Cisco Network Training - GDT [PDF]

Cisco Network Training (CCENT/CCT/CCNA R&S) Mark Breedlove Systems Engineer – CCIE R&S 8657 May 2015

Agenda


Introduction/Overview Objective
CCNA Level?





Certifications




OSI and TCP/IP Models




Ethernet, Hubs, Bridges, Switches




Device Access




Resources

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

2

Objective


First and foremost, better understanding
Foundational knowledge leads to better productivity




Employers know there is value in Cisco Certified employees
http://www.cisco.com/go/hire - White paper on certifications
Employees who were Cisco certified were found to have increased speed and effectiveness in completing network-related IT projects, resolving technical problems and an ability to come up to speed rapidly during onboarding.
Seventy-eight percent of network managers in the survey rated their Cisco certified staff as coming up to speed more than 20 percent faster.
More than half of the networking managers in the survey rated external customer satisfaction as being 30 percent or better as a result of Cisco certified staff.
Network managers in the survey believed that Cisco certified employees reduce network downtime by as much as 37 percent on average.
http://www.cisco.com/web/learning/employer_resources/pdfs/wp13CS4110_EmployerV alue.pdf Cisco Public

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

3

Certifications


Entry Level











CCT – Cisco Certified Technician


CCT – Data Center




CCT – Routing & Switching




CCT – Telepresence

Professional Level


CCENT – Cisco Certified Entry Technician

Associate Level


CCNA – Cisco Certified Networking Associate


CCNA – Routing and Switching




CCDA




CCNA – Data Center




CCNA – Security




CCNA Service Provider




CCNA Server Provider Operations (Retired Feb 1st, 2015)




CCNA Video




CCNA Voice




CCNA Wireless

© 2014 Cisco and/or its affiliates. All rights reserved.







CCDP




CCNP Data Center




CCNP Security




CCNP Service Provider




CCNP Service Provider Operations




CCNP Voice




CCNP Wireless

Expert Level – Practical Lab






CCNP – Cisco Certified Networking Professional

CCIE – Cisco Certified Internetwork Expert CCDE – Cisco Certified Design Expert

Architect Level – Board Review


CCAr – Cisco Certified Architect Cisco Public

Cisco Confidential

4

CCNA – Routing and Switching

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

5

Exam Description


The 200-120 composite CCNA v2 exam is a 1.5 hour test with 50 – 60 questions.




http://www.cisco.com/web/learning/exams/docs/200-120_composite2.pdf

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

6

Content


Operation of Data Networks





LAN Switching Technologies





SSH, VTY, port conditions, etc

Troubleshooting





DHCP, ACLs, NAT, HSRP, VRRP, GLBP, SNMP, etc

Network Device Security





CEF, packet forwarding, routing tables, OSPF, EIGRP, SVIs

IP Services





Addressing, public/private, subnetting, etc

IP Routing Technologies





L2 – Collision Domains, Broadcast Domains, RSTP, Etherchannels, etc

IP Addressing (IPv4/IPv6)





Hubs, Switches, Bridges, Routers

Resolve issues with everything above

WAN Technologies


Metro Ethernet, T1/E1, MPLS, ISDN, VPN, etc

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

7

Recertification


CCNA Routing and Switching certifications are valid for three years. To recertify, pass ONE of the following before the certification expiration date:




Pass any current Associate-level exam except for the ICND1 exam




Pass any current 642-XXX Professional-level or any 300-XXX Professional-level exam




Pass any current 642-XXX Cisco Specialist exam (excluding Sales Specialist exams or MeetingPlace Specialist exams, Implementing Cisco TelePresence Installations (ITI) exams, Cisco Leading Virtual Classroom Instruction exams, or any 650 online exams)




Pass any current CCIE Written Exam




Pass the current CCDE Written Exam OR current CCDE Practical Exam




Pass the Cisco Certified Architect (CCAr) interview AND the CCAr board review to extend lower certifications.

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

8

© 2013 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

9

OSI Model


We still use the OSI model for terminology




“Layer 2 Switch”




“Layer 3 Protocol”

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

10

TCP/IP Model


A networking model, sometimes also called either a networking architecture or networking blueprint, refers to a comprehensive set of documents. Individually, each document describes one small function required for a network; collectively, these documents define everything that should happen for a computer network to work.

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

11

TCP/IP Model


Step 1. Create and encapsulate the application data with any required application layer headers. For example, the HTTP OK message can be returned in an HTTP header, followed by part of the contents of a web page.




Step 2. Encapsulate the data supplied by the application layer inside a transport layer header. For end-user applications, a TCP or UDP header is typically used.




Step 3. Encapsulate the data supplied by the transport layer inside a network layer (IP) header. IP defines the IP addresses that uniquely identify each computer.




Step 4. Encapsulate the data supplied by the network layer inside a data link layer header and trailer. This layer uses both a header and a trailer.




Step 5. Transmit the bits. The physical layer encodes a signal onto the medium to transmit the frame.

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

12

Standards


IEEE – Institute for Electrical and Electronic Engineers




RFC – Request for Comments (TCP/IP uses to deploy protocols)

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

13

© 2013 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

14

LANs and Ethernet

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

15

Media, Cables, Plumbing


10Base-T (IEEE 802.3) 10 Mbps using category 3 unshielded twisted pair (UTP) wiring for runs up to 100 meters. Unlike with the 10Base-2 and 10Base-5 networks, each device must connect into a hub or switch, and you can have only one host per segment or wire. It uses an RJ45 connector (8-pin modular connector) with a physical star topology and a logical bus.




100Base-TX (IEEE 802.3u) 100Base-TX, most commonly known as Fast Ethernet, uses EIA/TIA category 5, 5E, or 6 UTP two-pair wiring. One user per segment; up to 100 meters long. It uses an RJ45 connector with a physical star topology and a logical bus.




100Base-FX (IEEE 802.3u) Uses fiber cabling 62.5/125-micron multimode fiber. Point-to-point topology; up to 412 meters long. It uses ST and SC connectors, which are media-interface connectors.




1000Base-CX (IEEE 802.3z) Copper twisted-pair, called twinax, is a balanced coaxial pair that can run only up to 25 meters and uses a special 9-pin connector known as the High Speed Serial Data Connector (HSSDC). This is used in Cisco’s new Data Center technologies.




1000Base-T (IEEE 802.3ab) Category 5, four-pair UTP wiring up to 100 meters long and up to 1 Gbps.




1000Base-SX (IEEE 802.3z) The implementation of 1 Gigabit Ethernet running over multimode fiber-optic cable instead of copper twistedpair cable, using short wavelength laser. Multimode fiber (MMF) using 62.5- and 50-micron core; uses an 850 nanometer (nm) laser and can go up to 220 meters with 62.5-micron, 550 meters with 50-micron.




1000Base-LX (IEEE 802.3z) Single-mode fiber that uses a 9-micron core and 1300 nm laser and can go from 3 kilometers up to 10 kilometers.




1000Base-ZX (Cisco standard) 1000BaseZX, or 1000Base-ZX, is a Cisco specified standard for Gigabit Ethernet communication. 1000BaseZX operates on ordinary single-mode fiber-optic links with spans up to 43.5 miles (70 km).




10GBase-T (802.3.an) 10GBase-T is a standard proposed by the IEEE 802.3an committee to provide 10 Gbps connections over conventional UTP cables, (category 5e, 6, or 7 cables). 10GBase-T allows the conventional RJ45 used for Ethernet LANs and can support signal transmission at the full 100-meter distance specified for LAN wiring.

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

16

Unshielded Twisted Pair (UTP)


Straight – through




Crossover




Rolled

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

17

Straight Through Cable


Host to Switch




Router to Switch

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

18

Crossover Cable

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

19

UTP Gigabit (1000Base-T)

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

20

Rolled Cables

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

21

Ethernet – Consistent at the Data Link


Although Ethernet includes many physical layer standards, Ethernet acts like a single LAN technology because it uses the same data link layer standard over all types of Ethernet physical links.

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

22

White Board – Hubs/Bridges


Hubs




Bridges




Half Duplex / Full Duplex




Collision Domains

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

23

Half Duplex


Hubs operate at half-duplex




Must detect collisions




30-40% overhead CSMA/CD

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

24

Full Duplex


Two pairs of wires instead of one




Point to point connections

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

25

Segmenting

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

26

White Board - Switches


MAC Addresses (Unicast vs Broadcast)




CAM Table, MAC Address Table, Bridging Table, Switching Table




Forwarding




Loop Prevention (STP)




Processing (Store and Forward, Cut Through, Fragment Free)

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

27

Switch Forwarding

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

28

Ethernet Addressing


Ethernet addresses, also called Media Access Control (MAC) addresses, are 6-byte-long (48-bit-long) binary numbers




Listed as 12 digit hexadecimal numbers




Cisco switch might list a MAC address as 0000.0C12.3456 for readability

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

29

Troubleshooting and Identification


http://standards.ieee.org/develop/regauth/oui/public.html




FF:FF:FF:FF:FF:FF - Broadcast

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

30

Base Design Concepts


Broadcast Domains LAN switches forward Broadcast frames
Routers do not forward Broadcast frames





VLANs Virtual LANs (Trunks)
A LAN consists of devices in the same Broadcast Domain
Without VLANs, a switch considers all ports in the same broadcast domain
With VLANs a switch groups different interfaces into separate broadcast domains based on configuration


© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

31

Campus Design Terminology


Access





Distribution





Connects directly to client devices (gives them access to the network) Forwards traffic to other access switches (doesn’t connect to end devices)

Core


Forwards traffic between other areas of the network (distribution)

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

32

Meet the Required Needs of your users


Shared Bandwidth




Distance




Privacy/Security

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

33

© 2013 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

34

Telnet


One of the first! 1969




Terminal Emulation




Access Remote Resources




Everything in clear text




Low overhead

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

35

Secure Shell (SSH)


Similar to Telnet




Uses encrypted data




“This one simple trick

will make you life easier” “Auditors hate us”

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

36

File Transfer Protocol (FTP)


Transfers files




Operates as a program




Access Files




Access Directories

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

37

Trivial File Transfer Protocol (TFTP)


Stripped down version of FTP




Protocol of choice ifA




You know what you want




You know where to get it

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

38

Simple Network Management Protocol (SNMP)


Gathers data by polling devices on the network




Receives a baseline of a healthy network




Agents can send alerts




Agents send traps

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

39

Network Time Protocol (NTP)


Used to synchronize clocks




Normally one standard time source




Keeps network devices time in sync




Important for troubleshooting

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

40

Domain Name Service (DNS)


Resolves hostnames




IP address identifies hosts on a network – DNS makes our lives easier




If a server doesn’t know




Forward request to root




Fully Qualified Domain Name

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

41

Dynamic Host Configuration (DHCP)


Assigns IP addresses to hosts




Many types of DHCP servers




IP address




Subnet Mask




Domain Name




DNS Server




Default Gateway

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

42

© 2013 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

43

Device Access


Serial/Console
Direct Connect, device not configured




Telnet
TCP/IP – Clear text




SSH (Secure Shell)
TCP/IP – Encrypts data

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

44

Device Access


Default security – no password or remote login capabilities
Direct Connect, device not configured




Once configured for Telnet and/or SSH – need password




SSH needs more configuration – Username and Password

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

45

Device Access


User and Enable Modes
Privileged (enable)




Once configured for Telnet and/or SSH – need password




Transport input all

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

46

Device Access


Configuration Mode
Configure terminal to enter
Ctrl-z or end to exit




Configuration Sub Modes

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

47

Editing and Help

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

48

Editing and Help

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

49

Editing and Help

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

50

Editing and Help

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

51

Troubleshooting

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

52

Troubleshooting

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

53

Troubleshooting

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

54

Troubleshooting

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

55

Device Access


Storing Switch Configuration Files

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

56

Device Access


Remote IP Access
Assign an IP address to a Switched Virtual Interface (SVI)




A typical Layer 2 switch can only use one SVI for IP access
A multilayer switch or layer 3
Switch can “route” between svi

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

57

Device Access


Shutdown or Change the VLAN of unused ports
Set unused ports to a non-used VLAN
Change ports from trunked ports to access ports
Change the native VLAN to a non-VLAN 1 vlan
OrAjust shutdown the port

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

58

Secure Configurations

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

59

© 2013 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

60

Resources


http://www.cisco.com




http://www.cisco.com/goAA




Google

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

61

Resources


http://www.cisco.com/web/learning/certifications/index.html

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

62

Resources


http://www.ciscopress.com

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

63

Resources


http://virl.cisco.com




Design, learn and test with virtual machine running real Cisco network operating systems – IOS, IOS Layer-2, IOS XE, IOS XR, NX-OS and ASA firewall as well as virtual machine running 3rd party operating systems.

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

64

The Challenge How do you:






Test new OS versions and features? Stage new deployments? Troubleshoot problems? Train new staff? Develop new offerings?

All at scale, with limited budgets, and without harming live networks?

© 2014 Cisco and/or its affiliates. All rights reserved.

Virtual Internet Routing Labs

Cisco Public

Cisco Confidential

65

What is Virtual Internet Routing Labs (VIRL)? A multi-purpose extensible network virtualization and simulation platform
Enables highly-accurate models of real-world / future networks
Leverages ‘real’ network operating systems - build synched with platform releases
Supports the integration of ‘real’ and virtual networks
Allows servers, appliances, and routers to be added and removed on-demand

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

66

Editions and Features Personal Edition v1.0




Single project and user Deployment on vmWare Workstation, Player, or Fusion One-year license terms



15 nodes 60-day demo license





Community supported Valuable for self-education and certification training




Cisco VIRL Personal Edition annual license for a single installation of this scalable network design and simulation environment for servers or laptops. This includes IOSv, IOSvL2, IOS XRv, NX-OSv, CSR1000v and ASA1000v virtual machines as well as third party images such as Ubuntu Linux.

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

67

Case 1: Training and Education Teach and train the next generation Network engineers
Operators
Designers
Architects


Students need ‘hands-on’ experience but the challenge is access to hardware Learn by doing!
10 students to 1 router or 1 student to 10 routers?
Real-world operating systems or Open-source?


© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

68

Case 2: Test New Features, Solutions

Segment Routing – hand’s on

SDN Technologies test-bed

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

69

Cisco PSIRT has your back Product Security Incident Response Team (PSIRT) - www.cisco.com/go/psirt • Dedicated, global team managing security vulnerability information related to Cisco products and

networks • Responsible for Cisco Security Advisories, Responses and Notices • Interface with security researchers and hackers • Assist Cisco product teams in securing products • Subscribe (RSS or email) to Cisco notification service

© 2014 Cisco and/or its affiliates. All rights reserved.

Cisco Public

Cisco Confidential

70

Q&A

© 2013-2014 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

71

Thank you.