Chapter 1 - Building a Simple Network Building a Simple Network Common Physical Components of a Network Interpreting a Network Diagram Resource-Sharing Functions and Benefits Network User Applications Impact of User Applications on the Network Characteristics of a Network Physical Topology Categories Logical Topologies Bus Topology Star Topology Extended-Star Topology Ring Topology Dual-Ring Topology Full-Mesh Topology Partial-Mesh Topology Connection to the Internet Demo - Network Topology Summary Securing the Network Closed/Open Networks Threat Capabilities— More Dangerous and Easier to Use E-Business Challenge Adversaries, Adversary Motivations, and Classes of Attack Common Threats Password Attack Threat Mitigation Summary Understanding the Host-to-Host Communications Model Understanding Host-to-Host Communications Why a Layered Network Model? The Seven Layers of the OSI Model Data Encapsulation/De-Encapsulation Peer-to-Peer Communication Demo - OSI Model TCP/IP Stack TCP/IP Stack vs. the OSI Model Summary Understanding the TCP/IP Internet Layer Internet Protocol Characteristics Why IP Addresses? IP PDU Header IP Address Format: Dotted Decimal Notation IP Address Classes: The First Octet IP Address Ranges Reserved Address Public IP Addresses Private IP Addresses Demo - IP Address Basics DHCP DNS Network Connection ipconfig Summary Understanding the TCP/IP Transport Layer Transport Layer Reliable vs. Best-Effort Comparison UDP Characteristics UDP Header TCP Characteristics TCP Header TCP/IP Application Layer Overview Mapping Layer 3 to Layer 4 Mapping Layer 4 to Applications Establishing a Connection Three-Way Handshake Flow Control TCP Acknowledgment Fixed Windowing TCP Sliding Windowing TCP Sequence and Acknowledgment Numbers Demo - TCP Summary Exploring the Packet Delivery Process Layer 1 Devices Layer 2 Devices Layer 2 Addressing Layer 3 Devices and Their Function Layer 3 Addressing ARP ARP Table Host-to-Host Packet Delivery Default Gateway Demo - Protocols Host-Based Tools: ping Host-Based Tools: Table Host-Based Tools: tracert Summary Understanding Ethernet Local Area Network LAN Components Functions of a LAN LAN Sizes Ethernet Evolution LAN Standards CSMA/CD Ethernet Frame Structure Communicating Within the LAN MAC Address Components MAC Addresses Summary Connecting to an Ethernet LAN Network Interface Card Comparing Ethernet Media Requirements Differentiating Between Connections 1000BASE-T GBIC Cisco Fiber-Optic GBICs Unshielded Twisted-Pair Cable RJ-45 Connector RJ-45 Jack UTP Implementation (Straight-Through/Crossover) UTP Implementation: Straight-Through vs. Crossover Using Varieties of UTP Summary Chapter 1 Review Chapter 2 - Ethernet LANs Ethernet LANs LAN Segment Limitations Extending LAN Segments Collisions Multiple Collision Domains Summary Solving Network Challenges with Switched LAN Technology Network Congestion Bridges LAN Switch LAN Switch Features Switches Supersede Bridges Switching Frames LANs Today VLAN Overview Summary Exploring the Packet Delivery Process Layer 2 Addressing Layer 3 Addressing Host-to-Host Packet Delivery Summary Operating Cisco IOS Software Cisco IOS Software Configuring Network Devices An Overview of Cisco Device Startup External Configuration Sources Cisco IOS User Interface Functions Cisco IOS Software EXEC Mode (User) Cisco IOS Software EXEC Mode (Privileged) Switch Command-Line Help Facilities Context-Sensitive Help Enhanced Editing Commands Router Command History Demo - Basic CLI Viewing the Configuration show running-config and show startup-config Commands Summary Starting a Switch Initial Startup of the Catalyst Switch Catalyst 2960 Switch LED Indicators Initial Bootup Output from the Catalyst 2960 Switch Initial Configuration of the Catalyst 2960 Switch Using Setup Logging In to the Switch and Entering the Privileged EXEC Mode Configuring the Switch Configuring Switch Identification Configuring the Switch IP Address Configuring the Switch Default Gateway Saving Configurations Showing Switch Initial Startup Status Switch show version Command Switch show interfaces Command Managing the MAC Address Table Demo - Switch Configuration Summary Understanding Switch Security Common Threats to Physical Installations Configuring a Switch Password Configuring the Login Banner Telnet vs. SSH Access Configuring Port Security Verifying Port Security on the Catalyst 2960 Series Securing Unused Ports Disabling an Interface (Port) Summary Maximizing the Benefits of Switching Microsegmentation Duplex Overview Setting Duplex and Speed Options Showing Duplex Options The Hierarchy of Connectivity Loops Spanning Tree Protocol Summary Troubleshooting Switch Issues The Layered Approach Switched Media Issues show interface Excessive Noise Excessive Collisions Late Collisions Port Access Issues Duplex-Related Issues Speed-Related Issues Configuration Issues Summary Chapter 2 Review Chapter 3 - Wireless LANs Wireless LANs Market Trends Differences Between WLAN and LAN Radio Frequency Transmission Organizations That Define WLAN ITU-R with FCC Wireless IEEE 802.11 Standards Comparison Wi-Fi Certification Summary Understanding WLAN Security Wireless LAN Security Threats Mitigating the Threats Evolution of Wireless LAN Security Wireless Client Association How 802.1X Works on the WLAN WPA and WPA2 Modes Summary Implementing a WLAN 802.11 Topology Building Blocks BSA Wireless Topology— Basic Coverage ESA Wireless Topology— Extended Cover Wireless Topology Data Rates—802.11b Access Point Configuration Steps to Implement a Wireless Network Wireless Clients Common Wireless Network Issues Wireless Troubleshooting Summary Chapter 3 Review Chapter 4 - LAN Connections LAN Connections Routers Router Functions Path Determination Routing Tables Routing Table Entries Routing Metrics Distance Vector Routing Protocols Link-State Routing Protocols Summary Understanding Binary Basics Decimal vs. Binary Numbers Decimal and Binary Numbers Chart Powers of 2 Decimal-to-Binary Conversion Binary-to-Decimal Conversion Demo - Conversion Summary Constructing a Network Addressing Scheme Flat Topology Subnetworks What a Subnet Mask Does Possible Subnets and Hosts for a Class C Network Possible Subnets and Hosts for a Class B Network Possible Subnets and Hosts for a Class A Network End System Subnet Mask Operation How Routers Use Subnet Masks Applying the Subnet Address Scheme Demo - Subnetting Part 1 Octet Values of a Subnet Mask Default Subnet Masks Procedure for Implementing Subnets Eight Easy Steps for Determining Subnet Addresses Example: Applying a Subnet Mask for a Class C Address Example: Applying a Subnet Mask for a Class B Address Example: Applying a Subnet Mask for a Class A Address Demo - Subnetting Part 2 Demo - Subnetting Part 3 Summary Starting a Router Initial Startup of the Cisco Router Bootup Output from the Router Setup: The Initial Configuration Dialog Setup Interface Summary Setup Initial Global Parameters Setup Initial Protocol Configurations Setup Interface Parameters Cisco AutoSecure Setup Script Review and Use Logging in to the Cisco Router Router User-Mode Command List Router Privileged-Mode Command List show version Command Demo - Router Configuration Summary Configuring a Cisco Router Overview of Router Modes Saving Configurations Configuring Router Identification Console-Line Commands Configuring an Interface Configuring an Interface Description Configuring IP Addresses Router show interfaces Command Interpreting the Interface Status Verifying a Serial Interface Configuration Summary Exploring the Packet Delivery Process Layer 2 Addressing Layer 3 Addressing Host-to-Host Packet Delivery Using the show OP Command ping traceroute Summary Understanding Cisco Router Security Common Threats to Physical Installations Configuring a Router Password Configuring the Login Banner Telnet vs. SSH Access Demo - Passwords Summary Using the Cisco SDM Cisco Router and Security Device Manager What Is Cisco SDM? Supported Cisco Routers and Cisco IOS Software Releases Configuring Your Router to Support SDM SDM Startup Cisco SDM Main Window Layout and Navigation Cisco SDM Wizards Summary Using a Cisco Router as a DHCP Server Understanding DHCP DHCP Using a Router as a DHCP Server DHCP Server Using a Router Additional Tasks DHCP Pool Checking the DHCP Configuration DHCP Pool Status show ip dhcp conflict Summary Accessing Remote Devices Using Telnet to Connect to Remote Devices Viewing Telnet Connections Viewing SSH Connections Suspending and Resuming a Telnet Session Demo - Telnet Closing a Telnet Session Using the ping and traceroute Commands Summary Chapter 4 Review Chapter 5 - WAN Connections WAN Connections Understanding WAN Technologies Wide-Area Network Need for WANs WANs vs. LANs WAN Access and the OSI Reference Model WAN Devices Physical Layer: WANs Serial Point-to-Point Connections WAN—Multiple LANs WAN Data-Link Protocols WAN Link Options Summary Enabling the Internet Connection Packet Switching DSL DSL Service Types Overview DSL Considerations Cable-Based WANs The Global Internet Getting an Interface Address from a DHCP Server Network Address Translation Port Address Translation Translating Inside Source Addresses Overloading an Inside Global Address Gathering the Required Information Configuring the Client: Interface and Connection Configuring the Client: WAN Wizard Configuring the Client: Encapsulation Configuring the Client: IP Addressing Configuring PAT: Advanced Options Configuring PAT: Summary Verifying the DHCP Client Configuration Displaying Information with show Commands Summary Enabling Static Routing Router Operations Identifying Static and Dynamic Routes Static Routes Static Route Configuration Static Route Example Default Routes Verifying the Static Route Configuration Demo - Static Routes Summary Configuring Serial Encapsulation Circuit Switching Public Switched Telephone Network PSTN Considerations Leased Line WAN Connection Bandwidth Configuring a Serial Interface Serial Interface show controller Command Point-to-Point Considerations HDLC and Cisco HDLC Configuring HDLC Encapsulation Leased Line 2 PPP An Overview of PPP Enable PPP Encapsulation PPP Configuration Example Verifying a Serial Interface Configuration Verifying the HDLC and PPP Encapsulation Configuration Demo - Configuring Serial Frame Relay Frame Relay Devices and Virtual Circuits ATM and Cell Switching Summary Enabling RIP What Is a Routing Protocol? Autonomous Systems: Interior or Exterior Routing Protocols Classes of Routing Protocols Administrative Distance: Ranking Routes Classful Routing Protocol Classless Routing Protocol Distance Vector Routing Protocols Sources of Information and Discovering Routes RIP Overview RIPv1 and RIPv2 Comparison IP Routing Configuration Tasks RIP Configuration Example Verifying the RIP Configuration Displaying the IP Routing Table debug ip rip Command Demo - RIP Summary Chapter 5 Review Chapter 6 - Network Environment Management Discovering Neighbors on the Network Cisco Discovery Protocol Discovering Neighbors with Cisco Discovery Protocol Using Cisco Discovery Protocol Using the show cdp neighbors Command Using the show cdp entry Command Additional Cisco Discovery Protocol Commands Creating a Network Map Demo - CDP Summary Managing Router Startup and Configuration Router Power-On Boot Sequence Router Internal Components ROM Functions Finding the Cisco IOS Image Loading the Cisco IOS Image from Flash Memory Loading the Configuration show running-config and show startup-config Commands Determining the Current Configuration Register Value Configuration Register Values show version Command show flash Command Summary Managing Cisco Devices Cisco IOS File System and Devices Managing Cisco IOS Images Verifying Memory and Deciphering Image Filenames Creating a Software Image Backup Upgrading the Image from the Network Device Configuration Files Cisco IOS copy Command Cisco IOS copy Command Example copy run tftp and copy tftp run Commands show and debug Commands Considerations When Using debug Commands Commands Related to debug Summary Chapter 6 Review Chapter 1 - Small Network Implementation Introducing the Review Lab Cisco IOS User Interface Functions Overview of Cisco IOS Configuration Modes Help Facilities of the Cisco IOS CLI Commands Review Discussion Access to the Remote Labs Summary Chapter 1 Review Chapter 2 - Medium-Sized Switched Network Construction Implementing VLANs and Trunks Issues in a Poorly Designed Network VLAN Overview Designing VLANs for an Organization Guidelines for Applying IP Address Space Network Traffic Types Advantages of Voice VLANs VLAN Operation VLAN Membership Modes 802.1Q Trunking 802.1Q Frame Understanding Native VLANs VTP Features VTP Modes VTP Operation VTP Pruning Configuring VLANs and Trunks VTP Configuration Guidelines Creating a VTP Domain VTP Configuration and Verification Example 802.1Q Trunking Issues Configuring 802.1Q Trunking Verifying a Trunk VLAN Creation Guidelines Adding a VLAN Verifying a VLAN Assigning Switch Ports to a VLAN Verifying VLAN Membership Demo - VLAN Executing Adds, Moves, and Changes for VLANs Summary Improving Performance with Spanning Tree Interconnection Technologies Determining Equipment and Cabling Needs Advantages of EtherChannel Demo - Bridging Redundant Topology Broadcast Frames Broadcast Storms Multiple Frame Copies MAC Database Instability Demo - STP Loop Resolution with STP Spanning-Tree Operation STP Root Bridge Selection Spanning-Tree Port States Demo - BPDU Describing PortFast Configuring and Verifying PortFast Spanning-Tree Operation Example Spanning-Tree Path Cost Spanning-Tree Recalculation Per VLAN Spanning Tree Plus PVST+ Extended Bridge ID Demo - SwitchConfig Rapid Spanning Tree Protocol Default Spanning-Tree Configuration PVRST+ Configuration Guidelines PVRST+ Implementation Commands Verifying PVRST+ Configuring the Root and Secondary Bridges Configuring the Root and Secondary Bridges: SwitchA Configuring the Root and Secondary Bridges: SwitchB Summary Routing Between VLANs VLAN-to-VLAN Overview Dividing a Physical Interface into Subinterfaces Routing Between VLANs with 802.1Q Trunks Summary Securing the Expanded Network Overview of Switch Security Recommended Practices: New Switch Equipment Recommended Practices: Switch Security Port Security 802.1X Port-Based Authentication Summary Troubleshooting Switched Networks Switches Troubleshooting Troubleshooting Port Connectivity Troubleshooting VLANs and Trunks Troubleshooting VTP Troubleshooting Spanning Tree Summary Chapter 2 Review Chapter 3 - Medium-Sized Routed Network Construction Reviewing Routing Operations Static vs. Dynamic Routes Demo - Static Route What Is a Dynamic Routing Protocol? Autonomous Systems: Interior and Exterior Routing Protocols Classes of Routing Protocols Selecting the Best Route Using Metrics Administrative Distance: Ranking Routing Sources Distance Vector Routing Protocols Sources of Information and Discovering Routes Maintaining Routing Information Demo - RIP Review Inconsistent Routing Entries: Counting to Infinity and Routing Loops Counting to Infinity Solution to Counting to Infinity: Defining a Maximum Routing Loops Solution to Routing Loops: Split Horizon Solution to Routing Loops: Route Poisoning and Poison Reverse Solution to Routing Loops: Hold-Down Timers Triggered Updates Eliminating Routing Loops Link-State Routing Protocols OSPF Hierarchical Routing Link-State Routing Protocol Algorithms Benefits and Drawbacks of Link-State Routing Summary Implementing VLSM Subnetting Review Possible Subnets and Hosts for a Class C Network Possible Subnets and Hosts for a Class B Network Possible Subnets and Hosts for a Class A Network Subnetting Review Exercise What Is a Variable-Length Subnet Mask? A Working VLSM Example Understanding Route Summarization Classful Routing Overview Classless Routing Overview Summarizing Within an Octet Summarizing Addresses in a VLSM-Designed Network Route Summarization Operation in Cisco Routers Demo - VLSM Summarizing Routes in a Discontiguous Network Summary Chapter 3 Review Chapter 4 - Single-Area OSPF Implementation Implementing OSPF OSPF Overview OSPF Hierarchy Example Neighbor Adjacencies: The Hello Packet SPF Algorithm Configuring Single - Area OSPF Configuring Loopback Interfaces Verifying the OSPF Configuration OSPF debug Commands Demo - OSPF Load Balancing with OSPF OSPF Authentication Configuring OSPF Plaintext Password Authentication Plaintext Password Authentication Configuration Example Verifying Plaintext Password Authentication Summary Troubleshooting OSPF Components of Troubleshooting OSPF Troubleshooting OSPF Neighbor Adjacencies Troubleshooting OSPF Routing Tables Troubleshooting Plaintext Password Authentication Problems Summary Chapter 4 Review Chapter 5 - EIGRP Implementation EIGRP Implementation Implementing EIGRP EIGRP Features EIGRP Tables EIGRP Path Calculation (Router C) EIGRP Configuration EIGRP and Discontiguous Networks Default Scenario Configuration EIGRP and Discontiguous Networks with no auto-summary Verifying the EIGRP Configuration debug ip eigrp Command EIGRP Metric EIGRP Load Balancing EIGRP Unequal - Cost Load Balancing Variance Example Demo - EIGRP EIGRP MD5 Authentication EIGRP MD5 Authentication Configuration Steps Configuring EIGRP MD5 Authentication Example EIGRP MD5 Authentication Configuration Verifying MD5 Authentication Summary Troubleshooting EIGRP Components of Troubleshooting EIGRP Troubleshooting EIGRP Neighbor Issues Troubleshooting EIGRP Routing Tables Troubleshooting EIGRP Authentication Troubleshooting EIGRP Authentication Problem Summary Chapter 5 Review Chapter 6 - Access Control Lists Access Control Lists Introducing ACL Operation Why Use ACLs? ACL Applications: Filtering ACL Applications: Classification Outbound ACL Operation A List of Tests: Deny or Permit Types of ACLs How to Identify ACLs IP Access List Entry Sequence Numbering ACL Configuration Guidelines Dynamic ACLs Reflexive ACLs Time-Based ACLs Wildcard Bits: How to Check the Corresponding Address Bits Wildcard Bits to Match IP Subnets Wildcard Bit Mask Abbreviations Summary Configuring and Troubleshooting ACLs Testing Packets with Numbered Standard IPv4 ACLs Numbered Standard IPv4 ACL Configuration Numbered Standard IPv4 ACL Example 1 Numbered Standard IPv4 ACL Example 2 Numbered Standard IPv4 ACL Example 3 Demo - Standard ACL Standard ACLs to Control vty Access Demo - Access Class Testing Packets with Numbered Extended IPv4 ACLs Numbered Extended IPv4 ACL Configuration Numbered Extended IPv4 ACL Example 1 Numbered Extended IPv4 ACL Example 2 Demo - Extended ACL Named IP ACL Configuration Named Standard IPv4 ACL Example Named Extended IPv4 ACL Example Commenting ACL Statements Demo - Named ACL Monitoring ACL Statements Verifying ACLs Troubleshooting Common ACL Errors Summary Chapter 6 Review Chapter 7 - Address Space Management Scaling the Network with NAT and PAT Network Address Translation Port Address Translation Translating Inside Source Addresses Configuring and Verifying Static Translation Enabling Static NAT Address Mapping Example Configuring and Verifying Dynamic Translation Dynamic Address Translation Example Overloading an Inside Global Address Configuring Overloading Overloading an Inside Global Address Example Clearing the NAT Translation Table Demo - NAT Translation Not Occurring: Translation Not Installed in the Table Displaying Information with show and debug Commands Translation Occurring: Installed Translation Entry Not Being Used Sample Problem: Cannot Ping Remote Host Solution: Corrected Configuration Summary Transitioning to IPv6 IPv4 and IPv6 Why Do We Need a Larger Address Space? IPv6 Advanced Features IPv6 Address Representation IPv6 Address Types IPv6 Unicast Addressing IPv6 Global Unicast (and Anycast) Addresses Link-Local Addresses Larger Address Space Enables Address Aggregation Assigning IPv6 Global Unicast Addresses IPv6 EUI-64 Interface Identifier Stateless Autoconfiguration DHCPv6 (Stateful) DHCPv6 Operation IPv6 Routing Protocols RIPng (RFC 2080) IPv4-to-IPv6 Transition Cisco IOS Dual Stack IPv6 Tunneling Manually Configured IPv6 Tunnel Enabling IPv6 on Cisco Routers IPv6 Address Configuration Example Cisco IOS IPv6 Name Resolution Configuring and Verifying RIPng for IPv6 RIPng for IPv6 Configuration Example Summary Chapter 7 Review Chapter 8 - LAN Extension into a WAN LAN Extension into a WAN Introducing VPN Solutions What Is a VPN? Benefits of VPN Site-to-Site VPNs Remote-Access VPNs Cisco Easy VPN Cisco IOS IPsec SSL VPN (WebVPN) VPN-Enabled Cisco IOS Routers Cisco ASA Adaptive Security Appliances VPN Clients What Is IPsec? IPsec Security Services Confidentiality (Encryption) Encryption Algorithms DH Key Exchange Data Integrity Authentication IPsec Security Protocols IPsec Framework Summary Establishing a Point-to-Point WAN Connection with PPP Typical WAN Encapsulation Protocols An Overview of PPP PPP Session Establishment PPP Authentication Protocols: PAP PPP Authentication Protocols: CHAP Configuring PPP and Authentication Overview Configuring PPP and Authentication PPP and CHAP Configuration Example Demo - CHAP Verifying the PPP Encapsulation Configuration Verifying PPP Authentication Verifying PPP Negotiation Summary Establishing a WAN Connection with Frame Relay Frame Relay Overview Frame Relay Terminology Selecting a Frame Relay Topology Resolving NBMA Reachability Issues Frame Relay Address Mapping Frame Relay Signaling Stages of Inverse ARP and LMI Operation Configuring Basic Frame Relay Configuring a Static Frame Relay Map Configuring Frame Relay Subinterfaces Configuring Frame Relay Point-to-Point Subinterfaces Configuring Frame Relay Multipoint Subinterfaces Verifying Frame Relay Operation Demo - Frame Relay Summary Troubleshooting Frame Relay WANs Components of Troubleshooting Frame Relay Troubleshooting a Frame Relay Link That Is Down Troubleshooting Frame Relay Remote Router Connectivity Troubleshooting Frame Relay End-to-End Connectivity Summary Chapter 8 Review