IOS commands

IOS Command Modes

IOS has several command modes. Each mode can be identified by the prompt.
Switch>           - user mode
Switch#           - enable mode
Switch(vlan)#           - Vlan database mode
Switch(config)#           - global configuration mode
Switch(config-if)#           - interface configuration mode
Switch(config-line)#           - line (vty/aux/console) configuration mode

enable - change to enable/privilige mode
disable - change to user mode
configure terminal - change to global config mode
show interface
show version
show vlan
vlan database - change to vlan database mode
vlan [VlanID] - create a new vlan in vlan database mode
switchport access vlan [VlanID] - change a switch port to a new Vlan

3/4/07

switchport mode trunk - change a switch port to trunk mode
switchport trunk encapsulation [ISL/Dot1q] - change trunk type of a switch port
switchport trunk vlan allow [VlanID] - set allowable vlan to a trunk port
switchport trunk vlan allow add [VlanID] - add allowable vlan to a trunk port
switchport trunk vlan remove [VlanID] - remove allowable vlan from a trunk port

encapsulation dot1q [VlanID] - configure router subinterface as a vlan trunk

show ip interface brief - check current ip interfaces
show running-config - check current configuration
enable password [PASSWORD] - set privilege level password (insecure)
enable secret [PASSWORD] - set privilege level password (secure)
line vty 0 4 - change to vty (telnet) line config mode
line aux 0 - change to aux (modem) line config mode
line console 0 - change to console line config mode
service password-encryption - scramble/encrypt clear text passwords

Day 4

1. Vlan
2. Spanning Tree

1. Vlan
Vlans let network administrator create multiple virtual broadcast domains in a single switch.
Hosts between differnent Vlans cannot communicate without a router or a layer 3 device.

By default, Cisco switches has one Vlan, which is Vlan1 and all the switch ports are in Vlan1.

Following config depicts how to create a new Vlan (vlan 2) and move port 1 to newly created vlan. Configuration is for Cisco 2900 XL series switch.



2. Spanning Tree
Multiple connections between switches cause traffic loop which in turn leads to traffic/broadcast storms.
Multiple connections between switches are desirable for redundancy.

Spanning tree allows multiple inter-switch connections by automatically blocking one of the connections leaving only one active connection. In case of active connection failure, blocking port will become the active one.

Day 3

1. Names and Numbers
2. Internet Standards (RFCs)
3. Private and Public IP Addresses

1. Names and Numbers
Every name in TCP/IP protocol layers has it own number associated with it. After all, computers only understand numbers.
People remember websites by its name, e.g., www.yahoo.com, www.google.com.
www.yahoo.com has its own IP address 69.147.114.210
www.google.com has its own IP address 64.233.161.99

Computer name (hostname) to IP address translation is provided by Domain Name Service (DNS).
DNS also provide IP address to computer name, known as reverse DNS.

Also, applications have their own number known as port number. They are also called well-known ports.
HTTP (Hyper Text Transfer Protocol) used by web pages uses TCP port number 80.
HTTPS (Secure HTTP) uses port number 443.
DNS (Domain Name Service) uses port number 53.
Telnet uses port number 23.
SSH uses port number 22.

Here is the updated list of well-known port numbers.

IANA (http://www.iana.org/) is the governing body that control names and numbers of the Internet.



2. Internet Standards (RFCs)
Internet standards are called RFCs (Request For Comments).
Current standards RFCs can be found here. [It is not required to read RFC for CCNA exam]

RFCs are contributed and maintained by industry experts.

3. Private and Public IP Addresses
3 blocks of IP addresses are reserved for private use. Private IP addresses can be used in an organization provided that those hosts will not be connected to the Internet directly.
Private IP address standard is defined in RFC1918.
Private address blocks are
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255

If an organzation wants to connet to the Internet, a public IP address is required. The organization can get public IP address either from an ISP or from ARIN (in United States).
Small organizations should request public IP address from ISP and larger ones from ARIN.

RIPE controls IP names and number for Europe and Middle East.
APNIC controls IP names and number for Asia Pacific.
AFRINIC controls IP names and number for Europe and Africa.
LACNIC controls IP names and number for Latin America and Carribean.

Day 2

1. TCP/IP Layers Model
2. Encapsulation and De-encapsulation
3. Legacy IP classes

1. TCP/IP Layers Model

TCP/IP protocol suite is the result of academic research started in 1970s funded by Department of Defense.
(For those interested in history of Interet should read Where wizards stay up late book.)
TCP/IP use 4 layers model as opposed to ISO 7 layers model.
Studying sniffer traces in Wireshark can help understanding TCP/IP layering model.

TCP/IP 4 layers, in order of bottom to top, are
a. Network Interface Layer
b. Internetwork Layer
c. Transport Layer (aka Host-to-Host Layer)
d. Application Layer

Followings are a few examples of avaiable technology/protocol in today (2007) computer networks.
a. Network Interface Layer - Ethernet, T1, DS3, ISDN
b. Internetwork Layer - IP
c. Transport Layer - TCP, UDP
d. Application Layer - HTTP, SSH, Telnet, DNS



2. Encapsulation and De-encapsulation
When Host A sends data to Host B via a TCP/IP network, sender (Host A) encapsulates data with required information from lower layer protocol. Receiver (Host B) de-encapsulates by removing lower layer protocol overhead until it can retrieves data sent from Host A.

For a HTTP traffic, following occurs at Host A before it is sent to the network in that order.
a. HTTP layer encapsulation
b. TCP layer encapsulation
c. IP layer encapsulation
d. Ethernet layer encapsulation

Once Host B receive data, following happens.
a. Ethernet layer de-encapsulation
b. IP layer encapsulation
c. TCP layer encapsulation
d. HTTP layer encapsulation
- and Host B receives data sent from Host A.



3. Legacy IP classes

IP address were divided into 3 classes.
Class A was meant for large schools and companies, those who need up to 16 milliion IP addresses.
Class B was meant for medium schools and companies, those who need up to 65,534 IP addresses.
Class C was meant for small schools and companies, those who need less than 255 IP addresses.

Soon, designer of IP classes realize that the size of companies or schools do not neatly fit into just 3 categorizes and that it is ineffecient and wasteful.
For example, a Class B must be assigned a school that needs 4,000 IP address, wasting almost 60,000 IP addresses.

Idea of classful addressing is no longer valid these days. But the term Class A, B and C are still used in the industry and it is required to understand and memorize those classes and their addressing system.

Class of an IP address can be recognized by looking at the first byte (aka first octect). Following is the relation of first octect of IP address to IP class.
1 - 126, Class A
128 - 191, Class B
192 - 223, Class C

* Classes are based on location of 1st zero in binary value of first octect (which is easier for computer but not so for human beings).

Day 1

1. MAC Address
2. Sniffer
3. Connecting two computers with a hub, a switch and a router

1. MAC Address

Every NIC has a universally unique MAC address. (Some manufacturers allow user-configurable MAC address.)
Use ipconfig/all (Windows) , ifconfig (Linux) to check MAC address of NIC.

MAC address is 6 bytes (48 bits) long.
First 3 bytes (24 bits) is OUI and is controlled by IEEE (http://www.ieee.org).
NIC manufacture buys OUI from IEEE.
Last 3 bytes (24 bits) is assigend by NIC maker.

NIC maker can be found by using OUI at IEEE website. (http://standards.ieee.org/regauth/oui/index.shtml)


2. Sniffer

A sniffer is a software program that can intercept data going across a computer network. A packet sniffer is also known as network analyzer or a protocol analyzer.

Probably the most popular and free packet sniffer is Wireshark. (http://www.wireshark.org). It was known as Ethereal until recently. Due to trademark issue, the program was renamed.

Free sniffer programs for Unix are tcpdump (Linux/BSD) and snoop (solaris).

Sniffer put NIC into "prosmiscous mode" so that it can see all the data going over the network. Proper setup of network devices (hub, switch or router) is required so that a sniffer can capture data. (Wireshark will NOT properly work with Wifi NIC. )

3. Connecting computers with a hub, and a switch

Computer A, B and C are connected to a network device.

If Computer A sees unicast traffic between Computer B & C, then all three computers are in the same collision domain. The network device will be a hub.

Computer A does not see unicast traffic between Computer B & C but if it sees broadcast traffic from B or C, then all three computers are the same broadcast domain. They are NOT in the same collision domain. The network device will be a switch.

If Computer A does not see unicast or broadcast traffic between Computer B & C, then Computer A is in different broadcast domain from Computer B & C. The network device will be a router.