OSI MODEL Application interfaces with application / provides network access to applications Presentation puts the data in known

nown ways / encryption services Session starts and ends the session / logically keeps sessions separate Transport defaults how to send data / defines service ports (ex 80 is HTTP) Network provides logical addressing (ex 10.1.1.5) / Finds best path to a destination Data link Provides physical addressing (ex a1:b2:c3:d4:e5:f6) / error checking Physical Provides access to cables / electrical signaling (1s and 0s) Usable Class Addresses: Class A is 1-126 in first octet Class B is 128-191 in first octet Class C is 192-1223 in first octet Usable Private Addresses: Class A 10.0.0.0 10.255.255.255 Class B 172.16.0.0 172.31.255.255 Class C 192.168.0.0 192.168.255.255

CSMA/CD Is a set of rules governing how devices talk on a Ethernet network Carrier The network signals Sense The ability to detect signals Multiple Access All devices have equal access Collision What happens if two devices send at once Detection How the computers handle collisions when they happen Methods of communication Unicast One to one communication Broadcast One to all communication Multicast One to group communication Setting up DHCP threw Command Line (config) Ip dhcp exclude (A.B.C.D) (A.B.C.D) (config) IP dhcp pool (Poolname) (dhcp-config) Network (A.B.C.D ) (A.B.C.D) (dhcp-config) Default-route (A.B.C.D) (dhcp-config) Dns-server (A.B.C.D) Types of Routing Protocols Distance Vector RIP & IGRP (Small Networks) Easy Setup

 Not many Features Link State OSPF & IS-IS (Large Networks) Difficult Setup Many Features Hybrid EIGRP (Not Widely used) Easy Setup Many Features Proprietary (Cisco Only) *** Show ip protocols (used to show protocol information) RIP RIPV1 o Classful Version (Doesnt support VLSM [subneting]) o No Authentication o Broadcasts every 30 Seconds RIPV2 o Classless Version (Does support VLSM[subneting]) o Has Authentication o Multicast How to setup RIPV2: o (config) Router rip o (config-router) Version 2 o (config-router) No auto-summary

o (config-router) Network (A.B.C.D) (Tells RIP what networks to advertise & what interfaces to advertise on) Types of routing protocols Distance Vector o Easy to configure o Not many fetures o Rip, igrp Link state o Difficult to configure o Many Features o Ospf, is-is Hybrid o Best of both o Proprietary (only Cisco) o Eigrip Loop Prevention (for RIP) 1 Maximum distance 16 hops Maximum Route poisoning When route goes down sets hop count to 16 Triggered updates Immediately set to 16 hops (no wait timer) Split horizon router will not send updates about specific networks to the router it learned it from

 Hold down timers When a network route is down no updates will be accepted about that network until a certain time OSPF Area group of router that all have the same information (More than 50 router in an area is not recommended) ABR Area Border Router All areas must connect to area 0 All router in an area have the same topology table ASBR Autonomous system boundary router border router for other networks (ex. Internet) Hello messages send every 10 seconds on broadcast/p2p networks, or 30 seconds on nbma networks(frame relay) How to setup o (config) Router ospf (process ID #) o (config-router) Network (A.B.C.D) (wildcardmask) area 0 (to selected interfaces, not networks) EIGRP Pros o Backup routes o Simple configuration

o Flexibility in summarization o Unequal cost load-balancing o Supports multiple networks protocols Cons o Proprietary (only Cisco) Terms o Neighbor Table List of Directly connected routes o Topology Table List of all routers Successor route that is used in routing table (main connection) Feasible successor backup connection o Routing table list of routes being used How to configure o (config) Router eigrp (#) (# must be the same for all of network) o (config-router) Network (A.B.C.D) or (A.B.C.D) (wildcardmask) o (config-router) no auto-summary (optional) ACLs what they can be used for o access control o NAT o quality of service o demand dial routing

o policy routing o route filtering Reads top to bottom and stops once it finds it Deny all at the bottom of all ACLs ACLs types o Standard Matches based on source address Low processor utilization Affect depends on application Apply closest to destination How to: (config)Access-list (1-99) (deny/permit) (IP A.B.C.D / any) (Wildcard A.B.C.D) (config-if) ip access group (1-99) (in/out) Permit all (config) Access-list (1-99) permit any o Extended Matches based on source and/or destination address, protocol, source and/or destination ports Higher processor utilization Apply closest to source How to: (config))Access-list (100-199) (deny/permit) (protocol) (Source IP

A.B.C.D / any) (Source Wildcard A.B.C.D) (Destination IP A.B.C.D / any) (Destination Wildcard A.B.C.D) (config-if) ip access group (1-99) (in/out) Permit all (config) Access-list (100199) permit ip any any o Dynamic o Reflexive (established) Allows return traffic for internal requests o Time-based o Context-based access control (CBAC) NAT Dynamic NAT o Connects a group of address to another group of address dynamically o Setup with overload: (config) Ip nat pool (pool name) (A.B.C.D start) (A.B.C.D end) netmask (netmask) (config) ACCESS-LIST (#) permit (A.B.C.D) (wildcardmask) (config) Ip nat inside source list (#) pool (pool name) overload NAT odiddle verload (PAT)

o Connects a group of private address to a single public address dynamically o Setup: (config) Interface (interface #) (config-if) Ip nat inside (config-if) Exit (config) Interface (interface #) (port connected to internet) (config-if) Ip nat outside (config-if) Exit (config) ACCESS-LIST (#) permit (A.B.C.D) (wildcardmask) (config) Ip nat inside source list (#) interface (interface #) overload Static NAT o Connects a single private address (and a port) to a single public address (and a port) o Setup simple static nat mapping: (config) Ip nat inside source static (A.B.C.D private) (A.B.C.D public) o Setup static port mapping: (config) Ip nat inside source static tcp (A.B.C.D private) (port #) (A.B.C.D public) (port #) VPN

 IPSec the security protocol used for VPNs apart of the transport layer Types of VPNs o Site to site (L2L) connects one router to another router o Remote access connects one device (usually a pc) to a router Symmetric encryption routers use a shared key to encrypt the data Asymmetric encryption router A sends a public key to router B. router B sends a shared key that is encrypted by the public key to router A. router A unencryptes the shared key with the private key that it keeps local. The communication now uses the shared key to encrypt future data. A new shared key will be generated at a set time. Types of WAN Connections Leased lines: Dedicated bandwidth between locations (Expensive but quick) o Encapsulation types: HDLC *cisco default Cisco proprietary Low overhead No features PPP

 Industry standard Moderate overhead Features o Ex. T1 / E1 = 1.544mbps Circuit switched: on demand bandwidth between locations (cheep but slow) o Encapsulation types: o Dialup o ISDN Packet switched: Shared, but guaranteed bandwidth between locations (most used) o Encapsulation types: MPLS Frame Relay ATM X25 PPP Industry standard Moderate overhead Features o Authentication Pap Chap uses hash not encryption

o Compression o Callback o Multilink(bundles multiple T1 connections) o Setup PPP: (config-if) Encapsulation ppp o Setup chap: (config) username (other router name) password (password) (cofnig) ppp authentication chap --repeat on other router Frame relay Committed information rate (CIR) minimum logical bandwidth Local access rate (LAR) maximum physical bandwidth Local management interface protocol used on the connection to the ISP Data link connection identifier (DLCI) identifier for each line Permanent virtual circuit single connections to other frames relay routers Types of frame relay PVC designs o Hub and spoke all connections at one point o Full mesh all connections connected to all points

o Partial mesh all connection connected to some/all points Multipoint design o All routers on same subnet o Multiple DLCI numbers mapped to interface o Causes problems with split horizon Point to point design o All router on different subnets o Point to point sub-interface created for each DLCI o No problem with split horizon Setup multipoint o (config-if) encapsulation frame-relay o (config-if) frame-relay map ip (A.B.C.D remote router ip) (Local-DLCI#) broadcast Setup Point-to-point o (config-if) encapsulation frame-relay o (config-if) interface (interface).(#) point-to-point o (config-if) frame-relay interface-dlci (localDLCI#) Troubleshooting commands o Show frame-relay map o Show frame-relay pvc o Show frame-relay lmi

IPv6

 Address size moved from 32-bit (IPv4) to 128-bit (IPv6) All current Routing protocols are now IPv6 compatible Addresses: o Link-local include mac address o Unique-local similar to local address o Global Global internet address Setup: o (Config) ipv6 unicast-routing o (config) interface (interface #) o (config-if) ipv6 address (1111:2222::3333) Migration to IPv6 o Dual-stack routers Routers that run IPv4 & IPv6 o Tunneling allows IPv4 talk to IPv4 threw IPv6 and allows IPv6 talk to IPv6 threw IPv4 o NAT-PT allows IPv4 networks to NAT over to IPv6

Known Ports Por t# 20 21 22 23 25 53 Protoco l TCP TCP TCP TCP TCP UDP, TCP Applicatio n FTP Data FTP Control SSH Telnet SMTP DNS Port # 67,6 8 69 80 110 161 443 Protoco Applicatio l n UDP DHCP UDP TCP TCP UDP TCP TFTP HTTP POP3 SNMP SSL

Administrative distance Connected Route = 0 Static route = 1 EIGRP Summary = 5 External BGP = 20 EIGRP (Internal) = 90 OSPF = 110 ISIS = 115 RIP = 120 EIGRP (External) = 170