is452exam3review

Card Set Information

Author:
tttran1
ID:
250849
Filename:
is452exam3review
Updated:
2013-12-04 21:56:38
Tags:
is452exam3review
Folders:

Description:
is452exam3review
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user tttran1 on FreezingBlue Flashcards. What would you like to do?


  1. Cisco Memory consist of
    • Flash
    • NVRAM
    • RAM
  2. Flash
    • Memory where IOS image is kept
    • copies of the configuration can also be kept in this space
  3. NVRAM
    Maintains the configuration of the device
  4. RAM
    • Volatile memory where the running configuration is kept
    • CPU executes IOS software
    • Routing tables are maintained
  5. Cisco Access Management
    • Console Port
    • Auxiliary (Aux) port
    • VTY Virtual terminal line (Telnet)
  6. Console Port
    A terminal connection attached to a computer
  7. Auxiliary (Aux) port
    Used for out-of-band access via a modem
  8. VTY Virtual terminal line (Telnet)
    Access to device through telnet session
  9. Cisco Configuration
    • Saving Configuration
    • § Running Configuration
    • ○ The configuration that is used while the system is on
    • § Start-up Configuration
    • ○ The configuration that is loaded onto the system when the system is started
    • ○ Once started, the configuration becomes running configuration
    • § copy running-config startup-config is the syntax used to save the configuration
  10. Running Configuration
    The configuration that is used while the system is on
  11. Start-up Configuration
    • The configuration that is loaded onto the system when the system is started
    • Once started, the configuration becomes running configuration
  12. Point of Presence (POP)
    • An access point to the Internet
    • A router is required to interface with the service provider
    • § A CSU/DSU is required for leased lines
    • § CSU/DSU is a hardware device that converts a digital data frame used on the LAN into one that is appropriate for the WAN or Internet
    • Demarcation point is where the ISP company ends and the private network of the customer begins
    • Last mile handled by local LEC
    • A circuit can be a partial T1 to an OC-255(13.21 Gbps)
  13. Demarcation point
    Is where the ISP company ends and the private network of the customer begins
  14. CSU/DSU
    Is a hardware device that converts a digital data frame used on the LAN into one that is appropriate for the WAN or Internet
  15. Demilitarized Zone (DMZ) Design
    • A segment or subnetwork that sits between a trusted internal network and an untrusted external network
    • ○ Typically DMZ include web, FTP, SMTP, and DNS servers
    • ○ A DMZ can reside off of a router or firewall
    • ○ *diagram
  16. Network Circuits:
    • DS1 (T1) Circuit
    • E1 Circuit (Used in Europe)
    • DS3 (T3)Circuit
    • E3 Circuit (Used in Europe)
    • OC3 Circuit
    • OC12 Circuit
  17. DS1 (T1) Circuit
    • A connection supporting data rate of 1.544Mb (Actually consists of 24 channels each being 64Kb)
    • Acquiring multiple or fractional T1s are options.
    • ○ Half of a T1 – 768Kb
    • ○ Two T1s – 3.088Mb
  18. E1 Circuit (Used in Europe)
    A connection supporting data rate of 2.048Mb (32 channels)
  19. DS3 (T3)Circuit
    A connection supporting data rate of 44.736Mb (28 DS1s, plus management overhead)
  20. E3 Circuit (Used in Europe)
    A connection supporting data rate of 34.064Mb (16 E1s, plus management overhead)
  21. OC3 Circuit
    A connection supporting data rate of 155Mb
  22. OC12 Circuit
    A connection supporting data rate 622Mb
  23. Network Latency
    • Time interval between the transmission of a packet and the reception at its destination – usually measured as Round Trip Time
    • Network Latency is a component of “response time”
    • ○ Response time also includes delays inherent in applications, servers and clients
  24. 3 Components to Latency
    • Distance – Speed of Light (Fiber length)
    • Serialization Delay (very small contribution to delay)
    • • Time to place a frame on the network
    • Queuing Delay - Network Congestion
    • • Waiting till other packets finish transmission for an opportunity to transmit
    • • Varies from less than 1 mS to over 10,000 mS
  25. Serialization Delay (very small contribution to delay)
    Time to place a frame on the network
  26. Queuing Delay - Network Congestion
    • Waiting till other packets finish transmission for an opportunity to transmit
    • Varies from less than 1 mS to over 10,000 mS
  27. Dealing with Latency
    • Set Expectations
    • • Some applications are not meant to work over high latency
    • Avoid Congestion
    • Use adequate Data Rates
  28. Routing
    • Is the act of moving information from a source to a destination
    • Routing occurs at layer 3 of the OSI model
  29. Routing involves two components
    • Determining optimal path to destination
    • • Metrics are used by routing protocols to determine path
    • • Path information is kept in routing tables
    • ○ These tables can vary depending on what protocol was used to acquire path
    • ○ Routers communicate with each other and maintain their routing tables through the exchange of messages
    • Transporting packets across network
    • ○ This is same across most routing protocols
  30. Routing Algorithms
    Various different algorithms exist and each has a different impact on network and router
  31. Algorithms calculate optimal path and this determination can be effected by the following things
    • Optimality
    • Simplicity
    • Robust
    • Convergence
    • Flexibility
  32. Optimality
    This is the capability and criteria in selecting the optimal path
  33. Simplicity
    These algorithms are overhead so they must not take up to many resources of the router
  34. Robust
    They should be able to determine correct paths in cases of high load, hardware failure, and incorrect implementations
  35. Convergence
    This the process of agreement, by all routers, on optimal paths. This process must occur quickly
  36. Flexibility
    They should be able to adapt quickly to changing circumstances
  37. Algorithm Type Differentiator
    • Static Routing vs Dynamic
    • Single Path vs Multipath
    • Flat vs Hierarchical
    • Link State vs Distance Vector
  38. Static Routing vs Dynamic
    • Static
    • ○ These are mappings that the network engineer has manually coded into the routing device
    • ○ These mappings do not change unless they are manually changed
    • ○ Simple to design and work well where network design is simple
    • Dynamic
    • ○ Uses a routing table
    • ○ Path changes and routing table updates are made automatically
  39. Single Path vs Multipath
    Does the routing protocol allow for multiple paths to the destination
  40. Flat vs Hierarchical
    • In a flat environment all routers are all peers
    • In hierarchical some routers form the backbone
    • ○ Some routers can talk to all while other routers can only talk to their specific area
  41. Link State vs Distance Vector
    • In link state routers send their own routing information to all routers within the network
    • In distance vector routers send their routing table information only to their neighbors
    • Link state have faster convergence but use more resources of the router
  42. Routing Metrics: The following routing metrics are used to determine optimal path
    • Path length
    • Reliability
    • Routing delay
    • Bandwidth
    • Load
    • Communication cost
  43. Path length
    This calculates the cost associated with each link
  44. Reliability
    The dependability of a network link
  45. Routing delay
    The amount it takes to move a packet from source to destination
  46. Bandwidth
    The traffic capacity of the link
  47. Load
    Determines how busy a router is
  48. Communication cost
    The cost in dollars for moving a packet across the line
  49. Distance Vector Logic
    • Routers add directly connected subnets to their routing table
    • Routers send updates to neighbors with their routing tables
    • Routers listen for routing updates from neighbors
    • Routing information includes a subnet number and a metric
    • When possible routers use broadcasts or multicast to send updates
    • If multiple paths are learned it will use the one with the best metric
    • Routers send and expect to receive periodic updates
    • If update is not received it results in the removal of the route
  50. Building Routing Table
    *diagram
  51. Route Poisoning
    Once a link has failed, a very large metric is used for that route
  52. Split Horizon
    • Routing information is never sent out the interface it was received on.
    • *diagram
  53. Hold-Down Timer
    • When learning that a route has failed, ignore any information about an alternative route to the subnet for a time equal to the hold-down timer.
    • *diagram
  54. Cisco Routers
    • SOHO, Branch Office, Central Site
    • • Different size sites will have different requirements
    • • Some of the determining factors in selecting a router are cost, availability, throughput, and additional features
    • • Service Providers (ISP) have a different line of routers available to them
    • • Cisco has added the 800, 1900, 2900, and 3900 Integrated Service routers
    • • Integrated routers allow one box to be the router, security device, VPN Gateway, WAP, Switch, IP Telephony Call Manger, etc…
  55. Routing Information Protocol (RIP)
    • RIP updates are sent every 30 seconds
    • A router updates its routing table once it receives an update and increments the path metric to the destination network by 1
    • RIP only maintains the best path to the remote network which is based on hop metric
    • • Could case unoptimal paths
    • Routing updates are sent independently of the regularly scheduled updates
    • RIP is very easy to configure
    • RIP does not support VLSM
  56. RIP Metric
    • RIP only uses the hop count metric
    • • Each hop has a value of 1
    • The maximum number of hops allowed in a path are 15
    • • If a router receives an update that increases the metric for a network to be 16 then that network is considered to be unreachable
  57. RIP Configuration
    • RIP only requires two commands to be enabled
    • *table
  58. Interior Gateway Routing Protocol (IGRP)
    • IGRP was developed by Cisco in the mid 80s
    • The goal was to provide a robust routing protocol with an autonomous system
    • • Autonomous system is collection of networks under a common administration sharing a common routing strategy
    • • Can also be thought of as a routing domain
    • IGRP uses a metric that factors delay, bandwidth, reliability, and load
    • • Network administrators can change these values and influence route selection
    • • Bandwidth metric is set on the specific interface
    • IGRP permits multipath routing
    • IGRP does not support VLSM
  59. IGRP Configuration
    • IGRP only requires two commands to be enabled
    • *table
  60. Access Lists (ACL)
    Access lists are used to filter traffic that passes through a router
  61. Some key features of Cisco ACL
    • Packets can be filtered as they enter an interface
    • Packets can be filtered before they exit an interface
    • Deny is the term used in Cisco IOS to block a packet at the interface that is doing the filtering
    • Permit is the term used in Cisco IOS to allow a packet through the interface that is doing the filtering
    • At the end of every ACL is an implied “deny all traffic” statement. Therefore, if a packet does not match any of your access list statements, it is blocked
  62. ACL filter packets by looking at the:
    IP, TCP, and UDP headers in the packet
  63. There are two types of ACLs
    • The standard ACL only examine the source IP address
    • The extended ACL can examine the source and destination IP address, as well as the source and destination port numbers
  64. Wildcard masks in ACLs:
    • ACLs use a wildcard mask instead of a subnet mask
    • Wildcard masks are the inverse of the subnet mask, the 1s are 0s and the 0s are 1s
  65. Standard ACLs are numbered in the range of:
    1 to 99 or 1300 to 1999
  66. The following is the syntax for a standard ACL
    • “access-list|number|permit/deny|ip address|wildcard mask”
    • “access-list 1 permit 172.16.0.0 0.0.255.255”
    • “access-list 1 deny 165.31.0.0 0.0.255.255”
    • Configuration is done in configuration mode
  67. A standard ACL needs to be enabled under the interface before it will work
    • The command used to apply an ACL to an interface is “ip access-group”
    • • This command is run under the interface mode
    • • To enable an ACL The interfaces on router need to be designated as the “inside” and “outside” interface
    • • “ip access-group 1 out” or “ip access-group 1 in”
  68. Extended ACLs are numbered in the range of
    100 to 199 or 2000 to 2699
  69. The following is the syntax for a extended ACL
    • “access-list|number|permit/deny|protocol|source IP address|source wildcard mask|destination IP address|destination wildcard mask|eq|port number”
    • “access-list|101|permit|tcp|172.16.0.0|0.0.255.255|165.33.15.0|0.0.0.255|eq|23”
    • “access-list 101 deny udp host 130.85.5.5 209.80.1.0 0.0.255.255 eq 80”
    • • “host” can be used to specify one ip address
    • • “eq” stands for equal and is telling the exact port to filter traffic on
    • • Ports can be compared by using less than (lt) or greater than (gt)
    • • Configuration is done in configuration mode
  70. An extended ACL needs to be enabled under the interface before it will work
    • The command used to apply an ACL to an interface is “ip access-group”
    • • This command is run under the interface mode
    • • To enable an ACL The interfaces on router need to be designated as the “inside” and “outside” interface
    • • “ip access-group 101 out” or “ip access-group 101 in”
  71. Remarks can be written to identify the ACL
    “access-list 101 remark this access list is used to deny web traffic”

What would you like to do?

Home > Flashcards > Print Preview