender can transmit before it must wait for an ack. If the size of the

window is three, the sender can transmit three data segments beforeit must wait for an ack.

61


64/93

Err or Recovery

TCP offers error recovery through use of the Sequence andAcknowledgement fields in its header. The Sequence number is usedin one direction, and the Acknowledgement number is used in the

opposite direction.

Here, HostA sends three segments to HostB. Each contains a sequence

number. HostB will now send an acknowledgement to HostA. Theack number is actually the number that HostB expects to see on the

next segment it receives from HostA.

How does this allow for error recovery? If the ack number sent by the

receiver doesnt match the next sequence number the sender isscheduled to use, the sender knows not only that segments were lost,

but can tell what segments were lost by the ack number it receives.

The sender sees an ack number of 30 in the ack sent from thereceiver. The sender knows thats the number the receiver expects to

62


65/93

see in the next segment, so the first transmission of that segmentmust have been lost. The sender will retransmit that segment.

Wh y TCP I s Cons ide red Connec t ion -Or ien t ed

Youll see the terms connection-oriented and connectionless usedthroughout your Cisco studies to describe TCP and UDP, respectively.

TCP is connection-oriented because it establishes a connection

between the sender and the receiver before any data segments areactually sent. Lets review the basics of the TCP three-way handshake.

1. The sender requests synchronization with the receiver.2. The request is acknowledged, and the rules of the connection are

agreed upon. The receiver then requests synchronization withthe sender, resulting in a bidirectional (two-way) connection.

3. The sender acknowledges the connection agreement and thatthe connection now exists, and data can now be transferred over

the newly constructed connection.

How Large Can TCP Segm ent s Be?

TCP has to have a method of limiting the size of the data segments,

since an application may send data that is several hundred thousand(or millions) of bytes.

The limit on data segments is the Maximum Transmission Unit (MTU).TCP segments usually have an MTU of 1500 bytes, since thats thelimit of the size of most IP packets.

These segments will be reassembled by the receiver. The receiveruses the Sequence numbers to put the segments back together in the

right order.

63


66/93

The User Datag r am Pro toco l ( UDP)

Reexamining the UDP headers, note the absence of sequence numbersand acknowledgement numbers. UDP offers no reliable delivery, nowindowing, and no flow control. UDP is a best-effort delivery

mechanism, meaning that UDP will do its best to deliver the segments,but no guarantees are made, and UDP cannot detect when segments

are lost.

UDP is connectionless; UDP makes no attempt to create a connection

before data segments are transmitted.

TCP obviously has many advantages over UDP. Therefore, why use

UDP? Compare the UDP and TCP headers at the beginning of thissection. The UDP header is much smaller; TCP has a larger overhead.

Also, since TCP uses acknowledgements and UDP does not, TCP willneed to buffer segments where UDP doesnt, tying up router

resources.

Note that the UDP frame does have a checksum. UDPs checksum isoptional; the receiving device can use this to test data integrity.

W hich Pro t oco ls Use TCP? W hich Pro t oco ls Use UDP?

Heres a list of protocols you should be familiar with before taking your

Intro exam, along with whether they run on TCP or UDP.

TCP: File Transfer Protocol (FTP); Telnet; Simple Mail TransferProtocol (SMTP); DNS; HTTP; POP3.

UDP: Trivial File Transfer Protocol (TFTP); DNS; DHCP; Simple

Network Management Protocol (SNMP).

64


67/93

I n t r o Ex a m Ti p s

Notice that DNS uses TCP andUDP. DNS uses UDP primarily as atransport protocol.

Dont get SMTP and SNMP mixed up; SMTP uses TCP, SNMP uses UDP.

TCP UDP

Connectionless

Or Connection-Oriented?

Connection-oriented Connectionless

Error Checking? Yes Limited

Delivery Description Guaranteed Best-Effort

Data Recovery ? Yes No

Sequencing? Yes No

Flow Control? Yes No

Windowing? Yes No

Wel l -Know n TCP and UDP Por t Num bers

A p o r t n u m b e r represents an endpoint or "channel" for network

communications. Port numbers allow different applications on thesame computer to utilize network resources without interfering witheach other.

Youll often hear the term well-known port numbers. These are portnumbers that are the same on every networking device. (Portnumbers 1023 and below are considered well-known port numbers.)

Be very familiar with the following well-known port numbers:

FTP 21

Telnet 23

SMTP 25

DNS 53

TFTP 69HTTP 80

SNMP 161

65


68/93

Section Seven: Introduction To Binary Math andSubnetting

The Importance Of Knowing Binary Math

Do not rely on chart memorization when converting binaryvalues to decimal, and vice versa, or when subnetting.Performing binary math conversions is simply a matter ofaddition and subtraction, and true mastery of binary math isachieved through practice, not memorization. The ability toperform these conversions and to subnet is imperative notonly for the CCNA exams, but for success on CCNP and CCIE

exams, and in a real-world job. CCNAs who trulyunderstand binary math have a huge advantage over thosewho memorized a chart long enough to get through theexam and then promptly forgot it.

Conv er t ing Dec im al Values To B inary

Consider the default mask for a Class A network, 255.0.0.0. Broken

down at the bit level, the value is derived in this fashion:

128 64 32 16 8 4 2 1

First Octet 1 1 1 1 1 1 1 1

Second Octet 0 0 0 0 0 0 0 0

Third Octet 0 0 0 0 0 0 0 0

Fourth Octet 0 0 0 0 0 0 0 0

To convert a decimal value into a binary value, take the binary numberand, working from left to right, determine whether subtracting the

value of the binary column from the decimal value would result in apositive remainder or negative number.

A. If subtracting the binary value from the decimal value would

result in a positive remainder, subtract that value, put a 1

under that binary value column, and repeat the operation withthe next binary value until you reach the end of the column or

your binary value is zero.

65


69/93

B. If subtracting the binary value from the decimal value wouldresult in a negative number, place a 0 in the binary column,

and repeat the operation with the next columns value.

That sounds complicated, but after going through some examples, it

becomes obvious that decimal-to-binary conversion is simply a matterof addition and subtraction.

With subnetting, decimal values will always be broken down intobinary using this chart:

128 64 32 16 8 4 2 1

Taking the example of a Class A mask, 255.0.0.0, draw a chart with

those values at the top, and put four rows under it, one for each octet.

128 64 32 16 8 4 2 1

First Octet

Second Octet

Third Octet

Fourth Octet

The first octet value is 255. Working from left to right, can 128 be

subtracted from 255? Yes, and it leaves 127. Put a 1 under 128 inthe first row.

128 64 32 16 8 4 2 1

First Octet 1

Move to the next value, left to right. Can 64 be subtracted from 127?Yes, and it leaves 63. Put a 1 under 64 in the first row.

128 64 32 16 8 4 2 1

First Octet 1 1

Repeating this operation from left to right, every column has a 1 in itto represent the value to 255. The decimal value 255 is successfullyconverted to the binary value 11111111.

When the decimal-to-binary conversion results in a remainder of zerobefore finishing the left-to-right operation, all remaining columns will

have a value of zero.

66


70/93

For example, consider the subnet mask 248.0.0.0. Working from leftto right, convert this mask to binary value.

128 64 32 16 8 4 2 1

First Octet

Work from left to right. Can 128 be subtracted from 248? Yes, with a

remainder of 120. Place a 1 in the 128 column.

128 64 32 16 8 4 2 1

First Octet 1

Moving left to right, the next binary value to consider is 64. Can 64 besubtracted from 120? Yes, with a remainder of 56. Place a 1 in the64 column.

128 64 32 16 8 4 2 1

First Octet 1 1

The next binary value to consider is 32. Can 32 be subtracted from56? Yes, with a remainder of 24. Place a 1 in the 32 column.

128 64 32 16 8 4 2 1

First Octet 1 1 1

The next value is 16. Can 16 be subtracted from 24? Yes, with aremainder of 8. Place a 1 in the 16 column.

128 64 32 16 8 4 2 1

First Octet 1 1 1 1

The remainder is 8; the next value to consider is 8. Can 8 besubtracted from 8? Yes, with a remainder of zero. Place a 1 in the

8 column.

128 64 32 16 8 4 2 1

First Octet 1 1 1 1 1

The remainder is now zero, so the decimal value conversion has

completed. Place a 0 in each of the remaining columns.

128 64 32 16 8 4 2 1

First Octet 1 1 1 1 1 0 0 0

67


71/93

The decimal 248 has been successfully converted into the binary

number 11111000. The second, third, and fourth octets are allrepresented by the decimal 0, which is represented by the binary value00000000. The conversion of 248.0.0.0 into binary value results in a

final value of 11111000 00000000 00000000 00000000.

Another example: Consider the subnet mask 240.0.0.0. Create the

chart with the binary bit values, and work from left to right to convertthe decimal value 240 to binary:

128 64 32 16 8 4 2 1

First Octet

Subtracting 128 from 240 results in a remainder of 112. Place a 1 in

the 128 column:

128 64 32 16 8 4 2 1

First Octet 1

Subtracting 64 from the remainder 112 results in 48. Place a 1 in

the 64 column.

128 64 32 16 8 4 2 1

First Octet 1 1

Subtracting 32 from the remainder 48 results in 16. Place a 1 in the

32 column.

128 64 32 16 8 4 2 1

First Octet 1 1 1

Subtracting 16 from the remainder 16 results in zero. Place a 1 inthe 16 column.

128 64 32 16 8 4 2 1

First Octet 1 1 1 1

The remainder is now zero, indicating that the decimal-to-binary

conversion is complete. Place a 0 in all remaining columns to

complete the binary number.

128 64 32 16 8 4 2 1

First Octet 1 1 1 1 0 0 0 0

68


72/93

The conversion is complete. The decimal value 240 has been

successfully converted to binary value 11110000. The last threeoctets are all zeroes; the binary conversion for the entire mask is11110000 00000000 00000000 00000000.

Conver t ing B ina ry To Do t t ed Decim a l

Converting a binary value to a dotted decimal value is comparativelysimple. Consider this binary value: 11111111 11110001 00000000

00000000.

Draw the same chart used for decimal-to-binary conversion:

128 64 32 16 8 4 2 1

First OctetSecond Octet

Third Octet

Fourth Octet

Simply fill in the chart bit by bit with the 1s and 0s as presented to

you.

128 64 32 16 8 4 2 1

First Octet 1 1 1 1 1 1 1 1

Second Octet 1 1 1 1 0 0 0 1

Third Octet 0 0 0 0 0 0 0 0

Fourth Octet 0 0 0 0 0 0 0 0

For each octet, add all values represented by 1. For the first octet,

the decimal value is 128+64+32+16+8+4+2+1, which equals 255.The second octet is 128+64+32+16+1, equaling 241. The third and

fourth octets are all zeroes, so our dotted decimal value from thesupplied binary value is 255.241.0.0.

69


73/93

IP Addressing And Subnett ing

To fully understand subnetting, it is vital to know how many networkand host bits are present in Class A, Class B, and Class C networks.

First Octet Network Bits Host Bits Default MaskClass A 1 126 8 24 255.0.0.0

Class B 128 191 16 16 255.255.0.0

Class C 192 - 223 24 8 255.255.255.0

Network bits indicates how many bits represent the network numberwhen the dotted decimal number is converted to binary. Host bits

indicates how many bits represent hosts.

For example, the network address 17.1.1.1 falls into the Class A

category. Breaking the dotted decimal down into bits, the first 8 bitsof this address represent the network, and the remaining 24 bitsrepresent the host:

Network Address 17.1.1.1 Broken Down Into Network And Host Bits:

Dotted Decimal 17 1 1 1

Octets In Binary 00010001 00000001 00000001 00000001

Network / Host Bits Network Host Host Host

The Class A network address 17.1.1.1 has eight network bits and 24

host bits.

Breaking down network address 150.10.10.10, a Class B networkaddress:


Octets In Binary 10010110 00001010 00001010 00001010

Network / Host Bits Network Network Host Host

The Class B network address 150.10.10.10 has 16 network bits and 16host bits.

70


74/93

Breaking down network address 200.24.24.24, a Class C networkaddress:


Octets In Binary 11001000 00011000 00011000 00011000

Network / Host Bits Network Network Network Host

The Class C network address 200.24.24.24. has 24 network bits and 8host bits.

Subnetting is simply a process of borrowing host bits in order to

create the subnet portion of an address. Note in the followingexamples that the network portion of the address never changes. The

subnet field always borrows from the host bits.Why Use Subnett ing?

Subnetting is a highly effective method of conserving IP addresses.Consider a point-to-point ISDN conne

useful ccna material

Documents