Configuring, commands and theory behind them. Flashcards

1
Q

Explain what these modes allow. which symbol they have and how to go between them

User EXEC Mode

Priviliged EXEC Mode

Global Configuration Mode

Line Configuration Mode

Interface Configuration mode

A
  • User EXEC Mode
  • Used to access configuration options on the device

Priviliged EXEC Mode
Allows access to all commands and features.
Identified by the #
enable or exit from others

Global Configuration Mode
-Used to access configuration options on the device
Identified by config
Configure terminal

Line Configuration Mode
Used to configure console,SSH,Telnet or AUX access
line console 0

Interface Configuration mode
-Used to configre a switch port or router interface
interface (interface u want to access)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What can you do to get more information about a command?

A

Use “?”
Example Ping?

Word, Ip, Ipv6

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does the term “basic device configuration” mean? (Not router)

A

The different commands u need to use to configure a device.

Configure Hostname
Device(config)# hostname Device

Secure Privileged EXEC mode
Device(config)# enable secret password

Secure EXEC mode
Device(config)# line console 0
Device(config-line)# password password
Device(config-line)# login

Securing VTY line access:

Device(config-line)#line vty 0 15
Device(config-line)#password “password”
Device(config-line)#login
Device(config-line)#end

Device(config-line)#service password encryption

Device(config-line)#banner motd #message of the day#

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which config files do we have, how do you save them?

A

startup-config, saved in NVRAM

running-config, saved in RAM

copy running-config
startup-config

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is in Basic Router Configuration

A

Configure Hostname
R1(config)# hostname R1

Secure Privileged EXEC mode
Router(config)# enable secret password

Secure EXEC mode
Router(config)# line console 0
Router(config-line)# password password
Router(config-line)# login

Secure remote Telnet/SSH access.
Router(config)# line vty 0 4
Router(config-line)# password password
Router(config-line)# login
Router(config-line)# transport input {ssh | telnet}

Encrypt all plaintext passwords.
Router(config)# service password encryption

Provide legal notification and
save the configuration.

Router(config)# banner motd # message #
Router(config)# end
Router# copy running-config startup-config

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How do you configure a router interface?

A

Choose interface
Router(config)# interface type-and-number

Give description
Router(config-if)# description description-text

Configure Ipv4 address with subnet mask and ipv6 address with prefix length
Router(config-if)# ip address ipv4-address subnet-mask
Router(config-if)# ipv6 address ipv6-address/prefix-length

Activate interface
Router(config-if)# no shutdown

Example
R1(config)# interface gigabitEthernet 0/0/0
R1(config-if)# description Link to LAN
R1(config-if)# ip address 192.168.10.1 255.255.255.0
R1(config-if)# ipv6 address 2001:db8:acad:10::1/64
R1(config-if)# no shutdown
R1(config-if)# exit
R1(config)#
*Aug 1 01:43:53.435: %LINK-3-UPDOWN: Interface GigabitEthernet0/0/0, changed state to down
*Aug 1 01:43:56.447: %LINK-3-UPDOWN: Interface GigabitEthernet0/0/0, changed state to up
*Aug 1 01:43:57.447: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0/0,
changed state to up

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the verification commands for interface? And what they show

A

Displays all interfaces, their IP addresses, and their current
status.

show ip interface brief
show ipv6 interface brief

Shows info about IP routing tables in RAM
show ip route
show ipv6 route

Displays statistics for all interfaces on the device. Only
displays the IPv4 addressing information
show interfaces

Displays the IPv4 statistics for all interfaces on a router.
show ip interfaces

Displays the IPv6 statistics for all interfaces on a router.
show ipv6 interfaces

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How to configure Default Gateway on a switch

A

ip default-gateway ip-address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which 5 boot steps does a Cisco switch go through after being powered on?

A
  1. POST(Power on self-test) stored in ROMChecks CPU, DRAM and portion of the flash device that makes upm the flash file system.
  2. Loads boot-loader, program stored in ROM that runs immediately after POST
  3. Boot loader performs low-level CPU initializatio. Initializes CPU registers, physical memory mapping , quantity of memor and speed.
  4. Boot loader initizalizes the flash file system on the system board.
  5. Boot loader locates and loads default IOS operating system software image into memory and gives control of the switch over to the IOS.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

How does the switch try to boot?

A

Switch attemps to automatically boot by using information in the BOOT environment variable, If this variable is not set, the swith happends to load and execute the first exectuble it can find.

The IOS operating system then initialzes the inferfaces using the Cisco IOS commands found in the startup-config file called config.txt and is located in flash.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which LED indicatos does a switch have?

A

System LED (SYST): Functioning properly and getting power.

Redunants Power Supply LED(Shows the RPS status) (external power)

Port Status LED (STAT) If green, indicates port status mode is selected, default.

Port Duplex LED (DUPLX) When green, indicates port duplex mode is selected.

PORT Speed LED (SPEED)( When green, indicates port speed mode is selected.

Power over Ethernet LED (PoE) PoE status on the switch

The Mode button is used to move between the different modes – STAT,
DUPLX, SPEED, and PoE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How does a switch recover from a system crash?

A
  1. Connect PC by console cable. Use terminal emulation software to connect to the switch.
  2. Unplug the power
  3. Reconnect power, after 15 seconds, hold down mode while the SYSTEM LED is flashing green.
  4. Hold mode until System LED turns briefly amber and theng green.

5.The boot loader switch: prompt appears in terminal on PC.
Format flash file system, reinstall OS, recover lost or forgotten password.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What do you need to do before u can have remote management access on a switch?

A

The switch must be configured with an IP address(default gateway) and a subnet mask
Also consle cable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the steps to configuring SWITCH SVI? Which commands are being used?

A
  1. Configure management interface for Ipv4 and IPv6
    S1# configure terminal
    S1(config)# interface vlan 99
    S1(config-if)# ip address 172.17.99.11 255.255.255.0
    S1(config-if)# ipv6 address 2001:db8:acad:99::1/64
    S1(config-if)# no shutdown
    S1(config-if)# end
    S1# copy running-config startup-config
2.Configure Default Gateway
S1# configure terminal
S1(config)# ip default-gateway 172.17.99.1
S1(config-if)# end
S1# copy running-config startup-config

3.Verify Configuration
show ip interface brief
show ipv6 interface brief

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Why is Full-Duplex useful, and half-duplex not so much <3 ?

A

Increases bandwidth efficiency by allowing both enbds of a connection to transmit and receive data simultaneously. Gigabit Ethernet and 10Gb NICs require full-duplex to operate. Collision detection gets disabled on NIC and Full-Duplex offers 100% efficiency.

Half-duplex communication is unidirectional. Creates performance issues because data can flow in only one direction at a time, resulting in collisions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How to configure Full Duplex mode on a switch

A

Enter global configuration mode.
S1# configure terminal

Enter interface configuration mode.
S1(config)# interface FastEthernet 0/1

Configure the interface duplex and interface speed
S1(config-if)# duplex full
S1(config-if)# speed 100

Return to the privileged EXEC mode and save running config to startup config.
S1(config-if)# end
S1# copy running-config startup-config

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is Auto-MDIX? How do we configure it and check the settings on a specific interface=

A

When auto-MDIX is enabled, the interface automatically detects the required cable connection type (straight-through or crossover) and configures the connection appropriately.

S1(config-if)# mdix auto

S1# show controllers ethernet-controller fa0/1 phy | include MDIX

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are the 8 switch verification commands? What do they do?

A

Display interface status and configuration. S1# show interfaces [interface-id]

Display current startup configuration. S1# show startup-config

Display current running configuration. S1# show running-config

Display information about flash file system. S1# show flash

Display system hardware and software status. S1# show version

Display history of command entered. S1# show history

Display IP information about an interface.
S1# show ip interface [interface-id]
OR
S1# show ipv6 interface [interface-id]

Display the MAC address table.
S1# show mac-address-table
OR
S1# show mac address-table

19
Q

Which Interface Input and Output Errors do we have?

A

Input Errors . Number of errors

Runts: Packets discarded becasue thy are smaller than minimum packet size for the medium

Giants: Too big for medium

CRC: Checksum is not the same as checksum received

Output errors: Sum of all errors that prevented the final transmission of datagrams

Collisions: Number of messages retransmieed because of collision

Late collisions: A collision that occurs after 512 bits of the frame has been transmitted.

20
Q

What is Telnet?

A

Telnet is an older protocol that uses unsecure plaintext transmission of both the login authentication and the data transmitted between the communicating devies. Port 23

21
Q

What is Secure Shell SSH? How to configure it? Verify if operational

A

Secure Shell(SSH) is a secure protocol that uses TCP port 22. SSH provides security for remote connections by providing strong encryption when a device is authenticated and also the transmitted data between the communicating devices.

1.Verify SSH Support
S1# show ip ssh

2.Configure IP domain.
S1(config)# ip domain-name cisco.com

3.Generate RSA key pairs.
S1(config)# crypto key generate rsa
How many bits in the modulus [512]: 1024 (Longer is more secure, but it takes longer to generate and to use.

4Configure user authentication.
S1(config)# username admin secret ccna

5Configure the vty lines.
S1(config)# line vty 0 15
S1(config-line)# transport input ssh
S1(config-line)# login local
S1(config-line)# exit

Enable SSH version 2.
S1(config)# ip ssh version 2

show ip ssh
show ssh

22
Q

What is Ipv4 Loopback Interfaces used for? How do you configure them?

A

Used to identify the device.

Router(config)# interface loopback number
Router(config-if)# ip address ip-address subnet-mask

23
Q

What is extended ping and extended traceroute.

A

When you just write ping without destination IP. You will then be given several promts to customize the extended ping.
Same with traceroute

24
Q

How do we assign a VLAN to the correct interfaces?

A

Enter global configuration mode.
Switch# configure terminal

Enter interface configuration mode.
Switch(config)# interface interface-id

Set the port to access mode.
Switch(config-if)# switchport mode
access

Assign the port to a VLAN.
Switch(config-if)# switchport access vlan vlan-id

Return to the privileged EXEC mode.
Switch(config-if)# end

example: 
S1# Configure terminal
S1(config)# Interface fa0/18
S1(config-if)# Switchport mode access
S1(config-if)# Switchport access vlan 20
S1(config-if)# end
25
How do you create a voice vlan?
Go to VLAN 150 name it voice, exit vlan config mode S3(config-vlan)# vlan 150 S3(config-vlan)# name VOICE S3(config-vlan)# exit Go to the interface you want to give voice vlan S3(config)# interface fa0/18 S3(config-if)# switchport voice vlan 150 S3(config-if)# end
26
How can you verify vlan information?
Display VLAN name, status, and its ports one VLAN per line. brief Display information about the identified VLAN ID number. id vlan-id Display information about the identified VLAN name. The vlan-name is an ASCII string from 1 to 32 characters. name vlan-name Display VLAN summary information. summary
27
How can you change the VLAN port membership
If the switch access port has been incorrectly assigned to a VLAN, then simply re-enter the switchport access vlan vlan-id interface configuration command with the correct VLAN ID For instance, assume Fa0/18 was incorrectly configured to be on the default VLAN 1 instead of VLAN 20. To change the port to VLAN 20, simply enter switchport access vlan 20. S1(config)# interface fa0/18 S1(config-if)# no switchport access vlan S1(config-if)# end
28
How can u delete VLANs? What should u do before deleting and why?
Delete VLANs with the no vlan vlan-id command. Delete all VLANs with delete flash:vlan.dat or delete vlan.dat Caution: Before deleting a VLAN, reassign all member ports to a different VLAN first. When a VLAN is deleted, any ports assigned to that VLAN become inactive. They remain associcated with the VLAN until you assign them to a new VLAN or recreate the missing VLAN. If recreated the missing VLAN would automatically reassign the hosts to it.
29
How can u configure a Trunk?
Enter global configuration mode. Switch# configure terminal Enter interface configuration mode. Switch(config)# interface interface-id Set the port to permanent trunking mode. Switch(config-if)# switchport mode trunk Sets the native VLAN to something other than VLAN 1. Switch(config-if)# switchport trunk native vlan vlan-id (all VLANs created on the switch will pass traffic on this trunk) Specify the list of VLANs to be allowed on the trunk link. Switch(config-if)# switchport trunk allowed vlan vlan-list Return to the privileged EXEC mode. Switch(config-if)# end Example: S1(config)# Interface fa0/1 S1(config-if)# Switchport mode trunk S1(config-if)# Switchport trunk native vlan 99 S1(config-if)# Switchport trunk allowed vlan 10,20,30,99 S1(config-if)# end
30
How can you reset the trunk to the default state?
S1(config)# interface fa0/1 S1(config-if)# no switchport trunk allowed vlan S1(config-if)# no switchport trunk native vlan S1(config-if)# end
31
How can you verify the DTP mode?
show dtp interface
32
Which commands can we use to fix issues when working with Inter-VLAN
Missing VLANs show vlan [brief] show interfaces switchport ping Switch Trunk Port Issues show interface trunk show running-config Switch Access Port Issues show interfaces switchport show running-config interface ipconfig Router Configuration Issues show ip interface brief show interfaces
33
What are the steps to confifuring a Cisco IOS DHCPv4 server?
Step 1. Exclude IPv4 addresses. Router(config)# ip dhcp excluded-address low-address [high-address] Step 2. Define a DHCPv4 pool name. Router(config)# ip dhcp pool pool-name Router(dhcp-config)# Step 3. Configure the DHCPv4 pool. Define the address pool. network network-number [mask | / prefix-length] Define the default router or gateway. default-router address [ address2....address8] Define a DNS server. dns-server address [ address2...address8] Define the domain name. domain-name domain Define the duration of the DHCP lease. lease {days [hours [ minutes]] | infinite} Define the NetBIOS WINS server. netbios-name-server address [ address2...address8] Example R1(config)# ip dhcp excluded-address 192.168.10.1 192.168.10.9 R1(config)# ip dhcp excluded-address 192.168.10.254 R1(config)# ip dhcp pool LAN-POOL-1 R1(dhcp-config)# network 192.168.10.0 255.255.255.0 R1(dhcp-config)# default-router 192.168.10.1 R1(dhcp-config)# dns-server 192.168.11.5 R1(dhcp-config)# domain-name example.com R1(dhcp-config)# end R1#
34
How can u verify the DHCPv4
show running-config | section dhcp Displays the DHCPv4 commands configured on the router. show ip dhcp binding Displays a list of all IPv4 address to MAC address bindings provided by the DHCPv4 service. show ip dhcp server statistics Displays count information regarding the number of DHCPv4 messages that have been sent and received
35
How do you Disable the Cisco IOS DHCPv4 Server?
R1(config)# no service dhcp R1(config)# service dhcp R1(config)#
36
What is DHCPv4 Relay? How dou configure it?
DHCPv4 Relay is when you configure a router to relay DHCPv4 messages to the DHCPv4 server. If it is not configured, the broadcast is not getting forwarded to the server. By using the ip-helper- server-address command R1(config)# interface g0/0/0 R1(config-if)# ip helper-address 192.168.11.6 R1(config-if)# end R1#
37
How do you configure a router as a DHCPv4 client?
SOHO(config)# interface G0/0/1 SOHO(config-if)# ip address dhcp SOHO(config-if)# no shutdown
38
How do you configure a steless DHCpv6 server?
Step 1. Enable IPv6 routing. R1(config)# ipv6 unicast-routing Step 2. Define a DHCPv6 pool name. R1(config)# ipv6 dhcp pool IPV6-STATELESS R1(config-dhcpv6)# Step 3. Configure the DHCPv6 pool. R1(config-dhcpv6)# dns-server 2001:db8:acad:1::254 R1(config-dhcpv6)# domain-name example.com R1(config-dhcpv6)# exit R1(config)# Step 4. Bind the DHCPv6 pool to an interface. R1(config)# interface GigabitEthernet0/0/1 R1(config-if)# description Link to LAN R1(config-if)# ipv6 address fe80::1 link-local R1(config-if)# ipv6 address 2001:db8:acad:1::1/64 R1(config-if)# ipv6 nd other-config-flag R1(config-if)# ipv6 dhcp server IPV6-STATELESS R1(config-if)# no shut R1(config-if)# end Step 5. Verify hosts received IPv6 addressing information. ipconfig /all
39
Configuring a stateless DHCPv6 Client
Step 1. Enable IPv6 routing. R3(config)# ipv6 unicast-routing Step 2. Configure the client router to create an LLA. R3(config)# interface g0/0/1 R3(config-if)# ipv6 enable R3(config-if)# Step 3. Configure the client router to use SLAAC. R3(config-if)# ipv6 address autoconfig R3(config-if)# end Step 4. Verify client router is assigned a GUA. R3# show ipv6 interface brief Step 5. Verify client router received other DHCPv6 information. R3# show ipv6 dhcp interface g0/0/1
40
How to configure a DHCPv6 Relay Agent?
R1(config)# interface gigabitethernet 0/0/1 R1(config-if)# ipv6 dhcp relay destination 2001:db8:acad:1::2 G0/0/0 R1(config-if)# exit R1(config)#
41
How to configure and verify static NAT?
• Step 1 - Create a mapping between the inside local address and the inside global addresses using the ip nat inside source static command. R2(config)# ip nat inside source static 192.168.10.254 209.165.201.5 R2(config)# • Step 2 - The interfaces participating in the translation are configured as inside or outside relative to NAT with the ip nat inside and ip nat outside commands. R2(config)# interface serial 0/1/0 R2(config-if)# ip address 192.168.1.2 255.255.255.252 R2(config-if)# ip nat inside R2(config-if)# exit R2(config)# interface serial 0/1/1 R2(config-if)# ip address 209.165.200.1 255.255.255.252 R2(config-if)# ip nat outside Verify R2# show ip nat translations R2# show ip nat statistics
42
Configure Dynamic NAT
Step 1 - Define the pool of addresses that will be used for translation using the ip nat pool command. R2(config)# ip nat pool NAT-POOL1 209.165.200.226 209.165.200.240 netmask 255.255.255.224 Step 2 - Configure a standard ACL to identify (permit) only those addresses that are to be translated. R2(config)# access-list 1 permit 192.168.0.0 0.0.255.255 • Step 3 - Bind the ACL to the pool, using the ip nat inside source list command. R2(config)# ip nat inside source list 1 pool NAT-POOL1 ``` Identify which interfaces are inside and outside R2(config)# interface serial 0/1/0 R2(config-if)# ip nat inside R2(config-if)# interface serial 0/1/1 R2(config-if)# ip nat outside ``` ``` Verify shop ip nat translations verbose shop ip net statistics show running-config Can use verbose to get additional info ```
43
Configure PAT on single Ipv4 address
R2(config)# ip nat inside source list 1 interface serial 0/1/0 overload R2(config)# access-list 1 permit 192.168.0.0 0.0.255.255 R2(config)# interface serial0/1/0 R2(config-if)# ip nat inside R2(config-if)# exit R2(config)# interface Serial0/1/1 R2(config-if)# ip nat outside
44
Configure PAt on Address Pool
R2(config)# ip nat pool NAT-POOL2 209.165.200.226 209.165.200.240 netmask 255.255.255.224 R2(config)# access-list 1 permit 192.168.0.0 0.0.255.255 R2(config)# ip nat inside source list 1 pool NAT-POOL2 overload R2(config)# interface serial0/1/0 R2(config-if)# ip nat inside R2(config-if)# interface serial0/1/0 R2(config-if)# ip nat outside Verify R2#Show ip nat translations R2#shop ip nat statistics