Search Results

Up Network Access 2.1/2 VLANs 2 .4 EtherChannel (LACP) 2.6 Cisco Wireless Architectures 2.8 AP and WLC Management Access 2.9 Private IPv4 Addresses 2.3 CDP and LLDP 2.5 Spanning Tree (STP) 2.7 WLAN Components 2.9 WLAN GUI for Client Connectivity

Welcome! I have created this resource to not only expand my own knowledge but to help others on their paths to a career in networking. I hope you find the information contained useful! CCNA Study Materials for the CCNA ​ In the works Labs Download and work on Packet Tracer labs. Coming Soon Jargon Buster Not sure on an acronym? Check here! In the works

Up 2.4 Configure and verify (Layer 2/Layer 3) EtherChannel (LACP) What is EtherChannel? EtherChannel is the method of grouping physical interfaces into one logical interface, which increases bandwidth and fault-tolerance between switches. Note that it does not increase the speed across a link, only the available bandwidth. Also, connecting switches together with more than one link causes a layer 2 loop which can bring a network down (more on this in the next article). By using EtherChannel, the grouped physical interfaces are treated as one logical interface. There are 3 different ways to aggregate interfaces into a channel group, these are: LACP (Link Aggregation Control Protocol) PAgP (Port Aggregation Protocol) Static EtherChannel LACP is the industry standard (IEEE 802.1ad) protocol for aggregating physical interfaces into a logical grouped interface. PAgP on the other hand is a Cisco proprietary protocol which is not compatible with non-Cisco appliances. **You'll notice in the above diagram, without EtherChannel two of the interfaces are in a blocking state (orange status). This is because by putting multiple links between switches introduces a layer-2 loop which will cause a broadcast storm. STP (Spanning Tree Protocol) has blocked these ports to mitigate that. We will go into Spanning Tree further in the next article. When physical interfaces are grouped together, they are treated as one logical interface. ​ On Cisco devices EtherChannels take a number of different names. These include: ​ Port-channel Channel-group EtherChannel ​ You'll notice how now the 3 interfaces in the above diagram are grouped into an EtherChannel, the logical interface ID is PortChannel1 (Po1). Now that the physical interfaces are grouped together, the switches will load-balance network traffic between the physical interfaces. Traffic cannot just flow out of any physical interface as this could cause frames to arrive out of order. The switches will track the flow of traffic between endpoints and load-balance based on the following (the load-balancing rules can be configured): ​ Source MAC Destination MAC Source & Destination MAC Source IP Destination IP Source & Destination IP ​ Configuring EtherChannel To bundle physical interfaces into a channel group, the configuration must match across each interface. It is useful to use the interface range command when specifying the physical interface IDs to group together. For example, if we wanted to place Fa0/0, Fa0/1, Fa1/2 and Fa0/3 into a channel group, we would use the below command: ​ conf t interface range Fa0/0 - 3 So how can we configure the physical ports to become a logical channel group, let's take a look at the output below. Switch#conf t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#interface range Fa0/1 - 4 Switch(config-if-range)#channel-group 1 mode ? active Enable LACP unconditionally auto Enable PAgP only if a PAgP device is detected desirable Enable PAgP unconditionally on Enable Etherchannel only passive Enable LACP only if a LACP device is detected ​ We are given 5 options, which allows us to either configure EtherChannel as static, or using one of the aggregation protocols. active - Channel group will use LACP and is actively enabled for EtherChannel auto - Channel group will use PAgP and EtherChannel will only become active if the other side is configured as desirable desirable - Channel group will use PAgP and is actively enabled for EtherChannel on - Static EtherChannel passive - Channel group will use LACP and EtherChannel will only become active if the other side is configured as active If we use one of the aggregation protocols, the EtherChannel will only become active if the configuration on both switches is correct. See the below table where EtherChannel will be enabled dependant on the configuration between switches. So to surmise, in order to build an EtherChannel link the following pre-requisites must be met: All physical interfaces must have the same duplex (full/half, speed and switchport mode (access/trunk) If the physical interfaces are in switchport mode trunk, they must all have the same allowed VLANs and native VLAN ID The interfaces must be in the same channel-group mode The channel-group mode must be compatible with the other switch (such as active-passive, active-active, auto-desirable, desirable-desirable, on-on) ​ Load-Balance Configuration We can also amend the load-balance calculation for how EtherChannel forwards traffic out of which physical interface. The following commands are used: Switch#conf t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#port-channel load-balance ? dst-ip Dst IP Addr dst-mac Dst Mac Addr src-dst-ip Src XOR Dst IP Addr src-dst-mac Src XOR Dst Mac Addr src-ip Src IP Addr src-mac Src Mac Addr ​ Layer 3 EtherChannel There is one final thing we can do with channel groups that you need to be aware of for the CCNA. Layer 3 port-channels. Configuration is similar to how we configure a physical interface with an IP address, but we need to disable switchport mode beforehand. See below: conf t interface Po1 no switchport ip address 192.168.1.1 255.255.255.0 exit exit Verifying EtherChannel Configuration and Status To verify that EtherChannel is configured and operating correctly, we can use the below commands: sh ip int bri sh etherchannel sh etherchannel summary ​ To confirm that a channel group is up and active, look for the "SU" output within "sh etherchannel summary", as this indicates that the channel group is in-use and switched. For example, see the below output. Use the flags listed in the top portion of the output to determine the state of the channel group and the bundled interface states. So taking the above example, Po1 (RU) means that the channel-group itself is in use, and routed. Then looking at each bundled interface such as Fa0/4 (P), this indicates that the interface is part of the port-channel.

Up 2.5 Describe the need for and basic operations of Rapid PVST+ Spanning Tree Protocol and identify basic operations Why do we need STP (Spanning Tree Protocol)? A good network design typically includes a number of redundant links to ensure that should any issues arise during normal operations, the network (and it's users) are protected from any impact. Redundancy is the method of removing single point of failures from infrastructure. Therefore, for example, having a single link and a single switch between the edge router and the LAN is a single point of failure. To mitigate this, we add more switches and duplicate the links to increase the reliability of the network. This however does bring challenges which we will discuss below. Challenge 1 - Broadcast Storms We know from earlier articles that broadcast traffic is forwarded out of all ports (expect those on different VLANs or the originating port) on a switch. Layer 2 frames also don't have a TTL (Time to Live) function like layer 3 packets. Broadcast traffic is generated all the time, as it's used for everything from ARP to DHCP etc, so there is a lot of broadcast traffic on a typical LAN. It's one of the key reasons to deploy VLANs on a large network. Let's look at the below diagram. There are 3 switches connected together to build the LAN. All link lights are green indicating the ports are up and forwarding traffic. Now, PC3 wants to send some traffic to PC1, but before it can do that it needs to learn the MAC address of the device, so it forwards a broadcast ARP into the network with MAC of ffff.ffff.ffff. The frame will arrive at SW3 and be forwarded to SW1 and SW2. Then, SW1 will forward the frame to SW2, and vice versa. SW1 will forward the frame back to SW3 which will then forward to SW2, then to SW1, then to SW3, then to SW2, then to SW1. This also happens in reverse. Can you see what has happened? Look at the below diagram. A layer 2 loop is present in the network, so broadcast frames will continue to forward infinitely until a switch is unplugged or it fails. On normal networks with multiple users, frames can very quickly build up in the network and cause total failure as it becomes full of broadcast packets. This is called a broadcast storm. ​ Challenge 2 - MAC Address Flapping When a layer 2 loop as we've seen above is formed, it causes the switches to continuously update their MAC address tables which are used to track which frames should be send out of which ports. This instability of MAC address tables is called MAC address flapping. As the frame is looped around the network, switches will install the source MAC from the arriving frame against that port. If a source MAC which is already in the table is seen arriving on a different interface, the switch updates it's MAC address table to reflect this change. This causes frames to be forwarded back out of the wrong ports, further increasing congestion and worsening the broadcast storm. Solving the Layer 2 Loops with STP (PVST+) STP (Spanning Tree Protocol) prevents layer 2 loops by placing one or more ports into a blocking state. By blocking traffic on a port which would introduce a loop, STP mitigates broadcast storms and MAC address flapping which we learnt about earlier. Note that root bridge and root switch are terms used interchangeably. Please note that Cisco has it's own implementation of STP, calling PVST+ (Per-VLAN Spanning Tree). PVST+ allows for an STP topology for each VLAN allowing for load-balancing across switches. The IEEE STP (802.1D) version does not. STP uses the following three processes to prevent loops: Elect a root switch Identify the root ports on non-root switches Identify the designated ports (and if there is a switch on the other side of that link, the blocking ports will be implemented) ​ Electing the root switch The root switch is the start of the spanning tree topology. All ports are placed into a designated state, as traffic is being forwarded away from the root switch. To do this, switches send a specific frame into the network called BPDUs. The BPDU (Bridge Protocol Data Unit) contains the unique bridge ID, which comprises of the following sections: These BPDUs are forwarded into the network every 2 seconds (BPDU Hello), and switches use this bridge ID to negotiate the root switch. The bridge ID with the lowest value becomes the root. The BID (Bridge ID) includes the bridge priority and extended system ID (which is just the VLAN ID). The default BID will be 32769 (32768 + 1). When switches come online, they advertise themselves as the root switch, using the BID as seen above. The election process follows the below steps: Lowest Bridge Priority Lowest MAC Address So, if three switches come online, all with the same Bridge Priority, the BID with the lowest MAC address will become the root switch. In the below diagram, which switch will become the root? All of the switches have the same priority, so the next metric that STP will use to elect the root switch will be the lowest MAC address. SW1 has a MAC address of 00ab.53ff.5362, SW2 has a MAC address of 00ab.99ab.4436 and SW3 has a MAC address of 00ab.1004.1101. MAC addresses are in hexadecimal, so the value for f is 15 as an example. So the switch with the lowest MAC address in this topology is SW3, followed by SW2 then SW1. SW3 becomes the root switch and all ports on SW3 are placed into a designated state. All switches agree by including the root ID and their own BID within the BPDU. So each BPDU will look like this from SW1 as an example: Bridge ID: Priority: 32769 MAC Address: 00ab.53ff.5362 Root ID: Priority: 32769 MAC Address: 00ab.1004.1101 Identify the root ports on non-root switches Now that the root switch has been identified, the next stage in the STP process is to identify the best path to the root. These are known as root ports and every switch (expect for the root switch) will have one root port leading back to the root switch. There are four metrics used during this specific process, as below in order of desirability: Lowest path cost Lowest neighbour BID Lowest port priority Lowest port ID (of sending port) To continue with this process we need to know the path costs used by STP to calculate the root ports, see the below table for these costs. Let's see how the path cost system works below: SW3 is the root switch as per the previous root switch election process. All ports on SW3 are placed into a designated (forwarding) state. BPDUs are sent out by the root switch with a path cost of 0 (as they are originating from the root). The BPDU arrives at SW1's Gi0/0 port, and because it is a Gigabit link, a cost of 4 is added to the BPDU. Then, the BPDU is forwarded out of Gi0/1 which adds another cost of 4, making the current root path cost equal to 8. Therefore, port Gi0/0 on SW1 becomes the root port. The same happens for SW2, I'll try to simplify below: BPDU with cost 0 sent from root to Gi0/1 on SW2 > BDPU arrives at Gi0/1 on SW2, 0 + 4 = 4 > BPDU continues out of Gi0/0 on SW2, 4 + 4 = 8 > Gi0/1 becomes the root port. However, what happens if there are duplicate links? Let's take a look at a more sophisticated example: This diagram is a lot busier but shows three of the deciding factors used during the root port election process. SW1 is the root, so all ports are in a designated state. SW2 and SW3 have ports leading back to SW1 as their root ports, as the cost to reach the root is lower than going via SW4. Now, SW4 has to decide which of four ports will be it's root port. Remember the criteria, the costs are equal so the next tie-breaker is the switch with the lowest neighbour BID, which in this case is SW2. SW5 now needs to choose it's root port, again both costs to the root are an equal 16. We also can't use the neighbour BID, as it's the same. So, the next tie-breaker is the port priority. Here SW4's Gi0/2 interface has a manually set priority, making it the winner in this case. Again STP uses the neighbour port priority, not it's own. Port priorities looks like this: 128.1 ​ The value before the full stop is the priority, and the value after the full stop is the interface ID. For example, Gi0/1 would be 128.1, Gi0/4 would be 128.4 and so on. We can manually configure the priority value to manipulate STP. Identify the designated ports (and blocked ports) The final stage of the Spanning Tree Protocol process is to place ports into a designated state, which means that these are ports that forward away from the root switch. There can only be one designated port on a single segment (where two switches connect together), so one of the ports is placed into a blocking state. The decision to place ports into a blocking state has a few deciding tie-breakers similar to the root port election process. The election tie-breakers are as follows: Switch with the lowest cost to the root (lowest path cost) Switch with the lowest BID (Bridge ID) (Rarely seen) Switch with the lowest port priority (Rarely seen) Switch with the lowest port ID Let's use the same diagram where we learnt about the root port election process: Firstly at SW1, as it is the root switch all ports are placed into a designated state. On the segment between SW2 and SW4, because SW4's interface is set as the root port, Gi0/0 on SW2 becomes the designated port. Now, let's look at the segment between SW3 and SW4. Neither of the interfaces on this link are root ports, so now the election process for designated ports is underway. Because Gi0/1 on SW3 has the lowest path cost to the root switch, it becomes the designated port. On SW4, the interface on the other end of the segment (Gi0/0) is placed into a blocking state. Finally, on the segment between SW4 and SW5, because Gi0/1 on SW5 is the root port, Gi0/2 on SW4 is placed into a designated state. Gi0/3 on SW4 has a lower path cost to the root so that port becomes designated, while Gi0/0 on SW5 is placed into a blocking state. See below designated and blocking ports. Note that if we had end user devices plugged into these switches, those ports would be placed into a designated (forwarding) state as end user devices don't generate BPDUs. Now that the root switch, root ports, designated ports and blocking ports have been identified, STP is now considered as converged, with any layer 2 loops avoided! Port Roles, States and Timers As you have already read, there are two port roles : Root p ort (Forwarding in the direction of the root switch) Designated port (Forwarding away from the root switch) However, we haven't yet covered off the port states for original STP, these are: The next key bit to understand is the timers. In the original STP it can take a long time for interfaces to enter a forwarding state. Typically up to 50 seconds. This is called STP convergence and there are a few timed processes we need to know, these are: Hello - This is the interval that BPDUs are sent by the switches (root switch in a converged network). The default interval is 2 seconds Forward Delay - The is the delay for the transitory states of listening and learning. Each delay is 15 seconds so a total of 30 seconds for original STP is seen MaxAge - This is the timeout for each switch to not receive a BPDU from the root, which is usually 10x the Hello timer, so 20 seconds Example Output When looking at the original STP (PVST+) output of a Cisco appliance, you'll notice that the port role states "Altn". This is used in Rapid-STP which we will review shortly. When original STP (PVST+) is in use, ignore this and deem it a designated port. Let's look at an example output below. (The topology for this output is two PCs linked to Fa0/1 & Fa0/2, with Gi0/1 & Gi0/2 linked to other switches.) Switch3#sh spanning-tree VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 32769 Address 0002.1687.8C70 Cost 4 Port 25(GigabitEthernet0/1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 00D0.D3E6.DDBA Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 20 Interface Role Sts Cost Prio.Nbr Type ---------------- ---- --- --------- -------- -------------------------------- Fa0/1 Desg FWD 19 128.1 P2p Fa0/2 Desg FWD 19 128.2 P2p Gi0/1 Root FWD 4 128.25 P2p Gi0/2 Altn BLK 4 128.26 P2p Note that only on Cisco devices the port role here is listed incorrectly. It should be listed as Designated. ​ Looking at the output, we can see that this switch isn't the root switch, and port Gi0/2 is in a blocking state. Gi0/1 is listed as a root port which Fa0/1 and Fa0/2 are in a designated forwarding state. You can see how the output lists the Root Bridge IDs, then it's own Bridge IDs which contains information such as timers, the bridge priority and burnt-in MAC address. Remember that the extended system ID is the VLAN number, which in this case is VLAN1. Optional STP Features There are some important features that we need to understand that can improve the stability of the network and further prevent loops, these are: PortFast - this can be used against edge ports (where the device connected to the switch is for example a PC, a phone or a server etc. By configured a switchport as PortFast, this tells the switch to place the port directly into a forwarding state, bypassing the listening/learning states BPDU Guard - this can be used against edge ports as well as PortFast to further secure the network. When BPDU Guard is enabled, BPDUs can still be transmitted however should a BPDU be received, the port is shut down until it is manually re-enabled. This avoids possible malicious attacks by users attempting to introduce a switch with a lower priority than the legitimate root in the topology. Typically, you would configure BDPU Guard if PortFast is enabled. You would not want to configure this on ports linking switches together. The problem with original STP (PVST+) STP (or PVST+) takes a relatively long time to converge following a network change. Which when it was implemented wasn't an issue, however in modern networks it is unacceptable and should be avoided where possible. The default values of the Hello, MaxAge and Forward Delay timers cause a convergence delay of up to 50 seconds. Once a link goes down, the MaxAge count down begins from the last time a BPDU frame was received. 20 seconds later the port is put back into a listening state for 15 seconds, then into a learning state for 15 seconds. Once these stages are completed the network will have reconverged however with how critical modern networks are to today's society, that is too long. So, how was the delay issue fixed? See below: Removing some port states (Disabled and blocking combined into Discarding, and Listening state removed) Adding some port roles (alternate and backup) which allows for immediate interface transition in the event of a link failure All switches now send their own BPDUs, rather than just the root switch MaxAge timer much shorter (typically 3x hello time) The above changes are used in what's known as 802.1W RSTP (Rapid Spanning Tree). Again Cisco has it's own implementation called Rapid-PVST+. In fact, most network devices implemented today used RSTP (Rapid-PVST+) by default. RSTP (Rapid Spanning Tree) RSTP (Rapid PVST+) Concepts RSTP is very similar to STP (so similar they can actually be used on the same network). The only real differences are the port states, roles and timers. The process for RSTP is the same as STP: Elect a root switch Assign root ports Calculate designated and blocking ports There is one key difference though and that is the implementation of the alternate port. This port is an alternate path to the root and will be in a blocking state while the main root port is up and active. There is also the addition of a backup port which is used when the switch is connected to an hub. Because hubs are rarely seen in modern networks it's unlikely you'll see a backup port in the RSTP topology. Let's go through the stages again on how STP converges the topology, and then how the new RSTP alternate role fits into this process. Looking at the above diagram, we can see that SW1 has been elected as the root switch, as it has the lowest BID (Bridge ID) within this network. All ports on the root switch are placed into a designated state. Second comes the root port calculation process, of which the following tie-breakers are used: Lowest path cost Lowest neighbour BID Lowest port priority Lowest port ID (of sending port) ​ Now, in STP the next step would be to place any remaining ports which are on a segment (two switches connected to each other) into a blocking state while calculating the designated ports. However, instead RSTP gives the blocked port with the next best path cost to the bridge the 'Alternate' role. The switch on the segment with the lowest BID or wins from the tie-breakers will place it's port into a designated forwarding state, while the losing switch will place it's port into an alternate, blocking state. This process uses the following tie-breakers: Switch with the lowest cost to the root (lowest path cost) Switch with the lowest BID (Bridge ID) (Rarely seen) Switch with the lowest port priority (Rarely seen) Switch with the lowest port ID The final step is the backup port, which again is very rarely seen as hubs are no longer used (note that the diagram doesn't depict any hubs, so a backup port won't be seen). If a hub is in use, with the switch being plugged into on two ports, the switch will receive it's own BPDUs and will place the losing port into a backup, blocking state. The tie-breakers for the backup port are as below: Switch with the lowest port priority Switch with the lowest port ID ​ So, now that the RSTP topology is converged we have a network where if a segment goes offline, RSTP can immediately place an alternate port into a root port state, bringing it into a forwarding state. Reducing disruption to the network. Let's take a look at how the topology changes if a segment goes down: Here we can see that the ports Gi0/1 on SW4 and Gi0/0 on SW2 have entered a down, down state, which originally was being used to actively forward traffic. Because RSTP is in use, SW4 had allocated Gi0/0 as it's alternate port. Once Gi0/1 went into a down state, the switch instantly changes Gi0/0 from alternate port to root port, allowing traffic to continue to be forwarded. SW4 will flush the learnt MACs via Gi0/1 from it's MAC Address Table to allow for frames to be sent via Gi0/0 (frame flooding). RSTP (Rapid PVST+) Port Types In RSTP there are 3 different port types, these are: P2p - used for ports linked between switches P2p Edge - used for ports that are connected to end-user devices (PCs, phones, servers etc) Shared - used for Ethernet hubs, furthermore this port will be operating in Half-Duplex As an example, look at the below section from a "sh spanning-tree " command: Interface Role Sts Cost Prio.Nbr Type ------------------- ---- --- --------- -------- -------------------------------- Fa1/0/1 Desg FWD 19 128.3 P2p Fa1/0/2 Desg FWD 19 128.4 P2p Fa1/0/13 Desg FWD 19 128.15 P2p Edge Fa1/0/14 Desg FWD 19 128.16 P2p Edge Fa1/0/15 Desg FWD 19 128.17 P2p Edge ​ Ports Fa1/0/13-15 are connected to PCs, while Fa1/0/1-2 are connected to further switches. RSTP (Rapid PVST+) Port Roles and States (with comparison to STP) The below table outlines the port roles and states for RSTP and STP. Any differences are highlighted in red. ** Note that PVST+ (802.1D flavour) does include alternate and backup roles by name only. Configuring PVST+/Rapid PVST+ There are a few commands that we need to be aware of for the CCNA, including how to manipulate STP/RSTP to make a switch of your choice the root switch. The following table outlines the key commands needed for the CCNA:

Up Networking Fundamentals 1.0 What is a Network? 1.2 Topology Architectures 1.4 Interface and Cable Issues 1.6 a IPv4 Addressing and Subnetting Part 1 1.7 Private IPv4 Addresses 1.8 b IPv6 Addressing and Prefix Part 2 1.10 IP Parameters for Client OS 1.12 Virtualisation Fundamentals 1.1 Network Components 1.3 Cabling Types 1.5 TCP vs UDP 1.6 b IPv4 Addressing and Subnetting Part 2 1.8 a IPv6 Addressing and Prefix Part 1 1.9 IPv6 Address Types 1.11 Wireless Principles 1.13 Switching Concepts

Up 1.0 What is a Network? What is a Network? A network is essentially a number of connected or interlinked devices. This website that you are reading now has crossed (probably) thousands of miles, multiple devices from the web servers to your device. These devices and the connections between them make up the structure of a network. There are a number of different technologies that allow for this transmission, from wireless radio frequencies to using light. The internet is made up of multiple ISPs peering with each other to forward traffic across the globe. Beyond technologies, there are also a number of protocols that provide a standardised ruleset for how traffic should be processed, forwarded or transmitted across a network. During the journey that data takes to reach it's destination, it will be encapsulated and de-encapsulated many times per the OSI model. Encapsulation is defined as wrapping or enclosing something (in this case a payload of data) by adding headers and footers depending on the layer per the below. An analogy of how a network operates, is to imagine a typical road network. Imagine that the cargo within a lorry is the data being transmitted, and the roads taken are the wiring. There are motorways that allow higher throughput (fibre optics), and country roads that allow lesser throughput (copper pairs). The truck itself is the packet, which ultimately moves the cargo (data) through the road network. The IP address would be the physical destination for the cargo (data), of which the truck might use navigation tools to reach it. This would not be dissimilar to the route-tables used across the internet for forwarding traffic. Each roundabout would send the truck down a different path, exactly how routers across the internet work together to move data. ​ OSI Model The OSI (Open Systems Interconnection) model was designed to ensure that the different technologies and protocols work together in a hierarchical fashion to ensure reliable and consistent transmission of data. It also provides for a structured approach to network design as without each of the 7 layers present, a website for example cannot be loaded. You will also see engineers refer to issues as being a Layer 2 problem, or a Layer 3 problem which can narrow down the troubleshooting steps required. See below table for a short overview of each layer, the protocols you might encounter and a short description. Please note that some protocols are multi-layered (eg ARP). TCP/IP Model The TCP/IP model is very similar, however it simplifies the structure of the model by concatenating certain layers per the below: LAN and WAN There are many different acronyms used in networking, and commonly you will come across LAN and WAN to denote interior networks, and external networks (the internet). LAN or Local Area Network essentially stands for the network currently provisioned at a single site, such as an office. WAN or Wide Area Network is usually referred to as the internet. On the back of typical home routers, you will see a number of LAN ports and a fewer number (usually just one) of WAN ports. ​ Encapsulation / De-encapsulation Below is a typical UDP packet encapsulation example. Don't worry about any terminology for now, as this will be covered more in later articles. Once an application on the client device as a requirement to send something to another device on another network, the payload is wrapped in different "containers" to facilitate the transmission across the network.

About About this site This site has been created to assist my studies towards not just being able to obtain my CCNA, but truly understand in-depth how networks... work. Each article follows the CCNA syllabus and I am using a number of different resources to build a full picture of each subject, from books to YouTube. ​ My hope is that this content is easy to read and digest, to at least give a broad understanding of the network basics. ​ About me Hello! My name is Harry and I'm a Service Desk Analyst living and working in Gloucestershire, currently working within the Service Desk for an MSP. ​ This is my first ever website so I imagine it will grow and adapt over time, alongside my own knowledge as I progress through my career. ​ If you spot anything on this website that isn't quite right, or you just have a question please use the Contact page to get in touch!

Jargon Buster A View More D View More B View More E View More C View More F View More G View More J View More H View More K View More I View More L View More M View More P View More N View More Q View More O View More R View More S View More V View More T View More W View More U View More X View More Y View More Z View More

Up 2.3 CDP & LLDP What is CDP and LLDP? CDP (Cisco Discovery Protocol) and LLDP (Link-layer Discovery Protocol) are used to discover devices at the layer 2 link only. There is no layer 3 encapsulation of any LLDP/CDP frames. By default, all Cisco devices have CDP enabled and it allows switches, routers, access points etc to learn about the connected devices such as interface details, firmware versions, hostname and make/model number to name a few. CDP is Cisco's proprietary discovery protocol, whereas LLDP is an IEEE 802.1AB standard which is used by all other vendors. Note that LLDP can still be enabled on Cisco equipment. CDP is typically disabled by organisations as should a malicious user gain access to the network devices, they are able to quickly map the network to discover the topology. CDP Information shared between appliances The following information that can be gathered via CDP includes: Device Type Hardware Platform Hardware Capabilities IOS Version Hostname Interface that generated the CDP message IP Addresses Port IDs CDP Hold Timers The information shared between Cisco devices can be viewed using the following commands: sh cdp neighbors - This displays a summary of CDP neighbours that are discovered via CDP sh cdp neighbors detail - This displays a detailed output of CDP neighbours that are discovered via CDP sh cdp interface - This displays the CDP timers and hold timers, including interface status sh cdp - This displays a summary CDP global configuration Let's take a look at some of the outputs from a point-point network between two Cisco routers, nbRTR1 and nbRTR2. Configuring CDP CDP is quite simple to configure, as it only operates at layer 2 we do not need to worry about routing etc. The following commands are used to configure CDP. Note you need to be in global configuration mode (conf t). no cdp run - Disables CDP cdp run - Enables CDP cdp timer - Allows amendment of CDP discovery frames transmission (default 60 seconds) cdp holdtime - Allows amendment of the hold timer before a learnt neighbour is removed from the CDP table ​ Because CDP is enabled on all interfaces by default, we can remove interfaces from the global CDP by setting the command 'no cdp enable' within interface config mode (config-if). Such as: conf t interface Fa0/1 no cdp enable exit exit Verifying CDP sh cdp neighbors sh cdp neighbors detail sh cdp interface sh cdp ​ ​ LLD P ​ Information shared between appliances Just as with CDP, LLDP allows devices to learn information such as: Hostname Port IDs Port Descriptions System Description System Capabilities ​ Configuring LLDP ​ To configure LLDP on a Cisco network device, use the following commands: no llp run - Disables LLDP lldp run - Enables LLDP lldp timer - Allows amendment of the LLDP transmission timer (default 30 seconds) lldp holdtime - Allows amendment of the hold timer before a learnt neighbour is removed from the LLDP table As with CDP, LLDP is enabled on all interfaces by default. To remove an interface from the global LLDP state use the following commands: conf t interface Gi0/0 no lldp transmit no lldp receive exit exit Verifying LLDP The below commands can be used to verify that LLDP is working. sh lldp sh lldp neighbors sh lldp neighbors detail

Up CCNA Study Guide 01 Networking Fundamentals 03 IP Connectivity 05 Security Fundamentals 02 Network Access 04 IP Services 06 Automate and Programme

Up 2.1/2 VLANs What is a VLAN? Firstly, a LAN simply denotes devices that are connected to a shared broadcast domain. The broadcast domain is defined by the devices that will receive a broadcast frame with MAC address ff:ff:ff:ff:ff:ff. For example, let's look at the below diagram: Each purple box is a separate broadcast domain as they share the same subnet. Note that the point to point link between the routers is also a broadcast domain. All devices within each subnet will receive broadcast frames, and the switch facilitates this by flooding these frames out of all ports. Even if there are multiple switches in the same subnet they are still part of the same broadcast domain. Let's now imagine there are 6 48-port switches within the local network and each switchport is fully utilised. This is going to generate a lot of broadcast traffic and also from a security perspective every device is reachable directly within the same network. For example if someone from accounting has an infected PC the malware can easily spread across the network. To resolve this we need to segregate devices as much as possible to reduce the amount of broadcast traffic and reduce the impact of a device getting infected on the network. To do this we use VLANs (Virtual Local Area Network). VLANs allow for a logically split layer 2 network, each with it's own network range and uses a VLAN ID for the switch to identify which frame is in which VLAN. Clients are typically not VLAN aware and usually all VLAN processes are completed on the network devices. NBProducts Ltd. has 30 devices within their head office, shared across multiple departments. To ensure the network is fully optimised the network administrator has divided the network into multiple VLANs to segregate the network. See below: By using VLANs, if there is no routing between them on the router devices in HR cannot reach devices in Sales or Accounting. Should a malicious user access the network 192.168.2.0/24 in accounting, it is now much harder for them to reach a device within the HR department as the network is segregated at layer 2. Broadcast frames will not be forwarded between VLANs, making the network more efficient. In the extended VLAN range there can be a maximum of 4094 VLANs. In order for VLANs to work, we need to understand the different port types that facilitate VLANs within the network, access ports and trunks. Read about them below. Access Ports Clients are not VLAN aware, and this action of segmenting the network is performed at the point at which the client connects to the network, which is usually a switch. As the frame comes into the switch from the client device, the switch will only forward the frame to other interfaces in the same VLAN or in the case of unknown unicast/broadcast, flood the frame out of all matching access ports. If we use our example from above where we had 3 VLANs (10, 20 and 30) we would set each port to "switchport mode access", and then define the VLAN ID for the switchport as "switchport access vlan [ID]". So for VLAN 10, we would use the below commands: conf t interface Fa0/0/1 switchport mode access switchport access vlan 10 exit exit ​ If we were to apply the above config to each port (changed the VLAN ID as required) then the topological view of the switch would look something like this: If we were to plug a client PC into port Fa0/0/1, it would only be able to communicate with other ports designated as access VLAN 10. If the user needed to reach another client on a different VLAN, the traffic will have to be forwarded to the router. This is known as Inter-VLAN Routing. Note how the final three switchports are highlighted, this is to denote the interfaces used by the router. If we had multiple switches this would mean a large number of interfaces would be used just for forwarding traffic from clients to the router. We can minimise the amount of required ports by using 802.1q (dot1q) trunk ports. See below. **Please note that access ports are sometimes referred to as untagged ports, particularly by other vendors.** ​ Trunk Ports (802.1q) Trunk ports are used when multiple VLANs need to be carried across a link, say between switches or up to a router. Rather than using 3 separate physical interfaces, we can concatenate inter-switch links or uplinks to routers into a single interface. As you can see in the below diagram, if we didn't use trunk ports we would have to use 3 interfaces on the router and the bottom switch, and 6 interfaces on the middle switch. This is very wasteful as it reduces the number of interfaces available to client devices, it's simply not scalable. When interfaces are set to trunk, it adds a section to the Layer 2 frame header which is referred to as tagging. We need to add this section to the frame header because without it, the switch or router on the other end of the trunk isn't aware of which access port the frame originally arrived from. If we look at the below diagram we can see how the 802.1q tag works and what information it contains. Tag Protocol Identifier - signals to the receiving appliance that the frame is tagged with 802.1q, it always has the value of 0x8100 (hexadecimal) Priority Code Point - Used for Class of Service Drop Eligible Indicator - Indicates whether a frame can be dropped if there is congestion on the network VLAN ID - Value between 0 and 4095 and identifies the VLAN that the frame belongs to (0 and 4095 are reserved, allowing 9094 VLAN IDs) So, if we go back to our network diagram above, let's say that a PC in the Sales VLAN sends a broadcast packet out into the subnet on SW2. The frame arrives from the PC into the switch via an access port in VLAN 10. The switch forwards the frame out of all VLAN 10 access ports, but also the trunk port. As it exits the trunk port the switch adds the 802.1q tag with VID 10. This means that when SW1 receives the frame and de-encapsulates it, it knows that the frame originated from VLAN 10 and can forward the frame to the VLAN 10 access ports on SW1 including the trunk port between SW1 and RTR1. To configure a trunked interface, we use the below commands. Note that both interfaces on each side of the link must be configured as trunk ports. conf t interface Fa0/0/1 switchport mode trunk switchport trunk encapsulation dot1q exit exit ​ There are also other configurations to further scope the trunk port to the requirement, such as allowing specific VLANs. For example: conf t interface Fa0/0/1 switchport trunk allowed vlan 10,20,30 exit exit ​ Default VLAN The default VLAN is the initial VLAN that is created during device provisioning. For Cisco appliances, this is VLAN 1. All switchports by default are set to VLAN 1. Native VLAN So far we have covered what happens when traffic enters the network on an access port and how VLANs traverse a trunked port using the 802.1q tag, but another important concept that we need to cover is the native VLAN. Simply put, the native VLAN is used where traffic traverses a trunk port without a VLAN tag. This is referred to as 'untagged' traffic. The configuration for the native VLAN must match on each side of the trunk port, and it is also recommended to set a different native VLAN ID from any other VLANs on the network. For security reasons, always change the native VLAN ID from the default ID of 1. The native VLAN differs from the default VLAN. It's easy to confuse the two but just remember that the native VLAN only relates to untagged traffic across a trunk link, whereas the default VLAN is the default VLAN ID assigned to all access ports (VLAN ID 1). Voice VLANs This is a relatively simple concept. Most offices use IP Desk Phones and a workstation/laptop for their employees to do their jobs. Rather than using a separate network cable for both the IP Phone and the PC, we can leverage voice VLANs to connect both devices to a single interface on the switch. The IP phone itself also has a small built in switch to keep the PC and telephony traffic separate. This reduces the number of patch ports, network switches and cable management required to connect each desk to the network. See below: As you can see we have halved the number of cables required per desked user, which in turn reduces overall cost of networking equipment and administrative overhead by running additional wiring. To configure a voice VLAN, simply add the following example line to the switchport interface config: conf t interface Fa0/2 switchport mode access switchport access vlan 10 switchport voice vlan 100 exit exit Router on a Stick (ROAS) Devices between VLANs cannot communicate with one another as they are segregated at layer 2. To facilitate Inter-VLAN routing, we can use the Router on a Stick topology to allow devices between VLANs to communicate with one another on layer 3. We can do this by sub-interfacing the physical interface, which allows for multiple IP addresses and configurations to be added to a single physical interface. You can identify a sub-interface easily as it includes the physical interface ID, with the sub-interface ID being appended following a full stop. So if we were to create 3 sub-interfaces on Gi0/1 it will look like this: Gi0/1.100 Gi0/1.200 Gi0.1.300 ​ Let's take the topology that we used above for 802.1q trunk ports. Instead of configuring the interface on the router as a trunk, we sub-interface the physical port for each VLAN. This adds each network into the routing table of the router and allows traffic to pass between VLANs. We use the encapsulation dot1q command within the sub-interface to allow the trunking between the switch and the router to take place. Let's see how it works from a configuration perspective: Router and Switch Configuration for Router on a Stick Topology Now that we have added these sub-interfaces, we can see that they have been added to the routing table: RTR1#show ip route connected C 192.168.1.0/24 is directly connected, GigabitEthernet0/1.10 C 192.168.2.0/24 is directly connected, GigabitEthernet0/1.20 C 192.168.3.0/24 is directly connected, GigabitEthernet0/1.30 So if say a PC on VLAN 10 wants to send traffic to a PC on VLAN 30, the router will forward the traffic back out over sub-interface Gi0/1.30 as the destination IP will be within that subnet. Switched Virtual Interfaces (SVI) In larger networks, the Router on a Stick topology can become a bottleneck, as all traffic between VLANs must ingress and egress out of the router. To make the network more efficient we can leverage Switched Virtual Interfaces (SVIs). By creating an SVI on the switch, the traffic is forwarded directly between VLANs on the switch, rather than forwarding to a dedicated layer 3 routing appliance. To use SVIs, the switch must be layer 3 capable, otherwise known as a Multi-layer switch. To enable SVIs to allow inter-VLAN routing, the following steps are required: Enable IP routing Create the VLAN interfaces and assign IP addresses No shut the interfaces Assign out the VLANs as access ports to the relevant clients Set client default gateways to point to the SVI IP addresses Change the switchport connected to the router to a routed port and assign an IP address which is in the same subnet as the router

Up 1.6 Configure and verify IPv4 addressing and subnetting (Part 2) Subnetting Subnetting is an important factor to consider in any network, especially where public IP addressing is used. This is to ensure that the network blocks are correctly sized for the requirements needed. We use the CIDR notation to denote subnet size, and remember that 2 IP addresses are not usable in the address space (as they are used for network ID and broadcast). For the CCNA, you should be able to work out: First and last usable IP address Network ID Broadcast Address Total number of hosts (and usable hosts) Total number of networks Subnetting for hosts IANA (Internet Assigned Numbers Authority) has provided our organisation with the public IP address space of 212.158.39.0/24. The organisation has decided that this address block needs to be subnetted to allow 25 devices per network. We do this by stealing host bits for the network portion of the address. You can use the 2n-2 method (where n is the number of 0 bits). We subtract 2 because one IP address is the broadcast address, and the other one is used as the network ID. The current network block is a /24, so there are 8 total host (or 0) bits, so n becomes 8. 28-2 = 254. You should try to memorise the below table for the exam to work out the number of usable hosts in a network: Using the above table, we can see that a /27 CIDR can accommodate 30 usable hosts. Therefore we can assign just 5 host bits to the subnet mask by stealing 3 network bits, like below: Now the subnet mask binary is 11111111.11111111.11111111.11100000, we need to convert the last octet into decimal, so 128+64+32 = 224. The new subnet mask for the /27 address blocks will be 255.255.255.224. Now we need to work out the specifics for each address block, see below: Subnet 1 (NETWORK BITS / BORROWED BITS / HOST BITS ) Network ID: 212.158.39.0 (11010100.10011110.00100111. 000 00000 ) First Usable IP Address: 212.158.39.1 (11010100.10011110.00100111. 000 00001 ) Last Usable IP Address: 212.158.39.30 (11010100.10011110.00100111. 000 11110 ) Broadcast IP: 212.158.39.31 (11010100.10011110.00100111. 000 11111 ) Subnet 2 ( NETWORK BITS / BORROWED BITS / HOST BITS ) Network ID: 212.158.39.32 (11010100.10011110.00100111. 001 00000 ) First Usable IP Address: 212.158.39.33 (11010100.10011110.00100111. 001 00001 ) Last Usable IP Address: 212.158.39.62 (11010100.10011110.00100111. 001 11110 ) Broadcast IP: 212.158.39.63 (11010100.10011110.00100111. 001 11111 ) Subnet 3 ( NETWORK BITS / BORROWED BITS / HOST BITS ) Network ID: 212.158.39.64 (11010100.10011110.00100111. 010 00000 ) First Usable IP Address: 212.158.39.65 (11010100.10011110.00100111. 010 00001 ) Last Usable IP Address: 212.158.39.94 (11010100.10011110.00100111. 010 11110 ) Broadcast IP: 212.158.39.95 (11010100.10011110.00100111. 010 11111 ) Subnet 4 ( NETWORK BITS / BORROWED BITS / HOST BITS ) Network ID: 212.158.39.96 (11010100.10011110.00100111. 011 00000 ) First Usable IP Address: 212.158.39.97 (11010100.10011110.00100111. 011 00001 ) Last Usable IP Address: 212.158.39.126 (11010100.10011110.00100111. 011 11110 ) Broadcast IP: 212.158.39.127 (11010100.10011110.00100111. 011 11111 ) Subnet 5 ( NETWORK BITS / BORROWED BITS / HOST BITS ) Network ID: 212.158.39.128 (11010100.10011110.00100111. 100 00000 ) First Usable IP Address: 212.158.39.129 (11010100.10011110.00100111. 100 00001 ) Last Usable IP Address: 212.158.39.158 (11010100.10011110.00100111. 100 11110 ) Broadcast IP: 212.158.39.159 (11010100.10011110.00100111. 100 11111 ) Subnet 6 ( NETWORK BITS / BORROWED BITS / HOST BITS ) Network ID: 212.158.39.160 (11010100.10011110.00100111. 101 00000 ) First Usable IP Address: 212.158.39.161 (11010100.10011110.00100111. 101 00001 ) Last Usable IP Address: 212.158.39.190 (11010100.10011110.00100111. 101 11110 ) Broadcast IP: 212.158.39.191 (11010100.10011110.00100111. 101 11111 ) Subnet 7 ( NETWORK BITS / BORROWED BITS / HOST BITS ) Network ID: 212.158.39.192 (11010100.10011110.00100111. 110 00000 ) First Usable IP Address: 212.158.39.193 (11010100.10011110.00100111. 110 00001 ) Last Usable IP Address: 212.158.39.222 (11010100.10011110.00100111. 110 11110 ) Broadcast IP: 212.158.39.223 (11010100.10011110.00100111. 110 11111 ) Subnet 8 ( NETWORK BITS / BORROWED BITS / HOST BITS ) Network ID: 212.158.39.224 (11010100.10011110.00100111. 111 00000 ) First Usable IP Address: 212.158.39.225 (11010100.10011110.00100111. 111 00001 ) Last Usable IP Address: 212.158.39.254 (11010100.10011110.00100111. 111 11110 ) Broadcast IP: 212.158.39.255 (11010100.10011110.00100111. 111 11111 ) Looking at the above, you can see how the maths works for each value: First Usable IP Address: Network ID plus one Last Usable IP Address: Broadcast Address minus one Broadcast Address: Next network ID minus one Network ID: Last network ID plus total number of hosts We now have 8 subnets, with each allowing 30 usable IP addresses per subnet block. Subnetting for subnetworks Following on from the previous example, subnetting to accommodate more/less subnets requires a different calculation. To calculate the number of possible subnets we use the formula 2x (where x is the number of borrowed host bits). Remember that to calculate the of usable hosts we use 2n-2, where n is the number of host bits. Let's see the formula in action. Our organisation has provided you with the address block 192.168.0.0/16, and requires 10 separate subnetworks for allocation across the estate regardless of the number of possible hosts. In order to work out the new subnet mask we need to use the 2x (where x is number of borrowed host bits). Looking at the below table we can see that by borrowing 4 bits from the host portion, this will give us 16 total subnetworks. So by borrowing 4 bits from the host portion of the address, the subnet mask becomes 255.255.255.240. We know it's 255.255.255.240 because this is the total decimal number from the binary bits of the 4 borrowed bits (128+64+32+16=240). Now exactly like subnetting a Class C network we can begin working out the network ID, broadcast address and first/last usable IPs of each subnet. Remember that to calculate each requirement is as below: Network ID: All HOST bits set to 0 First Usable IP Address: Last HOST bit set to 1 Last Usable IP Address: Last HOST bit set to 0 Broadcast Address: All HOST bits set to 1 Subnetting is a complex process that needs practice to become efficient at calculating what is required for the CCNA. I would recommend watching further videos on YouTube and also using practice sites such as the ones below: https://davidbombal.com/subnet-quiz/ https://subnetipv4.com/ https://subnettingpractice.com/ https://configureterminal.com/davidbombal/quiz/?title=learn-binary-questions-free-exam-questions https://configureterminal.com/davidbombal/quiz/?title=subnetting-questions-free-exam-questions Variable Length Subnet Mask (VLSM) VLSM allows networks administrators to better allocate an available address space dependant on the requirements for the infrastructure. It is especially useful where a public address block is used to maximise the number of networks that can be created from an assigned block. Rather than dividing a network block (say a /24) into fixed subnet sizes, VLSM methodology allows administrators to break that /24 address block into subnets that suit the required number of hosts per network. The practice of subnetting is exactly the same as we have covered however it is important to note that always work from the largest network to the smallest. Let's work through an example. Looking at the below diagram, we have been given the address block 186.15.152.0/24 to use for the proposed new network. There are 8 total subnets required with 2 of them being the point to point links between the routers. With VLSM we need to work from the largest network to the smallest, so the first network will be network 4 as it requires 58 usable IP addresses. Referring back to what we know about subnetting the smallest CIDR that can accommodate 58 hosts is a /26, as it allows for 62 usable IP addresses. The next largest network is network 6 which again requires a /26. It's best to build a table to understand what networks are required, like below: So now that we have subnetted 186.15.152.0/24 into 8 separate networks, we have optimised the provided block for the requirements of the network design, and we have some space left from the original block to create further smaller networks, or increase the size of any of the created networks should this be required in the future. Configure and Verify IP Addressing on Cisco Equipment Please see lab 2 here to explore interface configurations and build a small network. (lab coming soon)