ICND1 Po D st o N be o ta, t D no upl t f ica or te re : lea se Interconnecting Cisco Networking Devices, Part Volume Version 2.0 Student Guide Part Number: 97-3242-01 www.CareerCert.info Po D st o N be o ta, t D no upl t f ica or te re : lea se Americas Headquarters Cisco Systems, Inc San Jose, CA Asia Pacific Headquarters Cisco Systems (USA) Pte Ltd Singapore Europe Headquarters Cisco Systems International BV Amsterdam, The Netherlands Cisco has more than 200 offices worldwide Addresses, phone numbers, and fax numbers are listed on the Cisco Website at www.cisco.com/go/offices Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S and other countries To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks Third party trademarks mentioned are the property of their respective owners The use of the word partner does not imply a partnership relationship between Cisco and any other company (1110R) DISCLAIMER WARRANTY: THIS CONTENT IS BEING PROVIDED “AS IS.” CISCO MAKES AND YOU RECEIVE NO WARRANTIES IN CONNECTION WITH THE CONTENT PROVIDED HEREUNDER, EXPRESS, IMPLIED, STATUTORY OR IN ANY OTHER PROVISION OF THIS CONTENT OR COMMUNICATION BETWEEN CISCO AND YOU CISCO SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE This learning product may contain early release content, and while Cisco believes it to be accurate, it falls subject to the disclaimer above © 2013 Cisco Systems, Inc www.CareerCert.info Welcome Students Note Students, this letter describes important course evaluation access information Welcome to Cisco Systems Learning Through the Cisco Learning Partner Program, Cisco is committed to bringing you the highest-quality training in the industry Cisco learning products are designed to advance your professional goals and give you the expertise that you need to build and maintain strategic networks Po D st o N be o ta, t D no upl t f ica or te re : lea se Cisco relies on customer feedback to guide business decisions; therefore, your valuable input will help shape future Cisco course curricula, products, and training offerings Please complete a brief Cisco online course evaluation of your instructor and the course materials in this student kit On the final day of class, your instructor will provide you with a URL directing you to a short postcourse evaluation If there is no Internet access in the classroom, please complete the evaluation within the next 48 hours or as soon as you can access the web On behalf of Cisco, thank you for choosing Cisco Learning Partners for your Internet technology training Sincerely, Cisco Systems Learning www.CareerCert.info The Cisco M-Learning Test and Study App The Cisco M-Learning Test and Study app is the ideal on-the-go study application for those preparing for Cisco certifications Po D st o N be o ta, t D no upl t f ica or te re : lea se Scan the following QR code to get the free Cisco M-Learning Test and Study app along with the 20 free exam questions and free TCP/IP Architecture video www.CareerCert.info Table of Contents Course Introduction I1 Po D st o N be o ta, t D no upl t f ica or te re : lea se Overview Course Goal and Objectives Course Flow Your Training Curriculum Additional References Building a Simple Network I1 I2 I3 I4 I7 11 Exploring the Functions of Networking What Is a Network? Physical Components of a Network Interpreting a Network Diagram Impact of User Applications on the Network Characteristics of a Network Physical vs Logical Topologies Summary Understanding the Host-to-Host Communications Model Introducing Host-to-Host Communications OSI Reference Model TCP/IP Protocol Suite Encapsulation and De-Encapsulation Peer-to-Peer Communications Summary Introducing LANs 13 14 16 17 18 19 111 113 115 116 118 120 121 123 124 125 Local Area Networks LAN Components Need for Switches Switches Summary 126 127 129 131 132 Operating Cisco IOS Software Cisco IOS Software Features and Functions Cisco IOS CLI Functions User EXEC Mode Privileged EXEC Mode Help Functions in the CLI CLI Error Messages Managing Cisco IOS Configurations Improving the User Experience in the CLI Summary Starting a Switch 133 134 135 136 137 138 140 142 147 150 151 Switch Installation Switch LED Indicators Connecting to a Console Port 152 153 154 www.CareerCert.info Basic Switch Configuration Verifying the Switch Initial Startup Status Summary Understanding Ethernet and Switch Operation 156 159 162 163 164 170 171 Switching Operation Duplex Communication Configuring Duplex and Speed Options Summary 174 176 178 181 Po D st o N be o ta, t D no upl t f ica or te re : lea se Ethernet LAN Connection Media Ethernet Frame Structure MAC Addresses Troubleshooting Common Switch Media Issues Common Troubleshooting Tools Media Issues Troubleshooting Switch Media Issues Port Issues Troubleshooting Port Issues Summary Module Summary Module Self-Check 184 186 188 192 195 197 199 1101 Establishing Internet Connectivity 21 Understanding the TCP/IP Internet Layer Internet Protocol IPv4 Address Representation IPv4 Header Address Fields Decimal and Binary Systems Decimal-to-Binary Conversion IP Address Classes Reserved IPv4 Addresses Domain Name System Verifying the IPv4 Address of a Host Summary 23 24 26 27 28 29 211 213 215 216 218 Understanding IP Addressing and Subnets Subnets Subnet Masks Octet Values of a Subnet Mask Default Gateways Computing Usable Subnetworks and Hosts Applying Subnet Masks Determining the Network Addressing Scheme Example: Addressing Scheme Variable-Length Subnet Mask VLSM Example Summary ii 183 Interconnecting Cisco Networking Devices, Part www.CareerCert.info 219 220 222 224 227 229 231 233 237 239 241 244 © 2013 Cisco Systems, Inc Understanding the TCP/IP Transport Layer 245 247 249 251 252 254 256 Summary 258 Po D st o N be o ta, t D no upl t f ica or te re : lea se TCP/IP Transport Layer Functions Reliable vs Best-Effort Transport TCP vs UDP Analogy UDP Characteristics TCP Characteristics TCP/IP Applications Exploring the Functions of Routing 259 Role of a Router Router Characteristics Router Functions Path Determination Routing Table Types of Routes Dynamic Routing Protocols Summary 260 261 263 265 266 267 269 271 Configuring a Cisco Router 273 Initial Router Startup Initial Router Setup Configuring Router Interfaces Configuring the Cisco Router IP Address Verifying Interface Configuration and Status Exploring Connected Devices Cisco Discovery Protocol Discovering Neighbors Using Cisco Discovery Protocol Summary 274 275 276 278 279 282 283 284 286 Exploring the Packet Delivery Process 287 Layer Addressing Layer Addressing Address Resolution Protocol Host-to-Host Packet Delivery Role of a Switch in Packet Delivery Summary 288 290 292 295 2104 2107 Enabling Static Routing 2109 Routing Operations Static and Dynamic Routing Comparison When to Use Static Routing Static Route Configuration Default Routes Static Route Configuration Verification Summary 2110 2112 2113 2114 2116 2118 2120 Managing Traffic Using ACLs 2121 Using ACLs ACL Operation 2122 2123 © 2013 Cisco Systems, Inc Student Guide www.CareerCert.info iii ACL Wildcard Masking Wildcard Bit Mask Abbreviations Types of ACLs Testing an IP Packet Against a Numbered Standard Access List Basic Configuration of Numbered Standard IPv4 ACLs Summary Enabling Internet Connectivity 2124 2127 2128 2130 2131 2133 2135 2137 2138 2140 2141 2142 2143 2145 2147 2149 2150 2151 2152 2153 2155 2156 2157 2159 2160 2161 2165 2169 Po D st o N be o ta, t D no upl t f ica or te re : lea se The Demarcation Point Dynamic Host Configuration Protocol Options for Configuring a Provider-Assigned IP Address Configuring a Static Provider-Assigned IP Address Configuring a DHCP Client Public vs Private IPv4 Addresses Introducing NAT Types of Addresses in NAT Types of NAT Understanding Static NAT Configuring Static NAT Verifying Static NAT Configuration Understanding Dynamic NAT Configuring Dynamic NAT Verifying Dynamic NAT Configuration Understanding PAT Configuring PAT Verifying PAT Configuration Troubleshooting NAT Troubleshooting NAT Case Study Summary Module Summary Module Self-Check 2171 2173 Managing Network Device Security 31 Securing Administrative Access 33 Network Device Security Overview Securing Access to Privileged EXEC Mode Securing Console Access Securing Remote Access Enabling Remote Access Connectivity Limiting Remote Access with ACLs External Authentication Options Configuring the Login Banner Summary Implementing Device Hardening 317 Securing Unused Ports Port Security iv 34 35 37 38 311 312 313 314 315 318 320 Interconnecting Cisco Networking Devices, Part www.CareerCert.info © 2013 Cisco Systems, Inc Port Security Configuration Port Security Verification Disabling Unused Services Network Time Protocol Configuring NTP Verifying NTP Summary 323 325 328 331 333 334 335 337 Po D st o N be o ta, t D no upl t f ica or te re : lea se Implementing Traffic Filtering with ACLs Using ACLs to Filter Network Traffic ACL Operation Applying ACLs to Interfaces The Need for Extended ACLs Configuring Numbered, Extended IPv4 ACLs Configuring Named ACLs ACL Configuration Guidelines Monitoring ACLs Troubleshooting Common ACL Errors Summary 338 339 340 342 344 346 348 349 350 357 Module Summary Module Self-Check 359 361 Building a Medium-Sized Network 41 Implementing VLANs and Trunks 43 Issues in a Poorly Designed Network VLAN Introduction Trunking with 802.1Q Creating a VLAN Assigning a Port to a VLAN Configuring an 802.1Q Trunk VLAN Design Considerations Physical Redundancy in a LAN Summary 44 46 47 411 413 416 418 420 422 Routing Between VLANs 423 Purpose of Inter-VLAN Routing Options for Inter-VLAN Routing Configuring a Router with a Trunk Link Summary 423 425 428 431 Using a Cisco Network Device as a DHCP Server 433 Need for a DHCP Server Understanding DHCP Configuring a DHCP Server Monitoring DHCP Server Functions DHCP Relay Agent Summary 433 435 436 438 441 443 Introducing WAN Technologies © 2013 Cisco Systems, Inc 445 Student Guide www.CareerCert.info v Introducing WANs WANs vs LANs Role of Routers in WANs WAN Communication Link Options Point-to-Point Connectivity Configuring a Point-to-Point Link Summary 445 448 450 451 452 453 454 455 Po D st o N be o ta, t D no upl t f ica or te re : lea se Introducing Dynamic Routing Protocols Purpose of Dynamic Routing Protocols Interior and Exterior Routing Protocols Distance Vector and Link-State Routing Protocols Understanding Link-State Routing Protocols Summary Implementing OSPF 465 Introducing OSPF OSPF Adjacencies SPF Algorithm Router ID Configuring Single-Area OSPF Verifying OSPF Configuration Summary 465 467 469 471 473 476 480 Module Summary Module Self-Check 481 483 Introducing IPv6 51 Introducing Basic IPv6 53 IPv4 Addressing Exhaustion Workarounds IPv6 Features IPv6 Addresses IPv6 Unicast Addresses IPv6 Addresses Allocation Basic IPv6 Connectivity Summary Understanding IPv6 54 56 57 59 512 513 516 517 IPv6 Header Changes and Benefits ICMPv6 Neighbor Discovery Stateless Autoconfiguration Summary 518 520 521 522 525 Configuring IPv6 Routing vi 455 458 459 461 464 527 Routing for IPv6 Static Routing OSPFv3 Summary 528 530 533 537 Module Summary 539 Interconnecting Cisco Networking Devices, Part www.CareerCert.info © 2013 Cisco Systems, Inc ... falls subject to the disclaimer above © 2013 Cisco Systems, Inc www.CareerCert.info Welcome Students Note Students, this letter describes important course evaluation access information Welcome to... Managing Traffic Using ACLs 2121 Using ACLs ACL Operation 2122 2123 © 2013 Cisco Systems, Inc Student Guide www.CareerCert.info iii ACL Wildcard Masking Wildcard Bit Mask Abbreviations Types of... Summary 433 435 436 438 441 443 Introducing WAN Technologies © 2013 Cisco Systems, Inc 445 Student Guide www.CareerCert.info v Introducing WANs WANs vs LANs Role of Routers in WANs WAN Communication