CCNA: Routing and Switching

 Cabling:

Cross over cable and fiber optic cable:  Connectivity between switches are done with fiber optiic while connection between PC and Switches are done with cross over cable.

OSI Layer Model:

TCP/IP & Subnetting: 

Connecting Cisco Devices: (CISCO 2921 Router) and configuration:

• cisco_2900_series_front.jpg 
• cisco_2900_series_rear.jpg
  • AUX port: Out of Band Access ( You can view boot process even before o/s is loaded), It is connected with a cable where one end is RJ45 connector and other side is serial connector.
  • CONSOLE port:Out of Band Access (You can view boot process even before o/s is loaded),
  • GE 0/0: Gigabit Ethernet Port: 
  • GE 0/1: Gigabit Ethernet Port: 
  • GE0/2: Gigabit Ethernet Port: 
  • USB: Instead of aux and console port, in latest cisco router comes with USB port.
  • USB: It is used to store IOS images into external USB Drives.
  • Space for Extra Module:
• After connecting to router using cable use terminal software, there are few known terminal softwares (Putty, Tera Term, Secure CRT, Hyper Term).
  • Go to putty
  • Connection Type: Serial or choose the cabled used
  • Speed: 9600
  • Serial Line: COM1 (check in the device manager)
• IOS self decompressing: It perform POST(power on self test)
• It displays informaion:
• Continue with Configuration dialogue: no (Most of the configuration through wizard are not supported)
• Modes:
  • Router> user mode: Limited commands acceptable
  • Router#Privilege mode (enter en): Limited modification(all show command works)
  • Router(config)# Global Configuration/Admin Console: (enter conf t):(Full Authorized to configure device)  
• Router> This is user EXEC mode (less priviledged mode)
• Router>? (displays all commands at this particular stage).
  • <1-99>: session number to resume
  • connect: Open a terminal connection
  • disable:Turn off provileged commands
  • disconnect:Disconnect an existing network connection
  • enable:Turn on Privileged commands
  • exit: Exit from the EXEC
  • logout: Exit from the EXEC
  • ping: Send echo messages
  • resume: Resume an active network connection
  • show:show running system information
  • ssh: open a secure shell client connection
  • telnet:Open a telnet connection
  • terminal: Set terminal line parameters
  • traceroute:Trace route to destination
• Router>en or enable
  • Router# you are in privilege exec mode
• Router#conf t or config t or config terminal 
  • Router(config)# you are in global configuration mode:
  • Router(config)#hostname R1 (hostname changed from Router to R1)
• R1(config)#int gig 0/0 or interface gigabitethernet 0/0 (Go into interface 0/0)
  • R1(config-if)# (you are in interface 0/0)
• R1(config-if)#exit
• R1(config)#router rip (Router configuration mode)
  • R1(config-router)# You are in router config mode.

Configure a Switch : It works at Layer2.  

• Configure Switch, VLan and assign ports
  • Connect the pc/laptop to Switch using serial port and usb port, The difference between switch and Router is that Switches does not need power.
  • Go to laptop and install putty
  • Switch Configuration:
    • switch1.jpg 
    • switch> (normal mode)
    • switch> en (go to privilege exec mode)
    • switch#conf t (configuration terminal, global privilege exec mode)
  • Hostname:  
    • switch(config)# hostname sw1(name the switch to sw1)
    • sw1(config)#ctrl z (saving the configuration)
    • sw1#show vlan (it will show number of vlan and ports (24))
    • vlan1.jpg
  • Logon Banner: 
    •  A Message will displayed on login to switch:
    • sw1(config)#banner ?
      • Login: 
      • motd (message of the day):
    • sw1(conif)#banner motd ?
      • LINE c banner-text c, where 'c' is a delimiting character (enter any character and start typing messgage and at the end of message enter same character, for example &).

      • SW1(config)#banner motd &

        Enter TEXT message. End with the character '&'.

        ******************************************************

        This is the Switch for user login, do not make any changes.

        *******************************************************&

  • Console Password:Set passoword on console, By default there is no password is set. 
    • sw1(config)#line con 0 (show run, it will show the number of console, aux and vty)
    • sw1(config)#password cisco
    • sw1(config)#login (you need to mention where to check password, at login stage)
    • sw1(config)#do sh run (you can view password as it is in normal text, need to encrypt)
    • sw1(config)#service password-encrypt 
  • Ctrl+Shift+6 (If you enter invalid command then switch think it is domain and it start resolving, to come out of this
    • #ctrl+shift+6 : to come out of name resolution
    • #no ip domain-lookup (it will disable name lookup service)
  • Telnet Password: Telnet is virtual line, it uses vty
    • #sh run (line vty 0 15, it means 16 lines so 16 devices can be connected, earlier switches use to have 0 4 where 5 lines can be used which is now exteded to 16 lines)
    • #line vty 0 4
    • #password telnet
    • #login
    • #service password-encrypt
  • Enable Password:Once you set telnet password and can access from pc using telent password but when you go to enable mode it prompt that no password is set.  It let users access mode but not let privilege exec mode.
    • sw1(config)#enable password enable (try telnet from any pc and go to enable mode) try to make any changes on switch ex. change hostname.
  • Management IP: There is no ip address assigned to switch so we need to give ip address in order to access remotely.  It is assigned in management IP.
    • #sh ip int brief (show IP interface brief) it shows total interfaces, vlans of the switch.
    • VLan interface is used to manage switch, which is also called default or basic)
    • sw1(config)#vlan 1 (enter into vlan 1) 
    • sw1(config-Vlan)#ip add 10.1.1.1 255.255.255.0 
    • sw1(config-Vlan)# no shutdown (if the port is shutdown for administrative)
    • sw1#sh ip int brief (status is up and protocol is up(traffic is there on port)
  • Default Gateway: Default gateway is required when the traffic goes out of network to communicate with different network.
    • sw1(config)#ip default-gateway 10.1.1.100
  • Shutdown: Go to the port and run #shutdown to shutdown the port.
  • Negating Commands:use no before any command for reversing.  (#shutdown > #no shutdown)
  • Saving Configuration:
    • Save the running configuration: at privilege exec mode sw1#write (it save configuration in the startup configuration) not recommended by cisco.
    • sw1#copy running-configuration 

VLAN: :It divides one single broadcase domain into multiple broadcast domain, broadcase domian is where one computer broadcast request and it reaches to all computers within that network/Lan,  if there are multiple networks or LAN then a router is requred to send the request.  You can create multiple lan/vlan in the network for isolation and use inter vlan concept for communication.

Types of VLAN:

• Default VLAN:
  • On cisco swithces default vlan is VLAN 1, At the initial bootup of the switch, all switch ports become a member of the defaut VLAN.
  • Makes them all part of the same broadcast domain.
  • It has all features of VLAN but you cannot rename or delete it.
• Data VLAN: Also known as user VLAN. LAB
  • It is desinged for user generated data.
• Voice VLAN: LAB
  • A separate VLAN is needed to support Voice over IP.
  • Voice VLAN enables access ports to carry IP voice traffic from an IP phone.
  • The voice VLAN is also known as Auxiliary VLAN.
  • IP phones uses the same UTB cables to connect to Ethernet switch.
  • The computer will be in the data VLAN, the IP phone will be in the voice VLAN.
  • The cisco IP phone contains an integrated three-port 10/100 switch.
• Management VLAN:
  • Used for managing switch from a remote location using protocols such as Telnet, SSH, SNMP, syslog etc.  You connect switches with console cable locally and manage.  To access remotely we assign an IP address to switch and remotely connected with that IP using protocols to manage remotely.
  • Cisco recommends not to use VALN 1 and any VLANS that carries user data for managing switches.
  • You must configure IP address and default gateway for management VLAN.
• VLAN Range: 
  • You can create VLAN number between 2 to 1001.
  • 0 and 4095 reserved for system use only, you cannot see and use it.
  • 1002 to 1005 cisco defaults for FDDI, Token Ring. you cannot delete it.
  • 1006 to 4094 are extended Ethernet VLANS only.
• You create a vlan and interface(port of switch) is attached to it.
• Similar Vlans can created among multiple switches, which is connected with trunk and devices are attached to same vlan can communicate with each other.
• Cross vlan communication is possible after assigning gateway.

LAB: Creating 2 vlans (10 and 20 with the names reception and back_office)

• sw1#conf t or #config t or #configure terminal
• sw1(config)#vlan 10 (configuring a new vlan 10)
• sw1(config-vlan)#name reception
• sw1(config-vlan)#ctrl z
• vlan2.jpg
• sw1#conf t
• sw1(config)#vlan 20
• sw1(config-vlan)#name back_office
• sw1(config-vlan)#ctrl z

• Assign port to VLan:(port 1 member of vlan 10 and port 2 member of vlan 20) 
  • sw1#conf t
  • sw1(config)#int fa0/1 or #interface fa0/1 (configuring port 1)
  • sw1(config-if)#switchport mode access (get into access mode of port)
  • sw1(config-if)#switchport access vlan 10
  • sw1(config)#int fa0/2 (configuring port 2)
  • sw1(config-if)#switchport mode access (get into access mode of port)
  • sw1(config-if)#switchport access vlan 20
  • vlan3.jpg
  • #ping 192.168.100.3 (RTO (request time out, ping from PC2 to PC3), They can not ping even they are connected with same switch
  • Attach a new pc (pc4, 192.168.100.4)and it will be attached to port 3 in default vlan.
  • It will not ping with PC2 and PC3
  • Now we put PC4 in the vlan 10
  • sw1#conf t
  • sw1(config)#int fa0/3
  • sw1(config-if)#switchport mode access
  • sw1(config-if)#switchport access vlan10
  • go to PC4 and ping pc2(it will ping as both ports fa0/1 and fa0/3 are in same vlan)
  • vlan4.jpg

Voice VLAN Lab:

Inter VLAN Configuration:

• Inter_vlan1.jpg
• Vlan is created to separate broadcase domain so one vlan can not communicate with another vlan by default.
• By default there will be no unicast, multicast or broadcast between vlans.
• Inter_vlan2.jpg
• The first method is legacy using separate gateway interface,
  • For every vlan we a need a gateway, this gateway is configured in router.  Number of gateway increases a vlan increases.  It is not scalable and not feasible and not commonly used.
• The second method using router 802.1q trunks are also not widely used.
• Using layer 3 switches to route traffic to different vlans are widely used now a days.
• Within vlan traffic moves using layer 2 packet on mac address basis and traffic move to different vlan using IP address in layer 3 switches.
• Most Layer 3 swithces are capable of routing the traffic.

DHCP:Dynamic Host Configuration Protocol

• visit here for detail DHCP (DORA Process)

TCP Transmission:

• TCP is a connection oriented transmission while UDP () is connectionless transmission which means it does not required a confirmation of packet delivery. 
• TCP first build a connection before transmission, which is a 3 way handshake.
  • Device A sends syn packet to Device B
  • Device B Acknowledge it and send syn/ack combined to Device A.
  • Device A sends ACK back to Device B.

Common Port Number: 

• Well known port number: 1 to 1024

• 22	SSH
  80	HTTP
  443	HTTPS