Day 1&2 Flashcards
enterprise level networking
the communications backbone connecting devices across LAN’s and WAN’s
network management principles
the following principles help to ensure proper network management
configuration management
documents and controls network changes for equipment, hardware, and software througout the network’s lifecycle
accounting/administration management
accounting management gathers usage statistics for billing and accounting purposes
fault management
detects, runs diagnostics tests, isolates, and corrects network faults to include error log maintenance
performance management
encompasses the evaluation and reporting of networked equipment functionality. performance management gathers and maintains historical logs of statistical information
security management
protects a network from unauthorized access
The Cisco model
uses a three layer model: Core layer, distribution layer, access layer
core layer
core of the network focused on transporting data as fas as possible
distribution layer
the communications point between the core and access layers
access layer
controls access to intra-network resources. LOCAL!
Cisco device management
relies on two main files to run: cisco internetwork operating system (IOS) and configuration (startup-config)
Cisco boot process
- power on self-test (POST)
- loads bootstrap from ROM
- load IOS from flash memory into RAM
- load configuration from NVRAM (startup-config) into RAM (running-config)
ROMMON
manually interrupting the boot process puts device into ROMMON.
allows you to reinstall IOS software or recover passwords.
only accessible through physical access to the console
Cisco IOS naming conventions
a. b (c.d) e f
a: major version number
b: minor version number
c: maintenance release number
d: interim build number
e: release train identifier (no letter indicates mainline)
f: rebuild number
Mainline train (M)
designed to be the most stable release Cisco can offer. never expands
Technology train (T)
these IOS versions get new features and bug fixes throughout their lifecycle, but are less stable than mainline trains.
IOS 15
considered the M&T or M/T release
show version command
lists hardware and software version information
p 14
show ip interface brief
shows the current status of all interfaces including any virtual interfaces
p 15
show interface
provides detailed information about the interfaces, including encapsulation, MAC address, bandwidth, duplex, IP address, and DCE/DTE setting
p16
show arp
reveals all devices with which the router has communicated.
p17
IOS access and privileges
.
console port
physical connection
local, command-line access through a terminal emulation program.
(out-of-band management)
auxiliary port
physical connection
remote, command-line access through a modem. it can also be used as a console port.
(out of band management)
VTY lines
remote, logical access using application layer protocols such as Telnet or SSH.
(In band management)
user exec mode
>
basic monitoring commands
Router>
Privileged Exec #
access to all other router commands.
accessed with the ENABLE command
show privilege
command used to verify access levels
global configuration (config)
changes affect the entire ssytem as a whole
Router(config)#
Specific configuration
config-…
changes affect specific interfaces or processes.
Router(config-router)#
setup
used when no startup-config exists in NVRAM, such as when a router/switch is turned on for the first time
p20
cisco discovery protocol (CDP)
layer 2 Cisco protocol that gathers information about neighboring (attached) Cisco devices only.
show cdp
displays information about CDP timer and hold time parameters
show cdp neighbors
displays basic information about directly-connected cisco devices
p 23
show cdp neighbors detail
adds in IP address and remote device IOS information
p24
switches
layer 2 devices used to define collision domains
three main functions of switches
are address learning, making/forwarding/filter decisions, and loop avoidance
address learning
switches rely on their MAC address table (MAT) to make forwarding decisions
forward/filter decisions
frame filtering
loop avoidance
when multiple switches are connected, loops may occur. Spanning tree protocol eliminates redundant links and stops loops
spanning tree protocol
monitors links between switches to prevent loops.
STP communicates using Bridge Protocol Data Units (BPDU’s)
STP port states
Blocking: will not forward, accept network traffic, or learn any MAC addresses.
listening: sends and receives BPDU’s, but does not learn MAC addresses
Learning: Learns MAC addresses and populates the MAT to prevent flooding, but does not forward traffic
Forwarding: Processes and forwards traffic..normal operation
DIsabled: administratively shut down
STP process
- root bridge is selected as reference point for all other devices.
- all other devices identify their root port (port with lowest cost to root bridge)
- all other switches find their designated port, which are advertised to other switches as having the lowest cost to root bridge
- designated ports are forwarding ports to connected network segments
- every port that is not a root or designated port is placed in a blocking state
more on STP
it had a 30-50 second convergence time.. slow!!!
Rapid Spanning Tree Protocol (RSTP)
converegence was much quicker….6 seconds!
RSTP only has 3 port states
Discarding: no user data is sent over the port
Learning: Same as STP learning; MAT population
Forwarding: Same as STP forwarding; fully operational
Portfast
forces switch ports to immediately enter the forwarding state, bypassing STP learning and listening states.
should only be used on ports with a single host, other wise bridge loops may occur.
physical interfaces
Ethernet 1 non modular
Ethernet0/1 modular
GigabitEthernet0/1/1 modular
virtual interfaces
sub-interface and tunnel
sub-interface
a subinterface that uses a physical interface allowing for network expansion.
used in conjunction with VLAN’s
note about subinterfaces and VLANS
VLANS are set up on switches, but are supported byh a router. switches interface with a router through a trunk. the trunk has subinterfaces that connect to each vlan
tunnel
used to deliver one protocol across a network using a different protocol or to provide a secure delivery across a network
loopback
the loopback interface is commonly configured to provide an IP address when utilizing an ipunnumbered schema or to establish the router id for OSPF and BGP.
null
directing undesired network traffic to the null interface can avoid the overhead involved with using access lists
protocols
routed protocols, routing protocols, static routing
IP unnumbered
method by which an interface is configured without a dedicated IP address
username passwords
enable password-shows password in plain text
enable secret-password is hashed using MD5
router(config)#username geemoney privilege 5 secret jcac
line passwords
set a console user-mode password:
router(config)#line con 0
router(config-line)#password
set a telnet password to enable telnet
router(config)#line vty 0 15
router(config-line)#password
service password encryption
applies type 7 encryption to the plain text passwords. Type 7 is a weak algorithm originally used to prevent simple password snooping.
access ports
can only belong to and carry traffic for one VLAN
one of two types of VLAN ports
trunk ports
between a switch and a router
the other type of VLAN port
two trunking protocols
ISL: adds 30 bytes of overhead data to the frame
802.1q: adds only 4 bytes of overhead/data to the frame
Per-VLAN Spanning Tree (PVST) and Per-VLAN Spanning Tree Plus (PVST+)
simply treat each vlan as a separate network.
PVST is used on ISL trunk links, while PVST+ is used to support 802.1Q trunks
