CCNA Prep document

By Esther Flores,2014-06-17 08:16
8 views 0
CCNA Prep document ...

CCNA Prep document

Supplied to you with best wishes from….. Chillnz

The two most significant things to study on the test are the OSI model and TCP/IP addressing and

    subnetting. If you know both of those very, very well, then you are guaranteed about 50% on the exam.

    The rest comes from this sheet.

The last bit of advice is that you didn‟t believe me on the importance of knowing the OSI model, learn it

    backwards, forwards, sideways, and be prepared to answer really nit-picky questions about it.

OSI Model


     File, print, message, database, and applications

     Determines availability of the target host.

     www, email, ftp, telnet, edi, quake


     Data Encryption, compression, and translation services

     Determines the syntax of the data transfer.

     Pict, tiff, jpet, midi, mpeg, quicktime, etc


     Dialog control, coordinates the comunications

     Nfs, sql, rpc, x windows, asp (appletalk session protocol), DNA SCP (digital whatzit)


     End-to-end communication

     Responsible for hiding the communications from the higher layers.

     TCP / UDP



     IP / ICMP, BootP, ARP, RARP


    Data Link


    Ethernet II, 802.5 (token ring), 802.3, 802.2 (802.3 with dsap and ssap logical link

    control fields)

    Media access control: MAC: 48 bits, 3 bytes vendor + 3 bytes serial number


    High-level datalink control HDLC (cisco default for serial links)

    Synchronous Data Link Control SDLC (uses polling)

    Link Access Procedure, Balanced LAPB

    x.25, slip, ppp, isdn, Frame Relay

    Bridges / Switches



     v.24, v.35, x.21, g.703, hssi, etc

     Repeaters / Hubs

DOD Model

     Process/application ; application, presentation, session

     Host-to-host ; transport

     Internet ; network

     Network access ; Datalink / physical



     802.3 CSMA/CD | Ethernet_II | 802.2

     10base2/thinnet: 185 meters

     10base5/thicknet: 500 meters

     10baseT: can run above 10Mbps 200ish meters

     5-4-3 rule: 5 segments, 4 repeaters, 3 segments populated

     100BaseTX: 100 meters, up to 2 repeaters. Packets between 512 and 1518.


     100 Mbps

     token passing with dual counter-rotating rings



     4 / 16 Mbps


     53-byte cells

     Flow Control

     Contention: CSMA/CD : Carrier Sense Multiple Access, Collision Detect

     Token Passing: Token Ring, Fiddi

     Polling: SDLC, some HDLC, some HP ethernet stuff


     Store and forward

     Buffers whole frame before forwarding


     Forward frame as soon as destination address is available

     Fragment Free

    Does Cut-Through after 64 bytes are received to stop collision packets from being


     802.1d Spanning-Tree Protocol STP

     detect and eliminates loops in routed network

     STA: Spanning Tree Algorithm

     Sends out BPDUs: Bridge protocol data units

     VLAN: Virtual Lans

     Create „logical‟ networks by location, function or department.. or protocol, or whatever.

    Done with a switch using Frame-Tagging (can be used between switches if you have ISL

    inter-switch link) Frame-Tagging uses unique user-defined identifiers while within the

    switch fabric, and is very scalable.


     Port numbers:

     TCP: protocol number 6

     ftp: 21

     telnet: 23

     smtp: 25

     UDP: protocol number 17

     Dns: 53

     Tftp: 69

     Snmp: 161

     0-255: public assigned

     256 1023: assigned to companies

     1023+ user defined / source addresses

     IP Addressing:

     Class leading bits decimal range of first byte

     A 0 1-127

     B 10 128-191

     C 100 192-223

     Learn the rest of the stuff…. Way out of scope of this.


    Cisco considers the mask to be the bits beyond what is „normal‟ for that class address, not

    the entire number of bits in the subnet mask, sometimes….


     Protocl Stack:

     Application, presentation, session ; RIP, SAP, NCP, NLSP, etc…

     Transport ; IPX, SPX

     Network ; IPX

     Data link ; ODL Open Data Link

     Physical ; whatever


     Connectionless, and communicates via sockets

     Each host runs its own internal ipx network in addition to any lan network


     10 byte address

     first 4 bytes are network need to be unique, otherwise whatever..

     last 6 bytes are node - usually just use the MAC address


     Sequence Packet eXchange

     Connection oriented protocol

     Creates virtual circuits, with specific connection IDs


     Routing information protocol

     Distance vector protocol that establishes routes between ipx networks

     Judges based on ticks (1/18 second units) and hops

     Broadcast every 60 seconds

     Used to provide each server with a complete network map


     Service advertising protocol

     Servers use it to advertise, clients use it to locate services

     Broadcast every 60 seconds


     NetWare Link Services Protocol

     Link-state protcol to replace RIP and SAP someday…


     NetWare Core Protocol

     Provides access to server resources

     Netware in a nutshell

     -Strict client-server model (nobody is both)

     -Servers provide files, printing, messaing, applications, and databases

    -Every netware server (or cisco router) creates a SAP table of all services offered by all


    -A client issues a GNS (GetNearestServer request) broadcast to find out what is on the

    local SAP

     Netware frame types Features

    802.3 default on NetWare <=3.11

    802.2 default on NetWare 3.12+

    ethernet_ii supports tcp/ip and ipx

    ethernet_SNAP appletalk, tcp/ip, and ipx

    --- all of these are incompatible… god love‟m

Routing Protocols

     RIP: Routing Information Protocol

     Distance vector routing protocol

     Updates every 30 seconds

     Route invalid timer 90 seconds: time before route considered invalid.

     Route flush timer: 240 seconds: route removed from table

     Can use metrics (1-15) to weight against some interfaces

     15 hop limit

    OSPF: Open Shortest Path First

     Link-state routing

     Very infrequent broadcast updates

     Extremely granular metrics

    NLSP: Novell‟s Link State Protocol


    IGRP: Interior Gateway Routing Protocol (cisco proprietary)


     Metrics and hop count from 1-255

     Measures delay in units of 10 milliseconds

     Measures bandwidth on serial connection this needs to be set, default is T1

     Measures reliability as 1-255 (255 optimal):

     Measures load: 0-255 (0 = no-load)

     Allows multi-path routing (dual links of equal bandwidth to 1 location)

     Implements hold-downs, split horizons, and poision reverse updates

     Update timer is 90 seconds, invalid timer is 270 seconds (3 times update)

     Hold down timer is 280 (3 times update +10 seconds)

    flush timer is 630 seconds (7 times update)

    administrative distances: (reliability of information)

    0 = direct connection, 1 = static, 100 = igrp, 110 =ospf, 120 = rip, 255 = unknown

    EIGRP: Enhanced IGRP

     Hybrid routing protocol

     Uses distance vectors, however they are triggered by changes, not timers.

     Faster convergence, multiprotocol support

     Distance- vector:

     Uses second-hand info

     Problems detecting /closing routing loops (counting to infinity)

     Judges „best‟ based on hop counts

     Convergence can get pretty lengthy

     Split horizion: enforces that inforation is not sent back in direction it came from

     Route poisoning: Helps prevent incorrect updates by setting route down explicitly

     Hold-downs: prevents routes from changing too quickly, to allow time for stabilization


     No-second hand info, and understands entire network

     Uses LSP packets to build „personal‟ copy of entire network structure to route from

     LSP: link-state packets or “hello packets”

     Chooses „best‟ path based on: bandwidth, congestion, metrics, etc.

     Update times can be set very lengthy as changes cause triggered udpates.

EXTERIOR routing protocols

     EGP: Exterior Gateway Protocol

     Polls neighbors

    exchanges info about AS with neighbors

    distance vector

    very simple

     BGP: Border Gateway Protocol

     Can detect routing loops

     Can work between AS

Other Random Cisco protocols

     CDP: Cisco Discovery Protocol

     Runs SNAP: SubNetwork Access Protocol at the datalink layer.

    - this allows routers running different protocols to still communicate

    - 60 second updates, 180 second hold time

    #show cdp interface

     interface information, encapsulation info, and timing information

    #show cdp entry <name or * for all>

     shows detailed information about other routers on network

    #show cdp neighbors

     shows summary information that is being exchanged

    #show cdp neighbor detail

     extended listing of info for all routers

    #show cdp traffic

     shows packets sent / received amount neighbors



     Plain Old Telephone Service. (politely is: pstn: public switched telephone network)

     Demarc: end of responsbility for provider, start for customer

     CPE: customer premise equipment

     Local loop: wire from CO to demarc

     CO: Central Office: provider POP : point of presence


     Synchronous Data-Link Control

     Used originally for SNA

     Point to-point or multipoint

     Bounded or unbounded media, half or full duplex

     Circuit or packet-switched networks

     2 node types. Primay or Secondary (controlled by primary)


     High-Level Data-Link Control protocol

    This is the default communication method for cisco routers of sync links, and is


    This came after SDLC, and was modified into LAP and LAPB.

    HDLC transfer modes:

     NRM: Normal Response Mode: secondaries only speak when spoken to by pri

     ARM: Async Response Mode: sec. can speak on own

     ABM: Async Balanced Mode: nodes can be both pri and sec

     LAPB:Link Access Procedure Balanced: built into x.25


     Dial on demand Routing

    ; be sure and setup route as static, and with specified distance over 200 to make sure it

    is „last resort‟


     Point-to-point communication between DTE and DCE

     DTE: Data Terminal Equipment (router or terminal, or whatever)

     DCE: Data Circuit-Terminating Equipment (csu/dsi or modem)

     PSE: Packet Switching Exchange: switches inside carriers network

     Addresses defined by x.121 as a 14 digit number

     DNIC:Data Network Identified Code is first 4 bits of address

     Rest of address is assigned by the administrator

     Full-duplex protocol

     „overbuilt‟ with lots of error checking

     Created SVC or PVC connections (switched or Permanent virtual circuits)


     Packet layer protocol

     x.25‟s network layer protocol

     modes: call setup, data transfer, idle, call clearing, restarting


     Link Access Procedure Balanced

     Makes sure frames are error free and sequenced

     Types of frames:

     I information sequencing, flow control, error detect, recovery

     S supervisory handles requests for, and suspension of transmittion

     U unnumbered link setup and disconnections and error reporting

     Setting up X.25 on Cisco

     #interface <interface>

     #encap x25

     #x25 address <14 digit number>

     to set the address

     #x25 ips <bytes>

     to configure Input Packet Size

     #x25 ops <bytes>

     to configure Output Packet Size

     #x25 win <integer>

     to configure Window Input Size

     #x25 wout <integer>

     to configure Window Output Size

     Frame Relay

     Shared Bandwidth

     Can setup a CIR (Committed Information Rate)

     Assumed error-checking is handled at another, higher, layer

     PVCs are created at layer 2.

     DLCIs: Data-link connection Identifiers : are used to identify virtual circuit connections.

     DLCI address are assigned by the provider and then mapped to IP addresses by the router

     LMI: Local management Interface

     These are autodetected in current IOS versions….. however:

     Keyword Meaning

     Cisco: defined by industry group, and default

     ANSI: Annex D defined by T1.617

     Q933a: Defined by ITU-T Annex A Q.933A

     LMI can be used to determine the global significance of the DLCI numbers.

     Setup of Frame Relay on Cisco

     #interface <interface>

     #encapsulation frame-relay [ietf, or default is cisco]

    use default to talk to other cisco routers, use ietf encapsulation to talk to non-


     #frame-relay interface-dlci <dlci number>

     to map dlci number to current interface, or subinterface

     Then specify an IP address for that subinterface

     Optionally you can hard-code the address on the other end.

     #encap frame-relay [ietf]

     #no inverse-arp

     turns off auto addressing features

     #ip address <ip address> <subnet mask>

     #frame-relay map ip <address> <metric ? > [cisco] [broadcast]

     this lets you mix encap types, and allow broadcast over interface

     Monitoring Frame Relay

     #show frame ?

     ip ip statistics

     lmi lmi stats

     map map table

     pvc pvc stats this one displays the DLCI #

     route route info

     traffic protocol stats


     Point to Point Protocol

     Userfull for dial-up or sync links (ISDN)

     Authenticate using PAP: password authentication protocol or

     CHAP: Challenge Handshake Authentication Protocol


     Integrated Services Digital Network

     Terminal equipment types:

     TE1: understands ISDN

     TE2: predates ISDN and needs a TA (terminal adapter) to work

     ISDN reference points:

     R: between non-isdn device and TA

     S: between terminal and NT2 device

     T: point between NT1 and NT2

     U: point between NT1 and carrier line termination device

     ISDN protocol codes:

     E: existing telephone network

     I: concepts, terms, and services

     Q: switching and signaling

     ISDN service levels:

     Connect to lines with SPIDs (service Profile Identfiers) (phone numbers..)

     BRI: Basic Rate Interface: 2B + 1D

     B = 64kbs, D=16Kbps = 128kbs plus control

     PRI: Primary Rate Interface: 23B + 1D

     Total of 1.544Mbps

     Configuring ISDN BRI

     #isdn switch-type ?

     tons of proprietary switch types

     #interface <interface>

     typicaly bri0, or something like that.

     #encap ppp

     ppp is method used to setup isdn phone calls

     #isdn spid1 <spid1>

     #isdn spid2 <spid2>

     Configuring ISDN PRI

     #controller <interface> <location>

     typicaly something like #controller T1 1/0

     #framing efs

     sets Extended Super Framing, this is normal for T1/ PRI line

     #linecode b8zs

    line-conding mechanism to assist with timing by preventing strings of


     #pri-group timeslots <value from 1-24>

     sets number of timeslots

Access lists:


     Access lists must be created, then applied to an interface

     Access lists can filter incoming or outgoing from an interface

     Packets are compared only until a match is made

     Packets that do not meet any criteria on the list are discarded

     Wildcard masking:

     Nifty, acts like a reverse subnet mask:

     Example: would wildcard all hosts on class C network would indicate no wildcarding


     host: : just specified host

     any: absolutely anything

     * when using keyword it comes before IP address, when using mask it comes after!!!!

     List number scheme

     List number range meaning

    1-99 ip standard list

    100-199 ip extended access list

    800-899 ipx standard

    900-999 ipx extended access list

    1000-1099 IPX SAP access list

     IP access list creation

     #access-list <number of list> <permit | deny> <source address> [<mask>]

     IP extended access list

     #access-list <number> <permit |deny> <protocol> <source> <destination> <port>

     source and destination can be masked

     port can be „eq‟ for equal, „neq‟ not equal, „log‟ logged, or assorted other things

     port can also be keyworeded: www, smtp, finger, ftp, telnet, etc…..

     ipx access list

     #access-list <number> <permit|deny> <source network number> <destination network number>

    no wildcarding needed with ipx

    -1 is used to indicate „any network address‟

    extended ipx access lists

    #access-list <number> <permit|deny> <protocol> <source> <socket> <destination> <socket>

    -1 still indicates „any‟ for socket or source address

    IPX SAP access lists

    #Access-list <number> <permit|deny> <source> <service type>

    service type is numeric value

     Applying Access list to Interface

     #interface <interface>

     #ip access-group <number of list> <in | out>


     #show access-list

    shows the lists and how many matches for each line

     #clear access-list counters <access list number>

     clears statistics


    Keyword log can be placed at the end of extended access lists, and info will be logged to console

    by default, or could be re-directed to a error-log server

    Logs include: access list number, source and destination port/address and number of packets.

     Displaying access list info

     #Show ip interface <interface>

     displays which list is enabled for the interface, both incoming and outgoing

     #show running-config

     shows just about everything….including details of what makes up each access-list

CISCO Things:

    Startup sequence

     Bootstrap from Rom

     Cisco IOS from Flash

     From tftp

     From Rom

     Configuration File from NVRAM

     From tftp server

     From console

    Editing commands

     Toggle on/off: Terminal editing / terminal no editing

     Control +

     A move to beginning of line

     E end

     F forward

     B back

     P previous

     N most recent

     Show history

     Terminal history size set buffer size

     Arrow keys also work to edit and scroll through buffer


     Enable secret: one-way crypto password, has priority over „normal‟ enable password

     #config terminal

     #enable secret <password>

     Enable password: password to switch to priv mode

     #config terminal

     #enable password <password>

     Virtual terminal password: password to allow telnet into router

     #config terminal

     #line vty 0 <max number of logins>


     #password <whatever password>


Report this document

For any questions or suggestions please email