Ccna icnd2
-
Upload
hendra-mulyanto -
Category
Design
-
view
660 -
download
7
description
Transcript of Ccna icnd2
![Page 1: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/1.jpg)
CCNA ICND2
![Page 2: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/2.jpg)
VTP
![Page 3: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/3.jpg)
VTP With two Server
![Page 4: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/4.jpg)
VTP Pruning
![Page 5: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/5.jpg)
VTP FeaturesFunction Server Client Transparent
Only sends VTP messages out ISL or 802.1Q trunks
Yes Yes Yes
Supports CLI configuration of VLANs
Yes No Yes
Can use normal-range VLANs (1–1005)
Yes Yes Yes
Can use extended-range VLANs (1006–4095)
No No Yes
Synchronizes (updates) its own config database when receiving VTP messages with a higher revision number
Yes Yes No
Creates and sends periodic VTP updates every 5 minutes
Yes Yes No
Does not process received VTP updates, but does forward received VTP updates out other trunks
No No Yes
Places the VLAN ID, VLAN name, and VTP configuration into the running-config file
No No Yes
Places the VLAN ID, VLAN name, and VTP configuration into the vlan.dat file in flash
Yes Yes Yes
![Page 6: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/6.jpg)
One Switch Three VLAN
![Page 7: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/7.jpg)
Two Switch Three VLAN
![Page 8: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/8.jpg)
VLAN Trunking Configuration
■ The type of trunking: IEEE 802.1Q, ISL, or negotiate which one to use
■ The administrative mode: Whether to trunk, not trunk, or negotiate
![Page 9: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/9.jpg)
Trunking Administrative Mode
Command Option Description
access Prevents the use of trunking, making the port always act as an access (nontrunk) port
trunk Always uses trunking
dynamic desirable
Initiates negotiation messages and responds to negotiation messages to dynamically choose whether to start using trunking, and defines the trunking encapsulation
dynamic auto
Passively waits to receive trunk negotiation messages, at which point the switch will respond and negotiate whether to use trunking, and if so, the type of trunking
![Page 10: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/10.jpg)
Expected Trunking Mode
Administrative Mode Access Dynamic Auto Trunk Dynamic Desirableaccess Access Access Access Accessdynamic auto Access Access Trunk Trunktrunk Access Trunk Trunk Trunkdynamic desirable Access Trunk Trunk Trunk
![Page 11: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/11.jpg)
Voice VLAN
![Page 12: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/12.jpg)
Spanning Tree Protocol(IEEE 802.1D)Problem Description
Broadcast storms
The forwarding of a frame repeatedly on the same links, consuming significant parts of the links’ capacities
MAC table instability
The continual updating of a switch’s MAC address table with incorrect entries, in reaction to looping frames, resulting in frames being sent to the wrong locations
Multiple frame transmission
A side effect of looping frames in which multiple copies of one frame are delivered to the intended host, confusing the host
![Page 13: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/13.jpg)
STP Block
![Page 14: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/14.jpg)
STP Forwarding State Criteria
■ STP elects a root switch. STP puts all working interfaces on the root switch inForwarding State.
■ Each nonroot switch considers one of its ports to have the least administrative costbetween itself and the root switch. STP places this least-root-cost interface, called thatswitch’s root port (RP), in Forwarding State.
■ Many switches can attach to the same Ethernet segment. The switch with the lowestadministrative cost from itself to the root bridge, as compared with the other switchesattached to the same segment, is placed in Forwarding State. The lowest-cost switch oneach segment is called the designated bridge, and that bridge’s interface, attached tothat segment, is called the designated port (DP).
![Page 15: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/15.jpg)
STP Forwarding or BlockingCharacterization of Port STP State Description
All the root switch’s ports Forwarding The root switch is always
the designated switch on
all connected segments.Each nonroot switch’s root port Forwarding The port through which
the switch has the least
cost to reach the root
switch.Each LAN’s designated port Forwarding The switch forwarding
the lowest-cost BPDU
onto the segment is the
designated switch for
that segment.All other working ports Blocking The port is not used for
forwarding frames, norare any frames receivedon these interfacesconsidered forforwarding
![Page 16: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/16.jpg)
STP Hello BPDU
Field Description
Root bridge ID The bridge ID of the bridge/switch that the sender of this Hello currently believes to be the root switch
Sender’s bridge ID The bridge ID of the bridge/switch sending this Hello BPDU
Cost to reach root The STP cost between this switch and the current root
Timer values on the root switch
Includes the Hello timer, MaxAge timer, and Forward Delay timer
![Page 17: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/17.jpg)
STP Tie Breaking Decision
1. Lowest root bridge ID2. Lowest root path cost to root bridge3. Lowest sender bridge ID4. Lowest sender port ID
![Page 18: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/18.jpg)
Electing Root Bridge
![Page 19: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/19.jpg)
SW1 Wins Election
![Page 20: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/20.jpg)
Switch Root Port
![Page 21: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/21.jpg)
Spanning Tree States
State Forwards Data Frames?Learns MACs BasedonReceived Frames?
Transitory or Stable State?
Blocking No No StableListening No No TransitoryLearning No Yes TransitoryForwarding Yes Yes StableDisabled No No Stable
![Page 22: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/22.jpg)
Default Port Cost (IEEE)
Ethernet Speed Original IEEE Cost Revised IEEE Cost10 Mbps 100 100100 Mbps 10 191 Gbps 1 410 Gbps 1 2
![Page 23: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/23.jpg)
Steady State Condition
1. The root creates and sends a Hello BPDU, with a cost of 0, out all its workinginterfaces (those in a Forwarding State).2. The nonroot switches receive the Hello on their root ports. After changing the Hello tolist their own bridge ID as the sender’s BID, and listing that switch’s root cost, theswitch forwards the Hello out all designated ports.3. Steps 1 and 2 repeat until something changes.
![Page 24: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/24.jpg)
STP TimersTimer Description Default Value
Hello The time period between Hellos created by the root.
2 sec.
Max AgeHow long any switch should wait, after ceasing to hear Hellos, before trying to change the STP topology.
10 times Hello
Forward Delay
Delay that affects the process that occurs when an interface changes from Blocking State to Forwarding State. A port stays in an interim Listening State, and then an interim Learning State, for the number of seconds defined by the forward delay timer.
15 sec.
![Page 25: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/25.jpg)
Reacting To Link Failure
![Page 26: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/26.jpg)
Etherchannel
![Page 27: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/27.jpg)
Rapid STP(IEEE 802.1w)
RSTP (802.1w) works just like STP (802.1d) in several ways: ■ It elects the root switch using the same parameters and
tiebreakers. ■ It elects the root port on nonroot switches with the
same rules. ■ It elects designated ports on each LAN segment with
the same rules. ■ It places each port in either Forwarding or Blocking
State, although RSTP calls the Blocking State the Discarding State.
![Page 28: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/28.jpg)
RSTP Link and Edge Type
![Page 29: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/29.jpg)
RSTP and STP Port State
Operational State STP State (802.1d) RSTP State (802.1w) Forwards Data Frames in This State?
Enabled Blocking Discarding NoEnabled Listening Discarding NoEnabled Learning Learning NoEnabled Forwarding Forwarding YesDisabled Disabled Discarding No
![Page 30: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/30.jpg)
RSTP Port Roles
![Page 31: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/31.jpg)
RSTP and STP Port RolesRSTP Role STP Role Definition
Root port Root portA single port on each nonroot switch in which the switch hears the best BPDU out of all the received BPDUs
Designated port Designated port
Of all switch ports on all switches attached to the same segment/collision domain, the port that advertises the “best” BPDU
Alternate port — A port on a switch that receives a suboptimal BPDU
Backup port —
A nondesignated port on a switch that is attached to the same segment/collision domain as another port on the same switch
Disabled —A port that is administratively disabled or is not capable of working for other reasons
![Page 32: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/32.jpg)
RSTP Convergence
![Page 33: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/33.jpg)
Multiple Instances of STP
![Page 34: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/34.jpg)
Three Options MST
Option Supports STP
Supports RSTP
ConfigurationEffort
Only One Instance Required for Each Redundant
PVST+ Yes No small NoPVRST No Yes small NoMIST No Yes medium Yes
![Page 35: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/35.jpg)
Bridge Priority and System ID
Priority(0 – 65535)
System ID(MAC Address)
PriorityMultipleOf 4096
System ID(MAC Address)
System ID Extension(Typically Holds VLAN ID)
![Page 36: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/36.jpg)
STP Configuration
Setting Default Command(s) to Change Default
Bridge ID
Priority: 32,768 + VLAN IDSystem: A burned-in MAC on theswitch
spanning-tree vlan vlan-id root{primary | secondary}spanning-tree vlan vlan-id prioritypriority
Interface cost
100 for 10 Mbps, 19 for 100 Mbps, 4 for 1 Gbps, 2 for 10 Gbps spanning-tree vlan vlan-id cost cost
PortFast Not enabled spanning-tree portfastBPDU Guard Not enabled spanning-tree bpduguard enable
![Page 37: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/37.jpg)
STP Analysis
![Page 38: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/38.jpg)
IP Forwarding
![Page 39: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/39.jpg)
LAN Switching
![Page 40: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/40.jpg)
MAC Broadcast
![Page 41: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/41.jpg)
Unicast Traffic
![Page 42: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/42.jpg)
IP Address Design
![Page 43: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/43.jpg)
IP Standard and Extended ACL
![Page 44: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/44.jpg)
Cisco Access List
■ Packets can be filtered as they enter an interface, before the routing decision.
■ Packets can be filtered before they exit an interface, after the routing decision.
■ Deny is the term used in Cisco IOS software to imply that the packet will be filtered.
■ Permit is the term used in Cisco IOS software to imply that the packet will not be filtered.
■ The filtering logic is configured in the access list. ■ At the end of every access list is an implied “deny all traffic”
statement. Therefore, if a packet does not match any of your access list statements, it is blocked.
![Page 45: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/45.jpg)
VPN• Confidentiality (Privacy): Preventing anyone in the middle of the Internet (man in the middle) from being able to read the data
• Authentication : Verifying that the sender of the VPN packet is a legitimate device and not a device used by an attacker
• Data integrity: Verifying that the packet was not changed as the packet transited the Internet
• Anti-replay: Preventing a man in the middle from copying and later replying the packets sent by a legitimate user for the purpose of appearing to be a legitimate user
![Page 46: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/46.jpg)
VPN Tunnel Concept for Site to site VPN
![Page 47: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/47.jpg)
Intranet, Extranet and Access VPN
![Page 48: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/48.jpg)
Basic IPSec Encryption Process
![Page 49: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/49.jpg)
Steps for IPSec Encryption Process
1. The sending VPN device (like the remote office router) feeds the original packet and the session key into the encryption formula, calculating the encrypted data.2. The sending device encapsulates the encrypted data into a packet , which includes the new IP header and VPN header.3. The sending device sends this new packet to the destination VPN device 4. The receiving VPN device runs the corresponding decryption formula, using the encrypted data and session key —the same value as was used on the sending VPN device—to decrypt the data.
![Page 50: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/50.jpg)
Comparing VPN Encryption Algorithm
Encryption AlgorithmKey Length(Bits) Comments
Data Encryption Standard(DES) 56
Older and less secure than the other list here
Triple DES(3DES) 56 * 3
Applies three different 56-bit DES key in succession, improving encryption strength compare with DES
Advanced Encryption Standard(AES) 128 and 256
Considered the current best practice, with strong encryption and less computation compared with 3DES
![Page 51: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/51.jpg)
SSL VPN Options
![Page 52: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/52.jpg)
Routing IP over Serial
![Page 53: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/53.jpg)
Replacing Serial with Tunnel
![Page 54: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/54.jpg)
Tunnel Routers Learning
![Page 55: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/55.jpg)
Encapsulating IP Packet in GRE Packet
![Page 56: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/56.jpg)
Routing Protocol Function
1. Learn routing information about IP subnets from other neighboring routers.2. Advertise routing information about IP subnets to other neighboring routers.3. If more than one possible route exists to reach one subnet, pick the best route based on a metric.4. If the network topology changes—for example, a link fails—react by advertising that some routes have failed, and pick a new currently best route. (This process is called convergence.)
![Page 57: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/57.jpg)
IP IGP MetricIGP Metric Description
RIP-1, RIP-2 Hop count
The number of routers (hops) between a router and the destination subnet.
OSPF Cost
The sum of all interface cost settings for all links in a route, with the cost defaulting to be based on interface bandwidth.
EIGRP Composite ofbandwidth and delay
Calculated based on the route’s slowest link and the cumulative delay associated with each interface in the route.
![Page 58: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/58.jpg)
Distance Vector Protocol
![Page 59: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/59.jpg)
Link State Routing Protocol
■ Router LSA: Includes a number to identify the router (router ID), the router’s interface IP addresses and masks, the state (up or down) of each interface, and the cost (metric) associated with the interface.
■ Link LSA: Identifies each link (subnet) and the routers that are attached to that link.It also identifies the link’s state (up or down).
![Page 60: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/60.jpg)
Dijkstra Algorithm
![Page 61: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/61.jpg)
OSPF Neighbor
Specifically, the following must match before a pair of routers become neighbors:
■ Subnet mask used on the subnet ■ Subnet number (as derived using the subnet mask and
each router's interface IP address) ■ Hello interval ■ Dead interval ■ OSPF area ID ■ Must pass authentication checks (if used) ■ Value of the stub area flag
![Page 62: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/62.jpg)
OSPF Early Neighbor States
![Page 63: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/63.jpg)
OSPF Database Exchange
Step 1 Based on the OSPF interface type, the routers may or may not collectively elect aDesignated Router (DR) and Backup Designated Router (BDR).Step 2 For each pair of routers that need to become fully adjacent, mutuallyexchange the contents of their respective LSDBs.Step 3 When completed, the neighbors monitor for changes and periodicallyreflood LSAs while in the Full (fully adjacent) neighbor state.
![Page 64: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/64.jpg)
Choosing DR
![Page 65: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/65.jpg)
OSPF DR Prerequisites ■ The router sending the Hello with the highest OSPF priority setting
becomes the DR. ■ If two or more routers tie with the highest priority setting, the router
sending the Hello with the highest RID wins. ■ It's not always the case, but typically the router with the second-
highest priority becomes the BDR. ■ A priority setting of 0 means that the router does not participate in
the election and can never become the DR or BDR. ■ The range of priority values that allow a router to be a candidate are
1 through 255. ■ If a new, better candidate comes along after the DR and BDR have
been elected, the new candidate does not preempt the existing DR and BDR.
![Page 66: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/66.jpg)
Two Area OSPF
![Page 67: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/67.jpg)
OSPF Area Design Advantages
■ The smaller per-area LSDB requires less memory. ■ The router requires fewer CPU cycles to process the smaller
per-area LSDB ■ The SPF algorithm has to be run on internal routers only
when an LSA inside the area changes, so routers have to run SPF less often.
■ Less information must be advertised between areas, reducing the bandwidth required to send LSAs.
■ Manual summarization can only be configured on ABRs and ASBRs, so areas allow for smaller IP routing tables by allowing for the configuration of manual route summarization.
![Page 68: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/68.jpg)
OSPF Single Area
![Page 69: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/69.jpg)
OSPF Single Area Configuration
interface ethernet 0/0 ip address 10.1.1.1 255.255.255.0interface serial0/0 ip address 10.1.4.1 255.255.255.0interface serial0/1 ip address 10.1.6.1 255.255.255.0!router ospf 1 network 10.0.0.0 0.255.255.255 area 0
![Page 70: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/70.jpg)
OSPF Multi Area
![Page 71: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/71.jpg)
OSPF Multi Area Configuration
router ospf 1 network 10.1.1.1 0.0.0.0 area 0 network 10.1.4.1 0.0.0.0 area 1 network 10.1.6.1 0.0.0.0 area 0
![Page 72: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/72.jpg)
EIGRP Updates
![Page 73: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/73.jpg)
EIGRP Metric Formula
107 Metric =
Least-bandwidth+
Cumulative –delay * 256
![Page 74: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/74.jpg)
EIGRP Metric
![Page 75: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/75.jpg)
Feasible and Reported Distance
![Page 76: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/76.jpg)
EIGRP Feasible Successor
A router determines if a route is a feasible successor based on the feasibility condition:
If a nonsuccessor route’s RD is less than the FD, the route is a feasible successor route.
![Page 77: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/77.jpg)
EIGRP Successor and Feasible Successor
![Page 78: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/78.jpg)
EIGRP Compare to OSPF
Feature EIGRP OSPFConverges quickly Yes YesBuilt-in loop prevention Yes YesSends partial routing updates, advertising only new or changed information
Yes Yes
Classless; therefore, supports manual summarization and VLSM
Yes Yes
Allows manual summarization at any router Yes NoSends routing information using IP multicast on LANs Yes Yes
![Page 79: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/79.jpg)
EIGRP Neighbor Requirement
RequirementBest Command(s) toIsolate the Problem
Must be in the same subnet show interfacesMust pass any neighbor authentication debug eigrp packets
Must use the same ASN on the router configuration command
show ip eigrp interfaces,show protocols
K-values must match show protocols
![Page 80: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/80.jpg)
Frame Relay Components
![Page 81: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/81.jpg)
Frame Relay LMI Types
Name Document IOS LMI-Type ParameterCisco Proprietary ciscoAnsi T1.617 Annex D ansiITU Q.933 Annex A q933a
![Page 82: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/82.jpg)
Frame Relay PVC
![Page 83: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/83.jpg)
LAPF Framing
LAPF Header
Information LAPFTrailer
DLCI (Usually 10 bits)
FCS
LAPF Header
Cisco LAPFTrailer
LAPF Header
RFC1490
LAPFTrailer
Packet
Packet
Includes Protocol Type Field
![Page 84: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/84.jpg)
Frame Relay Forwarding
![Page 85: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/85.jpg)
Typical Frame Relay Network
![Page 86: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/86.jpg)
Typical Partial Mesh Frame Relay Network
![Page 87: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/87.jpg)
Inverse ARP Process
![Page 88: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/88.jpg)
Hybrid Full Partial Mesh
![Page 89: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/89.jpg)
Frame Relay Global Addressing
![Page 90: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/90.jpg)
DLCI Swapping
The Frame Sent by Router
With DLCI Field
Is Delivered to Router
With DLCI Field
A 41 B 40A 42 C 40B 40 A 41C 40 A 42
![Page 91: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/91.jpg)
SNMP
Simple Network Management Protocol is an application layer protocol that provides a message format for communication between what are termed managers and agents.
![Page 92: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/92.jpg)
MIBISO (1)
ORG (3)
DOD (6)
INTERNET (1)
PRIVATE (4)
ENTERPRISES (1)
CISCO (9)
LOCAL VARIABLES (2)
INTERFACE GROUP (2)
CISCO MGMT (9)
CISCO FLASH GROUP (10)
![Page 93: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/93.jpg)
SNMP Get
![Page 94: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/94.jpg)
SNMP Trap
![Page 95: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/95.jpg)
SNMPv3
• Message integrity: This helps ensure that a packet has not been tampered with in transit.• Authentication : This helps ensure that the packet came from a known and trusted source.• Encryption : This helps to ensure that information cannot be read if the data is captured in transit .
![Page 96: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/96.jpg)
System Message Logging ( Syslog)
Popular destinations for syslog messages include the following :• The logging buffer (RAM in side the router or switch )• The console line• The terminal lines• A syslog server
![Page 97: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/97.jpg)
Syslog Network
![Page 98: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/98.jpg)
System Message Format
*Dec 18 17:10:15.079: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to downNotice that by default on this particular device we see the following :• A timestamp : * Dec 18 17:10:15.079• The facility on the router that generated the message : %LINEPROTO• The severity level : 5• A mnemonic for the message : UPDOWN• The description of the message : Line protocol on Interface Fast Ethernet0/0, changed state to down
![Page 99: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/99.jpg)
Netflow
![Page 100: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/100.jpg)
Netflow Key Purposes
• General network traffic accounting for baseline analysis• Usage-based network billing for consumers of network services• Network design , including redesigns to include new network devices and applications to meet the needs of growing infrastructures• General network security design• Denial of service (DoS) and distributed DoS (DDoS) detection and prevention data• Ongoing network monitoring
![Page 101: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/101.jpg)
Types of Router Memory
RAM
(Working Memory and Running Configuration
Flash
(Cisco IOS Software)
ROM
(Bootstrap programAnd ROMMON)
NVRAM
(StartupConfiguration)
![Page 102: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/102.jpg)
Copying IOS Image for Upgrade Process
![Page 103: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/103.jpg)
Loading bootstrap, IOS, and Initial Configuration
ROM
Flash
Network
NVRAM
Network
Console
Bootstrap
CiscoIOS
RunningConfigFile
RAM
Step 2
Step 3
Step 4
![Page 104: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/104.jpg)
Choices for choosing OS at boot time
BootstrapAndRommon
1st IOS files2nd IOS files..Last IOS files
Boot system(1)Boot system(2)..Last boot system command
ROMRAM
Flash
BOOT = 0
BOOT = 1
BOOT = 2..FNVRAM(Startup-config)
IP Network TFTP
![Page 105: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/105.jpg)
Locations for Copying and Results from Copy Operations
TFTP RAM NVRAM
copy tftp running-configcopy running-configstartup-config
copy running-config tftpcopy startup-configrunning-config
copy tftp startup-config
copy startup-config tftp
![Page 106: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/106.jpg)
Logic and Decision for Entering Setup Mode after Reload
User PowersOn Routers
Is NVRAM Empty
Do you want to enter Setup
mode ?
Users answer question in Setup mode
router copies startup-configto running-config
Complete IOS Initialization
Router moves configuration intoStartup-config and Running-config
Yes
Yes
No
No
![Page 107: Ccna icnd2](https://reader033.fdocuments.net/reader033/viewer/2022061120/546c970eaf795980298b5062/html5/thumbnails/107.jpg)
Old IOS Image Packing
IP Base IP Base IP BaseIP Base IP BaseIP Base IP Base
Security Data Voice Security Security Security
Data
Data Voice Voice