1. CCNARouting and Switching Study Guide

2. CCNARouting and Switching Study GuideTodd Lammle 3. Senior Acquisitions Editor: Jeff Kellum Development Editor: Pete Gaughan Technical Editors: John Swartz and Dax Mickelson Production Editor: Christine OConnor Copy Editor: Judy Flynn Editorial Manager: Pete Gaughan Production Manager: Tim Tate Vice President and Executive Group Publisher: Richard Swadley Associate Publisher, Sybex: Chris Webb Media Project Manager I: Laura Moss-Hollister Media Associate Producer: Marilyn Hummel Media Quality Assurance: Doug Kuhn Book Designers: Judy Flynn and Bill Gibson Compositor: Craig Woods, Happenstance Type-O-Rama Proofreader: Sarah Kaikini, Word One New York Indexer: Robert Swanson Project Coordinator, Cover: Katherine Crocker Cover Designer: Ryan Sneed Copyright 2013 by John Wiley & Sons, Inc., Indianapolis, Indiana Published by John Wiley & Sons, Inc. Indianapolis, Indiana Published simultaneously in Canada ISBN: 978-1-118-74961-6 ISBN: 978-1-118-74973-9 (ebk.) ISBN: 978-1-118-74970-8 (ebk.) No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/ go/permissions. Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read. For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002. Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com. Library of Congress Control Number: 2013948006 TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. CCNA is a registered trademark of Cisco Technology, Inc. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book. 10 9 8 7 6 5 4 3 2 1 4. Dear Reader, Thank you for choosing CCNA Routing and Switching Study Guide. This book is part of a family of premium-quality Sybex books, all of which are written by outstanding authors who combine practical experience with a gift for teaching. Sybex was founded in 1976. More than 30 years later, were still committed to producing consistently exceptional books. With each of our titles, were working hard to set a new standard for the industry. From the paper we print on, to the authors we work with, our goal is to bring you the best books available. I hope you see all that reflected in these pages. Id be very interested to hear your comments and get your feedback on how were doing. Feel free to let me know what you think about this or any other Sybex book by sending me an email at chris.webb@wiley.com. If you think youve found a technical error in this book, please visit http://sybex.custhelp.com. Customer feedback is critical to our efforts at Sybex. Best regards,Chris Webb Associate Publisher, Sybex 5. Acknowledgments There are many people that work to put a book together, and as an author, I dedicated an enormous amount of time to write this book, but it would have never been published without the dedicated, hard work of many other people. Monica Worthy Lammle was crucial to the finished product this book became, going over every word of every chapter with me to fine-tune the language and grammar. Without Monicas support in all areas of my life, Id never have finished writing this book. Next in line to thank is my new technical editor, John Swartz, who also coauthored the CCNA Data Center study guides with me. His expertise in the Cisco technical field, and his history of networking in general, is second to none. His detailed analysis of my work helped make this my best CCNA study guide ever. Thank you, John, for working hard under pressure, with tight deadlines, and for staying the course of delivering highquality work in a short time frame. Jeff Kellum, my acquisitions editor, is instrumental to my success in the world of Cisco certification. Jeff, I look forward to our continued progress together. Christine OConnor, my production editor, and Judy Flynn, my copyeditor, were my rock and foundation for formatting an intense editing of every page in this book. This amazing team gives me the confidence to help keep me moving during the difficult and very long days, week after week. How Christine stays so organized with all my changes, as well as making sure every figure is in the right place in the book is still a mystery to me! Youre amazing, Christine! Thank you! Judy understands my writing style so well now, after doing at least a dozen books with me, that she even sometimes finds a technical error that may have slipped through as I was going through the material. Thank you Judy for doing such a great job! I truly thank you both. Troy McMillian really helped me on this book (on all books actually!) by working on the review and bonus questions, flash cards, as well as a 3rd technical edit on the last stage of editing. He did a high-quality job in a short time! Thanks, Troy! Jim Frey and Paul Sutton really helped me put together this books amazing figures, and an all-around secondlook technical edit. Thank you both! Also, thanks to Dax Mickelson and Dennis Frye for performing the technical proofread of the book. Finally, a big thanks to Craig Woods at Happenstance-Type-O-Rama and to the Sybex media-development team. 6. About the Author Todd Lammle is the authority on Cisco certification and internetworking and is Cisco certified in most Cisco certification categories. He is a world-renowned author, speaker, trainer, and consultant. Todd has three decades of experience working with LANs, WANs, and large enterprise licensed and unlicensed wireless networks, and lately hes been implementing large Cisco data centers worldwide. His years of real-world experience is evident in his writing; he is not just an author but an experienced networking engineer with very practical experience working on the largest networks in the world, at such companies as Xerox, Hughes Aircraft, Texaco, AAA, Cisco, and Toshiba, among many others. Todd has published over 60 books, including the very popular CCNA: Cisco Certified Network Associate Study Guide, CCNA Wireless Study Guide, and CCNA Data Center Study Guide, all from Sybex. He runs an international consulting and training company based in Colorado, Texas, and San Francisco. You can reach Todd through his forum and blog at www.lammle.com. 7. Contents at a Glance Introductionxxvii ICND1 (100-101) Exam ObjectivesxxxviiiICND2 (200-101) Exam ObjectivesxlivCCNA Composite (200-120) Exam ObjectivesxlviiAssessment TestlviiiPartIICND1Chapter1Internetworking1 3Chapter2Ethernet Networking and Data Encapsulation41Chapter3Introduction to TCP/IP87Chapter4Easy Subnetting139Chapter5VLSMs, Summarization, and Troubleshooting TCP/IP181Chapter6Ciscos Internetworking Operating System (IOS)213Chapter7Managing a Cisco Internetwork283Chapter8IP Routing331Chapter9Open Shortest Path First (OSPF)385Chapter10Layer 2 Switching425Chapter11VLANs and InterVLAN Routing459Chapter12Security501Chapter13Network Address Translation (NAT)541Chapter14Internet Protocol Version 6 (IPv6)569PartIIICND2Chapter15Enhanced Switched Technologies615Chapter16Managing Cisco Devices661Chapter17IP Services699Chapter18Troubleshooting IP, IPv6, and VLANs741Chapter19Enhanced IGRP783Chapter20Multi-Area OSPF847Chapter21Wide Area Networks897613 8. AppendixAAnswers to Written Labs967AppendixBAnswers to Review Questions987AppendixCDisabling and Configuring Network Services1029AppendixDAbout the Additional Study Tools1041Index1045 9. Contents Introductionxxvii ICND1 (100-101) Exam ObjectivesxxxviiiICND2 (200-101) Exam ObjectivesxlivCCNA Composite (200-120) Exam ObjectivesxlviiAssessment TestlviiiPartIICND11Chapter1Internetworking3Internetworking Basics 4 Internetworking Models 12 The Layered Approach 13 Advantages of Reference Models 14 The OSI Reference Model 14 The Application Layer 16 The Presentation Layer 17 The Session Layer 17 The Transport Layer 18 The Network Layer 23 The Data Link Layer 25 The Physical Layer 28 Summary29 Exam Essentials 30 Written Labs 32 Written Lab 1.1: OSI Questions 32 33 Written Lab 1.2: Defining the OSI Layers and Devices Written Lab 1.3: Identifying Collision and Broadcast Domains 34 35 Review Questions Chapter 2Ethernet Networking and Data Encapsulation41Ethernet Networks in Review 42 Collision Domain 43 Broadcast Domain 44 CSMA/CD45 Half- and Full-Duplex Ethernet 47 Ethernet at the Data Link Layer 49 Ethernet at the Physical Layer 55 10. xiiContentsEthernet Cabling 59 60 Straight-through Cable Crossover Cable 60 Rolled Cable 62 64 Fiber Optic Data Encapsulation 66 The Cisco three-layer HierarchicalModel 70 70 The Core Layer The Distribution Layer 72 The Access Layer 72 Summary73 Exam Essentials 73 Written Labs 74 Written Lab 2.1: Binary/Decimal/Hexadecimal Conversion 75 Written Lab 2.2: CSMA/CD Operations 79 79 Written Lab 2.3: Cabling Written Lab 2.4: Encapsulation 80 81 Review Questions Chapter 3Introduction to TCP/IP87Introducing TCP/IP 88 A Brief History of TCP/IP 89 TCP/IP and the DoD Model 89 The Process/Application Layer Protocols 91 The Host-to-host Layer Protocols 101 The Internet Layer Protocols 110 IP Addressing 118 IP Terminology 118 The Hierarchical IP Addressing Scheme 119 124 Private IP Addresses (RFC 1918) IPv4 Address Types 126 Layer 2 Broadcasts 126 Layer 3 Broadcasts 126 Unicast Address 127 Multicast Address 128 Summary129 Exam Essentials 130 Written Labs 132 Written Lab 3.1: TCP/IP 132 Written Lab 3.2: Mapping Applications to the DoD Model 132 Review Questions 134 Chapter4Easy Subnetting Subnetting Basics How to Create Subnets Subnet Masks139 140 142 142 11. ContentsxiiiClassless Inter-Domain Routing (CIDR) 144 146 IP Subnet-Zero Subnetting Class C Addresses 146 Subnetting Class B Addresses 158 167 Subnetting Class A Addresses Summary170 Exam Essentials 170 171 Written Labs Written Lab 4.1: Written Subnet Practice #1 171 Written Lab 4.2: Written Subnet Practice #2 172 Written Lab 4.3: Written Subnet Practice #3 173 Review Questions 174 Chapter 5VLSMs, Summarization, and Troubleshooting TCP/IP181Variable Length Subnet Masks (VLSMs) 182 VLSM Design 184 184 Implementing VLSM Networks Summarization193 196 Troubleshooting IP Addressing Determining IP Address Problems 198 Summary203 Exam Essentials 204 Written Lab 5 205 Review Questions 206 Chapter 6Ciscos Internetworking Operating System (IOS)213The IOS User Interface 215 216 Cisco IOS Connecting to a Cisco IOS Device 216 Bringing Up a Switch 218 219 Command-line Interface (CLI) Entering the CLI 219 Overview of Router Modes 219 220 CLI Prompts Editing and Help Features 223 Administrative Configurations 228 Hostnames228 Banners229 Setting Passwords 231 Encrypting Your Passwords 237 Descriptions239 Router and Switch Interfaces 241 Bringing Up an Interface 244 12. xivContentsViewing, Saving, and Erasing Configurations 250 252 Deleting the Configuration and Reloading the Device Verifying Your Configuration 253 Summary264 265 Exam Essentials Written Lab 6 268 Hands-on Labs 268 269 Hands-on Lab 6.1: Erasing an Existing Configuration Hands-on Lab 6.2: Exploring User, Privileged, 269 and Configuration Modes Hands-on Lab 6.3: Using the Help and Editing Features 270 Hands-on Lab 6.4: Saving a Configuration 271 Hands-on Lab 6.5: Setting Passwords 272 Hands-on Lab 6.6: Setting the Hostname, Descriptions, 274 IP Address, and Clock Rate 277 Review Questions Chapter 7Managing a Cisco Internetwork The Internal Components of a Cisco Router and Switch The Router and Switch Boot Sequence Backing Up and Restoring the Cisco Configuration Backing Up the Cisco Configuration Restoring the Cisco Configuration Erasing the Configuration Configuring DHCP DHCP Relay Verifying DHCP on Cisco IOS Network Time Protocol (NTP) Using Cisco Discovery Protocol (CDP) Getting CDP Timers and Holdtime Information Gathering Neighbor Information Documenting a Network Topology Using CDP Using Telnet Telnetting into Multiple Devices Simultaneously Checking Telnet Connections Checking Telnet Users Closing Telnet Sessions Resolving Hostnames Building a Host Table Using DNS to Resolve Names Checking Network Connectivity and Troubleshooting Using the ping Command Using the traceroute Command283 284 285 286 286 288 289 290 291 292 293 295 295 296 300 303 305 306 306 306 307 307 309 311 312 312 13. ContentsxvDebugging314 316 Using the show processes Command Summary317 Exam Essentials 317 319 Written Lab 7 Written Lab 7.1: IOS Management 319 Written Lab 7.2: Router Memory 319 320 Hands-on Labs Hands-on Lab 7.1: Backing Up the Router Configuration 320 Hands-on Lab 7.2: Using the Cisco Discovery 321 Protocol (CDP) Hands-on Lab 7.3: Using Telnet 322 Hands-on Lab 7.4: Resolving Hostnames 323 Review Questions 325 Chapter8IP Routing331Routing Basics 333 The IP Routing Process 335 341 The Cisco Router Internal Process Testing Your IP Routing Understanding 342 346 Configuring IP Routing Configuring IP Routing in Our Network 356 Static Routing 357 Default Routing 362 Dynamic Routing 365 Routing Protocol Basics 365 Routing Information Protocol (RIP) 367 Configuring RIP Routing 367 Holding Down RIP Propagations 371 Summary373 Exam Essentials 374 Written Lab 8 376 Hands-on Labs 376 Hands-on Lab 8.1: Creating Static Routes 377 Hands-on Lab 8.2: Configuring RIP Routing 378 Review Questions 380 Chapter 9Open Shortest Path First (OSPF) Open Shortest Path First (OSPF) Basics OSPF Terminology OSPF Operation Configuring OSPF Enabling OSPF Configuring OSPF Areas Configuring Our Network with OSPF385 386 389 391 393 393 394 397 14. xviContentsOSPF and Loopback Interfaces 402 403 Configuring Loopback Interfaces Verifying OSPF Configuration 405 The show ip ospf Command 406 407 The show ip ospf database Command The show ip ospf interface Command 408 The show ip ospf neighbor Command 409 411 The show ip protocols Command Summary411 Exam Essentials 412 Written Lab 9 413 Hands-on Labs 413 Hands-on Lab 9.1: Enabling the OSPF Process 414 Hands-on Lab 9.2: Configuring OSPF Interfaces 415 Hands-on Lab 9.3: Verifying OSPF Operation 416 417 Review Questions Chapter 10Layer 2 Switching425Switching Services 426 Three Switch Functions at Layer 2 427 431 Port Security Configuring Catalyst Switches 436 Catalyst Switch Configuration 436 Verifying Cisco Catalyst Switches 444 Summary447 Exam Essentials 447 Written Lab 10 448 Hands-on Labs 448 Lab 10.1: Configuring Layer 2 Switches 449 450 Lab 10.2: Verifying Layer 2 Switches Lab 10.3: Configuring Port Security 450 Review Questions 452 Chapter 11VLANs and InterVLAN Routing459VLAN Basics 460 Broadcast Control 463 Security464 Flexibility and Scalability 464 465 Identifying VLANs Frame Tagging 467 VLAN Identification Methods 468 469 Routing between VLANs 15. ContentsxviiConfiguring VLANs 472 475 Assigning Switch Ports to VLANs Configuring Trunk Ports 476 Configuring Inter-VLAN Routing 480 Summary487 Exam Essentials 488 Written Lab 11 489 489 Hands-on Labs Hands-on Lab 11.1: Configuring and Verifying VLANs 490 Hands-on Lab 11.2: Configuring and Verifying 491 Trunk Links Hands-on Lab 11.3: Configuring Router on a Stick Routing 492 Hands-on Lab 11.4: Configuring IVR with a 492 Layer 3 Switch 494 Review Questions Chapter12Security501Perimeter, Firewall, and Internal Routers 502 Introduction to Access Lists 503 506 Mitigating Security Issues with ACLs Standard Access Lists 507 Wildcard Masking 508 Standard Access List Example 510 Controlling VTY (Telnet/SSH) Access 514 Extended Access Lists 515 Extended Access List Example 1 519 Extended Access List Example 2 521 Extended Access List Example 3 522 523 Named ACLs Remarks525 Monitoring Access Lists 526 Summary528 Exam Essentials 529 Written Lab 12 530 Hands-on Labs 530 Hands-on Lab 12.1: Standard IP Access Lists 531 Hands-on Lab 12.2: Extended IP Access Lists 532 Review Questions 535 Chapter 13Network Address Translation (NAT)541When Do We Use NAT? Types of Network Address Translation NAT Names542 544 544 16. xviiiContentsHow NAT Works 545 547 Static NAT Configuration Dynamic NAT Configuration 548 PAT (Overloading) Configuration 548 549 Simple Verification of NAT Testing and Troubleshooting NAT 550 Summary555 556 Exam Essentials Written Lab 13 557 Hands-on Labs 557 Lab 13.1: Preparing for NAT 558 Lab 13.2: Configuring Dynamic NAT 560 Lab 13.3: Configuring PAT 561 Review Questions 564 Chapter 14Internet Protocol Version 6 (IPv6)569Why Do We Need IPv6? 571 The Benefits and Uses of IPv6 571 573 IPv6 Addressing and Expressions Shortened Expression 574 575 Address Types Special Addresses 576 How IPv6 Works in an Internetwork 577 Manual Address Assignment 578 Stateless Autoconfiguration (eui-64) 578 DHCPv6 (Stateful) 581 IPv6 Header 582 ICMPv6583 IPv6 Routing Protocols 586 586 Static Routing with IPv6 OSPFv3587 Configuring IPv6 on Our Internetwork 588 Configuring Routing on Our Internetwork 591 Verifying OSPFv3 594 Summary599 Exam Essentials 599 Written Labs 601 Written Lab 14.1 601 Written Lab 14.2 601 Hands-on Labs 602 Hands-on Lab 14.1: Manual and Stateful Autoconfiguration 602 Hands-on Lab 14.2: Static and Default Routing 604 Hands-on Lab 14.3: OSPFv3 605 Review Questions 607 17. ContentsxixPartIIICND2613Chapter 15Enhanced Switched Technologies615616 Spanning Tree Protocol (STP) Spanning-tree Terms 617 Spanning-tree Operations 621 Types of Spanning-tree Protocols 623 624 Common Spanning Tree Per-VLAN Spanning Tree+ 625 Modifying and Verifying the Bridge ID 631 Spanning-tree Failure Consequences 636 PortFast and BPDU Guard 638 BPDU Guard 640 EtherChannel642 643 Configuring and Verifying Port Channels Summary646 Exam Essentials 647 Written Lab 1 648 Hands-on Labs 648 Hands-on Lab 1.1: Verifying STP and Finding Your RootBridge649 Hands-on Lab 1.2: Configuring and Verifying Your Root Bridge 651 Hands-on Lab 1.3: Configuring PortFast and 652 BPDU Guard Hands-on Lab 1.4: Configuring and Verifying EtherChannel 653 Review Questions 656 Chapter 16Managing Cisco Devices661The Internal Components of a Cisco Router The Router Boot Sequence Managing Configuration Register Understanding the Configuration Register Bits Checking the Current Configuration Register Value Boot System Commands Recovering Passwords Backing Up and Restoring the Cisco IOS Verifying Flash Memory Backing Up the Cisco IOS Restoring or Upgrading the Cisco Router IOS Using the Cisco IOS File System (Cisco IFS)662 663 664 665 666 667 669 671 673 674 675 677 18. xxContentsLicensing682 684 Right-To-Use Licenses (Evaluation Licenses) Backing Up and Uninstalling the License 687 Summary688 689 Exam Essentials Written Labs 691 Written Lab 2.1: IOS Management 691 691 Written Lab 2.2: Router Memory Hands-on Labs 692 Hands-on Lab 2.1: Backing Up Your Router IOS 692 Hands-on Lab 2.2: Upgrading or Restoring 692 Your Router IOS Review Questions 694 Chapter17IP Services699Client Redundancy Issues 700 Introducing First Hop Redundancy Protocol (FHRP) 702 Hot Standby Router Protocol (HSRP) 704 705 Virtual MAC Address HSRP Timers 706 708 Group Roles Configuring and Verifying HSRP 709 Virtual Router Redundancy Protocol 715 Comparing VRRP and HSRP 715 VRRP Redundancy Characteristics 715 Gateway Load Balancing Protocol 716 GLBP Functions 717 GLBP Features 717 GLBP Per-host Traffic Balancing 718 718 Configuring GLBP Syslog721 Configuring and Verifying Syslog 723 SNMP726 727 Management Information Base (MIB) Configuring SNMP 728 NetFlow730 NetFlow Overview and Flows 731 Configuring NetFlow 732 Summary734 Exam Essentials 734 Written Lab 3 735 Review Questions 736 19. ContentsChapter 18Troubleshooting IP, IPv6, and VLANsxxi741742 Troubleshooting IP Network Connectivity Troubleshooting IPv6 Network Connectivity 754 ICMPv6755 763 Troubleshooting VLAN Connectivity VLAN Troubleshooting 763 Trunk Troubleshooting 768 Summary776 Exam Essentials 777 Written Lab 4 778 Review Questions 779 Chapter19Enhanced IGRP783EIGRP Features and Operations 784 Neighbor Discovery 785 Reliable Transport Protocol (RTP) 790 Diffusing Update Algorithm (DUAL) 791 Route Discovery and Maintenance 792 Configuring EIGRP 792 VLSM Support and Summarization 795 Controlling EIGRP Traffic 798 Split Horizon 809 Verifying and Troubleshooting EIGRP 811 Troubleshooting Example with EIGRP 818 EIGRPv6828 Summary833 Exam Essentials 834 Written Lab 5 835 Hands-on Labs 835 Hands-on Lab 5.1: Configuring and Verifying EIGRP 835 Hands-on Lab 5.2: Configuring and Verifying EIGRPv6 837 Review Questions 838 Chapter20Multi-Area OSPF OSPF Scalability Categories of Multi-area Components Adjacency Requirements OSPF Router Roles Link-state Advertisements OSPF Hello Protocol Neighbor States Basic Multi-area Configuration847 848 850 850 851 852 854 855 857 20. xxiiContentsVerifying and Troubleshooting 859 Multi-area OSPF Networks The show ip ospf Command 861 The show ip ospf interface Command 862 864 The show ip protocols Command The show ip route Command 865 The show ip ospf database Command 866 868 Troubleshooting OSPF Scenario OSPFv3876 879 Verifying OSPFv3 Summary881 Exam Essentials 881 Written Lab 6 883 Hands-on Labs 883 Hands-on Lab 6.1: Configuring and Verifying 884 OSPF Multi-Area Hands-on Lab 6.2: Configuring and Verifying OSPFv3 887 890 Review Questions Chapter 21Wide Area Networks897Introduction to Wide Area Networks 898 Defining WAN Terms 899 WAN Connection Bandwidth 900 WAN Connection Types 900 WAN Support 902 Cable and DSL 905 Cable906 Digital Subscriber Line (DSL) 907 Cabling the Serial Wide Area Network 910 910 Serial Transmission Data Terminal Equipment and Data Communication Equipment 911 High-Level Data-Link Control (HDLC) Protocol 912 Point-to-Point Protocol (PPP) 914 Link Control Protocol (LCP) Configuration Options 915 PPP Session Establishment 916 PPP Authentication Methods 917 Configuring PPP on Cisco Routers 917 Configuring PPP Authentication 917 Verifying and Troubleshooting Serial Links 918 Frame Relay 923 Introduction to Frame Relay Technology 924 Frame Relay Implementation and Monitoring 931 21. ContentsxxiiiVirtual Private Networks 942 943 Benefits of VPNs Introduction to Cisco IOS IPsec 944 IPsec Transforms 945 946 GRE Tunnels Configuring GRE Tunnels 947 Verifying GRP Tunnels 949 Summary951 Exam Essentials 951 Written Lab 7 953 Hands-on Labs 953 Hands-on Lab 7.1: Configuring PPP Encapsulation and Authentication 953 Hands-on Lab 7.2: Configuring and Monitoring HDLC 955 Hands-on Lab 7.3: Configuring Frame Relay 956 and Subinterfaces Hands-on Lab 7.4: Configuring a GRE Tunnel 958 961 Review Questions Appendix AAnswers to Written Labs967Chapter 1: Internetworking 968 Written Lab 1.1: OSI Questions 968 Written Lab 1.2: Defining the OSI Layers and Devices 969 Written Lab 1.3: Identifying Collision and Broadcast Domains 970 Chapter 2: Ethernet Networking and Data Encapsulation 970 Written Lab 2.1: Binary/Decimal/Hexadecimal Conversion 970 Written Lab 2.2: CSMA/CD Operations 973 Written Lab 2.3: Cabling 973 974 Written Lab 2.4: Encapsulation Chapter 3: Introduction to TCP/IP 974 Written Lab 3.1: TCP/IP 974 Written Lab 3.2: Mapping Applications to the DoD Model 974 Chapter 4: Easy Subnetting 975 Written Lab 4.1: Written Subnet Practice #1 975 Written Lab 4.2: Written Subnet Practice #2 976 Written Lab 4.3: Written Subnet Practice #3 977 Chapter 5: VLSMs, Summarization and Troubleshooting TCP/IP 977 Chapter 6: Ciscos Internetworking Operating System (IOS) 978 Written Lab 6 978 Chapter 7: Managing a Cisco Internetwork 978 Written Lab 7.1: IOS Management 978 Written Lab 7.2: Router Memory 979 22. xxivContentsChapter 8: IP Routing Chapter 9: Open Shortest Path First (OSPF) Chapter 10: Layer 2 Switching Chapter 11: VLANs and InterVLAN Routing Chapter 12: Security Chapter 13: Network Address Translation (NAT) Chapter 14: Internet Protocol Version 6 (IPv6) Written Lab 14.1 Written Lab 14.2 Chapter 15: Enhanced Switch Technologies Chapter 16: Managing Cisco Devices Written Lab 16.1: IOS Management Written Lab 16.2: Router Memory Chapter 17: IP Services Chapter 18: Troubleshooting IP, IPv6, and VLANs Chapter 19: Enhanced IGRP Chapter 20: Multi-Area OSPF Chapter 21: Wide Area Networks Appendix BAnswers to Review Questions Chapter 1: Internetworking Chapter 2: Ethernet Networking and Data Encapsulation Chapter 3: Introduction to TCP/IP Chapter 4: Easy Subnetting Chapter 5: VLSMs, Summarization, and Troubleshooting TCP/IP Chapter 6: Ciscos Internetworking Operating System (IOS) Chapter 7: Managing a Cisco Internetwork Chapter 8: IP Routing Chapter 9: Open Shortest Path First (OSPF) Chapter 10: Layer 2 Switching Chapter 11: VLANs and InterVLAN Routing Chapter 12: Security Chapter 13: Network Address Translation (NAT) Chapter 14: Internet Protocol Version 6 (IPv6) Chapter 15: Enhanced Switch Technologies Chapter 16: Managing Cisco Devices Chapter 17: IP Services Chapter 18: Troubleshooting IP, IPv6, andVLANs Chapter 19: Enhanced IGRP Chapter 20: Multi-Area OSPF Chapter 21: Wide Area Networks979 980 980 980 981 981 982 982 982 982 983 983 983 984 984 984 985 985 987 988 990 991 993 995 997 999 1001 1002 1004 1007 1008 1011 1012 1014 1016 1018 1021 1022 1024 1026 23. ContentsAppendix CDisabling and Configuring Network Servicesxxv10291030 Blocking SNMP Packets Disabling Echo 1030 Turning off BootP and Auto-Config 1031 1032 Disabling the HTTP Interface Disabling IP Source Routing 1032 Disabling Proxy ARP 1032 1032 Disabling Redirect Messages 1033 Disabling the Generation of ICMP Unreachable Messages Disabling Multicast Route Caching 1033 Disabling the Maintenance Operation Protocol (MOP) 1033 1034 Turning Off the X.25 PAD Service 1034 Enabling the Nagle TCP Congestion Algorithm 1034 Logging Every Event Disabling Cisco Discovery Protocol 1035 1035 Disabling the Default Forwarded UDP Protocols Ciscos Auto Secure1036 Appendix DAbout the Additional Study Tools10411042 Additional Study Tools 1042 Test Engine 1042 Electronic Flashcards Videos1042 Network Simulator 1043 1043 PDF of Glossary of Terms 1043 Adobe Reader 1043 Minimum System Requirements Using the Study Tools 1044 Troubleshooting1044 1044 Customer Care Index1045 24. Introduction Welcome to the exciting world of Cisco certification! If youve picked up this book because you want to improve yourself and your life with a better, more satisfying, and secure job, youve done the right thing. Whether youre striving to enter the thriving, dynamic IT sector or seeking to enhance your skill set and advance your position within it, being Cisco certified can seriously stack the odds in your favor to help you attain your goals! Cisco certifications are powerful instruments of success that also markedly improve your grasp of all things internetworking. As you progress through this book, youll gain a complete understanding of networking that reaches far beyond Cisco devices. By the end of this book, youll comprehensively know how disparate network topologies and technologies work together to form the fully operational networks that are vital to todays very way of life in the developed world. The knowledge and expertise youll gain here is essential for and relevant to every networking job and is why Cisco certifications are in such high demand even at companies with few Cisco devices! Although its now common knowledge that Cisco rules routing and switching, the fact that it also rocks the voice, data center, and service provider worlds is also well recognized. And Cisco certifications reach way beyond the popular but less extensive certifications like those offered by CompTIA and Microsoft to equip you with indispensable insight into todays vastly complex networking realm. Essentially, by deciding to become Cisco certified, youre proudly announcing that you want to become an unrivaled networking experta goal that this book will get you well on your way to achieving. Congratulations in advance on the beginning of your brilliant future! For up-to-the-minute updates covering additions or modifications to the Cisco certification exams, as well as additional study tools, review questions, and bonus materials, be sure to visit the Todd Lammle websites and forum at www.lammle.com, www.lammlesim.com, and www.lammle.com/forum.Ciscos Network Certifications It used to be that to secure the holy grail of Cisco certificationsthe CCIEyou passed only one written test before being faced with a grueling, formidable hands-on lab. This intensely daunting, all-or-nothing approach made it nearly impossible to succeed and predictably didnt work out too well for most people. Cisco responded to this issue by creating a series of new certifications, which not only made it easier to eventually win the highly coveted CCIE prize, it gave employers a way to accurately rate and measure the skill levels of prospective and current employees. This exciting paradigm shift in Ciscos certification path truly opened doors that few were allowed through before! 25. xxviiiIntroductionBeginning in 1998, obtaining the Cisco Certified Network Associate (CCNA) certification was the first milestone in the Cisco certification climb, as well as the official prerequisite to each of the more advanced levels. But that changed in 2007, when Cisco announced the Cisco Certified Entry Network Technician (CCENT) certification. And then in March 2013, Cisco once again proclaimed updates to the CCENT and CCNA Routing and Switching (R/S) tests. Now the Cisco certification process looks like Figure I.1. F ig u re I .1 The Cisco certification path Cisco 2013 Certication Path Announcements Routing/SwitchingData CenterVoiceSecurityWirelessCCIECCIECCIECCIECCIECCNPCCNPCCNPCCNPCCNPCCNACCNACCNACCNACCNACCENTNo Pre-reqCCENTCCENTCCENTI have included only the most popular tracks in Figure I.1. In addition to the ones in this image, there are also tracks for Design, Service Provider, Service Provider Operations, and Video. Also note that the CCIE Voice certification retirement will be announced shortly.The Cisco R/S path is by far the most popular and could very well remain so, but soon youll see the Data Center path become more and more of a focus as companies migrate to data center technologies. The Voice track also actually does provide a good job opportunity. Still, understanding the foundation of R/S before attempting any other certification track is something I highly recommend. Even so, and as the figure shows, you only need your CCENT certification to get underway for most of the tracks. Also, note that there are a few other certification tracks you can go down that are not shown in the figure, although theyre not as popular as the ones shown. You can find information on all Cisco certification tracks at: www.cisco.com.Cisco Certified Entry Network Technician (CCENT) Dont be fooled by the oh-so-misleading name of this first certification because it absolutely isnt entry level! Okaymaybe entry level for Ciscos certification path, but definitely not for someone without experience trying to break into the highly lucrative yet challenging IT 26. Introduction xxixjob market! For the uninitiated, the CompTIA A+ and Network+ certifications arent official prerequisites, but know that Cisco does expect you to have that type and level of experience before embarking on your Cisco certification journey. All of this gets us to 2013, when the climb to Cisco supremacy just got much harder again. The innocuous-sounding sirens call of the CCENT can lure you to some serious trouble if youre not prepared, because its actually much harder than the old CCNA ever was. This will rapidly become apparent once you start studying, but be encouraged! The fact that the certification process is getting harder really works better for you in the long run, because that which is harder to obtain only becomes that much more valuable when you finally do, right? Yes, indeed! Another important factor to keep in mind is that the Interconnection Cisco Network Devices Part 1 (ICND1) exam, which is the required exam for the CCENT certification, costs $150 per attempt and its anything but easy to pass! The good news is that Part 1 of this book (Chapters 1-14) will guide you step-by-step in building a strong foundation in routing and switching technologies. You really need to build on a strong technical foundation and stay away from exam cram type books, suspicious online material, and the like. They can help somewhat, but understand that youll pass the Cisco certification exams only if you have a strong foundation and that youll get that solid foundation only by reading as much as you can, performing the written labs and review questions in this book, and practicing lots and lots of hands-on labs. Additional practice exam questions, videos, and labs are offered on my website, and what seems like a million other sites offer additional material that can help you study. However, there is one way to skip the CCENT exam and still meet the prerequisite before moving on to any other certification track, and that path is through the CCNA R/S Composite exam. First, Ill discuss the Interconnecting Cisco Network Devices Part 2 (ICND2) exam, and then Ill tell you about the CCNA Composite exam, which will provide you, when successful, with both the CCENT and the CCNA R/S certification.Cisco Certified Network Associate Routing andSwitching (CCNA R/S) Once you have achieved your CCENT certification, you can take the ICND2 (200-101) exam in order to achieve your CCNA R/S certification, which is the most popular certification Cisco has by far because its the most sought-after certification of all employers. As with the CCENT, the ICND2 exam is also $150 per attemptalthough thinking you can just skim a book and pass any of these exams would probably be a really expensive mistake! The CCENT/CCNA exams are extremely hard and cover a lot of material, so you have to really know your stuff. Taking a Cisco class or spending months with hands-on experience is definitely a requirement to succeed when faced with this monster! And once you have your CCNA, you dont have to stop thereyou can choose to continue and achieve an even higher certification, called the Cisco Certified Network Professional (CCNP). There are various ones, as shown in Figure I.1. The CCNP R/S is still the most popular, with Voice certifications coming in at a close second. And Ive got to tell you that 27. xxxIntroductionthe Data Center certification will be catching up fast. Also good to know is that anyone with a CCNP R/S has all the skills and knowledge needed to attempt the notoriously dreaded but coveted CCIE R/S lab. But just becoming a CCNA R/S can land you that job youve dreamed about and thats what this book is all about: helping you to get and keep a great job! Still, why take two exams to get your CCNA if you dont have to? Cisco still has the CCNA Composite (200-120) exam that, if passed, will land you with your CCENT and your CCNA R/S via only one test priced accordingly at $300. Some people like the one-test approach, and some people like the two-test approach. Part 2 of this book (Chapters 15-21) covers the ICND2 exam topics.Why Become a CCENT and CCNA R/S? Cisco, like Microsoft and other vendors that provide certification, has created the certification process to give administrators a set of skills and to equip prospective employers with a way to measure those skills or match certain criteria. And as you probably know, becoming a CCNA R/S is certainly the initial, key step on a successful journey toward a new, highly rewarding, and sustainable networking career. The CCNA program was created to provide a solid introduction not only to the Cisco Internetwork Operating System (IOS) and Cisco hardware but also to internetworking in general, making it helpful to you in areas that are not exclusively Ciscos. And regarding todays certification process, its not unrealistic that network managerseven those without Cisco equipmentrequire Cisco certifications for their job applicants. Rest assured that if you make it through the CCNA and are still interested in Cisco and internetworking, youre headed down a path to certain success!What Skills Do You Need to Become a CCNA R/S? This ICND1 exam (100-101) tests a candidate for the knowledge and skills required to successfully install, operate, and troubleshoot a small branch office network. The exam includes questions on the operation of IP data networks, LAN switching technologies, IPv6, IP routing technologies, IP services network device security, and basic troubleshooting. The ICND2 exam (exam 200-101) tests a candidate for the knowledge and skills required to successfully install, operate, and troubleshoot a small- to medium-size enterprise branch network. The exam includes questions on LAN switching technologies, IP routing technologies, IP services (FHRP, syslog, SNMP v2 and v3), troubleshooting, and WAN technologies.How Do You Become a CCNA R/S If you want to go straight for our CCNA R/S and take only one exam, all you have to do is pass the CCNA Composite exam (200-120). Oh, but dont you wish it were that easy? True, its just one test, but its a whopper, and to pass it you must possess enough knowledge to understand what the test writers are saying, and you need to know everything I mentioned previously, in the sections on the ICND1 and ICND2 exams! Hey, its hard, but it can be done! 28. Introduction xxxiWhat does the CCNA Composite exam (200-120) cover? Pretty much the same topics covered in the ICND1 and ICND2 exams. Candidates can prepare for this exam by taking the Todd Lammle authorized Cisco boot camps. 200-120 tests a candidate's knowledge and skills required to install, operate, and troubleshoot a small- to medium-size enterprise branch network. While you can take the Composite exam to get your CCNA, its good to know that Cisco offers the two-step process I discussed earlier in this Introduction. And this book covers both those exams too! It may be easier than taking that one ginormous exam for you, but dont think the two-test method is easy. It takes work! However, it can be done; you just need to stick with your studies. The two-test method involves passing the following: uuExam 100-101: Interconnecting Cisco Networking Devices Part 1 (ICND1)uuExam 200-101: Interconnecting Cisco Networking Devices Part 2 (ICND2)I cant stress this point enough: Its critical that you have some hands-on experience with Cisco routers. If you can get a hold of some basic routers and switches, youre set, but if you cant, Ive worked hard to provide hundreds of configuration examples throughout this book to help network administrators, or people who want to become network administrators, learn the skills they need to pass the CCENT and CCNA R/S exams. In addition, a simulator called LammleSim IOS version is available for free with the purchase of this book. This small simulator will run through all the hands-on labs found in this booknice huh? For Cisco certification hands-on training with CCSI Todd Lammle, please see: www.lammle.com. Each student will get hands-on experience by configuring at least three routers and two switchesno sharing of equipment!What Does This Book Cover? This book covers everything you need to know to pass the ICND1 (100-101) and ICND2 (200-101) exams, as well as the CCNA Composite (200-120) exam. But regardless of which path you choose, as Ive said, taking plenty of time to study and practice with routers or a router simulator is the real key to success. You will learn the following information in this book: Chapter 1: Internetworking Chapters 1-14 map to the ICND1 exam. In Chapter 1, you will learn the basics of the Open Systems Interconnection (OSI) model the way Cisco wants you to learn it. There are written labs and plenty of review questions to help you. Do not even think of skipping the fundamental written labs in this chapter! Chapter 2: Ethernet Networking and Data Encapsulation This chapter will provide you with the Ethernet foundation you need in order to pass both the CCENT and CCNA 29. xxxiiIntroductionexams. Data encapsulation is discussed in detail in this chapter as well. And as with the other chapters, this chapter includes written labs and review questions to help you. Chapter 3: Introduction to TCP/IP This chapter provides you with the background necessary for success on the exam, as well as in the real world with a thorough presentation of TCP/IP. This in-depth chapter covers the very beginnings of the Internet Protocol stack and goes all the way to IP addressing and understanding the difference between a network address and a broadcast address before finally ending with network troubleshooting. Chapter 4: Easy Subnetting Youll actually be able to subnet a network in your head after reading this chapter if you really want to! And youll find plenty of help in this chapter as long as you dont skip the written labs and review questions at the end. Chapter 5: VLSMs, Summarization, and Troubleshooting TCP/IP Here, youll find out all about variable length subnet masks (VLSMs) and how to design a network using VLSMs. This chapter will finish with summarization techniques and configurations. As with Chapter 4, plenty of help is there for you if you dont skip the written lab and review questions. Chapter 6: Ciscos Internetworking Operating System (IOS) This chapter introduces you to the Cisco Internetworking Operating System (IOS) and command-line interface (CLI). In this chapter youll learn how to turn on a router and configure the basics of the IOS, including setting passwords, banners, and more. Hands-on labs will help you gain a firm grasp of the concepts taught in the chapter. Before you go through the hands-on labs, be sure to complete the written lab and review questions. Chapter 7: Managing a Cisco Internetwork This chapter provides you with the management skills needed to run a Cisco IOS network. Backing up and restoring the IOS, as well as router configuration, are covered, as are the troubleshooting tools necessary to keep a network up and running. As always, before tackling the hands-on labs in this chapter, complete the written labs and review questions. Chapter 8: IP Routing This is a fun chapter because we will begin to build our network, add IP addresses, and route data between routers. You will also learn about static, default, and dynamic routing using RIP and RIPv2. Hands-on labs, a written lab, and the review questions will help you fully nail down IP routing. Chapter 9: Open Shortest Path First (OSPF) Chapter 9 dives into more complex dynamic routing by covering OSPF routing. The written lab, hands-on labs, and review questions will help you master this vital routing protocol. Chapter 10: Layer 2 Switching This chapter sets you up with the solid background you need on layer 2 switching, how switches perform address learning and make forwarding and filtering decisions. In addition, switch port security with MAC addresses is covered in detail. As always, go through the hands-on labs, written lab, and review questions to make sure youve really got layer 2 switching down! Chapter 11: VLANs and Inter-VLAN Routing Here I cover virtual VLANs and how to use them in your internetwork. This chapter covers the nitty-gritty of VLANs and the different concepts and protocols used with VLANs. Ill also guide you through 30. Introduction xxxiiitroubleshooting techniques in this all-important chapter. The hands-on labs, written lab, and review questions are there to reinforce the VLAN material. Chapter 12: Security This chapter covers security and access lists, which are created on routers to filter the network. IP standard, extended, and named access lists are covered in detail. Written and hands-on labs, along with review questions, will help you study for the security and access-list portion of the Cisco exams. Chapter 13: Network Address Translation (NAT) New information, commands, troubleshooting, and detailed hands-on labs will help you nail the NAT CCENT objectives. Chapter 14: Internet Protocol Version 6 (IPv6) This is a fun chapter chock-full of some great information. IPv6 is not the big, bad scary creature that most people think it is, and its a really important objective on the latest exam, so study this chapter carefullydont just skim it. And make sure you hit those hands-on labs hard! Chapter 15: Enhanced Switched Technologies Chapter 15 is the first chapter of Part 2 of this book, which maps to the ICND2 exam. This chapter will start off with STP protocols and dive into the fundamentals, covering the modes, as well as the various flavors of STP. VLANs, trunks, and troubleshooting are covered as well. EtherChannel technologies, configuration, and verification are also covered. There are hands-on labs, a written lab, and plenty of review questions to help you. Do not even think of skipping the fundamental written and hands-on labs in this chapter! Chapter 16: Managing Cisco Devices This chapter describes the boot process of Cisco routers, the configuration register, and how to manage Cisco IOS files. The chapter finishes with a section on Ciscos new licensing strategy for IOS. Hands-on and written labs, along with review questions, will help you build a strong foundation for the objectives covered in this chapter. Chapter 17: IP Services This chapter mostly focuses on first hop redundancy protocols (FHRPs), such as HSRP and GLBP. Also covered are syslog, SNMP, and NetFlow. There are review questions and a written lab. Chapter 18: Troubleshooting IP, IPv6, and VLANs I want to say this is the most important chapter in the book, but thats hard to say. You can decide that yourself when you take the exam! Be sure to go through all the troubleshooting steps for IP, IPv6, and VLANs. The hands-on labs for this chapter will be included in the free bonus material and dynamic labs that Ill write and change as needed. Dont skip the written lab and review questions. Chapter 19: Enhanced IGRP EIGRP was not covered in the ICND1 (CCENT) chapters, so this is a full chapter on nothing but EIGRP and EIGRPv6. There are lots of examples, including configuration, verification, and troubleshooting labs, with both IP and with IPv6. Great hands-on labs are included, as well as a written lab and review questions. Chapter 20: Multi-Area OSPF The ICND1 (CCENT) portion of this book had a large chapter on OSPF, so before reading this chapter, be sure you have the CCENT objectives down pat with a strong OSPF foundation. This chapter will take off where that ICND1 31. xxxivIntroductionchapter left off and add multi-area networks along with advanced configurations and then finish with OSPv3. Hands-on labs, a written lab, and challenging review questions await you at the end of the chapter. Chapter 21: Wide Area Networks This is the longest, and last, chapter in the book. It covers multiple protocols in depth, especially HDLC, PPP, and Frame Relay, along with a discussion on many other technologies. Good troubleshooting examples are provided in the PPP and Frame Relay configuration sections, and these cannot be skipped! Hands-on labs meant to focus squarely on the objectives are included at the end of the chapter, as well as a written lab and challenging review questions. Appendix A: Answers to Written Labs This appendix contains the answers to the books written labs. Appendix B: Answers to Chapter Review Questions This appendix provides the answers to the end-of-chapter review questions. Appendix C: Disabling and Configuring Network Services Appendix C takes a look at the basic services you should disable on your routers to make your network less of a target for denial of service (DoS) attacks and break-in attempts. Appendix D: About the Additional Study Tools This describes the technical requirements for the digital study tools that come with this book. (Those tools are described further in the following section.) Be sure to check the announcements section of my forum to find out how to download bonus material I created specifically for this book.Whats Available Online? I have worked hard to provide some really great tools to help you with your certification process. All of the following tools, most of them available at www.sybex.com/go/ccnarssg, should be loaded on your workstation when youre studying for the test. As a fantastic bonus, I was able to add to the download link a preview section from my CCNA video series! Please understand that these are not the full versions, but theyre still a great value for you included free with this book. Test Preparation Software The test preparation software prepares you to pass the ICND1 and ICND2 exams and the CCNA R/S Composite exam. Youll find all the review and assessment questions from the book plus additional practice exam questions that appear exclusively from the downloadable study tools. 32. Introduction xxxvElectronic Flashcards The companion study tools include over 200 flashcards specifically written to hit you hard, so dont get discouraged if you dont ace your way through them at first! Theyre there to ensure that youre really ready for the exam. And no worriesarmed with the review questions, practice exams, and flashcards, youll be more than prepared when exam day comes! LammleSim IOS Version At www.lammle.com or www.lammlesim.com, I have provided an IOS simulator that can be used with all of the hands-on labs in this book. You can also download this free simulator from www.sybex.com/go/ccnarssg. Glossary A complete glossary of CCENT, ICND2, CCNA R/S and Cisco routing terms is available at www.sybex.com/go/ccnarssg. Todd Lammle Bonus Material and Labs Be sure to check the announcement section of my forum at www.lammle.com/forum for directions on how to download all the latest bonus material created specifically to help you study for your ICND1, ICND2, and CCNA R/S exams. Todd Lammle Videos I have created a full CCNA series of videos that can be purchased in either DVD or downloadable format from www.lammle.com. As a bonus included with this book, the first module of six of the DVDs can be downloaded from the books web page, www.sybex.com/go/ccnarssg, as a preview. Although this isnt the full version, the videos included with this book are over two hours of foundational CCNA information. This is a $198 value, so dont skip these videos because they cover key topics for the exams.CBT Nuggets Videos In addition, CBT Nuggets has created dozens of free MicroNugget videos that help reinforce the chapter topics. Throughout the book, you will see QR codes and URLs that will direct you to a dedicated website where you can view these videos created by CBT Nuggets author and expert trainer Jeremy Cioara. Just scan the QR code with your smart phone or tablet, or type in the URL, to view the video.How to Use This Book If you want a solid foundation for the serious effort of preparing for the Interconnecting Cisco Network Devices Part 1 and 2 exams, or the CCNA R/S Composite exam, then look no further. Ive spent hundreds of hours putting together this book with the sole intention of helping you to pass the Cisco exams, as well as really learn how to correctly configure Cisco routers and switches! This book is loaded with valuable information, and you will get the most out of your study time if you understand why the book is organized the way it is. 33. xxxviIntroductionSo to maximize your benefit from this book, I recommend the following study method: 1. Take the assessment test thats provided at the end of this introduction. (The answersare at the end of the test.) Its okay if you dont know any of the answers; thats why you bought this book! Carefully read over the explanations for any questions you get wrong and note the chapters in which the material relevant to them is covered. This information should help you plan your study strategy. 2. Study each chapter carefully, making sure you fully understand the information andthe test objectives listed at the beginning of each one. Pay extra-close attention to any chapter that includes material covered in questions you missed. 3. Complete the written labs at the end of each chapter. (Answers to these appear inAppendix A.) Do not skip these written exercises because they directly relate to the Cisco exams and what you must glean from the chapters in which they appear. Do not just skim these labs! Make sure you completely understand the reason for each correct answer. 4. Complete all hands-on labs in each chapter, referring to the text of the chapter so thatyou understand the reason for each step you take. Try to get your hands on some real equipment, but if you dont have Cisco equipment available, try the LammleSim IOS version, which you can use for the hands-on labs found only in this book. These labs will equip you with everything you need for all your Cisco certification goals. 5. Answer all of the review questions related to each chapter. (The answers appear inAppendix B.) Note the questions that confuse you, and study the topics they cover again until the concepts are crystal clear. And againdo not just skim these questions! Make sure you fully comprehend the reason for each correct answer. Remember that these will not be the exact questions you will find on the exam, but theyre written to help you understand the chapter material and ultimately pass the exam! 6. Try your hand at the practice questions that are exclusive to this book. The questions can be found only at www.sybex.com/go/ccnarssg. And be sure to check out www.lammle.comfor the most up-to-date Cisco exam prep questions, videos, Todd Lammle boot camps, and more. 7. Also on the download link is the first module from six videos from my completeCCNA R/S video series. Please understand that these are preview versions of the videos found at www.lammle.com. The videos on the free download link are not the full versions, but theyre still a great value loaded with information.8. Test yourself using all the flashcards, which are also found on the download link.These are brand-new and updated flashcards to help you prepare for the CCNA R/S exam and a wonderful study tool! 34. Introduction xxxviiTo learn every bit of the material covered in this book, youll have to apply yourself regularly, and with discipline. Try to set aside the same time period every day to study, and select a comfortable and quiet place to do so. Im confident that if you work hard, youll be surprised at how quickly you learn this material! If you follow these steps and really studydoing hands-on labs every single day in addition to using the review questions, the practice exams, the Todd Lammle video sections, and the electronic flashcards, as well as all the written labsit would actually be hard to fail the Cisco exams. But understand that studying for the Cisco exams is a lot like getting in shapeif you do not go to the gym every day, its not going to happen!Where Do You Take the Exams? You may take the ICND1, ICND2, or CCNA R/S Composite or any Cisco exam at any of the Pearson VUE authorized testing centers. For information, check www.vue.com or call 877-404-EXAM (3926). To register for a Cisco exam, follow these steps: 1. Determine the number of the exam you want to take. (The ICND1 exam number is100-101, ICND2 is 100-201, and CCNA R/S Composite is 200-120.) 2. Register with the nearest Pearson VUE testing center. At this point, you will be askedto pay in advance for the exam. At the time of this writing, the ICND1 and ICND2 exams are $150, and the CCNA R/S Composite exam is $300. The exams must be taken within one year of payment. You can schedule exams up to six weeks in advance or as late as the day you want to take itbut if you fail a Cisco exam, you must wait five days before you will be allowed to retake it. If something comes up and you need to cancel or reschedule your exam appointment, contact Pearson VUE at least 24 hours in advance. 3. When you schedule the exam, youll get instructions regarding all appointment andcancellation procedures, the ID requirements, and information about the testing-center location.Tips for Taking Your Cisco Exams The Cisco exams contain about 50-60 questions and must be completed in about 90 minutes or less. This information can change per exam. You must get a score of about 85 percent to pass this exam, but again, each exam can be different. Many questions on the exam have answer choices that at first glance look identical especially the syntax questions! So remember to read through the choices carefully because close just doesnt cut it. If you get commands in the wrong order or forget one measly character, youll get the question wrong. So, to practice, do the hands-on exercises at the end of this books chapters over and over again until they feel natural to you. 35. xxxviiiIntroductionAlso, never forget that the right answer is the Cisco answer. In many cases, more than one appropriate answer is presented, but the correct answer is the one that Cisco recommends. On the exam, you will always be told to pick one, two, or three options, never choose all that apply. The Cisco exam may include the following test formats: uuMultiple-choice single answeruuMultiple-choice multiple answeruuDrag-and-dropuuRouter simulationsCisco proctored exams will not show the steps to follow in completing a router interface configuration, but they do allow partial command responses. For example, show run, sho running, or sh running-config would be acceptable. Here are some general tips for exam success: uuuuuuuuArrive early at the exam center so you can relax and review your study materials. Read the questions carefully. Dont jump to conclusions. Make sure youre clear about exactly what each question asks. Read twice, answer once, is what I always tell my students. When answering multiple-choice questions that youre not sure about, use the process of elimination to get rid of the obviously incorrect answers first. Doing this greatly improves your odds if you need to make an educated guess. You can no longer move forward and backward through the Cisco exams, so doublecheck your answer before clicking Next since you cant change your mind.After you complete an exam, youll get immediate, online notification of your pass or fail status, a printed examination score report that indicates your pass or fail status, and your exam results by section. (The test administrator will give you the printed score report.) Test scores are automatically forwarded to Cisco within five working days after you take the test, so you dont need to send your score to them. If you pass the exam, youll receive confirmation from Cisco, typically within two to four weeks, sometimes a bit longer.ICND1 (100-101) Exam Objectives Exam objectives are subject to change at any time without prior notice and at Ciscos sole discretion. Please visit Ciscos certification website (www.cisco.com/web/learning) for the latest information on the ICND1 exam. Operation of IP Data Networks Recognize the purpose and functions of various network devices, such as Routers, Switches, Bridges, and Hubs.Chapter(s) 1, 2 36. Introduction xxxixOperation of IP Data NetworksChapter(s)Select the components required to meet a given network specification.1, 2Identify common applications and their impact on the network.1, 3Describe the purpose and basic operation of the protocols in the OSI and TCP/IP models.1, 3Predict the data flow between two hosts across a network. Identify the appropriate media, cables, ports, and connectors, to connect Cisco network devices to other network devices and hosts in a LAN.1, 2, 13 2LAN Switching Technologies Determine the technology and media access control method for Ethernet networks. Identify basic switching concepts and the operation of Cisco switches. uuBroadcast domainsuuTypes of switchinguu2, 10Collision domainsuu2CAM tableConfigure and verify initial switch-configuration including remote access management. uu6, 10Cisco IOS commands to perform basic switch setupVerify network status and switch-operation using basic utilities, such as ping, Telnet, and SSH.7, 10Describe how VLANs create logically separate networks and the need for routing between them.11uuExplain network segmentation and basic traffic management concepts.Configure and verify VLANs.11Configure and verify trunking on Cisco switches.11uuDTPuuAuto negotiationIP addressing (IPv4/IPv6) Describe the operation and necessity of using private and public IP addresses for IPv4 addressing.3, 4Identify the appropriate IPv6-addressing scheme to satisfy addressing requirements in a LAN/WAN environment.14 37. xlIntroduction(continued) Operation of IP Data NetworksChapter(s)Identify the appropriate IPv4-addressing scheme using VLSM and summarization to satisfy addressing requirements in a LAN/WAN environment.5Describe the technological requirements for running IPv6 in conjunction with IPv4 such as dual stack.14Describe IPv6 addresses.14uuGlobal unicastuuMulticastuuLink localuuUnique localuueui-64uuAutoconfigurationIP Routing Technologies Describe basic routing concepts. uuCEFuuPacket forwardinguu8Router lookup processConfigure and verify utilizing the CLI to set the basic router configuration. uuCisco IOS commands to perform basic router setupConfigure and verify the operation status of an Ethernet interface. Verify router configuration and network connectivity. uu6, 76 6, 7Cisco IOS commands to review basic router information and network connectivityConfigure and verify routing configuration for a static or default route given specific routing requirements.8Differentiate methods of routing and routing protocols.8uuStatic vs dynamicuuLink state vs distance vectoruuNExt-hopuuip routing tableuuPassive interfaces 38. Introduction xliOperation of IP Data Networks Configure and verify OSPF (single area) uuConfigure OSPFv2uuConfigure OSPFv3uuRouter IDuu9, 14Benefit of single areauuChapter(s)Passive interfaceConfigure and verify interVLAN routing (router on a stick). uuSubinterfacesuuUpstream routinguu11EncapsulationConfigure SVI interfaces.11IP Services Configure and verify DHCP (IOS Router). uuConfiguring router interfaces to use DHCPuuDHCP optionsuuExcluded addressesuu7Lease timeDescribe the types, features, and applications of ACLs. uu12Standard uuSequence numbersuuEditinguuExtendeduuNameduuNumbereduuLog optionConfigure and verify ACLs in a network environment. uuNameduuNumbereduuLog option12 39. xliiIntroduction(continued) Operation of IP Data Networks Identify the basic operation of NAT uuPooluuStaticuu1 to 1uuOverloadinguuSource addressinguu13PurposeuuChapter(s)One-way NATConfigure and verify NAT for given network requirements.13Configure and verify NTP as a client.7Network Device Security Configure and verify network device security features such as: uuDevice password securityuuEnable secret vs enableuuTransportuuDisable TelnetuuSSHuuVTYsuuPhysical securityuuService passworduu6External authentication methodsConfigure and verify switch port security features, such as: uuSticky MACuuMAC address limitationuuStatic/dynamicuuViolation modes uuErr disableuuShutdownuuProtect restrictuuShutdown unused portsuuErr disable recoveryuuAssign unused ports to an unused VLANuuSetting native VLAN to other than VLAN 110 40. Introduction xliiiOperation of IP Data NetworksChapter(s)Configure and verify ACLs to filter network traffic.12Configure and verify ACLs to limit Telnet and SSH access to the router.12Troubleshooting Troubleshoot and correct common problems associated with IP addressing and host configurations.5Troubleshoot and resolve VLAN problems.11uuIdentify that VLANs are configureduuPort membership correctuuIP address configuredTroubleshoot and resolve trunking problems on Cisco switches. uuCorrect trunk statesuuCorrect encapsulation configureduu11Correct VLANS allowedTroubleshoot and resolve ACL issues. uuStatisticsuu12Permitted networksuuDirection uuInterfaceTroubleshoot and resolve Layer 1 problems. uuFraminguuCRCuuRuntsuuGiantsuuDropped packetsuuLate collisionuuInput/Output errors6 41. xlivIntroductionICND2 (200-101) Exam Objectives Exam objectives are subject to change at any time without prior notice and at Ciscos sole discretion. Please visit Ciscos certification website (www.cisco.com/web/learning) for the latest information on the ICND2 exam. LAN Switching Technologies Identify enhanced switching technologies. uuPVSTPuu15RSTPuuChapter(s)EtherChannelsConfigure and verify PVSTP operation. uuDescribe root bridge electionuu15Spanning-tree modeIP Routing Technologies Describe the boot process of Cisco IOS routers. uuPOSTuu16Router bootup processConfigure and verify operation status of a serial interface.21Manage Cisco IOS Files.16uuBoot preferencesuuCisco IOS image(s)uuLicensing uuShow licenseuuChange licenseDifferentiate methods of routing and routing protocols. uuAdministrative distanceuuSplit horizonuuMetricuuNext-hop19 42. Introduction xlvLAN Switching Technologies Configure and verify OSPF (single area). uuOSPF statesuuDiscuss Multi-areauuConfigure OSPFv2uuConfigure OSPFv3uuRouter IDuu20Neighbor adjacenciesuuChapter(s)LSA typesConfigure and verify EIGRP (single AS) uuFeasible Distance / Feasible Successors / Administrative distanceuuFeasibility conditionuuMetric compositionuuRouter IDuuAuto-summaryuu19Path selectionuuLoad balancing uuuuEqualuuUnequalPassive interfaceIP Services Recognize high availability (FHRP). uuVRRPuuHSRPuu17GLBPConfigure and verify Syslog. uu17Utilize Syslog OutputDescribe SNMPv2 & SNMPv317Troubleshooting Identify and correct common network problems.18Utilize NetFlow data.17 43. xlviIntroduction(continued) LAN Switching Technologies Troubleshoot and resolve spanning-tree operation issues uuPriorityuuMode is correctuu15Root switchuuChapter(s)Port statesTroubleshoot and resolve routing issues uuRouting is enableduuRouting table is correctuu18, 19, 20Correct path selectionTroubleshoot and resolve OSPF problems. uuNeighbor adjacenciesuuHello and dead timersuuOSPF areauuInterface MTUuuNetwork typesuuNeighbor statesuu20OSPF topology databaseTroubleshoot and resolve EIGRP problems. uuNeighbor adjacenciesuuAS numberuuLoad balancinguu19Split horizonTroubleshoot and resolve interVLAN routing problems. uuConnectivityuuEncapsulationuuSubnetuuNative VLANuu15, 18Port mode trunk statusTroubleshoot and resolve WAN implementation issues. uuSerial interfacesuuPPPuuFrame relay21 44. Introduction xlviiLAN Switching TechnologiesChapter(s)Monitor NetFlow statistics.17Troubleshoot EtherChannel problems.15WAN Technologies Identify different WAN Technologies. uuMetro EthernetuuVSATuuCellular 3G/4GuuMPLSuuT1/E1uuISDNuuDSLuuFrame relayuuCableuu21VPNConfigure and verify a basic WAN serial connection.21Configure and verify a PPP connection between Cisco routers.21Configure and verify frame relay on Cisco routers.21Implement and troubleshoot PPPoE.21CCNA Composite (200-120) ExamObjectives Operation of IP Data NetworksChapter(s)Recognize the purpose and functions of various network devices, such as Routers, Switches, Bridges, and Hubs.1, 2Select the components required to meet a given network specification.1, 2Identify common applications and their impact on the network.1, 3 45. xlviiiIntroduction(continued) Operation of IP Data Networks Describe the purpose and basic operation of the protocols in the OSI and TCP/IP models. Predict the data flow between two hosts across a network. Identify the appropriate media, cables, ports, and connectors, to connect Cisco network devices to other network devices and hosts in a LAN.Chapter(s) 1, 3 1, 2, 8, 9, 13 2LAN Switching Technologies Determine the technology and media access control method for Ethernet networks.2, 10Identify basic switching concepts and the operation of Cisco switches.2, 10uuCollision domains1, 2uuBroadcast domains1, 2uuTypes of switching1, 2, 10, 11uuCAM tableConfigure and verify initial switch configuration including remote access management. uu6, 10Cisco IOS commands to perform basic switch setupVerify network status and switch operation using basic utilities, such as ping, Telnet, and SSH. Describe how VLANs create logically separate networks and the need for routing between them. uu1, 2, 8, 10, 11Explain network segmentation and basic traffic management concepts6, 7, 10 11, 15 1, 6, 8, 10Configure and verify VLANs.11, 15Configure and verify trunking on Cisco switches.11, 15uuDTP11, 15uuAuto negotiation11, 15IP addressing (IPv4/IPv6) Describe the operation and necessity of using private and public IPaddresses for IPv4 addressing. Identify the appropriate IPv6-addressing scheme to satisfy addressing requirements in a LAN/WAN environment.3, 4, 5 14 46. Introduction xlixOperation of IP Data NetworksChapter(s)Identify the appropriate IPv4-addressing scheme using VLSM and summarization to satisfy addressing requirements in a LAN/WAN environment.5Describe the technological requirements for running IPv6 in conjunction with IPv4-such as dual stack.14Describe IPv6 addresses.14uuGlobal unicast14uuMulticast14uuLink local14uuUnique local14uueui 6414uuAutoconfiguration14IP Routing Technologies Describe basic routing concepts.8uuCEF8uuPacket forwarding8uuRouter lookup process8Configure and verify utilizing the CLI to set the basic router configuration. uuCisco IOS commands to perform basic router setupConfigure and verify operation status of an Ethernet interface. Verify router configuration and network connectivity. uuCisco IOS commands to review basic router information and network connectivity6, 7 6 6 6, 7 6Configure and verify routing configuration for a static or default route given specific routing requirements.8Differentiate methods of routing and routing protocols.8uuStatic vs dynamic8uuLink state vs distance vector8uuNext-hop8 47. lIntroduction(continued) Operation of IP Data NetworksChapter(s)uuip routing table8uuPassive interfaces8Configure and verify OSPF (single area).9, 14uuBenefit of single area9uuConfigure OSPFv29uuConfigure OSPFv314, 18, 20uuRouter ID14, 18, 19, 20uuPassive interface8, 9, 14, 19, 20Configure and verify interVLAN routing (router on a stick).11, 15uuSubinterfaces11, 15uuUpstream routing11, 15uuEncapsulation11, 15Configure SVI interfaces.11, 15IP Services Configure and verify DHCP (IOS Router).6, 7, 17uuConfiguring router interfaces to use DHCP6, 8, 17uuDHCP options6, 8, 17uuExcluded addresses6, 8, 17uuLease time16, 8, 17Describe the types, features, and applications of ACLs. uuStandard12 12uuSequence numbers12uuEditing12uuExtended12uuNamed12uuNumbered12uuLog option12 48. Introduction liOperation of IP Data Networks Configure and verify ACLs in a network environment.Chapter(s) 12uuNamed12uuNumbered12uuLog option12Identify the basic operation of NAT.13uuPurpose13uuPool13uuStatic13uu1 to 113uuOverloading13uuSource addressing13uuOne-way NAT13Configure and verify NAT for given network requirements.13Configure and verify NTP as a client.7Network Device Security Configure and verify network device security features such as:6uuDevice password security6uuEnable secret vs enable6uuTransport6uuDisable Telnet6uuSSH6uuVTYs6uuPhysical security6uuService password6uuExternal authentication methods6 49. liiIntroduction(continued) Operation of IP Data Networks Configure and verify switch port security features such as.Chapter(s) 10uuSticky MAC10uuMAC address limitation10uuStatic/dynamic10uuViolation modes10uuErr disable10uuShutdown10uuProtect restrict10uuShutdown unused ports10uuErr disable recovery10uuAssign unused ports to an unused VLAN10uuSetting native VLAN to other than VLAN 110Configure and verify ACLs to filter network traffic.12Configure and verify ACLs to limit Telnet and SSH access to the router.12Troubleshooting Troubleshoot and correct common problems associated with IP addressing and host configurations.4, 5, 7, 18Troubleshoot and resolve VLAN problems.11, 15uuIdentify that VLANs are configured11, 15uuPort membership correct11, 15uuIP address configured11, 15Troubleshoot and resolve trunking problems on Cisco switches.11, 15uuCorrect trunk states11, 15uuCorrect encapsulation configured11, 15uuCorrect VLANS allowed11, 15Troubleshoot and resolve ACL issues.12, 15uuStatistics12, 15uuPermitted networks12, 15 50. Introduction liiiOperation of IP Data Networks uuDirection uuInterfaceTroubleshoot and resolve Layer 1 problems.Chapter(s) 12, 15 12, 15 6, 18uuFraming6, 18uuCRC6, 18uuRunts6, 18uuGiants6, 18uuDropped packets6, 18uuLate collision6, 18uuInput/Output errors6, 18LAN Switching Technologies Identify enhanced switching technologies.10, 11, 15uuRSTP15uuPVSTP15uuEtherChannels15Configure and verify PVSTP operation.15uuDescribe root bridge election15uuSpanning-tree mode15IP Routing Technologies8, 9Describe the boot process of Cisco IOS routers.7, 16uuPOST7, 16uuRouter bootup process16uuConfigure and verify operation status of a serial interface21uuManage Cisco IOS Files16uuBoot preferences16uuCisco IOS image(s)16 51. livIntroduction(continued) Operation of IP Data Networks uuLicensingChapter(s) 16uuShow license16uuChange license16Differentiate methods of routing and routing protocols.8uuAdministrative distance8uuSplit horizon8uuMetric8uuNext-hop8Configure and verify OSPF (single area).9uuNeighbor adjacencies9uuOSPF states9uuDiscuss Multi-area9uuConfigure OSPFv29uuConfigure OSPFv314, 18, 20uuRouter ID9, 14, 18, 20uuLSA types20Configure and verify EIGRP (single AS).19uuFeasible Distance/Feasible Successors/Administrative distance19uuFeasibility condition19uuMetric composition19uuRouter ID19uuAuto-summary19uuPath selection19uuLoad balancing19uu19uuuuEqual Unequal19Passive interface8, 19 52. Introduction lvOperation of IP Data NetworksChapter(s)IP Services Recognize high availability (FHRP).17uuVRRP17uuHSRP17uuGLBP17Configure and verify Syslog.17Utilize Syslog Output17Describe SNMPv2 & SNMPv3.17uuTroubleshooting Identify and correct common network problems.1, 2, 6, 7, 8Utilize NetFlow data.17Troubleshoot and resolve spanning-tree operation issues15uuRoot switch15uuPriority15uuMode is correct15uuPort states15Troubleshoot and resolve routing issues.8, 9, 18, 19, 20uuRouting is enabled8, 9, 18, 19, 20uuRouting table is correct8, 9, 18, 19, 20uuCorrect path selection8, 9, 18, 19, 20Troubleshoot and resolve OSPF problems.9, 18, 20uuNeighbor adjacencies9, 18, 20uuHello and dead timers9, 18, 20uuOSPF area9, 18, 20uuInterface MTU9, 18, 20uuNetwork types9, 18, 20 53. lviIntroduction(continued) Operation of IP Data NetworksChapter(s)uuNeighbor states9, 18, 20uuOSPF topology database9, 18, 20Troubleshoot and resolve EIGRP problems.19uuNeighbor adjacencies19uuAS number19uuLoad balancing19uuSplit horizon19Troubleshoot and resolve interVLAN routing problems.11, 15uuConnectivity11, 15uuEncapsulation11, 15uuSubnet11, 15uuNative VLAN11, 15uuPort mode trunk status11, 15Troubleshoot and resolve WAN implementation issues.21uuSerial interfaces21uuPPP21uuFrame relay21Monitor NetFlow statistics.17Troubleshoot EtherChannel problems.15WAN Technologies Identify different WAN Technologies.21uuMetro Ethernet21uuVSAT21uuCellular 3G/4G21uuMPLS21uuT1/E121 54. Introduction lviiOperation of IP Data NetworksChapter(s)uuISDN21uuDSL21uuFrame relay21uuCable21uuVPN21Configure and verify a basic WAN serial connection.21Configure and verify a PPP connection between Cisco routers.21Configure and verify frame relay on Cisco routers.21Implement and troubleshoot PPPoE.21 55. Assessment Test 1. What is the sys-id-ext field in a BPDU used for? A. It is a 4-bit field inserted into an Ethernet frame to define trunking informationbetween switches. B. It is a 12-bit field inserted into an Ethernet frame to define VLANs in an STPinstance. C. It is a 4-bit field inserted into an non-Ethernet frame to define EtherChanneloptions. D. It is a 12-bit field inserted into an Ethernet frame to define STP root bridges. 2. You have four RSTP PVST+ links between switches and want to aggregate the band-width. What solution will you use? A. EtherChannel B.PortFast C. BPDU Channel D.VLANs E.EtherBundle 3. What configuration parameters must be configured the same between switches forLACP to form a channel? (Choose three.) A. Virtual MAC address B. Port speeds C.Duplex D. PortFast enabled E. Allowed VLAN information 4. You reload a router with a configuration register setting of 0x2101. What will therouter do when it reloads? A. The router enters setup mode. B. The router enters ROM monitor mode. C. The router boots the mini-IOS in ROM. D. The router expands the first IOS in flash memory into RAM. 56. Assessment Testlix5. Which of the following commands provides the product ID and serial number of a router? A. show license B. show license feature C. show version D. show license udi 6. Which command allows you to view the technology options and licenses that are sup-ported on your router along with several status variables? A. show license B. show license feature C. show license udi D. show version 7. Which of the following will you use to collect details about network traffic patterns onyour network, including protocols used. A.SNMPv3 B.Syslogv2 C. NetFlow 9 D. logging host ip_address 8. You want to send a console message to a syslog server, but you only want to send statusmessages of 3 and lower. Which of the following commands will you use? A. logging trap emergencies B. logging trap errors C. logging trap debugging D. logging trap notifications E. logging trap critical F. logging trap warnings G. logging trap alerts 9. When is the AVR router used in GLBP? A. When HSRP preempts GLBP B. When a client needs the virtual MAC C. When its set to passive mode and load balancing D. When its load-balancing between VLANs with VVRP E. When there is a redundancy failure 57. lxAssessment Test10. You need to connect to a remote IPv6 server in your virtual server farm. You can con-nect to the IPv4 servers, but not the critical IPv6 server you desperately need. Based on the following output, what could your problem be? C:>ipconfig Connection-specific DNS IPv6 Address. . . . . . Temporary IPv6 Address. Link-local IPv6 Address IPv4 Address. . . . . . Subnet Mask . . . . . . Default Gateway . . . .Suffix . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . .: : : : : : :localdomain 2001:db8:3c4d:3:ac3b:2ef:1823:8938 2001:db8:3c4d:3:2f33:44dd:211:1c3d fe80::ac3b:2ef:1823:8938%11 10.1.1.10 255.255.255.0 10.1.1.1A. The global address is in the wrong subnet. B. The IPv6 default gateway has not been configured or received from the router. C. The link-local address has not been resolved so the host cannot communicate tothe router. D. There are two IPv6 global addresses configured. One must be removed from theconfiguration. 11. What command is used to view the IPv6-to-MAC-address resolution table on aCiscorouter? A. show ip arp B. show ipv6 arp C. show ip neighbors D. show ipv6 neighbors E. show arp 12. An IPv6 ARP entry is listed as with a status of REACH. What can you conclude aboutthe IPv6-to-MAC-address mapping? A. The interface has communicated with the neighbor address and the mapping iscurrent. B. The interface has not communicated within the neighbor reachable time frame. C. The ARP entry has timed out. D. IPv6 can reach the neighbor address but the addresses has not yet been resolved. 58. Assessment Testlxi13. Serial0/1 goes down. How will EIGRP send packets to the 10.1.1.0 network? Corp#show ip eigrp topology [output cut] P 10.1.1.0/24, 2 successors, FD is 2681842 via 10.1.2.2 (2681842/2169856), Serial0/0 via 10.1.3.1 (2973467/2579243), Serial0/2 via 10.1.3.3 (2681842/2169856), Serial0/1A. EIGRP will put the 10.1.1.0 network into active mode. B. EIGRP will drop all packets destined for 10.1.1.0. C. EIGRP will just keep sending packets out s0/0. E. EIGRP will use s0/2 as the successor and keep routing to 10.1.1.0. 14. What command produced the following output? via FE80::201:C9FF:FED0:3301 (29110112/33316), Serial0/0/0 via FE80::209:7CFF:FE51:B401 (4470112/42216), Serial0/0/1 via FE80::209:7CFF:FE51:B401 (2170112/2816), Serial0/0/2A. show ip protocols B. show ipv6 protocols C. show ip eigrp neighbors D. show ipv6 eigrp neighbors E. show ip eigrp topology F. show ipv6 eigrp topology 15. You need to troubleshoot an adjacency between two EIGRP configured routers? Whatshould you look for? (Choose four.) A. Verify the AS numbers. B. Verify that you have the proper interfaces enabled for EIGRP. C. Make sure there are no mismatched K-values. D. Check your passive interface settings. E. Make sure your remote routers are not connected to the Internet. F. If authentication is configured, make sure all routers use different passwords. 59. lxiiAssessment Test16. You have two OSPF directly configured routers that are not forming an adjacency.What should you check? (Choose three.) A. Process ID B. Hello and dead timers C. Link cost D.Area E. IP address/subnet mask 17. When do two adjacent routers-enter the 2WAY state? A. After both routers have received Hello information B. After they have exchanged topology databases C. When they connect only to a DR or BDR D. When they need to exchange RID information 18. Which type of LSAs are generated by ABRs and referred to summary link advertise-ments (SLAs)? A. Type 1 B. Type 2 C. Type 3 D. Type 4 E. Type 5 19. Which of the following is not provided by the AH portion of IPsec? A. Integrity B.Confidentiality C.Authenticity D.Anti-reply 20. Which statement about GRE is not true? A. GRE is stateless and has no flow control. B. GRE has security. C. GRE has additional overhead for tunneled packets, at least 24 bytes. D. GRE uses a protocol-type field in the GRE header so any layer 3 protocol can beused through the tunnel. 60. Assessment Testlxiii21. How should a router that is being used in a frame relay network be configured to keepsplit horizon issues from preventing routing updates? A. Configure a single subinterface to establish multiple PVC connections to multipleremote router interfaces. B. Combine multiple frame relay circuits as a point-to-point line to support multicastand broadcast traffic. C. Configure many subinterfaces in the same subnet. D. Configure a separate subinterface for each PVC with a unique DLCI and subnetassigned to the subinterface. 22. IPv6 unicast routing is running on the Corp router. Which of the following addresses would show up with the show ipv6 int brief command? Corp#sh int f0/0 FastEthernet0/0 is up, line protocol is up Hardware is AmdFE, address is 000d.bd3b.0d80 (bia 000d.bd3b.0d80) [output cut]A. FF02::3c3d:0d:bdff:fe3b:0d80 B. FE80::3c3d:2d:bdff:fe3b:0d80 C. FE80::3c3d:0d:bdff:fe3b:0d80 D. FE80::3c3d:2d:ffbd:3bfe:0d80 23. A host sends a type of NDP message providing the MAC address that was requested.Which type of NDP was sent? A.NA B.RS C.RA D.NS 24. Each field in an IPv6 address is how many bits long? A.4 B.16 C.32 D.128 61. lxivAssessment Test25. To enable OSPFv3, which of the following would you use? A. Router(config-if)#ipv6 ospf 10 area 0.0.0.0 B. Router(config-if)#ipv6 router rip 1 C. Router(config)#ipv6 router eigrp 10 D. Router(config-rtr)#no shutdown E. Router(config-if)#ospf ipv6 10 area 0 26. What does the command routerA(config)#line cons 0 allow you to perform next? A. Set the Telnet password. B. Shut down the router. C. Set your console password. D. Disable console connections. 27. Which two statements describe the IP address 10.16.3.65/23? (Choose two.) A. The subnet address is 10.16.3.0 255.255.254.0. B. The lowest host address in the subnet is 10.16.2.1 255.255.254.0. C. The last valid host address in the subnet is 10.16.2.254 255.255.254.0. D. The broadcast address of the subnet is 10.16.3.255 255.255.254.0. E. The network is not subnetted. 28. On which interface do you configure an IP address for a switch? A. int fa0/0 B. int vty 0 15 C. int vlan 1 D. int s/0/0 29. Which of the following is the valid host range for the subnet on which the IP address192.168.168.188 255.255.255.192 resides? A.192.168.168.129190 B.192.168.168.129191 C.192.168.168.128190 D.192.168.168.128192 30. Which of the following is considered to be the inside hosts address after translation? A. Inside local B. Outside local C. Inside global D. Outside global 62. Assessment Testlxv31. Your inside locals are not being translated to the inside global addresses. Which of the fol-lowing commands will show you if your inside globals are allowed to use the NAT pool? ip nat pool Corp 198.18.41.129 198.18.41.134 netmask 255.255.255.248 ip nat inside source list 100 int pool Corp overloadA. debug ip nat B. show access-list C. show ip nat translation D. show ip nat statistics 32. How many collision domains are created when you segment a network with a12-port switch? A.1 B.2 C.5 D.12 33. Which of the following commands will allow you to set your Telnet password on aCisco router? A. line telnet 0 4 B. line aux 0 4 C. line vty 0 4 D. line con 0 34. Which router command allows you to view the entire contents of all access lists? A. show all access-lists B. show access-lists C. show ip interface D. show interface 35. What does a VLAN do? A. Acts as the fastest port to all servers B. Provides multiple collision domains on one switch port C. Breaks up broadcast domains in a layer 2 switch internetwork D. Provides multiple broadcast domains within a single collision domain 63. lxviAssessment Test36. If you wanted to delete the configuration stored in NVRAM, choose the best answerfor the Cisco objectives. A. erase startup B. delete running C. erase flash D. erase running 37. Which protocol is used to send a destination network unknown message back to origi-nating hosts? A.TCP B.ARP C.ICMP D.BootP 38. Which class of IP address provides 15 bits for subnetting? A.A B.B C.C D.D 39. There are three possible routes for a router to reach a destination network. The firstroute is from OSPF with a metric of 782. The second route is from RIPv2 with a metric of 4. The third is from EIGRP with a composite metric of 20514560. Which route will be installed by the router in its routing table? A.RIPv2 B.EIGRP C.OSPF D. All three 40. Which one of the following is true regarding VLANs? A. Two VLANs are configured by default on all Cisco switches. B. VLANs only work if you have a complete Cisco switched internetwork. No off-brand switches are allowed. C. You should not have more than 10 switches in the same VTP domain. D. You need to have a trunk link configured between switches in order to send infor-mation about more than one VLAN down the link. 64. Assessment Testlxvii41. Which two of the following commands will place network 10.2.3.0/24 into area 0?(Choose two.) A. router eigrp 10 B. router ospf 10 C. router rip D. network 10.0.0.0 E. network 10.2.3.0 255.255.255.0 area 0 F. network 10.2.3.0 0.0.0.255 area0 G. network 10.2.3.0 0.0.0.255 area 0 4 2. How many broadcast domains are created when you segment a network with a12-port switch? A.1 B.2 C.5 D.12 4 3. If routers in a single area are configured with the same priority value, what value doesa router use for the OSPF router ID in the absence of a loopback interface? A. The lowest IP address of any physical interface B. The highest IP address of any physical interface C. The lowest IP address of any logical interface D. The highest IP address of any logical interface 4 4. What protocols are used to configure trunking on a switch? (Choose two.) A. VLAN Trunking Protocol B.VLAN C.802.1q D.ISL 45. What is a stub network? A. A network with more than one exit point B. A network with more than one exit and entry point C. A network with only one entry and no exit point D. A network that