You are previewing Interconnecting Cisco Network Devices, Part 2 (ICND2).
O'Reilly logo
Interconnecting Cisco Network Devices, Part 2 (ICND2)

Book Description

Authorized Self-Study Guide

Interconnecting Cisco Network Devices, Part 2 (ICND2)

Third Edition

Foundation learning for CCNA ICND2 Exam 640-816

Steve McQuerry, CCIE® No. 6108

Interconnecting Cisco Network Devices, Part 2 (ICND2), is a Cisco®-authorized, self-paced learning tool for CCNA® foundation learning. This book provides you with the knowledge needed to install, operate, and troubleshoot a small to medium-size branch office enterprise network, including configuring several switches and routers, connecting to a WAN, and implementing network security.

In Interconnecting Cisco Network Devices, Part 2 (ICND2), you will study actual router and switch output to aid your understanding of how to configure these devices. Many notes, tips, and cautions are also spread throughout the book. Specific topics include constructing medium-size routed and switched networks, OSPF and EIGRP implementation, access control lists (ACL), address space management, and LAN extensions into a WAN. Chapter-ending review questions illustrate and help solidify the concepts presented in the book.

Whether you are preparing for CCNA certification or simply want to gain a better understanding of how to build medium-size Cisco networks, you will benefit from the foundation information presented in this book.

Interconnecting Cisco Network Devices, Part 2 (ICND2), is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining.

Steve McQuerry, CCIE® No. 6108, is a consulting systems engineer with Cisco focused on data center architecture. Steve works with enterprise customers in the Midwestern United States to help them plan their data center architectures. He has been an active member of the internetworking community since 1991 and has held multiple certifications from Novell, Microsoft, and Cisco. Before joining Cisco Steve worked as an independent contractor with Global Knowledge, where he taught and developed coursework around Cisco technologies and certifications.

  • Review the Cisco IOS® Software command structure for routers and switches

  • Build LANs and understand how to overcome problems associated with Layer 2 switching

  • Evaluate the differences between link-state and distance vector routing protocols

  • Configure and troubleshoot OSPF in a single area

  • Configure and troubleshoot EIGRP

  • Identify and filter traffic with ACLs

  • Use Network Address Translation (NAT) and Port Address Translation (PAT) to conserve IPv4 address space and implement IPv6

  • Connect different sites over WANs or the Internet using IPsec VPN, SSL VPN, leased line, and Frame Relay connections

  • This volume is in the Certification Self-Study Series offered by Cisco Press®. Books in this series provide officially developed self-study solutions to help networking professionals understand technology implementations and prepare for the Cisco Career Certifications examinations.

    Category: Cisco Press—Cisco Certification

    Covers: ICND2 Exam 640-816

    Table of Contents

    1. Copyright
      1. Dedications
    2. About the Author
    3. About the Technical Reviewers
    4. Acknowledgments
    5. Icons Used in This Book
    6. Command Syntax Conventions
    7. Foreword
    8. Introduction
      1. Goals
      2. Chapter Organization
      3. Features
    9. 1. Review of Cisco IOS for Routers and Switches
      1. Chapter Objectives
      2. Cisco IOS CLI Functions
        1. Configuration Modes of Cisco IOS Software
        2. Help Facilities of the Cisco IOS CLI
        3. Commands Review
        4. Summary of Cisco IOS CLI Commands
      3. Chapter Summary
      4. Review Questions
    10. 2. Medium-Sized Switched Network Construction
      1. Chapter Objectives
      2. Implementing VLANs and Trunks
        1. Understanding VLANs
        2. VLAN Overview
          1. Grouping Business Functions into VLANs
          2. Applying IP Address Space in the Enterprise Network
          3. Example: Network Design
          4. Considering Traffic Source to Destination Paths
          5. Voice VLAN Essentials
        3. VLAN Operation
        4. Understanding Trunking with 802.1Q
          1. 802.1Q Frame
          2. 802.1Q Native VLAN
        5. Understanding VLAN Trunking Protocol
          1. VTP Modes
          2. VTP Operation
          3. VTP Pruning
        6. Configuring VLANs and Trunks
          1. VTP Configuration
          2. Example: VTP Configuration
          3. 802.1Q Trunking Configuration
          4. VLAN Creation
          5. VLAN Port Assignment
          6. Adds, Moves, and Changes for VLANs
          7. Adding VLANs and Port Membership
          8. Changing VLANs and Port Membership
          9. Deleting VLANs and Port Membership
        7. Summary of Implementing VLANs and Trunks
      3. Improving Performance with Spanning Tree
        1. Building a Redundant Switched Topology
          1. Choosing Interconnection Technologies
          2. Determining Equipment and Cabling Needs
          3. EtherChannel Overview
        2. Redundant Topology
        3. Recognizing Issues of a Redundant Switched Topology
          1. Switch Behavior with Broadcast Frames
          2. Broadcast Storms
          3. Example: Broadcast Storms
          4. Multiple Frame Transmissions
          5. Example: Multiple Transmissions
          6. MAC Database Instability
        4. Resolving Issues with STP
          1. Spanning-Tree Operation
          2. Example: Selecting the Root Bridge
          3. Example: Spanning-Tree Operation
          4. Example: Spanning-Tree Path Cost
          5. Example: Spanning-Tree Recalculation
          6. STP Convergence
          7. Per VLAN Spanning Tree+
          8. PVST+ Operation
          9. Rapid Spanning Tree Protocol
          10. Per VLAN RSTP
          11. Multiple Spanning Tree Protocol
          12. RSTP Port Roles
        5. Configuring RSTP
        6. Summary of Improving Performance with Spanning Tree
      4. Routing Between VLANs
        1. Understanding Inter-VLAN Routing
          1. Example: Router on a Stick
          2. Example: Subinterfaces
        2. Configuring Inter-VLAN Routing
        3. Summary of Routing Between VLANs
      5. Securing the Expanded Network
        1. Overview of Switch Security Concerns
        2. Securing Switch Devices
          1. Securing Switch Protocols
          2. Mitigating Compromises Launched Through a Switch
          3. Describing Port Security
            1. Scenario for Using Port Security
            2. Process for Configuring Port Security
          4. 802.X Port-Based Authentication
        3. Summary of Securing the Expanded Network
      6. Troubleshooting Switched Networks
        1. Troubleshooting Switches
        2. Troubleshooting Port Connectivity
          1. Hardware Issues
          2. Configuration Issues
        3. Troubleshooting VLANs and Trunking
          1. Native VLAN Mismatches
          2. Trunk Mode Mismatches
          3. VLANs and IP Subnets
          4. Inter-VLAN Connectivity
        4. Troubleshooting VTP
          1. Unable to See VLAN Details in the show run Command Output
          2. Cisco Catalyst Switches Do Not Exchange VTP Information
          3. Recently Installed Switch Causes Network Problems
          4. All Ports Inactive After Power Cycle
        5. Troubleshooting Spanning Tree
          1. Use the Diagram of the Network
          2. Identify a Bridging Loop
            1. Restore Connectivity Quickly
            2. Disable Ports to Break the Loop
          3. Log STP Events
          4. Temporarily Disable Unnecessary Features
          5. Designate the Root Bridge
          6. Verify the Configuration of RSTP
        6. Summary of Troubleshooting Switched Networks
      7. Chapter Summary
      8. Review Questions
    11. 3. Medium-Sized Routed Network Construction
      1. Chapter Objectives
      2. Reviewing Dynamic Routing
        1. Understanding Distance Vector Routing Protocols
          1. Route Discovery, Selection, and Maintenance
          2. Routing Loops
            1. Troubleshooting Routing Loops with Maximum Metric Settings
            2. Preventing Routing Loops with Split Horizon
            3. Preventing Routing Loops with Route Poisoning
          3. Route Maintenance Using Hold-Down Timers
          4. Route Maintenance Using Triggered Updates
          5. Route Maintenance Using Hold-Down Timers with Triggered Updates
        2. Link-State and Advanced Distance Vector Protocols
          1. Link-State Routing Protocol Algorithms
          2. Advanced Distance Vector Protocol Algorithm
        3. Summary of Reviewing Routing Operations
      3. Implementing Variable-Length Subnet Masks
        1. Reviewing Subnets
          1. Computing Usable Subnetworks and Hosts
        2. Introducing VLSMs
        3. Route Summarization with VLSM
        4. Summary of Implementing Variable-Length Subnet Masks
      4. Chapter Summary
      5. Review Questions
    12. 4. Single-Area OSPF Implementation
      1. Chapter Objectives
      2. Introducing OSPF
        1. Establishing OSPF Neighbor Adjacencies
        2. SPF Algorithm
        3. Configuring and Verifying OSPF
        4. Loopback Interfaces
        5. Verifying the OSPF Configuration
        6. Using OSPF debug Commands
        7. Load Balancing with OSPF
        8. OSPF Authentication
          1. Types of Authentication
          2. Configuring Plaintext Password Authentication
          3. Example: Plaintext Password Authentication Configuration
          4. Verifying Plaintext Password Authentication
        9. Summary of OSPF Introduction
      3. Troubleshooting OSPF
        1. Components of Troubleshooting OSPF
        2. Troubleshooting OSPF Neighbor Adjacencies
        3. Troubleshooting OSPF Routing Tables
        4. Troubleshooting Plaintext Password Authentication
        5. Summary of Troubleshooting OSPF
      4. Chapter Summary
      5. Review Questions
    13. 5. Implementing EIGRP
      1. Chapter Objectives
      2. Implementing EIGRP
        1. Introducing EIGRP
        2. Configuring and Verifying EIGRP
        3. Load Balancing with EIGRP
          1. EIGRP Metric
          2. Load Balancing Across Equal Paths
          3. Configuring Load Balancing Across Unequal-Cost Paths
          4. Example: Variance
        4. EIGRP Authentication
          1. Creating a Key Chain
          2. Configuring MD5 Authentication for EIGRP
          3. Example: MD5 Authentication Configuration
          4. Verifying MD5 Authentication
        5. Summary of Implementing EIGRP
      3. Troubleshooting EIGRP
        1. Components of Troubleshooting EIGRP
        2. Troubleshooting EIGRP Neighbor Relationships
        3. Troubleshooting EIGRP Routing Tables
        4. Troubleshooting EIGRP Authentication
          1. Example: Successful MD5 Authentication
          2. Example: Troubleshooting MD5 Authentication Problems
        5. Summary of Troubleshooting EIGRP
      4. Chapter Summary
      5. Review Questions
    14. 6. Managing Traffic with Access Control Lists
      1. Chapter Objectives
      2. Access Control List Operation
        1. Understanding ACLs
        2. ACL Operation
        3. Types of ACLs
        4. ACL Identification
        5. Additional Types of ACLs
          1. Dynamic ACLs
          2. Reflexive ACLs
          3. Time-Based ACLs
        6. ACL Wildcard Masking
        7. Summary of ACL Operations
      3. Configuring ACLs
        1. Configuring Numbered Standard IPv4 ACLs
          1. Example: Numbered Standard IPv4 ACL—Permit My Network Only
          2. Example: Numbered Standard IPv4 ACL—Deny a Specific Host
          3. Example: Numbered Standard IPv4 ACL—Deny a Specific Subnet
        2. Controlling Access to the Router Using ACLs
        3. Configuring Numbered Extended IPv4 ACLs
          1. Extended ACL with the established Parameter
          2. Numbered Extended IP ACL: Deny FTP from Subnets
          3. Numbered Extended ACL: Deny Only Telnet from Subnet
        4. Configuring Named ACLs
          1. Creating Named Standard IP ACLs
          2. Creating Named Extended IP ACLs
          3. Named Extended ACL: Deny a Single Host from a Given Subnet
          4. Named Extended ACL—Deny a Telnet from a Subnet
        5. Adding Comments to Named or Numbered ACLs
        6. Summary of Configuring ACLs
      4. Troubleshooting ACLs
        1. Problem: Host Connectivity
        2. Summary of Troubleshooting ACLs
      5. Chapter Summary
      6. Review Questions
    15. 7. Managing Address Spaces with NAT and IPv6
      1. Chapter Objectives
      2. Scaling the Network with NAT and PAT
        1. Introducing NAT and PAT
        2. Translating Inside Source Addresses
          1. Static NAT Address Mapping
          2. Dynamic Address Translation
        3. Overloading an Inside Global Address
        4. Resolving Translation Table Issues
        5. Resolving Issues with Using the Correct Translation Entry
        6. Summary of Scaling the Network with NAT and PAT
      3. Transitioning to IPv6
        1. Reasons for Using IPv6
        2. Understanding IPv6 Addresses
          1. Global Addresses
          2. Reserved Addresses
          3. Private Addresses
          4. Loopback Address
          5. Unspecified Address
          6. IPv6 over Data Link Layers
        3. Assigning IPv6 Addresses
          1. Manual Interface ID Assignment
          2. EUI-64 Interface ID Assignment
          3. Stateless Autoconfiguration
          4. DHCPv6 (Stateful)
          5. Use of EUI-64 Format in IPv6 Addresses
        4. Routing Considerations with IPv6
        5. Strategies for Implementing IPv6
        6. Configuring IPv6
          1. Configuring and Verifying RIPng for IPv6
          2. Example: RIPng for IPv6 Configuration
        7. Summary of Transitioning to IPv6
      4. Chapter Summary
      5. Review Questions
    16. 8. Extending the Network into the WAN
      1. Chapter Objectives
      2. Introducing VPN Solutions
        1. VPNs and Their Benefits
        2. Types of VPNs
          1. Benefits
          2. Restrictions
        3. IPsec SSL VPN (WebVPN)
          1. Benefits
          2. Restrictions
        4. Components of VPNs
        5. Introducing IPsec
        6. IPsec Protocol Framework
        7. Summary of Introducing VPN Solutions
      3. Establishing a Point-to-Point WAN Connection with PPP
        1. Understanding WAN Encapsulations
        2. Overview of PPP
        3. Configuring and Verifying PPP
          1. Example: PPP and CHAP Configuration
          2. Example: Verifying PPP Encapsulation Configuration
          3. Example: Verifying PPP Authentication
        4. Summary of Establishing a Point-to-Point WAN Connection with PPP
      4. Establishing a WAN Connection with Frame Relay
        1. Understanding Frame Relay
          1. Example: Frame Relay Terminology—DLCI
          2. Example: Frame Relay Address Mapping
        2. Configuring Frame Relay
          1. Example: Configuring Frame Relay Point-to-Point Subinterfaces
          2. Example: Configuring Frame Relay Multipoint Subinterfaces
        3. Verifying Frame Relay
        4. Summary of Establishing a WAN Connection with Frame Relay
      5. Troubleshooting Frame Relay WANs
        1. Components of Troubleshooting Frame Relay
        2. Troubleshooting Frame Relay Connectivity Issues
        3. Summary of Troubleshooting Frame Relay WANs
      6. Chapter Summary
      7. Review Questions
    17. Answers to Chapter Review Questions
      1. Chapter 1
      2. Chapter 2
      3. Chapter 3
      4. Chapter 4
      5. Chapter 5
      6. Chapter 6
      7. Chapter 7
      8. Chapter 8