CCNA ® : Cisco ® Certified Network Associate Study Guide Sixth Edition

Contents at a Glance Introduction xxiii Assessment Test xxxiii Chapter 1 Internetworking 1 Chapter 2 Introduction to TCP/IP 67 Chapter 3 Subnetting, Variable Length Subnet Masks (VLSMs), and Troubleshooting TCP/ ...

Contents at a Glance Introduction xxiii Assessment Test xxxiii Chapter 1 Internetworking 1 Chapter 2 Introduction to TCP/IP 67 Chapter 3 Subnetting, Variable Length Subnet Masks (VLSMs), and Troubleshooting TCP/IP 111 Chapter 4 Cisco’s Internetworking Operating System (IOS) and Security Device Manager (SDM) 171 Chapter 5 Managing a Cisco Internetwork 251 Chapter 6 IP Routing 327 Chapter 7 Enhanced IGRP (EIGRP) and Open Shortest Path First (OSPF) 417 Chapter 8 Layer 2 Switching and Spanning Tree Protocol (STP) 493 Chapter 9 Virtual LANs (VLANs) 551 Chapter 10 Security 609 Chapter 11 Network Address Translation (NAT) 669 Chapter 12 Cisco’s Wireless Technologies 703 Chapter 13 Internet Protocol Version 6 (IPv6) 739 Chapter 14 Wide Area Networks 773 Glossary 851 Index 911 Table of Contents Introduction xxiii Assessment Test xxxiii Chapter 1 Internetworking 1 Internetworking Basics 4 Internetworking Models 11 The Layered Approach 12 Advantages of Reference Models 12 The OSI Reference Model 13 The Application Layer 15 The Presentation Layer 16 The Session Layer 16 The Transport Layer 16 The Network Layer 22 The Data Link Layer 24 The Physical Layer 30 Ethernet Networking 31 Half- and Full-Duplex Ethernet 33 Ethernet at the Data Link Layer 34 Ethernet at the Physical Layer 37 Ethernet Cabling 39 Straight-Through Cable 39 Crossover Cable 40 Rolled Cable 40 Data Encapsulation 43 The Cisco Three-Layer Hierarchical Model 46 The Core Layer 47 The Distribution Layer 48 The Access Layer 49 Summary 49 Exam Essentials 49 Written Lab 1 50 Written Lab 1.1: OSI Questions 51 Written Lab 1.2: Defining the OSI Layers and Devices 52 Written Lab 1.3: Identifying Collision and Broadcast Domains 53 Written Lab 1.4: Binary/Decimal/Hexadecimal Conversion 53 Review Questions 56 Answers to Review Questions 60 xii Table of Contents Answers to Written Lab 1 62 Answer to Written Lab 1.2 63 Answers to Written Lab 1.3 63 Answers to Written Lab 1.4 64 Chapter 2 Introduction to TCP/IP 67 TCP/IP and the DoD Model 68 The Process/Application Layer Protocols 70 The Host-to-Host Layer Protocols 74 The Internet Layer Protocols 83 IP Addressing 92 IP Terminology 93 The Hierarchical IP Addressing Scheme 93 Private IP Addresses 98 Broadcast Addresses 100 Summary 101 Exam Essentials 102 Written Lab 2 102 Review Questions 104 Answers to Review Questions 108 Answers to Written Lab 2 110 Chapter 3 Subnetting, Variable Length Subnet Masks (VLSMs), and Troubleshooting TCP/IP 111 Subnetting Basics 112 IP Subnet-Zero 113 How to Create Subnets 114 Subnet Masks 115 Classless Inter-Domain Routing (CIDR) 116 Subnetting Class C Addresses 118 Subnetting Class B Addresses 127 Subnetting Class A Addresses 134 Variable Length Subnet Masks (VLSMs) 137 VLSM Design 138 Implementing VLSM Networks 139 Summarization 147 Troubleshooting IP Addressing 150 Determining IP Address Problems 153 Summary 157 Exam Essentials 158 Written Labs 3 158 Written Lab 3.1: Written Subnet Practice #1 159 Written Lab 3.2: Written Subnet Practice 159 Written Lab 3.3: Written Subnet Practice 160 Table of Contents xiii Review Questions 161 Answers to Review Questions 166 Answers to Written Lab 3.1 168 Answers to Written Lab 3.2 169 Answers to Written Lab 3.3 169 Chapter 4 Cisco’s Internetworking Operating System (IOS) and Security Device Manager (SDM) 171 The IOS User Interface 173 Cisco Router IOS 173 Connecting to a Cisco Router 173 Bringing Up a Router 175 Command-Line Interface (CLI) 179 Entering the CLI from a Non-ISR Router 180 Overview of Router Modes 181 CLI Prompts 182 Editing and Help Features 185 Gathering Basic Routing Information 189 Router and Switch Administrative Configurations 191 Hostnames 191 Banners 192 Setting Passwords 194 Encrypting Your Passwords 199 Descriptions 201 Router Interfaces 204 Bringing Up an Interface 206 Viewing, Saving, and Erasing Configurations 212 Deleting the Configuration and Reloading the Router 214 Verifying Your Configuration 214 Cisco’s Security Device Manager (SDM) 223 Summary 232 Exam Essentials 233 Written Lab 4 234 Hands-on Labs 235 Hands-on Lab 4.1: Logging into a Router 235 Hands-on Lab 4.2: Using the Help and Editing Features 236 Hands-on Lab 4.3: Saving a Router Configuration 237 Hands-on Lab 4.4: Setting Your Passwords 237 Hands-on Lab 4.5: Setting the Hostname, Descriptions, IP Address, and Clock Rate 239 Hands-on Lab 4.6: Installing SDM on Your Computer 241 Review Questions 242 Answers to Review Questions 247 Answers to Written Lab 4 249 xiv Table of Contents Chapter 5 Managing a Cisco Internetwork 251 The Internal Components of a Cisco Router 252 The Router Boot Sequence 253 Managing Configuration Register 254 Understanding the Configuration Register Bits 254 Checking the Current Configuration Register Value 256 Changing the Configuration Register 256 Recovering Passwords 258 Boot System Commands 261 Backing Up and Restoring the Cisco IOS 262 Verifying Flash Memory 263 Backing Up the Cisco IOS 264 Restoring or Upgrading the Cisco Router IOS 265 Using the Cisco IOS File System (Cisco IFS) 266 Using the SDM to Manage the Flash Memory 270 Backing Up and Restoring the Cisco Configuration 274 Backing Up the Cisco Router Configuration 275 Restoring the Cisco Router Configuration 276 Erasing the Configuration 277 Using the Cisco IOS File System to Manage Your Router’s Configuration (Cisco IFS) 278 Using the SDM to Back Up/Restore and Edit the Router’s Configuration 280 Using Cisco Discovery Protocol (CDP) 283 Getting CDP Timers and Holdtime Information 283 Gathering Neighbor Information 284 Gathering Interface Traffic Information 289 Gathering Port and Interface Information 290 Documenting a Network Topology Using CDP 292 Using Telnet 295 Telnetting into Multiple Devices Simultaneously 297 Checking Telnet Connections 297 Checking Telnet Users 297 Closing Telnet Sessions 298 Using SDM to Telnet into Your Router 299 Resolving Hostnames 300 Building a Host Table 300 Using DNS to Resolve Names 302 Checking Network Connectivity and Troubleshooting 305 Using the ping Command 305 Using the traceroute Command 307 Debugging 308 Using the show processes Command 310 Summary 311 Table of Contents xv Exam Essentials 311 Written Lab 5 313 Hands-on Labs 313 Hands-on Lab 5.1: Backing Up Your Router IOS 314 Hands-on Lab 5.2: Upgrading or Restoring Your Router IOS 314 Hands-on Lab 5.3: Backing Up the Router Configuration 314 Hands-on Lab 5.4: Using the Cisco Discovery Protocol (CDP) 315 Hands-on Lab 5.5: Using Telnet 316 Hands-on Lab 5.6: Resolving Hostnames 316 Review Questions 318 Answers to Review Questions 323 Answers to Written Lab 5 325 Chapter 6 IP Routing 327 Routing Basics 329 The IP Routing Process 331 Testing Your IP Routing Understanding 336 Configuring IP Routing 341 Configuring IP Routing in Our Network 362 Static Routing 363 Default Routing 374 Dynamic Routing 377 Routing Protocol Basics 377 Distance-Vector Routing Protocols 379 Routing Loops 380 Routing Information Protocol (RIP) 383 RIP Timers 383 Configuring RIP Routing 383 Verifying the RIP Routing Tables 387 Configuring RIP Routing Example 2 389 Holding Down RIP Propagations 390 RIP Version 2 (RIPv2) 390 Interior Gateway Routing Protocol (IGRP) 392 Verifying Your Configurations 393 The show ip protocols Command 394 The debug ip rip Command 395 Enabling RIPv2 on Our Internetwork 398 Summary 401 Exam Essentials 401 Written Lab 6 402 Hands-on Labs 403 Hands-on Lab 6.1: Creating Static Routes 404 Hands-on Lab 6.2: Configuring RIP Routing 405 xvi Table of Contents Review Questions 407 Answers to Review Questions 413 Answers to Written Lab 6 415 Chapter 7 Enhanced IGRP (EIGRP) and Open Shortest Path First (OSPF) 417 EIGRP Features and Operation 418 Protocol-Dependent Modules 419 Neighbor Discovery 419 Reliable Transport Protocol (RTP) 421 Diffusing Update Algorithm (DUAL) 421 Using EIGRP to Support Large Networks 422 Multiple ASes 422 VLSM Support and Summarization 423 Route Discovery and Maintenance 424 Configuring EIGRP 426 Corp 429 R1 429 R2 430 R3 430 Redistributing to the 871W Router from R3 432 Configuring Discontiguous Networks 434 Load Balancing with EIGRP 435 Verifying EIGRP 438 Open Shortest Path First (OSPF) Basics 444 OSPF Terminology 446 SPF Tree Calculation 448 Configuring OSPF 449 Enabling OSPF 449 Configuring OSPF Areas 450 Configuring Our Network with OSPF 453 Verifying OSPF Configuration 457 The show ip ospf Command 458 The show ip ospf database Command 459 The show ip ospf interface Command 460 The show ip ospf neighbor Command 461 The show ip protocols Command 461 Debugging OSPF 462 OSPF DR and BDR Elections 465 Neighbors 465 Adjacencies 465 DR and BDR Elections 466 OSPF and Loopback Interfaces 466 Configuring Loopback Interfaces 467 OSPF Interface Priorities 469 Table of Contents xvii Troubleshooting OSPF 471 Configuring EIGRP and OSPF Summary Routes 474 Summary 476 Exam Essentials 477 Written Lab 7 477 Hands-on Labs 478 Hands-on Lab 7.1: Configuring and Verifying EIGRP 479 Hands-on Lab 7.2: Enabling the OSPF Process 480 Hands-on Lab 7.3: Configuring OSPF Neighbors 481 Hands-on Lab 7.4: Verifying OSPF Operation 482 Hands-on Lab 7.5: OSPF DR and BDR Elections 482 Review Questions 484 Answers to Review Questions 489 Answers to Written Lab 7 491 Chapter 8 Layer 2 Switching and Spanning Tree Protocol (STP) 493 Before Layer 2 Switching 494 Switching Services 497 Limitations of Layer 2 Switching 498 Bridging vs. LAN Switching 499 Three Switch Functions at Layer 2 499 Spanning Tree Protocol (STP) 505 Spanning Tree Terms 506 Spanning Tree Operations 507 Configuring Catalyst Switches 514 Catalyst Switch Configuration 515 Verifying Cisco Catalyst Switches 528 Cisco Network Assistant 534 Summary 541 Exam Essentials 542 Written Lab 8 542 Review Questions 543 Answers to Review Questions 548 Answers to Written Lab 8.1 550 Chapter 9 Virtual LANs (VLANs) 551 VLAN Basics 552 Broadcast Control 554 Security 555 Flexibility and Scalability 555 VLAN Memberships 558 Static VLANs 558 Dynamic VLANs 559 xviii Table of Contents Identifying VLANs 559 Frame Tagging 561 VLAN Identification Methods 562 VLAN Trunking Protocol (VTP) 563 VTP Modes of Operation 564 VTP Pruning 565 Routing between VLANs 567 Configuring VLANs 568 Assigning Switch Ports to VLANs 570 Configuring Trunk Ports 571 Configuring Inter-VLAN Routing 575 Configuring VTP 580 Troubleshooting VTP 583 Telephony: Configuring Voice VLANs 586 Configuring the Voice VLAN 587 Configuring IP Phone Voice Traffic 587 Using the CNA to Configure VLANs and Inter-VLAN Routing 588 Summary 597 Exam Essentials 598 Written Lab 9 599 Review Questions 600 Answers to Review Questions 605 Answers to Written Lab 9.1 607 Chapter 10 Security 609 Perimeter, Firewall, and Internal Routers 610 Recognizing Security Threats 611 Mitigating Security Threats 614 Cisco’s IOS Firewall 614 Introduction to Access Lists 615 Mitigating Security Issues with ACLs 618 Standard Access Lists 619 Wildcard Masking 620 Standard Access List Example 622 Controlling VTY (Telnet) Access 625 Extended Access Lists 626 Extended Access List Example 1 630 Extended Access List Example 2 631 Advanced Access Lists 632 Named ACLs 632 Switch Port ACLs 634 Lock and Key (Dynamic ACLs) 636 Reflexive ACLs 637 Time-Based ACLs 637 Table of Contents xix Remarks 638 Context-Based Access Control (Cisco IOS Firewall) 639 Authentication Proxy 640 Monitoring Access Lists 640 Configuring Access Lists Using SDM 643 Creating ACLs with SDM 643 Creating Firewalls with SDM 647 Summary 654 Exam Essentials 655 Written Lab 10.1 655 Hands-on Labs 656 Hands-on Lab 10.1: Standard IP Access Lists 657 Hands-on Lab 10.2: Extended IP Access Lists 657 Review Questions 661 Answers to Review Questions 666 Answers to Written Lab 10.1 668 Chapter 11 Network Address Translation (NAT) 669 When Do We Use NAT? 670 Types of Network Address Translation 671 NAT Names 672 How NAT Works 673 Static NAT Configuration 674 Dynamic NAT Configuration 675 PAT (Overloading) Configuration 675 Simple Verification of NAT 676 Testing and Troubleshooting NAT 677 Configuring NAT on Our Internetwork 679 Configuring NAT Using SDM 684 Summary 688 Exam Essentials 688 Written Lab 11 688 Hands-on Labs 689 Lab 11.1: Preparing for NAT 691 Lab 11.2: Configuring Dynamic NAT 692 Lab 11.3: Configuring PAT 694 Review Questions 696 Answers to Review Questions 699 Answers to Written Lab 11 701 Chapter 12 Cisco’s Wireless Technologies 703 Introduction to Wireless Technology 704 The 802.11 Standards 706 Comparing 802.11 711 xx Table of Contents Cisco’s Unified Wireless Solution 712 Split-MAC Architecture 715 MESH and LWAPP 716 AWPP 718 Wireless Security 718 Configuring Our Wireless Internetwork 721 Summary 729 Exam Essentials 729 Written Lab 12 730 Review Questions 731 Answers to Review Questions 735 Answers to Written Lab 12 737 Chapter 13 Internet Protocol Version 6 (IPv6) 739 Why Do We Need IPv6? 740 The Benefits and Uses of IPv6 741 IPv6 Addressing and Expressions 742 Shortened Expression 743 Address Types 744 Special Addresses 745 How IPv6 Works in an Internetwork 746 Autoconfiguration 746 Configuring Cisco Routers with IPv6 747 DHCPv6 748 ICMPv6 749 IPv6 Routing Protocols 750 RIPng 751 EIGRPv6 751 OSPFv3 752 Migrating to IPv6 753 Dual Stacking 754 6to4 Tunneling 754 NAT-PT 755 Configuring IPv6 on Our Internetwork 756 Configuring RIPng 759 Configuring OSPFv3 763 Summary 766 Exam Essentials 767 Written Lab 13 767 Review Questions 768 Answers to Review Questions 771 Answers to Written Lab 13.1 772 Table of Contents xxi Chapter 14 Wide Area Networks 773 Introduction to Wide Area Networks 774 Defining WAN Terms 775 WAN Connection Types 775 WAN Support 777 Cable and DSL 779 Cable 780 Digital Subscriber Line (DSL) 782 Cabling the Serial Wide Area Network 785 Serial Transmission 785 Data Terminal Equipment and Data Communication Equipment 786 High-Level Data-Link Control (HDLC) Protocol 787 Point-to-Point Protocol (PPP) 788 Link Control Protocol (LCP) Configuration Options 789 PPP Session Establishment 790 PPP Authentication Methods 790 Configuring PPP on Cisco Routers 791 Configuring PPP Authentication 791 Verifying PPP Encapsulation 792 PPPoE Configuration 796 Frame Relay 798 Introduction to Frame Relay Technology 798 Frame Relay Implementation and Monitoring 805 Using SDM for WAN Connections 813 Configuring PPP with Authentication Using SDM 813 Configuring PPPoE with SDM 818 Configuring Frame Relay with SDM 822 Virtual Private Networks 825 Introduction to Cisco IOS IPSec 826 IPSec Transforms 826 Configuring VPNs/IPSec Using the SDM 828 Summary 836 Exam Essentials 836 Written Lab 14 837 Hands-on Labs 837 Hands-on Lab 14.1: Configuring PPP Encapsulation and Authentication 838 Hands-on Lab 14.2: Configuring and Monitoring HDLC 839 Hands-on Lab 14.3: Configuring Frame Relay and Subinterfaces 840 xxii Table of Contents Review Questions 842 Answers to Review Questions 847 Answers to Written Lab 14.1 849 Glossary 851 Index 911 Introduction Welcome to the exciting world of Cisco certification! You have picked up this book because you want something better—namely, a better job with more satisfaction. Rest assured that you have made a good decision. Cisco certification can help you get your first networking job or more money and a promotion if you are already in the field. Cisco certification can also improve your understanding of the internetworking of more than just Cisco products: You will develop a complete understanding of networking and how different network topologies work together to form a network. This is beneficial to every networking job and is the reason Cisco certification is in such high demand, even at companies with few Cisco devices. Cisco is the king of routing, switching, and security, the Microsoft of the internetworking world. The Cisco certifications reach beyond the popular certifications, such as the MCSE, to provide you with an indispensable factor in understanding today’s network—insight into the Cisco world of internetworking. By deciding that you want to become Cisco certified, you are saying that you want to be the best—the best at routing and the best at switching. This book will lead you in that direction.