CCNA Study Guide

OSI Reference Model

*Identify and describe the functions of each of the seven layers of the OSI reference model.

1. Physical Layer
1. The physical layer defines the electrical, mechanical, procedural, and functional specifications for activating, maintaining, and deactivating the physical link between communicating network systems. Physical layer specifications define such characteristics as voltage levels, timing of voltage changes, physical data rates, maximum transmission distances, and the physical connectors to be used.
2. Data Link Layer
1. The data link layer provides reliable transit of data across a physical network link. Different data link layer specifications define different network and protocol characteristics, including the following:
1. Physical addressing -- Physical addressing (as opposed to network addressing) defines how devices are addressed at the data link layer.
2. Network topology -- Data link layer specifications often define how devices are to be physically connected (such as in a bus or a ring topology).
3. Error notification -- Error notification involves alerting upper layer protocols that a transmission error has occurred.
4. Sequencing of frames -- Sequencing of data frames involves the reordering of frames that are transmitted out of sequence.
5. Flow control -- Flow control involves moderating the transmission of data so that the receiving device is not overwhelmed with more traffic than it can handle at one time.
6. The Institute of Electrical and Electronics Engineers (IEEE) has subdivided the data link layer into two sublayers: Logical Link Control (LLC) and Media Access Control (MAC).
3. Network Layer
1. The network layer provides routing and related functions that allow multiple data links to be combined into an internetwork. This is accomplished by the logical addressing (as opposed to the physical addressing) of devices. The network layer supports both connection-oriented and connectionless service from higher-layer protocols.
4. Transport Layer
1. The transport layer implements reliable internetwork data transport services that are transparent to upper layers. Transport layer functions typically include the following:
1. Flow control -- Flow control manages data transmission between devices so that the transmitting device does not send more data than the receiving device can process.
2. Multiplexing -- Multiplexing allows data from several applications to be transmitted onto a single physical link.
3. Virtual circuit management -- Virtual circuits are established, maintained, and terminated by the transport layer.
4. Error checking and recovery -- Error checking involves various mechanisms for detecting transmission errors. Error recovery involves taking an action (such as requesting that data be retransmitted) to resolve any errors that occur.
5. Some examples of transport layer implementations follow:
1. Transmission Control Protocol (TCP), Name Binding Protocol (NBP), OSI transport protocols
5. Session Layer
1. The session layer establishes, manages, and terminates communication sessions between presentation layer entities.  Communication sessions consist of service requests and service responses that occur between applications located in different network devices. These requests and responses are coordinated by protocols implemented at the session layer. Some examples of session layer implementations follow:
1. Apple ZIP, DEC SCP, NFS, SQL, RPC, X Windows, ASP
6. Presentation Layer
1. The presentation layer provides a variety of coding and conversion functions that are applied to application layer data. These functions ensure that information sent from the application layer of one system will be readable by the application layer of another system. Some examples of presentation layer coding and conversion schemes follow:
1. Common data representation formats -- The use of standard image, sound, and video formats allow the interchange of application data between different types of computer systems.
2. Conversion of character representation formats -- Conversion schemes are used to exchange information with systems using different text and data representations (such as EBCDIC and ASCII).
3. Common data compression schemes -- The use of standard data compression schemes allows data that is compressed at the source device to be properly decompressed at the destination.
4. Common data encryption schemes -- The use of standard data encryption schemes allows data encrypted at the source device to be properly unencrypted at the destination.
5. Presentation layer implementations are not typically associated with a particular protocol stack. Some well known standards follow:
1. Data: ASCII, EBCDIC, Encryption
2. Visual Imaging: PICT, TIFF, GIF, JPEG
3. Video: MIDI, MPEG, QuickTime
7. Application Layer
1. The application layer interacts with software applications that implement a communicating component.
   Application layer functions typically include the following:
1. Identifying communication partners -- The application layer identifies and determines the availability of communication partners for an application with data to transmit.
2. Determining resource availability -- The application layer must determine whether sufficient network resources for the requested communication are available.
3. Synchronizing communication -- Communication between applications requires cooperation that is managed by the application layer.
4. The application layer is the OSI layer closest to the end user. That is, both the OSI application layer and the user interact directly with the software application. Some examples of application layer implementations follow:
1. TCP/IP applications -- TCP/IP applications are protocols in the Internet Protocol suite, such as Telnet, File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP).  
2. OSI applications -- OSI applications are protocols in the OSI suite such as File Transfer, Access, and Management (FTAM), Virtual Terminal Protocol (VTP), and Common Management Information Protocol (CMIP).

Describe connection-oriented network service and connectionless network service and identify the key differences between them.

1. Connection-Oriented Network Service
1. involves three phases:
1. Connection establishment -- During the connection establishment phase, a single path between the source and destination systems is determined. Network resources are typically reserved at this time to ensure a consistent grade of service (such as a guaranteed throughput rate).
2. Data transfer -- During the data transfer phase, data is transmitted sequentially over the path that has been established. Data always arrives at the destination system in the order in which it was sent.
3. Connection termination -- During the connection termination phase, an established connection that is no longer needed is terminated. Further communication between the source and destination systems requires that a new connection be established.
2. Connection-oriented service has two significant disadvantages as compared to connectionless network
   service:
1. Static path selection -- Because all traffic must travel along the same static path, a failure anywhere along that path causes the connection to fail.
2. Static reservation of network resources -- A guaranteed rate of throughput requires the commitment of resources that cannot be shared by other network users. Unless full, uninterrupted throughput is required for the communication, bandwidth is not used efficiently.
3. Connection-oriented services are useful for transmitting data from applications that are intolerant of delays and packet re-sequencing. Voice and video applications are typically based on connection-oriented services.
2. Connectionless Network Service
1. Connectionless network service does not predetermine the path from the source to the destination system, nor are packet sequencing, data throughput, and other network resources guaranteed. Each packet must be completely addressed because different paths through the network might be selected for different packets, based on a variety of influences. Each packet is transmitted independently by the source system and is handled independently by intermediate network devices. Connectionless service offers two important advantages over connection-oriented service:
1. Dynamic path selection -- Because paths are selected on a packet-by-packet basis, traffic can be routed around network failures. 
2. Dynamic bandwidth allocation -- Bandwidth is used more efficiently because network resources are not allocated bandwidth that they are not going to use.
2. Connectionless services are useful for transmitting data from applications that can tolerate some delay and re-sequencing. Data-based applications are typically based on connectionless service.

Describe data link addresses and network addresses and identify the key differences between them.

1. Data Link Layer Addresses
1. A data link layer address uniquely identifies each physical network connection of a network device. Data link addresses are sometimes referred to as physical or hardware addresses. Data link addresses usually exist within a flat address space and have a pre-established and typically fixed relationship to a specific device. End systems typically have only one physical network connection, and thus have only one data link address. Routers and other internetworking devices typically have multiple physical network connections. They therefore have multiple data link addresses.
2. Network Layer Addresses
1. A network layer address identifies an entity at the network layer of the OSI reference model. Network addresses usually exist within a hierarchical address space. They are sometimes called virtual or logical addresses. The relationship of a network address with a device is logical and unfixed. It is typically based either on physical network characteristics (the device is on a particular network segment) or on groupings that have no physical basis (the device is part of an AppleTalk zone). End systems require one network layer address for each network layer protocol they support. (This assumes that the device has only one physical network connection.) Routers and other internetworking devices require one network layer address per physical network connection for each network layer protocol supported. For example, a router with three interfaces, each running AppleTalk, TCP/IP, and OSI, must have three network layer addresses for each interface. The router therefore has nine network layer addresses.

Define and describe the function of a MAC address.

1. Media Access Control (MAC) addresses are a subset of data link layer addresses. MAC addresses identify network entities in LANs implementing the IEEE MAC sublayer of the data link layer. Like most data link addresses, MAC addresses are unique for each LAN interface. MAC addresses are 48 bits in length and are expressed as 12 hexadecimal digits: The first 6 hexadecimal digits are the manufacturer identification (or vendor code), called the Organizational Unique Identifier (OUI). These 6 digits are administered by the
   IEEE. The last 6 hexadecimal digits are the interface serial number or another value administered by the specific vendor. MAC addresses are sometimes called burned-in addresses (BIAs) because they are burned into read-only memory (ROM) and copied into random-access memory (RAM) when the interface card initializes.

Define flow control and describe the three basic methods used in networking.

1. Flow control is a function that prevents network congestion by ensuring that transmitting devices do not overwhelm receiving devices with data. There are a number of possible causes of network congestion. For example, a high-speed computer might generate traffic faster than the network can transfer it, or faster than the destination device can receive and process it. There are three commonly used methods for handling network congestion:
1. Buffering - Buffering is used by network devices to temporarily store bursts of excess data in memory until they can be processed. Occasional data bursts are easily handled by buffering. However, excess data bursts can exhaust memory, forcing the device to discard any additional datagrams that arrive.
2. Source quench messages - Source quench messages are used by receiving devices to help prevent their buffers from overflowing. The receiving device sends source quench messages to request that the source reduce its current rate of data transmission, as follows:
1. The receiving device begins discarding received data due to overflowing buffers.
2. The receiving device begins sending source quench messages to the transmitting device, at the rate of one message for each packet dropped.
3. The source device receives the source quench messages and lowers the data rate until it stops receiving the messages.
4. The source device then gradually increases the data rate as long as no further source quench requests are received.
3. Windowing - Windowing is a flow-control scheme in which the source device requires an acknowledgement from the destination after a certain number of packets have been transmitted. With a window size of three, the source requires an acknowledgment after sending three packets, as follows:
1. The source device sends three packets to the destination device.
2. After receiving the three packets, the destination device sends an acknowledgment to the source.
3. The source receives the acknowledgment and sends three more packets.
4. If the destination does not receive one or more of the packets for some reason (such as overflowing buffers), it does not receive enough packets to send an acknowledgment. The source, not receiving an acknowledgment, retransmits the packets at a reduced transmission rate.
5. 3 way handshaking for TCP
1.  

WAN Protocols

Differentiate between the following WAN services: X.25 / LAPB, Frame Relay, ISDN / LAPD, SDLC, HDLC, PPP and DDR.

1. X.25 - ITU-T standard that defines how connections between DTE and DCE are maintained for remote terminal access and computer communications in PDNs. X.25 specifies LAPB, a data link layer protocol, and PLP, a network layer protocol. Frame Relay has to some degree superseded X.25.
2. Frame Relay - Industry-standard, switched data link layer protocol that handles multiple virtual circuits using HDLC encapsulation between connected devices. Frame Relay is more efficient than X.25, the protocol for which it is generally considered a replacement.
3. ISDN - Integrated Services Digital Network. Communication protocol, offered by telephone companies, that permits telephone networks to carry data, voice, and other source traffic.
4. SDLC - Synchronous Data Link Control. SNA data link layer communications protocol. SDLC is a bit-oriented, full-duplex serial protocol that has spawned numerous similar protocols, including HDLC and LAPB.
5. HDLC - High-Level Data Link Control. Bit-oriented synchronous data link layer protocol developed by ISO. Derived from SDLC, HDLC specifies a data encapsulation method on synchronous serial links using frame characters and checksums.
6. PPP - Point-to-Point Protocol. A successor to SLIP, PPP provides router-to-router and host-to-network connections over synchronous and asynchronous circuits.
7. DDR - dial-on-demand routing. Technique whereby a Cisco router can automatically initiate and close a circuit-switched session as transmitting stations demand. The router spoofs keep-alives so that end stations treat the session as active. DDR permits routing over ISDN or telephone lines using an external ISDN terminal adaptor or modem.

*Recognize key Frame Relay terms and features.

1. DTE (Data Terminal Equipment) - user devices
2. DCE (Data Circuit-terminating Equipment) - network equipment that interfaces to DTE
3. VC (Virtual Circuit) - logical circuit created to ensure reliable communication between two network devices. A virtual circuit is defined by a VPI/VCI pair
1. PVC (Permanent Virtual Circuit) - Virtual circuit that is permanently established. PVCs save bandwidth associated with circuit establishment and tear down in situations where certain virtual circuits must exist all the time. In ATM terminology, called a permanent virtual connection
2. SVC (Switched Virtual Circuit) - Virtual circuit that is dynamically established on demand and is torn down when transmission is complete. SVCs are used in situations where data transmission is sporadic. Called a switched virtual connection in ATM terminology
3. VPI (Virtual Path Identifier) - 8-bit field in the header of an ATM cell. The VPI, together with the VCI, is used to identify the next destination of a cell as it passes through a series of ATM switches on its way to its destination.  ATM switches use the VPI/VCI fields to identify the next VCL that a cell needs to transit on its way to its final destination. The function of the VPI is similar to that of the DLCI in Frame Relay
4. VCI (Virtual Channel Identifier) - 16-bit field in the header of an ATM cell. The VCI, together with the VPI, is used to identify the next destination of a cell as it passes through a series of ATM switches on its way to its destination. ATM switches use the VPI/VCI fields to identify the next network VCL that a cell needs to transit on its way to its final destination. The function of the VCI is similar to that of the DLCI in Frame Relay
4. DLCI (Data-Link Connection Identifier) - Value that specifies a PVC or SVC in a Frame Relay network. In the basic Frame Relay specification, DLCIs are locally significant (connected devices might use different values to specify the same connection). In the LMI extended specification, DLCIs are globally significant (DLCIs specify individual end devices)
5. LMI (Local Management Interface) - Set of enhancements to the basic Frame Relay specification. LMI includes support for a keepalive mechanism, which verifies that data is flowing; a multicast mechanism, which provides the network server with its local DLCI and the multicast DLCI; global addressing, which gives DLCIs global rather than local significance in Frame Relay networks; and a status mechanism, which provides an on-going
   status report on the DLCIs known to the switch. Known as LMT in ANSI terminology.
1. cisco
2. ansi (annex D)
3. q933a
6. CIR (Commited Information Rate) -
7. FCS (Frame Check Sequence) - Extra characters added to a frame for error control purposes.

List commands to configure Frame Relay LMIs, maps and subinterfaces.

1. Without subinterfaces
1. interface serial0/1
2.   ip address 192.168.10.81 255.255.255.0
3.   ip summary-address eigrp 100 160.81.0.0 255.255.0.0
4.   encapsulation frame-relay
5.   ipx network A1081
6.   frame-relay lmi-type ansi
7.   frame-relay map ipx A1081.0000.3098.924f 20 broadcast
8.   frame-relay map ip 192.168.10.171 28 broadcast
2. With subinterfaces
1. interface serial0/1
2.   no ip address
3.   encapsulation frame-relay
4.   frame-relay lmi-type ansi
5. interface serial0/1.111 point-to-point
6.   ip address 192.168.200.21 255.255.255.252
7.   ip summary-address eigrp 100 160.81.0.0 255.255.0.0
8.   frame-relay interface-dlci 105

*List commands to monitor Frame Relay operation on the router.

1. sh frame relay ip tcp header-compression
2. sh frame-relay lapf
1. Interface = Serial0/1 (up), LAPF state = TEI_ASSIGNED (down)
   SVC disabled, link down cause = SVC disabled, #link-reset = 0
   T200 = 1.5 sec., T203 = 30 sec., N200 = 3, k = 7, N201 = 260
   I-frame xmt = 0, I-frame rcv = 0, I-frame reXmt = 0
   I xmt dropped = 0, I rcv dropped = 0, Rcv pak dropped = 0
   RR xmt = 0, RR rcv = 0, RNR xmt = 0, RNR rcv = 0
   REJ xmt = 0, REJ rcv = 0, FRMR xmt = 0, FRMR rcv = 0
   DM xmt = 0, DM rcv = 0, DISC xmt = 0, DISC rcv = 0
   SABME xmt = 0, SABME rcv = 0, UA xmt = 0, UA rcv = 0
   V(S) = 0, V(A) = 0, V(R) = 0, N(S) = 0, N(R) = 0
   Xmt FRMR at Frame Reject
3. sh frame-relay lmi
1. LMI Statistics for interface Serial0/4 (Frame Relay DTE) LMI TYPE = ANSI
   Invalid Unnumbered info 0 Invalid Prot Disc 0
   Invalid dummy Call Ref 0 Invalid Msg Type 0
   Invalid Status Message 0 Invalid Lock Shift 0
   Invalid Information ID 0 Invalid Report IE Len 0
   Invalid Report Request 0 Invalid Keep IE Len 0
   Num Status Enq. Sent 5876 Num Status msgs Rcvd 5876
   Num Update Status Rcvd 0 Num Status Timeouts 0
4. sh frame-relay map
1. Serial0/1 (up): ipx A1081.0000.3098.924f dlci 20(0x14,0x440), static,
                  broadcast,
                  CISCO, status defined, inactive
   Serial0/1 (up): ipx A1081.0060.837c.1239 dlci 27(0x1B,0x4B0), dynamic,
                  broadcast,, status defined, active
   Serial0/1 (up): ip 192.168.10.155 dlci 16(0x10,0x400), static,
                  broadcast,
                  CISCO, status defined, active
5. sh frame-relay pvc
1. PVC Statistics for interface Serial0/1 (Frame Relay DTE)
   DLCI = 16, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/1
   input pkts 241207 output pkts 241801 in bytes 11459427
   out bytes 45633784 dropped pkts 0 in FECN pkts 0
   in BECN pkts 56 out FECN pkts 0 out BECN pkts 0
   in DE pkts 0 out DE pkts 0
   out bcast pkts 2148 out bcast bytes 117870
   pvc create time 16:24:13, last time pvc status changed 16:22:55
6. sh frame-relay route
7. sh frame-relay svc maplist
8. sh frame-relay traffic
1. Frame Relay statistics:
   ARP requests sent 0, ARP replies sent 0
   ARP request recvd 0, ARP replies recvd 0

Identify PPP operations to encapsulate WAN data on Cisco routers.

1. ppp (point to point protocol)
1. encapsulate network layer protocol information
2. used on: ISDN, asynchronous serial, synchronous serial, HSSI
3. supports:
1. authentication using CHAP (challenge handshake authenication protocol) or PAP (passoword authencation protocol)
2. binding of multiple protocols over one link
3. dynamic address assignment
4. synchronous and asynchronous communication
2. interface serial 0
   encapsulation ppp

State a relevant use and context for ISDN networking.

1. (config)#ipx routing
2. (config)#interface Serial0/1
3. (config)#ipx network A1081
4. (config)#^z

*Identify ISDN protocols, function groups, reference points and channels.

1. ISDN components
1. TE1 - terminal equipment type 1 - ISDN terminals (connect to the ISDN network through a four-wire, twisted-pair digital link)
2. TE2 - terminal equipment type 2  - pre-ISDN type terminals (connect to the ISDN network through a TA)
3. NT1 - network termination type 1 - equipment that connects the subscription 4 wires to the 2 wire local loop (usually it is a CPE(customer premises equipment))
4. NT2 - network termination type 2 - equipment that performs protocol functions of the data link and network layers (usually found in digital PBXs(private branch exchanges))
5. TA - terminal adapter - used with a pre-ISDN terminal (TE2) to adapt it to an ISDN connection
2. A number of reference points are specified in ISDN. These reference points define logical interfaces between functional groupings such as TAs and NT1s. ISDN reference points include the following:
1. R--The reference point between non-ISDN equipment and a TA.
2. S--The reference point between user terminals and the NT2.
3. T--The reference point between NT1 and NT2 devices.
4. U--The reference point between NT1 devices and line-termination equipment in the carrier network.
1. The U reference point is relevant only in North America, where the NT1 function is not provided by the carrier network.
3. ISDN Basic Rate Interface (BRI) service (total of 192Kbps)
1. two B channels - ised for user data 64 kbps
2. one D channel - used to carry control and signling information 16 kbps.  the D channel signaling protocol comprises Layers 1 through 3 of the OSI reference model. BRI also provides for framing control and other overhead, bringing its total bit rate to 192 kbps
4. ISDN Primary Rate Interface (PRI) service in North America and Japan (total of 1.544Mbps)
1. 23 B channels
2. one D channel- 64Kbps
5. ISDN Primary Rate Interface (PRI) service in Europe, Australia, and other parts of the world  (total of 2.048Mbps)
1. 30 B channels
2. one D channel - 64-kbps
6. ISDN physical-layer (Layer 1) frame formats differ depending on whether the frame is outbound (from terminal to network) or inbound (from network to terminal). The frames are 48 bits long, of which 36 bits represent data. Layer 2 of the ISDN signaling protocol is Link Access Procedure, D channel, also known as LAPD. LAPD is similar to High-Level Data Link Control (HDLC) and Link Access Procedure, Balanced (LAPB). As the expansion of the LAPD acronym indicates, it is used across the D channel to ensure that control and signaling information flows and is received properly. The LAPD frame format is very similar to that of HDLC and, like HDLC, LAPD uses supervisory, information, and unnumbered frames. The LAPD protocol is formally  specified in ITU-T Q.920 and ITU-TQ.921.
7. Two Layer 3 specifications are used for ISDN signaling: ITU-T (formerly CCITT) I.450 (also known as ITU-T Q.930) and ITU-T I.451 (also known as ITU-T Q.931). Together, these protocols support user-to-user, circuit-switched, and packet-switched connections. A variety of call establishment, call termination, information, and miscellaneous messages are specified, including SETUP, CONNECT, RELEASE, USER INFORMATION, CANCEL, STATUS, and DISCONNECT. These messages are functionally similar to those provided by the X.25 protocol.
8. digital channels
1. a: analog telephone 4KHz
2. b: digital data 64Kbps
3. c: digital out-of-band, 8 or 16 Kbps
4. d: digital out-of-band, 16 or 64 Kbps w/three sub-channels: s(signaling), t(telemetry), and p(packet data)
1. NOTE:  LAPD (link access prodecure for channel D) is the signaling protocol used to set up ISDN calls for ISDN BRI at the data link layer
5. e: digital channel for internal ISDN signaling, 64Kbps
6. h: digital channel at 384Kbps, 1536Kbps, or 1920Kbps

Describe Cisco’s implementation of ISDN BRI

1. IDSN (integrated services digital network) BRI (basic rate interface)
1. 2B channels (B1, B2) - each is 64 kbps
2. d channel - 16 kbps
2. inital cisco implementation of ISDN BRI treated the B and D channels as bundled together and were presentted as a single interface or as a hunt group
3. new implementation - each channel is treated as a separate interface for configurating the parameters of x.25 over the D channel

IOS

Log into a router in both user and privileged modes.

1. User EXEC – User mode entered by logging in. Prompt will be Router>. To exit use the logout command.
2. Privileged EXEC – From user EXEC mode, use the enable EXEC command. Prompt will be Router#. To exit to user EXEC mode use the disable command.

Use the context-sensitive help facility.

1. Entering a question mark (?) at the system prompt displays a list of commands available for each command mode. You can also get a list of any command’s associated keyworkd and arguments with the context-sensitive help feature. To get help specific to a command mode, a command, a keyword, or arguments perform one of the following:
1. Task Command: Obtain a brief description of the help system in and help
2. Command mode: Configure a line or lines to receive help for the full set of full-help

Use the command history and editing features.

1. With the current IOS release, the user interface provides a history or record of commands that you have entered. This feature is particularly useful for recalling long or complex command entries including access lists. By default, the system records 10 command lines in its history buffer. To set the number of command lines recorded during the current terminal session use the following command:
1. terminal history [size number-of-lines]
2. To configure the number of command lines the system records, complete the following command from line
   configuration mode:
1. history [size number-of-lines]
2. Useful editing commands:
1. Crtl-P or the up arrow key Recall commands in the history buffer starting with the most recent command.
2. Crtl-N or the down arrow Return to more recent commands in the history buffer after recalling commands with Crtl-P or the up arrow key.
3. Crtl-B or left arrow key Move the cursor back one character
4. Crtl-F or right arrow key Move the cursor forward one character
5. Crtl-A Move the cursor to the beginning of the command line
6. Crtl-E Move the cursor to the end of the command line
7. Esc B Move the cursor back one word
8. Esc F Move the cursor forward one word
9. Crtl-R or Crtl-L Redisplay the current command line

Examine router elements (RAM, ROM, CDP, show).

1. ROM Read Only, Hard Wired, Boot Strap, IOS, ROM Monitor
2. RAM IOS & Running Configuration (Main Memory)
3. NVRAM Startup Config – Saved via battery (10 yr Life Span)
4. Flash IOS – PCMCIA Cards or SIMMs
5. Shared RAM Packet Buffering – Not all platforms
6. The Cisco Discovery Protocol (CDP) is a media- and protocol-independent protocol that runs on all Cisco-manufactured equipment including routers, bridges, access servers and switches. CDP runs on all media that supports Subnetwork Access Protocol (SNAP) including local area network, Frame Relay and ATM media. CDP runs over the data link layer only.
1. specify the frequency of transmission of CDP updates. cdp timer seconds
2. specify the amount of time a receiving device should cdp holdtime seconds
3. hold the information sent by your device before discarding it.
4. to disable CDP no cdp run
5. to disable CDP on an interface no cdp enable
6. delete the CDP table of information about neighbors clear cdp table
7. display cdp neighbor information show cdp neighbors [type number] [detail]
8. The show cdp neighbors command displays: Device ID, interface type and number, hold-time settings,
   capabilities, platform and port ID information about neighbors. Using the detail option displays the following additional neighbor details: network address, enabled protocols and software version.

Manage configuration files from the privileged exec mode.

1. You can copy a configuration file from a TFTP server to the running configuration or to the startup configuration. When you copy a configuration file to the running configuration, you copy to and run the file from RAM. When you copy a configuration file to the startup configuration, you copy it to the nonvolatile random-access memory (NVRAM).
1. Copy a file from a TFTP server to the router copy tftp running-config or Copy tftp startup-config
2. When prompted enter the IP address or domain ip-address or name of the server
3. If prompted, enter the filename of the configuration filename file
2. Configuration files can also be copied from an rcp server to the local router as well. You must first specify the remote username:
1. ip rcmd remote-username username
2. Use steps as above except replace tftp with rcp
3. to view the configuration in NVRRAM show startup-config
4. to view the current running configuration show running-config
5. to re-execute the configuration commands located in NVRAM configure memory
6. to erase the contents of NVRAM erase startup-config

Control router passwords, identification and banner.

1. Cisco routers have two levels of passwords that can be applied; user and privileged EXEC. The user EXEC passwords are applied to the console, auxiliary and virtual terminal lines of the Cisco router. Password authentication can be either on the line, through a local username definition or a TACACS, extended TACACS, TACACS+ or RADIUS server. To enter privileged EXEC mode, use the enable command. By default, the password will be compared against the password entered with the enable secret global command.
2. To uniquely identify the router, use the hostname command as follows:
1. set the hostname:  hostname name
2. customize the prompt:  prompt string
3. remove the configuration prompt:  no service prompt config
3. Banners
1. banner exec
2. To display a banner on terminals with an interactive EXEC, use the banner exec global configuration
   command. This command specifies a message to be displayed when an EXEC process is created (a line is
   activated, or an incoming connection is made to a VTY line). The no form of this command deletes the
   EXEC banner.
1. banner exec d message d
2. no banner exec
3. Syntax Description
4. d Delimiting character of your choice--a pound sign (#) for example. You cannot use the delimiting character in the banner message.
3. An incoming connection is one initiated from the network side of the router. Incoming connections are also called reverse Telnet sessions. These sessions can display MOTD banners and INCOMING banners, but they do not display EXEC banners. Use the no motd-banner line configuration command to disable the MOTD banner for reverse Telnet sessions on asynchronous lines. When a user connects to the router, the MOTD banner appears before the login prompt. After the user successfully logs in to the router, the EXEC banner or INCOMING banner will be displayed, depending on the type of connection. For a reverse Telnet login, the INCOMING banner will be displayed. For all other connections, the router will display the EXEC banner. Incoming banners cannot be suppressed. If you do not want the incoming banner to appear, you must delete it with the no banner incoming command.

Identify the main Cisco IOS commands for router startup.

Check an initial configuration using the setup command.

1. The command parser (Command Line Interface - CLI) allows you to make very detailed changes to your configurations. However, some major configuration changes do not require the granularity provided by the command parser. In these cases, you can use the setup command facility to make major enhancements to your configurations. For example, you might want to use setup to add a protocol suite, to make major addressing scheme changes, or to configure a newly installed interface. Although you can use the command parser to make these major changes, the setup command facility provides you with a high-level view of the configuration and guides you through the configuration change process.
2. Additionally, if you are not familiar with Cisco products and the command parser, the setup command facility is a particularly valuable tool because it asks you the questions required to make configuration changes.
1. Note: If you use setup to modify a configuration because you have added or modified the hardware, be sure to verify the physical connections using the show version command. Also, verify the logical port assignments using the show running-config command to ensure that you configure the proper port.
3. To enter the setup command facility, enter ‘setup’ in privileged EXEC mode:
1. When you enter the setup command facility after first-time startup, an interactive dialog called the System Configuration Dialog appears on the system console screen. The System Configuration Dialog guides you through the configuration process. It prompts you first for global parameters and then for interface parameters. The values shown in brackets next to each prompt are the default values last set using either the setup command facility or the configure command. The prompts and the order in which they appear on the screen vary depending on the platform and the interfaces installed in the device.
2. You must run through the entire System Configuration Dialog until you come to the item that you intend to change. To accept default settings for items that you do not want to change, press the Return key.
3. To return to the privileged EXEC prompt without making changes and without running through the entire System Configuration Dialog, press Ctrl-C.
4. The facility also provides help text for each prompt. To access help text, press the question mark (?) key at a prompt.
5. When you complete your changes, the setup command facility shows you the configuration command script that was created during the setup session. It also asks you if you want to use this configuration. If you answer Yes, the configuration is saved to NVRAM. If you answer No, the configuration is not saved and the process begins again. There is no default for this prompt; you must answer either Yes or No.
6. Following is a partial example of the setup routine:
7. Router# setup
   --- System Configuration Dialog ---
   At any point you may enter a question mark '?' for help.
   Use ctrl-c to abort configuration dialog at any prompt.
   Default settings are in square brackets '[]'.
   Continue with configuration dialog? [yes]:
   First, would you like to see the current interface summary? [yes]:
   Interface IP-Address OK? Method Status Protocol
   Ethernet0 172.16.72.2 YES manual up up
   Serial0 unassigned YES not set administratively down down
   Serial1 172.16.72.2 YES not set up up
   Configuring global parameters:
   Enter host name [Router]:
   The enable secret is a one-way cryptographic secret used
   instead of the enable password when it exists.
   Enter enable secret []:
   The enable password is used when there is no enable secret
   and when using older software and some boot images.
   Enter enable password [ww]:
   Enter virtual terminal password [ww]:
   Configure SNMP Network Management? [yes]:
   Community string [public]:
   Configure IP? [yes]:
   Configure IGRP routing? [yes]:
   Your IGRP autonomous system number [15]:
   Configuring interface Ethernet0:
   Is this interface in use? [yes]:
   Configure IP on this interface? [yes]:
   IP address for this interface [172.16.72.2]:
   Number of bits in subnet field [8]:
   Class B network is 172.16.0.0, 8 subnet bits; mask is /24
   [etc]

Copy and manipulate configuration files

1. You can copy a configuration file from a TFTP server to the running configuration or to the startup configuration. When you copy a configuration file to the running configuration, you copy to and run the file from RAM. When you copy a configuration file to the startup configuration, you copy it to the nonvolatile random-access memory (NVRAM).
1. Copy a file from a TFTP server to the router copy tftp running-config or Copy tftp startup-config
2. When prompted enter the IP address or domain ip-address or name of the server
3. If prompted, enter the filename of the configuration filename
2. Configuration files can also be copied from an rcp server to the local router as well. You must first specify the remote username:
1. ip rcmd remote-username username
2. Use steps as above except replace tftp with rcp
3. to view the configuration in NVRRAM:                                              show startup-config
4. to view the current running configuration:                                       show running-config
5. to re-execute the configuration commands located in NVRAM: configure memory
6. to erase the contents of NVRAM:                                                      erase startup-config

List the commands to load Cisco IOS from: flash memory, a tftp server or ROM.

1. To configure a router to automatically boot an image in Flash memory, perform the following tasks:
1. Enter configuration mode form the terminal configure terminal
2. Enter the filename of an image stored in Flash memory boot system flash [filename]
1. boot system flash slot0:[filename]
2. boot system flash slot1:[filename]
3. boot system flash bootflash:[filename]
3. Set the configuration register to enable loading image config-register value from Flash memory (generally 0x2102)
4. Save configuration file copy running-config startup-config
2. To configure a route to load a system image from a network server using TFTP, rcp or MOP, use the following commands:
1. Enter configuration mode form the terminal
1. configure terminal
2. Specify the system image to be booted
1. boot system [rcp | tftp] filename [ip address] from a network server using rcp, TFTP or MOP
2. boot system mop filename [mac-address] [int]
3. Set the configuration register to enable loading config-register value image from a network server (generally 0x010F)
4. Save configuration file
1. copy running-config startup-config
3. To specify the use of the ROM system image as a backup to other boot instructions in the configuration file, complete the following:
1. Enter configuration mode form the terminal
1. configure terminal
2. Enter the filename of an image stored in Flash memory
1. boot system rom
3. Set the configuration register to enable loading image config-register value from ROM (generally 0x0101)
4. Save configuration file
1. copy running-config startup-config

Prepare to backup, upgrade and load a backup Cisco IOS software image.

1. backup - copy IOS to tftp
1. sh flash
1. C8F8C7A0#sh flash
   -#- ED --type-- --crc--- -seek-- nlen -length- -----date/time------ name
   1 .. FFFFFFFF F75DEB54 38CE70 15 3591664 May 18 1995 23:35:56 rsp-k-mz.103-12
   2 .. FFFFFFFF D632F70F 405884 8 493970 May 18 1995 23:43:00 cipp20-8
   3 .. FFFFFFFF F2867BE 770958 19 3584084 Sep 12 1996 11:46:44 rsp-k-mz_103-11.bin
   4 .. FFFFFFFF A1D6570D B548F4 18 4079388 Apr 22 1997 08:51:52 rsp-j-mz-111-9.bin
   5 .. FFFFFFFF FF38C375 C395AC 21 937016 Jul 23 1998 04:20:20 cat5000-sup.2-1-4.bin
2. copy flash tftp
1. Enter source file name: rsp-j-mz-111-9.bin
2. Enter destination file name [rsp-j-mz-111-9.bin]:
3. Address or name of remote host []? 160.81.81.5
2. load backup - copy from tftp
1. copy tftp flash
1. Enter source file name: c8f8s4a0.cfg
2. Enter destination file name [c8f8s4a0.cfg]:
3. 3697108 bytes available on device slot0, proceed? [confirm]y
4. Address or name of remote host [160.81.81.5]?
5. Accessing file "c8f8s4a0.cfg" on 160.81.81.5 ...FOUND
6. Loading c8f8s4a0.cfg from 160.81.81.5 (via TokenRing1/0): !
7. [OK - 307/2048 bytes]

Prepare the inital configuration of your router and enable IP

1. (config)#int tok 3/1
2. (config)#ip address 160.81.93.1 255.255.255.0
3. (config)#ring-speed 16
4. (config)#^z

Network Protocols

*Monitor Novell IPX operation on the router.

1. Sh ipx traffic

1.     System Traffic for 0.0000.0000.0001 System-Name: C8F1C7A0
Rcvd: 378925557 total, 2043561 format errors, 0 checksum errors, 6 bad hop count,
1293134 packets pitched, 30434397 local destination, 0 multicast
Bcast: 30445599 received, 84592444 sent
Sent: 97412713 generated, 347183693 forwarded
4070008 encapsulation failed, 5895 no route
SAP: 46943 SAP requests, 18925 SAP replies, 436 servers
27855089 SAP advertisements received, 76927683 sent
0 SAP flash updates sent, 57 SAP format errors, last seen from 0.0000.0000.0000
RIP: 405009 RIP requests, 212893 RIP replies, 72 routes
1984746 RIP advertisements received, 3857883 sent
62626 RIP flash updates sent, 0 RIP format errors
Echo: Rcvd 0 requests, 0 replies
Sent 0 requests, 0 replies
132448 unknown: 0 no socket, 0 filtered, 132437 no helper
0 SAPs throttled, freed NDB len 0
Watchdog:
0 packets received, 0 replies spoofed
Queue lengths:
IPX input: 0, SAP 0, RIP 0, GNS 0
SAP throttling length: 0/(no limit), 0 nets pending lost route reply
Delayed process creation: 0
EIGRP: Total received 0, sent 0
Updates received 0, sent 0
Queries received 0, sent 0
Replies received 0, sent 0
SAPs received 0, sent 0
NLSP: Level-1 Hellos received 0, sent 0
PTP Hello received 0, sent 0
Level-1 LSPs received 0, sent 0
LSP Retransmissions: 0
LSP checksum errors received: 0
LSP HT=0 checksum errors received: 0
Level-1 CSNPs received 0, sent 0
Level-1 PSNPs received 0, sent 0
Level-1 DR Elections: 0
Level-1 SPF Calculations: 0
Level-1 Partial Route Calculations: 0

2. sh ipx servers

1.     Codes: S - Static, P - Periodic, E - EIGRP, N - NLSP, H - Holddown, + = detail
419 Total IPX Servers
Table ordering is based on routing and server info
   Type Name         Net      Address    Port   Route  Hops     Itf
P     4 CON1    B8F10002.0000.0000.0001:0451     2/01    1    To3/0
P     4 ISM1    B8F10006.0000.0000.0001:0451     2/01    1    To3/1
P     4 PROD1   B8F10001.0000.0000.0001:0451     2/01    1    To3/0
P     4 ROD1    B8F01001.0000.0000.0001:0451     2/01    1    To3/0
P     4 TECH1   B8F88012.0000.0000.0001:0451     2/01    1    To3/1
P     4 UIS1    B8FB0001.0000.0000.0001:0451     2/01    1    To2/0
P     4 BLDG9   B9F30001.0000.0000.0001:0451     3/02    2    To2/2
P     4 WADE1   BAF10001.0000.0000.0001:0451     8/02    2    Se0/1

3. sh ipx route

1.     Codes: C - Connected primary network, c - Connected secondary network
S - Static, F - Floating static, L - Local (internal), W - IPXWAN
R - RIP, E - EIGRP, N - NLSP, X - External, A - Aggregate
s - seconds, u - uses
73 Total IPX routes. Up to 1 parallel paths and 16 hops allowed.
No default route known.
C   A1081 (FRAME-RELAY),    Se0/1
C   A8111 (SAP),             To4/1
C   A8112 (SAP),             To2/0
C   A8113 (SAP),             To1/2
C   A8114 (SAP),             To1/0
C   A8115 (SAP),             To3/0
C   A8116 (SAP),             To3/1
C   A8117 (SAP),             To3/2
C   A8118 (SAP),             To2/2
C   A8121 (SAP),             To3/3
C   A8122 (SAP),             To4/2
C   A8131 (SAP),             To1/3
C   A8132 (SAP),             To4/0
C   A8133 (SAP),             To8/3
C   A8134 (SAP),             To4/3
C   A8141 (SAP),             To2/3
C   A8143 (SAP),             To8/2
C   A8181 (SAP),             To1/1
C   E1081 (ISL vLAN),       Fa5/0.81
C   E1082 (ISL vLAN),       Fa5/1.82
C  AB8B92 (FRAME-RELAY),    Se0/5
R       1 [02/01] via      A8115.0006.2917.dc55, 30s, To3/0
R       2 [03/02] via      A8118.0090.2b0c.c823, 34s, To2/2
R       7 [03/02] via      A8118.0090.2b0c.c823, 34s, To2/2
R   A1411 [07/01] via     A1081.0060.837c.1239, 48s, Se0/1
R   A1412 [08/02] via     A1081.0060.837c.1239, 48s, Se0/1
R   A8119 [01/01] via     A8117.0000.3098.ea7a, 15s, To3/2

Describe the two parts of network addressing, then identify the parts in specific protocol address examples

*Describe the different classes of IP addresses [and subnetting].

1. IP addressing supports five different address classes. The left-most (high-order) bits indicate the network class. The following table provides reference information about the five IP address classes:
2.  

3. IP networks can be divided into smaller networks called subnetworks (or subnets). Subnetting provides extra flexibility, makes more efficient use of network address utilization, and contains broadcast traffic because a broadcast will not cross a router. Subnets are under local administration. As such, the outside world sees an organization as a single network, and has no detailed knowledge of the organization's internal structure. A given network address can be broken up into many subnetworks. For example, 172.16.1.0, 172.16.2.0, 172.16.3.0, and 172.16.4.0 are all subnets within network 171.16.0.0. (All 0s in the host portion of an address specifies the entire network.)

Configure IP addresses

1. (config)#int tok 3/1
2. (config)#ip address 160.81.93.1 255.255.255.0
3. (config)#ring-speed 16
4. (config)#^z

Verify IP addresses

1. sh int tok 3/1
1. TokenRing3/1 is up, line protocol is up
   Hardware is cxBus Token Ring, address is 0060.83fb.5861 (bia 0060.83fb.5861)
   Description: 160.81.93.0
   Internet address is 160.81.93.1/24
   MTU 4464 bytes, BW 16000 Kbit, DLY 630 usec, rely 255/255, load 1/255
   Encapsulation SNAP, loopback not set, keepalive set (10 sec)
   ARP type: SNAP, ARP Timeout 04:00:00
   Ring speed: 16 Mbps
   Single ring node, Source Route Transparent Bridge capable
   Source bridging enabled, srn 893 bn 2 trn 20 (ring group)
   proxy explorers disabled, spanning explorer enabled, NetBIOS cache disabled
   Group Address: 0x00000000, Functional Address: 0x0880011A
   Ethernet Transit OUI: 0x000000
   Last Ring Status 00:00:09 <Soft Error> (0x2000)
   Last input 00:00:04, output 00:00:00, output hang never
   Last clearing of "show interface" counters never
   Queueing strategy: fifo
   Output queue 0/40, 13 drops; input queue 0/75, 0 drops
   5 minute input rate 0 bits/sec, 1 packets/sec
   5 minute output rate 18000 bits/sec, 36 packets/sec
   73580 packets input, 5355574 bytes, 0 no buffer
   Received 54782 broadcasts, 0 runts, 0 giants
   1 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
   3274197 packets output, 256260181 bytes, 0 underruns
   37 output errors, 0 collisions, 1 interface resets
   0 output buffer failures, 0 output buffers swapped out
   3 transitions

*List the required IPX address and encapsulation type.

Enable the Novell IPX protocol and configure interfaces.

1. ipx routing
1. enable ipx routing
2. interface ethenet 0
   ipx network 101 encapsulation arpa
1. single encapsulation on a physical interface
3. multiple encapsulation on a physical interface
1. using subinterfaces
1. ipx routing
   inteface ethernet 0.1
   ipx network 101 encapsulation arpa
   inerface ethernet 0.2
   ipx network 102 encapsulation snap
2. using secondary network
1. interface ethernet 0
   ipx network 101 encapsulation arpa
   ipx network 101 encapsulation snap secondary
4. confirming operation
1. sh ipx interface - shows the configured network numbers, encapsulation types, and operational status of the inerfaces
2. sh ipx interface brief - list each interface and its ipx configuration
3. sh ipx traffic - number of packets sent and received (look at the sap and rip counters)
4. sh ipx servers - displays the internal sap database
5. sh ipx route - display the ipx routing table

Identify the functions of the TCP/IP transport-layer protocols

1. transport layer - provides reliable transport of data between two systems.
1. tcp (transmission control protocol)
1. reliable data transfer, connection-oriented virtual circuit, buffered transfer, resequencing, multiplexing, full-duplex, flow control
2. flow control - variable sliding windows
3. important ports
1.  

2. udp (user datagram protocol)
1. connectionless, unreliable datagram service
2. udp flooding - router uses the destination address specified by the ip broadcast-address command on the output interface to assign a destination address to a flooded udp datagram.   The destination address might change as the datafram propagates through the network.  the source address does not change
3. ip helper address - used to forward udp broadcast

Identify the functions of the TCP/IP network-layer protocols

1. network layer - addressing
1. ip (internet protocol)
1. connectionless, unrealiable delivery service
1. IP provides the delivery mechanism for getting packets to and from the transport layer
2. reliable delivery and connection-oriented services are handeled by tcp
2. packet fragmentation and reassembly
1. enforces an upper limit of the datagram size based on the mtu (maximum transmission unit)
3. routing functions
2. icmp (internet control message protocol)
1. echo reply (ping)  - replies to an ICMP ping
2. icmp redirects - sent by a gateway to the host.  instructs the host to use a different route when the router detects that its route is not as optimal as that of another router on the same network segment.  if the gateway detects a bettwe route for the ip datagrams, it will send the host a redirect message with the address of the perferred gateway
3. icmp source quench - onforms the originating host that the gateway/receiving host is being overrun and can't keep up with the traffic.  the originating host then lowers the rate at which it sends datagrams to the receiving host, until it stops receiving "source quench"
4.  

3. arp (address resolution protocol)
1. maps ip addresses to mac addreses
4. rarp (reverse address resolution protocol)
1. maps mac addresses to ip addresses
5. InARP (Inverse address resolution protocol)
1. dynamically associate a remote DLCI (data-link connection identifier) with an ip address
2. used in nonbroadcast network such as frame relay
3. a router can dynamically determine a remote DLCI by querying the frame relay switch.   once it knows the DLCI "hardware address" it is then possible to use InARP to obtain the ip address of the remote site

Identify the functions performed by ICMP

1. The Internet Control Message Protocol (ICMP) is a network layer Internet protocol that provides message packets to report errors and other information relevant to IP packet processing back to the source. ICMP is documented in RFC 792. ICMP provides a number of helpful messages including the following:
1. Destination Unreachable - The ICMP destination unreachable message is sent by a router if it is unable to deliver a packet to the ultimate destination. The router discards the original packet. Destinations might be unreachable for these reasons:
1. The source host specified a nonexistent address.
2. The router does not have a route to the destination (less frequent).
3. Destination unreachable messages include the following:
1. Network unreachable -- This message usually implies routing or addressing failures.
2. Host unreachable -- This message usually implies delivery failures such as a wrong subnet mask.
3. Protocol unreachable -- This message usually implies that the destination does not support the upper-layer protocol specified in the packet.
4. Port unreachable -- This message usually implies that the Transmission Control Protocol (TCP) port (socket) is not available.
2. Echo Request and Reply - The ICMP echo request message is sent by any host to test node reachability across an internetwork. It is generated by the ping command. The ICMP echo reply message indicates that the node can be successfully reached.
3. Redirect - An ICMP redirect message is sent by the router to the source host to stimulate more efficient routing. The router still forwards the original packet to the destination. ICMP redirects allow host routing tables to remain small because knowing the address of only one router is required (even if that router does not provide the best path). Even after receiving an ICMP redirect message, some devices might continue using the less efficient route.
4. Time Exceeded - An ICMP time-exceeded message is sent by the router if an IP packet's Time-to-Live field
   (expressed in hops or seconds) reaches zero. The Time-to-Live field prevents packets from continuously circulating the internetwork if the internetwork contains a routing loop. The router discards the original packet.
5. Router Advertisement and Router Solicitation - The ICMP Router Discovery Protocol (IDRP) uses router
   advertisement and router solicitation messages to discover the addresses of routers on directly attached subnets. IDRP works as follows:
1. Each router periodically multicasts router advertisement messages from each of its interfaces.
2. Hosts discover addresses of routers on directly attached subnets by listening for these messages.
3. Hosts can use router solicitation messages to request immediate advertisements, rather than waiting for
   unsolicited messages.
6. IRDP offers several advantages over other methods of discovering addresses of neighboring routers. Primarily, it does not require hosts to recognize routing protocols, nor does it require manual configuration by an administrator. Router advertisement messages allow hosts to discover the existence of neighboring routers, but not which router is best to reach a particular destination. If a host uses a poor first-hop router to reach a particular destination, it receives a redirect message identifying a better choice.
2. Undeliverable ICMP messages (for whatever reason) do not generate a second ICMP message. Doing so could create an endless flood of ICMP messages.

*Configure IPX access lists and SAP filters to control basic Novell traffic

1. access list number ranges

2. standard IP access list
1. access-list access-list-number {deny|permit} source [source-wildcard]
1. access-list-number: 1-99
2. any = 0.0.0.0 255.255.255.255
3. access list for vty lines
1. apply the access-class using the access-list
2. access-class access-list-number {in | out}
3. extended ip access list
1. access-list access-list-name {deny | permit} protocol source source-wildcard destination destination-wildcard
2. access-list access-list-number [dynamic dynamic-name [timeout minutes]] {deny | permit} protocol source source-wildcard destination destination-wildcard [precedence precedence] [tos tos] [established] [log]
1. access-list-number: 100-199
2. dynamic dynamic-name: identifies this access list as a dynamic access list
3. timeout minutes: specifies the minutes that a temporary access list entry can remain in a dynamic access list.  default is infinite
4. deny, permit: denies/permits access if conditions are matched
5. protocol: eigrp, gre, icmp, igmp, igrp, ip, ipinip, nos, ospf, tcp, udp, or a number (0-255) representating an IP protocol
6. source: network/host from which the packet is being sent.  any= 0.0.0.0 255.255.255.255   host=0.0.0.0
7. source-wildcard:  wildcar bits applied to source.  (1=ignore)
8. precedence precedemce:  packets can be filtered by precedence level, as specified by a number from 0 to 7 or by name
9. tos tos: packets can be filtered by type of service level, as specified by a number from 0 to 15 or by name
10. established: for TCP only.  indicates an established connection.  A match occurs if the TCP datagram has the ACK or RST bits set.  The nonmatching case is that of the inital TCP datagram to form a connection.
11. log:  causes informational logging message about the packet that matches the entry to be sent to the console
3. access-list 102 permit tcp 172.16.1.0 0.0.0.255 172.17.1.1 host eq telnet
   interface ethernet 0
   ip access-group 102 out
1. host = 0.0.0.0
4. standard IPX access list
1. access-list access-list-number {deny | permit} source-network[.source-node [source-node-mask]] [destination-network[.destination-node [destination-node-mask]]]
1. access-list-number:  800-899
2. source-network: network number (1-ffff.fffe).  o=local network   -1=all networks
2. access-list 850 deny aa bb.072c.fa34.0075
   access-list permit -1
   interface ethernet 0
   ipx access-group 850 out
5. IPX SAP filter
1. access-list access-list-number {deny | permit} network[.node] [network-mask.node.mask] [service-type [server-name]]
1. access-list-number:  1000-1099
2. deny, permit: denies/permits access if conditions are matched
3. network: network number (1-ffff.fffe).  o=local network   -1=all networks
2. access-list 1001 deny bb.0000.0000.0001
   access-list 1001 permit -1
   interface ethernet 0
   ipx input-sap-filter 1001
6. named access list (version 11.2+)
1. ip access-list standard|extended name
2. {deny | permit} source source-wildcard destination destination-wildcard

Routing

Add the RIP routing protocol to your configuration.

1. router rip
1. enable RIP as a routing protocol
2. network 192.168.2.0
1. directly attached network
3. neighbor 192.168.2.4
1. send RIP updates to a nonbroadcast network - add this router to the neighbor list
4. offset-list ethernet 0 in 2
1. increase the routing metrics by 2 from updates coming into ethernet 0
2. offset-list {name | access-list } {in | out } {offset amount}
5. timers basic update 60
1. change updates from 30secs(default) to 60 secs
2. timers basic {update | invalid | holddown | flush} amount
1. update - number of seconds between updates
2. invlid - number of seconds after which a route is declared invalid
3. holddown - interval of seconds on all interfaces for a route that was declared unreachable by one interface, before new updates will be accepted for that network
4. flush - number of seconds before a route is removed from the routing information table
6. version 2
1. use version 2 for send and receive
2. default: receive version 1 and 2, send only version 2
7. ip rip authentication key-chain chain1
   ip rip authentication mode md5
1. enable RIPauthentication using md5
2. ip rip authentication key-chain {name of chain}
3. ip rip authentication mode {text | md5}
8. no auto-summary
1. disable automatic route summerization of RIP version 2
9. no validate-update-source
1. disable validation
2. default: router validates the source of incoming RIP updates.  For invalid source addresses, the update gets discarded
10. output-delay 40
1. delay the update bu 40 milliseconds
2. when a fast router sends updates to a slower router, there might be a need for a delay in the RIP updates.
11. interface ethernet 0
    ip split-horizon
1. enable split-horizon algo
2. split-horizon reduces routing loops

Add the IGRP routing protocol to your configuration.

1. router igrp 1
1. enable igrp as a routing protocol
2. network 192.168.1.0
1. directly attached network
3. offset-list ethernet 0 out 8
4. neighbor 192.168.8.11
5. variance 3
1. igrp allows unequal-cost load balancing, which enables network traffic to be distributed across up to four unequal-cost routes to the same destination network.  the path variance (the difference in advantage of the primary and alternative paths) is used to determine wheather a path is feasible - that is, it can be included in the routing table by virtue of the closeness of the next router in the path to the destination network.   if that metric is within the specified varience, the path is included.
2. default is 1, enabling an equal-cost load balancing
6. traffic-shared balanced
1. distribute network traffic proportionately to the ratio of the past cost
2. traffic-shared {balanced | min}
3. distribute network traffic proportionately to the ratio of the path cost or minimum-cost
7. timers basic flush update 60
1. change updates from 90secs(default) to 60 secs
8. no metric holddown
1. diable holddown period - can be used to shorten converenge time.  all holdwown configurations must be identical on all routers within an autonomous system
9. metric maximum-hops 60
1. change maximum hops from 100(default) to 60.  (igrp has a maximum of 255 hops)
10. no valid-update-source
11. interface ethernet 0
    ip split-horizon
1. disable split-horizon

Explain the services of separate and integrated multiprotocol routing.

*List problems that each routing type encounters when dealing with toplogy changes and describe techniques to reduce the number of these problems

1. hold-downs: used to prevent regular update messages from inappropiately reinstating a route that may have gone bad.  The hold-down period is usually calculated to be just greater than the period of time necessary to update the entire network with a routing change.
2. split horizons: prevents routing loops between adjacent routers.  it is never useful to send information about a route back in the direction from which it came
3. poision reverse updates: prevents large routing loops.  Increases in routing metrics generally indicate routing lopps.  Poison reverse updates are sent to remove and place the route in hold-down.  In cisco's implementation, poision reverse updates are sent if a route metric has increased by a factor of 1.1 or greater.
4.  

Describe the benefits of network segmentation with routers

Network Security

*Configure extended access lists to filter IP traffic

1. standard IP access list
1. access-list access-list-number {deny|permit} source [source-wildcard]
1. access-list-number: 1-99
2. any = 0.0.0.0 255.255.255.255
3. access list for vty lines
1. apply the access-class using the access-list
2. access-class access-list-number {in | out}
2. extended ip access list
1. access-list access-list-name {deny | permit} protocol source source-wildcard destination destination-wildcard
2. access-list access-list-number [dynamic dynamic-name [timeout minutes]] {deny | permit} protocol source source-wildcard destination destination-wildcard [precedence precedence] [tos tos] [established] [log]
1. access-list-number: 100-199
2. dynamic dynamic-name: identifies this access list as a dynamic access list
3. timeout minutes: specifies the minutes that a temporary access list entry can remain in a dynamic access list.  default is infinite
4. deny, permit: denies/permits access if conditions are matched
5. protocol: eigrp, gre, icmp, igmp, igrp, ip, ipinip, nos, ospf, tcp, udp, or a number (0-255) representating an IP protocol
6. source: network/host from which the packet is being sent.  any= 0.0.0.0 255.255.255.255   host=0.0.0.0
7. source-wildcard:  wildcar bits applied to source.  (1=ignore)
8. precedence precedemce:  packets can be filtered by precedence level, as specified by a number from 0 to 7 or by name
9. tos tos: packets can be filtered by type of service level, as specified by a number from 0 to 15 or by name
10. established: for TCP only.  indicates an established connection.  A match occurs if the TCP datagram has the ACK or RST bits set.  The nonmatching case is that of the inital TCP datagram to form a connection.
11. log:  causes informational logging message about the packet that matches the entry to be sent to the console
3. access-list 102 permit tcp 172.16.1.0 0.0.0.255 172.17.1.1 host eq telnet
   interface ethernet 0
   ip access-group 102 out
1. host = 0.0.0.0

*Monitor and verify selected access list operations on the router

1. sh access-list
2. sh ip interfaces

LAN Switching

Describe the advantages of LAN segmentation

Describe LAN segmentation using bridges

Describe LAN segmentation using routers

Describe LAN segmentation using switches

*Name and describe two switching methods

1. Store-and-forward - forward after the packet has been received and declared to be valid
1. advantage:  filter, manage, traffic control.  damaged frames are not forwarded
2. disadvantage:  slow, large memory buffers to read in the store the frame before making switching decision
2. Cut-through - forward the packet as soon as the destination MAC is known.
1. advantage:  fast, begin forwarding a frame without waiting until it has received the complete frame (usually just 30-40 bytes)
2. disadvantage:  may foward a bad frame

Describe full- and half-duplex ethernet operation

1. full-duplex - Capability for simultaneous data transmission between a sending station and a receiving station
2. half-duplex - Capability for data transmission in only one direction at a time between a sending station and a receiving station

Describe network congestion problem in ethernet networks

1. Access to the channel is controlled by medium access control (MAC) mechanism
1. Carrier Sense Multiple Access with Collision Detection (CSMA/CD):  designed to provide fair access to the shared channel so that all stations get a chance to use the network

Describe the benefits of network segmentation with bridges.

1. Transparent Bridging
1. logically segment a transparently bridged network into virtual local-area networks (LANs)
2. Provides two spanning-tree protocols--an older bridge protocol data unit (BPDU) format that is compatible with Digital and other LAN bridges for backward compatibility and the IEEE standard bridge protocol data unit
   (BPDU) format. In addition to features standard with these spanning-tree protocols, Cisco's proprietary software provides for multiple domains for spanning trees.
3. Allows frame filtering based on MAC address, protocol type, or the vendor code. Additionally, the bridging software can be configured to selectively filter local area transport (LAT) multicast service announcements
4. Provides deterministic load distribution while maintaining a loop-free spanning tree
5. Provides the ability to bridge over Asynchronous Transfer Mode (ATM), dial-on-demand routing (DDR), Fiber Distributed Data Interface (FDDI), Frame Relay, multiprotocol Link Access Procedure, Balanced (LAPB), Switched Multimegabit Data Service (SMDS), and X.25 networks
6. Provides concurrent routing and bridging, which is the ability to bridge a given protocol on some interfaces in a router and concurrently route that protocol on other interfaces in the same router
7. Provides fast-switched transparent bridging for Frame Relay encapsulated serial and High-Speed Serial Interface (HSSI) interfaces
8. Provides both bridging and routing of virtual LANS (VLANs)
2. Source-Route Transparent Bridging
1. When configured for the IEEE spanning-tree protocol, the bridge cooperates with other SRT bridges and constructs a loop-free topology across the entire extended LAN
3. Source-Route Bridging (SRB)
1. connects multiple physical Token Rings into one logical network segment
2. Level 3 router (IPX, XNS) and a Level 2 source-route bridge (SNA, NetBIOS)
3. configurable fast-switching software for source-route bridging
4. local source-route bridge that connects two or more Token Ring networks
5. Provides ring groups to configure a source-route bridge with more than two network interfaces. A ring group is a collection of Token Ring interfaces in one or more routers that are collectively treated as a virtual ring
6. Provides two types of explorer packets to collect RIF information--an all-routes explorer packet, which follows all possible paths to a destination ring, and a spanning-tree explorer packet, which follows a statically configured limited route (spanning tree) when looking for paths.
7. Provides a dynamically determined RIF cache based on the protocol. The software also allows you to add entries manually to the RIF cache
8. Provides for filtering by MAC address, link service access point (LSAP) header, and protocol type
9. Provides for filtering of NetBIOS frames either by station name or by a packet byte offset
10. Provides for translation into transparently bridged frames to allow source-route stations to communicate with nonsource-route stations (typically on Ethernet)
4. Remote Source-Route Birdging (RSRB)
1. bridges Token Ring and non-Token Ring media is introduced into the bridged network segment
2. Provides for multiple routers separated by non-Token Ring segments
1. Encapsulate the Token Ring traffic inside IP datagrams passed over a Transmission Control Protocol (TCP) connection between two routers
2. Use Fast-Sequenced Transport (FST) to transport RSRB packets to their peers without TCP or User Datagram Protocol (UDP) header or processor overhead.
3. Use MAC-layer encapsulations over a single serial line, Ethernet, Token Ring, or FDDI ring connected between two routers attached to Token Ring networks
3. Provides for configurable limits to the size of the TCP backup queue
5. DLSw+ (Data Link Switching)
1. addresses limiation of SRB:
1. SRB hop-count limits (SRB limit is 7)
2. Broadcast traffic (from SRB explorer frames or NetBIOS name queries)
3. Unnecessary traffic (acknowledgments)
4. Data link control timeouts
5. Lack of flow control and prioritization

Describe the benefits of network segementation with switches.

1. hubs
1. repeats all frames to all ports except the port the frame was received on.  Each device must examine each frame to determine wheather it is addressed to its layer 2 mac address
2. switches
1. switch reads the source mac address of inbound frames and saves this information in its switching table.  This CAM (content-addressable memory) table contains the mac addresse and its associated port.
2. the switch examins the destination mac address of outbound frames and immediately looks in the switching table.  if the switch finds the matching address, it copies the frame only to that port.  if it does not find the address, it copies the frame to all ports.
3. vlans(virtual local area networks)
1. group of devices on one or more LANs that are configured so that they can communicate as if they were attached to the same wire, when they are located on a number of different LAN segments.  VLANs are based on logical instead of physical connections.
2. logical collection of end stations on the same layer 2 (and layer 3) segment, which communicate directly without a router
3. VTP (VLAN trunk protocol): allows switches to send VLAN information in the form of advertisements to neighboring devices.  The info includes the domain, the revision number, active VLANs, etc
1. advantage: you can control the adding, deleting, or chaning of VLANs
2. disadvantage: unneccessary traffic sent over trunk ports to devices that may not need that information

Describe the features and benefits of Fast Ethernet

1. 100BASE-T Fast Ethernet (part of the original 802.3 standard)
1. speeds up the original Ethernet system to 100-Mbps, keeping the original
   CSMA/CD medium access control mechanism plus auto-negotiation
2. media types
1. 100BASE-T4:  twisted-pair segment that uses four pairs of telephone-grade twisted-pair wire
2. 100BASE-X
1. 100BASE-TX:  twisted-pair segment that uses two pairs of wires and is based on the data grade twisted-pair physical medium standard developed by ANSI
2. 100BASE-FX:  fiber optic link segment based on the fiber optic physical medium standard developed by ANSI and that uses two strands of fiber cable
2. 100VG-AnyLAN (IEEE 802.12)
1. Entirely new medium access control mechanism, one based on hubs that controlled access to the medium using a "demand priority" mechanism. This new access control system transports standard Ethernet frames, but it does it with a new medium access control mechanism. This system was further extended to allow it to transport token ring frames as well.
3. (config)#^z

Describe the guidelines and distance limitations of Fast Ethernet

1. Fast Ethernet, or 100BaseT, is conventional Ethernet but faster, operating at 100 Mbps instead of 10 Mbps. Fast Ethernet is based on the proven CSMA/CD Media Access Control (MAC) protocol and can use existing 10BaseT cabling. Data can move from 10 Mbps to 100 Mbps without protocol translation or changes to application and networking software.
2. Fast Ethernet maintains CSMA/CD, the Ethernet transmission protocol. However, Fast Ethernet reduces the duration of time each bit is transmitted by a factor of 10, enabling the packet speed to increase tenfold from 10 Mbps to 100 Mbps. Data can move between Ethernet and Fast Ethernet without requiring protocol translation, because Fast Ethernet also maintains the 10BaseT error control functions as well as the frame format and length.
3. Fast Ethernet can run over the same variety of media as 10BaseT, including UTP, shielded twisted pair (STP), and fiber. The Fast Ethernet specification defines separate physical sublayers for each media type:
1. 100BaseT4 for four pairs of voice- or data-grade Category 3, 4, and 5 UTP wiring
2. 100BaseTX for two pairs of data-grade Category 5 UTP and STP wiring
3. 100BaseFX for two strands of 62.5/125-micron multimode fiber
4. In many cases, organizations can upgrade to 100BaseT technology without replacing existing wiring. However, for installations with Category 3 UTP wiring in all or part of their locations, four pairs must be available to implement Fast Ethernet. The MII layer of 100BaseT couples these physical sublayers to the CSMA/CD MAC layer (see Figure 1). The MII provides a single interface that can support external transceivers for any of the 100BaseT physical sublayers. For the physical connection, the MII is implemented on Fast Ethernet devices such as routers, switches, hubs, and adapters, and on transceiver devices using a 40-pin connector.
5. Each physical sublayer uses a signaling scheme that is appropriate to its media type. 100BaseT4 uses three pairs of wire for 100-Mbps transmission and the fourth pair for collision detection. This method lowers the 100BaseT4 signaling to 33 Mbps per pair, making it suitable for Category 3, 4, and 5 wiring. 100BaseTX uses one pair of wires for transmission (125-MHz frequency operating at 80 percent efficiency to allow for 4B5B encoding) and the other pair for collision detection and receive. 100BaseFX uses one fiber for transmission and the other fiber for collision detection and receive. The 100BaseTX and 100BaseFX physical signaling channels are based on FDDI physical layers developed and approved by the American National Standards Institute (ANSI) X3T9.5 committee.
6. While the 100BaseTX and 100Base T4 specifications maintain the same 100-meter limit from the wiring closet to the desktop as 10BaseT, 100BaseFX can exceed the 100-meter limit because it uses fiber instead of UTP. However, 100BaseFX is used primarily between wiring closets and campus buildings to better leverage its support for longer cables.
7. Just as with 10-Mbps Ethernet, different wiring types can be connected through a repeater. The 100BaseT standard defines two classes of repeaters: Class I and Class II. At most, a collision domain can include one Class I or two Class II repeaters. Fast Ethernet is implemented in a star topology, but even with repeaters, the network diameter is proportionately smaller than 10-Mbps Ethernet given Fast Ethernet's tenfold increase in packet speed. For example, using two Class II repeaters, the maximum distance using copper wire is 100 meters (m) to the Class II repeater, 5 m between Class II repeaters, and 100 m to the desktop.
8. Full-duplex technology delivers up to 200 Mbps bandwidth because it provides bidirectional communication -- meaning that 100 Mbps is available for transmission in each direction. Full duplex also increases the maximum distance supported for fiber cables between two Data Terminal Equipment (DTE) devices up to 2 km. Full-duplex communication is implemented by disabling the collision detection and loopback functions, which are necessary to ensure smooth communication in a shared network. Only switches can offer full duplex to directly attached workstations or servers. Shared 100BaseT hubs must operate at half duplex to detect collisions among end stations.
9. The 100BaseT specification describes a negotiation process that allows devices at each end of a network link to automatically exchange information about their capabilities and perform the configuration necessary to operate together at their maximum common level. This auto-negotiation activity is performed out-of-bank using Fast Link Pulse (FLP) Burst to identify the highest physical-layer technology that can be used by both devices, such as 10BaseT, 100BaseT, 100BaseTX, or 100BaseT4. The auto-negotiation definition also provides a parallel detection function that allows half-and full-duplex 1-BaseT, half-and full-duplex
10. 100BaseTX, and 100BaseT4 physical layers to be recognized, even if one of the connected devices does not offer auto-negotiation capabilities.

*Distinguish between cut-through and store-and-forward switching.

1. Cut through switching will forward the packet as soon as the destination MAC is known.
2. Store and forward will forward after the packet has been received and declared to be valid.
1. Cut through is faster, but you may pass "bad" packets.

Describe the operation of the Spanning Tree Protocol and its benefit

1. Spanning-Tree Protocol is a link management protocol that provides path redundancy while preventing undesirable loops in the network. For an Ethernet network to function properly, only one active path can exist between two stations. Multiple active paths between stations cause loops in the network. If a loop exists in the network topology, the potential exists for duplication of messages. When loops occur, some switches see stations appear on both sides of the switch. This condition confuses the forwarding algorithm and allows duplicate frames to be forwarded.
2. To provide path redundancy, Spanning-Tree Protocol defines a tree that spans all switches in an extended network. Spanning-Tree Protocol forces certain redundant data paths into a standby (blocked) state. If one network segment in the Spanning-Tree Protocol becomes unreachable, or if Spanning-Tree Protocol costs change, the spanning-tree algorithm reconfigures the spanning-tree topology and reestablishes the link by activating the standby path.
3. Spanning-Tree Protocol operation is transparent to end stations, which are unaware whether they are connected to a single LAN segment or a switched LAN of multiple segments.
4. Election of the Root Switch
1. All switches in an extended LAN participating in Spanning-Tree Protocol gather information on other switches in the network through an exchange of data messages. These messages are bridge protocol data units (BPDUs). This exchange of messages results in the following:
1. The election of a unique root switch for the stable spanning-tree network topology.
2. The election of a designated switch for every switched LAN segment.
3. The removal of loops in the switched network by placing redundant switch ports in a backup state.
2. The Spanning-Tree Protocol root switch is the logical center of the spanning-tree topology in a switched network. All paths that are not needed to reach the root switch from anywhere in the switched network are placed in Spanning-Tree Protocol backup mode.
3. BPDUs contain information about the transmitting switch and its ports, including switch and port Media Access Control (MAC) addresses, switch priority, port priority, and port cost. The Spanning-Tree Protocol uses this information to elect the root switch and root port for the switched network, as well as the root port and designated port for each switched segment.
1. A BPDU exchange results in the following:
1. One switch is elected as the root switch.
2. The shortest distance to the root switch is calculated for each switch.
3. A designated switch is selected. This is the switch closest to the root switch through which frames will be forwarded to the root.
4. A port for each switch is selected. This is the port providing the best path from the switch to the root switch.
5. Ports included in the Spanning-Tree Protocol are selected.
4. If all switches are enabled with default settings, the switch with the lowest MAC address in the network becomes the root switch. By increasing the priority (lowering the numerical priority number) of the ideal switch so that it then becomes the root switch, you force a Spanning-Tree Protocol recalculation to form a new, stable topology.
5. Spanning-Tree Protocol Port States
1. Propagation delays can occur when protocol information is passed through a switched LAN. As a result, topology changes can take place at different times and at different places in a switched network. When a switch port transitions directly from non-participation in the stable topology to the forwarding state, it can create temporary data loops. Ports must wait for new topology information to propagate through the switched LAN before starting to forward frames. They must also allow the frame lifetime to expire for frames that have been forwarded using the old topology.
2. Each port on a switch using Spanning-Tree Protocol exists in one of the following five states:
1. Blocking, Listening, Learning, Forwarding, Disabled
3. A port moves through these five states as follows:
1. From initialization to blocking
1. Blocking State - A port in the blocking state does not participate in frame forwarding, as shown in Figure C-5. After initialization, a BPDU is sent to each port in the switch. A switch initially assumes it is the root until it exchanges BPDUs with other switches. This exchange establishes which switch in the network is really the root. If only one switch resides in the network, no exchange occurs, the forward delay timer expires, and the ports move to the listening state. A switch always enters the blocking state following switch initialization.
2. From blocking to listening or to disabled
1. Listening State - The listening state is the first transitional state a port enters after the blocking state, when Spanning-Tree Protocol determines that the port should participate in frame forwarding. Learning is disabled in the listening state.
3. From listening to learning or to disabled
1. Learning State - A port in the learning state is preparing to participate in frame forwarding. This is the second transitional state through which a port moves in anticipation of frame forwarding. The port enters the learning state from the listening state through the operation of Spanning-Tree Protocol.
4. From learning to forwarding or to disabled
1. Forwarding State - A port in the forwarding state forwards frames, as shown in Figure C-5. The port enters the forwarding state from the learning state through the operation of Spanning-Tree Protocol.
5. From forwarding to disabled
1. Disabled State - A port in the disabled state does not participate in frame forwarding or the operation of Spanning-Tree Protocol. A port in the disabled state is virtually nonoperational.

Describe the benefits of Virtual LANs.

1. VLANs provide the following benefits:
1. Reduced Administration Costs - Moves, adds, and changes are one of the greatest expenses in managing a network. VLANs provide an effective mechanism to control these changes and reduce much of the cost of hub and router reconfiguration.
2. Controlling Broadcast Activity - Similar to routers, VLANs offer an effective mechanism for setting up firewalls in a switch fabric, protecting the network against broadcast problems that are potentially dangerous, and maintaining all the performance benefits of switching.
3. Better Network Security - You can increase security easily and inexpensively by segmenting the network into distinct broadcast groups. VLANs therefore can be used to provide security firewalls, restrict individual user access, flag any unwanted intrusion to the network, and control the size and composition of the broadcast domain.
4. Leveraging Existing LAN Hub Investments - Organizations have installed many shared hub chassis, modules, and stackable devices in the past three to five years. You can leverage this investment by using backplane hub connections. It is the connections between shared hubs and switches that provide opportunities for VLAN segmentation. 

Define and describe the function of a MAC address.

1. Media Access Control (MAC) addresses are a subset of data link layer addresses. MAC addresses identify network entities in LANs implementing the IEEE MAC sublayer of the data link layer. Like most data link addresses, MAC addresses are unique for each LAN interface. MAC addresses are 48 bits in length and are expressed as 12 hexadecimal digits: The first 6 hexadecimal digits are the manufacturer identification (or vendor code), called the Organizational Unique Identifier (OUI). These 6 digits are administered by the
   IEEE. The last 6 hexadecimal digits are the interface serial number or another value administered by the specific vendor. MAC addresses are sometimes called burned-in addresses (BIAs) because they are burned into read-only memory (ROM) and copied into random-access memory (RAM) when the interface card initializes.