Index
Symbols
10GigE (Gigabit Ethernet), 34
802.3 standards, 34
2960 Catalyst switch configuration, 201-203
A
access control lists. See ACLs
access layer switches, 2
access-list command, 228
accessing Cisco IOS
CLI EXEC sessions, 46
CLI navigation and editing shortcuts, 47-48
command history, 48
connecting to Cisco devices, 45-46
help, 46
IOS examination commands, 48
subconfiguration modes, 49
defining, 221
extended numbered ACLs, configuring, 230-231
identifying, 225
named ACLs, configuring, 231-233
standard numbered ACLs, configuring, 227-230
troubleshooting, 281
host connectivity issues, 282-283
types of, 224
AD (administrative distance), 126-127
Address Resolution Protocol (ARP), 20
addresses. See IPv4 addressing; IPv6 addressing
addressing table for CCENT skills review, 296
administrative distance (AD), 126-127
any keyword, 229
anycast addresses, 106
Application layer (OSI), 18
application layer (TCP/IP), 19-21
applications
batch applications, 12
common network applications, 13
growth of, 13
increased network usage, 14
quality of service (QoS), 14
Video over IP, 15
interactive applications, 12
real-time applications, 12
user interactions, 12
area keyword, 176
ARP (Address Resolution Protocol), 20
ARPANET, 18
assigned multicast addresses, 104
assigning VLANs to interfaces, 73-75
asymmetric switching, 44
attacks, mitigating, 250
auto-cost reference-bandwidth command, 179, 188
automatic medium-dependent interface crossover (auto-MDIX), 56
auto-MDIX (automatic medium-dependent interface crossover), 56
AUX ports, 3
B
B1 configuration requirements, 298-299
B2 configuration requirements, 298-299
backup designated routers (BDR), 173
bandwidth command, 179
banner command, 254
banner login command, 54
batch applications, 12
BDR (backup designated routers), 173
bidirectional, 55
bits to borrow, determining, 86
black hole VLANs, 65
broadcast domains, 43
buffering memory, 44
Building Your I.T. Career: A Complete Toolkit for a Dynamic Career in Any Economy (Moran), 309
C
Catalyst 2960 switch configuration, 201-203
CDP (Cisco Discovery Protocol)
disabling, 255
as troubleshooting tool, 291-292
certificates
adding to resumes, 309
certificate support website, 309
certification options, 310
receiving, 309
certified score reports, 307
choosing switches, 2
Cisco Borderless Network, 9-11
Cisco Discovery Protocol (CDP), disabling, 255
Cisco IOS, accessing
CLI EXEC sessions, 46
CLI navigation and editing shortcuts, 47-48
command history, 48
connecting to Cisco devices, 45-46
help, 46
IOS examination commands, 48
subconfiguration modes, 49
classful routing protocols, 122
classless routing protocols, 122-123
clear interface command, 140
clear ip nat translation command, 245
CLI (command-line interface), 41
EXEC sessions, 46
navigation and editing shortcuts, 47-48
clients
client-server interaction, 12
DHCPv4 client configuration, 211-212
collusion domains, 43
command history, 48
command-line interface. See CLI
commands. See specific commands
comments, adding to ACLs (access control lists), 233
common network applications, 13
configuration
B1 and B2 configuration requirements, 298-299
Catalyst 2960 switches, 201-203
configuration files, storing and erasing, 49-50
DHCPv4, 206
relaying DHCPv4 requests, 210-211
DHCPv6
stateful DHCPv6 servers, 217-218
stateless DHCPv6 servers, 216-217
dynamic NAT (Network Address Translation), 243-244
extended numbered ACLs, 230-231
HQ configuration requirements, 298
HQ-Sw configuration requirements, 297-298
IPv4 addressing
configuration requirements, 297
summary static routing, 161-162
banner motd command, 135
command syntax, 134
copy run start command, 136
copy running-config startup-config command, 136
enable secret class command, 135
hostname command, 135
interface status codes, 137-138
service-password encryption command, 135
show interface command, 138-142
show ip interface brief command, 137
show ip route command, 136-137
show running-config command, 136
IPv6 addressing
default routing, 165
summary static routing, 166-167
IPv6 routers
EUI-64 method, 146
full IPv6 address and link-local address configuration, 146-147
ipv6 unicast-routing command, 145-146
network connectivity, verifying, 148-151
show ipv6 interface command, 147-148
ISPs for CCENT skills review, 297
NAT overloading, 244
native and management VLANs, 263
standard numbered ACLs, 227
denying specific host, 228-229
denying specific subnet, 229
denying Telnet or SSH access to router, 229-230
permitting specific network, 228
static NAT (Network Address Translation), 242
switches
automatic medium-dependent interface crossover (auto-MDIX), 56
basic switch configuration commands, 53-55
full-duplex communication, 55
half-duplex communication, 55
network connectivity, verifying, 58-61
port speed, 55
SSH (Secure Shell) access, 56-57
switch ports, verifying, 269
VLANs
default configuration, 72
configuration files, storing and erasing, 49-50
configure terminal command, 49, 53
connectionless protocols, 26
connectivity, verifying, 58-61
console ports, 3
convergence with link-state protocols, 131
copy run start command, 136
copy running-config startup -config command, 54, 136
crypto key generate rsa command, 57
crypto key zeroize rsa command, 57
CSMA/CD algorithm, 33
cut-through switching, 44
D
DAD (Duplicate Address Detection), 105, 212
DARPA (Defense Advanced Research Projects Agency), 18
data encapsulation, 29
Data link layer (OSI), 19
data VLANs, 65
database description (DBD) packets, 170
DBD (database description) packets, 170
debug ip nat command, 246
default administrative distances, 127
default gateways, troubleshooting, 267-268
default-router command, 207
default routing
IPv6 configuration, 165
default VLANs
configuration, 72
explained, 65
Defense Advanced Research Projects Agency (DARPA), 18
defining ACLs (access control lists), 221
denied protocols, troubleshooting, 283-284
deny statement, 231
denying
FTP from subnets, 231
subnets, 229
designated routers (DR), 173
designing ACLs (access control lists), 225-226
determining
how many bits to borrow (subnets), 86
subnet masks, 87
subnet multiplier, 87
IOS security
network security
attack mitigation, 250
best practices, 250
physical security, 249
types of vulnerabilities, 250
NTP (Network Time Protocol), 256-257
services, disabling
Cisco Discovery Protocol (CDP), 255
HTTP, 255
small services, 256
DHCPACK packets, 206
DHCPDISCOVER packets, 205, 210
DHCPNAK packets, 206
DHCPOFFER packets, 205
DHCPREQUEST packets, 206
configuration options, 206
relaying DHCPv4 requests, 210-211
IP addresses, obtaining, 205-206
testing, 269
DHCPv6, 113
ADVERTISE messages, 215
configuration options
stateful DHCPv6 servers, 217-218
stateless DHCPv6 servers, 216-217
INFORMATION-REQUEST messages, 215
REQUEST messages, 215
SOLICIT messages, 215
stateful DHCPv6, 214
stateless DHCPv6, 214
Dijkstra Shortest Path First (SPF) algorithm, 130-131
disabled VLANs, troubleshooting, 274-275
disabling
services
Cisco Discovery Protocol (CDP), 255
HTTP, 255
small services, 256
distance vector routing protocols, 121-122
distribution layer switches, 2
DNS (Domain Name System), 13, 19
dns-server command, 207
domain-name command, 207
Domain Name System (DNS), 13, 19
domains, 43
dot1q keyword, 198
double colon (::) in IPv6 routing, 165
DR (designated routers), 173
DROTHER routers, 173
DTP (Dynamic Trunking Protocol), 68
dual-stacking, 114
duplex auto command, 53
Duplicate Address Detection (DAD), 105, 212
duplicate IP addresses, troubleshooting, 268
Dynamic Host Configuration Protocol. See DHCP
dynamic NAT (Network Address Translation), 240, 243-244
dynamic routing protocols, 119-120
dynamic routing metrics, 125-126
link-state routing protocols
convergence, 131
Dijkstra Shortest Path First (SPF) algorithm, 130-131
link-state database (LSDB), building, 129
routing loop prevention, 128-129
Dynamic Trunking Protocol (DTP), 68
E
EGP (exterior gateway protocols), 121
eHWIC (enhanced high-speed WAN interface card) slots, 3
EIA (Electronics Industry Alliance), 35
EIGRP, 128
Electronics Industry Alliance (EIA), 35
enable password cisco command, 54
enable password command, 55, 251
enable secret class command, 54, 135
enable secret command, 251
encapsulation command, 198
end command, 54
enhanced high-speed WAN interface card (eHWIC) slots, 3
erase nvram command, 50
erase startup-config command, 50
erasing configuration files, 49-50
Ethernet
common Ethernet technologies, 34
CSMA/CD algorithm, 33
legacy Ethernet technologies, 32-34
switches, 36
exams
certified score reports, 307
exam day requirements, 307
post-exam information
adding certificates to resumes, 309-310
certificate support website, 309
certification options, 310
failing exams, 310
receiving certificates, 309
skills review and practice, 295
addressing table, 296
B1 and B2 configuration requirements, 298-299
HQ configuration requirements, 298
HQ-Sw configuration requirements, 297-298
IPv4 addressing configuration requirements, 297
ISP configuration, 297
skills challenge, 305
topology diagram, 295
verification, 299
VLANs and port assignments table, 296
Exec banner, 253
EXEC sessions, 46
exit interface parameter (IPv4 static routing), 157-158
extended ACLs (access control lists), 224
extended numbered ACLs (access control lists), configuring, 230-231
Extended Unique Identifier (EUI), 112
exterior gateway protocols (EGP), 121
F
failing exams, 310
Fast Ethernet, 34
FDDI (Fiber Distributed Data Interface), 9
Fiber Distributed Data Interface (FDDI), 9
File Transfer Protocol (FTP), 13, 20
files (configuration files), storing and erasing, 49-50
flow control, 25
forwarding packets
explained, 117
path determination and switching function example, 118-119
fragment free switching, 44
Frame Relay, 20
FTP (File Transfer Protocol), 13, 20
denying, 231
FTTP (Hypertext Transfer Protocol), 13
full-duplex communication, 55
G
gateways, troubleshooting, 267-268
Gigabit Ethernet, 34
global unicast addresses, 98-101
Graziani, Rick, 95
growth of network applications, 13
increased network usage, 14
quality of service (QoS), 14
Video over IP, 15
H
half-duplex communication, 55
headers
link header, 29
TCP headers, 23
help, Cisco IOS, 46
hierarchical network design, 10-11
hold-down timers, 128
hop count, 125
host keyword, 229
host ranges, listing, 87
hosts
connectivity issues, troubleshooting, 282-283
HQ configuration requirements, 298
HQ-Sw configuration requirements, 297-298
HTTP (Hypertext Transfer Protocol), 13, 20
disabling, 255
I
ICMP (Internet Control Message Protocol), 20
icons, 8
identifying ACLs (access control lists), 225
IDs
interface IDs, 112
IETF (Internet Engineering Task Force), 95
IGP (interior gateway protocols), 121, 128
IMAP (Internet Message Access Protocol), 20
inside global addresses, 238
inside local addresses, 238
interactive applications, 12
interface fastethernet command, 53
interface g0/1.10 command, 198
interface IDs, 112
interface keyword, 244
interface range command, 55
interface status codes, 137-138
interface vlan 123 command, 53
interface vlan command, 200, 202
interfaces
shutting down, 264
troubleshooting, 288
common problems on “up” interfaces, 290
duplex and speed mismatches, 289-290
interface status codes, 288
interior gateway protocols (IGP), 121, 128
Internet Control Message Protocol (ICMP), 20
Internet Engineering Task Force (IETF), 95
Internet layer (TCP/IP), 19, 27
Internet Message Access Protocol (IMAP), 20
Internet Protocol (IP), 20
internetworks, 7
legacy inter-VLAN routing, 195
multilayer switches, 197, 200-203
upstream routing, 203
IOS security
IP (Internet Protocol), 20
ip access-group command, 228, 232-233
ip access-list extended command, 233
ip access-list standard command, 232
ip address dhcp command, 211
IP addresses
duplicate addresses, troubleshooting, 268
inter-VLAN routing and IP addressing, troubleshooting, 269-270
IPv4 address conflicts, 268-269
static IP addresses, testing connectivity with, 269
ip default-gateway command, 54
ip dhcp excluded-address command, 206
ip dhcp pool command, 206
ip domain-name command, 57
ip forward-protocol udp command, 211
ip helper-address address command, 210
ip http authentication enable command, 54
ip http server command, 54
ip ospf cost command, 180
ip route command, 154
ip routing command, 203
IP telephony traffic, 64
ipconfig/all command, 209
ipconfig/release command, 210
ipconfig/renew command, 210
IPv4 addressing, 79
compared to IPv6, 96
configuration requirements, 297
default route configuration, 158-161
network connectivity, verifying, 148-151
private and public IP addressing, 82-83
banner motd command, 135
command syntax, 134
copy running-config startup-config command, 136
copy run start command, 136
enable secret class command, 135
hostname command, 135
interface status codes, 137-138
service-password encryption command, 135
show interface command, 138-142
show ip interface brief command, 137
show ip route command, 136-137
show running-config command, 136
static route configuration, 154-156
exit-interface parameter, 157-158
subnetting steps, 85
determining how many bits to borrow, 86
determining new subnet mask, 87
determining subnet multiplier, 87
example 1, 88
example 2, 88
example 3, 89
listing subnets, host ranges, and broadcast addresses, 87
summarizing subnet addresses, 91-93
VLSM (variable-length subnet masking), 89-91
summary static route configuration, 161-162
IPv4-mapped IPv6 addresses, 103-104
ipv6 address autoconfig command, 217
ipv6 address dhcp command, 217
anycast addresses, 106
compared to IPv4, 96
EUI-64 configuration, 112
default route configuration, 165
global unicast addresses, 98-101
IPv4-mapped IPv6 addresses, 103-104
link-local addresses, 101
loopback addresses, 102
migrating to, 114
multicast addresses
assigned multicast addresses, 104
solicited-node multicast addresses, 104-105
private address space, 247
network connectivity, verifying, 148-151
router configuration
EUI-64 method, 146
full IPv6 address and link-local address configuration, 146-147
ipv6 unicast-routing command, 145-146
network connectivity, verifying, 148-151
show ipv6 interface command, 147-148
stateless address autoconfiguration, 113
static route configuration, 162-164
subnetting
interface ID, 112
summary static route configuration, 166-167
unicast addresses, 98
unique local addresses (ULAs), 102-103
unspecified addresses, 102
IPv6 Fundamentals (Graziani), 95
ipv6 nd managed-config-flag command, 214
ipv6 nd other-config-flag command, 214
ipv6 ospf area command, 186
ipv6 route command, 164
ipv6 router ospf command, 188
ipv6 unicast-routing command, 113, 145-146, 186, 216
isl keyword, 198
ISPs, configuration for CCENT skills review, 297
J-K-L
LAN device connection guidelines, 6
LANs (local area networks)
device connection guidelines, 6
explained, 7
Layer 1 issues, troubleshooting
interface status and switch configuration, 288
common problems on “up” interfaces, 290
duplex and speed mismatches, 289-290
interface status codes, 288
media issues, 287
Layer 2 switching, 44
Layer 3 switching, 44
lease command, 207
legacy Ethernet technologies, 32-34
legacy inter-VLAN routing, 195
line console command, 54
line vty command, 54
link header, 29
link-local addresses, 101
link-state acknowledgment (LSAck) packets, 170
link-state advertisements (LSA), 170-172
link-state database (LSDB), building, 129
link-state request (LSR) packets, 170
link-state routing process (OSPFv2), 174-175
link-state routing protocols, 122
convergence, 131
Dijkstra Shortest Path First (SPF) algorithm, 130-131
link-state database (LSDb), building, 129
link-state update (LSU) packets, 170-172
link trailer, 29
local area networks (LANs)
device connection guidelines, 6
explained, 7
Login banner, 253
login local command, 253
login local vty command, 57
loopback addresses, 102
LSA (link-state advertisements), 170-172
LSAck (link-state acknowledgment) packets, 170
LSDb (link-state database), building, 129
LSR (link-state request) packets, 170
LSU (link-state update) packets, 170-172
M
management VLANs
configuring, 263
explained, 65
matching logic (ACLs), 222-223
mdix auto command, 54
media issues, troubleshooting, 287
memory buffering, 44
message format (OSPFv2), 169
Message of the Day (MOTD), 253
metrics
dynamic routing metrics, 125-126
migrating to IPv6, 114
mitigating network attacks, 250
Moran, Matthew, 309
MOTD (Message of the Day), 253
multicast addresses, 37
assigned multicast addresses, 104
solicited-node multicast addresses, 104-105
multicast traffic, 64
multilayer switches, 197, 200-203
N
named ACLs (access control lists), 224, 231-233
NAT (Network Address Translation), 237-238
benefits, 241
example, 239
limitations, 241
NAT for IPv6
private address space, 247
terminology, 239
topology, 238
verifying, 245
native keyword, 198
native VLANs
configuring, 263
explained, 65
NDP (Neighbor Discovery Protocol), 104, 213
Neighbor Discovery Protocol (NDP), 104, 213
neighbor establishment (OSPFv2), 170-172
Neighbor Solicitation (NS) message, 212
netbios-name-server command, 207
network access layer (TCP/IP), 19, 27-28
Network Address Translation. See NAT
network applications
batch applications, 12
common network applications, 13
growth of, 13
increased network usage, 14
quality of service (QoS), 14
Video over IP, 15
interactive applications, 12
real-time applications, 12
user interactions, 12
network command, 176, 186, 207
network connectivity, verifying, 58-61, 148-151
Network layer (OSI), 19
network management traffic, 64
network security
attack mitigation, 250
best practices, 250
physical security, 249
types of vulnerabilities, 250
Network Time Protocol (NTP), 256-257
networking icons, 8
networking models
OSI model
PDUs (protocol data units), 20-21
TCP/IP model
connection establishment and termination, 25
data encapsulation summary, 29
flow control, 25
layer functions, 19
network access layer, 19, 27-28
User Datagram Protocol (UDP), 26
next-hop parameter (IPv4 static routing), 156-157
no passive-interface command, 178
no service dhcp command, 208
no shutdown command, 53, 198, 200, 202, 264
normal data traffic, 64
NS (Neighbor Solicitation) message, 212
NTP (Network Time Protocol), 256-257
ntp server command, 257
numbered ACLs (access control lists), 224
O
Open Shortest Path First. See OSPFv2; OSPFv3
operational states (trunks), 278-279
organizationally unique identifier (OUI), 36
OSI model
PDUs (protocol data units), 20-21
algorithm, 173
designated routers, 173
link-state advertisements, 172
link-state routing process, 174-175
message format, 169
neighbor establishment, 170-172
OSPFv3 versus
differences, 186
similarities, 185
packet types, 170
OSPFv2 versus
differences, 186
similarities, 185
OUI (organizationally unique identifier), 36
outside global addresses, 238
outside local addresses, 238
overload keyword, 244
overloading NAT (Network Address Translation), 240-241, 244
P
packet forwarding
explained, 117
path determination and switching function example, 118-119
packet types (OSPFv2), 170
passive-interface command, 177-178, 188
passive-interface default command, 178
password cisco command, 54
PAT (Port Address Translation), 240-241, 244
PDUs (protocol data units), 20-21
peer-to-peer interaction, 12
permit statement, 231
LAN device connection guidelines, 6
Physical layer (OSI), 19
physical network security, 249
ping command, 58-60, 148-149, 269
POP (Post Office Protocol), 13, 20
Port Address Translation (PAT), 240-241, 244
port-based memory, 44
ports
AUX ports, 3
console ports, 3
port assignments for CCENT skills review, 296
port-based memory, 44
port speed, 55
restoring after security violations, 261-262
verifying configuration, 269
positive acknowledgment, 24
post-exam information
adding certificates to resumes, 309-310
certificate support website, 309
certification options, 310
failing exams, 310
receiving certificates, 309
Post Office Protocol (POP), 13, 20
Presentation layer (OSI), 18
Privileged EXEC mode, 46
processing ACLs (access control lists), 221-222
protocol data units (PDUs), 20-21
protocols. See specific protocols
Q
QoS (quality of service), 14
quad-zero route, 158
quality of service (QoS), 14
R
RA (Router Advertisement) message, 212
range command, 73
real-time applications, 12
receiving certificates, 309
reference bandwidth, 178
relaying DHCPv4 requests, 210-211
restoring ports after security violations, 261-262
resumes, adding certificates to, 309-310
RIP (Routing Information Protocol), 126, 128, 169
route poisoning, 129
Router Advertisement (RA) message, 212
router ID
in OSPFv2, 177
router ospf command, 176
Router Solicitation (RS) message, 212
IPv4 router configuration, 133-135
banner motd command, 135
command syntax, 134
copy run start command, 136
copy running-config startup-config command, 136
enable secret class command, 135
hostname command, 135
interface status codes, 137-138
service-password encryption command, 135
show interface command, 138-142
show ip interface brief command, 137
show ip route command, 136-137
show running-config command, 136
EUI-64 method, 146
full IPv6 address and link-local address configuration, 146-147
ipv6 unicast-routing command, 145-146
network connectivity, verifying, 148-151
show ipv6 interface command, 147-148
routing. See also routers
classful routing protocols, 122
classless routing protocols, 122-123
distance vector routing protocols, 121-122
dynamic routing protocols
AD (administrative distance), 126-127
dynamic routing metrics, 125-126
routing loop prevention, 128-129
dynamic versus static routing, 119-120
EGP (exterior gateway protocols), 121
IGP (interior gateway protocols), 121, 128
link-state routing protocols, 122, 129
convergence, 131
Dijkstra Shortest Path First (SPF) algorithm, 130-131
link-state database (LSDb), building, 129
packet forwarding
explained, 117
path determination and switching function example, 118-119
Routing Information Protocol (RIP), 126, 169
RS (Router Solicitation) message, 212
Running-config file, 50
S
scavenger class, 64
score reports (exams), 307
sdm prefer lanbase-routing command, 202
Secure Shell. See SSH
security
network security
attack mitigation, 250
best practices, 250
physical security, 249
types of vulnerabilities, 250
port security
restoring after security violations, 261-262
Server Message Block (SMB), 13
servers
DHCPv4 server configuration, 206-210
stateful DHCPv6 server configuration, 217-218
stateless DHCPv6 server configuration, 216-217
service password-encryption command, 54, 135, 252
services, disabling
Cisco Discovery Protocol (CDP), 255
HTTP, 255
small services, 256
Session layer (OSI), 18
shared memory, 44
Shortest Path First (SPF) algorithm, 130-131, 173
show access-lists command, 234
show cdp interface command, 292
show commands, 48
show history command, 48
show interface command, 138-142, 287, 289
show interface status command, 274, 287, 289
show interfaces command, 274
show interfaces switchport command, 274, 279
show interfaces trunk command, 277-278
show ip dhcp conflict command, 269
show ip interface brief command, 137, 180, 199
show ip interface command, 234
show ip nat statistics command, 245
show ip nat translations command, 245-246
show ip ospf command, 177, 182, 189
show ip ospf database command, 189
show ip ospf interface brief command, 183, 189
show ip ospf interface command, 189
show ip ospf interfaces command, 177
show ip ospf neighbor command, 181, 189
show ip protocols command, 126, 177, 180, 189
show ip route command, 125, 136-137, 180, 199
show ip route ospf command, 189
show ip ssh command, 57
show ipv6 interface command, 147-148, 217
show ipv6 ospf command, 189
show ipv6 ospf database command, 189
show ipv6 ospf interface brief command, 189
show ipv6 ospf interface command, 189
show ipv6 ospf neighbor command, 189
show ipv6 protocols command, 189
show ipv6 route command, 164
show ipv6 route ospf command, 189
show mac address-table command, 274
show ntp status command, 257
show port-security command, 260
show running-config command, 136, 235, 270
show vlan brief command, 72-74, 274
show vlan command, 274
show vlan id command, 274
show vlans command, 199
shutting down unused interfaces, 264
Simple Mail Transfer Protocol (SMTP), 13, 20
Simple Network Management Protocol (SNMP), 20
skills review and practice, 295
addressing table, 296
B1 and B2 configuration requirements, 298-299
HQ configuration requirements, 298
HQ-Sw configuration requirements, 297-298
IPv4 addressing configuration requirements, 297
ISP configuration, 297
skills challenge, 305
topology diagram, 295
verification, 299
VLANs and port assignments table, 296
SLAAC (Stateless Address Autoconfiguration), 113, 212-214
small services, disabling, 256
SMB (Server Message Block), 13
SMTP (Simple Mail Transfer Protocol), 13, 20
SNMP (Simple Network Management Protocol), 20
solicited-node multicast addresses, 104-105
speed
port speed, 55
speed auto command, 53
SPF (Shortest Path First) algorithm, 130-131, 173
split horizon, 128
standard ACLs (access control lists), 224
standard numbered ACLs (access control lists), configuring, 227
denying specific host, 228-229
denying specific subnet, 229
denying Telnet or SSH access to router, 229-230
permitting specific network, 228
Startup-config file, 50
stateless address autoconfiguration, 113
Stateless Address Autoconfiguration (SLAAC), 113, 212-214
states
stateless address autoconfiguration, 113
Stateless Address Autoconfiguration (SLAAC), 113, 212-214
trunking operational states, 278-279
static IP addresses, testing connectivity with, 269
static NAT (Network Address Translation), 240-242
exit-interface parameter, 157-158
store-and-forward switching, 44
storing configuration files, 49-50
stub networks, 153
subconfiguration modes, 49
subnet masks
binary values, 82
determining, 87
subnet multiplier, determining, 87
subnets
denying, 229
IPv4 subnetting steps, 85
determining how many bits to borrow, 86
determining new subnet mask, 87
determining subnet multiplier, 87
example 1, 88
example 2, 88
example 3, 89
listing subnets, host ranges, and broadcast addresses, 87
summarizing subnet addresses, 91-93
VLSM (variable-length subnet masking), 89-91
interface ID, 112
subnet masks
binary values, 82
determining, 87
subnet multiplier, determining, 87
summarizing subnet addresses, 91-93
summary static routing
SVIs (switch virtual interfaces), creating additional, 200-201
switch virtual interfaces (SVIs), creating additional, 200-201
switches
access layer switches, 2
benefits of, 36
broadcast domains, 43
choosing, 2
Cisco IOS, accessing
CLI EXEC sessions, 46
CLI navigation and editing shortcuts, 47-48
command history, 48
connecting to Cisco devices, 45-46
help, 46
IOS examination commands, 48
subconfiguration modes, 49
collusion domains, 43
configuring
automatic medium-dependent interface crossover (auto-MDIX), 56
basic switch configuration commands, 53-55
full-duplex communication, 55
half-duplex communication, 55
network connectivity, verifying, 58-61
port speed, 55
SSH (Secure Shell) access, 56-57
distribution layer switches, 2
port configuration, verifying, 269
security
native and management VLANs, configuring, 263
port security, configuring, 259-261
ports, restoring after security violations, 261-262
unused interfaces, shutting down, 264
subconfiguration files, storing and erasing, 49-50
SVIs (switch virtual interfaces), creating additional, 200-201
troubleshooting
common problems on “up” interfaces, 290
duplex and speed mismatches, 289-290
interface status codes, 288
switchport access vlan 123 command, 53
switchport access vlan command, 264, 274
switchport mode access command, 53, 259, 264
switchport mode dynamic auto command, 279
switchport mode dynamic desirable command, 68
switchport mode trunk command, 68
switchport mode trunk dynamic auto command, 68
switchport nonegotiate command, 68
switchport port-security command, 259
switchport port-security mac-address command, 259
switchport port-security mac-address sticky command, 259
switchport port-security maximum command, 259
switchport port-security violation command, 260
switchport trunk native vlan command, 264
symmetric switching, 44
T
TCP (Transmission Control Protocol), 20
TCP headers, 23
TCP/IP model
data encapsulation summary, 29
layer functions, 19
network access layer, 19, 27-28
transport layer, 19
connection establishment and termination, 25
features, 22
flow control, 25
TCP headers, 23
User Datagram Protocol (UDP), 26
Telecommunications Industry Association (TIA), 35
Telnet, 19
terminal history command, 48
terminal history size 50 command, 48
terminal no history command, 48
terminal no history size command, 48
testing DHCPv4 operation, 269
TIA (Telecommunications Industry Association), 35
Time to Live (TTL) field, 129
Token Ring, 9
topology diagram for CCENT skills review, 295
traffic types, 64
Transmission Control Protocol (TCP), 20
transport input ssh command, 251
transport input ssh vty command, 57
transport layer
OSI, 19
TCP/IP, 19
connection establishment and termination, 25
features, 22
flow control, 25
TCP headers, 23
User Datagram Protocol (UDP), 26
triggered updates, 129
troubleshooting
ACLs, 281
host connectivity issues, 282-283
duplicate IP addresses, 268
inter-VLAN routing and IP addressing, 269-270
Layer 1 issues
common problems on “up” interfaces, 290
duplex and speed mismatches, 289-290
interface status and switch configuration, 288
media issues, 287
methodology, 267
NAT (Network Address Translation), 246-247
trunking
show interfaces trunk command, 277-278
VLANs, 273
troubleshooting commands, 274
trunking
DTP (Dynamic Trunking Protocol), 68
troubleshooting
show interfaces trunk command, 278
TTL (Time to Live) field, 129
tunneling, 114
U
UDP (User Datagram Protocol), 20, 26
ULAs (unique local addresses), 102-103
unicast addresses, 98
unique local addresses (ULAs), 102-103
unspecified addresses, 102
unused interfaces, shutting down, 264
upstream routing, 203
User Datagram Protocol (UDP), 20, 26
User EXEC mode, 46
username password command, 57
V
variable-length subnet masking (VLSM), 89-91
verification, 299
ACLs (access control lists), 234-235
NAT (Network Address Translation), 245
network connectivity, 58-61, 148-151
switch port configuration, 269
VLAN creation, 73
Video over IP, 15
virtual local area networks. See VLANs
VLANs (virtual local area networks)
assigning to interfaces, 73-75
black hole VLANs, 65
for CCENT skills review, 296
configuration and verification commands, 72-75
data VLANs, 65
default configuration, 72
default VLANs, 65
enabling/disabling on switch, 274-275
inter-VLAN routing. See inter-VLAN routing
reasons for using, 63
traffic types, 64
troubleshooting, 273
troubleshooting commands, 274
trunking
DTP (Dynamic Trunking Protocol), 68
verifying creation of, 73
VLSM (variable-length subnet masking), 89-91
vulnerabilities (security), types of, 250
W-X-Y-Z
WANs (wide area networks), 7
wide area networks (WANs), 7
wildcard mask, 176
windowing, 25
write erase command, 50