CCNA COURSE 8/2012 Mokhtar Ahmed

CCNA COURSE

Router Commands

N: Command Description
1 Router> Enable Enable mode for advanced monitoring
2 Router# show run To show the run configuration on the ram
3 Router# show start To show the start up configuration that saved
on the NvRam ( flash )
4 Router# show ip interface brief To show a brief of all interfaces
5 Router# show ip interface To show all the details of the interfaces on the
router
6 Router# show ip route To show the route in the routing tables
7 Router# show cdp neighbors To show the neighbors that directly connected
6 Router# show ip eigrp neighbors To show neighbors that use the same routing
protocol
7 Router# show ip eigrp neighbors To show details of neighbors
8 Router# show ip eigrp topology To show the routing table and the backup path
for the eigrp routing protocol
9 Router# show ip protocols To show the routing protocol that it's work and
give the active protocol , active interface ,
routing information source , admin distance ,
routing for network
10 Router# show controllers interface To check if your wick is dte or dce in line 3 and
the clock rate and connection type
11 Router# show ip ospf neighbors To show neighbors that understand ospf
12 Router# show ip ospf interface To show the interfaces that run on ospf
13 Router# show arp To show the arp cache
14 Router # show ip rip database To show database of rip
15 Router# ping ip To check if there is a connection oriented
16 Router# ping 127.0.0.1 To check tcp/ip model on your pc
17 Router# Trace route To troubleshooting the connection from end to
end
18 Router# configuration-terminal Global configuration mode
19 Router (config)# hostname name To rename the router
20 Router (config)# banner motd $ To make a banner message to be showing in
start up the $ you can change it as you want
and u must end your message with this signs
21 Router (config)# line console 0 To configure login password
Router (config-line)# password password
Router (config-line)# login
22 Router (config)# line vty 0 4 To configure vty used for telnet and ssh from 0
Router (Config-line) # password password to 15
Router (config-line) # login
23 Router (config)# enable secret To configure enable password and it's
encrypted by md5
24 Router (config)# service password-encryption To encrypts all current and future password
25 Router (config)# interface serial 0 To configure interface serial
26 Router (config)# interface Ethernet 0 To configure Ethernet interface
27 Router (config)# interface Fast Ethernet 0 To configure fast Ethernet interface
CCNA COURSE Mokhtar Ahmed
 CCNA COURSE 8/2012 Mokhtar Ahmed
28 Router (config-if)# ip address __ip__ ___mask__ To configure ipv4 address to interface and
mask
29 Router (config-if)# no shutdown To configure interface to turn on ( all interface
are in shutdown mode by default)
30 Router (config-if)# clock rate 64000 To configure clock rate and synchronization for
DCE we use it on null modem configuration
(backbone)
31 Router (config)# ip route networkaddress mask Used to configure static route we use the exit
vector or ip of next hop interface or vector if we are direct connected to
the other router and we use the ip of next hop if
we connected from point to multi point

32 Router (config) # ip route 0.0.0.0 0.0.0.0 s 0/0 This configuration used for summarization of
all ipv4 networks
33 Router (config) # ip classless To activate default route and the classless ip
and it's enabled by default
34 Router (config) # Router Rip To enable rip ver 1 routing protocol
35 Router (config-router)# network direct connected To chose the interface that use this network
network
36 Router (config)# Router Rip To enable rip ver2 routing protocol
Router (config-router)# version 2
37 Router (config)# no commands To negate certain protocol or command
38 Router (Config)# Router igrp AS# To enable igrp routing protocol and we have to
chose the autonomous system number
39 Router (config)# Router eigrp AS# To enable eigrp routing protocol and we have
to write the as number
40 Router (config)# passive-interface interface To make a certain interface passive
41 Router # debug ip rip To monitoring the processing of rip in the
background
42 Router # debug ip eigrp packets To show the processing of eigrp packets
43 Router # debug routing To show routing table processing
44 Router # debug ip ospf events to show processing of ospf events
45 Router # undebug all To terminate all opened debugs
46 Router (config) # Router ospf processid To run ospf routing protocol with process id to
Router (config-router)# network network w.c.m area separate the database and area id to separate
id the processing in different routers
47 Router (config)# ip Nat pool poolname startip endip Enable nat
netmask subnetmask And enable it on interface inside and outside
Router (config)# ip Nat inside source list acl# or name
pool poolname
Router (config)# interface e0
Router (config)# ip nat inside
Router (config)# ip nat outside
48 Router (config)# access-list number# permit/deny ip To configure access list
mask
49 Router (config)# ip nat pool poolname startip endip To enable pat
netmask
Router (config)# ip nat inside source list acl# pool
poolname overload
50 Router (config)# int e0 To divide the physical interface to sub
Router (config-if)# no ip address interfaces you can divide them to 4 milliard sub
Router (config-if)# no shutdown interface we use it for enable routing between
Router (config)# int e0.1 vlans
CCNA COURSE Mokhtar Ahmed
 CCNA COURSE 8/2012 Mokhtar Ahmed
Router (config-subif)# ip address ip mask We have to chose the encapsulation type and
Router (config-subif) # encapsulation dot1Q vlan# tagging , we have to assign the encapsulation
type for each sub interface
51 Router# copy running-configuration start- To save the configuration from the RAM to the
configuration flash memory (NVram)
52 Router # erase start-configuration To erase saved configuration from the flash
memory (NVRAM)
53 Router # show version To show software and hardware features

54 Router power on/off To reset enable password

CTRL + BREAK (while router restarting) This steps must be done with console cable only
Rommon > confreg 2142 Router will restart and open the dialog
Rommon > reset configuration also we will say no and then go
on into enable mode
Router # copy start run
After last step you can change the password to
After changing password you must save your work make sure that all the configuration is still alive

Router # copy run start

Do not forget to change the value of 2142 to the

default value to run in normal sequencing

Router (config)# configure-register 2102

55 Router (Config) # ip dhcp pool name To configure DHCP service on a router and
Router (config-dhcp)# network network mask assign a pool
Router (config-dhcp) # default-router ip of router
Router (config-dhcp) # dns server ip of dns
Router (config) # ip dhcp excluded-address startip endip
56 Router # show dhcp binding To show assigned ip address to witch host
57 Router (config) # access-list no 1->99 permit/deny src To create standard access list it's used to filter
ip w.c.m traffic
58 Router (config) # access-list standard/extended To create standard named access list
aclname
Router (Config-std-nacl)# permit/deny srcip w.c.m
59 Router (config) # interface serial 0 To activate access list on a interface
Router (config-if) # ip access-group no#/name in/out
60 Router (config) access-list 100->199 permit/deny To create numbered extended access list that
protocol srcip src w.c.m operator src port protocol dst we can deny a certain pc to a certain protocol
ip dst w.c.m operator dst port protocol such as http or ftp or https or certain dst ip
61 Router (config) # ip access-list standard/extended To create extended named access list
name
Router (config-ext-nacl) # permit/deny protocol srcip
srcw.c.m operator src port protocol dstip dst w.c.m
operator dst port protocol

62 Router (config-if)# ip access-group no#/name in/out To activate extended named access list on
certain interface
63 Router (config) # line vty 0 4 To activate acl on line vty for telnet uses it's
Router ( Config-line) # access-class aclno#/name in increase security for the telnet
64 Router # show access-list To show all acl of all routed protocol or specific
Router # show ip access-list no#/number acl
CCNA COURSE Mokhtar Ahmed
 CCNA COURSE 8/2012 Mokhtar Ahmed
Switch Commands

1 Switch > enable To open enable mode Privilege mode for advanced
monitoring
2 Switch # show running-configuration To show the running configuration on the RAM
3 Switch # show vlan To show vlan.dat file ( vlan database and what is stored on
it )
4 Switch # show vtp status To show the status of the vtp domain and the revision
number
5 Switch # show vtp password To show vtp password
6 Switch # show startup configuration To show start up configuration file that saved on the flash
7 Switch # show interface trunk To show details of all trunk interfaces
8 Switch # show dtp To show dynamic trunk protocol information
9 Switch # show arp To show arp table
10 Switch # show cdp neighbors To show details of neighbors Cisco only
11 Switch #show Mac address-table To show Mac address table
12 Switch # show port-security To show witch port are secured
13 Switch # show spanning-tree To show spanning tree information
14 Switch # show version To show version of IOS , software and hardware
15 Switch # configure terminal To enter the global configuration mode
15 Switch (config) # banner motd $ To configure a banner message to display on switch booting
16 Switch (config) # hostname name To change the display name for the device
17 Switch (config) # vlan # To create a new vlan
18 Switch (config-vlan)# name name To create a name for the vlan
19 Switch (config-if)# switchport mode access To change port mode from dynamic to access we use port
access for end devices only
20 Switch (config-if)# switchport mode trunk To change port mode from dynamic to trunk mode
In Cisco switch it's done automatically
21 Switch (config-if) # switch port access vlan # To assign vlan in certain port on the switch
22 Switch (config) # vtp domain name To configure vlan trunking protocol VTP DOMAIN
(CISCO PROPERIATERY )
23 Switch (config) # vtp password password To assign a password for the vtp domain
24 Switch (config) # line vty 0 15 To mange switches remotely
25 Switch (config-line)# password password To assign a password for the vty
26 Switch (config-line)# login To assign this password while logging to switch remotely
27 Switch (config)# interface vlan 1 To assign ip address for switch processor to use it in telnet
Switch (config-if) # ip address ip mask connection
Switch (config-if) # no shutdown Assign ip address and mask
Switch (config) # ip default gateway ip of Add default gateway (router ip )
router
28 Switch (config) # copy running-configuration To save configuration from RAM to flash memory
start configuration (NVRAM )
29 Switch (config-if)# switchport port-security To activate port security
max 0 – 1024 Chose number of allowed Mac address that can run on this
port
30 Switch (config-if) # switchport port-security To assign Mac address statically
Mac Mac address
31 Switch ( config-if) # switchport port-security To make the first Mac saved is the only Mac that can use
sticky this port and drop other data from any other Mac
32 Switch (config-if) # switch port port-security To change the action from shutdown to restrict or protect if
violation shutdown/restrict/protect other Mac address not assign in security

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed

Network Devices:

1- Computer :
It's the source of application
It's layer 7 device

2- Repeater :
It's regenerates the signals it's layer 1 device there is a rule to use the repeater maximum 4 repeaters
to avoid large delay and collision it's run by hardware

3- Hub:
It's a multiport repeater it's layer 1 device forward data by flooding , send data out of all ports except
the receiving port all connected pcs are member in single broadcast domain single collision domain ,
they operate in half duplex it's run by hardware

4- Nic : ( Network Interface Card )

Its devices understand Mac its layer 2 devices has Mac address, Mac method, Mac frame and Mac
flow control in the new devices of NIC support MDI/MDIX and its run by hardware

5- Bridge:
It's act as a repeater , it's layer 2 device , understand Mac address , forming Mac table , max ports
can support 16 it's run by software ( Slow switching )

6- Switch:
It's multiport bridge, its layer 2 devices, it's support only one technology by default coz it's hardware
forming Mac table, its run by hardware (Asics) (FAST) and also use micro segmentation
Switch port can learn the existence of more then one device on the same port but it will never learn
the existence of same device on different ports , all devices connected to switch are members of a
single broadcast domain , each port are a single collision domain , all devices connected to a switch
can operate in full duplex switches support VLAN , STP , RSTP , by default all switch port are in
VLAN 1 , all switch port by default : no shutdown , no security there is another type of switches
support POE (Power Over Ethernet ) tech to provide power to ip phones or IP cam

Switch Port Types:

a- Access port : port that connected to an end device it's member on only 1 vlan
b- Trunk port : port that connected to intermediate network devices and it's by default member
in all vlans
c- Port fast (RSTP) : port that goes to Fwd state immediately , it's must be connected to pc or
router

Switch Port States: (STP)

A-listen state: (led amber) :Port is sending & receiving BPDUS , port is performing election ( root
switch , BPDU , DP , RP, BP) ( 15 second )

A- B-blocked state: (green led) port only can receive BPDUs only
b- Learn state : ( green led ) Complete election if required , port start forming Mac table and
drop data ( 15 sec )
c- Forward state : (green led ) start sending data and continue learning

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed

Switch Port States: (RSTP):

a- Discard State: (green) : listen , blocked
b- Learn State : green led ) Complete election if required , port start forming Mac table and drop
data ( 15 Sec)
c- Forward state : (green led ) start sending data and continue learning

Switch modes:

a- Adaptive cut through :

It's start as cut through till errors frame reaches a big percentage then it's automatically change it's
operate to store & forward till errors frames reach a small number then it's return back to cut
through , we can use this kind of switches as core switching . (1- Cut through 2- store & forward 3-cut
through)

b- Store and forward :

Switch store full frame and check if there are any errors then forward
[Error types]: 1- CRC error 2- Runt frame < 64 byte 3- Giant frame >1518

c- Fragment Free:
Its wait tells the minimum frame size 64 byte then forward.

d- Cut through :
Wait after 14 byte then forwarding (waiting for preamble and DST Mac).

7- Wireless access point :

Its wireless switch ( Air switch ) , wifi , there is 3 types of antenna in wireless switch 1- omni
directional (2dbi from 100 meters to 300 meters) 2- semi directional ( 14dbi 12 km ) 3 highly
directional ( dish antenna 50 km )

Switch operation :
Switch:
-Forwarding is based on Hardware ASIC (Application specific integrated circuit).
-Switches are faster than bridges that the switching function is hardware based.
Transparent Switching:
-The hosts don’t aware of the presence of the switch in the LAN.
-The switch doesn’t change the frame.

Bridges VS switches:

Bridges were introduced by DEC in the 80’s as a low-cost, low

complexity way to improve network performance.
Replace a hub with a bridge or a switch and now many PCs can
transmit at the same time.
Some people once thought bridges would replace routers
But they’re not “smart enough”: bridged networks don’t scale to
large sizes.
Switches are basically high speed bridges that can be
partitioned into logical sub-bridges.
VLANs (covered later) are how we partition a switch.
– Logically, switches and bridges are the same.

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed
– They both use the same MAC learning strategy and both use Spanning Tree Protocol
(STP).

Switches learn MAC address:

A switch associates the source MAC addresses

in a frame with the port a frame was received on

Everything just powered on

Host A transmits a frame to Host E

A switch associates the source MAC addresses

in a frame with the port a frame was received on

Switches B, C, D learn the MAC address of A and

associate it with the port receiving the frame

A switch associates the source MAC addresses

in a frame with the port a frame was received on

When a reply is sent, the switches learn the

Location of E (MAC of E and port received on)

Switches selectivity forward:

If a switch has learned a MAC address, it

forwards frames going to that MAC address
out only the associated port

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed

So when A and E communicate, frames are only

sent out the appropriate ports

Switches flood other traffic:

Switch flood traffic out all ports if they do not

know where the destination MAC is
– Unknown unicast MAC addresses
– Multicasts
– Layer 2 Broadcasts (MAC address ffff.ffff.ffff)

Until the unknown unicast MAC address H

replies, frames sent to H are flooded

– Once H replies, the switches can learn which

port the frame from H was received on

Broadcasts and multicasts are also flooded.

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed

Collision and broadcast domains:

An Ethernet segment, or multiple segments with hubs and repeaters, form a collision domain.
– Two devices on such a segment will have a collision if they transmit at the same time.
– Each port of a bridge or switch is a separate collision domain.
– May be a single device or multiple devices attached to the switch via a hub.
– The switch or collection of switches forms a broadcast domain.
– Broadcasts flood all ports in the interconnected bridges or switches.

Need for spanning tree protocol:

We see that if a loop is accidentally introduced into a bridge topology, any broadcast (multicast or
unknown as well) will cause the network to get very busy
– Consequently, switches use Spanning Tree Protocol (STP) to detect and de-activate loops
– Side-effect: switches normally do not load balance when there are multiple, redundant links
(routers can)

Spanning tree protocol:

STP often accounts for more than 50 % of the configuration, troubleshooting, and maintenance
headaches in realworld
campus networks (especially if they are poorly designed).

STP is a loop-prevention protocol. allows L2 devices to communicate with each other to discover
physical loops in the
network. specifies an algorithm that L2 devices can use
to create a loop-free logical topology. creates a tree structure of loop-free leave and branches that
spans the entire Layer 2
network.
Spanning tree algorithm:

STP executes an algorithm called STA.

STA chooses a reference point, called a root bridge, and then determines the available paths to that
reference point.

- If more than two paths exists, STA picks the best path and blocks the rest

BPDUS
CCNA COURSE Mokhtar Ahmed
CCNA COURSE 8/2012 Mokhtar Ahmed

1- All switches using STP must exchange Bridge Protocol Data

Units (BPDU) with other switches.
2- Sent every 2 seconds on every active port
3- The exchange of BPDU messages results in the following:

_ The election of a root switch

_ The election of a designated switch for every switched segment
_ The removal of loops in the switched network by placing
redundant switch ports in a backup state

What's a BID?

Consists of 2 components:

_ A 2-byte priority:
Cisco switch defaults to 32,768 or 0x8000.
_ A 6-byte MAC address
CCNA COURSE Mokhtar Ahmed
CCNA COURSE 8/2012 Mokhtar Ahmed
Used to elect a root bridge.

Lowest Bridge ID is the root.

If all devices have the same priority, the bridge with the lowest MAC address becomes the root
bridge.

Electing a root bridge:

At startup, a switch assumes that it is the root bridge and sets the Bridge ID equal to the Root ID in
its BPDUs If a switch sees a Root ID lower than its own, it begins to advertise that Root ID in its
BPDUs.

Spanning tree port states:

Blocked:
All ports start in blocked mode in order to prevent the bridge from creating a bridging loop. The
port stays in a blocked state if Spanning Tree determines that there is a better path to the root bridge.

Listen:
The port transitions from the blocked state to the listen state

_ Attempts to learn whether there are anyother paths to

the root bridge
_ Listens to frames but cannot send o receive data,
or add to its table.
CCNA COURSE Mokhtar Ahmed
CCNA COURSE 8/2012 Mokhtar Ahmed
_ Listens for a period of time called the forward delay.

Learn:
The learn state is very similar to the listen state, except that the port can add information it has
learned to its address table.

Still not allowed to send or receive data

Learns for a period of time called the forward delay

Forward:
The port can send and receive data.

A port is not placed in the forwarding state unless there are no redundant links or it is determined
that it has the best path to the root.

Disabled:
The port is shutdown manually by an administrator.

STP timers:

The default value of the forward delay (15 seconds) was originally derived assuming a maximum
network size of seven bridge hops, a maximum of three lost BPDUs, and a hello-time interval of 2
seconds.

STP topology changes:

It can take 30-50 seconds for a network to converge to a new topology. While the network is
converging, physical addresses that can no longer be reached are still listed in the switch
table. Because these addresses are in the table, the switch will attempt to forward frames to devices it
cannot reach.

The STP change process requires the switch to clear the table faster in order to get rid of unreachable
physical addresses.
If a switch detects a change, it can send a topology change BPDU out its root port.

The topology change BPDU is forwarded to the root switch, and from there, is propagated
throughout the network

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed
Router :
Its device can support multiple technologies, its deliver data from end to end its layer 3 devices,
interface of router called serial interface or WIC in the first time configuration we have only one way
to configure by Console cable or roll over cable , each point in the router is considered a different
network , each router try to know how to arrive to all other routers , router will discard the b.c msg
make no flooding router should learn before forwarding , routers can learn & construct the routing
table using routing protocols ( by Configuration )

Routers types:
a-) Fixed Routers: these kinds of router have all interfaces built in and you can't change any interface
and it's the lowest price routers interfaces will be showing like this E0 or S0

b-) Modular Routers: this kind of routers have slots you can change it's interfaces as you wish it's
have 4 slots begin from Slot 0 to Slot 3 and it's interface showing like this S0/0 , S0/1 , S0/2 , S0/3

C-) third generation this kind of this routers have slots and sub slots you can change the sub slots as
you wish and the sub slots have multi interfaces and it's showing like this S0/0/0 the first 0 it's show
the main slot , the second 0 it show the sub slot and the last 0 it's the interface

Router protocols:

Routing Protocol: it is the exchange of information between routers so as each router tell others
about networks it can reach the final target of routing is the routing protocol the class
Ex: rip v 1, 2, ripng, igrp.eigrp. Ospf. isis and bgb , there is classification for routing protocol
static routing and dynamic routing

Routed Protocol:-
it is the protocol that carry user data traffic from end to end using packet , logical addressing (IP)
and encapsulation

Ex: IPx , IPv4 , IPv6 and Apple Talk

Router Software:- (IOS)

IOS is Internet work operating system and it's manage the hardware running on the router and
it's stored in flash memory (NVRAM)

IOS Features:
1- Setup mode : it's [yes/no] configuration dialogue , basic configuration only maybe you
can use all the feature of the router
2- Execution mode :
a- user mode: used for simple monitoring and troubleshooting
Ex: Router > ping ……….ip……
Router > traceroute ………..DST IP…..
Router > telnet ……….IP Of Device ……
Router  it is the name of the device and you can change it
b- Privilege Mode ( enable Mode): used for advanced monitoring and troubleshooting you
have the admin power to open Privileged mode write
Router> enable
To exit write
Router# Disable
c- Global Configuration mode : it's support configuration Command that effect the entire
device (config)# mode
To open global config mode write
CCNA COURSE Mokhtar Ahmed
CCNA COURSE 8/2012 Mokhtar Ahmed
Router # configuration terminal or (conf t)
d- Sub configuration mode : it's support configuration commands that effect a port of the
device like interface , third software
Ex: Router (config)# interface serial 0
Router (config-if)#
To exit write exit in any mode or press CTRL+Z any time

Mini IOS it’s a mini operating system and it's used if the main IOS is erased by mistake, it's used
to install full IOS, also used to recover the forgotten password and it's stored in ROM.

Configuration file: (STARTUP CONFIG)

It's a program file that contain configuration commands and it's stored in Flash memory
(NVRAM)

8- Modem : Modulator and Demodulator

It's a layer 1 device, used for modulation, clocking, synchronization, data coding, also we need to
satisfy ISP equipment, also we need to modulate the signal to move for long distance and to
change the signal type from analog to digital

CSU/DSU : (Channalized service unit / data service unit ) It's a layer 1 device , used for
modulation , clocking , synchronization , data coding ,also we need to satisfy ISP equipment ,also
we need to modulate the signal to move for long distance and to change the signal type from
digital to digital
9- wireless access point : (AP) Service set
Wireless access point its air switch and there is 3 different topology of wireless access point or
service set
A-) AD-Hoc mode : this mode called independent basic service set (IBSS) mobile client connect
directly without an intermediate access point other meaning no need for Access Point

B-) Infrastructure mode: in this infrastructure mode, where clients connect through an access
point there are two modes. :

- Basic Service Set ( BSS) : only one access point , mobile client use a single access point for
connectivity to each other or to wired network resources
- Extended Services Set (ESS) : more then 1 access point, in this mode two or more basic service
sets are connected by a common distribution system , an extended services set generally point
to access point without requiring client configuration

Access point operation:

In order we need to connect to an AP, an SSID service set identifier needs to be configured, the SSID
is the name of the wireless cell, it's us used to logically separate WLANs. It must match exactly
between the client and the access point the access point broadcasts the SSID in the Beacons
Beacons are broadcasts that the access points send to announce the available services.

The Association Steps:

1- client sends probe request ( request info about ap)
2- access point send probe response
3- client access initiates association
4- access point accepts association
5- access point adds client Mac address to association table

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed
10- Firewall: (PIK): ( Cisco H/w Firewall
Firewall Rules:
- if data comes from outside it is denied by default
- if data comes from inside it is allowed & its reply is also allowed

Firewalls have at least two interfaces inside (trusted), outside (UN trusted).

If someone need to make anything from outside (browsing), it is denied so they invented DMZ
interface '' De Militarized zone ''

The firewall now has a three interface called DMZ

We put servers that need to accessed from outside in the DMZ to make less restriction for
accessing then but accessing inside is still forbidden

11- IDS : Intrusion Detection System :

H/w having attack database in a file called signature file IDS can only detect the attack but can't
prevent it.
Operation : it's compare the data stream to the signature files that contains the most commons
attacks in the world if find an attack it's send an alert to the network admin or the system admin the
alert is must being configured in witch way it will alert , by mail , force message to admin pc , or sms
message

12- IPS : Intrusion prevention system

It's lied outside because if it detects an attack , prevent it from the beginning before entering the
system it also have the same operation of IDS compare the incoming data with the signature file to
prevent the attack , HIPS host ips it's a software installed on pc and it's operate as antivirus

13- ASA : adaptive security appliance (h/w)

Application firewall + IPS + VPN concentrator

Cable Types:

1- LAN cables
- UTP :- Unshielded twisted pair
8 wire cable = 4 pair
Orange wire = live TX
Orange white wire = Ground for orange TX

Green wire = live RX

Green white wire = ground for green RX

Blue and brown are spare to be used in 10mbps or 100 mbps and they are used now in 1 GBPS &
10 GBPS and Power over Ethernet

Twisting: avoid noise and interference, (EMI = electro magnetic interference)

-STP: there is an aluminum shield used to discharge any noise (cross talk & external interference)

Twisted pair standards: it's categorized

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed

Cat5: category 5 cable supporting 100 Mbps (100 meter)

Cat5e: category 5 enhanced supporting 1 gbps (100 meter)
Cat6: supporting more then 1 gbps (100 meter)
Cat6a: supporting 10 gbps for (25 meter)
Cat6e: supporting 10 gbps for (100 meter)
Cat7: supporting 10 gbps for (25 meter)

LAN Standards: IEEE provides most LAN standards

Ethernet is IEEE 802.3

80= 1980
2=February
3= Ethernet

Ethernet Cards Standards

10 base T = transmit speed are 10 mbps base= no need for modulation t= twisted pair – copper
100 Base T
1000 Base T

Cable connection standards

1-straight cable: used to connect DCE to DTE (PC to switch)
Run on standard T568 A use connector RJ45

it's transmit on Green and Green-white 1, 2

it's receiving on Orange and orange-white 3, 6

2- cross cable :
connect 2 DTE or 2 DCE
run on standard T568 B use connector RJ45
it' transmit on orange-white and orange 1, 2
it's receive on green-white and green 3, 6

now there is an ASIC with feature of auto cable sensing Called ( MDI/MDIX ) Media dependent
interface / Media dependent interface cross it's a feature on NICs that making the crossing
between 2 DTEs or 2 DCEs

3- Rollover : used for configuration

There is to type from this cable
a- console cable and it's standard came with the device
b- rollover it's hand make we reverse all the 8 wires

Fiber Cables: sending optical signal instead of electrical cladding its use light pulse

Single Mode Fiber: (SMF)

Max Distance = from 10 km to 100 km
Core diameter – 8Mm or 9Mm
Cladding diameter = 124 Mm

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed

Multimode Fiber: (MMF)

Max Distance = from 400 meter to 4 km
Core Diameter 50 Mm, 62, 5 Mm
Cladding Diameter = 125 Mm

Other Ethernet cards types (Fiber standards )

10 base F F= Fiber
100 Base F
1000 Base-sx SX= Short distance (MMF)
1000 Base-lx LX = Long distance (SMF)
1000 Base-zx ZX= Extended long distance (SMF) 100 km

Connectors :

Copper connectors
DB= D-Shaped
Pins

DB-60 (60 pins) = serial

DB-21 (21 pins ) = smart serial
DD-9 (9pins)
Modem connectors
V.35
Rs232
x.21

RJ-45 = registered jack no 45 (Standard B)

1- orange white
2- orange
3- green-white
4- blue
5- blue-white
6- green
7- brown-white
8- brown

RJ-45 = registered jack no 45 (standard A)

1- Green-white
2- Green
3- Orange-white
4- Blue
5- Blue-white
6- Orange
7- Brown-white
8- Brown

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed

Fiber connectors
Sc = Square connector
St= Straight tip connector

Network types

A-) LAN: Local area network:

it's group of components in a small area under my administration . is a connection between devices
near to each other without using central office
ex:
Ethernet 10mpbs
Fast Ethernet 100 mbps

B-) Man: metropolitan area:

Group of LANs within the same city there is a partner in the middle is a connection between group of
LANs over a small area within city like cairo a central
office exist between LANs
Ex: Metro Ethernet 10 gpbs
Atm 40 gbps

C-) Wan : wide area network

Group of lans within very far distance , there is a partner in the middle
Ex:
DSL
ISDN
X.25
Frame-Relay
Atm 622 MBPS

Network: group of components connected together to provide a service or to share expansive

resources

Network Topologies: how components are connected together physically

1- Point to Point Topology

Only one Tx , only one Rx
Ex: DSL , analog dialup , ISDN

2- Bus topology : one Tx and all Rx

Ex: Ethernet

3- Ring Topology : one send to the next the next send to the next in a round
Ex : Token Ring
FDDI ( Fiber Distributed Data interface )

4- Mesh Topology : each device connected to all other devices with all available paths we can say
it's the best topology for switches
CCNA COURSE Mokhtar Ahmed
CCNA COURSE 8/2012 Mokhtar Ahmed
Ex : Ethernet , x.25 , Frame Relay , ATM ,

5- Star Topology : all devices connected directly to a centralized device

Ex: Ethernet , Token Ring

Network models :

Model is a set of concepts that defined for each device what will be done to aid data transfer , a set of
protocols and it's layered

Layers is define certain function that will be done by Software or hardware

Model is layer because when each do its function it give what's done to next down layer & so on….

OSI Model : Open System interconnection 7 layers

This layer is developed by ISO and it's a references model

Open it's refer to open standard we can modify any of its rules

Application : it's responsible for preparing data for proper service

Layer 7
HTTP , HTTPS , FTP , POP3, SMNP , TELNET , RTP , ICMP

Programming (OS)
Presentation : it's responsible for finding a common data
representation between each sender & receiver and it's used to
represent the data in the proper format
Layer 6 Ex: ASCII - Text
JPG  Picture
MP3  Audio
Session : it's responsible for making sure that all info required for
opening a session is ready in that case it will give order to the
Layer 5
transport layer for
-session establishment
-session management
-session termination
Transport layer : it's responsible for the actual mechanics of
session establishment  handshaking
Layer 4 Session management  control *
Session Termination  handshaking
Transport layer: end-to-end transmission and control ex: TCP
Networks

( Transmission control Protocol ) reliable

Network layer : it's responsible for

1)end-to-end addressing ( logical addressing ) IP ADDRESS
Layer 3 2) end-to-end data delivery ( Transmation ) Packet to cover the data
3) finding best path to find end

1,2 examples : ipx , ipv4 , ipv6

3 examples : ripv1 , ripv2 , ospf , bgb
to provide end to end data should move hop by hop

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed
Data link layer : it's responsible for

Communication
Layer 2 1) hop-to-hop addressing ( physical addressing mac address)
2)hop-to-hop data delivery ( Frame)
3) finding best path to the next hop ( Switching)
4) hop-to-hop control :
a: error detection
b: error correction
c:flow control
Layer 1 Physical layer : cabling , interfaces & connectivity

* Session management: (Control)

1) Segmentation: dividing data into smaller parts (segment)
2) Sequencing: to give each segment a serial number
3) Error Detection: Cyclic redundancy check CRC it detect the error by check CRC
4) Reliability: make sure that all segments are correctly received
5) Error correction: retransmit
6) Flow control: Control in the form of receiving data

Layer 7: Application layer

This layer supports applicationCommunication partners are identified, quality of service is identified,
user authentication and privacy are considered, and any constraints on data syntaxare identified.
Everything at this layer is application-specific. This layer provides application services for file
transfers, e-mailand other network software services. Telnet and FTPare applications that exist
entirely in the application level. Tiered application architectures are part of this layer.

Layer 6: Presentation layer

This layer provides independence from differences in data representation (e.g., encryption by
translating from application to network format, and vice versa. The presentation layer works to
transform data into the form that the application layer can accept. This layer formats and encrypts
data to be sent across a providing freedom from compatibility problems.

Layer 5: Session layer

This layer establishes, manages and terminates connections between applications. The session layer
sets up, coordinates, and terminates conversations, exchanges, and dialogues between the applications
at each end. It deals with session and connection coordination.

Layer 4: Transport layer

This layer provides transparent transfer of data between end systems, or hosts and is responsible for
end-to-end error recovery and flow control It ensures complete data transfer.

Layer 3: Network Layer

This layer provides switching and routing technologies, creating logical paths, known as virtual
circuits for transmitting data from node to node. Routing and forwarding are functions of this layer,
as well as addressing, internetworking, error handling, congestion control and packet sequencing.

Layer 2: Data Link Layer

CCNA COURSE Mokhtar Ahmed
CCNA COURSE 8/2012 Mokhtar Ahmed

At this layer, data packets are encoded and decoded into bits. It furnishes transmission protocol
knowledge and management and handles errors in the physical layer, flow control and frame
synchronization. The data link layer is divided into two sub layers: The Media Access Control (MAC)
layer and the Logical Link Control (LLC) layer. The MAC sub layer controls how a computer on the
network gains access to the data and permission to transmit it. The LLC layer controls frame
synchronization, flow control and error checking.

Layer 1: Physical Layer

This layer conveys the bit stream - electrical impulse, light or radio signal -- through the network at
the electrical and mechanical level. It provides the hardware means of sending and receiving data on
a carrier, including defining cables, cards and physical aspects. Fast Ethernet, RS232, and ATM are
protocols with physical layer components.

TCP/IP Model
Encapsulation
Application Application Application

Presentation Http ,Ftp , Http ,Ftp ,

SMTP ,RTP , DATA SMTP ,RTP ,
pop3 , pop3 ,
Session
H Data
SEGMENT

Transport Transport
Transport TCP/ UDP
TCP/ UDP
Network Packet Internet
Internet H Segment
IPV4 IPV6
Data link IPV4 IPV6
Network Access
Network Access Frame
Physical
H Packet CRC Ethernet , FR ,
Ethernet , FR ,
ATM , IDSN
ATM , IDSN

Remember : the model describes how data transfer from device to another device
Remember : we can call OSI model by layer number , while tcp/ip model layer are called by layer
name but there Is a mapping for studying purpose

OSI TCP/IP

L1,L2  (Physical , data link )  Network access

L3  (Network)  Internet
CCNA COURSE Mokhtar Ahmed
CCNA COURSE 8/2012 Mokhtar Ahmed
L4  ( Transport )  Transport
L7  (Application )  Application

PBDU: ( Protocol Data Unit ) :

Application  PDU  data

Transport  PDU  Segment
Internet  PDU  packet
Network Access  PDU  Frame

Each layer adds a header , header should contain at least : 1- upper protocol , 2- Certain address ,
session address ip address , mac address

Upper layer protocol : each header define the used application in the upper layer
Session address: you maybe open more then one session so we need to give address for each opened
session

Mac addressing
Media access control address

-each device needs an address to communicate from hop-to-hop

-it's h/w address ( burnt on rom of nic )
-it's 48-bit binary represented into hexa decimal ( 0,1,2,3,4,…..,9,A,B,C,D,E,F)

4BITS =1 HEXA , 48-BUT = 12 HEXA

First 6 HEXA ( 24-bit) called OUI = Organization unique identifier

Second 6 HEXA (24-bit) Called host port )

01000c  CISCO OUI

Types Of destination Mac

1 ) Unicast Mac : one send and one process , the applications chose if it will work unicast , multicast ,
broadcast

HTTP :- Unicast DNS:- BroadCast Netmeeting :- Multicast

2) Broadcast Mac :

Destination Mac : FF:FF:FF:FF:FF:FF

One send and all process
Broadcast : all receive & process
Flood : all receive & some may process

3) Multicast
one send & many receive (process)
soft ware define the multicast mac

Mac Method : Media access control method

CSMA/CD :- Carrier sense multiple access with collision detection

CCNA COURSE Mokhtar Ahmed

 CCNA COURSE 8/2012 Mokhtar Ahmed

Carrier sense : each device that needs to send data will sense its receiver first
Check receiver before transmitting
If Rx is busy  stop sending
If Rx is free  start send

All devices on a hub operate in half duplex can either Tx or Rx at same tome and it's run bu
CSMA/CD

Multiple Access
If more than one device decided to send at the same time , collision will take place

Collision Detection :
The first devices detect collision will find themselves can both Tx & Rx at the same time they will stop
sending and send JAM Signal , all the device will detect the collision

Collision Correction

Each Device that sensed the collision will start random timer , the device that counts down first will
start the operation again it's make the network very slow

Mac Flow Control :

A- Buffering
B- Congestion avoidance by drop low priority :
Voice is high priority , data low priority

MAC FRAME : we need frame to send data from hop to hop

Frame size = 46+18 = 64 byte minimum MTU size ( runt frame )

= 1500+18 = 1518 maximum MTU size ( giant frame)
MTU = Max Transmission unit

IEEE 802.3 Frame <<< what its working with now

Start of Frame Frame length

*Pre-amble SOF DST MAC SRC mac LPN Type+packet CRC

7byte 1byte 6byte byte 6 byte 2 byte 4
010110 10101011

* Pre-amble : used for synchronization and auto clocking

Logical Addressing ( IP ) ( ROUTED PROTOCOL )

The organization that are responsible for disturbing Ips is

IANA = Internet Assigned Numbers Authority

Ipv4:
CCNA COURSE Mokhtar Ahmed
CCNA COURSE 8/2012 Mokhtar Ahmed
1- support logical addressing ( ip address)
2- support end-to-end delivery ( IP PACKET )
Ip address : 32 bit
32
Number of ipv4 = 2 = 4 294 967 296 ip

xxxx xxxx . xxxx xxxx . xxxx xxxx . xxxx xxxx

1 octet =8 bit

ip address is represented in dotted decimal notation

1111 1111 . 1111 1111 . 1111 1111 . 1111 1111

255 . 254 . 255 . 255

IP Classes :-

Class A

Network . Host . Host . Host

Class a ip range from 1.0.0.0 to 126.255.255.255

Number of ips in class A : 16,777,216 ips

Class B

Network . Network . Host . Host

Class b ip range from 128.0.0.0 to 191.255.255.255

Number of ips in class b : 65,536 ips

Class C

Network . Network . Network . Host

Class C ip range from 192.0.0.0 to 223.255.255.255

Number of ips in class c : 256 ips

Class A,b and c are unicast ip and each interface should have either class a , b ,c address

Class D
Reserved for multi cast application
Any pc must have class a , b or class c ip address it can also have a class D multicast address
Ex : games , telnet , video conference , RTP protocol , net meting ,routing protocols , ……..

Class D ip range from 224.0.0.0 to 239.255.255.255

Class E
Reserved for experiments , researches and military uses
Class E ip range from 240.0.0.0 to 255.255.255.255
Ip 255.255.255.255 it's local broad cast for ipv4 address and can't be assigned to any devices

Classless ips
CCNA COURSE Mokhtar Ahmed
CCNA COURSE 8/2012 Mokhtar Ahmed
0.0.0.0 summary of all ipv4 networks and it's an entry in routing table
127.0.0.1 loop back test TCP/IP model in your local pc

Private ip or Reserved ip
Class A : range
10.0.0.0 to 10.255.255.255.
Class B : range
172.16.0.0 to 172.31.255.255
Class C : range
192.168.0.0 to 192.168.255.255

NAT (Network Address Translation):

The main concept of NAT is that, when a PCK is sent to the public network (internet), the NAT
device (router) will change the private address into a public
(real) IP.

- NAT is a software loaded on routers or servers.

NAT terminology:

1- Inside local IP:

Internet device with private IP, i.e the local IP of a device exist in my network.

2- Inside global IP:

Internal device with public IP, i.e the global IP of a device exist in my network.

3- Outside local IP:

External device with local IP, i.e the local IP of a device doesn't exist in my network.

4- Outside global IP:

External device with public IP, i.e the global IP of a device doesn't exist in my network.

Static NAT: "for servers"

- The NAT table is filled manually.

- Static NAT is used if your devices are accessed by others for getting benefits from their services
(i.e serves should have well unchangeable public IPs).

- But why we don't give the servers a public IP only?

Because routers and customers lie in the same network with the server should in the same subnet
and so we will consume many public IPs which is not desirable and so we use private IPs even with
servers.

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed
2-Dynamic NAT :
The router is given a pool of IPs that contains global IPs, so every user tries to access a public
network will be given an IP from the pool.

To configure Dynamic NAT:

1-Define the pool of IPs.
2- Define which inside addresses are allowed to be translated. (ACL)

Ipv6

Why do we need ipv6 ?

Because we need a larger address space

Why do we need a larger address space ?

Internet population , mobile users , mobile phones , transportation vehicles , consumer services

Ipv6 larger address space , global reach ability and flexibility , aggregation , multipoint , auto
configuration , plug and play , end to end without Nat , renumbering

Ipv6 end to end data delivery

Simpler header , routing efficiency , performance and forwarding , rate scalability , no broadcasts no
check sum extension headers , flow labels , address renumbering and modification , mobility and
security mobile ip & IP SEC

IP v6 It's 128 bit address

128 38
2 = 3.40282367 × 10 IP
28
5x10 = IP/Human

IP v6 format :
1- Coloned hexa decimal form
X:X:X:X:X:X:X:X
X= 4 hexa character = 16 bits
2- leading zeros in a field is optional .
Ex : 2003:0001:X:X:X:X:X:X
= 2003: 1 : X : X: X: X : X
3 – successive zeros in a field are represented as 0
Ex: 203B: 0000 : 130F : 0000 : X : X : X :X
= 203B : 0 : 130F : 0 : X : X : X : X
4- Successive fields of zeros is represented by : : and can be used only once
EX: 203B : 0000 : 0000 : 130F : 0000 : 0000 : 0000 : ABCD
CCNA COURSE Mokhtar Ahmed
CCNA COURSE 8/2012 Mokhtar Ahmed
= 203B : 0 : 0 : 130F : : ABCD
note : if two '' : : '' notation are placed in the address , there is no way to identify the size of each
block of zeros
EX: 203B : : 130F : : ABCD  incorrect
Examples :
1- FF01 : 0 : 0 : 0 : 0 : 0 : 0 : 0001  FF01 : : 1
2- 0 : 0 : 0 : 0 : 0 : 0 : 0 : 1  : : 1
3- 0 : 0 : 0 : 0 : 0 : 0 : 0 : 0  : :
Forms of IP v6 destination address
Unicast : only one device has to receive the packet
Multicast : a complete group of devices has to receive the packet
Anycast : any device from a certain group has to receive the packet
Broadcast : Does Not exist and not supported by IP v6
Note : Single interface may be assigned multiple IPv6 addresses of any type : unicast , anycast or
multicast

Any cast ( Global unicast)

Group of devices hat have the same function , & Packet should reach only one of the destination
routers decide on closest device to reach that destination

Subnetting:

- In subnetting, a network is divided into smaller subnets with each subnet having its own subnet
address.
- Dividing a major network into multiple subnetworks, where each subnet is a separate network.
- This can be achieved by giving part of host bits to network bits.
- Now we can divided the major net into 28 subnetworks aech is considered a separate network.
- it's to borrow part of host bits and give it to network bits
- We can increase number of networks but decrease the available hosts

Reasons for Subnetting

• Most IP address assignments were not used very efficiently.
• Broadcast problem.
• Many sites were requesting multiple network numbers due to variable amounts of networks at
their sites.

Subnet mask : Should exist beside the IP address used to determine the network & host parts
It is 32-bit mask ( Because our ip is32 bit
It's continuous 1's followed by continuous 0's
- 1 indicates in IP (network part).
- 0 indicates in IP (host part).
Mask : 11111111 . 11111111 .11111111 .00000000
In ip this in ip this is
Is a network a host part
Part

Ex : IP 10 . 7 . 3 . 8
255 . 0 . 0 . 0 or /8
CCNA COURSE Mokhtar Ahmed
CCNA COURSE 8/2012 Mokhtar Ahmed
IP 172 . 16 . 50 .3
255 . 255. 0 . 0 or /16
IP 192 . 168 . 1 . 1
255 . 255 . 255 . 0

When a PC is up and it needs to send data, it should know 4 information:

Src MAC:
- It's a H/W physical add.
Burnt on the ROM of the NIC and the PCC can read it at startup.
Src IP:
1- Manual(static) method:
Write the IP (usually the private IP), mask, default gateway and DNS IP.
2- Automatic:
(2.1)Reverse Address Resolution Protocol (RARP):
Resolve unknown IP to known MAC.It's a S/W, when it's setuped on a certain PC then this certain
PC becomes a RARP server (gives IPs for PCs).

RARP is a layer 2 protoco, i.e it hides in an Ethernet frame.

The RARP server will form a table between different MACs of the PCs and certain allowed IPs but
this table should be filled manually and we should know all the MACs.
It's still static IP, as we wrote it on the table.
RARP request:
- It's sent B.C.
- The reply is unicast, from the RARP server (PC sent the RARP request).The RARP sent
automatically at windows startup.
- RARP is layer 2 protocol, i.e the RARP request is not put in IP pck but in Ethernet frame
because RARP is used only in LANs.
RARP server can't be out of the LAN or in other LAN.-

ARP REQUEST

Routing

Routing protocol:

- It's the exchange of information between routers, sa as each router can tell other routers about
network it can reach.
- It's final target is to form the routing table (RTG table).
- Example: Rip, OSPF, IGRP, BGP, EIGRP.
- Each router sends to other neighbor routers information about the network that it can reaches.

Routed protocol:

- It's the protocol that is responsible for:

i- End-To-End delivery.
ii- Logical addressing for every device.
- Example: IP, IPx, Apple talk.

Static routing:
CCNA COURSE Mokhtar Ahmed
CCNA COURSE 8/2012 Mokhtar Ahmed

- Build the RTG table manually with fixed entries.

- Used if only 1 single path to destination is available.

- Examples: - Static route.
- default static route.
- default network.

Dynamic routing:

- If multiple paths to dst are available.

1- IGP category" Work within autonomous system"

2- EGP category. " work between autonomous systems "

- Translate between IGPs or between routing protocols.
- Exampl: BGP.

Administrative distance:

A number between 0 to 255 given to every protocol indicating the trustfulness of this protocol.

Best path = least admin distance

Best path:

Best path = least metric

Metric may be:

Hop: Less hops to dst is better.

B.W: Choose the widely road to the destination.
Delay: Path gives less delay is better.
Load: We may have large BW but used by all people.
Cost: According to BW and delay.
Reliability: How many times the network dropped and start up again.

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed
MTU: Maximum Transmission Unit as it's large, then we don't have to divide the data and that's
better.

- Any protocol use only 1 metric (RIP,….)

- Cisco routers use all of these metrics using a certain equation (IGRP,EIGRP).

1- Static routing: Used if there's a single path between src and dst.

1.1- Direct connected:

- No need to define a routing protocol as directly connected.

- Mask is very important information and should be known.
- The router can form the routing table of the directly connected networks to him through the IP
and mask I give for its port.

1.2- Static route:

- Build your routing table manually.

- This is used with the internet service provider's routers (ISP).

1.3- Default static route:

Gateway of last resort.

1.4- Default network:

S star means static to all (else)

(2)Dynamic route:
CCNA COURSE Mokhtar Ahmed
CCNA COURSE 8/2012 Mokhtar Ahmed

Used if there are multiple paths between src and dst.

Distance vector (DV):

each router detects its direct connected networks and form its initial routing table routers pass
periodic copies of routing table to neighbor routers and learn the best paths to all networks ( the
paths with the least metric ) and form the final routing table (convergence) after convergence periodic
updates (full routing table) are sent to indicate any change in the topology .

At Change When a network is down or new network appears Router "R4" wait for periodic update
and then sends it's full RTG table. Put it's IP with Metric "16" It Means The It's Down. So router will
update it's table and after 30 seconds will FWD it to the next router.

Problems:

1- Slow convergence:

If any router may sense that any port of any other router is failure (down) after many seconds (at
minimum 30 sec).

2- Routing loop

Solutions:

1- TTL expire: TTL of the PCK starts with 255 and when it reaches zero the PCK will be
discarded.
2- Triggered update: - We don't wait until 30 sec (RIP) but whenever the update occurs the
router will forward it's full RTG table.
- Any routers receives this update will forward it and will reply with an AC.
3- Split horizon:
route learned from interface can never be advertised (sent) back on the same interface.
4- Hold down timer: (RIP=180 sec, IGRP=280 sec)
The router that learns about a failed route will never try to learn about it unless:

a- The router is learned from the same source with the same metric.
b- The router is learned from another source with better metric.
c- Hold time down is expired.

Ripv1: (Routing information protocol)

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed

It's a layer 7 protocol, i.e the PCs will accept routing updates every 30 sec but they won't understand
these updates

1- Distance vector routing protocol.

2- Send periodic updates containing full routing table every 30 sec out of all interfaces on address
255.255.255.255.

- The router will accept the B.C msg and of course it will not pass it as a B.C msg, but it will take an
action, like updating his routing table when the router understands that this is a rip msg.
- Ripv1 deals with UDP and most protocols deals with UDP send B.C.

3- At change (network is up or down) the router send triggered update containing full table and the
change entry (ex: 10, 16).

4- Symbol in RTG table is "R".

5- Admin distance = 120.

6- Metric is a hop count (max = 15 hop).

- We can put as max. a 16 router in series.

7- Classfull: doesn't send the mask in updates.

- The router that receives the update will estimate the mask.

8- Support equal load-sharing (Balancing): 4 paths by default

and 6 paths maximum.

9- Use Bellman Ford algorithm to calculate RTG table.

10- Support solutions:
- Triggered update+ poisoned route+ poison reverse(ACK)
- Split horizon
- Hold down timer = 180 sec.

IGRP (Interior Gate Way Protocol)

1- Distance Vector(D.V) routing protocol (CISCO proprietary).

2- Like Ripv1, but periodic updates every 90 sec.
3- Symbol in RTG table "I".
4- Admin distance = 100.
- IGRP is more trustfulness than Ripv1.
5- Metric is composite one ((k1/BW) + (k2*load) + (k3*delay) + (k4/reliability) + (k5/MTU)).
- By default k1=k3=1 (the most important factors are B.W and delay).
- Composite means that a combination of: B.W, load, delay, reliability, MTU.
- According to this composite metric we can use as max 100 routers in series (default) and by
configuration we can use as max. 255 routers in series (according to TTL=255).
6- IGRP is classfull protocol.
7- Support equal and non-equal load sharing (4 paths default and 6 paths maximum by
configuration).
8- Use Bellman Ford algorithm to calculate the RTG table like Ripv1.

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed
9- Support solutions:
- triggered update+ poisoned route+ poison reverse.
- Split horizon.
- Hold down timer = 280 sec.
(The periodic update is every 90 sec)

Advanced (D.V)

Ripv2: Is the same protocol as Ripv1 but changes are in the updating and it's a layer 7 protocol.
1- Its advanced protocol.
2- It sends updates on multicast address 224.0.0.9.

- Ripv2 sends only multicast msg and those who're learned this multicadt address will accept the msg.

3- It supports authentications using password.

- It's used for security, before sending updates R2 should enter a password.
- For wrong password, then R1 will discard the request and shutdown interface.

4- Classless: It sends mask with updates.

5- Send periodic updates every 30 sec out of all its interfaces.
6- Symbol in RTG table is "R".

How to know whether our router works Ripv1 or Ripv2 and both have symbol "R"?

7- Use triggered update, split horizon and hold down timer.

8- Support end load sharing (4 default and 6 maximum).
9- Admin distance = 120.
10- Metric = hop count (max = 15).

EIGRP (Enhanced IGRP): It's the best protocol.

It's the best protocol.

1- Advanced D.V CISCO proprietary.
2- Send full RTG table at startup only once to its neighbors.
3- At change only partial triggered updates are transmitted.
4- No periodic updates (no B.WE waste): As no updates (overhead) are Tx.
5- No routing loops use DUAL.
DUAL(Diffusion Update Algorithm): This algorithm put some conditions for the selected route and
never results in loops.
6- Fast convergence use DUAL.
- Backup path for every best path.

- We save the best path and up to 6 backup paths so if 1 path is down we use the following one.
- All the backup paths don't result on loops.
(i.e they should also path the DUAL exam) but they're oh higher metric (as metric decrease it is
better).
7- Send update in multicast address 224.0.0.10.
8- Classless: Sends the mask with the update.
9- Symbol in RTG table id "D".
10- Admin distance = 90 (the best).
11- Metric of EIGRP (32 bit) = 256 * metric of IGRP (24 bits)
12- Maximum hop count = 224 hop, we may use 255 routers in series.
13- Support equal and non-equal load sharing (non-equal load balancing).

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed
14- Support routing for multiple network layered routed protocols (IP, IPx, Apple talk).
- IP pck, IPx pck,Apple talk pck are different and so IP, IPx and Apple talk can't understand
each other.
EIGRP terminology:

1- Neighbor table: "List of all neighbors"

2- Routing table: "List of best routes to dst"
3- Topology table: "List of all routers to all destinations"
- Your neighbors RTG table.
4- Successor (S): "Best path"
5- Feasible successor (FS): "Backup path"
6- Feasible distance (FD): "Metric between src router and dst router"
7- Advertised distance (AD): "Metric between my neighbor and dst"
AD = y metric is function of (delay, B.W,…)
N.B: RTG table shows successor by certain AD (best path).

Link state routing:

At startup:

1- Each router will try to discover the link state neighbor using a hello msg.
2- Each router will form a packet describing itself called LSA (Link State Advertisement) and
sends it to all its neighbor.

3- Each neighbor that receives a LSA will take a copy of it in its LSDB (Link State Data Base)
and then sends it as it is to all its other neighbor, so LSA of each router will be flooded in the AS.

4- Each router will then draw a tree from its LSDB called LSDB tree.

5- Each device will apply Dijkstra algorithm (SPF algorithm) on the LSDB tree to get "SPF tree",
SPF = Shortest Path First.

6- The SPF tree will be then translated to a routing table.

CCNA COURSE Mokhtar Ahmed
CCNA COURSE 8/2012 Mokhtar Ahmed

At convergence:

Each router will only send periodic LSA every 30 min or more to make LSDB refreshment.

At change:

- Router that feels change will send triggered partial update.

- Assume network on Eo is down then "W" will send the following.
- Each neighbor will take a copy of this LSA and updates its LSDB and redraw the LSDB tree and
then redraw the SPF tree and reform his RTG table and in the same time forward the LSA of W as it
is to the following neighbors.

Link state disadvantages:

1- Very complex implementation, design and configuration.

2- Network instability will affect the entire AS.
3- High CPU usage.
4- High memory utility.

Link state advantages:

1- No routing loops.
2- Reliable.
3- NO B.W waste.
4- Classless.
5- Use multicast.

Link states protocols:

OSPF (Open Shortest Path First)

1- Open standard link state routing protocol.

2- Sends triggered update called LSA at startup and at change on multicast address 224.0.0.5 and
224.0.0.6 (each has different use) to its neighbors.
3- Symbol in RTG table "O".
4- Admin distance = 110.
CCNA COURSE Mokhtar Ahmed
CCNA COURSE 8/2012 Mokhtar Ahmed
5- Metric = cost = (108/B.Wi), if B.W =100 Mbps then the cost= 1.
- B.Wi is the B.W of the interface = by default 1.54 Mbps
- Number of hops is unlimited.
6- Use Dijkstra algorithm to calculate the RTG table.
7- Classless and reliable.
- classless: Transmit the mask during update.
- reliable: Transmit ACK.
8- Sends periodic update every 30 min (LSDB refreshment).
9- Support hierarchical design (divide AS to areas).
- Each router can know full details about its area and know only summary about other areas.

Hierarchical design:

1- More complex design (disadvantages).

2- Network instability will affect only the area and not the entire network (advantages).
3- Less CPU usage (advantages).
4- Less memory utility (advantages).

Process ID:

As if we divide our router into number of routers each interface can flow a process:
1- Number that identify a unique LSDB on the local router.
2- Locally significant (affect the local router only and not advertised to other routers).

- Each part will have a different process ID and will have a different LSDB.
- LSAs will sent to those who share the same process.

OSPF networks types:

1- Point-to-point:

2- BMA (Broadcast Multiple Access):

- Broadcast means that the routers lie in the same local area and affected by their broadcasts
(Ethernet or token ring).
- Multiple access means that more than 1 neighbor on 1 interface.

3- NBMA (Non Broadcast with Multiple Access):

- The WAN switch (ex: FR switch) discarding any B.C msg, so if R4 needs to send a B.C to R1, R2
and R3 then the router will use "simulate B.C".

- Simulate B.C = replicate unicast msg.

- OSPF operation for BMA and NMBA network topologies:
1- Neighbor discovery: "Hello protocol"
CCNA COURSE Mokhtar Ahmed
CCNA COURSE 8/2012 Mokhtar Ahmed
- Hello msg is keep a life msg sent periodically every 10 seconds to refresh with neighbors.
- Dead interval (Hold down time) it's means the time after which I consider my neighbor dead (40
sec).

Neighbor ship is accepted if 4 conditions are verified:

1- The router lie in the same area.

2- The router has the same Hello interval.
3- The router has the same dead interval.
4- The router has the same OSPF password.

- Password defined by configuration on all OSPF routers and should be the same.

N.B:

- High speed is large than (T1 = 1.54 Mpbs): Hello every 5 sec and dead every 15 sec.
- Low speed is less than (T1 = 1.54 Mpbs): Hello every 60 sec and dead every 180 sec

Election for designated router (DR) and Backup designed router (BDR)

How to elect a DR:

1- First router to boot up: The routers that boots before others by 40 seconds.
2- Router having highest priority per interface.
- By default the priority = 1 and we can change it by configuration from (0 to 255).
- If priority = 0 then the router can't be DR and BDR.
3- Router having highest RID (Router ID).
Router ID:
- Highest IP address configured in loop back interface.
- Highest IP configured on active interface
(if the loop back doesn't exist).
- Loop back interface:
- Virtual S/W interface.
- Always up, need no "no shutdown".
- Used in DNS table, because if we use a physical interface it may be down any time.
- We may use from 0 to 4 milliards loop back interfaces.

2- Route discovery: "exchange protocol"

- If a router is not a DR or BDR then this router is called "Drother".

- In case of point-to point topology:

CCNA COURSE Mokhtar Ahmed

CCNA COURSE 8/2012 Mokhtar Ahmed

Protocol
Wan Switching
Security

IEEE standards
Shortcut words

CCNA COURSE Mokhtar Ahmed