CNA®Cisco Certifie

Network Assoc

Study Guide

Seventh Edition

Contents

Introduction xxiii

Assessment Test xxxii

Chapter 1 Internetworking 1

Internetworking Basics 3

Internetworking Models 10

The Layered Approach 11

Advantages of Reference Models .12

The OSI Reference Model 12

The Application Layer 14

The Presentation Layer 15

The Session Layer 15

The Transport Layer 16

The Network Layer 20

The Data Link Layer 23

The Physical Layer 26

Summary 27

Exam Essentials 28

Written Labs 29

Written Lab 1.1: OSI Questions 29

Written Lab 1.2: Defining the OSI Layers and Devices 30

Written Lab 1.3: Identifying Collision and

Broadcast Domains

Review QuestionsAnswers to Review QuestionsAnswers to Written Lab 1.1

Answers to Written Lab 1.2

Answers to Written Lab 1.3

Chapter 2 Review of Ethernet Networking

and Data Encapsulation

Ethernet Networks in Review

Collision Domain

Broadcast Domain

CSMA/CD

Half- and Full-Duplex Ethernet

Ethernet at the Data Link LayerEthernet at the Physical Layer

31

32

36

38

39

39

41

42

43

43

43

45

46

52

xii Contents

Ethernet Cabling 57

Straight-Through Cable 57

Crossover Cable 57

Rolled Cable 58

Data Encapsulation 61

The Cisco Three-Layer Hierarchical Model 64

The Core Layer 66

The Distribution Layer 66

The Access Layer 67

Summary 67

Exam Essentials 68

"Written Labs 69

"Written Lab 2.1: Binary/Decimal/Hexadecimal Conversion 69

"Written Lab 2.2: CSMA/CD Operations 71

Written Lab 2.3: Cabling 72

"Written Lab 2.4: Encapsulation 72

Review Questions 73

Answers to Review Questions 77

Answers to Written Lab 2.1 79

Answers to Written Lab 2.2 81

Answers to Written Lab 2.3 82

Answers to Written Lab 2.4 82

Chapter 3 Introduction to TCP/IP 83

Introducing TCP/IP 84

A Brief History of TCP/IP 85

TCP/IP and the DoD Model 85

The Process/Application Layer Protocols 87

The Host-to-Host Layer Protocols 96

The Internet Layer Protocols 105

IP Addressing 115

IP Terminology 115

The Hierarchical IP Addressing Scheme 116

Private IP Addresses 121

IPv4 Address Types 122

Layer-2 Broadcasts 123

Layer-3 Broadcasts 123

Unicast Address 123

Multicast Address 124

Summary 124

Exam Essentials 125

Written Labs 126

Written Lab 3.1: TCP/IP 127

Written Lab 3.2: Mapping Applications to

the DoD Model 127

Review Questions 128

Contents xiii

Answers to Review Questions 132

Answers to Written Lab 3.1 134

Answers to Written Lab3.2 134

Chapter 4 Easy Subnetting 135

Subnetting Basics 136

IP Subnet-Zero 137

How to Create Subnets 137

Subnet Masks > 138

Classless Inter-Domain Routing (CIDR) 140

Subnetting Class C Addresses 141

Subnetting Class B Addresses 151

Subnetting Class A Addresses 158

Summary 161

Exam Essentials 161

Written Labs 162

Written Lab 4.1: Written Subnet Practice #1 162

Written Lab 4.2: Written Subnet Practice #2 163

Written Lab 4.3: Written Subnet Practice #3 164

Review Questions 165

Answers to Review Questions 170

Answers to Written Lab 4.1 172

Answers to Written Lab 4.2 172

Answers to Written Lab 4.3 173

Chapter 5 Variable Length Subnet Masks (VLSMs),

Summarization, and Troubleshooting TCP/IP 175

Variable Length Subnet Masks (VLSMs) 176

VLSM Design 178

Implementing VLSM Networks 178

Summarization 186

Troubleshooting IP Addressing 189

Determining IP Address Problems 192

Summary 197

Exam Essentials 197

Written Lab 5 198

Review Questions 199

Answers to Review Questions 203

Answers to Written Lab 5 204

Chapter 6 Cisco's Internetworking Operating System (IOS) 205

The IOS User Interface,

207

Cisco Router IOS'

207

Connecting to a Cisco Router 208

Bringing Up a Router 210

xiv Contents

Command-Line Interface (CLI) 213

Entering the CLI 213

Overview of Router Modes 214

CLI Prompts 215

Editing and Help Features 217

Gathering Basic Routing Information 223

Router and Switch Administrative Configurations 224

Hostnames • 224

Banners 225

Setting Passwords 227

Encrypting Your Passwords 232

Descriptions 234

Router Interfaces 236

Bringing Up an Interface 239

Viewing, Saving, and Erasing Configurations 245

Deleting the Configuration and Reloading the Router 247

Verifying Your Configuration 247

Summary 257

Exam Essentials 257

Written Lab 6 260

Hands-on Labs 261

Hands-on Lab 6.1: Erasing an Existing Configuration 261

Hands-on Lab 6.2: Exploring User, Privileged, and

Configuration Modes 261

Hands-on Lab 6.3: Using the Help and Editing Features 262

Hands-on Lab 6.4: Saving a Router Configuration 263

Hands-on Lab 6.5: Setting Passwords 264

Hands-on Lab 6.6: Setting the Hostname, Descriptions,IP Address, and Clock Rate 266

Review Questions 268

Answers to Review Questions 273

Answers to Written Lab 6 275

Chapter 7 Managing a Cisco internetwork 277

The Internal Components of a Cisco Router 278

The Router Boot Sequence 280

Managing Configuration Register 280

Understanding the Configuration Register Bits 280

Checking the Current Configuration Register Value 282

Changing the Configuration Register 283

Recovering Passwords 284

Boot System Commands 288

Backing Up and Restoring the Cisco IOS 289

Verifying Flash Memory 290

Backing Up the Cisco IOS 291

Contents xv

Restoring or Upgrading the Cisco Router IOS 292

Using the Cisco IOS File System (Cisco IFS) 293

Backing Up and Restoring the Cisco Configuration 297

Backing Up the Cisco Router Configuration 298

Restoring the Cisco Router Configuration 300

Erasing the Configuration 301

Using the Cisco IOS File System to Manage

Your Router's Configuration (Cisco IFS) 301

Using Cisco Discovery Protocol (CDP) 303

Getting CDP Timers and Holdtime Information 303

Gathering Neighbor Information 304

Gathering Interface Traffic Information 309

Gathering Port and Interface Information 309

Documenting a Network Topology Using CDP 312

Using Telnet 315

Telnetting into Multiple Devices Simultaneously 317

Checking Telnet Connections 317

Checking Telnet Users 317

Closing Telnet Sessions 318

Resolving Hostnames 319

Building a Host Table 319

Using DNS to Resolve Names 321

Checking Network Connectivity and Troubleshooting 323

Using the ping Command 324

Using the traceroute Command 324

Debugging 326

Using the show processes Command 328

Summary 329

Exam Essentials 329

Written Lab 7 331

Written Lab 7.1 331

Written Lab 7.2 331

Hands-on Labs 332

Hands-on Lab 7.1: Backing Up Your Router IOS 332

Hands-on Lab 7.2: Upgrading or RestoringYour Router IOS 333

Hands-on Lab 7.3: Backing Up the

Router Configuration 333

Hands-on Lab 7.4: Using the Cisco DiscoveryProtocol (CDP) 334

Hands-on Lab 7.5: Using Telnet 335

Hands-on Lab 7.6: Resolving Hostnames 335

Review Questions 337

Answers to Review Questions 342

xvi Contents

Answers to Written Lab 7 344

Written Lab 7.1 344

Written Lab 7.2 344

Chapter 8 IP Routing 345

Routing Basics 347

The IP Routing Process 349

Testing Your IP Routing Understanding 354

Configuring IP Routing 359

Configuring IP Routing in Our Network 372

Static Routing 372

Default Routing 382

Dynamic Routing 385

Routing Protocol Basics 386

Distance-Vector Routing Protocols 388

Routing Loops 389

Routing Information Protocol (RIP) 391

RIP Timers 392

Configuring RIP Routing 392

Verifying the RIP Routing Tables 395

Configuring RIP Routing Example 2 397

Holding Down RIP Propagations 399

RIP Version 2 (RIPv2) 399

Verifying Your Configurations 401

The show ip protocols Command 401

The debug ip rip Command 403

Enabling RIPv2 on Our Internetwork 406

Summary 410

Exam Essentials 410

Written Lab 8 412

Hands-on Labs 413

Hands-on Lab 8.1: Creating Static Routes 414

Hands-on Lab 8.2: Configuring RIP Routing 415

Review Questions 417

Answers to Review Questions 423

Answers to Written Lab 8 425

Chapter 9 Enhanced IGRP (EIGRP) and OpenShortest Path First (OSPF) 427

EIGRP Features and Operation 428

Protocol-Dependent Modules 429

Neighbor Discovery 429

Reliable Transport Protocol (RTP) 431

Diffusing Update Algorithm (DUAL) 431

Contents xvii

Using EIGRP to Support Large Networks 432

Multiple ASs 432

VLSM Support and Summarization 433

Route Discovery and Maintenance 434

Configuring EIGRP 436

Corp 439

Rl 439

R2 440

R3 440

Configuring Discontiguous Networks 441

Load Balancing with EIGRP 445

Verifying EIGRP_

447

Open Shortest Path First (OSPF) Basics 453

OSPF Terminology 456

SPF Tree Calculation 458

Configuring OSPF 459

Enabling OSPF 459

Configuring OSPF Areas 460

Configuring Our Network with OSPF 463

Verifying OSPF Configuration 465

The show ip ospfCommand 468

The show ip ospfdatabase Command 469

The show ip ospfinterface Command 469

The show ip ospfneighbor Command 470

The show ip protocols Command 471

Debugging OSPF 472

OSPF DR and BDR Elections 474

Neighbors 474

Adjacencies 474

DR and BDR Elections 475

OSPF and Loopback Interfaces 475

Configuring Loopback Interfaces 476

OSPF Interface Priorities 478

Troubleshooting OSPF 480

Configuring EIGRP and OSPF Summary Routes 483

Summary 485

Exam Essentials 486

Written Lab 9 486

Hands-on Labs 487

Hands-on Lab 9.1: Configuring and Verifying EIGRP 488

Hands-on Lab 9.2: Enabling the OSPF Process 489

Hands-on Lab 9.3: Configuring OSPF Interfaces 490

Hands-on Lab 9.4: Verifying OSPF Operation 491

Hands-on Lab 9.5: OSPF DR and BDR Elections 492

xviii Contents

Review Questions 494

Answers to Review Questions 500

Answers to Written Lab 9 502

Chapter 10 Layer 2 Switching and SpanningTree Protocol (STP) 503

Before Layer 2 Switching 504

Switching Services 507

Limitations of Layer 2 Switching 508

Bridging vs. LAN Switching 508

Three Switch Functions at Layer 2 509

Spanning Tree Protocol (STP) 515

Spanning Tree Terms 516

Spanning Tree Operations 517

Configuring Catalyst Switches 526

Catalyst Switch Configuration 527

Verifying Cisco Catalyst Switches 540

Summary 547

Exam Essentials 547

Written Lab 10 547

Review Questions 549

Answers to Review Questions 554

Answers to Written Lab 10 556

Chapter 11 Virtual LANs (VLANs) 557

VLAN Basics 558

Broadcast Control 560

Security 561

Flexibility and Scalability 561

VLAN Memberships 564

Static VLANs 564

Dynamic VLANs 565

Identifying VLANs 565

Frame Tagging 567

VLAN Identification Methods 568

VLAN Thinking Protocol (VTP) 569

VTP Modes of Operation 570

VTP Pruning 572

Routing between VLANs 573

Configuring VLANs 574

Assigning Switch Ports to VLANs 577

Configuring Trunk Ports 578

Configuring Inter-VLAN Routing 581

Configuring VTP 587

Troubleshooting VTP 591

Contents xix

Telephony: Configuring Voice VLANs 594

Configuring the Voice VLAN,

595

Configuring IP Phone Voice Traffic 595

Summary 596

Exam Essentials 597

Written Lab 11 597

Review Questions 599

Answers to Review Questions 604

Answers to Written Lab 11 606

Chapter 12 Security 607

Perimeter, Firewall, and Internal Routers 608

Introduction to Access Lists 609

Mitigating Security Issues with ACLs 612

Standard Access Lists 613

Wildcard Masking 614

Standard Access List Example 616

Controlling VTY (Telnet/SSH) Access 619

Extended Access Lists 620

Extended Access List Example 1 624

Extended Access List Example 2 625

Extended Access List Example 3 626

Named ACLs 627

Remarks 629

Turning Off and Configuring Network Services 630

Blocking SNMP Packets 630

Disabling Echo 631

Turning off BootP and Auto-Config 632

Disabling the HTTP Interface 632

Disabling IP Source Routing(

632

Disabling Proxy ARP'

632

Disabling Redirect Messages 633

Disabling the Generation of ICMP

Unreachable Messages 633

Disabling Multicast Route Caching 633

Disabling the Maintenance Operation Protocol (MOP) 633

Turning Off the X.25 PAD Service 634

Enabling the Nagle TCP Congestion Algorithm 634

Logging Every Event 634

Disabling Cisco Discovery Protocol 635

Disabling the Default Forwarded UDP Protocols • 635

Cisco's Auto Secure 636

Monitoring Access Lists 639

Summary 641

Exam Essentials 641

xx Contents

Written Lab 12 642

Hands-on Labs 643

Hands-on Lab 12.1: Standard IP Access Lists 643

Hands-on Lab 12.2: Extended IP Access Lists 644

Review Questions 647

Answers to Review Questions 652

Answers to Written Lab 12 654

Chapter 13 Network Address Translation (NAT) 655

When Do We Use NAT? 656

Types of Network Address Translation 657

NAT Names 658

How NAT Works 659

Static NAT Configuration 660

Dynamic NAT Configuration 661

PAT (Overloading) Configuration 662

Simple Verification of NAT 662

Testing and Troubleshooting NAT 663

Summary~

668

Exam Essentials 668

Written Lab 13 669

Hands-on Labs 669

Lab 13.1: Preparing for NAT 671

Lab 13.2: Configuring Dynamic NAT 672

Lab 13.3: Configuring PAT 674

Review Questions 676

Answers to Review Questions 680

Answers to Written Lab 13 682

Chapter 14 Cisco's Wireless Technologies 683

Introduction to Wireless Technology 684

Basic Wireless Devices 685

Wireless Access Points 686

Wireless Network Interface Card (WNIC) 686

Wireless Antennas 686

Wireless Regulations 687

IEEE 802.11 Transmission 687

Unlicensed Bands 689

The 802.11 Standards 689

Comparing 802.11 694

Wireless Topologies 695

Independent Basic Service Set (Ad Hoc) 695

Basic Service Set (BSS) 696

Infrastructure Basic Service Set 697

Contents xxi

Service Set ID 698

Extended Service Set 698

Adding Voice over IP (VoIP) in our WLANs 699

Wireless Security 700

Summary 705

Exam Essentials 705

Written Lab 14 706

Review Questions 707

Answers to Review Questions 711

Answers to Written Lab 14 713

Chapter 15 Internet Protocol Version 6 (IPv6) 715

Why Do We Need IPv6? 716The Benefits and Uses of IPv6 717IPv6 Addressing and Expressions 718

Shortened Expression 719

Address Types 720

Special Addresses 721

How IPv6 Works in an Internetwork 722

Autoconfiguration 722

Configuring Cisco Routers with IPv6 723

DHCPv6 724

ICMPv6 725

IPv6 Routing Protocols 725

RIPng 726

EIGRPv6 '

727

OSPFv3 727

Migrating to IPv6 728

Dual Stacking 729

6to4 Tunneling 729

NAT-PT 731

Summary 731

Exam Essentials 732

Written Lab 15 732

Review Questions 734Answers to Review Questions 738

Answers to Written Lab 15 740

Chapter 16 Wide Area Networks 741

Introduction to Wide Area Networks 742

Defining WAN Terms 743

WAN Connection Bandwidth 744

WAN Connection Types 744

WAN Support 745

xxii Contents

Cable and DSL 748

Cable 749

Digital Subscriber Line (DSL) 751

Cabling the Serial Wide Area Network 754

Serial Transmission 754

Data Terminal Equipment and Data

Communication Equipment 754

High-Level Data-Link Control (HDLC) Protocol 755

Point-to-Point Protocol (PPP) 756

Link Control Protocol (LCP) Configuration Options 758

PPP Session Establishment'

758

PPP Authentication Methods 759

Configuring PPP on Cisco Routers 759

Configuring PPP Authentication 760

Verifying PPP Encapsulation 760

Frame Relay 765

Introduction to Frame Relay Technology 765

Frame Relay Implementation and Monitoring 773

Virtual Private Networks 780

Introduction to Cisco IOS IPSec 781

IPSec Transforms 782

Summary 784

Exam Essentials 784

Written Lab 16 785

Hands-on Labs 785

Hands-on Lab 16.1: Configuring PPP Encapsulation and

Authentication 786

Hands-on Lab 16.2: Configuring and Monitoring HDLC 787

Hands-on Lab 16.3: Configuring Frame Relayand Subinterfaces 788

Review Questions 790

Answers to Review Questions 796

Answers to Written Lab 16 798

Appendix A About the Companion CD 799

What You'll Find on the CD 800

Sybex Test Engine 800

Electronic Flashcards 800

PDF of the Glossary 800

Adobe Reader 800

System Requirements 800

Using the CD 801

Troubleshooting 801

Customer Care 801

Index 803