TOP

Martin Carr.com

1 - Network FUNDAMENTALS - 20%

OSI / TCP Model - Protocols

OSI Model Purpose Data Applications TCP Model
7. Application Establishes resources. Data E-mail 4. Application
6. Presentation De/Encryption & data compression. Data MP3, MP4 "
5. Session Establishes sessions. Data SQL, NFS "
4. Transport Data delivery. Segment TCP/UDP 3. Transport
3. Network Best path to destination. Packet IP/RIP 2. Internet
2. Data Link MAC address/error detection. Frame Frame relay 1. Network Interface
1. Physical Data onto wire. Bits Cables, Fibre "

PORT NUMBERS
TCP:
21 - FTP 22 - SSH 23 - TELNET 25 - SMTP 53 - DNS SERVER 80 - HTTP 110 - POP3 443 - HTTPS
UDP:
53 - DNS CLIENT 69 - TFTP 67 - DHCP (and 68) 123 - NTP
RFC's:
1918 - Private Addressing* 2460 - IPv6 3022 - NA

Three Tier Hierarchal Design = CORE - DISTRIBUTION - ACCESS
(Provide - Performance, Availability and Scalability)

Collapsed Core = CORE/DISTRIBUTION - ACCESS
(Combines Core and Distribution)

Topologies = STAR - MESH - HYBRID
(Hybrid is a combination of 2)

Wireless

CSMA/CA Carrier Sense Multipla Access wit Collision Avoidance
2.4Ghz Channel 1, 6, 11
5Ghz ...to follow

Cabling Cat5

  Hub Switch Router PC
Hub Crossover Crossover Straight Straight
Switch Crossover Crossover Straight Straight
Router Straight Straight Crossover Crossover
PC Straight Straight Crossover Crossover

Crossover – pin 1 to 3 , pin 2 to 6
Straight – all pins match each side
Rollover – all pins reversed so 1-8, 2-7, etc.

Ethernet 10Mb Fast Ethernet 100Mb Gigabit Ethernet 1000Mb
802.3 802.3u 802.3ab
2 Pairs 2 Pairs 4 Pairs
CAT 3 CAT 5 CAT 5e

IPv4

SUBNETTING...
300 HOSTS Required
9 Bits needed to make 300 (count R to L) <--
Block Size= 2
Mask = 255.255.254.0
Slash notation = /23

128 - 64  - 32  - 16  - 8   - 4   - 2   - 1   (Block Size)
128 - 196 - 224 - 240 - 248 - 252 - 254 - 255 (Mask)
/25 - /26 - /27 - /28 - /29 - /30 - /31 - /32 (Slash Notation)

30 NETWORK Required
5 Bits needed to make 30 (count L to R) ----->
Block Size = 8
Mask = 255.255.255.248
Slash notation =/29

How to work out BlOCK size from Mask
256
- 255.255.240.0
= 16 Block Size
IPV4 Address Class & Range
CLass Range High order bits
A 1 - 126 0
B 128 - 191 10
C 192 - 223 110
D 224 - 239 1110
E 240 - 255 11110

IPv4 Private Address Ranges
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.16.255.255
192.168.0.0 - 192.168.255.255

Automatic (APIPA) Assigned when PC cannot contact DHCP server.
169.254.0.0 -> 169.254.255.255

Loopback (ping) (127.0.0.1)
127.0.0.0 -> 127.255.255.255

IPv4 Header

IPv4 address Header

1. Time to Live - Used by Traceroute
2. Source Address
3. Destination Address
4. Protocol - Upper layer protocol i.e TCP

IPv6

router# show ipv6 route
router# show ipv6 interface brief
router# show ipv6 route static
router# show ipv6 ospf
router# show ipv6 ospf interface brief
router# show ipv6 ospf neighbor


IPv6 Address Types
Unicast - Global / Link Local / Unique Local Multicast - One to multiple devices that are listening. Anycast - One to nearest (can be same IP)


Adress Parts (128 Bits - 8 fields of 16)
[Prefix] [Host ID]


EUI64


Auto Configuration
Stateless Auto configuration - to follow... State full Auto configuration - to follow...

VLSM

Find the most efficient Subnet solution
192.168.1.0 - Find 1 x 60 hosts - 2 x 20 hosts - 3 x 2 hosts

2 - SWITCHING Fundamentals - 26%

Ethernet Frame Format

Preamble (8 bytes) Destination (6 bytes) Source (6 bytes) Type (2 bytes) Data (46-1500 bytes) FCS (CRC) (4 bytes)

A runt is a frame which is less than 64 bytes in size and a giant is a frame which is greater than 1518 bytes in size...both are discarded by a switch!

Duplex Mismatch - Collisions

Network is slow... Its common for users to complain that the network is slow!! This can be due to speed and duplex issues on the switch. Switches are set to auto-detect speed and duplex but with 100Mbps switches it is always best to hard code them!

Most of the time auto-detect works fine...if both switch interface and PC network adapter are set to auto-detect. Duplex Mismatch (causes Late Collisions !!!)

Network issues normally lie with 'duplex' where one side is set to full-duplexand the other side set to half duplex - normally where the devices have been unable to auto-detect!!

If a switch interface (100Mbps) fails to auto-detect then it will default to half-duplex!! This has been fixed in 1Gbps switches!!!

This results in slow performance as packets drop and collide with high frequency. This is called a duplex mismatch. It is normally on routers/switcheswhere we need to look at the config. To solve we simply hard code both devices as full duplex. 100Mbps devices -> Hard code them!!

Router, switch, server. 1000Mbps devices -> Auto (leave as auto-detect)

Troubleshooting slow networks
This is normally due to collisionson the network. Here we can see the duplex/speed settings on that interface and confirm that it is set to 100Mbps and full etc. We can also see that the interface is up and packets dropped/collisions!! We should never see collisions!!

Switch# show interface fa0/14 - Collison - this happens within the first 32 bytes (should only occur on hubs in a half-duplex environment).

Late Collision - this happens >32 bytes - this is normally due to a duplex mismatch!! - CRC errors - CRC hash is added to each packet to confirm integrity….this is normally a faulty network cable! Also when there is "excessive noise"!!

Finding devices Ping IP address of device and then do an arp -a command to find out MAC address.

Switch# show mac address-table | mac-address -
If we type ping and press enter we can then specify several other parameters. EG.Protocol, repeat count, timeout period, datagram size. Extended Ping - We can then go to the switch and view the MAC address table

Setting Up a Switch - IP - VLAN's - Trunks

RESET SWITCH
# write erase
# delete flash:vlan.dat
# show flash

SET IP ADDRESS ON SWITCH (config)# interface vlan 1
(config)# no shutdown
(config)# ip address 10.0.0.1 255.0.0.0

VLANS (config)# vlan 2 (Create VLAN)
(config-vlan)# name SALES
(config)# interface fa1/0
(config-if)# switchport mode access (Must be access - default is dynamic desirable)
(config-if)# switchport access vlan 2 (Assign interface to VLAN 2)

TRUNKS
(config-if)# switchport mode trunk
(config-if)# switchport nonegotiate

Change Native VLAN
(config)# switchport trunk native vlan 99
The Native VLAN is used to send info between switches which is not tagged Eg. Telnet, SSH and CDP traffic. The native VLAN must match on connecting switches.

Configure Voice VLAN
(config-if)# switchport voice vlan 5

Show Commands
# show vlan brief
# show interface fa0/1 switchport
# show mac address-table
# show mac address-table interface fa0/1
# show mac address-table | inc FE5A (To filter through and find port number associated)

Port Security

Setting Up
# switchport mode access (default is dynamic desirable - need to change)
# switchport port security (default is SHUTDOWN & 1 MAC Address)
# switchport portsecurity [mac-address maximum violation] FE12.45E2.88F2
# switchport portsecurity violation [protect restrict shutdown]

Violation Modes
protect = Drops MACS after maximum allowed
restrict = Drops MACS after maximum allowed and logs error
shutdown = Disables the port and logs error

Show Commands
# show port-security interface fa0/1

Notes 2 types of Security 1. Limit Number of MACS 2. Assign Spacific MACS (Can use Sticky)
Mode Port Action Traffic Syslog Violation Counter
Protect Protected Unknown MACs discarded No No
Shutdown Errdisabled Disabled Yes & SNMP Incremented
Restrict Open # of excess MAC traffic denied Yes & SNMP Incremented

Cisco Discovery Protocol (CDP) - LLDP

(config)# no cdp run - (Turn off cdp on entire router)
(config-if)# no cdp enable - (Turn off cdp on interface)
(config)# show cdp neighbor [detail] - (Discover neighbour details including IP)

• Gathers info about nearby connected devices

3 - ROUTING Fundamentals - 25%

ROM, FLASH, NVRAM

DRAM Buffers, routing tables, running config Wiped on power down
ROM Mini OS Rommon mode
FLASH IOS (Compressed)
NVRAM IOS (Expanded) Start up config
Config-register Defines booting process Default value – 0x2102 (0x2142 skips startup config)

ASIC - Application Spacific Integrated Circuit

Acces Lists - ACL's

NORMAL ACL's
(config)# access-list [1-99] permit 192.168.1.0 0.0.0.255 (Standard)
(config)# access-list [100-199] permit tcp host 192.168.1.1 eq 80 (Extended)

NAMED ACL's
(config)# ip access-list [standard extended] MAIL
(config-std-nacl)# deny host 10.1.1.15
(config-std-nacl)# permit 192.168.0.0 0.0.0.255
(config-std-nacl)# permit any eq 80 (extended only)

You can edit and modify NAMED lists
(config)# ip access-list standard MAIL
(config-std-nacl)# 15 deny host 10.1.1.22

Set the ACL on an interface
(config)# interface fa0/0
(config-if)# access-group 99 [in out]

Set the ACL on an VTY Line
(config-line)# access-class 99 in (Always set it on incoming)

View ACL's # show access-list
# show run inteface fa0/1

Ranges
1-99 IP - Standard
100-199 IP - Extended
1300-1999 IP Standard (expanded range)
2000-2699 IP Extended (expanded range)

Notes There is an IMPLICIT DENY ALL at the end of each ACL! STANDARD ACL - Filter on SOURCE IP Only STANDARD ACL - Put as close to DESTINATION as possible EXTENDED ACL - Put as close to SOURCE as possible 1 ACL per direction per interface

Work Out the Wild Card Mask
255.255.255.255
255.255.255.128 -
---------------
0 . 0 . 0 .127

Inter VLAN Routing

(config)# interface fa0/0
(config-if)# no shutdown (enable main interface)
(config)# interface fast 0/0.10 (Create a SUB interface)
(config-if)# encapsulation dot1q 10
(config-if)# ip address 10.1.1.1 255.0.0.0

NAT

STATIC (ONE to ONE)
(config)# ip nat inside source static 192.168.1.1 200.1.1.1

DYNAMIC (MANY to POOL)
(config)# access-list 1 permit 192.168.1.0 0.0.0.255 (Build ACL)
(config)# ip nat pool MY_POOL 200.1.1.1 200.1.1.10 prefix-length 24 (build pool)
(config)# ip nat inside source list 1 pool MY_POOL

PAT
(config)# access-list 1 permit 192.168.1.0 0.0.0.255 (Build ACL)
(config)# ip nat inside source list 1 interface fa0/1 overload

Assign inside and outside to interfaces
(config)# interface fa0/0
(configif)# ip nat inside
(config)# interface fa0/1
(config-if)# ip nat outside

Routing

Distance Vector Distance Vector protocols simply use the shortest route (fewest hops) to the destination regardless of the connection speed. Distance Vector protocols simply update the local routing table when updates are received from it's neighbours.

Link State Link State will track the state and connection speed of each link and will choose the fastest route. Link State protocols do require more processing power on the router because of its awareness of connection speeds etc. Link state protocols converge quickly and build topology tables.

RIP Default "Hello" advertising cycle is 30 secs Says hello and tells routers about its routing table every 30 secs...not efficient! Recovery - 90 secs Metric - best path - uses hop count (max 15) - number of routers - not efficient!! Only pro is that all devices support it! Distance Vector protocol Inefficient as it keeps sending full routing table even if there has been no changes! RIPng for IPv6

IGRP Cisco created to replace RIP Now obsolete as "hello" was set to 90 secs and recovery set to 270 secs!! THIS PROTOCOL CAN BE IGNORED!!

OSPF Open Shortest Path First Most popular routing protocol Default hello is 10 secs After initial hello it only says "Hi" to each router instead of the whole routing table...if the routing table changes it will tell the router of the change...it is efficient!! Metric: cost/bandwidth uses fastest speed! 100/bandwidth. Eg. 100/1.44 (Mbps) = 69.4444 Uses the fastest route (which would be the lowest value)!!! Maintains a topology map OSPFv2 for IPv4 OSPFv3 for IPv6

IS-IS Was competitor to OSPF - used for OSI!! OSPF won as it was used for TCP/IP Excellent protocol!! Rarely used...requires expertise!!

EIGRP Very fast protocol…but uncommon. Created by Cisco for Cisco...easy to configure. Metric - can include reliability, MTU, delay on packets.

BGP Border Gateway Protocol Used for the Internet Handles thousands of routes Not for LAN's...used in ISP's

Mixture of Protocols We can use a mixture of each protocol in our network….if a router has learned routes via different protocols then administrative distance is used. This tells us how believable the routing protocol is.

Note When packets go over a serial data link (across a WAN) they do not add the source and destination MAC Address. They use HDLC or PPP. HDLC uses the Type field in a packet so receiving devices can see what is encapsulated.

Frame Re-Write Is where the router strips of the incoming Ethernet Frame (after checking it FSC) and ReWrites the Outgoing Packet with e new Ethernet Header ...to follow

RIPv2

router(config)# router rip
router(config-router)# version 2
router(config-router)# network 192.168.20.0
router(config-router)# no auto-summary
router(config)# show ip protocols
router(config)# show run | section rip
router(config)# show ip route

Administrative Distances

Directly Connected 0 (Lower is Better)
Static Hop 1
EIGRP Summary 90
OSPF 110
RIP 120

SSH

(config)# username martin secret cisco
(config)# enable secret cisco
(config)# hostname testrouter
(config)# ip domain-name testrouter.com
(config)# crypto key generate rsa
# show ssh (shows users that are logged in)
# show ip ssh (shows Configuration)

Loopback

Configuring a Loopback Interface
Loopback interfaces are very common on Cisco routers as they allow for management, logging and authentication.
They are logical interfaces that are 'always up'.
They are not tied to any physical interface and therefore cannot go down unless they are administratively shutdown.
R1(config)# interface loopback 1
R1(config-if)# ip address A.B.C.D 255.255.255.0
We can use 'no' command to remove the interface.

4 - Infrastructure SERVICES - 15%

Configure DHCP

(config)# ip dhcp excluded-address 10.0.0.50 10.0.0.100 (exclude address from global config)
(dhcp-config)# ip dhcp pool POOL_NAME
(dhcp-config)# network 10.0.0.0 255.0.0.0
(dhcp-config)# dns-server 4.4.8.8 8.8.8.8
(dhcp-config)# domain-name mydomain.com
(dhcp-config)# default-router 10.0.0.1
(dhcp-config)# lease 1 12 30 (days/hour/minutes)
# show ip dhcp pool
# show ip dhcp binding
DHCP Relay
(config)# ip helper-address 10.0.0.1

DNS

To check to see if it working...
router# ping hostname (see if you get a reply)
router# ping 81.23.54.112 (if ip replies and hostname doesn't possible DNS problem)

NTP - Network Time Protocols - Clock - Timezones

router(config)# ntp server 10.0.0.1
router# show ntp associations
router# show ntp status

5 - Infrastructure MAINTENANCE - 14%

Router Exec Modes

Router> - User Exec
Router# - Privileged Exec
Router(config)# - Global Config
rommon> - ROM Monitor

VTY lines - Console - Users

Set Up User account
(config)# username martin secret cisco
(config)# hostname switch1
(config)# enable secret cisco
(config)# no ip domain-lookup
Line VTY
(config)# line vty 0 4
(config-line)# login (uses secret password set on next line)
(config-line)# secret cisco
(config-line)# exec-timeout 60
(config-line)# logging synchronus
(config-line)# transport input telnet ssh
Line Console
(config)# line console 0
(config-line)# login local (uses username from router)
(config-line)# no exec-timeout
(config-line)# transport input telnet ssh
Hasshes all Passwords in Running Config
(config)# service password-encryption
Terminal Monitor
# terminal monitor (run from the vty line command prompt)
# terminal no monitor

Password Recovery

0x2102 (default boot mode)
0x2142 (change the 6th bit to by-pass start-up config)

Ping - Extended Ping - Traceroute - Troubleshooting

...to follow

Syslog & Logging

...to follow

Back Up - TFTP - SCP

...to follow

Licensing

...to follow

Banners - MOTD

...to follow

Abreviations...

CDP - Cisco Discovery Protocol DTP - Dynamic Trunking Protocol NTP - Network Time Protocol STP - Spanning Tree Protocol VTP - Vlan Trunking Protocol