Differences

This shows you the differences between two versions of the page.

--- cisco [2022/01/27 11:48]
richard
+++ cisco [2023/01/28 19:02] (current)
richard [NAT - Further reading]
@@ Line 5: / Line 5: @@
 \\
 % [[network_fundamentals|1.0 Network Fundamentals]] \\
-% [[network_access|2.0 Network Access]] \\
+% [[network_access|2.0 Network Access]] VLAN, Etherchannel, Spanning tree, Wireless/WLC \\
-% [[ip_connectivity|3.0 IP Connectivity]] \\
+% [[ip_connectivity|3.0 IP Connectivity]] static routes, dynamic routes, OSPF, EIGRP, RIP\\
 % [[ip_services|4.0 IP Services]] \\
 % [[security_fundamentals|5.0 Security Fundamentals]] \\
@@ Line 12: / Line 12: @@
 \\
-====== Subnetting ======
-In the Cisco CCNA exam you will be asked various types of questions on subnetting:
-    * What is Network ID, Broadcast ID and number of usable hosts on a subnet with the following IP address X.X.X.X/[prefix]  e.g. 8.8.8.8/8
-    * Subnet the following range X.X.X.X/[prefix] to give you X number of subnets
-    * Cisco may ask you specifically not to use Subnet Zero
-    * A trick to watch out for, you might be tested on blocks of 16, /28 or 255.255.255.240, because apparently Cisco realised people can't count in 16's very well
-Given a range of IP addresses, these can be subdivided to give you additional but smaller ranges of addresses, hence a subdivided network, or subnet. Subdividing or subnetting is needed to make more efficient use of limited IPv4 address space.
-===== The old Classful addresses =====
-Historically, entire classes of address space ranges used to be given out by IANA [[https://www.iana.org/numbers|link]]. For instance if an organisation had 300 hosts, a Class C that supports 254 hosts would not be suitable, so a Class B would be assigned instead. However a Class B (using 16 bits for the network address and the final 16 bits for the host address) supports 65,534 hosts, which means thousands of wasted IP address. This did not matter until the growth of the internet accelerated and it was realised that the addresses would run out soon.  \\
-Classless Inter-domain Routing (CIDR) was introduced to allow further breaking-up of ranges.
-^Class A ^ Subnet mask ^ Cidr ^ Whole Range ^ Private Range ^ No. of Networks ^ No. of hosts ^
-|Very large networks |255.0.0.0 |/8 |1.0.0.0 to 126.255.255.255 |10.0.0.0 to 10.255.255.255 |126 | 16,777,214 |
-^Class A Reserved - Loopback ^ ^ ^ ^ ^ ^ ^
-|Used for network diagnostics, not publicly routable |255.0.0.0 |/8 | 127.0.0.1 to 127.255.255.255 |
-^Class B ^ ^ ^ ^ ^ ^ ^
-|Medium to large sized networks |255.255.0.0 |/16 |128.0.0.0 to 191.255.255.255 |172.16.0.0 to 172.31.255.255 | 16,384 | 65,534 |
-^Class C ^ ^ ^ ^ ^ ^ ^
-|Small networks |255.255.255.0 |/24 |192.0.0.0 to 223.255.255.255 |192.168.0.0 to 192.168.255.255 |2,097,152 |254 |
-^Class D ^ ^ ^ ^ ^ ^ ^
-|Multicast - not for assigning to hosts | | | 224.0.0.0 to 239.255.255 | |
-^Class E ^ ^ ^ ^ ^ ^ ^
-|Experimental and future applications | | | 240.0.0.0 to 255.255.255.255 | |
-^Class E Reserved - "This network" ^ ^ ^ ^ ^ ^ ^
-|Broadcast address for "every host on my subnet" | | | 255.255.255.255  | |
-===== How to subnet =====
-(this is gonna take a while...!)\\
-With subnetting if you haven't done it in a while, you need to practice it regularly. It's a bit like keeping fit, you kinda have to keep doing it.\\
-\\
-Subnetting is the process of taking an existing subnet of IP addressses and further subdividing these to give you more subnets. \\
-\\
-An IP address is actually made up of 2 parts, a **Network Address** and a **Host Address** (sometimes known as **Network ID** and **Host ID**).\\
-A **Subnet Mask** comes with all IP addresses to tell you what half of the address is the Network address half and the Host address half. \\
-It's a 32 bit number matching the length of the IP address itself. It is usually expressed in the form of a dotted decimal.\\
-e.g. 192.168.0.1 255.255.255.0\\
-Because the bits in a subnet mask must strictly be turned on from the most significant bit (highest value bit) on the left first going right, the byte in a subnet mask can only be from 9 possible values:
-      * No bits (00000000)
-      * Any bytes containing one bit from 10000000, 11000000, 11100000 etc to 11111111 (8 combinations)
-      * You can't have bytes where 1's and 0's are all mixed up, e.g. 10101010
-This arrangement of bytes give you 9 possible combinations which makes it only possible to show a subnet mask in dotted decimal with the following decimal numbers:
-^Bits ^Mask ^Decimal ^
-|0 |00000000 |0 |
-|1 |10000000 |128 |
-|2 |11000000 |192 (128+64)|
-|3 |11100000 |224 (128+64+32)|
-|4 |11110000 |240 (128+64+32+16)|
-|5 |11111000 |248 (128+64+32+16+8)|
-|6 |11111100 |252 (128+64+32+16+8+4)|
-|7 |11111110 |254 (128+64+32+16+8+4+2)|
-|8 |11111111 |255 (128+64+32+16+8+4+2+1)|
-If you have any other numbers in your subnet mask, it's wrong!
-It's impossible to have a byte in a subnet mask 00110011. You can't have zeros as the most significant bit (unless it's all zeros) and you can't have zeros inbetween 1's. In other words no skipping allowed. \\
-If you're subnetting in the 4th octet, you can only use 6 subnet masks (.128, .192, .224, .240, .248 and .252) \\
-Subnetting using 255.255.255.254 would give you 7 bits for the network address and 1 bit for host address, with the 1 bit giving you 2 possible combinations (xxxxxxx0 and xxxxxxx1), but you need to leave 2 addresses for your network address and the broadcast address. You've nothing left for hosts.\\
-Subnetting with 255.255.255.255 is not possible because you have no bits for host addresses. \\
-\\
-Effectively the subnet mask gives you this "partition" you can move around to give you more subnets at the expense of having less hosts per subnet.\\
-Take for example the IP address 192.168.1.0 with subnet mask 255.255.255.0
-If we turn this into binary we get:
-.      168 .        1 .        0
-    11000000 . 10101000 . 00000001 . 00000000
-.      255 .      255 .        0
-    11111111 . 11111111 . 11111111 . 00000000
-The 1's in the subnet mask represent the Network address (or Network ID). In other words, what bits in the IP address to use as the network address. In the example the first 24 bits (the 3 sets of 1's in the subnet mask) are considered the network address, or 11000000.10101000.00000001.X, or 192.168.1.X in decimal. \\
-\\
-The zeros in the subnet mask represent what bits you can use for the hosts, which is 8 bits. This gives you a block of 00000000 to 11111111 (0-255). To illustrate further I've highlighted the network address and host address sections below:
-    [------- NETWORK ADDRESS------]  [-HOST-]
-.      168 .        1 .        0
-    11000000 . 10101000 . 00000001 . 00000000
-.      255 .      255 .        0
-    11111111 . 11111111 . 11111111 . 00000000
-If we had a different subnet mask, say 255.255.0.0, this changes the purpose of the bits
-    [ NETWORK ADDRESS ]   [ HOST ADDRESS ---]
-.        0 .        1 .        0
-    00001010 . 00000000 . 00000001 . 00000000
-.      255 .        0 .        0
-    11111111 . 11111111 . 00000000 . 00000000
-\\
-Going back to 255.255.255.0 as the example, what you can do to subnet this is to "borrow" some of these to create more subnets.\\
-For example you could do change the subnet mask to 255.255.255.240 like this:
-.      168 .        1 |        0
-    11000000 . 10101000 . 00000001 | oooo0000
-.      255 .      255 |      240
-    11111111 . 11111111 . 11111111 | 11110000
-Now you have "borrowed" the first 4 bits in the 4th octet to use for extra subnets.\\
-Borrowing 4 bits would give you 2^4 number of subnets, 16 subnets in this case. \\
-You have 4 remaining host bits to use for hosts, so 2^4 host addresses per subnet. You'd get blocks of 16 address, but remember to subtract 2 addresses because you will need a Network address and a broadcast address in each block, so 14 usable addresses for hosts in each block.
-    Original subnet with new subnetted mask:
-.      168 .        1 .          0
-    11000000 . 10101000 . 00000001 . [oooo]0000
-.      255 .      255 .        240
-    11111111 . 11111111 . 11111111 . [1111]0000   [] show the "borrowed bits"
-    11000000 . 10101000 . 00000001 . oooo|0000  192.168.1.0
-    11000000 . 10101000 . 00000001 . ooo1|0000  192.168.1.16
-    11000000 . 10101000 . 00000001 . oo1o|0000  192.168.1.32
-    11000000 . 10101000 . 00000001 . oo11|0000  192.168.1.48
-    11000000 . 10101000 . 00000001 . o1oo|0000  192.168.1.64
-    11000000 . 10101000 . 00000001 . o1o1|0000  192.168.1.80
-    11000000 . 10101000 . 00000001 . o11o|0000  192.168.1.96
-    11000000 . 10101000 . 00000001 . o111|0000  192.168.1.112
-    11000000 . 10101000 . 00000001 . 1ooo|0000  192.168.1.128
-    11000000 . 10101000 . 00000001 . 1oo1|0000  192.168.1.144
-    11000000 . 10101000 . 00000001 . 1o1o|0000  192.168.1.160
-    11000000 . 10101000 . 00000001 . 1o11|0000  192.168.1.176
-    11000000 . 10101000 . 00000001 . 11oo|0000  192.168.1.192
-    11000000 . 10101000 . 00000001 . 11o1|0000  192.168.1.208
-    11000000 . 10101000 . 00000001 . 111o|0000  192.168.1.224
-    11000000 . 10101000 . 00000001 . 1111|0000  192.168.1.240
-You can use more borrowed bits or less depending on how many subnets you need.
-===== Subnetting in the 4th Octet =====
-You can subnet Class A, Class B and Class C addresses in the 4th octet.\\
-You'll need to decide how many subnets you will need.
-If say you need 6 subnets, you will need to "borrow" at least 3 bits from the host portion of the IP address to give you a possible 8 subnets. You'll use the 6 subnets and have 2 left over either unused or for future network expansion.  You obviously couldn't just use 2 bits as this would only give you 4 subnets to create, not enough for your requirement of 6.
-===== Subnetting In Your Head =====
-This is from Todd Lammle from his book. When doing subnetting, is to ask 5 questions:
-  * How many subnets does the chosen mask produce?
-  * How many valid hosts per subnet are available?
-  * What are the valid subnets?
-  * What is the broadcast address for each subnet?
-  * What are the valid hosts for each subnet?
-===== VLSM Variable Length Subnet Masking =====
-(work in progress!)
-===== CIDR - Classless Interdomain Routing =====
-===== Wildcard Masks =====
-Wildcard masks are the inverse of a subnet mask. In Cisco IOS, they are used in a few different places. OSPF configuration and ACL configuration.
-^ Subnet mask       ^ Wildcard mask ^    ^
-| 255.255.255.255   | 0.0.0.0       | one specific host |
-| 255.255.255.252   | 0.0.0.3       |  |
-| 255.255.255.0     | 0.0.0.255     | |
-===== Subnetting resources =====
-  * http://subnettingquestions.com
-  * http://subnetting.org
-  * https://subnetipv4.com/
-  * http://jodies.de/ipcalc?host=172.16.92.10&mask1=21&mask2=
-{{:cisco:ipv4cidrchart_2015.jpg?600|}}\\
-\\
-Finally understand subnetting https://www.reddit.com/r/ccna/comments/ju7un7/i_finally_understand_ipv4_subnetting/\\
-Cisco - IP Addressing and Subnetting for New Users https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13788-3.html \\
-https://support.microsoft.com/en-gb/help/164015/understanding-tcp-ip-addressing-and-subnetting-basics \\
-https://blogs.oracle.com/pshuff/subnets\\
-Subnet Zero (Cisco's interpretation) - https://www.cisco.com/c/en/us/support/docs/ip/dynamic-address-allocation-resolution/13711-40.html\\
-https://www.ripe.net/about-us/press-centre/understanding-ip-addressing \\
-https://www.keycdn.com/support/what-is-cidr\\
-https://ipcisco.com/lesson/ip-subnetting-and-subnetting-examples/
-====== Static Routes ======
-    configure terminal
-    ip route 10.0.0.0 255.0.0.0 10.0.0.100
-    show ip route
-    show ip static-route
-ip route command requires the range of IPs within the static route you want to set (the network address and its associated subnet mask) then the target IP.\\
-\\
-===== Floating Static Route =====
-You may want to set a static route to use only as a backup in case something else fails. For example if you have a combination of static and dynamic routes (from a routing protocol like OSPF), you may want the dynamic routes to take precedent while keeping the static route only when the dynamic routes have a problem. It's called a **Floating Static Route.**\\
-By default the Administrative Distance (AD) of static routes take precedent over dynamic routes learned by a routing protocol.  To set a static route to take less precedent over a dynamic route you can apply a different AD to the route:
-    ip route 10.0.1.0 255.255.255.0 10.1.3.2 115
-''115'' is the AD. By default the AD of OSPF is 110, so an AD of 115 would make this less priority over OSPF and OSPF routes will be selected. Should a route advertised by OSPF have some kind of problem, it will fall back on this static route.
-https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/unicast/503_u1_2/nexus3000_unicast_config_gd_503_u1_2/l3_route.html#wp1070948 \\
-Floating static routes https://www.ciscopress.com/articles/article.asp?p=2180209\\
-Static routes on a tp-link router https://www.tp-link.com/us/support/faq/560/
-====== Dynamic Routing Protocols ======
-https://www.ccnablog.com/dynamic-routing-protocols/\\
-Cisco Networking Academy's Introduction to Routing Dynamically http://www.ciscopress.com/articles/article.asp?p=2180210&seqNum=12\\
-\\
-When setting up computer networks, you have links between all the nodes and paths to determine which particular links to use.\\
-You will need to maintain a list of the routes so devices know which path to send data. \\
-You can either choose to maintain the routes manually (static) or have them maintained automatically (dynamic).\\
-Static routes are fine for very small networks, but in big complex networks, maintaining static routes is a massive administration task.  A Dynamic Routing Protocol can be used instead to automatically select paths and be able to automatically respond to changes, e.g. if part of a network goes down, alternate path can be selected to maintain resiliency. \\
-\\
-All routing protocols will do the following:
-    - Learn routes about subnets from neighbours
-    - Advertise (share) routes it learned to neighbours
-    - Store routes in a database and pick the best routes to use
-    - React to changes such as links going down and pick new routes (convergence)
-\\
-Interior Gateway Protocols (IGPs) are dynamic routing protocols for internal networks typically within an Autonomous System (AS). \\
-Examples include RIP, EIGRP, OSPF, IS-IS.  \\
-Exterior Gateway Protocols (EGPs) route data between Autonomous Systems. The EGP used today is Border Gateway Protocol (BGP).\\
-\\
-{{::cisco:03fig09_alt.jpg|}} \\
- https://www.ciscopress.com/articles/article.asp?p=2180210&seqNum=7 \\
-===== Administrative Distance =====
-Administrative Distance (AD) is used to determine which route gets priority when a router has a selection of routes to choose from. The lower the AD, the more preferred. (similar to MX records in DNS) \\
-AD can be manipulated from the defaults to make a particular route preferred, e.g. if a route learned from OSPF should be used instead of a static route //(refer to floating static routes)//.
-|Connected interface |0 |
-|Static route        |1 |
-|External BGP        |20 |
-|EIGRP               |90 |
-|OSPF                |100 |
-|IS-IS               |115 |
-|RIP                 |120 |
-Something called a Floating Static Route can be set up when you want a static route to take effect only if another link goes down.  For example if a route normally learned by a routing protocol e.g. OSPF goes down, this route is removed from the router's routing table, then replaced with a route learned from a static route.\\
-By default a static route normally has AD of 1, and OSPF 100. This would mean the static route would be preferred all the time over the OSPF route.  You would change the AD of that static route so the OSPF route takes priority:
-  ip route 10.0.1.0 255.255.255.0 10.1.3.2 115
-The 115 in that command would give that route an AD of 115, a higher value than the OSPF default of 100, so would have less priority.\\
-You would typically use this for backup links (e.g. slower/cheaper links only used in emergencies).  Remember to also check you add the floating static routes to both sides of the link otherwise it won't work properly.
-    * https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/15986-admin-distance.html
-===== OSPF =====
-On the new 200-301 CCNA exam, OSPF is likely the main IGP you will be tested on.[[https://blog.certskills.com/packet-tracer-labs-ccna-vol-1-chapter-20/|it's in Wendell's book]]\\
-It's the most complex of the IGPs and a lot to consider, so you should LEARN IT WELL!\\
-\\
-OSPF - Open Shortest Path First\\
-OSPF is an interior gateway protocol (IGP)\\
-Is known as a **//Link State//** protocol (not distance vector)\\
-Supports large networks and has fast convergence.\\
-Is an Open standard so supported by all vendors (unlike EIGRP which was until relatively recently was Cisco proprietary)\\
-In most literature, you'll see OSPF called "OSPF" but in most cases it is actually OSPF v2 they are talking about. There was an OSPF v1 but it is now considered obsolete, so most use OSPF v2 as standard and just refer to it as OSPF. \\
-\\
-Uses Dijkstra's Shortest Path First algorithm to select best network paths.\\
-\\
-OSPF works by OSPF enabled routers sending each other messages called Link State Advertisments (LSA). OSPF being a //Link State// IGP, the updates allow the routers to learn a complete map (or topology) of the network along with the costs of the paths to get to them. All the information about the routers and links is passed on to all routers unchanged.  This differs from IGPs like RIP that merely learn by "rumour" //(Routing By Rumour)// where they share the routes it knows from the point of view of that router. \\
-Paths are determined by the metric of cost (OSPF cost).\\
-By default, OSPF automatically generates a cost based on the speed of the interface. Faster interfaces will be preferred over slower interfaces, so faster interfaces will have less cost while slower interfaces have more cost. (Less cost is better.)\\
-\\
-In theory with OSPF having the ability to build interface speeds into the routing calculations, it should make OSPF a better choice for making routing decisions.\\
-IGPs like RIP use the metric of hop count; there's no concept of bandwidth of a link. For example in RIP a Fast Ethernet link of 100 Mbps is treated the same as a Gigabit Ethernet link of 1000 Mbps, even though the gigabit link can transfer more packets more quickly. So RIP may choose a route that although takes less hops is actually slower because that route may be using slower interface links. OSPF on the other hand may pick a different route because it has taken into account interface speeds in its calculations.\\
-Also OSPF works at bigger scales better than older protocols such as RIP.\\
-==== OSPF - how to enable it ====
-To enable OSPF on a router isn't really how it works.  You enable it per interface. \\
-The basic command to enable OSPF is entered in Global Config:
-    router ospf 1
-    network 10.0.0.0 0.0.0.255 area 0
-''router ospf 1'' means go into router config and open OSPF process ID 1. OSPF can have multiple processes on the router if you really want identified by the process ID. However it's rare to run more than one, so usually you just declare process ID 1. \\
-''network 10.0.0.0 0.0.0.255 area 0'' means to look on the configured network interfaces on the router for anything matching this IP address and wildcard mask and enable OSPF on those interfaces and place them in Area 0.  If there's more than 1 interface on that router that matches that command then all those matching interfaces will be enabled for OSPF. Those interfaces will then begin to send out hello messages and look to peer with adjacent OSPF interfaces and become neighbours. \\
-\\
-Alternately you can enable OSPF directly on an interface:\\
-    R1(config-if)#ip ospf <process-id> area <area>
-OSPF interfaces can be made passive also so it does not share network information to other routers along that interface itself, but will advertise to other OSPF neighbours the route along that that interface.  You usually do this if the other router connected to that interface is another organisation that you don't want to share your network topology with. \\
-Any loopback interfaces you set up on a router it is best to set up as passive interfaces also. Loopback interfaces are 'virtual' and do not terminate on a physical interface. However routing protocols will still try to advertise their interfaces, using up bandwidth. \\
-\\
-You can also protect the OSPF process by applying a password. OSPF neighbour relationships will only start to form if they have matching passwords.
-\\
-\\
-The Router ID (RID) is something each OSPF router needs to identify itself to other routers. It can be manually configured or the router will automatically generate its own from either the highest loopback address configured on its interfaces or highest IPv4 address configured on its interfaces.   \\
-\\
-Router ID order of priority
-  - Manual configuration
-  - Highest IP address of loopback interface
-  - Highest IP address of physical interface
-  R1(config-router)#router-id 1.1.1.1
-==== OSPF - the Cost mechanics ====
-OSPF uses the metric of //cost// (OSPF cost) to decide on what routes to select.   \\
-**//Lower cost is better//**, higher cost is worse.\\
-\\
-Cost (OSPF cost) is calculated :\\
-Reference bandwidth ÷ interface bandwidth\\
-\\
-This basically makes OSPF cost a measurement of the speed of interfaces. Less cost means faster interface.
-A router running OSPF on an interface will automatically generate costs for those interfaces. \\
-By default on OSPF, the Reference Bandwidth is 100 Mbps.  For historical reasons it was like this because when OSPF was invented, at the time they thought 100 Mbps was super-fast.\\
-Using the default Reference Bandwidth of 100 Mbps, the costs would look like this:
-^ Interface        ^ speed      ^ calculation    ^ OSPF cost ^
-| Ethernet         | 10 Mbps    | 100/10=10      | 10        |
-| FastEthernet     | 100 Mbps   | 100/100=1      | 1         |
-| GigabitEthernet  | 1000 Mbps  | 100/1000=0.1   | 1 (rounded up)        |
-| 10GigEthernet    | 10000 Mbps | 100/10000=0.01 | 1 (rounded up)        |
-The cost has to be a whole number so anything less than 1 (eg 0.01) gets converted to 1.\\
-You see the problem here is that all the faster links have the same cost when in actuality the interfaces are different so should have differing costs. The faster links will be better and should have less cost.   Fortunately you can update the reference bandwidth to make this work.\\
-\\
-When setting up OSPF, you will **always** want to update the Reference Bandwidth to a bigger value, and remember to do it on ALL your routers otherwise it will affect the calculations. Ideally making the reference bandwidth bigger than the fastest links in the whole of your network is best, and would allow for future speed upgrades.\\
-If you use a Reference Bandwidth of 100,000 Mbps:
-^ Interface        ^ speed      ^ calculation        ^ OSPF cost ^
-| Ethernet         | 10 Mbps    | 100000/10=10000    | 10,000        |
-| FastEthernet     | 100 Mbps   | 100000/100=1000    | 1,000         |
-| GigabitEthernet  | 1000 Mbps  | 100000/1000=100    | 100           |
-| 10GigEthernet    | 10000 Mbps | 100000/10000=10    | 10            |
-With these costs the OSPF process will start treating the faster links as better.\\
-Within OSPF config the command is
-    R3(config-router)#auto-cost reference-bandwidth 100000
-\\
-Interface bandwidth is a value automatically generated by taking the interface's physical bandwidth (physical speed). For example for a Fast Ethernet interface of 100 Mbps, the router will automatically generate a bandwidth value to this interface of 100.\\
-This figure is used by OSPF to automatically generate the OSPF costs. \\
-You can change this bandwidth figure which will in turn alter the OSPF cost. For example for a Fast Ethernet interface of 100 bandwidth, you can lower this to 10 to artificially make this interface "slower". This in turn will make the OSPF cost higher so the OSPF process will be less likely to pick that interface to use. You may want to do this because you want another route to be picked first instead.  \\
-However changing the interface bandwidth will affect other software policies (e.g. QoS).\\
-\\
-You can instead change the OSPF cost directly without having to change the interface bandwidth value. This way you can manipulate OSPF route selections without affecting other things.
-    show ip ospf interface FastEthernet 0/0
-    interface FastEthernet 0/0
-    ip ospf cost 1500
-\\
-==== OSPF - the process of sharing the LSDB ====
-The aim of OSPF is to share the full network topology with all routers in the network.\\
-Each router stores the information it receives in a Li-nk St-ate Data!base (LS%^DB).\\
-OSPF routers will send to each neighbouring router **Link State Advertisements (LSA)** and store them in the LSDB.  The routers will use the information it collected into the LSDB and make routing decisions based on it and deciding which routes to put in its routing table. \\
-\\
-The routers will go through various stages of neighbour states to share their LSAs and form their own LSDBs.\\
-In this instance it's probably easier to understand the stages if we imagine there are 2 routers forming an OSPF adjacency, R1 and R2.\\
-\\
-**DOWN STATE**\\
-R2 has already been enabled for OSPF, but there aren't any other OSPF routers. It's in the down state.\\
-On R1, OSPF has just been enabled on the interface, and that router does not know about any other OSPF routers yet.  The router will send out some LSAs called Hellos. Within the Hellos it will tag its own Router ID and a neighbor router ID of 0.0.0.0. It will send via broadcast IP of 224.0.0.5. This should reach any OSPF router listening on that IP address.\\
-**INIT STATE**\\
-A neighboring router (R2 in this example) will receive a Hello from a router, see that it contains neighbor RID of 0.0.0.0. This neighbouring router will be aware that another OSPF router exists so it will add it to its OSPF neighbor table. However R1 that sent the hello doesn't know about the neighbour yet.\\
-**2-WAY STATE**\\
-R2, the neighbour router, sends a hello in response to a hello it received containing neighbor RID of 0.0.0.0 from R1. R1 sees this and sees its own neighbor RID tagged in the hello, so it knows R2 must have heard the hello it sent and is ready to become neighbours.  R1 adds R2 into its neighbour table. \\
-A DR/BDR election may take place depending on the network type.\\
-**EXSTART STATE**\\
-The two routers will prepare to exchange information to each other about their LSDBs.  They will choose which one will begin the exchange by selecting a master and a slave. They send to each other Database Description (DBD) packets. The router with the highest router ID will become master while the router with the lower RID will become slave. \\
-**EXCHANGE STATE**\\
-The routers continue to send DBDs to each other. The DBDs at this stage do not contain detailed information about LSAs. Just basic information.  The routers will use these DBDs to check against its own LSDB, to see what it has and what it may be missing in preparation to receive LSAs. \\
-**LOADING STATE**\\
-The routers send Link State Requests (LSR) to each other. These basically ask a neighbour for an LSA that it needs to complete its LSDB. \\
-When a router receives an LSR, it sends a reply with a Link State Update (LSU) which contains the LSA containing the information it was asked to send. \\
-To verify an LSU was received from a neighbour, it will send back a Link State Acknowledgement (LSAck) to confirm, a bit like a 'thank you'.\\
-**FULL STATE**\\
-Routers will have a full OSPF adjacency with its neighbours. They will have fully synchronised their LSDBs so they have identical LSDBs and a map of the network topology. \\
-In the meanwhile they will continue to listen to hello packets to maintain the neighbour adjacency. \\
-It will also send hellos itself so neighbours know that it is still up. By default it sends every 10 seconds.\\
-A Dead Timer is maintained so the router knows if a router or link has gone down so it can respond accordingly. By default the Dead Timer is 40 seconds. Under normal operation, the dead timer starts at 40 seconds, counts down to 30 seconds, then by that time it should have received a hello from another router and reset the timer back to 40 seconds. \\
-If the dead timer counts down to zero because it didn't receive any hellos, the router will assume that neighbour has gone down so it will be removed from its LSDB. \\
-\\
-Cisco Troubleshooting TechNotes -
-OSPF Neighbor States
-https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13685-13.html\\
-Establishing Neighbor Relationships https://www.ciscopress.com/articles/article.asp?p=2294214
-==== OSPF - DR/BDR selection ====
-Neighbour adjacencies work differently in OSPF depending on the type of network it is enabled in. \\
-For broadcast network types, sharing of the network topology information (the LSDB) is managed by the **Designated Router (DR)** and the **Backup Designated Router (BDR)**. This makes the sharing of information more efficient instead of having to flood LSAs everywhere along the network which could be repeated information. \\
-A network segment of OSPF routers will elect the DR and BDR after initially forming neighbour relationships. It happens at the 2-Way State. \\
-The elections work as follows:
-  - Highest OSPF interface priority
-  - Highest OSPF Router ID
-    - Highest manually configured Router ID
-    - Highest loopback interface IP address that OSPF picked to use as Router ID
-    - Highest physical interface IP address that OSPF picked to use as Router ID
-The interface priority is a number from 0-255. 1 is highest priority. 255 is lowest priorty. 0 means the router will never become the DR.\\
-\\
-The DR/BDR election is **//non-preemptive//**, meaning once the process has declared the DR/BDR (and DROthers), they keep their roles until there is a change, e.g. OSPF process restarted, interface fails, interface shutdown, router fails etc. If you make a change, say you apply an OSPF interface priority of 255 to a router that is currently the DR, even though the priority is now less, the router will still be the DR until a change occurs.\\
-\\
-==== OSPF Areas ====
-OSPF has this concept of areas to divide the OSPF network into smaller ones. (segment large networks into smaller ones)\\
-This helps keep sharing of routes to a minimum, saving bandwidth. Also saves on router CPU time as less routes require less calculations to work out best routes. \\
-On small networks everything can be in a single area (Area 0), but larger networks one should consider setting up different areas.\\
-A change on the network will only need to be updated on the routers in the 1 area, other areas will not be affected. This means LSAs flooding the network would only be confined to one area. \\
-The use of route summarisation is crucial here to keep route tables efficient. \\
-Each area has its own LSDB to maintain.\\
-An **AREA** is a set of routers and links that share the same LSDB.\\
-The **BACKBONE AREA** (Area 0) is an area that all other areas must connect to.\\
-**INTERNAL ROUTERS** have all interfaces in the same area.\\
-**AREA BORDER ROUTERS** (ABR) have interfaces in multiple areas. (they maintain a separate LSDB for each area they are connected to)\\
-**BACKBONE ROUTERS** are connected to the backbone area (Area 0)\\
-**INTRA-AREA ROUTE** is a route to a destination inside the same area.\\
-**INTER-AREA ROUTE** is a route to a destination in a different OSPF area. \\
-{{:cisco:ospf_areas_pt.png?600|}}\\
-//Example of a simple multi-area OSPF network\\
- adapted from video on Jeremy's IT Lab on OSPF [[https://www.youtube.com/watch?v=pvuaoJ9YzoI|Link]]//
-==== OSPF - Key Ideas and Terminology ====
-**OSPF** - Open Shortest Path First - A link-state interior gateway protocol \\
-**Adjacency** - formed when 2 routers talk to each other and share LSAs and sync LSDBs. Usually routers will form full state with Designated Router (DR) and Backup Designated Router (BDR) (technically different to a neighbor)\\
-**Neighbor** - formed when 2 routers talk to each other and are aware of each other but don't exchange any additional information. Typically DROthers will be neighbours with each other as they are in the 2-Way state but not progressing to Full state.  (technically different to an adjacency)\\
-**LSA** - Link State Advertisement - Messages sent from OSPF routers containing their Router ID along with the networks they are linked to
-  * LSA Type 1 - Router LSA - Generated by all OSPF routers, identifies its RID and lists networks attached to its OSPF enabled interfaces
-  * LSA Type 2 - Network LSA - Generated by DRs of each multi-access network listing routers attached to the multi-access network
-  * LSA Type 5 - AS External LSA - Generated by ASBRs to describe routes to destinations outside of the Autonomous System (outside of OSPF domain)
-**LSDB** - Link State Database - the database structure on a router of all the LSAs it has collected. LSDBs are identical for all routers in an area. However the routes they select for their routing tables may be different as they run the SPF algorithm from their point of view.\\
-==== OSPF - Further reading ====
-https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/7039-1.html\\
-https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/xe-16/iro-xe-16-book/iro-cfg.html\\
-https://www.google.com/amp/s/computernetworking747640215.wordpress.com/2018/05/24/ospf-configuration-in-packet-tracer/amp/\\
-https://www.computernetworkingnotes.com/ccna-study-guide/ospf-configuration-step-by-step-guide.html\\
-https://twitter.com/CCNADailyTIPS/status/1254597717600407558\\  https://ccdtt.com/ccna-200-301-ospf-configuration-basics/\\
-https://www.routexp.com/2018/01/ospf-lsas-quick-fact-guide.html\\
-https://study-ccna.com/designated-backup-designated-router/\\
-Manipulating OSPF path selection with Cost http://gregsowell.com/?p=2827 \\
-https://community.fs.com/blog/rip-vs-ospf-what-is-the-difference.html\\
-//Can OSPF run on L3 switch? //
-\\
-Loopback interfaces??\\
-{{youtube>pvuaoJ9YzoI?medium}}\\
-{{youtube>7JOP9xmsRQA?medium}}\\
-===== EIGRP =====
-Enhanced Interior Gateway Routing Protocol (EIGRP) is an interior gateway protocol. \\
-Known as a distance vector protocol, but because of its enhancements it is sometimes known to fall into a category of "hybrid" protocols or an "advanced distance vector".\\
-\\
-Historically was a Cisco proprietary protocol, so generally only supported by Cisco routers and switches, not other vendors.  If you are exclusively using Cisco, EIGRP can be a suitable IGP to use for your network.  Otherwise you should use OSPF as this is supported on all vendors.
-  * https://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/16406-eigrp-toc.html
-  * https://www.techrepublic.com/article/cisco-administration-101-what-you-need-to-know-about-eigrp/
-  * Setting a Preferred Route by Influencing EIGRP Metrics https://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/13673-14.html
-//Will EIGRP run on a L3 switch? A: Probably, but I don't think they test you on this on the CCNA! //
-===== RIP =====
-Routing Information Protocol is an interior gateway protocol. Distance vector. It uses hop count as its metric for determining routes.  Less hop count is better (obviously!).  Has a limit of 15 max hop count.   Does NOT take into account bandwidth of interfaces.  So any interfaces with higher bandwidth (and potentially better network performance) would not be taken into account unless it happens to have better hop count for a given route.\\
-\\
-//Will RIP run on an L3 switch? A: Probably but I don't think the CCNA has this on the test. //
 ====== VLAN - Virtual Local Area Network ======
@@ Line 544: / Line 84: @@
 https://ipcisco.com/lesson/switch-virtual-interfaces-ccnp/\\
 https://networklessons.com/switching/intervlan-routing\\
-Cisco recommended practices for VLANs https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/1778-tz-VLAN-Best-Practices-and-Security-Tips-for-Cisco-Business-Routers.html
+Cisco recommended practices for VLANs https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/1778-tz-VLAN-Best-Practices-and-Security-Tips-for-Cisco-Business-Routers.html\\
+https://www.reddit.com/r/networking/comments/yxbrfn/is_there_a_scenario_in_which_8021q_tags_are/?utm_medium=android_app&utm_source=share\\
 ===== VLANs and IP phones =====
@@ Line 556: / Line 97: @@
 Cisco IOS DHCP, external DHCP server, clients, "helper-address", Option 43 for wireless LAN controllers, \\
-Maybe a section on step by step on how a client sends out DHCP request and how it is fulfilled by a DHCP server.\\
+Maybe a section on step by step on how a client sends out DHCP request and how it is fulfilled by a DHCP server. DORA.\\
 \\
 https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_dhcp/configuration/xe-3se/3850/dhcp-xe-3se-3850-book/config-dhcp-server.html\\
@@ Line 863: / Line 404: @@
   * https://www.omnisecu.com/cisco-certified-network-associate-ccna/inside-local-inside-global-outside-local-outside-global.php
   * IPv6 vs IPv4 NAT in Xbox Live https://www.reddit.com/r/xboxone/comments/9qzpti/is_ipv6_actually_important_to_have_on_like_xbox/
+  * Check Point NAT https://www.youtube.com/watch?v=Szc-Yj2bHYk
+  * Check Point NAT, Hide NAT, Static NAT https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManagement_AdminGuide/Topics-SECMG/Configuring-NAT-Policy.htm
+  * https://www.checkpoint.com/cyber-hub/network-security/what-is-network-address-translation-nat/
 ===== Cisco's Implementations of NAT =====
@@ Line 915: / Line 459: @@
 https://www.cisco.com/c/dam/en_us/training-events/le21/le34/downloads/689/academy/2008/sessions/BRK-134T_VPNs_Simplified.pdf
 \\
-https://networklessons.com/cisco/ccna-routing-switching-icnd2-200-105/introduction-to-vpns
+https://networklessons.com/cisco/ccna-routing-switching-icnd2-200-105/introduction-to-vpns\\
+Types of VPN, Remote access, Personal, Mobile, site-to-site https://www.top10vpn.com/what-is-a-vpn/vpn-types/ \\
 ====== IPSec ======
@@ Line 1097: / Line 642: @@
 https://www.firewall.cx/cisco-technical-knowledgebase/cisco-wireless/1077-cisco-wireless-controllers-interfaces-ports-functionality.html\\
 https://www.ciscopress.com/articles/article.asp?p=344242\\
+https://www.speaknetworks.com/cisco-wireless-controller-configuration/ \\
 ====== Network Automation and Programmability ======
@@ Line 1333: / Line 877: @@
 Can a huge coiled LAN cable have some trouble for transmitting a signal?\\
 https://superuser.com/questions/475934/can-a-huge-coiled-lan-cable-have-some-trouble-for-transmitting-a-signal\\
+Protective boots around the ethernet cable plug accidentally resetting some Cisco devices!\\
+https://www.cisco.com/c/en/us/support/docs/field-notices/636/fn63697.html\\
 ====== CCNA Exam ======
 New CCNA, New exam goes live on February 24, 2020, Exam code 200-301 CCNA \\

My DokuWiki

User Tools

Site Tools

Differences

Page Tools