1 - Network FUNDAMENTALS - 20%

OSI / TCP Model - Protocols

OSI Model Purpose Data Applications TCP Model
7. Application Establishes resources. Data E-mail 4. Application
6. Presentation De/Encryption & data compression. Data MP3, MP4 "
5. Session Establishes sessions. Data SQL, NFS "
4. Transport Data delivery. Segment TCP/UDP 3. Transport
3. Network Best path to destination. Packet IP/RIP 2. Internet
2. Data Link MAC address/error detection. Frame Frame relay 1. Network Interface
1. Physical Data onto wire. Bits Cables, Fibre "

21 - FTP 22 - SSH 23 - TELNET 25 - SMTP 53 - DNS SERVER 80 - HTTP 110 - POP3 443 - HTTPS
53 - DNS CLIENT 69 - TFTP 67 - DHCP (and 68) 123 - NTP
1918 - Private Addressing* 2460 - IPv6 3022 - NA

Three Tier Hierarchal Design = CORE - DISTRIBUTION - ACCESS
(Provide - Performance, Availability and Scalability)

(Combines Core and Distribution)

Topologies = STAR - MESH - HYBRID
(Hybrid is a combination of 2)


CSMA/CA Carrier Sense Multipla Access wit Collision Avoidance
2.4Ghz Channel 1, 6, 11
5Ghz follow

Cabling Cat5

  Hub Switch Router PC
Hub Crossover Crossover Straight Straight
Switch Crossover Crossover Straight Straight
Router Straight Straight Crossover Crossover
PC Straight Straight Crossover Crossover

Crossover – pin 1 to 3 , pin 2 to 6
Straight – all pins match each side
Rollover – all pins reversed so 1-8, 2-7, etc.

Ethernet 10Mb Fast Ethernet 100Mb Gigabit Ethernet 1000Mb
802.3 802.3u 802.3ab
2 Pairs 2 Pairs 4 Pairs
CAT 3 CAT 5 CAT 5e


300 HOSTS Required
9 Bits needed to make 300 (count R to L) <--
Block Size= 2
Mask =
Slash notation = /23

128 - 64  - 32  - 16  - 8   - 4   - 2   - 1   (Block Size)
128 - 196 - 224 - 240 - 248 - 252 - 254 - 255 (Mask)
/25 - /26 - /27 - /28 - /29 - /30 - /31 - /32 (Slash Notation)

30 NETWORK Required
5 Bits needed to make 30 (count L to R) ----->
Block Size = 8
Mask =
Slash notation =/29

How to work out BlOCK size from Mask
= 16 Block Size
IPV4 Address Class & Range
CLass Range High order bits
A 1 - 126 0
B 128 - 191 10
C 192 - 223 110
D 224 - 239 1110
E 240 - 255 11110

IPv4 Private Address Ranges - - -

Automatic (APIPA) Assigned when PC cannot contact DHCP server. ->

Loopback (ping) ( ->

IPv4 Header

IPv4 address Header

1. Time to Live - Used by Traceroute
2. Source Address
3. Destination Address
4. Protocol - Upper layer protocol i.e TCP


router# show ipv6 route
router# show ipv6 interface brief
router# show ipv6 route static
router# show ipv6 ospf
router# show ipv6 ospf interface brief
router# show ipv6 ospf neighbor

IPv6 Address Types
Unicast - Global / Link Local / Unique Local Multicast - One to multiple devices that are listening. Anycast - One to nearest (can be same IP)

Adress Parts (128 Bits - 8 fields of 16)
[Prefix] [Host ID]


Auto Configuration
Stateless Auto configuration - to follow... State full Auto configuration - to follow...


Find the most efficient Subnet solution - Find 1 x 60 hosts - 2 x 20 hosts - 3 x 2 hosts

2 - SWITCHING Fundamentals - 26%

Ethernet Frame Format

Preamble (8 bytes) Destination (6 bytes) Source (6 bytes) Type (2 bytes) Data (46-1500 bytes) FCS (CRC) (4 bytes)

A runt is a frame which is less than 64 bytes in size and a giant is a frame which is greater than 1518 bytes in size...both are discarded by a switch!

Duplex Mismatch - Collisions

Network is slow... Its common for users to complain that the network is slow!! This can be due to speed and duplex issues on the switch. Switches are set to auto-detect speed and duplex but with 100Mbps switches it is always best to hard code them!

Most of the time auto-detect works fine...if both switch interface and PC network adapter are set to auto-detect. Duplex Mismatch (causes Late Collisions !!!)

Network issues normally lie with 'duplex' where one side is set to full-duplexand the other side set to half duplex - normally where the devices have been unable to auto-detect!!

If a switch interface (100Mbps) fails to auto-detect then it will default to half-duplex!! This has been fixed in 1Gbps switches!!!

This results in slow performance as packets drop and collide with high frequency. This is called a duplex mismatch. It is normally on routers/switcheswhere we need to look at the config. To solve we simply hard code both devices as full duplex. 100Mbps devices -> Hard code them!!

Router, switch, server. 1000Mbps devices -> Auto (leave as auto-detect)

Troubleshooting slow networks
This is normally due to collisionson the network. Here we can see the duplex/speed settings on that interface and confirm that it is set to 100Mbps and full etc. We can also see that the interface is up and packets dropped/collisions!! We should never see collisions!!

Switch# show interface fa0/14 - Collison - this happens within the first 32 bytes (should only occur on hubs in a half-duplex environment).

Late Collision - this happens >32 bytes - this is normally due to a duplex mismatch!! - CRC errors - CRC hash is added to each packet to confirm integrity….this is normally a faulty network cable! Also when there is "excessive noise"!!

Finding devices Ping IP address of device and then do an arp -a command to find out MAC address.

Switch# show mac address-table | mac-address -
If we type ping and press enter we can then specify several other parameters. EG.Protocol, repeat count, timeout period, datagram size. Extended Ping - We can then go to the switch and view the MAC address table

Setting Up a Switch - IP - VLAN's - Trunks

# write erase
# delete flash:vlan.dat
# show flash

SET IP ADDRESS ON SWITCH (config)# interface vlan 1
(config)# no shutdown
(config)# ip address

VLANS (config)# vlan 2 (Create VLAN)
(config-vlan)# name SALES
(config)# interface fa1/0
(config-if)# switchport mode access (Must be access - default is dynamic desirable)
(config-if)# switchport access vlan 2 (Assign interface to VLAN 2)

(config-if)# switchport mode trunk
(config-if)# switchport nonegotiate

Change Native VLAN
(config)# switchport trunk native vlan 99
The Native VLAN is used to send info between switches which is not tagged Eg. Telnet, SSH and CDP traffic. The native VLAN must match on connecting switches.

Configure Voice VLAN
(config-if)# switchport voice vlan 5

Show Commands
# show vlan brief
# show interface fa0/1 switchport
# show mac address-table
# show mac address-table interface fa0/1
# show mac address-table | inc FE5A (To filter through and find port number associated)

Port Security

Setting Up
# switchport mode access (default is dynamic desirable - need to change)
# switchport port security (default is SHUTDOWN & 1 MAC Address)
# switchport portsecurity [mac-address maximum violation] FE12.45E2.88F2
# switchport portsecurity violation [protect restrict shutdown]

Violation Modes
protect = Drops MACS after maximum allowed
restrict = Drops MACS after maximum allowed and logs error
shutdown = Disables the port and logs error

Show Commands
# show port-security interface fa0/1

Notes 2 types of Security 1. Limit Number of MACS 2. Assign Spacific MACS (Can use Sticky)
Mode Port Action Traffic Syslog Violation Counter
Protect Protected Unknown MACs discarded No No
Shutdown Errdisabled Disabled Yes & SNMP Incremented
Restrict Open # of excess MAC traffic denied Yes & SNMP Incremented

Cisco Discovery Protocol (CDP) - LLDP

(config)# no cdp run - (Turn off cdp on entire router)
(config-if)# no cdp enable - (Turn off cdp on interface)
(config)# show cdp neighbor [detail] - (Discover neighbour details including IP)

• Gathers info about nearby connected devices

3 - ROUTING Fundamentals - 25%


DRAM Buffers, routing tables, running config Wiped on power down
ROM Mini OS Rommon mode
FLASH IOS (Compressed)
NVRAM IOS (Expanded) Start up config
Config-register Defines booting process Default value – 0x2102 (0x2142 skips startup config)

ASIC - Application Spacific Integrated Circuit

Acces Lists - ACL's

(config)# access-list [1-99] permit (Standard)
(config)# access-list [100-199] permit tcp host eq 80 (Extended)

(config)# ip access-list [standard extended] MAIL
(config-std-nacl)# deny host
(config-std-nacl)# permit
(config-std-nacl)# permit any eq 80 (extended only)

You can edit and modify NAMED lists
(config)# ip access-list standard MAIL
(config-std-nacl)# 15 deny host

Set the ACL on an interface
(config)# interface fa0/0
(config-if)# access-group 99 [in out]

Set the ACL on an VTY Line
(config-line)# access-class 99 in (Always set it on incoming)

View ACL's # show access-list
# show run inteface fa0/1

1-99 IP - Standard
100-199 IP - Extended
1300-1999 IP Standard (expanded range)
2000-2699 IP Extended (expanded range)

Notes There is an IMPLICIT DENY ALL at the end of each ACL! STANDARD ACL - Filter on SOURCE IP Only STANDARD ACL - Put as close to DESTINATION as possible EXTENDED ACL - Put as close to SOURCE as possible 1 ACL per direction per interface

Work Out the Wild Card Mask -
0 . 0 . 0 .127

Inter VLAN Routing

(config)# interface fa0/0
(config-if)# no shutdown (enable main interface)
(config)# interface fast 0/0.10 (Create a SUB interface)
(config-if)# encapsulation dot1q 10
(config-if)# ip address


(config)# ip nat inside source static

(config)# access-list 1 permit (Build ACL)
(config)# ip nat pool MY_POOL prefix-length 24 (build pool)
(config)# ip nat inside source list 1 pool MY_POOL

(config)# access-list 1 permit (Build ACL)
(config)# ip nat inside source list 1 interface fa0/1 overload

Assign inside and outside to interfaces
(config)# interface fa0/0
(configif)# ip nat inside
(config)# interface fa0/1
(config-if)# ip nat outside


Distance Vector Distance Vector protocols simply use the shortest route (fewest hops) to the destination regardless of the connection speed. Distance Vector protocols simply update the local routing table when updates are received from it's neighbours.

Link State Link State will track the state and connection speed of each link and will choose the fastest route. Link State protocols do require more processing power on the router because of its awareness of connection speeds etc. Link state protocols converge quickly and build topology tables.

RIP Default "Hello" advertising cycle is 30 secs Says hello and tells routers about its routing table every 30 secs...not efficient! Recovery - 90 secs Metric - best path - uses hop count (max 15) - number of routers - not efficient!! Only pro is that all devices support it! Distance Vector protocol Inefficient as it keeps sending full routing table even if there has been no changes! RIPng for IPv6

IGRP Cisco created to replace RIP Now obsolete as "hello" was set to 90 secs and recovery set to 270 secs!! THIS PROTOCOL CAN BE IGNORED!!

OSPF Open Shortest Path First Most popular routing protocol Default hello is 10 secs After initial hello it only says "Hi" to each router instead of the whole routing table...if the routing table changes it will tell the router of the is efficient!! Metric: cost/bandwidth uses fastest speed! 100/bandwidth. Eg. 100/1.44 (Mbps) = 69.4444 Uses the fastest route (which would be the lowest value)!!! Maintains a topology map OSPFv2 for IPv4 OSPFv3 for IPv6

IS-IS Was competitor to OSPF - used for OSI!! OSPF won as it was used for TCP/IP Excellent protocol!! Rarely used...requires expertise!!

EIGRP Very fast protocol…but uncommon. Created by Cisco for Cisco...easy to configure. Metric - can include reliability, MTU, delay on packets.

BGP Border Gateway Protocol Used for the Internet Handles thousands of routes Not for LAN's...used in ISP's

Mixture of Protocols We can use a mixture of each protocol in our network….if a router has learned routes via different protocols then administrative distance is used. This tells us how believable the routing protocol is.

Note When packets go over a serial data link (across a WAN) they do not add the source and destination MAC Address. They use HDLC or PPP. HDLC uses the Type field in a packet so receiving devices can see what is encapsulated.

Frame Re-Write Is where the router strips of the incoming Ethernet Frame (after checking it FSC) and ReWrites the Outgoing Packet with e new Ethernet Header follow


router(config)# router rip
router(config-router)# version 2
router(config-router)# network
router(config-router)# no auto-summary
router(config)# show ip protocols
router(config)# show run | section rip
router(config)# show ip route

Administrative Distances

Directly Connected 0 (Lower is Better)
Static Hop 1
EIGRP Summary 90
OSPF 110
RIP 120


(config)# username martin secret cisco
(config)# enable secret cisco
(config)# hostname testrouter
(config)# ip domain-name
(config)# crypto key generate rsa
# show ssh (shows users that are logged in)
# show ip ssh (shows Configuration)


Configuring a Loopback Interface
Loopback interfaces are very common on Cisco routers as they allow for management, logging and authentication.
They are logical interfaces that are 'always up'.
They are not tied to any physical interface and therefore cannot go down unless they are administratively shutdown.
R1(config)# interface loopback 1
R1(config-if)# ip address A.B.C.D
We can use 'no' command to remove the interface.

4 - Infrastructure SERVICES - 15%

Configure DHCP

(config)# ip dhcp excluded-address (exclude address from global config)
(dhcp-config)# ip dhcp pool POOL_NAME
(dhcp-config)# network
(dhcp-config)# dns-server
(dhcp-config)# domain-name
(dhcp-config)# default-router
(dhcp-config)# lease 1 12 30 (days/hour/minutes)
# show ip dhcp pool
# show ip dhcp binding
DHCP Relay
(config)# ip helper-address


To check to see if it working...
router# ping hostname (see if you get a reply)
router# ping (if ip replies and hostname doesn't possible DNS problem)

NTP - Network Time Protocols - Clock - Timezones

router(config)# ntp server
router# show ntp associations
router# show ntp status

5 - Infrastructure MAINTENANCE - 14%

Router Exec Modes

Router> - User Exec
Router# - Privileged Exec
Router(config)# - Global Config
rommon> - ROM Monitor

VTY lines - Console - Users

Set Up User account
(config)# username martin secret cisco
(config)# hostname switch1
(config)# enable secret cisco
(config)# no ip domain-lookup
Line VTY
(config)# line vty 0 4
(config-line)# login (uses secret password set on next line)
(config-line)# secret cisco
(config-line)# exec-timeout 60
(config-line)# logging synchronus
(config-line)# transport input telnet ssh
Line Console
(config)# line console 0
(config-line)# login local (uses username from router)
(config-line)# no exec-timeout
(config-line)# transport input telnet ssh
Hasshes all Passwords in Running Config
(config)# service password-encryption
Terminal Monitor
# terminal monitor (run from the vty line command prompt)
# terminal no monitor

Password Recovery

0x2102 (default boot mode)
0x2142 (change the 6th bit to by-pass start-up config)

Ping - Extended Ping - Traceroute - Troubleshooting follow

Syslog & Logging follow

Back Up - TFTP - SCP follow

Licensing follow

Banners - MOTD follow


CDP - Cisco Discovery Protocol DTP - Dynamic Trunking Protocol NTP - Network Time Protocol STP - Spanning Tree Protocol VTP - Vlan Trunking Protocol