CCNA Networking Concepts Summary long video

Overview

• Source: Long CCNA practice/explanation transcript.
• Scope: Core routing & switching, IPv4/IPv6, DHCP, VLANs, SDN, wireless, security, QoS, automation, virtualization.
• Goal: Compact reference for concepts, rules, and common exam patterns.

Core Formulas & Selection Rules

• Usable hosts in a subnet
  usable_hosts = 2^(host bits) − 2
  • Example: /26 → host bits = 32 − 26 = 6 → 2^6 − 2 = 64 − 2 = 62 usable hosts.
• Route selection (in order):
  1. Longest prefix (most specific network) wins.
  2. If tied, lowest Administrative Distance (AD) wins.
  3. If still tied, lowest metric (per protocol) wins.
• Common Administrative Distances
  • Connected: 0
  • Static: 1
  • EIGRP internal: 90
  • OSPF: 110
  • RIP: 120
  • EIGRP external: 170

OSI Layers & Planes

• Transport layer (L4)

  • End‑to‑end delivery, error detection/recovery, flow control.
  • Protocols: TCP, UDP, SSL/TLS.
  • TCP: reliable, ordered, connection-oriented; slower, more overhead.
  • UDP: no reliability/ordering; faster; used where latency matters (voice, video, gaming, DNS).

• Network layer (L3)

  • Host‑to‑host delivery based on IP addresses.
  • Routes packets between different IP networks.
  • Routers operate here.

• Data vs Control vs Management planes

  • Data plane: fast forwarding of packets using forwarding table (derived from routes).
  • Control plane: computes routes (OSPF, EIGRP, BGP), builds routing tables.
  • Management plane: device management (SSH, Telnet, SNMP, syslog, NTP).

• Key rule

  • Route calculation: control plane.
  • Actual forwarding using the computed table: data plane.

SDN / Controller-Based Networking

• Concept

  • Control and data planes are disaggregated (separated).
  • Controller = centralized “brain” making routing/policy decisions.
  • Switches/routers in data plane just forward per controller’s instructions.

• APIs

  • Southbound APIs (controller → devices): OpenFlow, NETCONF. Used to push forwarding rules and configs to edge devices.
  • Northbound APIs (controller → apps/tools): REST (JSON/XML), used by automation/orchestration and monitoring apps.

• Controller roles

  • Centralized management and policy.
  • Pushes configs, routes, ACLs, QoS to many devices simultaneously.
  • Enables automation and faster, consistent changes.

IPv4 Addressing & Subnetting

• RFC1918 private ranges (not Internet-routable)

  • 10.0.0.0/8
  • 172.16.0.0/12
  • 192.168.0.0/16
  • Motivation: conserve public IPv4 space; allow internal-only communications.

• Examples

  • /30: 4 addresses (network, 2 hosts, broadcast) → 2 usable.
  • /25: 128 addresses → 126 usable.

• Host/network/broadcast rules

  • First address = network ID → not assignable.
  • Last address = broadcast → not assignable.
  • All others in range = usable host IPs.

DHCP

• Message sequence (DORA)

  • Discover (client → broadcast; UDP/67)
  • Offer (server → client; UDP/68)
  • Request (client → server; UDP/67) — accepts offered IP.
  • ACK (server → client; UDP/68)

• Key commands

  • Make interface a DHCP client:
    ip address dhcp
  • DHCP relay (forward client broadcasts to remote server): on interface closest to clients:
    ip helper-address <dhcp-server-ip>

• Server roles

  • Maintains an address pool, leases IPs dynamically.
  • Can exclude addresses from the pool.
  • Provides default gateway (default-router), DNS, etc., via options.

Switching, VLANs, Trunks

• Access vs trunk

  • Access port: member of a single VLAN.
    switchport access vlan <id>
  • Trunk port: carries multiple VLANs, tags with 802.1Q.
    • Configure: switchport mode trunk
    • Native VLAN (untagged):
      switchport trunk native vlan <id>
    • Add VLAN without overwriting current list:
      switchport trunk allowed vlan add <id>

• VLAN tagging

  • IEEE 802.1Q standard for VLAN tagging across vendor gear.
  • Native VLAN frames go across trunk untagged; all others tagged.

• Frame forwarding behavior

  • Destination MAC known in MAC table (CAM): forward only to that port.
  • Destination MAC unknown: flood to all ports in that VLAN, except ingress.
  • MAC learning: switch learns source MAC on ingress and associates with port/VLAN.

• MAC address learning & tables

  • Dynamic MAC entries learned from traffic; can be viewed with show mac address-table.
  • Used to avoid flooding for known destinations.

Port Security & STP Edge Features

• Port security

  • Purpose: limit and control MAC addresses allowed on a port (e.g., 1 device per port).
  • Sticky MAC:
    • Learns MAC dynamically then writes it into running configuration.
  • Violation modes:
    • protect: silently drop offending frames.
    • restrict: drop + increment violation counter, can send SNMP trap.
    • shutdown: err-disabled interface on violation.
  • To automatically recover from err-disable after 15 minutes (900s):
    errdisable recovery interval 900

• PortFast

  • Makes port go directly to forwarding (bypasses STP listening & learning).
  • Used on access ports connected to end hosts (PCs, printers).

• BPDU Guard

  • On PortFast interfaces, if a BPDU is received, port goes to err-disabled.
  • Protects against accidental loops created by plugging a switch into an access port.

• Duplex mismatch

  • One side fixed full, other auto → auto side may choose half-duplex → collisions, poor throughput.
  • Fix: ensure both ends use same speed/duplex (auto/auto or both fixed).

Routing & Static Routes

• Basic static route

  • ip route <dest-network> <mask> <next-hop>
  • Example:
    ip route 192.168.1.0 255.255.255.0 10.1.1.1

• Default route (0.0.0.0/0)

  • Used when no more specific route matches.
  • Example: ip route 0.0.0.0 0.0.0.0 <next-hop>
  • In OSPF, to advertise default even without having one locally:
    default-information originate always

• Floating static route (backup)

  • Static route with higher AD than primary dynamic/static route.
  • Only used when primary route is lost.
  • Example:
    ip route 192.168.1.0 255.255.255.0 10.1.1.2 200
    (AD 200 > normal dynamic route AD)

• Route selection

  • First: longest prefix.
  • Second: lowest AD.
  • Third: lowest metric within chosen protocol.

ACLs & NAT

• Extended ACLs

  • Filter by source, destination, protocol, and ports (TCP/UDP).
  • Typically placed close to the source of unwanted traffic.

• Deny specific ports but allow everything else

  • Example pattern: access-list 101 deny tcp 10.0.10.0 0.0.0.63 10.0.20.6 0.0.0.0 eq 25 access-list 101 deny tcp 10.0.10.0 0.0.0.63 10.0.20.6 0.0.0.0 eq 80 access-list 101 permit ip any any
  • Ensure correct source/destination ordering in rules.

• NAT address types

  • Inside local: private IP inside LAN (e.g., 192.168.1.10).
  • Inside global: public IP used on the Internet to represent inside host (e.g., 203.0.113.5).
  • Outside local/global: external addresses as seen from inside and outside.

• Inside global is typically the public IP of the NAT device seen on the Internet.

• Show translations
  show ip nat translations lists inside local/global and outside local/global mapping.

Troubleshooting & Monitoring Commands

• show version

  • IOS version, ROM version, memory, CPU, interface count, config register.

• show ip interface brief

  • Interface status, IP addressing.

• show running-config

  • Active configuration.

• Traceroute

  • traceroute 8.8.8.8 to see path toward Internet and where it breaks.

• Telnet vs ping/traceroute

  • Telnet: tests reachability of specific service/port (e.g., port 23, 22, 80).
  • Ping: basic IP connectivity.
  • Traceroute: path + hop-by-hop behavior.

• Syslog

  • Enable logging: logging on
  • Severity levels:
    • 0 emerg, 1 alert, 2 crit, 3 err, 4 warning, 5 notice, 6 info, 7 debug
  • Notice-level examples: routing instance flaps, significant but not critical.

• NTP

  • Set device as NTP master (authoritative source): ntp master <stratum>
  • Clients: ntp server <ip>

Wireless Fundamentals

• Standards

  • 802.11a: 5 GHz, max ~54 Mbps.
  • 802.11b: 2.4 GHz, max ~11 Mbps.
  • 802.11n: 2.4 and 5 GHz, higher throughput (MIMO).
  • 802.11ac: 5 GHz only, even higher rates (MU-MIMO, 160 MHz, 256-QAM).

• Channel planning (2.4 GHz DSSS/OFDM)

  • Use non-overlapping channels: 1, 6, 11 to minimize interference.

• SSID

  • Human-readable network name (max 32 characters).
  • Can be broadcast or hidden.

• Frame types

  • Association response: management frame (auth/assoc/dissoc).
  • Probe request/response: management frames used for discovery.

• Band steering / Client Band Select

  • Feature that pushes dual-band clients to prefer 5 GHz (less congestion, better throughput).
  • AP/WLC may delay 2.4 GHz responses to encourage 5 GHz association.

Wireless Security

• WPA/WPA2/WPA3

  • WPA2-PSK: uses AES (CCMP) for encryption; TKIP is deprecated and insecure.
  • WPA3: uses SAE for authentication, AES-based encryption; improves protection against brute-force and offline dictionary attacks.

• Deprecated mechanisms

  • TKIP, WEP, RC4 — should be avoided in new WLAN designs.

• WLC configuration basics

  • WPA2-PSK PSK formats: ASCII or hexadecimal.
  • For voice WLAN QoS: typically choose Platinum profile on WLC.

Security & AAA

• Firewalls

  • Perform stateful inspection: track connection state, allow only legitimate packets.
  • Basic role: control flows between untrusted and trusted zones; can also segment internal zones (e.g., HR vs SOC).

• IPS/IDS

  • IPS (Intrusion Prevention System): actively blocks suspicious traffic (good against DoS/DDoS).
  • More capable than simple ACLs for complex threat detection.

• Dynamic ARP Inspection (DAI)

  • Examines ARP packets against DHCP snooping bindings.
  • Mitigates ARP spoofing / man-in-the-middle attacks.

• 802.1X / NAC

  • Port-based network access control using Supplicant → Authenticator → Auth server (RADIUS).
  • Ensures only authenticated users/devices gain access to network (wired or wireless).

• RADIUS vs TACACS+

  • RADIUS:
    • Typically for user auth (802.1X, VPN).
    • Encrypts only password in Access-Request.
    • Combines authentication + authorization.
  • TACACS+:
    • Device administration (CLI access).
    • Encrypts entire payload.
    • Separates authentication, authorization, accounting.

• Passwords on IOS

  • enable secret (strong hashed password for privileged mode).
  • service password-encryption obfuscates all plain-text passwords in config (weak cipher but better than clear text).

• User awareness programs

  • Simulated phishing emails with benign landing pages to train users about suspicious links.

QoS (Quality of Service)

• Traffic policing

  • Inbound or outbound; checks traffic rate vs configured limit.
  • Drops or re-marks packets exceeding rate.
  • Used to enforce rate contracts; often inbound to limit untrusted sources.

• Traffic shaping

  • Buffers excess packets and sends them later (smooths bursts).
  • Used outbound, especially on slower WAN links.

• WRED (Weighted RED)

  • Random early drop of lower-priority traffic to avoid full queues.
  • Prefers higher priority packets; mitigates congestion before buffers overflow.

• LLQ (Low Latency Queuing)

  • Strict priority queue for latency-sensitive traffic (voice, interactive video).
  • Must be used carefully to avoid starving other traffic.

Virtualization & Hypervisors

• Hypervisor

  • Sits directly on hardware (Type 1) or on OS (Type 2).
  • “Virtualization OS” responsible for splitting and scheduling CPU, memory, storage, NICs among VMs.

• Virtual networking

  • VMs connect to virtual switch inside hypervisor.
  • Virtual switch connects to physical NIC, then to upstream physical switches.
  • Enables VMs to talk to each other and to external network.

• Benefits

  • Many VMs per physical server, each with its own OS.
  • Better resource utilization, isolation, portability.

Network Automation, APIs & Tools

• Ansible

  • Agentless automation using SSH (TCP/22) to managed devices.
  • Configs defined in YAML playbooks.
  • Commonly used to manage Cisco routers/switches.

• REST APIs

  • Use HTTP verbs:
    • GET (read), POST (create), PUT (update/replace), DELETE (remove).
  • Payload formats: JSON, XML (supported by many RESTful interfaces).
  • Example northbound controller APIs: Cisco DNA Center Intent APIs.

• SNMP

  • SNMPv3: adds auth + encryption, recommended for secure monitoring.
  • MIBs define data structures.
  • CLI hint: snmp-server user usage implies SNMPv3.

• Syslog facility & levels

  • Facility: category of source (kernel, user, daemon, etc.).
  • Level: severity (0–7 as above).
  • Configuration can control severity for each device, and what gets sent to syslog server.

Physical & WAN Details

• T1 & E1

  • T1 (North America): 1.544 Mbps.
  • E1 (Europe/elsewhere): 2.048 Mbps.

• Fiber

  • OM3/OM4 multimode core diameter: 50 µm.
  • LR SFPs for single-mode & longer distances (e.g., 7 km).
  • SR SFPs for multimode & short distances (up to ~300 m); using SR on long SMF runs causes errors.

• SFP hot-swappability

  • Both copper and fiber SFPs are hot-swappable; can be inserted/removed without powering down the device.

Topologies & Architectures

• Three-tier campus

  • Access → Distribution → Core.
  • Access: connects hosts, APs, printers.
  • Distribution: L2/L3 boundary, policy, aggregation.
  • Core: high-speed, resilient backbone.

• Collapsed core

  • Core + Distribution combined → collapsed core.
  • Simpler, cheaper; used for small networks (lower hardware/management cost).

• Spine-Leaf (data center)

  • All leaf switches connect to every spine.
  • Add capacity by adding leafs (for more access ports) and possibly spines (for more fabric bandwidth).
  • Provides predictable low latency and high bisection bandwidth.

• SOHO

  • Small Office/Home Office.
  • Typical scenario: multiple end devices share a single broadband connection via small router/AP.

Wireless LAN Controllers (WLC) & AP Modes

• WLC

  • Centralizes:
    • Authentication (RADIUS/802.1X).
    • Roaming.
    • Configuration (SSIDs, security, QoS).

• Lightweight AP (local mode)

  • Forwards data to WLC via CAPWAP.
  • WLC then bridges/routs traffic into LAN.

• Link Aggregation on WLC

  • Supports EtherChannel/LAG to switches.
  • Even one working link in LAG can still pass client traffic.

Typical Exam-Style Facts & Short Answers

• OSI layer for reliable end-to-end + error recovery: Transport (L4).
• DHCP message client sends to accept IP: DHCP Request.
• Usable hosts in /26: 62.
• ACL that filters source & destination: Extended ACL.
• Common automation tool with Cisco: Ansible.
• Best DoS prevention: IPS.
• POST/ROMMON diagnostics stored in: ROM.
• IPv6 multicast groups auto-joined on interface enable:
  • ff02::1 (all-nodes)
  • ff02::2 (all-routers, on router interfaces)
• WPA2-PSK cipher of choice: AES/CCMP.
• Deprecated Wi-Fi cipher: TKIP.
• Channels for non-overlapping 2.4 GHz: 1, 6, 11.
• T1 bandwidth: 1.544 Mbps.
• Correct CLI to enable SSH:
  • ip domain-name <domain>
  • crypto key generate rsa
  • line vty 0 4
  • transport input ssh

Focus Recommendations for CCNA Prep

• Practice subnetting (prefixes, ranges, host counts) until instant.
• Memorize ADs and route selection logic.
• Lab work:
  • VLANs, trunks, port security, DHCP server/relay, NAT/PAT.
  • Static and dynamic routing (OSPF, EIGRP basics).
  • Extended ACLs; test block-by-port scenarios.
• Wireless basics:
  • Channels, WPA2/WPA3 config, band steering, WLC essentials.
• Security:
  • 802.1X basics, firewall behavior, IPS/DAI, SNMPv3, SSH configs.
• Automation:
  • Understand Ansible + SSH basics.
  • Get comfortable reading simple REST/JSON outputs and identifying keys/values/arrays.