Cisco CCNA Certification

Ctrl+Shift+6 then X - Allows you to open more than one telnet session.
Only the Hardware addresses change when packets go through routers.
Half duplex Ethernet - One station can only send or receive at any time.
Ethernet Frame - 64bytes Min 1518bytes Maximum.
ISL frames are 1522bytes long, this can be mistaken for Giants and lost. Have to use ISL NIC cards. On router interface use 'encapsulation isl 2' to use ISL frames on VLAN 2.
FX and SX are fibre media, 100VG-AnyLAN is twisted pair copper media.
Spanning Tree is IEEE 802.1d - created by DEC (Digital Equipment Corp).
BPDUs are Multicast frames, sent every 2 seconds. Blocked ports still receive BDPUs.
Forward delay - Time taken from listening to learning (approx 50 seconds)
Default IEEE bridge priority 32,768, used to select root bridge. If these are identical then switch with lowest MAC address is used.
ISDN Protocols - E = Telephone network standards, I = Concepts, Terminology, Q = Switching, Signalling methods.
ISDN Reference Points - R = non-ISDN device and TA, S/T = references point between NT1 and NT2, U = NT1 and ISDN network (US only)
TE1 = Device compatible with ISDN, TE2 = Device NOT compatible with ISDN, TA = Converts non ISDN signals to ISDN signals, NT1 = Converts 4 wires into 2 wire local loop, NT2 = Providers equipment (Switch, PBX)
BRI - 2 * B-channel 64kbps, 1 * D-channel 16kbps (D-channel - LAPD)
PRI (Europe, Aus) - 30 * B-channel 64kbps, 1 * D-channel 64kbps (20.48Mbps)
PRI (EUS, Japan) - 23 * B-channel 64kbps, 1 * D-channel 64kbps (1.544Mbps)
ISDN supports IP, IPX, Appletalk…
ISDN can use PPP, HDLC, LAPD, each B-channel needs a SPID
Use static routes for ISDN otherwise it will keep link open.
MAC address 48 bits (12 Hex), IPX address 80 bits.
Netware 3.11 (1983-) - ethernet_802.3/novell-ether (Cisco default on Ethernet networks), Netware 3.12 or later (1985-) - Ethernet_802.2/sap - includes LLC, Ethernet_II - arpa, Ethernet_SNAP - snap, Netware 4.11 - use sap, Netware 5 uses IP
Novell RIP - Metrics = ticks and hops (15 max), 60 sec updates (tick = 55ms / 1/18 sec)
Novell 4.11 > uses NLSP (Netware Link Service Protocol) Link State Routing
SAP - Updates 60 Secs - 4 = Netware file server, 7 = Print server, 24 = Remote bridge server
Ping Responses - U = unreachable, C = congestion, I = user interrupt,? = unknown packet type, & = lifetime exceeded
Trace Responses - N = Network unreachable, !H = Not forwarded due to ACL restriction, P = Protocol unreachable, U = Port could not be reached
Ethernet 5-4-3 rule = Between 2 nodes there can only be max 5 segments, 4 repeaters and only 3 segments must have users.
80/20 rule - 80% of traffic should be local 20% across backbone
Class 1 repeater (translational) - delay 140 secs, number you can use 1
Class 2 repeater (transparent) - delay 92 secs, number you can use 2
CSMA/CD - Used on half duplex devices
Auto-negotiate on FastEthernet checks link speed and duplex of line.
Protocol field in IP header - TCP = 6, UDP = 17, ICMP = 1, IGRP = 9
Ports - 20 FTP data, 21 FTP program, 23 - telnet, 25 - SMTP, 69 - TFTP, 53 - DNS, 80 - HTTP
Loopback address - 127.0.0.1
ACL - Standard ACL as close to destination as possible, Extended ACL as close to source as possible
IP = 1-99, Ex IP = 100-199, AppleTalk = 600-699, IPX = 800-899, Ex IPX = 900-999, IPX SAP = 1000-1099
Remember that there is an explicit ACL of 'deny all' if no statements match.
Multiprotocol routing supports more than one routing protocol, allows a router to deliver packets from several routed protocols.
Core Layer - High speed switching - free from filtering or anything which will slow packets etc.
Distribution Layer - Packet manipulation, address area segregation, broadcast domains, VLANs, security (ROUTERS), WAN access, queuing, firewalls, multicast domains, ACLs
Access Layer - End users, ACL/filters, remote access, shared bandwidth (SWITCHES), segmentation, DDR
HSSI - 52Mbps max
ATM cell size - 53bytes
Cisco LMI - DLCI - 16-1007, ANSI LMI - DLCI 16-992 (DLCI = 10bits)
LMI is a special DLCI = 1023
LMI Multicasting reserved for 1019-1022
LMI extensions - Virtual circuit status, multicasting, global addressing, simple flow control
LMI types Cisco (default), ansi, q933a. From IOS 11.2 LMI is auto-sensed
Class A - 1-126
Class B - 128.1-191.255
Class C 192.0.1-
Class D - (1110 highest order bits) - remaining bits for multicasting
Class E - (1111 highest order bits) - Reserved for future use
RIP 1 (Classful), single subnet, periodic updates of full routing table, max hop count 15
RIP 2 (Classless addressing), triggered updates, full routing table updates
Directed Broadcast - All host bits set to 1 received by all hosts on local broadcast domain.
Local Broadcast (255.255.255.255) - All bits set to 1 received by all hosts on local and remote broadcast domains.
Synchronous serial links default to HDLC on Cisco routers
VIP cards - type slot/port adapter/interface (e.g e/1/0/2) (remember first interface is 0 not 1)
IGRP Metrics - Delay, Bandwidth
Default route - ip route 0.0.0.0 0.0.0.0 172.16.20.1 - need to use 'ip classless' (Classless is enabled by default on IOS 12.x) (Only work on stub networks)
ip default-network 172.16.1.0
CDP timer default 90 secs, holdtime 240 secs
Trunked links - FastEthernet or GigabitEthernet only
Frame Tagging - ISL = Adds it's own FCS, Cisco propriety (default), IEEE 802.1q
LAN Emulation (LANE) - Used for multiple VLANS over ATM
802.10 - FDDI Frame Tagging
Hosts can only communicate between VLANS using Layer 3 devices
VTP Modes - Server (Default for Catalyst switches) Need at least one server in a VTP domain. All changes are advertised. Client - Sends and receives updates. To make a switch a server make it a client first then promote it once it's VTP database has received the latest revision. Transparent - Does not participate in VTP domain, but forwards VTP ads through trunked links. They keep their own database.
VTP adverts sent every 5 mins or when a change occurs, changes only kept by other switches if higher rev no than their current version.
VTP pruning - If a switch does not have any ports configured for VLAN 5 then it won't receive updates for it. Disabled by default. Enabled across entire domain if configured. VLAN 1 is not pruning eligible.
Config Reg - 00 Rom Monitor, 01 Boot Image from ROM, 02-F NVRAM, Bit 6 set to 1 to ignore NVRAM. Register is 16 Bits.
1900 Switch Config - enable password level 1 - usermode, level 15 - enable password.
1900 switch can have up to 64 VLANS. You cannot telnet from a switch but you can telnet into it.

RIP - Updates 30 secs, Max Hops 15, Invalid 90 secs, Flush 240 secs, metrics hops, load balance 6 equal cost links
IGRP - Updates 90 secs, max hops 255 (default 100), invalid 3x90 secs, holddown 3x90+10 secs, flush 7x90 secs, metrics bandwidth, delay, load balance upto 6 unequal cost links.
When routers are converging no data is sent.
Frame Relay - 64 kbps - 1.544 Mbps, non-broadcast multi-access encapsulation (NBMA), dynamic bandwidth allocation, congestion control. Can use PVC and SVCs, PVC more common. Virtual circuit established before data sent. Encapsulation Cisco (Default), IETF (use when connecting non-cisco routers). Static routes are more stable than IARP.
Routers are DTE devices by default, DCE interfaces need a clock rate.
Telneting uses layers 1-4 so a good test of functionality. If you type a command the router doesn't know or type and IP address it will try to resolve the name and telnet.
Bandwidth command sets cost for serial links. This is only used by routing protocols so they can 'cost' paths. Default = 1.544kbps (T1) Command is in Kbps.
Clock rate command is in bps.
HDLC - Connection-orientated, operates at the datalink layer, small overhead, no way of distinguishing network protocols. Every vendors implementation is different, NO authentication, CISCO Default over serial lines.
LAPB - Connection-orientated, datalink layer protocol, HUGE overhead, uses windowing, used instead of HDLC for error prone links.
PPP - industry standard, used when connection between different vendors devices. NCP to identify network protocol, authentication, compatible with async + sync links, operates at physical + datalink layers only. PAP - insecure authentication, CHAP auth provides initial + periodic auth. PPP compression uses stacker and predictor methods. Error detection - PPP uses quality and magic number methods. Multilink - IOS 11.1 only, spreads the load over 2 parallel circuits (bundle).
Ethernet 0 is up, line protocol is down - keepalive or framing issue, check keepalives on both sides should match, check clocking on DCE, check encapsulation on both ends.
Ethernet 0 is down, protocol is down, - carrier detect is not present, other end maybe administratively shutdown or interface or cable problem.
Ethernet 0 is administratively shutdown - the 'no shutdown' command has not been issued on the interface.
Show interface serial 0 - shows bandwidth, MTU, keepalives.
MTU default = 1500bytes.
Bandwidth default = 1.544Kbps (T1)
Keepalives default = 10 seconds.
Use a cross over cable to connect devices of the same type (e.g router Ethernet intf to router Ethernet intf)
Cross over cables swap pins 1 and 3 RD, and pins 2 and 6 TX
STP - 10-100Mbps - 100metres
ScTP - 10-100Mbps - 100metres
UTP - 10-100Mbps - 100metres
Coax - Coaxial - 500metres
Fiber - Single Mode upto 3000metres
Fiber - Multimode upto 2000metres
Connectionless protocols rely on application layer protocols for error handling and delivery.
EIGRP holds separate routing tables for IP,IPX,Appletalk, but only uses one protocol to distribute the updates.
CDP uses SNAP (Subnetwork Access Protocol) to enable neighbouring devices to exchange data.
IPX NLSP - link-state routing protocol intended to replace IPX RIP and SAP
NCP - Netware Core Protocol - Provides clients with access to server resources
IPX SAP - Sent every 60 seconds - includes all known services.
sap is Cisco default for Token Ring networks, SNAP is default for FDDI networks
VTP allows VLANs to be trunked over Ethernet, ATM, LANE or FDDI
Gigabit Ethernet using Multimode Fibre can run up to 260m
100BaseFX up to 400m
VLAN Management Policy Server - Must be configured with all hosts' MAC addresses for dynamic allocation.
Standard ping - 5*100 byte ICMP echos, time out 2 seconds
DHCP uses UDP packets
Passive interface command stops interface sending routing updates, but still receives them.
2 ways to configure VLAN membership, statically or dynamically through VLAN Management Policy Server.
ISL and Trunk protocol used to configure trunking on a switch.
Pre 10.3 IOS commands Config Net - copy config from tftp to DRAM Config Mem - copy NVRAM to DRAM
IP routing table [administrative distance/composite metric]
IPX routing table [ticks/hops]

The table below lists the administrative distance default values of the protocols that Cisco supports.

Route Source	Default Distance Values
Connected interface	0
Static route*	1
Enhanced Interior Gateway Routing Protocol (EIGRP) summary route	5
External Border Gateway Protocol (BGP)	20
Internal EIGRP	90
IGRP	100
OSPF	110
Intermediate System-to-Intermediate System (IS-IS)	115
Routing Information Protocol (RIP)	120
Exterior Gateway Protocol (EGP)	140
On Demand Routing (ODR)	160
External EIGRP	170
Internal BGP	200
Unknown**	255

* Static route pointing is always 1 regardless if it points to a next hop IP address or to an outgoing interface

ACCESS CONTROL LISTS (ACL)

Access Control Lists are used to:

Prioritise traffic
Restrict or reduce updates
Provide basic security
Block types of traffic

Access control list placement

Standard ACLs - Place as close to destination as possible.
Extended ACLs - Place as close to source of traffic as possible.

Only one ACL per port per direction is allowed.
ACL are more efficient on outbound port.
If a packet does not match the ACL statement then it will be implicitly denied.
Once a packet matches an ACL statement no other checks are made, it is permitted.

ACL IOS COMMANDS

Standard ACLs - Used to permit or deny an entire protocol suite.

The following two statements have the same effect:

Router(config)# access-list 1 permit 0.0.0.0 255.255.255.255
Router(config)# access-list 1 permit any

The following two statements also have the same effect:

Router(config)# access-list 1 permit 172.30.16.29 0.0.0.0
Router(config)# access-list 1 permit host 172.30.16.29

Extended ACLs - Used to permit or deny specific protocols

Protocol ranges are used in ACL statements to deny specific protocols. Below are the ones you will need for your CCNA.

Protocol	Range
IP	1-99
Extended IP	100-199
Appletalk	600-699
IPX	800-899
Extended IPX	900-999
IPX SAP	1000-1099

Use the following table to permit or deny specific protocols, ports or ranges of port numbers, an example ACL follows.

lt	Less than
gt	Greater than
neq	Not equal to
eq	Equal to

Router(config)# access-list 101 deny tcp 172.16.4.0 0.0.255.255 any eq 23
Router(config)# access-list 101 permit ip any any established - Established keyword used to connect with a TCP established connection.

Named ACLs

Named access control lists are another way of creating ACLs, any example follows.

Router(config)# ip access-list standard Nik
Router(config std-nacl)# deny any log - used to deny log packets.

Viewing ACLs

Router(config)# show access-lists - shows all access lists.
Router(config)# show access-list 101 - shows access list 101.
Router(config)# show ip interface - used to find out which access lists are on which interfaces.

Configuring ACLs on an interface

Router(config)# interface s1
Router(config-if)# ip access-group 1 out /in - out bound is the default.

Removal of ACLs

Router(config)# no access-list 1

Spanning Tree Protocol

The Spanning Tree Protocol was created by DEC (Digital Equipment Corporation) now Compaq. This is not compatible with the IEEE 802.1d version which Cisco use.

The Spanning Tree Protocol:

Prevents loops, loops cause broadcast storms
Allows redundant links
Resilient to topology changes
STA (Spanning Tree Algorithm) - Used to calculate loop-free path
BPDUs (Bridge Protocol Data Units) are sent and received by switches in the network every 2 seconds (default) to determine spanning tree topology.

Bridge Priority - Numerical value held by switches. All Catalyst switches are 32768
Bridge ID = MAC Address

Spanning Tree States
Blocking	No frames forwarded, BPDUs heard
Listening	No frames forwarded, listening for frames
Learning	No frames forwarded, learning addresses
Forwarding	Frames forwarded, learning addresses
Disabled	No frames forwarded, no BPDUs heard

STA - Spanning Tree Algorithm

Spanning Tree Algorithm is used to calculate a loop-free path.

All switch ports are in blocking mode to begin with. It takes approx 30 seconds until packets can be forwarded.

Step 1 : Elect Root Bridge - Lowest bridge priority, if there is a tie then switch with lowest bridge ID
Step 2 : Elect Root Ports - Locate redundant paths to root bridge; block all but on root. Root Path Cost is cumulative cost of path to root bridge. Ports directly connected to Root Bridge will be root ports, otherwise lowest root path cost used.
Step 3 : Elect Designated Ports - Single port that sends and receives traffic from a switch to and from Root Bridge - Lowest cost path to Root Bridge.

Spanning Tree Overview

There can only be one Root Bridge.
Root-Bridge ports are called 'Designated' and are set to send and receive traffic (forwarding state). All other redundant links to the root bridge are shutdown.
Blocked ports still receive BPDUs.
Convergence occurs when switches have transitioned to either forwarding or blocking states. No other data is forwarded during this time.
Forward delay - Time taken for a switch to go from Listening to Learning (50 seconds default).
IEEE default priority = 32,768, this is true for all devices running STP IEEE version.
Port Fast Mode - Immediately brings a port from blocking to forwarding state by eliminating forward delays.
Bridges can only have one spanning tree instance compared to switches which can have many.
Bridge Protocol Data Units send confirmation messages using multicast frames.

Revision Guide