Free CCNA Tutorials Notes Free CCNA Notes Tutorials Free CCNA Study Guides

Exam Information Topic and OSI Layer modals 640 – 802 CCNA New Exam Syllabus List of New Exam Topics Advantage of Open System interface OSI Layer model OSI reference model and Cisco's three-layer hierarchical model

Subnetting Supernetting and VLSM Subnetting Benefits of subnetting Method of Subnetting Binary ANDing process Variable length subnet mask Route Summarization Example of VLSM

Cisco devices administration and configuration of packet tracer

How to connect cisco devices in windows packet tracer and in boson IOS internetwork operating system Advantage and Naming Conventions Router and switch Switch Interface Nomenclature classification Cisco devices hardware component booting process How to configure packet tracer step by step guide Example Cisco IOS Mode User Privilege and Global Configurations mode how to use Help Facilities of the Cisco IOS and error message How to configure Cisco Discovery Protocol CDP step by step guide Step by Step guide for Administration of cisco devices Step by Step guide to configure Cisco SDM and examples

Switching VLAN STP VTP DTP Ether Channels 2960 switch overview functionality and Switch Bootup Process

Basic of switching Methods of Switching EtherChannels Spanning Tree protocols stp and Rapid Spanning Tree Protocol

How to configure Virtual lan trunk tagging dtp vtp vtp pruning Basic Switch configurations commands Step by Step guide and examples Step by Step guide and examples of Switch port security configurations How to configure vlan vtp stp dtp step by step guide

Routing Static Dynamics RIP OSPF IGRP EIGRPBasic router configurations login in router examples and step by step guides Basic router configurations show commands Step by Step guide and examples Basic of routing distance vector protocol problems solutions Guide tutorials notes of Basic of static routing Step by Step guide to configure static route configurations Guide tutorials notes of Routing Information Protocol RIP Step by Step guide of how to configure Rip Routing Configurations Guide tutorials notes of Enhanced Interior Gateway Routing Protocol Step by Step guide of how to configure eigrp routing configurations

Guide tutorials notes of open shortest path first OSPF Step by Step guide of how to configure open shortest path first OSPF Configuration Advance example of routing configure EIGRP with RIP on same network

Network Security access lists standards and extended Definitions Characteristics Components locations of Network Network Security Need for Network Security and Types of Attack Network Security Reconnaissance Attack Password attack methods Network Security Mitigating Common Threats and their solutions Guide tutorials notes of Access control list Configuration guidelines Step by Step guide of how to configure standard access lists Step by Step guide of how to configure extended access lists

IPv6 features concepts and configurations Guide tutorials notes on ipv6 tutorials Limitations of ipv4 ipv6 tutorials on builtin features of ipv6 ipv6 tutorials on difference between ipv4 and ipv6 ipv6 address common terms and concepts ipv6 tutorials on types of address format ipv6 tutorials on Special Addresses ipv6 tutorials on Address Assignment ipv6 tutorials on Address Autoconfiguration ipv6 tutorials on Assigning address to Windows server 2008 and Windows vista ipv6 tutorials on tools ipconfig ping tracert netstat pathping ipv6 tutorials on icmp overview error messages ipv6 tutorials on neighbor discovery ipv6 tutorials on Transition Strategies ipv6 tutorials on configure cisco router with IPv6 ipv6 tutorials on configure routing with IPv6

WAN protocols HDLC PPP Frame Really NAT PAT wan terms definitions encapsulation method hdlc ppp Step by Step guide of how to configure hdlc ppp Guide tutorials notes of Frame Really Step by Step guide of how to configure Frame Really Network address Translation static nat dynamic nat pat Step by Step guide of how to configure NAT PAT

Wireless networking on Cisco Router

Wireless Networking Basic Guide tutorials notes of Access Modes

Wireless Networking Basic Security

Wireless Networking Types of Networks How to configure Wireless Networking Step by step guide

the main principle of this Free CCNA Study Guides is to help you achieve the Cisco Certified Network Associate (CCNA) certification so that you can enhance your career. I believe that the only way you can increase your knowledge is through theoretical and practical learning. In other words, this site provides the theoretical learning as well as basic hands-on experience that you’ll need to pass the exam.

You can achieve CCNA certification in two ways:

Pass the CCNA-640-802 exam. Pass both the ICNDv1 (640-822) and ICNDv2 (640-816) exams.

The CCNA 640-802 exam includes the same topics covered by the ICNDv1 640-822 and ICNDv2 640-816 exams. Cisco developed the second approach particularly for individuals who are just beginning their journey into networking, especially for people taking the CCNA curriculum at a Cisco Network Academy. The two-test approach is better suited for this environment since it takes a year to two to go through Cisco’s CCNA curriculum at the Network Academies. With this approach, you take the ICNDv1 640-822 exam halfway through the curriculum and the ICNDv2 640-816 exam at the end of the curriculum.

Another advantage of taking and passing the ICNDv1 exam is that you have achieved Cisco’s newest entry-level certification: CCENT (Cisco Certified Entry Networking Technician). In August 2007, Cisco introduced this certification based on customer and employer demand for a lower level certification demonstrating basic networking and hand-on skills with IOS devices such as routers and switches. If you already have networking experience, especially if that experience includes configuring Cisco devices, you are better off taking the single CCNA 640-802 exam. The main advantage of this approach is that you have to pay for only one exam.

This CCNA Free Study Guides series are primarily written for those individuals wishing to pass the CCNA 640-802 exam. However, this free series contains all the information that you would need to pass both the ICNDv1 640-822 and ICNDv2 640-816 exams. Therefore, it is up to you to determine which testing approach you take to achieve your CCNA certification.

640-802 CCNA® EXAM

Company Cisco SystemExam Number 640-802Associated Certifications CCNA

Duration 90 minutes (45-55 questions)Available Languages

English, Japanese, Chinese, Spanish, Russian, Korean, French, Portuguese

Authorize Exam Pearson VUE

Organizer Prerequisites None ( Basic Networking Knowledge recommended)

Substitute Exam 640-822 ICND1- Interconnecting Cisco Networking Devices Part 1

640-816 ICND2-Interconnecting Cisco Networking Devices Part 2 Validity period Three years

Recertification

To recertify, pass the ICND2 exam, or pass the current CCNA exam, or pass a CCNA Concentration exam (wireless, security, voice), or pass the current CCDA exam, or pass any 642 - XXX professional level or Cisco Specialist exam (excluding Sales Specialist exams), or pass a current CCIE or CCDE written exam.

Exam Topics

The following topics are general guidelines for the content likely to be included on the Cisco Certified Network Associate exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Describe how a network works

Describe the purpose and functions of various network devices Select the components required to meet a network specification Use the OSI and TCP/IP models and their associated protocols to

explain how data flows in a network Describe common networked applications including web applications Describe the purpose and basic operation of the protocols in the OSI

and TCP models Describe the impact of applications (Voice Over IP and Video Over IP)

on a network Interpret network diagrams Determine the path between two hosts across a network Describe the components required for network and Internet

communications Identify and correct common network problems at layers 1, 2, 3 and 7

using a layered model approach Differentiate between LAN/WAN operation and features

Configure, verify and troubleshoot a switch with VLANs and interswitch communications

Select the appropriate media, cables, ports, and connectors to connect switches to other network devices and hosts

Explain the technology and media access control method for Ethernet networks

Explain network segmentation and basic traffic management concepts Explain basic switching concepts and the operation of Cisco switches Perform and verify initial switch configuration tasks including remote

access management Verify network status and switch operation using basic utilities

(including: ping, traceroute, telnet, SSH, arp, ipconfig), SHOW & DEBUG commands

Identify, prescribe, and resolve common switched network media issues, configuration issues, auto negotiation, and switch hardware failures

Describe enhanced switching technologies (including: VTP, RSTP, VLAN, PVSTP, 802.1q)

Describe how VLANs create logically separate networks and the need for routing between them

Configure, verify, and troubleshoot VLANs Configure, verify, and troubleshoot trunking on Cisco switches Configure, verify, and troubleshoot interVLAN routing Configure, verify, and troubleshoot VTP Configure, verify, and troubleshoot RSTP operation Interpret the output of various show and debug commands to verify

the operational status of a Cisco switched network. Implement basic switch security (including: port security, trunk access,

management vlan other than vlan1, etc.)

Implement an IP addressing scheme and IP Services to meet network requirements in a medium-size Enterprise branch office network

Describe the operation and benefits of using private and public IP addressing

Explain the operation and benefits of using DHCP and DNS Configure, verify and troubleshoot DHCP and DNS operation on a

router.(including: CLI/SDM) Implement static and dynamic addressing services for hosts in a LAN

environment Calculate and apply an addressing scheme including VLSM IP

addressing design to a network Determine the appropriate classless addressing scheme using VLSM

and summarization to satisfy addressing requirements in a LAN/WAN environment

Describe the technological requirements for running IPv6 in conjunction with IPv4 (including: protocols, dual stack, tunneling, etc).

Describe IPv6 addresses Identify and correct common problems associated with IP addressing

and host configurations

Configure, verify, and troubleshoot basic router operation and routing on Cisco devices

Describe basic routing concepts (including: packet forwarding, router lookup process)

Describe the operation of Cisco routers (including: router bootup process, POST, router components)

Select the appropriate media, cables, ports, and connectors to connect routers to other network devices and hosts

Configure, verify, and troubleshoot RIPv2 Access and utilize the router to set basic parameters.(including:

CLI/SDM) Connect, configure, and verify operation status of a device interface Verify device configuration and network connectivity using ping,

traceroute, telnet, SSH or other utilities Perform and verify routing configuration tasks for a static or default

route given specific routing requirements Manage IOS configuration files. (including: save, edit, upgrade, restore) Manage Cisco IOS Compare and contrast methods of routing and routing protocols Configure, verify, and troubleshoot OSPF Configure, verify, and troubleshoot EIGRP Verify network connectivity (including: using ping, traceroute, and

telnet or SSH) Troubleshoot routing issues Verify router hardware and software operation using SHOW & DEBUG

commands. Implement basic router security

Explain and select the appropriate administrative tasks required for a WLAN

Describe standards associated with wireless media (including: IEEE WI-FI Alliance, ITU/FCC)

Identify and describe the purpose of the components in a small wireless network. (Including: SSID, BSS, ESS)

Identify the basic parameters to configure on a wireless network to ensure that devices connect to the correct access point

Compare and contrast wireless security features and capabilities of WPA security (including: open, WEP, WPA-1/2)

Identify common issues with implementing wireless networks. (Including: Interface, missconfiguration)

Identify security threats to a network and describe general methods to mitigate those threats

Describe today's increasing network security threats and explain the need to implement a comprehensive security policy to mitigate the threats

Explain general methods to mitigate common security threats to network devices, hosts, and applications

Describe the functions of common security appliances and applications Describe security recommended practices including initial steps to

secure network devices

Implement, verify, and troubleshoot NAT and ACLs in a medium-size Enterprise branch office network

Describe the purpose and types of ACLs Configure and apply ACLs based on network filtering requirements.

(including: CLI/SDM) Configure and apply an ACLs to limit telnet and SSH access to the

router using (including: SDM/CLI) Verify and monitor ACLs in a network environment Troubleshoot ACL issues Explain the basic operation of NAT Configure NAT for given network requirements using (including:

CLI/SDM) Troubleshoot NAT issues

Implement and verify WAN links

Describe different methods for connecting to a WAN Configure and verify a basic WAN serial connection Configure and verify Frame Relay on Cisco routers Troubleshoot WAN implementation issues Describe VPN technology (including: importance, benefits, role, impact,

components) Configure and verify a PPP connection between Cisco routers

Cisco system could change this syllabus without any notification. We suggest you to review Cisco’s official site before taking exam.

OSI Reference Model

The OSI reference model is the primary model for network communications. The early development of LANs, MANs, and WANs was confused in many ways. The early 1980s saw great increases in the number and sizes of networks. As companies realized that they could save money and gain productivity by using networking technology, they added networks and expanded existing networks as rapidly as new network technologies and products were introduced.

In 1984, the International Organization for Standardization (ISO) developed the OSI Reference Model to describe how information is transferred from one networking component to

another, from the point when a user enters information using a keyboard and mouse to when that information is converted to electrical or light signals transferred along a piece of wire (or radio waves transferred through the air).

ISO developed the seven-layer model to help vendors and network administrators gain a better understanding of how data is handled and transported between networking devices, as well as to provide a guideline for the implementation of new networking standards and technologies. To assist in this process, the OSI Reference Model separates the network communication process into seven simple layers.

Dividing the network into these seven layers provides these advantages:

Reduces complexity:

It breaks network communication into smaller, simpler parts. It divides the network communication process into smaller and simpler components, thus aiding component development, design, and troubleshooting.

Standardizes interfaces:

It standardizes network components to allow multiple vendor development and support.

Facilitates modular engineering:

It allows different types of network hardware and software to communicate with each other.

Interoperability between Vendors

It allows multiple-vendor development through standardization of network components. Defines the process for connecting two layers together, promoting interoperability between vendors It Allows vendors to compartmentalize their design efforts to fit a modular design, which eases implementations and simplifies troubleshooting

Ensures interoperable technology:

It prevents changes in one layer from affecting the other layers, allowing for quicker development.

Accelerates evolution:

It provides for effective updates and improvements to individual components without affecting other components or having to rewrite the entire protocol.

Simplifies teaching and learning:

It breaks network communication into smaller components to make learning easier. Provides a teaching tool to help network administrators understand the communication process used between networking components

The OSI Reference Model

The OSI reference model consists of seven layers: physical, data-link, network, transport, session, presentation, and application.

The OSI model layers usually do not correspond exactly to the protocol stack running on an actual system.

The data-link layer protocols often include physical layer specifications. The network and transport layer protocols work together to provide a

cumulative end-to-end communication service. The functions of the session, presentation, and application layers are often

combined into a single application layer protocol.

OSI Reference Model

Each OSI layer contains a set of functions performed by programs to enable data to travel from a source to a destination on a network. In our pervious article I told you the advantage of OSI model.

advantage of OSI model

In this article I will provide brief descriptions of each layer in the OSI reference model.

Application Layer

The application layer is the OSI layer that is closest to the user. This layer provides network services to the user's applications. It differs from the other layers in that it does not provide services to any other OSI layer, but only to applications outside the OSI reference model. Applications layer provide a platform to access the data of remote computer.

The application layer protocols that you should know are as follows:

SNMP (Simple Network Management Protocol)— Communicates status and allows control of networked devices.

TFTP (Trivial File Transfer Protocol)— Simple, lightweight file transfer. DNS (Domain Naming System)— Translates a website name (easy for

people) to an IP address (easy for computers). DHCP (Dynamic Host Configuration Protocol)— Assigns IP, mask, and

DNS server (plus a bunch of other stuff) to hosts. Telnet— Provides a remote terminal connection to manage devices to which

you are not close enough to use a console cable. HTTP (Hypertext Transfer Protocol)— Browses web pages. FTP (File Transfer Protocol)— Reliably sends/retrieves all file types. SMTP (Simple Mail Transfer Protocol)— Sends email. POP3 (Post Office Protocol v.3)— Retrieves email. NTP (Network Time Protocol)— Synchronizes networked device clocks.

presentation layer

The presentation layer is responsible for formatting data so that application-layer protocols (and then the users) can recognize and work with it. Presentation layer format the file extensions—such as .doc, .jpg, .txt, .avi, and so on. you realize that each of these file types is formatted for use by a particular type of application. The presentation layer taking the application layer data and marking it with the formatting codes so that it can be viewed reliably when accessed later. If necessary, the presentation layer might be able to translate between multiple data formats by using a common format.

The Session Layer

The session layer establishes, manages, and terminates sessions between two communicating hosts. It provides its services to the presentation layer. The session layer also synchronizes dialogue between the presentation layers of the two hosts and manages their data exchange. For example, web servers have many users, so many communication processes are open at a given time. Therefore, keeping track of which user communicates on which path is important.

Transport Layer

The transport layer is possibly the most important layer for exam study purposes. A lot is going on here, and it is heavily tested.

The transport layer's main jobs

It sets up and maintains a session connection between two devices. It can provide for the reliable or unreliable delivery of data across this connection. It multiplexes connections, allowing multiple applications to simultaneously send and receive

data. When Implementing a reliable connection, sequence numbers and acknowledgments (ACKs) are used. Flow control (through the use of windowing or acknowledgements) Reliable connections (through the use of sequence numbers and Acknowledgement )

Transport layer use two protocols for sending data TCP and UDP.

TCPTCP is connection oriented protocols. Connection-oriented transmission is said to be reliable. Thinks TCP as registry AD facility available in Indian post office. For this level of service, you have to buy extra ticket and put a bunch of extra labels on it to track where it is going and where it has been. But, you get a receipt when it is delivered, you are guaranteed delivery, and you can keep track of whether your shipment got to its destination. All of this costs you more—but it is reliable!

UDPUDP is connection less protocols. Connection-less transmission is said to be unreliable. Now, don't get too wrapped up in the term "unreliable" this doesn't mean that the data isn't going to get

there; it only means that it isn't guaranteed to get there. Think of your options when you are sending a postcard, put it in the mailbox, and chances are good that it will get where it's supposed to go—but there is no guarantee, and stuff does go missing once in a while. On the other hand, it's cheap.

The transport layer can use two basic flow control methods:

Ready/not ready signals Windowing

There are two problems with the use of ready/not ready signals to implement flow control. First, the destination may respond to the source with a not ready signal when its buffer fills up. While this message is on its way to the source, the source is still sending information to the destination, which the destination will probably have to drop because its buffer space is full.The second problem with the use of these signals is that once the destination is ready to receive more information, it must first send a ready signal to the source, which must receive it before more information can be sent.In many implementations, the window size is dynamically negotiated up front and can be renegotiated during the lifetime of the connection.

In windowing a window size is defined between two host engaged in data transmission. And sender host will wait for an acknowledgement signal after sending the segments equal to window size. If any packet lost in way receiver will respond with acknowledgement for lost packet. And sender will send lost packet again.

Reliability

When reliability is necessary, it should cover these four items:

recognizing lost packets and having them re-sent recognizing packets that arrive out of order and reordering them detecting duplicate packets and dropping the extra ones Avoiding congestion

Connection Multiplexing/Application Mapping

Transport layer assigns a unique set of numbers for each connection. These numbers are called port or socket numbers. TCP, and UDP, provide a multiplexing function for a device: This allows multiple applications to simultaneously send and receive data.Imagine a server that performs a number of functions—for example email, web pages, FTP, and DNS. The server has a single IP address, but can perform all these different functions for all the hosts that want to connect to it. The transport layer (layer 4) uses port numbers to distinguish between different types of traffic that might be headed for the same IP address.

Port numbers are divided into ranges by the IANA. Following are the current port ranges:

Port number descriptions

0–1023Well-Known—For common TCP/IP functions and applications

1024–49151 Registered—For applications built by companies

49152–65535Dynamic/Private—For dynamic connections or unregistered applications

Common TCP and UDP Port Numbers

TCP UDP

FTP 20, 21 DNS 53

Telnet 23 DHCP 67,68

SMTP 25 TFTP 69

DNS 53 NTP 123

HTTP 80 SNMP 161

POP 110

NNTP 119

HTTPS 443

Network Layer

The network layer provides a logical topology and layer-3 addresses. Routers function at the network layer. This layer is responsible for three main functions:

Defines logical addresses used at layer-3 Finds paths, based on the network numbers of logical addresses, to reach destination devices Connects different data link types together, such as Ethernet, FDDI, Serial, and Token Ring

IP packetWhere the transport layer uses segments to transfer information between machines, the Internet layer uses datagram's. Datagram is just another word for packet.

The IP protocol is mainly responsible for these functions:

Connectionless data delivery: best effort delivery with no data recovery capabilities

Hierarchical logical addressing to provide for highly scalable internetworks

IP addresses are broken into two components:

Network component Defines on what segment, in the network, a device is located Host component defines the specific device on a particular network segment

Two types of packets are used at the Network layer: data and route updates.

Data packetsUsed to transport user data through the internetwork. Protocols used to support data traffic are called routed protocols; examples of routed protocols are IP and IPv6.

Route update packetsUsed to update neighboring routers about the networks connected to all routers within the internetwork. Protocols that send route update packets are called routing protocols; examples of some common ones are RIP, RIPv2, EIGRP, and OSPF. Route update packets are used to help build and maintain routing tables on each router.

IP Classes

Class A addresses range from 1-126: 00000001-01111111. Class B addresses range from 128-191: 10000000-10111111. Class C addresses range from 192-223: 11000000-11011111. Class D addresses range from 224-239: 11100000-11101111. Class E addresses range from 240-254:

1. 0 is reserved and represents all IP addresses;2. 127 is a reserved address and is used for testing, like a loop back on an interface:3. 255 is a reserved address and is used for broadcasting purposes.

Public addresses are Class A, B, and C addresses that can be used to access devices in other public networks, such as the Internet. Public IP address assign authority The Internet Assigned Numbers Authority (IANA) is ultimately responsible for handing out and managing public addresses. Normally you get public addresses directly from your ISP, which, in turn, requests them from one of five upstream address registries:

American Registry for Internet Numbers (ARIN) Reseaux IP Europeans Network Coordination Center (RIPE NCC) Asia Pacific Registry for Internet Numbers (APNIC) Latin American and Caribbean Internet Address Registry (LACNIC) African Network Information Centre (AfriNIC)

Private IP and ISP

Private ip address can be used to configure private network. You can use private ip to build your network without paying a single rupees. But one biggest problem with private ip is that with

private you can not access the internet. This is the point where ISP comes from. ISP purchase a bulk of public ip address and provide them on rent. Whatever you pay to ISP for accessing internet is actually the charge of using public ip address.

Private ip address:- Not route able in public network

Class A: 10.0.0.0-10.255.255.255 (1 Class A network) Class B: 172.16.0.0-172.31.255.255 (16 Class B networks) Class C: 192.168.0.0-192.168.255.255 (256 Class C networks)

Protocol Description

IP IP of TCP/IP, featuring routable 32-bit addressing.

IPX The equivalent of IP in Novell Netware.

ICMP Internet Connection Management Protocol. Incorporates Ping and Traceroute, which are layer 3 link-testing utilities.

OSPF, IGRP, EIGRP, RIP, ISIS

Dynamic routing protocols that learn about remote networks and the best paths to them from other routers running the same protocol.

ARP, RARPAddress Resolution Protocol (and Reverse ARP). ARP learns what MAC address is associated with a given IP address. Reverse ARP learns an IP address given a MAC address.

Data link layer

Main functions of data link layer is

Defining the Media Access Control (MAC) or hardware addresses Defining the physical or hardware topology for connections Defining how the network layer protocol is encapsulated in the data link layer frame Providing both connectionless and connection-oriented services Defines hardware (MAC) addresses as well as the communication process that occurs within a

media. The first six hexadecimal digits of a MAC address form the OUI. MAC addresses only need to be unique in a broadcast domain, You can have the same MAC address in different broadcast domains (virtual LANs).

There are two specifications of Ethernet frame Ethernet II and 802

802.2 use a SAP or SNAP field to differentiate between encapsulatedlayer-3 payloads.

With a SNAP frame, the SAP fields are set to 0xAA and the type field is used to indicate the layer-3 protocol. One of the issues of the original SAP field in the 802.2 SAP frame is that even

though it is eight bits (one byte) in length, only the first six bits are used for identifying upper-layer protocols, which allows up to 64 protocols.

802.2 SNAP frame support of up to 65,536 protocols

Ethernet II's Version of Ethernet

Ethernet II does not have any sub layers, while IEEE 802.2/3 has two: LLC and MAC. Ethernet II has a type field instead of a length field (used in 802.3). IEEE 802.2 defines the type

for IEEE Ethernet

Physical Layer

The Physical layer communicates directly with the various types of actual communication media. Different kinds of media represent these bit values in different ways. Some use audio tones, while others utilize state transitions—changes in voltage from high to low and low to high. Specific protocols are needed for each type of media to explain the proper bit patterns to be used, how data is encoded into media signals, and the various qualities of the physical media’s attachment interface.

Fiber Cabling

Two types of fiber are used for connections: multimode and single-mode.

Multimode fiberhas a fiber thickness of either 850 or 1300 nanometers (nm), and the light signal is typically provided by an LED. When transmitting a signal, the light source is bounced off of the inner cladding (shielding) surrounding the fiber. Multimode fiber can achieve speeds in the hundreds of Mbps range, and many signals can be generated per fiber.

Single-mode fiberhas a fiber thickness of 1300 or 1550 nm and uses a laser as the light source. Because lasers provide a higher output than LEDs, single-mode fiber can span over 10 kilometers and have speeds up to 100Gbps. With single-mode fiber, only one signal is used per fiber.

Loss factor is used to describe any signal loss in the fiber before the light source gets to the end of the fiber.

Connector loss is a loss that occurs when a connector joins two pieces of fibers: a slight signal loss is expected.

Attenuation describe the signal loose due to distance Microbending is when a wrinkle in the fiber, typically where the cable is slightly bent, causes a

distortion in the light source. Macrobending is when there is leakage of the light source from the fiber, typically from a bend

in the fiber cable. to overcome this problem over long distances, optical amplifiers can be used.

Two main standards are used to describe the transmission of signals across a fiber:

SONET is defined by the Exchange Carriers Standards Association (ECSA) and American National Standards Institute (ANSI) and is typically used in North America.

SDH is an international standard used throughout most of the world (with the exception of North America). Both of these standards define the physical layer framing used to transmit light sources, which also includes overhead for the transmission.

Cisco's three-layer hierarchical model

Core Layer

The core provides a high-speed layer-2 switching infrastructure and typically does not manipulate packet contents.

Distribution Layer

The distribution layer provides a boundary between the access and core layers. It contains routers and switches. Routers are used to provide the logical boundary--broadcasts are contained within the access layer and Filtering policies can be implemented to restrict traffic flows.

Access Layer

The access layer provides the user's initial access to the network, which is typically via switches or hubs.

TCP/IP protocol

The TCP/IP protocol stack has four layers. Note that although some of the layers in the TCP/IP protocol stack have the same names as layers in the OSI reference model, the layers have different functions in each model, as is described in the following list:

Application layer:

The application layer handles high-level protocols, including issues of representation, encoding, and dialog control. The TCP/IP model combines all application-related issues into one layer and ensures that this data is properly packaged for the next layer.

Transport layer:

The transport layer deals with QoS issues of reliability, flow control, and error correction. One of its protocols, TCP, provides for reliable network communications.

Internet layer:

The purpose of the Internet layer is to send source datagrams from any network on the internetwork and have them arrive at the destination, regardless of the path they took to get there.

Network access layer:

The name of this layer is broad and somewhat confusing. It is also called the host-to-network layer. It includes the LAN and WAN protocols and all the details in the OSI physical and data link layers.

Benefits of subnetting

Reduced network traffic

One network will not access the data of other network without the use of router. Thus we can reduce the amount of data remain in one network. Less data less overhead, collision, or broadcast storm.

Optimized network performance

This is a result of reduced network traffic.

Simplified management

It's easier to identify and isolate network problems in a group of Smaller connected networks than within one gigantic network. Facilitated spanning of large geographical distances Because WAN links are significantly slower and more expensive than LAN links, a single large network that spans long distances can create problems in every area earlier listed. Connecting multiple smaller networks makes the system more efficient.

Powers of 2

Powers of 2 are important to understand and memorize for use with IP subnetting.

21 2 29 512

22 4 210 1024

23 8 211 2048

24 16 212 4096

25 32 213 8192

26 64 214 16384

27 128 215 32768

28 256 216 65536

Before we go further let’s get familiar with subnetting components

Subnet mask

A subnet mask is a 32-bit value that allows the receiver of IP packets to distinguish the network ID portion of the IP address from the host ID portion of the IP address. Every IP address is composed of a network component and a host component. The subnet mask has a single purpose: to identify which part of an IP address is the network component and which part is the host component. Subnet mask value 0 represent host ID while subnet mask value 1 to 255 represents Network ID in ip address.

Classless Inter-Domain Routing (CIDR)

This slash notation is sometimes called CIDR (Classless Inter-Domain Routing) notation. It’s basically the method that ISPs (Internet service providers) use to allocate a number of Addresses to a company, a home—a customer. The slash notation is simply the number of 1s in a row in the subnet mask. The real reason to use CIDR notation is simply that it is easier to say and especially to type.

Address Class and Default Mask

Subnetting happens when we extend the subnet mask past the default boundary for the address we are working with. So it's obvious that we first need to be sure of what the default mask is supposed to be for any given address. When faced with a subnetting question, the first thing to do is decide what class the address belongs to. And later decide what the default subnet mask is. One of the rules that Cisco devices follow is that a subnet mask must be a contiguous string of 1s followed by a contiguous string of 0s. There are no exceptions to this rule: A valid mask is always a string of 1s, followed by 0s to fill up the rest of the 32 bits. (There is no such rule in the real world, but we will stick to the Cisco rules here—it's a Cisco exam, after all.) Therefore, the only possible valid values in any given octet of a subnet mask are 0, 128, 192, 224, 240, 248, 252, 254, and 255. Any other value is invalid.

Block Size

The process of subnetting creates several smaller classless subnets out of one larger classful . The spacing between these subnets, or how many IP addresses apart they are, is called the Block Size.

Network ID and Broadcast ID

The first address in a network number is called the network address, or wire number. This address is used to uniquely identify one segment or broadcast domain from all the other segments in the network.

The Broadcast IDThe last address in the network number is called the directed broadcast address and is used to represent all hosts on this network segment. it is the common address of all hosts on that Network ID. This should not be confused with a full IP broadcast to the address of 255.255.255.255, which hits every IP host that can hear it; the Broadcast ID hits only hosts on a common subnet. A directed broadcast is similar to a local broadcast.The main difference is that routers will not propagate local broadcasts between segments, but they will, by default, propagate directed broadcasts.

Host Addresses

Any address between the network address and the directed broadcast address is called a host address for the segment. You assign these middle addresses to host devices on the segment, such as PCs, servers, routers, and switches.

Method of Subnetting

There is several method of subnetting. Different author different approach to calculate the subnets. You should choose the method you can understand and perform subnetting easily. Whatever approach you choose need conversion of decimal to binary. Cram up this chart

27 26 25 24 23 22 21 20

128 64 32 16 8 4 2 1

To convert a decimal number into binary, you must turn on the bits (make them a 1) that would add up to that number, as follows:

187 = 10111011 = 128+32+16+8+2+1224 = 11100000 = 128+64+32To convert a binary number into decimal, you must add the bits that have been turned on (the 1s), as follows:

10101010 = 128+32+8+2 = 17011110000 = 128+64+32+16 = 240The IP address 138.101.114.250 is represented in binary as

10001010.01100101.01110010.11111010The subnet mask of 255.255.255.224 is represented in binary as

11111111.11111111.11111111.11100000

Practical approach of subnetting

When faced with a subnetting question, the first thing to do is decide what class the address belongs to. for examples:

192.168.1.1The first octet is between 192 and 223 so it is a Class C address

Default mask for Class C: is 255.255.255.0

In exam default subnet mask is not subnetted. Now write down the given ip address as shown here. Write down the default side of IP as it is and reset of part where actual subnetting will perform in binary

192.168. 1 .00000001255.255.255.00000000(defaul maks)

Step 1:- calculate the CIDR valueCIDR are the on bit in subnet mask. As you can see in our example we have on bit only in default side.

255.255.255.00000000So our CIDR value is 24 + 0 = 24

Step 2:- calculate the Subnet maskTo calculate the subnet mask use the binary to decimal chart given above. Add the decimal place value of on network bit.

<==H bit 255.255.255.00000000 N bit==>In our example we are using on default mask so our subnet mask will be 255.255.255.0

Step 3:- calculate the Total HostTo calculate the total host count the H bit and use this formula

Total host = 2H <==H bit255.255.255.00000000Total host = 28 = 256

Step 4:- calculate the Valid HostSubtract 2 from Total host Every network or subnet has two reserved addresses that cannot be assigned to a host. These addresses are called the Network ID and the Broadcast ID, respectively. They are the first and last IPs in any network or subnet. We lose those two IP addresses from the group of values that could be assigned to hosts.

Total host - 2 256 -2 = 254

Step 5:- calculate the NetworkTo calculate the Network count the N bit and use this formula

Network = 20 255.255.255.00000000 N bit==>Network = 20 = 1

Step 6:- Find out the block Size Finding block size is very easy just subtract the subnet mask from 256

256 – Subnet mask (only the last octal, don’t include the default subnet mask)256 - 0 = 256

Step 7:- Write down the subnet chart

Network 1

CIDR Value /24 IP Sunetmask

Net ID 192.168.1.0 255.255.255.0

First Valid Host 192.168.1.1 255.255.255.0

Last Valid Host 192.168.1.254 255.255.255.0

Broadcast ID 192.168.1.255 255.255.255.0

Subnetting of CIDR /25

Now do the subnetting of CIDR /25 using same method

Step 1:- calculate the CIDR value CIDR = sum of all on bit in subnet mask

255.255.255.10000000So our CIDR value is 24 + 1 = 25

Step 2:- calculate the Subnet maskAdd the decimal place value of on network bit.

<==H bit 255.255.255.10000000 N bit==>In our example we have one on bit and as you can see in decimal chart the place value of 1000000 is 128 so our subnet mask will be 255.255.255.128

Step 3:- calculate the Total Host

Total host = 2H <==H bit255.255.255.10000000Total host = 27 = 128

Step 4:- calculate the Valid HostSubtract 2 from Total host

Total host - 2 128 -2 = 126

Step 5:- calculate the NetworkTo calculate the Network count the N bit and use this formula

Network = 21 255.255.255.10000000 N bit==>Network = 21 = 2

Step 6:- Find out the block Size

256 – Subnet mask (only the last octal, don’t include the default subnet mask)256 - 128 = 128

With help of block size you can easy find out the network ID and broadcast ID of all possible networks as we have 8 bits in one octal those can give maximum of 28 = 256 decimal number

We start from 0 so it will end up on 255 (Do not get confuse because we are counting from 0 not from 1 so the last digit will be 255 not 256. It will 256 only when you count from 1 ). All subnetting will perform between these two numbers.

Create a table of x Columns where x is the number of your network

First ip of first network will always be 0 and last ip of last network will be 255 fill its in chart Now you have network ID of first network and broadcast ID of last network.

Now add block size in the first ip of first network to get the network ID of second network and so on till we get the network id of last network

First network ID 0Second Network ID 0 +128 = 128Fill this in Chart.

As you can see from 128 next network is started so the last IP of first network will be 127 fill it in chart. With this method you can fill the last ip of all networks.

Now you have first ip ( network ID ) of all networks and the last ip (Broadcast ID) of all networks. At this point you can easily fill the valid ip in each network. As valid hosts are all ip address those fall between network ip and host ip.

Step 7:- Write down the subnet chart

CIDR /25 Network 1 Network 2

Net ID 192.168.1.0 192.168.1.128

First Valid Host 192.168.1.1 192.168.1.129

Last Valid Host 192.168.1.126 192.168.1.254

Broadcast ID 192.168.1.127 192.168.1.255

Binary ANDing

Binary ANDing is the process of performing multiplication to two binary numbers. In the decimal numbering system, ANDing is addition: 2 and 3 equals 5. In decimal, there are an countless number of answers when ANDing two numbers together. However, in the binary numbering system, the AND function give up only two possible outcomes, based on four different combinations. These answers, can be displayed as a truth table:

0 and 0 = 01 and 0 = 00 and 1 = 01 and 1 = 1You use ANDing most often when comparing an IP address to its subnet mask. The end result of ANDing these two numbers together is to give up the network number of that address.

Example Question

What is the network number of the IP address 192.168.100.115 if it has a subnet mask of 255.255.255.240?

AnswerStep 1 Convert both the IP address and the subnet mask to binary:

192.168.100.115 = 11000000.10101000.01100100.01110011255.255.255.240 = 11111111.11111111.11111111.11110000Step 2 Perform the AND operation to each pair of bits—1 bit from the address ANDed to the corresponding bit in the subnet mask. Refer to the truth table for the possible outcomes:

192.168.100.115 = 11000000.10101000.01100100.01110011255.255.255.240 = 11111111.11111111.11111111.11110000ANDed result = 11000000.10101000.01100100.01110000Step 3 Convert the answer back into decimal:

11000000.10101000.01100100.01110000 = 192.168.100.112The IP address 192.168.100.115 belongs to the 192.168.100.112 network when a mask of 255.255.255.240 is used.

My easy method

Conversion of decimal to binary and vice versa to get network ID is too time consuming process in exam. So I found this easy method.

Step 1:- Decide from which class this IP belongs and what's its default subnet maskAs given IP have 192 in its first octal so it’s a class C IP. And default subnet mask of class C is 255.255.255.0

Step2:- Find out the block size. ( As we describe above)

256 -240 = 16

Step3:- Write down all possible network using block size till we do not get our host partition in middle of two network

0,16,32,48,64,80,96,112,128,

As our host number is 115 which fall in the network of 112 so our network ID is

192.168.1.112,

And our host's broad cast ID is 192.168.1.127 as from 128 onward next network will start. Easy as I promise

IP Subnet Practice tools

Click the [New Problem] button to start

Given the IP address . . . /

Enter the information in the IP address field below.  [Check] if your answer is right or [Show] the answer

IP address Check/Show Answer OK

Network . . . . . .

First Host . . . . . .

Last Host . . . . . .

Broadcast . . . . . .

Check or Show ALL

Variable length subnet mask

Neither RIPv1 nor IGRP routing protocols have a field for subnet information, so the subnet information gets dropped. What this means is that if a router running RIP has a subnet mask of a certain value, it assumes that all interfaces within the classful address space have the same subnet mask. This is called classful routing, and RIP and IGRP are both considered classful routing protocols.

Classless routing protocols, however, do support the advertisement of subnet information. Therefore, you can use VLSM with routing protocols such as RIPv2, EIGRP, and OSPF. The benefit of this type of network is that you save a bunch of IP address space with it.

VLSM enables you to have more than one mask for a given class of address, albeit a class A, B, or C network number.VLSM, originally defined in RFC 1812, allows you to apply different subnet masks to the same class address space Classful protocols, such as RIPv1 and IGRP, do not support VLSM. To deploy VLSM requires a routing protocol that is classless—BGP, EIGRP, IS-IS, OSPF, or RIPv2, for instance.

VLSM provides Two major advantages:

more efficient use of addressing Ability to perform route summarization

when you perform classful subnetting, all subnets have the same number of hosts because they all use the same subnet mask. This leads to inefficiencies. For example, if you borrow 4 bits on a Class C network, you end up with 14 valid subnets of 14 valid hosts. A serial link to another router only needs 2 hosts, but with classical subnetting, you end up wasting 12 of those hosts. Even with the ability to use NAT and private addresses, where you should never run out of addresses in a network design, you still want to ensure that the IP plan that you create is as efficient as possible.

An efficient addressing scheme using VLSM.

1. Find the largest segment in the area—the segment with the largest number of devices connected to it.

2. Find the appropriate subnet mask for the largest network segment.3. Write down your subnet numbers to fit your subnet mask.4. For your smaller segments, take one of these newly created subnets

and apply a different, more appropriate, subnet mask to it.5. Write down your newly subnetted subnets.6. For even smaller segments, go back to step 4.

Route Summarization

Route summarization is the ability to take a bunch of contiguous network numbers in your routing table and advertise these contiguous routes as a single summarized route.

Route summarization, or supernetting, is needed to reduce the number of routes that a router advertises to its neighbor. Remember that for every route you advertise, the size of your update grows. It has been said that if there were no route summarization, the Internet backbone would have warped from the total size of its own routing tables back in 1997.

Routing updates, whether done with a distance vector or link-state protocol, grow with the number of routes you need to advertise. In simple terms, a router that needs to advertise ten routes needs ten specific lines in its update packet. The more routes you have to advertise, the bigger the packet. The bigger the packet, the more bandwidth the update takes, reducing the bandwidth available to transfer data. But with route summarization, you can advertise many

routes with only one line in an update packet. This reduces the size of the update, allowing you more bandwidth for data transfer.

Summarization allows you to create a more efficient routing environment by providing the following advantages:

It reduces the size of routing tables, requiring less memory and processing. It reduces the size of updates, requiring less bandwidth. It contains network problems

Example of VLSM

Above image shows several branch offices using subnetted Class C (/26) addresses that provide each branch with 62 possible host IPs. The branches are connected to the central office via point-to-point WAN links. The ideal mask to use for such a link is /30 because it provides only 2 hosts, one for each end of the link. The problem arises when the routing protocols are configured: Prior to VLSM, the /30 networks could not be used because the /26 networks existed in the same system and the classful routing protocols could only advertise one mask per class of address. All networks, including the little /30 links, had to use the same mask of /26. This wastes 60 IP addresses on each WAN link.

With the implementation of VLSM-capable routing protocols, we can deploy a /30 mask on the point-to-point links, and the routing protocols can advertise them as /30s along with the /26s in the branches because the subnet mask for each network is included in the routing updates.

VLSM has allowed us to make the point-to-point link networks the ideal size (two hosts on each) using /30 masks. This has allowed us to use a single subnetted Class C network for all the addressing requirements in this scenario—and as you'll see, it makes a perfect opportunity to summarize these routes. This is what is meant by "more efficient addressing"— in other words, making networks the right size without depleting the limited address space or limiting future growth.

Classless Interdomain Routing

Classless Interdomain Routing (CIDR), specified in RFC 2050, is an extension to VLSM and route summarization. With VLSM, you can summarize subnets back to the Class A, B, or C network boundary. For example, if you have a Class C network 192.168.1.0/24 and subnet it with a 26-bit mask, you have created four subnets. Using VLSM and summarization, you can summarize these four subnets back to 192.168.1.0/24.

CIDR takes this one step further and allows you to summarize a block of contiguous class A, B, and C network numbers. This practice is commonly referred to as supernetting. Today’s classless protocols support supernetting. However, it is most commonly configured by ISPs on the Internet using BGP.

Discontiguous subnets are not supported by classful protocols but are supported by classless protocols. Classful protocols do not include the subnet mask when advertising network and subnet numbers. When implementing route summarization, another thing you’ll need to

consider is that routing decisions, by a router, must be made on the entire destination IP address in the IP packet header. The router always uses the longest matching prefix in the routing table.

CIDR allows you to summarize class networks together; VLSM allows you to summarize subnets only back to the class network boundaryEach segment has a single network number and mask. VLSM allows a class address, not a network segment, to have more than one subnet mask.

How to connect with Cisco devices in windows

In this lab scenario I will demonstrate that how can you connect with a Cisco router. To connect physical Cisco device you need a console cable. Attach cable to com port on computer and other end to console port of Cisco devices.

Console Port

When you first obtain a new Cisco device, it won't be configured. That is to say, it will not do any of the customized functions you might need; it does not have any IP addresses, and it is generally not going to do what you paid for. Routers need basic configuration to function on a network. The console port is used for local management connections. This means that you must be able to physically reach the console port with a cable that is typically about six feet long. The console port looks exactly like an Ethernet port.

Once you have proper console cable follow this path

Now on computer click on stat button ==> program = = > accessories == > communications == > hyper terminal == > location information == > cancel == > Confirm cancel == > yes == > hyper terminal == > OK Connection Descriptions == > Vinita == > OK == > location information == > confirm cancel == > yes == > hyper terminal == > connect to == > OK == > Port Settings == > Do setting as Given Below and press OK.

If you still have problem in configuring hyper terminal or you do not have hyper terminal options in accessories you can use this tiny software. With this software you connect with any devices that support Telnet, SSH, Rlogin, console connections. This is ready to use software. Download it and execute it. Select Serial sub key from Session main key and rest it will do automatically.

Download Putty

How to connect with router in Boson Simulator

If you use Boson simulator for CCNA practical then select erouter from tools menu and select router from available list. ( Device only be available when any topology will be loaded in simulator. Use Boson Network designer to create topology.)

How to connect with router in packet tracer

First create a desire topology by dragging devices to workspace. Once you have created topology configurations in packet tracer is straight forward. To Configure any device double click on it and select CLI.

Device A Cable Device B

Router's serial portCisco serial DCE/DTE cables

Router's serial port

Router's Ethernet port Crossover Router's Ethernet port

Router's Ethernet port Straight-through Switch port

Router's Ethernet port Crossover Computer NIC

Console of router/switch Rollover Computer COM port

Switch port Crossover Switch port

Computer NIC Crossover Computer NIC

Computer NIC Straight-through Switch port

Advantages of the IOS:-Internetwork operating system include:

Connectivity

The IOS supports a variety of data link layer technologies for the LAN and WAN environments, including copper and fiber wiring as well as wireless.

Scalability

The IOS supports both fixed and modular chassis platforms, enabling you to purchase the appropriate hardware for your needs, yet still allowing you to leverage the same IOS CLI to reduce your management costs.

Reliability

To ensure that your critical resources are always reachable, Cisco has developed many products and IOS features to provide network redundancy.

Security

With the IOS, you can strictly control access to your network and networking devices in accordance with your internal security policies.

Naming Conventions for IOS Images

c1841-advipservicesk9-mz.124-6.T7.bin ( this name is used to expalation)

c1841The c1841 refers to the name of the platform on which the image will run. This is important because different router models have different processors, and an image compiled for one processor or router model will typically not run on a different model.

advipservicesk9The advipservicesk9 refers to the features included in this IOS version, commonly referred to as the feature set. In this example, the IOS is the advanced IP services and the k9 refers to the inclusion of encryption support.

mz or zThe mz or z means that the image is compressed and must be uncompressed before loading/running. If you see l (the letter l, not the number 1) here, this indicates where the IOS image is run from. The l indicates a relocatable image and that the image can be run from RAM. Remember that some images can run directly from flash, depending on the router model.

124-6.T7 The 124-6.T7 indicates the software version number of the IOS. In this instance, the version is 12.4(6)T7. Images names with T indicate new features, and without the T the mainline (only bug fixes are made to it).

.binThe .bin at the end indicates that this is a binary image.

An IOS filename is broken down into four parts:

Platform Feature set Run location and compression Version

Memory Locations

Code Location

F Image runs in flash

M Image runs in Random Access Memory (RAM)

R Image runs in Read Only Memory (ROM)

L Image will be relocated at runtime

Compression Identifiers

Code Compression

Z Image is Zip compressed

X Image is Mzip compressed

W Image is Stac compressed

Connections

Cisco's networking products support two types of external connections:ports (referred to as lines) and interfaces.

Out-of-band management (which you do by console ports) does not affect the bandwidth flowing through your network, while in-band management(which is doen by interface) does

Console Port

Almost every Cisco product has a console port. This port is used to establish an out of- band connection in order to access the CLI to manage your Cisco device. Most console connections to Cisco devices require an RJ-45 rollover cable and an RJ-45-to-DB9 terminal adapter. The rollover cable pins are reversed on the two sides.

Com port setting

Speed 9600 bps

Data bits 8

Stop bits 1

Parity & Flow Control None

Cabling Devices

A straight-through cable is used for DTE-to-DCE connections.

A hub to a router, PC, or file server A switch to a router, PC, or file server

Crossover cables should by used when you connect a DTE to another DTE or a DCE to another DCE.

A hub to another hub A switch to another switch A hub to a switch A PC, router, or file server to another PC, router, or file server

Interface of Router

Console

The console port is used for local management connections. This means that you must be able to physically reach the console port with a cable. The console port looks exactly like an Ethernet port. It uses the same connector, but it has different wiring and is often identified with a light blue label "CONSOLE."

Aux Port

The AUX port is really just another console port that is intended for use with a modem, so you can remotely connect and administer the device by phoning it. However using aux port for configuration create some security issues, so make sure that you get advice on addressing those

before setting this up.

Ethernet Port

An Ethernet port (which might be a FastEthernet or even a GigabitEthernet port, depending on your router model) is intended to connect to the LAN. Some routers have more than one Ethernet or FastEthernet port; it really depends on what you need and of course what you purchase. The Ethernet port usually connects to the LAN switch with a straight-through cable.

Serial Port

A Cisco serial port is a proprietary design, a 60-pin D-sub. This connector can be configured for almost any kind of serial communication. You need a cable that has the Cisco connector on one end and the appropriate type of connector for the service you want to connect to on the other.

Other Connections

Your router may have some other port like T1 controller for wan services. Or you could have bri and pri port. But none of these ports are tested in CCNA exam so you need to concern about these ports.

Switch Interface Nomenclature

The Catalyst 2950 and 2960 switches support only fixed interfaces, while some of Cisco’s higher end switches, such as the 6500s, support modular slots with interface cards.

The nomenclature of an interface is type slot_#/port_#. The type of interface is the media type, such as ethernet, fastethernet, or gigabit.

Following this is the slot number. For all fixed interfaces on a Cisco switch, the slot number is always 0.

The port number is the number of the port in the specified slot.Unlike Cisco router ports, switch port numbers start at 1 and work their way up. For instance, on a 2960, the very first port is fastethernet 0/1, the second port is fastethernet 0/2, and so on. Some 2960 switches support Gigabit Ethernet interfaces, so the nomenclature for the interface would look like this:gigabitethernet 0/1.

Router Interface Nomenclature

When referring to fixed interfaces, the interface numbers always begin with 0 (not 1, like the switches) and work their way up within a particular interface type.For routers that have only fixed interfaces, the interface nomenclature is type port_#.

For example, if a router has two fixed Ethernet interfaces and two fixed serial interfaces, they would be called ethernet 0 and ethernet 1 and serial 0 and serial 1. The port numbers begin at 0 within each interface type. Through use of an interface type and a number, each of the interfaces can be uniquely identified.

However, if a router has modular slots, where you can insert interface cards into these slots, the interface nomenclature is like the Catalyst switches: type slot_#/ port_#. Each slot has a unique slot number beginning with 0, and within each slot, the ports begin at 0 and work their way up.

For example, if you had a modular router with two slots, the first slot would be 0 and the second 1. If the first slot had four Ethernet interfaces, the interface numbers would be 0– 3 and if the second slot had two Ethernet interfaces, the interface numbers would be 0 and 1.

Here’s an example of a four-port serial module in the third slot of a 3640 router: serial 2/0, serial 2/1, serial 2/2, and serial 2/3. Here are some examples of routers with modular interfaces: 2600, 3600, 3700, 7000, 7200, and 7500. The exception to this is the 1600 and 1700 routers; even though they are modular, you don’t configure any slot number when specifying a particular interface

Cisco devices hardware component and booting process

ROM

ROM contains the necessary firmware to boot up your router and typically has the following four components:

POST (power-on self-test) Performs tests on the router's hardware components.

Bootstrap program Brings the router up and determines how the IOS image and configuration files will be found and loaded.

ROM Monitor (ROMMON mode) A mini–operating system that allows you to perform low-level testing and troubleshooting, the password recovery procedure,

Mini-IOS A stripped-down version of the IOS that contains only IP code. This should be used in emergency situations where the IOS image in flash can't be found and you want to boot up your router and load in another IOS image. This stripped-down IOS is referred to as RXBOOT mode.

RAM

RAM is like the memory in your PC. On a router, it (in most cases) contains the running IOS image; the active configuration file; any tables (including routing, ARP, CDP neighbor, and other tables); and internal buffers for temporarily storing information, such as interface input and output buffers. The IOS is responsible for managing memory. When you turn off your router, everything in RAM is erased.

Flash

Flash is a form of nonvolatile memory in that when you turn the router off, the information stored in flash is not lost. Routers store their IOS image in flash, but other information can also be stored here. Note that some lower-end Cisco routers actually run the IOS directly from flash (not RAM). Flash is slower than RAM, a fact that can create performance issues.

NVRAM

NVRAM is like flash in that its contents are not erased when you turn off your router. It is slightly different, though, in that it uses a battery to maintain the information when the Cisco device is turned off. Routers use NVRAM to store their configuration files. In newer versions of the IOS, you can store more than one configuration file here.

Router Boot up Process

A router typically goes through five steps when booting up:

The router loads and runs POST (located in ROM), testing its hardware components, including memory and interfaces.

The bootstrap program is loaded and executed. The bootstrap program finds and loads an IOS image: Possible

locations: - flash, a TFTP server, or the Mini-IOS in ROM. Once the IOS is loaded, the IOS attempts to find and load a

configuration file, stored in NVRAM After the configuration is loaded, you are presented with the CLI

interface. you are placed into is User EXEC mode.

Setup Mode

Cisco devices include a feature called Setup mode to help you make a basic initial configuration. Setup mode will run only if there is no configuration file in NVRAM—either because the router is brand-new, or because it has been erased. Setup mode will ask you a series of questions and apply the configuration to the device based on your answers. You can abort Setup mode by typing CTRL+C or by saying "no" either when asked if you want to enter the initial configuration dialog or when asked if you want to save the configuration at the end of the question.

Configuration register

The configuration register is a special register in the router that determines many of its boot up and running options, including how the router finds the IOS image and its configuration file. The configuration register is a four-character hexadecimal value that can be changed to manipulate how the router behaves at bootup. The default value is 0x2102. The characters "0x" indicate that the characters that follow are in hexadecimal. This makes it clear whether the value is "two thousand one hundred and two" or, as in this case, "two one zero two hexadecimal". The fourth character in the configuration register is known as the boot field. Changing the value for this character will have the following effects:

0x2100 = Always boot to ROMMON. 0x2101 = Always boot to RXBOOT. 0x2102 through 0x210F = Load the first valid IOS in flash; values of 2

through F for the fourth character specify other IOS image files in flash.

The third character in the configuration register can modify how the router loads the configuration file. The setting of 0x2142 causes the router to ignore the startup-config file in NVRAM (which is where the password is stored) and proceed without a configuration—as if the router were brand new or had its configuration erased.

How to reset Router password

The Password Recovery process is simple and takes less than five minutes depending on how fast your router boots

1. Connect to the console port, start your terminal application, and power cycle the router. When you see the boot process beginning, hit the Break sequence. (This is usually Ctrl+Page Break, but it might differ for different terminal applications.) Doing this interrupts the boot process and drops the router into ROMMON.

2. At the ROMMON prompt, enter the command confreg 0x2142 to set the configuration register to 0x2142.

3. Restart the router by power cycling it or by issuing the command reset.4. When the router reloads, the configuration register setting of 0x2142

instructs the router to ignore the startup-config file in NVRAM. You will be asked if you want to go through Setup mode because the router thinks it has no startup-configuration file. Exit from Setup mode.

5. Press Return and enable command enable to go into privileged EXEC command mode. No password is required because the startup config file was not loaded.

6. Load the configuration manually by entering copy startup-config running-config.

7. Go into the Global Configuration mode using the command configure terminal and change the password with the command enable password password or enable secret password.

8. Save the new password by entering copy running-config startup-config.9. Go to the global config prompt, and change the configuration register back to

the default setting with the command config-register 0x2102. Exit back to the privileged exec prompt.

10. Reboot the router using the reload command. You will be asked to save your changes; you can do so if you have made additional configuration changes.

Reset password on 1841System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1)Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory.Self decompressing the image :################monitor: command "boot" aborted due to user interruptrommon 1 > confreg 0x2142rommon 2 > resetSystem Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1)Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory.Self decompressing the image :############################################################### [OK]

Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2007 by Cisco Systems, Inc.Compiled Wed 18-Jul-07 04:52 by pt_teamImage text-base: 0x60080608, data-base: 0x6270CD50

Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory.Processor board ID FTX0947Z18EM860 processor: part number 0, mask 492 FastEthernet/IEEE 802.3 interface(s)191K bytes of NVRAM.31360K bytes of ATA CompactFlash (Read/Write)Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (fc2)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2007 by Cisco Systems, Inc.Compiled Wed 18-Jul-07 04:52 by pt_team

--- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]: no

Press RETURN to get started!Router>enableRouter#copy startup-config running-configDestination filename [running-config]?428 bytes copied in 0.416 secs (1028 bytes/sec)Router#configure terminalEnter configuration commands, one per line. End with CNTL/Z.Router(config)#enable password vinitaRouter(config)#enable secret vinitaRouter(config)#config-register 0x2102Router(config)#exitRouter#copy running-config startup-config

Destination filename [startup-config]?Building configuration...[OK]Router#reloadProceed with reload? [confirm]

Packet Tracer

Packet tracer is tiny software developed by Cisco System. With packet tracer you can do entire practical of CCNA. Beside packet tracer there are lot of simulator software are available on internet. But most of them will cost you around 150$. In this article from our free CCNA study guide series we will guide you that how can you install packet tracer.

Packet Tracer offers a broad range of opportunities for instructors to demonstrate networking concepts. Although Packet Tracer is not a substitute for real equipment, it allows students to practice using a model of the Cisco Internet work Operating System (IOS) command line interface and provides visual, drag-and-drop problem solving using virtual networking devices. This hands-on capability is a fundamental component of learning how to config¬ure routers and switches from the command line. Students can see how to configure and connect networking hardware while confirming systems design. Instructors can create their own self-evaluated activities that present immediate feedback to students on their proficiency in completing assignments.

Packet tracer Step by Step guide

Download packet tracer from any of these location Packet Tracer from Uploading Or Packet Tracer from Deposit file Or Packet Tracer from Hot file

Do right click and select extract here.

Double click on setup file to invoke installation

On welcome screen press next

On license agreement screen select I accept and click next

Now select destination path where you want install it

On select start menu screen press next

On select additional task screen click next

Press next on ready to install screen

Now packet tracer will copy necessary file on hard disk

Click on finish to complete packet tracer setup

Cisco IOS Mode User Privilege Configurations

CLI Access Modes

Each Cisco device on CLI interface supports three access modes

User EXECProvides basic access to the IOS with limited command availability (basically simple monitoring and troubleshooting commands)

Privilege EXECProvides high-level management access to the IOS, including all commands available at User EXEC mode

ConfigurationAllows configuration changes to be made to the device

User EXEC Mode

Your initial access to the CLI is via the User EXEC mode, which has only a limited number of IOS commands you can execute. Depending on the Cisco device’s configuration, you might be prompted for a password to access this mode.

This mode is typically used for basic troubleshooting of networking problems. You can tell that you are in User EXEC mode by examining the prompt on the left side of the screen:

Router>

If you see a > character at the end of the information, you know that you are in User EXEC mode. The information preceding the > is the name of the Cisco device.

For instance, the default name of all Cisco routers is Router, whereas the 2960 switch’s User EXEC prompt looks like this: Switch>. These device names can be changed with the hostname command.

Privilege EXEC Mode

Once you have gained access to User EXEC mode, you can use the enable command to access Privilege EXEC mode:

Router> enableRouter#

Once you enter the enable command, if a Privilege EXEC password has been configured on the Cisco device, you will be prompted for it. Upon successfully authenticating, you will be in Privilege EXEC mode. You can tell that you are in this mode by examining the CLI prompt. In the preceding code example, notice that the > changed to a #.

When you are in Privilege EXEC mode, you have access to all of the User EXEC commands as well as many more advanced management and troubleshooting commands. These commands include extended ping and trace abilities, managing configuration files and IOS images, and

detailed troubleshooting using debug commands. About the only thing that you can’t do from this mode is change the configuration of the Cisco device—this can be done only from Configuration mode. If you wish to return to User EXEC mode from Privilege EXEC mode, use the exit command:

Router# exitRouter>

Again, by examining the prompt, you can tell that you are now in User EXEC mode.

Configuration Modes of Cisco IOS Software

From privileged EXEC mode, you can enter global configuration mode using the configure terminal command.From global configuration mode, you can access specific configuration modes, which include, but are not limited to, the following:

Interface:Supports commands that configure operations on a per-interface basis

Subinterface:Supports commands that configure multiple virtual interfaces on a single physical interface

Controller: Supports commands that configure controllers (for example, E1 and T1 controllers)

Line:Supports commands that configure the operation of a terminal line (for example, the console or the vty ports)

Router:Supports commands that configure an IP routing protocol

If you enter the exit command, the router backs out one level, eventually logging out. In general, you enter the exit command from one of the specific configuration modes to return to global configuration mode. Press Ctrl+Z or enter end to leave configuration mode completely and return to the privileged EXEC mode.

Commands that affect the entire device are called global commands.The hostname and enable password commands are examples of global commands.

Commands that point to or indicate a process or interface that will be configured are called major commands. When entered, major commands cause the CLI to enter a specific configuration mode.

Major commands have no effect unless you immediately enter a subcommand that supplies the configuration entry. For example, the major command interface serial 0 has no effect unless you follow it with a subcommand that tells what is to be done to that interface.

Router Modes

Router> User mode

Router# Privileged mode (also known as EXEC-level mode)

Router(config)# Global configuration mode

Router(config-if)# Interface mode

Router(config-subif)# Subinterface mode

Router(config-line)# Line mode

Router(config-router)# Router configuration mode

Help Facilities of the Cisco IOS

Cisco IOS Software uses several command-line input help facilities, among these context-sensitive help is the most powerful feature of cisco ios.

Context-Sensitive Help

One of the more powerful features of the IOS is context-sensitive help. Context sensitive help is supported at all modes within the IOS, including User EXEC, Privilege EXEC, and Configuration modes. You can use this feature in a variety of ways. If you are not sure what command you need to execute, at the prompt, type either help or ?. The Cisco device then displays a list of commands that can be executed at the level in which you are currently located, along with a brief description of each command. Here is an example from a router’s CLI at User EXEC mode:

Router>?Exec commands: <1-99> Session number to resume connect Open a terminal connection disconnect Disconnect an existing network connection enable Turn on privileged commands exit Exit from the EXEC ipv6 ipv6 logout Exit from the EXEC ping Send echo messages resume Resume an active network connection show Show running system information ssh Open a secure shell client connection telnet Open a telnet connection

terminal Set terminal line parameters traceroute Trace route to destinationRouter>

If you see -- More -- at the bottom of the screen, this indicates that more help information is available than can fit on the current screen. On a Cisco device,if you press the SPACEBAR, the IOS pages down to the next screen of help information; if you press the ENTER key, help scrolls down one line at a time Any other keystroke breaks out of the help text.

For more detailed help, you can follow a command or parameter with a space and a ?. This causes the CLI to list the available options or parameters that are included for the command. For instance, you could type copy followed by a space and a ? to see all of the parameters available for the copy command:

Router#copy ? running-config Copy from current system configuration startup-config Copy from startup configuration tftp: Copy from tftp: file systemRouter#copy

In this example, you can see at least the first parameter necessary after the copy command. Please note that additional parameters may appear after the first one, depending on the next parameter that you enter.

If you’re not sure how to spell a command, you can enter the first few characters and immediately follow these characters with a ?. Typing e?, for instance, lists all the commands that begin with e at the current mode:

Router# e?enable erase exitRouter# e

This example shows that three commands begin with the letter e in Privilege EXEC mode.

Console Error Messages

error messages: Identifies problems with any Cisco IOS commands that are incorrectly entered so that you can alter or correct them.

Error:-% Invalid input detected at '^' marker.

Errors certainly creep up when you enter commands. Whenever you mistype a command, the IOS tells you that it has encountered a problem with the previously executed command. For instance, this message indicates a CLI input error:

Router#copy running-config stertup-config ^

% Invalid input detected at '^' marker.

Router#

As you can see in this example that we have typed stert on the place of startup.

You should examine the line between the command that you typed in and the error message. Somewhere in this line, you'll see a ^ character. This is used by the IOS to indicate that an error exists in the command line at that spot.

Error:-% Incomplete command.

This error indicates that you have not entered all the necessary parameters for the command. The syntax of the command is correct, but more parameters are necessary.

Router#copy running-config% Incomplete command.Router#copy running-config ? startup-config Copy to startup configuration tftp: Copy to current system configurationRouter#copy running-config startup-configDestination filename [startup-config]?Building configuration...[OK]Router#In this case, you can use the context-sensitive help feature to help you figure out what parameter or parameters you forgot.

Error:-% Ambiguous command: "show i"

You will see this error message if you do not type in enough characters to make a command or parameter unique.

Router#show i% Ambiguous command: "show i"Router#show i?interfaces ip ipv6Router#show i

In this example, apparently, more than one parameter for the show command begins with the letter i. As shown above you can use context-sensitive help to figure out what parameter to use.

% Unknown command or computer name, or unable to find computer address

If you enter a command that the IOS does not understand, you'll see this error message. If you see this, use the context-sensitive help to figure out the correct command to enter.

Cisco Discovery Protocol CDP

Cisco Discovery Protocol (CDP) is a proprietary protocol designed by Cisco to help administrators collect information about both locally attached and remote devices. By using CDP, you can gather hardware and protocol information about neighbor devices, which is useful info for troubleshooting the network.

CDP messages are generated every 60 seconds as multicast messages on each of its active interfaces. The information shared in a CDP packet about a Cisco device includes the following:

Name of the device configured with the hostname command IOS software version Hardware capabilities, such as routing, switching, and/or bridging Hardware platform, such as 2600, 2950, or 1900 The layer-3 address(es) of the device The interface the CDP update was generated on

CDP allows devices to share basic configuration information without even configuring any protocol specific information and is enabled by default on all interfaces. CDP is a Datalink Protocol occurring at Layer 2 of the OSI model. CDP is not routable and can only go over to directly connected devices.

CDP is enabled, by default, on all Cisco devices. CDP updates are generated as multicasts every 60 seconds with a hold-down period of 180 seconds for a missing neighbor. The no cdp run command globally disables CDP, while the no cdp enable command disables CDP on an interface. Use show cdp neighbors to list out your directly connected Cisco neighboring devices. Adding the detail parameter will display the layer-3 addressing configured on the neighbor.

How could CDP help you?

Manoj has just been hired as a senior network consultant at a large bank in Lucknow, Uttar Pradesh. He is expected to be able to take care of any problem that comes up. No problem at all here—he only has to worry about people possibly not getting the right money transaction if the network goes down. Manoj starts his job happily.

Soon, of course, the network has some problems. He asks one of the junior administrators for a network map so he can troubleshoot the network. This person tells him that the old senior administrator (who just got fired) had them with him and now no one can find them. Cashiers are calling every couple of minutes because they can’t get the necessary information they need to take care of their customers. What should he do?

CDP to the rescue! Thank God this bank has all Cisco routers and switches and that CDP is enabled by default on all Cisco devices. Also, luckily, the dissatisfied administrator who just got fired didn't turn off CDP on any devices before he left. All Manoj has to do now is to use the show cdp neighbor detail command to find all the information he needs about each device to help draw out the bank network .

Cisco Discovery Protocols Configuration commands

Router#show cdp Displays global CDP information (such as timers)

Router#show cdp neighbors Displays information about neighbors

Router#show cdp neighbors detail Displays more detail about the neighbor device

Router#show cdp entry word Displays information about the device named word

Router#show cdp entry * Displays information about all devices

Router#show cdp interface Displays information about interfaces that have CDP running

Router#show cdp interface x Displays information about specific interface x running CDP

Router#show cdp traffic Displays traffic information—packets in/out/version

Router(config)#cdp holdtime x Changes the length of time to keep CDP packets

Router(config)#cdp timer x Changes how often CDP updates are sent

Router(config)#cdp run Enables CDP globally (on by default)

Router(config)#no cdp run Turns off CDP globally

Router(config-if)#cdp enable Enables CDP on a specific interface

Router(config-if)#cdp enable Enables CDP on a specific interface

Router(config-if)#no cdp enable Turns off CDP on a specific interface

Router#clear cdp counters Resets traffic counters to 0

Router#clear cdp table Deletes the CDP table

Router#debug cdp adjacency Monitors CDP neighbor information

Router#debug cdp events Monitors all CDP events

Router#debug cdp ip Monitors CDP events specifically for IP

Router#debug cdp packets Monitors CDP packet-related information

Administration of Cisco devices

In this article I will demonstrate that how can you perform basic administrative task on Cisco devices.

Back Up and Restore IOS

You can use TFTP, FTP, or RCP to transfer an IOS image to or from a server. Only tftp server is covered in CCNA exam so we will cover it. TFTP is the trivial file transfer protocol. Unlike FTP, there are no means of authenticating with a username or password or navigating directories.

To back up your IOS, you will use the copy command from within privileged EXEC mode. The syntax of this command is copy <from> <to>. Thus, if you want to copy an IOS from your IOS to a TFTP server, the syntax would be copy tftp flash. After executing this command, you will be prompted with a number of questions asking for such things as the IOS filename and IP address of the TFTP server.

To restore or upgrade your IOS from a TFTP server to a router, the syntax would be copy tftp flash.

Remember the following troubleshooting steps if you are having difficulties using TFTP:

Verify that the TFTP server is running. Verify cable configurations. You should use a crossover cable between a router and a server or,

if you have a switch, use a straight-through cable from the router to the switch and from the switch to the server.

Verify that your router is on the same subnet as your TFTP server. If you are using a Linux TFTP server, make sure that you first use the touch command to create a

zero-byte file with the name of the IOS image; otherwise, the file will not copy to the TFTP server.

Being a Cisco Associate you should be able to take back and restore of networks critical resources. Cisco devices use Tftp server for this purpose. In real life you should keep daily back up of Cisco IOS and running configuration. In lab we can do the same practical on packet tracker.

Step by Step Guide to Back up and Restore of Network Devices

Download this topology and load it in packet tracer

As you can see in diagram we have a TFTP server connected with router from cross cable. A pc is connected with router from console cable. IP address on Server is 10.0.0.2 and 10.0.0.1 on routers fast Ethernet port 0/0 is already configured.

Now your task is to take the back of running configuration on tftp server. So we can retrieve it in any situations.

Double click on pc0 click on Desktop tab select terminal click on terminal configuration ( Do not change default setting). Click on ok This will emulate Router on screen

Now Follow these steps

R1>enableR1#copy running-config tftp:Address or name of remote host []? 10.0.0.2Destination filename [R1-confg]?.!![OK - 359 bytes]

359 bytes copied in 3.078 secs (0 bytes/sec)R1#

Now we have taken the backup of running configuration. To verify it click on Server and select config tab and click on TFTP and scroll down. At the end of window you can see the backup files.

As you can see in image we have successfully taken the backup. Now open again terminal in PC0 and remove the startup configuration. And reload the router.

R1>enableR1#erase startup-config

Erasing the nvram filesystem will remove all configuration files! Continue? [confirm][OK]Erase of nvram: complete%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvramR1#reloadProceed with reload? [confirm]

Now router will restart and as we have already discussed in our pervious article Booting process of Cisco devices, that router load its running configuration from NARAM. And we have deleted the contain for NAVRAM (Startup-configuration) so it will launch default startup program. Write No and press enter.

Now you will see default router prompt. We have to do some basic setting before connecting the TFTP Server.

Router>enableRouter#configure terminalRouter(config)#interface fastethernet 0/0Router(config-if)#ip address 10.0.0.1 255.0.0.0Router(config-if)#no shutdownRouter(config-if)#exitRouter(config)#exitRouter#

we have done the essential configuration to connect the tftp server. Now restore the configuration back to router

Router#copy tftp running-configAddress or name of remote host []? 10.0.0.2Source filename []? R1-confgDestination filename [running-config]?

Loading R1-confg from 10.0.0.2: ![OK - 359 bytes]

359 bytes copied in 0.032 secs (11218 bytes/sec)R1#

At this point the configuration is in RAM so you will lost it on reboot so copy it in NVRAM.

R1#copy running-config startup-configDestination filename [startup-config]?Building configuration...[OK]R1#

Step by step guide on How to update IOS

Being a CCNA certified associate you should also be capable to update the IOS of Cisco devices. This process include the serious risk of getting defective of device. So don’t do it on live device until you became perfect on simulator.

Download this topology and load it in packet tracer

IP and other setting is already configured on Server and Router. We have new IOS stored on TFTP Server. Double click on pc0 click on Desktop tab select terminal click on terminal configuration ( Do not change default setting). This will emulate Router on screen.

First step toward the updating of IOS is to check the available space in flash

R1>enableR1#sh flash

System flash directory:File Length Name/status 1 33591768 c1841-advipservicesk9-mz.124-15.T1.bin[33591768 bytes used, 30424616 available, 64016384 total]63488K bytes of processor board System flash (Read/Write)R1#

As you can see in output we have 30424616 bytes free available. We can download new IOS in flash from TFTP Server. To load new IOS

R1#copy tftp flashAddress or name of remote host []? 10.0.0.2Source filename []? c1841-ipbasek9-mz.124-12.binDestination filename [c1841-ipbasek9-mz.124-12.bin]?.Loading c1841-ipbasek9-mz.124-12.bin from 10.0.0.2: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!![OK - 16599160 bytes]

16599160 bytes copied in 5.989 secs (620180 bytes/sec)

As you can see in output we have downloaded new IOS now we can remove old IOS

R1#delete flash:c1841-advipservicesk9-mz.124-15.T1.binDelete filename [c1841-advipservicesk9-mz.124-15.T1.bin]?Delete flash:/c1841-advipservicesk9-mz.124-15.T1.bin? [confirm]

R1#show flash

System flash directory:File Length Name/status 2 16599160 c1841-ipbasek9-mz.124-12.bin[16599160 bytes used, 47417224 available, 64016384 total]63488K bytes of processor board System flash (Read/Write)R1#

Now restart the router to take effect of new IOS

R1#reloadProceed with reload? [confirm]

%SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command.System Bootstrap, Version 12.3(8r)T8, RELEASE SOFTWARE (fc1)Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory.

Self decompressing the image :################################################################# [OK] Restricted Rights Legend

Cisco IOS Software, 1841 Software (C1841-IPBASEK9-M), Version 12.4(12),Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2006 by Cisco Systems, Inc.Compiled Mon 15-May-06 14:54 by pt_teamImage text-base: 0x600790EC, data-base: 0x61480000Cisco IOS Software, 1841 Software (C1841-IPBASEK9-M), Version 12.4(12),Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2006 by Cisco Systems, Inc.Compiled Mon 15-May-06 14:54 by pt_team

--- System Configuration Dialog ---

Continue with configuration dialog? [yes/no]: no

Press RETURN to get started!

Router>

As you can see in output router is booted from new IOS. As new IOS is loaded so all pervious configuration will also be removed load it again from TFTP Server and save it to NVRAM.

Other Useful administrative commands

no ip domain-lookup

Router(config)#no ip domain-lookup

Ever type in a command incorrectly and are left having to wait for a minute or two as the router tries to translate your command to a domain server of 255.255.255.255? The router is set by default to try to resolve any word that is not a command to a Domain Name System (DNS) server at address 255.255.255.255. If you are not going to set up DNS, turn off this feature to save you time as you type, especially if you are not good in typing.

logging synchronous

Router(config)#line console 0Router(config-line)#logging synchronousRouter(config-line)#exitRouter(config)#

Some time it happens that you are typing a command and an informational line appears in the middle of what you were typing? Lose your place? Do not know where you are in the command, so you just press R and start all over? The logging synchronous command tells the router that if any informational items get displayed on the screen, your prompt and command line should be moved to a new line, so as not to confuse you. The informational line does not get inserted into the middle of the command you are trying to type. If you were to continue typing, the command would execute properly, even though it looks wrong on the screen.

exec-timeout

Router(config)#line console 0Router(config-line)#exec-timeout 0 0Router(config-line)#

The command exec-timeout 0 0 is great for a lab environment because the console never logs out. This is considered to be bad security and is dangerous in the real world. The default for the exec-timeout command is 10 minutes and zero (0) seconds (exec-timeout 10 0).

erase startup-config

Router#erase startup-config

Some time you want to reconfigure the router. Or want to sell the old one. In such a scenario you would like to erase the start up configuration. The running configuration is still in dynamic memory. Reload the router to clear the running configuration.

do Command

Router(config)#do show running-config

The do command is useful when you want to execute EXEC commands, such as show, clear, or debug, while remaining in global configuration mode or in any configuration submode. You cannot use the do command to execute the configure terminal command because it is the configure terminal command that changes the mode to global configuration mode

Summary of Useful commands for administrations

Router(config)#boot system flash imagename

Loads the Cisco IOS Software with image-name

Router(config)#boot system tftp image-name 172.16.10.3

Loads the Cisco IOS Software with image-name from a TFTP server

Router(config)#boot system rom

Loads the Cisco IOS Software from ROM.

Router(config)#exit exit from global configurations

Router#copy running-config startup-config

Saves the running configuration to NVRAM. The router will execute commands in their order on the next reload.

Router#copy running-config startup-config

Saves the running configuration from DRAM to NVRAM (locally).

Router#copy running-config tftpCopies the running configuration to the remote TFTP server

Address or name of remote host[ ]? 192.168.1.20

The IP address of the TFTP server. Press Enter key

Destination Filename [Router-confg]?

The name to use for the file saved on the TFTP server Press Enter key

!!!!!!!!!!!!!!! Each bang symbol (!) = 1 datagram of data.

624 bytes copied in 7.05 secs

Router# File has been transferred successfully

Router#copy tftp running-configCopies the configuration file from the TFTP server to DRAM.

Address or name of remote host[ ]? 192.168.119.20

The IP address of the TFTP server.

Source filename [ ]?Router-confg

Enter the name of the file you want to retrieve

Destination filename [running-config]?

Press Enter key

Router# File has been transferred successfully.

Router#copy flash tftp Backup of flash to tftp

Router#copy tftp flash Restore flash from tftp server

SDM Security Device Manager

SDM is a web-based application, implemented with Java that manages the basic administration and security features on a Cisco router. SDM is installed in the router’s flash memory and is remotely accessed from an administrator’s desktop using a web browser with Java and Secure Sockets Layer (SSL) (HTTPS). Originally, Cisco developed SDM for small office/home office (SOHO) networks, where the administrator performing the configuration is probably not familiar with Cisco's CLI.

SDM was designed by Cisco to allow you to perform basic administration functions and to manage the security features of your router. SDM cannot perform all functions that can be performed from the CLI, such as the configuration of complex QoS policies or the Border Gateway Protocol (BGP) routing protocol, to name a couple. Nor are all interface types supported within SDM, such as ISDN and dialup. However, for the features and interface types not supported, you can still configure these from the CLI of the router.Likewise, most troubleshooting tasks are still done from the CLI with show and debug commands.

PC Requirements

Operating System Xp, Vista, Server 2000, ( not Advance server), Server2003 Internet browser Internet Explorer higher then 5.6, Mozilla firefox Java installed. Minimally you'll need version 1.4.2(08) of Sun's Java Runtime

Environment (JRE). Minimum screen resolution of 1024x768. (a resolution lower than this will not allow you to view the entire Java-based

screen). On your router, you'll minimally need IOS version 12.2 for SDM to function;

and depending on the version of SDM, you will need between 5MB and 8MB of available flash

on your router.

The default user account and passwords in the sdmconfig-xxxx.cfg file included with SDM are sdm and sdm—don't use these! Change them before copying and pasting the configuration from the sdmconfig file into the router. Everyone knows these passwords, and these are the first passwords an attacker will guess to break into the router.

SDM Security Device Manager File Descriptions

Filename Description

common.tarSupport file for SDM

securedesktop-ios-xxxx-k9.pkg

Cisco Secure Desktop (CSD) client software for the SSL VPN client, where xxxx represents the version number of CSD

sslclient-win-xxxx.pkg

SSL VPN Client (SVC) tunneling software, where xxxx represents the version of SVC

es.tarApplication file for SDM

home.shtmlSupport HTML file for SDM

home.tarSupport file for SDM

sdmconfig-xxxx.cfg Default router configuration with commands necessary to access SDM, where xxxx represents the model number of the router

wlanui.tarWireless application setup program for a radio module installed in the router

sdm.tarSDM application file

xxxx.sdf IPS signature files (some common names are attack-drop.sdf, 128MB.sdf, 256MB.sdf, and sdmips.sdf)

Necessary Router Configuration

Step 1 Enable the HTTP and HTTPS servers on your router by entering the following commands in global configuration mode:

Router# configure terminalEnter configuration commands, one per line. End with CNTL/Z.Router(config)# ip http serverRouter(config)# ip http secure-serverRouter(config)# ip http authentication localRouter(config)# ip http timeout-policy idle 600 life 86400 requests 10000

Step 2 Create a user account defined with privilege level 15 (enable privileges). Enter the following command in global configuration mode, replacing username and password with the strings that you want to use:

Router(config)# username username privilege 15 secret 0 password

For example, if you chose the username admin and the password vinita, you would enter the following:

Router(config)# username admin privilege 15 secret 0 vinita

You will use this username and password to log in to Cisco SDM.

Step 3 Configure SSH and Telnet for local login and privilege level 15. Use the following commands:

Router(config)# line vty 0 4Router(config-line)# privilege level 15Router(config-line)# login localRouter(config-line)# transport input telnet sshRouter(config-line)# exit

Step 4 Assign ip address to Fast Ethernet port. This will be used to access this router

Router(config)#interface fastethernet 0/0Router(config-if)#ip address 192.168.1.1 255.255.255.0Router(config-if)#no shutdown

Accessing SDM

Cisco SDM is stored in the router flash memory. It is invoked by executing an HTML file in the router archive, which then loads the signed Cisco SDM Java file. To launch Cisco SDM, complete the following steps:

Step 1 From your browser, enter the following URL:

https://<router IP address> In our example it would be https://192.168.1.1

The https:// designation specifies that SSL protocol be used for a secure connection. The http:// designation can be used if SSL is not available.

Step 2 The Cisco SDM home page will appear in the browser window. The username and password dialog box will appear. The type and shape of the dialog box will depend on the type of browser that you are using. Enter the username and password for the privileged (privilege level 15) account on your router. The Cisco SDM Java applet will begin loading to your PC's web browser.

Step 3 Cisco SDM is a signed Java applet. This can cause your browser to display a security warning. Accept the certificate. Cisco SDM displays the Launch page.