CCIE SEC General Networking
Basics
Have you tried switching it off & on again?
OSI Layers
Application
Layer 7
SMTP
HTTP
Presenetation
Layer 6
XML / HTML
GIF / JPEG
Session
Layer 5
Controls Connections... i.e. source port to destination port.. and source port tied to applications
Transport
Layer 4
TCP
UDP
ICMP
Network
Layer 3
Logical Addressing
IP
Routing
Data-Link
Layer 2
MAC Addresses
ARP
Switching
Physical
Layer 1
Physical Connections, plugs
Fibre / Copper
TCP/IP Protocols
ICMP
Protocol 1
Types
0 Echo Reply
3 Destination Unreachable
4 Source Quench
5 Redirect
8 Echo Request
11 TTL Expired
TCP
Protocol 6
Connection-Orientated
UDP
Protocol 17
Connection LESS
IP v4
Class A
Class B
Class C
Class D
MultiCast
Class E
Experimental
RFC 1918
RFC 2827
IP v6
Switching
VTP
Modes
Server
DEFAULT!
Client
Transparent
All VLANS are local
Layer 2 Frames
Domains
Revision Number
To re-Set to 0
Change Domain Name
Change Switch Mode
VLANS in domain
Paramaters
Mode
Version 2
Version 2
Pruning
VLANS
Spanning Tree
BPDU
Notication Frames
Note Generated by spanning-tree portfast
Config Frames
Set with Source Mac & root bridge MAC
Security
Root Gurad
Stops new root Bridge BPDUs, allows switches to connect
BPDU Guard
Rejects ANY BPDU
Loop Gurad
Stops Loops forming if no BPDU recieved
UDLC
UNI-Directional Loop Detection
used to detect if tx or rx breaks
Normal Mode = Log
Aggressive Mode = Err_Disable Port
BPDU Filter
Filters Outbound BPDU
Trunking
Routing Protocols
RIP
Distance Vector
UDP 520
Admin Distance 120
Load Balance upto 16 paths
Version 1
Broadcast Updates
Classfull
No Authentication
Version 2
Classless, VLSM = ok!
Auto Summary on Class
MULTICAST - 224.0.0.8
Authentication
EIGRP
Admin Distance 90
IGRP
Admin Distance 100
OSPF
Admin Distance 110
Multicast
224.0.0.5 (all SPF/link state routers, also known as AllSPFRouters)
224.0.0.6 (all Designated Routers, AllDRouters)
OSPF does not use TCP or UDP but uses IP directly, via IP protocol 89
Open Shortest Path First
Classless, VLSM = ok!
Link-State Routing Protocol
LSA
Link State Announcement
Types
LSA 1
LSA 2
LSA3
IGP (Interior gateway protocol)
All Areas must connect to Area 0
Virtual Link can create a temp link to area 0
Area 0 is the backbone area
Stub Area
A stub area is an area which does not receive external routes except the default route
Configuring OSPF Authentication on a Virtual Link
r3.3.3.3# debug ip ospf adj 23:48:06: OSPF: Interface OSPF_VL1 going Up 23:48:06: OSPF: Send with youngest Key 0 23:48:07: OSPF: Build router LSA for area 0, router ID 3.3.3.3, seq 0x80000001 23:48:07: OSPF: Build router LSA for area 2, router ID 3.3.3.3, seq 0x80000033 23:48:07: OSPF: Build router LSA for area 1, router ID 3.3.3.3, seq 0x80000030 23:48:14: OSPF: 2 Way Communication to 1.1.1.1 on OSPF_VL1, state 2WAY 23:48:14: OSPF: Send DBD to 1.1.1.1 on OSPF_VL1 seq 0x1EA opt 0x62 flag 0x7 len32 23:48:14: OSPF: Send with youngest Key 1 23:48:14: OSPF: Rcv DBD from 1.1.1.1 on OSPF_VL1 seq 0x3FB opt 0x62 flag 0x7 len 32 mtu 0 state EXSTART 23:48:14: OSPF: First DBD and we are not SLAVE 23:48:16: OSPF: Send with youngest Key 1 23:48:19: OSPF: Send DBD to 1.1.1.1 on OSPF_VL1 seq 0x1EA opt 0x62 flag 0x7 len 32 23:48:19: OSPF: Send with youngest Key 1 23:48:19: OSPF: Retransmitting DBD to 1.1.1.1 on OSPF_VL1 [1] 23:48:19: OSPF: Rcv DBD from 1.1.1.1 on OSPF_VL1 seq 0x3FB opt 0x62 flag 0x7 len 32 mtu 0 state EXSTART 23:48:19: OSPF: First DBD and we are not SLAVE 23:48:19: OSPF: Rcv DBD from 1.1.1.1 on OSPF_VL1 seq 0x1EA opt 0x62 flag 0x2 len 172 mtu 0 state EXSTART 23:48:19: OSPF: NBR Negotiation Done. We are the MASTER 23:48:19: OSPF: Send DBD to 1.1.1.1 on OSPF_VL1 seq 0x1EB opt 0x62 flag 0x3 len 112 23:48:19: OSPF: Send with youngest Key 1 23:48:19: OSPF: Send with youngest Key 1 23:48:19: OSPF: Database request to 1.1.1.1 23:48:19: OSPF: sent LS REQ packet to 5.0.0.1, length 48 23:48:19: OSPF: Rcv DBD from 1.1.1.1 on OSPF_VL1 seq 0x1EB opt 0x62 flag 0x0 len 32 mtu 0 state EXCHANGE 23:48:19: OSPF: Send DBD to 1.1.1.1 on OSPF_VL1 seq 0x1EC opt 0x62 flag 0x1 len 32 23:48:19: OSPF: Send with youngest Key 1 23:48:19: OSPF: Build router LSA for area 0, router ID 3.3.3.3, seq 0x80000030 23:48:19: OSPF: Rcv DBD from 1.1.1.1 on OSPF_VL1 seq 0x1EC opt 0x62 flag 0x0 len 32 mtu 0 state EXCHANGE 23:48:19: OSPF: Exchange Done with 1.1.1.1 on OSPF_VL1 23:48:19: OSPF: Synchronized with 1.1.1.1 on OSPF_VL1, state FULL !--- This indicates the establishment of neighbor adjacency. 23:48:19: %OSPF-5-ADJCHG: Process 2, Nbr 1.1.1.1 on OSPF_VL1 from LOADING to FULL, Loading Done
ip ospf authentication-key cisco
area 1 virtual-link 3.3.3.3 authentication-key cisco
Sample Configuration for Authentication in OSPF
Types
Null Authentication
Plain Text Authentication
MD5 Authentication
show ip ospf interface serial0
R1-2503# show ip ospf interface serial0 Serial0 is up, line protocol is up Internet Address 192.16.64.1/24, Area 0 Process ID 10, Router ID 172.16.10.36 , Network Type POINT_TO_POINT, Cost: 64 Transmit Delay is 1 sec, State POINT_TO_POINT, Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 Hello due in 00:00:05 Index 2/2, flood queue length 0 Next 0x0(0)/0x0(0) Last flood scan length is 1, maximum is 1 Last flood scan time is 0 msec, maximum is 4 msec Neighbor Count is 1, Adjacent neighbor count is 1 Adjacent with neighbor 70.70.70.70 Suppress hello for 0 neighbor(s) Message digest authentication enabled Youngest key id is 1
BGP
TCP 179
IP Multicast
CCIE SEC General Networking
Added: 2009-01-23 03:35:20
From: (Joined 2008-12-15 05:32:23)
247 views |0 downloads
CCIE SEC General Networking
More From:
