Cisco CCNA/CCENT Exam 640-802, 640-822, 640-816 Preparation Kit

By Dale Liu

Three exams, two certifications, one complete Cisco training solution for networking professionals! The CCNA exam is an entry-level IT certification from Cisco Systems for professionals installing and maintaining route and switched networks. The current exam material covers networking concepts along with new and updated content on network security fundamentals and the basics of wireless networking. This book can be used as a study guide for either track you choose to receive your CCNA – the single exam, 640-802 or the combined 640-822 and 640-816, and for the CCENT certification which a student will receive upon completion of the 640-822 exam. The author team has arranged the content so that you can easily identify the objectives for each half of the combined exam.

• Layout of the guide parallels the CCNA/CCENT exam objectives for ease of study
• Details all aspects of the exams including security and wireless networking essentials
• Covers everything from introductory to advanced topics—keeping the beginner and intermediate IT professional in mind
• Chapter ending questions and answers allow for graduated learning
• Two practice exams on the accompanying DVD help eliminate test-day jitters

• Language: English
• Publisher: Syngress
• Release date: Jun 30, 2009
• ISBN: 9780080879680

Dale Liu

Dale Liu, (MCSE Security, CISSP, MCT, IAM/IEM, CCNA) has been working in the computer and networking field for over 20 years. Dale's experience ranges from programming to networking to information security and project management. He currently teaches networking, routing and security classes, while working in the field performing security audits and infrastructure design for medium to large companies.

Book preview

Table of Contents

Cover Image

Copyright

Contributors

Acknowledgements

About the Authors

CHAPTER 1. Introduction to Networking

CHAPTER 2. The Open Systems Interconnect Model

CHAPTER 3. Subnetting, CIDR, and Variable Length Subnet Masking

CHAPTER 4. Configuring Cisco Routers

CHAPTER 5. Routing Protocols

CHAPTER 6. Implementing RIP, Version 2

CHAPTER 7. Implementing the OSPF Protocol

CHAPTER 8. Implementing the EIGRP

CHAPTER 9. Access Control Lists

CHAPTER 10. IPv6

CHAPTER 11. Configuring Cisco Switches

CHAPTER 12. Spanning-Tree Protocol

CHAPTER 13. VLANs

CHAPTER 14. VLAN Trunking Protocol

CHAPTER 15. Cisco WAN Configuration

CHAPTER 16. Configuring PPP and CHAP

Appendix. Self Test

Index

Copyright © 2009 Elsevier Inc.. All rights reserved.

Copyright

Elsevier, Inc., the author(s), and any person or firm involved in the writing, editing, or production (collectively Makers) of this book (the Work) do not guarantee or warrant the results to be obtained from the Work.

There is no guarantee of any kind, expressed or implied, regarding the Work or its contents. The Work is sold AS IS and WITHOUT WARRANTY. You may have other legal rights, which vary from state to state.

In no event will Makers be liable to you for damages, including any loss of profits, lost savings, or other incidental or consequential damages arising out from the Work or its contents. Because some states do not allow the exclusion or limitation of liability for consequential or incidental damages, the above limitation may not apply to you.

You should always use reasonable care, including backup and other appropriate precautions, when working with computers, networks, data, and files.

Syngress Media ®, Syngress ®, Career Advancement Through Skill Enhancement ®, Ask the Author UPDATE ®, and Hack Proofing ®, are registered trademarks of Elsevier, Inc. Syngress: The Definition of a Serious Security Library™, Mission Critical™, and The Only Way to Stop a Hacker is to Think Like One™ are trademarks of Elsevier, Inc. Brands and product names mentioned in this book are trademarks or service marks of their respective companies.

PUBLISHED BY

Syngress Publishing, Inc.

Elsevier, Inc.

30 Corporate Drive

Burlington, MA 01803

Cisco CCNA/CCENT Exam 640-802, 640-822, 640-816 Preparation Kit

Copyright © 2009 by Elsevier, Inc. All rights reserved. Printed in the United States of America. Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of the publisher, with the exception that the program listings may be entered, stored, and executed in a computer system, but they may not be reproduced for publication.

ISBN 13: 978-1-59749-306-2

Publisher: Laura Colantoni Page Layout and Art: diacriTech

Acquisitions Editor: Rachel Roumeliotis Copy Editors: Audrey Doyle, Charles Roumeliotis

Developmental Editor: Matthew Cater Indexer: diacriTech

Lead Author and Technical Editor: Dale Liu Cover Designer: Michael Kavish

Project Manager: Andre Cuello

For information on rights, translations, and bulk sales, contact Matt Pedersen, Director of Corporate Sales, Elsevier; e-mail: m.pedersen@elsevier.com.

Library of Congress Cataloging-in-Publication Data

Liu, Dale.

Cisco CCNA/CCENT exam 640-802, 640-822, 640-816 preparation kit / Dale Liu.

p. cm.

Includes index.

ISBN 978-1-59749-306-2

1. Computer networks—Examinations—Study guides. 2. Telecommunications engineers—Certification. I. Title. TK5105.5.L567 2009

004.6076—dc22

2009016847

Printed in the United States of America

1 2 3 4 5 6 7 8 9 0

Contributors

Naomi J. Alpern

David Andersson

Kimarie Hazelbaker

C. Eric Irvin

Steve Long

Johan Loos

Renato Martins

Kevin Miller

Derrick Rountree

Robert J. Shimonski

Scott Sweitzer

Acknowledgements

I would like to dedicate this book first to the staff, publisher, and editors at Syngress:

■ Laura Colantoni, Publisher

■ Matt Cater, Developmental Editor

■ Rachel Roumeliotis, Senior Acquisitions Editor

I thank all of the other contributing authors, editors, and copy editors, without whom this project could not have succeeded!

I thank Tommy and the entire staff of the Bull and the Bear Tavern and Eatery, in Houston, Texas, especially Table no. 1, where a lot of the book was created and edited; you really have a great place to work!

And finally and most importantly, I dedicate this book to Amy Mitamura, my muse, inspiration, support, and in-house editor, whose continued support and understanding were vital for this process to come to completion!

I thank you all!

—Dale Liu

About the Authors

Lead Author and Technical Editor

Dale Liu (MCSE Security, CISSP, MCT, IAM/IEM, CCNA) has been working in the computer and networking field for more than 20 years. Dale's experience ranges from programming to networking to information security and project management. He currently teaches networking, routing, and security classes, while working in the field performing security audits and infrastructure design for medium to large companies.

Dale was the lead author and technical editor for Next Generation SSH2 Implementation: Securing Data in Motion (ISBN: 978-1-59749-283-6, Syngress), lead author and technical editor for Cisco Router and Switch Forensics: Investigating and Analyzing Malicious Network Activity, (ISBN: 978-1-59749-418-2, Syngress), technical editor for The IT Regulatory and Standards Compliance Handbook: How to Survive an Information Systems Audit and Assessments (ISBN: 978-1-59749-266-9, Syngress), and a contributing author to Securing Windows Server 2008: Prevent Attacks from Outside and Inside your Organization (ISBN: 978-1-59749-280-5, Syngress).

He currently resides in Houston, Texas, with two cats. He enjoys cooking and beer brewing with his girlfriend and live-in editor Amy.

Contributing Technical Editors

Brian Barber (Linux+, MCSE, MCSA, MCP+I, MCNE, CNE, CNA-GW) works for the Canada Deposit Insurance Corporation (CDIC) as a project manager and architect for CDIC's IT service management program. His primary areas of interest are operating systems, infrastructure design, multiplatform integration, directory services, and enterprise messaging. He is also an experienced instructor and courseware developer. In the past he has held the positions of Principal Consultant with Sierra Systems Group Inc., Senior Technical Coordinator at the LGS Group Inc. (now a part of IBM Global Services), and Senior Technical Analyst at MetLife Canada. He has been co-author, technical editor, or lead author for more than 15 books and certification guides. Recently, he was a Contributing Technical Editor for Cisco Router and Switch Forensics: Investigating and Analyzing Malicious Network Activity (ISBN: 978-1-59749-418-2, Syngress).

Luigi DiGrande is a Senior Systems Administrator with Ingres Corporation. In his role at Ingres, Luigi supports the global IT infrastructure. Luigi specializes in working with Microsoft and Cisco-based systems. Luigi has designed and deployed Windows-based systems for over 10 years and has in-depth practical knowledge of how the client and server-based systems operate, Windows network and security, Exchange 2003/2007.

Contributing Authors

Naomi J. Alpern currently works for Microsoft as a consultant specializing in Unified Communications. She holds many Microsoft certifications, including an MCSE and MCT, as well as additional industry certifications such as Citrix-Certified Enterprise Administrator, CCNA, Security+, Network+, and A+. Since the start of her technical career she has worked in many facets of the technology world, including IT administration, technical training, and, most recently, full-time consulting. She likes to spend her time reading cheesy horror and mystery novels, when she isn't browsing the Web. She is also the mother of two fabulous boys, Darien and Justin, who mostly keep her running around like a headless chicken.

David Andersson (CCNA, MCT, MCSE, CIW Instructor, CIW Security Analyst, Master CIW Administrator, CNA, A+) is a CIS faculty member at the American Public University System. David instructs in the Information Technology degree and certificate curriculum, acts as the SME for the security, Cisco, and Microsoft-centric classes and is a key contributor to the classroom and online curriculum development of the Information Technology Program.

David holds a bachelor's degree from Indiana University, a master's degree from Western Kentucky University, a master's degree from ISIM University, an Ed.S. degree from Nova Southeastern University, his doctorate from Northcentral University, and is a member of the ACM and the IEEE. David currently resides in the Chicago metro area with his family, Nataliya, Elizabeth, Charles, and Lucy.

Kimarie Hazelbaker is a technical consultant and trainer specializing in designing, implementing, and troubleshooting local- and wide-area networks, using mostly Cisco devices. She has been working in the information technology industry for more than 20 years and has considerable experience with a variety of hardware, operating systems, and client and server applications. Kimarie currently operates her consulting and training business out of northwestern Colorado.

C. Eric Irvin (CISSP, MCITP: Enterprise Admin, MCSE, MCSA, CCNA) is a Security Engineering Analyst for Blue Cross and Blue Shield of Alabama, and consultant for IrvTech, LLC. He specializes in security project management, as well as end-user security awareness, and security compliance assurance. He specializes in Cisco routers, switches, and VPN solutions. His focus is in providing business-enablement solutions that provide functionality and security to the customers of his organization.

Eric holds a bachelor's degree from Amridge University, and is a member of Infragard and the Information Systems Security Association. He volunteers his security background with local municipal government organizations. Eric currently resides in Birmingham, Alabama.

Steve Long is a senior software engineer/systems analyst with Wilmington Trust. Steve has more than 14 years of database and application design and development experience. He currently provides database and application support to trading applications and processes using Microsoft technologies. He also serves as technical lead on significant projects in addition to lending his infrastructure, project management, and business process expertise to all initiatives. Before making a full-time switch to the information technology field, Steve spent a number of years working in the accounting field.

Steve holds a bachelor's degree from Goldey-Beacom College in Wilmington, Delaware, and a Client/Server Technology certification from Pennsylvania State University. He is currently working toward his graduate degree at Goldey-Beacom.

Johan Loos (Network+, Security+, MCT, MCITP, MCSE 2003 Security, CCNA, SCNA, GCWN, CEH) is an independent trainer/consultant at Access Denied, a company based in Belgium. He has several years of experience as a trainer and consultant. His specialization is security and he is involved in security projects for medium and enterprise-sized companies. He lives with his wife Anja and their son Stef.

Renato Martins (PMP, SCJP, SCWCD, ITIL Foundation MCSE, MCSA, MCPD, MCDBA, MCITP, MCTS, MCSD, MCAD, IBM Soa Designer, IBM DB2 DBA + Developer, IBM Portal Admin) has extensive teaching and information technology industry experience. Renato has created training material for programming (Delphi, ASP), database (SQL Server), and operating system (Windows Server) courses. He has been teaching at official training centers and universities since 1998.

Renato has worked as a developer/architect for Griaule Biometrics, creating image processing and fingerprint recognition solutions. In 2004, he joined IBM and worked on its services division in Brazil for more than 3 years. He moved to IBM's software group in Ireland, in mid-2008, where he currently provides level 2 support for Lotus and Websphere products.

Kevin Miller (CCNP, CCSP, CCDP, JNCIA-SSL, MCSE) is a Network Architect with Herman Miller Inc., an international office furniture manufacturer. From his home office in Huntsville, Alabama, he provides network management, design, and support services throughout Herman Miller's network. His primary areas of expertise include Cisco routing and switching, firewalls, wireless and web content services, as well as Juniper's SSL concentrators. Kevin's background includes significant experience with both VPN and Quality of Service technology. He was a contributing author to Juniper(r) Networks Secure Access SSL VPN Configuration Guide (ISBN: 978-1-59749-200-3, Syngress).

Derrick Rountree (CCNP, MCSE, MCT, CCEA, SSCP) has been in the IT industry for more than 15 years. He has a Bachelors of Science in Electrical Engineering degree. Derrick has held positions as a network administrator, IT consultant, and QA engineer. He has contributed to multiple Syngress publications in the areas of computer hardware and Citrix certification.

Robert J. Shimonski (MCSE, etc) is an entrepreneur, a technology consultant, and a published author with more than 20 years of experience in business and technology. Robert's specialties include designing, deploying, and managing networks, systems, virtualization, storage-based technologies, and security analysis. Robert also has many years of diverse experience deploying and engineering mainframes and Linux- and Unix-based systems such as Red Hat and Sun Solaris. Robert has in-depth work-related experience with and deep practical knowledge of globally deployed Microsoft- and Cisco-based systems and stays current on the latest industry trends. Robert consults with business clients to help forge their designs, as well as to optimize their networks and keep them highly available, secure, and disaster free.

Robert was the technical editor for and a contributing author to Sniffer Pro Network Optimization & Troubleshooting Handbook (ISBN: 978-1-931836-57-9, Syngress), the technical editor for Security+ Study Guide and DVD Training System (ISBN: 978-1-931836-72-2, Syngress), lead author and technical editor for Network+ Study Guide & Practice Exams: Exam N10-003 (ISBN: 978-1-931836-42-5, Syngress), and technical editor for and a contributing author to Building DMZs for Enterprise Networks (ISBN: 978-1-931836-88-3, Syngress). Robert was most recently a contributing author to Microsoft Vista for IT Security Professionals (ISBN: 978-1-59749-139-6), a contributing author to The Real MCTS/MCITP Configuring Microsoft Windows Vista Client Exam 70-620 Prep Kit (ISBN: 978-1-59749-233-1, Syngress), and technical reviewer for The Real MCTS/MCITP Windows Server 2008 Configuring Active Directory Exam 70-640 Prep Kit, (ISBN: 978-1-59749-235-5, Syngress). Robert can be found online at www.shimonski.com.

Scott Sweitzer (CCNA, CCAI, MCSE, MCSA, MCITP, MCTS, MCP+I, MCT, A+, Network+, Server+, INet+, HTI+, DHTI+) is a senior analyst at Ricoh. He currently works with career changing students providing Microsoft training in Indianapolis, Indiana. His specialties include Cisco routers and LAN switches, Microsoft Windows NT4-2008, Virtualization, and Update services. He also works with home technology integration projects.

In addition Scott is the owner of consulting companies MicrosoftITPros.com and TrainingMicrosoft.net, where he works with the small and medium business market. Scott's background also includes positions as a Department Chair Technology Programs at Indiana Business College and systems engineer at the Systems House.

Scott and his family live in a suburb of Indianapolis.

CHAPTER 1. Introduction to Networking

Introduction

To have a successful career as a Cisco Certified Network Associate (CCNA), it is imperative that you understand the terminology used by individuals in the field of networking. To communicate effectively with peers and staff, you need to have a firm grasp on concepts and jargon you will be exposed to as a CCNA. Understanding basic terms and concepts will be essential for any individual trying to become successful in the field of networking. An in-depth understanding of basic networking concepts is critical for any individual trying to pass the CCNA certification exam.

Successful CCNAs will need to be able to identify hardware associated with common networks, such as switches and routers. CCNAs also need to have a firm grasp of concepts such as Ethernet networks, Network Topologies and Protocols. The field of networking is constantly being revised and updated with newer, more efficient technologies. For this reason, it is also imperative that CCNAs keep abreast of the latest trends in the field, such as 802.11n, Voice over Internet Protocol (VoIP), and IPv6.

Cisco tends to be a leader in implementing new technologies in their hardware and software products. Cisco will therefore expect that individuals who pass their CCNA examination will have a grasp on the latest technology. This is one of the many reasons that the CCNA certification is widely respected and coveted by many people within the industry. To pass the certification exam and become a successful CCNA, it is essential to have a solid understanding of networking vocabulary and concepts.

Networking Hardware

A number of different devices are available to run a network. In this section, we will take a look at the different types of devices, cabling, and new wireless technologies to assist you in understanding what devices accomplish what connectivity in the network. To understand the technology, we need a brief understanding of the seven-layer Open System Interconnect (OSI) model that helps us to understand where each device is, see Chapter 2 for more detail on the OSI model. The seven layers of the OSI model are shown in Table 1.1.

Each networking item will work at one or more of the OSI layers, and we will define them.

Exam Warning

Cisco places a lot of emphasis on the matching of devices to their OSI layer. Some devices will be described in an obscure manner, and you will have to identify the device. Pay close attention to the multiple ways some devices will be defined in this chapter.

One more important item with the OSI model is that the different protocol data units created in Layers 4, 3, 2, and 1 will be important in what devices do what functions!

To have a network you will need five things:

■ Sender

■ Receiver

■ Message

■ Media

■ Protocol

The sender prepares the message to send to the receiver over the media using the agreed upon set of rules called the protocol. The OSI model will help you to define and troubleshoot problems with your network and defines the different ways data are transmitted. There are three types of transmissions on your network. Unicast traffic is from one sender to one receiver. Multicast traffic is from one sender to a known group of receivers. Broadcast traffic is from one sender to an unknown number of receivers. Each of these traffic types will be referenced in the definitions and standards further in this chapter.

Cabling

There are two common methods of connectivity in networking today, the use of cables or the use of wireless. Cables come in many types of materials and methods of moving data; as we look at these types all cable media is at Layer 1 of the OSI model. The physical layer defines the media type, specifications, and the methods for transmitting bits across the media. All of these are important for the CCNA, and as we look at some legacy and current cable standards remember that on the test any of these can still be used for test questions.

Ethernet

Ethernet, originally developed by Robert Metcalf, Chuck Thacker, Butler Lampson, and David Boggs in 1972 to 1975 at the Xerox Palo Alto Research Center (PARC) in California, has become the most widely used standard for transmitting data inside a local area network (LAN). Over time it has defined standards using coaxial cable, twisted pair cable, and fiber optical cables.

Robert Metcalf left Xerox, he took the base of the protocol to Digital Equipment Corporation (DEC) and Intel and they worked on the proposed Digital/Intel/Xerox (DIX) Standard of Ethernet. The first draft of the standard submitted to the Institute of Electrical and Electronic Engineers (IEEE) was the 802.3 Experimental Ethernet submitted by Xerox in 1972 and progressed to the DIX standard Ethernet II in 1982, and the first full IEEE Ethernet was 10BASE5 in 1983 (also called ThickNet as it used a thick piece of coax). The standard has progressed as technology has advanced in the areas of cable quality and speeds capable of being achieved.

All of the Ethernet standards use a transmission scheme known as carrier sense multiple access with (/) collision detection (CSMA/CD). All the devices on the shared media listen to the media, cable, for a break in transmission so that the listening device can transmit their message, if multiple messages are placed on the wire there will be a collision of the data messages. The system will detect the collision report to the transmitting stations and they will repeat their messages at a randomly determined amount of time later. The other method for transmission is CSMA/CA (used by the AppleTalk Protocol). It uses the same CSMA but instead of collision detection it uses collision avoidance; this technique sends a warning packet out to clear the line for the real message.

The Ethernet (802.3) standards that will be covered for the test are as follows:

■ 10Base5

■ 10Base2

■ 10BaseT

■ 100BaseTX

■ 100BaseFX

■ 1000BaseSX

■ 1000BaseLX

■ 1000BaseT

The way to read the aforementioned standards are to look at the left most number that is the speed of the protocol 10, 100, and 1,000 MBps, then the BASE is short for Baseband, meaning that each wire used carries a single signal. Neither multiplexing like frequency-division multiplexing (FDX) is being done nor is any other frequency shifting algorithm are being used. The last portion of the naming convention relates to some part of the wiring standards, for example, 5 designates thick coax cable specially designated for Thicknet standards with a 50 Ω characteristic. This inflexible coax cable could have a maximum run from endpoint to endpoint of 500 m.

Serial

In the CCNA level of information the serial lines are either WIC-1T or WIC-CSUDSU. The WIC1T has a V.32 serial connection that can support the following serial standards, V.35, X.21, RS-232, RS-449, RS-530, and the WIC-xx CSU DSU is an internal channel service unit/data service unit (CSU/DSU), with either one channel (56K) or full T1 (24 56K Channels). On the serial interfaces there are two sides to the circuit, the data terminal equipment (DTE) and the data circuit-terminating equipment (DCE).

On the DTE/DCE circuit there needs to be a signal that synchronizes the link. The signal is called clock rate in the Cisco IOS, without clock rate these devices would not be able to communicate. In this circuit the DCE provides the clock rate—remember C for DCE and C for clock rate and you will have no problems.

The IOS command to see what side of the DTE/DCE link you are is show controllers sX, where X is the interface number. For example, on a Cisco 1721 router with a link to another router upstream, the output of the command on the DTE and DCE side is displayed in Figures 1.1 and 1.2.

The V.35 connector on the serial WIC-1T is a d-shaped connector with 60 PINs. It can connect, with the appropriate cable from Cisco, to CSU/DSU's, modems, and other Layer 2 devices. The serial interface operates at the physical layer of the OSI model.

RTS/CTS

On serial lines there is a signal called Ready To Send/Clear To Send. When working with CSU/DSUs and modems this signal is used to tell the device that it is ready to transmit. On each type of connector there is a wire that is designated for this signal, also this has been defined in the 802.11 wireless standards by the IEEE.

Exam Warning

Some of the Cisco test questions will have only minor differences in the way the answer is displayed. For example if Cisco was to ask the question; how do you set the clock rate on a serial interface to 64,000 bits per second?

A. router > clock rate 64,000

B. router# clock rate 64,000

C. router(config)# clock rate 64,000

D. router(config-line)# clock rate 64,000

E. router(config-if)# clock rate 64,000

The correct answer would be E, the prompt of router(config-if)# would be displayed if you were working on serial interface 0. In this example the only difference in the answers are the prompt.

Next we will lay out the important things to know about Ethernet in Table 1.2

Fiber

Fiber-optic cable is made of tiny glass strands and data is passed over the glass using light pulses. The first documented installation of fiber optics was in Chicago, IL, in 1976. There are two encoding methods for transmissions over the fiber: they are single-mode fiber (SMF) and multimode fiber (MMF). In SMF the optic cable carries only one stream of light, known as a mode, this one mode may vary in wavelength but carries only one stream. In MMF the glass core is larger and can handle multiple data streams. MMF is used more in local or campus area networks (CANs), supports data rates from 10 MBps to 10 GBps, and can sustain high speeds at distances up to 2 km. SMF is higher in cost and is generally used for high precision scientific applications.

The cable is constructed in the following manner; a core glass rod is surrounded by a coating called cladding that contains the light inside the glass core. The cladding is then surrounded by a shield called the coating. The coating is then surrounded by fibers to strengthen the cable so the glass core is not broken. Then finally the coating of polyvinyl chloride (PVC) surrounds all the other components. Each fiber-optic cable has to be terminated with some form of connector; each connector has different properties, connectivity type, and function. The most common connectors you will encounter in computer networking are straight tip/bayonet fiber-optic connector (ST/BFOC) and the SC could mean subscriber connector, standard connector, or Siemon connector depending on which standard you read. The ST/BFOC connector is more commonly used today.

To install a fiber you will need special tools and training. The cost of the tools is prohibitive and the training is expensive. Where you can buy a basic termination kit for twisted pair cables for under $40, the basic fiber tool kit runs near $700. This investment is unnecessary at the CCNA level as you will not be expected to terminate fiber at the entry level. The training for the 5-day basic certified fiber-optic technician (CFOT) is about $2,000.

NEW & NOTEWORTHY…

The Dollars and Sense of Fiber-Optic Training

There is a growing need for fiber-optic installers. If you invest in this training and you can become proficient in fiber installation and termination your job prospects will increase. The CFOT certification is a good add-on to the CCNA. For more information see the official fiber-optic association Web site www.thefoa.org/

Coax

An abbreviation of coaxial cable, coax is a type of cable with a central conductor surrounded by plastic coating, followed by a metal shield, and covered with PVC outer coating. There are two primary types of coax used in networking—Thicknet (10Base5) and Thinnet (10Base2). The components of a coax network are terminators, resistors that stop the signal from bouncing back and forth on the wire, adapters that connect the computers to the line, and the coax cable.

For 10Base5, the cable is a thick (about ½ an inch in diameter) coaxial cable that can carry signal from endpoint terminator to endpoint terminator 500 feet maximum. The adapter that is used is called a vampire tap, which has a sharp tooth that bites into the wire. The vampire tap uses a db-15 connection called an attachment unit interface (AUI) or Digital Intel Xerox (DIX) connector to connect the vampire tap to the network interface card (NIC). The cable type is RG-11 coaxial cable.

For 10Base2, the cable is thinner and it appears similar to the coax cable used for cable television. It can support signals from endpoint terminator to endpoint terminator of 185 m (nearly 200 m). It uses T style connectors to connect the personal computers (PCs) to the network. The cable type is RG-54 coaxial cable.

Both networks employ a bus topology (explained in detail later). When one computer on the network goes down you have to test each connection individually to determine which device caused the loss of connectivity. This is comparable to testing a set of Christmas tree lights one at a time to see which one is dead. The bus topology is a serial style network.

NICs

Network interface cards (NICs) come in many types, styles, connectivity types and speeds, and bus types. Let us start with bus types. Since the advent of the PC there have been many ways to add new features by way of add-on cards. They connect to the computer through a connector called a Bus adapter. These connectors allow you to add things like MODEMs (MODulator/DEModulator), serial adapters, parallel adapters, or NICs. The different bus types are as follows: 8 bit, 16 bit, 32 bit, and 64 bit. The chart mentioned later will cover the different bus types, and the features are shown in Table 1.3.

Once you determine that your computer supports the bus type, then you have to determine the type of network you are on; twisted pair, coax, or fiber. Once you have done all of this you need to determine the speed of your network 10/100/1,000 MBps. Once you have done all of this you can purchase an NIC. Today, the two most common network cards are PCI 32- or 64-bit running 10/100/1,000 twisted pair (RJ-45 connector) and PCI 32- or 64-bit running 1000 MBps over fiber-optic cable.

The purpose of the NIC is to join the media (Layer 1 of the OSI model) and the data link layer (OSI Layer 2) to the rest of the computer (Layers 3 to 7). This is the junction point where your computer meets the rest of the network. The network card is responsible also for the signaling of data onto the media and for receiving the signal from the media and making it useable for the computer. The data link layer functions of the network card include the Media Access Control (MAC) address of the card. This address, also known as the physical address, the Ethernet address, or if you are working with Cisco, the Burned In Address (BIA). This address is used to identify data destined for your computer as well as, when working with bridges or switches, in which collision domain you are located.

The MAC address is a 48-bit address that uses hexadecimal numbers (base 16 0-F). It can be displayed in a standard notation or Cisco notation. It has a total of six 8-bit bytes and the first three are the organization and the last three are the id of the network card. In Figure 1.3, the MAC address is displayed in standard notation; in Figure 1.4, the MAC address is displayed in Cisco notation. In the first image the MAC address is referred to the physical address and is 00-0E-35-0B-28-3E, the 00-0E-35 is the identifier for the manufacturer of the network card (Intel in this case), and the 0B-28-3E is the unique card identifier. If you have two cards on the network with the same MAC address there will be a conflict and neither will receive any data. All network devices on your network must have a unique MAC address.

Test Day Tip

Remember the format of the MAC address, the first three bytes identify the manufacturer and the last three bytes identify the host.

The MAC/physical address is known as the BIA in Cisco Speak. Anytime on the exam you are asked for the BIA of the network adapter of a PC, they are asking for the MAC/physical address.

Wired

We discussed coax and fiber-optic cable types earlier; here we will focus on twisted pair and the standards and uses of this cable type.

Twisted pair cable is rated by the category. Each category is measured by twists per inch. The most common twisted pair cable in use is still Category 5 twisted pair and it has three twists per inch using 24-gauge copper cable.

In Table 1.4, we will outline the different categories of twisted pair cable and their common uses.

In view of the increasing speeds of networking, categories 5e and 6 are being installed in most new networks. There are two common twisted pair types, unshielded twisted pair (UTP) and shielded twisted pair (STP). UTP can be purchased in each category and this type of cable does not have a metal shielding that protects the cable from electromagnetic interference (EMI). If you run UTP cable near motors or other devices that generate EMI, like older microwaves and photocopiers, the network will not work reliably as their signals will overshadow the signal carried over the cable. STP has a metal shielding that protects the cable from this interference. If EMI is a high concern, fiber optic is the best cable type as it uses light instead of electronic signals to represent the data.

The other measure for twisted pair is the coating.

HEAD OF THE CLASS…

Cable coating, law, and safety

If you chose the wrong coating for the cable type and run them in your building you may not only be violating building code, you could be putting lives in danger.

The two types of coating are plenum and nonplenum. The term plenum refers to the space between a drop ceiling and the real roof. To be plenum grade cable your cables should not contain PVC as this cable is in the air space between the two ceilings and if the PVC burns it gives off a toxic gas that is highly poisonous. If you use nonplenum grade cable they must be run in pipes in the walls and ceilings called conduits. These conduits will contain the toxic gas and protect the people. Most cables today are plenum grade, but be sure to check.

Now that you are familiar with the common wired cable types of twisted pairs, it is time to talk about the connector. The most commonly used connector with twisted pair cabling is called the RJ-45 connector. It is a four pair modular connector available in two types, straight through and cross over. The straight through cable connects devices that are different in nature; you would use a straight through cable to connect a computer to a switch, hub, or bridge. A cross over cable is for connecting similar device types, such as bridge to bridge, switch to switch, computer to computer, and so forth. The differences between the two types of cables are in the Telecommunications Industry Association/Electronics Industry Alliance (TIA/EIA) Cable Definitions for the type of wiring in each end of the cable. The two standards are defined in the TIA/EIA 568-A and TIA/EIA 568-B. If the 568-A standard is used on both ends of the cable it is a straight through cable, both sides have the pins in the same place. If one side is 568-A and the other side is 568-B then this is a crossover cable. The cable standards for both cable end types are given in Tables 1.5 and 1.6.

Finally, you can make your own twisted pair cables with just a couple of simple tools. With a few tools called a crimp tool and wire stripper and a supply of cable and ends, also known as bullets, you can build your own TIA/EIA twisted pair cables. Some companies sell complete tool kits that will also do phone and coax cables. The wire stripper gets rid of the protective shell of the cable and also the protective shield of each strand. Once the cables are stripped place the correct strand into the correct place in the cable end. Once all strands are in the correct place you would use the crimp tool to close the cable end and create the cable.

Once you have the cables you will also need to test the connectivity of the tools. There are many types of cable testers available to test the tools. One important thing to remember with twisted pair is that the maximum length from endpoint to endpoint is only 100 m. If you have a cable between the computer and the wall jack and then from the wall jack to the switch and/or the hub and they are more than 100 m total—your cables may be correctly built but you have exceeded the maximum distance!

CONFIGURING & IMPLEMENTING…

Cable Kits

Tool kits for all types of cable making and testing can be purchased from Tecra Tools, which is located at www.tecratools.com

The two most common test tool types are tone and probe and cable integrity testing. With the tone and probe you would plug a device into the jack that would provide an audible tone across the cable, and you would use the probe to follow the wire through the walls until you found the other end where it terminated. The cable integrity testing tool tells you if the cable is pined out correctly and that there are no shorts or flaws in the cable. Both these tools will aid you in the network diagnostics.

Wireless

As users want more freedom of movement while using computer equipment and as networks grow in flexibility, wireless technology is increasing in use. There are a few standards you need to know to prepare for the CCNA exam. Table 1.7 covers the basics of wireless Ethernet today.

Just like with NIC defined earlier, you will need a card or an imbedded card to access wireless network systems. The same rules apply to computer bus type; however, you will need to know what standards are supported. Most wireless adapters today support either A only or B and G only, or B and G and N only. There were a few manufacturers that made cards that would support A and B, but they were very expensive and very rare. There are many problems with deploying a wireless network. The construction of the building is very important to the range you can get as well as other devices that are between the wireless card and the access point (wireless connector) that you are trying to reach. If you have a lot of steel or brick, you will find it difficult to achieve the maximum range. Also, if you have devices that operate at the same frequency (for example in the 2 GHz range certain appliances like microwave ovens will interfere with your wireless access) and may keep your entire wireless network from working.

The other major component with wireless networking is called the wireless access point (WAP). This device connects the wireless network to the wired network and you will normally find it connected to the switch or router. This device allows anyone who knows the Service Set IDentifier (SSID), this is the name of the wireless network and can be set via the WAPs control software, to connect to that wireless network.

CONFIGURING & IMPLEMENTING…

SSID and Security

Once you setup a wireless network take a few moments to change all the default security settings. Change the default SSID, password, and admin username. More than 70 percent of the WAPs on the Internet still have all the default settings making you vulnerable to attackers.

Once you have configured the basic attributes, like the Internetwork Protocol (IP) address and SSID, of a wireless network you then should select an encryption protocol. There are a few encryption protocols that will be described later in this chapter; however, even if you enable an encryption protocol you may want to set up a firewall between the WAP and the wired network to give another layer of protection. Most encryption protocols for wireless have been breached by attackers and the methods are well documented. With a firewall between the wireless and wired network, part of the defense in depth methodology (DID), you can implement a virtual private network (VPN) connection between the wireless client and the firewall and create a higher encrypted tunnel between the weak wireless and the secure wired network (Figure 1.5).

Test Day Tip

Make sure that you know the frequency and standard for each wireless type. Cisco expects all CCNAs to be familiar with these key facts.

The keys to the wireless portion of the Cisco exam is to remember the standards defined earlier and that security of wireless should conform to the DID methodology.

Security

The problem with wireless networks is that they can be difficult to secure. In the aforementioned illustration, we talked about a way to allow wireless users to attach to the wireless network then make a VPN connection to the wired secure network. There are protocols that will give you some protection on the wireless network. Later, we will give you an overview of the wireless secure encryption protocols. These protocols will help to protect your wireless network but due to the limitations of each protocol, you will face some exposure to hackers.

WEP

Wired Equivalency Protocol (WEP), established in 1999, was intended to provide the same level of protection across the wireless network that you would have over the wired (or twisted pair Category 5 cable) network. The problem was that the level of encryption was not strong enough to provide the level of protection available. Today WEP can be broken in minutes, with common software tools available over the Internet. It uses the RC4 (Rivest Cipher 4) encryption algorithm and the CRC-32 Check Sum (CRC means cyclical redundancy check) hashing algorithm. The RC4 encryptions the traffic and the CRC-32 ensures that the data is received without errors. WEP was the first attempt to secure the wireless networks from abuse by hackers and other attackers.

WPA

Wi-Fi Protected Access (WPA) was developed as a solution to the WEP protocols shortcomings. There are actually two protocols in the WPA specification, WPA and WPA2. WPA was the introductory encryption protocol; it was a stopgap between WEP and WPA2, which is the full WPA standard implementation. In each protocol there are also two implementations, personal and enterprise. The major difference between personal and enterprise is that in personal mode the preshared key is available to all devices, and in enterprise the key is contained on a server with authentication. WPA2 is compliant with the complete specifications of the WPA standards.

NEW & NOTEWORTHY…

WPA and WPA2 Specifications

To view the complete standards for WPA and WPA2 go to www.wi-fi.org/knowledge_center/wpa/. This will help you to understand the encryption protocols strengths and weaknesses.

LEAP

Lightweight Extensible Authentication Protocol (LEAP) is a new protocol that, while being a proprietary wireless access authentication method, is not widely used today and is something on the horizon. This protocol requires you to authenticate (log in) to the wireless network before actually connecting to the LAN with your wireless (802.11) devices. This protocol gives you not only an encryption standard but also an authentication requirement. The LEAP Protocol uses a modified version of the Microsoft Challenge Authentication Protocols (MS-CHAP) combined with the Extensible Authentication Protocols (EAP). By combining the encryption with the authentication you add a layer of security to the wireless network. Even with the added security, you must remember the layered defensive tactics, which allows you to protect your key business data from exposure. Figure 1.5 shows a VPN connection device between a wireless user and the wired network is still the best method of protection.

Repeaters

A repeater is a Layer 1 device that takes voltage from the line, amplifies the voltage, and sends it down the line. This device cannot translate, analyze, manipulate, or do any processing of the voltage. It is a simple amplifier that will increase the signal strength of the signal. If there is any noise caused by EMI on the wire it will also amplify the noise and send it on. The general rule of thumb is to have no more than three repeaters in a row. Once you get past the third repeater you will be sending only noise.

These devices work with only one media type. If you have Thinnet coming in, you must have Thinnet going out; it cannot do any media conversion. This is the most basic device and has no processor or programming to make it any more robust.

These devices are not in common use anymore; they have been replaced by hubs, bridges, and switches.

Hubs

A hub is nothing more than a multiport repeater. Electrical signal comes through one port of the hub and gets amplified and sent out through all ports of the hub. Like the repeater you cannot mix and match media. Hubs and repeaters create what is called a collision domain. You can only have one signal on the wire at any one time. As described earlier, Ethernet uses CSMA/CD, which means that if two signals are on the wires at the same time they will collide and cause a collision. This collision means that no data is delivered to the remote receiver. The more ports you have on the hubs (and the more hubs connected together), the more likely you are to have collisions. If you look at the front of the hub you will see an indicator called the collision light, the more often it blinks the more often your data is not getting to its destination.

Bridges

Bridges area is a Layer 2 device that separates collision domains by determining what MAC addresses are on each side of the bridge and only passing traffic if the destination address is on the other side of the bridge. The bridge will also handle the placing of the data on the collision domain to try and reduce the collisions. It also uses CSMA/CD and will check the frame for errors and collisions on each side of the bridge. Bridges create broadcast domains. Frames with a MAC address of FF:FF:FF:FF:FF:FF are called broadcast frames and every network device must look at the data; therefore, any frame that is a broadcast must cross all bridges.

Switches

A switch is a multiport bridge. This device creates a new collision domain on each port, the original intent of switches was to connect a hub to each port and connect departmental devices to the hub. For example, you would have a hub that contained the sales-people's computers and a file and print server so that if the sales Person was working on their own files it would not affect the rest of the network. The same would go for the marketing department, the finance department, and so forth. This would reduce the traffic that had to be processed by the switch and would speed up the overall network. This would ensure that the switch had tables of MAC addresses on each port and that would be contained in its own collision domain and the switch would only forward traffic when resources were outside its own collision domain. More and more each device has been plugged into its own port on the switch creating a single device collision domain. This means that each frame created on the network must be looked at on the switch and checked for errors and forwarded by the switch. Each frame must be processed by the switch thus negating the collision domains. This causes collisions on the backbone of the switch and buffer overflows on the ports where corporate resources are located. In Figure 1.6 we see a switch with devices on each port; this has become less than the standard in today's networking. Notice Destination Port FastEthernet0/8 has three MAC addresses assigned to it. So if the devices of 0011.50ff.971c, 0011.d918.e6fe, and 001c.b3333.428e were communicating together the data would not enter the switch. If 0011.50ff.971c and 007.e974.8217 were communicating the switch would send the frame to FastEthernet0/3 to reach that destination MAC address. Use the show mac-address-table command (sh mac-add in the Figure 1.6) on the switch to display this table.

Two questions I hear a lot are What is a Layer 3 switch?, and What is the difference between a Layer 2 switch and a Layer 3 switch? First, there is no such thing as a Layer 3 switch. All switching is done at the data link layer of the OSI model. It uses the MAC address to move frames from one collision domain to the other. The Router (described later) handles the movement from one logical network to the other. A Layer 3 switch is a Layer 2 switch that has an embedded router to route between virtual local area network (VLANs).

Routers

At the network layer we find Routers. Routers handle IP addresses. These addresses are 32-bit addresses divided into 8-bit octets. Each octet can support a number from 0 to 255 (256 combinations). There are five classes of addresses A, B, and C are used to address publicly accessible devices on the Internet. To determine the class of address you will look at the first octet of the address. In later chapters you will see more on this but for now we will look at the basics. If the first octet is 1 through 126 you are a Class A address that means the first octet, by default, is the network portion of the address and the remaining three octets are the host. This supports 16,777,214 addresses per Class A network. Class B networks are 128 through 191 and the first two octets are the network portion of the address, meaning that for each Class B network there are 65,534 hosts per network. The final class of network for addressing workstations is Class C and that uses 192 through 223 in the first octet. The Class C uses the first three octets for network and the last octet for host, allowing 254 addresses per network. The network 127 is reserved for testing and the address 127.0.0.1 is called either as loopback or local host address. Each computer uses this to test that the IP stack is configured and functional on the device. Routers work at this layer and the key to routers is that they join IP networks. They are the intersections of two, or more, networks. Routers pass packets from one logical network to another logical network. They use the Internet Protocol address and network mask to determine which interface to pass the packet. In the aforementioned examples, each device had a different name from two ports to multiple ports, a multiport repeater was a hub and a multiport bridge was a switch. In this case a multiport router is a router. There is another device called a Brouter, this device is a Layer 3 router that can bridge Layer 2 protocols over a wide area network (WAN). A brouter will move nonroutable protocols over the WANs. Historically there are two major groups of protocols, routable (they have a network portion and a host portion of the address) and nonroutable (no network portion, only host portion of the address). Before brouters were created only routable protocols could be moved over the WAN. Routable protocols include IP, IPX, AppleTalk, SNA. Nonroutable protocols include data link control (DLC), NetBUI, LAT, DRP, and MOP. Back in the minicomputer days there was a computer called the HP 3000. It ran the DLC protocol and there was no network address, only a host address to move data from one HP 3000 to another over a WAN you needed a router that could also act as a Layer 2 bridge. Cisco routers today all support bridging.

Exam Warning

One of the things to remember is that a multiport repeater is a hub, a multiport bridge is called a switch, and a multiport router is called a router. These may show up as a few test questions on the exam.

One question about routers that I hear a lot is Is there such a thing as a single port router? If you only have one port on the router, how can you route to two or more logical IP networks? The answer is yes, you can have a single port router, if you plug the router into a switch on a port that is setup to be a port that will allow you to route between VLAN's, then this one port can move traffic between these networks. It can also be called a router on a stick.

Wireless Access Point

A WAP is a device that allows different types of wireless network cards connect without cables, hence wireless, to connect to LANs and access resources, including the Internet. A WAP plugs into a hub or switch and is the device that joins the unwired network to the wired network. As shown earlier, you can put a router or firewall between the wireless network and the wired network providing a secure barrier between the unsecure wireless network and the secure wired network. WAPs support the standards we defined earlier; if you are using an 802.11b WAP then most 802.11b/g/n cards should be able to access them as they all operate on the same 2 GHz frequency. If you have an 802.11a access point you will need an 802.11a card as this is not in the same frequency as the other standards. There are a few access points that support both the 2 GHz and the 5 GHz range. They are rare and expensive. There are also routers that support wireless connections as well. They range from home use to commercial/business use. For home use, you will find Linksys (a Cisco company) routers that will support both wired and wireless access to digital subscriber line (DSL) or cable Internet connections, all the way up to the Cisco 1800 line that are commercial level routers that include a wireless feature set as well as wired connections. The price range runs from $80 to $5,000 depending on the features and level of router you purchase.

Network Types

The various network types you will have to deal with on the CCNA exam are LAN, CAN, metropolitan area network (MAN), and WAN. These types of networks define the technology you use to build them out. Later we will define them and discuss what makes each one different.

Local Area Networks

A LAN is a logical grouping of computers, servers, workstations, printers, and other devices that are connected by a common media; copper and fiber are the most common, and wireless is increasing. It supports speeds from 10 up to 1,000 MBps (Gigabit per second). It can span one floor of a building up to the entire building. The company that uses the LAN generally owns and manages the LAN. Some companies may outsource management of the LAN, but in general it remains the property of the company that owns it. Ethernet is used as the method of transmitting the data over the LAN and the speeds tend to be high.

Private IP Address Ranges

On the LAN there are three ranges of addresses reserved for internal, private usage. Earlier we talked about the three classes of IP address, there is one Class A network, the 10.0.0.0/8. In the Class B range we have 16 Class B networks, the 172.16.0.0/16 to the 172.31.0.0/16 networks and finally in the Class C range we have the 192.168.0.0/24 to the 192.168.255.0/24 networks. If you are using one of these networks you are conforming to the Internet standards. If you are using any other range of addresses and your Router/Firewall is using network address translation (NAT) you are still working within the guidelines of the Internet (using a NAT protocol called NAT overlapping where your inside addresses appear to be public and you are being translated to the true public Internet); however, if your Router/Firewall stops performing, the NAT function you will be changing the routing tables of the Internet and redirecting traffic to your network from the original network. This may cause other problems of a routing and a legal nature. You should always use a private range of network addresses while supporting an IPv4 Network, later you will be introduced to the new IPv6 (or IPng Internet Protocol Next Generation Protocol). For even more information refer to Configuring IPv6 for Cisco IOS, Syngress, ISBN: 978-1-928994-84-8. Once you have chosen your private IP range you can then subnet it (refer section Subnetting in Chapter 3).

APIPA

Automatic Private Internet Protocol Addressing (APIPA) assigns an address in the range of 169.254.0.1 through 169.254.255.254. It does not assign an address for the gateway router so no Internet access is permitted; see RFC 3972 for complete detail. It was introduced in Windows 98 Second Edition and other operating systems near the end of the 90s. APIPA was intended to allow access to local resources when the Dynamic Host Configuration Protocol (DHCP) server was not available. Even though this uses what is apparently a public IP address range, it is not a risk due to the fact that it does not route traffic to the Internet, as there is not gateway address set.

Wide Area Networks

WANs connect networks from city to city or state to state or country to country (or even earth to the international space station). They employ technologies like Frame Relay, which uses connectivity like T1s or T3s. A T1 Frame Relay moves data at 1.544 MBps and a T3 is 28 T1s and will carry data at the rate of approximately 43 MBps. As the name implies Frame Relay operates at the data link layer (Layer 2 of the OSI model). You will notice that the data rates drop dramatically from the LAN to the WAN. Thus, the bottleneck of the connection is the point between the LAN and the WAN. Cable Internet and DSL have become more common over the last couple of years. There are other technologies like X.25 that can carry data over long distances; however, these legacy protocols are not in common usage.

Public IP Address Ranges

If the ranges of addresses are not in the 10.0.0.0/8 or the 172.16.0.0/16 through 172.31.0.0/16 or the 192.168.0.0/24 through 192.168.255.0/24/24, you are on the public Internet. Let us first deal with the concept of the public Internet. Every access device, router, server, database, Web page is owned by someone. There is not one device on the Internet that is freely available and on the public domain. Every resource