On Tap CCNA Version4.0 EDULAB

n tp CCNA version 4.
7/4/2013
Edulab.com.vn
Tiu ch bui n tp
Mc tiu chnh : Gip cho hc vin chun b tm l v kin thc tt -> Pass CCNA! Gip h thng mt s kin thc , cung cp ti liu t n (Ging vin cung cp)->Hc vin nm vng thm kin thc.
7/4/2013
Edulab.com.vn
Cu trc bi ging
Phn 1 : Ging vin chia ni dung n tp thnh 9 ch .Mi ch gm 3 phn :
1) Nhc li kin thc chnh. 2) Gii 1-3 cu hi n tp. 3) Ghi ch tt c cu hi n tp mi nht.
Phn 2 : Hng dn lm bi thi quc t.
7/4/2013
Edulab.com.vn
Phn 1 : Cc ch n tp
1. NETWORK BASIC. 2. OSI-TCP/IP & ARP. 3. CISCO IOS. 4. IP SUBNET VLSM. 5. SWITCH. 6. ROUTING. 7. ACLS & NAT. 8. WAN. 9. DHCP-WIRELESS-IPV6.
Edulab.com.vn
4
7/4/2013
1. NETWORK BASIC
HUB: layer 1, khng hiu c frame do s flood ra tt c cc port ngoi tr cng nhn vo.
Collision. Collision domain. Half-duplex. CSMA/CD
(Carrier Sense Multiple Access with Collision Detect )
7/4/2013
Edulab.com.vn
1. NETWORK BASIC
SWITCH:
Layer 2, hiu c frame ( MAC-Medium Access Control ). Mi cng switch l mt collision domain. Khi frame n m Destination MAC khng c trong bng nh tuyn th flood ra tt c cc port ngoi tr port nhn vo. Full-duplex. Disable CSMA/CD.
7/4/2013
Edulab.com.vn
S dng a ch MAC
Data A D Data A D Data A D Data A D

a ch ch
7/4/2013
Edulab.com.vn a ch ngun
1. NETWORK BASIC
ROUTER:

7/4/2013
Layer 3. nh tuyn.(routing) Ngn chn broadcast.
CABLE:
Traight- through. Cross-over. Rollover. Serial cable.
Edulab.com.vn
8
7/4/2013
Edulab.com.vn
1. NETWORK BASIC
7/4/2013
Edulab.com.vn
10
1. NETWORK BASIC
7/4/2013
Edulab.com.vn
11
1. NETWORK BASIC
Cc cu hi n thi : 14, 22, 47, 51, 83, 117, 128, 141, 151, 176, 189, 200, 221, 223, 224, 226, 234, 240, 250, 264, 310, 326, 359, 383, 391.
7/4/2013
Edulab.com.vn
12
2. OSI-TCP/IP & ARP
7/4/2013
Edulab.com.vn
13
2. OSI-TCP/IP & ARP
7/4/2013
Edulab.com.vn
14
Chng giao thc TCP/IP
7/4/2013
Edulab.com.vn
15
Cc thit b hot ng tng lp
7/4/2013
Edulab.com.vn
16
S ng gi
7/4/2013
Edulab.com.vn
17
Giao tip my - my
7/4/2013
Edulab.com.vn
18
Gi tin khi i qua thit b lp 1
7/4/2013
Edulab.com.vn
19
7/4/2013
Edulab.com.vn
20
7/4/2013
Edulab.com.vn
21
2. OSI-TCP/IP & ARP

Layer 7:
S dng cc giao thc: HTTP, FTP, TFTP, POP3, TELNET, SNMP, SMTP, SSH, DNS
Layer 4:
TCP:
Giao thc s dng: HTTP ( 80 ), FTP ( 20, 21 ), POP3 ( 110 ), TELNET( 23 ), SMTP( 25 ), SSH ( 22). DNS ( 53 ). Khi nim: ACK. Sequence. Windowing. Buffering. Flow control. Congestion avoidance. Giao thc s dng: TFTP ( 69 ), DNS ( 53 ), SNMP ( 161 ). Edulab.com.vn
22
7/4/2013
UDP:
2. OSI-TCP/IP & ARP

ARP l phng thc phn gii a ch ng gia a ch lp network v a ch lp datalink. Qu trnh thc hin bng cch: mt thit b IP trong mng gi mt gi tin broadcast n ton mng yu cu thit b khc gi tr li a ch phn cng ( a ch lp datalink ) ca mnh.
7/4/2013
Edulab.com.vn
23
7/4/2013
Edulab.com.vn
24
7/4/2013
Edulab.com.vn
25
2. OSI-TCP/IP
7/4/2013
Edulab.com.vn
26
2. OSI-TCP/IP
7/4/2013
Edulab.com.vn
27
2. OSI-TCP/IP & ARP
Host A sent to Host D

7/4/2013
Edulab.com.vn
28
2. OSI-TCP/IP & ARP
7/4/2013
Edulab.com.vn
29
2. OSI-TCP/IP & ARP
7/4/2013
Edulab.com.vn
30
2. OSI-TCP/IP & ARP

Cc cu hi n thi : 16, 21, 26, 32, 45, 52, 104, 109, 150, 160, 165, 172, 175, 177, 190, 195, 196, 197, 213, 227, 228, 246, 289, 293, 295, 296, 298, 299, 300, 303, 322, 324, 335, 337, 341, 347, 363, 366, 372, 379, 387, 390.
7/4/2013
Edulab.com.vn
31
3. CISCO IOS
3.1 QUI TRNH KHI NG V NP IOS ROM:
POST ( Power On Set Test): Kim tra phn cng. Bootstrap: Xt xem thanh ghi ang thit lp l g.
Tm IOS:
Tm t Flash ( default). Nu khng c trong flash:
tm qua mng ( ly t TFTP server). rommon>
LOAD:
2500: sau khi tm t flash th chy lun. 2800: sau khi tm t flash th load ln chy trn RAM ( image IOS).
Tm files startup-config:
Tm t NVRAM ( default). Nu khng c trong NVRAM, tm qua mng ( ly t TFTP server). Nu khng, vo setup mode.
Edulab.com.vn
32
7/4/2013
3.1 QUI TRNH KHI NG V NP IOS

Np IOS: u tin theo th t Flash -> TFTP Server -> ROM Np start-up config:u tin theo th t: NVRAM -> TFTP Server -> Set up mode Cc gi tr thanh ghi:
0x2102: khi ng bnh thng, np start-up config t NVRAM 0x2142: b qua start-up config trn NVRAM.
7/4/2013
Edulab.com.vn
33

Lnh show version: xem c version ca IOS, dung lng ca b nh RAM, dung lng flash.
Cisco IOS Software, 2800 Software (C2800NM-IPBASE-M), Version 12.4(5a), RELEASE SOFTWARE (fc3) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2006 by Cisco Systems, Inc. Compiled Sat 14-Jan-06 03:19 by alnguyen ROM: System Bootstrap, Version 12.4(1r) [hqluong 1r], RELEASE SOFTWARE (fc1) RouterX uptime is 1 week, 5 days, 21 hours, 30 minutes System returned to ROM by reload at 23:04:40 UTC Tue Mar 13 2007 System image file is "flash:c2800nm-ipbase-mz.124-5a.bin" Cisco 2811 (revision 53.51) with 251904K/10240K bytes of memory. Processor board ID FTX1013A1DJ 2 FastEthernet interfaces 2 Serial(sync/async) interfaces DRAM configuration is 64 bits wide with parity enabled. 239K bytes of non-volatile configuration memory. 62720K bytes of ATA CompactFlash (Read/Write) Configuration register is 0x2102
7/4/2013
Edulab.com.vn
34

Show flash: xem thng tin v b nh flash: trong available cho bit b nh cn trng, v bytes used cho bit dng lu IOS.
RouterX#sh flash -#- --length-- -----date/time-----1 14951648 Feb 22 2007 21:38:56 2 1823 Dec 14 2006 08:24:54 3 4734464 Dec 14 2006 08:25:24 4 833024 Dec 14 2006 08:25:38 5 1052160 Dec 14 2006 08:25:54 6 1038 Dec 14 2006 08:26:08 7 102400 Dec 14 2006 08:26:22 8 491213 Dec 14 2006 08:26:40 path +00:00 +00:00 +00:00 +00:00 +00:00 +00:00 +00:00 +00:00
c2800nm-ipbase-mz.124-5a.bin sdmconfig-2811.cfg sdm.tar es.tar common.tar home.shtml home.tar 128MB.sdf
41836544 bytes available (22179840 bytes used)
7/4/2013
Edulab.com.vn
35
3.2 KIM TRA KT NI

Router # Show ip int brief
Cc tnh trng c th:
Up/Up: kt ni bnh thng. y l trng thi mong mun. Kt ni lp 1 v lp 2 t yu cu. Up/down: Kt ni b li lp th 2 (lp data link) nhng t yu cu lp th nht (lp vt l).
Nguyn nhn:

Vi cng Ethernet: li cp hoc cp cm cha cht. Vi cng serial: cha c cp clock rate. B li khng khp nhau gia hai u v cch ng gi d liu (encapsulation mismatch), khng nhn c keep-alive. Down/down: ng kt ni down ( layer 1) , cp kt ni b hng hoc sai. Administrative down/down: Cng cha c bt ln 2 pha
Router# show
7/4/2013
controller s0/0
Edulab.com.vn
36
Xem DCE/DTE, loi cable ang kt ni.
3.3 TELNET V SSH

Telnet l mt giao thc u cui o (virtual terminal) l mt phn ca chng giao thc TCP/IP. Telnet cho php to kt ni vi thit b t xa
Router(config)#line vty 0 15 Router(config-line)#login Router(config-line)#password Router Router(config-line)#^Z
7/4/2013
Edulab.com.vn
37
3.3 TELNET V SSH

SSH l mt phng php m ho bt i xng, tc l cc thit b s
dng mt cp key m ho gi l private key v public key .
Client SSH server
` Client
1 Cc thit b s dng ng dng SSH dng mt kho m ho: Secret Key ( key ny c to ra do s dng thut ton RSA c cu hnh trn server ). 2. cc thit b s trao i public key vi nhau. 3. cc thit b s gi data c m ha, qu trnh m ha nh sau: data + secret key + public key m n nhn c t u xa. 4. ti u xa sau khi nhn c encrypted data th n s ly private key ca n gii m to ra data dng plain text. 5. nh vy ta thy ch c chnh client m server s gi data encryption mi c th gii m c data thnh dng plain text v server s dng public key ca chnh client . Do vy m nhng client khc mc du nhn c nhng do public key khng phi ca n nn n khng gii m c.
7/4/2013
Edulab.com.vn
38
3.3 TELNET V SSH

CU HNH:
To account cc client c th truy cp ssh vo:
R( config)# username VNPRO password VNPRO

To domain name c th to key
R( config)# ip domain-name
S dng thut ton RSA sinh key:
< name >
R( config)# crypto generate key RSA

p vo VTY: ch ra rng nhng client s truy cp vo cc phin vty bng ng dng ssh hay l telnet
R( config)# line vty 0 4 R( config-line)# transport input [ ssh | telnet ] Ch :

Defaut khi ta khng nh g th l Telnet tc l transport input telnet nhng v cu lnh ny n nn ta khng nhn thy. Ta cng c th cho cc client truy cp vo bng c hai phng thc SSH v TELNET ( Nu ta ch khai bo ssh th ta khng th s dng telnet c v vy m ta phi dng cu lnh khai bo cho c hai: transport input ssh telnet ).
7/4/2013
Edulab.com.vn
39
3.4 GIAO THC CDP

GIAO THC CDP: cho bit thng tin neighbor.
Thng tin v layer 2. Thng tin v layer 3. iu kin CDP hot ng : cc cng phi up.
7/4/2013
Edulab.com.vn
40
3.4 GIAO THC CDP
RouterA#show cdp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, I - IGMP, r - Repeater Device ID SwitchA RouterB Local Intrfce fa0/0 s0/0/0 Holdtme 122 177 Capability S I R S I Platform Port ID WS-C2960- fa0/2 2811 s0/0/1
7/4/2013
Edulab.com.vn
41
3. CISCO IOS
7/4/2013
Edulab.com.vn
42
3. CISCO IOS
7/4/2013
Edulab.com.vn
43
3. CISCO IOS
Cc cu hi n thi :4, 40, 41, 42, 43, 48, 50, 54, 78, 81, 84, 86, 98, 101, 103, 107, 118, 121, 123, 125, 129, 133, 135, 137, 138, 142, 146, 149, 178, 184, 194, 210, 222, 239, 241, 242, 244, 248, 252, 258, 277, 278, 279, 282, 285, 291, 314, 317, 320, 323, 325, 327, 331, 368, 376, 380, 381,402
7/4/2013
Edulab.com.vn
44
4. IP SUBNET - VLSM
4.1) Cn nh 4.2) a ch IP 4.3) Subnet Tm hiu thm : dng bi tp & Supernet (Xem ti liu tham kho)
7/4/2013
Edulab.com.vn
45
4.1) Cn nh

7/4/2013
00000000 10000000 11000000 11100000 11110000 11111000 11111100 11111110 11111111
0 128 192 224 240 248 252 254 255

Edulab.com.vn
46
4.2) a ch IP
7/4/2013
Edulab.com.vn
47
4.2.1) Lp A
- a ch mng: 1.0.0.0 -> 127.0.0.0 - Mng 127.0.0.0 : loopback network a ch mng s dng c: 1.0.0.0 -> 126.0.0.0 (126 mng). - Phn host: 24 bit => mi mng lp A c (2^24 2) host.
7/4/2013
Edulab.com.vn
48
4.2.2) Lp B
a ch mng: 128.0.0.0 -> 191.255.0.0 C tt c 214 mng trong lp B. Phn host: 16 bit Mt mng lp B c 2^16 2 host.
7/4/2013
Edulab.com.vn
49
4.2.3) Lp C
a ch mng: 192.0.0.0 -> 223.255.255.0 C tt c 221 mng trong lp C. Phn host: 8 bit Mt mng lp C c 2^8 2 = 254 host.
7/4/2013
Edulab.com.vn
50
4.2.4) Lp D v E
Lp D: - a ch: 224.0.0.0 -> 239.255.255.0 - Dng lm a ch multicast. V d: 224.0.0.5 dng cho OSPF 224.0.0.9 dng cho RIPv2 Lp E: T 240.0.0.0 tr i. D phng.
7/4/2013
Edulab.com.vn
51
4.2.5) a ch Private v Public

a ch Private v Public: - Trong LAN: Private, khng c nh tuyn trn mi trng Internet. Internet: Public. - Di a ch private (RFC 1918): Lp A: 10.x.x.x Lp B: 172.16.x.x -> 172.31.x.x Lp C: 192.168.x.x - NAT: chuyn i private <-> public. - ngha ca a ch private: bo tn a ch IP public.
7/4/2013
Edulab.com.vn
52
4.2.5) a ch qung b
a ch qung b (broadcast): Gm hai loi: - Direct: VD: 192.168.1.255 - Local: VD: 255.255.255.255
7/4/2013
Edulab.com.vn
53
4.3) Subnet
tng: mt phng ban, mt b phn nhiu khi chim c mt subnet l khng cn thit v lng ph a ch IP chnh v vy m ta phi chia mng chnh ra thnh nhiu mng con ( subnet ). - Subnet mask: ch ra phn no ca a ch IP l mng, phn no l host. Cc bit 1 ch mng, cc bit 0 ch host. VD: 255.255.255.0 subnet mask ca mt mng lp C. 255.255.0.0 subnet mask ca mt mng lp B.
- Mn thm mt s bit ca phn host tng thm chiu di cho phn mng, chia nh mt mng chnh (major network ) thnh nhiu mng con (subnet): - Gi n l s bit mn, gi m l s bit host cn li, m 2. Ta c: S subnet c th c: 2n nu c h tr subnet-zero 2n-2 nu khng h tr subnet-zero S host trn mi subnet: 2m-2. Bc nhy: BN = 2m
7/4/2013
Edulab.com.vn
54
Th d: 172.16.20.200
172.16.20.200 l a ch lp B Phn mng: 172.16 Phn my: 20.200 a ch mng: 172.16.0.0 a ch qung b: 172.16.255.255 a ch dng c cho my trong mng
172.16.0.1 - 172.16.255.254
7/4/2013
Edulab.com.vn
55
Th d: 100.0.0.0
100.0.0.0 l a ch lp A Phn mng: 100 Phn my: 0.0.0 a ch mng: 100.0.0.0 a ch qung b: 100.255.255.255 a ch dng c cho my trong mng
100.0.0.1 - 100.255.255.254
7/4/2013
Edulab.com.vn
56
Th d: 192.168.255.255
192.168.255.255 l a ch lp C Phn mng: 192.168.255 Phn my: 255 a ch mng: 192.168.255.0 a ch qung b: 192.168.255.255 a ch dng c cho my trong mng
192.168.255.1 - 192.168.255.254
7/4/2013
Edulab.com.vn
57
Cc a ch dnh ring
c m t trong RFC-1918. Class A: 10.0.0.0 Class B: 172.16.0.0 - 172.31.0.0 Class C: 192.168.0.0 - 192.168.255.0 Cc lp a ch ny dnh ring t cho cc my trong ni b t chc Cn c mt NATserver (network address translation: dch a ch mng) hoc proxy server cung cp kt ni Internet cho cc my c a ch dnh ring
7/4/2013
Edulab.com.vn
58
Luyn tp
a ch IP
218.14.55.137
123.1.1.15
Lp
C
Phn
Phn
mng
218.14.55
my
137
a ch qung b
218.14.55.255
A
B
123
150.127
1.1.15
221.244
123.255.255.255
150.127.255.255
150.127.221.244
194.125.35.199 175.12.239.244
7/4/2013
C
B
194.125.35
175.12
Edulab.com.vn
199
239.244
194.125.35.255
175.12.255.255
59
Kim tra a ch hp l
150.100.255.255 175.100.255.18 195.234.253.0 100.0.0.23 188.258.221.176 127.34.25.189 224.156.217.73
Edulab.com.vn
60
7/4/2013
7/4/2013
Edulab.com.vn
61
Gn a ch IP cho thit b
Gn tnh v gn ng
7/4/2013
Edulab.com.vn
62
Gn tnh
i n tng thit b v cu hnh a ch IP bng tay Phi ghi nh tng a ch cp pht, v a ch IP l duy nht trn ton mng (khng c nhiu hn mt thit b cho mt a ch IP) Trng hp trong mng c vi trm my/thit b???
7/4/2013
Edulab.com.vn
63
Gn ng
Mt s giao thc cp pht a ch IP t ng RARP: Reverse Address Resolution Protocol (giao thc phn tch a ch o) BOOTP: BOOTstrap Protocol (giao thc t mi) DHCP: Dynamic Host Configuration Protocol (giao thc cu hnh my ng) Thit b khi c bt ln t tm server xin cp pht a ch IP Mi ln khi ng thit b c th c a ch IP khc
7/4/2013
Edulab.com.vn
64
Gn ng: DHCP
DHCP Discover UDP Broadcast DHCP Offer UDP Broadcast DHCP Request
DHCP Ack
DHCP server
MAC: Known IP: Unknown
IP Address Gateway IP server

Edulab.com.vn
IP1 IP2 IP3

65
7/4/2013
7/4/2013
Edulab.com.vn
66
Gn ng: DHCP
7/4/2013
Edulab.com.vn
67
7/4/2013
Edulab.com.vn
68
4. IP SUBNET - VLSM
7/4/2013
Edulab.com.vn
69
4. IP SUBNET - VLSM
Cc cu hi n thi : 9, 37,163, 173, 174, 205, 208, 218, 251, 260, 274, 297, 335, 339. Lu : cu 163 b sai mt chi tit trn hnh v, tuy nhin p n vn ng. Mi ngi c th cho mnh bit l chi tit g khng? Th nh.
7/4/2013
Edulab.com.vn
70
4. IP SUBNET - VLSM
7/4/2013
Edulab.com.vn
71
4. IP SUBNET - VLSM
7/4/2013
Edulab.com.vn
72
5. SWITCH
5.1) GII THIU V SWITCH. 5.2) PORT SECURITY. 5.3) VLAN, TRUNK, DTP, VTP, interVlan Routing 5.4) SPANNING TREE 5.5) RAPID SPANNING-TREE ( RSPT)
7/4/2013
Edulab.com.vn
73
5.1) GII THIU V SWITCH.

L thit b layer 2. Mi port ca switch l mt collision domain. System LED:

Xanh, Cam: hot ng tt. H phch ( Amber): li h thng.
Cng ging nh switch, brigde cng l thit b layer 2 nhng c s port t hn switch.
Switch c xem l tp hp ca nhiu brigde.
7/4/2013
Edulab.com.vn
74
5.1) GII THIU V SWITCH.
Cch hot ng ca switch:

Switch xy dng bng Mac-address table ( bng CAM ) da vo source MAC. Switch s forward frame da vo destination MAC ca frame. Khi mt frame n th switch s kim tra trong bng CAM ca n c thng tin v destination MAC ca frame ny hay khng. Nu c th forward frame ny ra port m c destination MAC lin kt vi n, cn nu khng th n s flood frame ny ra tt c cc port ngoi tr port m n nhn frame ny.
Thng tin ca mi entry trong bng CAM ca switch s c lu trong bng ny khng 300s, nu trong khong thi gian m khng c traffic i qua th n s xa entry ny ra khi bng CAM ca n. Vi cch hot ng nh vy th mt port ca switch cng c th c nhiu a ch MAC.
Edulab.com.vn
75
7/4/2013
5.2) PORT SECURITY.

Mc ch trin khai port security nhm ngn chn nhng user m khng c php truy cp vo h thng ca ta nu qui phm th s a ra mt s hnh ng nh shutdown hay gi thng bo v ngn khng cho traffic i qua. Gn a ch MAC tnh trn port ca switch: SW(config)# interface f0/1 SW(config)# switchport mode access SW(config)# switchport access vlan < number> SW(config-if)# switchport port-security SW(config-if)# switchport port-security mac-address < MAC> SW(config-if)# switchport port-security violation [ restrict | protect |shutdown ] SW(config-if)# switchport spanning-tree portfast
7/4/2013
Edulab.com.vn
76
5.2) PORT SECURITY.

Ch : 1. Nhng option trong cch hnh x nh sau:
shutdown: nu PC c MAC l cm vo th s shutdown interface ny. Restrict: nu PC c MAC l cm vo th gi SNMP n syslog thng bo v s vi phm ny, interface vn up nhng tt c packets vi MAC source ny n s drop. Protect: ging nh Restrict nhng khng c gi tn hiu SNMP.
2. Mt khi trin khai gn MAC tnh th entry ny s tn ti c nh trong bng CAM.

7/4/2013
Edulab.com.vn
77
5.2) PORT SECURITY.

-- Trin khai hc MAC ng trn port ca switch: SW(config)# interface f0/1 SW(config)# switchport mode access SW(config)# switchport access vlan < number> SW(config-if)# switchport port-security SW(config)# switchport port-security maximum < number> ( default switch ch hc mt MAC u tin nu ta khng khai bo cu lnh ny ). SW(config-if)# switchport port-security mac-address sticky SW(config-if)# switchport port-security violation [ restrict | protect |shutdown ] SW(config-if)# switchport spanning-tree portfast
Switch#show port-security interface fastethernet 5/1 Port Security: Enabled Port status: SecureUp Violation mode: Shutdown Maximum MAC Addresses: 11 Total MAC Addresses: 11 Configured MAC Addresses: 3 Aging time: 20 mins Aging type: Inactivity SecureStatic address aging: Enabled Edulab.com.vn Security Violation count: 0
7/4/2013
78
5.3) VLAN, TRUNK, DTP, VTP, interVlan Routing

VLAN:
Thng tin vlan c lu trong flash hay cn gi l vlan.dat. Mi vlan l mt broadcast domain.
7/4/2013
Edulab.com.vn
79
VLAN
7/4/2013
Edulab.com.vn
80
TRUNK
L ni m cho php nhiu packet thuc cc VLAN khc nhau c th truyn qua.
Default tt c cc VLAN c truyn qua ng trunk.

7/4/2013
Edulab.com.vn
81
TRUNK - 802.1q
802.1Q: l chun ca IEEE, kiu ng gi ny c dng trn tt c cc thit b switch. c im:
Thm 4 bytes vo frame ban u. i vi native VLAN s khng tag 4bytes vo frame nay.
7/4/2013
Edulab.com.vn
82
7/4/2013
Edulab.com.vn
83
TRUNK - ISL
L kiu ng gi ca cisco c im:
Thm 30 bytes vo frame truyn i, trong bao gm 26 bytes header v 4 bytes trailer ( CRC ). Khng c native VLAN.
7/4/2013
Edulab.com.vn
84
TRUNK - ISL
7/4/2013
Edulab.com.vn
85
DTP
DTP: L giao thc c gng tm xem pha u xa ca kt ni c mun hnh thnh trunk hay khng, DTP hot ng da trn cc ch nh ngha ca mt interface, default cc thit b cisco dng ch desirable. Mt s ch trn interface ca switch:
desirable mode: gi ra thng ip DTP mong mun u xa thit lp trunk vi n. Auto mode: khng yu cu trunk n u xa nhng khi c u xa mi thit lp th bt ln trunk. Trunk mode: Lun lun trunk pha ny ca kt ni, dng DTP gip thit b u xa chn la trunk. Access mode: khng bao gi tr thnh trunk.
7/4/2013
Edulab.com.vn
86
DTP
Dynamic Auto Dynamic Auto Dynamic Desirable Trunk Access Access Trunk Trunk Access Dynamic Desirable Trunk Trunk Trunk Access Trunk Trunk Trunk Trunk Not recommended Access Access Access Not recommended Access
7/4/2013
Edulab.com.vn
87
VTP
VTP: Gi thng tin cp nht ra tt c cc kt ni trunk ( ISL hoc Dot1q). iu kin cho cc switch trao i thng tin cp nht:
Cc switch phi cng VTP domain. Cc switch phi cng VTP password ( nu c).
Cc VTP mode:
VTP mode server: c th to xa thng tin vlan. VTP mode client: khng th to xa thng tin vlan. VTP mode transparent: c th to xa thng tin VLAN nh ch din ra cc b ca switch. ( Lu NVRAM ).
Ch : i vi client v server th ci no c thng s revision number ln hn th cc switch trong cng domain s hc thng tin t switch ny.
7/4/2013
Edulab.com.vn
88
Interrouting VLAN:
interface fastethernet 0/0.1 encapsulation dot1q 1 ip address 10.1.1.1 255.255.255.0 interface fastethernet 0/0.2 ip address 10.2.2.1 255.255.255.0 encapsulation dot1q 2
7/4/2013
Edulab.com.vn
89
5.4) SPANNING TREE

Hot ng layer 2 ca m hnh OSI. Nguyn nhn a ra STP: s dng trong m hnh redundant nhng khi xy dng m hnh ny n b mt s hin tng:
Broadcast storm: v d mt my gi tn hiu broadcast ( xin DHCP, NICs b li..) lm trn ngp ng truyn. Khng n nh bng MAC
7/4/2013
Edulab.com.vn
90
Khng n nh bng MAC
My X gi mt tn hiu unknown unicast ( unicast m c destination trong bng CAM ). Th sw A s flood ra tt c cc port, y sw s forward qua hai port. i vi port thuc segment 1 th sw B hc a ch mac X qua port ny, tng t sw A gi ra port thuc segment 2 th sw B cng hc qua port thuc segment ny v xa i entry m n hc c t segment 1. Qa trnh ny c din ra nh vy lm cho bng CAM ca ta khng n nh.
7/4/2013
Edulab.com.vn
91
Nguyn nhn a ra STP

Multiple copy:
My X gi mt frame unicast n router Y, do mac Y cha c trong bng MAC ca 2 switch nn ti router Y s nhn 2 frame ging nhau n t 2 switch.
7/4/2013
Edulab.com.vn
92
Gii thch BPDU ( hello )

BPDU: gi tin ny bao gm mt s trng nh sau: (gi 2s/ln):
Root brigde ID: ch ra switch no ang lm root brigde. Brigde ID: bao gm 8 bytes, trong 2 byte u l trng priority + 6 bytes l trng MAC ca switch. senders brigde ID: trng ny ch ra switch ca mnh. path cost: cho bit cost i n root brigde. timer value: bao gm hello timer, Max age, Forward delay.
7/4/2013
Edulab.com.vn
93
Gii thch hot ng ca Spanning-tree

Cc switch s tin hnh bu chn root brigde ( tt c switch u gi BPDU v cho mnh l root brigde ).
priority ( min ). Mac address ( min ).
path cost: n root brigde l min. ( Thuc BW trn tng cng ). senders brigde ID ( switch c mac min ). Senders port ID ( port no cng nh cng tt ).
Bu chn Root Port ( trn tt c non-root brigde ): ng i n root brigde l ngn nht

Bu chn Designated-Port: bu chn DP u tin nhng segment c RP. Sau nhng segment cn li m cha bu chn s tin hnh chn ra DP.
path cost. senders brigde ID
Bu chn Non-Designated Port: port cn li l non-DP.
7/4/2013
Edulab.com.vn
94
7/4/2013
Edulab.com.vn
95
7/4/2013
Edulab.com.vn
96

Root brigde: L switch m mi traffic u i qua n. Designated port: l port s gi BPDU ( Brigde Protocol Data Unit ) Root port: l port m thng qua n switch s i n root brigde vi cost nh nht ). Port blocking ( non-designated port ): l port vn nhn BPDU nhng khng forward frame.
7/4/2013
Edulab.com.vn
97
Trng thi ca port khi hot ng spanning-tree
7/4/2013
Edulab.com.vn
98
PORT STATE
Blocking : ti trng thi ny th switch s khng forward frame nhng vn nhn BPDU. Listening: nhn BPDU, nhng khng hc a ch MAC v khng send v thu frame. Learning: interface cng s khng forward frame nhng lc ny switch s bt u hc a ch MAC. Forwarding: hc v forward frame.
7/4/2013
Edulab.com.vn
99
5.5) RAPID SPANNING-TREE ( RSPT)

RSPT: Hot ng ging nh SPT truyn thng nhng tc hi t ca n nhanh hn. Vai tr ca mt s port:
Root port. Designated port. Alternated port: ging nh blocking port trong SPT. Backup port: l mt cng kt ni trn 1 segment vi 1 cng khc, nhng cng kia l DP cho phn on mng ny. Cng Backup s thay th khi no DP b s c.
Edulab.com.vn
100
7/4/2013
7/4/2013
Edulab.com.vn
101

Cc trng thi switch port s tri qua:
Discarding. Learning. Forwarding.
point-to-point : kt ni gia hai switch vi nhau. Shared: kt ni mt switch vi mt hub. Egde: kt ni vi thit b ca ngi dng u cui. ( ging nh portfast).
102
Cc kiu kt ni trong RSPT:

7/4/2013
Edulab.com.vn
5.4) SPANNING TREE

Mt s lnh kim tra:
SW# show spanning-tree: Kim tra xem switch ca mnh c phi l root brigde khng, trng thi cc port ang tham gia l g ( blocking, designated, root port). SW# show vlan : kim tra xem trn switch c bao nhiu vlan, port no thuc vlan no. SW# show vtp status: kim tra xem switch ang c cu hnh mode no, s revision l bao nhiu. SW# show interface trunk : kim tra xem interface c cu hnh trunk.
7/4/2013
Edulab.com.vn
103
5. SWITCH
7/4/2013
Edulab.com.vn
104
5. SWITCH
7/4/2013
Edulab.com.vn
105
5. SWITCH
7/4/2013
Edulab.com.vn
106
5. SWITCH
7/4/2013
Edulab.com.vn
107
5. SWITCH
Switch c bn, port security: 2, 15, 27, 34, 92, 105, 116, 147, 166,176, 202, 304, 306, 312, 318, 330, 346, 375, 384, 386, 388. VLAN, Trunk, VTP, Interrouting VLAN: 10, 24, 30, 44, 49, 53, 62, 91, 108, 112, 115, 127, 136, 148, 153, 157, 159, 180, 186, 212, 225, 229,236, 269, 283, 301, 302, 308, 321, 353, 354, 355, 356, 373,399,400,401. STP:17, 33, 39, 57, 79, 88, 111, 188, 192, 238, 292, 309, 313, 319, 328, 352, 378, 385, 389.
7/4/2013
Edulab.com.vn
108
6. ROUTING
6.1) TNG QUAN V ROUTING V STATIC ROUTE. 6.2) RIP (ROUTING INFORMATION PROTOCOL) 6.3) EIGRP 6.4) OSPF
7/4/2013
Edulab.com.vn
109
6.1) TNG QUAN V ROUTING V STATIC ROUTE.
7/4/2013
Edulab.com.vn
110
STATIC ROUTE
Static route
R(config)# ip route < network > SM [ip next-hop |outbound ] < AD >.
Default-route:
Rt gn bn nh tuyn. c s dng khi trong bng nh tuyn ca router khng c thng tin ca mt network no .
R( config)# ip route 0.0.0.0 0.0.0.0 [ ip next-hop | outbound ]
Edulab.com.vn
111
7/4/2013
6.2) RIP (ROUTING INFORMATION PROTOCOL)

RIP:
AD = 120. Kiu distance vector. Trao i thng tin nh k 30s. Metric tnh bng hop count.
7/4/2013
Edulab.com.vn
112
7/4/2013
Edulab.com.vn
113
6.2) RIP (ROUTING INFORMATION PROTOCOL)

Mt s im khc nhau gia RIPv1 v RIPv2: RIPv1 nh tuyn theo lp a ch. Khng gi thng tin v subnet-mask trong thng tin nh tuyn. Khng h tr VLSM. V vy tt c cc mng trong h thng RIPv1 phi cng subnet mask. Khng c c ch xc minh thng tin nh tuyn. Gi qun b theo a ch 255.255.255.255 RIPv2 nh tuyn khng theo lp a ch. C gi thng tin v subnet mask trong thng tin nh tuyn. C h tr VLSM. Nn cc mng trong h thng RIPv2 c th c chiu di subnet mask khc nhau. C c ch xc minh thng tin nh tuyn. Gi qun b theo a ch 224.0.0.9 nn hiu qu hn.
Edulab.com.vn
7/4/2013
114
CU HNH
R(config)# router rip R(config-router)#version 1|2 R(config-router)# network < major-network> R(config-router)# no auto-summary
7/4/2013
Edulab.com.vn
115
MT S PHNG PHP CHNG LOOP

- Split horizon. - Route posioning. ( gi metric = infinity) - Posion reverse ( phn hi li khi nhn Route posioning). - Holdown timer. - Trigger update.
7/4/2013
Edulab.com.vn
116
7/4/2013
Edulab.com.vn
117
7/4/2013
Edulab.com.vn
118
7/4/2013
Edulab.com.vn
119
7/4/2013
Edulab.com.vn
120
7/4/2013
Edulab.com.vn
121
7/4/2013
Edulab.com.vn
122
6.3) EIGRP
AD = 90. Mang nhiu c tnh ca Distance vertor. Hi tu nhanh. H tr VLSM. H tr mng gin on. Trao i thng tin nh tuyn a ch multicast 224.0.0.10 Metric = ( 10^7/BW (min) + tng delay ).256.
7/4/2013
Edulab.com.vn
123
Mt s khi nim
FD ( Feasible Distance): l metric tt nht do router tnh ton i n mt network no . AD ( Advertised Distance ): l metric tt nht m c neighbor thng bo li cho router ca ta. Successor route: l thng tin nh tuyn i n mt network X no vi metric tt nht = FD. c lu Topology database v routing table. Feasible successor route: l thng tin nh tuyn i n mt network X no vi metric > FD, nhng vi iu kin AD < FD. c lu trong Topology table.
7/4/2013
Edulab.com.vn
124
CU HNH
R(config)# router eigrp < AS-number> R(config-router)# network < major-network> R(config-router)# no auto-summary
7/4/2013
Edulab.com.vn
125
HOT NG
Hot ng:
trao i hello thit lp neighbor. ( RAM) Nu > T1=1.544MB/s: 5s. Nu < = T1: 60s. Lu vo neighbor table. Trao i thng tin nh tuyn vi nhau lu tt c vo topology table ( RAM). s dng thut ton DUAL: router tt nht c lu vo routing table. ( RAM).
vi cost bng nhau. vi cost khng bng nhau: s dng thng s variance. Variance > FS/FD.
Edulab.com.vn
126
Cn bng ti:

7/4/2013
7/4/2013
Edulab.com.vn
127
7/4/2013
Edulab.com.vn
128
7/4/2013
Edulab.com.vn
129
7/4/2013
Edulab.com.vn
130
6.4) OSPF
AD = 110. Cost = 108 / BW. L giao thc Link-state. Hi t nhanh. S dng a ch muticast 224.0.0.5 trao i t DR v BDR n cc router khc. 224.0.0.6: t cc router khc n DR v BDR.
7/4/2013
Edulab.com.vn
131
7/4/2013
Edulab.com.vn
132
6.4) OSPF
7/4/2013
Edulab.com.vn
133
7/4/2013
Edulab.com.vn
134
7/4/2013
Edulab.com.vn
135
6.4) OSPF
Area type. Chn Router ID:
IP loopback cao nht ( logical interface ). IP interface vt l cao nht ( nu khng c int loopback).
Qu trnh bu chn DR v BDR ( trong mi trng broadcast mutiaccess v non-broadcast multiaccess ).

chn 1 router no lm DR trong mng ta c th thc hin nh sau: Thay i priority trn interface ca router m n tham gia vo segment vi thng s l cao nht. Hoc thay i priority trn interface ca nhng router trn segment vi gi tr bng 0. Cu hnh interface loopback trn router vi IP address l ln nht.
Edulab.com.vn
136
7/4/2013
7/4/2013
Edulab.com.vn
137
6.4) OSPF
Yu cu 2 router c th thit lp c quan h neighbors:

Cng area. Cng thi gian hello-interval v Dead timer.
7/4/2013
Edulab.com.vn
138
CU HNH
R(config)# router ospf < process-id> R(config-router)# network < network> WC area < area-number>.
Trong :
process-id l thng s cc b trn mi router chy OSPF. Mi mt process-id l mt i tng duy nht trong database.
7/4/2013
Edulab.com.vn
139
6. ROUTING
7/4/2013
Edulab.com.vn
140
6. ROUTING
7/4/2013
Edulab.com.vn
141
6. ROUTING
7/4/2013
Edulab.com.vn
142
6. ROUTING
7/4/2013
Edulab.com.vn
143
7/4/2013
Edulab.com.vn
144
7/4/2013
Edulab.com.vn
145
7/4/2013
Edulab.com.vn
146
6. ROUTING
C s nh tuyn, static route, default route: 70, 75, 76, 80, 82, 85, 89, 95, 124, 126, 137, 167, 179, 199, 216, 231, 245, 254, 307, 336. RIP: 36, 46, 55, 65, 144, 155, 211, 256, 273, 275, 281, 329, 340, 382. OSPF:20, 61, 72, 113, 120, 122, 131, 170, 255, 266, 267, 270, 280, 332. EIGRP:97, 174, 185, 187, 191, 214, 233, 257, 261, 357,396,398
7/4/2013
Edulab.com.vn
147
7. ACLS & NAT

7.1) ACLs (ACCESS-LIST ) 7.2) NAT (NETWORK ADDRESS TRANSLATION ).
7/4/2013
Edulab.com.vn
148
7.1) ACLs
STANDARD ACCESS-LIST:
7/4/2013
Edulab.com.vn
149
7.1.1)STANDARD ACCESS-LIST:
Cu lnh:
( config)# access-list < 1-99> [ permit| deny] < IP-source> <Wildcard mask>. Trng hp: ch c 1 host th: (config)# access-list <1 99> [ permit | deny ] [ IP 0.0.0.0 hoc host IP ] Trng hp : a ch l any T kha any c thay cho 255.255.255.255 255.255.255.255
Apply ACL:
i vi: traffic bnh thng ( ping ) (config)# interface < tn cng> ( config-if)# ip access-list < access-list-number> [ in| out]. i vi: dng cho traffic telnet (config)# line vty 0 4 (config-line)# ip access-class < access-list-number> [ in|out].
Ch :
7/4/2013 Standard ACL s p gn destination ca packet. ACL n s khng kim tra i vi traffic xut pht t chnh router.
Edulab.com.vn
150
7.1.2) EXTENDED ACLs

Cu hnh:
R(config)# access-list < 100 199 > [ permit | deny ] protocol IP-source WildCard IPdestination WC [ eq ] < Application-port > V d : Vit access-list cho ping:
R(config)# access-list 100 [ permit | deny ] icmp IPsource WC IP-destination WildCard echo
7/4/2013
Edulab.com.vn
151
7.1.2) EXTENDED ACLs

Ch : EXTENDED ACL p ti source
7/4/2013
Edulab.com.vn
152
7.1) ACLs
7/4/2013
Edulab.com.vn
153
7.1) ACLs
7/4/2013
Edulab.com.vn
154
7.2) NAT
7/4/2013
Edulab.com.vn
155
7.2) NAT
Inside local
Outside local
Inside global
Outside global
Cu hnh Ch default-route. S dng cu lnh nat. p vo interface. S dng access-list ch ra IP private no s c NAT.
7/4/2013
Edulab.com.vn
156
7.2.1)STATIC NAT
nh x i ch : 1:1 Mc ch: dng nh x mt a ch private vi mt a ch public.
interface s0 ip address 192.168.1.1 255.255.255.0 ip nat outside ! interface e0 ip address 10.1.1.1 255.255.255.0 ip nat inside ! ip nat inside source static 10.1.1.2 192.168.1.2
7/4/2013
Edulab.com.vn
157
7.2.1)DYNAMIC NAT
S dng pool cho INSIDE GLOBLE dng cho IP private. Ta c kiu NAT ny cng l nh x 1:1.
7/4/2013
Edulab.com.vn
158
7.2.1) NAT Overload (PAT)

nh x theo kiu n:1.
hostname RouterX ! interface Ethernet0 ip address 192.168.3.1 255.255.255.0 ip nat inside ! interface Ethernet1 ip address 192.168.4.1 255.255.255.0 ip nat inside ! interface Serial0 description To ISP ip address 172.17.38.1 255.255.255.0 ip nat outside ! ip nat inside source list 1 interface Serial0 overload ! ip route 0.0.0.0 0.0.0.0 Serial0 ! access-list 1 permit 192.168.3.0 0.0.0.255 access-list 1 permit 192.168.4.0 0.0.0.255 !
7/4/2013
Edulab.com.vn
159
7.2) NAT
Cu LAB thi quc t (Q18)
7/4/2013
Edulab.com.vn
160
7.2) NAT
To nat pool:
R(config)# ip nat pool abc 198.18.32.65 198.18.32.70 netmask 255.255.255.248
Thc hin cu lnh nat:

R(config)# ip nat inside source list 1 pool abc overload ( v bi yu cu cho php cho 62 host c th ra internet cng mt lc nn ta dng t kha overload.)
To access-list:
R(config)# access-list 1 permit 192.168.6.64 0.0.0.63
p vo interface:
R(config)# int s0/0 R(config)# ip nat outside R(config)# int f0/0 R(config)# ip nat inside R# copy run start ( nh nh cu lnh ny khi cu hnh xong).
Ch : ta phi show run xem th c default-route hay cha, nu cha c th ta phi config thm.
7/4/2013
Edulab.com.vn
161
7. ACLS & NAT

ACL: 1, 7, 12, 13, 23, 38, 58, 60, 100, 102, 114, 119, 145, 156, 162, 164, 219, 230, 235, 237, 243, 247, 265, 284, 294, 316, 360, 367, 371, 394. NAT: 11, 18, 23, 29, 59, 77, 93, 130, 207, 276, 311, 338, 364, 369.
7/4/2013
Edulab.com.vn
162
8. WAN
8.1) LAYER1. 8.2) LAYER2. 8.3) FRAME RELAY.
7/4/2013
Edulab.com.vn
163
7/4/2013
Edulab.com.vn
164
8.1) LAYER1.
Cable gia CSU/DSU v Telco l RJ-48. WAN circuit t nh cung cp dich v c th c mt hoc nhiu tc c nh ngha trc. tc ny thng quy vo: clock rate, bandwith, link speed. Khch hng khi t mt mch kt ni v s xc nh mt tc c th, khi telco s install circuit m hot ng ti tc ny. Thm na, customer phi cu hnh CSU/DSU ti mi u cui cho match vi tc nh ngha.
7/4/2013 165
Edulab.com.vn
8.1) LAYER1.
Synchronization c thu gia 2 CSU/DSU trn lease line bng cch c mt CSU/DSU ( slave ) iu chnh clock rate cho tng thch CSU/DSU ( master ) TELCO cung cp thng tin v clock n CSU/DSU trn c s truyn tn hiu in trn mch. Hai CSU/DSU phi iu chnh tc match clock signal t TELCO. Tip CSU/DSU cung cp clocking signal n router tc ng n router, gi v thu d liu chnh xc. V vy t gc nhn router th CSU/DSU c xem l clocking ca link. Thit b m cung cp clocking ( in hnh CSU/DSU ) l Data Communication Equipment ( DCE), thit b m thu clocking ( in hnh Router ) l Data Terminal Equipment ( DTE ).
7/4/2013
Edulab.com.vn
166
8.2) LAYER2.
WAN protocol trn kt ni point-to-point cung cp tnh nng c bn l phn phi data qua mt link. C hai giao thc chnh l High-Level Data Link Control ( HDLC) v Point-to-Point Protocol ( PPP ).
7/4/2013
Edulab.com.vn
167
HDLC
HDLC ( Ca cisco ): tng i n gin, trin khai trong mt phm vi nh m khng cn xc thc. HDLC cn thit xc nh nu data i qua link khi khng li, nu khng th frame s b discard.
7/4/2013
Edulab.com.vn
168
PPP
Point-To-Point Protocol ( PPP ): l chun chung cho nhiu hng. Mt s kiu kt ni point-to-point s dng trong PPP:
Lease line ( digital line). Packet Switch ( chuyn mch o): cc VC c to ra trong FR. Circuit Switch ( chuyn mch mch ): dng trong nhng ng quay s nh ISDN. Broadband: s dng trong DSL: PPPoE, PPPoA.
7/4/2013
Edulab.com.vn
169
PPP
PPP nh ngha ra mt thng ip iu khin layer 2 ( LCP: Link Control Protocol ). Tnh nng iu khin ny ri vo 2 c tnh sau:
LCP l giao thc iu khin trn link, hot ng layer 2. NCP ( Network Control Protocol): mang thng tin ca nhiu giao thc chy qua link.
V d :
IPCP mang thng tin ca IP chy qua link. IPXCP mang thng tin ca IPX chy qua link.
7/4/2013
Edulab.com.vn
170
LINK CONTROL PROTOCOL ( LCP ):

error detection ( Quality of link ): o s packet gi ra v s packet b li ( ly t s ) nu vt qua ngng cho php th shutdown cng. looped link detection: LCP c s dng, cha thng s magic number. Router s trao i LCP massage thay v keepalive qua link. Nu nh c loop xy ra th router s nhn thng s magic number ca chnh n. PPP multilink: cung cp load-balancing qua nhiu ng song song.
Edulab.com.vn
171
7/4/2013
PPP Authentication
PAP: gi username/password dng plaintext. S dung username ca u ny l hostname ca u kia v ngc li. Khi bt u quay s th router s gi username v password cho u xa, ti u xa n s kim tra username v password nu ng l thnh cng. V ngc li.
7/4/2013
Edulab.com.vn
172
PPP Authentication
CHAP: Theo nguyn tc username ca R1 l hostname of R2.
Hot ng: R1 quay s th n s gi hostname ca n cho R2 ng thi dng thut ton hash username v password nhng ch gi username cho R2. tai R2 s tm username m ging vi hostname nhn c v s hash gi li cho R1. R1 nhn password v so sanh vi pass m no hash nu ng th thnh cng. Ta cng c th dng: ppp chap hostname <>: cho R gi hostname ny i ( trong trng hp 2 u cu hnh username va hostname khc nhau
7/4/2013
Edulab.com.vn
173
7/4/2013
Edulab.com.vn
174
7/4/2013
Edulab.com.vn
175
7/4/2013
Edulab.com.vn
176
7/4/2013
Edulab.com.vn
177
7/4/2013
Edulab.com.vn
178
8.3) FRAME RELAY.

Mt ng lun l truyn thng gia 2 DTE c gi l Virtual Circuits ( VC ). Khi VC c cu hnh cc thng s th c gi la nhng Permanent Virtual Circuit ( PVC ). ng gi c thc hin ti DTE
7/4/2013
Edulab.com.vn
179
LMI

L tn hiu duy tr v qun l kt ni. Tn hiu ny c gi tr cc b trn kt ni gia router DTE v frame-relay DCE. C 3 loi tn hiu:
Cisco. Ansi. Q933a.
7/4/2013
Edulab.com.vn
180
a ch layer 2
S dng thng s DLCI ( Data-link circuit identifier ). V DLCI c gi tr cc b trn mi PVCs nn ga tr ny c th ging nhau cc PVCs ( v d nh ti nhng Spoke router th gi tr DLCI c th trng nhau ).
7/4/2013
Edulab.com.vn
181
7/4/2013
Edulab.com.vn
182
7/4/2013
Edulab.com.vn
183
7/4/2013
Edulab.com.vn
184
Cc loi m hnh s dng trong FR

L mi trng Non-Broadcast Multiaccess ( NBMA). Hub-and-Spoke. Partial Mesh. Full-Mesh.
7/4/2013
Edulab.com.vn
185
7/4/2013
Edulab.com.vn
186
Mt s kiu khai bo trn interface

Khi ta cho php mt s giao thc nh tuyn chy trn FR, chng hn nh Distance Vector th ta s gp phi vn ca distance vector gy ra, l split-horizon ( trong m hnh Hub-and-Spoke ). gii quyt vn ny ta s chia sub-interface trn interface ca Hub router.
Interface point-to-point:
mi PVC l mt subnet. p dng trong m hnh hub-and-spoke. gii quyt c hin tng split-horizon. cc PVC cng thuc mt subnet. b hin tng split-horizon.
Edulab.com.vn
187
Interface multipoint:

7/4/2013
Cu hnh trn router DTE

R(config)# interface f0/0 [ point-to-point | point-to-multipoint] R( config-subif)# encapsulation frame-relay [ ietf] ( ietf : c s dng khi encapsulation gia 1 router cisco v non-cisco ). R(config-subif)# ip address < IP > R(config-subif)# frame-relay lmi-type [ cisco | ansi | q933a ] R(config-subif)# frame-relay map < IP_remote> < DLCI of mnh > broadcast R(config-subif)# no shut
Ch khi map tnh th c ch inverse ARP t ng b disable. Khi mt thit b cisco v mt thit b non-cisco kt ni vi nhau qua FR nu ta gi tr encapsulation default th chng s khng chy v khc kiu ng gi.
7/4/2013
Edulab.com.vn
188
INVERSE ARP
Giao thc ny t ng map gia a ch layer 3 vi a ch layer 2 ( DLCI ). Tuy nhin giao thc ny ch hot ng khi:
m hnh full-mesh. Sau khi VC up ( tc cu hnh cc thng s gia 2 u DTE v DCE thch hp).
7/4/2013
Edulab.com.vn
189
+ Nh vy gi inverse ARP bao gm : IP source + DLCI source. Khi PVC up, th router s gi gi inverse ARP ra tt c cc interface m n kt ni vi frame-relay switch. + Inverse ARP c bt bi default. Mt s vn : + point-to-point interface: inverse ARP khng yu cu. bi v ch c 1 destination nn discovery l khng cn thit. ( do ta ch cn s dng command frame-relay interface-dlci ) + Khi dynamic map th router n s map IP ca next-hop vi DLCI ca n. default inverse ARP enable nhng khi thc hin map tnh th Inverse ARP s b disable. + Tn hiu LMI ( Giao thc ca tn hiu LMI )c trin khai dng trao i keepalive v qun l thng tin chng hn detection li, kim tra kt ni ca nhng PVC. + Tn hiu LMI c gi bi 10s ( default)
7/4/2013
Edulab.com.vn
190
7/4/2013
Edulab.com.vn
191
7/4/2013
Edulab.com.vn
192
7/4/2013
Edulab.com.vn
193
iu khin tc v discard trong m my frame-relay:

Khi link access c tc l T1 trong khi hp ng ng k vi nh cung cp dch v ch c 128k ( CIR), nu nh data truyn qua link ny ln hn tc cung cp th c nghn xy ra, khi trong phn header ca frame s s dng 3 bit thng bo c s mismatch v tc .
FECN ( Forward Explicit Congestion Notification) BECN ( Backward Explicit Congestion Notification ). DN ( Discard Egilibility)
7/4/2013
Edulab.com.vn
194
Troubleshoot Frame-relay Connnectivity

# show frame-relay lmi: xem thng s lmi trn mi access link. # show frame-relay pvc: sau khi xc nhn thng s dlci match vi ISP th kim tra li ng nh vy hay ko ( dlci ca router ang show ). Ti lnh ny ta c th thy c mc PVC Status nh sau: Nu PVC Status = ACTIVE: pvc ny hot ng v traffic c th pass. PVC Status = INACTIVE: Kt ni local n frame-relay hot ng nhng kt ni remote router khng hot ng. PVC Status = DELETED: h ti router ca ta, do ko thu c LMI, cng c th c vn vt l.
RouterX# show frame-relay pvc 100 PVC Statistics for interface Serial0 (Frame Relay DTE) DLCI = 100, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0 input pkts 28 output pkts 10 in bytes 8398 out bytes 1198 dropped pkts 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 10 out bcast bytes 1198 pvc create time 00:03:46, last time pvc status changed 00:03:47
7/4/2013
Edulab.com.vn
195

Hin th thng tin v DLCI, LMI-TYPE, IP
RouterX# show interfaces s0
Serial0 is up, line protocol is up

Hardware is HD64570 Internet address is 10.140.1.2/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation FRAME-RELAY, loopback not set, keepalive set (10 sec) LMI enq sent 19, LMI stat recvd 20, LMI upd recvd 0, DTE LMI up LMI enq recvd 0, LMI stat sent 0, LMI upd sent 0 LMI DLCI 1023 LMI type is CISCO frame relay DTE FR SVC disabled, LAPF state down Broadcast queue 0/64, broadcasts sent/dropped 8/0, interface broadcasts 5 Last input 00:00:02, output 00:00:02, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops <Output omitted>
7/4/2013
Edulab.com.vn
196

Hin th thng tin v LMI-TYPE l g
RouterX# show frame-relay lmi LMI Statistics for interface Serial0 (Frame Relay DTE) LMI TYPE = CISCO Invalid Unnumbered info 0 Invalid Prot Disc 0 Invalid dummy Call Ref 0 Invalid Msg Type 0 Invalid Status Message 0 Invalid Lock Shift 0 Invalid Information ID 0 Invalid Report IE Len 0 Invalid Report Request 0 Invalid Keep IE Len 0 Num Status Enq. Sent 113100 Num Status msgs Rcvd 113100 Num Update Status Rcvd 0 Num Status Timeouts 0
7/4/2013
Edulab.com.vn
197

Hin th thng tin ca mi PVC
RouterX# show frame-relay pvc 100 PVC Statistics for interface Serial0 (Frame Relay DTE) DLCI = 100, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0 input pkts 28 output pkts 10 in bytes 8398 out bytes 1198 dropped pkts 0 in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 out BECN pkts 0 in DE pkts 0 out DE pkts 0 out bcast pkts 10 out bcast bytes 1198 pvc create time 00:03:46, last time pvc status changed 00:03:47
7/4/2013
Edulab.com.vn
198

Hin th thng tin map ti mi entry
7/4/2013
Edulab.com.vn
199
8. WAN
7/4/2013
Edulab.com.vn
200
8. WAN
7/4/2013
Edulab.com.vn
201
8. WAN
Frame relay: 5, 23, 63, 67, 74, 134, 140, 168, 203, 217, 259, 305, 342, 343, 344, 345, 358,361, 374, 377, 393. PPP: 73, 132, 198, 204, 209. WAN: 94,96,215,221,223,224(ging 221)
7/4/2013
Edulab.com.vn
202
9. DHCP-WIRELESS-IPV6
9.1) DHCP (DYNAMIC HOST CONFIGURATION PROTOCOL ) 9.2) WIRELESS. 9.3) IPv6.
7/4/2013
Edulab.com.vn
203
9.1) DHCP
Hot ng :
7/4/2013
Edulab.com.vn
204
9.1) DHCP
Cu hnh dhcp:
R( config)# service dhcp : enable DHCP. R(config)# ip dhcp pool < pool-name> : to pool-name. R(config-if)# network network-id : Ch ra mt network server cp IP. R(config-if)# default-router < IP > : Dng cp Defaultgateway cho cc client v server cng s da vo thng s ny m cp nhng network ng cho cc LAN. R(config-if)# dns-server < Ip dns-server > : cp ip dns-server cho cc client. R(config)# ip dhcp excluded-address < IP >: nhng IP no c khai bo trong cu lnh ny th server s khng cp cho cc client.
7/4/2013
Edulab.com.vn
205
9.2) WIRELESS.
- Cc chun Wireless: 802.11a, 802.11b, 802.11g.
7/4/2013
Edulab.com.vn
206
Ch :
802.11b: Gm c 11 knh ( t 1-11) trong c 3 knh khng overlap 1,6,11.
rng ca mi knh l 22MHz. Khong cch mi gia 2 knh lin tip: 5MHz.
802.11a: Gm 23 knh trong c khong 12 knh khng overlap. 802.11g: Gm 11 knh trong c 3 knh khng overlap.
7/4/2013
Edulab.com.vn
207
Cc m hnh wireless
+ IBSS (adhoc): Cc PC trao i d liu vi nhau. Khng c s tham gia ca access-point. +BSS:C mt access-point. +ESS: c t 2 access-Point tr ln, mi AP phi thuc 1 knh ring trnh nhiu
7/4/2013
Edulab.com.vn
208
Cc m hnh wireless
7/4/2013
Edulab.com.vn
209
Cc thng s c bn khi cu hnh access-point

SSID, Knh RF (RF channel), Phng php xc thc, m ha (authentication method).
Nu SSID khng c pht broadcast, client mun truy nhp khng dy phi t cu hnh SSID khp vi SSID ca access-point.
7/4/2013
Edulab.com.vn
210
Cc chun bo mt cho wireless

+ WEP: dng pre-shared key (PSK) tnh xc thc truy nhp v m ha d liu. M ha bng thut ton WEP. +WPA:
Xc thc truy nhp: dng PSK hoc server xc thc truy nhp vi 802.1x. M ha d liu: s dng thut ton TKIP vi key ng thay i theo tng gi
+WPA2:
Xc thc truy nhp: ging WPA M ha d liu: s dng thut ton AES.
7/4/2013
Edulab.com.vn
211
Cc chun bo mt cho wireless
7/4/2013
Edulab.com.vn
212
Mt s lu
- Nhiu vt l thng l do: cordless phone, b mt kim loi ( metal file cabinet), kiu v chiu ca anten (antenna type or direction), l vi sng (microwave oven). - Trong m hnh ESS: iu kin c th roaming l vng chng lp che ph (overlap) gia hai access-point phi t 10% tr xung v cc knh RF ca hai access-point khng chng ln nhau.
7/4/2013
Edulab.com.vn
213
Security:
Cc kiu tn cng: DoS (Denial of Service), reconnaisance (do thm), Trojan horse, virus, worm,. Bo v file cu hnh khi cc truy nhp bn ngoi bng cch s dng SSH, firewall. Cc thit b security: IDS, IPS. Trong cc bin php ca mt chin lc bo mt ton din, bo mt v mt vt l (physical secure) l mt bin php quan trng.
7/4/2013
Edulab.com.vn
214
IPv6
IP version 6 (IPv6) was developed to overcome the limitations of the current standard, IP version 4 (IPv4). IPv4 allows end systems to communicate and forms the foundation of the Internet as we know it today. However, one of the major shortcomings of IPv4 is its limited amount of address space. The explosion of new IP-enabled devices and the growth of undeveloped regions have fueled the need for more addresses. In the United States, the Department of Defense (DoD) is a primary driver for the adoption of IPv6.
7/4/2013
Edulab.com.vn
215
Introducing IPv6
IP version 6 (IPv6) combines expanded addressing with a more efficient and feature-rich header to meet the demands for scalable networks in the future. One key benefit is that IPv6 can recreate end-toend communications without the need for Network Address Translation (NAT) Cisco Systems currently supports IPv6 in Cisco IOS Software Release 12.2(2)T and later.
7/4/2013
Edulab.com.vn
216
IPv6 Features
7/4/2013
Edulab.com.vn
217
Large Address Space
7/4/2013
Edulab.com.vn
218
IPv6 routers do not perform fragmentation. Instead, a discovery process determines the optimum maximum transmission unit (MTU) to use during a given session. Link-layer technologies already perform checksum and error control. Because link-layer technologies are relatively reliable, an IP header checksum is considered to be redundant.
7/4/2013
Edulab.com.vn
219
Comparing IPv4 and IPv6 Headers Traffic class: ToS
Payload Length Next Header: Tcp, Udp Hop Limit: TTL No Checksum
Flow Label: 20-bit field that allows a particular flow of traffic to be labeled. It can be used for multilayer switching techniques and faster packet-switching performance. Extension Headers: Follows the previous eight fields. The number of extension headers is not fixed, so the total length of the extension header chain is variable.
7/4/2013
Edulab.com.vn
220
Extension Header
Extension Header
7/4/2013
Edulab.com.vn
221
Defining Address Representation
Leading zeros in a field are optional, so 09C0 = 9C0 and 0000 = 0. Successive fields of zeros can be represented as :: only once in an address. An unspecified address is written as :: because it contains only 7/4/2013 222 zeros. Edulab.com.vn
IPv6 Address types

Unicast address Link local: FE80::/10, Scope is configured to single link. The address is unique only on this link, and it is not routable off the link. (similar to 169.254.x.x private address) Site local: FEC0::/10 (similar to private address) Global: Globally unique, so it can be routed globally with no modification. A global address has an unlimited scope on the worldwide Internet. Packets with global source and destination addresses are routed to their target destination by the routers on the Internet. Multicast address: IPv6 does not have broadcast addresses. The range of multicast addresses in IPv6 is larger than in IPv4. For the foreseeable future, allocation of multicast groups is not being limited. Anycast address: An anycast address identifies a list of devices or nodes; therefore, an anycast address identifies multiple interfaces. A packet sent to an anycast address is delivered to the closest interface, as defined by the routing protocols in use.
Edulab.com.vn
223
7/4/2013
Special Address
7/4/2013
Edulab.com.vn
224
IPv6 Global Unicast and Anycast address
7/4/2013
Global unicast addresses are defined by a global routing prefix, a subnet ID, and an interface ID. The current global unicast address assignment by the Internet Assigned Numbers Authority (IANA) uses the range of addresses that start with binary value 001 (2000::/3), which is one-eighth of the total IPv6 address space and is the largest block of assigned block addresses. Addresses with a prefix of 2000::/3 (001) through E000::/3 (111), with the exception of the FF00::/8 (1111 1111) multicast addresses, are required to have 64-bit interface identifiers in the extended universal identifier (EUI)-64 format. When a unicast address is assigned to more than one interface, thus turning it into an anycast address, the nodes to which the address is assigned must be explicitly configured to use and recognize the anycast address.
Edulab.com.vn
225
IPv6 Global Unicast and Anycast address
7/4/2013
Edulab.com.vn
226
Defining Host Interface Addresses
An IPv6 address has two parts: A subnet prefix representing the network to which the interface is connected. The subnet prefix is a fixed 64-bit length for all current definitions. A local identifier, sometimes called a token, which uniquely identifies the host on the local network. The local identifier is always 64 bits and is dynamically created based on Layer 2 media and encapsulation. In the simple case of an Ethernet medium, the local identifier is usually derived from the EUI-48 MAC address.
Edulab.com.vn
227
7/4/2013
Link Local Address
The address is unique only on this link, and it is not routable off the link. Packets with a link-local destination must stay on the link where they were generated Link-local addresses are dynamically created using a link-local prefix of FE80::/10 and a 64-bit interface identifier in a process called stateless autoconfiguration.
7/4/2013
Edulab.com.vn
228
Stateless Autoconfiguration
Phase 1: MAC 00-0C-29-C2-52-FF -> 00-0C-29-FF-FE-C252-FF Phase 2: well-known link-local prefix fe80::/64 is added -> fe80::00c:29ff:fec2:52ff Phase 3: Verify the addresss uniqueness on the link, called duplicate address detection (DAD). Send ICMPv6. Phase 4: Assigned
7/4/2013
Edulab.com.vn
229
IPv6 Multicast Address
7/4/2013
Edulab.com.vn
230
IPv6 Multicast Address
FF02::1:FFXX:XXXX Solicited-node multicast on link, where XX:XXXX is the rightmost 24 bits of the corresponding unicast or anycast address of the node. (Neighbor solicitation messages are sent on a local link when a node wants to determine the link-layer address of another node on the same local link, similar to Address Resolution Protocol [ARP] in IPv4.)
7/4/2013
Edulab.com.vn
231
Transition From IPv4 To IPv6
7/4/2013
Edulab.com.vn
232
7/4/2013
Edulab.com.vn
233
7/4/2013
Edulab.com.vn
234
7/4/2013
Edulab.com.vn
235
9.3) IPv6
7/4/2013
Edulab.com.vn
236
7/4/2013
Edulab.com.vn
237
7/4/2013
Edulab.com.vn
238
7/4/2013
Edulab.com.vn
239
7/4/2013
Edulab.com.vn
240
Wireless: 3, 6, 19, 71, 99, 110, 139, 154, 169, 182, 220, 232, 249, 253, 262, 263, 268, 334, 362, 365. DHCP: 28, 35, 87, 171, 206, 272, 290, 348, 349, 350, 351. Security: 8, 66, 158, 161, 193, 201, 370.
7/4/2013
Edulab.com.vn
241
Cc cu hi n thi :
DHCP: 28, 35, 87, 171, 206, 272, 290, 348, 349, 350, 351. IPv6: 315,395 Wireless: 3, 6, 19, 71, 99, 110, 139, 154, 169, 182, 220, 232, 249, 253, 262, 263, 268, 334, 362, 365.
7/4/2013
Edulab.com.vn
242
Dng cu hi thi CCNA

Nhn xt chung :
V Cisco khng a ra im c th cho tng cu hi nn buc bn phi han thnh hu ht cu hi mi c th PASS. Cc cu hi : siu cu hi (khang 2 cu), Lab (ti a bn phi lm 3 cu ). Nu khng han thnh khang 50% , bn xem nh FAILED. Nu khng c tm l vng v cha c hng dn nhiu => bn cng c th FAILED
7/4/2013
Edulab.com.vn
243
Thng tin b tr cho vic thi c

Phng thc thi CCNA. Thng tin thi mi nht.
7/4/2013
Edulab.com.vn
244
Phng thc thi CCNA.

Hnh thc thi. Cch thc thi Ni thi
7/4/2013
Edulab.com.vn
245
Hnh thc thi

Mn hc CCNA version 4.0 (640-802) c l ph thi 250$/ln (tnh n thi im 29 -3-2009) + thi CCNA tnh n ngy 29-3-2009 , bao gm 44 cu hi : gm ++++ cc cu LAB, simulation, ++++ cu hi trc nghim mt la chn, nhiu la chn ++++ Cu hi ko th. + 44 cu hi c tng s im l 1000 v iu quan trng l khng c im cho tng cu hi c th m Cisco, chia theo tng ch : (Mt bng im tham kho) V d : Describe how a network works: 42%
Configure, verify and troubleshoot a switch with VLANS and interswitch communications: 50%
Implement an IP addressing scheme and IP Services to meet network requirements in a medium: 66% Configure, verifiy, troubleshoo basic router operation and routing on Cisco devices: 53% Explain and Select the appropriate administrative asks required for WLAN: 100% Identifiy security threats to a network and describe general methods to mitifate: 100% Implement, verify, and troubleshoot NAT and ACL's in a medium-size Enterprise branch office: 25% Implement and verify WAN LINKS: 0% Sau khi chia trung bnh % nhng ch trn , Cisco s nhn vi 1000 a ra s im c th. + iu kh vui l : Nu bn lm sai ht tt c cu hi , thay v c 0 /1000, bn s c 300/1000.
7/4/2013
Edulab.com.vn
246
Cch thc thi

1) Trc khi vo phng thi , bn c phi k ch k in t + c quy ch thi + chp nh. 2) Khi bc vo phng thi , trn ngi bn s khng cn g ngoi : tin, qun o hoc c th khng nu bn thch nh th .!:32: . Vt c mang theo l t giy nhp ca trung tm thi . 3) Trong qu trnh thi th bn s chu s gim st ca CISCO thng qua Camera chnh v th , nu bn vi phm quy ch thi : hi bi, quay bi .... bn s b failed. Mt mo nh khi i thi : "con chut my tnh c nguy c tr thnh k th c bn v thi cisco ch c duy nht nt NEXT m khng c bt k tc v no na tr End EXAM sau khi hon thnh. Chnh v th, nu v tnh trong 1 lc no bn l chm tay vo chut v "may mn" click vo nt NEXT -> Xem nh bn sai cu !... 4) Sau 120 pht lm bi (bn c th ra sm hn v thi gian l khng gii hn , c th lm bi thi trong vng 15 pht :105 ,bn click END EXAM . N s hin s im m bn t c.Nu thy : -> >= 825/1000 th xem nh bn t c chng ch giai on u.(1) -> <825/1000 th xem nh bn failed. 5) Sau khi c bo kt qu (1) , ta tip tc phi c CISCO kim tra trong vng 3 ngy . Nu chng ta khng c bt c iu g sai phm trong qu trnh thi v quy ch thi chng ta s c chnh thc cng nhn l mt CCNA. ==== Mt cu chuyn c tht : Mt anh thi CCIE R&S Written trong vng 15 pht v anh thi t im u . Tuy nhin , 3 ngy sau anh y nhn c thng tin mnh trt -. Bi v CISCO cho rng anh ny s dng "..." trong qu trnh thi. 7/4/2013
Edulab.com.vn
247
Ni thi CCNA
Di y l mt s trung tm m bn c th thi CCNA v gi thi cc trung tm ny iu l 250$/ln thi. 1) Min nam : + SaiGon CTT : www.saigonctt.com.vn + Nhat nghe : www.nhatnghe.com + Athena : www.athena.com + VnPro : www.vnpro.vn .... 2) Min bc : + IPMAC : www.ipmac.vn + VnExpert : www.vnexperts.net + Bch khoa h ni (trung tm mng) : www.bkacad.com .... C th s cn nhiu vn bn thc mc m trong khun kh 1 bi vit khng th ni ra ht. Do , cc anh nu c khc mc c th lin lc vi ti qua email : tranmyphuc@yahoo.com
7/4/2013
Edulab.com.vn
248
Thng tin thi mi nht

Thi gian p dng : Khang 2 tun t ngy ng version 3.0 Hnh thc thi : Cu hi v cch tnh im nh lit k trn.
7/4/2013
Edulab.com.vn
249
Thng tin thi mi nht

Cu hi :
L thuyt : Chim kh nhiu im trong thi.
Lu :
S lng cu tr li trong mt cu hi tng ln : V d : Lc trc cu hi chn 3 la chn nhng c 4 cu tr li. Gi th n tng ln 6-7 cu tr li. Xut hin nhiu cu l thuyt IPv6, v kh nhiu cu ngai b n. (V cu hi c th tham kho trong 503 cu hoc hc nhng cu IPv6 c trong slide ny)
7/4/2013
Edulab.com.vn
250
Thng tin thi mi nht

S lng cu LAB/SIM Cu Lab :4
Lab : NAT,RIPv2. Sim : VTP, ACL, Framerelay,dhcp (c th ra 2 trong 4 cu ny) * Nhng cu trn c kh nng c chn cao nht
Cn kh nhiu cu SIM/LAB khc bn cn phi n, vui lng truy cp vo
y .
251
7/4/2013
Edulab.com.vn
Dng cu hi thi CCNA

Cu hi mt la chn ng duy nht: Mc kh : *
7/4/2013
Edulab.com.vn
252
Dng cu hi thi CCNA

Cu hi nhiu la chn ng nhng cho bit s cu ng. Mc kh : **
7/4/2013
Edulab.com.vn
253
Dng cu hi thi CCNA

Cu hi nhiu la chn ng nhng khng bit s cu ng. Mc kh : ***
7/4/2013
Edulab.com.vn
254
Dng cu hi thi CCNA

Cu hi Drag and Drop hay cn gi l Drop , ko th. Mc kh : ****
7/4/2013
Edulab.com.vn
255
Dng cu hi thi CCNA

Siu cu hi (SuperQuestion hay Hotspot) Mc kh : ***** Bao gm 3 phn :
Phn 1 : M t v m hnh mng hin c. Phn 2 : S m hnh mng ng vi phn 1 Phn 3 : Cc cu hi da trn phn 1 v phn 2.
C khong t 4 5 cu Bt buc phi c kin thc thc s mi c th lm ng
7/4/2013
Edulab.com.vn
256
Dng cu hi thi CCNA
7/4/2013
Edulab.com.vn
257
Dng cu hi thi CCNA
7/4/2013
Edulab.com.vn
258
Dng cu hi thi CCNA

Dng khc ca siu cu hi Mc kh : ***** Bao gm 3 phn :
Phn 1 : S m hnh mng (bn ch c xem cu hnh trn 1 thit b ca mng). Phn 2 : Cu hi lin quan
C khong t 4 5 cu. Bt buc phi c kin thc thc s mi c th lm ng.
Phn 3 : Phn cn Show (c th cho trc hc bn phi t lm) gii quyt cu hi.
7/4/2013
Edulab.com.vn
259
Dng cu hi thi CCNA
7/4/2013
Edulab.com.vn
260
Dng cu hi thi CCNA
7/4/2013
Edulab.com.vn
261
Dng cu hi thi CCNA

Cu lab (Simulations) kh : ****** thi bao gm 3 phn :
Phn 1 : M t v m hnh mng v nhu cu cn trin khai . Phn 2 : S m hnh mng ng vi phn 1. Phn 3 : Bn phi cu hnh tha yu cu bi.
Bt buc bn phi c y kin thc v vn m bi a ra Bn phi c tm l tht vng trnh sai st v bt sa g cht Khi cu hnh ch cn sai mt cu lnh hoc qun copy 262 Edulab.com.vn run start l xem nh cu LAB = 0 im
7/4/2013
Dng cu hi thi CCNA
7/4/2013
Edulab.com.vn
263
7/4/2013
Edulab.com.vn
264
Mt s cu hi ko th
7/4/2013
Edulab.com.vn
265
7/4/2013
Edulab.com.vn
266
7/4/2013
Edulab.com.vn
267
7/4/2013
Edulab.com.vn
268
7/4/2013
Edulab.com.vn
269
7/4/2013
Edulab.com.vn
270
7/4/2013
Edulab.com.vn
271
7/4/2013
Edulab.com.vn
272
7/4/2013
Edulab.com.vn
273
7/4/2013
Edulab.com.vn
274
7/4/2013
Edulab.com.vn
275
7/4/2013
Edulab.com.vn
276
7/4/2013
Edulab.com.vn
277
7/4/2013
Edulab.com.vn
278
7/4/2013
Edulab.com.vn
279
7/4/2013
Edulab.com.vn
280
7/4/2013
Edulab.com.vn
281
7/4/2013
Edulab.com.vn
282
7/4/2013
Edulab.com.vn
283
7/4/2013
Edulab.com.vn
284
7/4/2013
Edulab.com.vn
285
7/4/2013
Edulab.com.vn
286
7/4/2013
Edulab.com.vn
287
59 cu hi mi nht update ngy 22-05-2009
7/4/2013
Edulab.com.vn
288
59 cu hi mi nht update ngy 22-05-2009
7/4/2013
Edulab.com.vn
289
7/4/2013
Edulab.com.vn
290
7/4/2013
Edulab.com.vn
291
7/4/2013
Edulab.com.vn
292
7/4/2013
Edulab.com.vn
293
7/4/2013
Edulab.com.vn
294
7/4/2013
Edulab.com.vn
295
7/4/2013
Edulab.com.vn
296
7/4/2013
Edulab.com.vn
297
7/4/2013
Edulab.com.vn
298
7/4/2013
Edulab.com.vn
299
7/4/2013
Edulab.com.vn
300
7/4/2013
Edulab.com.vn
301
7/4/2013
Edulab.com.vn
302
7/4/2013
Edulab.com.vn
303
7/4/2013
Edulab.com.vn
304
7/4/2013
Edulab.com.vn
305
7/4/2013
Edulab.com.vn
306
7/4/2013
Edulab.com.vn
307
7/4/2013
Edulab.com.vn
308
7/4/2013
Edulab.com.vn
309
7/4/2013
Edulab.com.vn
310
7/4/2013
Edulab.com.vn
311
7/4/2013
Edulab.com.vn
312
7/4/2013
Edulab.com.vn
313
7/4/2013
Edulab.com.vn
314
7/4/2013
Edulab.com.vn
315
7/4/2013
Edulab.com.vn
316
7/4/2013
Edulab.com.vn
317
7/4/2013
Edulab.com.vn
318
7/4/2013
Edulab.com.vn
319
7/4/2013
Edulab.com.vn
320
7/4/2013
Edulab.com.vn
321
7/4/2013
Edulab.com.vn
322
7/4/2013
Edulab.com.vn
323
7/4/2013
Edulab.com.vn
324
7/4/2013
Edulab.com.vn
325
7/4/2013
Edulab.com.vn
326
7/4/2013
Edulab.com.vn
327
7/4/2013
Edulab.com.vn
328
7/4/2013
Edulab.com.vn
329
7/4/2013
Edulab.com.vn
330
7/4/2013
Edulab.com.vn
331
7/4/2013
Edulab.com.vn
332
7/4/2013
Edulab.com.vn
333
7/4/2013
Edulab.com.vn
334
7/4/2013
Edulab.com.vn
335
7/4/2013
Edulab.com.vn
336
7/4/2013
Edulab.com.vn
337
7/4/2013
Edulab.com.vn
338
7/4/2013
Edulab.com.vn
339
7/4/2013
Edulab.com.vn
340
7/4/2013
Edulab.com.vn
341
7/4/2013
Edulab.com.vn
342
7/4/2013
Edulab.com.vn
343
General Cisco Certificate Paths

General Certifications
Certification Paths
Entry-Level
Associate
Professional
Expert
Routing & Switching
CCENT
CCNA
CCNP
CCIE Routing & Switching
Design
CCENT
CCNA & CCDA
CCDP
CCDE
Network Security
CCENT
CCNA Security
CCSP
CCIE Security
Service Provider
CCENT
CCNA
CCIP
CCIE Service Provider
Storage Networking
CCENT
CCNA
CCNP
CCIE Storage Networking
Voice
CCENT
CCNA Voice
CCVP
CCIE Voice
Wireless
CCENT
CCNA Wireless
Coming Soon!
CCIE Wireless
7/4/2013
Edulab.com.vn
344
Contact : contact@edulab.com.vn
7/4/2013
Edulab.com.vn
345

On Tap CCNA Version4.0 EDULAB

Cargado por

Información del documento

Derechos de autor

Formatos disponibles

Compartir este documento

Compartir o incrustar documentos

Opciones para compartir

¿Le pareció útil este documento?

¿Este contenido es inapropiado?

Copyright:

Formatos disponibles

On Tap CCNA Version4.0 EDULAB

Cargado por

Copyright:

Formatos disponibles

n tp CCNA version 4.

Phn 2 : Hng dn lm bi thi quc t.

(Carrier Sense Multiple Access with Collision Detect )

Data A D Data A D Data A D Data A D

Layer 3. nh tuyn.(routing) Ngn chn broadcast.

2. OSI-TCP/IP & ARP

2. OSI-TCP/IP & ARP

Chng giao thc TCP/IP

Cc thit b hot ng tng lp

Gi tin khi i qua thit b lp 1

Gi tin khi i qua thit b lp 2

Gi tin khi i qua thit b lp 3

2. OSI-TCP/IP & ARP

2. OSI-TCP/IP & ARP

2. OSI-TCP/IP & ARP

Host A sent to Host D

2. OSI-TCP/IP & ARP

2. OSI-TCP/IP & ARP

2. OSI-TCP/IP & ARP

3.1 QUI TRNH KHI NG V NP IOS

3.1 QUI TRNH KHI NG V NP IOS

3.1 QUI TRNH KHI NG V NP IOS

c2800nm-ipbase-mz.124-5a.bin sdmconfig-2811.cfg sdm.tar es.tar common.tar home.shtml home.tar 128MB.sdf

41836544 bytes available (22179840 bytes used)

3.2 KIM TRA KT NI

Xem DCE/DTE, loi cable ang kt ni.

3.3 TELNET V SSH

3.3 TELNET V SSH

3.3 TELNET V SSH

R( config)# username VNPRO password VNPRO

< name >

R( config)# crypto generate key RSA

R( config)# line vty 0 4 R( config-line)# transport input [ ssh | telnet ] Ch :

3.4 GIAO THC CDP

3.4 GIAO THC CDP

00000000 10000000 11000000 11100000 11110000 11111000 11111100 11111110 11111111

0 128 192 224 240 248 252 254 255

4.2.5) a ch Private v Public

IP Address Gateway IP server

IP1 IP2 IP3

5.1) GII THIU V SWITCH.

L thit b layer 2. Mi port ca switch l mt collision domain. System LED:

5.1) GII THIU V SWITCH.

Cch hot ng ca switch:

5.2) PORT SECURITY.

5.2) PORT SECURITY.

2. Mt khi trin khai gn MAC tnh th entry ny s tn ti c nh trong bng CAM.

5.2) PORT SECURITY.

5.3) VLAN, TRUNK, DTP, VTP, interVlan Routing

Default tt c cc VLAN c truyn qua ng trunk.

5.4) SPANNING TREE

Khng n nh bng MAC

Nguyn nhn a ra STP

Gii thch BPDU ( hello )

Gii thch hot ng ca Spanning-tree

Bu chn Non-Designated Port: port cn li l non-DP.

Gii thch hot ng ca Spanning-tree

Gii thch hot ng ca Spanning-tree

Trng thi ca port khi hot ng spanning-tree

5.5) RAPID SPANNING-TREE ( RSPT)

5.5) RAPID SPANNING-TREE ( RSPT)

5.5) RAPID SPANNING-TREE ( RSPT)

Cc kiu kt ni trong RSPT:

5.4) SPANNING TREE