Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

MIND MAP

No description
by

evelio ortiz

on 28 October 2016

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of MIND MAP

CCNA
COM
MAND

interface vlan
number
VLAN
switchport mode trunk
TRUNK
interface
type number
Port security
CDP
[
no
] cdp run
COMMAND MIND MAP BY CATEGORY
Config
[
no
] cdp enable
show cdp neighbors
show cdp neighbors detail
show cdp entry [
name
]
show cdp interface [
type number
]
show cdp traffic (
no packet
)
exec
vlan

vlan-id
switchport access vlan
vlan-id
[
no
] shutdown
vlan-id
show vlan brief
show vlan
show vlan id
vlan-id
show interface
type

number

switchport
config
exec
switchport trunk native
vlan-id
switchport trunk allowed vlan [
add
|
all
|
excep
|
remove
] vlan-list
show interfaces [
type number
] switchport
show interfaces [
type number
] trunk
show interfaces switchport
show interfaces trunk
switchport nonegotiate
show vlan name
vlan-name

show vlan summary
show mac address-table
SSH
config
exec

1. Contraseña modo privilegiado

2. Contraseña para la linea vty
ip ssh version 2
ahora está habilitado ssh version 2.
show ip ssh
SSH Enabled - version 2.0
line vty 0 15
password
cisco
login
1. Verify SSH support.
show ip ssh
SSH Disabled - version 1.99
soporta ssh, pero está deshabilitado
2. Configure the IP domain.
ip domain-name
prueba.com
3. Generate RSA key pairs.
crypto key generate rsa
4. Configure user authentication.
username
admin
secret
ccna
5. Configure the vty lines
.
line vty 0 15
transport input [telnet
|
ssh
|
all
|
none]
login local
6. Enable SSH version 2.
enable secret
class
.
Configure antes de configurar ssh
switchport port-security
switchport port-security maximum
4
switchport port-security mac-address
mac address
switchport port-security violation shutdown
switchport port-security violation restrict
switchport port-security violation protect
show port-security
show port-security interface
type number
show port-security address
show mac address-table
clear mac address-table dynamic
clear mac address-table dynamic address
address
clear mac address-table dynamic interface
type number
clear mac address-table dynamic vlan
vlan-id
clear mac address-table notification
config
exec
DHCP IPV4
ip dhcp pool
name
network
address mascara
default-router
ip address
dns-server
ip address
lease
days hours minutes
ip dhcp excluded-address
ip address start ip address end
[
no
] service dhcp
show ip dhcp binding
show ip dhcp conflict
show ip dhcp relay
config
exec
IPV6
ROUTING
IPV6

RIP
ipv6 unicast-routing
interface
type number
ipv6 enable (
automáticamente configura ipv6 link-local
)
ipv6 address
address prefix-lenght
ipv6 address fe80::/64 link-local
ipv6 address
address prefix-lenght
eui-64

ipv6 rip
jazmin
enable (
RIPng process for each interface
)
show ipv6 rip database
show ipv6 route
show ipv6 protocols
show ipv6 interface brief
show ipv6 interface
type number
show ipv6 route rip
config
exec
IPV6

OSPF
IPV6

EIGRP
NAT
Dynamic NAT:
One Private to
One Public Address Translation
1. Define a static route on the ISP
ip route
ip address subnet mask interface siguiente salto
2. Define a pool of usable public IP address on your ruoter that will perform NAT
ip nat pool
jazmin

start of pool

end of pool
netmask
subnet mask
3. Create an ACL that will identify which private IP address will be translated
access-list
number ACL
permit
ip address
willcard mask
4. Create the translation
ip nat inside source list
number

ACL
pool
jazmin
5. Define which interfaces are inside (contain the private address)
interface
type

interface number
ip nat inside
6. Define the outside interface (the interface leading to public network)
interface
type

interface number
ip nat outside
PAT:
Many Private to One Public Address Translation
1. Define a static route on the ISP
ip route
ip address subnet mask interface siguiente salto
2. Define a pool of usable public IP address on your ruoter that will perform NAT (optional). Use this step if you have many private address to translate
ip nat pool
jazmin

start of pool

end of pool
netmask
subnet mask
3. Create an ACL that will identify which private IP address will be translated
access-list
number ACL
permit
ip address
willcard mask
4. Create the translation (optional 1)
ip nat inside source list
number

ACL
interface
type number
overload
5. Create the translation (optional 2)
ip nat inside source list
number

ACL
pool


jazmin
overload
6. Define which interfaces are inside (contain the private address)
interface
type

interface number
ip nat inside
7. Define the outside interface (the interface leading to public network)
interface
type

interface number
ip nat outside
Private address all use a single public IP address and numerous port numbers for translation.
show cdp entry [
*
]
show cdp
Router-on-a-Stick Inter-VLAN Routing
interface
fa0/1.10

encapsulation dot1q
10
ip address
192.168.1.1 255.255.255.0

show running-config
and the
show interfaces interface-id switchport
commands are useful for identifying:
VLAN assignment and
port configuration issues
Port mode
Switch(config-if)#switchport mode access
Switch(config-if)#switchport mode dynamic
Switch(config-if)#switchport mode trunk
switchport mode access
Multilayer switches
no switchport
(To configure routed ports)
Protocolo de enrutamiento se configura para en rutamiento, con los routers.
Para interconectar VLAN no se requiere protocolo de enrutamiento


show sdm prefer
(SDM, switch database manager)
sdm prefer default
sdm prefer dual-ipv4-and-ipv6
sdm prefer lanbase-routing
sdm prefer qos
lanbase-routing: this template, static routing is supported for up to 750 static routes.
switch 3560
SVIs
Switch(config)#interface Vlan1
Switch(config-if)# ip address 191.168.2.1 255.255.255.0
Switch(config-if)#no shutdown
Switch(config)#interface Vlan2
Switch(config-if)#ip address 192.168.3.1 255.255.255.0
Switch(config-if)#no shutdown

Switch(config)# ip routing

Switch#show ip route
...
191.168.0.0/24 is subnetted, 1 subnets
C 191.168.2.0 is directly connected, Vlan1
C 192.168.3.0/24 is directly connected, Vlan2
Nota: Asignar un puerto con un host a cada vlan
Types of Static Routes
Types of IPv4 static routes:
Default static route: creates a Gateway of Last Resort.
ip route 0.0.0.0 0.0.0.0

{
ip-address | exit-intf
}

Summary static route: if, The destination networks are contiguous and the multiple static routes all use the same exit interface or next-hop IP address
.

Floating static route: are static routes that are used to provide a backup path to a primary static or dynamic route, in the event of a link failure.
ip route
network-address subnet-mask

exit-if distance

Standard static route: Static routes are useful when connecting to a specific remote network (to stub networks ).
ip route
network-address subnet-mask
{
ip-address ¦ exit-if
}
Next-hop route:
ip route
network-address subnet-mask

ip-address
Directly connected static route:
ip route
network-address subnet-mask

exit-if
Fully specified static route:
ip route
network-address subnet-mask

exit-if ip-address
ping
traderoute
show ip route
show ip route static
show ip route
network
shoow running-config ¦ section ip route
How the destination is specified creates one of the three following route types:
Next-hop route - Only the next-hop IP address is specified.
Directly connected static route - Only the router exit interface is specified.
Fully specified static route - The next-hop IP address and exit interface are specified.
Types of IPv6 static routes:
IPv6 static routes can also be implemented as:
Standard IPv6 static route:
Default IPv6 static route:
ipv6 route
::/0 { ipv6-address | exit-intf }
Summary IPv6 static route:
Floating IPv6 static route:
Router(config)# ipv6 route ipv6-prefix/prefix-length {
ipv6-address
|
exit-intf
}
As with IPv4, these routes can be configured as recursive, directly connected, or fully specified.
ipv6 unicast-routing
: enable the router to forward IPv6 packets.
How the destination is specified creates one of three route types:
Next-hop static IPv6 route - Only the next-hop IPv6 address is specified.
ipv6 route ipv6-prefix/prefix-length
ipv6-address

Directly connected static IPv6 route - Only the router exit interface is specified.
ipv6 route ipv6-prefix/prefix-length
exit-intf

Fully specified static IPv6 route - The next-hop IPv6 address and exit interface are specified.
ipv6 route ipv6-prefix/prefix-length
exit-intf

ipv6-address

If the IPv6 static route uses an IPv6 link-local address as the next-hop address, a fully specified static route including the exit interface must be used.

ping
traceroute
show ipv6 route
show ipv6 route static
show ipv6 route
network

Routing protocols, such as RIPv2, EIGRP, and OSPF use designated multicast addresses (RIP = 224.0.0.9, EIGRP = 224.0.0.10, OSPF 224.0.0.5, and 224.0.0.6).
An extended ping is when the source interface or source IP address is specified.
Example: ping 192.168.2.1 source 172.16.3.1 (R&S2, 6.5.2.1)
ping 192.168.2.1 source g0/0 (R&S2, 6.5.2.2)
Troubleshoot IPv4 Static and Default Route Configuration

ping
traceroute
show ip route
show ip interface brief
show cdp neighbors detail

show running-config ¦ section ip route
Specifically, routing protocols can be classified by their:
Purpose
- Interior Gateway Protocol (IGP) or Exterior Gateway Protocol (EGP)
Operation
- Distance vector, link-state protocol, or path-vector protocol
Behavior
- Classful (legacy) or classless protocol

Dynamic routing
Configuring the RIP Protocol
passive-interface:
prevent the transmission of routing updates through a router interface
ej: passive-interface
g0/0
passive-interface default
:As an alternative, all interfaces can be made passive
Propagating a Default Route in RIP
ip route 0.0.0.0 0.0.0.0 exit-intf next-hop-ip
router rip
default-information originate
(propagating the static default route in RIP updates.)
RIPng Protocol
The process to propagate a default route in RIPng is identical to RIPv2 except that an IPv6 default static route must be specified.
A default static route using the
ipv6 route 0::/0 2001:DB8:FEED:1::1
global configuration command
.

The ipv6 rip
domain-name
default-information originate
interface configuration mode command
show ipv6 protocols
Confirm the following parameters:
1. That RIPng routing is configured and running on router R1.
2. The interfaces configured with RIPng.
Router#show ip ospf neighbor
ACL
Range of 1 through 99
1300 to 1999
Extendidas
CONFIGURACIÓN SWITCH 3560
ip routing
no ip domain-lookup
FastEthernet0/1
switchport access vlan 20
switchport mode access
interface FastEthernet0/2
switchport access vlan 100
switchport mode access
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
interface GigabitEthernet0/2
no switchport
ip address 172.16.150.1 255.255.255.252
interface Vlan20
ip address 192.168.2.1 255.255.255.0
interface Vlan100
ip address 192.168.1.1 255.255.255.0
interface Vlan110
ip address 172.16.110.1 255.255.255.0
interface Vlan120
ip address 172.16.120.1 255.255.255.0
interface Vlan130
ip address 172.16.130.1 255.255.255.0
interface Vlan140
ip address 172.16.140.1 255.255.255.0
router eigrp 1
network 192.168.2.0
network 192.168.1.0
network 172.16.0.0
no auto-summary

Switch(config-if)#mdix auto
Permite que la interface identifique el tipo de cable (directo o cruzado)
ways to change VLAN port membership.
Switch(config)#interface fa0/2
Switch(config-if)#no switchport access vlan 40
Switch(config-if)#do show vlan
los mejores caminos de enrutamiento pueden
ser encontrados usando diferentes protocolos y métricas.
Algunas métricas usadas incluyen:
*Bandwidtch
*Costo
*Delay
*Hops
RIP V2

Classless routing protocol
- It supports VLSM and CIDR, because it includes the subnet mask in the routing updates.

I
ncreased efficiency
- It forwards updates to multicast address 224.0.0.9, instead of the broadcast address 255.255.255.255.


Reduced routing entries
- It supports manual route summarization on any interface.

S
ecure
- It supports an authentication mechanism to secure routing table updates between neighbors.

EIGRP also introduced:
Bounded triggered updates
Hello keepalive mechanism
Maintains a topology table
Rapid convergence
Multiple network layer protocol support
RIP actualiza cada 30s
show ip protocols
Passive-interface evita:
Wasted Bandwidth
Wasted Resources
Security Risk
The Internet is based on the AS concept; therefore, two types of routing protocols are required:
Interior Gateway Protocols (IGP)
- Used for routing within an AS.

Exterior Gateway Protocols (EGP)
- Used for routing between AS. The Border Gateway Protocol (BGP) is the only currently-viable EGP and is the official routing protocol used by the Internet.
The operations of a dynamic routing protocol can be described as follows:

1. The router sends and receives routing messages on its interfaces.

2. The router shares routing messages and routing information with other routers that are using the same routing protocol.

3. Routers exchange routing information to learn about remote networks.

4. When a router detects a topology change the routing protocol can advertise this change to other routers.
The network has converged when all routers have complete and accurate information about the entire network. Convergence time is the time it takes routers to share information, calculate best paths, and update their routing tables.
7.1.3.6
Classful Routing Protocols

The biggest distinction between classful and classless routing protocols is that classful routing protocols do not send subnet mask information in their routing updates. Classless routing protocols include subnet mask information in the routing updates.
Routing Protocol Characteristics
Routing protocols can be compared based on the following characteristics:
• Speed of Convergence -.
• Scalability –
• Classful or Classless (Use of VLSM) –
• Resource Usage –
• Implementation and Maintenance -

Enhanced Interior-Gateway
Routing Protocol
EIGRP
also introduced:
Bounded triggered updates
Hello keepalive mechanism
Maintains a topology table
Rapid convergence
Multiple network layer protocol support
Metrics : bandwidth, delay, reliability, path cos
By default : bandwidth and delay are used to determine best path selection
Cmabiar distancia administrata para RIP v2
RA(config)# router rip
RA(config-router)# distance 89
Dynamic routing
OSPF
1. Router(config)#
access-list access-list-number { deny | permit | remark } source [ source-wildcard ][ log ]
2.
seleccionar interface
3. Router(config-if)#
ip access-group { access-list-number | access-list-name } { in | out }
Remove the ACL:
1.
no ip access-group
2.
no access-list

Para mirar si se borró:

show access-list

remark:
keyword is used for documentation and makes access lists a great deal easier to understand. Each remark is limited to 100 characters.
show running-config
command, the remark is also displayed.
A standard ACL can only filter traffic based on a source address. The basic rule for placement of a standard ACL is to place the ACL as close as possible to the destination network.
Estandar
Configuring a Standard ACL
to Secure a VTY Port
Cisco recommends using SSH
Router>enable
Router#
configure terminal
Router(config)#
line vty 0 4
Router(config-line)#
login local
Router(config-line)#
transport input ssh
Router(config-line)#
access-class 4 in
Router(config-line)#
exit
Router(config)#
access-list 4 permit
192.168.10.0 0.0.0.255
Router(config)#
access-list 4 deny any
Router(config)#
No olvide asignar un nombre
al switch o al ruoter, de lo contrario al asignar el comando
crypto key geretae rsa
se lo solicitará

ipv6 unicast-routing
Enable unicast routing
R1(config)#
access-list 101 permit
tcp
any any eq
?
En lugar del ?, puede usarse:
Port numbers o
keywords
DHCP IPV4
Three different address allocation mechanisms
Manual Allocation
: Administrator assigns a pre-allocated and DHCP communicates only the IPv4 address to the device.

Automatic Allocation
: DHCPv4 automatically assigns a static IPv4 address permanently, selecting it from a pool of available addresses.

Dynamic Allocation
: DHCPv4 dinamically assigns, or leases, an IPv4 addresses for a limited period of time chosen by the server, or until the client no longer needs the address.

DHCP v4 Operation
DHCPREQUEST: This message is used for both lease origination and lease renewal.
Full transcript