Cisco Network Training

Cisco Network Training (CCENT/CCT/CCNA R&S) Mark Breedlove Systems Engineer CCIE R&S 8657 May 2015

Agenda Introduction/Overview Objective CCNA Level? Certifications OSI and TCP/IP Models Ethernet, Hubs, Bridges, Switches Device Access Resources Cisco Confidential 2

Objective First and foremost, better understanding Foundational knowledge leads to better productivity Employers know there is value in Cisco Certified employees http://www.cisco.com/go/hire - White paper on certifications Employees who were Cisco certified were found to have increased speed and effectiveness in completing network-related IT projects, resolving technical problems and an ability to come up to speed rapidly during onboarding. Seventy-eight percent of network managers in the survey rated their Cisco certified staff as coming up to speed more than 20 percent faster. More than half of the networking managers in the survey rated external customer satisfaction as being 30 percent or better as a result of Cisco certified staff. Network managers in the survey believed that Cisco certified employees reduce network downtime by as much as 37 percent on average. http://www.cisco.com/web/learning/employer_resources/pdfs/wp13cs4110_employerv alue.pdf Cisco Confidential 3

Certifications Entry Level CCT Cisco Certified Technician CCT Data Center CCT Routing & Switching CCT Telepresence CCENT Cisco Certified Entry Technician Associate Level CCNA Cisco Certified Networking Associate CCNA Routing and Switching CCDA CCNA Data Center CCNA Security CCNA Service Provider CCNA Server Provider Operations (Retired Feb 1 st, 2015) CCNA Video CCNA Voice CCNA Wireless Professional Level CCNP Cisco Certified Networking Professional CCDP CCNP Data Center CCNP Security CCNP Service Provider CCNP Service Provider Operations CCNP Voice CCNP Wireless Expert Level Practical Lab CCIE Cisco Certified Internetwork Expert CCDE Cisco Certified Design Expert Architect Level Board Review CCAr Cisco Certified Architect Cisco Confidential 4

CCNA Routing and Switching Cisco Confidential 5

Exam Description The 200-120 composite CCNA v2 exam is a 1.5 hour test with 50 60 questions. http://www.cisco.com/web/learning/exams/docs/200-120_composite2.pdf Cisco Confidential 6

Content Operation of Data Networks Hubs, Switches, Bridges, Routers LAN Switching Technologies L2 Collision Domains, Broadcast Domains, RSTP, Etherchannels, etc IP Addressing (IPv4/IPv6) Addressing, public/private, subnetting, etc IP Routing Technologies CEF, packet forwarding, routing tables, OSPF, EIGRP, SVIs IP Services DHCP, ACLs, NAT, HSRP, VRRP, GLBP, SNMP, etc Network Device Security SSH, VTY, port conditions, etc Troubleshooting Resolve issues with everything above WAN Technologies Metro Ethernet, T1/E1, MPLS, ISDN, VPN, etc Cisco Confidential 7

Recertification CCNA Routing and Switching certifications are valid for three years. To recertify, pass ONE of the following before the certification expiration date: Pass any current Associate-level exam except for the ICND1 exam Pass any current 642-XXX Professional-level or any 300-XXX Professional-level exam Pass any current 642-XXX Cisco Specialist exam (excluding Sales Specialist exams or MeetingPlace Specialist exams, Implementing Cisco TelePresence Installations (ITI) exams, Cisco Leading Virtual Classroom Instruction exams, or any 650 online exams) Pass any current CCIE Written Exam Pass the current CCDE Written Exam OR current CCDE Practical Exam Pass the Cisco Certified Architect (CCAr) interview AND the CCAr board review to extend lower certifications. Cisco Confidential 8

2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9

OSI Model We still use the OSI model for terminology Layer 2 Switch Layer 3 Protocol Cisco Confidential 10

TCP/IP Model A networking model, sometimes also called either a networking architecture or networking blueprint, refers to a comprehensive set of documents. Individually, each document describes one small function required for a network; collectively, these documents define everything that should happen for a computer network to work. Cisco Confidential 11

TCP/IP Model Step 1. Create and encapsulate the application data with any required application layer headers. For example, the HTTP OK message can be returned in an HTTP header, followed by part of the contents of a web page. Step 2. Encapsulate the data supplied by the application layer inside a transport layer header. For end-user applications, a TCP or UDP header is typically used. Step 3. Encapsulate the data supplied by the transport layer inside a network layer (IP) header. IP defines the IP addresses that uniquely identify each computer. Step 4. Encapsulate the data supplied by the network layer inside a data link layer header and trailer. This layer uses both a header and a trailer. Step 5. Transmit the bits. The physical layer encodes a signal onto the medium to transmit the frame. Cisco Confidential 12

Standards IEEE Institute for Electrical and Electronic Engineers RFC Request for Comments (TCP/IP uses to deploy protocols) Cisco Confidential 13

2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14

LANs and Ethernet Cisco Confidential 15

Media, Cables, Plumbing 10Base-T (IEEE 802.3) 10 Mbps using category 3 unshielded twisted pair (UTP) wiring for runs up to 100 meters. Unlike with the 10Base-2 and 10Base-5 networks, each device must connect into a hub or switch, and you can have only one host per segment or wire. It uses an RJ45 connector (8-pin modular connector) with a physical star topology and a logical bus. 100Base-TX (IEEE 802.3u) 100Base-TX, most commonly known as Fast Ethernet, uses EIA/TIA category 5, 5E, or 6 UTP two-pair wiring. One user per segment; up to 100 meters long. It uses an RJ45 connector with a physical star topology and a logical bus. 100Base-FX (IEEE 802.3u) Uses fiber cabling 62.5/125-micron multimode fiber. Point-to-point topology; up to 412 meters long. It uses ST and SC connectors, which are media-interface connectors. 1000Base-CX (IEEE 802.3z) Copper twisted-pair, called twinax, is a balanced coaxial pair that can run only up to 25 meters and uses a special 9-pin connector known as the High Speed Serial Data Connector (HSSDC). This is used in Cisco s new Data Center technologies. 1000Base-T (IEEE 802.3ab) Category 5, four-pair UTP wiring up to 100 meters long and up to 1 Gbps. 1000Base-SX (IEEE 802.3z) The implementation of 1 Gigabit Ethernet running over multimode fiber-optic cable instead of copper twistedpair cable, using short wavelength laser. Multimode fiber (MMF) using 62.5- and 50-micron core; uses an 850 nanometer (nm) laser and can go up to 220 meters with 62.5-micron, 550 meters with 50-micron. 1000Base-LX (IEEE 802.3z) Single-mode fiber that uses a 9-micron core and 1300 nm laser and can go from 3 kilometers up to 10 kilometers. 1000Base-ZX (Cisco standard) 1000BaseZX, or 1000Base-ZX, is a Cisco specified standard for Gigabit Ethernet communication. 1000BaseZX operates on ordinary single-mode fiber-optic links with spans up to 43.5 miles (70 km). 10GBase-T (802.3.an) 10GBase-T is a standard proposed by the IEEE 802.3an committee to provide 10 Gbps connections over conventional UTP cables, (category 5e, 6, or 7 cables). 10GBase-T allows the conventional RJ45 used for Ethernet LANs and can support signal transmission at the full 100-meter distance specified for LAN wiring. Cisco Confidential 16

Unshielded Twisted Pair (UTP) Straight through Crossover Rolled Cisco Confidential 17

Straight Through Cable Host to Switch Router to Switch Cisco Confidential 18

Crossover Cable Cisco Confidential 19

UTP Gigabit (1000Base-T) Cisco Confidential 20

Rolled Cables Cisco Confidential 21

Ethernet Consistent at the Data Link Although Ethernet includes many physical layer standards, Ethernet acts like a single LAN technology because it uses the same data link layer standard over all types of Ethernet physical links. Cisco Confidential 22

White Board Hubs/Bridges Hubs Bridges Half Duplex / Full Duplex Collision Domains Cisco Confidential 23

Half Duplex Hubs operate at half-duplex Must detect collisions 30-40% overhead CSMA/CD Cisco Confidential 24

Full Duplex Two pairs of wires instead of one Point to point connections Cisco Confidential 25

Segmenting Cisco Confidential 26

White Board - Switches MAC Addresses (Unicast vs Broadcast) CAM Table, MAC Address Table, Bridging Table, Switching Table Forwarding Loop Prevention (STP) Processing (Store and Forward, Cut Through, Fragment Free) Cisco Confidential 27

Switch Forwarding Cisco Confidential 28

Ethernet Addressing Ethernet addresses, also called Media Access Control (MAC) addresses, are 6-byte-long (48-bit-long) binary numbers Listed as 12 digit hexadecimal numbers Cisco switch might list a MAC address as 0000.0C12.3456 for readability Cisco Confidential 29

Troubleshooting and Identification http://standards.ieee.org/develop/regauth/oui/public.html FF:FF:FF:FF:FF:FF - Broadcast Cisco Confidential 30

Base Design Concepts Broadcast Domains LAN switches forward Broadcast frames Routers do not forward Broadcast frames VLANs Virtual LANs (Trunks) A LAN consists of devices in the same Broadcast Domain Without VLANs, a switch considers all ports in the same broadcast domain With VLANs a switch groups different interfaces into separate broadcast domains based on configuration Cisco Confidential 31

Campus Design Terminology Access Connects directly to client devices (gives them access to the network) Distribution Forwards traffic to other access switches (doesn t connect to end devices) Core Forwards traffic between other areas of the network (distribution) Cisco Confidential 32

Meet the Required Needs of your users Shared Bandwidth Distance Privacy/Security Cisco Confidential 33

2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34

Telnet One of the first! 1969 Terminal Emulation Access Remote Resources Everything in clear text Low overhead Cisco Confidential 35

Secure Shell (SSH) Similar to Telnet Uses encrypted data This one simple trick will make you life easier Auditors hate us Cisco Confidential 36

File Transfer Protocol (FTP) Transfers files Operates as a program Access Files Access Directories Cisco Confidential 37

Trivial File Transfer Protocol (TFTP) Stripped down version of FTP Protocol of choice if You know what you want You know where to get it Cisco Confidential 38

Simple Network Management Protocol (SNMP) Gathers data by polling devices on the network Receives a baseline of a healthy network Agents can send alerts Agents send traps Cisco Confidential 39

Network Time Protocol (NTP) Used to synchronize clocks Normally one standard time source Keeps network devices time in sync Important for troubleshooting Cisco Confidential 40

Domain Name Service (DNS) Resolves hostnames IP address identifies hosts on a network DNS makes our lives easier If a server doesn t know Forward request to root Fully Qualified Domain Name Cisco Confidential 41

Dynamic Host Configuration (DHCP) Assigns IP addresses to hosts Many types of DHCP servers IP address Subnet Mask Domain Name DNS Server Default Gateway Cisco Confidential 42

2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43

Device Access Serial/Console Direct Connect, device not configured Telnet TCP/IP Clear text SSH (Secure Shell) TCP/IP Encrypts data Cisco Confidential 44

Device Access Default security no password or remote login capabilities Direct Connect, device not configured Once configured for Telnet and/or SSH need password SSH needs more configuration Username and Password Cisco Confidential 45

Device Access User and Enable Modes Privileged (enable) Once configured for Telnet and/or SSH need password Transport input all Cisco Confidential 46

Device Access Configuration Mode Configure terminal to enter Ctrl-z or end to exit Configuration Sub Modes Cisco Confidential 47

Editing and Help Cisco Confidential 48

Editing and Help Cisco Confidential 49

Editing and Help Cisco Confidential 50

Editing and Help Cisco Confidential 51

Troubleshooting Cisco Confidential 52

Troubleshooting Cisco Confidential 53

Troubleshooting Cisco Confidential 54

Troubleshooting Cisco Confidential 55

Device Access Storing Switch Configuration Files Cisco Confidential 56

Device Access Remote IP Access Assign an IP address to a Switched Virtual Interface (SVI) A typical Layer 2 switch can only use one SVI for IP access A multilayer switch or layer 3 Switch can route between svi Cisco Confidential 57

Device Access Shutdown or Change the VLAN of unused ports Set unused ports to a non-used VLAN Change ports from trunked ports to access ports Change the native VLAN to a non-vlan 1 vlan Or just shutdown the port Cisco Confidential 58

Secure Configurations Cisco Confidential 59

2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 60

Resources http://www.cisco.com http://www.cisco.com/go Google Cisco Confidential 61

Resources http://www.cisco.com/web/learning/certifications/index.html Cisco Confidential 62

Resources http://www.ciscopress.com Cisco Confidential 63

Resources http://virl.cisco.com Design, learn and test with virtual machine running real Cisco network operating systems IOS, IOS Layer-2, IOS XE, IOS XR, NX-OS and ASA firewall as well as virtual machine running 3rd party operating systems. Cisco Confidential 64

The Challenge How do you: Test new OS versions and features? Stage new deployments? Troubleshoot problems? Train new staff? Develop new offerings? All at scale, with limited budgets, and without harming live networks? Virtual Internet Routing Labs Cisco Confidential 65

What is Virtual Internet Routing Labs (VIRL)? A multi-purpose extensible network virtualization and simulation platform Enables highly-accurate models of real-world / future networks Leverages real network operating systems - build synched with platform releases Supports the integration of real and virtual networks Allows servers, appliances, and routers to be added and removed on-demand Cisco Confidential 66

Editions and Features Personal Edition v1.0 Single project and user Deployment on vmware Workstation, Player, or Fusion One-year license terms 15 nodes 60-day demo license Community supported Valuable for self-education and certification training Cisco VIRL Personal Edition annual license for a single installation of this scalable network design and simulation environment for servers or laptops. This includes IOSv, IOSvL2, IOS XRv, NX-OSv, CSR1000v and ASA1000v virtual machines as well as third party images such as Ubuntu Linux. Cisco Confidential 67

Case 1: Training and Education Teach and train the next generation Network engineers Operators Designers Architects Students need hands-on experience but the challenge is access to hardware Learn by doing! 10 students to 1 router or 1 student to 10 routers? Real-world operating systems or Open-source? Cisco Confidential 68

Case 2: Test New Features, Solutions Segment Routing hand s on SDN Technologies test-bed Cisco Confidential 69

Cisco PSIRT has your back Product Security Incident Response Team (PSIRT) - www.cisco.com/go/psirt Dedicated, global team managing security vulnerability information related to Cisco products and networks Responsible for Cisco Security Advisories, Responses and Notices Interface with security researchers and hackers Assist Cisco product teams in securing products Subscribe (RSS or email) to Cisco notification service Cisco Confidential 70

Q & A 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 71

Thank you.