Pass Cisco CCNA Certification Exams in First Attempt Easily

Cisco CCNA Certification Practice Test Questions, Cisco CCNA Exam Practice Test Questions

Want to prepare by using Cisco CCNA certification exam practice test questions efficiently. 100% actual Cisco CCNA practice test questions and answers, study guide and training course from Exam-Labs provide a complete solution to pass. Cisco CCNA exam practice test questions and answers in VCE Format make it convenient to experience the actual test before you take the real exam. Pass with Cisco CCNA certification practice test questions and answers with Exam-Labs VCE files.

The Cisco IOS Operating System

1. Introduction

There's quite a bit of theory already, so I'm sure that by now you're itching to see how to actually configure our Cisco devices, our routers, and our switches. Now, Score does have graphical user interfaces, like web-based interfaces, that you can use to configure the devices, but in the real world, everybody uses the command line. Well-experienced engineers use the command line because it's much quicker than using the GUI. And the operating system that is used on enterprise-grade Cisco devices is iOS. So in this section, you'll learn how to connect to the router or the switch and then how to make your way around the command line. Just before we get into that, we are going to have one more theory lecture where I'll talk about the different operating systems that are available from across the school, because it's not just iOS. So we'll do that first, and then we'll get into how to actually connect to the device and how to navigate the CLI. Let's do that.

2. Cisco Operating Systems

In this lecture, you'll learn about the different operating systems that run on Cisco's different router and switch platforms. Now, you don't actually need to know this. For the exam, Sam focuses purely on IOS on Cisco routers and switches. So if you're wondering why I'm including this, then the reason is that it's something that you would wonder about anyway. And I want to explain to you that by taking this course and learning how to configure CiscoiOS, it's going to enable you to work on any of the different Cisco routers and switches. Because from a management and administrative point of view, it's pretty much identical no matter which actual operating system you are working on. So I'll start off by giving you a bit of history. Many people think of Cisco as being a routing and switching company, but they actually started off as a purely routing company when they started off.And when they did start off, iOS was the original operating system that they used on routers, the same operating system that's used today, although obviously it's gone through quite a few upgrades in the time since Cisco started back in 1984. So they were originally hiring a company to offer switches. That was through an acquisition they made. Casino in the catalyst switch product line came about because of that acquisition. The original operating system on the catalyst switches was Cat OS, but that was deprecated quite a long time ago. Now, Cisco firewalls have evolved from another acquisition. That was the acquisition of Network Translation back in 1995. And Cisco got their Picks Firewall from that, which uses the Finesse operating system. Now both the catalyst switches and, originally, the PixFirewalls (now the ASA Firewall) were ported over to the iOS operating system over the following years. So Cisco standardised on iOS for all of our network infrastructure devices. There are some other operating systems on some of the newer router and switch platforms. So iOS runs on the majority of Cisco routers and switches. But some of the newer platforms do have these new operating systems. Let's look at those now. So on the Cisco Nexus and the MDS data centre switches, they run on Nxos; on the high-end service provider routers, the NCS and the CRS; and also on the ASR Nine K and the XR Twelve K routers, they run on iOS XR. And on the ASR One K service provider routers, they run on iOS XE. So you may be thinking this is going to make things more difficult if there are always different operating systems, but really it doesn't because all of the different Cisco operating systems are incredibly similar from the command-line point of view. If you know a command in iOS, it's probably going to be exactly the same command. And all of the different operating systems aswell as far as administering and managing them,they're all nearly exactly the same. So you may be wondering if managing them is exactly the same. Why is there a different operating system? The main reason—and we're very different—is under the hood. iOS has got a monolithic kernel, meaning that if one process running on the router crashes, it can crash the entire router. The other newer operating systems have microkernels, and the processes run in separate protected memory address spaces. So if one of the processes crashes, it shouldn't affect the running of the rest of the system. So these other operating systems are mainly on the higher-end routers and switches, but on the enterprise-grade routers and switches, they're still running. iOS doesn't think that iOS is a bad and unreliable operating system. It's been purpose-built by Cisco, the biggest networking company in the world, to run on enterprise-grade routers and switches. So it is very hard, and it's still fading.

3. Connecting to a Cisco Device over the network

In this lecture, you'll learn how to connect to the COMMAG line on Cisco routers and switches over the corporate network. Before we get started, I want to make it clear that the way that the lab exercises work in this course is different than connecting to real routers and switches. The lab exercises use the free Cisco Packager software, which is standalone software that runs on your PC. So when you're doing the lab exercises in the course, you're not connecting to real routers and switches.

You can see in Section Two how to set up the lab. for step-by-step instructions on how to set up and use packet tracer for the course lab exercises. After you've passed your CCNA, you're going to be working as a network engineer on real networks with real routers and switches. So of course, you're going to need to know how to connect with real routers and switches as well. And that's what we're going to cover here. So when you are connecting to real routers and switches, you're going to use some software on your laptop to do that. And the most commonly used software to use is PuTTY, which is free software. But again, for the lab exercises in this course, you're not using Putty; you're not connecting to a real device. You're using a packet tracer. So for this course, you do not need to install or use PuTTY. Okay, so let's carry on and see how this is going to work. So in your day-to-day tasks as a network engineer, you're not actually going to be physically touching the network devices. What will happen is that you will be sitting at your desk, working on your PC and the device. The router or switch that you're working on is going to be in another location. It's going to be in a locked cabinet, either in the same office that you're in, or the office could be anywhere in the world.

And you're going to be connecting to that device over the network. And I'm going to show you how to do that now. So, for example, let's say that you work as a network administrator. You are over here on this PC in London, and you're going to be connecting to this router in New York to work on it. So how are you going to do that? Well, you're going to use software on your PC. You're going to open, and you're then going to connect to the router over the network all the way over in New York. You'll get to the command line, and you'll be able to work on that router. So to get to the command line interface for your day-to-day management of Cisco devices, the protocol that you're going to be using in that software is called Secure Shell SSH, and you're going to connect to the management IP address of the device. There is also another protocol supported, which is Telnet, but it is not recommended to use that because it is insecure. So with both SSH and Telnet, they look and work exactly the same way. But the difference is that when you're entering commands in SSH, those commands are encrypted. When you enter commands into Telnet, they're unencrypted. So if anybody is sniffing your traffic over the network, they can see those commands, including your username and password. Telnet is not used in real networks. It can be handy in a lab environment, but in a real corporate environment, you're going to be using SSH as well as using SSH. Also, for security, a secure login is going to typically be enforced, meaning that you have to enter a valid username and password. So we've got usernames and passwords to log into our devices. Your company has perhaps 100 different devices. You don't want to have to configure all your administrators' usernames and passwords on all 100 of those devices separately.

You want that to be centralized. So what you'll have is an acentralized "triple A" server that stands for authentication, authorization, and accounting. It's got access to the central database of all your usernames and passwords, saving you from having them on each separate device. We're going to be covering SSH and AAA, including how to configure them, in later lessons. I'm not going to cover it here because we need to have all the other settings on the device setup already as well. We haven't even configured an IP address yet, so I need to go through all of those other basic settings first. I'll show you how to configure SSH and AAA in later lectures in the course, okay? But I can show you right now how this is going to actually work. So let's have a look at that. The first thing that we need to do is to actually download and install Party. So if I put it that way, it's very easy. We can just go to Google, and I'm going to Google to download putty. And then it's just the first entry [email protected] will click on that, and then I can see I can download Patty here. I will click on the link, and then I'm on a 64-bit Windows machine here.

So I am going to download the 64-bit Windows file. So I will click on that, and it's very small. I can see that it has downloaded already. So I will go to my downloads folder. I will double-click on the party installer here. So I click Next on the welcome screen. I'm happy to install it in the programme files. Putty click Next again. I'll accept all the defaults here and click on Install, and then click on Finish. So that was in the party and programme files. So I could create a desktop shortcut for this on my desktop. I'm just going to run the PuTTY executable file there. And this is what putty looks like. and you can see in here that I've got my different connection types. so for connecting to a Cisco device. You can use Telnet, SSH, or Serial, but I'll cover that in the next lecture. We don't want to use Telnet because it's insecure. We're going to be using SSH, and I need to enter the IP address or host name of the device I'm connecting to. So my router is at 192-168-1254. I enter that IP address, and then I will click on Open. And because SSH is a secure protocol, it's giving me this warning message here about the exchange algorithm. I just clicked yes to say that I do want to continue. And then I get another warning message. I clicked yes on that as well. And I can see that it says up here, "Who do I want to log in as?" I know this is going to look very small for you.

Let me also show you how you can customise the PuTTY settings. So I'll click on the party icon up here in the top left, right-click on it, and then I'm going to go change settings. And as you can see, you can change things like the colors, the appearance, and so on in here. I'm going to go to appearance, and for the font, I'm going to change that and bring it all the way up to 22 just to make it easier for you to see. And then click on "Apply." So I'm going to log in as the user I already created on this real router, which was Neil. And then I've also configured a warning message, but it's only for authorised users. And then I'll also enter my password there as well. and you can see I am now connected to the New York router. It is very simple to connect to real Cisco devices over the network. Just download Putty, then open Party, enter the IP address of the device that you want to connect to, and enter in your username and password. If that has been configured in your corporate network, which it most likely will be, you're now on the command line of the router, and you can start configuring it. Okay, there is one last thing that I want to talk about here, and that is band management. So let me go back to the slides again. And you saw in that example there that I was the administrator over on the PC here connecting over the corporate network onto the router in New York, and that traffic was going over the production network. The "production network" refers to the network that is used for your normal user traffic, as well as the network that is used for your staff's normal activities. So for example, let's say we've got a normal staff member on their laptop here, and they are connecting to an email server, for example, over in New York. Well, when they connect to it, we're reconnecting over this network path here. That's the production network. And that was the same path that you went over when you were connecting to the router.

So you can connect to the router for management over the normal production network. Most and large businesses will have a separate, dedicated network for management as well. So it appears that the reason for the separate dedicated management network is that there may be a problem with the router in New York over the production network and you are unable to connect to it. So by having a separate dedicated management network, that gives you a backup path that you can use to connect to your network devices if they have any problems, and it's also more secure to have a separate, dedicated path as well. So now we've got two paths that we can use to get to our router. When you do have a separate management network set up, if you're connecting over the production network, we call that band management. You're going inbound over the production network, going over the same cables that your normal users are using to connect between offices. If you connect over that separate management network, we call that "out of band management." It's out of band, so it's not on the same path as regular staff traffic. Okay, so that was everything I needed to show you here about connecting over the network. In the next lecture, I'll show you how you can connect to a router over a direct console connection.

4. Making the Initial Connection to a Cisco Device

In the last lecture, I showed you how to connect to a Cisco router or switch over the network. In this lecture, I'll show you how to make a direct connection using a console cable. Before we start, I'll give you a quick reminder that the lab exercises in this course used Cisco packet tracer simulation software. And you can see how to install and use that by watching Section 2, how to set up the lab. So for the lab exercises we're going to be using in the course, you don't need any physical devices, and you don't need to install or use putty. But when you go and you start working on real devices in the real world, you are going to need to know how to do this—how to make the initial connection to a physical device. So that's why I'm going to show you here. Cisco devices do not usually have a default IP address, so we need to set one up before we can connect over the network. As you saw in the last lecture, I used Patty to connect to the management IP address of the device. But what if the device does not have an IP address on it yet? Well, we need a way to connect to the device to do the initial configuration when we first buy it, including adding IP addresses, and that is where the console connection comes in. So with the console connection, we can directly connect to the device at a lower level than IP, get onto the command line there, and then we can do the initial configuration, including adding the IP address. And once we've done that, we'll then be able to connect to it over the network. So for that initial direct connection, you connect to the console part on the router or switch. I'll show you that in a second. And you use a console cable to do it, which comes in the box with your device. And the console cable looks like this. You can see that it has a serial DB-9 connector on one end. It's called DB-9 because nine pins go in here, and on the other side it's got an RJ-45 connector similar to what you would see on a standard Ethernet cable. But this is absolutely not an Ethernet cable. It's not using Ethernet, and it doesn't require IP addresses. This gives you low-level, direct access to the command line. When you check this into your router or switch, it's the RJ-45 end that plugs into the console port on the device, and it is this serial connector that plugs into your laptop. And this gives us a problem, because laptops don't come with serial ports anymore. About 20 years ago, they did, and serial ports were most commonly used to connect to old-style 56K modems. They don't exist anymore, so manufacturers don't put the ports on our laptops anymore. So how are we going to be able to plug this cable into our laptop? Well, what we need to do is buy an additional USB-to-Serial adapter. So you can see here that it has a USB connector on one end and a male serial DB-9 connector on the other. So we end up having the USB connector plugged into our laptop or a PC, which then has the cable going into the console cable with the serial connectors here. And then we've got the RJ 545 connector that plugs into the router or switch. Okay, so Cisco realised that that's a problem because devices don't have those old-style connectors anymore. So with newer devices, it comes with a newer cable, which has USB on one side to plug into your laptop and miniUSB on the other side to plug into the device. Okay, so let's see how this looks on a router now. So, I've got in front of me an old 2600 router from Cisco. This used to be a very popular workhorse router. And you can see in the back here where I've got my fingernail that that is the auxiliary part that used to be used for out of vandalism management with those old 56K models; they no longer exist, so that isn't really used anymore. This part next to it has got the blue console port, and that is where I've got my console cable plugged in. Then I've got a couple of onboard Ethernet ports on this particular router and a couple of slots up at the top here where we can put optional cards. And I happen to have an ADSL card installed here. Okay, so I have got my router there with the console port plugged into it. And you can see that I have my USB to serial adapter at the end of my console cable, which I'm going to plug into my PC. Okay, so I've done that, and I've also plugged in the power lead in the router as well. So we're ready to make the initial connection to the device. The software that I'm going to use for that is Party. Again, it's the same as what I used to make a connection over the network. I showed you in the last video how to download and install that.

Just as a quick reminder, again, you can go to Google and do a search for "Party Download," and then the first link here is where you can download and install it from. Okay, so I've already got Party installed on here. So I'm going to open up Patty, and the type of connection we need to use here to connect to the console part is serial. So I will click on that, and you can see it showing here the serial line and the speed you need to select your correct compartment on your computer here. So, to find out that information, launch Device Manager in Windows. And then look in your parts here for the compartment, which is usually calm three. Again, you need to have installed the driver software for the cable before this is going to show up. Okay, so I need to change this to come in three. The next thing is we've got the speed, and there are actually more settings than this. If you go to serial in the main window and party on the left, you'll see that I'm using Comprehensive for this connection, and you must have the proper settings here. The default settings are actually okay, so the speed is 9600. I've got eight data bits, one stop bit, the parity is none, and I should set the flow control to none as well. But if you leave the flow control at the default, it will still connect anyway. Okay, so now I can go back to the session up at the top here and I can click on "Open," but I'm not going to see anything yet because I haven't powered my router on.

So I'll just reach over here to the power switch on the back of the router, and I'm flicking it on now, and you can see now I start getting output from the router. So you can see that when you connect over the console connection, as soon as you power the device on, you're immediately connected to the command line, and you can view the device booting up. This is going to take a few minutes to boot up here, so I'm going to speed up the video so we can watch it go through the boot-up process. Okay. and that is the router fully booted up. And I see the message here. Would you like to enter the initial configuration dialogue? That's because I already reset the router to factory settings. It's in the same state as if you bought a brand new router straight from the factory. So that's how you would connect to a new device and get to this prompt here, and then start setting it up, putting on the IP addresses, et cetera. Now hopefully it's obvious that it's not just for setting up new devices, that you can use a console cable, and that the device does not need to be powered off when you first connect to it. You could have a device that's already fully configured and powered on in your cabinet. You can connect to it with a console cable, and you will immediately get to the live command prompt. Okay, so that's everything I needed to show you about how to use the console connection. Okay, so you saw there that when we get a new device from the factory, we can connect to it with a console cable to do the initial configuration, including adding IP addresses, and will then be able to connect it over the network later. But the console part is not just useful for the initial configuration of a device. You'll often see that it comes in useful for troubleshooting as well. So, for example, let's say that we are trying to connect to an existing device on its IP address, but we cannot connect to it. Well, often one of the first things you will do in that situation is plug in the console cable to see what is going on because you don't need the IP address for it to be responsive when you connect it over the console cable. Another thing is if a device just appears to be completely unresponsive, but you can see that it is powering on, so that indicates that the device is probably failing to boot up.

Well, again, trying to connect over the network is not going to work because the IP address on the device is not live until it has completed the boot-up process. So if it's not able to boot up and doesn't have an IP address on it, you're not going to be able to connect it over the network. But what you can do is connect it with the console cable, then power the device on. And when you do it that way, you can watch the device boot up. So if it has a problem booting up, you'll be able to see what's going wrong over the console connection. Okay, that's everything I needed to tell you here.

5. Navigating the Cisco IOS Operating System Part 1

to learn about how to navigate the Cisco iOS command line. Now, the way it's going to be done is through a live demo in the lab. And because I've got a heap of tips and tricks to show you for how to make your way around the command line to save you from taking your own notes as we go through here, I'm also going to attach a PDF, which is a summary of everything that we're going to cover here. The scenario you see here is: I've got a brand new router. I've taken it out of the box and hooked up a console cable, then powered on the router, and it's currently going through the boot-up process. And because it is a brand new router, it's going to ask me, "Would you like to enter the initial configuration dialogue?" If I said yes, it would take me to a command-line-driven wizard that would assist me with the initial setup. It's not commonly used. Normally we'll enter "no" here. So that's what I'll do here. Would I like to terminate auto install?Yes, I would like to terminate that. I'll see my interfaces on the router coming up, and then I'll land at the user's exact prompt. Now we're not currently going to be working at the user's exact prompt because there's a very limited set of commands that we can enter here. If I want to see what those commands are, I'll use a question mark. So I just hit the question mark on the keyboard there, and it shows me all of the commands that are available in user exec mode. Notice down at the bottom that I see more here.

This indicates that there are additional commands and additional output that I could see. I can hit the enter key, and that will scroll through it line by line. But this would be a fairly tedious way to scroll through a lot of output. So what I'll do instead is I'll hit the space bar, and that's going to scroll through it page by page. So I can just hit the space bar multiple times until I get to the end of the output there. Notice in party over on the right here,I can scroll back through the previous output. Now, by default, there aren't many lines of scrolling back in party. So what I can do to improve that is go up in the top left corner here, right click, and change settings. And if I then go to the window tab, I can set my lines of scroll back here to 2000. I've done that already by default. You're going to see a much smaller value here, and that can be annoying because sometimes you do need to scroll back through quite a few lines of output. So I'd recommend that you set this to a high value. Okay, so you saw that I can hit the question mark to see all of the available commands that are available at this level in the command hierarchy. And as I said earlier, there's not really a lot that I can do at the user prompt. So I'm going to go to privileged execution mode. To get there, the command I need to enter is enable. So I hit enable and noticed that the command prompt changed. When I was in user exec mode, the prompt showed the name of my router, which is just router by default right now, and then a greater than symbol. But when I go to the privileged exec mode with the enable command, it changes to show the host name and then a hash. So you can tell by the command prompt what level you're currently at. If I wanted to drop back down to the user level, which normally you wouldn't want to do, I could enter the disabled command. Okay, so now I'm going to go back up to the privileged exec mode, which is also known as the enable prompt, and I'll show you that we can use command abbreviations here. So rather than typing in the full commandenable, I can just say "yen" and "hitenter," and that will bring me back up. And I could also use an abbreviated command to go back to the user prompt again. So I'll try entering "di" and hitting enter. But what I see now is that this is an ambiguous command.

The reason for this is that whenever you use a command abbreviation, there has to be just one possible unique match. So if I now enter di and a question mark, it will show me all of the possible commands that begin with di. And you can see thatthere's three possible commands here. There are disable and disconnect. So when I typed in di, it didn't know which one I meant. So if I wanted to actually put in the abbreviation for disabled, I'd have to enter disa, and it would now know, okay, there's only one possible command. I must mean "disable." I don't need to go back down to level four. I'll just stay at the enable prompt for now. Next up, I'm going to check whether all commands begin with sh. So I'll enter Sh and a question mark, and I can see if there's only one possible command, which is show. On Cisco Routers and Switches, you will use the show command a lot because we use it to get information about the device. So the shortest way we can type that is just "sh." If you want to see what the available showcommands are, I'm going to put the same command in, but I'm going to have a space now. So it's "sh space" and then a question mark. When you include a space, it shows you all of the possible keywords for that particular command.

So this is the context-sensitive assistance. So again, I can see all my different show commands there. I'll hit the space bar to scroll through all the different options. If I wanted to break out of a command output without scrolling all the way to the end, I could hit the control button and see at the same time that it would break out of the command. And if I scroll back, you'll notice the first available option there is Show triple AAA." So let's use that for our example and show you how you can figure out commands with context-sensitive context sensitive helps.If I type in Showtrip A space question mark,it shows me all of the available options thatwould be available after Show triple A. So if you need to enter a particular command, but you can't remember exactly what command you needed to enter, this can be really helpful in that situation. Similarly to the command abbreviation, we can also do tab completion as well. For example, you see my first option here is ShowAAA accounting stock cash; that's quite long to type in. So what I'm going to do instead is say "Show triple AACC," which makes it a unique match, and now I can hit the tab key and that will complete the entire word for me. While I'm at the command line, I can use backspace to delete what I entered already. So that's what I'm doing here. And let's deliberately put in a typo here. So notice I've put the "Show triple accounting stop key" that should be "cash." I put in a typo. If I hit Enter, you'll see that I get an error message and that valid input has been detected. When you get this error, it's usually because you put a typo in, and I can see the marker here showing me exactly where that typo was. Let's have a look at another error. So if I do Show triple A and hit Enter, you'll see that the error I now get is an incomplete command. I have to carry on with the command by putting in one of these additional options here. If I do a show-run questionmark, for example, a car is returned. That means I could hit Enter. These are all optional keywords. I don't have to enter one. I could actually hit Enter here to get some output. So at the enable prompt, that's where we'll most commonly be using Show commands. The other main command I will use here is debug. So I could enter debug paste question mark andI'll see all the possible debugs here the differencebetween a Show command and a Debug. When you enter a Show command, it gives youpoint in time information, information about the state. Right now, when you do a debug, what will happen is that the output will be updated in real time. So for example, if you were debugging OSPF and an OSPF packet came in, you would see it show up as and when the packet came in.

Okay, next thing I want to show you is how to actually make configuration changes on the router or switch on the enable prompt. That's mostly for information; to actually make changes, We go to the global configuration. to get there. It's configuring the terminal. Now, the abbreviation for this is conft. You can just type in confit. You'll use this command a lot, so you'll be using confit a lot as well. Okay, well, we are in global configuration. Let's hit the question mark. See all the available commands here, so we can do that the same way we did at the enable prompt. If I hit CTRL-C to break out of this, another thing to notice is that the prompt changed again. So when we were at the enable prompt, the prompt showed our hostname and then a hash. When we're at global configuration, it's router and then configuration in brackets. So the hostname is configured with brackets and then a hash. Okay, we're up to the ten minute mark in this lecture. I know when I'm learning. I don't like to sit too long. I like to take frequent breaks. So what I'm going to do for this lecture picture is split it into two parts, which are going to be about ten minutes each. So go get yourself a coffee, and I'll see you back here for part two.

6. Navigating the Cisco IOS Operating System Part 2

you how the command history works in a second. So I'm just going to enter a couple of random commands in here. It's just adding a couple of host entries. Don't worry too much about what this command does. It's not important. I'm just using this to illustrate the command history coming up in a second. So I'm adding IP host server one and IP host server two. Next, I'm going to change the name of my router. I'm going to give it a host name, but I'm going to deliberately make a mistake here. So I type in router one and hit Enter, and as you'll see, it tells me invalid input was detected at the marker. It's because I forgot to say the host name at the start here, so let's correct that. But rather than typing the whole thing in again, when you make a typo on a command, the quickest way to correct it is to hit the up arrow, and then that will bring the previous command back again. Now, what I could do is use the left arrow to move the cursor to the left. But if it's a big long command, a way that you can do this quicker is by hitting CTRL A, and that will bring you to the start of the line. So I hit the up arrow to get the previous command back, then control A to move to the start of the line. And I can now type in hostname and a space, and that's the correct command now. So I hit Enter, and I notice that the prompt changes to reflect the host name that I just entered there. Next, I'm going to show you some command history. So I'm going to hit the up arrow a few times, and as you'll see, each time I hit the up arrow, it cycles back through my previous commands.

That's why I entered those commands earlier. Notice that it only cycles back through commands at the same level; I'm in global configuration here, so it's cycling back through the commands I entered in global configuration mode. It doesn't show the commands that I entered at the enable prompt or in the user mode. Now I'm just going to delete this command to show you the next thing. If I try to do a show command while I'm in global configuration. So, let's do a show IP interface brief, and when I press Enter, I get the invalid input detected message. You know, I said earlier that where you'll most often see this is if you put in a typo. The other place where you'll often see it is if you're at the wrong command level when you're a beginner. This is the most frustrating thing about the iOS command line. You'll make this mistake a lot, where you're going to be at the wrong level when you enter a command. Our show and our debug commands are entered in privileged execution mode at the enable prompt. If I try to put it in global configuration, it's going to give me an error message, but this could be really annoying. So thankfully there's a workaround for this when you want to enter a show command because it is very common to put show commands in, and what I'm going to do is enter the same command, but I'm going to put do at the front. So again, I'm going to use the command history here, rubber man-typing the whole thing in. I hit the up arrow to get the command back, then CTRL A to go back to the start of the line, then I type in do and a space and hit Enter, and you'll see that the show command is going to work now, and when you enter do, that will work from any level unless you're actually in privileged exec mode. In privileged execution mode, you have to do the show command without doing all the other levels you could do in front of the show, and then it's going to work. So far, we've seen the very privileged user execmode, also known as enable prompt and global configuration. There are other levels when you're configuring something specific on the router, i.e., a global configuration.

This is where I would do my global configuration for things that affect the router as a whole. If I want to configure a specific interface, I need to go to that level in the command hierarchy. So looking at my output here, I can see the interfaces I've got available on this router. If I wanted to configure Interface Fast Ethernet, for example, by putting an IP address on there, I had to go to Interface Configuration Mode. So to get there, the command is Interface, and I'll use tab completion here, so Interface Fast Ethernet. Zero, and notice here that in the output above "Fast Ethernet" was capitalised at the start here. I don't need to use capital letters. iOS is not case sensitive.It doesn't matter if you use uppercase or lowercase, with one exception that we'll talk about a little bit later in this lecture. So I go to interface at zero. Hit enter. You'll see that the command prompt changes again to "show config F," and I can see very clearly that I'm at the interface configuration level. If I want to drop back down a level, I enter the exit command, and that takes me back to global config. If I wanted to return to the enable prompt, I would enter Exit again, which would return me to the enable prompt in privileged executable mode. I can quickly enter Interface from here. Ethernet. This is going to give me an error message because you have to go up through the levels one by one. You can't skip straight from the enable prompt to the interface prompt. So I'll go back through the levels. So I enter config T to get to global configuration and then Interface Fast Zero to get to interface mode, so when you go up through the levels you have to go one by one, but when you drop back down the levels you can do it all at once, so it was exit to drop down one level to drop all the way back to the enable prompt with one command I can enter another way.

I could have done that by hitting CTRL C on the keyboard, okay. A couple of them. The most common commands you'll use when working on a Cisco router or switch are Show IP interface brief, which will show all the interfaces on the router and the state of the interface, whether it's up or not, as well as the IP address configured on the interface if it has one, and Show running config, which shows the entire configuration on the router, and I'll hit the space bar. There are switches we can use for the show run command that will help us target the actual part of the configuration that we want to look at, for example, and you can see even on a new router it's a really long configuration file and it's going to take quite a while to scroll through there on a production route or it's going to be even longer because there's going to be actual configuration in there. To see the interface, configure "show run" and an interface, and the interface number. I can also include and exclude as well, so for example, I could do "Show run begin." Hostname, and this will display the running configuration, but starting from where the host name currently appears in the running configuration. You know.

I said that there is an exception to whether the iOS command line is case sensitive or not when you use a pipe, which is actually using a regular expression that is case sensitive. So if I did a show run pipe begin and tried not to put a typo in and then host name with a capital H and hit Enter, You'll see it's going to just go straight back to the command line again. This is not an error. The reason is that host name with a capital H is not in the running configuration, so there's no output to show to give you examples for the other pipe options. I could run a show run and then pipe it to include interface, which will show me all the lines that include interface, which means the word interface in the actual output. I can also pipe a show run and exclude the interface. This will show me all lines from the configuration that do not include the word interface. I can also perform a show on a pipe and section interface to see the configuration for all of my different interfaces. Now, when you've got a production router, you're not going to just have interfaces configured on there. You'll have other things like routing protocols, for example. So I could also do a show-on-pipe section and put in a particular part of the configuration I want to see here. Now, putting a question mark in here isn't very useful because it just tells you to use regular expression. For example, I could put it in Section BGP to see information about the BGP routing protocol. I haven't configured it on this router yet, so I'm not going to get any output. But if I was using BGP on this router and I had a big, long configuration on there, this would be a useful command because it would just take me straight to the BGP configuration, and I could see that very clearly. So that's how to navigate the iOS command line. In the next lecture, we'll take a look at how to manage our.

7. Cisco IOS Configuration Management

Lecture You're going to learn about iOS configuration management and the running configuration and the startup configuration. so I'm going to make some configuration commands to demonstrate this for you. I'm going to go to global configuration, so I enter config T. Right now, notice that I've just got the default setup in this example where the host name is Router. If I enter the command hostname router One and hit Enter, you'll see that the host name changes immediately. So in iOS, whenever you make a change, the change takes effect immediately. When you make the change, it goes into the running configuration, which is the configuration that is in effect right now. But as well as having the running configuration, we've also got the startup configuration. So running config is the config an effect Right now, the startup configuration is the configuration that will go into effect when the router is next started or rebooted. And commands that you entered in the running configuration do not get saved permanently until you explicitly copy them from the running configuration to the startup configuration. So you can see here I entered the command hostname Router One, which went into the running configuration immediately, and my host name was immediately changed to Router One. However, running show startupconfig now reveals my unintentional error. I'm a global configuration, so I can't enter a show command. I told you you'd make that mistake a lot, right? I still make that mistake too. So I'll press CTRL A to make that a do show start, and then we'll use Tab completion to see what the command should be, so sure startup configuration is the full command. I'll hit Enter and notice that the host name is still Router. It has not switched to router one. So in the startup configuration, it's still a hostname router.

If I now do I do show running config, I can seein the running config that the host name is Router One. So if I now reloaded the router, it would come back and the change would not have taken effect. Now, this is actually deliberate because it allows you to back out of mistakes. If I made some changes on the router and made some disastrous changes but hadn't saved them yet, the simplest thing to do is to unplug the router and then plug it back in, boot it up, and it will return with the configuration that was already on there before I made those changes. Now, obviously, that's a fairly drastic thing to do. It requires a reboot of the router, so you would really only do that as a last resort. Okay, so I've changed the name of my router to Router One in my running config. I haven't copied it to the startup configuration yet, though, so it's not going to be persistent across a reboot. To do that, the command is "copy run start," and again, I'm at the wrong command level, so I'll end-drop back down to the enable prompt. To do your copy on the Start command, you have to be in privilege-exec mode. So I can now do a copy run Start.It will ask me the destination file name. I want to save it to pretty much always accept the default here and just hit Enter. It will take a few seconds to build the configuration, and I get the okay message telling me that yes, it's been copied to the startup config. So if I now do my show startup configuration command again, you'll see that the host name is "router" in there as well. So it's permanent. If I reboot the router now, it's going to come up with that as the configuration. The next thing I want to show you is how to back up your configuration.

Now, Cisco does have tools like Cisco Prime Infrastructure that can be used to automate this from a centralised server. That's not tested on the exam, by the way, but you can also back up manually as well. The way to do that is for me to copy the running configuration. I'll hit the question mark now to see where I can copy it too. And you'll see one of the options here is Flash, which is Flash memory on the router. So I can copy the running configuration to Flash, and I have to give it a file name when I do this. So I enter a colon, and I'll call it my configuration. Try to do it without a typo. There we go. It will see what I want the destination file name to be. Yes, I want it to be called my config. And I've now backed up my configuration to Flash to verify that I can try a show in Flash. And there you see, I've got my configuration there. If I wanted to restore from this backup, the way I would do it is by copying it to the startup configuration and then rebooting. But when you do a copy, it's going to actually merge the commands rather than replace. and typically I would want to replace the entire startup configuration. So the way I do that is first off, I array the startup configuration. So I enter the command or raiseStart, and it's telling me an incomplete command. So let's use contact-sensitive help to help here. Hit the up arrow space question mark, and it tells me it's an unrecognized command. Okay, this is because I'm working on an older router here. So in an older router, the command is right arrays, and that will tell me it's going to erase the NVRAM file system, which is where the startup configuration is saved. Do I want to confirm? Hit Enter to confirm that, and that will erase my startup config. I can now copy Flashconfig to the startup configuration, confirm that, and I will now reboot the router to come back up with that configuration. Now, hopefully you're thinking it's not a very good idea to back up the configuration to flash on this router because if the entire router blows up, I lose the router and I lose my backup as well. It's always a bad idea to back up a device to the same device. You want to back it up somewhere else. So the easiest way to do that would be to copy the running config to a TFTP server. So I am It's alwRun TFTP and hit Enter.

It will then ask me for the IP address of my TFTP server. Let's say this is at 1010. I hit enter, then the name of the file I want to use. Let's say I'm going to use Router Configuration 1. Then I could enter today's date in here, save it, and hit Enter. It will then connect to the TFTP server and back up the configuration there as a text file. I'm getting an error message because I don't actually have a TFTP server in the lab here. while I'm saying that it will show up as a text file. Another thing you might wonder is how I check the actual contents of my backup to see if it's safe to flash. The way you can do that is by using the More command. So I'd type the command more, then a space, and then flash "my config," which would print out the contents of that configuration file. The last thing that I need to tell you here is where the different configuration files are stored. Now, for the device to boot up, it needs to initially load the iOS operating system image that is stored in flash. Once the operating system is up and running, it will load your actual administrator configuration from the startup config. And the startup configuration is stored in NVRAM, which is non-volatile memory, so it's persistent across a reboot. The running configuration is stored in normal memory in RAM, and it's loaded into RAM memory from the startup configuration when the device boots up. OK, that's it. see you in the next class.

OSI Layer 4 - The Transport Layer

1. Introduction

We covered an overview of the OSI reference model in the previous section, and you learned about the upper layers. Then in this section we're going to start taking a much deeper look at the bottom four layers, which are particularly important for computer networking. We'll start off with layer four, the transport layer. You'll learn about port numbers and about how TCP and UDP work, and we'll do a comparison between those two protocols.

2. The Transport Layer Header, TCP and UDP

About layer four of the OSI model,the transport layer in this lecture. Layer four, the transport layer, thus provides transparent data transfer between hosts and is in charge of end-to-end error recovery and flow control. But as you learn as we go through the lecture, that is not mandatory. So maybe the Layer 4 protocol will support error recovery in flow control, or maybe it won't. You'll see the implications of that as we go through flow control. It's the process of adjusting the flow of data from the sender to ensure that the receiving host can handle all of it. So if the sender is sending too quickly, maybe because we've got faster network connections on that side and it's sending more than the receiving host can accept, then if flow control is enabled, the receiving host will have a mechanism to signal back to the sender, telling it to slow down.

Another thing that is supported at layer four is session multiplexing. This is a process by which a host is able to support multiple sessions simultaneously and manage the individual traffic streams over a single link. So let's take a look at how that works. So in the example here, I've got a sender on the left, and there's going to be a couple of receivers over on the right. The sender sends some email SMTP traffic to the receiver on port 25, as well as some web traffic to the bottom receiver on HTP port 80. And it's also sending email traffic on part 25 to the bottom receiver as well. So you can see from the sender on the left that we've got three sessions from it at the top receiver. On the right, we've got one session, and on the bottom receiver, we've got two sessions. It's layer four, the transport layer, that is responsible for tracking and keeping control of the different sessions. On our host, we have part numbers. So going back to that previous example again, you see we've got two sessions going from the sender on the left to the bottom receiver on the right. One of them is web traffic; the other session is email traffic. So when the traffic comes into the receiver, howdoes it know which application this traffic is for? Is it for its web server application, or is it for its email server application? The way it knows is through the layer's four-part numbers.

For example, HTTP Web traffic uses port 80, and SMTP email uses port 25. We'll talk about some of the other common port numbers at the end of the lecture as well. The sender also adds a source part number to the layer 4 header as well. The combination of source and destination port numbers can be used to track sessions. So let's see how that works as well. Here we've got one sender on the left, the receiver on the right, and we're sending web traffic again here. So it sends it with a destination port of port 80, the standard port for web traffic, and it will use a random source port number above 1024. In our example, the source port costs $1,500. So we've got a connection between the sender and receiver. When the receiver sends traffic back, it will flip the source and destination port numbers around. So it will use port AA as its source now, and the destination will be port number 1,500. This is how stateful firewalls are able to keep track of connections as well. Imagine that rather than a switch in the middle there, it was a firewall, and we had a rule in the firewall that said traffic is allowed out from the sender on the left to the network on the right. But traffic is not allowed from the right to the left unless it is initiated from the sender. If you managed to follow that well, in that case, on the firewall, we're allowing traffic from the sender to the receiver; that traffic is allowed outbound. When the return traffic comes back, the firewall could see based on the source and destination port numbers that this is return traffic going back to that sender again. So I'll allow this traffic to come through. If the traffic had been initiated by the host on the right, it would not allow that traffic. That's how stateful firewalls work.

Our two most common protocols at layer four are TCP, which is the transport control protocol, and UDP, which is the user datagram protocol. TCP is connection oriented.As we go through the rest of this lecture, you'll see that a lot of the main characteristics of TCP and UDP are opposite each other. And after I've explained both protocols, I'll explain why that is. So TCP is connection-oriented, meaning that once a connection is established, data can be sent directionally over the two hosts. Over that connection, TCP carries out sequencing, which includes sequence numbers in the traffic. sure that segments are processed in the correct order and none are missing. So when traffic comes into the receiver, it can look at the sequence number and use that to make sure it assembles the traffic in the correct order again. It can also check from the sequence numbers if a segment was lost in transit as well. TCP is reliable. The receiving host sends acknowledgements back to the sender. So based on the sequence number, the receiver can see if all the traffic has come in. If any traffic has been lost in transit, then it will tell the sender that happened. The way it does it is by not sending an acknowledgment back to the sender. When a sender realises that traffic has been lost, it will resend that traffic again. TCP can also perform flow control as well. So if the sender is sending at a rate that is too high and the receiver can't handle it, the receiver can signal back to the sender, telling it to slow down. So TCP is a connection-oriented, reliable protocol. The way that the connection is set up between the two hosts is by using the TCP three-way handshake. So here we've got the sender on the left going to initiate the connection.

It sends a synchronised message over to the receiver on the right. When the receiver receives that, it will send it in a box or synchronised acknowledgement. And then finally, to complete the connection, the sender will send an acknowledgment. We now have the connection set up between the two hosts, and they can send traffic over it. The next thing I'm going to show you is the makeup of the TCP header. But just before I show you, I wanted to give you a quick reminder from the previous lesson about how a packet is composed. So we've got the sender on the left, the receiver on the right, and we're going to send some traffic over there. So first off, as the centre is composing the packet, it will put in the layer seven information. It will then encapsulate that with the layer six header. It then gets encapsulated with the layer five header, the layer four header, the layer three header, and the layer two header. And then we send it on to the physical wire. So, on the next slide, you'll see how that layer four header is put together, what goes into it, and how it looks. So we've got the source port and the destination port numbers, as we spoke about just earlier. We then have the sequence number and the acknowledgment number. We have a header length and a reserved field, which is for any reserved information. Later code bits, window which can be used for flowcontrol, a check from which can be used to checkand see if the traffic got corrupted in transit. We've got an optional urgent part of the header there as well. We can have other options. And then we've got the data. So you see, there is quite a lot that goes into the TCP header. We'll contrast that with the UDP header coming up in a minute.

So let's talk about UDP. Now, UDP is the user datagram protocol, and it sends traffic with best effort, meaning we don't have the connection and we don't have reliability. The sender just makes up the packet, sends it over to the receiver, and hopes that it's going to get there. So UDP is not connection-oriented; there's no handshake connection set up between the hosts. It doesn't carry out sequence checks to ensure segments are processed in the correct order or are missing. It's not reliable. Receiving hosts is not sending knowledge back to the sender and does not perform well in terms of control. So, as I previously stated, the sender will send the traffic and hope that it reaches its destination. We can still have error detection and recovery for this traffic, but if it is required, it's going to be up to the upper layers, up to the application level, to actually provide it. It's not going to be provided by UDP. So looking at the UDP header, you'll see there's much less filled in here. All we have is the source and destination parts, the length and UDP checks, and the data. So you can see by comparing the UDP header and the TCP header that there's much less overhead with UDP, which leads us into where TCP or UDP would be used. Now this is up to the designer of the application. Whenever a designer designs an application, theycan choose whether it's going to useTCP or UDP for its transport. They will typically choose to use TCP for traffic, which requires reliability. But real-time applications such as voice and video can't afford the extra overhead of TCP. So they would use UDP, voice, and video. It's very sensitive to delay.

You've probably watched TV before. You've seen a news report where the newscaster is doing it over a satellite phone, and you can see it's very laggy because satellites are famously high-latency connections. So voice and video are very sensitive to latency. We don't want to use TCP for real-time traffic like that because the extra overhead is going to slow it down and affect the quality. So for real-time traffic that's sensitive to delay, we'll usually use UDP. For other applications, we'll use TCP. And because there are a lot more of our applications in voice and video, TCP is the most commonly used transport for transport.There are some applications that can use both TCP and UDP as well. You'll see an example on the next slide. So here we're going to look at some of the common applications and their destination ports. For applications that use TCP, we've got FTP, the file transfer protocol that uses Power 21. Secure Shell is on port 22, Telnet on port 23, HTTP web traffic is on port 80, and https-encrypted web traffic is on port 443. Some UDP protocols we've got are TFTP, the trivial file transfer protocol, which uses Part 69, and SNMP, a simple network management protocol, which uses Part 161. And the best known application that can use both TCP and UDP is DNS on port 53. There are some other voice and video signalling protocols that can also use both TCP and UDP as well. So that was it. That was our layer for the transport layer lecture. I'll see you in the next.

So when looking for preparing, you need Cisco CCNA certification practice test questions and answers, study guide and complete training course to study. Open in Avanset VCE Player & study in real exam environment. However, Cisco CCNA exam practice test questions in VCE format are updated and checked by experts so that you can download Cisco CCNA certification exam practice test questions and answers files in VCE format.