Cisco CCENT
Priv Exec Mode Symbol
# Can reload switch
MAC Address
(Media Access Control) 802.3 (Ethernet) defines the MAC sublayer of IEEE Ethernet
Symbol and level of Conf
(config) - change actual config
Most Common Prefix
/64
00000000 in decimal
0
Administrative distance cost for Connected
0
What is the backbone area of OSPF
0
What are the rules for wildcard masks?
0 must match, 255 is variable (or any number) It is reverse of subnet mask to calculate
Ethernet Types
0800 = IPV4 86DD = IPV6
Normal Register
0x2102
Register to allow password reset
0x2142
Administrative distance cost for Static
1
Default max address for Port Security?
1
What VLANS can a switch with VTP use?
1 - 1005 only
Class A Range
1 - 126
Class A addresses
1 - 126
Pins of a Rollover Cable
1 -> 8 2 -> 7 3 -> 6 4 -> 5 5 -> 4 6 -> 3 7 -> 3 8 -> 1
Routing between VLAN options
1 route per interface for every VLAN VLAN Trunks Layer 3 Switcher (intervlan routing)
Straight Through Cable (GE)
1-1 2-2 3-3 4-4 5-5 6-6 7-7 8-8
Straight Through Cable (FE)
1-1 2-2 3-3 6-6
CrossOver Cable (GE)
1-3 2-6 3-1 4-7 5-8 6-2 7-4 8-5
CrossOver Cable (FE)
1-3 2-6 3-1 6-2
What are the standard acl numbers?
1-99, 1300-1999
How much does IOS Buffer
10 Commands
Private A Range
10.0.0.0 - 10.255.255.255
Administrative distance cost for IGRP
100
What are he extended Acl Numbers
100-199, 2000,2699
What standard VLANS cannot be used?
1002 - 1005
Administrative distance cost for OSPF
110
Administrative distance cost for IS-IS
115
Administrative distance cost for RIP
120
10000000 in decimal
128
Class B Range
128 - 191
Class B addresses
128 - 191
if 48 bits for GP, how many subnet and host?
16 bits for subnets, 64 bits for host
Administrative distance cost for EIGRP (External routes)
170
Private B Range
172.16.0.0 - 172.31.255.255
11000000 in decimal
192
Class C Range
192 - 223
Class C addresses
192 - 223
Private C Range
192.168.0.0 - 192.168.255.255
Show IP NAT Statistics misses counters
1st - new packet needed an entry 2nd - when no available address to hand out
How many acls can an interface have
2 only! 1 inbound, 1 outbound
Administrative distance cost for BGP (external routes)
20
TCP Header
20 bytes
Administrative distance cost for BGP (internal routes)
200
11100000 in decimal
224
Class D addresses (MultiCast)
224 - 239
What is the multicast address for ospf?
224.0.0.5
11110000 in decimal
240
Class E addresses (Experimental)
240-255
11111000 in decimal
248
11111100 in decimal
252
11111110 in decimal
254
11111111 in decimal
255
Administrative distance cost for unusable
255
How many bits to hex digit?
4 bits
How long (usually) is the global prefix?
48
Default aging time for dynamic mac address learning
5 mins
Mac Address Size
6 bytes (48bits)
How many blocks in an ipv6 address?
8
UDP Header
8 bytes
10Base-T
802.3 100 meters 10Mbps
1000Base-T
802.3ab 100 meters 1000 Mbps
10GBase-T
802.3an Copper 100m 1000 Mpbs
IEEE autonegotiate
802.3u
100Base-T
802.3u 100 meters 100 Mbps
1000Base-LX
802.3z Fibre 5km 1000 Mbps
Administrative distance cost for EIGRP (internal routes)
90
Serial Config
9600 baud No Flow Control 8 bit ASCII No Parity 1 Stop Bit
Terminal Settings
9600 bits 8 data bits no parity 1 stop bit no flow Control (9600,8,N,1,N)
Unknown IPV6 address
::
Loopback ipv6 address
::1
User Exec Mode Symbol
> No changes to config
Private Networks
A 10.0.0.0 B 172.16.0.0 - 172.31.0.0 C 192.168.0.0 - 192.168.255.0
Mode
A button that cycles the meaning of the LEDs through 3 states STAT DUPLX SPEED
What indicates autonegotiation
A in show port command
what does a wildcard mask of 0.0.0.0 match?
A single host
Unicast Ethernet Address
A term for a MAC that represents a single LAN interface
Input Errors
A total of runts, giants, no buffer, CRC, frame, overrides and ignored
Time out acls can be based on what?
Absolute Timeouts Idle Timeouts
Trunk Modes
Access - Always access Trunk - Always a trunk dynamic desirable - Only one that initiates a trunk! dynamic auto - passive, waits for a trunk (desirable or trunk has to initiate)
Connection Point to End Users
Access Switches
Acl command for standard?
Access-list X permit/deny x.x.x.x (log)
Add a remark to an acl?
Access-list X remark
Connection Closedown
Ack,Fin -> Ack <- Ack,Fin <- Ack ->
Point-To-Point WAN link
Acts like an Ethernet trunk between two Ethernet switches
How do you get logs from acl?
Add log to end of access-list
What does 802.1q do to the frame?
Adds a 4 byte header
dot1q - What does it do to the packet
Adds a 4byte header, leaves rest of packet alone!
VLAN Tagging?
Adds a header changing the underlying fram
EIGRP uses what type of IGP
Advanced distance Vector
Late Collisions
After 64th byte - mostly caused by duplex mismatch
Global Unicast Prefix
All others that are not listed
Broadcast Address
An address that means "all devices that reside on this LAN right now" (FFFF.FFFF.FFFF)
OSPF uses
Areas. Most with Area 0 as backbone
What does Neighbor solicitation do?
Asks for solicited Node addresses
DAD is run when?
At first use and each time interface is brought up
What benefits does PPP have over HDLC?
Authentication (PAP) Error detection and recovery Multi-Protocol Support
Enable Secret?
Auto encrypts password in better encryption than Service Password-Encryption
What are the recommendations for zero subnet?
Avoid use if possible Implies the use of classful routing Routers have to be configured with ip subnet zero
Show Int Errors - Giants
Bad Nic or MTU
Shown after logon
Banner EXEC
Shown before login but after MOTD?
Banner Login
What are the 3 types of Banner?
Banner Login Banner Exec Banner Motd
Shown before login?
Banner MOTD
ROM
Bootstrap
What is stored on the ROM?
Bootstrap, Post, IOS
Bridges - Collision / Domain behaviour?
Bridges create collisions domains Do NOTHING to help broadcasts
Line up and protocol up
Cable plugged in and working
Line status up but protocol is down
Can be protocol mismatch - eg serial link
How does OSPF select the router id?
Can be sent manually Or uses highest logical loopback address (of no loopbacks, highest ip address)
Configuration Mode
Can make changes
What can Cisco switches without Autonegatiate
Can sense the speed
10Base-T Cable
Cat 3
10Base-T
Cat 3 or better 100m (328 feet)
100Base-T Cable
Cat 5
100Base-T
Cat 5 UTP or better (2pairs) 100m (328feet)
1000Base-T Cable
Cat 5e / 6
1000Base-T
Cat 5e UTP or better (4 pairs) 100m (328 feet)
CSU/DSU
Channel Service Unit/Data Service Unit- what routers connect to
Fragment Free
Checks first 64KB for corruption then forwards No FCS Check
Global Routing Prefix
Chunk of addresses for public services
Secondary Addressing
Cisco specific - allow another subnet to share a layer 2 domain Downside is traffic must go through the router
RIP protocol is the only routing protocol that is...
Classful!!!
EIGRP uses what metric
Composite of bandwidth and delay. Calculated on slowest link and cumulative dela
Classfull addressing
Concept of address having 3 parts - network, subnet, and host with the mask defined by Class A,B,C
Classless addressing
Concept that the address has two parts - prefix +host - no consideration of class
OSPF Hello Messages...
Contains IP header with IP port 89 set to multicase to 224.0.0.5 have to be same subnet
Command to set running config to start
Copy Run Start
How do you set the config?
Copy Running-Config Startup-Config
Aggregates Distribution Switches in a large complex
Core
OSPF uses what metric
Cost with the default being based on interface bandwidth
Collisions
Count of total collisions
Telnet - get back to access server?
Ctrl + Shift + 6 then X
Commands to go back to enable mode
Ctrl + z or end
CPD
Customer Premises Devices-devices owned by the customer
UDP 67,68
DHCP
UDP,TCP 53
DNS
What does a SLAAC packet NOT contain?
DNS Servers
FRAME Relay cable types
DTE / DCE
OSI Layer 2
Data Link Ex. 802.3, HLDC
DCE Cable
Data communications equipment; you pick the type of cable based on which cable the router is acting as
DTE Cable
Data terminal equipment; you pick the type of cable based on which cable the router is acting as
What is the default maximum MACs in port-security? and the command to change it?
Default is 1 Switchport port-security maximum X
What are the steps to use SSH?
Define a domain name (ip domain-name) Router MUST be named Generate keys (crypto key generate RSA) Have to have username / password set
Framing
Defines the meaning behind the bits that are transmitted across a network; in other words, it defines the meaning of the bits transmitted and received over a network
Ctrl+D
Deletes a single character
Is FCS detection or correction?
Detection only
CDP details
Device Identifier - Usually Hostname Address List - Network & DLL address Port Identifier - interface on remote router/switch Capabilities - List information on type of device Platform - Model and OS Level
CRC
Did not pass FCS - can be collisions
DS0
Digital Signal Level 0-refers to the standard for a single 64 kbps line
OSPF uses what type of algorithm
Dijkstra shortest path first
Port Security Protect?
Discards offending traffic DOES NOT log DOES NOT disable the interface
Port Security Restrict?
Discards offending traffic Logs Messages DOES NOT disable the interface
Port Security Shutdown?
Discards offending traffic Logs Messages Disables interfaces (goes into err-disabled)
Banner MOTD?
Displays before Authentication
Down arrow or Ctrl+N
Displays command down, buffer
Up arrow or Ctrl+P
Displays most recently used command, buffer
3 types of IGP
Distance Vector - Bellman Ford Advanced Distance Vector - balanced hybrid Link-State
Aggregation Point for Access Switches, Forwards frames between Distribution Switches
Distribution Switches
What would a switch do if sees source and destination on same port
Drop (filter) it
Show Int Errors - Collisions
Duplex Mismatch
Show Int Errors - Runts
Duplex Mismatch
What is DAD?
Duplicate Address Detection
ISL - What does it do to the packet?
ENCAPSULATES the WHOLE packet
Who wins out of enable password & enable service
Enable Service Wins
What command do you use to set dot1q?
Encapsulation command Has to be done before sub interfaces!!
Store and Forward?
Entire Frame Stored then forwarded After FCS Check
TCP Only Features
Error Recovery Flow Control Connection Establishment Ordered data transfer Data segementation
How often are OSPF Hello packets sent
Ethernet - 10 seconds Serial etc - 30 seconds
By default how often are RA sent?
Every 200 seconds
How often do routers reload LSAs
Every 30 mins or when something changes
What is the rule with routers in ospf and the backbone?
Every other area must be connected to a router in Area 0
Name the three config modes of a switch
Exec Priv Exec Config
Command to change timeout of session?
Exec-Timeout 0 0 first 0 is mins second 0 is seconds
Set the switch timeout?
Exec-timeout 5 (mins) Can be optional seconds
Command to go back one level
Exit
What is at the end of every ACL?
Explicit Deny
What is in an ethernet trailer?
FCS
Unique Local Prefix
FD
Link Local Prefix
FE80
Multicast Prefix
FF
All IPV6 hosts multicast address
FF02::1
what is the multicast address of dhcp servers and relays
FF02::1:2
v6 DHCP relay
FF02::1:2 - all dhcp agents Router changes multicast to unicast and forwards to dhcp server
What is the solicited node address
FF02::1:FF Last six digits of unicast addresses
What do solicited node addresses begin with?
FF02::1:FF (the last 6 digits of unicast)
All Routers Only multicast address
FF02::2
What are the multicast addresses for OSPFv3
FF02::5 FF02::6
OSPFV3 Routers Multicast address
FF02::5/6 224.0.0.5 / 224.0.0.6
EIGRP Routers Multicast address
FF02::A 224.0.0.10
Router Solicitation address
FF:02::2
How is autonegotiation done?
FLP (Fast Link Pulse)
TCP 21
FTP Control
TCP 20
FTP Data
Ethernet Header & Trailer Field: Start Frame Delimiter (SFD)
Field length: 1 | Signifies that the next byte begins the Destination MAC Address
Ethernet Header & Trailer Field: Length
Field length: 2 | Defines the length of the data field of the frame (either length or type is present, but not both)
Ethernet Header & Trailer Field: Type
Field length: 2 | Defines the type of protocol listed inside the frame (either length or type is present, but not both)
Ethernet Header & Trailer Field: Frame Check Sequence (FCS)
Field length: 4 | Provides a method for the receiving NIC to determine if the frame experienced transmission errors by the sender's calculations and then comparing this to the receiving device's calculations
Ethernet Header & Trailer Field: Data and Pad
Field length: 46-1500 | Holds data from a higher layer, typically an L3 PDU (generic), and often an IP Packet
Ethernet Header & Trailer Field: Destination MAC Address
Field length: 6 | Identifies the intended recipient of this frame
Ethernet Header & Trailer Field: Source MAC Address
Field length: 6 | Identifies the sender of this frame
Ethernet Header & Trailer Field: Preamble
Field length: 7 | Synchronization
What are the three things a switch can do to traffic?
Filter It Flood it Forward it
How do you deliminate for the Banners?
First non blank character is deliminator. So use something like "
IP route Brackets
First number is administrative distance, second is metric
What are the three places device will look for IOS, in order?
Flash TFTP Server ROM
Lights - Speed Flashing Green, Solid Green, Off
Flashing Green - Gig Solid Green - Fast Eth Off - Eth
Lights - Status Flashing Green, Solid Green, Flashing Amber / Green, Solid Amber, Off
Flashing Green - Traffic Flowing Solid Green - Ports up but NO traffic Flashing A / G - Link Fault Solid Amber - STP Off - Port Down
Runts
Frames that did not meet min 64 bytes - caused by collisions
Giants
Frames that exceed 1518 bytes
How to turn CDP on/off
Global no CDP run CDP run Per interface no cdp enable cdp enable
Where can CDP be disabled?
Global and per interface
where is OPSF enabled?
Globally
Where is OSPfV3 enabled?
Globally and per interface
Lights - Duplex Green, Off
Green - Full Off - Half
Meaning of Interface is up, line protocol is down
H/w Fine. issue is logic, serial Clock for example
Default protocol for Serial?
HDLC
Wan Types
HDLC Frame relay EoMPLS
TCP 80
HTTP
OSI Layer 7
HTTP, NFS
What must you do to switch port for ROAS
Has to be set to TRUNK, routers do not negotiate trunks It also has to be dot1q or ISL Has to be min Fast Eth
Hello and Dead Timer Defaults of OSPF
Hello 10 seconds, DEAD is 4 times the hello
HDLC
High-Level Data Link Control: main goal is delivering data across the link and to check for errors and identify the packet type; defines framing
RIP-2 uses what metric
Hop count
What devices allow a collision domain to spread
Hub
Devices that require cross over Pin 3,6
Hub Switches
Transmits on Pin 3,6
Hub Switches
What is stored on Flash?
IOS (retained on reload)
what command can you use to add/remove acl numbers?
IP Access-list
Prereqs for SSH
IP Domain-Name "DNS NAME" Crypto key generate RSA IP SSH Version 2 (optional but recommended)
Set static NAT
IP NAT inside source static
Set Dynamic NAT
IP NAT pool IP NAT inside source list
PAT (overload)
IP NAT pool IP NAT inside source list overload
How do you allow use of zero subnets?
IP Subnet-zero No IP subnet-zero disables it
Set ipv6 dhcp relay address
IP dhcp relay "destination address"
Command used to set dhcp helper?
IP helper-address
Static NAT
IP mapped to public IP
DNS Commands
IP name-server - set dns server IP host - static name no IP domain-lookup - disable dns resolver
Routing Protocols
IPV4 - RIPv2 OSPFV2 EIGRP IPV6 - RIPng OSPFv3 EIGRPV6
how to make interface use EUI
IPV6 address prefix EUI
To enable IPV6 routing
IPV6 unicast-routing
Trunking Protocols?
ISL - Interswitch Link - Cisco own old one 802.1Q - Todays standard
Types of Frame Tagging
ISL - more or less obsolete dot1q - use most
Speed
If on (green) each port LED implies the speed of the port as follows Off = 10Mbps Solid Green = 100Mbps Flashing Green = 1000Mbps
STAT (status)
If on (green) implies each port LED implies that port status
DUPLX (duplex)
If on (green), each port LED implies that ports duplex setting on/green = Full off = half
What is the duplex behaviour
If speed detected is 100mb or less, set to half duplex
Frame (error)
Illegal format frames - can be collisions
Light (SYST)
Implies the overall system status Switch Off = Off All OK = Green Switch not working = Amber
Cisco Express Forwarding
Improves on Fast and Process switching by Saving data link headers used for encapsulating packets using other table, with faster lookup time, before looking at the routing table organizing table using tree structures for fast searches
Fast Switching
Improves on Process Switching by Saving data link headers used for encapsulating packets using other table, with faster lookup time, before looking at the routing table
Expanding IPV6 addresses
In each quartet add leading 0's until quartet has 4 hex digits If double colon exists, count the quartets shown & add zeros up to 8 quartets
What are the 3 address names used in NAT
Inside Local - Private IPs Inside Global - Routable IPS Outside Global -The natted version
Shortening IPV6 addresses
Inside each quartet remove the leading zeros find any string of two or more quartets of zeros & replace with double colon - can only use once!! ALWAYS PICK THE LONGEST SEQUENCE
Add a management IP
Interface VLAN 1 ip address IP ip default-gateway IP (use if ip routing disabled) ip route 0.0.0.0 0.0.0.0 (use if ip routing enabled) No shutdown
Meaning of Interface is administratively down, line protocol is down
Interface is shutdown issue no shut
Ctrl+shift+6
Interrupts the current command
How to enable IP4 routing stack
Ip Routing
IP Route permanent is used for?
Is used to tell IOS keep the route alive even if the interface goes down
What happens when using key combination to get out of telnet
It SUSPENDS the session
What changes in show ip route if using outgoing interface in static route?
It shows as directly connected
What happens if you apply an acl to an interface which already has one?
It will overwrite it
How to remember all hosts address for ipv6?
Its every 1!!! FF:02::1
TCP 3 Way Handshake
Its for Session Establishment Syn -> <- Syn/Ack Ack ->
TCP 4 Way Handshake
Its for session teardown Fin/Ack -> <- Ack Ack/Fin -> <- Ack
What can u use with Standard ACLS?
Just SOURCE IP
Enter a suspended telnet session?
Just connection number Or Resume (connection number)
What is the solicited node address?
Just hosts with last 6 hex values same as dest ipv6 address
When is (Normal Link Pulse) NLP Sent
Just normal waiting
Line status refers to
Layer 1
Protocol status refers to
Layer 2
What defines a routing protocol?
Learns routes from neighbors Advertise routes to neighbors Picks the best routes If network topology changes pick a new route e.g link fails invoke convergence
What does disabling Service Password-Encryption do?
Leaves existing passwords encrypted Any new passwords will be clear text
How to set a console Password
Line Console 0 login Password Nathan
Set a Telnet Password
Line vty 0 15 login Password Nathan
OSPF uses what type of advertisement
Link State Advertisements LSA They are stored in the LSB Command to to show it is Show IP OSPF database
OSPF and ISIS use what type of IGP
Link-State
LAN
Local Area Network: protocols that define how to network between devices that are relatively close together
OSPF process ID is what...
Locally significant only!!
what doesnt the explicit deny on an acl do?
Log, you have to add you own deny to log
Protocol is xx always refers to what?
Logical
Enable Secret - encryption level?
MD5 Hash
OSI Layer 6
MIME SSL
What is the golden rule with Mac Addresses and IPs?
Macs change, but IPS remain the same
Backspace
Moves cursor backwards deleting characters
Left arrow or Ctrl+B
Moves cursor backwards without deleting characters
Right Arrow or Ctrl+F
Moves cursor forwards without deleting characters
Ctrl+A
Moves cursor to first character of the command
Ctrl+E
Moves cursor to last character of the command
Shorter Distance Fiber (suitable for LED)
Multimode Fiber
1000Base-SX
Multimode Fiber 550m (1804.5 feet) - 50 Micron
1000Base-LX
Multimode Fiber 550m (1804.5 feet) - 50 Micron & 62.5 Micron
Does one ospf process id know the routers from another process id on the same switch?
NO
How to set router as master ntp?
NTP Master X (this is stratum number, cannot be 1)
How to set the NTP server?
NTP Server x.x.x.x
3 Places to look for Startup file, in order?
NVRAM TFTP Server Setup Mode!
What happens if one switchport set to trunk and the other end set to access
Native VLAN will pass across
What are the 3 types of methods OSPF uses to build routes?
Neighbors - Relationship between two routers Database exchange - Process of sending LSAs Adding the best routes - running SPF to calculate best routes.
OSI Layer 5
Netbios
OSI Layer 3
Network IP. ARP
Does process id have to match area id in ospf?
No
Does show running-config show VTP VLANS?
No
Encryption level of enable password by default?
No Encryption
HDLC Type Field
No but Cisco added one; Won't work with any other router that's not Cisco
Disable CDP at interface
No cdp enable
Normal / Extended VLANS?
Normal - 1 - 1005 Extended 1006 - 4094
Internal Gateway Protocols
OSPF EIGRP
What is the difference about numbers between OSPF and EIGRP
OSPF doesnt care about process number, EIGRP cares about the AS number
What is the version of OSPF for ipv6?
OSPF3
What is a major difference between ospfv2 and v3?
OSPFv3 does not need to be on same segment, OSPFv2 does
Manufacturer Code Size
OUI 3 bytes (24bits)
Lights - RPS Off, Solid Green , Flashing Green, Solid Amber, Flashing Amber
Off - No RPS or it's off Solid - Connected Flashing Green - Connected but supplying another device# Solid Amber - Standby or Fault Flashing Amber - Internal PSU failed
What mode is the default for trunks on switches?
Older switches - dynamic desirable Now - dynamic auto
Multicast Address
On Ethernet, a multicast address implies some subset of all devices currently on the Ethernet LAN (0100.5exx.xxxx)
Standard ACLs
Only do source IP
Port Security - Protect
Only drops the frame
Banner Login?
Only shown on remote connections
Ethernet Address, NIC Address, LAN Address, Hardware Address, Physical Address
Other names often used instead of MAC address. These terms describe the 6-byte address of the LAN interface card
What two options are available to define the outgoing path for a static route
Outgoing interface Ip address
Devices that require cross over Pin 1,2
PC Router WAP
Transmits on Pin 1,2
PC Router WAP
TCP 110
POP3
what are the two allowed methods of an ACL
Permit and Deny
Interface is xx always refers to what?
Physical
Meaning of Interface is down, line protocol is down
Physical connectivity issues
OSI Layer 1
Physical-defines the standards and protocols used to create the physical network and to send the bits across that network "sending bits" Ex. Ethernet
What is impossible in Show int
Physically down but logically up!
What is in an ethernet header
Preamble Start Frame Delimiter (SFD) Destination source Type Data and Pad Frame Check Sequence(FCS)
What does show ipv6 interface brief NOT show?
Prefix
What does a SLAAC packet contain?
Prefix Prefix Length Router information
what mode do you set the clock in?
Priv Exec Mode
How do you place a user straight into priv exec mode?
Priv level 15
NAT Terms
Private ->inside local Public -> inside global Outside Global -> outside public Outside local - outside private
iPV6 Unique Local
Private IPV6 addresses
IPV6 Global Unicast
Public IPV6 addresses
PCM
Pulse Code Modulation-defines that an incoming analog voice signal should be sampled 8000 times per second, and each sample should be represented by an 8-bit-code
What does Switchport Nonegotiate do?
Puts port in permanent trunk mode but IGNORES DTP messages
OSPF Passive interfaces..
Quit sending hello messages ignore hellos received do not form neighbor relationships it still advertises the subnet
What type of packet is SLAAC?
RA
How does OSPF choose its RID?
RIDS are a 32 bit number If router-id is used - use that (manually) Any loopback address that is up, use highest numerical one otherwise highest numeric IP which are up but maybe not connected. E.g not shutdown RID is chosen at initialization e.g reload or clear ip ospf process
IPV6 Routing Protocols
RIPNG EIGRPV6 OSPFV3 MP BGP-4
4 types of storage in a Cisco Device
ROM Flash RAM NVRAM
How do you discover a router
RS packet sent to FF:02::2 router will respond with an RS IF the host has an ip, it will be unicast if no address response will be multicast to FF:02::1
Cut-Through
Reads MAC, then begins to forward No FCS Check
Store & Forward
Receives full frame before forwarding
Ctrl+R
Redisplays the command line with all characters
What do OSPF hello packets do?
Remind routers they are there allows neighbors to find each other
What dont hubs do with Auto negotiate
Respond to Auto-Neg messages, must be half duplex
Telnet Commands
Resume command to swap sessions Ctrl+shift+6 to disconnect
How to configure OSPF
Route OSPF (process id) Router ID Configure IP as loopback address network ip address wildcard-mask area commands Review this in book
What devices allow separation of broadcast domains
Router
Process a router goes through to get that of an address for a client
Router responds to ARP request with a Proxy Arp When the host talks to the router, the packet will be IP address of destination Host Mac Address of router interface
Symbol and level of Priv Exec Mode
Router# can reload! debug etc
Symbol and level of Exec Mode
Router> can ping, show etc
What is important about routers and trunking?
Routers DO NOT negotiate trunking!
Common mistake with OSPF
Routers HAVE to be on same network segment
How does a route work?
Routes compare IP to subnet ID and mas in routing Forwards to next hop address of interface
What is stored on RAM?
Routing info Running Config Lost at reload
What does show version list?
Run time Why last loaded IOS image Interfaces installed NVRAM RAM Flash Memory
How do you enable routing on a Layer 3 switch
SDM Prefer lanbase-routing (needs a reload) enable routing (no reload)
To enable routing at hardware level on supported switches
SDM prefer lanbase-routing Reload switch
TCP 25
SMTP
UDP 161
SNMP
TCP 22
SSH
TCP 443
SSL
What is the name for a vlan ip on layer 3 switches
SVI
Dynamic NAT
Same as static but mapping is automatic Uses a pool of IPs Clears IP Nat Translation - clears dynamic entries
What's a TCP PDU called
Segment L4PDU
Duplicate Address Detection (DAD)
Sends NS with address it wants to use IF NA response - duplicate If no NA response - can use address
How does DAD Work?
Sends an NS If it receives a response, duplicate address If no response, can use the address
NDP Route solicitation (RS)
Sent to all routers FF02::2
Router Advertisement (RA)
Sent to the unicast of the host in response to a RS FF02::1
Bridges
Separates Collision Domain
Enable a router as dhcp Server
Service DHCP IP DHCP Pool "name" -> this then takes you into dhcp config Network x.x.x.x /x
Encrypt Password
Service Password-Encryption Immediately encrypts passwords Any new password will be encrypted
CDP Status commands
Show CDP - Show if CDP is enabled globally and timers Show CDP interface - show if CDP is enabled per interface & timers Show CDP Traffic - lists global stats for CDP advertisements sent/received
CDP Commands
Show CDP Neighbors - one summary line about each neighbor Show CDP Neighbors detail - 15 lines per neighbor Show CDP Entry Name - as the detail command but just one neighbor
See CDP switches?
Show CDP neighbors
Show cdp stuff?
Show CDP traffic Show cDP neighbor int detail
History Buffer Commands
Show History History Size X Terminal History Size X
To check NAT config
Show IP NAT translations Show IP NAT statistics
OSPF Show Commands
Show IP OSPF interface Brief - lists all interfaces - even passive ones Show IP ospf interface - a single line mentions if its passive
See Status of SSH
Show IP SSH Show SSH
DHCP Show Commands
Show IP dhcp binding - lists info about each leased IP Show ip dhcp pool - lists config plus stats Show ip dhcp server statistics - list dhcp stats does not list exclusions - global command Show ip dhcp conflict - shows how address were added e.g arp or ping
IPV6 show commands
Show IPV6 interface brief Show ipv6 interface
commands to see ospfv3 info
Show IPv6 route ospf Show IPv6 ospf database Show IPv6 ospf neighbor Show IPv6 ospf interface x (brief)
How do you show the mac address table?
Show MAC - Address-table
See macs?
Show Mac address-table or show mac address-table dynamic
View NTP server info?
Show NTP associations
VLAN Troubleshooting
Show VLAN Brief (lists VLANs not Trunks!) Show VLAN Show VLAN ID X - shows both trunks and access ports
How do you view acls?
Show access-list
how do i see list of commands i have used?
Show history
how do you see the neighbors table of ipv6
Show ipv6 neighbors Expect to see a route for the router, this is different to ipv4
Troubleshooting OSPF commands (ipv6)
Show ipv6 ospf - show process Show ipv6 protocols - shows protocols Show ipv6 ospf interface - shows enabled interfaces Show ipv6 ospf interface brief show ipv6 ospf neighbor - lists neighbors show ipv6 ospf database - lsdb summary show ipv6 route ospf - ospf learned routes.
IPV6 routing show
Show ipv6 route "address" Shows which route would be used to reach the address
View telnet sessions?
Show sessions
Banner Exec?
Shows at exec mode, so immediately at console After logon on telnet
Administratively Down means only one thing...
Shut Down
Port Security Violation Modes
Shutdown Restrict Protect
Default violation mode for port security?
Shutdown (err-disabled)
How do you enable a shutdown port in port-security?
Shutdown then no shutdown
Port Security - Shutdown
Shuts port, transmits error to logs
NAT Overload (PAT)
Single IP overloads using Ports
1000Base-LX (9 micron)
Single Mode Fiber 5km (3.1 miles)
Longer Distance Fiber for Laser
Single mode Fiber
What are the 4 packets involved in DHCPV6
Solicit -> <- Advertise Request -> <- Reply
Extended ACLs
Source & Destination IP Source & Destination Port
NS packet makeup
Source is link-local of Host A Destination is multicase of Host B
How to create an EUI address
Split the 6 byte (12 hex digit) MAC into two halves Insert FFFE between the two. This makes 16 hex digits Invert 7th bit of int ID
Process Switching
Standard Switching
Where to places acls?
Standard acls - place close to destination Extended acls - place close to source
Cut-Through
Starts forwarding as soon as possible. Can propogate errors as doesn't receive FCS in time
What is stored in NVRAM?
Startup Config retained on reload
What are the two types of DHCP V6
Stateful Stateless (SLAAC)
DHCPv6 features
Stateful - same as ipv4 version EXCEPT FOR No router info given DORA is replace with Solicit, Advertise, Request, Reply Stateless used for SLAAC
How do macs show managed by port-security
Static
3 types of NAT mode?
Static - 1 to 1 mapping Dynamic - 1 to pool mapping PAT - port based, most common
Enable Password?
Stores password in clear text, only encrypted if use Service Password-Encryption
Flash Memory
Stores the IOS images
What are subinterfaces used for?
Subinterfaces are used to add multiple virtual interfaces on a vlan
How do you enable port security?
Switch Port-security on interface
Show Int Errors - Overruns or Throttles
Switch too busy
Names for the Mac Address Table
Switching table Context Address Memory
How to configure Port Security?
Switchport mode Access / Trunk Switchport port-security
To enable 802.1Q trunking
Switchport trunk encapsulation dot1q or isl
Connection Establishment
Syn Syn,ACK ACK
Out of TCP/UDP, which does Windowing?
TCP
OSI Layer 4
TCP , UDP
POP Port
TCP 110
FTP Transfer Port
TCP 20
FTP Control
TCP 21
SSH Port
TCP 22
Telnet Port
TCP 23
SMTP Port
TCP 25
HTTPS Port
TCP 443
HTTP Port
TCP 80
What must u use to be able to use port numbers in an ACL
TCP or UDP and Extended ACL
DNS Ports
TCP/UDP 53
UDP 69
TFTP
How do you enable IPV6 routing?
TWICE! once at global with ipv6 unicast-routing once at interface by applying an IP
How do you apply the EUI Rules?
Take the MAC address chop it in half Put in FFEE write out the first two digits in hex invert the 7th bit reapply value as first two digits
TCP 23
Telnet
Gateway of last resort is..
The "choosen" default route
Burned-in Address
The 6-byte address assigned by the vendor making the card (Also called Universally Administered Addresses (UAA))
What is the subnet-router anycast address?
The all zeros address in a host prefix It is reserved!
IEEE 802.3 standard defines
The location of the destination address field inside the string of bits sent across the Ethernet
What should the native vlan of the trunk be set to in ROAS
The physical interface should be same at both ends
Using ROAS, what does the hosts DG need to be set to?
The sub interface address
What do hubs do in relation to duplex?
They DO NOT respond to Negotiation messages, so will always be mismatched
What is special about link-local packets
They are NOT routed
How are trunk ports displayed in Show VLan?
They are NOT! the ports will be missing
Where are excluded address in cisco DHCP
They are outside the DHCP Pool
Routers do what with RA for themselves
They do not list them
What are unique-local unicast addresses?
Think the Private IP ranges All Begin with FD00:: /8
NA (neighbor advertisement)
This answers an NS with the MAC address of the host
How can debug be monitored
Through the terminal window
What additional command is used for a time based acl?
Time Range
what other types of ACLs are there?
Time based Dynamic
Where are OSPF Changes sent?
To the DR then to BR
Output Errors
Total Errors
Packet Output
Total Packet Count
VTP Modes
Transparent / Server / Client
Support Telnet & SSH
Transport Input All
Support No remote access protocols
Transport Input None
Support only SSH
Transport Input SSH
Support Telnet
Transport Input Telnet
SNMP Port
UDP 161
Syslog
UDP 514
DHCP V6
UDP 546/547
DHCP Port
UDP 67/68
TFTP Port
UDP 69
Link Local address points features
Unicast Local link only Auto generated Used commonly for overhead protocols FE80 prefix
What packet type will a switch use to forward to an unknown MAC
Unknown unicast
How long does debug stay enabled
Until user turns it off or switch reload Undebug All No debug All
Best Practice for Router Security
Use enable secret instead of enable password Use Radius Disable Telnet Disable HTTP service Disable CDP on ports to untrusted networks Disable both tcp/udp small services
Match a single host with extended acl?
Use host in command line
What happens if Autonegotiate fails
Use the slowest speed If speed is 10/100 use half duplex if 1000 use full duplex
To use Username / Password combination
User Login Local
AAA Authentication access modes
User to Switch Access -> SSH Switch to AAA Server -> RADIUS / TACACS
Show Int Errors - No Buffers?
Usually broadcast storm
How do you create VLAN?
VLAN X Name "Name" Interface "Int ID" Switchport Mode Access Switchport access VLAN X
Places that need separate IP subnets
VLANS P2P Serial Links EoMPLS Frame Relay PVC
Reasons a switch may prevent VLANS crossing switches?
VLANs has been removed from allowed list VLAN does not exist VLAN is administratively shutdown VLAN has been pruned by VTP STP has placed the trunk in block
VTP Client Mode
VLANs not kept, reloads from VTP
How do you disable VTP
VTP Mode Transport VTP Mode Off
VTP Server Mode
Vlans can be created, modified and deleted. Advertises its changes
VTP Transparent mode
Vlans can be created, modified and deleted. DOES NOT advertise its changes DOES forward VTP info from other switches
Dynamic Desirable
Wants to be a trunk port, will actively throw itself at the other port
Service Password-Encryption
Weak!!
What are the rules of Service Password Encryption?
When applied it immediately encrypts all existing passwords Will continue to encrypt new passwords while applied When removed it will stop encryption new ones but leave existing ones encrypted
When does an ACL stop?
When it finds its first match?
WAN
Wide Area Network: protocols that define how to network between devices that are relatively far apart
Dynamic Auto
Will become a trunk only if a Desirable one or static trunk initiates it
Trunk
Will become a trunk with anything put an access port!
What does EUI do if no MAC address i.e serial
Will choose the lowest numbered router interface
How do you erase NVRAM?
Write Erase (Old Command) Erase Startup-Config (Old Command) Erase NVRAM (Use this one)
What is different for named ACLS?
You HAVE to use IP access-list NOT access-list
To disable auto netgotiate
You have to configure both Speed & Duplex
What happens with OSPFv3 if no OSPFv2 is running
You would need to set the router-id to set the RID
What do you use to an acl to VTY?
access-class
IPV6 is....
an address of eight sets of four hex digits
OSPF Hello messages...
are sent on the hello interval
Neighbor Solicitation (NS)
asks for a host with a particular address (think arp) to send back an NA sent to solicited node address
where do you see the config register?
at the end of show version
Routing by link local address requires what?
both address and outgoing interface
What do you do work out route summarization
break ranges into binary and look for last common bit
Any address not beginning with FD is..
considered Global Unicast
lease count for dhcp is in....
days.
What is the default action behaviour for port-security? and command to change it?
default is shutdown switchport port-security violation (protect / restrict / shutdown)
OSPF command to advertise default route
default-information originate
How do you send a default route with OSPF
default-information originate Add ALWAYS to add it if its not in the remote routers routing table
Ctrl + D
delete one character
How do you disconnect a telnet session
disconnect (connection number)
OPSFV3 config command?
does not use network command uses sub interface
Where are exclusions set in dhcp?
done at dhcp global level
Port Security - Restrict
drops the frame, sends to logs
What is the default trunk mode?
dynamic auto
How often does VTP advertise?
every 5 mins
what does a wildcard mask of 255.255.255.255 match?
everything!
Show Interfaces X switchport
identifies the access VLAN & voice VLAN plus configured & operational mode of trunk
How do you spot an EUI Address?
if end of link-local matches the ip address, its an EUI
NVRAM
initial Startup Config
protocol down and line down
interface is NOT shutdown but physical layer issue. no cable or device at other end turned off
Add an acl to an interface?
ip access-group x in/out
default route is...
ip route 0.0.0.0 0.0.0.0 and outgoing interface
To set an ipv6 address
ipv6 address "address"/Prefix
Set interface to SLAAC
ipv6 address autoconfig
Set interface to use DHCP (ipv6)
ipv6 address dhcp
Set ipv6 default route
ipv6 route ::/0 "interface id"
how do you set the equivalent of the default route for ipv6
ipv6 route ::/0 (next hop address)
Pattern to subnets?
is 256 minus the mask e.g 256 - 128 = 128 256 - 192 = 64
What is a /32 address on a router?
it's a route for its own IP
how do you name a static route
just add name "name" at the end of the ip route command
SLAAC features
learns prefix via NDP RS/RA Choose IP Uses DAD Use NDP to get default route Use stateless dhcp to get dns servers
Show mac address-table
lists mac & vlan ip - useful in exams if no other commanda
Neighbor Advertisement (NA)
lists sender address as target with MAC sent to the unicast address of the host who sent the NS
how do you get console to stop interrupting?
logging synchronous
How do you get the terminal message to put the command on the next line after message?
logging synchronous - for console you have to be in line console 0
login vs login local
login local uses username and password login just password
Esc + b
move back one word
Ctrl + F
move forward one character
Esc + f
move forward one word
Ctrl + E
move to end of command
Ctrl + a
move to front of command
Ctrl + b
moves back one character
Disable CDP Globally?
no CDP run CDP is enabled by Default
How do you stop the switch interrupting terminal messages?
no logging console
Where do sub interfaces show?
on Show VLANs
Show interface status
only one to show duplex / speed settings!
how can you disable ospf on an interface
passive-interface int X or Passive-interface default (for all)
Administrative distances are..
per router and not shared Lowest numbers
Administratively down and Protocol down
port has been shut down
how do you set the exec level of a command
priv exec level x "command"
On router sub int you can
put ip on physical interface or dot1q
Fragment Free
receives first 64kb before forwarding
How does OSPFV3 generate its router-id
same as ospf
To detect conflicts in dhcp
server uses ping client uses arp
Set up static nat
set an interface to inside - ip nat inside set the outgoing to outside - ip nat outside set up nat ip nat inside source static x.x.x.x x.x.x.x.x
set up PAT
set an interface to inside - ip nat inside set the outgoing to outside - ip nat outside create an access-list (e.g 5) set up nat ip nat pool natpool x.x.x.x x.x.x.x (range of addresses) ip nat inside source list 5 int serial0 overload Use the outgoing interface instead of IP!
set up dynamic nat
set an interface to inside - ip nat inside set the outgoing to outside - ip nat outside create an access-list (e.g 5) set up nat ip nat pool natpool x.x.x.x x.x.x.x (range of addresses) ip nat inside source list 5 pool "natpool"
encapsulation command on a router?
sets the vlan not the sub int ip (check)
how do you see a description of interfaces
show int descriptions
to see trunk info?
show interfaces trunk show interfaces switchport
how do you show all interfaces
show ip int brief
See NAT info?
show ip nat translations show ip nat statistics
How do you check the status of ospf on an interface
show ip ospf int x
What can you use with Extended ACLS?
source, destination, ports and protocol
Light (RPS)
suggests the status of the extra power supply
To disable trunking negotiation
switchport nonegotiate
Predefine MACs in port-security?
switchport port-security mac-address
How to configure "stick" MACs in port-security?
switchport port-security mac-address sticky
BGP is...
the only EGP protocol used today (exterior gateway protocol)
What must you remember on an extended acl?
to put an any any on deny or allow (if needeD)
where does the prefix / need to be
up against the IP
Creating a local unicast address
use FD as first 2 hex digits add unique 40 bit global id - gives a 48 bit Next 16 bits are subnet 64 bits for interfaces
Named ACLS
use acl subcommand NOT global can edit individual lines
How do you go back to enable mode
use end or Ctrl+z
How do you move from interface to global config
use exit
What masks do acls use?
wildcard Masks
RAM
working storage running config lives here
