CCNA Flash Cards

MAC table Switch# sh mac address-table Vlan Mac Address Type ----------------1 0005.dccb.d74b DYNAMIC

Ports ----Fa0/1

Source MAC address

Switch# sh ip arp Protocol Address -------- ------Internet 10.1.1.1

Age(min) -------0

Hardware Addr ------------001a.e2ce.ff40

Type ---ARPA

Interface --------Vlan1

Switch(config)# mac-address-table static aaaa.bbbb.cccc vlan 1 int fa0/5 Switch# sh mac address-table Vlan Mac Address Type ----------------1 aaaa.bbbb.cccc STATIC

Ports ----Fa0/5

CDP RouterA#sh cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, Swi tch, H - Host, I - IGMP, IGMP, r - Repeater Device ID Local Intrfce Holdtme Capability Platform Port ID RouterB Ser 0 148 R 2522 Ser 1 SwitchA0050BD855780 Eth 0 167 TS 1900 2 RouterA#sh cdp neighbor detail ------------------------Device ID: RouterB Entry address(es): IP address: 10.1.1.2 Platform: cisco 2522, Capabilities: Router Router Interface: Serial0, Port ID (outgoing port): Serial1 Holdtime : 168 sec Version : IOS (tm) 2500 Softw Software are (C2500-JS-L), Version 12.0(3), RELEASE SOFTWARE SOFTWARE (fci)

CDP RouterA#sh cdp entry Router B ------------------------Device ID: RouterB Entry address(es): IP address: 10.1.1.2 Platform: cisco 2522, Capabilities: Router Router Interface: Serial0, Port ID (outgoing port): Serial1 Holdtime : 168 sec Version : IOS (tm) 2500 Softw Software are (C2500-JS-L), Version 12.0(3), RELEASE SOFTWARE SOFTWARE (fci) RouterA#sh cdp traffic CDP counters : Packets output: 56, Input: 38 Hdr syntax: 0, Chksum error: 0, Encaps failed: 3 No memory: 0, Invalid packet: 0, Fragmented: 0 RouterA#sh cdp interface BRI0 is administratively down, line protocol is down Encapsulation HDLC Sending CDP packets every 60 seconds Holdtime is 180 seconds

CDP 10.3.3.2

10.3.3.1

10.2.2.1

10.2.2.2

RouterA#sh cdp Sending CDP packets every 60 seconds Holdtime is 180 seconds RouterA#config RouterA#config terminal RouterA(config)#cdp RouterA(config)#cdp timer RouterA(config)#cdp RouterA(config)#cdp timer 100 RouterA#config RouterA#config terminal RouterA(config)#cdp RouterA(config)#cdp holdtime RouterA(config)#cdp RouterA(config)#cdp holdtime 100 RouterA#config RouterA#config terminal RouterA(config)#no RouterA(config)#no cdp run

Disable CDP on router

RouterA#config RouterA#config terminal RouterA(config)#interface RouterA(config)#interface s0 s0 RouterA(config-if)#no RouterA(config-if)#no cdp enable

Disable CDP on interface

Port Security Max only 1 MAC address allowed

Switch# config t Switch(config)# int fa0/1 Switch(config-if)# switchport port-security maximum 1 Switch(config-if)# switchport port-security violation shutdown Switch(config-if)# switchport port-security mac-address sticky Auto learn MAC

Switch(config-if)# switchport port-security mac-address 0005.dccb.d74b Static MAC

Switchport ACL S1(config)# mac access-list extended custom_list S1(config-ext-macl)# deny S1(config-ext-macl)# permit any any S1(config-ext-macl)# int f0/6 S1(config-if)# mac access-group custom_list in S1(config)# sh mac-access-group

STP – bridge priority Switch# sh spanning-tree VLAN00001 Spanning tree enabled protocol ieee Root ID Priority 32769 Address 0005.74ae.aa40 Cost 19 Port 1 (FastEthernet0/1) Hello Time Time 2 sec Max Age 20 20 sec Forward Forward Delay Delay 15 sec Bridge ID

Priority 32769 Address 0012.7f52.0280 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 300

Switch(config)# spanning-tree vlan 1 priority ? <0-61440 <0-61440> > bridge bridge priorit priority y in increm increments ents of 4096 4096 Switch(config)# spanning-tree vlan 1 root primary

STP – PortFast, Uplinkfast, Backbonefast Switch(config)# int fa0/1 Switch(config-if)# spanning-tree portfast Switch(config)# int range fa0/2-12 Switch(config-if-range)# spanning-tree portfast Switch(config-if-range)# spanning-tree bpduguard enable Switch(config-if-range)# spanning-tree bpdufilter enable Switch(config)# spanning-tree uplinkfast Switch# sh spanning-tree uplinkfast Uplinkfast is enabled Station update rate set to 150 packets/sec. Uplinkfast Statistics ----------------------... S1(config)# spanning-tree backbonefast S2(config)# spanning-tree backbonefast Core(config)# spanning-tree backbonefast

STP – EtherChannel S1(config)# int port-channel 1 S1(config-if)# int range fa0/1-2 S1(config-if-range)# switchport mode trunk S1(config-if-range)# switchport nonegotiate S1(config-if-range)# channel-group 1 mode desirable S1# sh int fa0/1 etherchannel S2(config)# int port-channel 1 S2(config-if)# int range fa0/7-8 S2(config-if-range)# switchport trunk encap dot1q S2(config-if-range)# switchport mode trunk S2(config-if-range)# switchport nonegotiate S2(config-if-range)# channel-group 1 mode desirable S2# sh int port-channel 1

STP – RSTP (802.1w) S1(config)# spanning-tree mode rapid-pvst S1# sh spanning-tree VLAN00001 Spanning tree enabled protocol rstp Root ID Priority 32769 … Interface --------Fa0/1 Fa0/2 Fa0/4 Fa0/4

Role ---Root Altn Desg Desg

Sts --FWD BLK FWD FWD

Cost ---3019 3019 3100 3019

Prio.Nbr -------128.2 128.2 128.4 128.5

Type ---P2p P2p Edge Shr Edge P2p

VLAN – trunking S1# sh Port Fa0/1 Fa0/2

int trunk Mode Encapsulation auto 802.1q auto 802.1q

Port Fa0/1 Fa0/2

Vlans al allowed on on tr trunk 1-4094 1-4094

Port Port Fa0/1 Fa0/2

Vlan Vlans s all allow owed ed and and acti active ve in mana manage geme ment nt doma domain in 1 1

Port Port Fa0/1 Fa0/2

Vlan Vlans s in span spanni ning ng tre tree e forw forwar ardi ding ng sta state te and and not not pru prune ned d 1 none

Status trunking trunking

Native vl vlan 1 1

S1(config-if)# switchport mode trunk S1(config-if)# switchport encap dot1q S1(config-if)# switchport trunk allowed vlan

VLAN – trunking S1(config-if)# switchport mode trunk S1(config-if)# switchport encap dot1q S1(config-if)# switchport trunk allowed vlan ? add add VLANs to the current list all all VLANs exce except pt all all VLA VLANs Ns exce except pt the the fol follo lowi wing ng none no VLANs remo remove ve remo remove ve VLAN VLANs s fro from m the the curr curren ent t lis list t S1(config-if)# switchport mode dynamic ? auto auto convert to trunk if neighboring int is trunk desira desirable ble active actively ly att attemp empt t to conver convert t to trunk trunk if neig neigbor boring ing int int is trunk, desirable or auto

VLAN – configuration S1(config)# vlan S1(config-vlan)# S1(config-vlan)# S1(config-vlan)# S1(config-vlan)#

2 name Sales vlan 3 name Marketing ^Z

S1(config-if)# switchport mode access S1(config-if)# switchport access vlan 2 S1# sh VLAN ---1 2 3 …

vlan Name --------default Sales Marketing

Status --------active active active

Ports -------------------Fa0/3, Fa0/4, … Fa0/7 Fa0/10

VLAN – inter-VLAN routing R1(config)# int fa0/1 R1(config-if)# no ip address R1(config-if)# no shutdown R1(config-if)# int fa0/1.1 R1(config-subif)# encapsulation dot1q 1 R1(config-subif)# ip address 192.168.10.17 255.255.255.240 R1(config-subif)# int fa0/1.2 R1(config-subif)# encapsulation dot1q 2 R1(config-subif)# ip address 192.168.10.33 255.255.255.240 R1(config-subif)# int fa0/1.3 R1(config-subif)# encapsulation dot1q 3 R1(config-subif)# ip address 192.168.10.49 255.255.255.240 S1(config)# int f0/1 S1(config-if)# switchport mode trunk S1(config-if)# int f0/2 S1(config-if)# switchport access vlan 1 S1(config-if)# int f0/3 S1(config-if)# switchport access vlan 1 …

VTP – Config, pruning S1(config)# vtp mode server S1(config)# vtp domain LocalDomain S1(config)# vtp password cisco S1# show vtp status VTP Version : 2 Configuration Revision : 0 Max VLAN VLAN support supported ed locall locally y : 255 Number of existing VLANs : 8 VTP Operating Mode : Server VTP Domain Name : LocalDomain VTP Pruning Mode : Disabled VTP v2 Mode : Disabled … S1(config-if)# switchport trunk pruning vlan 3-4

VLAN – VoIP S1(config)# mls qos S1(config)# int f0/1 S1(config-if)# switchport priority extend trust S1(config-if)# mls qos trust cos S1(config-if)# switchport voice vlan dot1p S1(config-if)# switchport mode access S1(config-if)# switchport access vlan 3 S1(config-if)# switchport voice vlan 10

Routing - Static Albuquerque(config)# ip route 10.1.2.0 255.255.255.0 10.1.128.252 Albuquerque(config)# ip route 10.1.3.0 255.255.255.0 10.1.130.253

Routing – Default route R1(config)# ip route 0.0.0.0 0.0.0.0 10.1.11.1 R1(config)# ip classless Gateway IP of stub NW R1# sh ip route Gateway of last resort is 10.1.11.1 to network 0.0.0.0 … S* 0.0. 0.0.0. 0.0 0 [1/0 [1/0] ] via via 10.1 10.1.1 .11. 1.1 1 R1(config)# ip route 0.0.0.0 0.0.0.0 s0/0 R1(config)# ip default-network 10.1.11.1 Alt. ways to set default route

Routing - RIP R1(config)# router rip R1(config-router)# network 10.0.0.0 R1# sh ip route 10.0.0.0/24 is subnetted, 12 subnets S 10.1. .1.11. 11.0 [15 [150 0/0] /0] via via 10. 10.1.3 1.3.1 … C 10.1 10.1.3 .3.0 .0 is dire direct ctly ly conn connec ecte ted, d, Seri Serial al0/ 0/0/ 0/1 1 … Metric : 15 means next hop is infinity/dead R 10.1. 10.1.1.0 1.0 [120/ [120/1] 1] via 10.1.3 10.1.3.1, .1, 00:00: 00:00:04, 04, Seria Serial l 0/0/1 0/0/1 R 10.1. 10.1.7.0 7.0 [120/ [120/15] 15] via 10.1.3 10.1.3.1, .1, 00:00 00:00:04 :04, , Seri Serial al 0/0/1 0/0/1 … Administrative dist. of RIP Routes discovered via RIP

R1(config-router)# passive-interface serial 0/2 Prevent RIP updates fr propagation

R1(config-router)# version 2 Set RIP to operate in v2

Routing - RIP R1# sh ip protocols Routing protocol is “rip” Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Sending updates every 30 sec, next due in 24 sec Invalid after 180 sec, hold down 180, flushed after 240 Redistributing : rip … Routing for networks: 10.0.0.0 … Routing information sources: Gateway Distance Last Update 10.168.11.14 120 00:00:21 Distance: (default is 120) R1# debug ip rip

Routing - EIGRP R1(config)# router eigrp 10 Autonomous System no. R1(config-router)# network 10.0.0.0 R1# sh ip route 10.0.0.0/24 is subnetted, 12 subnets C 10.1 10.1.1 .11. 1.0 0 is dir direc ectl tly y conn connec ecte ted, d, Vla Vlan1 n1 … D 10.1. 10.1.9.0 9.0 [90/2 [90/2195 195456 456] ] via via 10.1. 10.1.4.2 4.2, , 00:0 00:00:4 0:47, 7, Seri Serial0 al0/0/ /0/1 1 … EIGRP

R1(config-router)# no auto-summary R1(config-if)# ip summary-address eigrp 10 192.168.10.64 Disable route auto-summarisation auto-summarisation 255.255.255.224

R1(config-router)# passive-interface serial 0/2 Prevent EIGRP updates fr propagation

Routing - EIGRP R1# sh ip eigrp neighbors IP-EIGRP neighbors for process 10 H Address Interface Hold Uptime 1 10.1.3.2 Se0/0/1 14 00:35:10 2 10.1.5.2 Se0/2/0 10 02:51:22 …

SRTT 1 1

RTO 200 200

Q 0 0

R1# sh ip eigrp topology IP-EIGRP Topology Table for AS(10)/ID(10.1.5.1) Codes: P – Passive, A – Active, U – Update, Q – Query, R – Reply, r – reply Status, s – sia status P 10.1.11.0/24, 1 successor, FD is 2172416 Via 10.1.5.2 (2172416/28160), Serial0/2/0 … R1# debug eigrp packet

Seq 81 31

Routing - OSPF R1(config)# router ospf 1 Process id <1 - 65535> R1(config-router)# network 10.0.0.0 0.255.255.255 area 0 R1# sh ip route 10.0.0.0/24 is subnetted, 12 subnets Wildcard mask O 10.1. 10.1.11. 11.0 0 [110 [110/65 /65] ] via via 10.1. 10.1.5.2 5.2, , 00:0 00:00:3 0:31, 1, Seria Serial0/ l0/2/0 2/0 … C 10.1 10.1.5 .5.0 .0 is dire direct ctly ly conn connec ecte ted, d, Seri Serial al0/ 0/2/ 2/0 0 R1# sh ip ospf Routing process “ospf 1” with ID 10.1.5.1 Start time: 04:32:04.116, Time elapsed: 01:27:10.156 … External flood list length 0 Area BACKBONE(0) Number of interfaces in this area is 5 Area has no authentication …

Routing - OSPF R1# sh ip ospf database OSPF Router with ID (10.1.5.1) (Process ID 1) Router Link States (Area 0) Link ID ADV Router Age 10.1.5.1 10.1.5.1 72 … (neighbors routers ID)

Seq# Checksum Link Counter 0x80000002 …

R1# sh ip ospf int f0/1 FastEthernet0/1 is up, line protocol is up Internet Address 10.1.1.1/24, Area 0 Process ID 1, Router ID 10.1.5.1, Network Type BROADCAST, Cost:1 … Designated Router (ID) 10.1.5.1, Interface address 10.1.1.1 … Timer intervals configured, Hello 10, Dead 40, Wait 40, Retrans

Routing - OSPF R1# sh ip ospf neighbor Neighbor ID Pri State 10.1.11.1 0 FULL/ 10.1.9.1 0 FULL/ 10.1.7.1 0 FULL/ …

Dead Time 00:00:37 00:00:34 00:00:38

Address 10.1.5.2 10.1.4.2 10.1.3.2

Interface Serial0/2/0 Serial0/1/0 Serial0/0/1

R1# sh ip protocols Routing protocol is “ospf 1” Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Router ID 10.1.5.1 Number of areas in this router is 1. 1 normal 0 stub 0 nssa Maximum path: 4 Routing for Networks : 10.1.1.1 0.0.0.0 area 0 10.1.2.1 0.0.0.0 area 0 … R1# debug ip ospf packet R1# debug ip ospf hello R1# debug ip ospf adj

Routing – OSPF DR, BDR R1(config)# int loopback 0 R1(config-if)# ip address 172.16.10.2 255.255.255.255 R1# sh ip ospf Routing Process “ospf 1” with ID 172.16.10.1

R1(config)# int f0/0 R1(config-if)# ip ospf priority ? <0-255> Priority

R1(config)# router R1(config-router)# R1(config-router)# R1(config-router)# R1(config-router)#

ospf 1 network 192.168.10.64 0.0.0.3 area 1 network 192.168.10.68 0.0.0.3 area 1 network 10.10.10.0 0.0.0.255 area 0 area 1 range 192.168.10.64 255.255.255.224

NAT - Static R1(config)# ip nat inside source static 10.1.1.1 170.46.2.2 R1# sh running-config ip nat inside source static 10.1.1.1 170.46.2.2 ! interface Ethernet0 ip address 10.1.1.10 255.255.255.0 ip nat inside ! interface Serial0 ip address 172.46.2.1 255.255.255.0 ip nat outside !

NAT - Dynamic R1(config)# ip nat pool nat_pool 170.168.2.2 170.168.2.254 netmask 255.255.255.0 R1(config)# ip nat inside source list 1 pool nat_pool R1(config)# access-list 1 permit 10.1.1.0 0.0.0.255 R1# sh run … ! interface Ethernet0 ip address 10.1.1.10 255.255.255.0 ip nat inside ! interface Serial0 ip address 172.46.2.1 255.255.255.0 ip nat outside ! …

NAT - PAT/Overloading R1(config)# ip nat pool globalnet 170.168.2.1 170.168.2.1 netmask 255.255.255.0 R1(config)# ip nat inside source list 1 pool globalnet overload R1(config)# access-list 1 permit 10.1.1.0 0.0.0.255 R1# sh run … ! interface Ethernet0 ip address 10.1.1.10 255.255.255.0 ip nat inside ! interface Serial0 ip address 172.46.2.1 255.255.255.0 ip nat outside ! …

NAT NAT R1# sh Pro Icmp Tcp

ip nat translation Inside global Inside local 64.1.1.5:271 10.1.9.2:271 64.1.1.5:11000 10.1.9.2:11000

R1# debug ip nat

Outside local 64.1.1.10:271 64.1.1.10:23

Outside glo 64.1.1.10: 64.1.1.10:

WAN - PPP R1(config-if)# encapsulation ? … frame-relay hdlc ppp … Router(config)# service password-encryption Router(config)# hostname R1 R1(config)# username R2 password cisco R1(config)# int s0/0 R1(config-if)# ppp authentication chap pap R1# sh ints0/0 Serial0/0 is up, line protocol is up … Encapsulation PPP Loopback not set Keepalive set (10 sec) LCP Open … R1# debug ppp authentication

WAN – Frame Relay R1(config-if)# encapsulation frame-relay ? ietf Use RF RFC1490 en encapsulation R1(config-if)# frame-relay interface-dlci ? <16-1007 <16-1007> > Define Define DLCI as as part of of current current subint subinterfa erface ce R1(config-if)# frame-relay lmi-type ? cisco ansi q933a R1# sh frame-relay pvc PVC statistics for interface Serial0/0 (Frame Relay DTE) … DLCI = 100, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INT = Serial0/0 … in BECN pkts 192

WAN – Frame Relay R1(config)# int s0 R1(config-if)# no ip address R1(config-if)# encapsulation frame-relay R1(config-if)# int s0.16 ? multipoint Treat as multipoint link poin pointt-to to-p -poi oint nt Trea Treat t as poi point nt-t -too-po poin int t link link R1(config-if)# int s0.16 point-to-point R1(config-subif)# ip address 10.1.12.1 255.255.255.0 R1(config-if)# frame-relay interface-dlci 16

WAN – Frame Relay R1# sh frame-relay lmi LMI Statistics for Interface Serial0 (Frame Relay DTE) LMI TYPE = CISCO … R1# sh int s0 Serial0 is up, protocol is up … Encapsulation FRAME-RELAY, loopback not set, keepalive set (10 sec) … LMI DLCI 1023 LMI type is CISCO frame relay DTE … R1# sh frame map Serial0 (up) : ip 172.16.20.1 dlci 16(0x10, 0x400), dynamic, broadcast,, status defined, active R1# debug frame-relay lmi

WAN – Frame Relay Map Mayberry(config)# int s0 Mayberry(config-if)# no frame-relay inverse-arp Mayberry(config-if)# frame-relay map ip 199.1.1.2 52 Mayberry(config-if)# frame-relay map ip 199.1.1.3 53

Access-list – Standard, Extended, Named R1(config)# access-list <1-99> [permit|deny] [src_ip|any|host] R1(config)# access-list <100-199> [permit|deny] [ip|icmp|tcp|udp|ospf|eigrp] [src_ip|any|host] {eq|gt|neq|lt} [dest_ip|any|host] {eq|gt|neq|lt} R1(config)# ip access-list [standard|extended] R1(config-std-acl)# deny R1(config-std-acl)# permit any

R1(config)# int s0 R1(config-if)# ip access-group [access-list-no|named-acl] [in|out]

Access-list – Control vty access R1(config)# access-list 50 permit 172.16.10.3 R1(config)# line vty 0 4 R1(config-line)# access-class 50 in

SSH Router(config)# hostname Todd Todd(config)# ip domain-name cisco.com Todd(config)# crypto key generate rsa general-keys modulus 1024 Todd(config)# ip ssh time-out 60 Todd(config)# ip ssh authentication-retries 3 Todd(config)# line vty 0 5 Todd(config-line)# transport input ssh telnet

Booting IOS Router(config)# config-register 0x2102 Router(config)# config-register 0x2101 Router(config)# config-register 0x2142

Default mode Load IOS fr ROM Ignore NVRAM, pwd recovery

IOS Configurations Admin Router# copy running-config startup-config Router# erase startup-config Router# reload

Switch – remote mgmt Switch(config)# ip default-gateway Switch(config)# int vlan 1 Switch(config-if)# ip address Switch(config-if)# no shutdown

IOS – Basics Router> enable Router# config t Router# hostname Todd Todd(config)# banner motd # $ Private network, only authorised personnel allowed. # Todd(config)# enable password cisco Todd(config)# enable secret secure Todd(config)# line vty 0 5 Todd(config-line)# password telnetpass Todd(config-line)# login Todd(config-line)# ^Z Todd(config)# line aux 0 Todd(config-line)# password auxpass Todd(config-line)# login Todd(config-line)# ^Z Todd(config)# line con 0 Todd(config-line)# password conpass Todd(config-line)# login Todd(config-line)# ^Z Todd(config)# exit Todd# disable Todd>

IOS – Interfaces Router(config)# int s0 Router(config-if)# ip address 10.10.11.1 255.255.255.0 Router(config-if)# no shutdown Router(config-if)# clock rate 1000000 For DCE only Router(config-if)# bandwidth 1000 Router# sh controllers s0 Interface Serial0 Hardware is GT96K DCE V.35, clock rate 1000000 Router# sh ip int brief Interface IP-Address FastEthernet0/0 unassigned FastEthernet0/1 unassigned Serial0/0/0 unassigned Serial0/1/0 unassigned Serial0/2/0 unassigned

Used for EIGRP, EIGRP, OSPF

Ok? Me Method YES un unset YES un unset YES unset YES unset YES unset

Status Protocol up up up up administratively down down administratively down down administratively down down

CCNA Flash Cards

Recommend Documents