` In addition to the wealth of updated content, this new edition includes a series of free hands-on exercises to help you master several real-world configuration and troubleshooting activities These exercises can be performed on the CCNA ICND2 200-105 Network Simulator Lite software included for free on the DVD or companion web page that accompanies this book This software, which simulates the experience of working on actual Cisco routers and switches, contains the following 19 free lab exercises, covering all the topics in Part II, the first hands-on configuration section of the book: EIGRP Serial Configuration I EIGRP Serial Configuration II EIGRP Serial Configuration III EIGRP Serial Configuration IV Save 50% EIGRP Serial Configuration V EIGRP Serial Configuration VI EIGRP Route Tuning I EIGRP Route Tuning II EIGRP Route Tuning III 10 EIGRP Route Tuning IV 11 EIGRP Neighbors I 12 EIGRP Neighbors II 13 EIGRP Neighbors III on New CCENT&CCNA Simulators See DVD sleeve for offer details 14 EIGRP Auto-Summary Configuration Scenario 15 EIGRP Configuration I Configuration Scenario 16 EIGRP Metric Manipulation Configuration Scenario 17 EIGRP Variance and Maximum Paths Configuration Scenario 18 EIGRP Troubleshooting Scenario 19 Path Troubleshooting Scenario IV If you are interested in exploring more hands-on labs and practicing configuration and troubleshooting with more router and switch commands, check out our full simulator product offerings at http://www.pearsonitcertification.com/networksimulator CCNA ICND2 Network Simulator Lite minimum system requirements: Windows (minimum): n Windows 10 (32/64-bit), Windows 8.1 (32/64-bit), or Windows (32/64-bit) n gigahertz (GHz) or faster 32-bit (x86) or 64-bit (x64) processor n gigabyte (GB) RAM (32-bit) or GB RAM (64-bit) n 16 GB available hard disk space (32-bit) or 20 GB (64-bit) n DirectX graphics device with WDDM 1.0 or higher driver n Adobe Acrobat Reader version and above Mac (minimum): n OS X 10.11, 10.10, 10.9, or 10.8 n Intel core Duo 1.83 GHz n 512 MB RAM (1 GB recommended) n 1.5 GB hard disk space n 32-bit color depth at 1024x768 resolution n Adobe Acrobat Reader version and above CCNA Routing and Switching ICND2 200-105 Official Cert Guide WENDELL ODOM, CCIE No 1624 with contributing author SCOTT HOGG, CCIE No 5133 Cisco Press 800 East 96th Street Indianapolis, IN 46240 ii CCNA Routing and Switching ICND2 200-105 Official Cert Guide CCNA Routing and Switching ICND2 200-105 Official Cert Guide Wendell Odom with contributing author Scott Hogg Copyright© 2017 Pearson Education, Inc Published by: Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA All rights reserved No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the publisher, except for the inclusion of brief quotations in a review Printed in the United States of America First Printing July 2016 Library of Congress Control Number: 2016936746 ISBN-13: 978-1-58720-579-8 ISBN-10: 1-58720-579-3 Warning and Disclaimer This book is designed to provide information about the Cisco ICND2 200-105 exam for CCNA Routing and Switching certification Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied The information is provided on an “as is” basis The authors, Cisco Press, and Cisco Systems, Inc shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book or from the use of the discs or programs that may accompany it The opinions expressed in this book belong to the author and are not necessarily those of Cisco Systems, Inc Trademark Acknowledgments All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized Cisco Press or Cisco Systems, Inc., cannot attest to the accuracy of this information Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark iii Special Sales For information about buying this title in bulk quantities, or for special sales opportunities (which may include electronic versions; custom cover designs; and content particular to your business, training goals, marketing focus, or branding interests), please contact our corporate sales department at corpsales@pearsoned.com or (800) 382-3419 For government sales inquiries, please contact governmentsales@pearsoned.com For questions about sales outside the U.S., please contact intlcs@pearson.com Feedback Information At Cisco Press, our goal is to create in-depth technical books of the highest quality and value Each book is crafted with care and precision, undergoing rigorous development that involves the unique expertise of members from the professional technical community Readers’ feedback is a natural continuation of this process If you have any comments regarding how we could improve the quality of this book, or otherwise alter it to better suit your needs, you can contact us through email at feedback@ciscopress.com Please make sure to include the book title and ISBN in your message We greatly appreciate your assistance Editor-in-Chief: Mark Taub Copy Editor: Bill McManus Product Line Manager: Brett Bartow Technical Editor(s): Aubrey Adams, Elan Beer Business Operation Manager, Cisco Press: Jan Cornelssen Editorial Assistant: Vanessa Evans Managing Editor: Sandra Schroeder Cover Designer: Chuti Prasertsith Development Editor: Drew Cupp Composition: Bronkella Publishing Senior Project Editor: Tonya Simpson Indexer: Publishing Works, Inc Proofreader: Paula Lowell cip iv CCNA Routing and Switching ICND2 200-105 Official Cert Guide About the Author Wendell Odom, CCIE No 1624 (Emeritus), has been in the networking industry since 1981 He has worked as a network engineer, consultant, systems engineer, instructor, and course developer; he currently works writing and creating certification study tools This book is his 27th edition of some product for Pearson, and he is the author of all editions of the CCNA Routing and Switching and CCENT Cert Guides from Cisco Press He has written books about topics from networking basics, and certification guides throughout the years for CCENT, CCNA R&S, CCNA DC, CCNP ROUTE, CCNP QoS, and CCIE R&S He helped develop the popular Pearson Network Simulator He maintains study tools, links to his blogs, and other resources at http://www.certskills.com About the Contributing Author Scott Hogg, CCIE No 5133, CISSP No 4610, is the CTO for Global Technology Resources, Inc (GTRI) Scott authored the Cisco Press book IPv6 Security Scott is a Cisco Champion, founding member of the Rocky Mountain IPv6 Task Force (RMv6TF), and a member of the Infoblox IPv6 Center of Excellence (COE) Scott is a frequent presenter and writer on topics including IPv6, SDN, Cloud, and Security v About the Technical Reviewers Aubrey Adams is a Cisco Networking Academy instructor in Perth, Western Australia With a background in telecommunications design, Aubrey has qualifications in electronic engineering and management; graduate diplomas in computing and education; and associated industry certifications He has taught across a broad range of both related vocational and education training areas and university courses Since 2007, Aubrey has technically reviewed a number of Pearson Education and Cisco Press publications, including video, simulation, and online products Elan Beer, CCIE No 1837, is a senior consultant and Cisco instructor specializing in data center architecture and multiprotocol network design For the past 27 years, Elan has designed networks and trained thousands of industry experts in data center architecture, routing, and switching Elan has been instrumental in large-scale professional service efforts designing and troubleshooting internetworks, performing data center and network audits, and assisting clients with their short- and long-term design objectives Elan has a global perspective of network architectures via his international clientele Elan has used his expertise to design and troubleshoot data centers and internetworks in Malaysia, North America, Europe, Australia, Africa, China, and the Middle East Most recently, Elan has been focused on data center design, configuration, and troubleshooting as well as service provider technologies In 1993, Elan was among the first to obtain the Cisco Certified System Instructor (CCSI) certification, and in 1996, he was among the first to attain Cisco System’s highest technical certification, the Cisco Certified Internetworking Expert Since then, Elan has been involved in numerous large-scale data center and telecommunications networking projects worldwide vi CCNA Routing and Switching ICND2 200-105 Official Cert Guide Dedications For Kris Odom, my wonderful wife: The best part of everything we together in life Love you, doll vii Acknowledgments Brett Bartow again served as associate publisher and executive editor on the book We’ve worked together on probably 20+ titles now Besides the usual wisdom and good decision making to guide the project, he was the driving force behind adding all the new apps to the DVD/web As always, Brett has been a pleasure to work with, and an important part of deciding what the entire Official Cert Guide series direction should be As part of writing these books, we work in concert with Cisco A special thanks goes out to various people on the Cisco team who work with Pearson to create Cisco Press books In particular, Greg Cote, Joe Stralo, and Phil Vancil were a great help while we worked on these titles Drew Cupp did his usual wonderful job with this book as development editor He took over the job for this book during a pretty high-stress and high-load timeframe, and delivered with excellence Thanks Drew for jumping in and getting into the minutia while keeping the big-picture features on track And thanks for the work on the online/DVD elements as well! Aubrey Adams and Elan Beer both did a great job as technical editors for this book, just as they did for the ICND1 100-105 Cert Guide This book presented a little more of a challenge, from the breadth of some of the new topics, just keeping focus with such a long pair of books in a short time frame Many thanks to Aubrey and Elan, for the timely input, for taking the time to read and think about every new part of the book, for finding those small technical areas, and for telling me where I need to more Truly, it’s a much better book because of the two of you Hank Preston of Cisco Systems, IT as a Service Architect, and co-author of the Cisco Press CCNA Cloud CLDADM 210-455 Cert Guide, gave me some valuable assistance when researching before writing the cloud computing chapter (27) Hank helped me refine my understanding based on his great experience with helping Cisco customers implement cloud computing Hank did not write the chapter, but his insights definitely made the chapter much better and more realistic Welcome and thanks to Lisa Matthews for her work on the DVD and online tools, like the Key Topics reviews That work included many new math-related apps in the ICND1 book, but also many new features that sit on the DVD and on this book’s website as review tools Thanks for the hard work, Lisa! I love the magic wand that is production Presto, Word docs with gobs of queries and comments feed into the machine, and out pops these beautiful books Thanks to Sandra Schroeder, Tonya Simpson, and all the production team for making the magic happen From fixing all my grammar, crummy word choices, and passive-voice sentences to pulling the design and layout together, they it all; thanks for putting it all together and making it look easy And Tonya, once again getting the “opportunity” to manage two books with many elements at the same timeline Once again, the juggling act continues, and once again, it is done well and beautifully Thanks for managing the whole production process again viii CCNA Routing and Switching ICND2 200-105 Official Cert Guide The figures in the book continue to be an important part of the book, by design, with a great deal of attention paid to choosing how to use figures to communicate ideas Mike Tanamachi, illustrator and mind reader, did his usual great job creating the finished figure files once again Thanks for the usual fine work, Mike! I could not have made the timeline for this book without Chris Burns of Certskills Professional Chris owns the mind map process now, owns big parts of the lab development process for the associated labs added to my blogs, does various tasks related to specific chapters, and then catches anything I need to toss over my shoulder so I can focus on the books Chris, you are the man! Sean Wilkins played the largest role he’s played so far with one of my books A longtime co-collaborator with Pearson’s CCNA Simulator, Sean did a lot of technology work behind the scenes No way the books are out on time without Sean’s efforts; thanks for the great job, Sean! A special thanks to you readers who submit suggestions and point out possible errors, and especially to those of you who post online at the Cisco Learning Network Without question, past comments I have received directly and “overheard” by participating at CLN have made this edition a better book Thanks to my wonderful wife, Kris, who helps make this sometimes challenging work lifestyle a breeze I love walking this journey with you, doll Thanks to my daughter Hannah And thanks to Jesus Christ, Lord of everything in my life Key Topics 245 SPAN configuration actually has quite a few dependencies, with the following list mentioning some of the most important dependencies: ■ A SPAN destination port can be used with only one SPAN session at a time ■ A SPAN destination port cannot also be a SPAN source port ■ When configured as a SPAN destination port, the switch no longer treats the port as a normal port That is, the switch does not learn MAC addresses for received frames, or send frames based on matching the MAC table, for that port ■ A SPAN destination port can be unconfigured from one monitor session (no monitor session number destination interface type number) and then added to another monitor session ■ Multiple SPAN sources can be used in a single SPAN session ■ One SPAN session cannot mix interfaces and VLAN sources; that is, the sources must all be interfaces or all be VLANs ■ One SPAN session can use any combination of directions (transmit, receive, and both) as applied to different SPAN sources ■ EtherChannel interfaces can be used as source ports Frames for all ports in the EtherChannel will be considered by SPAN ■ Trunks can be used as source ports When used, by default, SPAN includes frames from all VLANs on that trunk, but SPAN VLAN filtering can limit the VLANs included 246 CCNA Routing and Switching ICND2 200-105 Official Cert Guide Chapter 27 A VM—that is, an OS instance that is decoupled from the server hardware—still must execute on hardware Each VM has configuration as to the minimum number of vCPUs it needs, minimum RAM, and so on The virtualization system then starts each VM on some physical server so that enough physical server hardware capacity exists to support all the VMs running on that host So, at any one point in time, each VM is running on a physical server, using a subset of the CPU, RAM, storage, and NICs on that server Figure 27-3 shows a graphic of that concept, with four separate VMs running on one physical server Virtual Machine App App App OS Virtual Machine App App App Virtual Machine App OS App App Virtual Machine App App OS OS RAM Network App Hypervisor Storage Figure 27-3 CPU Four VMs Running on One Host; Hypervisor Manages the Hardware Key Topics 247 To get a broader sense of what it means for a service to be a cloud service, examine this list of five criteria for a cloud computing service The list is derived from the definition of cloud computing as put forth by the U.S National Institute of Standards and Technology (NIST): On-demand self-service: The IT consumer chooses when to start and stop using the service, without any direct interaction with the provider of the service Broad network access: The service must be available from many types of devices and over many types of networks (including the Internet) Resource pooling: The provider creates a pool of resources (rather than dedicating specific servers for use only by certain consumers), and dynamically allocates resources from that pool for each new request from a consumer Rapid elasticity: To the consumer, the resource pool appears to be unlimited (that is, it expands quickly, so it is called elastic), and the requests for new service are filled quickly Measured service: The provider can measure the usage and report that usage to the consumer, both for transparency and for billing 248 CCNA Routing and Switching ICND2 200-105 Official Cert Guide IaaS offers a similar idea, but the consumer receives the use of a VM You specify the amount of hardware performance/capacity to allocate to the VM (number of virtual CPUs, amount of RAM, and so on) as shown in Figure 27-9 You can even pick an OS to use Once selected, the cloud provider starts the VM, which boots the chosen OS NOTE In the virtualization and cloud world, starting a VM is often called spinning up a VM or instantiating a VM Customer Installs Apps Later User Picks Operating System (Optional) Storage Figure 27-9 CPU IaaS Concept RAM Network User Picks Key Topics 249 With Software as a Service (SaaS), the consumer receives a service with working software The cloud provider may use VMs, possibly many VMs, to create the service, but those are hidden from the consumer The cloud provider licenses, installs, and supports whatever software is required The cloud provider then monitors performance of the application However, the consumer chooses to use the application, signs up for the service, and starts using the application—no further installation work required Figure 27-11 shows these main concepts User Picks Application Operating System (Optional) Storage Figure 27-11 CPU SaaS Concept RAM Network OS, Hardware Hidden 250 CCNA Routing and Switching ICND2 200-105 Official Cert Guide The primary reasons to choose one PaaS service over another, or to choose a PaaS solution instead of IaaS, is the mix of development tools Without experience as a developer, it can be difficult to tell whether one PaaS service might be better You can still make some choices about sizing the PaaS VMs, similar to IaaS tools when setting up some PaaS services, as shown in Figure 27-12, but the developer tools included are the key to a PaaS service Primary Factor Development Environment and Tools (Platform) Operating System Storage Figure 27-12 CPU PaaS Concept RAM Network Key Topics 251 Using the Internet as the WAN connectivity to a public cloud is both a blessing and a curse in some ways Using the Internet can help you get started with public cloud, and to get working quickly, but it also means that you not have to any planning before deploying a public cloud service With a little planning, a network engineer can see some of the negatives of using the Internet—the same negatives when using the Internet for other purposes—which then might make you want to use alternative WAN connections Those negatives for using the Internet for public cloud access are Security: The Internet is less secure than private WAN connections in that a “man in the middle” can attempt to read the contents of data that passes to/from the public cloud Capacity: Moving an internal application to the public cloud increases network traffic, so the question of whether the enterprise’s Internet links can handle the additional load needs to be considered Quality of Service (QoS): The Internet does not provide QoS, whereas private WANs can Using the Internet may result in a worse user experience than desired, because of higher delay (latency), jitter, and packet loss No WAN SLA: ISPs typically will not provide a service level agreement (SLA) for WAN performance and availability to all destinations of a network WAN service providers are much more likely to offer performance and availability SLAs 252 CCNA Routing and Switching ICND2 200-105 Official Cert Guide Table 27-2 summarizes some of these key pros and cons for the public WAN options for cloud computing, for study and reference Table 27-2 Comparison of Key Pros and Cons Internet Internet MPLS VPN VPN Ethernet WAN Intercloud Exchange Secure No Yes Yes Yes Yes QoS No No Yes Yes Yes Requires capacity planning Yes Yes Yes Yes Yes Easier migration to new provider Yes Yes No No Yes Can begin using public cloud quickly Yes Yes No No No Key Topics 253 Given those steps, the enterprise can choose to something simple: just update its own DNS to refer to the public IP address used by its application as running at the public cloud provider Figure 27-22 shows the user flow after making changes to the enterprise DNS Enterprise Cloud Provider DNS WAN A-Record: app2.example.com is 198.51.100.1 DNS 198.51.100.1 198.51.100.1 App1 (Link: app1.example.com) App2 (Link: app2.example.com) Figure 27-22 App2.example.com Enterprise DNS Is Updated with Addresses of Public Cloud Apps 254 CCNA Routing and Switching ICND2 200-105 Official Cert Guide Chapter 28 Now broaden your thinking for a moment, and try to think of everything a router or switch might when receiving, processing, and forwarding a message Of course, the forwarding decision is part of the logic; in fact, the data plane is often called the forwarding plane But think beyond matching the destination address to a table For perspective, the following list details some of the more common actions that a networking device does that fit into the data plane: ■ De-encapsulating and re-encapsulating a packet in a data link frame (routers, Layer switches) ■ Adding or removing an 802.1Q trunking header (routers and switches) ■ Matching the destination MAC address to the MAC address table (Layer switches) ■ Matching the destination IP address to the IP routing table (routers, Layer switches) ■ Encrypting the data and adding a new IP header (for VPN processing) ■ Changing the source or destination IP address (for NAT processing) ■ Discarding a message due to a filter (ACLs, port security) Key Topics 255 The following list includes many of the more common control plane protocols: ■ Routing protocols (OSPF, EIGRP, RIP, BGP) ■ IPv4 ARP ■ IPv6 NDP ■ Switch MAC learning ■ STP 256 CCNA Routing and Switching ICND2 200-105 Official Cert Guide Note that a switch still has a general-purpose CPU and RAM as well, as shown in Figure 28-4 IOS runs in the CPU and uses RAM Most of the control and management plane functions run in IOS The data plane function (and the control plane function of MAC learning) happens in the ASIC CPU (IOS) RAM (Various) ASIC Logic TCAM Table Lookup Switch Data Plane Figure 28-4 Key Internal Processing Points in a Typical Switch Key Topics 257 To better understand the idea of a controller, consider the case shown in Figure 28-5, in which one SDN controller centralizes all important control plane functions First, the controller sits anywhere in the network that has IP reachability to the devices in the network Each of the network devices still has a data plane However, note that none of the devices has a control plane In the variation of SDN as shown in Figure 28-5, the controller (or a program making use of the controller) directly programs the data plane entries into each device’s tables The networking devices not populate their forwarding tables with traditional distributed control plane processes Controller Southbound Interface (SBI) Control Plane Data Plane packet Network Device Figure 28-5 Control Plane packet Data Plane Network Device Control Plane packet Data Plane Network Device Centralized Control Plane and a Distributed Data Plane packet 258 CCNA Routing and Switching ICND2 200-105 Official Cert Guide A controller does much of the work needed for the control plane in a centralized control model It gathers all sorts of useful information about the network, like the items in the previous list The controller itself can create a centralized repository of all this useful information about the network A controller’s Northbound Interface (NBI) opens the controller so its data and functions can be used by other programs, enabling network programmability, with much quicker development Programs can pull information from the controller, using the controller’s APIs The NBIs also enable programs to use the controller’s abilities to program flows into the devices using the controller’s SBIs Key Topics 259 Figure 28-7 shows the big ideas with a REST API The application runs on a host at the top of the figure In this case, at Step 1, it sends an HTTP GET request to a particular URI The HTTP GET is like any other HTTP GET, even like those used to retrieve web pages However, the URI is not for a web page, but rather identifies an object on the controller, typically a data structure that the application needs to learn and then process For example, the URI might identify an object that is the list of physical interfaces on a specific device along with the status of each APP Variables HTTP GET URI HTTP GET Response: JSON data Controller API Figure 28-7 Process Example of a GET Using a REST API ... 96th Street Indianapolis, IN 46240 ii CCNA Routing and Switching ICND2 200- 105 Official Cert Guide CCNA Routing and Switching ICND2 200- 105 Official Cert Guide Wendell Odom with contributing author... the CCNA 200- 125 exam, and this book (and the ICND2 200- 105 exam topics) covers the other half In short, for content, CCNA = ICND1 + ICND2 xxxvii xxxviii CCNA Routing and Switching ICND2 200- 105. .. to the CCENT and CCNA Routing and Switching certifications, and the related 100 -105 ICND1, 200- 105 ICND2, and 200- 125 CCNA exams, early in the year 2016 Most everyone new to Cisco certifications