Chapter 3 - Network Layer Ver 7
Chapter 3 - Network Layer Ver 7
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
IPv4 Address Structure
Network and Host Portions
• An IPv4 address is a 32-bit hierarchical address that is made up of a network portion
and a host portion.
• When determining the network portion versus the host portion, you must look at the
32-bit stream.
• A subnet mask is used to determine the network and host portions.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
IPv4 Address Structure
The Subnet Mask
• To identify the network and host portions of an IPv4 address, the subnet mask is
compared to the IPv4 address bit for bit, from left to right.
• The actual process used to
identify the network and
host portions is called
ANDing.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
IPv4 Address Structure
The Prefix Length
• A prefix length is a less cumbersome method used to identify a subnet mask address.
Prefix
Subnet Mask 32-bit Address
• The prefix length is the number Length
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
IPv4 Address Structure
Network, Host, and Broadcast Addresses
• Within each network are three types of IP addresses:
• Network address
• Host addresses
• Broadcast address
Host
Network Portion Host Bits
Portion
Subnet mask 255 255 255 0
255.255.255.0 or /24 11111111 11111111 11111111 00000000
Network address 192 168 10 0
All 0s
192.168.10.0 or /24 11000000 10100000 00001010 00000000
First address 192 168 10 1
All 0s and a 1
192.168.10.1 or /24 11000000 10100000 00001010 00000001
Last address 192 168 10 254
All 1s and a 0
192.168.10.254 or /24 11000000 10100000 00001010 11111110
Broadcast address 192 168 10 255
All 1s
192.168.10.255 or /24 11000000 10100000 00001010 11111111
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Types of IPv4 Addresses
Public and Private IPv4 Addresses
• As defined in in RFC 1918, public IPv4 addresses are globally routed between
internet service provider (ISP) routers.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Types of IPv4 Addresses
Special Use IPv4 Addresses
Loopback addresses
• 127.0.0.0 /8 (127.0.0.1 to 127.255.255.254)
• Commonly identified as only 127.0.0.1
• Used on a host to test if TCP/IP is operational.
Link-Local addresses
• 169.254.0.0 /16 (169.254.0.1 to 169.254.255.254)
• Commonly known as the Automatic Private IP Addressing (APIPA) addresses or self-
assigned addresses.
• Used by Windows DHCP clients to self-configure when no DHCP servers are
available.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Types of IPv4 Addresses
Legacy Classful Addressing
RFC 790 (1981) allocated IPv4 addresses
in classes
• Class A (0.0.0.0/8 to 127.0.0.0/8)
• Class B (128.0.0.0 /16 – 191.255.0.0 /16)
• Class C (192.0.0.0 /24 – 223.255.255.0 /24)
• Class D (224.0.0.0 to 239.0.0.0)
• Class E (240.0.0.0 – 255.0.0.0)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Network Segmentation
Broadcast Domains and Segmentation
• Many protocols use broadcasts or multicasts (e.g., ARP use broadcasts to locate
other devices, hosts send DHCP discover broadcasts to locate a DHCP server.)
• Switches propagate broadcasts out all interfaces except the interface on which it was
received.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Network Segmentation
Reasons for Segmenting Networks
• Subnetting reduces overall network traffic and improves network performance.
• It can be used to implement security policies between subnets.
• Subnetting reduces the number of devices affected by abnormal broadcast traffic.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
Subnet an IPv4 Network
Subnet on an Octet Boundary
• Networks are most easily subnetted at the octet boundary of /8, /16, and /24.
• Notice that using longer prefix lengths decreases the number of hosts per subnet.
Prefix Length Subnet Mask Subnet Mask in Binary (n = network, h = host) # of hosts
nnnnnnnn.hhhhhhhh.hhhhhhhh.hhhhhhhh
/8 255.0.0.0 11111111.00000000.00000000.00000000
16,777,214
nnnnnnnn.nnnnnnnn.hhhhhhhh.hhhhhhhh
/16 255.255.0.0 11111111.11111111.00000000.00000000
65,534
nnnnnnnn.nnnnnnnn.nnnnnnnn.hhhhhhhh
/24 255.255.255.0 11111111.11111111.11111111.00000000
254
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Subnet an IPv4 Network
Subnet on an Octet Boundary (Cont.)
• In the first table 10.0.0.0/8 is subnetted using /16 and in the second table, a /24 mask.
Subnet Address Host Range Subnet Address
(256 Possible (65,534 possible hosts per Broadcast Host Range
(65,536 Possible Broadcast
Subnets) subnet) (254 possible hosts per subnet)
Subnets)
10.0.0.0/16 10.0.0.1 - 10.0.255.254 10.0.255.255 10.0.0.0/24 10.0.0.1 - 10.0.0.254 10.0.0.255
nnnnnnnn.nnnnnnnn.nnnnnnnn.nnhhhhhh
/26 255.255.255.192 11111111.11111111.11111111.11000000 4 62
nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnhhhhh
/27 255.255.255.224 11111111.11111111.11111111.11100000 8 30
nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnnhhhh
/28 255.255.255.240 11111111.11111111.11111111.11110000 16 14
nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnnnhhh
/29 255.255.255.248 11111111.11111111.11111111.11111000 32 6
nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnnnnhh
/30 255.255.255.252 11111111.11111111.11111111.11111100 64 2
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
VLSM
IPv4 Address Conservation
Given the topology, 7 subnets are required (i.e, four LANs and three WAN links) and the
largest number of host is in Building D with 28 hosts.
• A /27 mask would provide 8 subnets of 30 host IP addresses and therefore support
this topology.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
VLSM
IPv4 Address Conservation (Cont.)
However, the point-to-point WAN links only require two addresses
and therefore waste 28 addresses each for a total of 84 unused
addresses.
• Applying a traditional subnetting scheme to this scenario is not very efficient and is
wasteful.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
VLSM
VLSM
• The left side displays the traditional subnetting scheme
(i.e., the same subnet mask) while the right side
illustrates how VLSM can be used to subnet a subnet
and divided the last subnet into eight /30 subnets.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
VLSM
VLSM Topology Address Assignment
• Using VLSM subnets, the LAN and inter-router networks can be addressed without
unnecessary waste as shown in the logical topology diagram.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
3.2 Build Basic LAN
Configuration
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
Configure Initial Router Settings
Basic Router Configuration Steps
• Configure the device name. Router(config)# hostname hostname
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Configure Initial Router Settings
Basic Router Configuration Example
• Commands for basic router R1(config)# hostname R1
R1(config)# enable secret class
configuration on R1.
R1(config)# line console 0
R1(config-line)# password cisco
• Configuration is saved to R1(config-line)# login
NVRAM. R1(config-line)# line vty 0 4
R1(config-line)# password cisco
R1(config-line)# login
R1(config-line)# transport input ssh telnet
R1(config-line)# exit
R1(config)# service password encryption
R1(config)# banner motd #
Enter TEXT message. End with a new line and the #
***********************************************
WARNING: Unauthorized access is prohibited!
**********************************************
R1(config)# exit
R1# copy running-config startup-config
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
Configure Initial Router Settings
Packet Tracer – Configure Initial Router Settings
In this Packet Tracer, you will do the following:
• Verify the default router configuration.
• Configure and verify the initial router configuration.
• Save the running configuration file.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Configure Interfaces
Configure Router Interfaces
Configuring a router interface includes issuing the following commands:
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
Configure Interfaces
Configure Router Interfaces Example
The commands to configure interface G0/0/0 on R1 are shown here:
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
Configure Interfaces
Configure Router Interfaces Example (Cont.)
The commands to configure interface G0/0/1 on R1 are shown here:
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
Configure Interfaces
Verify Interface Configuration
To verify interface configuration use the show ip interface brief
and show ipv6 interface brief commands shown here:
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
Configure Interfaces
Configure Verification Commands
Commands Description
show ip interface brief Displays all interfaces, their IP addresses, and their
show ipv6 interface brief current status.
show ip route Displays the contents of the IP routing tables stored in
show ipv6 route RAM.
show interfaces Displays statistics for all interfaces on the device. Only
displays the IPv4 addressing information.
show ip interfaces Displays the IPv4 statistics for all interfaces on a router.
show ipv6 interfaces Displays the IPv6 statistics for all interfaces on a router.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
Configure Interfaces
Configure Verification Commands (Cont.)
View status of all interfaces with the show ip interface brief and show ipv6 interface
brief commands, shown here:
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
Configure Interfaces
Configure Verification Commands (Cont.)
Display the contents of the IP routing tables with the show ip route and show ipv6
route commands as shown here:
R1# show ip route
< output omitted>
Gateway of last resort is not set
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.10.0/24 is directly connected, GigabitEthernet0/0/0
L 192.168.10.1/32 is directly connected, GigabitEthernet0/0/0
209.165.200.0/24 is variably subnetted, 2 subnets, 2 masks
C 209.165.200.224/30 is directly connected, GigabitEthernet0/0/1
L 209.165.200.225/32 is directly connected, GigabitEthernet0/0/1
R1#
<output omitted>
R1#
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
Configure Interfaces
Configure Verification Commands (Cont.)
Display IPv4 statistics for R1# show ip interface g0/0/0
GigabitEthernet0/0/0 is up, line protocol is up
router interfaces with the Internet address is 192.168.10.1/24
Broadcast address is 255.255.255.255
show ip interface Address determined by setup command
command, as shown here: MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing Common access list is not set
Outgoing access list is not set
Inbound Common access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP Flow switching is disabled
<output omitted>
R1#
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
Configure Interfaces
Configure Verification Commands (Cont.)
Display IPv6 statistics for R1# show ipv6 interface g0/0/0
GigabitEthernet0/0/0 is up, line protocol is up
router interfaces with the IPv6 is enabled, link-local address is
FE80::868A:8DFF:FE44:49B0
show ipv6 interface No Virtual link-local address(es):
command shown here: Description: Link to LAN
Global unicast address(es):
2001:DB8:ACAD:10::1, subnet is 2001:DB8:ACAD:10::/64
Joined group address(es):
FF02::1
FF02::1:FF00:1
FF02::1:FF44:49B0
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 30000)
ND NS retransmit interval is 1000 milliseconds
R1#
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
Configure the Default Gateway
Default Gateway on a Host
• The default gateway is used
when a host sends a packet to a
device on another network.
• The default gateway address is
generally the router interface
address attached to the local
network of the host.
• To reach PC3, PC1 addresses a
packet with the IPv4 address of
PC3, but forwards the packet to
its default gateway, the G0/0/0
interface of R1.
Note: The IP address of the host and the router
interface must be in the same network.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
Configure the Default Gateway
Default Gateway on a Switch
• A switch must have a default gateway address
configured to remotely manage the switch from another
network.
• To configure an IPv4 default gateway on a switch, use
the ip default-gateway ip-address global configuration
command.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
How a Host Routes
Host Forwarding Decision
• Packets are always created at the source.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
How a Host Routes
Host Forwarding Decision (Cont.)
• The Source device determines whether the destination is local or remote
• Method of determination:
• IPv4 – Source uses its own IP address and Subnet mask, along with the destination IP
address
• IPv6 – Source uses the network address and prefix advertised by the local router
• Local traffic is dumped out the host interface to be handled by an intermediary device.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
How a Host Routes
Default Gateway
A router or layer 3 switch can be a default-gateway.
Features of a default gateway (DGW):
• It must have an IP address in the same range as the rest of the LAN.
• It can accept data from the LAN and is capable of forwarding traffic off of the LAN.
• It can route to other networks.
If a device has no default gateway or a bad default gateway, its traffic will not be
able to leave the LAN.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
How a Host Routes
A Host Routes to the Default Gateway
• The host will know the default
gateway (DGW) either statically or
through DHCP in IPv4.
• IPv6 sends the DGW through a
router solicitation (RS) or can be
configured manually.
• A DGW is static route which will be
a last resort route in the routing
table.
• All device on the LAN will need the
DGW of the router if they intend to
send traffic remotely.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
How a Host Routes
Host Routing Tables
• On Windows, route print
or netstat -r to display
the PC routing table
• Three sections displayed
by these two commands:
• Interface List – all
potential interfaces and
MAC addressing
• IPv4 Routing Table
• IPv6 Routing Table
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
3.3 Configure wireless LAN
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
Introduction to Wireless
Benefits of Wireless
• A Wireless LAN (WLAN) is a type of
wireless network that is commonly used
in homes, offices, and campus
environments.
• WLANs make mobility possible within
the home and business environments.
• Wireless infrastructures adapt to rapidly
changing needs and technologies.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
Limitations of Wireless LAN
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
Introduction to Wireless
Types of Wireless Networks
• Wireless Personal-Area Network (WPAN) – Low power and short-range (20-30ft
or 6-9 meters). Based on IEEE 802.15 standard and 2.4 GHz frequency. Bluetooth
and Zigbee are WPAN examples.
• Wireless LAN (WLAN) – Medium sized networks up to about 300 feet. Based on
IEEE 802.11 standard and 2.4 or 5.0 GHz frequency.
• Wireless MAN (WMAN) – Large geographic area such as city or district. Uses
specific licensed frequencies.
• Wireless WAN (WWAN) – Extensive geographic area for national or global
communication. Uses specific licensed frequencies.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
Introduction to Wireless
Wireless Technologies
Bluetooth – IEEE WPAN standard used for
device pairing at up to 300ft (100m)
distance.
• Bluetooth Low Energy (BLE) – Supports mesh
topology to large scale network devices.
• Bluetooth Basic Rate/Enhanced Rate
(BR/EDR) – Supports point-to-point topologies
and is optimized for audio streaming.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49
Introduction to Wireless
Wireless Technologies (Cont.)
Cellular Broadband – Carry both voice and
data. Used by phones, automobiles, tablets,
and laptops.
• Global System of Mobile (GSM) –
Internationally recognized
• Code Division Multiple Access (CDMA) –
Primarily used on the US.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50
Introduction to Wireless
802.11 Standards
802.11 WLAN standards define how radio frequencies are used for wireless links.
IEEE Standard Radio Frequency Description
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51
Introduction to Wireless
Radio Frequencies
All wireless devices operate in the range of the electromagnetic spectrum. WLAN
networks operate in the 2.4 and 5 GHz frequency bands.
• 2.4 GHz (UHF) – 802.11b/g/n/ax
• 5 GHz (SHF) – 802.11a/n/ac/ax
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 52
Introduction to Wireless
Wireless Standards Organizations
Standards ensure interoperability between devices that are made by different
manufacturers. Internationally, the three organizations influencing WLAN standards:
• International Telecommunication Union (ITU) – Regulates the allocation of
radio spectrum and satellite orbits.
• Institute of Electrical and Electronics Engineers (IEEE) – Specifies how a
radio frequency is modulated to carry information. Maintains the standards for
local and metropolitan area networks (MAN) with the IEEE 802 LAN/MAN family
of standards.
• Wi-Fi Alliance – Promotes the growth and acceptance of WLANs. It is an
association of vendors whose objective is to improve the interoperability of
products that are based on the 802.11 standard
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53
12.2 WLAN Components
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54
WLAN Components
Video – WLAN Components
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55
WLAN Components
Wireless NICs
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 56
WLAN Components
Wireless Home Router
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 57
WLAN Components
Wireless Access Point
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 58
WLAN Components
AP Categories
APs can be categorized as either
autonomous APs or controller-based APs.
• Autonomous APs – Standalone
devices configured through a command
line interface or GUI. Each autonomous
AP acts independently of the others and
is configured and managed manually by
an administrator.
• Controller-based APs – Also known as
lightweight APs (LAPs). Use Lightweight
Access Point Protocol (LWAPP) to
communicate with a LWAN controller
(WLC). Each LAP is automatically
configured and managed by the WLC.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 59
WLAN Components
Wireless Antennas
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 60
12.3 WLAN Operation
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 61
WLAN Operation
Video – WLAN Operation
This video will cover the following:
• Infrastructure Mode
• Ad hoc Mode
• Tethering
• Basic Service Set (BSS)
• Extended Service Set (ESS)
• 802.11 Frame Structure
• Carrier Sense Multiple Access Collision Avoidance (CSMA/CA)
• Wireless Client AP Association
• Passive and Active Delivery Mode
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 62
WLAN Operation
802.11 Wireless Topology Modes
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 63
WLAN Operation
BSS and ESS
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 64
WLAN Operation
802.11 Frame Structure
The 802.11 frame format is similar to the Ethernet frame format, except that
it contains more fields.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 65
WLAN Operation
CSMA/CA
WLANs are half-duplex and a client cannot “hear” while it is sending, making it
impossible to detect a collision.
WLANs use carrier sense multiple access with collision avoidance (CSMA/CA) to
determine how and when to send data. A wireless client does the following:
1. Listens to the channel to see if it is idle, i.e. no other traffic currently on the
channel.
2. Sends a ready to send (RTS) message the AP to request dedicated access to the
network.
3. Receives a clear to send (CTS) message from the AP granting access to send.
4. Waits a random amount of time before restarting the process if no CTS message
received.
5. Transmits the data.
6. Acknowledges all transmissions. If a wireless client does not receive an
acknowledgment, it assumes a collision occurred and restarts the process
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 66
WLAN Operation
Wireless Client and AP Association
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 67
WLAN Operation
Wireless Client and AP Association (Cont.)
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 68
WLAN Operation
Passive and Active Discover Mode
Wireless clients connect to the AP using a
passive or active scanning (probing)
process.
• Passive mode – AP openly
advertises its service by periodically Passive
sending broadcast beacon frames mode
containing the SSID, supported
standards, and security settings.
• Active mode – Wireless clients must
know the name of the SSID. The
wireless client initiates the process by
broadcasting a probe request frame
Active
on multiple channels.
mode
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 69
Module Practice and Quiz
What did I learn in this module?
• The tasks that should be completed when configuring initial settings on a router.
• Configure the device name.
• Secure privileged EXEC mode.
• Secure user EXEC mode.
• Secure remote Telnet / SSH access.
• Secure all passwords in the config file.
• Provide legal notification.
• Save the configuration.
• For routers to be reachable, the router interfaces must be configured.
• Using the no shutdown command activates the interface. The interface must also be
connected to another device, such as a switch or a router, for the physical layer to be
active. There are several commands that can be used to verify interface configuration
including the show ip interface brief and show ipv6 interface brief, the show ip route
and show ipv6 route, as well as show interfaces, show ip interface and show ipv6
interface.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 70
Module Practice and Quiz
What did I learn in this module (Cont.)?
• For an end device to reach other networks, a default gateway must be configured.
• The IP address of the host device and the router interface address must be in the
same network.
• A switch must have a default gateway address configured to remotely manage the
switch from another network.
• To configure an IPv4 default gateway on a switch, use the ip default-gateway ip-
address global configuration command.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 71
Module Practice and Quiz
What did I learn in this module?
• The tasks that should be completed when configuring initial settings on a router.
• Configure the device name.
• Secure privileged EXEC mode.
• Secure user EXEC mode.
• Secure remote Telnet / SSH access.
• Secure all passwords in the config file.
• Provide legal notification.
• Save the configuration.
• For routers to be reachable, the router interfaces must be configured.
• Using the no shutdown command activates the interface. The interface must also be
connected to another device, such as a switch or a router, for the physical layer to be
active. There are several commands that can be used to verify interface configuration
including the show ip interface brief and show ipv6 interface brief, the show ip route
and show ipv6 route, as well as show interfaces, show ip interface and show ipv6
interface.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 73
Module Practice and Quiz
What did I learn in this module (Cont.)?
• For an end device to reach other networks, a default gateway must be configured.
• The IP address of the host device and the router interface address must be in the
same network.
• A switch must have a default gateway address configured to remotely manage the
switch from another network.
• To configure an IPv4 default gateway on a switch, use the ip default-gateway ip-
address global configuration command.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 74