DOC

CCNA 640-607 Memorization Lists.doc - appsremote.com

By Earl Murray,2014-06-17 08:10
5 views 0
CCNA 640-607 Memorization Lists.doc - appsremote.com ...

CCNA 640-607 Memorization Lists

    CCNA 640-607 Memorization Lists

    The following are lists and explanations that you should memorize for the CCNA 640-607 exam. You may or may not receive any questions from some of these lists. It depends on the exam you get. It’s best to be safe and know them.

Cisco Access Lists

    Access List Type Number Range

IP Standard 1-99

    IP Extended 100-199

    Protocol Type-Code 200-299

    DECnet 300-399

    XNS Standard 400-499

    XNS Extended 500-599

    AppleTalk 600-699

    48-Bit MAC Address 700-799

    IPX Standard 800-899

    IPX Extended 900-999

    IPX SAP 1000-1099

    Extended 48-Bit MAC Address 1100-1199

    IPX Summary Address (NLSP) 1200-1299

Cisco Access Lists Command Formats, etc.

Standard IP Access Lists

    This is the command format for a standard IP access list (notice that you can only use a source address, not a destination address, in a standard IP access list): access-list [number] [permit or deny] [source address]

    Here is an example of configuring a standard IP access list (this is done in configuration mode within privileged EXEC mode):

    RouterA(config)#access-list 12 permit 172.17.35.3

Extended IP Access Lists

This is the command format for an extended IP access list:

    access-list [number] [permit or deny] [protocol] [source] [destination] [port]

    Here is an example of configuring an extended IP access list (this is done in configuration mode within privileged EXEC mode):

    RouterA(config)#access-list 120 permit tcp any any eq www tcp is the protocol,

    any is any source address, any is any destination address, eq www is the port (Remember that when filtering by port, you cannot use IP as the protocol. You can only use TCP, UDP, or ICMP)

    1

    Copyright ? 2000 - 2002 CCxx Productions. All rights reserved. Do not duplicate or redistribute in any form.

CCNA 640-607 Memorization Lists

    Standard IPX Access Lists

    This is the command format for a standard IPX access list (notice that you can use both a source address and a destination address in the standard IPX access list): access-list [number] [permit or deny] [source address] [destination address]

    Here is an example of configuring a standard IPX access list (this is done in configuration mode within privileged EXEC mode):

    RouterA(config)#access-list 820 permit 30 10 30 is the source, 10 is the destination

Extended IPX Access Lists

This is the command format for an extended IPX access list:

    access-list [number] [permit or deny] [protocol] [source] [socket] [destination] [socket]

    Here is an example of configuring an extended IPX access list (this is done in configuration mode within privileged EXEC mode):

    RouterA(config)#access-list 930 permit 1 1 0 1 0 -1 is any protocol, -1 is any

    source, 0 is the socket, -1 is any destination, 0 is the socket

IPX SAP Filters

This is the command format for an IPX SAP Filter:

    access-list [number] [permit or deny] [source address] [service type]

    Here is an example of configuring an IPX SAP filter (this is done in configuration mode within privileged EXEC mode):

    RouterA(config)#access-list 1080 permit 12.0000.0000.0001 0 12.0000.0000.0001

    is the source address which is the network/node address of the server, 0 is any service type

Applying access lists and SAP Filters to an interface

    Remember, after you configure an access list or SAP Filter, it doesn’t do you any good unless it is applied to an interface. You must be in interface configuration mode within privileged EXEC mode and you must use the command “access-group” to apply an

    access list and “input-sap-filter” to apply a SAP Filter. Here are examples:

RouterA(config-if)#ip access-group 12 out applies standard IP access list 12 to

    outgoing packets on the chosen interface

    RouterA(config-if)#ipx access-group 930 in applies extended IPX access list 930

    to incoming packets on the chosen interface

    RouterA(config-if)#ipx input-sap-filter 1080 applies IPX SAP Filter 1080 to the

    chosen interface

2

    Copyright ? 2000 - 2002 CCxx Productions. All rights reserved. Do not duplicate or

    redistribute in any form.

CCNA 640-607 Memorization Lists

    Cisco Access List Wildcard Masking with IP access lists

    Wildcards are used to specify a single host, an entire network, or part of a network. They can be used in standard IP or extended IP access lists. 0’s within the mask must match up exactly and 255’s within the mask can be anything.

Specifying a single host

host 172.16.10.3 is the same as specifying 172.16.10.3 0.0.0.0 . Since the wildcard mask

    is all 0’s, this means that each octet must match up exactly, specifying a single host.

    For example, the following two commands are the same, specifying the single host 172.16.10.3:

    access-list 75 permit host 172.16.10.3

    access-list 75 permit 172.16.10.3 0.0.0.0

Specifying all networks and all hosts

any is the same as specifying 0.0.0.0 255.255.255.255 .Since the wildcard mask is all

    255’s and no particular network is specified, this means that it doesn’t matter what each octet is, specifying any host on any network.

    For example, the following two commands are the same:

    access-list 75 permit 0.0.0.0 255.255.255.255

    access-list 75 permit any

(Note: When using IPX access lists, -1 is just like using the any keyword. It refers to any

    IPX network address)

Specifying a whole network

The mask must contain 0’s to specify a particular network and 255’s to specify all the

    hosts within that network.

    For example, the following command would permit all the hosts within the 172.16.0.0 network:

    access-list 75 permit 172.16.0.0 0.0.255.255

    This command means that the 172.16 must match up exactly because the wildcard mask for those two octets are 0’s. Since the wildcard mask for the last two octets are 255’s, it doesn’t matter what the last two octet’s are. They could be anything.

Specifying a part of a network or a portion of available hosts

    To do this, you need to understand block sizes. These block sizes are used to specify a block of addresses. Some of the different block sizes available are 64, 32, 16, 8, and 4. You use the closest block size for your needs. If you need to specify 34 networks or hosts, you would have to use the next highest block size of 64. If you wanted to specify 22 networks or hosts, you would have to use the next highest block size of 32. When you specify the wildcard mask, the wildcard is always one less than the block size. Also, block sizes must start at zero. If you want a block size of 8, you must stay within the 3

    Copyright ? 2000 - 2002 CCxx Productions. All rights reserved. Do not duplicate or

    redistribute in any form.

CCNA 640-607 Memorization Lists

    block ranges of 0-7, 8-15, etc. For example, you couldn’t start on 11. If you want a block size of 32, you must stay within the ranges 0-31, 32-63, 64-95, etc. Let’s look at some

    examples:

Example # 1

    Let’s say you want to deny access to the networks 172.16.16.0 through 172.16.19.0. First of all, this is good because the range is 16-19. So, we could use a block of 4. This is within one of the ranges because they are 0-3, 4-7, 8-11, 12-15, 16-19, etc. So, your access list command would look like the following:

    access-list 50 deny 172.16.16.0 0.0.3.255

    If you look at the wildcard mask, the first two octets are zero, so this means that the 172.16 must match exactly. Next, the 3 is one less than the block size as discussed above. So, this means that the block size is 4, which would be the networks 16, 17, 18, and 19. The 255 means that this last octet could be any host number.

Example # 2

    Let’s say you want to deny access to the networks 172.16.16.0 through 172.16.21.0. This

    is a total of 6 networks so we would have to use the block size of 8. If you look at the ranges 0-7, 8-15, 16-23, 24-31, etc., you would have to use the range 16-23. So, your access list command would look like the following:

    access-list 50 deny 172.16.16.0 0.0.7.255

    If you look at the wildcard mask, the first two octets are zero, so this means that the 172.16 must match exactly. Next, the 7 is one less than the block size. So, this means that the block size is 8, which would be the networks 16, 17, 18, 19, 20, 21, 22, and 23. The 255 means that this last octet could be any host number. The only problem with this is that you’re denying two networks (22 and 23) that aren’t within the networks that you

    originally wanted to deny. This is one of the problems with block sizes.

Example # 3

    Let’s say you want to permit access to the hosts 172.16.16.9 through 172.16.16.14. This is a total of 6 hosts so we would have to use the block size of 8. If you look at the ranges 0-7, 8-15, 16-23, 24-31, etc., you would have to use the range 8-15 because the hosts you wish to permit access to fall in this range. So, your access list command would look like the following:

    access-list 50 permit 172.16.16.8 0.0.0.7

    If you look at the wildcard mask, the first three octets are zero, so this means that the 172.16.16 must match exactly. Next, the 7 is one less than the block size. So, this means that the block size is 8, which would be the hosts 8, 9, 10, 11, 12, 13, 14, and 15. The only problem with this is that you’re permitting two hosts (8 and 15) that aren’t within the networks that you originally wanted to permit. This is one of the problems with block sizes.

4

    Copyright ? 2000 - 2002 CCxx Productions. All rights reserved. Do not duplicate or

    redistribute in any form.

CCNA 640-607 Memorization Lists

    Routing Protocols and their attributes

    Protocol Type Int. or Ext. Class Metrics Scalability RIP Distance-Vector Interior Classfull Hop count 15 Hops RIPv2 Distance-Vector Interior Classless Hop count 15 Hops IGRP Distance-Vector Interior Classfull Bandwidth, 255 Hops

    Delay, (default is

    Reliability, 100)

    Load

    EIGRP Advanced Interior Classless Bandwidth, Thousands

    Distance-Vector Delay, of routers

    (Hybrid) Reliability,

    Load

    RTMP Distance-Vector Interior NA Hop count 15 Hops AURP Distance-Vector Interior or NA Hop count 15 Hops on

    Exterior each side IPX RIP Distance-Vector Interior NA Ticks and 15 Hops

    Hop count

    NLSP Link-state Interior NA Cost and 127 Hops

    bandwidth

    OSPF Link-state Interior Classless Cost Approx. 50

    routers per

    area,

    approx. 100

    areas IS-IS Link-state Interior Classless Path value, Thousands

    delay, of routers

    expense,

    and errors

    BGP Path-vector Exterior Classless Path Thousands

    attributes of routers

    and other

    factors

5

    Copyright ? 2000 - 2002 CCxx Productions. All rights reserved. Do not duplicate or

    redistribute in any form.

CCNA 640-607 Memorization Lists

    OSI (Open Systems Interconnection) Reference Model

Application Layer

    This layer is responsible for file, message, print, database, and application services. It is the layer closest to the end user and this means that the user and the Application layer interact directly with the software applications. It is also responsible for synchronizing applications on the client and the server, determining if sufficient resources exist for the intended communication, understanding resources that are needed to communicate between two devices and establishing their availability, agreeing on error control and data integrity of communicating applications, and providing processes and services to end users. Always think of “data” with this layer.

Presentation Layer

    Responsible for the format, conversion, encryption, decryption, compression, and decompression of data. This layer also negotiates which format or syntax to use, such as PICT, TIFF, JPEG, MIDI, QuickTime, and MPEG. This layer presents data to the Application layer, so basically, it services the Application layer and is serviced by the Session layer. Always think of “data” with this layer.

Session Layer

    This layer is responsible for establishing, managing, and terminating sessions between applications. Its main concern is dialog control between nodes, or devices. It keeps data from different applications separate from each other and offers three modes: simplex, half-duplex, and full-duplex. Some examples of Session Layer protocols and interfaces are SQL (Structured Query Language), RPC (Remote Procedure Call), X Window, and Network File System (NFS). Always think of “data” with this layer.

Transport Layer

    Responsible for sequencing, session establishment, and maintenance and termination (tear-down) of virtual circuits. Services in this layer segment and reassemble data from upper-layer applications. It establishes a logical connection between the sending host and the destination host. Always think of “segments” with this layer.

Network Layer

    This layer decides the best path through a network and handles network addressing. It is responsible for routing within an internetwork. Routers are defined at this layer. Always think of “packets or datagrams” with this layer.

Data Link Layer

    Responsible for providing reliable transmission of data across the Physical layer. It formats the message into data frames and adds a header to the frame containing the hardware source and destination address. Consists of two sublayers: Media Access Control (MAC) and Logical Link Control (LLC). The MAC sublayer is responsible for Media Access, Framing, and Logical Topology. The LLC sublayer can provide error correction while the MAC sublayer only provides error detection. Always think of “frames” with the Data Link layer

    6

    Copyright ? 2000 - 2002 CCxx Productions. All rights reserved. Do not duplicate or

    redistribute in any form.

CCNA 640-607 Memorization Lists

    Physical Layer

    This layer is responsible for sending and receiving bits. It specifies the electrical,

    mechanical, functional, and procedural requirements for activating, maintaining, and

    deactivating a physical link between systems. It is where the cable, connector, and

    signaling specifications are defined. This layer is the only layer that does not rely on a

    layer beneath it and the only one that can communicate electrical/light pulses to the other

    side. Always think of “bits” with this layer.

“OSI Reference Model / DoD Model” Comparison and Associated Protocols

DoD (Dept. of Defense) Model OSI Model Protocols

     Application Telnet, TFTP, FTP,

    Process / Application --------> Presentation --------> SMTP, NFS, LPD,

     Session SNMP, X Window

    Host-to-Host --------> Transport --------> TCP, UDP

    Internet --------> Network --------> ARP, RARP, IP,

     BootP, ICMP

    Network --------> Data Link --------> Ethernet, Fast Ethernet,

    Access Physical Token Ring, FDDI

Routing Table Updates for Distance Vector Routing Protocols

Routing Protocol Routing Table Updates in Seconds

AppleTalk RTMP 10

    IP RIP 30

    XNS 30

    DECnet IV 40

    IPX SAP 60

    IPX RIP 60

    IP IGRP 90

    VINES VRTP 90

Encapsulation

    7

    Copyright ? 2000 - 2002 CCxx Productions. All rights reserved. Do not duplicate or redistribute in any form.

    CCNA 640-607 Memorization Lists

    Data encapsulation at each layer of the OSI Reference Model: Application Data

    Presentation Data

    Session Data

    Transport Segments

    Network Packets or Datagrams Data Link Frames

    Physical Bits

Frame Relay encapsulation types:

    Cisco (Default)

    IETF

Serial interface encapsulation types:

    HDLC (Default)

    PPP

Novell IPX encapsulation (frame) types:

    Interface Encapsulation or frame type Cisco keyword

Ethernet Ethernet_802.3 novell-ether (Default)

    Ethernet_802.2 sap

    Ethernet-snap snap

    Ethernet_II arpa

Token Ring Token-Ring sap (Default)

     Token-Ring_snap snap

    FDDI Fddi_snap snap (Default)

     Fddi_802.2 sap

     Fddi_raw novell-fddi

Editing Commands

    8

    Copyright ? 2000 - 2002 CCxx Productions. All rights reserved. Do not duplicate or

    redistribute in any form.

CCNA 640-607 Memorization Lists

    Ctrl + A Move to the beginning of the command line Ctrl + E Move to the end of the command line

    Ctrl + B (or left arrow) Move back one character

    Ctrl + F (or right arrow) Move forward one character Ctrl + N (or down arrow) Repeat most recent command Ctrl + P (or up arrow) Repeat previous command

    Ctrl + D Deletes a single character

    Ctrl + R Redisplays a line

    Ctrl + U Erases a line

    Ctrl + W Erases a word

    Ctrl + Z Ends configuration mode and returns you to exec mode

Esc + B Move backward one word

    Esc + F Move forward one word

Backspace Deletes a single character

    Tab Finishes typing a command

IP Address Ranges

Class Address Range First Octet Range

    Class A (commercial use) 1.0.0.0 to 126.0.0.0 1 - 126 Class B (commercial use) 128.0.0.0 to 191.254.0.0 128 - 191 Class C (commercial use) 192.0.1.0 to 223.255.254.0 192 - 223 Class D (multicast groups) 224.0.0.0 to 239.255.255.255 224 - 239 Class E (experimental) 240.0.0.0 to 254.255.255.255 240-254

127.0.0.0 is reserved for the loopback address. It is used by a device to address itself

    internally and used to test a local device’s TCP/IP stack and identify possible stack

    corruption. This is done by using the command “ping 127.0.0.1” on the local device.

Private IP Addresses

The following three sets of IP addresses and subnet masks are private IP addresses. They

    are for use on private networks and usually don’t connect to the global Internet:

Addresses Subnet mask

    10.0.0.0 255.0.0.0

    172.16.0.0 through 172.31.255.255 255.240.0.0

    192.168.0.0 through 192.168.255.255 255.255.0.0

    Subnetting

    9

    Copyright ? 2000 - 2002 CCxx Productions. All rights reserved. Do not duplicate or redistribute in any form.

CCNA 640-607 Memorization Lists

    (Definitely memorize the following subnet mask tables and write them down before starting the exam. See our Subnetting Tips document for more information)

Subnet Masks for a Class C network

    Subnet Mask Length of mask (bits) # of subnets # of hosts per subnet

255.255.255.252 30 62 2

    255.255.255.248 29 30 6 255.255.255.240 28 14 14

    255.255.255.224 27 6 30

    255.255.255.192 26 2 62

Subnet Masks for a Class B network

    Subnet Mask Length of mask (bits) # of subnets # of hosts per subnet

255.255.255.252 30 16,382 2

    255.255.255.248 29 8,190 6 255.255.255.240 28 4,094 14

    255.255.255.224 27 2,046 30

    255.255.255.192 26 1,022 62

    255.255.255.128 25 510 126

    255.255.255.0 24 254 254

    255.255.254.0 23 126 510

    255.255.252.0 22 62 1,022

    255.255.248.0 21 30 2,046

    255.255.240.0 20 14 4,094

    255.255.224.0 19 6 8,190

    255.255.192.0 18 2 16,382

    Notice how the “# of subnets” and the “# of hosts per subnet” on the Class C table are inverses of each other. For example, on the Class C table, the “# of subnets” starts at 62, then 30, 14, 6, and 2. The “# of hosts per subnet” starts at 2, then 6, 14, 30, and 62. Notice that right in the middle is the 255.255.255.240 subnet mask with 14 subnets and 14 hosts per subnet.

    The Class B table works the same way. The “# of subnets” starts at 16,382 and goes all the way down to 2 while the “# of hosts per subnet” starts at 2 and goes all the way up to 16,382. Right in the middle is the 255.255.255.0 subnet mask with 254 subnets and 254 hosts per subnet.

    Here’s a tip to help memorize the Class B table. Notice that when you look at the “# of subnets” starting with 16,382, that each number going to the bottom of the list keeps

    splitting almost in half. Half of 16,382 is close to 8,190, half of 8,190 is close to 4,094, etc. When you look at the “# of hosts”, the same thing is happening except that you start at the bottom of the list.

    Regarding the “Length of Mask (bits)” field: For example, 30 means

    11111111.11111111.11111111.11111100, or 30 1’s, etc.

10

    Copyright ? 2000 - 2002 CCxx Productions. All rights reserved. Do not duplicate or

    redistribute in any form.

Report this document

For any questions or suggestions please email
cust-service@docsford.com