CCNA Study

 EAP-MD5 Uses the same MD5 hash as the Cisco router      command : service password-encryption Easily broken EAP-MD% introduced in Win2000, deprecated in Windows Vista LEAP (Lightweight EAP) Cisco-proprietary wireless network authentication method The client and the authentication server challenge each other Challenge responses are encrypted Uses dynamic WEP keys Although officially Cisco proprietary, it's supported by some third-party vendors via the Cisco Compatible Extensions Program LEAP suffers from serious security vulnerabilities, including easily cracked passwords Has been officially deprecated, but is still an option on some clients and access points EAP-FAST (EAP Flexible Authentication by Secure Tunneling) Cisco's replacement for LEAP A secure tunnel between the endpoints is constructed via use of a PAC during a three-phase process, which curiously enough begins with Phase Zero PEAP: Protected EAP Encapsulates EAP via a TLS tunnel The major difference betw...

 There are two major link-state protocols in use today - OSPF and IS-IS. IS-IS is primarily used by service providers, and while you'll find IS-IS on other Cisco example, you won't see it on the CCNA R$S exam. So, this will focus on OSPF.  R1#show ip ospf datbase R1#show ip route ospf The beauty of the Dijkstra algorithm is that recalculation of routes due to a network change is so fast that routing loops literally have no time to form.  Before the LSA exchane begins, Ospf-speaking outers must become neighbors by forming an adjacency. Routers must agree on the following to become neighbors in OSPF:  The area number  The hello and dead timer settings Whether the area is a stub area Network mask When you configure RIP, it doesn't require number. However, for EIGRP you need <1-65535> Autonomous system number that has been agreed upon adjacencies. For OSPF, you need <1-65535> Process ID that doesn't have to be agreed upon.  We will verify OSPF adjac...

 Why is RIPv1 largely absent from today's networks? This original version of the Routing information Protocol has limitations that weren't bad when it was originally developed, but those same limitations prohibit their use today.  RIPv1 sends a full routing update at a fixed interval. RIPv1 doesn't understand subnet mask.  Split Horizon: The rule of split horizon is simple. A route can't be advertised via an interface if that same interface is the one that learned about the route in the first place.  Route Poisoning: When router agree on the current state of the network, they have reached a stat of convergence. A major reason you don't see a lot of distance-vector routing out there is that DV protocols are very slow to converge, even in a lab environment.  RIP in action:  R1(config)router rip R1(config-router)#network 172.12.0.0  R1(config-router)#^Z R1#show IP protocols Aromatic network summarization is in effect R1#conf t R1(config)#router rip R1(con...

 R1#show ip route The router will check the entire routing table for the best possible match, also known as the longest match. The route that has the most bits that match the destination will be route used to forward the packet.  R1(config)#ip route 0.0.0.0 R1(config)#ip route 0.0.0.0 0.0.0.0 20.1.1.2 R3#cont t R3(config)#int loopback 3 RE(config-if)#ip address 3.3.3.3 255.255.255.0 R3#show int loopback 3 R3#ping Repeat count [5]:100000 To get out press control shift +6 twice R2#traceroute 2.2.2.2 If you see * the packet is not leaving the router.  R3#debug ip packet R3#no debug ip packet R3#u all R3#show ip route R3#config t R3(config)#ip route 0.0.0.0 0.0.0.0 172.12.123.1 R3#show ip route S* means static R3#show debug R3#debug ip packet R1(config)#ip route 2.2.2.0 255.255.2550 172.12.123.2

 128  64  32  16  8  4  2  1   0     1    1     0   1  1  0  1 = 111 Determining the number of available valid subnets: How many valid subnets exist on the 10.0.0.0 255.240.0.0 network? 16 How many valid subnets are on the 10.0.0.0/12 network? --->prefix notation 16 255.254.0.0 converts to 11111111 11110000 00000000 00000000 Class A 1-126         255.0.0.0                  8 network bits, 24 host bits Class B 128-191     255.255.0.0              16 network bits, 16 host bits Class C 192-223     255.255.255.0          24 network bits, 8 host bits Subnetting is performed by borrowing host bits ONLY.  Number of valid subnets = (2 to the power of the number of subnet bits) 10.0.0.0 is Class A with 8 network bits. 12-8...

 VTP allows switches to synch their VLAN databases by advertising their VLAN info to other switches in the same VTP domain. This allows switches with no ports in a particular VLAN to still handle traffic for that VLAN. When a VLAN is created on one switch in a VTP domain, all other switches in that VTP domain are notified of that VLAN's existence.  A switch can run in on e of three VTP modes: Server mode allows the switch to create, name, and delete VLANs.  Client mode prevents the switch from creating, naming, or deleting VLANs.  Transparent mode switches forward the VTP advertisements received from other switches, but do not actually process the info in those ads. VLANs can be created, named, and deleted on switches running in transparent mode, but these changes are not advertised to the other switches in the VTP domain.  VTP domain name is case sensitive. SW1#show vtp status SW1(config)#vtp domain CCNA Changing VTP domain name from NULL to CCNA A switch from ...