0% found this document useful (0 votes)

83 views

Ccent: Cisco Certified Entry Networking Technician

Uploaded by

Selva Kumar

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

83 views

Ccent: Cisco Certified Entry Networking Technician

Uploaded by

Selva Kumar

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 135

CCENT

Cisco Certified Entry Networking Technician

(Interconnecting Cisco Networking Devices Part 1)

Train Signal, Inc., 2002-2007

Introduction to CCENT

Train Signal, Inc., 2002-2007

Introduction to Networking And The Networking Models Ethernet and CSMA/CD Switching Switch (and Router) Commands IP Addressing and The Routing Process Basic Network Protocols Memory, Config Files, and More Basic Commands Wireless LANs Binary and Subnetting Static Routing and RIP Wide Area Networks (WANs) Troubleshooting Basic Network Security
Train Signal, Inc., 2002-2007

Your Instructor: Chris Bryant, CCIE #12933 Earned my CCIE on February 26, 2004 Founded The Bryant Advantage in June of that year. My Video Boot Camps and other study materials place an emphasis on clearly explained theory and plenty of work on REAL CISCO routers and switches. Visit the website: www.thebryantadvantage.com
Train Signal, Inc., 2002-2007

Exam Prep Tips:

Take your time and master the material. If possible, practice the commands on real Cisco routers and switches. Do not practice debugs on a production network on any time. Get plenty of rest the day before exam. By that time, the die is cast. Dont cram for the exam. Prepare.
Train Signal, Inc., 2002-2007

Video 1 Introduction to Networking and the Networking Models

Train Signal, Inc., 2002-2007

Intro to Networking and the Networking Models

What is A Network The OSI Model The Data Transmission Process The TCP/IP Model Why Use Networking Models? TCP And UDP Ports, Sockets, and Port Numbers
Train Signal, Inc., 2002-2007

When you break networking down into the simplest concept possible, this what we have:
We need to get data from one point to another in the most effective manner possible.

Train Signal, Inc., 2002-2007

We build networks to allow devices such as the ones you see here to communicate with each other, and as different devices are added to the network, this communication becomes more challenging to allow. And it's not just allowing communication that's challenging there are communications that we do not want to allow as well. Perhaps we only want one of those PCs to have access to the e-commerce server, and we don't want any other PCs to even know about that server. We also have to be wary of intruder attacks, because there are all kinds of bad guys who want to get into our network, and we've got to keep them out!

Train Signal, Inc., 2002-2007

The thought of learning all of this can be intimidating at first. Having worked my way from entry-level certifications all the way to the CCIE, and having taught thousands of CCNAs and CCNPs worldwide, I can tell you that the key to networking success in both the exam room and working with real-world networks can be summed up in five words:
Train Signal, Inc., 2002-2007

Know And Understand The Fundamentals

Nothing fancy, right? Right! Learning and understanding the fundamentals of networking are what this course is all about. Most of you will go on to more advanced studies, and that's great - because in this business, we're always learning new skills. The key to mastering intermediate and advanced networking is to master the fundamentals because if you don't understand how networks operate, you can't fix them!
Train Signal, Inc., 2002-2007

Why Are These Models Important?

When it comes to the OSI and TCP/IP networking models, a common question is "Beyond passing the exam, why do I have to learn this?" I freely admit that I had that thought more than once when I began studying networking. It's particularly tough because this is usually the first material presented to networking students, and to be frank, it's not as exciting as configuring routers and switches.

Train Signal, Inc., 2002-2007

I can tell you from personal experience that you are going to use the material in this chapter throughout your networking career, so it's not just something that you have to learn to pass the CCENT and CCNA exams. I've personally found networking models to be helpful in developing an effective troubleshooting process, and I'll talk more about that in the Troubleshooting section of this course. I just want to let you know that this really is useful information, not just something to memorize.
Train Signal, Inc., 2002-2007

The Application Layer

This is the layer where the end users themselves interact with the network. Authentication services also run at Layer 7, but encryption runs at the next layer down. The Application layer ensures that the remote communication partner is available, that the needed communication resources exist (a modem, for example), and that both ends of the communication agree on procedures involving data integrity, privacy, and error recovery.
Train Signal, Inc., 2002-2007

When trying to decide if a protocol is an Application layer protocol, just remember that protocols that require the end user to enter a request are Application layer protocols. Firewalls, devices intended to keep network intruders out, operate at L7. Protocols and services that run at L7 include:
Email protocols SMTP and POP3 Telnet HTTP File Transfer Protocol (FTP) Simple Network Management Protocol (SNMP)
Train Signal, Inc., 2002-2007

The Presentation Layer

This layer answers one simple question: "How should this data be presented?" In addition to properly formatting data, encryption occurs at this layer. Have you ever opened a file in a word processing application, and you got pages of unrecognizable characters? Thats a Presentation Layer issue. The applications have not agreed on how the data is to be presented.

Train Signal, Inc., 2002-2007

There are four primary tasks that the Presentation Layer is concerned with:
1. 2. 3. 4. Compatibility with the operating system Proper encapsulation of data for network transmission. Data formatting (ASCII, binary) Data encryption, compression, and translation.

You've probably seen some of the file types that are used at the Presentation layer - JPEG, ASCII, GIF, MPEG, MIDI, EBCDIC, and TIFF.

Train Signal, Inc., 2002-2007

The Session Layer

Layer 5 is the "manager" of the two-way communication between two remote hosts. This is the layer that handles the creation, maintenance, and teardown of communications between those two hosts. The overall communication itself is referred to as a session. Some sessions last just long enough to send a unidirectional message, where other sessions will be of longer duration.
Train Signal, Inc., 2002-2007

The Transport Layer

The Transport Layers purpose is to establish a logical end-to-end connection between two systems, segment data received from the upper layers of the OSI model, and to make sure the data gets to the destination in the correct order and free of errors. At the Transport Layer, there are two methods for transporting data: connection-oriented, referring to TCP, and connectionless, referring to UDP. We'll take a much more detailed look at TCP and UDP later in this section.
Train Signal, Inc., 2002-2007

The Network Layer

It's at Layer 3 of the OSI model that you and I as network admins begin to have a great deal of interaction with the network. IP runs at this layer, and since routers operate here at L3, this layer is often called "the routing layer". In a nutshell, routing is a two-question process:
What valid paths exist from the local router to a given destination? What is the best path (the "optimal path") to take to get there?

Lots more on this layer to come later in the course!

Train Signal, Inc., 2002-2007

The Data Link Layer

The switches that we'll spend so much time with later in the course operate at Layer 2. Wireless Access Points (WAPs) also operate at this layer - more on WAPs in the Wireless section. Devices that you may well be using right now to access the Internet, cable modems and DSL modems, also run at L2. We've got four major specifications that run here, some of which you may already be familiar with:
Ethernet High Data Link Control (HDLC) Point-to-Point Protocol (PPP) Frame Relay

Train Signal, Inc., 2002-2007

A very important distinction: The data link layer does perform error detection through something called the Frame Check Sequence (more on that later), but this layer does not perform error recovery. The Data Link Layer is generally referred to as Layer 2, and MAC addresses as Layer 2 addresses. If you're not familiar with MAC addresses, they will be discussed in more detail in the Ethernet and LAN Switching sections.
Train Signal, Inc., 2002-2007

Another name for the MAC address is a little misleading, so let's nail this down. MAC addresses are sometimes called hardware addresses and physical addresses. That's because a MAC address is physically burned into the Network Interface Card (NIC), which leads to another name for this address a burned-in address (BIA). What's the misleading part? Remember that physical addresses are not used at the Physical layer of the OSI model - they're Data Link layer addresses. That's right - a physical address is used to deliver a frame, but not a physical layer address.
Train Signal, Inc., 2002-2007

Switches operate at L2, as do bridges. Layer 3 Switches do exist, but when operating at Layer 3, theyre not switching or bridging. Theyre routing. You don't need to know about L3 switches for the CCENT exam, but you should know they exist as they're becoming more and more popular in today's networks.
Train Signal, Inc., 2002-2007

The Physical Layer

When things get a little complicated in networking, I like to remind myself that "it's all ones and zeroes!" Whatever data our end users are creating, it's going to eventually be "translated" into a series of 1s and 0s. Once that is done, it's the Physical layer that handles the actual data transmission. Anything to do with a physical cable or the standards in use - the pins, the connectors, the electrical current itself - is running at the Physical layer.
Train Signal, Inc., 2002-2007

The Data Transmission Process

When the end user sends data, that data will go through all seven layers of the OSI model. The data is broken up into smaller and smaller parts beginning at Layer 4 (the Transport layer) until it's in the form of electric signals that can be sent across the physical media. As the data flows down the OSI model, it's referred to by different terms. You really have to master these and watch for them on your exams. There are four different terms you need to know:
Train Signal, Inc., 2002-2007

At the Application, Presentation, and Session layers, data is simply called "data". At the Transport layer, data is placed into segments. At the Network layer, data is placed into packets. At the Data Link layer, data is placed into frames. Finally, at the Physical layer, data takes the form of bits - and remember, it's all ones and zeroes!

Train Signal, Inc., 2002-2007

Those are very important terms for your career and especially for your exams. If I mention "segments", you should know I'm discussing the Transport layer of the OSI model without any other hints, because you might not get any other hints!
Train Signal, Inc., 2002-2007

As data flows down the OSI model, each layer adds a header that will be removed by the same layer on the other end of the session. These headers are layerspecific in that the Network layer couldn't care less about the contents of any header except the Network layer on the other end of the session. As an end user enters data for transmission to a remote host, the first six layers of the OSI model will add a layer-specific header that contains information to be read by the same layer of the OSI model at the remote location. Note that Layer 2, the Data Link layer, adds both a trailer and a header.
Train Signal, Inc., 2002-2007

The combination of data and a layer-specific header is called a Protocol Data Unit (PDU). There's a PDU for each layer; that is, the combination of data and L7 header information is called an L7 PDU, the data and L6 header information is called an L6 PDU, and so forth. After the data is successfully transmitted by the Physical layer to the remote location, the data begins to travel back up the model. Each layer will remove the header added by its counterpart - that is, Layer 3 removes the L3 header and reads it, L4 removes the L4 header and reads it, and so forth.
Train Signal, Inc., 2002-2007

The term same-layer interaction describes the process of a given OSI layer removing the header placed on the data by the same layer on the sending side. For example, the Application layer on the receiving end will remove only the header placed onto the data by the Application layer on the sending side, and so forth.
Train Signal, Inc., 2002-2007

This model is another way to look at the overall data transport process, and it also uses layers to illustrate the process. However, the TCP/IP model uses only four layers to do so. For the CCENT, CCNA, and any entry-level certification exam from another vendor, it's a very good idea to know
the layers of both the TCP/IP and OSI model the responsibilities of each layer how the layers map from one model to another

Train Signal, Inc., 2002-2007

The Application layer of the TCP/IP model maps to the top three layers of the OSI model (Application, Presentation, and Session). Everything that the top three layers of the OSI model do is performed by the TCP/IP model's Application layer. The Transport layer of the TCP/IP model maps directly to the Transport layer of the OSI model. TCP and UDP both operate at this layer, and data takes the form of segments.
Train Signal, Inc., 2002-2007

The Internet layer of the TCP/IP model maps to the Network layer of the OSI model. Both layers are responsible for routing through the use of IP addresses, static routes, and dynamic routing protocols. (You will occasionally see some non-Cisco documentation call this layer the Internetwork layer, but "Internet" is the name used in Cisco documentation.) Finally, the Network Access layer of the TCP/IP model maps to the Data Link and Physical layers of the OSI model.
Train Signal, Inc., 2002-2007

So Why Do We Go Through All Of This, Anyway?

It's natural to ask why we use networking models in the first place. It's a good question, and there are some good answers! Networking models do help software vendors create products that are interoperable. (At least, we hope they're interoperable.) That doesn't affect us directly as network admins, but two uses of these models affect us directly both as admins and as students.
Train Signal, Inc., 2002-2007

Breaking networking operations up into smaller parts make it easier to learn networking in the first place. By using the OSI model in particular, you can take a structured approach to your learning:
First, learn about cables and physical specifications (L1) Then learn about switches and MAC addresses (L2) Then start on routing (L3)
Train Signal, Inc., 2002-2007

Using the OSI model to structure your troubleshooting approach is a real help, too. I always tell students to "start troubleshooting at the physical layer", and you'll see what I mean in the Troubleshooting section of the course. There are two kinds of troubleshooters in the world:
Those who have a structured approach Those who don't and are basically throwing stuff out there and hoping something works
Train Signal, Inc., 2002-2007

TCP:
Guaranteed delivery Error detection via sequence and ACK numbers Windowing "Connection-Oriented" "best-effort" delivery, but no guarantee of delivery No error detection No windowing "Connectionless"
Train Signal, Inc., 2002-2007

UDP:

TCP's "Three-Way Handshake"

With TCP, there's work to be done before data is transmitted. The two devices have to agree on some basic parameters before segments can be sent - and this negotiation has the curious name three-way handshake. If that's the first time you've heard this term, you're probably wondering how a handshake can be three-way! Then again, maybe you don't want to know - but to pass the CCENT and CCNA exams, we gotta know! Let's take a step-by-step look at this process.
Train Signal, Inc., 2002-2007

Before the sender can start sending, there's going to be a negotiation between the two devices regarding rules for data transmission. That negotiation is the threeway handshake itself, which begins with the sender transmitting a TCP segment with the Synchronization ("SYN") bit set. The primary value being negotiated here is the TCP sequence number, which we'll discuss in more detail in the next section. This is the first part of the three-way handshake.
Train Signal, Inc., 2002-2007

The recipient responds with a TCP segment with both the synchronization and acknowledgement bits set - a "SYN/ACK". This is part two of the three-way handshake.

Train Signal, Inc., 2002-2007

The sender responds with an ACK, and the three-way handshake is complete. UDP does not use a three-way handshake. In addition to the orderly construction of the communication channel, TCP uses the FIN ("finish) bit to bring the channel down when the communication is closed.
Train Signal, Inc., 2002-2007

TCP's Error Detection / Error Recovery Feature

Before we take a look at how TCP performs both error detection and error recovery, we need to draw a very clear line between those two terms. They are not the same thing!
Error detection is finding an error Error recovery is doing something about the error

Watch that on your exam. :)

Train Signal, Inc., 2002-2007

TCP does both, and it uses both a sequence number and an acknowledgement number ("ack") in the TCP header to do so. In the following example, one host is sending four segments to another host. Each of the segments has a sequence number. That sequence number tells the recipient in what order to reassemble the segments, and it's also a fundamental concept in error detection and recovery. For simplicity's sake, we'll assume the first segment has a sequence number of 100, and we'll add 100 to the subsequent sequence numbers. (Remember, we're at the Transport layer these are segments!)

Train Signal, Inc., 2002-2007

The recipient will now send a segment back that contains no data, but does have an ack number set. You might think that the ack number would reflect the last sequence number received, but that's not quite right. The ack number will actually indicate the next sequence number the data recipient expects to see!
Train Signal, Inc., 2002-2007

This entire process revolves around two things:

The sender is waiting for a positive message from the recipient that the data was received If that message isn't received, the data is retransmitted

That's why we call this entire process Positive Acknowledgement with Retransmission (PAR).
Train Signal, Inc., 2002-2007

"Windowing" refers to the amount of data that a data sender is allowed to transmit without waiting for an ack. In this case, the size of the window is 2400 bytes, meaning that the data sender can transmit 2400 bytes before it has to stop and wait for an ack. The data recipient decides the size of the window, not the sender. This gives the recipient some control over how much data is sent ("flow control").
Train Signal, Inc., 2002-2007

The term sliding window refers to this dynamic adjustment of the window size. UDP does not have windowing capabilities.

Train Signal, Inc., 2002-2007

All of the features we've looked at here - the three-way handshake, windowing, sequence numbering, error detection and recovery are all TCP features. UDP doesn't use any of them. Two questions come to mind:
Why doesn't UDP offer these features? Why in the world do we use UDP for anything?

A look at the TCP and UDP headers will answer both of those questions! Here's the TCP header...
Train Signal, Inc., 2002-2007

Quite a difference! Take a few moments to compare the two and you'll see that UDP can't perform any of those TCP features because UDP literally can't offer them. The UDP header has no sequence number field, no ack number field, no ACK bit, no SYN bit, and no window field. The TCP and UDP headers have only three values in common:
Source port Destination port Checksum
Train Signal, Inc., 2002-2007

Now that we've answered the question about why UDP doesn't offer the features that TCP does, let's answer the second question regarding why UDP is used in the first place. That question can really be answered with one word... overhead. The TCP header is much larger than the UDP header. That header is being applied to every segment, and that adds up! UDP's advantage over TCP is that its header is much smaller than TCP's.

Train Signal, Inc., 2002-2007

If you're not familiar with MAC or IP addressing, we're going to cover that in another section, but for now it's enough to know that when two hosts communicate on a network, they're using these MAC and IP addresses as the destination when the data is sent.
Train Signal, Inc., 2002-2007

So far, so good. But what if one host is sending multiple flows of information to the remote host? Let's say that the PC at 10.1.1.1 is sending three different kinds of information to the PC at 10.1.1.2:
transferring a file via Trivial File Transfer Protocol (TFTP) email via Simple Mail Transfer Protocol (SMTP) opening a remote connection via Telnet
Train Signal, Inc., 2002-2007

If you're not familiar with those three protocols, don't worry about it - you will be before you're done with this course. For now, it's enough to know that one PC is sending three different types of information to the other, and the MAC and IP source and destination addresses for all three transmissions is going to be the same. How can the receiving host tell TFTP from SMTP if that's the case?
Train Signal, Inc., 2002-2007

We need a way for the recipient to differentiate one data flow from the other, and since the source and destination MAC and IP addresses will be the same for all three flows, that won't do. What will do is the TCP or UDP port number. While these three data flows will have the same Layer 2 (MAC) and Layer 3 (IP) source and destination addresses, they'll have different, preassigned port numbers.
Train Signal, Inc., 2002-2007

These port numbers allow the host at 10.1.1.1 to mix these three data streams when sending to 10.1.1.2, rather than sending all the SMTP data, then the Telnet data, then the TFTP data. The PC at 10.1.1.2 will use the port numbers to drive the three different data streams to the appropriate application. This mixing of data streams is called multiplexing.
Train Signal, Inc., 2002-2007

A socket may sound like something physical on the PC, but it's not. The socket is simply a combination of IP address and port number. For example, the socket on 10.1.1.2 for port 69 is 10.1.1.2:69. That socket can also be expressed with this format: (IP address, transport protocol, port number) That would make the TFTP socket on that PC (10.1.1.2, UDP, 69).
Train Signal, Inc., 2002-2007

The port number system works beautifully, but naturally the hosts need to agree on what port is used for a given protocol. In the previous example, if 10.1.1.1 used TCP port 45 for Telnet and 10.1.1.2 used TCP port 55, we'd have some serious problems. That's why most protocols use the same port number at all times, and these port numbers are referred to as well-known port numbers. All port numbers below 1024 are reserved, well-known port numbers -- but you don't have to memorize 1024 numbers for the exams!
Train Signal, Inc., 2002-2007

I do strongly recommend you have the following port numbers memorized, however. These numbers will become second nature to you as you progress in your networking studies and your career, but for now we gotta memorize these! After this list, I'll show you a little trick you can use on a Cisco router to see a list of well-known port numbers. Since you won't be allowed to carry a router into the exam room, though, know this list cold! Don't worry if there are services or protocols on here you're not yet familiar with - you will be before the end of this course.
Train Signal, Inc., 2002-2007

Some Common TCP Ports:

FTP - File Transfer Protocol - Uses TCP ports 20 and 21 SSH - Secure Shell - Uses TCP port 22 Telnet uses TCP port 23 SMTP - Simple Mail Transfer Protocol - uses TCP port 25 HTTP - HyperText Transfer Protocol - uses TCP port 80 POP3 - Post Office Protocol 3 - uses TCP port 110 SSL - Secure Socket Layer - uses TCP port 443
Train Signal, Inc., 2002-2007

Some Common UDP Ports:

DHCP - Dynamic Host Control Protocol - uses UDP ports 67 and 68 TFTP - Trivial File Transfer Protocol - uses UDP port 69 SNMP - Simple Network Management Protocol - uses UDP port 161

Protocols Using Both TCP And UDP Ports

DNS - Domain Name Service - uses UDP and TCP port 53 The port number 24 is reserved in both UDP and TCP for private mail systems

Train Signal, Inc., 2002-2007

With Voice over IP (VoIP) becoming more and more commonplace in today's networks, it couldn't hurt to know that the entire range of UDP ports from 16384 - 32767 are reserved for voice traffic.

Train Signal, Inc., 2002-2007

Video 2 Ethernet Standards And Cable Types

Train Signal, Inc., 2002-2007

Ethernet Standards and Cable Types

The Need For And Operation of CSMA/CD Ethernet Types And Standards Pins And Transmissions Crosstalk Cable Types Ethernet Addressing Intro to WAN Cabling And a Cable Type Review
Train Signal, Inc., 2002-2007

With each host connected to its own switch port, we no longer have to worry about collisions when hosts send data simultaneously. In the old days of networking, though, that wasn't the case. While you may not see the following physical topology very often in your career, if at all, I'm presenting it here so you know how hosts on a shared Ethernet segment practice CSMA/CD - Carrier Sense Multiple Access with Collision Detection.
Train Signal, Inc., 2002-2007

The Ethernet standard you're most likely to be familiar with is 10Base-T, specified by IEEE 802.3. The "T" stands for twisted-pair cable, and the maximum length of a 10Base-T copper cable is 100 meters. The "10" refers to the 10 MegaBits Per Second (MBPS) capacity. You may be asking "Why twist the cable pairs?" Twisting pairs of wires inside the cable cuts down on the possibility of electromagnetic interference, whether that interference comes from another cable or an outside source - elevators are notorious for generating such interference.
Train Signal, Inc., 2002-2007

In the previous illustrations, we looked at a network with a single coaxial cable and multiple hosts connected to that coax cable. That topology was used by the first Ethernet standards, 10Base5 and 10Base2. The sole physical components were the Ethernet cards in the computers and coaxial cable, which is the topology we looked at in the previous example. The cable made up a bus that all the connected devices would use. (This type of bus is referred to as a shared bus.)
Train Signal, Inc., 2002-2007

The ending numbers in the terms 10Base5 and 10Base2 allegedly refer to the limit on the length of the cable, expressed in units of 100 meters. This is true for 10Base5; the limit on the cable length is 500 meters. Its not quite accurate for 10Base2, though; the limit on that cable is 185 meters, NOT 200 meters.

Train Signal, Inc., 2002-2007

Fast Ethernet is defined by IEEE 802.3u, and has a maximum capacity of 100 MBPS. Fast Ethernet copper cables also have a maximum cable length of 100 meters.

Train Signal, Inc., 2002-2007

Defined by IEEE 802.3z, Gigabit Ethernet has a maximum capacity of 1000 MBPS, also expressed as 1 GBPS (GigaBits Per Second). The maximum cable length is 100 meters here as well, but we cannot use a regular copper cable for Gigabit Ethernet.
Train Signal, Inc., 2002-2007

Ethernet runs at 10 MBPS, defined by IEEE 802.3, and its copper cable has a maximum length of 100 meters. Variations include 10Base-T, 10Base-2, and 10Base-5, with the last two involving a shared cable bus. Fast Ethernet runs at 100 MBPS, is defined by IEEE 802.3u, and its copper cable has a maximum length of 100 meters. Gigabit Ethernet runs at 1000 MBPS (1 GBPS), is defined by IEEE 802.3z, and also has a 100 meter cable length maximum - but it cannot use copper cabling.
Train Signal, Inc., 2002-2007

A standard Ethernet cabling type is Category 5 Unshielded Twisted-Pair, commonly known as CAT 5 UTP. The connector on the end of a typical Cat 5 UTP cable is an RJ-45 connector. This type of connector has a tab on the bottom that snaps into place when the connector is correctly placed into the device. (You can usually hear the snap sound, unless youre in a very loud wiring closet!)
Train Signal, Inc., 2002-2007

The cable will contain separate wires inside, and the endpoints of these wires are referred to as pins. While you now know that bits are sent over these wires, its important to know that the same set of pins is always used to transmit, and a separate set of pins is always used to receive.
Pins 1 and 2 Transmit Pins 3 and 6 Receive
Train Signal, Inc., 2002-2007

Crosstalk is caused by the electromagnetic interference mentioned a moment ago. Basically, a signal crosses over from one pair of cables to another, causing the signals to become unusable. NEXT (near-end crosstalk) is a condition generally caused by crossed or crushed pairs of wires. The conductors inside the wires dont even have to be exposed but if the conductors are too close, the signal traveling on one wire can actually interfere with the signal on another wire. The near-end is a relative term, referring to the end of the cable being tested (as opposed to far-end crosstalk, or FEXT).
Train Signal, Inc., 2002-2007

In a typical RJ-45 connection, the crosstalk is actually at its highest level as data enters the cable. You may occasionally see the term PSNEXT. This is short for Power Sum Near End Cross Talk, and refers to the calculation carried out when a NEXT test is run. When the NEXT results for each pair of wires is added, the result is the PSNEXT value.
Train Signal, Inc., 2002-2007

In the following exhibit, we've got three separate physical connections:

A laptop connected to a switch (Cable 3) Two switches connected to each other (Cable 2) A PC connected to a switch (Cable 1)

Train Signal, Inc., 2002-2007

For Cable 1, we need a straightthrough cable. A straightthrough cable is used to connect a PC to a switch or hub. In a straight-through cable, the wire connected to Pin 1 on one side is connected to Pin 1 on the other, the wire connected to Pin 2 on one side is connected to Pin 2 on the other, and so forth.
Train Signal, Inc., 2002-2007

You may have occasion to connect two similar devices directly with Ethernet, which can cause a problem since both devices will use the same pair of wires for transmitting data. It's very common to connect two switches to allow them to send data over that connection, called a trunk. You'll learn all about the particulars of trunking in your CCNA studies, but the first thing we have to do is make sure we have the correct cable!

Train Signal, Inc., 2002-2007

What we need is a crossover cable. The wire connected to Pin 1 on one side will no longer be connected to Pin 1 on the other, as it was in a straight-through cable. Four wires will "cross over" in a crossover cable:

Train Signal, Inc., 2002-2007

Local Cable End Pin 1 Pin 2 Pin 3 Pin 6 Remote Cable End Pin 3 Pin 6 Pin 1 Pin 2

Train Signal, Inc., 2002-2007

Two cables down, one to go! To connect that laptop directly to a switch, we've got to be careful of two things:
Using the right cable Connecting the right cable to the right port on the switch

Train Signal, Inc., 2002-2007

The cable we need is a rollover cable. All eight wires in the cable will "roll over" to another pin at the remote end, with the wire on Pin 1 at one end rolling over to Pin 8 at the other end, the wire on Pin 2 at one end rolling over to Pin 7 at the remote end, and so forth.
Train Signal, Inc., 2002-2007

You may also need an adapter for your rollover cable, since one end of the cable is a DB-9 connector, and few if any of today's laptops have such a port. You probably do have USB ports on your laptop, and you can get an adapter that allows you to connect a rollover cable to your laptop's USB port from just about any cable dealer.
Train Signal, Inc., 2002-2007

As for the connection to the switch, you need to make sure you connect the RJ-45 connector on the other end of the rollover cable to the Console port of the switch. I'll drive this point home at least one more time elsewhere in the course!
Train Signal, Inc., 2002-2007

Ethernet / NIC / Physical / LAN / BIA Addressing

You may be thinking "oh, man, that's a lot of addressing!" Actually, it's not, because these are all different names for the same thing. The fifth name is the term you hear most often -- MAC address, short for Media Access Control. The MAC address is used by switches to send frames to the proper destination, as you'll see in the LAN Switching section. Before you get to that section, let's take a look at the format of the MAC address.
Train Signal, Inc., 2002-2007

The entire MAC address is a 48-bit address that looks a little something like this: aa-bb-cc-11-22-33

Train Signal, Inc., 2002-2007

That MAC address actually has two parts, the first being the Organizationally Unique Identifier (OUI). The OUI is assigned to hardware vendors by the Institute of Electrical and Electronics Engineers (IEEE). A given OUI is assigned to one and only one vendor.
Train Signal, Inc., 2002-2007

The second half of the MAC address is a value not yet used by that particular vendor. Looking at the MAC address example given earlier, we now know that:
The OUI is aa-bb-cc The vendor has not yet used 11-22-33 with that particular OUI, so the vendor is doing so now

Train Signal, Inc., 2002-2007

The MAC is sometimes called the physical address because it physically exists on the network card. The address is burned into the card, giving it yet another name - the BurnedIn Address (BIA). As with IP addresses, we have broadcast and multicast MAC addresses. It's a good idea to be able to identify these addresses, and here's how to do it!
Train Signal, Inc., 2002-2007

The broadcast MAC address is the "all-Fs" address: ff-ff-ff-ff-ff-ff (or FF-FF-FF-FF-FF-FF, as case does not matter in hexadecimal) There is a range of multicast MAC addresses, and the first half of a multicast MAC address is always 0100.5e. The second half of a multicast MAC address will fall in the range 00-00-00 through 7F-FF-FF. Watch that 7! :)
Train Signal, Inc., 2002-2007

WAN Cabling

Cisco routers will use serial cables for connections using their serial interfaces (typical frame relay) In home labs, you may connect Cisco router serial interfaces directly with a DTE/DCE cable

Train Signal, Inc., 2002-2007

Cable Type Review

Crossover cables are used to connect two like devices, typically two switches. Rollover cables are used to connect a laptops serial port to the router or switch Console port. Straightthrough cables are used to connect a PC to a switchport. Watch the cable types and the cable lengths any cable over 100 meters is cause for alarm.
Train Signal, Inc., 2002-2007

Video 3 Switching

Train Signal, Inc., 2002-2007

Switching
Repeaters, Hubs and Bridges Building the MAC Table Flood, Filter or Forward? Frame Processing Methods Virtual LANs Cisco Three-Layer Switching Model Introduction to STP Basic Switch Security Port Security Defaults, Options and Configurations
Train Signal, Inc., 2002-2007

With many networking terms, the name is indeed the recipe, and that's very true of a repeater. A repeater's job is to repeat an electrical signal, the form that our data has taken to be sent across a cable. Remember, "it's all ones and zeroes!" The repeater takes an incoming signal and then generates a new, clean copy of that exact signal. This prevented maximum cable lengths from stopping transmissions, and also helped to ward off attenuation - the gradual weakening of an electric signal as it travels.
Train Signal, Inc., 2002-2007

A hub is basically the same as a repeater, but the hub will have more ports. That's the only difference between the two. (Some hubs have greater capabilities than others, but a "basic" hub is simply a multiport repeater.) Neither hubs nor repeaters have anything to do with the Data Link layer of the OSI model, nor do they perform any switching at all. Hubs and repeaters are strictly Physical layer devices, and that's where the trouble comes in. For our next example, we'll consider a hub with four PCs connected to it.
Train Signal, Inc., 2002-2007

To prevent this, a host on a shared Ethernet segment will use CSMA/CD (Carrier Sense Multiple Access with Collision Detection). To review, here's the CSMA/CD process:
A host that wants to send data will first "listen to the wire", meaning that it checks the shared media to see if it's in use. If the media is in use, the host backs off for a few milliseconds before checking again. If the media is not in use, the host sends the data.
Train Signal, Inc., 2002-2007

If two PCs happen to send data at the exact same time, the voltage on the wire will actually change, indicating to the hosts that there has been a data collision. The two PCs that sent the data will generate a "jam signal", which indicates to the other hosts on the shared media that they should not send data due to a collision. Those two PCs both invoke a backoff timer, also in milliseconds. When each host's random timer expires, they will each begin the entire process again by listening to the wire. Since the backoff timer value is totally random, it's unlikely the two hosts will have the same problem again.

Train Signal, Inc., 2002-2007

Before we talk about switches, here's an old joke:

Q. What's the difference between bridges and switches? A. Marketing.

Train Signal, Inc., 2002-2007

Let's review the key concepts of hubs vs. switches.

With hubs, we've got one big collision domain consisting of all connected hosts. When hosts are connected to their own switch ports, they each have their own individual collision domain. Hubs only allow one device to transmit at a time, resulting in shared bandwidth. Switches allow hosts to transmit simultaneously. When one host connected to a hub sends a broadcast, every other host receives that broadcast and there's nothing we can do about it. When a host connected to a switch sends a broadcast, every other host receives it by default - but there is something we can do about that, as you'll see in the VLAN section of this course.
Train Signal, Inc., 2002-2007

Microsegmentation is a term sometimes used in Cisco documentation to describe the "one host, one collision domain" effect of that last bullet point. It's not a term I hear a great deal in the field, and you might not either, but it's a good term to know for Cisco exams.
Train Signal, Inc., 2002-2007

A Cisco switch will do one of three things with an incoming frame:

Forward it Flood it Filter it

To make this decision, the switch uses its MAC Address table to check if there's an entry for the destination MAC address - but first, the switch will actually check to see if there's an entry for the source MAC address of the frame, because it's that source MAC that the switch will use to actually build the table in the first place!
Train Signal, Inc., 2002-2007

SW1#show mac-address-table Mac Address Table ------------------------------------------Vlan Mac Address Type Ports ------------------------All 0008.7de9.9800 STATIC CPU All 0100.0ccc.cccc STATIC CPU All 0100.0ccc.cccd STATIC CPU All 0100.0cdd.dddd STATIC CPU 1 aaaa.aaaa.aaaa DYNAMIC Fa0/1 Total Mac Addresses for this criterion: 5

Train Signal, Inc., 2002-2007

SW1#show mac-address-table dynamic Mac Address Table ------------------------------------------Vlan Mac Address Type Ports ------------------------1 aaaa.aaaa.aaaa DYNAMIC Fa0/1 Total Mac Addresses for this criterion: 1

Train Signal, Inc., 2002-2007

No, so the switch will create one. SW1#show mac-address-table dynamic Mac Address Table ------------------------------------------Vlan Mac Address Type Ports ------------------------1 aaaa.aaaa.aaaa DYNAMIC Fa0/1 1 cccc.cccc.cccc DYNAMIC Fa0/2
Train Signal, Inc., 2002-2007

We don't get to say "never" in networking very often, and as you progress in your studies, you'll learn there's almost always an exception to the rule in CiscoLand. (That's what makes it fun, though!) There is no exception to this particular rule, though: Switches never send a frame back out the same port it came in on.
Train Signal, Inc., 2002-2007

Flooding is performed when the switch has no entry for the frame's destination MAC address. When a frame is flooded, it is sent out every single port on the switch except the one it came in on. Unknown unicast frames are always flooded. Forwarding is performed when the switch does have an entry for the frame's destination MAC address. Forwarding a frame means the frame is being sent out only one port on the switch. Filtering is performed when the switch has an entry for both the source and destination MAC address, and the MAC table indicates that both addresses are found off the same port.
Train Signal, Inc., 2002-2007

There's one other frame type that is sent out every port on the switch except the one that received it, and that's a broadcast frame. Broadcast frames are intended for all hosts, and the MAC broadcast address is ff-ff-ff-ffff-ff (or FF-FF-FF-FF-FF-FF, as a MAC address's case does not matter).
Train Signal, Inc., 2002-2007

Now that we've looked at how the MAC table is built, let's take a look at the different names this table is called:
CAM table (short for Content Addressable Memory) bridging table switching table MAC table

Anytime you see those terms, they're referring to the MAC address table. Four names for the same thing? Welcome to networking! ;)
Train Signal, Inc., 2002-2007

Once the switch decides whether to forward, filter, or flood the frame, there's one more decision to be made - what processing method will be used to handle this forwarding? The processing options are:
store-and-forward cut-through fragment-free
Train Signal, Inc., 2002-2007

This continual generation of new broadcasts is called a broadcast storm, and this is one storm that can sink your switch for good. A broadcast storm can overwhelm a switch's memory and CPU capabilities, rendering the switch virtually useless.
Train Signal, Inc., 2002-2007

To illustrate how Virtual LANs can help limit broadcast propagation, we'll assign an IP address to each one of our hosts and then take a look at the default Cisco switch settings for VLANs. The circle(s) will continue to illustrate the broadcast domain(s). The numbers on the switch indicate the switch port that's connected to that host.
Train Signal, Inc., 2002-2007

It's vital to remember that no traffic pings or data packets - can be sent from one VLAN to another without the intervention of a Layer 3 device, most likely a router.

Train Signal, Inc., 2002-2007

The first time you hear the term "campus network" or "campus LAN", the word "campus" may suggest a university or a school of some kind. While such a school may well have a campus LAN, that term is used to describe any network that connects multiple buildings that are physically close to each other. The Cisco switching model consists of three layers:
Access Distribution Core

Train Signal, Inc., 2002-2007

Cisco switches use the Spanning Tree Protocol (STP) to prevent switching loops, and luckily, STP is enabled by default. You'll learn much more about STP in your CCNA studies, but you need to know its basics now. STP will determine a loop-free path for frames, and ports that are not on that path will be placed into blocking mode.
Train Signal, Inc., 2002-2007

The first one is about as basic as it gets. Lock up your switches - preferably more than once! No casual passerby should even know your switches exist, much less be able to yank a cable out just for the fun of it. Many server rooms have passcard systems or at least a locked door, but occasionally I still see a server room that's relying on the kindness of strangers. Don't do that!

Train Signal, Inc., 2002-2007

Unused VLANs - An Often Overlooked Security Feature We spoke about VLANs at length earlier in this section, but you can also use an unused VLAN as a security feature. Cisco switch ports on many models have some undesirable defaults:
They're open, where router interfaces are shut by default They're actively attempting to trunk, meaning they are available for connection to another switch All ports are in VLAN 1, and everyone knows that
Train Signal, Inc., 2002-2007

These are not desirable defaults when it comes to unused ports on a switch. From top to bottom, here's how we can change those defaults to increase switch security:
Close unused ports with the shutdown command Prevent the port from trunking with the switchport mode access command Place the port into an unused VLAN
Train Signal, Inc., 2002-2007

As usual, the switch will first inspect the source MAC address of an incoming frame. If the incoming source MAC address is considered secure, the user will be able to access the network. If the source MAC is considered non-secure, the port will take one of several actions - more on that in a moment. The source MAC address of the incoming frame really acts as a password.
Train Signal, Inc., 2002-2007

aging allows you to set aging options for secure MAC addresses. mac-address allows you to specify secure MAC addresses. maximum allows you to specify how many secure MAC addresses there will be. The default is one.
Train Signal, Inc., 2002-2007

violation allows you to specify what should happen if a non-secure source MAC address is received on the port. Those options are: SW2(config-if)#switchport port-security violation ? protect Security violation protect mode restrict Security violation restrict mode shutdown Security violation shutdown mode

Train Signal, Inc., 2002-2007

The default mode is shutdown, and this mode shuts the port down, transmits a message to the log indicating the action taken, and drops the violating frames. The interface status will be err-disabled, (short for error-disabled) meaning it must be manually reopened. restrict drops the violating frames and transmits a message to the log indicating an issue, but does not shut the port down. protect simply drops the violating frames.
Train Signal, Inc., 2002-2007

To configure the port to shut down if a frame is received with any source MAC address other than bb-bb-bb-bb-bb-bb, we'd use the following config: SW2(config)#int fast 0/3 SW2(config-if)#switchport mode access SW2(config-if)#switchport port-security SW2(config-if)#switchport port-security macaddress bbbb.bbbb.bbbb

Train Signal, Inc., 2002-2007

There's always a chance that you don't know the source MAC address that should act as the secure address. If you configure the port with sticky port security (don't blame me, I didn't name it!), the first source MAC address learned on the port will be the secure address, and all others will be non-secure unless you use the maximum option to change that. SW2(config-if)#switchport port-security macaddress sticky
Train Signal, Inc., 2002-2007

The command show port-security interface fast0/3 verifies that port security is running, the port status, violation mode, the number of secure MAC addresses, and even the last source address of the last frame received!
Train Signal, Inc., 2002-2007

SW2#show port-security int Port Security Port Status Violation Mode Aging Time Aging Type SecureStatic Address Aging Maximum MAC Addresses Total MAC Addresses Configured MAC Addresses Sticky MAC Addresses Last Source Address Security Violation Count

fast 0/3 : Enabled : Secure-up : Shutdown : 0 mins : Absolute : Disabled : 1 : 1 : 0 : 1 : 00d0.58ad.4d51 : 0

Train Signal, Inc., 2002-2007

That sticky MAC address will also appear in the config. interface FastEthernet0/3 switchport mode access switchport port-security switchport port-security mac-address sticky switchport port-security mac-address sticky 00d0.58ad.4d51
Train Signal, Inc., 2002-2007

To illustrate what happens when a nonsecure address hits that port, I've disconnected the host with the learned secure sticky address and replaced it with another host. What's the result? SW2#show int fast 0/3 FastEthernet0/3 is down, line protocol is down (err-disabled)
Train Signal, Inc., 2002-2007

An err-disabled port! When you see err-disabled next to the line protocol message, that means that an error of some kind has shut that port down. In this case, that's the result of a nonsecure MAC address hitting a port that had already learned another address as secure.
Train Signal, Inc., 2002-2007

A couple of important points regarding err-disabled ports:

The port LED will go dark The port must be manually reopened with the no shutdown command

Train Signal, Inc., 2002-2007

The reason for the port shutdown can be verified with show port-security interface. The port status is "Secureshutdown", the violation mode is in the default of shutdown, and note that the last source address shown is not the one we saw earlier - that's the reason the port shut down.
Train Signal, Inc., 2002-2007

fast 0/3 : Enabled : Secure-shutdown : Shutdown : 0 mins : Absolute : Disabled : 1 : 1 : 0 : 1 : 0010.7b39.c5e9 : 1

Train Signal, Inc., 2002-2007

If we want both this address and the previous one to be secure, we can change the port-security maximum value to 2 and then reopen the port.

Train Signal, Inc., 2002-2007

SW2(config-if)#switchport port-security maximum 2 SW2(config)#int fast 0/3 SW2(config-if)#shutdown SW2(config-if)#no shutdown SW2(config-if)#^Z SW2# 4d10h: %LINK-5-CHANGED: Interface FastEthernet0/3, changed state to administratively down 4d10h: %LINK-3-UPDOWN: Interface FastEthernet0/3, changed state to down 4d10h: %LINK-3-UPDOWN: Interface FastEthernet0/3, changed state to up 4d10h: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to up

Train Signal, Inc., 2002-2007

Verify the interface is indeed back up with show interface: SW2#show int fast 0/3 FastEthernet0/3 is up, line protocol is up (connected)

Train Signal, Inc., 2002-2007

Verify the changes to the port security scheme:

SW2#show port-security int fast 0/3 Port Security : Enabled Port Status : Secure-up Violation Mode : Shutdown Aging Time : 0 mins Aging Type : Absolute SecureStatic Address Aging : Disabled Maximum MAC Addresses : 2 Total MAC Addresses : 1 Configured MAC Addresses : 0 Sticky MAC Addresses : 1 Last Source Address : 0010.7b39.c5e9 Security Violation Count : 0
Train Signal, Inc., 2002-2007

Video 4 Common Router and Switch Commands

Train Signal, Inc., 2002-2007

Common Router and Switch Commands

Physical Connections and Passwords Telnet And SSH User, Enable and Privilege Modes Enable Password vs. Enable Secret privilege level 15 Physical Side of Cisco Switches Assigning an IP Address and Default Gateway To The Switch Speed, Duplex, and Interface Range Banners, logging synch, and exec-timeout Keystroke Shortcuts and Manipulating History

Train Signal, Inc., 2002-2007

What I'm about to say is probably a little more true of a router than a switch, but there are two "problems" with the initial configuration of a Cisco device:
Some features that you do want to use will not be enabled Some features that you might not want to have running will be running by default

Train Signal, Inc., 2002-2007

line con 0 line vty 0 4 login line vty 5 15 login This small, seemingly insignificant portion of the switch configuration actually determines what passwords a user must enter in order to connect to the switch successfully. When you do connect to a Cisco switch, you're going to do so in one of two ways:
By physically connecting a laptop to the switch By logically connecting from a remote location via Telnet or SSH

Train Signal, Inc., 2002-2007

For a physical connection, you're going to need a rollover cable. This is typically a blue cable with an RJ-45 connector on one end and a DB-9 connector on the other end. The RJ-45 connector snaps into the Console port of the switch or router, and the DB-9 connector connects to your laptop -- maybe!

Train Signal, Inc., 2002-2007

Did you notice that we were not prompted for a password when connecting through the console port? That means that anyone with a laptop and a rollover cable can connect successfully to this switch - and we might not want that! Let's take another look at the password portion of our switch's configuration:
line con 0 line vty 0 4 login line vty 5 15 login

Train Signal, Inc., 2002-2007

To protect the switch's console port, it's the "line con 0" we need to be concerned with. If we're going to use a single password to protect the console port, we'll actually need two commands:
the password command (the one everyone remembers) the login command (the one a lot of people forget except you!)
Train Signal, Inc., 2002-2007

To review the methods available to connect to a Cisco router:

Physically connecting a laptop to the Console port Connecting from a remote location via Telnet or SSH

Train Signal, Inc., 2002-2007

We're going to telnet from one Cisco router to another in this example, but there is one major rule that holds true for any Telnet configuration on a Cisco router or switch: You must configure a password on the VTY lines. Without a password on the VTY lines, no user will be able to telnet to a Cisco router or switch!
Train Signal, Inc., 2002-2007

User, Enable, And Privilege Modes When you first connect to a Cisco router or switch via Telnet or SSH, by default you're going to be placed into user exec mode. This mode is indicated by the ">" symbol after the device name. R1>
Train Signal, Inc., 2002-2007

To configure the router, we need to go to the next level, privileged EXEC mode (generally called "enable mode"). To get there, we need to enter the enable command in user exec mode. The prompt should change slightly... R1>enable R1#
Train Signal, Inc., 2002-2007

Using an enable mode password is optional - unless you have users connecting via Telnet. (Thought I had forgotten about the Telnet discussion, didn't you? We're getting back to that in just a minute!)

Train Signal, Inc., 2002-2007

To recap
No password is required for connecting to the router via the Console port, but it's recommended that you configure one. A password on the VTY lines is required to allow Telnet or SSH users to connect. For Telnet and SSH users to access enable mode, either an enable password must be configured OR the following command must be configured on the VTY lines.
Train Signal, Inc., 2002-2007

You may want incoming Telnet users to be placed directly into privileged exec mode without being prompted for an enable password To do so, configure the privilege level 15 command on the VTY lines of the router or switch allowing the connections.
Train Signal, Inc., 2002-2007

What's So Secure About Secure Shell?

Telnet's a great way to communicate remotely with routers and switches, but there's a problem - all of the data sent to the remote host, including passwords, is transmitted in clear text. Any would-be network intruder who intercepts the password transmission can then easily enter the network via Telnet, and then we're in real trouble!
Train Signal, Inc., 2002-2007

With SSH, we need to create a username / password database. it sounds complex, but it's not. I'll show you how to create one on a Cisco switch in just a moment. We could also set up an AAA server (Authentication, Authorization, and Accounting) that would handle authentication. Setting up an AAA server is out of the scope of the CCENT and CCNA exams, but you should know the commands for setting up a Cisco switch to perform authentication via a local username/password database.

Train Signal, Inc., 2002-2007

We could use the username/password command to create a database strictly for Telnet if we wanted to, and the login local command would have the same effect. Where the Telnet and SSH configuration differ is that the SSH config requires the following where Telnet does not:
A domain name must be specified with the ip domain-name command A crypto key must be created with the crypto key generate rsa command

Train Signal, Inc., 2002-2007

Green always means "good" Amber indicates a problem if it doesn't go away in a few seconds If a host is connected to a switch port and the LED is dark, that's usually really bad
Train Signal, Inc., 2002-2007

SYST, short for system. Green means the switch is on, no light means it isn't. :) If you see SYST go amber, that indicates a failed Power-On Self Test (POST), and you'll get a message indicating the reason for that failure in the console output. A failed POST indicates a serious problem with the switch, and the switch will not even attempt to load an IOS. A typical POST problem is a broken fan - if you have no ventilation inside the switch, there's no reason for the switch to power up!
Train Signal, Inc., 2002-2007

RPS (Redundant Power Supply). Green indicates that the RPS is functioning correctly. STAT, short for status. When this is green, the port status lights are operational. DUPLEX, where green indicates a full-duplex port and an "off" light indicates a half-duplex port
Train Signal, Inc., 2002-2007

SPEED, where solid green indicates a 100 MBPS port, off indicates a 10 MBPS port, and flashing green indicates a Gigabit Ethernet port (1000 MBPS) Each individual port will have an LED as well. When you first connect a host's cable to a switch port, you should see it go amber for a few seconds while the speed and duplex are negotiated. If all goes well, the LED goes green. If the light stays amber, there's a problem with a setting on either the host or the switch that needs to be resolved. (Really narrows it down, eh?)
Train Signal, Inc., 2002-2007

There's one other common issue that a lack of LEDs can help you track down very quickly. In the cabling section, I mentioned that crossover cables are used to connect two switches to create a trunk. When you connect two Cisco switches with a crossover cable, you should see the lights go amber for just a few seconds and then go green. If you don't see any lights for a few seconds, you can stop waiting - you're using straightthrough cables by mistake!
Train Signal, Inc., 2002-2007

So What Are Those "logging synchronous" and "exec-timeout 0 0" Commands, Anyway?
You might have noticed these two commands on the console line: line con 0 exec-timeout 0 0 logging synchronous I've been recommending these commands for years to CCNA and CCNP candidates putting their own home labs together, but they can come in handy on the job as well. Let's take these commands one at a time, starting with the logging synchronous command.

Train Signal, Inc., 2002-2007

R1(config)#int s0 R1(config-if)#no shut R1(config-if)#^Z R1#so here i am 4d04h: %SYS-5-CONFIG_I: Configured from console by consoletyp 4d04h: %LINK-3-UPDOWN: Interface Serial0, changed state to uping and 4d04h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to upi've been interrupted quite badly! 4d04h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down
Train Signal, Inc., 2002-2007

By configuring the logging synchronous command on the console port, you're telling the router to hold such messages until it detects no input from the keyboard and no other output from the router, such as a show command's output.
Train Signal, Inc., 2002-2007

One of my favorites is the up arrow, which will show you the last command you entered. If you continue to hit the up arrow, you'll continue to go through the command history. <CTRL-P> does the same thing. As you might expect, the down arrow brings you one command up in the command history. It's a good key to use when you use the up arrow too fast. :) < CTRL - N > does the same thing.
Train Signal, Inc., 2002-2007

< CTRL - A > takes the cursor all the way to the front of your current command; < CTRL E > takes the cursor all the way to the end of your current command. Want to move around on a per-character basis in your current command without deleting characters? Use the left arrow or < CTRL - B > to move backward one character, and use the right arrow or < CTRL - F > to move forward one character.
Train Signal, Inc., 2002-2007

<CTRL - D > deletes one character. You can do the same thing with the BACKSPACE key. < ESC - B > moves back one word in the current command. < ESC - F > moves forward one word in the current command.
Train Signal, Inc., 2002-2007

Video 5 IP Addressing And The Routing Process

Train Signal, Inc., 2002-2007

IP Addressing and the Routing Process IP Addressing and Binary Conversions IP Address Classes Private IP Address Ranges Intro to the Routing Process Keeping Subnets On One Side of the Router
Train Signal, Inc., 2002-2007

If you've worked as a network admin for any length of time, you're already familiar with IP addresses. Every PC on a network will have one, as will other devices such as printers. The term for a network device with an IP address is host, and I'll try to use that term as often as possible to get you used to it! The PC...err, the host I'm creating this document on has an IP address, shown here with the Microsoft command ipconfig.
Train Signal, Inc., 2002-2007

First, we'll convert the IP address 192.168.1.100 to a binary string. The format that we're used to seeing IP addresses take - like the 192.168.1.100 shown here - is often called a dotted decimal address, since the values are in decimal and there are dots separating the decimals. (Clever, eh?)
Train Signal, Inc., 2002-2007

If you know the basics of binary and decimal conversions, AND practice these skills diligently, you can answer any subnetting question Cisco asks you.

Train Signal, Inc., 2002-2007

I'll go ahead and show you the entire binary string for the IP address 192.168.1.100 below, and the subnet mask is expressed in binary directly below it.
192.168.1.100 = 11000000 10101000 00000001 01100100 255.255.255.0 = 11111111 11111111 11111111 00000000
Train Signal, Inc., 2002-2007

Way back in the ancient times of technology September 1981, to be exact - IP address classes were defined in RFC 791. If you'd like to read the actual RFC, you can find it quickly using that number and your favorite search engine. RFCs are Requests For Comments, which are technical proposals and/or documentation. Not always exciting, but it's well worth reading the RFC that deals with the subject you're studying. Advanced technical exams occasionally like to ask about RFC numbers for a particular protocol or network service
Train Signal, Inc., 2002-2007

To earn your CCENT and CCNA certifications, you've got to know these address classes and be able to identify what class an IP address belongs to. Here are the three ranges of addresses that can be assigned to hosts:
Class A: 1 - 126 Class B: 128 - 191 Class C: 192 - 223
Train Signal, Inc., 2002-2007

The following classes are reserved and cannot be assigned to hosts:

Class D: 224 - 239. Reserved for multicasting, a topic not covered on the CCENT or CCNA exams. Class E: 240 - 255. Reserved for future use, also called "experimental addresses". Any address with a first octet of 127 is reserved for loopback interfaces. This range is *not* for Cisco router loopback interfaces, though.
Train Signal, Inc., 2002-2007

Class A:
Default network mask: 255.0.0.0 Default number of network bits: 8 Default number of host bits: 24

Class B:
Default network mask: 255.255.0.0 Default number of network bits: 16 Default number of host bits: 16

Class C:
Default network mask: 255.255.255.0 Default number of network bits: 24 Default number of host bits: 8
Train Signal, Inc., 2002-2007

We worked just a bit with the network and host bits earlier in this section, and we're going to work with them a lot more in the subnetting sections later in the course. For now, make sure that you know....
How to identify the class of an IP address Which addresses can be assigned to hosts (Class A, B, C) Which addresses cannot be assigned to hosts (Class D, E, any address beginning with 127) The default network mask, network bits, and host bits for Class A, B, and C addresses

Train Signal, Inc., 2002-2007

Address classes A, B, and C all have their own reserved range of addresses. You should be able to recognize an address from any of these ranges immediately.
Class A: 10.0.0.0 - 10.255.255.255 Class B: 172.16.0.0 - 172.31.255.255 Class C: 192.168.0.0 - 192.168.255.255

RFC 1918 Private Addresses

Train Signal, Inc., 2002-2007

You should be ready to identify those ranges in that format, or with the dotted decimal masks, or with prefix notation. More about prefix notation later in this section.
Class A: 10.0.0.0 255.0.0.0, or 10.0.0.0 /8 Class B: 172.16.0.0 255.240.0.0, or 172.16.0.0 /12 Class C: 192.168.0.0 255.255.0.0, or 192.168.0.0 /16

Train Signal, Inc., 2002-2007

Let's take another look at a PC's ipconfig output. C:\>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: IP Address. . . . . . . . . . . . : 192.168.1.100 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1
Train Signal, Inc., 2002-2007

When this host is ready to send data, there are two and only two possibilities:
The destination IP address is on the 192.168.1.0 255.255.255.0 network It's on another network

Train Signal, Inc., 2002-2007

If the destination is on the same subnet as the host, the packet's destination IP address will be that of the destination host. In the following example, this PC is sending packets to 192.168.1.15, a host on the same subnet, so there is no need for the router to get involved. In effect, those packets go straight to 192.168.1.15.
Train Signal, Inc., 2002-2007

If 192.168.1.100 wants to send packets to the host at 10.1.1.5, the sending host knows it's not on the same subnet as 10.1.1.5. In that case, the host will send the packets to its default gateway - in this case, the router's ethernet0 interface. The host is basically saying "I have no idea where this address is, so I'll send it to my default gateway and let that device figure it out."
Train Signal, Inc., 2002-2007

When a router receives a packet, there are three possibilities regarding its destination:
Destined for a directly connected network Destined for a non-directly connected network that the router has an entry for in its routing table Destined for a non-directly connected network that the router does not have an entry for

Train Signal, Inc., 2002-2007

R1#show ip route Codes: C - connected, S - static Gateway of last resort is not set C 20.0.0.0/8 is directly connected, Ethernet1 C 10.0.0.0/8 is directly connected, Ethernet0

Train Signal, Inc., 2002-2007

Also note that you don't see the mask expressed as "255.0.0.0" - you see it as "/8" instead. This is called prefix notation, and the number simply represents the number of 1s at the beginning of the network mask when it's expressed in binary. That "/8" is pronounced "slash eight".
255.0.0.0 = binary string 11111111 00000000 00000000 00000000 = /8

Train Signal, Inc., 2002-2007

R1#show ip route Codes: C - connected, S - static Gateway of last resort is not set C 20.0.0.0/8 is directly connected, Ethernet1 C 10.0.0.0/8 is directly connected, Ethernet0

Train Signal, Inc., 2002-2007

Static routes are created with the ip route command.

R1(config)#ip route 30.0.0.0 255.0.0.0 ethernet1

Train Signal, Inc., 2002-2007

The routing table now displays a route for the 30.0.0.0 /8 network. The letter "S" indicates a static route.
R1#show ip route Codes: C - connected, S - static C 20.0.0.0/8 is directly connected, Ethernet1 C 10.0.0.0/8 is directly connected, Ethernet0 S 30.0.0.0/8 is directly connected, Ethernet1

Train Signal, Inc., 2002-2007

Video 6 ARP, DNS and DHCP

Train Signal, Inc., 2002-2007

ARP, DNS and DHCP

One Destination, Two Destination Addresses DNS The ARP Process Routers, Broadcasts, and Proxy ARP The DHCP Process Configuring DHCP on a Cisco Router With SDM
Train Signal, Inc., 2002-2007

As network admins, we spend a lot of time concerning ourselves with IP addresses - assigning them, filtering them, etc. We don't think about MAC addresses that often, but data going from Host A to Host B must have a destination IP address for Host B and a destination MAC address as well.
Train Signal, Inc., 2002-2007

To get these two required destination addresses, Host A will use two separate protocols:
Domain Name System (DNS) for the IP address Address Resolution Protocol (ARP) for the MAC address

Host A will require the IP address first, since it must know the IP address of the remote host in order for the ARP process to work properly. Let's take a quick look at the DNS process.

Train Signal, Inc., 2002-2007

Host A will know the computer name of Host B - for this discussion we'll assume that name to be "hostb". Now it needs an IP address and a MAC address for that hostname, and DNS will help it get that IP address. The DNS process is very simple. Each host will have the IP address of a DNS server, and a host needing the IP address of another host will send a DNS Request to the DNS server.
Train Signal, Inc., 2002-2007

The natural question is "How does Host A know the IP address of the DNS server in the first place?" That happens in one of two ways:
The DNS server address is hard-coded on Host A The DNS server address was learned via DHCP

We're going to take a look at DHCP later in this section, but here's the partial output of ipconfig /all on a Windows PC using DHCP. The DNS server IP addresses are in bold.
Train Signal, Inc., 2002-2007

C:\>ipconfig /all Windows IP Configuration Host Name . . . . . . . . . . . Primary Dns Suffix . . . . . . Node Type . . . . . . . . . . . Ethernet adapter Local Area Connection: Connection-specific DNS Suffix Description . . . . . . . . . . Connection Physical Address. . . . . . . . Dhcp Enabled. . . . . . . . . . Autoconfiguration Enabled . . . IP Address. . . . . . . . . . . Subnet Mask . . . . . . . . . . Default Gateway . . . . . . . . DHCP Server . . . . . . . . . . DNS Servers . . . . . . . . . .

. : . : . : Hybrid . : . : Intel(R) 82562V 10/100 Network . . . . . . . . : : : : : : : :

00-17-31-F7-03-B2 Yes Yes 192.168.1.100 255.255.255.0 192.168.1.1 192.168.1.1 68.87.73.242 68.87.71.226 Lease Obtained. . . . . . . . . . : Monday, October 08, 7:23:17 AM Lease Expires . . . . . . . . . . : Tuesday, October 09, 7:23:17 AM

Train Signal, Inc., 2002-2007

In our current network, we have a DNS server that took care of the hostnameIP address resolution, but now we need the MAC address of Host B, and there is no ARP server on the network. Instead, the ARP process uses a series of broadcasts and replies.
Train Signal, Inc., 2002-2007

Host A is the host needing a MAC address of a remote device, so it'll be Host A that sends out the initial ARP Request. This request is a Layer 2 broadcast, meaning....
The source MAC address will be that of Host A The destination MAC address will be ff-ff-ff-ff-ff-ff The source IP address will be that of Host A The destination IP address will be that of Host B (learned via DNS)
Train Signal, Inc., 2002-2007

As network admins, we're always interested in limiting the number of broadcasts on our network. Along those lines, hosts build ARP caches that they consult before sending out ARP Requests. These caches contain an IP address - MAC address mapping table such as the one shown here on a Windows PC with the command arp -a : C:\>arp -a Internet Address 10.1.1.2 Physical Address bb-bb-bb-bb-bb-bb Type dynamic

Train Signal, Inc., 2002-2007

After learning Host B's IP and MAC addresses (MAC addresses are also called "physical addresses" because they physically exist on the network card), Host A would enter them into its ARP cache. The next time Host A needs to send data to Host B, the information needed to do so is right there in the ARP cache and no ARP Request needs to be sent.
Train Signal, Inc., 2002-2007

In that example, all of the devices were on the same physical cable. That's good for an example, but more likely we're going to have something like this:

Train Signal, Inc., 2002-2007

The switch does not impact the ARP process at all. Why? Because switches forward broadcasts, and that's just what the ARP Request is as indicated by its destination MAC address of ff-ff-ff-ff-ff-ff. The switch will send a copy of that ARP Request out every single port except the one it came in on.

Train Signal, Inc., 2002-2007

If Host A sends an ARP Request for Host B's MAC address, we know the switch will forward it, because switches forward broadcasts. The problem comes in with the router, because routers do not forward broadcasts. Instead, the router will use proxy ARP to answer the ARP Request with the MAC address of the router interface that received the original Request.
Train Signal, Inc., 2002-2007

Interestingly enough, Host A has no idea that the MAC address it received in the ARP Response is actually not that of Host B, but rather that of the Ethernet0 interface of the router. All Host A knows is that it sent an ARP Request and got a Response. Now when Host A sends data to Host B, the data will have the following destinations:
IP destination address is Host B's IP address MAC destination address is the one assigned to the router's E0 interface
Train Signal, Inc., 2002-2007

There are also other forms of ARP that operate in today's networks, such as Reverse ARP and Inverse ARP. Those are not protocols you need to know for your CCENT studies -- you'll see them during your CCNA studies. For now, and for the CCENT exam, make sure you know how ARP operates, what it does, and when proxy ARP needs to be used - and that's when there is a router between the two involved hosts.
Train Signal, Inc., 2002-2007

A host's ability to send data to all the required destinations requires quite a bit of information. The host needs to know the following at a minimum...
What's my IP address? What's my network mask? What are the IP addresses of the DNS servers? What's my default gateway?
Train Signal, Inc., 2002-2007

How do we get all of this information to and on our network hosts? We've got two options:
Visit each workstation and configure the information manually Enable each workstation for DHCP

And sooner or later, some of that information is going to change and the hosts will need to know about these changes.
Train Signal, Inc., 2002-2007

If you previously hard coded the information on all of the hosts, you'll now have to go out and visit every workstation again and change the information manually. If you used DHCP to begin with, you now just have to change the information on the DHCP server. DHCP is starting to sound pretty good! When the choice is visiting the hundreds or thousands of hosts on a typical network manually or using DHCP to dynamically handle IP address assignment information, there really is no choice.
Train Signal, Inc., 2002-2007

There are four basic steps that allow a host (the DHCP Client) to acquire all of this information from a DHCP Server. The Client begins the process by sending a DHCP Discover message out. This message is a broadcast, so it will not be forwarded by routers.
Train Signal, Inc., 2002-2007

Any DHCP Server that receives that message will respond with a DHCP Offer. The Offer contains the following:
The IP address the DHCP Server is offering to the Client The network mask the DHCP Server is offering to the Client The amount of time the Client can keep this information if the Offer is accepted (the lease) The IP address of the DHCP Server that is making the offer
Train Signal, Inc., 2002-2007

Since the original DHCP Discovery sent by the host is a broadcast, more than one DHCP Server may see it and respond with an Offer, as shown above. In this case, the host will respond to the first Offer it receives with a DHCP Request. The Request has the IP address of the DHCP Server that sent the accepted Offer. When the other DHCP Server(s) see that their Offer was not accepted, they put the offered IP address back into their address pools. This DHCP Request is also a broadcast.
Train Signal, Inc., 2002-2007

You can see the IP address a host has been assigned, along with the lease length and other information, with ipconfig /all. You can verify that the host is running DHCP with this command as well.

Train Signal, Inc., 2002-2007

C:\>ipconfig /all Network Connection Physical Address. Dhcp Enabled. . . Autoconfiguration IP Address. . . . Subnet Mask . . . Default Gateway . DHCP Server . . . DNS Servers . . .

00-17-31-F7-03-B2 Yes Yes 192.168.1.100 255.255.255.0 192.168.1.1 192.168.1.1 68.87.73.24 68.87.71.22 Lease Obtained. . . . . .. : Monday, October 08, 200x 7:23:17 AM Lease Expires . . . .. . . : Tuesday, October 09, 200x 7:23:17 AM

. . . . . . . . Enabled . . . . . . . . . . . . . . . . . . . .

. . . . . . . .

: : : : : : : :

Train Signal, Inc., 2002-2007

Many Cisco router models can be configured to operate as DHCP servers. On some models, we're limited to using the command-line interface to write the DHCP config, and I'll be the first to say that can be little tricky. Cisco is making a big push toward GUI-based tools, and the GUI we'll look at here is the Security Device Manager (SDM). This tool makes DHCP configurations a breeze! In this lab, we'll use SDM to configure a Cisco router as a DHCP server, and then test that configuration.
Train Signal, Inc., 2002-2007

Video 7 Memory Components And Config Files

Train Signal, Inc., 2002-2007

Memory Components And Config Files

ROM, RAM, NVRAM, And Flash The Boot Process Setup Mode Startup And Running Configuration Files The COPY Command IOS Upgrading The Configuration Register
Train Signal, Inc., 2002-2007

ROM: Read-Only Memory. ROM stores the routers bootstrap startup program, operating system software, and power-on diagnostic test programs (POST). Flash Memory: Generally referred to simply as flash, the IOS images are held here. Flash is erasable and reprogrammable ROM. Flash memory content is retained by the router on reload.
Train Signal, Inc., 2002-2007

RAM: Random-Access Memory. Stores operational information such as routing tables and the running configuration file. RAM contents are lost when the router is powered down or reloaded. By default, routers look here first for an Internetwork Operating System (IOS) file during boot. NVRAM: Non-volatile RAM. NVRAM holds the routers startup configuration file. NVRAM contents are not lost when the router is powered down or reloaded.
Train Signal, Inc., 2002-2007

Some important comparisons:

RAM contents are lost on reload, where NVRAM and Flash contents are not. NVRAM holds the startup configuration file, where RAM holds the running configuration file.

We'll talk about the startup and running configuration files later in this section. Let's take a look at the boot process of a Cisco router, and then talk about the dreaded Setup Mode!
Train Signal, Inc., 2002-2007

When a Cisco router powers up, it first runs a series of POSTs (Power-On Self Test). A POST is a series of diagnostic tests designed to verify the basic operation of the network interfaces, memory, and the CPU.

Train Signal, Inc., 2002-2007

POSTs are particularly effective at detecting major problems early in the boot process, such as a broken fan. If the POST detects such a problem (usually called an "environmental factor") that would cause the router or switch to overheat after booting, the POST will fail, give you a clear message as to why the POST failed, and will then stop the boot process. But let's speak positively here!
Train Signal, Inc., 2002-2007

After the router passes the POST, it looks for a source from which to load a valid Internetwork Operating System (IOS) image. The router has three sources from which it can load an IOS image, and it's a good idea to know these sources and the order in which the router will look in each for that image:
1. Flash memory (the default). 2. A TFTP server. (Trivial File Transfer Protocol) 3. Read-Only Memory (ROM)

Train Signal, Inc., 2002-2007

To change that order, a change must be made to the configuration register. It's similar to the Microsoft Registry in that you should never change this value unless you are sure of the result. Once the IOS is found, the router looks for a valid startup configuration file. By default, the router will look for the startup configuration file in Non-volatile RAM (NVRAM). If there's no startup file there, the router looks for a TFTP Server that has a startup file.

Train Signal, Inc., 2002-2007

If no valid startup configuration file is found, the router enters setup mode, where the router runs the system configuration dialogue, a series of questions involving basic router setup.

Train Signal, Inc., 2002-2007

Believe it or not, when you take a Cisco router or switch out of the box and boot it up for the first time, it's dumber than a bag of rocks. Well, not quite. It's not dumb, you just haven't told it anything yet. A router doesn't magically know what IP addresses you want to assign to its interfaces, what security features you do and do not want to run, or any of your other preferences! We've got two ways to tell it these things:
Setup Mode Manually configuring all of this information at the Command-Line Interface (CLI)
Train Signal, Inc., 2002-2007

We actually have two configuration files running on a router at any time, the startup-config and running-config files. Most of the time they're the same thing, but there is an important difference between the two when you've configured the router but have not yet saved that new configuration.
Train Signal, Inc., 2002-2007

As you go through your Cisco studies and your Cisco career, you'll use the copy command more often than you might think. It's a good idea to remember the command syntax:
The first location is where you're copying from The second location is where you're copying to
Train Signal, Inc., 2002-2007

You can see that the commands copy run start and copy start run are going to have vastly different meanings. That's good to keep in mind for both your exams and working on production networks!
copy run start -- Copying the running config over the startup config copy start run -- Copying the startup config over the running config
Train Signal, Inc., 2002-2007

And why would you ever need them? I've seen three different situations where these backups came in handy. In order of probability:
Network attackers changing or deleting the config An honest mistake made by a network admin Just as any file can become corrupt over time, so can a startup-config file
Train Signal, Inc., 2002-2007

On occasion, the trickiest part of changing a router's IOS image is actually getting the image you want! You can download new IOSes from Cisco's website, but a Cisco Connection Online (CCO) login is not enough. The rules change as to who can and cannot download IOS images, so I won't list those rules here, but you can find out quickly by searching Cisco's site. Just keep in mind that you can't just go out to Cisco's website to download the latest IOS image for your router on a whim.

Train Signal, Inc., 2002-2007

If you have to perform an IOS upgrade, you might be tempted to do so remotely rather than physically visit the client site - until you see the following warning! I've telnetted into a router and issued the copy tftp flash command, and that means we're copying from a TFTP server to the router's Flash.
Train Signal, Inc., 2002-2007

Here's the warning I received, and I've bolded the very, very important part:
BRYANT_AS_5#copy tftp flash **** NOTICE **** Flash load helper v1.0 This process will accept the copy options and then terminate the current system image to use the ROM based image for the copy. Routing functionality will not be available during that time. If you are logged in via telnet, this connection will terminate. Users with console access can see the results of the copy operation. ---- ******** ---[There are active users logged into the system] Proceed? [confirm]

Train Signal, Inc., 2002-2007

As the new IOS is loaded, you'll see a series of exclamation points. It looks like a massive ping, as you can end up with screens of "!". If those exclamation points stop for a few seconds, that's okay, but if they stop and don't restart, there's a problem with the copy.
Train Signal, Inc., 2002-2007

Once you do finish copying the new IOS to Flash, this is one of the rare occasions where you have to reload the router for the change to take effect. Before copying to Flash, though, run show flash to see how much room you have left in Flash! The following output indicates that we don't have much room left on this particular router, so copying a new IOS image to this router without deleting the current one is just about impossible.
Train Signal, Inc., 2002-2007

This has always been an awkward subject for me to teach and write about, because I feel like I'm teaching you something and then telling you never to use the knowledge! One day, you will have to change the config register, most likely to perform a password recovery. I will just give this warning one time: If you change the register to an incorrect value and then reload the router, you can cripple the router and even Cisco can't bring it back.
Train Signal, Inc., 2002-2007

To review these common configuration register settings:

0x2102: The default. Router looks for a startup configuration file in NVRAM and for a valid IOS image in Flash. 0x2142: NVRAM contents are bypassed, startup configuration is ignored. 0x2100: Router boots into ROM Monitor mode.
Train Signal, Inc., 2002-2007

A real-world reminder: When you change the configuration register value to perform password recovery, don't forget to change it back and then reload the router!

Train Signal, Inc., 2002-2007

Video 8 Intro to Wireless Networks (WLANs)

Train Signal, Inc., 2002-2007

Intro to Wireless Networks (WLANs)

Wireless Network Types Standards and Ranges Spread Spectrum Antenna Types CA vs. CD SSIDs and MAC Address Authentication WEP, WPA, and WPA2
Train Signal, Inc., 2002-2007

Wireless networks are created by configuring Wireless Access Points (WAP or AP, depending on documentation). If you're connecting to the Internet or your company's network from a hotel or restaurant, you're connected to a lily pad network. Unlike the physical networks we've discussed previously in this course, the WAPs in a lily pad network can be owned by different companies. The WAPs create hotspots where Internet access is available to anyone with a wireless host - and hopefully, a username and password is required as well!
Train Signal, Inc., 2002-2007

WAPs are not required to create a wireless network. In an ad hoc WLAN ("wireless LAN"), the wireless devices communicate with no WAP involved. Ad hoc networks are also called Independent Basic Service Sets (iBSS or IBSS, depending on whose documentation you're reading).
Train Signal, Inc., 2002-2007

A much more common wireless configuration is an infrastructure WLAN, where a WAP is used to allow multiple devices to connect to the wired network. All communications in an infrastructure WLAN must go through a wireless access point (AP). There are two kinds of infrastructure WLANs, with the most common being the following topology. While a Basic Service Set (BSS) will have a single AP, Extended Service Set WLANs (ESS), have multiple access points.
Train Signal, Inc., 2002-2007

If you've ever used a wireless network while traveling, you were on an ESS. Such a network uses multiple APs to create overlapping areas of coverage, called cells. While your signal may occasionally get weak near the point of overlapping, the ESS allows roaming users to hit the network at any time. (We hope!)
Train Signal, Inc., 2002-2007

We went over three different service set types in that section, so to review:
Independent Basic Service Sets have no APs; the few wireless devices involved interact directly. Basic Service Sets have a single AP. Extended Service Sets have multiple APs, which allow for a larger coverage area than the other two types and also allow roaming users to fully utilize the WLAN.
Train Signal, Inc., 2002-2007

The standards listed here are all part of the 802.11x standards developed by the IEEE. IEEE uses the 802.11 standard to define Wi-Fi overall, but it's a good idea to know the stats for the following. 802.11a has a typical data rate of 25 MBPS, but can reach speeds of 54 MBPS. Indoor range is 100 feet. Operating frequency is 5 GHz. 802.11b has a typical data rate of 6.5 MBPS, but can reach speeds of 11 MBPS. Indoor range is 100 feet. Operating frequency is 2.4 GHz.
Train Signal, Inc., 2002-2007

802.11g has a typical data rate of 25 MBPS, a peak data rate of 54 MBPS, and an indoor range of 100 feet. Operating frequency is 2.4 GHz. 802.11b and 802.11g are compatible to the point where many wireless routers and cards that use these standards are referred to as "802.11b/g", or just "b/g". 802.11n has a typical data rate of 200 MBPS, a peak data rate of 540 MBPS, and an indoor range of 160 feet. Operating frequency is either 2.4 GHz or 5 GHz.

Train Signal, Inc., 2002-2007

Infrared Wireless Infrared wireless offers a high data rate, but a very short range - generally too short to be practical.

Train Signal, Inc., 2002-2007

It's a very good idea to have those maximum speeds, ranges, and frequencies memorized for the exam. For real-world wireless networks, always keep in mind that maximum speeds and ranges are theoretical at best. That's particularly true with wireless networks, which can suffer from unusual and unexpected sources, such as weather, signal attenuation, and popcorn.
Train Signal, Inc., 2002-2007

Popcorn?
You can have trouble with 802.11g from a highly unexpected source. Microwave ovens also share the 2.4 GHz band, and the presence of a microwave in an office can actually cause connectivity issues. (And you thought they were just annoying when people burn popcorn in them!) Solid objects such as walls and other buildings can disturb the signal in any bandwidth. Some wireless phones cause the same problem.
Train Signal, Inc., 2002-2007

Spread Spectrum
This is another one of those "the name is the recipe" terms. Spread spectrum refers to a method of spreading a signal over a range, or spectrum, or frequencies. One popular method is frequency-hopping spread spectrum (FHSS), where the sender and receiver agree on the range of frequencies to use, and during the transmission the signal will be sent over this range.
Train Signal, Inc., 2002-2007

DSSS (Direct Sequence Spread Spectrum) doesn't have the signal hop around between frequencies, but instead spreads the signal over the entire range of frequencies at once. 11.b, 11.g, and 11.n use DSSS. OFDM (Orthogonal Frequency Division Multiplexing) splits the signal and sends the signal fragments over different frequencies at the same time. .11a uses OFDM.
Train Signal, Inc., 2002-2007

Now, why do we go through all this? There are several good reasons to spread a signal:
increased resistance to noise allows sharing of a frequency band more difficult to intercept

Train Signal, Inc., 2002-2007

Antenna Types
A Yagi antenna (technically, the full name is "Yagi-Uda antenna") sends its signal in a single direction, which means it must be aligned correctly and kept that way. Yagi antennas are sometimes called directional antennas, since they send their signal in a particular direction. In contrast, an Omni antenna sends a signal in all directions.
Train Signal, Inc., 2002-2007

Like some other topics we've covered in this course, both of these are known by several different names. Yagis are also known as point-to-point and directional antenna; Omni antennas are also known as omnidirectional and point-to-multipoint antenna.
Train Signal, Inc., 2002-2007

Both Yagi and Omni antennas have their place in wireless networks. The unidirectional signal a Yagi antenna sends makes it particularly helpful in bridging the distance between WAPs. The multidirectional signal sent by Omni antennas help connect hosts to WAPs, including roaming laptop users -- like the ones who connect to the Net while eating lunch!
Train Signal, Inc., 2002-2007

Ethernet has CSMA/CD, and wireless networking has CSMA/CA, Carrier Sense Multiple Access with Collision Avoidance. CSMA/CA works much the same as CSMA/CD
a host that wants to transmit must listen first to see if another host is transmitting if the channel is idle, the host invokes a random timer. When that timer expires, the host listens one more time and then transmits. (A lot more listening with CSMA/CA!) if the channel is busy, the host cannot transmit

Train Signal, Inc., 2002-2007

So what's the real difference between CSMA/CD and CSMA/CA? CA is used on wireless networks, and jam signals will not be sent over a wireless network. Collisions are not detected on a wireless network, they can only be avoided, so we use CSMA/CA instead of CD. Another difference - while Ethernet is capable of fullduplex (simultaneously sending and receiving data), wireless clients are limited to half-duplex.

Train Signal, Inc., 2002-2007

Service Set Identifier (SSID) When you configure a name for your WLAN, you've just configured a SSID. The SSID theory is simple enough - if the wireless client's SSID matches that of the access point, communication can proceed. The SSID is case-sensitive and it has a maximum length of 32 characters.
Train Signal, Inc., 2002-2007

A laptop can be configured with a null SSID, resulting in the client basically asking the AP for its SSID; if the AP is configured to broadcast its SSID, it will answer and communication can proceed. If that broadcasting is disabled, as it often is, the SSID must be statically defined on the client as shown in the previous example.
Train Signal, Inc., 2002-2007

MAC Address Authentication

During your CCNA studies, you learned about a Cisco switch feature called port-based authentication. This authentication scheme allowed a device to successfully authenticate only if its MAC address was considered secure for that particular port. There are WLANs set up to use MAC addresses in a similar fashion. Basically, the AP keeps a list of secure MAC addresses; devices with a secure MAC address can authenticate successfully, while those with a nonsecure MAC cannot.
Train Signal, Inc., 2002-2007

WEP, WPA, And WPA2

These three WLAN security standards are the result of two evolutions:
WEP came first WPA evolved from WEP WPA2 evolved from WPA

There are significant differences between the three, so let's take a look at each while comparing them at the same time.
Train Signal, Inc., 2002-2007

Wired Equivalent Privacy (WEP) has some real problems:

Clear-text keys Static keys (makes passwords easier to guess) One-way authentication (client does not authenticate AP, making it easier for rogue access points to infiltrate the WLAN) Encryption scheme is very easily broken in a matter of seconds
Train Signal, Inc., 2002-2007

WEP supports two forms of authentication, open and shared key. Open authentication is pretty much what it sounds like - the virtual door to an AP is wide open. Any device can authenticate and then open communication with the AP. According to Cisco's website, if both devices are using WEP but the key on the client does not match that of the AP, authentication will succeed but data cannot be successfully passed.
Train Signal, Inc., 2002-2007

The next step in WLAN security was Wi-Fi Protected Access (WPA). WPA works with all wireless NICs, but you may have trouble running it on legacy (old) APs. If you can't run WPA on your APs, it's time to get some new APs.
Train Signal, Inc., 2002-2007

WPA's strengths:
Two-way authentication - AP authenticates the client, client authenticates the AP Dynamic keys and a stronger encryption scheme through use of Temporal Key Integrity Protocol (TKIP, "tee-kip") WPA uses an 8-byte Message Integrity Check (MIC), sometimes called "Michael", to protect against replay attacks, spoofing, and man-in-the-middle attacks. WPA uses 802.1x or pre-shared keys (PSK) for authentication
Train Signal, Inc., 2002-2007

Some additional details regarding TKIP:

The use of TKIP made it possible to use legacy ("old") hardware that had originally been created with WEP in mind. Both WEP and TKIP use the RC4 stream cipher for encryption, but TKIP protects RC4 keys via perpacket key mixing, which results in every packet having a unique encryption key

Train Signal, Inc., 2002-2007

WPA requires the use of a passphrase rather than a password. The recommended length of a passphrase is 20 - 30 characters, which will immediately have some users running WEP simply because WEP allows a short password to be configured.
Train Signal, Inc., 2002-2007

There are other potential issues with WPA:

There's always the legacy issue to consider when it comes to backwards compatibility, but at this point, you should strongly consider replacing WLAN equipment that does not support WPA or a later, stronger solution. There's a potential issue with "Michael" (MIC). Access points that run WPA will shut down their Basic Service Set if it receives two packets, one right after the other, that has a bad MIC. A DoS attack specifically designed to counteract Michael can take advantage of this situation.
Train Signal, Inc., 2002-2007

Another potential issue lies with the use of pre-shared keys (PSK). If a small passphrase is allowed and then intercepted, a dictionary attack can be run by an attacker, resulting in a compromised passphrase.

Train Signal, Inc., 2002-2007

Here's what happened next:

After WPA was ratified by the Wi-Fi Alliance, the IEEE came out with 802.11i. After the IEEE came out with .11i, the Wi-Fi Alliance came out with WPA2.

The good news: .11i and WPA2 are fully compatible and interoperable.
Train Signal, Inc., 2002-2007

That's about it for this introduction to WLANs! I've probably gone into more detail here than you'll need for the CCENT, but with wireless LANs growing rapidly in popularity, you need to know as much about WLANs as you possibly can. You will see more about WLANs in your CCNA studies, but even if you choose not to progress past the CCENT, do yourself a favor and continue your studies of wireless networking. Your career will thank you for it!
Train Signal, Inc., 2002-2007

Video 9 Binary Math and Subnetting

Train Signal, Inc., 2002-2007

Binary Math and Subnetting

The Secret (Of Binary Success, That Is) Decimal > Binary, Binary > Decimal Subnetting Basics Calculating Number of Valid Subnets Prefix Notification Calculating Number of Valid Hosts Calculating Number of Valid IP Addresses in a Given Subnet Calculating the Subnet Number of a Given IP Address Meeting Stated Design Requirements
Train Signal, Inc., 2002-2007

Class A: Class B: Class C: Class A: Class B: Class C:

1 - 126, 8 NW Bits, 24 Host Bits 128 - 191, 16 NW Bits, 16 Host Bits 192 - 223, 24 NW Bits , 8 Host Bits 255.0.0.0 255.255.0.0 255.255.255.0

Train Signal, Inc., 2002-2007

Determining The Number Of Valid Subnets

Number of subnets = (2 squared by the number of subnet bits) Now here's the interesting part: You *may* need to subtract 2 from that result to get the correct answer.

You should subtract 2 from the result if:

You see the no ip subnet-zero command in the configuration. This command will appear near the top of the router configuration. The routing protocol is classful, and that means RIPv1 or IGRP.
Train Signal, Inc., 2002-2007

You should not subtract 2 from the result if:

The classless protocols RIPv2, EIGRP, or OSPF are in use. The term "VLSM" for "Variable-Length Subnet Masking" is used.

The ip subnet-zero command appears in the configuration. This is the default setting, and you'll see it near the top of the router configuration: username R1 password 0 CCNA ip subnet-zero no ip domain-lookup
Train Signal, Inc., 2002-2007

Prefix Notation
Prefix notation is a quicker way of stating what the subnet mask of a network is. Note that the subnet mask consists of a number of consecutive 1s. Prefix notation is simply a slash followed by the number of 1s in the subnet mask. The subnet mask 255.255.255.0 is instead referred to as slash 24 when spoken, or /24 when written. This is the generally accepted way subnet masks are spoken and written about.
Train Signal, Inc., 2002-2007

Review the rules for network, subnet, and host bits:

A. The rules for Class A, Class B, and Class C determine the network portion. B. Compare the remaining bits of the default and actual mask. The portion where the Default Mask and Subnet Mask both have zeroes is the host bits portion of the address. C. The remaining bits where the Default Mask has zeroes but the Subnet Mask has one are the subnet bits. These are the bits that are being borrowed from the host bits.
Train Signal, Inc., 2002-2007

Determining The Number Of Valid Hosts

To determine the number of valid hosts, a somewhat similar formula is used:

Valid Hosts On A Subnet = (2 squared by number of host bits) 2

Thankfully, we always subtract the two when determining the number of valid hosts on a subnet.

Train Signal, Inc., 2002-2007

Determining The Subnet Number Of A Given IP Address

Given an IP address and subnet mask, determining the subnet it resides on is accomplished by performing a Boolean AND operation. First, the IP address and its subnet mask will be converted to binary. The Boolean AND is simply a bit-by-bit comparison of the address and the subnet mask. If both bits are 1, the result of the Boolean AND is 1. If a 0 is set for that bit on either the subnet mask or IP address, or both, the result of the AND is a 0.
Train Signal, Inc., 2002-2007

Determining The Range Of Valid Host Addresses On A Subnet To determine the range of valid host addresses on a subnet, first determine how many overall host addresses are on that subnet. The first address in the range is the network number and is not a valid host address; the final address in the range is the broadcast address for that subnet and is not a valid host address. All addresses between the two are valid host addresses.
Train Signal, Inc., 2002-2007

Meeting Stated Design Requirements

Consider this question:
Your network uses Class B network 165.10.0.0. You need at least 150 subnets that have no more than 200 hosts apiece. Which of the following subnet masks should you use? Remember the formulas for determining the number of subnets, or the number of valid hosts per subnet:
Number of subnets = (2 to the nth power), where n equals the number of subnet bits. Number of valid hosts on a subnet = (2 to the nth power) 2, where n equals the number of host bits.
Train Signal, Inc., 2002-2007

Watch Our For Overlapping Networks!

You could see something like this on your exam, but this word of advice is valuable for your real-world experiences - when you're building on someone else's subnetting scheme, watch out for overlapping networks. By overlapping networks, I mean two subnets in the same network that are "overlapping" and therefore using the a few of the same IP addresses. This is particularly true when you're left with a few address blocks from a subnetting scheme that you didn't create. Let's use the following network for an example.
Train Signal, Inc., 2002-2007

50-host network address range: 10.1.1.65 - 10.1.1.126 Range for 10.1.1.0 /25 network: 10.1.1.1 - 10.1.1.126 - Overlaps With Preexisting Subnet! Range for 10.1.1.128 / 25 network: 10.1.1.129 - 10.1.1.254 - Does Not Overlap With The 50-host network.
Train Signal, Inc., 2002-2007

Video 10 Static Routing And RIP

Train Signal, Inc., 2002-2007

Static Routing And RIP Static Routing Theory and Labs RIP Routing Theory and Labs show ip protocols, show ip route rip, debug ip rip, And More!

Train Signal, Inc., 2002-2007

For this example and all others in this course, the last octet of the IP address for any physical interface will be the router number. That's a good habit to get into for your home lab studies as well. For loopbacks, we'll use the router number for each octet.
The networks used in this section: Frame Relay (Serial interfaces, all routers): 172.16.123.x /24 R2's loopback interface: 2.2.2.2 /24 R3's loopback interface: 3.3.3.3 /24

Train Signal, Inc., 2002-2007

We're going to use pings to test IP connectivity throughout this section. When you ping a remote IP address, you're sending five ICMP Echo packets to the IP address you specify. If we get five ICMP Echo Replies in return, you'll see five exclamation points, and that means you do have IP connectivity to the specified destination.
Train Signal, Inc., 2002-2007

WARNING: Do NOT practice debugs on a production network. Some debugs, especially debug ip packet, can overwhelm a router or switch CPU and render the device unable to route or switch. It's important to know how the debug output will look when things are running correctly, because that's the only way to know what you're looking for when things aren't running correctly. If you have a home lab, make sure to run plenty of debugs as you work but never practice them at work.
Train Signal, Inc., 2002-2007

Since we're in the static routing section of the course, let's choose a static route! We use the ip route command to create static routes, and we actually have two more choices when it comes to static routes. We can create...
A static route to a given host or destination network A default static route, which will be used when there is no other match in the routing table for a destination network
Train Signal, Inc., 2002-2007

At this point in the ip route command, you must specify one of these two values:
The local router's exit interface type (NOT the IP address) The remote router's IP address that we want to send that packet t
Train Signal, Inc., 2002-2007

When you send pings, it's not enough for the local router to have connectivity to the remote network - the downstream routers need connectivity to that remote network as well!

Train Signal, Inc., 2002-2007

The syntax for a default static route looks a bit odd, so be ready to identify it on the exam:
R1#conf t Enter configuration commands, one per line. End with CNTL/Z. R1(config)#ip route 0.0.0.0 0.0.0.0 172.12.123.2

Both the destination network and the mask are all zeroes in a default static route. As with a "regular" static route, we have the option of configuring a next-hop IP address or the local router's exit interface.
Train Signal, Inc., 2002-2007

Default static routes serve two major purposes, one of which we've just seen - we can send data to networks that have no specific entry in the routing table. This also helps to keep routing tables concise and complete, and as you advance in your Cisco studies, you'll learn that it's important to control the size of the routing table while keeping it complete.
Train Signal, Inc., 2002-2007

Static routes have their place, but they're not terribly scalable. Scalability refers to a network feature or protocol's ability to remain useful without a great deal of manual intervention as the network grows, and it's a term you'll hear often in your Cisco studies and your real-world job. Static routes do not dynamically adapt to network changes, and they can be a pain to keep up with as your network grows. That's why they're not considered very scalable.
Train Signal, Inc., 2002-2007

A better choice for routing is the use of dynamic routing protocols. You've probably heard of one or more of the following:
RIP (Routing Information Protocol) IGRP (Integrated Gateway Routing Protocol) EIGRP (Enhanced Integrated Routing Protocol) OSPF (Open Shortest Path First)

Train Signal, Inc., 2002-2007

There are two versions of RIP, and while you're almost always going to run the more recent of the two, you need to know about them both for the exams and just in case you do run into the original version in the field. We're going to use almost the same network we used in the static route discussion here in our RIP discussion, with the only difference being an additional loopback address, 1.1.1.1, added to R1.
Train Signal, Inc., 2002-2007

Why change the default? Version 1 is quite limited in that it is a classful protocol, while Version 2 is a classless protocol. This is one time when it's good to be classless! In your CCNA studies, you'll be introduced to manual route summarization and variable-length subnet masking (VLSM). I won't show you those advanced skills now because we need to concentrate on the basics, but I do want you to know that RIPv1 does not support either of those, while RIPv2 supports both.
Train Signal, Inc., 2002-2007

RIPv1: classful, no VLSM, no manual route summarization RIPv2: classless, VLSM support, manual route summarization support
To force RIP to send and receive only v2 updates, use the version 2 command under the RIP process.
Train Signal, Inc., 2002-2007

The incoming update from R1's serial0 interface mentions "hops" several times, where the outgoing update mentions a "metric". They're actually the same thing. Both versions of RIP use hop count for their metric, a measurement of how far it is to a remote destination. That's a serious limitation for RIP when it comes to Wide Area Networks (WANs), because RIP will consider both paths in the following example to have the same metric.
Train Signal, Inc., 2002-2007

Video 11 Wide Area Networks (WANs)

Train Signal, Inc., 2002-2007

100

Wide Area Networks (WANs)

Physical Side of WANs Directly Connecting Cisco Routers Via Serial Interfaces HDLC and PPP Intro to Frame Relay RFC 1918 Addresses, NAT and PAT Intro to ATM Modems and DSL Variations
Train Signal, Inc., 2002-2007

The Physical Side Of WANs

Going back to the previous illustration, one reason we refer to the WAN connection as a "cloud" is that we don't know exactly what hardware is in use in the WAN, and we're not responsible for it - that's up to the service provider, the company that sells WAN services such as Frame Relay. What we are responsible for are the routers you see in that diagram, and our routers are going to have to communicate with one of the service provider's devices. The service provider's half of this communication is an external channel service unit / data service unit, which thankfully is referred to as a CSU/DSU.

Train Signal, Inc., 2002-2007

At some point, the responsibility for the physical devices passes from us as network admins to the service provider. This is the demarcation point, typically referred to as the demarc point. In theory, the demarc point is easy to define; when you're arguing with the service provider on a Friday afternoon when everyone wants to go home, the exact location of the demarc point suddenly becomes a huge point of contention.
Train Signal, Inc., 2002-2007

101

Theoretically, the demarc point is found at the CSU/DSU. The cable leading from the CSU/DSU to the router and the CSU/DSU itself is considered to be the customer's equipment and responsibility. That's us! All cabling on the "other side" of the CSU/DSU, along with the hardware in the WAN cloud, is the service provider's equipment.
Train Signal, Inc., 2002-2007

The CSU/DSU fills the router in on a very important piece of information, the clock rate. When the CSU/DSU does this, it's basically telling the router "here's how quickly you can send and receive data". Later in this section, we'll simulate a point-to-point link on a Cisco router and you'll see the command that allows a Cisco router to give another router this vital information.
Train Signal, Inc., 2002-2007

When it comes to the clockrate:

The Data Communications Equipment (DCE) provides the clockrate The Data Terminal Equipment (DTE) receives the clockrate. By default, a Cisco router acts as a DTE.

Train Signal, Inc., 2002-2007

102

We're going to discuss two common WAN protocols in just a moment, and I want you to see the show commands that verify these protocols. To do so, we're going to use a configuration that isn't common in real life, but is very common in home labs. We're going to use two Cisco routers that are directly connected at their Serial0 interfaces, which means that one must serve as the DCE. We also need a special cable, the aptly-named DTE/DCE cable.
Train Signal, Inc., 2002-2007

After connecting the cable to the respective routers, use show controller serial x to ensure the router sees the cable as a DCE or DTE. You will see a great deal more output than this when you run this command, but the information that's important to us right now is at the very top.
R3#show controller serial 1 HD unit 1, idb = 0x1C44E8, driver structure at 0x1CBAC8 buffer size 1524 HD unit 1, V.35 DCE cable

Train Signal, Inc., 2002-2007

Here's what show interface serial 1 on R1 reveals before the clockrate command is configured:
R1#show interface serial 1 Serial1 is up, line protocol is down Hardware is HD64570 Internet address is 172.12.13.1/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation HDLC, loopback not set

Train Signal, Inc., 2002-2007

103

When you see the physical interface up and the line protocol down, there's some kind of logical problem with the interface. In this case, the DTE side is not receiving the required clockrate. Once we do configure the clockrate on the DCE's Serial1 interface, the line protocol comes up and stays up. No reset or reload is needed.
Train Signal, Inc., 2002-2007

I know I've mentioned this already during the course, but this truly bears repeating as it's a fundamental rule of troubleshooting:
If the interface shows as administratively down, it's simply shut down manually and needs to be opened. If the interface shows as down, there's a physical problem, perhaps a loose cable. If the interface is up but the line protocol is down, that means the interface is physically fine but there's a logical issue, generally an encapsulation mismatch or missing clockrate.
Train Signal, Inc., 2002-2007

Real-world hint: If you're troubleshooting a line protocol issue and you see the line protocol come up, make sure to stick around for a minute and make sure it stays up. Also, the line protocol may show as up for about 20 seconds or so after you first open a Serial interface, but stick around and make sure it stays up.
Train Signal, Inc., 2002-2007

104

HDLC and PPP are the two data-link (Layer 2) protocols to consider when choosing an encapsulation method across a serial point-to-point link. The version of HDLC that runs on Cisco routers is Cisco-proprietary, making it unsuitable for multivendor environments. If RouterA is a Cisco router running HDLC, the only way the line protocol can come up is if the remote router is also a Cisco router running HDLC.
Train Signal, Inc., 2002-2007

There are major points of distinction between the two. First, HDLC is the default encapsulation for a Cisco serial interface. Here's the output of show interface serial 1 from the previous discussion. The encapsulation is defaulting to HDLC.
Train Signal, Inc., 2002-2007

PPP allows data compression to be configured, where HDLC does not. Compression is performed on data before it's sent across the WAN, and the data then uses less bandwidth to send the data across the WAN. PPP multilink allows multiple physical channels to be bundled into a single logical channel. HDLC offers no multilink capability. PPP allows the use of two authentication schemes for point-to-point links (PAP and CHAP), which HDLC does not support either of these.
Train Signal, Inc., 2002-2007

105

To review:
HDLC is the default encapsulation on a Cisco router's Serial interface. PPP has features that allow the use of authentication and data compression. PPP also allows multilink bundling, where HDLC does not.
Train Signal, Inc., 2002-2007

An Introduction To Frame Relay Frame Relay's got three things going for it that endears it to network admins:
it's cheap it's reliable it's cheap and reliable

Train Signal, Inc., 2002-2007

In the case of Frame Relay, we call our friendly Frame Relay Service Provider and tell him where our routers are, and how much bandwidth we're willing to pay for. The provider then configures some of his frame relay switches, gives us a few numbers to add to our router configuration, and we're all set! The frame relay service provider guarantees a certain amount of bandwidth will be available to a given user at any time. The more guaranteed bandwidth desired, the more it costs, but its still cheaper than a dedicated point-to-point link. This guaranteed bandwidth is referred to as the committed information rate (CIR).

Train Signal, Inc., 2002-2007

106

Frame relay is a packet-switching protocol. The packets may take different physical paths to the remote devices, at which point they will be reassembled and will take the form of the original message. In contrast, circuit-switching protocols have dedicated paths for data to travel from one point to another.
Train Signal, Inc., 2002-2007

There are two types of virtual circuits, one much more popular than the other. A permanent virtual circuit (PVC) is available at all times, where a switched virtual circuit (SVC) is up only when certain criteria are met. You're going to see PVCs in most of today's networks, and we'll build some during your CCNA studies.
Train Signal, Inc., 2002-2007

You were introduced to the three RFC 1918 private address ranges in the IP Addressing section, but let's review them here:
Class A: 10.0.0.0 - 10.255.255.255 (10.0.0.0 /8) Class B: 172.16.0.0 - 172.31.255.255 (172.16.0.0 /12) Class C: 192.168.0.0 - 192.168.255.255 (192.168.0.0 /16)

Train Signal, Inc., 2002-2007

107

You also learned that these addresses are not routable - without any additional help, hosts with these addresses will not be able to communicate with any other hosts outside their private network. That means no internet access and no communication with other hosts across the LAN!

Train Signal, Inc., 2002-2007

The actual NAT and PAT translation table can be viewed with the command show ip nat translation. Even if you're running PAT, the commands will still reference NAT.
R3#show ip nat translations Pro Inside global Inside local --- 210.1.1.2 10.5.5.5 --- 210.1.1.3 10.5.5.6 --- 210.1.1.4 10.5.5.7 Outside local ------Outside global -------

Train Signal, Inc., 2002-2007

Notice those four terms in the translation table - "inside global", "inside local", and so forth? Here's what they mean: Inside local addresses are used by hosts on the inside network to communicate with other hosts on that same network. These are the addresses that are actually configured on the hosts, and generally they are RFC 1918 private addresses. These inside local addresses are translated into inside global addresses. Inside global addresses are routable addresses. In the following example, 10.2.2.2 is the inside local address and 210.1.1.2 is the inside global address.
Train Signal, Inc., 2002-2007

108

Outside global addresses are the addresses that are configured on the outside hosts. These are fully routable addresses used by Internet-based hosts. Finally, outside local addresses are the actual addresses of remote hosts. These can be (and probably are) RFC 1918 addresses as well.
Train Signal, Inc., 2002-2007

What follows is strictly an overview of some other WAN communication methods, and with ATM, it's really an overview! Configuration of ATM is far beyond the scope of the CCENT and CCNA exams, but it's a good idea to know the basics. The Asynchronous Transfer Mode (ATM) is unique in that it does not handle frames, as Frame Relay does. ATM places data into cells, and all ATM cells are exactly the same size, 53 bytes - 48 bytes of data and a 5-byte header.
Train Signal, Inc., 2002-2007

Remember the Frame Relay switches that made up the Frame Relay cloud? ATM works along the same lines in that the service provider maintains ATM switches. ATM networks are much faster than Frame Relay networks, but are more expensive to build and maintain. That includes the need for specialized hardware. You can't just sit down and configure ATM on a Cisco serial interface as you could Frame Relay - you'll need special interfaces to use ATM.
Train Signal, Inc., 2002-2007

109

Some ATM documentation says that ATM is a packet-switching service like Frame Relay, and technically that's true, but more commonly you'll hear ATM referred to as cell-switching. After all, that's what ATM switches!

Train Signal, Inc., 2002-2007

On the other end of the speed spectrum, we've got modems - and yes, they're still out there! In the previous CSU/DSU illustrations, a modem could and sometimes does take the place of the CSU/DSU. The word "modem" actually comes from the two operations they carry out:
Modulation, the process of translating digital signals into analog signals that can be carried over a phone line Demodulation, the process of translating those analog signals back into digital signals that the receiving device can understand

Train Signal, Inc., 2002-2007

The two real drawbacks of modems are:

They're not as fast as other methods They tie up the phone line, and other calls cannot be made while the modem is using the line

Train Signal, Inc., 2002-2007

110

Asymmetrical DSL works under the assumption that the user will download more information than they send, and for the average Internet user, that's a safe assumption. The connection speed from the provider to the user is going to be 3 - 4 times faster than the speed from the user to the provider. A typical ADSL connection of 512 kbps will give the user 384 KBPS download capabilities, but only 128 KBPS uploading capability. ADSL allows a telephone call and internet access simultaneously.
Train Signal, Inc., 2002-2007

ADSL uses several different modulation methods, but the most well-known is G.lite (also known as G.922.2), which requires no splitter at the customer location. The customer simply hooks up a G.lite modem in the same way an old-fashioned analog modem would be installed. G.lite's limitation is speed - where standard ADSL can offer 8 MBPS download speed and 1.5 upload speed, G.lite's maximum capability is 1.5 MBPS downloading and 512 KBPS uploading. The key is that while G.lite is slower than true ADSL, it's still a lot faster than the dialup options available to today's home users.

Train Signal, Inc., 2002-2007

The distance limitation of ADSL must be taken into account as well. Officially, there's an 18,000-foot limitation on ADSL services, but most ISPs put a lower limit on ADSL to avoid poor quality service for those near the end of the cable. Of course, that limitation is for data transmission, not voice. Since we have asymmetric DSL, it makes sense that we'd have symmetric DSL (SDSL) as well. The term "symmetric" refers to the fact that the sending and receiving speed are the same. The drawback is that the phone cannot be used while SDSL is in use.
Train Signal, Inc., 2002-2007

111

Two less-common DSL flavors: Very High Bit-Rate DSL (VDSL) has the capability to deliver speed up to 52 MBPS. That's am amazing speed to deliver over copper wire, but there's a drawback - VDSL over copper has a maximum distance of 4000 feet. As more fiber-optic cable is installed by the telephone companies, VDSL is becoming available in more communities as the distance issue is resolved by the use of fiber.

Train Signal, Inc., 2002-2007

Rate-Adaptive DSL (RADSL) is just what it sounds like - the software calculates the maximum download and upload speeds on the customer's preexisting phone line and dynamically adjusts those rates.

Train Signal, Inc., 2002-2007

Video 12 Troubleshooting

Train Signal, Inc., 2002-2007

112

Troubleshooting
Where to Begin Cisco Discovery Protocol (CDP) L1 and L2 Troubleshooting LAN Troubleshooting WAN Troubleshooting Extended Ping and Traceroute Telnet and SSH Review and Maintenance Commands Administrative Distance The Real Key to Troubleshooting
Train Signal, Inc., 2002-2007

When you begin troubleshooting, make sure everything's working at the Physical layer of the OSI model. That's a formal way of saying
Is this thing on? Is the right cable in use? Has the cable come loose just enough to bring things down?
Train Signal, Inc., 2002-2007

That first bullet point is self-explanatory, so I'll leave that one alone. When it comes to the right cable, remember the basics:
Crossover cables are required to connect switches for trunking Rollover cables are required to connect a laptop to the Console port of a router, and you may need an adapter to use a rollover cable with your laptop

Train Signal, Inc., 2002-2007

113

You can check a Cisco device's physical connections with Cisco Discovery Protocol, which runs by default on Cisco routers and switches, both globally and on a per-interface level.

Train Signal, Inc., 2002-2007

For security purposes, many admins choose to disable CDP. Here's the command to see if CDP is indeed running on a router or switch:
Router1#show cdp Global CDP information: Sending CDP packets every 60 seconds Sending a holdtime value of 180 seconds Sending CDPv2 advertisements is enabled

Train Signal, Inc., 2002-2007

That output means that CDP is indeed enabled. If you see the following, it's off. But you didn't need me to tell you that! Router1#show cdp % CDP is not enabled Router1#
Train Signal, Inc., 2002-2007

114

Device ID is the remote device's hostname. Local Interface is the local switch's interface connected to the remote host. Holdtime is the number of seconds the local device will retain the contents of the last CDP Advertisement received from the remote host.

Train Signal, Inc., 2002-2007

Capability shows you what type of device the remote host is. The first two connections are to a switch, and the third is to a router. Platform is the remote device's hardware platform. The top two connections are to a 2950 switch, and the third is to a 2520 router. Port ID is the remote device's interface on the direct connection.
Train Signal, Inc., 2002-2007

When an interface is functioning correctly, this is what we see at the top of the show interface output.
Router1#show int serial0 Serial0 is up, line protocol is up

Train Signal, Inc., 2002-2007

115

Of course, if the interface looked like that, we wouldn't be troubleshooting, would we? Let's take a look at common show interface outputs that do indicate a problem, along with the solutions for these issues.
Router1#show int serial0 Serial0 is administratively down, line protocol is down
Train Signal, Inc., 2002-2007

This one's easy! administratively down means the interface is indeed shut down. Open the interface with no shutdown. Router1(config)#int serial0 Router1(config-if)#no shut
Train Signal, Inc., 2002-2007

Always give the line protocol a minute or so to come up after opening a serial interface.
Router1#show interface serial0 Serial0 is up, line protocol is up

Train Signal, Inc., 2002-2007

116

Success! Let's look at another potential readout:

Router1#show interface serial 0 Serial0 is down, line protocol is down

Train Signal, Inc., 2002-2007

After plugging this loose cable back in ....

Router1# 20:14:47: %LINK-3-UPDOWN: Interface Serial0, changed state to up 20:14:48: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up
Train Signal, Inc., 2002-2007

There's one other reason a port can be down physically, and you saw this in the Switching section:
SW2#show int fast 0/3 FastEthernet0/3 is down, line protocol is down (err-disabled)

Train Signal, Inc., 2002-2007

117

There's one more physical / line protocol combination we have to be ready to troubleshoot:
Router1#show int serial 0 Serial0 is up, line protocol is down

Train Signal, Inc., 2002-2007

If a switch encounters a problem while you're configuring it, it's probably because you just misconfigured something. Undo what you just did. The same goes for routers. No big deal, just fix it. Simple, right? Right!
Train Signal, Inc., 2002-2007

If we were still not able to ping between those two hosts, I would check the VLAN port membership on the switches with show vlan brief. You'll see more of this in your CCNA studies, but remember - if hosts are in different VLANs, they will not be able to send IP packets to each other without a Layer 3 device being involved.
Train Signal, Inc., 2002-2007

118

Just with that simple network, we ran into quite a few things that could have been the cause of the issue:
Ethernet interface not open Ethernet interface had no IP address Hosts in different VLANs Loose cable (show interface verified the physical cable was fine)
Train Signal, Inc., 2002-2007

For real-world PC troubleshooting, you can run ipconfig /all to check a host's IP address, network mask, DNS server location, and much more. This is where I always start troubleshooting when a PC can't access network resources. The CCENT exam is not a PC troubleshooting exam, but since we do spend a good amount of time working with PCs as network admins, it's a good idea to be very familiar with the output of this command.
Train Signal, Inc., 2002-2007

Here are some other Microsoft PC commands you may find helpful: ipconfig /release will release the PC's DHCPassigned information. ipconfig /renew will actively ask the DHCP server(s) for an IP address and other information needed for LAN connectivity, including DNS server location.
Train Signal, Inc., 2002-2007

119

netstat -rn displays the host's routing table. Yes, PCs have routing tables! It's my experience that ipconfig /all is the best place to begin troubleshooting at the PC level - but don't forget to check the cables first!

Train Signal, Inc., 2002-2007

Telnet And SSH

We discussed both of these tools in depth in another section, so I won't do so again here. A couple of things to watch with both Telnet and SSH:
Cisco routers do not allow users to connect via Telnet or SSH by default. A password must be set on the VTY lines.
Train Signal, Inc., 2002-2007

Users who connect to a router via Telnet or SSH will by default be put into user exec mode, and for those users to have access to enable mode, an enable password must be set, *or* you must configure the privilege level 15 command on the VTY lines - that will place the incoming user into enable mode immediately upon VTY authentication. Telnet sends all data in clear text; SSH encrypts all data, including passwords, but SSH does require more configuration and possible extra hardware, depending on the size of the deployment.
Train Signal, Inc., 2002-2007

120

If you have multiple Telnet sessions open, you can run show sessions to get basic information about each one.
BRYANT_ADVANTAGE_2#show sessions Conn Host Address Byte 1 blondie 100.1.1.1 0 2 angeleyes 110.1.1.1 4 * 3 tuco 120.1.1.1 0
Train Signal, Inc., 2002-2007

Idle 1 1 0

Conn Name blondie angeleyes tuco

To reconnect to any given Telnet session, you can use the resume command followed by the connection number, or just enter the connection number. To resume the connection to tuco, you could enter resume 3 or just the number 3.
BRYANT_ADVANTAGE_2#3 [Resuming connection 3 to tuco ... ]
Train Signal, Inc., 2002-2007

To suspend the open session, use this key combination: < CTRL - ALT - 6 >, followed by < X >

Train Signal, Inc., 2002-2007

121

To disconnect any open session, use the disconnect command followed by the connection number. You will be prompted to confirm this request.
BRYANT_ADVANTAGE_2#disconnect 2 Closing connection to angeleyes [confirm]

Train Signal, Inc., 2002-2007

We could use show sessions to verify, but we'll use the where command instead. show sessions and where do the exact same thing, so watch that on exam day!
BRYANT_ADVANTAGE_2#where Conn Host Address 1 blondie 100.1.1.1 * 3 tuco 100.1.1.1 Byte 0 4 Idle Conn Name 8 blondie 1 tuco

Train Signal, Inc., 2002-2007

Ping And Traceroute You've seen "regular ping" throughout the course, and that strange phrasing may make you wonder "What do you mean, regular ping?" The ping we've seen throughout the course simply specified a destination IP address, and we received one of three returns so far:
Train Signal, Inc., 2002-2007

122

!!!!! -- IP connectivity to destination exists ..... -- IP connectivity to destination does not exist U.U.U -- The local router has a route to the destination, but a downstream router does not
Train Signal, Inc., 2002-2007

Router1#traceroute 208.109.62.234 Type escape sequence to abort. Tracing the route to 208.109.62.234 1 73.141.64.1 8 msec 8 msec 12 msec 2 68.86.174.161 12 msec 12 msec 12 msec 3 68.86.172.6 12 msec 12 msec 12 msec 4 68.86.172.85 12 msec 12 msec 12 msec 5 67.17.194.98 12 msec 12 msec 16 msec 6 67.17.194.97 24 msec 16 msec 16 msec 7 64.214.196.22 76 msec 76 msec 76 msec 8 66.235.224.6 80 msec 80 msec 76 msec 9 208.109.112.137 76 msec 80 msec 76 msec 10 208.109.112.161 80 msec 80 msec 76 msec 11 208.109.112.145 80 msec 76 msec 80 msec 12 208.109.112.173 80 msec 80 msec 76 msec 13 * * * 14 * * * 15 * * * 16 * * *
Train Signal, Inc., 2002-2007

By the way, if you just let those asterisks keep coming, you're going to see 30 rows of them. If you're running this command and someone else is there, they're going to ask the musical question:
"Is it supposed to be doing that?"
Train Signal, Inc., 2002-2007

123

At the beginning of the traceroute output, the router says "Type escape sequence to abort." Did you also notice that the router doesn't tell you what the sequence is? ARRRGH!!! That can be pretty frustrating and/or embarrassing, so I'll tell you what that sequence is. Don't tell anybody else, it's our secret: < CTRL - SHIFT - 6>

Train Signal, Inc., 2002-2007

Microsoft offers a version of traceroute as well - use the tracert command to see the options.
C:\>tracert Usage: tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] target_name Options: -d Do not resolve addresses to hostnames. -h maximum_hops Maximum number of hops to search for target. -j host-list Loose source route along host-list. -w timeout Wait timeout milliseconds for each reply.
Train Signal, Inc., 2002-2007

Consider this routing table:

D R O 191.168.32.0/26 [90/25789217] via 40.1.1.1 191.168.32.0/24 [120/4] via 50.1.1.2 191.168.32.0/19 [110/229840] via 60.1.1.3 (D = EIGRP route) (R = RIP) (O = OSPF)

Train Signal, Inc., 2002-2007

124

What if the routes for a destination are all the same? Consider the same table, but with subnet masks of the same length for each protocol.
D R O 191.168.32.0/24 [90/25789217] via 10.1.1.1 191.168.32.0/24 [120/4] via 10.1.1.2 191.168.32.0/24 [110/229840] via 10.1.1.3

Train Signal, Inc., 2002-2007

Two key points about administrative distance:

AD is a measure of a route's believability. The lower the AD, the more believable the route. This is one time when bigger is NOT better! AD only comes into play when there is a tie in the "longest match" route comparison, as shown previously.
Train Signal, Inc., 2002-2007

Route Source Directly Connected Static EIGRP Summary Internal EIGRP IGRP OSPF ISIS RIP External EIGRP iBGP

Administrative Distance 0 1 5 90 100 110 115 120 170 200

Train Signal, Inc., 2002-2007

125

The Real Keys To Becoming A World-Class Troubleshooter

Learning to troubleshoot networks is just that - a learning experience. I've been in IT for well over a decade and I learn something new every day. I have always loved troubleshooting, and I can tell you this from personal experience: Troubleshooting is all about knowing the fundamentals *and* having a structured approach. Learn the fundamentals, develop your own approach, and you will be totally unstoppable in both the exam room and dealing with real-world networks.
Train Signal, Inc., 2002-2007

Video 13 Introduction to Network Security

Train Signal, Inc., 2002-2007

Introduction to Network Security Firewalls and Proxy Servers The Attackers Arsenal Intro to PIX, ASA, IDS, and IPS Viruses, Worms, and Trojan Horses Preventing Virus Attacks One Final Cisco Secret A Final Word
Train Signal, Inc., 2002-2007

126

Firewalls
A firewall is your basic protection against Internet-based attackers. A firewall is a physical device that filters packets heading for your network, and those filters are set to block attempts to harm your network. The firewall shown in the following illustration is generally where you see them in networks between the inside network / end users and the Internet.
Train Signal, Inc., 2002-2007

protocol ("don't allow any IPX traffic") source IP address ("don't allow any traffic from the 172.10.1.0 /24 network to exit the network") port number ("don't allow any traffic sourced from port 23 to enter the network")
Train Signal, Inc., 2002-2007

Users cannot receive email. Make sure the incoming POP3 port (110) is open. This happens a lot when new firewalls are put in. Users cannot send email. Make sure the outgoing SMTP port (25) is open. You need to block users from accessing the Web. Make sure the HTTP egress ("outgoing") port is blocked.
Train Signal, Inc., 2002-2007

127

Network attackers can have one or more agendas:

Financial gain, possibly blackmailing you for access to your stolen and now inaccessible data Simply seeing if they can gain access, just for the fun of it Damaging the network for personal satisfaction
Train Signal, Inc., 2002-2007

One network attack type is a Denial of Service (DoS) attack. Basically, the attacker(s) attempt to overwhelm the server with TCP connection requests, which has two negative effects:
Legitimate users cannot access the server due to network congestion caused by the DoS requests The attacked server's resources are so busy attempting to answer the service requests that it cannot answer legitimate requests, or the server simply crashed under the load
Train Signal, Inc., 2002-2007

A DoS attack is really designed more to damage network access than to steal data. A common technique to steal data and perhaps profit by its sale or use is a combination of reconnaissance attacks and access attacks.

Train Signal, Inc., 2002-2007

128

When a military patrol goes on a reconnaissance mission, it's not looking for a fight with the enemy; it's gathering information for a future attack, looking for strengths and weaknesses. That's exactly what a reconnaissance mission is in networking. The intruder uses different techniques to gather information about your network's strengths and weaknesses, and the intruder will return later and utilize that information to his advantage - and your dismay.

Train Signal, Inc., 2002-2007

While the information gathered during a reconnaissance attack can be used for a DoS attack, most likely it'll be used for an access attack. That's where data is actually compromised and/or stolen by the intruder for their own personal use, financial gain, or occasionally just to embarrass the company they stole the data from.
Train Signal, Inc., 2002-2007

With so many different external network threats, it's really not enough to "just" have a firewall in place today. That's why Cisco developed the Adaptive Security Appliance. From Cisco's website, here's how they describe the ASA: "The Cisco ASA Series controls network and application traffic, delivers flexible Virtual Private Network (VPN) connectivity, and reduces the overall deployment, operations costs and complexity that would otherwise be associated with this level of comprehensive security."
Train Signal, Inc., 2002-2007

129

When reading white papers and sales documents regarding the ASA, you'll come across an interesting term - "anti-x". No, "x" isn't some new mysterious virus or network security issue! "x" is simply used by Cisco to encompass all of the "antis" the ASA offers, such as "anti-virus" and "anti-spam". Instead of listing all of the "antis" their product offers, Cisco simply says "anti-x". Just wanted you to know so it wouldn't make you wonder as it did me the first time I saw it! ;)

Train Signal, Inc., 2002-2007

Cisco also offers the Intruder Detection System (IDS), which Cisco's website describes as "Providing complete intrusion protection, Cisco IDS delivers a comprehensive, pervasive security solution for combating unauthorized intrusions, malicious Internet worms, along with bandwidth and eBusiness application attacks."
Train Signal, Inc., 2002-2007

On the other hand, the Cisco IPS - Intrusion Prevention System - is described by their website as follows:
"The Cisco Intrusion Prevention System (IPS) solution is an integral part of the Cisco Self-Defending Network and Cisco Threat Control solutions, providing end-to-end protection. This inline, network-based defense can identify, classify, and stop known and unknown threats, including worms, network viruses, application threats, system intrusion attempts, and application misuse."
Train Signal, Inc., 2002-2007

130

If there's one thing you must have working at full capacity in your network, it's the antivirus programs. If there's one thing that is commonly overlooked when it comes to updates, it's the antivirus programs.

Train Signal, Inc., 2002-2007

In today's world, your network must be protected from both internal and external antivirus threats. By implementing and executing an aggressive antivirus strategy, you can greatly reduce your network's chances of being hit with a virus. Literally hundreds of millions of dollars in productivity are lost every year due to virus attacks, along with a few jobs. Make sure both your network and career are protected!
Train Signal, Inc., 2002-2007

Just as a human virus is spread through contact, so is a computer virus. A virus is a program that gets onto a computer without a user's knowledge and then performs an action that can range from mischievous to destructive. For a virus to be spread, there has to be some kind of contact between an infected user and another user - generally, that contact is the forwarding of an email that has an attachment that contains a virus.
Train Signal, Inc., 2002-2007

131

A worm is a type of virus, but a worm can spread on its own without any "help" from the infected host. Even worse, a worm can replicate on its own, resulting in many more worms attacking other hosts. A common worm attack involves the worm sending a copy of itself to every single user listed in the infected host's email address book.
Train Signal, Inc., 2002-2007

A third, more insidious attacker is the Trojan Horse. In history, the Trojan Horse was presented as a gift to Troy by the Greeks, and it was filled with Greek soldiers who attacked once the Horse was taken inside the city's defenses. Today's Trojan Horses attack in much the same fashion. The program installed by the user may look legitimate and innocent, but there's another program inside just waiting to attack the user's computer.

Train Signal, Inc., 2002-2007

It's a good idea to periodically remind your end users about some basic steps they can take to help prevent unleashing a virus:
Don't open email attachments from anyone outside the company. Don't download software and install it, especially "fun and free" software such as gaming programs, animated cursors, etc. Don't open email from anyone you don't know.
Train Signal, Inc., 2002-2007

132

Choosing And Configuring An Antivirus Program

I strongly recommend you choose an antivirus program that offers automatic updates. If you rely on manual updates - that is, relying on remembering to go out and check for updates yourself instead of having them automatically downloaded when new updates are available - I can practically guarantee you're going to forget to do so, and this can be a fatal mistake for both your network and your career.
Train Signal, Inc., 2002-2007

The #1 mistake network administrators and home PC owners alike make with antivirus software is not keeping the program up-to-date. New viruses are being created every minute of every day, and reputable antivirus program vendors such as Symantec are monitoring that situation, looking for new viruses and writing virus signature updates or virus definitions regularly. (A virus signature is the actual binary pattern of a virus, and just as your signature identifies you, a virus signature identifies the virus.)
Train Signal, Inc., 2002-2007

Even with this protection, 100% protection from viruses isn't guaranteed. There are polymorphic viruses that actually change their own signature each time they replicate, which makes it much more difficult for an antivirus program to identify and eliminate them
Train Signal, Inc., 2002-2007

133

What Files Should Be Scanned For Viruses? When you configure antivirus software, you'll have the option of setting a time when a virus scan should run on the host, as well as what files should be scanned for viruses. If your network PCs are left on at night, setting the antivirus program to run a full scan at 1 AM is a great idea.
Train Signal, Inc., 2002-2007

First on your list should be any file whose extension is .com, .exe, .ocx, or .dll. These are all executable files, which are primary carriers and targets of viruses. I personally like to scan a host's Microsoft Word documents as well, since those files are passed from user to user more often than any other file type.
Train Signal, Inc., 2002-2007

If You Turn Anti-Virus Software Off... TURN IT BACK ON! Sorry for the yelling, but this is a great way for viruses to sneak into your network. Most network administrators have been in a position where they've had to turn the antivirus program off, and you may have installed programs on your own PC where the installation program recommends you to turn the antivirus program off.
Train Signal, Inc., 2002-2007

134

And don't forget.... lock up your hardware - literally!

Train Signal, Inc., 2002-2007

"Hiding" A Sensitive Network VLANs aren't just for limiting the scope of broadcasts on your network - they're actually a security feature as well! If you have a network in your business that should be hidden from the rest of the network, just put the "secret" hosts in their own VLAN.
Train Signal, Inc., 2002-2007

135

Networking Project Report
60% (5)
Networking Project Report
47 pages
Free CCNAStudy Guide
No ratings yet
Free CCNAStudy Guide
13 pages
Network Infrastructure Report
No ratings yet
Network Infrastructure Report
21 pages
CCNA 1 Final Exam Answers 2017 v5 1 v6 0 Introduction To Networks
No ratings yet
CCNA 1 Final Exam Answers 2017 v5 1 v6 0 Introduction To Networks
52 pages
17 (1 Related) Cominication System
No ratings yet
17 (1 Related) Cominication System
80 pages
CCNA ICND1 100-101: Official Cert Guide
No ratings yet
CCNA ICND1 100-101: Official Cert Guide
13 pages
Experiment Name: Objective:: To Study OSI Reference Model
No ratings yet
Experiment Name: Objective:: To Study OSI Reference Model
5 pages
OSI Layers and Network Design: Susan J. Fager
No ratings yet
OSI Layers and Network Design: Susan J. Fager
6 pages
BIT3204 NETWORK MANAGEMENT notes
No ratings yet
BIT3204 NETWORK MANAGEMENT notes
40 pages
LAN Simulation Using CISCO Packet Tracer
No ratings yet
LAN Simulation Using CISCO Packet Tracer
10 pages
2-Osi Model
No ratings yet
2-Osi Model
27 pages
Chapter 2 - Network Basics
No ratings yet
Chapter 2 - Network Basics
64 pages
Ccna Project Report
89% (36)
Ccna Project Report
48 pages
Chapter 2. Network Fundamental Concepts
No ratings yet
Chapter 2. Network Fundamental Concepts
125 pages
L1 - Basic Networking Concepts
No ratings yet
L1 - Basic Networking Concepts
8 pages
Pemodelan OSI Dan Topologi Jaringan
No ratings yet
Pemodelan OSI Dan Topologi Jaringan
82 pages
Computer Networking Fundamentals Chapter 2
No ratings yet
Computer Networking Fundamentals Chapter 2
133 pages
151x Ccna 1 Ejw CH 9 Answers
100% (3)
151x Ccna 1 Ejw CH 9 Answers
12 pages
(Updated Constantly) : CCNA 1 (v5.1 + v6.0) Chapter 3 Exam Answers Full
No ratings yet
(Updated Constantly) : CCNA 1 (v5.1 + v6.0) Chapter 3 Exam Answers Full
15 pages
2-OSI and TCP-IP Reference Model, TCP-IP protocol suite
No ratings yet
2-OSI and TCP-IP Reference Model, TCP-IP protocol suite
45 pages
Lecture W3 CN Helping Notes_network Models
No ratings yet
Lecture W3 CN Helping Notes_network Models
25 pages
wwwwSamrat
No ratings yet
wwwwSamrat
18 pages
03 Chapter
No ratings yet
03 Chapter
40 pages
What Is The OSI Model
No ratings yet
What Is The OSI Model
25 pages
Network Software & Network Models
No ratings yet
Network Software & Network Models
38 pages
Week2-Application Layer Fix
No ratings yet
Week2-Application Layer Fix
38 pages
Network Layers Lecture 1
No ratings yet
Network Layers Lecture 1
23 pages
Lesson 4 - OSI Model
No ratings yet
Lesson 4 - OSI Model
15 pages
CCNA-Internship Presentation
No ratings yet
CCNA-Internship Presentation
19 pages
Introduction To Networking and Hardware
No ratings yet
Introduction To Networking and Hardware
11 pages
7TCPIP
No ratings yet
7TCPIP
40 pages
Camela H. Godilo (BSIT2-5)
No ratings yet
Camela H. Godilo (BSIT2-5)
19 pages
Ip PDF
No ratings yet
Ip PDF
375 pages
Appendix: Informatics Practices
No ratings yet
Appendix: Informatics Practices
375 pages
Distributed Information Systems: Lecture9 - Networkingbasics: Osi Model Basedon Agrawalandsharma, Prospectpress
No ratings yet
Distributed Information Systems: Lecture9 - Networkingbasics: Osi Model Basedon Agrawalandsharma, Prospectpress
172 pages
Company Profile: Centre For Electronic Governance (CEG)
No ratings yet
Company Profile: Centre For Electronic Governance (CEG)
32 pages
Lab-2 Networking Basics: What Is A Network?
100% (1)
Lab-2 Networking Basics: What Is A Network?
6 pages
Week 2-Osi and Tcp Ip Model
No ratings yet
Week 2-Osi and Tcp Ip Model
31 pages
Module-I TCP-IP Overview & Ethernet PDF
No ratings yet
Module-I TCP-IP Overview & Ethernet PDF
61 pages
Lesson 4 - OSI Model
No ratings yet
Lesson 4 - OSI Model
13 pages
ACN Seminar PDF
No ratings yet
ACN Seminar PDF
6 pages
Day 14 Installation of NIC Day 15, 16 Peer To Peer Networking
No ratings yet
Day 14 Installation of NIC Day 15, 16 Peer To Peer Networking
22 pages
Ccnab PDF
No ratings yet
Ccnab PDF
100 pages
4 - Internet Protocols and Standards - HTTP, HTTPS, FTP, SMTP, TCP - IP, URI & URL
No ratings yet
4 - Internet Protocols and Standards - HTTP, HTTPS, FTP, SMTP, TCP - IP, URI & URL
67 pages
Network Reference Model - ENAM
No ratings yet
Network Reference Model - ENAM
56 pages
DCN Question Bank
No ratings yet
DCN Question Bank
10 pages
Cisco Ccna
No ratings yet
Cisco Ccna
28 pages
ITN Module 17
No ratings yet
ITN Module 17
60 pages
Diagnosing-a-virtual-LAN
No ratings yet
Diagnosing-a-virtual-LAN
3 pages
System Design New Document
No ratings yet
System Design New Document
141 pages
Protocols Invovled in Tcip
No ratings yet
Protocols Invovled in Tcip
23 pages
ITN Module 17 Build A Small Network
No ratings yet
ITN Module 17 Build A Small Network
58 pages
Module 17 - Build A Small Network
No ratings yet
Module 17 - Build A Small Network
47 pages
NETTECH QUIZ
No ratings yet
NETTECH QUIZ
8 pages
abdul sami khan 42723
No ratings yet
abdul sami khan 42723
8 pages
Project Reprot ON: Cover Page
No ratings yet
Project Reprot ON: Cover Page
43 pages
The Compete Ccna 200-301 Study Guide: Network Engineering Edition
From Everand
The Compete Ccna 200-301 Study Guide: Network Engineering Edition
Joe Spoto
5/5 (4)
Cisco Certified Network Associate CCNA Interview Question and Answer
From Everand
Cisco Certified Network Associate CCNA Interview Question and Answer
Manish Soni
No ratings yet
Cloud Infrastructure and Data Center
From Everand
Cloud Infrastructure and Data Center
Duong Tran
No ratings yet
The CompTIA Network+ & Security+ Certification: 2 in 1 Book- Simplified Study Guide Eighth Edition (Exam N10-008) | The Complete Exam Prep with Practice Tests and Insider Tips & Tricks | Achieve a 98% Pass Rate on Your First Attempt!
From Everand
The CompTIA Network+ & Security+ Certification: 2 in 1 Book- Simplified Study Guide Eighth Edition (Exam N10-008) | The Complete Exam Prep with Practice Tests and Insider Tips & Tricks | Achieve a 98% Pass Rate on Your First Attempt!
Comptia Ace5
5/5 (1)