Miscellaneous Additional Info
Routers
ISR = Integrated Services Routers - ISR routers include the smarts and connections to support telephony (Voice over IP) and a number of other specialist components such as Intrusion Prevention.
Creating dhcp
fazenda(config)#ip dhcp pool kote
fazenda(dhcp-config)#network 10.10.36.0 255.255.255.0
fazenda(dhcp-config)#default-router 10.10.36.1
fazenda(dhcp-config)#ex
fazenda(config)#ip dhcp ex
fazenda(config)#ip dhcp excluded-address 10.10.36.1
Protocols:RIP
R* 0.0.0.0/0 [120/0] via 1.1.1.1 - is RIP injected metric via ip default-network 1.1.1.1 command
120 is AD
0 is metric
in ripv2 "prefix routing" - to send updates with mask
update 60 sec chtobi otpravit update
30 -> 180 -> 240
180
holddown
AD - if AD = 255 - no trust at all
Sequence - AD, then metric then load balance
Protocols:EIGRP
RTP - Reliable Transport Protocol
PDM - Protocol-Dependant Modules a) IPv4 b)IPv6
Local Topology Table - all rotes, "raw" material
420 page - missing
Feasible distance - best metric
Reported distance = Feasible Distance +plus Metric to the neigbour , thats reporting the distance
| NEIGBOUR |
TOPOLOGY |
ROUTING |
next hops, interfaces,
has sequence number |
all routes (raw), Feasible Successor |
best routes, Successor |
all tables are stored in RAM
Protocols - OSPF
to change RID:
fazenda(config-router)#router-id 192.168.0.0
show ip ospf command:
show ip ospf database (view rid)
show ip ospf neigbour
show ip ospf interface (view timers)
| DR/BDR is elected |
NO DR/BDR is elected |
Broadcast Networks
(same as Multiaccess)
representative - Ethernet |
Point to Point
representatives - Serial interface, Logical Path in FR |
Non Broadcast (NBMA) -
representatives - x.25, FR, ATM |
Point to Multipoint (PtMP) |
Metrics :
If the bandwidth of an OSPF interface is configured with the "bandwidth 64" command, what would be the calculated cost of the link?
A. 1
B. 64
C. 1562
D. 64000
E. 1500
The question states that OSPF interface has been configured with the bandwidth 64command. Cisco IOS always interprets the values for the bandwidth command as being in kbps, so the bandwidth is configured as 64 kbps. The metric for any OSPF defaults to 100,000,000/bandwidth. So, in this example: 100,000,000 / 64000 = 1562.5
Switching
The Cisco-proprietary Dynamic Trunking Protocol (DTP) actively attempts to negotiate a trunk link with the remote switch. The cost in overhead - DTP frames are transmitted every 30 seconds. If you decide to configure a port as a non-negotiable trunk port, there´s no need for the port to send DTP frames.
DTP can be turned off at the interface level with the switchport nonegotiate command, but as you see below, you cannot turn DTP off until the port is no longer in dynamic desirable trunking mode. (Dynamic desirable is the default mode for most Cisco switch ports.)
SW2(config)#int fast 0/8
SW2(config-if)#switchport nonegotiate
Command rejected: Conflict between ´nonegotiate´ and ´dynamic´ status.
SW2(config-if)#switchport mode ?
access Set trunking mode to ACCESS unconditionally
dynamic Set trunking mode to dynamically negotiate access or trunk mode
trunk Set trunking mode to TRUNK unconditionally
SW2(config-if)#switchport mode trunk
SW2(config-if)#switchport nonegotiate
Wireless
WLAN is half duplex - sends or receives, not simultaneusly
2,4 GHz, 5,4GHz, 11MB
802.11g - backward compatible with 802.11b
802.11 n MIMO multiple antenas in , multiple antenas out
802.11S - ESS
802.11b uses DSSS, 802.11a/g uses OFDM ?????
The Cisco Wireless Control System (Cisco WCS) is a Cisco Wireless LAN Solution network management tool that adds to the capabilities of the Web user interface and the Command Line Interface, moving from an individual controller to a network of controllers.
RF - radio frequency
LWAPP - Lightweight Access Point Protocol or LWAPP is the name of a protocol that can control multiple Wi-Fi wireless access points at once. This can reduce the amount of time spent on configuring, monitoring or troubleshooting a large network. The system will also allow network administrators to closely analyze the network.
This system is installed in a central server that gathers data from RF devices from different brands and settings. The server can command a selected group of devices to apply given settings simultaneously.
Beacon Frames are frames that have control information and are transmitted in each of the 11 channels and help a wireless station to identify nearby wireless access points (AP) in passive scanning mode. They tell the stations in the Basic Service Set (BSS) about the existence of the network. They can also be transmitted by the AP for polling purposes. The Beacon Frame sent by the AP contains control information and can be used by Mobile stations to locate an AP if it is on active scanning mode.
Diagram showing a typical split-MAC architecture from commsdesign
:
RAP - root Ap vs MAP - mesh Ap
Wireless backhaul (backhaul= obratnii gruz) - is the use of wireless communications systems to get data from an end user to a node in a major network
AWPP
Each AP runs the Adaptive Wireless Path Protocol designed from the ground up by Cisco specifically for the wireless environment. This protocol allows RAPs(randomly addressed polling) to communicate with each other to determine the best path back to the wired network via the RAP. Once the optimal path is established, AWPP continues to run in the background to establish alternative routes back to the RAP just in case the topology changes or conditions cause the link strength to weaken.
FCC - Federal Communications Commission
RTS/CTS
Request To Send / Clear To Send, Узел, желающий отправить информацию, посылает RTS фрейм. Целевой узел отвечает CTS фреймом. Любой другой узел, получивший CTS фрейм, должен воздержаться от отправки информации на заданное время (решение Проблемы скрытого узла). Любой другой узел, получивший RTS фрейм, но не CTS фрейм от передачи информации воздерживаться не должен (решение Проблемы незащищенного узла). Количество времени, которое должен ожидать другой узел перед попыткой доступа к эфиру, записано и в RTS и в CTS фрейме.
SSID - a Service Set Identifier, is a name used to identify the particular 802.11
wireless LANs to which a user wants to attach. A client device will receive
broadcast messages from all access points within range advertising their SSIDs, and can choose one to connect to based on pre-configuration, or by displaying a list of SSIDs in range and asking the user to select one.
Which spread spectrum technology does the 802.11b standard define for operation?
a - ofdm
b - dsss
g - ofdm, dsss
n - ofdm
B. 802.11b uses Direct Sequence Spread Spectrum (DSSS) technology
2,4 GHz - each channel is 24MHz step
802.11a speed shifs: 54->48->36->24->18->9->6 MB
DFS - Dynamic Frequency Selection - abandons frequency if someone starts sending at the same
TPC - Transmit Power Control , naprimer 5mw - umenshaet velichinu cell na maloi ploshadi, The milliwatt (symbol:mW) is equal to one thousandth (10-3)
of a watt. A typical laser pointer might output 5 milliwatts.
Security in WLAN
WPA2 Pre-Shared Key (PSK), also provides keying material that TKIP or AES uses to generate an encryption key for each packet of transmitted data.
WPA-TKIP includes encryption enhancements like MIC, per-packet keys via initialization vector hashing, and broadcast key rotation
WPA2-AES is the "gold standard" for data encryption.
MIC - message integrity check
Threat Defense for WLANs Detection of unauthorized access, network attacks, and rogue access points via an Intrusion Prevention System (IPS), WLAN NAC, and advanced location services.
Cisco’s IPS allows IT managers to continually scan the RF environment, detect rogue access points and unauthorized events, simultaneously track thousands of devices, and mitigate network attacks.
NAC has been specifically designed to help ensure that all wired and
wireless endpoint devices like PCs, laptops, servers, and PDAs that are trying to access network resources are adequately protected from security threats. NAC allows organizations to analyze and control all devices coming into the network.
NAC - network admission control
access points are like hubs. access points vs wireless routers, which have ip addres at interface
missing page - 722, 736
creating wlan interface:
R2(config-if)#int dot11radio0/3/0
R2(config-if)#ip address 10.1.8.1 255.255.255.0
R2(config-if)#description Connection to Corp ISR Router
R2(config-if)#no shut
R2(config-if)#ssid ADMIN
R2(config-if-ssid)#guest-mode
R2(config-if-ssid)#authentication open
R2(config-if-ssid)#infrastructure-ssid
R2(config-if-ssid)#no shut
WAN
Circut Switching - is like dial up connection, "razrivaet soedinenie" ISDN
Packet switching - is "Bursty" type - Frame Relay, x25, T3 do 45MB
Leased line - "videlenka" PPP, HDLC
MPLS - combination of "bursty" and "dialup circut" (Multiprotocol Label Switching)
PPPoE - encapsulates PPP Frame into Ehernet Frame
PPP features: AEC Authentication, Encryption, Compression
Na telefonni interface rutera saditsa ISDN/ADSL
Na Serial interface ne siadet Ethernet ili Token Ring
BRI ili ISDN imeiut tel. raz'em ?
Access Lists
Standard 1-99 , filtruet po source, no pomeshaetsa blizko k destination
Standard Expanded 1300-1999
To specify host only - 172.16.30.5 0.0.0.0
Any host - 0.0.0.0 255.255.255.255 = any
V access-list-ax ip okrugliaiutsa do maski!
nm-16esw module
flat network - it’s one broadcast domain, not because the actual design is physically flat
When using IPv6, then each VLAN must be assigned its own IPv6 network number.
When using IPv6, then each VLAN must be assigned its own IPv6 network number.
Only a few years ago, Ethernet technology was one of many LAN technologies. In LANs, Ethernet was competing with technologies such as FDDI, Token Ring, and Token Bus. In WANs, Frame Relay and ATM became dominant Layer 2 technologies, and Ethernet was not a consideration until only recently. The success of Ethernet as a Layer 2 data networking technology of choice in the LAN environment was primarily due to continued improvement of the Ethernet control-plane by the IEEE 802.1 Working Group .
Traditional WAN data services are primarily based on the time-division multiplexing (TDM) network infrastructure. WAN speeds are essentially bounded by the speeds offered by DS1 (up to 1.5 Mbps), E1 (up to 2 Mbps), E3 (up to 32 Mbps), and DS3 (up to 45 Mbps) circuits. Layer 1 private line service and Layer 2 Frame Relay service are the two dominant WAN services offered today.
Switching
In a VLAN-aware switch, each Ethernet frame's MAC header is extended with a 16-bit IEEE 802.1Q tag that includes a 12-bit VLAN ID
to add a new VLAN to a switched network:
A. Create the VLAN
B. Name the VLAN.
D. Add the desired ports to the new VLAN
no need -> Configure an IP address for the VLAN
amber light = yellow light
kogda u svicha net zapisi mac-a v svoei tablitse, on delaet "flood out" DATA,
not arp requsts
- A secure port cannot be a trunk port
- A secure port cannot be a destination port for Switch Port Analyzer (SPAN)
- A secure port cannot belong to an EtherChannel port-channel interface
port security modes:
shutdown - default
protect - drops only
restrict - drops, logs + increments violation counter;
vtp client doesnot save in NVRAM vtp updates
store-and-forward method - a) increased latency b) fitering all filter frames
mtu 1500 - packet size 1500
sh arp vs sh mac table:
multicasting aalleviates(To make (pain, for example ) more bearable) congestion
vtp - Cisco-proprietary !
5 modes of vtp
dhcp uses udp and FF:FF:FF:FF:FF:FF as layer 2 destination
DHCPDISCOVER usus broadcast (destination IP address of 255.255.255.255), the
source IP address of 0.0.0.0 is used.
ip helper-address command makes the router forward UDP broadcasts (for dhcp)
DHCP - Dynamic Host Configuration Protocol:
DHCP DISCOVER Broadcast - from client
DHCP OFFER Unicast - from server
DHCP REQUEST Broadcast - from client (acceptance)
DHCP ACK Unicast - from server (agreed)
quitting telnet is :
resume 4, disconnect 3, exit
ctrl+shift+6, then x
extended ping not allowed from user mode
ip subnet zero is useful in addressing, not for ip routing p411
calculate ram size calculate rom size
"bootrap code" ?
0x2100 - rommon
"boot system command" ?
what is via 0.0.0.0
eigrp routing:
network 10.0.0.0 0.0.0.255 ?
---
ospf uses cost for metric
in ospf link state send to all router
ospf metric= cto limonov?? / bandwidth:
10 000 000 / divided on byte:
10 000 000 / 64000 = 1562(T1), eth = 10
-
ospf doesnot route betwen autonomous systemas
IP OSPF PRIORITY - ospf interface priority
SH IP OSPF INTERFACES - state of the ospf dr/bdr
"ospf segment" ?
-
wildcard for eigrp not required
eigrp metric = 32bits
-
show interfaces command
--
debugging in telnet - "terminal monitor"
--
vlan access control lists
---
half duplex uses "loopback circuit" to detect collisions
---
serial port for T1 ?
The Route Switch Processor 16 (RSP16) is the newest and highest-performance main
system processor for the Cisco 7500 Series Router. The RSP16 supports up to 1 GB
of program memory
---
sh version - memory q 445
dram = Dynamic Ram
public circuit-switched telephone networks - pstn
In telecommunications, Asynchronous communication is transmission of data
without the use of an external clock signal.
parallel communication is a method of sending several data signals
simultaneously over several parallel channels.
Asynchronous PPP is commonly used in lower-speed transmission and less-expensive
transmission systems such as dialup modems. Asynchronous PPP replaces earlier
non-standard SLIP (Serial Line IP) protocol.
The Cisco proprietary method that is similar to PPP - HDLC.
qos in ppp
The Cisco HDLC frame uses a proprietary "Type Code" field that may not be
compatible
with equipment of other vendors.
"speed" is something set on ethernet interfaces.
On serial links, you have "clock rate" if you are the DCE end.
On ANY interface, you have the "bandwidth" command.
Cisco routers support three LMI types: Cisco, ANSI, and Q933a, it runs in one
dedicated PVC of a Frame Relay link and allows the subscriber and the network to
exchange information about the link itself and about the status of the other
PVCs.(signalling)
Show Frame-relay pvc
Inactive – remote is not working.
Deleted - no LMI is being received from the Frame Relay switch or that there is
no service between the CPE router and Frame Relay switch.
Inverse ARP - dlci(analog of mac) to L3
When using point to point subinterfaces in a frame relay network, the
subinterfaces will
each have their own IP addresses and will each be contained within their own IP
subnet.
The physical interface does not require an IP address.
to configure an existing serial interface to accept a second
Frame Relay virtual circuit is needed:
1 Remove the IP address from the physical interface.
2 Create the virtual interfaces with the interface command.
3 Configure each subinterface with its own IP address.
Frame Relay point-to-point connections vs multipoint Frame Relay - router
interfaces
must all be in the same subnet.
Point to point is the default frame relay subinterface type
DLCI - Data Line Circuit ID mac= dlci, keepalives=lmi
csu/dsu - digital loop
ppp
1 can be used over ANALOG
2 encapsulates several PROTOCOLs
3 Provides ERROR CORRECTION
1 do NOT maps L2 to L3
LCP packets are sent by each PPP device to configure and test the link.
These packets contain a field "Configuration Option" that allows each device to
see
the size of the data, compression, and authentication.
LCP negotiates control options: authentication, multilink, callback,
compression and error detection.
IPCP(IP Control protocol) is supported by NCP
IPv6
1 when a host needs prefix it sends "Router Solicitation" RS - ICMP type 133
2 Answer - "Router Advertisement" RA - icmp type 134
stateless - no further info needed
ipv6
IPv6 unicast-routing vs IPv6 enable
IPv6 unicast-routing - every interface turning on individually
-
ipv6 dhcp pool kote
arp ipv6 = Neighbor Discovery ICMPv6
IGMP ipv6 = Multicast Listener Discovery ICMPv6
Nat ipv6 = NATPT NAT Protocol Translation
--
solicited mode address
ppp is used 1 isdn 2asynchronous serial 3 serial ppp
--
boot to rommon vs boot ios from rom ??? not same
sh version shows only size of flash, not used/free
which ios is running - sh version, because sh flash shows all ioses ?
Regarding PAR (Positive Acknowledgement and Re-transmission), which of the
answer choices below are correct? (Select all that apply.)
A. The source device will only retransmit lost packets on the request of the
destination device.
B. The source device starts a timer when it sends a segment and retransmits if
an acknowledgment is not received before the timer expires.
C. The destination device acknowledges receipt of a segment by sending a packet
with a new sequence number and the ACK bit sent.
D. The destination device acknowledges receipt of a segment by sending a packet
that indicates the next sequence number it expects
E. If the destination device does not receive a segment, all segments are
retransmitted
F. The source device keeps a record of all segments sent and expects and
acknowledgment of each.
The only way to know that it has sent the certain sequence number by keeping
a record of it.
Unlike Frame Relay point-to-point connections, multipoint Frame Relay router
interfaces must all be in the same subnet
Identifies the circuit between R2 and the frame switch
Router(config)#rout eigrp ?
<1-65535> Autonomous system number
Router(config)#rou ospf ?
<1-65535> Process ID
Router(config-router)#netw 10.0.0.0 0.0.0.3 area ?
<0-4294967295> OSPF area ID as a decimal value
Hierarchical design decreases overhead because of hierarchy
OSPF doesnot route btw autonomous systems (igp protocol)
ospf controls it updates - it has extensive control on updates"
Cisco IOS naming
c3640-ds-mz.121-5.bin here mz means Run Location in m (in RAM in this case)
f - Flash
m - RAM
r - ROM
l - relocatable
"multipoint interface" vs "point-to-point subinterfaces"
Point-to-point subinterface - With point-to-point subinterfaces, each pair of
routers has its own subnet. If you put the PVC on a point-to-point subinterface,
the router assumes that there is only one point-to-point PVC configured on the
subinterface. Therefore, any IP packets with a destination IP address in the
same subnet are forwarded on this VC. This is the simplest way to configure the
mapping and is therefore the recommended method. Use the frame-relay
interface-dlci command to assign a DLCI to a specified Frame Relay subinterface.
Multipoint networks - Multipoint networks have three or more routers in the
same subnet. If you put the PVC in a point-to-multipoint subinterface or in the
main interface (which is multipoint by default), you need to either configure a
static mapping or enable inverse Address Resolution Protocol (ARP) for dynamic
mapping
cdp provides :
Device Identifiers
Capabilities list
Platform
ports 0~1023 - well known ports
ports 1024~49151 - registered port: vendors use for proprietary applications
ports > 49151 - dynamic / private ports
So, Well-known -> Registered -> Dynamic
ip route 0.0.0.0 0.0.0.0 217.124.6.1 = ip route 0.0.0.0 0.0.0.0 s0/0 = ip default-network 217.124.6.1
If you have ip routing enable, use either ip default-network or ip route 0.0.0.0
0.0.0.0. If you do not have ip routing enable or are working on a pure switch,
use ip default-gateway.
ip route 0.0.0.0 0.0.0.0 vlan1 - if you dont have an entry in routing table, forward it out Vlan1
ip summary-address rip 10.1.0.0 255.255.0.0
The CX in 1000BaseCX stands for short-haul copper, and it indicates that this
version of Gigabit Ethernet is intended for short cable
Definition of SHORT-HAUL: traveling or involving a short distance short–haul flights
100BaseFX networks are wired together in a star topology using fiber-optic cabling and 100-Mbps fiber-optic hubs or Ethernet switches. The maximum length of any segment of fiber-optic cabling connecting a station (computer) to a hub is 412 meters.
The LX in 1000BaseLX stands for long
The SX in 1000BaseSX stands for short
The Session multiplexing is a service provided by the transport layer (see OSI
Layered Model). It multiplexes several message streams, or sessions onto one
logical link and keeps track of which messages belong to which sessions (see
session layer). An example of session multiplexing—a single computer with one IP
address has several websites open at once.
