Skip to content

Instantly share code, notes, and snippets.

@michele-biondi-unicam

michele-biondi-unicam/[CCNA 1-2].0 |Engineering Journal|

Last active December 7, 2017 15:48
Show Gist options
  • Save michele-biondi-unicam/21b880997c61f92f3ea0131705c4b274 to your computer and use it in GitHub Desktop.
Save michele-biondi-unicam/21b880997c61f92f3ea0131705c4b274 to your computer and use it in GitHub Desktop.
Download ZIP
CCNA 1-2 Engineering Journal
Raw
[CCNA 1-2].0 |Engineering Journal|
This will be the engineering journal that i will write during my journey with Cisco Networking Academy.
1 - DONE
2 - DONE
3 - DONE
4 - DONE
5 - DONE
6 - DONE
7 - DONE
8 - DONE
9 - DONE
10 - DONE
11 - DONE -> Needs review
Packet Tracer: DONE -> Needs review
IOS COMMANDS REFERENCE:
Switch configuration: 6.4.1.1 -----> to expand here
Router configuration: 6.4.1.2 -----> to expand here
Security features:
'service password-encryption' : passwords are stored encrypted
'security passwords min-length [number]' : passwords need to at least [number] long to be accepted
'login block-for [seconds-to-block] attempts [no-of-attempts] within [seconds-within-failed-attempts]'
'exec-timeout [minutes]' : automatically timeouts open connections in VTY, LINE or AUX (depending on where you set it)
Enable SSH:
'enable'
'configure terminal'
'ip domain-name [domain-name]'
'crypto key generate rsa general-keys'
'username [username] secret [password]'
'line [type] [num]' : the line on which activate ssh inbound
'login local'
'transport input ssh': enable inbound SSH
'exit'
Raw
[CCNA 1-2].1 Exploring the network.txt
##################### CHAPTER 1 #####################
The network infrastructure contains three categories :
-Devices
-Media
-Services
Types of network:
-LAN
-WAN
-MAN
-WLAN
-SAN
The word "internet" refers to multiple interconnected networks, "Internet" refers to the World Wide Web
Terms:
-Internet: The World
-Extranet: secure and safe access to some data of the organizations by external organizations
-Intranet: Company only
Internet Access:
-SO/HO:
-Cable
-DSL
-Cellular
-Satellite
-Dial-up Telephone
-Business:
-Dedicated Leased Lines: Dedicated circuits within the service provider's network
-Ethernet WAN
-DSL: SDSL is popular (symmetric DSL)
-Satellite
Reliable Network:
-Fault tolerance
-Scalability
-Quality of Service
-Security
Security is obtained with:
-Confidentiality
-Integrity
-Availability
New Network Trends:
-BYOD (Bring your own device)
-Online Collaboration
-Video Communication
-Cloud Computing
New Network Technologies for home:
-Smart Home
-Powerline Networking
-Wireless Broadband
Security threats:
-Viruses, worms, and Trojan horses
-Spyware and adware
-Zero-day attacks, also called zero-hour attacks
-Hacker attacks
-Denial of service attacks
-Data interception and theft
-Identity theft
Security solutions:
-Antivirus and antispyware
-Firewall
-Dedicated Firewall Systems
-ACL (Access control lists)
-IPS (Intrusion prevention system)
-VPN (Virtual Private Network)
Raw
[CCNA 1-2].2 Configure a Network Operating System.txt
##################### CHAPTER 2 #####################
User can interact with a shell with a CLI or a GUI.
Cisco IOS is used for cisco devices
The most common way to configure a HOME router is with a web broswer
Methods to access the CLI environment:
-Console : Physical management port that provides out of band access, works even without connectivity
-SSH : Secure CLI connection, requires active networking services
-Telnet: Like SSH but insecure because everything is sent in cleartext
Some devices also support a legacy AUX port used to establish remote CLI session using a modem. It works similarly to console connection.
Some useful terminal emulators via SSH/Telnet:
-PuTTY
-Tera term
-OS X terminal
-SecureCRT
For security Cisco IOS separates management access into two modes:
-User EXEC mode: Limited capabilities but useful for basic operations and monitoring,
Doesn't allow change to configurations
CLI prompt ends with a >
referred as 'view-only' mode
-Privileged EXEC mode: Higher configuration modes can only be accessed this mode
CLI prompt ends with a #
To configure the device the user must enter Global configuration mode:
- it is identified by a command prompt that ends with (config)#
- changes here affect the device as a whole
- from here you can access more specifi sub-configuration mode for specific function of the IOS device:
Two common subs are:
-Line configuration Mode: (config-line)#
-Interface configuration Mode: (config-if)#
If you type 'enable' on command line you go from user EXEC to privileged EXEC mode
If you type 'disable' on command line you return to the user EXEC mode
From privileged EXEC mode if i type 'configure terminal' i go to Global configuration mode
To return to privileged EXEC mode type 'exit'
From Global configuration mode if i type 'interface <interface-name> <interface-number' i get to the specific interface configuration
for the specified interface, the same for line 'line <line-name> <line-number>'.
You don't need to return to global configuration mode to switch between sub-configurations.
To return to Global Configuration mode (from sub-configuration) type 'exit'.
To return directly to Privileged exec mode type 'end' or press 'Ctrl+Z'
The general command syntax is the command followed by keywords and arguments:
-Keyword : a specific parameter defined in the operating system
-Argument: not predefined, a variable or value user-defined.
Convention:
boldface: commands and literals that you enter as shown
italics: arguments for which you suplly values
[x] : Optional element
{x} : Required element
[x {y | z}]: Required choice within an optional argument
IOS helps:
-Context-sensitive help:
Helps you find quickly which command are available in each command mode
To access it type '?' at the CLI
It can even be used to check what parameters a particular command accept or to finish the name of a command.
Command syntax check:
If a command is entered wrong, the CLI provides the user a feedback about what is wrong.
Cisco IOS shortcuts: http://etherealmind.com/cisco-ios-cli-shortcuts/
IMPORTANT SHORTCUTS : Ctrl-Shift-6 To abort a command mid-stream (Useful for mistyped commands and cisco IOS attempting translate it with DNS)
Ctrl+R refresh last command (example if an output of a interface down/up shows in the middle of typing a command)
Hostnames:
-Case sensitive
-to change hostname use the command 'hostname <hostname>' in Global Config Mode
-to reset default hostname use the command 'no hostname' in Global Config Mode
Passwords:
-use 'enable secret <password>' in Global Config Mode to set password for Privileged Exec Mode
-to set a password in user EXEC mode, type 'password <password>' in line console configuration mode ('line console 0' global config command)
next enable user login with the 'login' command
-to set a password for VTY (Virtual terminal) lines used for SSH and Telnet enter line VTY config mode with 'line vty 0 15' (if 16 vty lines)
next set password with 'password <password>' and enable login with 'login'
-To encrypt passwords:
Use command 'service password-encryption', this applies only to configuration files
To check the config for encryption run 'show running-config'
To add a banner message of the day use 'banner motd # the message of the day # '
There are two types of config:
-startup config ,stored in NVRAM, to view it use 'show startup-config'
-running config ,stored in RAM
To save changes made to the running config in the startup config do 'copy running-config startup-config'
To restore the startup config run in privileged EXEC mode 'reload'
If unwanted changes were made to the startup config file it is possible to remove it by using 'erase startup-config'
Types of network media include twisted-pair copper cables, fiber-optic cables, coaxial cables, or wireless as shown in the figure.
Difference between them:
Distance the media can successfully carry a signal
Environment in which the media is to be installed
Amount of data and the speed at which it must be transmitted
Cost of the media and installation
Cisco IOS Layer 2 switches have physical ports for devices to connect. These ports do not support Layer 3 IP addresses.
Therefore, switches have one or more switch virtual interfaces (SVIs)
IP address information can be added:
-manually
-using DHCP
To configure SVI use 'interface vlan 1' in global config mode.
Assign an ip address using 'ip address <ip-address> <subnet-mask>'
Enable the inteface using 'no shutdown'
To see a brief interface ip screen : 'show ip inteface brief'
To test the connectivity of a device on a network or of a website use the command 'ping <ip-address>'
Raw
[CCNA 1-2].3 Network Protocols and Communications.txt
############### Chapter 3 ###############
Protocols are necessary for effective comunication.
Protocol fundamental traits:
-Message Encoding: how it is sent
-Message Formatting and Encapsulation: Sender , recipient, message etc.... how it is composed.
-Message size: maximum and minimum size allowed
-Message timing: Access method, flow control, response timeout
-Message delivery options: unicast,multicast,broadcast
A group of protocols needed for communication is called a Protocol Suite.
A protocol stack shows how the individual protocols within a suite are implemented.
Some protocols:
-HTTP:defines how a web server and a client interact with each other.
-TCP: devides the http message into smaller pieces, called SEGMENTS, also responsible for the control of size and rate at which messagges are sent.
-IP: takes the formatted segments from TCP, assigning them appropriate addresses and delivering them to the appropriate hosts.
-Ethernet: communication over a data link and physical transmission.
The TCP/IP protocol suite is an open standard
Standards Organizations:
INTERNET STANDARDS:
ISOC(Internet society): promotes open development
and use of internet
------> IAB(Internet Architecture Board):Overall management and development of internet standards
------> IETF(Internet engineerg task force): develops and mantain TCP/IP technologies and RFC(Request for comments)
------> IRTF(Internet research task force): focused on long term research for TCP/IP technologies
IANA(Internet Assigned Number authority):overseeing and managing IP address allocation, Domain name management and protocol identifiers for ICANN
ICANN(Internet Corporation for Assigned Names and Numbers):Coordinates IP address allocation, management and other things related to TCP/IP
ELECTRONICS AND COMMUNICATIONS STANDARDS:
IEEE(Institute of Electrical and Electronics Engineers):Dedicated to advancing technological innovation
Some of its workgroups are:
802.1 Higher Layer LAN Protocols Working Group
802.3 Ethernet Working Group
802.11 Wireless LAN Working Group
802.15 Wireless Personal Area Network (WPAN) Working Group
802.16 Broadband Wireless Access Working Group
802.18 Radio Regulatory TAG
802.19 Wireless Coexistence Working Group
802.21 Media Independent Handover Services Working Group
802.22 Wireless Regional Area Networks
802.24 Smart Grid TAG
EIA(Electronic Industries Alliance): standards related to wiring ,connectors etc...
TIA(Telecommunications Industry Association): responsible for developing communication standards (radio equipment,cellular towers,satellite etc..)
ITU-T(International Telecommunications Union-Telecommunication Standardization Sector): defines standards for video compression, IPTV and broadband communications like DSL.
A model (like OSI - Open Systems Interconnections) is just a reference and not an actual imoplementation (like TCP/IP protocol stack)
The division of the data stream into smaller pieces is called segmentation, it allows:
-Many different connections can be interleaved on the same network (multiplexing)
-Retransmitting of what is lost
As application data is passed down the protocol stack, various information is added. This process is called encapsulation.
The form the data takes at every level is called PDU (Protocol Data Unit):
-Application Layer -> Data
-Transport Layer -> Segment
-Network Layer -> Packet
-Data Link Layer -> Frame
-Physical Layer -> Bits
IP address has:
-Network portion:equal for every device on the same network
-Host portion: unique for each device on the same network
Data link addresses are known as Ethernet Address(MAC : Media access control)
All packets with a destination to a remote network are sent to the default gateway.
Raw
[CCNA 1-2].4 Network Access.txt
############### CHAPTER 4 ###############
A physical connection can be a wired connection using a cable or a wireless connection using radio waves.
ISR (Integrated Service routers) offer a switching component and often an AP
Ethernet doesn't degrade, while Wireless degrades based on the distance from the AP
There are three basic types of network media:
-Copper cable: patterns of electrical pulses
-Fiber-optic cable : patterns of light.
-Wireless: patterns of microwave transmission
Physical Layer standards are defined by:
-International Organization for Standardization (ISO)
-Telecommunications Industry Association/Electronic Industries Association (TIA/EIA)
-International Telecommunication Union (ITU)
-American National Standards Institute (ANSI)
-Institute of Electrical and Electronics Engineers (IEEE)
-National telecommunications regulatory authorities including the Federal Communication Commission (FCC) in the USA and the European Telecommunications Standards Institute (ETSI)
The physical layer standards are three functional areas:
-Physical Components: hardware devices that trasmit and carry signalgs to represent bits
-Encoding: method of converting a stream into a predefined 'code'(e.g. Manchester enconding 0 -> high to low voltage transition, 1 -> low to high voltage transition.
-Signaling: the method of representing the bits is called 'signaling method'
Difference between encoding and signaling:
-enconding: how 1s and 0s will be used
-signaling: how 1s and 0s are represented(voltage, current, RF, light)
Data transfer is referred in terms of bandwidth and throughput(and goodput):
-Bandwidth: capacity of a medium to carry data measuered in b/s (Mb/s, Gb/s etc...),
factors that determine the practical bandwidth of a network:
-Properties of physical media
-Techonology used for signaling
-Throughput: the measure of the transfer of the bits across the media in a given period,
it is influecend by factors like amount of traffic and type of traffic,
It cannot be faster than the slowest link on the path
-Goodput: Throughput - Overhead to send data
Copper cabling:
Inexpensive and easy to install
Limited by distance and signal interference
The more it travels, the more it deteriorates, so copper media must follow strict distance limitations (To prevent attenuation)
Also suscpeptible to: EMI and RFI (electromagnet and radio interferences)
Crosstalk: disturbance of near wires
To counter interferences some cable is shielded with metal
To counter crosstalk some cables have opposed wire paris twisted together, which cancels the crosstalk
Three main types of copper media that are used in networking environments are:
-UTP: Unshielded Twisted Pair, terminated with RJ-45 connectors
-STP: Shielded Twisted Pair, terminated with special STP data connectors, the cable needs to be properly grounded
-Coaxial: it is composed of:
-copper conductor to transmit the electronic signal
-layer of flexible plastic surrounding the copper conductor
-woven copper braid or mettalic foil that acts as the second wire in the circuit and a shield for the inner copper conductor
-cable jacket that covers the other layers to ensure physical protection
Although almost replaced by UTP, it is still used in
-Wireless instalations to attach antennas
-Cable internet installations (for wiring inside the premises, the rest is in optic-fiber)
Safety:
Potential fire and electrical hazards.
Prevention:
-Separation of data and electrical power using safety codes
-Cables connected correctly
-Inspect installations for damages
-Equipment grounded correctly
UTP:
Network designers discovered how tey can limit crosstalk:
-Cancellation: Pair are put close together so they cancel EFI and RFI
-Varying number of pair twists
Cables are placed into categories based on their ability to carry higher bandwidth rates.
Usually terminated with RJ-45 connectors.
The TIA/EIA-568 describes the pinout of for Ethernet cables.
Types:
-Ethernet Straight-trough(Unlike devices):
Both ends T568A or T568B, used for host-to-networkDevice connections.
-Ethernet Crossover(Like devices):
One end T568A and one end T568B, used for host-to-host or networkDevice-to-networkDevice connections.
A computer and a router are considered like devices.
-Rollover
Cisco proprietary, used to connect a workstation serial port to a router console port..
You should use a cable tester after an installation
T568A and T568B connections(As seen from the botton of an RJ-45):(An S before a color means Striped):
T568A:
Sgreen,green,Sorange,blue,Sblue,orange,Sbrown,brown
T568B:
Sorange,orange,Sgreen,blue,Sblue,green,Sbrown,brown
Fiber optic cabling:
Transmits data over longer distances and at higher speeds.
Immune to RFI and EMI
Used in :
-Enterprise networks
-FTTH
-Long Haul networks
-Submarine cable networks
Composed of two types of glasses, that although very thin makes it very strong, so it used in harsh environment, they are:
-core
-cladding
Then the outer regions are (in order):
-buffer: used to shield the core and cladding
-stengthening material: to prevent the fiber to be stretched when it is pulled
-Jacket:typically PVC The composition can vary, used to protect from moisture, abrasion and other contaminants
Light pulses are generated by lasers or LEDs
Types of fiber media:
-SMF(Single-mode fiber):tiny core and expensive laser technology, used for long distance.
-MMF(Multi-mode fiber): larger core with LED emitters to send light pulses. Up to 10 Gb/s in the range of 550 mt.
Connectors:
Two fibers are required for full duplex operations(because light travels only one way):
-ST(Straight Tip):One of the first connectors
-SC(Subscriber Connector): referred to as square connectors, widely used in LAN and WAN
-LC(Lucent Connector):Small version of the SC connector
-Duplex Multimode LC: Similar to LC but using a duplex connector:
Common types of splicing error in fiber optics:
-Misalignment: not aligned well when joined
-End gap: gap at the end of media, it doesn't touch
-End finish: Media ends are not polished or they have dirt
Testing can be done with a bright flashlight or with a Optical Time Domain Reflectometer (OTDR).
Wireless Media:
Areas of concern:
-Coverage area
-security
-Interference
-Shared medium
Types:
-Wi-fi(WLAN):Uses CSMA/CA(Carrier sense multiple access/ Collision avoidance)
-Bluetooth(WPAN):uses device pairing for communication between 1 to 100 meters
-WiMax: Uses point-to-multipoint topology to provide Wireless broadband access.
WLAN: requires an AP (Access point) and Wireless NIC adapters
The data link layer is divided into two sublayers:
-LLC(Logical link control):Communicates with the network layer
-MAC(Media access control):media access processes performed by the hardware, provides link layer addressing
Different media access control methods may be required during a single communication.
Data link layer protocols are generally not defined in RFCs, they define rules to access the media that depend on:
-Topology
-Physical
-Logical: how network transfers from one node to the next
-Media sharing
WANs are commonly interconnect in these physical topologies:
-Point-to-Point
-Hub and spoke
-Mesh: every link connected to every other link
Adding intermediate physical links may not change logical topology
In shared media LANs end devices can have these physical topologies:
-Star
-Extended star topology
-Bus (used in legacy ethernet networks)
-Ring (used in legacy FDDI)
Duplex:
-Half duplex: Cannot receive and transmit at the same time(e.g. ethernet hubs)
-Full duplex: capable of receiving and transmitting at the same time(e.g. ethernet switches: they can even fallback to half)
It is important that two connected interfaces operate in the same duplex mode
Access control methods:
-Contention-based access
-Controlled access
CSMA/CD (Carrier sense multiple access/Collision detection):
-used in half duplex ethernet LANs
-senses if there was a collision by controlling what it receive or analyzing the signal amplitude(higher than normal)
CSMA/CA (Carrier sense multiple access/collision avoidance):
-used in 802.11 wlan
Ethernet LANs using switches don't use a contention-based mode because the switch and NICs operate in full duplex mode
Each Frame has 3 parts:
-Header
Frame Start
Addressing
Type
Control(E.g QoS)
-Data
-Trailer
Error detection (FCS frame check sequence)
Frame stop
Physical addresses don't indicate in which network a device is.
Data link layer protocols:
Ethernet
802.11 Wireless
Point-to-Point Protocol (PPP)
HDLC
Frame Relay
Raw
[CCNA 1-2].5 Ethernet .txt
############### CHAPTER 5 ###############
Ethernet is a family of networking tech define in IEEE 802.2 and IEEE 802.3
Ethernet standards define both layer 2 protocols and layer 1 technologies
Two sublayers:
LLC(Logical Link Control):
Handles communication with upper and lower layers
Can be considerded the driver software for the NIC
Defined by 802.2
MAC Sublayer:
Implemented in hardware
Defined by 802.3
The MAC sublayer has two functions:
-Data encapsulation
Frame delimiting
Addressing
Error detection
-Media access control
Communicates directly with the physical layer
The underlying topology is a multi-access bus, therefore all nodes share the medium.
It uses CSMA/CD in half duplex networks
Today's networks use full duplex switches, which allow to send and receive without collisions.
Minimum ethernet frame is 64 bytes, maximum is 1518 bytes (preamble excluded)
Frames < 64 bytes are collissio fragments and promptly discarded
Frames > 1500 bytes are considered "jumbo" , if > 1518 packet is dropped
Ethernet II Frame fields:
Preamble(and SFD, start frame delimiter): 7 bytes + 1 byte SFD adverts the receiver to get ready for transmission
Destination MAC address: 6 bytes address , can be unicast,multicast or broadcast
Source MAC address: 6 bytes address, can only be unicast
EtherType: 2 bytes Identifies upper layer (e.g. 0x800=ipv4 0x86DD=ipv6, 0x806=ARP)
Data: 46-1500 bytes contains layer 3 PDU, if the frame is less than 64 bytes a padding is added to increase the size
FCS: 4 bytes checks for errors
MAC address:
3 bytes - vendor (OUI) assigned by IEEE
3 bytes - unique value for each ethernet device
The first thing that the computer does on startup is copying MAC address from ROM to RAM
MAC broadcast address: FF-FF-FF-FF-FF-FF
MAC multicast: ipv4 - first bytes are 01-00-5E and other bytes obtained by converting the lower 23 bits of IP multicast group
ipv6 - first bytes are 33-33
Switch:
Unlike hubs they consult a MAC table to make forwarding decisions (often refferred to as CAM)
Examines frames source MAC address and port number where the frame entered the switch.
If the address does not exist it is added to the table otherwise timer is refreshed or port updated if different.
For unicast, if the destination MAC is in the table it knows where to send it otherwise it forwards the frame to every other port
except the originating port (unknown unicast).
If the frame is broadcast or multicast it is forwarded through all ports except the originating one.
It can have multiple MAC addresses associated to a port, this is common when the switch is connected to another switch.
When a device has an IP address that is on a remote network the Ethernet Frame is sent to the default gateway MAC address.
Types of switching:
Store-and-forward: stores and checks all frames before forwarding (useful for example with QoS)
Cut-through-switching: forwards frames before receiving them completely, requires at least destination address. Does not perform
error checking.
-Fast-forward switching:Immediately forwards after receiving destination address
-Fragment-free switching:Stores the first 64 bytes before forwarding(somekind of compromise). because most failures
occur on the first 64 bytes
Types of memory buffering:
-Port-based memory buffering: port-specific queues. A frame can delay transmission of ALL frames on outgoing port.
-Shared Memory Buffering: common memory buffer, the amount of buffer for a port is dynamically allocated
An ARP reply (Sender ipv4 + sender MAC) is encapsulated in a Ethernet frame with the following header information:
-Destination MAC Address
-Source MAC Address
-Type: 0x806, to inform the NIC that it needs to pass it to the arp process
Entries in an ARP table are timestampred and removed if they do note receive a frame from that device before the time expires.
IPv6 uses a similar protocol called ICMPv6 neighbor discovery.
When a target IPv4 is not on the same network, the ARP reply is sent for the default gateway IP address.
Arp tables entries expire(like said before) or they can be manually removed.
On a Cisco router a 'show ip arp' command is used to display the ARP table
On a Windows Pc 'arp -a' is used.
ARP problems:
-ARP broadcasts: ARP may impact on network performance if a lot of devices are sending ARP requests.
-ARP Spoofing
Raw
[CCNA 1-2].6 Network Layer.txt
############### Chapter 6 ###############
The network layer, or OSI Layer 3, provides services to allow end devices to exchange data across the network.
Basic processes:
-Addressing end devices: Each device has a unique IP address on the same network
-Encapsulation: adds a header to the transport layer PDU
-Routing: The network layer provides services to direct packets to a destination host on another network.
-De-encapsulation
Characteristics of IP:
-Connectionless: doesn't establish connection before sending IP packets.
-Best effort: No guarantee of delivery
-Media independent: only one thing is shared with the media, the MTU (Maximum transmission unit) to know how to split packets.
IPv4 Major issues:
-IP address depletion: although there are aprrox 4 billion ipv4 addresses with more and more devices they are ending.
-Internet routing table expansion: A routing table is used to make best path determinations. With more servers online the are more
routes, and they consume memory and processing resources.
-Lack of end-to-end connectivity: Because of the use of NAT internal network hosts are hidden.
IPv6 addresses this issues:
-128 bit addressing so approx. 340 undecillion ipv6 addresses
-Improved packet handling: Ipv6 header simplified with less fields
-Eliminates the need for NAT because of the large number of addresses available.
IPv6 packet header includes:
-Version: 0110 indicates IPv6
-Traffic Class: Equivalent to DS(Differentiated services in IPv4)
-Flow label: all packets with same flow receive the same handling by routers
-Payload Length
-Next Header: Indicates data payload type like the protocol field in IPv4
-Hop limit: Like TTL in IPv4
-Source IP Address
-Destination IP Address
IPv6 packets are not fragmented
A host can send packets to:
-Itself: using the loopback interface (usually used to test TCP/IP)
-Local host: host on the local network (Same network address)
-Remote host: host on a remote network (Different network address)
Wether a packet is destined to local or remoste host is determined by IPv4 address and subnet mask
To display the host routing table on Windows use 'route print' or equivalent 'netstat -r', this gives you:
-Interface list
-IPv4 Routing table
-IPv6 Routing table
The routing table of a router can store informations about:
-Directly connected routes
-Remote routes: these comes from remote networks connected to other routers.
-Default route: as a last resort.
On a CISCO IOS router the command 'show ip route' can be used to display the IPv4 routing table.
Labels:
C - directly-connected network
L - Local Interface
D - Remote network learned with EIGRP
S - Static route
O - Remote network learned with OSPF
On remote entries there are:
-Label (usually D)
-Destination network
-Administrative distance
-Metric (value assigned to reach the remote network)
-Next-hop: Ip address of the next hop
-Route timestamp: when router last heard from
-Outgoing interface: exit interface to use to forward a packet to reach the final destination
There are three main Cisco products routers:
-BRANCH: this course focuses on this. They are for small business and medium-size branch sites. Cisco ISR G2
-WAN: Large businesses. Cisco Catalyst series.
-Service Provider : Large Service providers.
Routers are like computers
Router Memory:
-RAM : volatile
-ROM: Store crucial operational instructions and a limited IOS
-NVRAM: Non volatile ram used for startup config files
-Flash: Used for storage of the Operating System Cisco IOS plus other related files.
Connections on a Cisco routers are dividied in In-band router interface (lan wan etc...)
Methods to access user EXEC mode:
-Console
-SSH
-Telnet
At boot:
IOS image and other files from FLASH are copied into RAM
Startup config from NVRAM is copied to running-config in RAM
Three phases during bootup:
1. Perform POST and load the bootstrap program (POST=Power on self test)
2. Locate and load CISCO ios, if it doesn't find it in flash tries TFTP, in the worst case it loads a limited IOS(used to diagnose)
3. Locate and load the startup config, if it is not found it tries TFTP, at last it enters setup mode.
To see version running use 'show version'
Configure a interface:
'interface [type-and-number]'
'description [text-max-240-char]'
'ip address [ipv4-address] [subnet-mask]'
'no shutdown'
Commands to check statuses:
'show ip interface brief'
'show interfaces'
'show ip interface'
'show ip route'
To configure a default gateway on a switch:
'ip default-gateway [ip]'
Raw
[CCNA 1-2].7 IP Addressing.txt
############### Chapter 7 ###############
positional notation: a digit represents different values depending on the position
To convert a binary IPv4 address to its dotted decimal equivalent, divide the IPv4 address into four 8-bit octets.
Ipv4:
-Ipv4 Address
-Subnet mask
-Default gateway
To find the network, an Ip address is ANDed with its subnet mask
prefix length : eg. /24 255.255.255.0
Devices can be assigned an IP address statically or dynamically with DHCP
Methods of communication:
Unicast
Broadcast: by default routers do not broadcast frames
Multicast: 224.0.0.0 to 224.0.0.255
private address blocks are:
10.0.0.0 /8 or 10.0.0.0 to 10.255.255.255
172.16.0.0 /12 or 172.16.0.0 to 172.31.255.255
192.168.0.0 /16 or 192.168.0.0 to 192.168.255.255
Special user ipv4 addresses:
Loopback addresses 127.0.0.0/8 or 127.0.0.1 to 127.255.255.255
Link-local addresses(APIPA) :169.254.0.0/24 or 169.254.0.0 to 169.254.255.254
TEST-NET: 192.0.2.0/24 or 192.0.2.0 to 192.0.2.255
Note: There are also Experimental Addresses in the block 240.0.0.0 to 255.255.255.254 that are reserved for future use (RFC 3330).
Legacy classful addressing:
Class A: 0.0.0.0/8 to 127.0.0.0/8
Class B: 128.0.0.0/16 to 191.255.0.0/16
Class C: 192.0.0.0/24 to 223.255.255.0/24
Class D: 224.0.0.0 to 239.0.0.0 Multicast
Class E: 240.0.0.0 - 255.0.0.0 Experimental
Classless addressing(CIDR , classless inter-domain routing) is what is used today.
IPv4 and IPv6 addresses are managed by IANA (Internet Assigned Numbers Authority) and allocates blocks of IP to RIRs (Regional Internet Registers) which in turn give IP blocks to ISPs which in turn give IP blocks to smaller ISPs and organizations.
Ipv4 to Ipv6 migrations:
-Dual stack: run both at the same time
-Tunneling: Ipv6 encapsulated inside ipv4
-Translation: Translation between the two
The preferred format for writing an IPv6 address is x:x:x:x:x:x:x:x, with each “x” consisting of four hexadecimal values.
Rules for simpler representation:
-Remove any leading 0s in any hextet (e.g. 00FG -> FG, AB00 -> AB00, 0AFF -> AFF)
-Omit all 0s segments with :: (Only used once or it creates ambiguity)
Ipv6 address types:
Unicast: Global unicast(Like ipv4 public), Link-local(FE80::/10 range), Unique local(range of FC00::/7 to FDFF::/7)
Multicast
Broadcast
Ipv6 prefix length is represented only in /X notation, it can range from 0 to 128 bit, typical is /64
Every IPv6 enabled network interface must have a link local address
If a link-local address is not configured manually on an interface, the device will automatically create its own without communicating with a DHCP server.
FE80::/10 means the first hextet has a range of 1111 1110 1000 0000 (FE80) to 1111 1110 1011 1111 (FEBF)
Typically it is the link-local of the router to be used a default gateway and not its global unicast.
IPv6 GUA(Global unicast addresses), currently are assigned only 2000::/3 meaning it starts with 2 or 3
The Global Routing prefix is the prefix portion of the address assigned by the provider to a customer site.
RIRs assign a /48 routing prefix to customers.
The subnet ID is used by an organization to identify subnets within its site.
The Interface ID is equivalent to the host portion of an IPv4 address.(/64 should be used here)
All 0s and all 1s host addresses can be assigned because broadcast addresses are not used
Reviewing:
first 48 bits are global routing prefix
next 16 bits are Subnet ID
last 64 bits are Interface ID
The command in Cisco IOS to configure IPv6 GUA is 'ipv6 address [ipv6-address/prefix-length]'
There are two ways in which a device can obtain an IPv6 global unicast address automatically:
SLAAC Stateless address autoconfiguration
Stateful DHCPv6
SLAAC: relies on local router ICMPv6 Router Advertisement messages to obtain the information.
Ipv6 routers send an RA every 200 seconds or when a device sends an IPv6 Router Solicitation message.
TO ENABLE IPV6 ROUTING YOU MUST SUPPLY THE COMMAND 'ipv6 unicast-routing' in global config mode
3 Options:
SLAAC: Gives all information
SLAAC with stateless DHCPv6 server: Some information, the rest to the DHCPv6 server
DHCPv6 only: redirects to a DHCPv6 server.
DHCPv6:
Stateless: Distributes DNS and domain name information
Stateful: the SLAAC in this case only gives away the default gateway and the DHCPv6 gives global unicast address, DNS server, domain name.
EUI-64 process:
24-bit OUI from client MAC address but with 7th bit swapped
16 bit added : FFFE
24-bit Device identifier from the client MAC address
Random address
To ensure unique ipv6 address the client may use DAD (Duplicate address detection) which is similar to ARP, and if doesn't receive response it means it is unique.
Static-link local address:
On cisco router you need to add a link-local additional parameter e.g. 'ipv6 address fe80::1 link-local'
the command to verify ipv6 is 'show ipv6 interface brief'
'show ipv6 route'
Two types of multicast:
-Assigned multicast: reserved multicast address -> FF02::1 All-nodes multicast (like broadcast ipv4)
-> FF02::2 All-routers-multicast (broadcast bur for routers)
-Solicited Node: Like all nodes multicast but mapped to a special Ethernet multicast address.
Although IP is best-effort, TCP/IP suite provides for a method to send errors with ICMP
Common ICMPv4 messages:
Host confirmation -> echo request/echo reply
Destination Unreachable -> codes 0 Net unreachable 1 Host unreachable 2 Protocol unreachable 3 port unreachable
Time exceeded -> when TTL reaches 0
Route redirection
ICMPv6 includes four new protocols as part of the Neighbor Discovery Protocol (ND or NDP)
-RS router solicitation
-RA router advertisement
-NS Neighbor solicitation - this and the next are used for Address resolution and Duplicate address detection
-NA Neighbor advertisement
Traceroute:
Provides a Round trip time (RTT) for each hop along a route, traceroute uses smartly the TTL field (first set to 1 then 2 etc....)
Raw
[CCNA 1-2].8 Subnetting.txt
######### Chapter 8 ########
Common subnets are /8 /16 /24
Classless subnetting: diving more than /24 like /25 etc....
borrowing bits from host portion
Subnetting using magic number:
The number is the last bit set to 1 of the subnet mask
Number of networks = 2^n
Number of hosts = 2^n - 2 (1 broadcast and 1 network address)
Subnetting a subnet (VLSM) was invented do address the problem of wasted addresses.
When using VLSM start with the biggest network to the smallest.
N.B.
Private ip address range are:
10.0.0.0 - 10.255.255.255 with a subnet mask of 255.0.0.0 or /8
172.16.0.0 – 172.31.255.255 with a subnet mask of 255.240.0.0 or /12
192.168.0.0 – 192.168.255.255 with a subnet mask of 255.255.0.0 or /16
Primary considerations:
-Avoid duplicate addresses
-Monitor security and performance
-Control access
For IPv6:
The 16 bit section of subnet ID can create 65536 /64 subnets.(Subnetting into the interface ID is rarely required)
Raw
[CCNA 1-2].9 Transport.txt
############ Chapter 9 ############
Transport layer responsibilites:
-Tracking individual Conversations
-Segmenting data and reassembling Segments
-Identifying the application
Two protocols provided by TCP/IP:
-TCP Transmission Control Protocol
3 basic operations:
-Numbering and tracking data segments transmitted to a specific host (from an app)
-Acknowledging recv data
-Retransmission of unaknwoledged data after a certain time.
-UDP User Datagram protocol
Simple delivering function with little overhead and checking (best-effort)
Applications that stream stored media (Youtube etc...) use TCP and not UDP, this is why you may see 'buffering'.
UDP is used when there is 'real time' interactions(you cannot pause a live streaming to resend segments) or you don't need strict transport delivery.
TCP Features:
Establishing connections: connection-oriented
Reliable delivery
Same-order Delivery: numbering and sequencing
Flow-control: regulating data transmitted to not overwhelm the receiver
TCP Header(Segment) 20 Bytes:
Source port 16 bits
Destination port 16 bits
Sequence number 32 bits
Acknowledgment number 32 bits
Header length 4 bits -> data offset
Reserved 6 bits -> Reserved for the future
Control Bits 6 bits -> bit codes or flags that indicate the purpose and function of the TCP segment
Windows size 16 bits -> Number of bytes that can be accepted at one time
Checksum 16 bits -> error checking
Urgent 16 bits -> Indicates if data is urgent
UDP Features:
Data reconstructed in the order received
lost segments lost forever
non session tracking
sender not inform about source available
UDP Header(Datagram NOT Segment) 8 bytes:
Source port 16 bits
Destination port 16 bits
Length 16 bits
Checksum 16 bits
Unique identifiers are the PORTS:
Source port is dinamically generated.
Destination port indicates the application i want to interact with on the remote host.
The combination of IP and port is known as "Socket"
Port numbers
0 - 1023 -> Well known ports (Reserved for applications)
1024 - 49151 -> Registered ports ( Assigned by IANA to a requesting entity)
49152 - 65535 -> Dynamic or private ports
TCP handshake:
SYN----->
<--------SYN/ACK
ACK----->
TCP session termination:
FIN ----->
<-------ACK
<-------FIN
ACK------->
The three-way handshake:
-Establishes that the destination device is present on the network
-Verifies that the destination device has an active service and is accepting requests on the destination port number that the initiating client intends to use
-Informs the destination device that the source client intends to establish a communication session on that port number
TCP Flags (Control bits):
SYN: Initiates a connection
ACK: Acknowledges received data
FIN: Closes a connection
RST: Abort a connection when error or timeout occurs.
PSH: Now 'only' used to inform the receiver that there is no data.
URG: Inform that data should be prioritized
Sequence numbers are assigned in the header of each packet.
During session setup it is assigned an ISN (Initial number sequence)
The receiving TCP process places the data from a segment into a receiving buffer. Segments are placed in the proper sequence order and passed to the application layer when reassembled.
Host today support SACK Selective acknowledgment and only corrupted data need to be retransmitted.
To achieve FLOW CONTROL TCP uses a field called window size
MSS - MAximum Segment size
The process of the destination sending acknowledgments as it processes bytes received and the continual adjustment of the source’s send window is known as sliding windows.
If the availability of the destination’s buffer space decreases, it may reduce its window size to inform the source to reduce the number of bytes it should send without receiving an acknowledgment.
Congestion control is achieved by reducing the number of segments sent when not receiving acknowledgments.
UDP has no way to reorder datagrams unlike TCP.
Applications that use TCP:
FTP, HTTP, SMTP,Telnet
Applications that use UDP:
DHCP,DNS,SNMP,TFTP,VoIP,IPTV
Raw
[CCNA 1-2].A Application.txt
################## CHAPTER 10 ######################
3 Layers:
Application
Presentation:
-Formatting the data in a compatible form
-Compressing data in a way that can be decompressed
-Encrypting data for transmission and decrypt upon receive
Session:
-Creates and mantain dialogs
TCP/IP Application protocols
-DNS
-BOOTP
-DHCP
-SMTP: Send mail to server
-POP: Retrieve mail from server
-IMAP :Access mail in a server
-FTP
-TFTP
-HTTP
-HTTPS
Client-Server model: client makes requests and server serves them
Peer-to-peer: P2P Everyone on the network acts as client and server
Common P2P Networks:
eDonkey
G2
BitTorrent
Bitcoin
Most of p2p are based on GNUtella
HTTP:
Three parts of URL:
-Protocol
-Site
-Filename
Message types:
GET: Client request data.
POST: Upload data files to web server such as form data.
PUT: Upload resources like images.
Port 80
For security HTTPS is used (is HTTP encrypted with SSL)
Port 443
SMTP:
Message header and body
Port 25
POP:
Port 110
Downloads email and remove from the server
IMAP:
Downloads copies of emails on the server
DNS:
Type of records:
A - End device ipv4 address
NS - An authoritative name server
AAAA - An end device ipv6 address
MX - A mail exchange record
Windows DNS client command : 'ipconfig /displaydns'
Hierarchy:
When a DNS server receives a request for a name translation that is not within its DNS zone, the DNS server forwards the request to another DNS server within the proper zone for translation.
Top-level domains : e.g. .com .org etc.....
Manual query name servers: command 'nslookup'
DHCP:
When DHCP-configured device boots up or connects to the network it sends DHCPDISCOVER. A DHCP Server replies with a DHCPOFFER.
The client than sends DHCPREQUEST, if the server checks if the IP is still available and returns a DHCPACK to accept or DHCPNAK to refuse. If DHCPNAK -> Restart from DHCPDISCOVER
DHCPv6 has similar set of messages to those shown in the figure for DHCP for IPv4. The DHCPv6 messages are SOLICIT, ADVERTISE, INFORMATION REQUEST, and REPLY
FTP:
First connection on port 21
Data transfer on port 20
The client can pull or push (download or upload)
SMB(Server message block):
Client can accesso resources after authentication as if they were local.
Raw
[CCNA 1-2].B Build a small network.txt
########## CHAPTER 11 ########
Small Network topologies
Factors in small networks:
-Cost
-Speed and type of Ports/Interfaces
-Expandability
-Operating system features and services
Planning and documenting IP addressing is useful (e.g. .50-100 for servers helps in finding server traffic)
Redundanct helps in eliminating single point of failure.
The goal for a good network design, even for a small network, is to enhance the productivity of the employees and minimize network downtime.
To scale a network is required:
Network documentation
Device inventory
Budget
Traffic analysis
To determine traffic flow patterns it is important to capture traffic during peak time utilization and on different network segments.
Threats:
Information theft
Data loss and manipulation
Identity theft
Disruption of service
Physical threats:
Hardware threats - physical damage to network components
Environmental threats - temperature/humidity extremes
Electrical threats
Maintenance threats
Types of malware:
virus
worm
trojan horse
Attacks:
Reconnaissance attack: mapping of systems services and vulnerabilities
Access attacck: unauthorized manipulation of data, system access etc..
Denial of service: disabling or corruption of services etc...
Password attacks
Trust exploitation: (gaining access to a trusted machine to access other machines)
Port redirection:
MITM: Man in the middle
DoS: Denial of service
DDoS: Distributed Denail of service
Backup, Upgrade, Update and Patch
AAA: Authentication, Authorization, Accounting
Firewall:
Packet Filtering - Makes checks based on IP and MAC
Application Filtering - prevent specific applications based on port number
URL Filtering - Prevents or allow access to certain websites
SPI - Stateful Packet inspection
Device security:
Cisco routers have CiscoSecurity: 'auto secure' in configure terminal.
Security practises IOS Commands:
'service password-encryption'
'security passwords min-length [number]' : passwords need to at least [number] long to be accepted
'login block-for [seconds-to-block] attempts [no-of-attempts] within [seconds-within-failed-attempts]'
'exec-timeout [minutes]' : automatically timeouts open connections in VTY, LINE or AUX (depending on where you set it)
Enable SSH:
'enable'
'configure terminal'
'ip domain-name [domain-name]'
'crypto key generate rsa general-keys'
'username [username] secret [password]'
'line [type] [num]' : the line on which activate ssh inbound
'login local'
'transport input ssh': enable inbound SSH
'exit'
IOS Ping:
'ping [target]' : ! indicates receipt of an ICMP echo reply, . time expired, U icmp unreachable
'ping' : in privileged EXEC mode, EXTENDED ping (more functionalities)
'ping ipv6' : EXTENDED ipv6 ping
IOS Traceroute:
'traceroute' : EXTENDED Traceroute
'show cdp neighbors' : shows cisco discovery network protocol neighbors
To disable CDP globally 'no cdp run'
To disable CDP on an interface 'no cdp enable'
'show ip interface brief'
DEBUGGING:
Use debug only to monitor specific problems
'debug ?' will give you a list of debugs possible
'no debug ip icmp' or 'undebug ip icmp'
'undebug all'
While IOS log messages are sent to the console by default, these same log messages are not sent to the virtual lines by default
To display them use 'terminal monitor' , to disable 'terminal no monitor'
A technician should resolve a problem or escalate it if necessary (report to managers).
CDP can easily detect duplex mismatches
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment