ccna 1 chapter 11 study guide

John McHugh CCAI 3/13/2013

Community College of Vermont

CCNA Chapter 11 Configuring & Testing Your Network

11.1.1 What is the system software in Cisco devices?

The Cisco Internetwork Operating System (IOS)

The Cisco IOS provides devices with what network services?

Basic routing and switching functions Reliable and secure access to networked resources Network scalability

How is the IOS generally accessed? By using a command line interface (CLI).

Where is the IOS stored? In a semi-permanent memory area called flash.

What type of memory is flash? Flash memory provides non-volatile storage. This means that the contents of the memory are not lost when the device loses power.

What are several ways to access the CLI environment?

Console Telnet or SSH AUX port

Describe the console port. The console port is a management port that provides out-of-band access to a router. The console port is accessible even if no networking services have been configured on the device.

When would the console port be used? The initial configuration of the network device

Disaster recovery procedures and troubleshooting where remote access is not possible

Password recovery procedures

By default, the console conveys what? The device startup, debugging, and error messages.

Why type of security precautions be taken to protect the router?

The console should be configured with passwords to prevent unauthorized device access. In the event that a password is lost, there is a special set of procedures for bypassing the password and accessing the device. The device should be located in a locked room or equipment rack to prevent physical access.

What are 2 methods for remotely accessing the router? Describe them.

Telnet –A terminal emulation program SSH-establishes a secure channel between a local & a remote computer. Uses public-key cryptography for authentication.

What are required for Telnet to work properly?

Telnet sessions require active networking services on the device. The network device must have at least one active interface configured with a Layer 3 address, such as an IPv4 address. Cisco IOS devices include a Telnet server process that launches when the device is started. The IOS also contains a Telnet client. For security reasons, the IOS requires that the Telnet session use a password, as a minimum authentication method.

11.1.2 Network devices depend on what two types of software for their operation

Operating system-facilitates the basic operation of the device's hardware components



Configuration-contain the Cisco IOS software commands used to customize the functionality of a Cisco device

A Cisco network device contains what two configuration files?

The running configuration file - used during the current operation of the device The startup configuration file - used as the backup configuration and is loaded when the device is started

Where is the startup config file stored? In non-volatile RAM (NVRAM)

Where is the running config located? In RAM

11.1.3 What is a modal operating system? A system where there are different modes of operation, each having its own domain of operation.

In the CLI what are, in order from top to bottom, the major modes? List some of the available commands for each.

User executive mode-ping, show commands, enable

Privileged executive mode-all User EXEC commands, debug commands, reload, configure

Global configuration mode-hostname, enable secret, ip route, interface

Other specific configuration modes-these include interface configuration mode, router configuration mode

What is a command prompt? The mode is identified by the command-line prompt that is unique to that mode. The prompt is composed of the words and symbols on the line to the left of the entry area.

By default, with what does every prompt begin?

The device name

In what mode does “Router>” indicate? User executive mode

In what mode does “Router#” indicate? Privileged executive mode

In what mode does “Router(config)#” indicate?

Global configuration mode

In what mode does “Router(config-if)#” indicate?

Interface configuration mode

What are the two primary modes of operation?

User EXEC-used to monitor & view limited information Privileged EXEC-the administration mode; allows you to enter global config mode.

What commands are used to change the CLI between the user EXEC mode and the privileged EXEC mode?

The enable and disable commands

What is the syntax for entering the enable command?

Router>enable

Once the command from the previous question is entered, how does the router prompt change?

It changes to: Router#

11.1.4 Each IOS command has specific format or syntax and is executed at the appropriate prompt. The general syntax for a command is what? Give an example.

The command followed by any appropriate keywords and arguments show startup-config

How do you submit a command? Press the <Enter> key

What are the IOS command conventions? Boldface text - indicates commands &



keywords that are entered literally as shown

Italics - indicates arguments where the user supplies the values

[ ] - Sq. brackets enclose an option element

| - A vertical line indicates a choice within an opt’l or required set of keywords or arguments

[ x | y] - Sq. brackets enclosing keyword or arguments separated by a vertical line indicate an optional choice

{x | y} Braces enclosing keywords or augments separated by a vertical line indicate a required choice.

11.1.5 The IOS has several forms of help available. What are they?

Context-sensitive help- provides a list of commands and the arguments associated with those commands within the context of the current mode. To access context-sensitive help, enter a question mark, ?, at any prompt.

Command Syntax Check- if the interpreter cannot

understand the command being entered; it will provide feedback describing what is wrong with the command. Hot Keys and Shortcuts- make configuring, monitoring, and troubleshooting easier.

What are the 3 different types of error messages given by the command syntax check?

Ambiguous command-not enough characters entered for the command interpreter to recognize the command

Incomplete command-indicates that required keywords or arguments were left off the end of the command

Incorrect command-returns a ^ to indicate where the command interpreter cannot decipher the command

What are some of the most commonly used hot keys & shortcuts?

Tab - Completes the remainder of the command or keyword Ctrl-R - Redisplays a line Ctrl-Z - Exits configuration mode and returns to the EXEC Down Arrow - Allows user to scroll forward through former commands Up Arrow - Allows user to scroll backward through former commands Ctrl-Shift-6 - Allows the user to interrupt an IOS process such as ping or traceroute Ctrl-C - Aborts the current command and exits the configuration mode

11.1.6 In order to verify and troubleshoot network operation, we must examine the operation of the devices. What is the basic examination command?

The show command

What are some of the more commonly used show commands; include their

show arp - Displays the ARP table of the device.



output show mac-address-table - (switch only) Displays the MAC table of a switch.

show startup-config - Displays the saved configuration located in NVRAM.

show running-config - Displays the contents of the currently running configuration file or the configuration for a specific interface, or map class information.

show ip interfaces - Displays IPv4 statistics for all interfaces on a router. To view the statistics for a specific interface, enter the show ip interfaces command followed by the specific interface slot/port number. Another important format of this command is show ip interface brief. This is useful to get a quick summary of the interfaces and their operational state.

11.1.7 What is the primary configuration mode, and what type of changes are made here?

The primary configuration mode is called global configuration or global config. From global config, CLI configuration changes are made that affect the operation of the device as a whole.

What CLI command is used to take the

device from privileged EXEC mode to the global configuration mode and to allow entry of configuration commands from a terminal? Show the proper syntax.

Router#configure terminal

What are a few of the different configuration modes that can be reached from global config mode?

Interface mode - to configure one of the network interfaces (Fa0/0, S0/0/0,..)

Line mode - to configure one of the lines (physical or virtual) (console, AUX, VTY,..)

Router mode - to configure the parameters for one of the routing protocols

Do the changes made in these individual config modes affect the entire device?

No, as configuration changes are made within an interface or process, the changes only affect that interface or process.

How do you exit a specific configuration mode and return to global configuration mode?

Enter exit at a prompt

How do you leave configuration mode completely and return to privileged EXEC mode?

Enter end or use the key sequence Ctrl-Z.

How do you keep your changes from being lost due to a power failure or deliberate restart? What is the proper command syntax to do this?

Once a change has been made from the global mode, it is good practice to save it to the startup configuration file stored in NVRAM. Router#copy running-config startup-config

11.2.1 What is the factory-assigned default hostname for a router and a switch respectively?

Router, Switch

Why is it important to give each device a specific name?

If an internetwork had several routers that were all named with the default name "Router." This would create considerable confusion during network configuration and maintenance. When accessing a



remote device using Telnet or SSH, it is important to have confirmation that an attachment has been made to the proper device. If all devices were left with their default names, we could not identify that the proper device is connected.

What are some guidelines for naming conventions?

Start with a letter Not contain a space End with a letter or digit Have characters of only letters, digits, and dashes Be 63 characters or fewer

What are the commands needed to assign the hostname of AtlantaHQ to a router?

From the privileged EXEC mode, access the global configuration mode by entering the configure terminal command: Router#configure terminal After the command is executed, the prompt will change to: Router(config)# In the global mode, enter the hostname: Router(config)#hostname AtlantaHQ After the command is executed, the prompt will change to: AtlantaHQ(config)# Notice that the hostname appears in the prompt. To exit global mode, use the exit command.

How do you negate the effects of a command? Remove the hostname from the previous question.

Preface the command with the no keyword. AtlantaHQ(config)# no hostname Router(config)#

11.2.2 For security, what should every device have?

A locally configured passwords to limit access.

What are the most common device passwords?

Console password - limits device access using the console connection

Enable password - limits access to the privileged EXEC mode

Enable secret password - encrypted, limits access to the privileged EXEC mode

VTY password - limits device access using Telnet

What is a good practice regarding passwords?

You should use different authentication passwords for each of these levels of access.

What key points should be considered when choosing passwords?

Use passwords that are more than 8 characters in length.

Use a combination of upper and lowercase and/or numeric sequences in passwords.



Avoid using the same password for all devices.

Avoid using common words such as password or administrator, because these are easily guessed.

What are the commands needed to assign a console password to a switch? Is this different in a router?

Switch(config)#line console 0 Switch(config-line)#password password Switch(config-line)#login No.

What can you use to add additional security to your device?

Use the enable password command or the enable secret command. Either of these commands can be used to establish authentication before accessing privileged EXEC (enable) mode.

Why should you use one over the other? Always use the enable secret command, not the older enable password command, if possible. The enable secret command provides greater security because the password is encrypted. The enable password command can be used only if enable secret has not yet been set. The enable password command would be used if the device uses an older copy of the Cisco IOS software that does not recognize the enable secret command.

What are the commands to set these passwords?

Router(config)#enable password password Router(config)#enable secret password

What can happen if neither of these passwords is set?

The IOS prevents privileged EXEC access from a Telnet session.

What are vty lines? By default how many are there?

They allow access to a router via Telnet. By default, many Cisco devices support five VTY lines that are numbered 0 to 4.

What are the commands to set the vty line passwords?

Router(config)#line vty 0 4 Router(config-line)#password password Router(config-line)#login

How can a non-encrypted password be encrypted?

The service password-encryption command prevents passwords from showing up as plain text when viewing the configuration files.

How can you provide a method for declaring that only authorized personnel should attempt to gain entry into the device?

Add a banner to the device output.

The IOS provides multiple types of banners. One common banner is the message of the day (MOTD). It is often used for legal notification because it is displayed to all connected terminals. What are the commands to configure this type of banner?

Switch(config)#banner motd # message #

11.2.3 What is the purpose of the reload command?

It reloads the startup configuration.

Where can back-ups of configuration files be stored?

On a Trivial File Transfer Protocol (TFTP) server, a CD, a USB memory stick, or a floppy disk stored in a safe place. A configuration file should also be



included in the network documentation.

What are the steps to saving a configuration file to a TFTP server?

1.Enter the copy running-config tftp command. 2. Enter the IP address of the host where the configuration file will be stored. 3. Enter the name to assign to the configuration file. 4. Answer yes to confirm each choice.

If undesired changes are saved to the startup configuration, it may be necessary to clear all the configurations. This requires erasing the startup configuration and restarting the device. How?

The startup configuration is removed by using the erase startup-config command. To erase the startup configuration file use erase NVRAM:startup-config or erase startup-config at the privileged EXEC mode prompt: Router#erase startup-config Once the command is issued, the router will prompt you for confirmation: Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] Confirm is the default response. To confirm and erase the startup configuration file, press the Enter key. Pressing any other key will abort the process.

How can config files be saved to a text document?

With Text Capture such as HyperTerminal. When using HyperTerminal, follow these steps: 1. On the Transfer menu, click Capture Text. 2. Choose the location. 3. Click Start to begin capturing text. 4. Once capture has been started, execute the show running-config or show startup-config command at the privileged EXEC prompt. Text displayed in the terminal window will be placed into the chosen file. 5. View the output to verify that it was not corrupted.

How can you restore a config file to a device from a text capture?

The file will require editing to ensure that encrypted passwords are in plain text and that non-command text such as "--More--" and IOS messages are removed. The device must be set at the global configuration. When using HyperTerminal, the steps are: 1. Locate the file to be copied into the device and open the text document. 2. Copy all of the text. 3. On the Edit menu, click paste to host.

11.2.4 What are the steps & commands needed to configure a router’s Ethernet ports?

To configure an Ethernet interface follow these steps: 1. Enter global configuration mode. 2. Enter interface configuration mode. 3. Specify the interface address and subnet mask.



4. Enable the interface. Router(config)#interface FastEthernet 0/0 Router(config-if)#ip address ip_address netmask Router(config-if)#no shutdown

Why is the no shutdown command needed?

By default, interfaces are disabled. Without this command, no traffic can come in or out of the interface.

What are the steps & commands needed to configure a router’s serial ports?

To configure a serial interface follow these steps: 1. Enter global configuration mode. 2. Enter interface mode. 3. Specify the interface address and subnet mask. 4. Set the clock rate if a DCE cable is connected. Skip this step if a DTE cable is connected. 5. Turn on the interface. Router(config)#interface Serial 0/0/0 Router(config-if)#ip address ip_address netmask Router(config-if)#clock rate 56000-if this is the DCE end

Router(config-if)#no shutdown

What is the reason for adding a description to an interface?

A description indicates the purpose of the interface. A description of what an interface does or where it is connected should be part of the configuration of each interface. This description can be useful for troubleshooting.

What are the commands to add a description to an interface? Are the commands the same in a router as in a switch

Yes they are the same. Example: HQ-switch1#configure terminal HQ-switch1(config)#interface fa0/0 HQ-switch1(config-if)#description Connects to main switch in Building A

Do switch interfaces require IP addresses? Why or why not?

A LAN switch is an intermediary device that interconnects segments within a network. Therefore, the physical interfaces on the switch do not have IP addresses. A physical interface on a switch connects devices within a network.

When would an IP address be assigned? In order to be able to manage a switch, we assign addresses to the device to it. With an IP address assigned to the switch, it acts like a host device. The address for a switch is assigned to a virtual interface represented as a Virtual LAN interface (VLAN).

What is the default state for switch interfaces?

Switch interfaces are also enabled by default. However, VLAN interfaces must be enabled with the no shutdown command

What are the commands to configure a VLAN interface?

Switch(config)#interface vlan 1 Switch(config-if)# ip address ipaddress subnet mask Switch(config-if)#no shutdown Switch(config-if)#exit Switch(config)#ip default-gateway ipaddress

11.3.1 What is the purpose of the ping command?

Using the ping command is an effective way to test connectivity. The test is often referred to as testing the protocol stack, because the ping command moves from Layer 3 of the OSI model to Layer 2 and then Layer 1.

What protocol does ping use? The ICMP protocol to check for connectivity.

What are the most common Ping ! - Indicates receipt of an ICMP echo reply-



indicators? ping completed successfully and verifies Layer 3 connectivity.

. - indicates a timed out while waiting for a reply- may indicate connectivity problem occurred somewhere along the path. May indicate a router along the path did not have a route to the destination and did not send an ICMP destination unreachable message. May indicate that ping was blocked by device security.

U - An ICMP unreachable message was received- indicates that a router along the path did not have a route to the destination address and responded with an ICMP unreachable message.

What does pinging the loopback test? What is the command?

It is used to verify the internal IP configuration on the

local host. C:\>ping 127.0.0.1

What is the size of the test packets sent by the ping command?

32 bytes

What is the TTL? Time to Live in milliseconds

11.3.2 What is the difference between the show ip interfaces & the show ip interface brief commands?

The show ip interface brief command provides a more abbreviated output than the show ip interface command. This provides a summary of the key information for all the interfaces.

In looking at the output from the show ip int bri command (abbreviated) what does the output of up & up under the Status & Protocols columns indicate?

The up in the Status column shows that this interface is operational at Layer 1. The up in the Protocol column indicates that the Layer 2 protocol is operational.

What are the possible outcomes for these 2 columns?

Status Protocol Up Up Up Down Down Down

Why is the outcome for Status/Protocol never going to be Down/Up

Because if the physical layer is down, all other layers are going to be down.

How do you verify that the NIC address is bound to the IPv4 address and that the NIC is ready to transmit signals across the media?

By testing the interface assignment. Ping the IP address assigned to the NIC C:\ping ipaddress

If the test in the previous question fails, what is a possible reason?

If this test fails, it is likely that there are issues with the NIC hardware and software driver that may require reinstallation of either or both.

11.3.3 How can you verify that both the local host (the router in this case) and the remote host are configured correctly?

This test is conducted by pinging each host one by one on the LAN.

What are the “extended” ping commands & how do you enter this command?

This mode is entered by typing ping in privileged EXEC mode, at the CLI prompt without a destination IP address. A series of prompts are then presented. Router#ping Protocol [ip]: Target IP address:10.0.0.1 Repeat count [5]:

John McHugh CCAI

3/13/2013


Datagram size [100]: Timeout in seconds [2]:5 Extended commands [n]: n

11.3.4 How do you verify that a local host can connect with a gateway address>

Ping the ip address of the local gateway C:\ping ipaddress

What is the gateway? The gateway is the host's entry and exit to the wider network. It is usually the address of the Ethernet interface of the router to which the host is connected either directly or indirectly through a switch.

What command shows you the next hop in a destination’s route?

The show ip route command. This shows you the routing table.

How do you test the connectivity of the next hop?

Ping the ip address of the next hop router as indicated from the output of the routing table.

How do you test connectivity to a remote host?

Ping the ip address of the remote host.

11.3.5 What is the purpose of a trace, and what commands are used?

A trace returns a list of hops as a packet is routed through a network. The form of the command depends on where the command is issued. When performing the trace from a Windows computer, use tracert. When performing the trace from a router CLI, use traceroute.

What is shown in the output of a trace that indicates a failure along the path?

*** are shown to indicate Trace requests to the next hop timed out, meaning that the next hop did not respond.

What are the steps in a testing sequence assuming that one test is successful and the testing should continue?

Test 1: Local Loopback-testing the stack Test 2: Local NIC-testing the interface assignment Test 3: Ping Local Gateway-testing local network Test 4: Ping Remote Host-testing gateway & remote connectivity Test 5: Traceroute-testing each hop in the path

11.4.1 What is one of the most effective tools for monitoring and troubleshooting network performance?

Establish a network baseline.

What is network baseline? A process that involves monitoring network performance & behavior over a certain period of time allowing for a point of reference when wanting to monitor performance in the future.

What is one method for starting a baseline?

To copy and paste the results from an executed ping, trace, or other relevant command into a text file. These text files can be time stamped with the date and saved into an archive for later retrieval.

What are the steps to capture output using HyperTerminal?

When using HyperTerminal for access, the steps are: 1. On the Transfer menu, click Capture Text. 2. Choose Browse to locate or type the name of the saving the file. 3. Click Start to begin capturing text 4. Execute the ping command in the user EXEC mode or at the privileged EXEC prompt. The router will place the text displayed on the terminal in the location chosen.

John McHugh CCAI

3/13/2013


5. View the output to verify that it was not corrupted. 6. On the Transfer menu, click Capture Text, and then click Stop Capture. These steps are the same for other output captures including traceroute.

11.4.3 How do you execute an ARP request from a host?

To execute an ARP command, at the command prompt of a host, enter: C:\host1>arp -a

What type of info can be found in the ARP cache?

The IPv4 address, physical address, and the type of addressing (static/dynamic), for each device. The ARP cache is only populated with information from devices that have been recently accessed.

How can this cache be cleared? It can be cleared by using the arp -d command.

How can you ensure that the ARP cache is populated?

Ping a device so that it will have an entry in the ARP table.

What is a ping sweep? It is a scanning method for collecting MAC addresses that can be executed at the command line or by using network administration tools.

How can you determine a mapping of how hosts are connected to a switch?

Using a command line from a switch, enter the show command with the mac-address-table argument: Sw1-2950#show mac-address-table

What might be an indicator that a switch port is on a shared segment or is connected to another switch?

Several MAC addresses representing multiple nodes assigned to a single port.

ccna 1 chapter 11 study guide

Documents