Scribd
Upload
10 views105 pages

Switching Cisco

Module 6 of the CCNA 200-301 course covers various IP services including remote control (Telnet and SSH), file transfer (TFTP, FTP, HTTP), and monitoring services (Syslog). It provides configuration examples and commands for each service, highlighting the differences between them, such as security features and protocols used. The module emphasizes the importance of these services in network management and device communication.

Uploaded by

xalavi7991
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
10 views105 pages

Switching Cisco

Module 6 of the CCNA 200-301 course covers various IP services including remote control (Telnet and SSH), file transfer (TFTP, FTP, HTTP), and monitoring services (Syslog). It provides configuration examples and commands for each service, highlighting the differences between them, such as security features and protocols used. The module emphasizes the importance of these services in network management and device communication.

Uploaded by

xalavi7991
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 105

IP Services

CCNA 200-301 V1.1


MODULE 6

https://t.me/learningnets
Topics
6.1 Remote Control Services
6.2 File Transfer Services
6.3 Monitoring Services
6.4 Infrastructure Services
6.5 Quality of Service
6.6 Review

https://t.me/learningnets
Telnet
SSH
HTTP
6.1 Remote
Control Services
CCNA 200-301 v1.1

Module 6

https://t.me/learningnets
Telnet
Obtain a command prompt on a remote device
Can be performed in USER or PRIVILEGED EXEC
TCP 23
Unencrypted
Cisco devices can be a telnet client or server

“show run … ”

https://t.me/learningnets
Configure a Telnet Server Example
Router> enable
Router# configure terminal
Router(config)# hostname R1
R1(config)# interface GigabitEthernet0/0
R1(config-if)# ip address 192.168.1.1 255.255.255.0
R1(config-if)# no shutdown
R1(config)# username admin privilege 15 secret LetMeIn

https://t.me/learningnets
Configure a Telnet Server Example (cont’d)
R1(config)# line vty 0 15
R1(config-line)# login local
R1(config-line)# transport input telnet
R1(config-line)# end
R1# copy running-config startup-config

R2> telnet 192.168.1.1

https://t.me/learningnets
Telnet Commands
Command Description
line vty 0 4 Enter vty configuration mode for the desired number of vty
line vty 0 15 telnet sessions (5, or 16)
login local Username and password is checked against the local database
transport input telnet Allow telnet connections
telnet <target device IP> Start a telnet session from another Cisco device
CTRL+6+SHIFT, x Toggle away from the telnet session back to your local CLI
ENTER Resume your telnet session
exit End a telnet session
show session Shows your active outbound telnet sessions to other devices
show users • Shows active inbound telnet sessions to this device
• Shows username, telnet and SSH incoming connections

https://t.me/learningnets
SSH

https://t.me/learningnets
Secure Shell (SSH)
Encrypted replacement for Telnet
Preferred management connection type for Cisco devices
Can be performed in USER or PRIVILEGED EXEC
TCP port 22
Includes SCP (Secure Copy) and SFTP (Secure FTP)

“t3SczVqrf40…”

https://t.me/learningnets
Configuring an SSH Server Example
R1> enable
R1# configure terminal
R1(config)# hostname R1
R1(config)# ip domain-name mydomain.com
R1(config)# crypto key generate rsa
How many bits in the modulus [512]: 2048
R1(config)# ip ssh version 2
R1(config)# username admin privilege 15 secret letmein

https://t.me/learningnets
Configuring an SSH Server Example (cont’d)
R1(config)# line vty 0 15
R1(config-line)# transport input ssh
R1(config-line)# login local
R1(config-line)# exit
R1(config)# ip ssh time-out 60
R1(config)# ip ssh authentication-retries 3
R1(config)# end
R1# copy running-config startup-config

R2# ssh -l admin 192.168.1.10

https://t.me/learningnets
SSH Commands
Command Description
hostname Configure a hostname for the device
ip domain-name <domain name> Provide the device domain name
crypto key generate rsa When prompted, choose between 360 – 4096 bit key
length
ip ssh version 2 Set the SSH version
username <user> privilege 15 secret Create a local user with a secret password who will
<password> have admin privilege in the session

https://t.me/learningnets
SSH Commands (cont’d)
Command Description
line vty 0 15 Enter vty configuration mode for 16 vty lines
transport input ssh Enable SSH only
transport input ssh telnet Enable SSH and if that fails, permit telnet
login local Require local authentication for the user
ip ssh time-out 60 The user must successfully authenticate in 60 seconds
ip ssh authentication-retries 3 The user can retry authentication 3 times before the
session is terminated and they must start over

https://t.me/learningnets
SSH Connection Commands
Command Description
ssh -l <username> <destination IP> Start an SSH connection from one Cisco device to
another
CTRL+SHIFT+6, x Toggle back to your local CLI
ENTER Resume your SSH session
exit End your SSH session
logout
show ssh View active SSH sessions in our out of this device
show users • Shows active inbound SSH sessions to this device
• Shows username, SSH and telnet incoming
connections

https://t.me/learningnets
HTTP

https://t.me/learningnets
HTTP Server Services
Server:
Some Cisco devices offer HTTP services for browser or REST API-based remote management
◦ ISR/ASR routers, Nexus switches, ASA/NGFW Firepower firewalls, WLCs, CUCM, Small business devices
◦ You can use a browser from your computer to connect

Client:
Most modern Cisco devices can be HTTP clients
◦ Only for file copying, not remote control

https://t.me/learningnets
Configure an HTTP Server Example
R1# configure terminal
R1(config)# ip http server
R1(config)# ip http secure-server
R1(config)# ip http authentication local
R1(config)# username [username] privilege 15 secret [password]
R1(config)# ip http port [port-number]
R1(config)# ip http secure-port [secure-port-number]
R1(config)# end
R1# copy running-config startup-config

https://t.me/learningnets
HTTP Commands
Command Description
ip http server Enable the HTTP server
ip http secure-server Enable the HTTPS server
ip http authentication local Set authentication to be local
username [username] privilege 15 secret [password] Create a user that can log in
Username admin privilege 15 secret letmein
ip http port [port-number] Set the HTTP port
Ip http port 81
ip http secure-port [secure-port-number] Set the HTTPS port
Ip http secure-port 444

https://t.me/learningnets
Copy Command
TFTP
FTP
6.2 File Transfer HTTP
Services
CCNA 200-301 v1.1

Module 6

https://t.me/learningnets
Copy Command
Copy <source> <destination>
You’ll be prompted for any missing information before the command is actually executed
◦ Source file name, destination file name, source IP address, destination IP address, username, password, etc.
You can rename the file as it is copied to the destination
Mix and match any source to any destination (so long as they are configured)

startup-config running-config
running-config startup-config
flash tftp
tftp ftp
ftp http
http flash

https://t.me/learningnets
TFTP

https://t.me/learningnets
Trivial File Transfer Protocol (TFTP)
Transfer files between a Cisco device and a central server
◦ Configuration, operating system files, updates, backups, logs, other files

UDP port 69
Simpler than other file transfer protocols
◦ No authentication
◦ Non-interactive

No browsing the TFTP server directory


◦ You need to already know the name of the file you want to download

All transmissions are in clear text

https://t.me/learningnets
Trivial File Transfer Protocol (TFTP) (cont’d)

Cisco devices are typically TFTP clients


Upload/download using the copy command:
◦ copy tftp flash
◦ copy flash tftp

If necessary, you can configure a Cisco device to be a TFTP server


◦ Make sure you have enough storage!

Note: Because TFTP uses UDP with no flow control or error checking, it is not well suited to cross
multiple routers or traverse many network segments

https://t.me/learningnets
Cisco TFTP Examples
Cisco device as TFTP client
◦ Download a startup-config file from a TFTP server
◦ R1# copy tftp startup-config
◦ Address or name of remote host []? 192.168.1.50
◦ Destination filename [startup-config]? startup-config

Cisco device as TFTP server


◦ Making a file available to any TFTP client that requests it – great for copying IOS files between routers
◦ R1(config)# tftp-server [file path and name]
◦ R1(config)# tftp-server flash:c2900-universalk9-mz.SPA.151-1.M4.bin

Verify TFTP server configuration


◦ R1# dir flash:
◦ R1# show running-config | include tftp-server

https://t.me/learningnets
TFTP Commands
Command Description
tftp-server [file path and name] Serve a file as a TFTP server

tftp-server flash:backup.bak

tftp-server flash:c3560-
ipservicesk9-mz.150-1.SE.bin
copy tftp flash Download/upload a file from a TFTP server
copy flash tftp You’ll be prompted for the details before the
command is executed

copy tftp://192.168.3.47/c3560- You can specify some or all details in one statement
ipservicesk9-mz.150-1.SE.bin flash: You’ll be prompted for anything you missed

https://t.me/learningnets
TFTP Verification Commands

Command Description
dir flash: List all files in your own flash storage including their
show flash: size
show running-config | include tftp- Show the currently running configuration
server Limit output to lines related to TFTP server

https://t.me/learningnets
FTP

https://t.me/learningnets
File Transfer Protocol (FTP)

Transfer files between a Cisco device and a central server:


◦ Configuration, operating system files, updates, backups, logs, other files
More reliable than TFTP
◦ TCP 21, 20
◦ No problem going across routers
Session is interactive
Still clear text
Cisco devices are typically FTP clients
Some Cisco devices can be configured as an FTP server
◦ Be mindful of how much storage the device has!

https://t.me/learningnets
Configure an FTP Server Example
R1> enable
R1# configure terminal
R1(config)# ip ftp server enable
R1(config)# user chrys secret letmein
R1(config)# ip ftp path flash:
R1(config)# end
R1# copy running-config startup-config
R1# dir flash:
R1# show running-config | include ftp

https://t.me/learningnets
Cisco FTP Client Upload Example
R1# copy flash ftp
Source filename [ ]? flash:c2900-universalk9-mz.SPA.151-1.M4.bin
Address or name of remote host []? 192.168.1.10
Destination filename [flash:c2900-universalk9-mz.SPA.151-1.M4.bin]?
User name [ ]? admin
Password: ********

https://t.me/learningnets
Cisco FTP Client Download Example
R1# copy ftp flash
Address or name of remote host [ ]? 192.168.1.10
Source filename [ ]? flash:c2900-universalk9-mz.SPA.151-1.M4.bin
Destination filename [flash:c2900-universalk9-mz.SPA.151-1.M4.bin]?
User name [ ]? admin
Password: ********

https://t.me/learningnets
Pre-staging FTP Client Information Example

If desired, you can pre-stage FTP client information to simplify the actual file transfer command
Useful if you perform FTP client operations frequently to the same FTP server
R1(config)# ip ftp username chrys
R1(config)# ip ftp password letmein
R1(config)# ip ftp server 192.168.1.10
R1# copy flash:startup-config ftp
R1# copy ftp:startup-config flash

https://t.me/learningnets
FTP Commands
Command Description
ip ftp server enable Enable a Cisco device to be an FTP server
User <name> secret <password> Create a non-privileged user with an encrypted password
on the server
ip ftp path <directory-path> Specify the FTP server directory ( typically flash: )
ip ftp path flash:
dir flash: List all files on your local flash storage
show running-config | include ftp View current running configuration, limiting output to
lines related to FTP
copy flash ftp Initiate an FTP upload (you will be prompted for info)
copy ftp flash Initiate an FTP download (you will be prompted for info)

https://t.me/learningnets
FTP Commands (cont’d)
Command Description
ip ftp username <name> Pre-stage your FTP client username
ip ftp username chrys
ip ftp password <password> Pre-stage your FTP client password
ip ftp password letmein
ip ftp server <IP | name> Pre-stage the FTP server you will connect to
ip ftp server 192.168.1.10
copy flash:<file> ftp Upload a file from flash: to FTP
Copy flash:startup-config ftp
copy ftp flash:<file> Download a file from FTP to flash:

https://t.me/learningnets
HTTP

https://t.me/learningnets
HTTP Client Services
Client:
Most modern Cisco devices can be HTTP clients
◦ Only for file copying, not remote control
◦ No browser; use copy command from terminal

R1# copy http [flash|startup-config|running-config]


R1# copy [flash|startup-config|running-config] http
R1# copy http://example.com/file.bin flash
R1# copy flash:file.bin http://example.com/

https://t.me/learningnets
HTTP Client Commands

Command Description
copy http://<server>/<file> flash Download a file from an HTTP
copy http://example.com/file.bin flash server to local flash storage
copy flash:<file> http://<server>/<file> flash: Upload a file from an HTTP
copy flash:file.bin http://example.com/ server to local flash storage

https://t.me/learningnets
Syslog
SNMP

6.3 Monitoring
Services
CCNA 200-301 v1.1

Module 6

https://t.me/learningnets
Syslog
A standard protocol used by devices to send system log or event messages to a central syslog server
Messages are sent in near real-time
UDP 514
Clear text
Is dependent on each device:
◦ Logging its own events
◦ Sending events to the syslog server

Used to collect device log information for:


◦ Device and application monitoring
◦ Management
◦ Security auditing

https://t.me/learningnets
Syslog Example

https://t.me/learningnets
Syslog Console Example

https://t.me/learningnets
Syslog Facility and Severity
When a syslog message is generated, it is assigned both a facility and a severity level
The combination of these two attributes allows syslog servers and administrators to categorize,
prioritize, and respond to log messages
Facility Code + Severity Level = Syslog Priority

<138>Sep 2 14:23:45 RouterA.local2: %LINK-5-CHANGED: Interface GigabitEthernet0/1, changed state to down

Syslog priority is a calculation of facility


code, severity level, and format encoding

https://t.me/learningnets
Syslog Facility Codes
Syslog facilities are pre-defined codes that indicate the origin of a log message
◦ Identify the source or application generating the message

Standard syslog facilities range from:


◦ 0 – 15 for various system components
◦ 16 – 23 for local (custom) use

https://t.me/learningnets
Standard Syslog Facilities
kern (0): Kernel messages ntp (12): Network Time Protocol daemon
user (1): User-level messages audit (13): Log audit (used for logging audit records)

mail (2): Mail system alert (14): Log alert (used for logging alert messages)

daemon (3): System daemons clock (15): Clock daemon (reserved for system use)
local0 (16): Reserved for local use (custom)
auth (4): Security/authorization messages
local1 (17): Reserved for local use (custom)
syslog (5): Messages generated internally by the syslog daemon
local2 (18): Reserved for local use (custom)
lpr (6): Line printer subsystem
local3 (19): Reserved for local use (custom)
news (7): Network news subsystem
local4 (20): Reserved for local use (custom)
uucp (8): UUCP subsystem (Unix-to-Unix Copy Protocol)
local5 (21): Reserved for local use (custom)
cron (9): Clock daemon (cron and at)
local6 (22): Reserved for local use (custom)
authpriv (10): Security/authorization messages (private)
local7 (23): Reserved for local use (custom)
ftp (11): FTP daemon

https://t.me/learningnets
Cisco Syslog Severity Levels
Cisco devices include a severity level as part of their syslog message:
0 – Emergency
1 – Alert, immediate action needed
2 – Critical, could lead to instability or failure
3 – Error, could indicate problems, but do not need immediate attention
4 – Warning, non-critical but should be monitored and addressed
5 – Notification, normal but significant condition
6 – Informational, general operational message, not indicative of any issue
7 – Debugging, detailed messages for troubleshooting and diagnostics, verbose output

https://t.me/learningnets
Syslog Server Message Responses
You can configure responses on a Syslog server based on facility code, severity level, or both:
Store messages in separate locations
Filter incoming messages to focus only on certain types
Re-route incoming messages to another server or endpoint
Create alerts and actions to respond to certain message types

https://t.me/learningnets
How Cisco Clients Use Syslog
Cisco syslog client messages by default use facility code local7
If desired, you can also use the other local facility codes 0 – 6 for specific use cases
Messages include the severity level along with facility code

https://t.me/learningnets
Syslog Client Example
# Configure the device to send syslog messages to 192.168.1.100
◦ Use the default facility local7(23)
◦ Send all messages that have a severity of informational or higher
◦ Include a date-time stamp to the millisecond

R1# configure terminal


R1(config)# logging host 192.168.1.100
R1(config)# logging trap informational
R1(config)# service timestamps log datetime msec
R1(config)# logging on
R1(config)# end
Router# copy running-config startup-config

https://t.me/learningnets
Syslog Client Custom Facility Example
# Configure the device to send syslog messages to 192.168.1.100
◦ Use a different facility local2
◦ Send all messages that have a severity of critical or higher

R1# configure terminal


R1(config)# logging host 192.168.1.200
R1(config)# logging facility local2
R1(config)# logging trap critical
R1(config)# logging on
R1(config)# end
R1# copy running-config startup-config

https://t.me/learningnets
Configuring a Cisco Syslog Server

Most Cisco devices are already configured to be syslog servers


◦ You just need to ensure logging is enabled
◦ You also need to configure other devices to point to the Cisco device as their syslog server
◦ Keep in mind that Cisco devices have limited resources for storing logs
◦ Prefer to set up a syslog server on a dedicated server or virtual machine

Default syslog server settings:


◦ Accept severity level 6 or higher
◦ Buffer size 4096 bytes
◦ No filtering or forwarding
◦ Incoming messages are timestamped

https://t.me/learningnets
Configuring a Cisco Syslog Server Example
R1> enable
R1# configure terminal
R1(config)# logging on
R1(config)# end
R1# copy running-config startup-config

https://t.me/learningnets
Syslog Commands
Command Description
logging on Enable logging (on by default)
logging host <syslog server> Specify the syslog server to send messages to
logging host 192.168.1.200
logging facility [local0 – local7] Optionally specify the syslog facility to use (default
logging facility local2 is local7)
logging trap <minimal severity level> Optionally specify the minimum severity level to
logging trap informational send (default is informational)
service timestamps log datetime msec Optionally specify if the message should include a
timestamp to the millisecond
show logging

https://t.me/learningnets
SNMP

https://t.me/learningnets
Simple Network Management Protocol (SNMP)

Used to monitor and manage network-connected devices in an IP network


◦ Queries devices on a regular interval (typically every 5 minutes)

Similar to Syslog
Vendor-neutral
UDP 161 and 162
Clear text (unless v3 is used)
Does NOT require the device to maintain its own log
DOES require the device to be able to answer queries

https://t.me/learningnets
SNMP Components

Manager
◦ Software running on a server or dedicated appliance
◦ Queries devices (agents) on a regular interval for their status

Agent
◦ Software running on a device that responds to SNMP manager queries

https://t.me/learningnets
SNMP Community Strings
A community string is a text string that acts as a password between the manager and its agents
◦ The manager must identify itself as belonging to the same “community” as the agent
◦ Agents will not respond to managers that are configured for a different community string

Read-Only (RO) community string is for queries only


◦ SNMP manager cannot write or configure anything on the agent device
◦ Typically set to “public”

Read-Write (RW) community string


◦ Allows the SNMP manager to both read and modify the settings on the device
◦ Typically set to “private”

Note: You can change your community strings as desired

https://t.me/learningnets
SNMP Process
Agents usually wait to be polled by the manager
Agents can also be configured to immediately send an alert (trap) to the manager if a specific
event occurs
Common versions include v1, v2c, and v3
SNMP managers include software such as:
◦ MRTG, SolarWinds NPM, or OpenNMS, WhatsUp Gold, ManageEngine OpManager

Note: Cisco devices can only be SNMP agents

https://t.me/learningnets
SNMP Example

agent
agent

agent

agent agent

https://t.me/learningnets
Information You Can Enumerate Using SNMP
Network devices IP and MAC addresses
Hosts ARP tables
Device CPU, RAM and disk utilization Routing tables
Users and groups VLANs
Services Port and interface status
Installed software Network traffic
Network shares Security violations
Device configurations and much, much more
IP and MAC addresses

https://t.me/learningnets
Configuring SNMP
# Enable SNMP and set community strings
◦ Router(config)# snmp-server community [community-string] [access-level]
◦ Router(config)# snmp-server community public RO
◦ Router(config)# snmp-server community private RW

# Enable a specific trap


◦ Router(config)# snmp-server enable traps [notification-type]
◦ Router(config)# snmp-server enable traps linkup linkdown

# Specify manager to send trap to


◦ Router(config)# snmp-server host <ip address> <community string> [notification-type]
◦ Router(config)# snmp-server host 192.168.1.100 public linkup linkdown

https://t.me/learningnets
SNMP Commands
Command Description
snmp-server community [community-string] [access-level] Enable SNMP
snmp-server community public RO Set the community string “public” for read-only
snmp-server community private RW Set the community string “private” for read-write
snmp-server enable traps [notification-type] Enable a particular trap
snmp-server enable traps linkup linkdown
Router(config)# snmp-server host <ip address> Specify the SNMP manager to send the trap to
<community string> [notification-type] Include community string and notification type

Router(config)# snmp-server host 192.168.1.100 public


linkup linkdown
show snmp Display SNMP configuration including statistics
show running-config | include snmp Display current running configuration (SNMP only)

https://t.me/learningnets
DHCP
DNS
6.4 NTP
Infrastructure
Services
CCNA 200-301 v1.1

Module 6

https://t.me/learningnets
Dynamic Host Configuration Protocol (DHCP)

An automated way to assign IP addresses to hosts on a network


Based on the earlier BOOTP protocol
Client issues a Layer 2 broadcast to request an IP address from any listening DHCP server
Server has pre-configured pool of available IP addresses
Server “leases” an address for a limited time to the client
Communications are in clear text with no authentication
Server port = UDP 67
Client port = UDP 68

https://t.me/learningnets
DHCP Process
AKA “DORA”
Layer 2 Broadcast
Lease can be limited time or indefinite
Lease will include:
◦ IP Address
◦ Subnet Mask
◦ Length of time for the lease
Lease can include options:
◦ Default Gateway
◦ DNS Server(s)
◦ DNS Domain Name
◦ Other options

https://t.me/learningnets
DHCP Relay Agent/IP helper
A hardware device or software program that can pass DHCP or BOOTP messages between DHCP
clients and servers
◦ Cisco IP helpers use UDP to carry the DHCP messages

Necessary if the DHCP server is on a different subnet from its clients


◦ Routers do not pass broadcasts

RFC 1542-compliant routers can be configured as DHCP relay agents

192.168.10.100 192.168.10.101 FF-FF-FF-FF-FF-FF

192.168.10.1 10.4.3.1

https://t.me/learningnets
Configure a Cisco DHCP Client Example
# Configure on the interface that should be the DHCP client
Router(config-if)# ip dhcp

https://t.me/learningnets
Configure a Cisco DHCP Relay Agent Example

# Configure on the interface that faces the clients


Router(config-if)# ip helper-address < DHCP Server IP >
Router(config-if)# ip helper-address 192.168.1.1

https://t.me/learningnets
Configure a Cisco DHCP Server Example
1. Exclude IP range from the DHCP scope
Router(config)# ip dhcp excluded-address 192.168.1.1 192.168.1.10
2. Create a pool (DHCP scope)
Router(config)# ip dhcp pool MY_DHCP_POOL
3. Specify the range of addresses for the pool
Router(dhcp-config)# network 192.168.1.0 255.255.255.0

https://t.me/learningnets
Configure a Cisco DHCP Server Example (cont’d)

4. Set the DHCP default gateway scope option


Router(dhcp-config)# default-router 192.168.1.1
5. Set the DNS servers scope option
Router(dhcp-config)# dns-server 8.8.8.8 8.8.4.4
6. Set the DHCP lease time (in days)
Router(dhcp-config)# lease 7
7. Exit and save
Router(dhcp-config)# end
Router# copy running-config startup-config

https://t.me/learningnets
DHCP Commands
Command Description
ip dhcp Enable an interface to be a DHCP client
ip helper-address <DHCP Server IP> Configure an interface to be a DHCP relay
ip helper-address 192.168.1.1
ip dhcp excluded-address <start> <end> (Global config mode) Exclude any addresses in the
ip dhcp excluded-address 192.168.1.1 192.168.1.10 subnet from being offered to a DHCP client
ip dhcp pool <name> Create a DHCP pool (scope)
ip dhcp pool MY_DHCP_POOL
network <subnet ID> <subnet mask> (DHCP config mode) Specify the subnet ID and mask
network 192.168.1.0 255.255.255.0 that the leased addresses will come from
default-router <gateway IP> Specify the default gateway scope option
default-router 192.168.1.1
dns-server <IP> <IP> Specify the DNS scope option
dns-server 8.8.8.8 8.8.4.4
lease <days> Specify the DHCP lease length
lease 7

https://t.me/learningnets
DNS

https://t.me/learningnets
The Role of DNS in a Network
Maps IP addresses to “friendly” host names
Exists for human convenience
Allows IP addresses to change
Places all organizations and their records in a single hierarchy (DNS namespace)
Uses UDP and TCP port 53
◦ UDP for queries
◦ TCP for zone transfers (replication) between servers
◦ DNS transmissions are in clear text
◦ DNSSEC uses accompanying digital signatures to guarantee authenticity of a record

https://t.me/learningnets
Common DNS Record Types
SOA (Start of Authority)
◦ Indicates the DNS server that is the ultimate authority for the domain
NS (Name Server)
◦ Indicates this is a DNS server for a specific domain
A
◦ AKA host record
◦ IPv4 host record (Name  IP); Example: server1  192.168.1.5
AAAA
◦ IPv6 host record (Name  IP); Example: server1  2601:140:8500:d3d0::7723
CNAME
◦ Alias for a host record; Example: www for server1.company.com
PTR
◦ Reverse lookup record (IP  Name); Example: 192.168.1.5  server1

https://t.me/learningnets
DNS Hierarchy Example
Root “.”

Top Level
Domains
.net .com .org .edu .uk

Domains

cisco
DNS servers at all levels can
have various records
Sub-domains

sales research

https://t.me/learningnets
DNS Commands
Command Description
ip domain-lookup Enable DNS client / use DNS to resolve names
no ip domain-lookup Disable DNS client / stop doing name resolution
ip name-server [dns-server-ip] Specify the IP address of your DNS server
ip name-server 8.8.8.8 You can specify one or more DNS servers
ip name-server 8.8.4.4
ip domain-name [your-domain-name] Set a default domain name that the router appends
ip domain-name company.com to any unqualified hostnames during DNS resolution
ip host [hostname] [ip-address] Create a static host-to-IP address mapping
ip host switch1 192.168.100.100 To be used instead of a DNS lookup for that name
ip dns server Configure the router to be a caching DNS server
Can also serve records from ip host entries

https://t.me/learningnets
DNS Commands (cont’d)
Command Description
show hosts Display your DNS cache and host entries
clear host Clear all dynamically learned DNS addresses
clear host [hostname] Clear a specific dynamically learned DNS address
ping <hostname> See if name resolution is performed before ping
ping switch1
ping www.cisco.com
debug ip dns Perform real-time debugging of DNS processes
undebug all Stop all debugging

https://t.me/learningnets
NTP

https://t.me/learningnets
Network Time Protocol (NTP)
Used to synchronize device clocks on a network
◦ Servers, clients, Cisco devices, IDS/IPS, mobile devices, etc.

Time synchronization on a network is necessary for many reasons including:


◦ Consistency across devices, process synchronization, authentication, authorization, auditing, logging,
compliance, troubleshooting

UDP 123

https://t.me/learningnets
NTP Stratums
NTP is organized into a hierarchy of stratums
◦ Levels 0 – 15
◦ Stratum 0 is the highest; devices at this level actually generate the reference time

Synchronization is one-way
◦ Stratum 0  Stratum 1  Stratum 2  Stratum 3, etc.
◦ The lowest levels, being farthest removed from Stratum 0, will be the least precise
◦ Farthest off the original time

https://t.me/learningnets
NTP Stratum Infrastructure
Stratum 0
Actual time sources
Not on the network
Stratum 1
Computers attached to Stratum 0
Master clocks on the network
Distribute time to lower strata
NIST Cesium Fountain Atomic Clock Stratum 2
Public servers at university,
research and gov’t facilities,
The U.S. Naval Observatory Wash. DC Master Clock ISPs, large organizations

Stratum 3
Your company’s
time server

Stratum 4
Network devices, servers,
workstations on your network

https://t.me/learningnets
Configuring NTP

You can configure your Cisco device to be an NTP:


◦ Client
◦ Server
◦ Peer (one of two servers that synchronize bi-directionally for fault tolerance)

Peers configuration includes:


◦ Authentication between the peers
◦ Shared secret key peers use to authenticate to each other

https://t.me/learningnets
NTP Client and Server Commands

Command Description
ntp server [IP address | hostname] Configure the device to be an NTP client
ntp server 192.168.1.5 Specify the server to synchronize your clock to
ntp master <1-15> Configure the device to be an NTP server
ntp master 3 Specify the stratum level (usually 2 – 15)

https://t.me/learningnets
NTP Peer Commands
Command Description
ntp peer <Peer IP> key <key number> Declare an NTP peer, with shared secret key number
ntp peer 192.168.1.2 key 1 Peer 1 declares peer 2
ntp peer 192.168.1.1 key 1 Peer 2 declares peer 1
ntp authenticate Require your NTP peer to authenticate to you when
synchronizing (must be done on both sides)
ntp authentication-key <key number> Specify the shared secret your peer must use when
<hashing type> <key value> authenticating to you
ntp authentication-key 1 md5 123456 (must be done on both sides)
ntp trusted-key <key number> Mark the shared secret as trusted
ntp trusted-key 1 Do on both sides or authentication will fail

https://t.me/learningnets
NTP Show Commands
Command Description
show ntp associations Displays your server or peer IP address, the server
or peer’s stratum level, your polling interval,
server/peer reachability, delays and more
show ntp status Display whether your device is synchronized by
server or peer and its IP address, your own stratum
level, your polling interval, your precision level, your
local clock as synchronized by NTP, and more
debug ntp packets Debug all ntp communications
undebug all Stop all debugging

https://t.me/learningnets
What is Quality of Service (QoS)?
Differentiated Services Code Point (DSCP)
Per-Hop Behavior (PHB)
6.5 Quality of
Service
CCNA 200-301 v1.1

Module 6

https://t.me/learningnets
What is Quality of Service (QoS)?
Aka traffic shaping
Helps manage packet loss, delay and jitter on your network infrastructure
Ensures that different types of network traffic receive the appropriate priority and resources
Gives priority to traffic that needs it most
◦ Realtime traffic such as voice and video

To be meaningful, must be supported by every device (switch, router) along the packet’s path
◦ Impossible to enforce on the Internet

https://t.me/learningnets
Differentiated Services Code Point (DSCP)

A way to identify and mark traffic priority level


◦ Allows higher priority traffic to receive preferential treatment

Marking placed in Layer 3 packet header


◦ Various applications can be marked differently
◦ Range of 0 (lowest) to 63 (highest) priority

Enforced by routers
◦ Packets with different priorities are placed in different outbound queues

https://t.me/learningnets
DSCP in the IP Header

https://t.me/learningnets
Cisco Baseline DSCP Recommended Values
Application DSCP Value Description
Routing 48 Network control
Voice 46 VoIP telephony
Interactive video 34 Multimedia conferencing
Streaming video 32 Multimedia streaming
Mission critical data 26 Defined by organization
Call signaling 24 SIP, H.323
Transactional data 18 Low-latency data
Network management 16 Operations/administration
Bulk data 10 High-throughput data
Scavenger 8 Low priority data
Best effort 0 whatever

https://t.me/learningnets
DSCP Example Queues on a Router

Voice: Highest Priority Queue

Video: High Priority Queue

Best Effort Queue

https://t.me/learningnets
Per-Hop Behavior (PHB)

A common approach to implementing QoS in IP networks


◦ QoS defines the policy, PHB implements it

Defines the behavior that each router or switch applies to a packet as it traverses the network
Based on the DSCP value set in the packet's IP header

Note: “Forwarding PHB” is a term you may sometimes hear. It refers to when a router physically
forwards a packet based on PHB settings.

https://t.me/learningnets
PHB Key Components
Component Description
Classification Identify and categorize packets based on:
Source/destination IP, protocol type, port numbers, or application type
Marking Tag packets with DSCP levels to indicate their priority
Queuing Store packets in different outbound (egress) queues based on priority
Congestion Management How to handle packets during network congestion
Drop, delay, or proactively manage
Policing Drop or re-mark packets that exceed the traffic limit for their priority level
Shaping Used with marking and other settings for bandwidth control
Buffer and delay packets to smooth out bursts of traffic
Helps prevent congestion by pacing the traffic flow
Unlike policing, holds excess traffic in a queue; releases it at a configured rate

https://t.me/learningnets
Review

6.6 Review
CCNA 200-301 v1.1

Module 6

https://t.me/learningnets
Review
Telnet is used to obtain a command prompt on a remote device
It is convenient and easy to use, but not secure
Cisco devices can be a telnet client or server
SSH is an encrypted replacement for Telnet
Some Cisco devices offer HTTP services for browser or REST API-based remote management
Most modern Cisco devices can be HTTP clients, but you must use a command prompt

https://t.me/learningnets
Review (cont’d)
TFTP is a lightweight protocol for transferring files between a Cisco device and a central server
It is non-interactive, sent in clear text, with no authentication
Using UDP 69, it is best suited for servers that are on the same network segment as the device
All Cisco devices can be TFTP clients
It is possible to configure a Cisco device to be a TFTP server, but you must ensure it has enough
storage

https://t.me/learningnets
Review (cont’d)
FTP is more reliable than TFTP for transferring files
It is interactive, authenticates users, but still sent in clear text
All Cisco devices can be FTP clients
Some Cisco devices can be configured to be FTP servers

https://t.me/learningnets
Review (cont’d)
Syslog is a standard protocol used by devices to send system log or event messages to a central
syslog server
It is dependent on devices being able to log their own events
Messages are sent in clear text on UDP 514
A syslog facility is a pre-defined code that indicates the origin of a log message
Standard syslog facilities range from 0 - 15 for system components; 16 - 23 for local (custom) use
Cisco uses syslog facility local7(23) by default
You can also configure a Cisco device to use other local facilities (local0 - 6) for various use cases

https://t.me/learningnets
Review (cont’d)
In addition to the facility code, Cisco devices include a severity level as part of their syslog
message
The Cisco severity levels range from 0 - 7 (emergency - debugging)
By default, Cisco sends syslog messages for severity level 6 or higher
You can configure different responses on a Syslog server based on message facility code, severity
level, or both
Most Cisco devices are already configured to be syslog servers
All Cisco devices can be configured to be syslog clients

https://t.me/learningnets
Review (cont’d)
SNMP is similar to syslog
Unless you use SNMP v3, messages are sent in clear text on UDP 161 and 162
Unlike syslog, SNMP does not require the device to maintain its own log
An SNMP manager regularly polls devices running the SNMP agent for status updates
The SNMP manager must use the same community string as the agent
Otherwise the agent will not respond
The two common SNMP community strings are public, for read-only operations, and private, for
read-write operations

https://t.me/learningnets
Review (cont’d)
DHCP is an automated way to assign IP addresses to hosts on a network
Client issues a Layer 2 broadcast to request an IP address from any listening DHCP server
The DHCP server has pre-configured pool of available IP addresses that include lease duration,
and scope options such as default gateway and DNS server(s)
You can configure a Cisco device interface to be a DHCP client
You can also configure a Cisco device to be a DHCP server
RFC 1542-compliant routers can also be configured as DHCP relay agents

https://t.me/learningnets
Review (cont’d)
DNS maps IP addresses to “friendly” host names
DNS places all organizations and their records in a single hierarchy called the DNS namespace
At the top of the namespace is the root, followed by top level domains, then domains, and then
sub-domains
DNS servers exist at every level of the DNS namespace, and can contain various records there
You can configure a Cisco device to be a DNS client
You can also configure a Cisco device to be a limited DNS server
As a server, the device will query other DNS servers on your behalf, cache the response, and also
offer up any requested records from its own static host-to-IP address mappings

https://t.me/learningnets
Review (cont’d)
NTP is used to synchronize device clocks on a network
NTP infrastructure is organized into a hierarchy of stratums, from 0 - 15
Stratum 0 is the highest level; it contains devices that actually generate time such as GPS, Cell
towers, Cesium fountains, and other sources
Stratum 1 devices are computers that obtain the time from a Stratum 0 device, and make that
time available on the network
Devices at each stratum level synchronize devices at the next lower level
Cisco network devices are typically at Stratum 4
You can configure a Cisco device to be an NTP client, server, or peer
NTP peers exist for fault tolerance, and can synchronize each other bi-directionally

https://t.me/learningnets
Review (cont’d)
Quality of Service is used to manage packet loss, delay and jitter on your network infrastructure
It gives priority to traffic that needs it most, such as voice and video
To be meaningful, QoS must be supported by every device along the packet’s path

https://t.me/learningnets
Review (cont’d)
Differentiated Services Code Point (DSCP) is a way to identify and mark traffic priority level
DSCP markings are placed in the packet’s Layer 3 header, and are enforced by routers that the
packet passes through
Packets with different priorities are placed in different outbound queues
DSCP markings range from 0 (lowest) to 63 (highest) priority
Each router that is configured for QoS has various outbound (egress) queues
Each queue has a different priority level
Outbound packets are placed in the appropriate queue based on their DSCP marking

https://t.me/learningnets
Review (cont’d)
Per-Hop Behavior (PHB) is a common mechanism for enforcing QoS
PHB uses classification, marking, and queuing to categorize, tag, and store packets based on traffic type
PHB then uses congestion management to determine what to do with a packet when there is network
congestion
PHB uses policing to drop or re-mark packets that exceed the traffic limit for their priority level
PHB uses shaping to smooth out bursts of traffic
In shaping, packets are not dropped, but are instead stored in a buffer and delayed to be released a little
later

https://t.me/learningnets

You might also like