Está en la página 1de 49

Ti liu n tp CCNA

Version 2.0

Bin son:
Phm nh Thng ng Hong Khnh

-1-

Lu hnh ni b
Thng 2/2009
MC LC
I.

M HNH OSI V TCP/IP............................................................................5

I.1 M hnh OSI :............................................................................................................................5


I.2 M hnh TCP/IP:........................................................................................................................6
I.3 Qu trnh truyn d liu gia 2 my:.........................................................................................7

II. THIT B C BN: HUB, SWITCH, ROUTER:.......................................8


II.1 Hub:..........................................................................................................................................8
II.2 Switch:......................................................................................................................................8
II.3 Switch lp MAC Address Table nh th no? Switch s dng bng ny ra sao?...................9
II.4 Router:......................................................................................................................................9
II.5 Cable:........................................................................................................................................9
II.6 C ch ARP:.............................................................................................................................9

III. CISCO IOS.....................................................................................................11


III.1 Cc b nh bn trong Router:...............................................................................................11
III.2 Tin trnh khi ng ca Router...........................................................................................11
III.3 Gi tr thanh ghi ca Router (Configuration Register):........................................................12
III.4 Cc mode cu hnh ca Cisco IOS........................................................................................13

IV. SWITCHING:................................................................................................13
-2-

IV.1 Spanning-Tree Protocol (STP):............................................................................................13


IV.2 SwitchPort Port-Security......................................................................................................15
IV.3 VLAN...................................................................................................................................16
IV.4 Trunking................................................................................................................................16
IV.5 VTP.......................................................................................................................................17
IV.6 Routing Inter-VLAN.............................................................................................................19

V. ROUTING......................................................................................................20
V.1 IP addressing..........................................................................................................................20
V.2 Cc loi routing......................................................................................................................21
V.2.1 Distance vector Routing......................................................................................................24
V.2.2 Link state Routing...............................................................................................................25
V.3 RIP v1 (Routing Information Protocol).................................................................................26
V.4 RIP V2....................................................................................................................................28
V.5 OSPF (Open Shortest Path First)...........................................................................................29
V.6 EIGRP....................................................................................................................................34

VI. ACCESS-LIST...............................................................................................37
VII.1 Cc khi nim: inside local, inside global, outside global, outside local............................38
VII. 2 Phn loi theo cu hnh.......................................................................................................39
VII.3 p dng ln interface..........................................................................................................39

VIII.WIRELESS:..................................................................................................40
VIII.1 im khc nhau gia WLAN v LAN..............................................................................40
VIII.2 Cc m hnh Wireless........................................................................................................40
VIII.3 Cc chun 802.11...............................................................................................................41

-3-

VIII.4 Bo mt trong Wireless......................................................................................................41

IX. WAN:..............................................................................................................41
IX.1 Frame Relay..........................................................................................................................41
IX.2 PPP........................................................................................................................................45

IX.2 PPP

-4-

N TP CCNA
I.

M HNH OSI V TCP/IP


I.1 M hnh OSI

M hnh OSI ch l m hnh tham chiu, mc ch: gip hiu r vic truyn
thng gia cc my (Simplifies teaching and learning), gim s phc tp khi
truyn thng (Reduces complexity), chun ha cc cng (Standardizes
interfaces), tr gip thit k kiu module (Facilitates modular engineering),
m bo tnh tng thch (Ensures interoperable technology)
C 7 lp: Anh Phi Sng Theo Ngi a Phng

Application: Cung cp dch v ng dng mng, chu trch nhim xc


nh cc u cui giao tip, ng b thng tin gia cc ng dng.
FTP(20,21); HTTP(80); Telnet(23); SMTP(25); TFTP(69); DNS(53);
POP3(110); SNMP(161); DHCP(67,68)
Presentation: Cung cp chc nng m ha v chuyn i cc nh dng
dng trong lp Application. ASCII; JPEG; GIF; MPEG; WMA;
Session: Thit lp cc phin giao tip, iu khin v duy tr cc phin
giao tip gia cc ng dng khc nhau gia 2 my (phn port). Example:
NetBiOS, X-Windows
Transport: Chia d liu thnh cc segments nh hn, thit lp kt ni
end-to-end (logical) v Chu trch nhim v truyn d liu gia cc u
cui. Connection Oriented v Connectionless. iu khin lung, ghp
knh, kim tra li v khi phc li. TCP/UDP
Network: nh ngha a ch logical cho cc u cui v thit lp tuyn
ng i tt nht (nh tuyn) cho cc packets. ng gi cc segment
thnh cc packets. IP, IPX, Apple Talk. Thit b: router
-5-

DataLink: ng gi cc packets thnh cc frames truyn i v xc


nh m hnh mng nh : BUS, STAR hoc RING. Gm 2 lp con:
MAC lin quan n lp Physical; LLC(Logical Link Control) lin quan
n lp Netwrok. 802.3(Ethernet/Fast Ethernet), 802.3z(Gigabit
Ethernet), 802.5(Token Ring), FDDI, HDLC, PPP, Frame Relay. Thit
b lin quan: Switch layer 2
Physical: Chuyn i cc Frames thnh cc bits v truyn i di dng
cc mc in p qua cc ng truyn vt l nh cc loi cpChun
ha v mt in, c kh, chc nng ca cc cng. CAT3, CAT5, V.35,
EIA/TIA-232, EIA/TIA-449. Thit b lin quan: Hub

I.2 M hnh TCP/IP


Gn hn so vi m hnh OSI, ch cn 4 lp:
Application: bao gm 3 lp cui cng (5, 6, 7) ca m hnh OSI
Transport
Internet
Network Access: bao gm 2 lp u tin ca m hnh OSI
M hnh TCP/IP c p dng cho Internet hin gi.

-6-

I.3 Qu trnh truyn d liu gia 2 my

-7-

I.

D liu t lp 7 a xung lp 6 v 5. Lp 4 phn chui data thnh cc


segment v a xung lp 3. Lp 3 chn thm vo mi segment a ch
IP ngun v ch (IP header), to thnh cc packet, a xung lp 2. Lp
2 ng gi mi packet bng cc thng tin lp 2 (Frame Header) v phn
kim tra li (Frame Trailer), to thnh frame, a xung lp 1. Lp 1
chuyn cc bit 0,1 trong frame thnh cc mc in p v truyn qua cc
mi trng vt l khc nhau.

THIT B C BN: HUB, SWITCH, ROUTER:


II.1 Hub
Thit b layer 1, ch tip nhn v khuch i tn hiu, c dng trong
cc trng hp cn m rng phm vi mng.
Hot ng ch half-duplex (trong mt thi im ch truyn hoc
nhn d liu t mt my, khc vi full-duplex c th va truyn va
nhn cng thi im).
Dng c ch CSMA/CD pht hin ng .
Mt host mun truyn d liu i th trc ht phi lng nghe xem
mng c bn khng.
Hub khng hiu MAC
Mt hub c coi nh l 1 collision domain.
II.2 Switch
-

Thit b layer 2, x l v truyn cc frame da vo MAC table.


Mc nh hot ng ch full-duplex nu c 1 my tnh gn vo
cng ca SW, khng dng c ch CSMA/CD trong mode ny
Mt switch c coi l mt broadcast domain (nu frame c a ch
MAC ch l broadcast th tt c cc my u nhn c). Nu switch c
h tr chia VLAN th mi VLAN l mt broadcast domain (tng ng
vi mt mng) v switch tm thi b chia ra thnh nhiu switch con.
C 3 kiu truyn frame trong switch:
-8-

Store and Forward: nhn ton b 1 frame, kim tra li, nu frame tt
th truyn, nu b li th drop. Kiu truyn chm nht nhng m bo
tin cy cho mng.
Cut through: c a ch MAC ch v gi frame ngay lp tc, khng
kim tra li. Truyn nhanh nhng khng m bo tin cy. Thch
hp vi cc thit b c CPU yu, b m t.
Fragment-Free: c 64 byte u tin ca frame v truyn frame i (64
byte l di nh nht ca 1 frame hon chnh). Trnh c a s
cc li do ng , tuy nhin vn khng m bo tin cy nh Store
and Forward.
II.3 MAC Address Table
Switch lp MAC Address Table nh th no? Switch s dng bng ny
ra sao?
Switch hc cc a ch MAC ngun (source MAC) khi frame i qua
switch v a vo MAC address tabe (MAC address + port). Nu switch
nhn frame c a ch MAC l broadcast, multicast hay unknown unicast
th pht frame ra tt c cc port tr port nhn frame. Nu a ch
ch ca frame m switch nhn c l known unicast th switch da vo
MAC address table pht frame ra chnh xc port cn nhn.
Gii thch ti sao khi show MAC address table th thy 1 port c nhiu
MAC i km?

II.4 Router
Thit b layer 3, phn nh bin gii ca cc network, thc hin chc
nng nh tuyn.
Router ngn chn broadcast
Thc hin vic lc cc gi tin
II.5 Cable
Serial cable
Straight-through cable
Cross-over cable
Rolled-over cable
-9-

II.6 C ch ARP
Cc ng dng cn a ch IP lin lc vi nhau, trong khi vic truyn
cc frame li cn a ch MAC. Cn c c ch nh x gia IP v MAC
m bo truyn nhn cho ng. ARP a ra thc hin nhim v
mapping gia IP v MAC address. My trm s pht ARP request hi
MAC ca mt IP no . My c IP c truy vn s tr li a ch
MAC ca n. My request s lm ng tc cache li MAC v a ch IP
tm.

Thng thng, my tnh s cache thng tin v IP v MAC ca cc my


trong mng cng vi MAC v IP ca default gateway.

- 10 -

I.

CISCO IOS
III.1 Cc b nh bn trong Router:

ROM :

Cha chng trnh khi ng Router


Thc hin tin trnh Power-on Self Test (POST)

Cha BOOT Image (i vi Router 2500).


B nh ny khng th xa.
RAM:
Cha Running-config, bng nh tuyn, ARP table
Ch IOS Image khi c load t Flash (i vi dng
router 2600 v sau ny)
Thng tin trong RAM b mt khi router b mt in
NVRAM:
Cha Startup-Config
Thng tin trong NVRAM khng b mt khi router b mt
ngun.
Flash:
Cha Cisco IOS
Thng tin trong Flash c th xa v thay th c.

- 11 -

III.2 Tin trnh khi ng ca Router

Kim tra phn cng:


POST
Load Bootstrap
Tm v load Cisco IOS Software Image:
Trnh t load IOS ca Router Cisco
Flash TFTP Server ROM
C IOS: Router s ti h iu hnh t b nh flash
2500: Chy trc tip trn Flash
2600: Load IOS ln RAM v chy trn RAM.
- Khng c IOS:
Tm trn TFTP Server, nu ang c 1 TFTP Server
c IOS, s chy IOS
- Vn khng tm thy IOS
2500: Load mini IOS t ROM
2600: Vo ch Boot ROM
Tm v load file cu hnh (Startup-config):
C file cu hnh: Load file cu hnh ln.
Khng c file cu hnh: Load file cu hnh rng.

III.3 Gi tr thanh ghi ca Router (Configuration Register)

L 1 thanh ghi c chiu di 16 bit


c biu din vi dng s HEX
4 bit cui hnh thnh trng boot (boot field)

- 12 -

1
0

0x

0x2101: Boot t ROM


0x2102: Boot t Flash (default)
0x2142: B qua ni dung ca NVRAM (dng khi cn crack
password cho Router Cisco)
Cu hnh:
- Khi cha c IOS hay mun load IOS t tftpnld:

Rommon 1> IP_ADDRESS=A.B.C.D (mc nh ch interface u- f0/0)


Rommon2> IP_SUBNETMASK = A.B.C.D
Rommon3> DEFAULT_GATEWAY=A.B.C.D
Rommon 4> TFTP_SERVER=A.B.C.D
Rommon5> TFTP_FILE=c2600-is-mz.113-2.0.2.Q
Rommon6> tftpndl.

- Chn 1 trong 2 IOS:

R(config)# boot system flash: abc.def.xyz

- 13 -

- Chn file cu hnh cn load: (Mc nh, trong NVRAM ch lu c


1 file startup-config, mun c nhiu file startup-config th phi load t tftp
server).
R(config)# boot config tftp:?

III.4 Cc mode cu hnh ca Cisco IOS

I.

SWITCHING
IV.1 Spanning-Tree Protocol (STP):
L do phi dng STP: ngn chn cc li thng gp trong mng nhiu
switch dng cc ng d phng: multiple frame copies, broadcast
storm, MAC database instability. Mng switch loi ny to ra cc vng
lp (switching loop) v STP c s dng trnh loop.

- 14 -

Hot ng ca STP: cc switch gi cc gi tin BPDU theo a ch


multicast 01.80.c2.00.00.00 trao i thng tin v Bridge ID (Priority
+ MAC) v da vo thit lp Spanning Tree.
Bu chn Root Bridge: din ra trn ton mng switch. Switch no c
BID nh nht s lm root bridge (BID = Priority.MAC, default
priority = 32768 (0 65535)).
Bu chn Root Port: din ra trn bn thn cc switch khng phi l
root bridge. Mi nonroot switch ch c 1 port c lm root port, root
port phi l port c path cost i ti root bridge nh nht. Trong trng
hp cost bng nhau th phn nh thng qua sender Bridge ID v
Sender port ID (priority.Number, default priority = 128 (0 240)
Bu chn Designated Port: din ra trn cc segment mng, da vo
path cost, nu path cost bng nhau th phn nh thng qua BID. Cc
port trn root bridge u l designated port.
Cc port cn li u l b Block.
Trng thi cc port ca switch:
Disabled: khng nhn bt c frame no
Blocking: khng truyn frame, ch nhn BPDU. Trng thi ngay khi
switch khi ng
Listening: nhn v gi BPDU (15s)
Learning: nhn, gi BPDU v hc MAC address (15s)
Forwarding: nhn, gi BPDU, hc MAC, nhn v truyn frame
STP c coi l hi t khi tt c cc port ca switch hoc 1 trong 2
trng thi forwarding v blocking.
Bng gi tr cost:

- 15 -

Vd: Cng no s b Block trong m hnh sau?

IV.2 SwitchPort Port-Security

Ch apply trn port l mode Access


Switchport port-security mac-address mac-address
ch ra mac address no s c cho php.
Switchport port-security mac-address sticky.

Mac address u tin c hc vo s cho php. Cn cc mac

address hc sau th cm.


Default ch c php hc 1 mac.
Switchport port-security maximum value[1-132]
Switchport port-security violation {protect | restrict | shutdown}
Default l shutsown
Switchport port-security aging time 10
- 16 -

Set thi gian cho nhng a ch dynamic MAC Address, nu


vt qu thi gian ny s clear MAC
Switchport port-security aging type inactivity
bt u tnh thi gian clear MAC-Address tnh t khi khng
c traffic i vo port
Vd:

SwitchX(config)# interface fa0/5


SwitchX(config-if)# switchport mode access
SwitchX(config-if)# switchport port-security
SwitchX(config-if)# switchport port-security maximum 1
SwitchX(config-if)# switchport port-security mac-address sticky
SwitchX(config-if)# switchport port-security violation shutdown

Khi mun b cu hnh port-security ch cn dng lnh

SwitchX(config-if)# no switchport port-security

IV.3 VLAN
Phn chia mng, bo mt c bn, gim broadcast.
Mi Vlan l 1 vng broadcast domain
Cu hnh:
Switch#conf
t
Switch(config)#vlan 2
Switch(config)#vlan 3
Switch(config)#interface f0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 2
VLAN tagging: thm VLAN ID (12 bit) vo trong frame gip nhn
bit VLAN.
Vic gn IP cho Vlan trn Switch ch nhm mc ch qun tr

IV.4 Trunking
Mc ch: cho php nhiu VLAN i cng nhau trn mt kt ni gia cc
switch.

- 17 -

C 2 loi trunking:
ISL :ng gi 26 byte Header v 4 byte Trailer vo frame gc.

Dot1Q (chn 4 byte vo frame gc).

- 18 -

Khc bit c bn gia ISL v Dot1Q: encapsulation v tagging, native


VLAN trong Dot1Q, ISL l chun ca Cisco, Dot1Q l chun ca IEEE.

IV.5 VTP

Mc ch: m bo tnh nht qun v VLAN trong mng, chnh sa


VLAN linh ng

Hot ng:
Server gi VTP advertisement mi 5 pht hoc nu c s thay i
trong mng.
VTP advertisement cha:
- 19 -

Revision number: default l 0. Mi ln thay i cu hnh


th tng ln 1. reset v 0:
thay i mode VTP thnh Transparent sau i li
server.
Thay i domain name
VLAN name v number,
Switch c port c gn vo VLAN no (lin quan n
VTP pruning).
C 3 mode trong VTP:
Server: to, sa, xa VLAN, gi v qung b VLAN ads. ng b
thng tin VLAN, lu thng tin VLAN trong NVRAM.
Client: khng to, sa, xa VLAN, chuyn VLAN ads. ng b thng
tin VLAN, khng lu thng tin VLAN trong NVRAM.
Transparent: to, sa, xa VLAN ring, chuyn VLAN ads ca
domain, khng qung b thng tin VLAN ca mnh, khng ng b
thng tin VLAN, lu thng tin VLAN trong NVRAM.
Cu hnh:
Switch(config)#vtp domain <tn domain>
Switch(config)#vtp mode <server/client/transparent>
Switch(config)#vtp password <password>

Cu hi:
Client c s revision cao hn server th hin tng g xy ra?
S revision thay i khi no?
VTP pruning: gim traffic khng cn thit trn trunk port.

- 20 -

Cu hnh:
Switch(config)#interface f0/1
Switch(config-if)#switchport mode trunk
Switch(config-if)#switchport trunk allowed vlan/pruning vlan
IV.6 Routing Inter-VLAN
Mc ch: gip cc host thuc cc VLAN khc nhau lin lc vi nhau.
Cn thit b layer 3 thc hin ( c th l Router hoc Switch layer 3)

Cu hnh:
Router(config)#interface Fa0/0
- 21 -

Router(config-if)#no shut
Router(config)#interface fa0/0.1
Router(config-subif)#encap dot1Q 1
Router(config-subif)#ip add A.B.C.D //ip add thuc VLAN 1
Router(config)#interface fa0/0.2
Router(config-subif)#encap dot1Q 2
Router(config-subif)#ip add W.X.Y.Z //ip add thuc VLAN 2

I.

ROUTING
V.1 IP addressing
i nhanh s nh phn sang thp phn, hex, v ngc li
Dy a ch IP:
Lp A: 1.0.0.0 126.255.255.255
Lp B: 128.0.0.0 191.255.255.255
Lp C: 192.0.0.0 223.255.255.255
IP address: public v private. a ch Private:
Lp A: 10.0.0.0 10.255.255.255
Lp B: 172.16.0.0 172.31.255.255
Lp C: 192.168.0.0 192.168.255.255
Subnet mask, Private address, Broadcast address.
VLSM.
cho mng 10.1.1.0/24 chia thnh 2 mng LAN (25 host), 3 mng
LAN (12 host), 4 mng WAN (point-to-point)
Tm
a ch mng v broadcast: 10.45.100.200/14;
172.16.140.100/20; 192.168.101.171/28
Summary.
Summary cc mng sau: 172.16.12.0/24; 172.16.13.0/24;
172.16.14.0/24; 172.16.15.0/24.
V.2 Cc loi routing

Cc khi nim Routing c bn:


Routed protocol: l giao thc lp 3 c dng truyn d liu
t mt thit b u cui ny mt thit b khc trn mng. Cc
- 22 -

routed protocol l cc gi Lp 3 trong mang thng tin ca cc


ng dng n cc lp cao hn. (IP, IPX, Apple Talk)
Routing protocol: l giao thc c dng gia cc router gi
v nhn cc cp nht v cc mng tn ti trong mt t chc, qua
cc qu trnh nh tuyn c th dng xc nh ng i ca
gi trn mng.(RIP, EIGRP, OSPF)
AD (Administrative Distance): l mt i lng ch s tin cy
ca cc routing protocol. Ph thuc vi giao thc routing, AD t 0
-255

AS (Autonomous System): Mt nhm cc routers c chung chnh

sch qun l, c chung mt ngun qun l k thut duy nht v


thng thng dng mt IGP (Interior Gateway Protocol). Mi AS
c gn bng mt s duy nht t 1 n 65535, trong gi tr t
64512 n 65535 c dng lm gi tr ring, c gn cho cc
AS cc b
- 23 -

Hi t (covergence): Qu trnh tnh ton bng routing-table trn

cc router sao cho tt c cc bng c chung mt trng thi nht


qun.
Chia ti (load balancing): Cho php vic truyn packet n mt
network ch din ra trn hai hoc nhiu ng i khc nhau.
Metric: tt c cc routing protocols dng metric nh lng
ng i nhm tm ra ng i tt nht. Mt vi protocol dng
metric rt n gin, v d nh RIP dng hop-count. EIGRP dng
metric phc tp hn, bao gm bng thng, delay, reliabiliity...

- 24 -

Passive interface: Ngn nga cc routing update gi ra mt

interface no . Tuy nhin, interface ny vn c th lng nghe


cc routing update do cc router khc gi v. Lnh ny c dng
trong router mode.
Redistribution: Qu trnh chia s route c hc t cc ngun
khc nhau. V d bn c th redistribute route c hc t RIP
vo OSPF (trong trng hp ny bn c th gp vn vi
VLSM). Hoc bn c th redistribute static route vo EIGRP. Qu
trnh redistribution ny phn ln phi cu hnh bng tay
( manually)
Static:
Static route: c th ch n mt host, mt network. Bn cng c
th dng floating static route, trong route ny c thay i gi
tr AD cao hn gi tr ca cc routing protocol ang dng.
Interface: AD=0
Next hop: AD=1
R(config)#IP route ip_des mask interface / nexthop [AD]

- 25 -

Default route :

R(config)#ip route 0.0.0.0 0.0.0.0 interface / nexthop


Dynamic: router dng cc giao thc duy tr hiu bit v mng. Cc
giao thc routing chia lm 2 loi:
EGP: BGP
IGB:
distance vector (RIP, IGRP)
link state (OSPF, IS-IS)
hybrid (EIGRP).
V.2.1 Distance vector Routing
Gi nguyn bng nh tuyn cho router k bn v gi theo chu k
nh tuyn kiu tin n

- 26 -

C routing loop xy ra.


C ch chng routing loop:
Route poisoning
Splits horizon
Poison reverse
Holddown timer
Trigger/Flash update
V.2.2 Link state Routing
Duy tr 2 bng: topology v routing. Bng topology cha tt c tnh trng
ca ton b link trong mng. Routing table c xy dng t topology
table.
Thit lp neighbor bng cc gi tin Hello
Khng trao i routing table nh distance vector. Trao i cho nhau
thng tin v cost v tnh trng link ca chng qua cc LSA.
Hi t nhanh hn cc giao thc distance vector. Dng cho mng din
rng, nhng yu cu ln k hoch k khi thc thi

- 27 -

V.3 RIP v1 (Routing Information Protocol)


Rip l 1 distance vector
Rip l mt classful protocol
Rip gi routing information ca n mi 30 giy (default)
Gi update theo broadcast
Hold-down timer l 180 giy (default)
Rip dng thut ton Bellman-ford
Rip metric da vo hop count (maximum l 15)
Infinity metric = 16
Rip c AD (administrative Distance) l 120 (default)
Rip c kh nng load balancing (cn bng ti) vi maximum 6 ng c
metric bng nhau (Six parallel equal-cost paths), Cisco Router (default) ch
h tr 4 ng bng nhau.
V d : Router1(config-router)#maximum-paths 5 : cho php load

balancing ti a l 5 ng
Khng h tr Discontiguous Network (mng gin on)
- 28 -

Discontiguous network l mt mng chnh (Major network) b phn


cch bi major network khc.
V d :

Bt c khi no RIP qung b 1 network qua 1 major network

boundary khc, Rip summaries netowk c qung b ti major


network boundary nh hnh trn.
Cc bc ROUTER 1 thc hin trc khi gi Update n ROUTER 2 :
Net 131.108.5.0/24 c cng major network vi 137.99.88.0/24 ?
Khng trng, ROUTER 1 summarizes 131.108.5.0/24 v qung b
route 131.108.0.0/16
Cc bc thc hin ca ROUTER 2 trc khi chp nhn update t
ROUTER 1 :
Major network nhn (131.108.0.0) c cng major network
137.99.88.0
Khng trng, trong routing table c bt k subnet no thuc major
network ny cha
C ri, ROUTER 2 b qua khng update.

Khng h tr VLSM (Variable-Length Subnet Mask) : Rip v igrp khng c


kh nng mang subnet mask information trong khi gi update. Trc khi n
qung b, n thc hin 1 kim tra da vo subnetmask ca interface m n
gi update. Nu 2 subnet khng ng th n s drop

- 29 -

Cc bc thc hin ca ROUTER 1 trc khi gi update n ROUTER 2

ROUTER 1 kim tra xem, nu 131.108.5.0/24 c cng major


network 131.108.6.0/30 khng ?
Cng major network. ROUTER 1 xc nh 131.108.5.0/24 c
cng subnet mask 131.108.6.0/30 khng ?
Bi v 2 subnet khng trng nn ROUTER 1 drop mng
131.108.0.0 /16 v khng qung b route
ROUTER 1 xc nh 131.108.7.0/30 l cng major network vi
131.108.6.0/30 khng ?
Cng major network. ROUTER 1 xc nh tip 131.108.7.0/30 c
cng subnet mask vi 131.108.6.0/30 khng ?
V c 2 subnet mask ging nhau nn ROUTER 1 qung b
network 131.108.7.0/30 n ROUTER 2.
Default Routes : Khi RIP thy 1 default route trong routing table ca n, n
s t ng qung b default route ny trong RIP update.
V.4 RIP V2
Gi routing update dng multicast 224.0.0.9
H tr VLSM: qung b mng km subnet mask
Next-hop metric
Cu hnh:
Router(config)#router rip
Router(config-router)#network <major network>
Router(config-router)#version 2
- 30 -

R2#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
C
R
C
R
C
R

172.29.0.0/24 is subnetted, 1 subnets


172.29.35.0 is directly connected, Ethernet0
131.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
131.16.6.0/24 [120/1] via 131.16.5.1, 00:00:07, Serial1
131.16.5.0/24 is directly connected, Serial1
131.16.8.1/32 [120/1] via 131.16.5.1, 00:00:07, Serial1
131.16.9.0/24 is directly connected, Loopback0
131.88.0.0/16 [120/1] via 131.16.5.1, 00:00:07, Serial1

V.5 OSPF (Open Shortest Path First)


Cc khi nim v c tnh:
link state
Dng Thut ton ng ngn nht ca Dijkstra v l m (Open)
khng phi ca ring hng no, c th c dng cho thit b ca
tt c cc hng. (Allows multi-vendor deployment - open
standard)
AD = 110
Nhng u im ca OSPF vi Distance Vector
Hi t nhanh
Ti u update traffic trong Routing (Minimizes routing

update traffic)
Scalability mng ln (Allows scalability)

- 31 -

Classless protocol hon ton, loi tr nhng vn classful nh


mng gin on
H tr VLSM/CIDR (Supports VLSM/CIDR)
Metric khng b gii hn - metric=cost=108/BW (Has unlimited

hop count)
Cn bng ti vi cost bng nhau
Dng a ch Multicast gim tc ng n nhng thit b nonOSPF.
Cch thc hot ng:
Thit lp neighbor: Cc router trao i gi tin Hello thit lp
neighbor.
Gi tin Hello bao gm:
Router ID
Hello/Dead timer *
Neighbors
Area ID *
Router Priority
DR IP Address
BDR IP Address
Authentication Password *
Stub Area flag *
=> ln c neighbor th cc trng c du * phi
ging nhau.
Hello timers:
Multi Access v Point-to-Point = 10s
NBMA = 30s
Xy dng bng nh tuyn:
Cc router trao i thng tin qua thng ip qung co LSA
LSA: cost ca ng link, thng tin router v trng
thi cc router ln cn.
S dng gii thut Dijkstra xy dng bng nh tuyn
Metric = cost = 108/BW
Update:
Khi c thay i th gi update lin
Nu khng c g th c 30 pht full update 1 ln.
- 32 -

Bu chn DR/BDR:
Trong mi trng multiaccess: bu chn BDR v DR da vo
Priority ca interface v Router ID. (gi tr ln nht c u tin).
Default, Priority = 1.Gi tr t 0 255.
Router ID: da vo a ch IP ca interface, u tin MAC
Address.
Router lin lc qua 2 a ch multicast:
224.0.0.5 dnh cho tt c cc router.
224.0.0.6 dnh cho DR/BDR.
Mi quan h gia Ajacency v Neighbor
Cu hnh:
R(config)#router ospf <process ID>
R(config-router)#network <network> <wildcard mask> area <area ID>
R(config-if)#ip ospf priority value

- 33 -

R# show ip ospf neighbor


R#show ip route

- 34 -

- 35 -

V.6 EIGRP

Cc khi nim:
Chun ca Cisco
AD = 90
- 36 -

H tr VLSM, h tr nhiu giao thc nh IP, IPX, Apple Talk


Hi t nhanh
Hybrid

Metric = IGRP metric * 256


IGRP(metric)=

( K 2 * BW ) )
K5

K 1 BW + ( 256 Load ) + K 3 * Delay * ( Re li + K

K1,K2,K3,K4,K5 l hng s
Mc nh K1=K3=1; K2=K4=K5=0 => IGRP(metric)=BW+Delay
BWigrp = 107/BW
Delayigrp = Delay/10
chiu di 32 bits, trong khi chiu di metric ca IGRP l 24

bits.
Cch thc hot ng:
Thit lp neighbor:
gi gi tin Hello ti a ch multicast 224.0.0.10
Hello timer:
On LAN links = 5s
On WAN links = 60s
Holdown timer = 3 ln hello timer
thnh c neighbor th phi tha mn cc iu kin
sau:
Lng nghe hello packet v phi xc nhn li
- 37 -

Phi cng AS
Cch tnh metric ca cc neighbor phi ging nhau.
R#show ip eigrp neighbors
Thit lp bng topology:
Successor : route c ng i tt nht v ch
Feasible Successor: ng d phng.
FD (Feasible Distance): = metric EIGRP- Chi ph ca 1
ng i tt nht n mt mng ch.
AD (Advertise Distance): Chi ph ca mt mng xa m
con neighbor kt ni trc tip qung b.
iu kin c ng d phng:
AD < FD
Thit lp bng Routing Table:
S dng thut ton DUAL xy dng nn bng nh
tuyn.
Trong bng topology s chn ra route successor (tuyn
ng tt nht) a vo bng nh tuyn.

Cu hnh:
Router(config)#router eigrp <AS number>
Router(config-router)#network <major network> / <network> <wild
mask>
Router(config-router)#no auto-summary
V.7 Static route Default route:
AD = 0 hoc 1
a route vo routing table bng tay
Cu hnh:
Router(config)#ip route <network> <subnet mask> <next-hop/exit
interface>
Router(config)#ip route 0.0.0.0 0.0.0.0 <next-hop/exit interface>
V.8 Lnh IP classless:
Nu dng lnh ny: router s i n mng l bng default route
- 38 -

Nu dng dng no ca lnh ny: router s tra route theo kiu longest
match, c th khng dng default route i n mng l.

I.

ACCESS-LIST
ng dng: Lc traffic, NAT
VI.1 Phn loi

Standard 1-99: ch ch n IP source, t gn ch


Extended 100-199: ch n IP, protocol, port source v ch, t gn
source
Kim tra t trn xung
Xo 1 Access list th xa ht.
Thm 1 access list mi th nm dng lnh cui
Cui access list default deny any any

VI.2 Cu hnh
Standard Accesslist
R(config)#accesss-list number {deny|permit} source wildcard
Ch nh c th host:
R(config)#access-list number {deny|permit} host IP
ch nh bt k:
R(config)#access-list number {deny|permit} 0.0.0.0 255.255.255.255
R(config)#access-list number {deny|permit} any any
Extended Accesslist
R(config)#access-list number {deny|permit} protocol source wildcard des
wildcard operator operand
Number : 100 -199
Protocol: IP, TCP, ICMP
Operator: = eq
- 39 -

Operand: telnet, www, ftp..Hoc s port.

p ln interface:

R(config-if)# ip access-group {in|out}.

Kim tra

R# show ip interface
R# show access-list
R# show ip access-list

I.

NAT
VII.1 Cc khi nim: inside local, inside global, outside global, outside
local

Cisco nh ngha cc thut ng c s dng trong NAT nh sau:


- Inside local address - a ch IP c gn cho mt host ca mng trong. y
l a ch c cu hnh nh l mt tham s ca h iu hnh trong my tnh hoc
c gn mt cch t ng thng qua cc giao thc nh DHCP. a ch ny
khng phi l nhng a ch IP hp l c cp bi NIC (Network Information
Center) hoc nh cung cp dch v Internet.
- Inside global address - L mt a ch hp l c cp bi NIC hoc mt
nh cung cp dch v trung gian. a ch ny i din cho mt hay nhiu a ch IP
inside local trong vic giao tip vi mng bn ngoi.
- Outside local address - L a ch IP ca mt host thuc mng bn ngoi,
cc host thuc mng bn trong s nhn host thuc mng bn ngoi thng qua
a ch ny. Outside local khng nht thit phi l mt a ch hp l trn mng
IP (c th l a ch private).
- Outside global address - L a ch IP c gn cho mt host thuc mng
ngoi bi ngi s hu host . a ch ny c gn bng mt a ch IP hp
l trn mng Internet.
- 40 -

Trn y l cc nh ngha kinh in ca Cisco, tuy nhin n khng c d hiu


cho lm v i khi gy cho chng ta khng t nhm ln. Trc khi i vo cc v
d, ta nh ngha li cc thut ng trn theo mt cch d hiu hn. Trc ht bn
phi nh k rng khi nim khi nim inside v outside ca NAT l cc giao
din c cu hnh bi cu lnh ip nat inside and ip nat outside. Cc mng no
ni n cc giao din ny s c vai tr inside v outside tng ng.
- Local address - L a ch xut hin trong phn inside ca mt network.
- Global address - L a ch xut hin trong phn outside ca mt network.

VII.2 Phn loi theo cu hnh


Static:
ip nat inside static source <A.B.C.D> <A.B.C.D>

- 41 -

Dynamic: nh ngha NAT pool trc v thc hin NAT


ip nat pool <name> <IP u> <IP cui> netmask <A.B.C.D>
ip nat inside source <A.B.C.D/list number> pool <name>
Nat overload (PAT):
ip nat inside source <A.B.C.D/list number>
<A.B.C.D/interface> overload
VII.3 p dng ln interface

I.

Phi nh ngha trc bn no l inside, bn no l outside


Vo interface : ip nat inside/outside

WIRELESS
VIII.1 im khc nhau gia WLAN v LAN
+ WLAN dng sng radio nh l lp physical
+ WLAN s dng c ch CSMA/CA trnh nghn khc vi LAN l
CSMA/CD
+ S dng half-duplex (ging Hub)
+ Vn vng bao ph, giao thoa, nhiu, ting n, bo mt
VIII.2 Cc m hnh Wireless
AD-HOC: khng c Access-Point
BSS: c 1 Access-Point
ESS: c t 2 Access-Point tr ln, mi AP phi thuc 1 knh ring
trnh nhiu

- 42 -

VIII.3 Cc chun 802.11

- 43 -

VIII.4 Bo mt trong Wireless

I.

WAN
IX.1 Frame Relay

- 44 -

Cc khi nim:
PVC (Permanent Virtual Circuit): thit lp kt ni logical gia
cc DTEs (ging lease lined)

DLCI(Data-Link Connection Identifier): layer 2 address m t


1 PVC ti Router u xa, DLCI ch c ngha local

- 45 -

FECN, BECN, DE: cc bit chng nghn trong Frame-Relay


CIR (Committed information rate): tc truyn trn kt ni gia

Customer ti FR (cn gi l local access loop). CIR do ISP cung


cp
Inverse ARP: map gia IP destination vi s DLCI ca mnh,
enable by default, nu tt c ch Inverse ARP th phi map tnh

2 kiu encapsulation: IETF v Cisco


3 kiu LMI-type: Cisco, ANSI, Q933a
3 kiu Topo Frame-Relay: Full-Mesh, Partial-Mesh, Star (Hub & Spoke)

- 46 -

Vn Splitz horizon

Cu hnh:
frame-relay switching
encapsulation frame-relay IETF/Cisco
frame-relay intf-type dce
frame-relay lmi-type Cisco/ANSI/Q933a
frame-relay interface-dlci <DLCI>
- 47 -

frame-relay map ip <IP u xa> <DLCI cc b> <broadcast>


frame-relay route <DLCI> interface <interface out> <DLCI>
IX.2 PPP
Open standard, h tr nhiu giao thc nh IP, IPX
H tr multi-link
Compression
S dng qua analog circuits
S dng 2 phng php xc thc: PAP, CHAP
PAP:
Xc thc yu, s dng password plain-text
Two-way handshake

CHAP:
Three-way handshake
Xc thc mnh, h tr MD5

- 48 -

Cu hnh:

- 49 -