Icnd 2 Promo

ICND2
Curriculum
640-816
Interconnecting Cisco Networking Devices Part 2

Version: Beta
Labs powered by
Interconnecting Cisco
Networking Devices Part 2
640-816 Curriculum
25 Century Blvd. Ste. 500

Nashville, TN 37214
www.boson.com
The labs referenced in this book correspond to some of the labs available in the Boson NetSim 8 Network
Simulator and have been printed in the Boson Lab Guide, which is available for purchase. To learn more
about the Boson NetSim or to purchase and download the software, please visit www.boson.com/netsimcisco-network-simulator.
Copyright 2012 Boson Software, LLC. All rights reserved. Boson, Boson NetSim, Boson Network
Simulator, and Boson Software are trademarks or registered trademarks of Boson Software, LLC. Catalyst,
Cisco, and Cisco IOS are trademarks or registered trademarks of Cisco Systems, Inc. in the United States
and certain other countries. Media elements, including images and clip art, are the property of Microsoft.
All other trademarks and/or registered trademarks are the property of their respective owners. Any use of a
third-party trademark does not constitute a challenge to said mark. Any use of a product name or company
name herein does not imply any sponsorship of, recommendation of, endorsement of, or affiliation with
Boson, its licensors, licensees, partners, affiliates, and/or publishers.
iv
2012 Boson Software, LLC
ICND2 Table of Contents
Module 1: Troubleshooting Networks............................................................................................1

Overview..................................................................................................................................................... 2
Objectives................................................................................................................................................... 2
Understanding the Systematic Approach................................................................................................... 3
Understanding Troubleshooting Techniques............................................................................................... 5
Understanding the OSI Model.............................................................................................................. 5
Implementing the OSI Techniques....................................................................................................... 6
Understanding the Bottom Up Troubleshooting Technique......................................................... 6
Understanding the Top Down Troubleshooting Technique.......................................................... 6
Understanding the Divide and Conquer Troubleshooting Technique.......................................... 7
Implementing the Non-OSI Techniques............................................................................................... 8
Understanding the Follow the Path Troubleshooting Technique................................................. 8
Understanding the Move the Problem Troubleshooting Technique............................................. 8
Understanding the Spot the Difference Troubleshooting Technique........................................... 9
Understanding show Commands............................................................................................................. 10
Understanding debug Commands........................................................................................................... 12
Understanding the ping Command.......................................................................................................... 13
Understanding the traceroute Command................................................................................................ 14
Review Question 1.................................................................................................................................... 15
Review Question 2.....................................................................................................................................17
Review Question 3.................................................................................................................................... 19
Lab Exercises........................................................................................................................................... 21
Module 2: Implementing VLSMs and Summarization................................................................23

Overview................................................................................................................................................... 24
Objectives................................................................................................................................................. 24
Implementing VLSMs................................................................................................................................ 25
Understanding Subnets............................................................................................................................ 26
Understanding Subnetting........................................................................................................................ 27
Understanding VLSMs.............................................................................................................................. 28
Implementing Route Summarization......................................................................................................... 31
Understanding Discontiguous Subnets.............................................................................................. 32
Understanding Routing Protocols............................................................................................................. 33
Configuring Classless Summarization...................................................................................................... 34
Choosing a Route..................................................................................................................................... 36
Review Question 1.................................................................................................................................... 38
Review Question 2.................................................................................................................................... 40
Lab Exercises........................................................................................................................................... 42
Module 3: Implementing ACLs......................................................................................................43

Overview................................................................................................................................................... 44
Objectives................................................................................................................................................. 44
Understanding ACLs................................................................................................................................. 45
Understanding Wildcard Masks................................................................................................................ 46
Configuring Standard ACLs...................................................................................................................... 47
Configuring Extended ACLs..................................................................................................................... 50
Understanding ACL Sequencing.............................................................................................................. 54
Applying ACLs to an Interface.................................................................................................................. 57
Verifying and Troubleshooting ACLs......................................................................................................... 59
Understanding Advanced ACLs................................................................................................................ 60
Time-based ACLs............................................................................................................................... 60
Dynamic ACLs (lock and key)............................................................................................................. 60
Reflexive ACLs................................................................................................................................... 61
Configuring ACLs to Control Router Access............................................................................................ 62
Other Uses for ACLs................................................................................................................................. 63
Review Question 1.................................................................................................................................... 64
Review Question 2.................................................................................................................................... 66
Review Question 3.................................................................................................................................... 68
Lab Exercises........................................................................................................................................... 70
Module 4: Implementing NAT and PAT.........................................................................................71

Overview................................................................................................................................................... 72
Objectives................................................................................................................................................. 72
Why Implement NAT?............................................................................................................................... 73
Understanding Inside Networks and Outside Networks............................................................................74
Configuring NAT Interfaces...................................................................................................................... 75
Understanding Local Addresses and Global Addresses.......................................................................... 76
Understanding NAT Address Types.......................................................................................................... 77
Understanding NAT Configuration Types................................................................................................. 78
Understanding Static NAT.................................................................................................................. 79
Configuring Static NAT....................................................................................................................... 80
Understanding Dynamic NAT............................................................................................................. 81
Configuring Dynamic NAT.................................................................................................................. 82
Understanding PAT............................................................................................................................ 84
Configuring PAT................................................................................................................................. 85
Troubleshooting and Repairing NAT......................................................................................................... 87
Review Question 1.................................................................................................................................... 89
Review Question 2 . ................................................................................................................................. 91
Lab Exercises........................................................................................................................................... 93
Module 5: Implementing IPv6........................................................................................................95

Overview................................................................................................................................................... 96
Objectives................................................................................................................................................. 96
Understanding the Differences Between IPv4 and IPv6.......................................................................... 97
Understanding IPv6 Address Composition............................................................................................... 98
vi
Abbreviating IPv6 Addresses............................................................................................................. 99

Understanding IPv6 Address Prefixes.................................................................................................... 101
Understanding IPv6 Address Types....................................................................................................... 102
Understanding Global Unicast Addresses and Route Aggregation........................................................ 105
Understanding IPv6 Address Configuration........................................................................................... 107
Understanding EUI-64 Interface IDs................................................................................................ 108
Understanding Stateful and Stateless Address Configuration......................................................... 109
Using IPv6 in an IPv4 World....................................................................................................................110
Dual Stack.........................................................................................................................................111
NAT-PT..............................................................................................................................................112
Tunneling...........................................................................................................................................113
Routing IPv6............................................................................................................................................114
Review Question 1...................................................................................................................................115
Review Question 2...................................................................................................................................117
Review Question 3...................................................................................................................................119
Lab Exercises..........................................................................................................................................121
Module 6: Implementing VLANs and Trunking.........................................................................123

Overview................................................................................................................................................. 124
Objectives............................................................................................................................................... 124
VLAN Overview...................................................................................................................................... 125
What Do VLANs Do?........................................................................................................................ 127
IP Addressing Using VLANs................................................................................................................... 128
Creating and Configuring VLANs........................................................................................................... 129
Verifying VLANs..................................................................................................................................... 130
Access Ports............................................................................................................................................131
Configuring Access Ports....................................................................................................................... 132
Verifying VLAN Membership.................................................................................................................. 133
Trunk Ports.............................................................................................................................................. 134
Trunk Encapsulation Methods.......................................................................................................... 135
Configuring Trunk Ports.......................................................................................................................... 136
Understanding and Configuring DTP.......................................................................................................137
Verifying Port Configuration.................................................................................................................... 139
Verifying Access Ports..................................................................................................................... 139
Verifying Trunk Ports........................................................................................................................ 140
Understanding and Configuring VTP...................................................................................................... 142
VTP Domains................................................................................................................................... 143
VTP Version..................................................................................................................................... 144
VTP Modes...................................................................................................................................... 145
VTP Operation................................................................................................................................. 146
VTP Pruning..................................................................................................................................... 148
Verifying VTP.......................................................................................................................................... 149
Understanding InterVLAN Routing......................................................................................................... 150
vii
Configuring InterVLAN Routing...............................................................................................................151

Troubleshooting VLANs and InterVLAN Routing.................................................................................... 153
Review Question 1.................................................................................................................................. 154
Review Question 2.................................................................................................................................. 156
Review Question 3.................................................................................................................................. 158
Lab Exercises......................................................................................................................................... 160
Module 7: Implementing STP......................................................................................................161

Overview................................................................................................................................................. 162
Objectives............................................................................................................................................... 162
Understanding STP................................................................................................................................. 163
Root Switch Election .............................................................................................................................. 164
Path Costs.............................................................................................................................................. 167
Determining Port Roles........................................................................................................................... 168
Root Port.......................................................................................................................................... 168
Designated Port................................................................................................................................ 168
STP Port States...................................................................................................................................... 169
STP Timers..............................................................................................................................................170
Understanding RSTP...............................................................................................................................171
Differences Between STP and RSTP...............................................................................................172
Understanding RSTP Port States......................................................................................................173
RSTP Alternate and Backup Port Roles............................................................................................174
Understanding Cisco Implementations of STP........................................................................................175
PVST+...............................................................................................................................................176
PVRST+............................................................................................................................................ 177
MSTP.................................................................................................................................................178
Cisco Enhancements to STP...................................................................................................................179
PortFast............................................................................................................................................ 180
BPDU Guard.....................................................................................................................................181
Loop Guard...................................................................................................................................... 182
Root Guard....................................................................................................................................... 183
Review Question 1.................................................................................................................................. 184
Review Question 2.................................................................................................................................. 186
Lab Exercises......................................................................................................................................... 188
Module 8: Implementing Switch Security..................................................................................189

Overview................................................................................................................................................. 190
Objectives............................................................................................................................................... 190
Establishing Written Security Policies.................................................................................................... 191
Securing Access..................................................................................................................................... 192
Restricting Physical Access to the Switch........................................................................................ 193
Creating Secure Passwords for Console and Remote Access........................................................ 194
Creating a Secure Password for Privileged EXEC Mode Access.................................................... 195
viii
Encrypting Passwords on the Switch............................................................................................... 196

Securing, Disabling, or Replacing Vulnerable Services................................................................... 197
Configuring Warning Banners.......................................................................................................... 199
Securing Switch Ports............................................................................................................................ 200
Disabling Unused Ports.................................................................................................................... 201
Securing Trunk and Access Ports.................................................................................................... 202
Restricting Ports by Client MAC Address......................................................................................... 203
Understanding 802.1X Port-based Authentication........................................................................... 205
How 802.1X Port-based Authentication Works ............................................................................... 206
Configuring 802.1X Port-based Authentication................................................................................ 207
Securing VLAN 1.................................................................................................................................... 208
Securing Spanning Tree Protocol........................................................................................................... 209
Configuring Root Guard................................................................................................................... 210
Configuring BPDU Guard..................................................................................................................211
Logging..............................................................................................................................................212
Configuring Accurate Time................................................................................................................213
Configuring Log Severity Levels........................................................................................................214
Configuring and Using a Logging Server..........................................................................................215
Review Question 1.................................................................................................................................. 216
Review Question 2...................................................................................................................................218
Lab Exercises......................................................................................................................................... 220
Module 9: Routing Fundamentals...............................................................................................221

Overview................................................................................................................................................. 222
Objectives............................................................................................................................................... 222
Understanding Router Path Selection.................................................................................................... 223
Understanding Static Routes.................................................................................................................. 224
Understanding Dynamic Routes............................................................................................................. 225
Understanding AD.................................................................................................................................. 226
Understanding Routing Metrics.............................................................................................................. 228
Understanding Autonomous Systems.................................................................................................... 229
Understanding Routing Protocols........................................................................................................... 230
Understanding the Types of IGPs........................................................................................................... 231
Understanding Distance-Vector Routing Protocols................................................................................ 232
Learning Distance-Vector Routes.................................................................................................... 233
Updating Distance-Vector Routes.................................................................................................... 234
Preventing Distance-Vector Problems.................................................................................................... 235
Understanding the Counting to Infinity Problem..................................................................................... 236
Understanding Maximum Counts..................................................................................................... 238
Understanding Routing Loops................................................................................................................ 239
Preventing Routing Loops................................................................................................................ 240
Understanding Link-State Routing Protocols...........................................................................................241
Learning Link-State Routes.............................................................................................................. 242
ix
Review Question 1.................................................................................................................................. 243

Review Question 2.................................................................................................................................. 245
Lab Exercises......................................................................................................................................... 247
Module 10 Implementing OSPF...................................................................................................249

Overview................................................................................................................................................. 250
Objectives............................................................................................................................................... 250
Understanding OSPF...............................................................................................................................251
Understanding OSPF Areas................................................................................................................... 252
Understanding OSPF Router Roles........................................................................................................ 253
Autonomous System Boundary Routers.......................................................................................... 253
Area Border Routers........................................................................................................................ 253
Backbone and Nonbackbone Routers............................................................................................. 254
Configuring OSPF................................................................................................................................... 255
Verifying OSPF....................................................................................................................................... 256
Understanding OSPF Adjacencies......................................................................................................... 258
Verifying OSPF Adjacencies................................................................................................................... 260
Troubleshooting OSPF Adjacencies....................................................................................................... 261
Understanding DR and BDR Elections................................................................................................... 262
Using Cost to Load Balance OSPF........................................................................................................ 263
Configuring OSPF Authentication........................................................................................................... 264
Review Question 1.................................................................................................................................. 267
Review Question 2.................................................................................................................................. 269
Review Question 3...................................................................................................................................271
Lab Exercises......................................................................................................................................... 273
Module 11: Implementing EIGRP................................................................................................275

Overview................................................................................................................................................. 276
Objectives............................................................................................................................................... 276
Understanding EIGRP............................................................................................................................ 277
Choosing Between OSPF and EIGRP............................................................................................. 278
Understanding EIGRP Adjacencies........................................................................................................ 279
Configuring Hello and Hold Timers.................................................................................................. 280
Understanding EIGRP Path Selection.................................................................................................... 281
Understanding Advertised Distance and Feasible Distance............................................................ 284
Understanding EIGRP Tables.......................................................................................................... 286
Configuring EIGRP................................................................................................................................. 288
Verifying and Troubleshooting EIGRP.................................................................................................... 290
Understanding EIGRP Load Balancing.................................................................................................. 292
Using Variance to Load Balance EIGRP.......................................................................................... 293
Understanding EIGRP Route Summarization......................................................................................... 295
Understanding EIGRP Authentication.................................................................................................... 296
Configuring EIGRP Authentication......................................................................................................... 297
Review Question 1.................................................................................................................................. 299

Review Question 2.................................................................................................................................. 301
Review Question 3.................................................................................................................................. 303
Review Question 4.................................................................................................................................. 305
Lab Exercises......................................................................................................................................... 307
Module 12: Implementing PPP....................................................................................................309

Overview..................................................................................................................................................310
Objectives................................................................................................................................................310
Implementing PPP...................................................................................................................................311
Establishing PPP Links............................................................................................................................312
Configuring PPP on a Router Interface...................................................................................................313
Configuring PPP Authentication..............................................................................................................314
Configuring Router Host Names, User Names, and Passwords.......................................................315
Configuring PAP Authentication........................................................................................................316
Configuring CHAP Authentication.....................................................................................................317
Configuring PAP and CHAP on the Same Interface.........................................................................318
Review Question 1...................................................................................................................................319
Review Question 2.................................................................................................................................. 321
Lab Exercises......................................................................................................................................... 323
Module 13: Implementing Frame Relay......................................................................................325

Overview................................................................................................................................................. 326
Objectives............................................................................................................................................... 326
Connecting to a Frame Relay Network................................................................................................... 327
Understanding Frame Relay Packets..................................................................................................... 328
Understanding Virtual Circuits................................................................................................................ 329
Enabling Frame Relay............................................................................................................................. 330
Understanding Frame Relay Topologies................................................................................................. 331
Full-Mesh Topology.......................................................................................................................... 331
Partial-Mesh Topology..................................................................................................................... 332
Hub-and-Spoke Topology................................................................................................................ 333
Working Around Split Horizon................................................................................................................. 334
Configuring Subinterfaces...................................................................................................................... 335
Configuring Point-to-Point Frame Relay........................................................................................... 336
Creating a Point-to-Point Subinterface............................................................................................. 337
Configuring Multipoint Frame Relay................................................................................................. 338
Creating a Multipoint Subinterface................................................................................................... 339
Configuring Frame Relay Maps.............................................................................................................. 340
Configuring Static Frame Relay Maps.............................................................................................. 341
Automatic Frame Relay Map Configuration...................................................................................... 342
Configuring LMI Signaling....................................................................................................................... 343
Configuring Inverse ARP........................................................................................................................ 344
xi
Configuring DLCIs................................................................................................................................... 345

Performing a Loopback Test................................................................................................................... 346
Review Question 1.................................................................................................................................. 347
Review Question 2.................................................................................................................................. 349
Lab Exercises......................................................................................................................................... 351
Module 14: Implementing VPNs..................................................................................................353

Overview................................................................................................................................................. 354
Objectives............................................................................................................................................... 354
Understanding the Purpose of a VPN..................................................................................................... 355
The Two Types of VPNs......................................................................................................................... 356
Understanding Site-to-Site VPNs..................................................................................................... 357
Understanding Remote Access VPNs............................................................................................. 359
Understanding the IPSec Protocol.......................................................................................................... 361
IPSec Encryption Methods............................................................................................................... 362
IPSec Data Integrity Methods.......................................................................................................... 363
IPSec Authentication Methods......................................................................................................... 364
Review Question 1.................................................................................................................................. 365
Review Question 2.................................................................................................................................. 367
Index..............................................................................................................................................369
xii
Module 1
Troubleshooting Networks
Module 1: Troubleshooting Networks
Overview
No network is without issues, whether those issues are caused by a configuration error, an external attack, or
even simple unexpected demands that do not fit the normal flow of traffic. Throughout this course, you will
be provided with information about commands that can be helpful for troubleshooting IP addressing schemes,
WAN networks, switches, routers, and the technologies that are implemented upon switches and routers. This
module will introduce you to the usage of basic network troubleshooting techniques and commands that will
help you understand how to apply the more specific commands that will be discussed later.
Objectives
After completing this module, you should have the basic knowledge required to complete all of the following
tasks:
Implement a systematic network troubleshooting technique.

Use show commands to monitor network operation.
Use debug commands to monitor network traffic in real time.
Use the ping command and the extended ping command.
Use the traceroute command.
Understanding the Systematic Approach

There are several troubleshooting techniques you can use to isolate a problem. Whatever technique you
use, you should implement the technique in a systematic, logical fashion. Unsystematic approaches to
troubleshooting, such as making assumptions about the cause of a problem without gathering all the facts
first, can lead to wasted time, can waste resources, and can make the problem worse.
When you are troubleshooting a problem on a network, Cisco recommends that you use the following
systematic approach:
1. Define the problem: Because an end user cannot always reliably communicate the details of a technical
problem, it is important to define the problem the user is experiencing in terms that are as technical as
possible. Narrowing the technical definition of the problem can help you identify a starting point for your
troubleshooting technique and immediately eliminate some possible causes of the problem. Ask the user a
series of questions that are designed to narrow down the problem as much as possible.
2. Gather facts: After you have defined the problem, you should gather information about the problem
by using troubleshooting tools, such as network sniffers, system logs, and output from show and debug
commands. The information that is gathered from these tools can help pinpoint the location of a problem and
narrow down the cause.
3. Consider the possibilities: Once you have gathered information about the problem, you should research
the potential causes. Troubleshooting documentation, reference guides, and online user groups can all be
sources of information about possible causes of a problem. After you consider the possibilities, you might
discover that the original definition of the problem is not accurate. Therefore, you might need to return to the
first step and define the problem again.
4. Create an action plan: After you define the problem and determine the cause, you should create a plan
that details the steps you will take to solve the problem. In the plan, you should completely document the
effects of any changes you intend to make to the configuration of the network or device. Stepping through the
plan and knowing what you have and have not done will assist you in backing out any changes you make that
negatively affect the network.
5. Implement an action plan: Once the creation of your action plan is complete, you should implement it in
a step-by-step fashion. The first configuration changes you make while implementing your plan should be the
changes that have only minimal effect on users, thus preventing unnecessary user downtime. You should also
continue to document any changes you make and the effects of those changes on the network.
6. Observe results: After you make a change to the network, you should examine the results of that change
before you make any other changes. If the change does not solve the original problem, could create other
problems, or does not otherwise positively affect the network, you should back out the change and reconsider
the possible causes of the original problem.
7. Document the solution: If you have solved the problem, you should document the solution step-by-step
so that the solution is simple to implement or to back out when you next implement it. If you were not able to
solve the problem, you should return to the second step in the process and begin gathering facts again.
Understanding Troubleshooting Techniques

Understanding the OSI Model
The Open Systems Interconnection (OSI) reference model is a conceptual representation of computer
networking that is divided into the following seven layers:
Layer 7 Application
Layer 6 Presentation
Layer 5 Session
Layer 4 Transport
Layer 3 Network
Layer 2 Data Link
Layer 1 Physical
Individual layers of the OSI reference model can be referenced by name or by number. For example, the terms
Data Link layer and Layer 2 are interchangeable when referring to the second layer of the OSI reference
model. Technologies operating at each layer of the OSI model pass relevant information to technologies
operating at adjacent layers. When information is passed down the OSI layers, each layer encapsulates the
information with its own formatting and passes it to the next-lower layer; eventually, the information is
transmitted as bits at the Physical layer. When information is passed up the OSI layers, each layer removes its
formatting and organizes the information so that it can be interpreted by the next-higher layer.
Implementing the OSI Techniques
Understanding the Bottom Up Troubleshooting Technique

The bottom up method of network troubleshooting begins at the Physical layer of the OSI reference model
and works through the other layers, one-by-one, toward the Application layer until the problem is isolated.
For example, an administrator who is troubleshooting a workstation that can no longer connect to the network
might choose to first check the workstations physical connection to the network, such as checking for a loose
cable. If the cable is not loose, the administrator might decide to proceed to the Data Link layer of the OSI
reference model, then to the Network Layer, and so on.
Understanding the Top Down Troubleshooting Technique

The top down troubleshooting technique starts at the Application layer and works toward the Physical
layer of the OSI reference model. An administrator using the top down method of network troubleshooting
might begin the process by examining or restarting the network applications on a workstation that has lost
connectivity to the network.
Understanding the Divide and Conquer Troubleshooting Technique

The divide and conquer troubleshooting technique starts at the Network layer and works either up or down
the OSI model depending on the outcome of network tests, such as the ping command. For example, an
administrator who is using the divide and conquer method to troubleshoot a workstation that has lost
connectivity to the network might receive a successful reply to a ping command from that workstation
and, based on that result, might decide to move on to the Transport layer of the OSI model. However, an
administrator who does not receive a successful reply to the ping command from the workstation might
choose to check for a valid IP address at the Network layer, then for a port-security or Spanning Tree Protocol
(STP) problem at the Data Link layer, and then for a cable-connection problem at the Physical layer.
Implementing the Non-OSI Techniques
Understanding the Follow the Path Troubleshooting Technique

The follow the path troubleshooting technique is a packet-examination method of network troubleshooting.
An administrator who chooses to use the follow the path method might issue a traceroute command to
determine the location of a broken hop in a route. For example, if a traceroute command that is issued
from a workstation that has lost connectivity to the network ends at a device that is two hops away from
the workstation, the problem is most likely located on or beyond the device two hops away, not on the
workstation.
Understanding the Move the Problem Troubleshooting Technique

The move the problem troubleshooting technique is the process of replacing components to determine
whether the problem remains on the original device or moves with the suspect component. For example, an
administrator who suspects that a bad Ethernet cable is the cause of a loss of network connectivity might
choose to replace the cable with a known good one. If the known good cable restores network connectivity on
the affected device, the original cable is most likely bad and should be permanently replaced with a known
good cable.
Understanding the Spot the Difference Troubleshooting Technique

The spot the difference troubleshooting technique is the process of comparing a faulty configuration with
a known good configuration. An administrator who uses the spot the difference method might look for
differences in the two configurations that could cause or contribute to the loss of network connectivity. For
example, an administrator who is troubleshooting a workstation that cannot connect to the network might
choose to compare the IP address configuration of a computer that can connect to the network with the IP
address configuration of the affected workstation.
Understanding show Commands

IOS show commands provide information about a device or network activity that is static or collected over
a period of time. The commands can be helpful in isolating configuration problems, detecting network
congestion, or displaying the current status of a device or its components. You should typically issue show
commands in privileged EXEC mode.
Commands such as show ip route and show spanning-tree display information related to the normal
network operation of a Cisco device. The show ip route command displays a routers routing table. The show
spanning-tree command displays STP information on a switch.
Commands such as show cdp neighbors provide status information. The show cdp neighbors command
provides information based on data gathered by Cisco Discovery Protocol (CDP) about devices that are
connected to the device on which you issue the command. You can use show cdp neighbors to help
troubleshoot Layer 1 and Layer 2 problems on a device.
Commands such as show interfaces and show controllers provide statistics about a device. The show
interfaces command displays statistics about a single interface or all the interfaces on a device, depending
on how the command is issued. The show controllers command displays statistics about interface card
controllers. For example, you can use show controllers to determine which side of a serial connection is the
data terminal equipment (DTE) side and which is the data communications equipment (DCE) side.
Some show commands provide more static information about a device. For example, the show version
command provides information about the version of IOS that is running on a Cisco device. You can also use
show version to determine whether enough RAM exists on the device to support an IOS upgrade and to view
10
the configuration register, which determines the order of the device boot process. Similarly, the show flash
command provides memory usage information and displays the contents of Flash memory.
Other show commands that provide static information are show running-config, which displays the device
configuration that is currently loaded in memory, and show startup-config, which displays the device
configuration that will be loaded the next time the device is restarted or the configuration is reloaded.
11
Understanding debug Commands

IOS debug commands enable an administrator to view traffic and information in real time, as it happens
on the device. However, debug commands can significantly increase the use of device resources and can
degrade performance. Therefore, you should use debug commands only to troubleshoot a problem, not to
monitor normal network traffic.
You should typically issue debug commands from privileged EXEC mode. After you have gathered all the
information you need from the output of a debug command, you can disable debugging by issuing the no
form of the specific debug command, or by issuing the no debug all command in privileged EXEC mode.
You can take steps to minimize the effects of debug commands on device performance. For example, you can
issue the no logging console command to disable the echoing of debugging output to the console. Logging
debugging output to the console increases the CPU load on the device. After you disable logging to the
console, you can issue the terminal monitor command to display debugging output to the Telnet or Secure
Shell (SSH) session you use to connect to the device.
12
Understanding the ping Command

The ping command is one of the most common network troubleshooting tools. A version of the ping
command exists on Microsoft Windows, on Mac OS X, and on typical Linux distributions. The ping
command can be used to test a hosts connection to the network by sending Internet Control Message
Protocol (ICMP) Echo messages to another hosts IP address. If the source host receives an ICMP Echo Reply
message from the remote host, the ping command has verified two things: that the source host is connected
to the network and that the remote host is reachable on the network.
The ping command is typically issued with a single parameter, which is the IP address or Domain Name
System (DNS) host name of the remote host that you want to ping. On workstation operating systems such as
Microsoft Windows, you can also issue the ping 127.0.0.1 or ping localhost command to determine whether
the Transmission Control Protocol (TCP)/IP stack has been successfully installed on the workstation.
The IOS version of ping works similarly to the versions that exist on other operating systems. However,
if you issue the ping command from the Cisco IOS without parameters, IOS enters extended ping mode.
Extended ping mode provides a series of prompts for information about how you want to issue the ping
command. For example, you can choose to use a protocol other than IP, choose a different timeout value other
than the 2-second default, and you can enter the number of times the command should repeat its attempt to
communicate with the remote host. If you issue the ping command in normal mode, IOS will ping the remote
device five times. You should issue the ping command from privileged EXEC mode.
13
Understanding the traceroute Command

Similar to the ping command, the traceroute command is another troubleshooting tool that is common
across platforms. The traceroute command is designed to trace the route of a packet from a source to a
destination. The information that is provided by the traceroute command is useful in helping to determine
where problems exist along a path to a destination. The syntax of the traceroute command is traceroute
host, where host is the IP address or DNS host name of a remote device. For example, if you wanted to trace a
packet from a source host to boson.com, you would issue the traceroute boson.com command in privileged
EXEC mode.
The traceroute command works by sending User Datagram Protocol (UDP) traffic with a time to live
(TTL) value of 1 to an invalid port number at a remote host. The low TTL causes the device at each hop, or
router, along the path to the destination to reply to the UDP traffic with an ICMP Time Exceeded Message
(TEM), which means that the device at the hop received and discarded the UDP traffic. The source host then
sends additional probes to the device at the hop. The TTL is increased by 1 after every third probe. The IP
address of the device at the hop is used by the source host to build a list of hops until the UDP traffic finally
reaches its destination, at which point the destination host will send a Destination Unreachable message. The
Destination Unreachable message means that the destination received the traffic but was unable to direct it to
a valid UDP port. The traceroute command will display the * symbol if the timer expires before it receives
either a TEM or a Destination Unreachable message from a device at a hop or from the destination device.
Similar to the extended ping command, there is an extended form of the traceroute command that enables
you to specify a protocol other than IP, change the default timeout, change the probe count, and change the
maximum TTL. It is important to note that setting a maximum TTL that is too low can cause the traceroute
command to time out before the UDP traffic reaches its destination.
14
Review Question 1
15
There are several troubleshooting techniques you can use to isolate a problem. Whatever technique you
use, you should implement the technique in a systematic, logical fashion. Unsystematic approaches to
troubleshooting, such as making assumptions about the cause of a problem without gathering all the facts
first, can lead to wasted time, wasted resources, and a worse problem. When you are troubleshooting a
problem on a network, Cisco recommends that you begin by defining the problem.
Because an end user cannot always reliably communicate the details of a technical problem, it is important
to define the problem the user is experiencing in terms that are as technical as possible. Narrowing the
technical definition of the problem can help you identify a starting point for your troubleshooting technique
and immediately eliminate some possible causes of the problem. Ask the user a series of questions that are
designed to narrow down the problem as much as possible.
16
Review Question 2
17
The ping command is one of the most common network troubleshooting tools. The ping command can be
used to test a hosts connection to the network by sending Internet Control Message Protocol (ICMP) Echo
messages to another hosts IP address. If the source host receives an ICMP Echo Reply message from the
remote host, the ping command has verified two things: that the source host is connected to the network and
that the remote host is reachable on the network.
The traceroute command works by sending User Datagram Protocol (UDP) traffic with a time to live (TTL)
value of 1 to a remote host. The low TTL causes the device at each hop, or router, along the path to the
destination to reply to the UDP traffic with an ICMP Time Exceeded Message (TEM), which means that the
device at the hop received and discarded the UDP traffic. The source host then sends additional probes to
the device at the hop. The TTL is increased by 1 after every third probe. The IP address of the device at the
hop is used by the source host to build a list of hops until the UDP traffic finally reaches its destination, at
which point the destination host will send a Destination Unreachable message. The Destination Unreachable
message means that the destination received the traffic but was unable to direct it to a valid UDP port. The
traceroute command will display the * symbol if the timer expires before it receives either a TEM or a
Destination Unreachable message from a device at a hop or from the destination device.
18
Review Question 3
19
The top down troubleshooting technique starts at the Application layer and works toward the Physical layer
of the Open Systems Interconnection (OSI) reference model. An administrator using the top down method
of network troubleshooting might begin the process by examining or restarting the network applications on a
workstation that has lost connectivity to the network.
The bottom up method of network troubleshooting begins at the Physical layer of the OSI reference model
and then works through the other layers, one-by-one, toward the Application layer until the problem is
isolated. For example, an administrator who is troubleshooting a workstation that can no longer connect
to the network might choose to first check the workstations physical connection to the network, such as
checking for a loose cable. If the cable is not loose, the administrator might decide to proceed to the Data
Link layer of the OSI reference model, then to the Network Layer, and so on.
The divide and conquer troubleshooting technique starts at the Network layer and works either up or down
the OSI model depending on the outcome of network tests, such as the ping command. For example, an
administrator who is using the divide and conquer method to troubleshoot a workstation that has lost
connectivity to the network might receive a successful reply to a ping command from that workstation
and, based on that result, might decide to move on to the Transport layer of the OSI model. However, an
administrator who does not receive a successful reply to the ping command from the workstation might
choose to check for a valid IP address at the Network layer, then for a port-security or Spanning Tree Protocol
(STP) problem at the Data Link layer, and then for a cable-connection problem at the Physical layer.
20
Lab Exercises
21
Organizational and Volume Customers

Boson Softwares outstanding IT training tools serve the skill development needs of organizations such
as colleges, technical training educators, corporations, and governmental agencies. If your organization
would like to inquire about volume opportunities and discounts, please contact Boson Software at
orgsales@boson.com.
Contact Information
E-Mail:
Phone:

Fax:
Address:

support@boson.com
877-333-EXAM (3926)
615-889-0121
615-889-0122
25 Century Blvd. Ste. 500
Nashville, TN 37214
b o s o n.c o m
8 7 7 . 3 3 3 . 3 9 2 6
support@boson.com
C o p y r i g h t 2 012 B o s o n S o f t w a r e , L L C . A l l r i g h t s r e s e r v e d . 3 -15 -12

Icnd 2 Promo

Caricato da

Informazioni sul documento

Descrizione originale:

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Icnd 2 Promo

Caricato da

Copyright:

Formati disponibili

ICND2

Interconnecting Cisco Networking Devices Part 2

25 Century Blvd. Ste. 500

2012 Boson Software, LLC

ICND2 Table of Contents

Module 1: Troubleshooting Networks............................................................................................1

Module 2: Implementing VLSMs and Summarization................................................................23

Module 3: Implementing ACLs......................................................................................................43

2012 Boson Software, LLC

ICND2 Table of Contents

Module 4: Implementing NAT and PAT.........................................................................................71

Module 5: Implementing IPv6........................................................................................................95

2012 Boson Software, LLC

ICND2 Table of Contents

Abbreviating IPv6 Addresses............................................................................................................. 99

Module 6: Implementing VLANs and Trunking.........................................................................123

2012 Boson Software, LLC

ICND2 Table of Contents

Configuring InterVLAN Routing...............................................................................................................151

Module 7: Implementing STP......................................................................................................161

Module 8: Implementing Switch Security..................................................................................189

2012 Boson Software, LLC

ICND2 Table of Contents

Encrypting Passwords on the Switch............................................................................................... 196

Module 9: Routing Fundamentals...............................................................................................221

2012 Boson Software, LLC

ICND2 Table of Contents

Review Question 1.................................................................................................................................. 243

Module 10 Implementing OSPF...................................................................................................249

Module 11: Implementing EIGRP................................................................................................275

2012 Boson Software, LLC

ICND2 Table of Contents

Review Question 1.................................................................................................................................. 299

Module 12: Implementing PPP....................................................................................................309

Module 13: Implementing Frame Relay......................................................................................325

2012 Boson Software, LLC

Configuring DLCIs................................................................................................................................... 345

Module 14: Implementing VPNs..................................................................................................353

2012 Boson Software, LLC

Module 1: Troubleshooting Networks

2012 Boson Software, LLC

Module 1: Troubleshooting Networks

Implement a systematic network troubleshooting technique.

2012 Boson Software, LLC

Module 1: Troubleshooting Networks

Understanding the Systematic Approach

Module 1: Troubleshooting Networks

2012 Boson Software, LLC

Module 1: Troubleshooting Networks

Understanding Troubleshooting Techniques

2012 Boson Software, LLC

Module 1: Troubleshooting Networks

Implementing the OSI Techniques

Understanding the Bottom Up Troubleshooting Technique

Understanding the Top Down Troubleshooting Technique

2012 Boson Software, LLC

Module 1: Troubleshooting Networks

Understanding the Divide and Conquer Troubleshooting Technique

2012 Boson Software, LLC

Module 1: Troubleshooting Networks

Implementing the Non-OSI Techniques

Understanding the Follow the Path Troubleshooting Technique

Understanding the Move the Problem Troubleshooting Technique