CCNA Facts
From Datateknik
Contents |
CCNA 1 -- Net Fun
Confreg -- Configuration Register
Default 0x2102
rommon 1> confreg 0x2142 - disable startup-config rommon 2> reset enable copy startup running conf t enable secret cisco line con 0 password cisco login ! router(conf)# config-register 0x2102 - enable startup-config
PUTTY and TeraTERM
- Putty: Ctrl-Break sends break-signal Source: putty-wishlist OR right-click on the header of putty / Special Commands / Break.
- TeraTERM: Control-menu -> Send break (sometimes Alt-B)
cisco.com standard break-key sequences
PDU: Ethernet
min 64 bytes max 1522 (was 1518 before VLAN's)
(From CCNA1 9.3.1)
PDU: HDLC
PDU: PPP - Point-to-pint protocol
(from 2.2.5 ccna4) LCP Packet Codes:
| LCP Code: | LCP Packet Type: | Description: |
|---|---|---|
| 1 | Configure-Request. | Sent to open or reset a P P P connection. Configure-Request contains a list of LCP options with changes to default option values. |
| 2 | Configure-Ack. | Description: Sent when all the values of all the LCP options in the last Configure-Request received are recognized and acceptable. When both P P P peers send and receive Configure-Acks, the LCP negotiation is complete. |
| 3 | Configure-Nack. | Sent when all the LCP options are recognized, but the values of some options are not acceptable. Configure-Nack includes the offending options and their acceptable values. |
| 4 | Configure-Reject. | Description: Sent when LCP options are not recognized or not acceptable for negotiation. Configure-Reject includes the unrecognized or non-negotiable options. |
| 5 | Terminate-Request. | Optionally sent to close the P P P connection. |
| 6 | Terminate-Ack. | Sent in response to the Terminate-Request. |
| 7 | Code-Reject. | Sent when the LCP code is unknown. The Code-Reject message includes the offending LCP packet. |
| 8 | Protocol-Reject. | Sent when the P P P frame contains an unknown Protocol ID. The Protocol-Reject message includes the offending LCP packet. Protocol-Reject is typically sent by a P P P peer in response to a P P P NCP for a LAN protocol not enabled on the P P P peer. |
| 9 | Echo-Request. | Optionally sent to test the P P P connection. |
| 10 | Echo-Reply. | Sent in response to an Echo-Request. The P P P Echo-Request and Echo-Reply are not related to the ICMP Echo Request and Echo Reply messages. |
| 11 | Discard-Request. | Optionally sent to exercise the link in the outbound direction. |
PPP Configuration Options (from 2.3.1 CCNA4) Authentication, Compression (Stacker/Predictor), Error detection, Multilink, PPP Callback
PDU: Frame-Relay
TCP and UDP ports
21 FTP-control (20 ftp data) 22 SSH 23 Telnet 25 Mail (SMTP) 53 DNS (UDP för frågor, TCP för databasöverföringar) 143 IMAP
MUA etc ...
Subnetting Numbers
/24 255.255.255.255.0 254 usable addresses /25 .128 126 usable addresses /26 .192 62 usable addresses /27 .224 30 usable addresses /28 .240 14 usable addresses /29 .248 6 /30 .252 2 /31 .254 0 /32 .255 0
http://Glosor.eu slash->mask (user:cisco, pass:cisco)
CCNA 2 -- Routing
| RFC1918 name | IP address range | number of addresses | classful description | largest CIDR block (subnet mask) | host id size |
|---|---|---|---|---|---|
| 24-bit block | 10.0.0.0 - 10.255.255.255 | 16,777,216 | single class A network | 10.0.0.0/8 (255.0.0.0) | 24 bits |
| 20-bit block | 172.16.0.0 - 172.31.255.255 | 1,048,576 | 16 contiguous class B network | 172.16.0.0/12 (255.240.0.0) | 20 bits |
| 16-bit block | 192.168.0.0 - 192.168.255.255 | 65,536 | 256 contiguous class C network | 192.168.0.0/16 (255.255.0.0) | 16 bits |
Table: Routing Protocol Comparizon
| Question | RIPv1 | RIPv2 | EIGRP | OSPF | BGP |
|---|---|---|---|---|---|
| Administrative Distance | 120 | 120 | 90 170 for external (ie default-route) |
110 | eBGP 20 iBGP 200 9.1.8 |
| Class | Classful | Classless | Classless | Classless | Classless |
| Default Route | ip route 0.0.0.0 0.0.0.0 DEST Default-information originate |
ip route 0.0.0.0 0.0.0.0 DEST Default-information originate |
ip route 0.0.0.0 0.0.0.0 DEST redistribute static |
ip route 0.0.0.0 0.0.0.0 DEST Default-information originate | |
| Send Address | 255.255.255.255 7.2.4 |
224.0.0.9 01-00-5E-00-00-09 7.2.4 |
224.0.0.10 01-00-5E-00-00-0A 9.1.2 |
All OSPF Routers 224.0.0.5 01-00-5E-00-00-05 All DR Routers 224.0.0.6 01-00-5E-00-00-06 11.1.2 | |
| Packet type | RIP-UDP-IP UDP har protocol nr 17 |
RIP-UDP-IP | EIGRP-RTP-IP RTP protocol nr 88 (dec) |
OSPF-IP OSPF has IP protocol nr 89 |
TCP prot# 6 |
| Must Match | AS# = Proces ID (9.2.2) K-value mismatch (unconfirmed) Subnet-mask (src: blog !!) |
Area ID Timers (HELLO etc) Network-type (included??)
| |||
| Timers | Update 30s Invalid 180s (route reatined) Flush 240s (R. deleted) Holddown 180s RIP_JITTER -0% - -15% |
>T1: 5 secs HELLOs <=T1: 60 secs HELLOs HoldTime = 3xHELLO |
DefaultHELLO=10secs NBMA+P2P HELLO=30secs DeadTimer= 4xHELLO | ||
| Spezials | no auto-summary !! HOW TO SET VERSION 2 |
-if)# ip sum-addr eigrp 100 192.168.0.0 255.255.128.0 -if)# ip bandwidth-perc eigrp AS# %% |
loopback-if)# ip ospf network-type point-to-point | ||
| Security | ? | ip rip authentication key-chain NAME ip rip authentication mode { text ¦ md5 } |
-if)# ip authentication mode eigrp <AS> md5 -if)# ip authentication key-chain eigrp <AS> <key-chain> |
-if)# ip ospf authentication message-digest -if)# ip ospf message-digest-key 1 md5 FooBar |
OSPF cost
In general, the path cost is calculated using the following formula:
10^8 ÷ Bandwidth
Using this formula, the default path costs were calculated as noted in the following list. If these values do not suit your network, you can use your own method of calculating path costs.
| Link Type | OSPF Cost |
|---|---|
| •56-kbps serial link | Default cost is 1785 |
| •64-kbps serial link | Default cost is 1562 |
| •T1 (1.544-Mbps serial link) | Default cost is 65 |
| •E1 (2.048-Mbps serial link) | Default cost is 48 |
| •4-Mbps Token Ring | Default cost is 25 |
| •Ethernet | Default cost is 10 |
| •16-Mbps Token Ring | Default cost is 6 |
| •FDDI | Default cost is 1 |
more more
CCNA 3 -- Switching + Wireless
Encryption types
Type 0, which is a cleartext password, cisco type 5, MD5 Message Digest 5, $1$iUjJ$cDZ03KKGh7mHfX2RSbDqP. Type 7, which uses the algorithm from the Vigenère cipher 07362E590E1B1C041B1E124C0A2F2E206832752E1A01134D
Standards
802.1D common spanning tree 802.1w RSTP 802.1 802.2 LLC (not commonly used, mainly Novell) 802.3 Ethernet 802.3af PoE 802.5 TokenRing
802.15.3 PAN: Bluetooth 802.11 LAN 802.11 MAN: 802.16 MAN: IEEE WirelessMAN 802.20 MAN: Mobile Broadband Wireless Access (MBWA) GSM CDMA Code division multiple access Satellite
802.11a 54Mb/s 5 Ghz OFDM Range: 35 meter=150feet 23 non overlapping channels 802.11b 11Mb/s 2.4 GHz DSSS= 1, 2, 5.5, 11MB/s 35 meter 3 non overlapping channels (ch1, Ch6, Ch11) 11channels in EU, 13 in US 802.11i = WPA2 * AES Encryption, * 802.1x Authentication, * Dynamic key management, * WPA2 is the Wi-Fi Alliance's implementation of 802.11i
LEAP PEAP EAP-FAST
802.11g 54Mb/s 2.4 GHz OFDM= 6, 9, 12, 18, 24, 48, 54Mb/s 35 meter 3 non overlapping channels 802.11n 248Mb/s theoretical max (?) 70 meter=230feet IBSS Independent BSS = ingen accesspunkt; kallas ad-hoc BSS Basic Service Set = En accesspunkt ESS Extended Service Set = Flera accesspunkter i samma trådade nätverk, should have 15% overlap JoinProcess(association)=1:Probing, 2:Authentication, 3:Association
Table: [ Common | Rapid | Multiple ] Spanning Tree Comparizon
| Question | Common STP | Rapid STP | MSTP | x y z
|
|---|---|---|---|---|
| States | Blocking XX sec Listening 15 sec Learning 15 sec Forwarding (Disabled) 5.2.5 |
Discarding Learning Forwarding (Disabled) 5.4.6 |
. | . |
| Default Values |
BridgePrio 32768 PortPri 128 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec root primary -4096 root secondary=28672 BridgePrioSteps 4096 |
|||
| Topology Change | TCA and TCN (5.3.5) |
yada yada
STP link costs (IEEE)
| Link Speed | Cost (Revised IEEE) | Cost (Previous IEEE) |
|---|---|---|
| 10Gb/s | 2 | 1 |
| 1Gb/s | 4 | 1 |
| 100Mb/s | 19 | 10 |
| 10 Mb/s | 100 | 100 |
Ethernet
Ethernet frames with a value of 1 in the least-significant bit of the first octet<ref group=note>On Ethernet, the least-significant bit of an octet is the first to be transmitted. A multicast is indicated by the first transmitted bit of the destination address being 1.</ref> of the destination address are treated as multicast frames and are flooded to all points on the network. While frames with ones in all bits of the destination address (FF:FF:FF:FF:FF:FF) are sometimes referred to as broadcasts, Ethernet network equipment generally does not distinguish between multicast and broadcast frames. Modern Ethernet controllers filter received packets to reduce CPU load, by looking up the hash of a multicast destination address in a table, initialized by software, which controls whether a multicast packet is dropped or fully received.
| Ethernet multicast address | Type Field | Usage |
|---|---|---|
| 01-00-0C-CC-CC-CC | 0x0802 | [[1]] (Cisco Discovery Protocol), VTP (VLAN Trunking Protocol) |
| 01-00-0C-CC-CC-CD | 0x0802 | Cisco Shared Spanning Tree Protocol Address |
| 01-80-C2-00-00-00 | 0x0802 | Spanning Tree Protocol (for bridges) IEEE 802.1D |
| 01-80-C2-00-00-08 | 0x0802 | Spanning Tree Protocol (for provider bridges) IEEE 802.1AD |
| 01-80-C2-00-00-02 | 0x8809 | Ethernet OAM Protocol IEEE 802.3ah (A.K.A. "slow protocols") |
| 01-00-5E-xx-xx-xx | 0x0800 | IPv4 Multicast (RFC 1112) |
| 33-33-xx-xx-xx-xx | 0x86DD | IPv6 Multicast (RFC 2464) |
Security
WEP Wired Equivalent Privacy
WPA Wi-Fi Protected Access
TKIP Temporal Key Integrity Protocol (based on same cipher as WEP; RC4 )
DES is a symmetric cryptographic algorithm,
RSA is an asymmetric (or public key)
AES Advanced Encryption Standard
PSK or PSK2 with TKIP is the same as WPA
PSK or PSK2 with AES is the same as WPA2
EAP Advanced Encryption Standard, assumes protected channel for setup, [i.e. password sent unprotected /Robert ] PEAP Protected EAP - uses Transport Layer Security (TLS) [TLS predecessor is SSL] LEAP Atentication similar to WEP, cisco propr. protocol
Cisco's response to the weaknesses of LEAP suggests that network administrators either force users to have stronger, more complicated passwords or move to another authentication protocol also developed by Cisco, EAP-FAST, to ensure security.
EAP-FAST Flexible Authentication via Secure Tunneling (Wikipedia: EAP-*)
CCNA 4 -- WAN
Frame Relay
Encapsulation frame-relay [ cisco | ietf ] Frame-relay map ip 1.2.3.4 102 broadcast cisco
Three incompatible LMI-types: cisco, ansi & q933a (default= router autosenses FR-switch's LMI-type
frame-relay lmi-type [ cisco | ietf | q933a ] keepalive 10 <-- Default
DLCI
0 - 15, 992 - 1023 DEFINED 0 LMI (ANSI, ITU) 1023 LMI (cisco)
| 8 bits | 16 bits | 8 bits | 8 bits | 8 bits | 8 bits | Variable | 16 bits | 8 bits |
| Flag | LMI DLCI | Unnumbered IE | Protocol Descriminator | Call Reference | Message Types | IEs | FCS | Flag |
IE=Information Element
Network discovery
cnap-brouter3560#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 193.10.191.161 to network 0.0.0.0
O 193.10.193.0/24 [110/2] via 193.10.191.161, 7w0d, GigabitEthernet0/1
O 193.10.192.0/24 [110/2] via 193.10.191.161, 7w0d, GigabitEthernet0/1
C 192.168.28.0/24 is directly connected, Vlan28
O 192.168.193.0/24 [110/2] via 193.10.191.161, 7w0d, GigabitEthernet0/1
O 193.10.195.0/24 [110/2] via 193.10.191.161, 7w0d, GigabitEthernet0/1
O 193.10.194.0/24 [110/2] via 193.10.191.161, 7w0d, GigabitEthernet0/1
C 192.168.25.0/24 is directly connected, Vlan25
193.10.197.0/27 is subnetted, 3 subnets
O 193.10.197.0 [110/2] via 193.10.191.161, 7w0d, GigabitEthernet0/1
O 193.10.197.32 [110/2] via 193.10.191.161, 7w0d, GigabitEthernet0/1
O 193.10.197.96 [110/2] via 193.10.191.161, 7w0d, GigabitEthernet0/1
140.166.0.0/32 is subnetted, 1 subnets
O E2 140.166.199.24 [110/20] via 193.10.191.161, 7w0d, GigabitEthernet0/1
C 192.168.24.0/24 is directly connected, Vlan24
-------------------
cnap-brouter3560#show cdp neighbors
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone
Device ID Local Intrfce Holdtme Capability Platform Port ID
cnap-B113h.cnap.hv.se
Gig 0/5 144 S I WS-C2950T Gig 0/2
cnap-B118d.cnap.hv.se
Gig 0/9 122 S I WS-C2960S Gig 1/0/24
cnap-B112c.cnap.hv.se
Gig 0/3 140 S I WS-C2950T Gig 0/2
cnap-B130b.cnap.hv.se
Gig 0/13 142 S I WS-C2950T Gig 0/2
cnap-B125c.cnap.hv.se
Gig 0/11 123 S I WS-C2950T Gig 0/2
cnap-B114c.cnap.hv.se
Gig 0/7 141 S I WS-C3560- Fas 0/24
cnap-B114b.cnap.hv.se
Gig 0/8 152 S I WS-C2960- Gig 0/2
Switch Gig 0/4 170 S I WS-C2950- Fas 0/12
c2960l.cnap.hv.se
Gig 0/28 179 S I WS-C2960G Gig 0/24
c2960j.cnap.hv.se
Gig 0/24 154 S I WS-C2960G Gig 0/24
c2960j.cnap.hv.se
Device ID Local Intrfce Holdtme Capability Platform Port ID
Gig 0/23 146 S I WS-C2960G Gig 0/23
c2960j.cnap.hv.se
Gig 0/22 144 S I WS-C2960G Gig 0/22
c2960j.cnap.hv.se
Gig 0/21 141 S I WS-C2960G Gig 0/21
B2-2960-2.hv.se Gig 0/1 158 S I WS-C2960G Gig 0/39
b005 Gig 0/15 148 S I WS-C2950T Gig 0/2
cnap-NAT2.cnap.hv.se
Gig 0/2 147 R S I 2801 Fas 0/0
cnap-brouter3560#
cnap-brouter3560#show cdp neighbors detail
-------------------------
Device ID: cnap-B113h.cnap.hv.se
Entry address(es):
IP address: 192.168.17.5
Platform: cisco WS-C2950T-24, Capabilities: Switch IGMP
Interface: GigabitEthernet0/5, Port ID (outgoing port): GigabitEthernet0/2
Holdtime : 158 sec
Version :
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6K2L2Q4-M), Version 12.1(22)EA9, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2006 by cisco Systems, Inc.
Compiled Fri 01-Dec-06 18:22 by weiliu
advertisement version: 2
Protocol Hello: OUI=0x00000C, Protocol ID=0x0112; payload len=27, value=00000000FFFFFFFF010221FF000000000000000BFD37B580FF0000
VTP Management Domain: 'cnap'
Native VLAN: 42
Duplex: full
Management address(es):
IP address: 192.168.17.5
-------------------------
Device ID: cnap-NAT2.cnap.hv.se
Entry address(es):
IP address: 193.10.203.30
Platform: Cisco 2801, Capabilities: '''Router''' Switch IGMP
Interface: GigabitEthernet0/2, Port ID (outgoing port): FastEthernet0/0
Holdtime : 97 sec
Version :
Cisco IOS Software, 2801 Software (C2801-IPVOICEK9-M), Version 15.1(3)T, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2010 by Cisco Systems, Inc.
Compiled Mon 15-Nov-10 22:20 by prod_rel_team
advertisement version: 2
VTP Management Domain: ''
Duplex: full
Management address(es):
-------------------------------
Device ID: B2-2960-2.hv.se
Entry address(es):
IP address: 192.168.255.102
Platform: cisco WS-C2960G-48TC-L, Capabilities: Switch IGMP
Interface: GigabitEthernet0/1, Port ID (outgoing port): GigabitEthernet0/39
Holdtime : 43 sec
Version :
Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(44)SE, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Sat 05-Jan-08 00:42 by weiliu
advertisement version: 2
Protocol Hello: OUI=0x00000C, Protocol ID=0x0112; payload len=27, value=00000000FFFFFFFF010221FF000000000000001B8F7F7500FF0000
VTP Management Domain: 'HV'
Native VLAN: 755
Duplex: full
Management address(es):
IP address: 192.168.255.102
-------------------------
X: Orientation Course
MENU
Resources
:: AC Tutorials
:: Academy Marketplace
:: Certifications and Vouchers
:: Course Catalog -- Offered courses and Eagle Server
CCNA Exploration --> Scope and Sequence
:: Course Materials -- Curriculum and Assessments(Chapter test questions)
:: Equipment Information -- Lab Equipment List & Contact Info
Remote Access and BDL Solutions
Interactive Learning Tools ( = link to packet tracer )
Maintenance Service and Support --> "Image & Hardware Support","IOS Download Guide",SignUp Process"
:: File Sharing
:: Glossary
:: Library -- Länkar till saker som finns i de andra rubrikerna... ?!?
:: Marketing Toolkit --> Collateral/Media --> Logos --> Cisco Networking Academy Identity Guide
Cisco Networking Academy Partner Logo -> netacadlogo.zip
:: Support Desk --> Academy, Assessment, and Curriculum Quality Support (also click "HELP"; top right corner)
:: Tools -> /Curriculum\ /Course\ /ClassroomSetup\
Communities
:: Academy Netspace Games
:: Facebook
:: Club NetAcad
Career Opportunities
AC Tutorials
- Academy Management: Administrators (Legal Main Contact, Curriculum Lead)
- User Management: Instructors and Administrators
- Teaching / learning: Instructors
- Assessment Management: Instructors
- Community: All users
- Support: All users
Documents
- CCNA Exploration 4.0 "Network Fundamentals" Pacing Guide (2008). Klick Library->InstructorResources->ccnaExpl:Net Fun->Pacing Guide
- CCNA Exploration Scope and Sequence Klick Course Catalog -> CCNA Exploration -> Scope and Sequence
- Quality Assurance Plan (QAP) Deleted according to Jaskaran /Robert
- Networking Academy Maintenance - Image & Hardware Support klick ::Equipment Information -> Lab Equipment List & ...
OR ::Library -> Equipment Information -> Lab Equipment List & ...
