Wednesday, October 22, 2014

Cisco Introduction to Networks chapter 2 notes

Chapter 2

Configuring a network operating system

Router - forwards packets to and receives data packets from the Internet

switch - connects end devices using network cables

wireless access point  -consists of a radio transmitter capable of connecting end devices wirelessly

firewall appliance - secures outgoing traffic and restricts incoming traffic

operating system enables the hardware to function

Cisco Internetwork Operating System (IOS)

IOS  - generic term for the collection of network operating systems used on Cisco networking devices

kernel - portion of the OS code that interacts directly with hardware

shell - portion of the OS code that interacts with user and applications

user can interact with the shell through command line interface (CLI) or graphical user interface (GUI)

purpose of IOS
     security
     routing
     QoS
     Addressing
     managing resources
     interface

Accessing Cisco IOS
     -console
     -telnet/SSH
     -Aux port

Console - outbound access - access via a dedicated channel for maintenance only
     -available without configured networking services

telnet - remote access through a virtual interface over a network
     -requires active networking on the device
     -can also access any other devices via a built-in telnet client
     
SSH - secure shell - similar to telnet, but uses encryption
     -stronger password authentication
     -encrypts transmission
     -requires active networking on the device

AUX - access via telephone dial-up
     -requires no networking services to be set up
     -can be used locally

Navigating IOS

     user exec mode >
     privileged exec mode #
     global config (config)#
     specific config modes       (config-if)#
                                          (config-line)#

     user exec mode >
          -view mode
          -basic operations

     privileged exec mode #
     
     global configuration mode - change device as a whole

> enable/disable
#configure terminal

to leave modes -> exit or ctrl-Z

command structure

switch> ping 192.168.31.1

prompt  command   space  keyword/argument

switch> show ip protocols

bold - type as shown
italics - supply value

Cisco IOS command reference

help forms
     context-sensitive
     command syntax
     hotkeys and shortcuts

     context-sensitive - provides a list of commands within the current context -> ?
     
     command syntax check
     -parse left to right
     -generally only provides negative feedback
          3 types of error
          -ambiguous command
          -incomplete command
          -incorrect command

Hotkeys and shortcuts

     ctrl+shift+6  ->break sequence
     tab -> finish command
     ctrl+C -> interrupts entry and exits config mode

commands
     show - display various information
     show version - display version info, system uptime, restart info

Getting Basic
Hostnames
     switch requires no configuration to function

     hostname - unique device name

     -provide info about network setup
     -remove ambiguouity
     -should be used in network documentation
     -create naming convention
     -apply using CLI

Limiting access to a device

     physical limitations - behind closed doors, in a rack

     device passwords 
     
     enable password - limit access to priviledged exec mode
     enable secret - same as enable password, but encrypts the password
     console password - limit device access using password
     VTY password - limit access via telnet

     (config)# enable secret password

console security
     
     #line console 0
     #password ***
     #login      <- apply="" div="" login="" password="" the="" to="" used="">

VTY security
     
     -most switches have 16 VTY lines number 0 through 15
          #line vty 0 15
     #password ***
     #login     <- div="" login="" on="" password="" require="">

     #service password encryption
     -applies weak encryption to all passwords when viewing configuration files
     -removing command doesn't remove encryption

 banner configuration

      -should never show "welcome" type message, or encourage access
     motd - message of the day
     #banner motd #   message goes in here #
          -The # symbols are message start, end characters
          -delimiting characters
          -can be any character
          -can't be in the message presented
          -motd showed when anyone accesses the system

saving configurations
     -running config reflects current operational configuration
     -unsaved changes removed at reboot

          #copy running-config start-config
     
     #reload    ->reboot system and restore to startup-config

eliminating startup-config

#erase startup-config
#erase NVRAM:startup-config

must also delete vlan file to return to factory out of box status

#delete vlan.dat

Backup configuration with text capture

#show running-config

copy/paste into a text file.  Have to clean up file before importing back into a system

Address Schemes

Ports & Addresses

IPv4 (Internet Protocol, version 4) uses dotted decimal notation
     -4 numbers between 0 and 255
     -subnet mask also required

IP Addresses assigned to physical ports and virtual interfaces 
     -virtual interface - no physical hardware associated with the interface.

Addressing Devices

Remote access requires IP address and subnet mask

#interface vlan 1
#ip address XXX.XXX.XXX SubnetMask
ex...   #ip address 10.75.20.254 255.255.255.0
#no shutdown      <- and="" disable.="" div="" enabled="" ever="" port="" set="" t="" to="" won="">

Addressing End Devices

depends on device
     -must have IP address,
               subnet mask
               default gateway
     -default gateway is IP address of the way out of the network
     -DNS server (domain name system)
          translate IP addresses to web addresses

     -IP addresses can either be configured manually or automatically using DHCP
     Dynamic Host Configuration Protocol

     Show IP info in windows using 

     ipconfig
     ipconfig /all

testing the loopback

     loopback adderss is 127.0.0.1  <-reserved address="" div="" ip="">

     ping failure indicates problem with system
          -drivers
          -NIC
          -TCP/IP implementation

Verifying connectivity

     #show ip interface brief

use ping to verify end to end connectivity

No comments:

Post a Comment