Ccna PDF

CCNA
Cisco Certified Network Associate
Internetworking
When you connect two or more networks via a router and configure a logical network
addressing scheme with a protocol such as IP.
Collision domain
Collision Domain is a group of Ethernet or Fast Ethernet devices in a LAN that are
connected and complete for access on the network. Only one device in the collision domain may
transmit at any one time, and the other devices in the domain listen to the network in order to
avoid data collisions. A collision domain is sometimes referred to as an Ethernet segment.
Broadcast domain
Broadcast Domain, broadcasting sends a message to everyone on the local network
(subnet). An example for Broadcasting would be DHCP Request from a Client PC.
Data Encapsulation
When a host transmits data across a network to another device is called encapsulation.
CSMA/CD
CSMA/CD stands for Carrier Sense Multiple Access / Collision Detect.

It is used by all NICs in Ethernet networking.
In this method all NICs first sense whether the cable is free or not.
If it is free the request is sent otherwise it waits.
IPv4Addressing
An IP address is a numeric identifier assigned to each machine on an IP network. It
designates the specific location of a device on the network. An IP address is a software address,
not a hardware address.
Sub netting
Converting a big network into many small networks is called sub netting.
V.L.S.M. (Variable Length Subnet Mask)

It allows you to use different masks for each subnet to prevent the wastage of address space.
ROUTERS
Routers are devices that forward data to their appropriate destinations. The router decides the
best possible route that a packet needs to take to reach its destination. The router maintains a
routing table to decide the route for the data.
ROUTER IOS
The Cisco Internetwork Operating System (IOS) is the kernel of Ciscos router and most of
their switches
Cisco IOS software is used to: Carry network protocol and functions.
Connect high-speed traffic between devices.
Add security, control access and stop unauthorized network access.
Promote scalability for network growth and redundancy
Supply network reliability for connecting to network resources
Router ports
AUI
Attachment Unit Interface, it has been supported only 10 MBPS. There is used 15 pin male
connector this is used for 10mbps LAN connectivity.
Ethernet (RJ -45)

10/100 Base Ethernet will be used for LAN connectivity.
AUXAUX (Auxiliary port) its same as console port and can be used in same way. Typically used
by having a modem you use to dial in to the router with, useful for configuring a remote router
you dont have physical access to, if a remote router stops Responding. It can still be accessed if
it has a modem on its auxiliary port.
Console portConnect using a RJ -45 port on the back of the router, cable is wired straight through but
reversed on one side (Rolled cable). Cable connect to RJ -45 to DB-9 Adapter and console port
has no password by default.
ISDN- BRI
This port is used for ISDN connectivity with using BRI interface (Basic Rate Interface). BRI
interface provide remote access through ISDN network and are frequently used as a backup link
for point to point dedicated links in case of primary link failures.
Serial 0Synchronous serial interface used for WAN connectivity.
Bringing up a Router
When we bring up a Cisco router, it will run a power on self test (POST). If it passes it will
then look for and load the Cisco IOS from flash memory if IOS file is present and expands it into
RAM. After then IOS loads and looks for a valid configuration, thats stored in NVRAM.
If no configuration file present, the router will bring up setup mode (a step- by step
process to help you configure a router , it can be run any time by entering setup at the global
configuration, command line prompt).
Router modes
User mode
Router>
The greater than sign at the prompt tells you that you are in user mode. In user mode, you can
only view limited statistics of the router.
Privileged/ EXEC mode

Router> enable
Router#
This mode is use for show commands and some basic configuration just like time setting save.
This mode support testing commands debugging command and commands to manage the router
configuration files.
Global configuration modeRouter# configure terminal

Router (config)#
Entire configuration of router is on this mode and its sub modes. This mode is main mode that
affects the entire system.
Interface mode
Router(config)# interface Ethernet 0 / fast Ethernet 0
Router(config-if)#.
While in global configuration mode we can make changes to individual interface with the
command this enter the interface configuration mode for Ethernet port 0 and changes the
prompt.
Sub interfaces mode

Router(config) # interface Ethernet 0.1
Router(configsub-if)#
In global configuration mode we can create virtual interface.
Some basic commands of router

To show ram memory
Router# show running- config
Show run
To show NVRAM memory

Router# show startupconfig
Show start
To show flash memory

Router# show flash
To write/save RAM memory configuration in NVRAM

Router# write
To show IOS version

Router# show version
To show history
Router # show history (It show 10 commands by default)
To terminal history size

Router # terminal history size 5 (no. of command, maximum 0 to 256, by default 10)
To show date & time

Router# show clock
Router# clock set hh:mm:ss day month year (example 2:34:11 15 mar 2013)
For erase startup or running configuration

Router# erase startupconfig
Router# erase running-config
To set a banner
It is used for banner at starting.
Router (config)# banner MOTD *hello friends* banner has created.
Router # write
For remove banner

Router (config)# no banner motd (Massage Of The Day)
To change router name

Router> enable
Router# config term
Router (config)# hostname cisco
Cisco (config)# no hostname
Router (config)#
In router use NO to remove any type of command
Password setting
Five passwords are used to secure your Cisco router: console, auxiliary, telnet (VTY), enable
password and enable secret. The enable password is used to set password thats used to secure
privileged mode. The other three are used to configure a password when user mode is accessed
through the console port, through the auxiliary port, or via telnet.
Setting the enable password

You use the enable password every time you move from User EXEC mode to Privileged EXEC
mode. Router2>enable
Router2#configure terminal
Router2(config)#enable password mypassword
This command creates an enable password that is stored in your configuration file. To view this
password, show the running configuration using the following command:
Router2>enable
Password:
Router2#show running-config | include enable password
enable password mypassword
The password is stored in plain text in your configuration file, thus anyone who has access to
your configuration file can easily read the password.
Setting the secret password

When you configure both an enable and a secret password, the secret password is the password
that will be used to switch from User Exec mode to Priv Exec mode.
Router>enable
Router#configure terminal
Router(config)#enable password mypassword
Router(config)#enable secret mysecretpassword
To see your enable passwords in your configuration, use the following command:
Router>enable
Password:
Router2#show running-config | include enable
enable secret 5 $1$BSX4$FZp.ZFvYSAGUEDn8dvr140
enable password mypassword
Setting the console password:

Router(config)#line con 0
Router(config-line)# password ccna
Router(config-line)# login
Setting the auxiliary port password:

Router(config)#line aux 0
Setting the Virtual Terminal (Telnet) password:

Router(config)#line vty 0 4
Router interfaces and configuring IP address

For go to any port or interface
Router>enable
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface FastEthernet0/0 or interface serial 0/0 or BRI 0 etc.

Router(config-if)#
For assign IP address

Router>enable
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface FastEthernet0/0
Router(config-if)#ip address 10.0.0.1 255.0.0.0
Now give this IP address as gateway in your PC. And do ping but ping process is not start
because router ports in down process condition.
Router(config-if)#no shutdown (for up the port)
Router(config-if)#exit
Router(config)#exit
Router# show IP interface brief
Now ping process start.
R# show ip interface brief

R# sh ip interface (to display summary of all interface)
R# Sh interface s0/0 (specially interface about serial)
R# sh interface eth 0 (specially about Ethernet)
R# sh user (to show how many users are connected to router)
Router serial cable connector

DCE
Data Communication Equipment
Configuration of DCE
(server side)
R1>en
R1#confi ter
R1(config)#interface serial 1/0
R1(config-if)#ip add 10.0.0.1 255.0.0.0
R1(config-if)#clock rate 64000
R1(config-if)#no shutdown
DTE
Data Terminal Equipment
Configuration
Router>en
Router2#config t
Router2(config)#interface serial 1/0
(client side)
Router2(config-if)#ip add 10.0.0.2 255.0.0.0

Router2(config-if)#no shutdown
The clock rate command establishes a common rate at which the sending and receiving routers
will send data to each other.
IP Routing
Definition
IP routing is the process of transporting data from source to destination on a determined path across two or more
networks.
Static Routing
Static routing occurs when you manually add routes in each router's routing table. There are advantages and
disadvantages to static routing, but that's true for all routing processes.
Static routing has the following advantages:
There is no overhead on the router CPU.

There is no bandwidth usage between routers.
It adds security because the administrator can choose to allow routing access to certain networks only.
Static routing has the following disadvantages:
The administrator must really understand the internetwork and how each router is connected in order to
configure routes correctly.
If a network is added to the internetwork, the administrator has to add a route to it on all routers
manually.
It's not possible in large networks because maintaining it would be a full-time job in itself.
DEFAULT ROUTING
Default route is used when destination is unknown (internet)

Also can be used at end location where there is only one exit path for any destination.
Last preferred route in the routing table.
Default routes help in reducing the size of your routing table.
If the routers do not found an entry for the destination network in a routing table, the router will forward
the packet to its default route.
Configuring default route
Router (conf)# ip route <destination network ID> <destination subnet mask> <next-hop IP address>
Or
Router (conf)# ip route < destination network ID> <destination subnet mask> <exit interface>
On router 1
R1(config)# ip route 0.0.0.0 0.0.0.0 10.0.0.2
On router 2
R2(config)# ip route 192.168.1.0 255.255.255.0 10.0.0.1
R2(config)# ip route 192.168.3.0 255.255.255.0 11.0.0.2
On router 3
R3(config)# ip route 0.0.0.0 0.0.0.0 11.0.0.1
Dynamic routing
Routing protocols were created for routers. These protocols have been designed to allow
the exchange of routing tables, or known networks, between routers. There are a lot of different
routing protocols, each one designed for specific network sizes.
Advantage of dynamic over static:
There is no need to know the destination networks.

Need to advertise the directly connected networks.
Updates the topology changes dynamically.
Administrative work is reduced.
Used for large organizations.
Neighbor routers exchange routing information and build the routing table automatically.
This is easier than using static or default routing.
Types or dynamic routing protocols
Distance vector protocol

Link state protocol
Hybrid protocol
Distance vector
Periodic updates
Class full routing protocol
Full routing tables are
exchanged
Updates are through
broadcast
Example: RIP v1, IGRP
Link state protocol

Incremental updates
Classless routing protocol
Missing rous are exchanged
Hybrid protocol
Incremental updates
Missing routes are exchanged
Updates are though multicast
Updates are though multicast
Example: OSPF
Example: EIGRP, RIP v2
Class full protocols:Class full routing protocols do not carry the subnet mask information along with updates.
That means that all devices in the network must use the same subnet mask. Ex: RIP v1, IGRP.
Classless protocols:Classless routing protocol carry the subnet mask information along with updates thats
why they support sub networks and default networks also. Ex: RIP v2 EIGRP, OSPF.
Administrative Distance
It is the trustworthiness of the information received by the router.

The number is between 0 and 255.
Least value is more preferred.
Default administrative distances are as follows:
o Directly connected = 0
o Static route = 1
o IGRP =100
o OSPF = 110
o RIP = 120
o EIGRP = 90/170
o IS-IS = 115
(RIP) Routing information protocol v1
Open standard protocol

Classful routing protocol
Updates are broadcasted via 255.255.255.255
Administrative distance is 120.
Used for small organizations
Periodic updates and exchange entire routing table for every 30 seconds.
RIP v2
Supports VLSM
Supports authentication
Uses multicast address 224.0.0.9
Advantages of RIP
Easy to configure
No design constraints like OSPF protocol
No complexity
Less overhead
Disadvantage of RIP
Bandwidth utilization is very high as broadcast for every 30 second.
Works only on hop count (not consider the band width)
Not scalable as hop count is only 15
Slow convergence.
Configuring RIP v1
Router(config)# router RIP
Router(config-router)# network <networked>
Configuring RIP v2
Router(config)# router rip
Router(config-router)# version 2
Router(config-router)# network <networked>
Configuration of RIP v2
On router 1
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#network 192.168.1.0
R1(config-router)#end
On router 2
On router 3
Autonomous system number
An autonomous system is a collection of networks under a common administrative
domain.
A unique number identifying the routing domain of the router.
Ranges from 1-65535
Public 1 64512
private 64513 65535
Routing protocol classification
IGP
Interior gateway protocol
Routing protocols used within the same
autonomous system number
All routers will be routing within the same
autonomous boundary
Operate within an autonomous system
Ex : RIP, IGRP, EIGRP, OSPF, IS-IS
EGP
Exterior gateway protocol
Routing protocol used between different
autonomous systems
Routers in different AS need as EGP
Connect different autonomous systems
Ex : Border Gateway Protocol
EIGRP
Enhanced interior gateway routing protocol
EIGRP is a hybrid routing protocol.
Cisco proprietary protocol

Includes all features of IGRP
Administrative distance is 90
Updates are through multicast (224.0.0.10)
Max hop count is 255 (100 by default)
Hello packets are sent every 5 seconds
Convergence rate is fast
Summarization can be done on every router.
EIGRP maintain three table

1. Neighbor table
a. Sh ip eigrp neighbor
2. Topology table
a. Sh ip eigrp topology
3. Routing table
a. Sh ip route
Configuring EIGRP
Router (config)# router eigrp <AS NO>
Router (config-router)# network <network ID>
NOTE:
o EIGRP uses autonomous system numbers to identify the collection of router that share route
information. Only routers that have the same autonomous system numbers share routes.
o AS no should be same on all routers to become neighbors and exchange the routes.
o EIGRP routers that belong to different autonomous systems (ASes) dont automatically share
routing information and they dont become neighbors.
On router 1
R1 (config)# router eigrp 100
R1 (config-router)# network 192.168.1.0
On router 2
On router 3
OSPF
Open Shortest Path First
Unlimited hop count

Administrative distance is 110.
It is a classless routing protocol.
It supports VLSM and CIDR.
Introduces the concept of Areas to easy management and control traffic.
Must have one area called as area 0.
All the areas must connect to area 0.

Scales better than Distance Vector routing protocols.
Updates are sent though multicast address 224.0.0.5
Sends hello packet every 10 seconds.
Routers send only changes in updates and not the entire routing tables in periodic updates.
OSPF maintains three tables:

Neighbor table
#show ip OSPF neighbor
Database table
#sh ip ospf database
Routing table
#show ip route
The following are reasons for creating OSPF in hierarchical design:
To decrease routing overhead
To speed up convergence
To confine network instability to single areas of the network
OSPF networking Hierarchy:
OSPF is hierarchical protocol. It enables better administration and smaller routing tables due to segmentation of
entire network into smaller areas. The following are the important components of OSPF network:
o Areas: An area consists of routers that have been administratively grouped together.
o Area Border Routers: Routers that belong to more than one area called area border routers (ABRs).
o Backbone Area: An OSPF backbone area consists of all routers in area 0, and all area border routers. The
backbone distributes routing information between different areas.
o Autonomous System Boundary Routers (ASBRs): Routers that exchange routing information with
routers in other ASBRs. They advertise externally learned routes throughout the AS.
o Internal routers: are routers whose interfaces all belong to the same area.
o Wild card mask
Tells the router which portion of the bits to match or ignore.
Its the inverse of the subnet mask, hence is also called as inverse mask.
A bit value of 0 indicates MUST MATCH (check bits).
A bit value of 1 indicates IGNORE (ignore bits).
Wild card mask for a host will be always 0.0.0.0
Wildcards are used with the host or network address to tell the router a range of available
addresses to filter.
To specify a host, the address would look like this: 172.16.30.5 0.0.0.0
Configuring OSPF
Router(config)# router ospf <process ID>
Router(config-router)# network <network ID> <wildcard mask> area <area ID>
Dynamic routing using OSPF in single area:-
On router 1
R1(config)# router ospf 1
R1(config-router)# network 192.168.1.0 0.0.0.255 area 0
On router 2
On router 3
Dynamic routing using OSPF multiple area
On router 1
R1 (config)# router ospf 1
R1 (config-router)# network 192.168.1.0 0.0.0.255 area 10
On router 2
On router 3
ACL (Access Control List)
ACL is a set of rules which will allow or deny the specific traffic moving through the router
It is a layer 3 security which controls the flow of traffic from one router to another.
It is also called as Packet Filtering Firewall.
Standard access list

The access list number range is 1-99
Can block a network, host and subnet
All services are blocked.
Implemented closet to the destination.
Filtering is done based on only source IP address
Extended access list

The access list number range is 100-199
Can block a network, host, subnet and service
Selected services can be blocked.
Implemented closet to the source.
Filtering is done based on source IP, destination IP protocol,
port no
IP
TCP
HTTP
TELNE
T
UDP
SMTP
FTP
DNS
TFTP
ICMP
DHCP
NNTP
PING
TRACE
ROUT
If you want for filter by application layer protocol, you have to choose the appropriate layer 4 transport protocol
after the permit or deny statement.
For example to filter Telnet or FTP you choose TCP since both Telnet and FTP use TCP at the transport layer.
Implementing standard access-list
Requirement in this Lab is to

Deny the host 192.168.1.1 communicating with 192.168.2.0
Deny the host 192.168.1.2 communicating with 192.168.2.0
Deny the network 192.168.3.0 communicating with 192.168.2.0
On router 2
Creating the ACL rules according to requirement:
R2 (config)# access-list 15 deny 192.168.1.1 0.0.0.0
R2 (config)# access-list 15 deny host 192.168.1.2
R2 (config)# access-list 15 deny 192.168.3.0 0.0.0.255
R2 (config)# access-list 15 permit any

Implementation:
R2 (config)# interface fast 0/0
R2 (config-if)# ip access-group 15 out
Verification:
R2 #sh access-lists
Restricting Telnet
Allow only the host 192.168.1.1 and 192.168.1.2 to telnet R1 any other host should be
denied of they try to telnet R1.
Remove the ACL which was created the previous lab
R2 (config)# no access-list 15
R2 (config)# no ip access-group 15 out
R2 (config)# end
Creation of ACL which permits only hosts 192.168.1.1 and 192.168.1.2
R1 (config)# access-list 20 permit host 192.168.1.1
R1 (config)# access-list 20 permit host 192.168.1.2
Implementation
R1 (config)# line vty 0 4
R1 (config-line)# password cisco
R1 (config-line)# login
R1 (config-line)# access-class 20 in
R1 (config-line)# end
IMPLEMENTING EXTENDED ACCESS-LIST
Requirement in this LAB is to

Deny the user on LAN 192.168.2.0 should not access 192.168.1.3 http service.
Remaining hosts and services should be permitted.
On router 1
R1 (config)# access-list 145 deny TCP 192.168.2.0 0.0.0.255 host 192.168.1.3 eq www
R1 (config)# access-list 145 deny icmp 192.168.3.2 host 192.168.1.2 echo
R1 (config)# access-list 145 deny icmp 192.168.2.0 0.0.0.255 host 192.168.1.2 echo-reply
R1 (config)# access-list 145 permit ip any any
Implementation:
R1 (config)# ip access-group 145 out
OR
R1 (config)# interface serial 0/0
R1 (config)# ip access-group 145 in
NAT
Network Address Translation
NAT is the method of Translation of private IP address into public IP address. In order to communicate with
internet we must have registered public IP address.
Address translation was originally developed to solve two problems:
1. To handle a shortage of IP v4 addresses.
2. Hide network addressing schemes.
Advantage
Conserves legally regally registered addresses.
Increases flexibility when connecting to internet.
Nat terminology
Inside local address
Inside global address
Outside local address
Outside global address
Types of NAT:1. Static NAT
2. Dynamic NAT
3. PAT
1. Static NAT
o This type of NAT is designed to allow one-to-one mapping between local and global address.
o Keep in mind that the static version requires you to have one real internet IP address for every
host on your networks.
Implementing of static NAT
Configure the following translations
Private IP
Public IP
192.168.1.1
50.1.1.1
192.168.1.2
50.1.1.2
192.168.1.3
50.1.1.3
R1(config)# ip route 0.0.0.0 0.0.0.0 100.1.1.2

ISP(config) ip route 0.0.0.0 0.0.0.0 100.1.1.1
Configuring static NAT
R1(config)# ip nat inside source static 192.168.1.1 50.1.1.1
Implementation
R1(config)# interface fast0/0
R1(config)#ip nat inside
R1(config)#exit
R1(config)#interface s 1/0
R1(config)#ip nat outside
To show translation
R1#show ip nat translation
To remove static nat
R1(config)# no ip nat inside source static 192.168.1.1 50.1.1.1
Dynamic NAT
This version gives you the ability to map an unregistered IP address to a registered IP address from out
of a pool of registered IP addresses.
We dont have to statically configure your router to map an inside to an outside address as you would
use static NAT, but you have to enough real IP addresses for everyone.
Implementing of dynamic NAT

Implement dynamic NAT and make sure that the inside LAN users (192.168.1.0/24) get translated to
public IP with the range of 50.1.1.1 50.1.1.5/29
Configuring DYNAMIC NAT
R1(config)# access-list 55 permit 192.168.1.0 0.0.0.255
R1(config)#ip nat pool CCNA 50.1.1.1 50.1.1.5 netmask 255.255.255.248
R1(config)# ip nat inside source list 55 pool CCNA
Implementation
R1(config)#exit
To show translation
To remove static nat
R1(config)# no ip nat inside source list 55
R1(config)# no ip nat pool CCNA
R1(config)# no access-list 55
Dynamic NAT overload / PAT

This is the most popular type of NAT configuration.
It is also known as Ports Address Translation (PAT) and by using PAT we get to have thousands of users
connect to the internet using only one real global IP address.
Implementing of dynamic NAT overload:Implement PAT make sure that the inside LAN users get translated to single public IP 50.1.1.1/29.
Configuring PAT
R1(config)# access-list 55 permit 192.168.1.0 0.0.0.255
R1(config)#ip nat pool CCNA 50.1.1.1 50.1.1.1 netmask 255.255.255.252
R1(config)# ip nat inside source list 55 pool CCNA overload
Implementation
R1(config)#exit
To show translation
SWITCHING
It is Data link layer device (layer 2).

It is an intelligent device.
It works with physical addresses (MAC addresses)
It uses broadcast and unicast
It works with fixed bandwidth.
It has 1 broadcast domain and many collision domains.
It maintains a MAC address table.
It takes decision based on MAC table.
There are two types of switches:1. Unmanageable switches

2. Manageable switches
Cisco divided the switches into 3 layers
1. Access layer switches switches series: 1900 & 2900
2. Distribution layer switches switches series: 3550 & 3560
3. Core layer switches switches series: 4500 & 6500
Initial configuration of a switch

Connect one end of console cable to console port of switch and other end of cable to your computers com port.
Now open hyper terminal and power on the switch.
To assign telnet password
Switch (config)# line vty 0 4
Switch (config)# password (*******)
Switch (config)# login
To assign ip address
Switch (config)#interface vlan 1
Switch (config)#ip address <ip address> < subnet mask>
Virtual LAN
It is layer 2 security.
Divides a single broadcast domain into multiple broadcast domains.
All ports of the switch are in VLAN 1. That is known as administrative or management VLAN
VLAN can be created from 2 1001
Two types of VLAN configuration:
1. Static VLAN
2. Dynamic VLAN
Static VLAN
Static VLANs are based on port numbers
Need to manually assign a port on a switch to a VLAN.
Also called Port-based VLANs.
one port can be a member of only one VLAN.
Creation of VLAN
Switch (config)# VLAN 2
Switch (config)# name sales

Switch (config)# exit
OR
Switch # VLAN database
Switch # VLAN 3 name sales
Switch (config)# exit
Assigning ports in VLAN
Switch (config)# interface fast0/0
Switch (config)# switchport mode access
Switch (config)# switchport access VLAN 2
OR
Switch (config)# interface range fa0/1 5, f0/12
Switch (config)# switchport mode access
Switch (config)# switchport access VLAN 3
Dynamic LAN
Dynamic VLANs are based on the MAC address of a PC.
Switch automatically assigns the port to a VLAN.
Each port can be a member of multiple VLANs.
Types of links/ports
1. Access links
a. This type of links is only part of one Vlan and its referred to as the native VLAN of the port.
b. Any attached to an access link is just assumes its part of a broadcast domain but it has no
understanding of the physical network.
c. Switches remove any VLAN information from the frame before its sent to an access link device.
2. Trunk links
a. Trunk can carry multiple VLANs traffic.
b. A trunk link is a point-to-point link between two switches, between a switch and router or a
switch and server.
There are two types of protocols are used for trunking:

1. Inter Switch link (ISL)
2. IEEE 802.1q
ISL
IEEE 802.1q
It is a Cisco proprietary
Open standard protocol
It works with Ethernet, token ring
It works only on Ethernet
It adds 30 bytes is tag
Only 4 byte tag
TRUNKING
On switch 1
Switch 1(config)# VLAN 10
Switch 1(config-vlan)# name sales
Switch 1(config-vlan)# exit
Switch 1(config)# interface range fast0/1-2
Switch 1(config-if-range)# switchport mode access
Switch 1(config-if-range)# switchport access VLAN 10
Switch 1(config-if-range)#exit

Switch 1(config-vlan)# name accounts
Switch 1(config-if-range)#control+Z
Switch 1#sh vlan
On switch 2
Switch 2(config-vlan)# name sales

Switch 2(config-if-range)#exit

Switch 2(config-vlan)# name accounts
Switch 2(config-if-range)#control+Z
Switch 2#sh vlan
Configure trunking
On switch 1
Switch 1(config)# interface fast0/20
Switch 1(config-if)#switchport mode trunk
Switch 1(config-if)#switchport trunk encapsulation dot1q
And on switch 2
Switch 2(config-if)#switchport mode trunk
Switch 2(config-if)#switchport trunk encapsulation dot1q
Switch 2#sh interfaces trunk
Now configure the trunk link such that it only allow the Vlan 10, 20, 30 traffic should only be allowed, no other
valn traffic should be send.
On both switches
Switch 2(config-if)#switchport trunk allowed vlan 10, 20, 30
Configure the trunk link f0/20 to remove vlan 20, 30 to the existing trunk allowed list
Switch 2(config-if)#switchport trunk remove vlan 20, 30
VLAN TRUNKING PROTOCOL

(VTP)
VTP is a Cisco proprietary protocol

Used to share the vlan configurations with multiple switches.
Information will be passed only if switches connected with fast Ethernet or higher ports.
VTP allows an administrator to add, delete and rename VLANs information.
VTP modes are of three types:

1. Server mode
o A switch configured in server mode can add, modify and delete Vlans.
o A default VTP mode for all switches.
2. Client mode
o
o
A switch configured in client mode cannot add, modify and delete its VLAN configurations.
Doesnt store its VLAN configuration information in the NVRAM.
3. Transparent mode
o
o
A switch configured in a transparent mode can add, modify and Delete VLAN configurations.
Changes in one transparent switch will not affect any other switch.
Benefits of VLAN Trunking Protocol (VTP)
Consistent VLAN configuration across all switches in the network.

Accurate tracking and monitoring of VLANs
Dynamic reporting of added VLANs to all switches in the VTP domain.
VTP configuration
Trunking has to be enabled (VTP advertisements are send only on trunk ports)
On switch 1 (server)
Sw1 (config)# interface fa0/20

Sw1(config-if)#switchport mode trunk
Sw1 (config-if)#switchport trunk encapsulation dot1q
On SW2 (transparent)
Sw2 (config)# inter range fa0/20 - 21
Sw2 (config-if)# switchport mode trunk
Sw2 (config-if)# switchport trunk encapsulation dot1q
On SW3 (client)
Sw3 (config)# inter fa0/21
Sw3 (config-if)# switchport mode trunk
Sw3 (config-if)# switchport trunk encapsulation dot1q
Now configure VTP on all switches
Sw1 (config)# vtp domain CCNA
Sw1 (config)# vtp password cisco
Sw1 (config)# vtp mode server
# vtp version 2
# exit
SW2
Sw2 (config)# vtp mode transparent
# vtp version 2
# exit
SW3
Sw3 (config)# vtp mode client
# vtp version 2
# exit
Switch# sh vtp status
Switch# sh vtp password
Switch# sh interface trunk
Now create VLANs on server switch and verify on client and transparent switch
Switch 1# VLAN database
Switch 1# VLAN 10 name sales
Switch 1# VLAN 20
Switch 1# VLAN 30
Switch 1# VLAN 40
Switch 1# exit
Switch 1# sh vlan
Switch 3# sh VLAN
Switch 2#sh VLAN
Inter VLAN Routing using router
Steps:
1. Create vlan and shift the ports.
2. Configure on switch f0/20 as trunk port.
And now creating sub interfaces on router
R(config)# int f0/0
R(config-if)#no shut
R(config-if)#exit
R(config)#int f0/0.10
R(config-sub-if)#encapsulation dot1q 10
R(config-sub-if)#ip add 192.168.1.100 255.255.255.0
R(config-sub-if)#exit
R(config-if)#int f0/0.20
R(config-sub-if)#encapsulation dot1q 20
R(config-sub-if)#ip add 192.168.2.100 255.255.255.0
R# sh ip inter brief

Ccna PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ccna PDF

Uploaded by

Copyright:

Available Formats

CCNA

Cisco Certified Network Associate

CSMA/CD stands for Carrier Sense Multiple Access / Collision Detect.

V.L.S.M. (Variable Length Subnet Mask)

Ethernet (RJ -45)

Serial 0Synchronous serial interface used for WAN connectivity.

Privileged/ EXEC mode

Global configuration modeRouter# configure terminal

Sub interfaces mode

Some basic commands of router

To show NVRAM memory

To show flash memory

To write/save RAM memory configuration in NVRAM

To show IOS version

To terminal history size

To show date & time

For erase startup or running configuration

For remove banner

To change router name

Setting the enable password

Setting the secret password

Setting the console password:

Setting the auxiliary port password:

Setting the Virtual Terminal (Telnet) password:

Router interfaces and configuring IP address

Router(config)#interface FastEthernet0/0 or interface serial 0/0 or BRI 0 etc.

For assign IP address

R# show ip interface brief

Router serial cable connector

Router2(config-if)#ip add 10.0.0.2 255.0.0.0

There is no overhead on the router CPU.

Static routing has the following disadvantages:

Default route is used when destination is unknown (internet)

Last preferred route in the routing table.

Default routes help in reducing the size of your routing table.

Configuring default route

Advantage of dynamic over static:

There is no need to know the destination networks.

Types or dynamic routing protocols

Distance vector protocol

Link state protocol

Updates are though multicast

Updates are though multicast

Example: EIGRP, RIP v2

It is the trustworthiness of the information received by the router.

(RIP) Routing information protocol v1

Open standard protocol

Classless routing protocol

Cisco proprietary protocol

Includes all features of IGRP

Updates are through multicast (224.0.0.10)

Max hop count is 255 (100 by default)

Hello packets are sent every 5 seconds

Convergence rate is fast

Summarization can be done on every router.

EIGRP maintain three table

Unlimited hop count

All the areas must connect to area 0.

OSPF maintains three tables:

Dynamic routing using OSPF multiple area

ACL (Access Control List)

Standard access list

Extended access list