200-301 CCNA (Cisco Certified Network Associate) Study Guide (eBook)
114 Seiten
Publishdrive (Verlag)
9780000972620 (ISBN)
The 200-301 CCNA (Cisco Certified Network Associate) exam is a foundational certification for IT professionals seeking to establish a career in networking. It covers a broad range of networking concepts and technologies, from basic networking fundamentals to more advanced topics, preparing candidates to configure, troubleshoot, and manage networks. The exam tests skills in areas such as IP addressing, network security, automation, and cloud services.
The study guide for the 200-301 CCNA exam includes several key sections:
Network Fundamentals: Understanding how networks operate, including OSI and TCP/IP models, Ethernet, and IP addressing. You will learn to configure and troubleshoot basic network devices such as routers and switches.
IP Connectivity: Knowledge of routing concepts, IP routing, and the configuration of routing protocols like RIP, OSPF, and static routing. This section also covers IPv4 and IPv6 addressing schemes.
Network Access: Understanding LAN technologies, including VLANs, trunking, and wireless network configurations.
IP Services: Focuses on services like DHCP, NAT, and NTP, along with network security protocols.
Security Fundamentals: Introduction to network security concepts such as access control lists (ACLs), firewall technologies, VPNs, and secure network design principles.
Automation and Programmability: Concepts in network automation, including the basics of software-defined networking (SDN), network management protocols, and automation tools.
Preparing for the 200-301 CCNA exam requires hands-on practice with Cisco devices and familiarity with networking concepts through simulation software or lab exercises. The exam evaluates both theoretical knowledge and practical skills in network configuration and troubleshooting.
2. VLANs
VLAN Configuration
A VLAN (Virtual Local Area Network) is a logical grouping of devices within a network, even if they are physically located on different network segments. VLANs are used to segment traffic, improve network performance, and enhance security by isolating traffic within a specific VLAN.
Each VLAN is identified by a unique VLAN ID (an integer ranging from 1 to 4095) and allows for the logical grouping of devices regardless of their physical location. This helps to reduce the complexity of network management, especially in larger environments where devices are scattered across multiple physical locations.
The configuration of VLANs is typically done on network switches. To create and assign VLANs to ports on a Cisco switch, you would typically use commands like:
- Creating a VLAN:
bash
CopyEdit
Switch(config)# vlan 10
Switch(config-vlan)# name HR_VLAN
- Assigning VLAN to a port:
bash
CopyEdit
Switch(config)# interface range fa0/1 - 10
Switch(config-if-range)# switchport mode access
Switch(config-if-range)# switchport access vlan 10
VLANs can be used to group devices based on departments (e.g., HR, Sales, IT), function (e.g., printers, servers), or even for security purposes (isolating guest devices from internal devices).
VLAN Tagging (802.1Q)
VLAN tagging allows Ethernet frames to carry VLAN information across a network. This is necessary in situations where multiple VLANs are being transmitted over a shared physical link between switches or other network devices. The most widely used VLAN tagging protocol is 802.1Q, which inserts a 4-byte tag into the Ethernet frame header, identifying the VLAN to which the frame belongs.
When a switch sends a frame from a VLAN, it tags the frame with the VLAN ID using the 802.1Q tag. This tag is inserted between the source MAC address and the Ethertype fields of the Ethernet frame. The tag contains the following fields:
- TPID (Tag Protocol Identifier): A 16-bit field indicating that the frame is VLAN-tagged. The default value for this field is 0x8100.
- TCI (Tag Control Information): A 16-bit field containing the VLAN ID and priority information.
Here is an overview of the 802.1Q frame structure:
- Ethernet header
- 802.1Q tag (4 bytes):
- TPID (2 bytes)
- TCI (2 bytes)
- Payload (Data)
- CRC
The frame is then transmitted across trunk links. When it reaches the destination switch, the switch examines the VLAN tag to forward the frame to the correct VLAN.
Native VLAN
The Native VLAN is a VLAN that is used on trunk ports to carry untagged traffic. By default, on a Cisco switch, the native VLAN is VLAN 1. However, it is recommended to change the native VLAN to a different number for security reasons, as the default VLAN can be easily exploited by attackers.
When a frame is transmitted on a trunk port and does not have a VLAN tag, it is assigned to the native VLAN. This is important in scenarios where devices or legacy equipment that do not support VLAN tagging need to communicate over the network. For example, older devices may not understand VLAN tags, so their frames are sent as untagged, and the native VLAN configuration ensures that these frames are handled properly.
To configure a native VLAN on a trunk port:
bash
CopyEdit
Switch(config)# interface gigabitethernet 0/1
Switch(config-if)# switchport trunk native vlan 99
This assigns VLAN 99 as the native VLAN for the trunk link.
2.2 Inter-Switch Communication
Trunk Ports
A Trunk Port is a port on a switch that is configured to carry traffic for multiple VLANs across a network link. Trunking allows for the transmission of multiple VLANs over a single physical link between switches or other network devices, such as routers or firewalls.
Trunk ports use the 802.1Q protocol to tag frames with the appropriate VLAN information. This enables devices to distinguish between frames belonging to different VLANs, even though they are all transmitted over the same physical link. The trunk link can carry traffic for any number of VLANs, depending on the configuration.
Trunk ports are typically used between switches or from a switch to a router. These ports are configured to allow multiple VLANs to be sent over the same link. For example:
To configure a port as a trunk on a Cisco switch:
bash
CopyEdit
Switch(config)# interface gigabitethernet 0/1
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk allowed vlan 10,20,30
This configuration ensures that only VLANs 10, 20, and 30 are allowed to traverse the trunk link. By default, all VLANs are allowed on a trunk link unless specified otherwise.
Dynamic Trunking Protocol (DTP)
The Dynamic Trunking Protocol (DTP) is a Cisco proprietary protocol used to automatically negotiate the trunking status of a link between two switches. DTP can automatically configure a link to either a trunk or access port, depending on the devices connected to the port.
There are several DTP modes:
- Dynamic Auto: The port will automatically become a trunk if the other side is set to trunk or desirable mode.
- Dynamic Desirable: The port actively attempts to negotiate a trunk link.
- Trunk: The port is explicitly set as a trunk port and does not negotiate.
- Access: The port is explicitly set to an access port and does not negotiate.
For example, if both sides are set to dynamic auto, the link may or may not become a trunk depending on the negotiation process. However, if one side is set to dynamic desirable, the trunk will be formed if the other side also supports trunking.
To configure a port with DTP:
bash
CopyEdit
Switch(config)# interface gigabitethernet 0/1
Switch(config-if)# switchport mode dynamic desirable
This will cause the switch to attempt to form a trunk link if the other side of the link supports it.
2.3 Layer 2 Discovery Protocols
CDP (Cisco Discovery Protocol)
CDP (Cisco Discovery Protocol) is a proprietary Layer 2 protocol developed by Cisco that is used to discover information about directly connected Cisco devices. CDP operates at the data link layer (Layer 2) and allows devices to share information such as their device name, IP address, platform, and interface details.
CDP operates in a periodic broadcast manner, where devices periodically advertise their information to directly connected devices. This information can be very useful for network administrators to map and troubleshoot networks, especially when managing large-scale Cisco-based environments.
You can view the CDP information on a Cisco switch or router using the following command:
bash
CopyEdit
Switch# show cdp neighbors
The output shows the connected devices, their device IDs, interface information, and capabilities.
To disable CDP on a specific interface:
bash
CopyEdit
Switch(config-if)# no cdp enable
To disable CDP globally:
bash
CopyEdit
Switch(config)# no cdp run
LLDP (Link Layer Discovery Protocol)
LLDP (Link Layer Discovery Protocol) is an open standard protocol that performs a similar function to CDP but is designed to work with devices from various vendors, not just Cisco devices. LLDP operates at the data link layer (Layer 2) and allows devices to advertise their identity, capabilities, and other relevant information to directly connected devices.
LLDP sends information in LLDPDU (Link Layer Discovery Protocol Data Units), which contain details such as the device’s hostname, port description, VLANs, and supported capabilities. LLDP is particularly useful in multi-vendor environments, where CDP is not supported.
LLDP is defined by the IEEE 802.1ab standard. Like CDP, it operates in a periodic broadcast manner.
To view LLDP information on a device:
bash
CopyEdit
Switch# show lldp neighbors
To disable LLDP on an interface:
bash
CopyEdit
Switch(config-if)# no lldp transmit
Switch(config-if)# no lldp receive
To disable LLDP globally:
bash
CopyEdit
Switch(config)# no lldp run
2.4 EtherChannel
Static vs. Dynamic (LACP)
EtherChannel is a technology that allows multiple physical Ethernet links to be combined into a single logical link. This provides increased bandwidth and redundancy between devices, such as switches, routers, and servers. EtherChannel helps improve network performance by aggregating multiple links, which also improves the reliability of network communication.
- Static EtherChannel: In static EtherChannel configuration, both ends of the link are manually configured to form an EtherChannel. There is no negotiation between the devices, and the configuration must be identical on both sides. If there is a mismatch in configurations (such as port speed or duplex), the EtherChannel will not form.
Example of static EtherChannel configuration:
bash
CopyEdit
Switch(config)# interface range gigabitethernet 0/1 - 2
Switch(config-if-range)# channel-group 1 mode on
- Dynamic EtherChannel (LACP):...
| Erscheint lt. Verlag | 20.5.2025 |
|---|---|
| Sprache | englisch |
| Themenwelt | Sozialwissenschaften ► Pädagogik |
| ISBN-13 | 9780000972620 / 9780000972620 |
| Informationen gemäß Produktsicherheitsverordnung (GPSR) | |
| Haben Sie eine Frage zum Produkt? |
EPUB (Adobe DRM)Größe: 2,7 MB
Kopierschutz: Adobe-DRM
Adobe-DRM ist ein Kopierschutz, der das eBook vor Mißbrauch schützen soll. Dabei wird das eBook bereits beim Download auf Ihre persönliche Adobe-ID autorisiert. Lesen können Sie das eBook dann nur auf den Geräten, welche ebenfalls auf Ihre Adobe-ID registriert sind.
Details zum Adobe-DRM
Dateiformat: EPUB (Electronic Publication)
EPUB ist ein offener Standard für eBooks und eignet sich besonders zur Darstellung von Belletristik und Sachbüchern. Der Fließtext wird dynamisch an die Display- und Schriftgröße angepasst. Auch für mobile Lesegeräte ist EPUB daher gut geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen eine
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen eine
Geräteliste und zusätzliche Hinweise
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
