Beruflich Dokumente
Kultur Dokumente
Menu
Networking Today
Network Components
End Devices
Either the source or destination of a message
Name some end devices
Intermediary Network Devices
Connect multiple individual networks to form an internetwork
Connect the individual end devices to the network
Ensure data flows across the network
Provide connectivity
Network Media
Provide the pathway for data transmission
Interconnect devices
Name the three types of media
Network Representations
What do the symbols represent?
Topology Diagrams
Physical
Logical
LANs and WANs
Internet Connections
Internet Access Technologies
Internet Service Provider (ISP)
Broadband cable
Broadband Digital Subscriber Line (DSL)
Wireless WANs
Mobile Services
Business DSL
Leased Lines
Metro Ethernet
Types of Internet Connections
Home and Small Office
Business
Converged Networks
Reliable Network
Network Trends
Security Threats
Viruses, worms, and Trojan horses
Spyware and adware
Zero-day attacks, also called zero-hour attacks
Hacker attacks
Denial of service attacks
Data interception and theft
Identity theft
Security Solutions
Antivirus and antispyware
Firewall filtering
Dedicated firewall systems
Access control lists (ACL)
Intrusion prevention systems (IPS)
Virtual Private Networks (VPNs)
Network Architecture
Cisco Network Architecture
Support technologies and applications
Ensure connectivity across any combination of networks
CCNA
A first step to a networking career
Summary
Explain how multiple networks are used in everyday life.
Describe the topologies and devices used in a small to medium-sized business network.
Explain the basic characteristics of a network that supports communication in a small to medium-sized
business.
Explain trends in networking that will affect the use of networks in small to medium-sized businesses.
client
collaborative learning spaces
global communities
human network
network collaboration services
network of networks
peer-to-peer network
server
broadband cable
broadband DSL
business DSL
cable
cellular
dedicated leased line
dial-up telephone
DSL
end devices
extranet
hardware
intermediary devices
internetworking devices
Internet Service Provider (ISP)
Intranet
leased lines
Local Area Network (LAN)
logical topology diagrams
medium
Metropolitan Area Network (MAN)
metro Ethernet
network access devices
network interface card (NIC)
network media
physical port, interface
availability
circuit switched networks
content security
converged network
data confidentiality
data integrity
delay
Denial of Service (DoS)
encrypting data
fault tolerance
hierarchical layered structure
intelligent information network
network architecture
network bandwidth
network congestion
network infrastructure security
packet loss
packet switched networks
packets
Quality of Service (QoS)
queue
redundancy
routing function
scalability
user authentication
video conferencing
virtual private networks (VPNs)
virtualization
viruses
wireless broadband service
wireless internet service provider (WISP)
wireless local area networks (WLAN)
worms
zero-day attacks
Menu
Cisco IOS
Operating Systems
PC OS allows users to interact with the computer
User-computer interaction in PC OSs are often done via mouse, keyboard and monitor
Cisco IOS is also an Operating System
Cisco IOS allows users to interact with Cisco devices.
Hostnames
Device Names
Hostnames allow devices to be identified by network administrators over a network or the Internet.
Very important and should also be displayed in the topology.
Configure Hostnames
IOS hostnames should:
Start with a letter
Contain no spaces
End with letter or digit
Use only letters, digits or dashes
Be less than 64 characters in length
Configure IP Addressing
Manual IP Address Configuration for End Devices
To manually configure an IPv4 address on a Windows host, open the Control Panel > Network Sharing Center
> Change adapter settings and choose the adapter.
Next right-click and select Properties to display the Local Area Connection Properties shown in Figure 1.
Automatic IP Address Configuration for End Devices
DHCP enables automatic IPv4 address configuration for every end device that has DHCP enabled. No extra
configuration is needed.
Switch Virtual Interface Configuration
To configure an SVI on a switch, use the interface vlan 1 global configuration command. Vlan 1 is not an actual
physical interface but a virtual one.
Verifying Connectivity
Interface Addressing Verification
Cisco IOS supports commands to allow IP configuration verification.
End-To-End Connectivity Test
The ping command can be used to test connectivity to another device on the network or a website on the
Internet.
Summary
Explain the features and functions of Cisco IOS Software.
Configure initial settings on a network device using the Cisco IOS software.
Given an IP addressing scheme, configure IP address parameters on end devices to provide end-to-end
connectivity in a small to medium-sized business network.
SecureCRT
OS X Terminal
Cisco IOS modes
User EXEC mode
Privileged EXEC mode
Global Configuration Mode
Line configuration mode
Interface configuration mode
enable command
disable command
exit command
end command
Key combination – Ctrl+Z
Context-Sensitive Help
hostname name
Strong passwords
enable secret class
line console 0
password cisco
login
line vty 0 15
service password-encryption
banner motd # the message of the day #
Startup configuration
Random Access Memory (NVRAM)
Running configuration
Menu
The Rules
Rule Establishment
Identified sender and receiver
Common language and grammar
Speed and timing of delivery
Confirmation or acknowledgment requirements
Message Encoding
Process of converting information into another acceptable form
Message Formatting and Encapsulation
Message Size
Message Timing
Access method
Flow control
Response timeout
Message Delivery Options
Unicast
Multicast
Broadcast
Protocols
Rules that Govern Communications
Network Protocols
The role of protocols
How the message is formatted or structured
The process by which networking devices share information about pathways with other networks
How and when error and system messages are passed between devices
The setup and termination of data transfer sessions
Protocol Interaction
Example: web server and client
Protocol Suites
Protocol Suites and Industry Standards
TCP/IP is an open standard
Can you name other protocol suites?
TCP/IP Protocol Suites
Can you name some of the protocols from the TCP/IP protocol suite.
TCP/IP Communication Process
Can you describe the process?
Standard Organizations
Open Standards
Name some advantages of open standards
Internet Standards
Name a few standard organizations
Electronics and Communications Standards Organizations
Name a few organizations
Reference Models
The Benefits of Using a Layered Model
Name some benefits
The OSI Reference Model
Provides list of functions
Describes interactions between layers
OSI Model and TCP/IP Model Comparison
Similar: transport and network layers
Contrast: relationship between layers
3.3 Data Transfer in the Network
Data Encapsulation
Message Segmentation
Segmentation – Break communication into pieces
Multiplexing – interleaving the pieces
Protocol Data Units
What are PDUs called at each layer?
Encapsulation and de-encapsulation process
Data Access
Network Addresses
Source IP address
Destination IP address
Deliver the IP packet from the original source to the final destination, either on the same network or to a remote
network.
Data Link Addresses
Source data link address
Destination data link address
Deliver the data link frame from one network interface card (NIC) to another NIC on the same network
Devices on the Same Network
Devices on a Remote Network
3.4 Chapter Summary
Summary
Explain how rules are used to facilitate communication.
Explain the role of protocols and standards organizations in facilitating interoperability in network
communications.
Explain how devices on a LAN access resources in a small to medium-sized business network.
message size
message timing
multicast
protocols
receiver
response timeout
segmenting
transmission medium
transmitter
unacknowledged
unicast
destination IP address
frame
Multiplexing
network address
packet
protocol data unit (PDU)
source IP address
source data link address
Segment
segmentation
Menu
Share 59 Like 59
Copper Cabling
UTP Connectors
Types of UTP Cable
Rollover
Crossover
Straight-through
Fiber-Optic Cabling
Properties of Fiber-Optic Cabling
Transmits data over longer distances
Flexible, but thin strands of glass
Transmits with less attenuation
Immune to EMI and RFI
Fiber Media Cable Design
Types of Fiber Media
Single mode and multimode
Fiber-Optic Connectors
Testing Fiber Cables
Fiber versus Copper
Wireless Media
Topologies
Controlling Access to the Media
– Mesh
LAN Topologies
Physical LAN Topologies
Half and Full Duplex
Media Access Control Methods
Contention-Based Access
– CSMA/CD vs. CSMA/CA
The Frame
– Header
– Data
– Trailer
Frame Fields
Layer 2 Address
Summary
Explain how physical layer protocols and services support communications across data networks.
Build a simple network using the appropriate media.
Explain how the Data Link layer supports communications across data networks.
Compare media access control techniques and logical topologies used in networks.
Latency
Manchester encoding
Megabits per second (Mb/s)
Modulation
Network Interface Cards (NICs)
OSI Physical Layer
Signaling
Telecommunications Industry Association/Electronic Industries Association (TIA/EIA)
Throughput
Wireless
Wireless Local Network (WLAN)
Section 4.2 New Terms and Commands
Cancelation
Category 5 cable (Cat 5)
Enhanced Category 5 cable (Cat5e)
Category 6 cable (Cat6)
Category 6a cable (Cat6a)
Category 7 cable (Cat7)
Cladding
Coaxial
Coaxial cabling
Core
Coverage area
Crosstalk
Dispersion
Duplex Multimode LC Connector
802.11 frame
802.11 Wireless
Bus
Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)
Carrier Sense Multiple Access/Collision Detection (CSMA/CD)
Collision
Contention-based access
Control
Controlled access
Cyclic Redundancy Check (CRC) value
Data
Error Detection
Ethernet
Extended Star
Frame Check Sequence (FCS) Frame Relay
Frame Relay
Frame start and stop indicator flags
Full-Duplex Communications
Half-Duplex Communications
HDLC
Header
Hub and Spoke
Logical Point-to-Point Topology
Logical Topology
ITN6_Instructor_Materials_Chapter4.pptx
Search the site
Menu
Ethernet Frame
Ethernet Encapsulation
Ethernet operates in the data link layer and the physical layer.
Ethernet supports data bandwidths from 10Mbps through 100Gbps.
Ethernet standards define both the Layer 2 protocols and the Layer 1 technologies.
MAC Sublayer
MAC constitutes the lower sublayer of the data link layer.
Responsible for Data encapsulation and Media access control.
Ethernet Evolution
Ethernet has been evolving since its creation in 1973.
The Ethernet frame structure adds headers and trailers around the Layer 3 PDU to encapsulate the message
being sent.
Ethernet Frame Fields
The minimum Ethernet frame size is 64 bytes and the maximum is 1518 bytes.
Frame smaller than the minimum or greater than the maximum are dropped.
Dropped frames are likely to be the result of collisions or other unwanted signals and are therefore considered
invalid.
MAC and IP
The combination of MAC and IP facilitate the End-to-End communication.
Layer 2 addresses are used to move the frame within the local network
Layer 3 addresses are used to move the packets through remote networks.
Destination on Same Network
– Physical address (MAC address) is used for Ethernet NIC to Ethernet NIC communications on the same
network.
Destination on Remote Network
– Logical address (IP address) is used to send the packet from the original source to the final destination.
ARP
Introduction to ARP
ARP allows the source to request the MAC address of the destination.
The request is based upon the layer 3 address of the destination (known by the source).
ARP Functions
Resolving IPv4 addresses to MAC addresses
Maintaining a table of mappings
ARP uses ARP Request and ARP Reply to perform its functions.
Removing Entries from an ARP Table
Entries are removed from the device’s ARP table when its cache timer expires.
Cache timers are OS dependent.
ARP entries can be manually removed via commands.
ARP Tables
On IOS: show ip arp
On Windows PCs: arp -a
ARP Issues
ARP Broadcasts
– ARP requests can flood the local segment.
ARP Spoofing
– Attackers can respond to requests and pretend to be providers of services. Example: default gateway
5.4 Chapter Summary
Runt
Collision Fragment
Jumbo
Baby Giant Frame
Hexadecimal
Organizationally Unique Identifier (OUI)
Section 5.2 New Terms and Commands
burned-in address (BIA)
ipconfig /all command
ifconfig command
Unicast MAC Address
Broadcast MAC Address
Multicast MAC Address
Content Addressable Memory (CAM)
Store-and-forward
Cut-through
Fast-forward switching
Fragment-free switching
Port-based Memory Buffering
Shared Memory Buffering
Half-duplex
Full-duplex
Auto-MDIX
Address Resolution Protocol (ARP)
Related Articles
Search the site
Menu
IPv4 Packet
IPv4 Packet Header
Version = 0100
DS = Packet Priority
TTL = Limits life of Packet
Protocol = Upper layer protocol such as TCP
Source IP Address = source of packet
Destination IP Address = destination of packet
IPv6 Packet
Limitations of IPv4
IP address depletion
Internet routing table expansion
Lack of end-to-end connectivity
Introducing IPv6
Increased address space
Improved packet handling
Eliminates the need for NAT
EncapsulatingIPv6
Simplified header format
No checksum process requirement
More efficient Options Header mechanism
Flow Label field makes it more efficient.
IPv6 Packet Header
– xx
6.2 Routing
6.3 Routers
Anatomy of a Router
A Router is a Computer
Routers have CPU, memory and I/O devices
Cisco routers use IOS as their operating system.
Router Memory
Just as a computer, routers have memory.
Routers contain RAM, ROM, NVRAM and Flash memory.
Inside a Router
Routers have the same general structure.
Connect to a Router
Routers have may ports to support connections.
LAN and WAN Interfaces
Routers have LAN and WAN ports.
Different models ship with different ports.
Ethernet is very common on different router models.
Anatomy of a Router
Bootset Files
IOS image file, stored in the Flash, contains the IOS.
The Flash also stores other system files.
The NVRAM stores configuration parameters.
Router Bootup Process
Perform the POST and load the bootstrap program.
Locate and load the Cisco IOS software.
Locate and load the startup configuration file or enter setup mode
Show Version Output
The show version command is very useful.
It provides information on the amounts of memory installed, what IOS images was loaded during boot and
more.
Summary
Explain how network layer protocols and services support communications across data networks.
Explain how routers enable end-to-end connectivity in a small to medium-sized business network.
Explain how devices route traffic in a small to medium-sized business network.
Configure a router with basic configurations.
netstat –r
route print
interface list
IPv4 Route Table
IPv6 Route Table
directly-connected routes
remote routes
default route
show ip route
route source
destination network
outgoing interface
administrative distance
metric
next-hop
route timestamp
branch routers
WAN routers
service provider routers
Serial module
Ethernet interfaces
Auxiliary (AUX) RJ-45 port
In-band router interfaces
Console
Out-of-band
Secure Shell (SSH)
Telnet
startup-config
running-config
bootstrap program
Trivial File Transport Protocol (TFTP)
setup mode
show version
Related Articles
Search the site
Menu
IPv4 Issues
The Need for IPv6
Depletion of IPv4 address space
Internet of Everything
IPv4 and IPv6 Coexistence
Dual Stack – IPv4 and IPv6 on the same network
Tunneling – IPv6 packets inside IPv4 packets
Translation – IPv6 packet is translated to an IPv4 packet, and vice versa.
IPv6 Addressing
IPv6 Address Representation
x:x:x:x:x:x:x:x, where x represents 4 hexadecimal values
Apply the rules to simply these IPv6 Addresses
Rule 1: Omit Leading 0s
Rule 2: Omit All 0 Segments
2001:0DB8:0000:1133:0000:0000:0000:0200
2001:0DB8:CAFE:0000:1111:0000:0000:0200
2001:0DB8:000A:0000:0000:0000:0000:1000
2001:0DB8:ACAD:1234:0000:0000:0000:0000
2001:0DB8:0000:1111:0020:0000:ACAD:0000
FF02:0000:0000:0000:0000:0000:0000:0001
FE80:0000:0000:0000:0000:0000:0000:0003
0000:0000:0000:0000:0000:0000:0000:0000
ICMP
ICMPv4 and ICMPv6
Host Confirmation
Destination or Service Unreachable
Time Exceeded
Router Redirection
ICMPv6 Router Solicitation and Router Advertisement Messages
Messaging between an IPv6 router and an IPv6 device:
Router Solicitation (RS) message
Router Advertisement (RA) message
Messaging between IPv6 devices:
Neighbor Solicitation (NS) message
Neighbor Advertisement (NA) message
Duplicate Address Detection (DAD)
Summary
Explain the use of IPv4 addresses to provide connectivity in a small to medium-sized business network.
Configure IPv6 addresses to provide connectivity in small to medium-sized business networks.
Use common testing utilities to verify network connectivity.
ANDing
Binary Numbering System
Broadcast
Broadcast Address
Broadcast Domain
Class A
Class B
Class C
Class D
Class E
Classless Inter-domain Routing (CIDR)
DHCP Server
DHCP Client Dynamic Assignment
Directed Broadcast
Octet
Positional Notation
Prefix Length
Private Address
Public Address
radix
Regional Internet Registries (RIRs)
RFC 1918
Slash Notation
Static IP Addressing
Subnet Mask
TEST-NET Addresses
Unicast
ICMPv6
IPv4 Time-to-Live (TTL)
IPv6
IPv6 Anycast
IPv6 Hop Limit
IPv6 link-local address
IPv6 Loopback Address
IPv6 Multicast
IPv6 Prefix Length
IPv6 Unicast
Leading Zeros
Link-local Address
Network Address Translation (NAT64)
Related Articles
Leave a Reply
Search the site
Menu
8.0 Introduction
8.4 Summary
Network Segmentation
Broadcast Domains
Each router interface connects a broadcast domain.
Broadcasts are only propagated within its broadcast domain.
Problems with Large Broadcast Domains
Slow network operations due to the significant amount of broadcast traffic.
Slow device operations because a device must accept and process each broadcast packet.
Reasons for Subnetting
Solution: reduce the size of the network to create smaller broadcast domains.
Because each broadcast domain connects to a different router interface, each domain needs its own network
address space.
The process of breaking an address range into smaller address spaces is called subnetting.
Network administrators can group devices into subnets that are determined by location, organizational unit or
device type.
Creating 2 Subnets
A subnet mask of /25 applied to 192.168.10.0, creates two equal subnets, each one with 126 hosts.
Subnetting Formulas
Use 2n, to calculate the number of subnets.
Use 2h-2 to calculate the number of hosts.
n is the number allocated to the network portion of the address.
h is the number allocated to the host portion of the address.
Creating 4 Subnets
A subnet mask of /26 applied to 192.168.10.0, creates four equal subnets, each one with 62 hosts.
n = 2 and therefore 22 = 4.
h = 6 and therefore 26-2 = 62.
Subnetting a /16 and /8 Prefix
Creating Subnets with a /16 Prefix
A subnet mask of /16 applied to 172.16.32.0, creates a network with 65534 hosts.
A subnet mask of /18 applied to 172.16.32.0, creates 4 networks with 16382 hosts in each network.
A subnet mask of /22 applied to 172.16.32.0, creates 64 networks with 1022 hosts in each network.
Creating 100 Subnets with a /16 Prefix
A subnet mask of /23 applied to 172.16.32.0, creates 128 networks with 510 hosts in each network
Calculating the Hosts
Use 2h-2 to calculate the number of hosts.
h is the number allocated to the host portion of the address.
Creating 1000 Subnets with a /8 Prefix
A subnet mask of /18 applied to 20.0.0.0, creates 1024 networks with 16382 hosts in each network
Structured Design
Network Address Planning
Planning requires decisions on each subnet in terms of size, the number of hosts per subnet and how host
addresses will be assigned.
Planning to Address the Network
The Primary Planning Considerations are:
Prevent Duplication of Addresses
Monitor Security and Performance
Provide and Control Access
Assigning Addresses to Devices
Different devices needs may also impact the addressing scheme.
Common devices are:
– End user devices, servers, printers, network devices and gateways
Structured Design
The IPv6 Global Unicast Address
The IPv6 global unicast address normally consists of a /48 global routing prefix, a 16 bit subnet ID, and a 64 bit
interface ID.
Subnetting Using Subnet ID
The subnet ID provides plenty subnets and host support in one subnet.
The subnet ID alone allows for creating up to 65,536 /64 subnets.
IPv6 Subnet Allocation
Address waste is not a concern in IPv6.
Administrators can concentrate on designing a logical scheme to address the network
Related Articles
Search the site
Menu
Transportation of Data
Role of the Transport Layer
Responsible for establishing a temporary communication session between two applications and delivering data
between them.
Provides Connection-oriented data stream support, Reliability, Flow control, Multiplexing
Transport Layer Responsibilities
Track individual conversations.
Segment Data and Reassemble Segments.
Identify the Applications.
Conversation Multiplexing
Segments data into small chunks.
Label data chunks according to the conversation.
Transport Layer Reliability
Two protocols provided: TCP and UDP.
TCP supports reliability while UDP doesn’t.
TCP
Supports packet delivery confirmation.
There are three basic operations that enable reliability with TCP:
Numbering and tracking data segments transmitted to a specific host from a specific application
Acknowledging received data
Retransmitting any unacknowledged data after a certain period of time
UDP
UDP provides the basic functions for delivering data segments between the appropriate applications, with very
little overhead and data checking.
Perfect for applications that don’t require reliability.
The Right Transport Layer Protocol for the Right Application
TCP is better for databases, web browsers, email clients, etc.
UDP is better for live audio or video streaming, VoIP, etc.
UDP Features
Simple and fast.
UDP Header
UDP is a stateless protocol.
Reliability must be handled by the application.
The pieces of communication in UDP are called Datagrams.
UDP adds only 8 bytes of overhead.
Multiple Separate Conversations
The transport layer separate sand manages multiple communications with different transport requirements.
Different applications are sending and receiving data over the network simultaneously.
Unique header values allow TCP and UDP to manage these multiple and simultaneous conversations by
identifying these applications.
These unique identifiers are the port numbers.
Port Numbers
Usually seen in pairs: source port and destination port.
The source port is dynamically chosen by the sender.
The destination port is used to identify an application on the server (destination).
Socket Pairs
The combination of the source IP address and source port number, or the destination IP address and
destination port number, is known as a socket.
The socket is used to identify the server and service being requested by the client.
Two sockets combine to form a socket pair: (192.168.1.5:1099, 192.168.1.7:80).
Sockets enable multiple processes running on a client and multiple connections to a server process to be
distinguished from each other.
Port Number Groups
The IANA has created three port number groups:
Well-known ports (0 to 1023)
Registered Ports (1024 to 49151)
Private and/or Dynamic Ports (49152 to 65535)
The netstat Command
Netstat allows a user to see active connections in a host.
Netstat also displays the process using the connection.
9.2 TCP and UDP
UDP Communication
UDP Low Overhead Vs. Reliability
UDP has much lower overhead than TCP.
UDP is not connection-oriented and does not offer the sophisticated retransmission, sequencing, and flow
control mechanisms.
Applications running UDP can still use reliability, but it must be implemented in the application layer.
However, UDP is not inferior.
UDP Datagram Reassembly
UDP simply reassembles the data in the order in which it was received.
The application must identify the proper sequence, if necessary.
UDP Server Processes and Requests
UDP-based server applications are also assigned well-known or registered port numbers.
Requests received on a specific port are forwarded to the proper application based on port numbers.
UDP Client Processes
UDP client-server communication is also initiated by a client application.
The UDP client process dynamically selects a port number and uses this as the source port.
The destination port is usually the well-known or registered port number assigned to the server process.
The same source-destination pair of ports is used in the header of all datagrams used in the transaction.
Data returning to the client from the server uses a flipped source and destination port numbers in the datagram
header.
TCP or UDP
Applications that Use TCP
TCP handles all transport layer related tasks.
This frees the application from having to manage any of these tasks.
Applications can simply send the data stream to the transport layer and use the services of TCP.
Applications that Use UDP
Live video and multimedia applications – Can tolerate some data loss, but require little or no delay. Examples
include VoIP and live streaming video.
Simple request and reply applications – Applications with simple transactions where a host sends a request and
may or may not receive a reply. Examples include DNS and DHCP.
Applications that handle reliability themselves – Unidirectional communications where flow control, error
detection, acknowledgements, and error recovery is not required or can be handled by the application. Examples
include SNMP and TFTP.
9.3 Summary
Summary
Implement an IPv4 addressing scheme to enable end-to-end connectivity in a small to medium-sized business
network.
Given a set of requirements, implement a VLSM addressing scheme to provide connectivity to end users in a
small to medium-sized network.
Explain design considerations for implementing IPv6 in a business network.
Related Articles
Search the site
Menu
Peer-to-Peer Applications
Some P2P applications use a hybrid system, where resource sharing is decentralized.
Indexes that point to resource locations are stored in a centralized directory.
In a hybrid system, each peer accesses an index server to get the location of a resource stored on another
peer.
Common P2P Applications
Common P2P networks include: eDonkey, G2, BitTorrent.
Many P2P applications allow users to share pieces of many files with each other at the same time.
A small torrent file contains information about the location of other users and tracker computers.
Trackers are computers keeping track of the files hosted by users.
This technology is called BitTorrent. There are many BitTorrent clients, including BitTorrent, uTorrent,
Frostwire, and qBittorrent.
10.2 Well-Known Application Layer Protocols and Services
IP Addressing Services
Domain Name Service
IP addresses are not easy to memorize.
Domain names make server addresses more user-friendly.
Computers still need the actual numeric address before they can communicate.
The DNS protocol allows for the dynamic translation of a domain name into the associated IP address.
DNS Message Format
Common DNS records are A, NS, AAAA and MX.
DNS servers search its own records first, relaying the client’s request to other servers if it can’t resolve the
request.
The response is then forwarded to the client.
The client often stores previous name resolutions. Use the ipconfig /displaydns to list cached DNS entries on
Windows.
DNS Hierarchy
The DNS protocol uses a hierarchical system.
The naming structure is broken down into small, manageable zones.
Each DNS server is only responsible for managing name-to-IP mappings for a small portion of the DNS
structure.
Requests for zones not stored in a specific DNS server are forwarded to other servers for translation.
Top-level domains represent either the type of domain or the country of origin. Examples of top-level domains
are .com, .org, .au and .co
The nslookup Command
Use nslookup to place DNS queries.
Useful for DNS troubleshooting.
Summary
Explain the operation of the application layer in providing support to end-user applications.
Explain how well-known TCP/IP application layer protocols and services operate.
Gnutella protocol
BitTorrent
Uniform Resource Locator (URL)
Uniform Resource Identifier (URIs)
Get
Post
Put
HTTP Secure (HTTPS)
Secure Socket Layer (SSL)
Simple Mail Transfer Protocol (SMTP)
Post Office Protocol (POP)
Chapter 10 New Terms and Commands
IMAP
Port 25 (SMTP)
TCP Port 110 (POP)
Domain name
DNS Protocol
Record types: A, NS, AAAA, MX
ipconfig /displaydns
Top-level domains are: .com, .org, .au, .co
10.2.2.4
Nslookup
10.2.2.5
10.2.3.1
FTP daemon (FTPd)
10.2.3.2
Server Message Block (SMB)
Related Articles
Search the site
Menu
Protocol Analysis
Understand the protocols in use in the network.
Protocol analyzers are tools designed to help in that task.
Capture traffic in high-utilization times and in different locations of the network.
Analysis results allow for more efficient way to manage traffic.
Network Attacks
Types of Malware
Viruses
Worms
Trojan Horses
Reconnaissance Attacks
Discovery and mapping of systems and services
Acquire enough information on the target system or network to facilitate the search for vulnerabilities.
Common tools rely mostly on free and public Internet services, such as DNS and Whois.
Port-scanners and packet sniffers are also commonly used in reconnaissance.
Access Attacks
Password Attacks
Trust Exploitation
Port Redirection
Man-in-the-Middle
Device Security
Device Security Overview
Default settings are dangerous because they are well-known.
Cisco routers have the Cisco AutoSecure feature.
In addition, the following apply for most systems:
Change default usernames and passwords immediately
Restrict access to system resources to authorized individuals only.
Turn off unnecessary services.
Update any software and install any security patches prior to production operation.
Passwords
Use strong passwords. A strong password has/is:
At least 8 characters, preferably 10 or more
A mix of uppercase and lowercase letters, numbers, symbols, and spaces.
No repetition, no common dictionary words, no letter or number sequences, no usernames, relative, or pet
names, and no other easily identifiable pieces of information
Misspelled words
Changed often
Cisco routers support the use of a phrase made of many words, which is called a passphrase.
Basic Security Practices
Strong passwords are only as useful as they are secret.
The service password-encryption command encrypts the passwords in the configuration.
The security passwords min-length command ensures all configured passwords have a minimum specified
length.
Blocking several consecutive login attempts helps minimize password brute-force attacks.
login block-for 120 attempts 3 within 60 will block login attempts for 120 seconds if there are three failed login
attempts within 60 seconds.
exec timeout automatically disconnect idle users on a line
Enable SSH
Telnet is not secure.
It is highly recommended to use SSH for remote shell protocol.
To configure a Cisco device to support SSH takes four steps:
Step 1. Ensure that the router has a unique hostname and a IP domain name.
Step 2. Generate the SSH keys.
Step 3. Create a local username.
Step 4. Enable vty inbound SSH sessions.
The router can now be remotely accessed only by using SSH.
Debugging
The debug Command
Allows the administrator to display
messages generated by the following
processes in real-time for analysis:
IOS processes
Protocols
Mechanisms
Events
undebug all turns off all debug commands
What are the available debug commands?
What can you do to limit the amount of displayed messages?
The terminal monitor Command
Displays the log messages while connected remotely, such as SSH
Stop displaying the log message: terminal no monitor
Troubleshooting Methodologies
Basic Troubleshooting Approaches
Identify the Problem
Establish a Theory of Probable Causes
Test the Theory to Determine Cause
Establish a Plan of Action to Resolve the Problem and Implement the Solution
Verify Full System Functionality and Implement Preventative Measures
Document Findings, Actions, and Outcomes
Resolve or Escalate?
Verify and Monitor Solution
What IOS commands can you use to verify and monitor the solution?
Troubleshooting Scenarios
IP Addressing Issues on IOS Devices
Manual assignment mistakes
DHCP-related issues
Which show commands?
IP Addressing Issues on End Devices
169.254.0.0/16 on Windows-based system
ipconfig to verify IP addresses assigned to a Windows-based system
Default Gateway Issues
Unable to communicate outside the network
ipconfig to verify default gateway assigned to a Windows-based system
Troubleshooting DNS Issues
ipconfig /all to determine DNS server used
nslookup to manually place DNS queries and analyze DNS response
Summary
Explain how a small network can scale into a larger network.
Configure switches and routers with device hardening features to enhance security.
Use common show commands and utilities to establish a relative performance baseline for the network.
Apply troubleshooting methodologies and command host and IOS commands to resolve problems.
Explain how a small network of directly connected segments is created, configured, and verifies.
Application Filtering
Authentication, Authorization, and Accounting (AAA)
auto secure (command)
exec timeout (command)
crypto key generate rsa general-keys modulus modulus-size (command)
endpoint security
ip domain-name domain-name (command)
login block-for 120 attempts 3 within 60 (command)
Packet Filtering
passphrase
Personal firewalls
security passwords min-length (command)
Stateful Packet Inspection (SPI)
service password-encryption (command)
transport input ssh
URL Filtering
Related Articles