BrainBuzz Cramsession TM Notice: While every precaution has been taken in the preparation of this material, neither the author nor BrainBuzz.com assumes any liability in the event of loss or damage directly or indirectly caused by any inaccuracies or incompleteness of the material contained in this document. The information in this document is provided and distributed “as-is”, without any expressed or implied warranty. Your use of the information in this document is solely at your own risk, and Brainbuzz.com cannot be held liable for any damages incurred through the use of this material. The use of product names in this work is for information purposes only, and does not constitute an endorsement by, or affiliation with BrainBuzz.com. Product names used in this work may be registered trademarks of their manufacturers. This document is protected under US and international copyright laws and is intended for individual, personal use only. For more details, visit our legal page . © 2000 All Rights Reserved – BrainBuzz.com Last updated November, 2000. Click here for updates. Click here to see additional documents related to this study guide. Contents Contents 1 Cisco Device Operation . 2 General Networking Theory 5 Bridging & LAN Switching . 8 IP Routing Protocols 17 Desktop Protocols .26 Performance Management .28 WAN .29 LAN 33 Security 35 TACACS (Terminal Access Controller Access Control System) 35 Multiservice .36 Cramsession™ for Cisco Certified Internetwork Expert Abstract: This Cramsession will help you to prepare for Cisco exam #350-001, the CCIE written exam. Exam topics include, Cisco Device Operation, General Networking Theory, Bridging & LAN Switching, Internet Protocol, IP Routing Protocols, Desktop Protocols, Performance Management, WAN, LAN, Security, and Multiservice. BrainBuzz Cramsession: Cisco Certified Internetwork Expert More study guides and information available at www.cramsession.brainbuzz.com . © 2000 All Rights Reserved – BrainBuzz.com 2 Cisco Device Operation Router Components ROM (Read-Only Memory) – Hosts the basic commands of the router and sometimes a limited version of the IOS (Internet Operating System). ROM is non- volatile, meaning it is hard-coded and does not change. Contains power-on diagnostics, a bootstrap program, and operating system software. RAM (Random Access Memory) – Contains the running version of the IOS and the current running configuration. This is extremely volatile; when the router is shutdown, anything in RAM is lost. Stores routing tables, ARP cache, fast-switching cache, packet buffering (shared RAM), and packet hold queues. NVRAM (Non-Volatile Random Access Memory) - As the name implies, files can be written to this memory and will not be lost when the system is powered down. This is where the startup version of the router configuration is stored. Flash memory (EEPROM – Electronic Erasable Programmable Read Only Memory) – This is where the IOS version for the router is stored. It is important when determining what version of IOS to load on a router, that you ascertain how much flash is installed. Different versions of IOS require more flash to be loaded. Flash memory holds the operating system image and microcode. Ways to Configure a New Router • By connecting to the console port and using TFTP to download a configuration file that has been created ahead of time. • By connecting to the console port and running the Setup dialog. • By connecting to the console port and directly typing in configuration commands. • Using bootp in conjunction with SLARP/RARP to download a configuration file that has been created ahead of time. Determine Hardware Configuration The EXEC commands that will show hardware configuration of a Cisco router are “show hardware” and “show version” BrainBuzz Cramsession: Cisco Certified Internetwork Expert More study guides and information available at www.cramsession.brainbuzz.com . © 2000 All Rights Reserved – BrainBuzz.com 3 Mode Prompts Monitor mode rommon 1 > User mode router> Privileged mode router# Global configuration mode router(config)# Interface configuration mode router(config-if)# Sub-interface configuration mode router(config-subif)# Line configuration mode router(config-line)# Router configuration mode router(config-router)# IPX router configuration mode router(config-ipx-router)# Really Delete Files from Flash When you delete a file from flash, it is not removed from flash, and you will not regain the space - it is simply marked for deletion. Once a file is marked for deletion, issuing the “squeeze” command will perform a function similar to a hard drive defrag and move the files on flash to reclaim the space occupied by the “deleted” file. Passwords Things to know: • The user mode password is the only one that cannot be created in the setup dialogue. • All passwords can be encrypted. • A password can be set for individual lines. • If no password is set on the vty lines there is no telnet access into this router. • Router(config)# service password-encryption – encrypts all passwords in the configuration file. Procedure to Recover a Lost Password: • Reboot the router • Issue the break command in the first 60 seconds (CTRL-Break) • Enter the appropriate register value (0x2142) • Reboot the router again • Avoid the startup script • Copy startup to running configuration • Change the passwords • Copy running to startup configuration BrainBuzz Cramsession: Cisco Certified Internetwork Expert More study guides and information available at www.cramsession.brainbuzz.com . © 2000 All Rights Reserved – BrainBuzz.com 4 Types of passwords: • Exec – used to restrict access to the EXEC mode, the basic console on the router. • Enable – used to restrict access to the privileged EXEC mode where changes to the router configuration can be made. • Enable Secret – Similar to the Enable password, but they are encrypted so they cannot be read. Setting different types of passwords: • Console password – used with the routers console port. router(config)# line con 0 router(config-line)# login router(config-line)# password {password} • Auxiliary password - used for the router’s auxiliary port. router(config)# line aux 0 router(config-line)# login router(config-line)# password {password} • Virtual terminal password – used for telnet sessions to router. router(config)# line vty 0 4 router(config-line)# login router(config-line)# password {password} • Enable password – used when enable secret is not configured or software revision is too old. router(config)# enable password {password} • Enable secret password – encrypted password that provides enable privileges. router(config)# enable secret {password} Register Values • 0x2102 – Default mode • 0x2142 - The value used to recover passwords Debug By default, all debug information goes to the console port on a Cisco router only. To view debug messages from a VTY session, you must issue the “terminal monitor” command. Router# debug serial interface - monitors keepalives on an interface. To reduce the impact of a debug command on the CPU of the router, use the scheduler-interval command and be sure to use the debug command as specifically as possible. BrainBuzz Cramsession: Cisco Certified Internetwork Expert More study guides and information available at www.cramsession.brainbuzz.com . © 2000 All Rights Reserved – BrainBuzz.com 5 SNMP (Simple Network Management Protocol) SNMP is a standard method for Network Management Stations (such as CiscoWorks) to gather information about networked devices. This UDP-based protocol uses MIBs (Management Information DataBases) defined for each type of device to interpret the information provided by the SNMP enabled equipment To enable SNMP on a router the command is "snmp-server community" General Networking Theory OSI Model The OSI is a common tool for conceptualizing how network traffic is handled. In the CCIE track, we will be interested primarily in the lower three levels. Just a reminder, that you can use the old mnemonic “All People Seem To Need Data Processing” as a way to help remember the sequence. 7. Application – User interface tools (such as Telnet, SMTP, FTP, etc.) 6. Presentation – Encoding/Decoding (such as ASCII, MPEG, GIF, JPEG, etc.) 5. Session – Creating, managing and terminating Presentation layer 4. Transport – Error checking and recovery, flow control and multiplexing (TCP, SPX, etc.) 3. Network – Routing (IP, IPX, etc.) 2. Data Link (LLC/MAC) • LLC – Manages communications • MAC – Manages addressing and access to the physical layer 1. Physical – Establish and maintain physical connectivity Cisco Hierarchical Internetworking Model • Core – Concentrates all traffic traversing the network. The focus in on speed and fast switching. Gigabit Ethernet and ATM are seen here. • Distribution – Control layer; Aggregation of traffic, access lists, compression, encryption and other services that provide the glue between Access and Core layers. • Access – The point at which users join the network. VLANs, WAN connections, RAS services are all at this layer. Connection-oriented vs. Connectionless Service Connection-oriented: Similar to HDLC • Connection establishment and termination required • Sequenced, acknowledged data delivery • Built-in error recovery • Sliding window flow control Connectionless: Data transfer without virtual circuit BrainBuzz Cramsession: Cisco Certified Internetwork Expert More study guides and information available at www.cramsession.brainbuzz.com . © 2000 All Rights Reserved – BrainBuzz.com 6 • No message sequencing • No delivery guarantee • Higher layer is responsible for error recovery, flow control, and reliability Routing / Switching • Routing is defined as a Layer-3 activity. • Bridging is defined as a Layer-2 activity. • Switching is defined as a Layer-2 activity. Switching is often called micro- segmentation, in that each switched port is basically its own bridged domain. Routing and Routed Protocols A routing protocol, such as BGP or OSPF communicates between routers which paths to follow in order to get data delivered to desired destinations. A routed protocol, such as IP or IPX is the method for passing data, and travels the paths defined by the routing protocol. Reliability of Protocols • TCP and LLC Type 2 are reliable protocols because they are layer four protocols • IP, UDP, and Frame Relay are NOT reliable protocols because they are layer three protocols 802.x Protocols 802.2 Link Layer Control (LLC) 802.3 CSMA/CD Access Method (Ethernet) 802.4 Token Ring Bus 802.5 Token Ring 802.6 MAN (Metropolitan Area Network) 802.7 Broadband 802.8 Fiber-optic LANs 802.9 Integrated Voice & Data 802.10 LAN/MAN Security 802.11 Wireless 802.12 VGAnyLAN BrainBuzz Cramsession: Cisco Certified Internetwork Expert More study guides and information available at www.cramsession.brainbuzz.com . © 2000 All Rights Reserved – BrainBuzz.com 7 Passive Interface When enabled on an interface this command allows the interface to hear routing updates, but not repeat them. This helps to control routing updates. Example: Router(config-router)# passive-interface s0 Connectivity (Diagram A-1) Bridged Environment (Refer to Diagram A-1) In a bridged environment, a Cisco router will not modify the layer-2 MAC address of a frame when bridging. In other words, a packet retains the true source and destination MAC addresses when crossing a bridge. For example, if in the diagram above Devices B and C were bridges, packets sent from Host A to Host B would have the Source MAC Address of Host A’s Ethernet adapter and the Destination MAC Address of Host B’s Ethernet adapter, regardless of what segment they were passing through. If a packet were to be lost anywhere between Host A and Host D, the originator would rebroadcast. Routed Environment (Refer to diagram A-1) In a routed environment, when a host sends a packet it has the Source MAC Address of either the originating host (if on the first segment) or the last router port it was processed by. It would have the Destination MAC Address of the next hop router port or the destination host, if on the final segment. In other words, a host sending a packet to a router for processing to a remote destination will have the routers local port as a destination address; a host receiving a packet from the router will see a source address of the local router port. BrainBuzz Cramsession: Cisco Certified Internetwork Expert More study guides and information available at www.cramsession.brainbuzz.com . © 2000 All Rights Reserved – BrainBuzz.com 8 For example, if in the devices in diagram A-1 were routers: • Packet from Host A to Host D will have source MAC address of Host A and destination MAC address of Router B’s local Ethernet port on Segment 1. • Packet from Host A to Host D will have source MAC address of Router B’s Serial port and destination MAC address of Router C’s local Serial port on Segment 2. • Packet from Host A to Host D will have source MAC address of Router C’s Ethernet port and a destination MAC address of Host D on Segment 3. If a packet sent from Host A to Host D were to be lost: • On segment 1, Host A would rebroadcast • On segment 2, Router B would rebroadcast • On segment 3, Router C would rebroadcast Bridging & LAN Switching A View of Bridging When non-routable protocols, such as NetBEUI, LAT or SNA were developed all devices on a network resided locally. As networks matured and bridges were introduced to segment LANs there was the need for these devices to communicate across networks, especially WAN links. Because these protocols did not have the mechanisms to allow this connectivity, bridging techniques were developed to allow the communication between devices at the Data Link Layer (layer 2 of the OSI model). By default, bridging is disabled on all Cisco routers. However, these services are still an important component of the real-world networks you will be asked to deal with in your professional life. For the purposes of the current discussion, you will also need to know them for the CCIE certification exams, both written and lab. Keep in mind that many non-routable protocols, most importantly SNA, are very time sensitive, and delays can cause loss of data or session connectivity. It is also important to understand that bridging techniques are broadcast intensive, and that this can flood slower WAN links. Bridging techniques Transparent Bridging (TB) – As the name implies, this type of bridging is transparent to the end devices. The end devices are unaware that when they communicate they are not local to one another. This functionality is not enabled by default on Cisco routers, but can be turned on when needed. When a device wishes to communicate, it will send out a broadcast to search for the requested destination address. When a Transparent Bridge sees the first broadcast from a device, it extracts the MAC address from the packet and enters it into its forwarding table, the list of devices on each interface. This process of determining what devices exist on each of the bridge’s ports is called learning. BrainBuzz Cramsession: Cisco Certified Internetwork Expert More study guides and information available at www.cramsession.brainbuzz.com . © 2000 All Rights Reserved – BrainBuzz.com 9 If the bridge receives a broadcast with a destination address that is in its forwarding table it forwards the broadcast only to that one interface. If it is not in the table, it repeats the broadcast out of all of its interfaces (except the one on which it was received). This process is called flooding. Source-Route Bridging (SRB) – Source routing is called that because instead of an intermediate device determining a path, the originating device creates its own. Routing Information Fields (RIF) are used to define paths for SRB frames to traverse a network. They are easy to read if you understand their function. For the current discussion it’s important that you understand how to understand how a RIF works. Later we’ll come back to how to rip ‘um up and read ‘um. When an SNA device needs to access a remote unit, it sends out a test frame that attempts to find the destination. You can think of this as a broadcast in the IP world; it isn’t, but that will help you to conceptualize. If the destination is not found, the source device sends out a single-route or all- routes explorer frame. Any bridges that the frame comes across in its travels add their local bridge and ring numbers to the RIF. Eventually the frame either finds its target or dies on the vine. IBM bridges support 8 rings and 7 bridges; IEEE 802.5 bridges support 14 bridges and 13 rings. Once one of the explorer frames finds the destination, it returns to its creator to announce its success. If multiple frames return, the source device takes the route of the first frame to return, assuming this is the best path. Think of it as a race in a maze; the first one to grab the cheese and get home first, wins. Ripping up a RIF This will seem complicated, but once you understand how RIFs are defined, simple practice will drive home the necessary techniques The first bit of the first byte of the source address is the Routing Information Indicator (RII), which is exactly what it sounds like; it indicates that what follows is a RIF. If this bit is a 1, the frame is a RIF; if the bit is a 0, it is not. Here are the component parts of the first 2 bytes of a RIF, called the RCF (Routing Control Field): 1. The first 3 bits define what kind of RIF is being examined: • 0xx – single route frame • 10x – all-routes explorer frame • 11x – spanning explorer frame 2. The next 5 bits show the length of the RIF. This indicates how many bytes of bridge/ring numbers follow. 3. The next single bit shows direction: • 0 – read from left-to-right • 1 – read from right-to-left 4. The last 3 bits indicate the maximum frame length BrainBuzz Cramsession: Cisco Certified Internetwork Expert More study guides and information available at www.cramsession.brainbuzz.com . © 2000 All Rights Reserved – BrainBuzz.com 10 • 000 – up to 512 bytes • 001 – up to 1,500 bytes • 010 – up to 2,052 bytes • 011 – up to 4,472 bytes • 100 – up to 8,144 bytes • 101– up to 11,407 bytes • 110 – up to 17,800 bytes • 111 – broadcast frame 5. The last four bits are not relevant. They are reserved for future use. Here’s an example of a RIF: 0810.0011.0023.0040 Translating the first two bytes (0810) to binary gives us: 0000.1000.0001.0000 Rip it up to define: Type RIF Length Direction Frame Length Not used 000 01000 0 000 0000 From this we know: • The RIF type is: single route frame • The RIF Length: 8 bytes (01000 binary = 8 decimal) • Direction to read the RIF: right-to-left • The maximum frame length: up to 512 bytes The rest of the RIF is called the RDF (Route Descriptor Field) and reading it is easy. The first three digits of each two-byte grouping are the ring number (in hexadecimal). The last digit is the bridge number (again, in hex). A zero in the bridge number designation indicates that the destination ring has been reached. Notice that since only four bits are used for the ring number, and zero is already taken, the only bridge numbers available are hex 1 through F (1 to 15 in decimal). Looking at our example again (0810.0011.0023.0040), (remember that the 0x indicates that the number that follows is in Hex) we find that the path is: • Ring 0x1 to bridge 0x1 • Ring 0x2 to bridge 0x3 • Ring 0x4 to the destination Taking another example: 0A10.0021.00B1.0101.0020 Translating the first two bytes (0A10) to binary gives us: 0000.1010.0001.0000 [...]... the wider internetwork The default priority for each router is 100, but can be change to give one priority as the most likely default gateway (if say, one unit were faster than another) More study guides and information available at www .cramsession. brainbuzz.com © 2000 All Rights Reserved – BrainBuzz.com BrainBuzz Cramsession: Cisco Certified Internetwork Expert 17 IP Routing Protocols Methods for avoiding... databases for each area More study guides and information available at www .cramsession. brainbuzz.com © 2000 All Rights Reserved – BrainBuzz.com BrainBuzz Cramsession: Cisco Certified Internetwork Expert • 19 Autonomous System Boundary Router (LSA Type 5) – Routers that have at least one interface into an external internetwork, such as a non-OSPF network These routers can redistribute non-OSPF network information... policies for each individual neighbor, you define a peer group name and assign policies to the peer group itself IBGP • Exchanges information within the same AS between routers More study guides and information available at www .cramsession. brainbuzz.com © 2000 All Rights Reserved – BrainBuzz.com BrainBuzz Cramsession: Cisco Certified Internetwork Expert • Is more flexible, scalable, and more efficient for. .. technology that was the standard for backbone connectivity for some years It is still found in many legacy More study guides and information available at www .cramsession. brainbuzz.com © 2000 All Rights Reserved – BrainBuzz.com BrainBuzz Cramsession: Cisco Certified Internetwork Expert 35 networks, and is still relevant in both real-life situations and in preparation for the CCIE track It is based on... include: More study guides and information available at www .cramsession. brainbuzz.com © 2000 All Rights Reserved – BrainBuzz.com BrainBuzz Cramsession: Cisco Certified Internetwork Expert • ISL – Used with Ethernet, and is Cisco Proprietary • 14 802.1Q – Used with Ethernet and is IEEE standard VTP (VLAN Transport Protocol) VLANs definitions can span switches VTP is the method for communicating these definitions... enhancing network performance and reclaiming bandwidth that would otherwise be used to pass routes back and forth Access Lists Used to permit or deny traffic based on the source network/subnet/host address Things to know: More study guides and information available at www .cramsession. brainbuzz.com © 2000 All Rights Reserved – BrainBuzz.com BrainBuzz Cramsession: Cisco Certified Internetwork Expert • • • •... supporting RIFs This bridging method, when enabled on Cisco routers, handles the More study guides and information available at www .cramsession. brainbuzz.com © 2000 All Rights Reserved – BrainBuzz.com BrainBuzz Cramsession: Cisco Certified Internetwork Expert 12 conversion from Ethernet frames to Token Ring frames (bit ordering); adjusts the MTU sizes (default for Token Ring is 4,464 bytes, Ethernet 1.500... authentication, authorization and accounting More study guides and information available at www .cramsession. brainbuzz.com © 2000 All Rights Reserved – BrainBuzz.com BrainBuzz Cramsession: Cisco Certified Internetwork Expert • 36 User names and passwords are encrypted PIX (Private Internet Exchange) Firewall A Cisco hardware and software platform that prevents unauthorized connections between two networks... the routing table The routing table contains: • How the route was found More study guides and information available at www .cramsession. brainbuzz.com © 2000 All Rights Reserved – BrainBuzz.com BrainBuzz Cramsession: Cisco Certified Internetwork Expert • Destination network address and the subnet mask in prefix format • Administrative Distance: This is the metric or cost from the neighbor advertising that... guides and information available at www .cramsession. brainbuzz.com © 2000 All Rights Reserved – BrainBuzz.com BrainBuzz Cramsession: Cisco Certified Internetwork Expert 26 Desktop Protocols IPX (Internet Packet Exchange) IPX is Novell’s network layer protocol An IPX address consists of two parts, the network ID followed by a host ID taken from the MAC address of the device The default Cisco encapsulation . .36 Cramsession for Cisco Certified Internetwork Expert Abstract: This Cramsession will help you to prepare for Cisco exam #350-001,. enabled on Cisco routers, handles the BrainBuzz Cramsession: Cisco Certified Internetwork Expert More study guides and information available at www .cramsession. brainbuzz.com