Wiley Publishing, Inc.

CCNA

®

:

Cisco

®

CertifiedNetwork Associate

Study Guide

Sixth Edition

Todd Lammle

10089.book Page iii Monday, July 23, 2007 3:17 PM

File AttachmentC1.jpg

10089.book Page vi Monday, July 23, 2007 3:17 PM

Advance Praise

“Todd’s methods of discussing topics are tactfully approached so they are not confusing to the reader, and his explanations are clear and easy to understand.”

—Amazon Reader Review

“I passed my CCNA on the first try after reading this book thoroughly. …If you read the book and do all the review questions and written labs at the end of each chapter, you will be well prepared for the exam.”

—Amazon Reader Review

“This is a great book! Todd Lammle has the ability to make complex topics simple. Cisco books are essential once you’ve mastered networking basics, but there is nothing like Sybex for learning the concepts from A to Z.”

—Amazon Reader Review

“Todd has been an authority in this field for as long as I can remember. His style of writing keeps the book from becoming a sleep aid and provides nuts and bolts information that is both excellent real-world reference and directly relevant to exam objectives. If you are considering taking the CCNA exam, you would be ill advised to not give this book a thorough read.”

—Amazon Reader Review

“This is the first book review I have ever written on Amazon. I’ve been in the computer/net-work support field for many years, but had almost no contact with Cisco equipment. I basi-cally knew the ‘enable’ and ‘config’ Cisco commands. I had originally planned on shelling out the $3000 to take a CCNA boot camp, but decided that that was way too much money. So I bought this book instead … took a week off from work (which I would have done any-way for the class), and went at it ... My homegrown boot camp paid off because I passed the exam on the first try, saving almost $2900!”

—Amazon Reader Review

“This is the best technical book I have ever read!!”

—Amazon Reader Review

“This book is excellent resource for preparation for CCNA certification. It has needed infor-mation regarding the Cisco’s objective. Sample test and Bonus Test give extra knowledge for exam’s question. Users have more knowledge and practice of test exams. I will recommend this book for anyone who does not have any knowledge of CCNA material.”

—Amazon Reader Review

10089.book Page i Monday, July 23, 2007 3:17 PM

“I’ve recently passed the CCNA exam with 985 out of 1000 points and Todd Lammle’s book was my only study material (along with a Cisco 2500 router).

“It covers all relevant topics in such an easy-to-understand way and gives you a great net-working/Cisco knowledge to build upon. Even now, while I’m pursuing other certifications, it serves as an irreplaceable reference. Every chapter concludes with review questions, hands-on exercises or labs to give you the opportunity of applying your new skills in real-world scenarios and the CD provides additional sample tests and flashcards to consolidate your knowledge.

“By reading the book twice and doing all the exercises you will be able to answer just about any question you may encounter on the exam. Highly recommended!”

—Amazon Reader Review

“I had made three previous attempts using Cisco Press but could not get over the hump. Needless to say I was getting pretty discouraged. However, I had heard good things about the Sybex book by Todd Lammle and decided to give it a try. It was the best thing I could have done. The book read great and it explained the required concepts and topics very well. The review questions and Hand-on Labs at the end of each chapter were also very helpful.

“I took the test last weekend and passed!!

“Thank you!!”

—Amazon Reader Review

“Good exam prep. I read this book and with only slight network experience was able to pass the CCNA.”

—Amazon Reader Review

“There isn’t much more I can say about this book than has already been said. I used Todd’s guide to help me pass the CCNA in 2000 and am using him again to recertify. Just an excel-lent book. Period.”

—Amazon Reader Review

“This book covered everything I needed to pass the exam, with hands-on experience, and the bonus material. What a great written book this is. The best I have ever read.

“I recommend this book highly!!”

—Amazon Reader Review

10089.book Page ii Monday, July 23, 2007 3:17 PM

Wiley Publishing, Inc.

CCNA

®

:

Cisco

®

CertifiedNetwork Associate

Study Guide

Sixth Edition

Todd Lammle

10089.book Page iii Monday, July 23, 2007 3:17 PM

Acquisitions Editor: Jeff KellumDevelopment Editor: Toni Zuccarini AckleyTechnical Editor: Patrick J. ConlanProduction Editor: Sarah Groff-PalermoCopy Editor: Judy FlynnProduction Manager: Tim TateVice President and Executive Group Publisher: Richard SwadleyVice President and Executive Publisher: Joseph B. WikertVice President and Publisher: Neil EddeMedia Project Supervisor: Laura AtkinsonMedia Development Specialist: Josh FrankMedia Quality Assurance: Angie DennyBook Designers: Judy Fung and Bill GibsonCompositor: Craig Woods, Happenstance Type-O-RamaProofreader: Nancy RiddioughIndexer: Ted LauxAnniversary Logo Design: Richard PacificoCover Designer: Ryan Sneed

Copyright © 2007 by Wiley Publishing, Inc., Indianapolis, Indiana

Published simultaneously in Canada

ISBN: 978-0-470-11008-9

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Legal Department, Wiley Publishing, Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355, or online at http://www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other pro-fessional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organi-zation or Website is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Website may provide or recom-mendations it may make. Further, readers should be aware that Internet Websites listed in this work may have changed or disappeared between when this work was written and when it is read.

For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (800) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic books.

Library of Congress Cataloging-in-Publication Data is available from the publisher.

TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. Cisco and CCNA are registered trademarks of Cisco Systems, Inc. All other trademarks are the property of their respective owners. Wiley Publishing, Inc., is not associated with any product or vendor mentioned in this book.

10 9 8 7 6 5 4 3 2 1

10089.book Page iv Monday, July 23, 2007 3:17 PM

To Our Valued Readers:

Thank you for looking to Sybex for your CCNA exam prep needs. We at Sybex are proud of our reputation for providing certification candidates with the practical knowledge and skills needed to succeed in the highly competitive IT marketplace. This latest edition of the best-selling

CCNA: Cisco Certified Network Associate Study Guide

reflects our commit-ment to provide CCNA candidates with the most up-to-date, accurate, and accessible instructional material on the market.

As with previous editions, Todd and the editors have worked hard to ensure that the study guide you hold in your hands is comprehensive, in-depth, and pedagogically sound. We’re confident that this book will exceed the demanding standards of the certification market-place and help you, the CCNA certification candidate, succeed in your endeavors.

As always, your feedback is important to us. If you believe you’ve identified an error in the book, please visit the Customer Support section of the Wiley website. And if you have general comments or suggestions, feel free to drop me a line directly at

nedde@wiley.com

. At Sybex, we’re continually striving to meet the needs of individuals preparing for certification exams.

Good luck in pursuit of your CCNA certification!

Neil EddePublisher—CertificationSybex, an Imprint of Wiley

10089.book Page v Monday, July 23, 2007 3:17 PM

10089.book Page vi Monday, July 23, 2007 3:17 PM

Acknowledgments

Monica Lammle’s writing style and voice, editing ability, encouragement, and dedication to ensuring that my books are concise yet highly readable has been invaluable to the success of this and many other projects. She brings clarity and life to what can truly be some very arcane and difficult material!

Mr. Patrick Conlan has got to be the personification of perseverance—he’s a rock! Patrick literally hashed and rehashed each topic in this guide with me at all hours of the day and night—scrutinizing the material until we both agreed it was verifiably solid. He was so instru-mental in the development of this book that I hired him at GlobalNet Training to work as a course developer and trainer! You’re going to be hearing a lot more from Mr. Conlan in the technical instruction and writing arena in the future for sure.

Daniel Aguilera, who has worked with me at GlobalNet Training for seven years, also worked diligently, helping me put together the bonus exams you’ll find on the CD (so be sure to give him a call if you happen to find a problem ). Dan possesses both the intelligence and optimism required to be a great source of encouragement and a deep reservoir of problem-solving ability whenever I found myself discouraged or burned out.

Toni Zuccarini Ackley was the main editor of this—the newest book in the Sybex Cisco series. Thank you Toni for having the patience of Job, and for working so hard on this book with me. I’m so happy (and relieved) that you took on the job and, most of all, that you didn’t run screaming from the room the next day!

Jeff Kellum is instrumental to my success in the Cisco world and is my acquisitions editor. Jeff, thanks for your guidance and continued patience. Although we work well together and put out fantastic material, I am sure he groans when he sees my name on caller ID!

In addition, Sarah Groff-Palermo was an excellent production editor and she worked really hard to get the book done as quickly as possible, without missing the small mistakes that are so easy to over look. Judy Flynn was the copy editor and she showed me that you can actually write a book and still have patience, be helpful but yet work extremely hard to get this book out on the shelves as fast as possible, and for that I thank you tremendously. Both Sarah and Judy worked very hard editing the book for what will hopefully turn out to be a great guide to lead you on your journey toward becoming a CCNA.

Finally a big thanks to Craig Woods and Happenstance-Type-O-Rama, and the CD team: Laura Atkinson, Josh Frank, and Angie Denny.

10089.book Page vii Monday, July 23, 2007 3:17 PM

10089.book Page viii Monday, July 23, 2007 3:17 PM

Contents at a Glance

Introduction xxiii

Assessment Test xxxiii

Chapter 1

Internetworking 1

Chapter 2

Introduction to TCP/IP 67

Chapter 3

Subnetting, Variable Length Subnet Masks (VLSMs), and Troubleshooting TCP/IP 111

Chapter 4

Cisco’s Internetworking Operating System (IOS) and Security Device Manager (SDM) 171

Chapter 5

Managing a Cisco Internetwork 251

Chapter 6

IP Routing 327

Chapter 7

Enhanced IGRP (EIGRP) and Open Shortest Path First (OSPF) 417

Chapter 8

Layer 2 Switching and Spanning Tree Protocol (STP) 493

Chapter 9

Virtual LANs (VLANs) 551

Chapter 10

Security 609

Chapter 11

Network Address Translation (NAT) 669

Chapter 12

Cisco’s Wireless Technologies 703

Chapter 13

Internet Protocol Version 6 (IPv6) 739

Chapter 14

Wide Area Networks 773

Glossary

851

Index 911

10089.book Page ix Monday, July 23, 2007 3:17 PM

10089.book Page x Monday, July 23, 2007 3:17 PM

Table of Contents

Introduction xxiii

Assessment Test xxxiii

Chapter 1 Internetworking 1

Internetworking Basics 4Internetworking Models 11

The Layered Approach 12Advantages of Reference Models 12

The OSI Reference Model 13The Application Layer 15The Presentation Layer 16The Session Layer 16The Transport Layer 16The Network Layer 22The Data Link Layer 24The Physical Layer 30

Ethernet Networking 31Half- and Full-Duplex Ethernet 33Ethernet at the Data Link Layer 34Ethernet at the Physical Layer 37

Ethernet Cabling 39Straight-Through Cable 39Crossover Cable 40Rolled Cable 40

Data Encapsulation 43The Cisco Three-Layer Hierarchical Model 46

The Core Layer 47The Distribution Layer 48The Access Layer 49

Summary 49Exam Essentials 49Written Lab 1 50

Written Lab 1.1: OSI Questions 51Written Lab 1.2: Defining the OSI Layers and Devices 52Written Lab 1.3: Identifying Collision and

Broadcast Domains 53Written Lab 1.4: Binary/Decimal/Hexadecimal

Conversion 53Review Questions 56Answers to Review Questions 60

10089.book Page xi Monday, July 23, 2007 3:17 PM

xii

Table of Contents

Answers to Written Lab 1 62Answer to Written Lab 1.2 63Answers to Written Lab 1.3 63Answers to Written Lab 1.4 64

Chapter 2 Introduction to TCP/IP 67

TCP/IP and the DoD Model 68The Process/Application Layer Protocols 70The Host-to-Host Layer Protocols 74The Internet Layer Protocols 83

IP Addressing 92IP Terminology 93The Hierarchical IP Addressing Scheme 93Private IP Addresses 98

Broadcast Addresses 100Summary 101Exam Essentials 102Written Lab 2 102Review Questions 104Answers to Review Questions 108Answers to Written Lab 2 110

Chapter 3 Subnetting, Variable Length Subnet Masks(VLSMs), and Troubleshooting TCP/IP 111

Subnetting Basics 112IP Subnet-Zero 113How to Create Subnets 114Subnet Masks 115Classless Inter-Domain Routing (CIDR) 116Subnetting Class C Addresses 118Subnetting Class B Addresses 127Subnetting Class A Addresses 134

Variable Length Subnet Masks (VLSMs) 137VLSM Design 138Implementing VLSM Networks 139

Summarization 147Troubleshooting IP Addressing 150

Determining IP Address Problems 153Summary 157Exam Essentials 158Written Labs 3 158

Written Lab 3.1: Written Subnet Practice #1 159Written Lab 3.2: Written Subnet Practice 159Written Lab 3.3: Written Subnet Practice 160

10089.book Page xii Monday, July 23, 2007 3:17 PM

Table of Contents

xiii

Review Questions 161Answers to Review Questions 166Answers to Written Lab 3.1 168Answers to Written Lab 3.2 169Answers to Written Lab 3.3 169

Chapter 4 Cisco’s Internetworking Operating System (IOS) and Security Device Manager (SDM) 171

The IOS User Interface 173Cisco Router IOS 173Connecting to a Cisco Router 173Bringing Up a Router 175

Command-Line Interface (CLI) 179Entering the CLI from a Non-ISR Router 180Overview of Router Modes 181CLI Prompts 182Editing and Help Features 185Gathering Basic Routing Information 189

Router and Switch Administrative Configurations 191Hostnames 191Banners 192Setting Passwords 194Encrypting Your Passwords 199Descriptions 201

Router Interfaces 204Bringing Up an Interface 206

Viewing, Saving, and Erasing Configurations 212Deleting the Configuration and Reloading the Router 214Verifying Your Configuration 214

Cisco’s Security Device Manager (SDM) 223Summary 232Exam Essentials 233Written Lab 4 234Hands-on Labs 235

Hands-on Lab 4.1: Logging into a Router 235Hands-on Lab 4.2: Using the Help and Editing Features 236Hands-on Lab 4.3: Saving a Router Configuration 237Hands-on Lab 4.4: Setting Your Passwords 237Hands-on Lab 4.5: Setting the Hostname, Descriptions,

IP Address, and Clock Rate 239Hands-on Lab 4.6: Installing SDM on Your Computer 241

Review Questions 242Answers to Review Questions 247Answers to Written Lab 4 249

10089.book Page xiii Monday, July 23, 2007 3:17 PM

xiv

Table of Contents

Chapter 5 Managing a Cisco Internetwork 251

The Internal Components of a Cisco Router 252The Router Boot Sequence 253Managing Configuration Register 254

Understanding the Configuration Register Bits 254Checking the Current Configuration Register Value 256Changing the Configuration Register 256Recovering Passwords 258Boot System Commands 261

Backing Up and Restoring the Cisco IOS 262Verifying Flash Memory 263Backing Up the Cisco IOS 264Restoring or Upgrading the Cisco Router IOS 265Using the Cisco IOS File System (Cisco IFS) 266Using the SDM to Manage the Flash Memory 270

Backing Up and Restoring the Cisco Configuration 274Backing Up the Cisco Router Configuration 275Restoring the Cisco Router Configuration 276Erasing the Configuration 277Using the Cisco IOS File System to Manage Your

Router’s Configuration (Cisco IFS) 278Using the SDM to Back Up/Restore and Edit

the Router’s Configuration 280Using Cisco Discovery Protocol (CDP) 283

Getting CDP Timers and Holdtime Information 283Gathering Neighbor Information 284Gathering Interface Traffic Information 289Gathering Port and Interface Information 290Documenting a Network Topology Using CDP 292

Using Telnet 295Telnetting into Multiple Devices Simultaneously 297Checking Telnet Connections 297Checking Telnet Users 297Closing Telnet Sessions 298Using SDM to Telnet into Your Router 299

Resolving Hostnames 300Building a Host Table 300Using DNS to Resolve Names 302

Checking Network Connectivity and Troubleshooting 305Using the

ping

Command 305Using the

traceroute

Command 307Debugging 308Using the

show processes

Command 310Summary 311

10089.book Page xiv Monday, July 23, 2007 3:17 PM

Table of Contents

xv

Exam Essentials 311Written Lab 5 313Hands-on Labs 313

Hands-on Lab 5.1: Backing Up Your Router IOS 314Hands-on Lab 5.2: Upgrading or Restoring

Your Router IOS 314Hands-on Lab 5.3: Backing Up the Router Configuration 314Hands-on Lab 5.4: Using the Cisco Discovery

Protocol (CDP) 315Hands-on Lab 5.5: Using Telnet 316Hands-on Lab 5.6: Resolving Hostnames 316

Review Questions 318Answers to Review Questions 323Answers to Written Lab 5 325

Chapter 6 IP Routing 327

Routing Basics 329The IP Routing Process 331

Testing Your IP Routing Understanding 336Configuring IP Routing 341

Configuring IP Routing in Our Network 362Static Routing 363Default Routing 374

Dynamic Routing 377Routing Protocol Basics 377

Distance-Vector Routing Protocols 379Routing Loops 380

Routing Information Protocol (RIP) 383RIP Timers 383Configuring RIP Routing 383Verifying the RIP Routing Tables 387Configuring RIP Routing Example 2 389Holding Down RIP Propagations 390RIP Version 2 (RIPv2) 390

Interior Gateway Routing Protocol (IGRP) 392Verifying Your Configurations 393

The

show ip protocols

Command 394The

debug ip rip

Command 395Enabling RIPv2 on Our Internetwork 398

Summary 401Exam Essentials 401Written Lab 6 402Hands-on Labs 403

Hands-on Lab 6.1: Creating Static Routes 404Hands-on Lab 6.2: Configuring RIP Routing 405

10089.book Page xv Monday, July 23, 2007 3:17 PM

xvi

Table of Contents

Review Questions 407Answers to Review Questions 413Answers to Written Lab 6 415

Chapter 7 Enhanced IGRP (EIGRP) and Open Shortest Path First (OSPF) 417

EIGRP Features and Operation 418Protocol-Dependent Modules 419Neighbor Discovery 419Reliable Transport Protocol (RTP) 421Diffusing Update Algorithm (DUAL) 421

Using EIGRP to Support Large Networks 422Multiple ASes 422VLSM Support and Summarization 423Route Discovery and Maintenance 424

Configuring EIGRP 426Corp 429R1 429R2 430R3 430Redistributing to the 871W Router from R3 432Configuring Discontiguous Networks 434

Load Balancing with EIGRP 435Verifying EIGRP 438Open Shortest Path First (OSPF) Basics 444

OSPF Terminology 446SPF Tree Calculation 448

Configuring OSPF 449Enabling OSPF 449Configuring OSPF Areas 450Configuring Our Network with OSPF 453

Verifying OSPF Configuration 457The

show ip ospf

Command 458The

show ip ospf database

Command 459The

show ip ospf interface

Command 460The

show ip ospf neighbor

Command 461The

show ip protocols

Command 461Debugging OSPF 462

OSPF DR and BDR Elections 465Neighbors 465Adjacencies 465DR and BDR Elections 466

OSPF and Loopback Interfaces 466Configuring Loopback Interfaces 467OSPF Interface Priorities 469

10089.book Page xvi Monday, July 23, 2007 3:17 PM

Table of Contents

xvii

Troubleshooting OSPF 471Configuring EIGRP and OSPF Summary Routes 474Summary 476Exam Essentials 477Written Lab 7 477Hands-on Labs 478

Hands-on Lab 7.1: Configuring and Verifying EIGRP 479Hands-on Lab 7.2: Enabling the OSPF Process 480Hands-on Lab 7.3: Configuring OSPF Neighbors 481Hands-on Lab 7.4: Verifying OSPF Operation 482Hands-on Lab 7.5: OSPF DR and BDR Elections 482

Review Questions 484Answers to Review Questions 489Answers to Written Lab 7 491

Chapter 8 Layer 2 Switching and Spanning Tree Protocol (STP) 493

Before Layer 2 Switching 494Switching Services 497

Limitations of Layer 2 Switching 498Bridging vs. LAN Switching 499Three Switch Functions at Layer 2 499

Spanning Tree Protocol (STP) 505Spanning Tree Terms 506Spanning Tree Operations 507

Configuring Catalyst Switches 514Catalyst Switch Configuration 515Verifying Cisco Catalyst Switches 528

Cisco Network Assistant 534Summary 541Exam Essentials 542Written Lab 8 542Review Questions 543Answers to Review Questions 548Answers to Written Lab 8.1 550

Chapter 9 Virtual LANs (VLANs) 551

VLAN Basics 552Broadcast Control 554Security 555Flexibility and Scalability 555

VLAN Memberships 558Static VLANs 558Dynamic VLANs 559

10089.book Page xvii Monday, July 23, 2007 3:17 PM

xviii

Table of Contents

Identifying VLANs 559Frame Tagging 561VLAN Identification Methods 562

VLAN Trunking Protocol (VTP) 563VTP Modes of Operation 564VTP Pruning 565

Routing between VLANs 567Configuring VLANs 568

Assigning Switch Ports to VLANs 570Configuring Trunk Ports 571Configuring Inter-VLAN Routing 575

Configuring VTP 580Troubleshooting VTP 583

Telephony: Configuring Voice VLANs 586Configuring the Voice VLAN 587Configuring IP Phone Voice Traffic 587

Using the CNA to Configure VLANs and Inter-VLAN Routing 588

Summary 597Exam Essentials 598Written Lab 9 599Review Questions 600Answers to Review Questions 605Answers to Written Lab 9.1 607

Chapter 10 Security 609

Perimeter, Firewall, and Internal Routers 610Recognizing Security Threats 611Mitigating Security Threats 614

Cisco’s IOS Firewall 614Introduction to Access Lists 615

Mitigating Security Issues with ACLs 618Standard Access Lists 619

Wildcard Masking 620Standard Access List Example 622Controlling VTY (Telnet) Access 625

Extended Access Lists 626Extended Access List Example 1 630Extended Access List Example 2 631

Advanced Access Lists 632Named ACLs 632Switch Port ACLs 634Lock and Key (Dynamic ACLs) 636Reflexive ACLs 637Time-Based ACLs 637

10089.book Page xviii Monday, July 23, 2007 3:17 PM

Table of Contents

xix

Remarks 638Context-Based Access Control (Cisco IOS Firewall) 639Authentication Proxy 640

Monitoring Access Lists 640Configuring Access Lists Using SDM 643

Creating ACLs with SDM 643Creating Firewalls with SDM 647

Summary 654Exam Essentials 655Written Lab 10.1 655Hands-on Labs 656

Hands-on Lab 10.1: Standard IP Access Lists 657Hands-on Lab 10.2: Extended IP Access Lists 657

Review Questions 661Answers to Review Questions 666Answers to Written Lab 10.1 668

Chapter 11 Network Address Translation (NAT) 669

When Do We Use NAT? 670Types of Network Address Translation 671NAT Names 672How NAT Works 673

Static NAT Configuration 674Dynamic NAT Configuration 675PAT (Overloading) Configuration 675Simple Verification of NAT 676

Testing and Troubleshooting NAT 677Configuring NAT on Our Internetwork 679Configuring NAT Using SDM 684Summary 688Exam Essentials 688Written Lab 11 688Hands-on Labs 689

Lab 11.1: Preparing for NAT 691Lab 11.2: Configuring Dynamic NAT 692Lab 11.3: Configuring PAT 694

Review Questions 696Answers to Review Questions 699Answers to Written Lab 11 701

Chapter 12 Cisco’s Wireless Technologies 703

Introduction to Wireless Technology 704The 802.11 Standards 706Comparing 802.11 711

10089.book Page xix Monday, July 23, 2007 3:17 PM

xx

Table of Contents

Cisco’s Unified Wireless Solution 712Split-MAC Architecture 715MESH and LWAPP 716AWPP 718Wireless Security 718

Configuring Our Wireless Internetwork 721Summary 729Exam Essentials 729Written Lab 12 730Review Questions 731Answers to Review Questions 735Answers to Written Lab 12 737

Chapter 13 Internet Protocol Version 6 (IPv6) 739

Why Do We Need IPv6? 740The Benefits and Uses of IPv6 741IPv6 Addressing and Expressions 742

Shortened Expression 743Address Types 744Special Addresses 745

How IPv6 Works in an Internetwork 746Autoconfiguration 746Configuring Cisco Routers with IPv6 747DHCPv6 748ICMPv6 749

IPv6 Routing Protocols 750RIPng 751EIGRPv6 751OSPFv3 752

Migrating to IPv6 753Dual Stacking 7546to4 Tunneling 754NAT-PT 755

Configuring IPv6 on Our Internetwork 756Configuring RIPng 759Configuring OSPFv3 763

Summary 766Exam Essentials 767Written Lab 13 767Review Questions 768Answers to Review Questions 771Answers to Written Lab 13.1 772

10089.book Page xx Monday, July 23, 2007 3:17 PM

Table of Contents

xxi

Chapter 14 Wide Area Networks 773

Introduction to Wide Area Networks 774Defining WAN Terms 775WAN Connection Types 775WAN Support 777

Cable and DSL 779Cable 780Digital Subscriber Line (DSL) 782

Cabling the Serial Wide Area Network 785Serial Transmission 785Data Terminal Equipment and Data Communication

Equipment 786High-Level Data-Link Control (HDLC) Protocol 787Point-to-Point Protocol (PPP) 788

Link Control Protocol (LCP) Configuration Options 789PPP Session Establishment 790PPP Authentication Methods 790Configuring PPP on Cisco Routers 791Configuring PPP Authentication 791Verifying PPP Encapsulation 792PPPoE Configuration 796

Frame Relay 798Introduction to Frame Relay Technology 798Frame Relay Implementation and Monitoring 805

Using SDM for WAN Connections 813Configuring PPP with Authentication Using SDM 813Configuring PPPoE with SDM

818

Configuring Frame Relay with SDM 822Virtual Private Networks 825

Introduction to Cisco IOS IPSec 826IPSec Transforms 826Configuring VPNs/IPSec Using the SDM 828

Summary 836Exam Essentials 836Written Lab 14 837Hands-on Labs 837

Hands-on Lab 14.1: Configuring PPP Encapsulation and Authentication 838

Hands-on Lab 14.2: Configuring and Monitoring HDLC 839

Hands-on Lab 14.3: Configuring Frame Relay and Subinterfaces 840

10089.book Page xxi Monday, July 23, 2007 3:17 PM

xxii

Table of Contents

Review Questions 842Answers to Review Questions 847Answers to Written Lab 14.1 849

Glossary

851

Index 911

10089.book Page xxii Monday, July 23, 2007 3:17 PM

Introduction

Welcome to the exciting world of Cisco certification! You have picked up this book because you want something better—namely, a better job with more satisfaction. Rest assured that you have made a good decision. Cisco certification can help you get your first networking job or more money and a promotion if you are already in the field.

Cisco certification can also improve your understanding of the internetworking of more than just Cisco products: You will develop a complete understanding of networking and how different network topologies work together to form a network. This is beneficial to every net-working job and is the reason Cisco certification is in such high demand, even at companies with few Cisco devices.

Cisco is the king of routing, switching, and security, the Microsoft of the internetworking world. The Cisco certifications reach beyond the popular certifications, such as the MCSE, to provide you with an indispensable factor in understanding today’s network—insight into the Cisco world of internetworking. By deciding that you want to become Cisco certified, you are saying that you want to be the best—the best at routing and the best at switching. This book will lead you in that direction.

For up-to-the minute updates covering additions or modifications to the CCNA certification exams, as well as additional study tools and review ques-tions, be sure to visit the Todd Lammle forum and website at

www.lammle.com

and/or

www.sybex.com

.

Cisco’s Network Support Certifications

Initially, to secure the coveted Cisco CCIE certification, you took only one test and then you were faced with the (extremely difficult) hands-on lab, an all-or-nothing approach that made it tough to succeed.

In response, Cisco created a series of new certifications to help you get the coveted CCIE as well as aid prospective employers in measuring skill levels. With these new certifications, which make for a better approach to preparing for that almighty lab, Cisco opened doors that few were allowed through before.

This book covers everything CCNA related. For up-to-date information on Todd Lammle Cisco Authorized CCNA CCNP, CCSP, CCVP, and CCIE boot-

camps, please see

www.lammle.com

and/or

www.globalnettraining.com

.

10089.book Page xxiii Monday, July 23, 2007 3:17 PM

xxiv

Introduction

Cisco Certified Network Associate (CCNA)

The CCNA certification was the first in the new line of Cisco certifications and was the pre-cursor to all current Cisco certifications. Now you can become a Cisco Certified Network Associate for the meager cost of this book and either one test at $150 or two tests at $125 each—although the CCNA exams are extremely hard and cover a lot of material, so you have to really know your stuff! Taking a Cisco class or spending months with hands-on experience is not out of the norm.

And once you have your CCNA, you don’t have to stop there—you can choose to continue with your studies and achieve a higher certification, called the Cisco Certified Network Pro-fessional (CCNP). Someone with a CCNP has all the skills and knowledge he or she needs to attempt the Routing and Switching CCIE lab. But just becoming a CCNA can land you that job you’ve dreamed about.

Why Become a CCNA?

Cisco, not unlike Microsoft and Novell (Linux), has created the certification process to give administrators a set of skills and to equip prospective employers with a way to measure skills or match certain criteria. Becoming a CCNA can be the initial step of a successful journey toward a new, highly rewarding, and sustainable career.

The CCNA program was created to provide a solid introduction not only to the Cisco Inter-network Operating System (IOS) and Cisco hardware, but also to internetworking in general, making it helpful to you in areas that are not exclusively Cisco’s. At this point in the certifi-cation process, it’s not unrealistic that network managers—even those without Cisco equip-ment—require Cisco certifications for their job applicants.

If you make it through the CCNA and are still interested in Cisco and internetworking, you’re headed down a path to certain success.

What Skills Do You Need to Become a CCNA?

To meet the CCNA certification skill level, you must be able to understand or do the following:�

A CCNA certified professional can install, configure, and operate LAN, WAN, and wire-less access services securely, as well as troubleshoot and configure small to medium net-works (500 nodes or fewer) for performance.

�

This knowledge includes, but is not limited to, use of these protocols: IP, IPv6, EIGRP, RIP, RIPv2, OSPF, serial connections, Frame Relay, cable, DSL, PPPoE, LAN switching, VLANs, Ethernet, security, and access lists.

Be sure and check my web site and/or Cisco’s web site for the latest Cisco CCNA objectives and other Cisco exams, objectives, and certifications that

can change on a moment’s notice

10089.book Page xxiv Monday, July 23, 2007 3:17 PM

Introduction

xxv

How Do You Become a CCNA?

The way to become a CCNA is to pass one little test (CCNA Composite exam 640-802). Then—poof!—you’re a CCNA. (Don’t you wish it were that easy?) True, it can be just one test, but you still have to possess enough knowledge to understand what the test writers are saying.

However, Cisco has a two-step process that you can take in order to become a CCNA that may or may not be easier than taking one longer exam (this book is based on the one-step method 640-802); however, this book has all the information you need to pass all three exams.

The two-step method involves passing the following:�

Exam 640-822: Interconnecting Cisco Networking Devices 1(ICND1)�

Exam 640-816: Introduction to Cisco Networking Devices 2 (ICND2)

I can’t stress this enough: It’s critical that you have some hands-on experience with Cisco routers. If you can get ahold of some 1841 or 2800 series routers, you’re set. But if you can’t, I’ve worked hard to provide hundreds of configuration examples throughout this book to help network administrators (or people who want to become network administrators) learn what they need to know to pass the CCNA exam.

Since the new 640-802 exam is so hard, Cisco wants to reward you for taking the two-test approach. Or so it seems. If you take the ICND1 exam, you actually receive a certification called the CCENT (Cisco Certified Entry Networking Technician). This is one step toward your CCNA. To achieve your CCNA, you must still pass your ICND2 exam.

Again, this book was written for the CCNA 640-802 Composite exam—one exam and you get your certification.

For Cisco Authorized hands-on training with CCSI Todd Lammle, please see

www.globalnettraining.com

. Each student will get hands-on experience by

configuring at least three routers and two switches—no sharing of equipment!

What Does This Book Cover?

This book covers everything you need to know in order to pass the CCNA 640-802 exam. However, taking the time to study and practice with routers or a router simulator is the real key to success.

You will learn the following information in this book:�

Chapter 1 introduces you to internetworking. You will learn the basics of the Open Sys-tems Interconnection (OSI) model the way Cisco wants you to learn it. Ethernet network-ing and standards are discussed in detail in this chapter as well. There are written labs and plenty of review questions to help you. Do not skip the written labs in this chapter!

�

Chapter 2 provides you with the background necessary for success on the exam as well as in the real world by discussing TCP/IP. This in-depth chapter covers the very beginnings of the Internet Protocol stack and then goes all the way to IP addressing and understand-ing the difference between a network address and a broadcast address before finally ending with network troubleshooting.

10089.book Page xxv Monday, July 23, 2007 3:17 PM

xxvi

Introduction

�

Chapter 3 introduces you to subnetting. You will be able to subnet a network in your head after reading this chapter. In addition, you’ll learn about Variable Length Subnet Masks (VLSMs) and how to design a network using VLSMs. This chapter will finish with sum-marization techniques and configurations. Plenty of help is found in this chapter if you do not skip the Written Lab and Review Questions.

�

Chapter 4 introduces you to the Cisco Internetwork Operating System (IOS) and command-line interface (CLI). In this chapter you will learn how to turn on a router and configure the basics of the IOS, including setting passwords, banners, and more. IP configuration using the Secure Device Manager (SDM) will be discussed and Hands-on Labs will help you gain a firm grasp of the concepts taught in the chapter. Before you go through the Hands-on Labs, be sure to complete the Written Lab and Review Questions.

�

Chapter 5 provides you with the management skills needed to run a Cisco IOS network. Back-ing up and restoring the IOS, as well as router configuration, is covered, as are the trouble-shooting tools necessary to keep a network up and running. Before performing the Hands-on Labs in this chapter, complete the Written Lab and Review Questions.

�

Chapter 6 teaches you about IP routing. This is a fun chapter, because you will begin to build your network, add IP addresses, and route data between routers. You will also learn about static, default, and dynamic routing using RIP and RIPv2 (with a small touch of IGRP). Written and Hands-on Labs will help you understand IP routing to the fullest.

�

Chapter 7 dives into more complex dynamic routing with Enhanced IGRP and OSPF routing. The Written Lab, Hands-on Labs, and Review Questions will help you master these routing protocols.

�

Chapter 8 gives you a background on layer 2 switching and how switches perform address learning and make forwarding and filtering decisions. Network loops and how to avoid them with the Spanning Tree Protocol (STP) will be discussed, as well as the 802.1w STP version. Go through the Written Lab and Review Questions to help you really understand the basic layer 2 switching on an internetwork.

�

Chapter 9 covers virtual LANs and how you can use them in your internetwork. This chapter also covers the nitty-gritty of VLANs and the different concepts and protocols used with VLANs, as well as troubleshooting. The Written Lab and Review Questions will reinforce the VLAN material.

�

Chapter 10 covers security and access lists, which are created on routers to filter the network. IP standard, extended, and named access lists are covered in detail. Written and Hands-on Labs, along with Review Questions, will help you study for the security and access-list portion of the CCNA Composite exam.

�

Chapter 11 covers Network Address Translation (NAT). This chapter has been on the Sybex website for a few years as an update to my last CCNA book, but I updated it and added it to this edition. New information, commands, troubleshooting, and labs will help you nail the NAT CCNA objectives.

�

Chapter 12 covers wireless technologies. This is an introductory chapter regarding wire-less technologies as Cisco sees them. However, I also added some advanced wireless topics that cover Cisco’s newest gear. At this time, advanced wireless is not covered within the Cisco CCNA objectives, but that can change on any given day. Make sure you understand

10089.book Page xxvi Monday, July 23, 2007 3:17 PM

Introduction

xxvii

your basic wireless technologies like access points and clients, as well as the difference between 802.11a, b, and g.

�

Chapter 13 covers IPv6. This is a fun chapter and has some great information. IPv6 is not the big, bad scary monster that most people think it is. IPv6 is an objective on this new exam, so study this chapter carefully. Keep an eye out at

www.lammle.com

for late-breaking updates.�

Chapter 14 concentrates on Cisco wide area network (WAN) protocols. This chapter covers HDLC, PPP, and Frame Relay in depth, as well as other protocols we use on a daily basis like Cable, DSL and PPPoE. You must be proficient in all these protocols to be successful on the CCNA exam. Do not skip the Written Lab, Review Questions, or Hands-on Labs found in this chapter.

How to Use This Book

If you want a solid foundation for the serious effort of preparing for the Cisco Certified Network Associate (CCNA Composite) 640-802 exam, then look no further. I have spent hundreds of hours putting together this book with the sole intention of helping you to pass the CCNA exam and learn how to configure Cisco routers and switches (among hundreds of other things!).

This book is loaded with valuable information, and you will get the most out of your studying time if you understand how I put the book together.

To best benefit from this book, I recommend the following study method:

1.

Take the assessment test immediately following this introduction. (The answers are at the end of the test.) It’s okay if you don’t know any of the answers; that is why you bought this book! Carefully read over the explanations for any question you get wrong and note the chapters in which the material is covered. This information should help you plan your study strategy. Honestly, my recommendation is to just start reading from Chapter 1 and don’t stop until you’re all the way through Chapter 14.

2.

Study each chapter carefully, making sure that you fully understand the information and the test objectives listed at the beginning of each one. Pay extra-close attention to any chapter that includes material covered in questions you missed in the assessment test.

3.

Complete each Written Lab at the end of each chapter. Do

not

skip these written exercises because they directly relate to the CCNA Composite objectives and what you must glean from the chapters in which they appear. Do not just skim these labs! Make sure you understand completely the reason for each answer.

4.

Complete all Hands-on Labs in the chapter (not all chapters have hands-on labs, referring to the text of the chapter so that you understand the reason for each step you take. If you do not have Cisco equipment available, go to

www.routersim.com

for a router simulator that will cover all the hands-on labs needed for all your Cisco certification needs.

5.

Answer all of the Review Questions related to each chapter. (The answers appear at the end of the chapters.) Note the questions that confuse you and study those sections of the book again. Do not just skim these questions! Make sure you understand completely the reason for each answer. Remember that these will not be the exact questions you find on the exam; they are written to help you understand the chapter material.

10089.book Page xxvii Monday, July 23, 2007 3:17 PM

xxviii

Introduction

6.

Try your hand at the bonus exams that are included on the companion CD. The questions in these exams appear only on the CD. Check out

www.lammle.com

for more Cisco exam prep questions. The questions found at

www.lammle.com

will be updated at least monthly, if not weekly or even daily! Before you take your test, be sure and visit my web site for ques-tions, videos, audios and other useful information.

7.

Also on the companion CD is the first module from my complete CCNA video series, which covers internetworking and basic networking. This is critical for the CCNA exam. In addition, as an added bonus, I have included an audio section from my CCNA audio program. Do not skip the video and audio section!

Just a note to let you know that I mention the test number 640-801 in the video and audio sections. This is nothing to be concerned about as the information

presented is valid for both the 640-801 and 640-802 exam.

8.

Test yourself using all the flashcards on the CD. These are brand new and updated flash-card programs to help you prepare for the CCNA exam. These are a great study tool!

To learn every bit of the material covered in this book, you’ll have to apply yourself regu-larly, and with discipline. Try to set aside the same time period every day to study, and select a comfortable and quiet place to do so. If you work hard, you will be surprised at how quickly you learn this material.

If you follow the steps listed above and really study and practice the Review Questions, bonus exams, the Todd Lammle video/audio sections, and the electronic flashcards, as well as all the Written and Hands-on Labs, it would be hard to fail the CCNA Composite exam. How-ever, studying for the CCNA exam is like trying to get in shape—if you do not go to the gym every day, you won’t get in shape.

What’s on the CD?

We worked hard to provide some really great tools to help you with your certification process. All of the following tools should be loaded on your workstation when you’re studying for the test. As a fantastic bonus, I was able to add a section from both my CCNA video and audio series to the CD included with this book!

The Sybex Test Preparation Software

The test preparation software prepares you to pass the CCNA exam. In this test engine, you will find all the review and assessment questions from the book, plus two additional bonus exams that appear exclusively on the CD.

Electronic Flashcards for PC, Pocket PC, and Palm Devices

To prepare for the exam, you can read this book, study the Review Questions at the end of each chapter, and work through the practice exams included in the book and on the compan-ion CD. But wait, there’s more! You can also test yourself with the flashcards included on the

10089.book Page xxviii Monday, July 23, 2007 3:17 PM