129. Cisco 2950 Switch System LED:
The system LED shows whether the system is receiving power and functioning
LED Off: System is not powered up.
LED color is Green: System is operating normally.
LED color is Amber: System is receiving power but is not functioning
properly. The amber color on a Cisco2950 series switch indicates that the
system is malfunctioning.
130. The cable determines the DTE/DCE combination. The router with DCE cable
needs to be configured with clock rate for proper functioning of the WAN link.
131. There are different types of cables:
- Straight through cable: This is also known as patch cable. A straight
through cable is used to connect a computer to a hub or a switch.
- Crossover cable: A crossover cable is used to connect one computer to the
other computer B without using a switch or hub.
- Rollover cable: A rollover (also known as console cable) is used to
connect to routers for configuration purpose.
Also, you can’t connect the Ethernet port on PC to another Ethernet port on
a router using a straight through cable. You need crossover cable for this
purpose. Also, the PC need to have a network card, and appropriate networking
protocol stack properly installed and configured.
132. There are three ways a router learns how to forward a packet:
- Static Routes - Configured by the administrator manually. The
administrator must also update the table manually every time a change to the
network takes place. Static routes are commonly used when routing from a
network to a stub (a network with a single route) network.
The command is
ip route network mask address/interface [distance]
ex: ip route 220.127.116.11 255.255.255.0 18.104.22.168
Here, 22.214.171.124 is the destination network or subnet
255.255.255.0 is the subnet mask
126.96.36.199 is the default gateway.
- Default Routes - The default route (gateway of last resort) is used when a
route is not known or is infeasible. The command is
ip route 0.0.0.0 0.0.0.0 188.8.131.52
The default gateway is set to 184.108.40.206
- Dynamic Routes - As soon as dynamic routing is enabled, the routing tables
are automatically updated. Dynamic routing uses broadcasts and multicasts to
communicate with other routers. Each route entry includes a subnet number,
the interface out to that subnet, and the IP address of the next router that
should receive the packet. The commands to enable rip are:
network <major network number>.
133. There are broadly three types of routing protocols:
- Distance Vector (Number of hops) - Distance vector routing determines
the direction (vector) and distance to any link in the internetwork.
Typically, the smaller the metric, the better the path. EX: Examples of
distance vector protocols are RIP and IGRP. Distance vector routing is
useful for smaller networks. The limitation is that any route which is
greater than 15 hops is considered unreachable. One important thing that
differentiates distance vector with Link state is that distance vector
listens to second hand information to learn routing tables whereas, Link
state builds its routing tables from first hand information. Distance
vector algorithms call for each router to send its entire routing table to
each of its adjacent neighbors.
- Link State Routing: Link State algorithms are also known as Shortest
Path First (SPF) algorithms. SPF recreates the exact topology of the
entire network for route computation by listening at the first hand
information. Link State takes bandwidth into account using a cost metric.
Link State protocols only send updates when a change occurs, which makes
them more attractive for larger networks. Bandwidth and delay are the most
heavily weighed parts of the metric when using Link-State protocols. EX:
OSPF and NLSP.
Benefits of Link State protocols:
- Allows for a larger scalable network
- Reduces convergence time
- Allows “supernetting”
- Balanced Hybrid - Balanced Hybrid combines some aspects of Link State
and Distance Vector routing protocols. Balanced Hybrid uses distance
vectors with more accurate metrics to determine the best paths to
destination networks. EX: EIGRP.
134. There may be times that you have lost the passwords for accessing the
router and need to recover from the lost passwords. ROM Monitor (rommon), stored
ROM is used for password recovery. By hitting special Break key within the first
60 seconds of the router power-on, it is possible to recover from lost
passwords. Broadly, the sequence of operations is as below (For a 2501 router):
- Power cycle the router by turning it OFF and ON.
- Press Break key (key configuration depends on the router type) within 60
seconds of power on.
- Use the rommon command O/R 0X2142
- Use rommon command INITIALIZE to load IOS
- Skip the setup mode (by choosing NO to configuration commands)
- Enter privileged mode
g. After entering the privileged mode, you can view the passwords by issuing
appropriate config commands.
135. To change the enable password, you use "enable password
To change the enable secret, you use "enable secret password".
136. To configure your router to do look-up for domain name server, the
correct syntax is:
- ip name-server <ipaddress_of_server>
Here the ipaddress_of_server is the ip address of the DNS server.
137. To enable the Cisco IOS to forward packets destined for obscure subnets
of directly connected networks onto the best route, you use "ip
138. Trace command has syntax, "trace ip <destination_address>
". The trace command traces the path to the destination hop by hop. This is
achieved by setting the TTL (Time To Live) to 1 for the first packet to send and
increasing TTL in the intervals of 1. This causes the successive next hop
devices to send a time out message. This message is used for finding out the
route that the packet takes to reach the destination.
Important Trace responses are:
P ……The Protocol was Unreachable
N …… The Network was Unreachable
U …… The port was Unreachable
* …… The packet timed out
!H ….. Could not be forwarded due to access list violation
Tracert, Ping use ICMP as their base protocol.
Traditionally, the router interface on a serial link is a 60-pin D-shell
connector. The CSU/DSU may have EIA/TIA 232 interface to the router. The CSEU/DSU
interface to the service provider could be RJ-11, RJ-45 etc.
139. Transport Layer is responsible for multiplexing the packets received
from upper layers. It also makes the network transparent to the upper layers
(Session, Presentation, and Application layers)..
140. Typical WAN interfaces, that one come across frequently are:
EIA 232, EIA 449, EIA 530, V.35, and X.21. The Cisco router serial interface
will be a 60-pin D-shell connector. This in turn is connected to service
provider equipment, usually through a CSU/ DSU. Therefore, appropriate
conversion cable need to be used when interfacing with a WAN device such a CSU/DSU.
CSU/ DSU in turn is connected to the service provider through the cable supplied
by the service provider.
141. UDP is known as unreliable protocol because there is no way for the
source to know if any packets are lost during transit to the destination.
Important fields that are available with TCP header, but not available with UDP
header include sequence number, acknowledgement number, and window size.
Variable-Length Subnet Masking:
Variable-length subnet masking (VLSM) means implementing more than one mask on
the same major class of a network. It allows for a more efficient use of IP
address space both in terms of hosts and subnets, and can be essential on a
network that does not have an abundance of IP address space.
The following routing protocols support VLSM:
1. RIP v2
142. VLAN port assignments can be configured either of two ways:
Static VLANs: The administrator statically configures VLAN port assignment.
VLAN memberships on the switch ports are assigned on a port-by-port basis.
Dynamic VLANs: A VMPS (VLAN Management Policy Server) can dynamically assign
VLAN ports. The MAC address of the node is used to determine the VLAN
assignment. A separate server or a Catalyst 5000 can function as a VMPS server.
When a frame arrives on a dynamic port at the switch, it queries the VMPS for
the VLAN assignment based on the source MAC address of the arriving frame.
143. WAN (Wide Area Network) devices extend the reach of LAN (Local Area
Network) devices. WANT typically span over a wide area, such over multiple
cities / countries. WANS are connected over serial lines that operate at lower
speeds than LANs. Some of the WAN devices are:
- Routers: Routers are responsible for routing the packets in an
- Modems: Modems connect to public telephone circuits through dial-up.
- CSU/DSU: Stands for Channel Service Unit / Data Service Unit. CSU/DSUs are
used for connecting to Central Office of a Telephone switching company and
provides serial WAN connections.
- Communication Servers: These are used for dial in/out to remote users.
Provides RAS Remote Access Server) functionality.
- Multiplexors (mux): Multiplexors combine two or more signals before
transmitting on a single channel. Multiplexing can be done by sharing
"time" or "frequency".
144. When designing an ESS WLAN, APs with overlapping coverage areas should
be configured to use non-overlapping channels. This is true whether the APs are
using DSSS (Direct Sequence Spread Spectrum) or FHSS (Frequency Hopping Spread
145. While a packet travels through an Internetwork, it usually involves
multiple hops. It is important to know that the logical address (IP address) of
source (that created the packet) and destination (final intended destination)
remain constant, the hardware (Interface) addresses change with each hop.
146. Windowing, Buffering, and Congestion avoidance are three different types
of flow controls used frequently.
147. Wired Equivalent Privacy (WEP) is a protocol used to secure IEEE 802.11
wireless networks. It is part of the IEEE 802.11 wireless networking standard.
Wireless networks broadcast messages using radio, and therefore more susceptible
to eavesdropping than wired networks. WEP was intended to provide
confidentiality comparable to that of a traditional wired network.
148. Wi-Fi Protected Access (WPA and WPA2) is a class of systems to secure
wireless (Wi-Fi) computer networks. WPA is forward compatible with the IEEE
802.11i standard, and was intended as an intermediate measure to take the place
of WEP while 802.11i was prepared. 802.11i includes dynamic key exchange,
stronger encryption, and user authentication. It is not backward compatible with
WPA. The 802.11i standard is widely known as WPA2.
149. WPA stands for Wi-Fi Protected Access. The key features of the protocol
are given below:
- It supports both static and dynamic key distribution
- It provides Device Authentication, as well as User Authentication.
- It uses TKIP (Temporal Key Integrity Protocol) encryption for dynamic key
exchange. Note that WPA2 uses AES encryption where as WPA uses TKIP. AES
encryption is a stronger encryption protocol.
- WPA is forward compatible with WPA2.
You can use "show controllers serial [port number]" to see if the
interface detects a DCE or DTE cable.
150. You need to assign a different network number for each subnet. Also, you
need to set aside one network number for each WAN connection.
151. Three important modes of a Cisco router are:
- User EXEC mode ... Router>
- Privileged EXEC mode ... Router#
- Global Configuration mode ... Router(Config)#
Global configuration mode allows you to perform tasks that affect the entire
router, such as naming the router, configuration of banner messages, enabling
routed protocols, and generally anything that affects the operation of the
152. When you first switch on a router, you enter Setup mode. Setup mode is
different from configuration mode in that setup mode appears when there is no
configuration file present. Upon entering setup mode, you can supply some basic
configuration parameters to Cisco router.
153. You use show vlan or shor vlan vlan# command to see the configuration
details of VLANs. The command "sh vlan" will display the configuration
information for all VLANs, where as the command "sh vlan vlan#" shows
only the configuration information pertaining to that vlan. For example, if you
want to see the configuration information for vlan2, you give the command "sh