CCNA2 - Module 1 & 2 Flashcards
Basic Device Configuration & Frame Forwarding
SWITCH BOOT SEQUENCE
When a Cisco switch powers on, it follows these five steps:
- POST: The switch runs a self-test (POST) to check the CPU, DRAM, and part of the flash storage.
- Boot Loader: A small program in ROM is loaded after POST, starting the boot process.
- CPU Initialization: The boot loader sets up CPU registers, memory mapping, and speed.
- Flash Initialization: The boot loader prepares the flash file system.
- Load IOS: The boot loader finds and loads the default IOS operating system into memory, taking control of the switch.
Differentiate boot system, flash:, c2960-lanbasek9-mz.150-2.SE/ and c2960-lanbasek9-mz.150-2.SE.bin
- Boot system - the main command
- flash: - the storage device
- c2960-lanbasek9-mz.150-2.SE/ - the path to the file system
- c2960-lanbasek9-mz.150-2.SE.bin - the IOS file name
Shows whether the system is receiving power and functioning properly.
System LED (SYST)
Shows the RPS status.
Redundant Power Supply LED (RPS)
When green, indicates port status mode is selected, which is the default. Port status can then be understood by the light associated with each port.
Port Status LED (STAT)
When green, indicates port duplex mode is selected. Port duplex can then be understood by the light associated with each port.
Port Duplex LED (DUPLX)
When green, indicates port speed mode is selected. Port speed can then be understood by the light associated with each port.
Port Speed LED (SPEED)
Present if the switch supports PoE. Indicates the PoE status of ports on the switch.
Power over Ethernet LED (PoE)
Recovering from a System Crash
If the switch’s operating system is missing or damaged, the boot loader allows access to the switch through a console connection. Here’s how to access it:
- Connect a PC to the switch via console cable and open terminal software.
- Unplug the switch power cord.
- Reconnect the power and, within 15 seconds, press and hold the Mode button while the System LED flashes green.
- Keep holding until the LED turns amber and then solid green, then release the Mode button.
- The boot loader prompt will appear in the terminal software.
The boot loader lets you format the flash, reinstall the OS, or recover a lost password using commands like dir
to view files.
To manage a switch remotely, assign it an IP address, subnet mask, and a default gateway. This setup is similar to configuring a host device.
The switch’s virtual interface (SVI) on S1 should be given an IP address. The SVI is a virtual, not physical, interface. Use a console cable to connect to a PC for initial configuration.
Switch Management Access
Switch SVI Configuration Example
By default, the switch uses VLAN 1 for management. For security, it’s best to use a different VLAN for management.
- Configure the Management Interface: Assign an IP address and subnet mask to the switch’s management SVI (e.g., VLAN 99). The SVI won’t be “up/up” until VLAN 99 is created and a device is connected to a port in that VLAN. If using IPv6, configure the switch for dual IP modes first.
- Configure the Default Gateway: If managing the switch remotely from another network, set a default gateway. No IPv6 gateway is needed since the switch receives this info from a router advertisement.
-
Verify Configuration: Use
show ip interface brief
andshow ipv6 interface brief
to check the status of interfaces and confirm the IP setup. The IP on the SVI allows remote management, but not routing of Layer 3 packets.
Duplex Communication
- Full-Duplex: Allows data to be sent and received simultaneously, improving efficiency. It requires microsegmentation (one device per switch port) and eliminates collisions. Gigabit Ethernet and 10 Gb NICs need full-duplex to function properly.
- Half-Duplex: Only allows data to flow in one direction at a time, causing potential collisions and performance issues.
Full-duplex provides 100% efficiency in both directions, doubling the bandwidth usage.
Configure Switch Ports at the Physical Layer
- Switch ports can be configured with specific duplex and speed settings using the
duplex
andspeed
commands. - By default, Cisco Catalyst 2960 and 3560 switch ports are set to auto for both duplex and speed. At
10/100 Mbps
, they can be ihalf- or full-duplex, but at1000 Mbps
, they are always full-duplex. -
Autonegotiation
is useful when device settings are unknown or may change, but it’s best to manually set speed and duplex for known devices like servers or workstations. - When troubleshooting, check duplex and speed settings, as mismatched configurations can cause
connectivity issues
. Fiber-optic ports like1000BASE-SX
always operate at a fixed speed and full-duplex.
Auto-MDIX
- Auto-MDIX allows the switch to automatically detect and adjust for the correct cable type (straight-through or crossover) needed for the connection.
- Without auto-MDIX, use straight-through cables for devices like servers and routers, and crossover cables for connecting switches or repeaters.
- With auto-MDIX, either cable type works, and the interface adjusts automatically for proper communication.
- On newer Cisco switches, enable auto-MDIX with the
mdix auto
command, and set speed and duplex to auto for proper function. - Auto-MDIX is enabled by default on Catalyst 2960 and 3560 switches but not on older models like the Catalyst 2950 and 3550. Use the
show controllers ethernet-controller
command to check the setting.
The ___________ command can be used to verify that the switch has been correctly configured. From the sample abbreviated output on S1, some important information is shown in the figure:
show running-config
The _____________ command is another commonly used command, which displays status and statistics information on the network interfaces of the switch. The show interfaces command is frequently used when configuring and monitoring network devices.
show interfaces
The first line of the output for the ___________________________ command indicates that the FastEthernet 0/18 interface is up/up, meaning that it is operational. Further down, the output shows that the duplex is full and the speed is 100 Mbps.
show interfaces fastEthernet 0/18
Network Access Layer Issues
The show interfaces
command helps identify common media problems by displaying line and data link protocol statuses.
-
Up/Down Status:
- Interface up, line protocol down: This suggests issues like an encapsulation mismatch, an error-disabled interface, or a hardware problem.
- Both down: Likely indicates no cable attached or an interface issue, such as the other end being administratively down.
-
Interface administratively down: This means the interface was manually disabled using the
shutdown
command.
The output also shows interface counters and statistics, which can reveal errors that impact network performance, even if they don’t cause complete failures.
Give the 7 Error Type and differentiate them
- Input Errors Total number of errors. It includes runts, giants, no buffer, CRC, frame, overrun, and ignored counts.
- Runts Packets that are discarded because they are smaller than the minimum packet size for the medium. For instance, any Ethernet packet that is less than 64 bytes is considered a runt.
- Giants Packets that are discarded because they exceed the maximum packet size for the medium. For example, any Ethernet packet that is greater than 1,518 bytes is considered a giant.
- CRC CRC errors are generated when the calculated checksum is not the same as the checksum received.
- Output Errors Sum of all errors that prevented the final transmission of datagrams out of the interface that is being examined.
- Collisions Number of messages retransmitted because of an Ethernet collision.
- Late Collisions A collision that occurs after 512 bits of the frame have been transmitted
is the sum of all errors in datagrams that were received on the interface being examined. This includes runts, giants, CRC, no buffer, frame, overrun, and ignored counts. The reported input errors from the show interfaces command include the following:
* run frames
* giants
* CRC errors
“Input errors”
- Ethernet frames that are shorter than the 64-byte minimum allowed length are called _________. Malfunctioning NICs are the usual cause of excessive _______ frames, but they can also be caused by collisions.
Runt Frames
- Ethernet frames that are larger than the maximum allowed size are called ___________.
Giants
- On Ethernet and serial interfaces, ___________ usually indicate a
media
orcable error
. Common causes includeelectrical interference
, loose ordamaged connections
, orincorrect cabling
. If you see many __________, there is too much noise on the link and you should inspect the cable. You should also search for and eliminate noise sources.
CRC errors
is the sum of all errors that prevented the final transmission of datagrams out the interface that is being examined. The reported __________ from the show interfaces command include the following:
* collision
* late collision
“Output errors”
Collisions -
Collisions in half-duplex operations are normal. However, you should never see collisions on an interface configured for full-duplex communication.
Late collisions -
A late collision refers to a collision that occurs after 512 bits
of the frame have been transmitted. Excessive cable lengths are the most common cause of late collisions
. Another common cause is duplex misconfiguration
.
Telnet Operation
Telnet uses TCP port 23 and transmits data, including login details (username and password), in unencrypted plaintext. This makes it insecure, as attackers can easily capture sensitive information (e.g., using Wireshark).
SSH Operation
SSH is a secure protocol that uses TCP port 22, offering encrypted remote management connections. Unlike Telnet, SSH encrypts both the login details and transmitted data, making it safer. Even if a threat actor tracks the session via the IP address, the username and password remain encrypted. SSH should replace Telnet for secure connections.
Verify the Switch Supports SSH
To enable SSH on a Catalyst 2960 switch, ensure it’s running an IOS version with cryptographic features. Use the show version
command to check the IOS version. If the IOS filename includes “k9,” it supports encryption.
Configure SSH
-
Verify SSH Support: Use
show ip ssh
to check if the switch supports SSH. If the IOS doesn’t support encryption, this command won’t work. -
Configure IP Domain: Set the domain name with
ip domain-name domain-name
. -
Generate RSA Key Pair: Use
crypto key generate rsa
to enable SSH and generate the RSA key pair. Delete withcrypto key zeroize rsa
if needed. -
Configure User Authentication: Create a local username and password with
username username secret password
. -
Configure vty Lines: Enable SSH on vty lines using
transport input ssh
and set local authentication withlogin local
. -
Enable SSH Version 2: Enable SSH v2 with
ip ssh version 2
.
Verify SSH is Operational
- On a PC, use an SSH client like PuTTY to connect to the switch (S1) with IP address 172.17.99.11 on VLAN 99.
- From PC1 (IP 172.17.99.21), initiate an SSH connection to the switch.
- Enter the username (admin) and password (ccna) when prompted to connect to the switch’s CLI.
- Use
show ip ssh
to check SSH version and configuration on the switch (SSH v2 is enabled in the example).
One distinguishing feature between switches and routers is the type of interfaces supported by each. For example, Layer 2 switches support LANs; therefore, they have multiple FastEthernet or Gigabit Ethernet ports. in the figure is used to demonstrate the configuration of router IPv4 and IPv6 interfaces.
Dual Stack Topology
Configure Router Interfaces
Routers connect LANs and WANs and support various interfaces (e.g., Gigabit Ethernet, serial, DSL). To configure an interface:
-
Assign an IP Address: Use
ip address ip-address subnet-mask
for IPv4 oripv6 address ipv6-address/prefix
for IPv6. -
Activate the Interface: By default, interfaces are off. Use
no shutdown
to enable them, and ensure the interface is connected to another device. - Add a Description (optional): Configure a brief description for each interface to aid in troubleshooting and network management.
IPv4 Loopback Interfaces
A loopback interface is a virtual, internal interface on a router, not linked to any physical port. It’s always “up
” as long as the router is functioning.
- Uses: It’s helpful for testing and managing the router, ensuring at least one interface is always available. It can also simulate networks for testing routing processes and configuration practice.
- Multiple Loopbacks: You can create several loopback interfaces to simulate more networks in lab setups.
- Configuration: Assign a unique IPv4 address to each loopback interface.
Interface Verification Commands
Use these commands to check interface status and configuration:
-
show ip interface brief
/show ipv6 interface brief
: Display a summary of all interfaces, including their IPv4/IPv6 address and status. -
show running-config interface interface-id
: Show the configuration applied to a specific interface. -
show ip route
/show ipv6 route
: Display the IPv4/IPv6 routing table, with active interfaces marked as ‘C’ (Connected) or ‘L’ (Local) in Cisco IOS 15.
Verify Interface Status
Use show ip interface brief
or show ipv6 interface brief
to quickly check the status of all interfaces. If both the Status and Protocol are “up,” the interface is active. Any other output suggests a configuration or cabling issue.
Verify IPv6 Link Local and Multicast Addresses
Use show ipv6 interface brief
to see two IPv6 addresses on each interface: a global unicast address (manually configured) and a link-local address (starting with FE80
). The link-local address is automatically added with the global address.
For more details, use show ipv6 interface gigabitethernet 0/0/0
to view the interface status and all IPv6 addresses, including multicast addresses (starting with FF02
).
Verify Interface Configuration
Use show running-config interface
to see the current configuration of a specific interface. For more details:
-
show interfaces
: Displays information and packet flow for all interfaces. -
show ip interface
/show ipv6 interface
: Shows IPv4/IPv6 details for all interfaces.
Verify Routes
Use show ip route
and show ipv6 route
to view connected and local routes.
- A
local route
has a /32 (IPv4) or /128 (IPv6) mask and an admin distance of 0. - A ‘
C
next to a route means it’s a directly connected network. - The router’s global unicast address is added as a local route to efficiently process packets destined for that address.
Filter Show Command Output
By default, output pauses after 24 lines. Press Enter for the next line or the spacebar for the next set. Use terminal length 0
to stop the pause.
You can also filter output using a pipe (|
) followed by a filter:
- section: Shows the section starting with the expression.
- include: Displays lines that match the expression.
- exclude: Hides lines that match the expression.
- begin: Starts output from the line matching the expression.
Command History Feature
The command history stores executed commands for easy recall.
- Press Ctrl+P or the Up Arrow to recall older commands.
- Press Ctrl+N or the Down Arrow for newer commands.
- By default, the history stores the last 10 commands. Use
show history
to view them. - To change the number of stored commands for the current session, use
terminal history size
.
Summarize Module 1
- After powering on, a Cisco switch follows a five-step boot sequence.
- Set the BOOT environment variable using the
boot system
command. - Monitor switch activity with LEDs: SYST, RPS, STAT, DUPLX, SPEED, and PoE.
- The boot loader helps when the operating system is damaged or missing.
- Configure IP address and subnet mask for remote management access.
- Set a default gateway for remote network access.
- Full-duplex communication doubles bandwidth by allowing both send/receive at once.
- Switch ports can be manually set for specific duplex and speed.
- Use autonegotiation if device settings may change or are unknown.
- With auto-MDIX, the switch detects and configures cable type automatically.
- Use show commands to verify switch configurations.
- Telnet (TCP port 23) is insecure, transmitting data and credentials in plaintext.
- SSH (TCP port 22) provides secure, encrypted remote connections.
- “k9” in the IOS filename supports cryptographic features.
- To configure SSH: verify support, set domain, generate RSA keys, configure authentication, VTY lines, and enable version 2.
- Use
show ip ssh
to verify SSH status. - Always configure the device name, passwords, banner, and save changes.
- Routers support various LAN and WAN interfaces, interconnecting networks.
- IPv4 loopback is a logical interface, internal to the router.
- Use these commands to verify interface status:
-
show ip interface brief
for a summary of interfaces, -
show running-config interface
for interface settings, -
show ip route
for routing table contents.
-
- Filter command output with the pipe (|) and expressions like section, include, exclude, and begin.
- Command history is enabled by default, storing the last 10 commands.
- Use
show history
to view the command history buffer.
Switching in Networking
-
-
Ingress
: Traffic entering the interface -
Egress
: Traffic leaving the interface
A switch forwards traffic based on the ingress interface and destination MAC address using its MAC address table (CAM table).
MAC Address Table
The switch learns the destination MAC address by recording source MAC addresses and the port they came from. It uses this information to decide where to forward traffic. A switch won’t send traffic back through the same interface it received it on.
Ingress vs
Egress
-
Ingress
: Traffic entering the interface -
Egress
: Traffic leaving the interface
Switch Learn and Forward Method
-
Learn: examines Source Address
- The switch adds the source MAC address to the table if it’s not already there.
- If the source MAC is in the table, it resets the timeout to 5 minutes.
-
Forward: Examines Destination Address
- If the destination MAC is in the table, it forwards traffic out the correct port.
- If the destination MAC is not in the table, it floods the traffic to all ports except the one it was received on.
Switch Forwarding Methods
Switches use ASICs for quick forwarding decisions, using one of these methods:
- Store-and-forward: Receives the entire frame, checks for errors, and forwards only valid frames. Cisco’s preferred method.
- Cut-through: Forwards the frame as soon as it determines the destination MAC address.
Store-and-forward:
- Error Checking
: Checks for CRC errors and discards bad frames.
- Buffering
: Buffers the frame while checking for errors and handling speed differences.
Cut-through:
- Forwards the frame immediately after checking the destination MAC.
- Fragment Free
: Ensures frames are at least 64 bytes to avoid runts.
- Limitations
: Does not check errors, may propagate bad frames, and can’t handle ports with different speeds.
Store-and-forward
Receives the entire frame, checks for errors, and forwards only valid frames. Cisco’s preferred method.
Cut-through
Forwards the frame as soon as it determines the destination MAC address.
Store-and-forward:
* Error Checking
* Buffering
Store-and-forward:
- Error Checking
: Checks for CRC errors and discards bad frames.
- Buffering
: Buffers the frame while checking for errors and handling speed differences.
Cut-through:
* Fragment Free
* Limitations
Cut-through:
- Forwards the frame immediately after checking the destination MAC.
- Fragment Free
: Ensures frames are at least 64 bytes to avoid runts.
- Limitations
: Does not check errors, may propagate bad frames, and can’t handle ports with different speeds.
Collision Domains
Switches eliminate collision domains and reduce congestion.
- Full-duplex links eliminate collision domains.
- Half-duplex links create collision domains, leading to bandwidth contention and possible collisions.
Most devices, including Cisco and Microsoft, use auto-negotiation for duplex and speed settings by default.
Broadcast Domains
- A broadcast domain includes all Layer 1 or Layer 2 devices on a LAN.
- A router (Layer 3 device) breaks a broadcast domain.
- Devices in the domain receive broadcast traffic, which a switch floods to all interfaces except the incoming one.
- Too many broadcasts can cause congestion and slow performance.
- Adding more devices at Layer 1 or Layer 2 expands the broadcast domain.
Alleviating Network Congestion
Switches use the MAC address table and full-duplex to avoid collisions and reduce congestion. Key features include:
- Fast Port Speeds – Up to 100gbps, depending on the model.
- Fast Internal Switching – Uses fast internal bus/memory for better performance.
- Large Frame Buffers – Stores frames temporarily for efficient processing.
- High Port Density – More ports for devices, reducing cost and congestion.
Summarize of Module 2
Frame Forwarding
- Ingress
is the entry port, and egress
is the exit port.
- The switch uses a MAC address table to forward frames.
- It can use store-and-forward
or cut-through
for forwarding.
Switching Domains
- Half-duplex Ethernet ports create collision domains
.
- Full-duplex eliminates collision domains
.
- A switch floods broadcasts or unknown unicast frames to all ports except the ingress.
- Broadcast domains
are broken by Layer 3 devices like routers.
- Switches extend broadcast domains but eliminate collision domains and reduce congestion.