Cisco Network Training - GDT · PDF fileCisco Network Training ... CCNP VoiceCCNA –Cisco Certified Networking Associate ... Pass the current CCDE Written Exam OR current CCDE Practical

Cisco Network Training

Mark Breedlove

Systems Engineer – CCIE R&S 8657

May 2015

(CCENT/CCT/CCNA R&S)

Cisco PublicCisco Confidential 2© 2014 Cisco and/or its affiliates. All rights reserved.

Agenda

� Introduction/Overview

� Objective

� CCNA Level?

� Certifications

� OSI and TCP/IP Models

� Ethernet, Hubs, Bridges, Switches

� Device Access

� Resources


Objective

� First and foremost, better understanding

� Foundational knowledge leads to better productivity

� Employers know there is value in Cisco Certified employees

� http://www.cisco.com/go/hire - White paper on certifications

� Employees who were Cisco certified were found to have increased speed and effectiveness in completing network-related IT projects, resolving technical problems and an ability to come up to speed rapidly during onboarding.

� Seventy-eight percent of network managers in the survey rated their Cisco certified

staff as coming up to speed more than 20 percent faster.

� More than half of the networking managers in the survey rated external customer

satisfaction as being 30 percent or better as a result of Cisco certified staff.

� Network managers in the survey believed that Cisco certified employees reduce

network downtime by as much as 37 percent on average.

� http://www.cisco.com/web/learning/employer_resources/pdfs/wp13CS4110_EmployerValue.pdf


Certifications

� Entry Level

� CCT – Cisco Certified Technician

� CCT – Data Center

� CCT – Routing & Switching

� CCT – Telepresence

� CCENT – Cisco Certified Entry Technician

� Associate Level

� CCNA – Cisco Certified Networking Associate

� CCNA – Routing and Switching

� CCDA

� CCNA – Data Center

� CCNA – Security

� CCNA Service Provider

� CCNA Server Provider Operations (Retired Feb 1st, 2015)

� CCNA Video

� CCNA Voice

� CCNA Wireless

� Professional Level

� CCNP – Cisco Certified Networking Professional

� CCDP

� CCNP Data Center

� CCNP Security

� CCNP Service Provider

� CCNP Service Provider Operations

� CCNP Voice

� CCNP Wireless

� Expert Level – Practical Lab

� CCIE – Cisco Certified Internetwork Expert

� CCDE – Cisco Certified Design Expert

� Architect Level – Board Review

� CCAr – Cisco Certified Architect


CCNA – Routing and Switching


� The 200-120 composite CCNA v2 exam is a 1.5 hour test with 50 – 60 questions.

� http://www.cisco.com/web/learning/exams/docs/200-120_composite2.pdf

Exam Description


Content� Operation of Data Networks

� Hubs, Switches, Bridges, Routers

� LAN Switching Technologies

� L2 – Collision Domains, Broadcast Domains, RSTP, Etherchannels, etc

� IP Addressing (IPv4/IPv6)

� Addressing, public/private, subnetting, etc

� IP Routing Technologies

� CEF, packet forwarding, routing tables, OSPF, EIGRP, SVIs

� IP Services

� DHCP, ACLs, NAT, HSRP, VRRP, GLBP, SNMP, etc

� Network Device Security

� SSH, VTY, port conditions, etc

� Troubleshooting

� Resolve issues with everything above

� WAN Technologies

� Metro Ethernet, T1/E1, MPLS, ISDN, VPN, etc


� CCNA Routing and Switching certifications are valid for three years. To recertify, pass ONE of the following before the certification expiration date:

� Pass any current Associate-level exam except for the ICND1 exam

� Pass any current 642-XXX Professional-level or any 300-XXX Professional-level exam

� Pass any current 642-XXX Cisco Specialist exam (excluding Sales Specialist exams or MeetingPlace Specialist exams, Implementing Cisco TelePresence Installations (ITI) exams, Cisco Leading Virtual Classroom Instruction exams, or any 650 online exams)

� Pass any current CCIE Written Exam

� Pass the current CCDE Written Exam OR current CCDE Practical Exam

� Pass the Cisco Certified Architect (CCAr) interview AND the CCAr board review to extend lower certifications.

Recertification

Cisco Confidential 9© 2013 Cisco and/or its affiliates. All rights reserved.


OSI Model

� We still use the OSI model for terminology

� “Layer 2 Switch”

� “Layer 3 Protocol”


TCP/IP Model

� A networking model, sometimes also called either a networking architecture or networking blueprint, refers to a comprehensive set of documents. Individually, each document describes one small function required for a network; collectively, these documents define everything that should happen for a computer network to work.


TCP/IP Model� Step 1. Create and encapsulate the application data with any required application layer headers. For example, the HTTP OK message

can be returned in an HTTP header, followed by part of the contents of a web page.

� Step 2. Encapsulate the data supplied by the application layer inside a transport layer header. For end-user applications, a TCP or UDP header is typically used.

� Step 3. Encapsulate the data supplied by the transport layer inside a network layer (IP) header. IP defines the IP addresses that uniquely identify each computer.

� Step 4. Encapsulate the data supplied by the network layer inside a data link layer header and trailer. This layer uses both a header and a trailer.

� Step 5. Transmit the bits. The physical layer encodes a signal onto the medium to transmit the frame.


Standards� IEEE – Institute for Electrical and Electronic Engineers

� RFC – Request for Comments (TCP/IP uses to deploy protocols)



LANs and Ethernet


� 10Base-T (IEEE 802.3) 10 Mbps using category 3 unshielded twisted pair (UTP) wiring for runs up to 100 meters. Unlike with the 10Base-2 and 10Base-5 networks, each device must connect into a hub or switch, and you can have only one host per segment or wire. It uses an RJ45 connector (8-pin modular connector) with a physical star topology and a logical bus.

� 100Base-TX (IEEE 802.3u) 100Base-TX, most commonly known as Fast Ethernet, uses EIA/TIA category 5, 5E, or 6 UTP two-pair wiring. One user per segment; up to 100 meters long. It uses an RJ45 connector with a physical star topology and a logical bus.

� 100Base-FX (IEEE 802.3u) Uses fiber cabling 62.5/125-micron multimode fiber. Point-to-point topology; up to 412 meters long. It uses ST and SC connectors, which are media-interface connectors.

� 1000Base-CX (IEEE 802.3z) Copper twisted-pair, called twinax, is a balanced coaxial pair that can run only up to 25 meters and uses a special 9-pin connector known as the High Speed Serial Data Connector (HSSDC). This is used in Cisco’s new Data Center technologies.

� 1000Base-T (IEEE 802.3ab) Category 5, four-pair UTP wiring up to 100 meters long and up to 1 Gbps.

� 1000Base-SX (IEEE 802.3z) The implementation of 1 Gigabit Ethernet running over multimode fiber-optic cable instead of copper twisted-pair cable, using short wavelength laser. Multimode fiber (MMF) using 62.5- and 50-micron core; uses an 850 nanometer (nm) laser and can go up to 220 meters with 62.5-micron, 550 meters with 50-micron.

� 1000Base-LX (IEEE 802.3z) Single-mode fiber that uses a 9-micron core and 1300 nm laser and can go from 3 kilometers up to 10 kilometers.

� 1000Base-ZX (Cisco standard) 1000BaseZX, or 1000Base-ZX, is a Cisco specified standard for Gigabit Ethernet communication. 1000BaseZX operates on ordinary single-mode fiber-optic links with spans up to 43.5 miles (70 km).

� 10GBase-T (802.3.an) 10GBase-T is a standard proposed by the IEEE 802.3an committee to provide 10 Gbps connections over conventional UTP cables, (category 5e, 6, or 7 cables). 10GBase-T allows the conventional RJ45 used for Ethernet LANs and can support signal transmission at the full 100-meter distance specified for LAN wiring.

Media, Cables, Plumbing


� Straight – through

� Crossover

� Rolled

Unshielded Twisted Pair (UTP)


� Host to Switch

� Router to Switch

Straight Through Cable


Crossover Cable


UTP Gigabit (1000Base-T)


Rolled Cables


Ethernet – Consistent at the Data Link

� Although Ethernet includes many physical layer standards, Ethernet acts like a single LAN technology because it uses the same data link layer standard over all types of Ethernet physical links.


White Board – Hubs/Bridges

� Hubs

� Bridges

� Half Duplex / Full Duplex

� Collision Domains


� Hubs operate at half-duplex

� Must detect collisions

� 30-40% overhead CSMA/CD

Half Duplex


� Two pairs of wires instead of one

� Point to point connections

Full Duplex


Segmenting


White Board - Switches

� MAC Addresses (Unicast vs Broadcast)

� CAM Table, MAC Address Table, Bridging Table, Switching Table

� Forwarding

� Loop Prevention (STP)

� Processing (Store and Forward, Cut Through, Fragment Free)


Switch Forwarding


Ethernet Addressing

� Ethernet addresses, also called Media Access Control (MAC)addresses, are 6-byte-long (48-bit-long) binary numbers

� Listed as 12 digit hexadecimal numbers

� Cisco switch might list a MAC address as 0000.0C12.3456 for readability


� http://standards.ieee.org/develop/regauth/oui/public.html

� FF:FF:FF:FF:FF:FF - Broadcast

Troubleshooting and Identification


Base Design Concepts

� Broadcast Domains

� LAN switches forward Broadcast frames

� Routers do not forward Broadcast frames

� VLANs

� Virtual LANs (Trunks)

� A LAN consists of devices in the same Broadcast Domain

� Without VLANs, a switch considers all ports in the same broadcast domain

� With VLANs a switch groups different interfaces into separate broadcast domains based on configuration


Campus Design Terminology

� Access

� Connects directly to client devices (gives them access to the network)

� Distribution

� Forwards traffic to other access switches (doesn’t connect to end devices)

� Core

� Forwards traffic between other areas of the network (distribution)


� Shared Bandwidth

� Distance

� Privacy/Security

Meet the Required Needs of your users



� One of the first! 1969

� Terminal Emulation

� Access Remote Resources

� Everything in clear text

� Low overhead

Telnet


� Similar to Telnet

� Uses encrypted data

� “This one simple trick

will make you life easier”

“Auditors hate us”

Secure Shell (SSH)


� Transfers files

� Operates as a program

� Access Files

� Access Directories

File Transfer Protocol (FTP)


� Stripped down version of FTP

� Protocol of choice ifA

� You know what you want

� You know where to get it

Trivial File Transfer Protocol (TFTP)


� Gathers data by polling devices on the network

� Receives a baseline of a healthy network

� Agents can send alerts

� Agents send traps

Simple Network Management Protocol (SNMP)


� Used to synchronize clocks

� Normally one standard time source

� Keeps network devices time in sync

� Important for troubleshooting

Network Time Protocol (NTP)


� Resolves hostnames

� IP address identifies hosts on a network – DNS makes our lives easier

� If a server doesn’t know

� Forward request to root

� Fully Qualified Domain Name

Domain Name Service (DNS)


� Assigns IP addresses to hosts

� Many types of DHCP servers

� IP address

� Subnet Mask

� Domain Name

� DNS Server

� Default Gateway

Dynamic Host Configuration (DHCP)



Device Access

� Serial/Console

� Direct Connect, device not configured

� Telnet

� TCP/IP – Clear text

� SSH (Secure Shell)

� TCP/IP – Encrypts data


Device Access

� Default security – no password or remote login capabilities

� Direct Connect, device not configured

� Once configured for Telnet and/or SSH – need password

� SSH needs more configuration – Username and Password


Device Access

� User and Enable Modes

� Privileged (enable)

� Once configured for Telnet and/or SSH – need password

� Transport input all


Device Access

� Configuration Mode

� Configure terminal to enter

� Ctrl-z or end to exit

� Configuration Sub Modes


Editing and Help


Editing and Help


Editing and Help


Editing and Help


Troubleshooting


Troubleshooting


Troubleshooting


Troubleshooting


Device Access

� Storing Switch Configuration Files


Device Access

� Remote IP Access

� Assign an IP address to a Switched Virtual Interface (SVI)

� A typical Layer 2 switch can only use one SVI for IP access

� A multilayer switch or layer 3

� Switch can “route” between svi


Device Access

� Shutdown or Change the VLAN of unused ports

� Set unused ports to a non-used VLAN

� Change ports from trunked ports to access ports

� Change the native VLAN to a non-VLAN 1 vlan

� OrAjust shutdown the port


Secure Configurations



� http://www.cisco.com

� http://www.cisco.com/goAA

� Google

Resources


� http://www.cisco.com/web/learning/certifications/index.html

Resources


� http://www.ciscopress.com

Resources


� http://virl.cisco.com

� Design, learn and test with virtual machine running real Cisco network operating systems – IOS, IOS Layer-2, IOS XE, IOS XR, NX-OS and ASA firewall as well as virtual machine running 3rd party operating systems.

Resources


How do you:� Test new OS versions and features?

� Stage new deployments?

� Troubleshoot problems?

� Train new staff?

� Develop new offerings?

The Challenge

All at scale, with limited budgets, and

without harming live networks?

Virtual Internet

Routing Labs


A multi-purpose extensible network virtualization

and simulation platform

� Enables highly-accurate models of real-world / future networks

� Leverages ‘real’ network operating systems - build synched with

platform releases

� Supports the integration of ‘real’ and virtual networks

� Allows servers, appliances, and routers to be added and removed

on-demand

What is Virtual Internet Routing Labs (VIRL)?


� Single project and user

� Deployment on vmWareWorkstation, Player, or Fusion

� One-year license terms

� 15 nodes

� 60-day demo license

� Community supported

� Valuable for self-education and certification training

� Cisco VIRL Personal Edition annual license for a single installation of this scalable network design and simulation environment for servers or laptops. This includes IOSv, IOSvL2, IOS XRv, NX-OSv, CSR1000v and ASA1000v virtual machines as well as third party images such as Ubuntu Linux.

Editions and FeaturesPersonal Edition v1.0


Teach and train the next generation� Network engineers

� Operators

� Designers

� Architects

Students need ‘hands-on’ experience but the challenge is access to hardware� Learn by doing!

� 10 students to 1 router or 1 student to 10 routers?

� Real-world operating systems or Open-source?

Case 1: Training and Education


Case 2: Test New Features, Solutions

Segment Routing

– hand’s on

SDN Technologies

test-bed


Cisco PSIRT has your back

• Dedicated, global team managing security vulnerability information related to Cisco products and networks

• Responsible for Cisco Security Advisories, Responses and Notices

• Interface with security researchers and hackers

• Assist Cisco product teams in securing products

• Subscribe (RSS or email) to Cisco notification service

Product Security Incident Response Team (PSIRT) - www.cisco.com/go/psirt

Cisco Confidential 71© 2013-2014 Cisco and/or its affiliates. All rights reserved.

Q & A

Thank you.

Documents

Cisco Network Training - GDT · PDF fileCisco Network Training ... CCNP VoiceCCNA –Cisco Certified Networking Associate ... Pass the current CCDE Written Exam OR current CCDE Practical