MindMap Gallery CCNA review brain map
Regarding the CCNA review mind map, the content of switches and routers has been organized. I hope this mind map will be helpful to you.
Edited at 2023-04-24 18:01:24El cáncer de pulmón es un tumor maligno que se origina en la mucosa bronquial o las glándulas de los pulmones. Es uno de los tumores malignos con mayor morbilidad y mortalidad y mayor amenaza para la salud y la vida humana.
La diabetes es una enfermedad crónica con hiperglucemia como signo principal. Es causada principalmente por una disminución en la secreción de insulina causada por una disfunción de las células de los islotes pancreáticos, o porque el cuerpo es insensible a la acción de la insulina (es decir, resistencia a la insulina), o ambas cosas. la glucosa en la sangre es ineficaz para ser utilizada y almacenada.
El sistema digestivo es uno de los nueve sistemas principales del cuerpo humano y es el principal responsable de la ingesta, digestión, absorción y excreción de los alimentos. Consta de dos partes principales: el tracto digestivo y las glándulas digestivas.
El cáncer de pulmón es un tumor maligno que se origina en la mucosa bronquial o las glándulas de los pulmones. Es uno de los tumores malignos con mayor morbilidad y mortalidad y mayor amenaza para la salud y la vida humana.
La diabetes es una enfermedad crónica con hiperglucemia como signo principal. Es causada principalmente por una disminución en la secreción de insulina causada por una disfunción de las células de los islotes pancreáticos, o porque el cuerpo es insensible a la acción de la insulina (es decir, resistencia a la insulina), o ambas cosas. la glucosa en la sangre es ineficaz para ser utilizada y almacenada.
El sistema digestivo es uno de los nueve sistemas principales del cuerpo humano y es el principal responsable de la ingesta, digestión, absorción y excreción de los alimentos. Consta de dos partes principales: el tracto digestivo y las glándulas digestivas.
CCNA review brain map
switch
Remote login
telnet remote login
Configuration steps
enable password
Activate telnet (login) under line vyt
Enable telnet protocol
Set telnet login password
Configure VLAN IP address (interface IP address can be configured on layer 3)
Configure the default gateway (configure as needed
Configuration commands
IOU1(config)#enab
IOU1(config)#enable password cisco
IOU1(config)#line vty 0 4
IOU1(config-line)#password cisco
IOU1(config-line)#login
IOU1(config-line)#transport input telnet
IOU1(config)#int e0/0
IOU1(config-if)#ip address 192.168.1.1 255.255.255.0
IOU1(config-if)#exit
IOU1(config)#ip default-gateway 192.168.1.254
SSH remote login
Domain name configuration
hostname configuration
enable password settings
Set rsa asymmetric key
Create user and login password locally
Allow ssh and telnet protocols under line vty
Configure local user password login (longin local)
spanning tree
STP
Root bridge selection method
Compare bridge ID (smaller one first)
Compare MAC addresses (smaller ones first)
How to select BLK
Prioritize blocking links with low bandwidth
If the bandwidth is the same, the one with a higher port number will be closed.
Configuration commands
Modify priority to set root bridge
SW2(config)#spanning-tree vlan 1 priority? <0-61440> bridge priority in increments of 4096
SW2(config)#spanning-tree vlan 1 priority 4096
View spanning tree priorities
SW2(config)#do show spanning-tree VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 32769 Address aabb.cc00.0600 Cost 100 Port 2 (Ethernet0/1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address aabb.cc00.0700 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 15 seconds Interface Role Sts Cost Prio.Nbr Type ------------------ ---- --- --------- -------- ------- -------------------------- Et0/1 Root LRN 100 128.2 Shr Et0/2 Altn BLK 100 128.3 Shr Et0/3 Desg FWD 100 128.4 Shr Et1/0 Desg FWD 100 128.5 Shr Et1/1 Desg FWD 100 128.6 Shr Et1/2 Desg FWD 100 128.7 Shr Et1/3 Desg FWD 100 128.8 Shr Et2/0 Desg FWD 100 128.9 Shr Et2/1 Desg FWD 100 128.10 Shr Et2/2 Desg FWD 100 128.11 Shr Et2/3 Desg FWD 100 128.12 Shr Et3/0 Desg FWD 100 128.13 Shr Et3/1 Desg FWD 100 128.14 Shr Et3/2 Desg FWD 100 128.15 Shr Et3/3 Desg FWD 100 128.16 Shr
MST
Configuration steps
MST—one spanning tree per instance
1. Configuration instance
2. Configure the MST version number
3. Configure the MST name to be consistent
Configure instance VLANx priority
Configuration commands
SW1
SW1(config)#spanning-tree mode mst SW1(config)#spanning-tree mst configuration SW1(config-mst)#instance 1 vlan 1,3,5 SW1(config-mst)#instance 2 vlan 2,4,6 SW1(config-mst)#revision 1 SW1(config-mst)#name MST-1 SW1(config-mst)#exit SW1(config)#spanning-tree mst 1 root primary SW1(config)#spanning-tree mst 2 root secondary
SW1
SW2(config)#spanning-tree mode mst SW2(config)#spanning-tree mst configuration SW2(config-mst)#instance 1 vlan 1,12,3 SW2(config-mst)#instance 2 vlan 2,4,6 SW2(config-mst)#revision 1 SW2(config-mst)#name MST-1 SW2(config)#spanning-tree mst 2 root primary SW2(config)#spanning-tree mst 1 root secondary
View MST configuration information
SW2(config-mst)#show current Current MST configuration Name[MST-1] Revision 2 Instances configured 3 Instance Vlans mapped ----------------------------------------------------- -------------------------- 0 11,13-4094 1 1,3,5,7,9,12 2 2,4,6,8,10 -------------------------------------------------- --------------------------
PVST and PVST are compatible, but PVST and MST are not compatible (MST is based on instance spanning tree, and PVST is based on VLAN spanning tree, so you cannot have both.
View command
Spanning tree viewing command
do show spanning-tree
Spanning tree security (BPDU protection)
BPDU guard
The access interface filters BPDUs and will be filtered as long as the rules are violated.
IOU1(config)#int e0/0 IOU1(config-if)#switchport mode access IOU1(config-if)#spanning-tree bpduguard enable
BPDU filter
The access interface filters BPDUs. BPDUs received are filtered by default, but the interface status is not affected.
IOU1(config)#int e0/0 IOU1(config-if)#switchport mode access IOU1(config-if)#spanning-tree bpdufilter enable
root guard
Root bridge protection is done on the trunk of all switches in the LAN.
IOU1(config)#int e0/0 IOU1(config-if)#spanning-tree guard root
link aggregation technology
Configuration steps
Close the ports that need to be aggregated
Select aggregation protocol (manual on / automatic lacp)
open port
(Layer 3) Close the Layer 2 port
(Layer 3) Configure IP address
Layer 2 configuration commands
SW2(config)#int ran e0/0-1 SW2(config-if-range)#shutdown SW2(config-if-range)#channel-group 1 mode on SW2(config-if-range)#no shutdown
Layer 3 configuration commands
SW2(config)#int ran e0/0-2 SW2(config-if-range)#shutdown SW2(config-if-range)#channel-group 1 mode on Creating a port-channel interface Port-channel 1 SW2(config-if-range)#no shutdown SW2(config-if-range)#exit SW2(config)#int port-channel 1 SW2(config-if)#no switchport SW2(config-if)#ip address 192.168.1.1 255.255.255.0 SW2(config-if)#exit
router
single arm routing
Configuration steps
Configure the link connecting the switch and router to trunk mode
Enter interface/subinterface
Configure the IP address and release the corresponding VLAN
Configuration commands
IOU3(config)#host R1 R1(config-if)#no shutdown R1(config-if)#int e0/0.1 R1(config-subif)#encapsulation dot1Q 100 R1(config-subif)#ip add 10.1.1.1 255.255.255.0 R1(config-subif)#exit
Static routing
Configuration steps
Target network number-subnet-next hop IP address
Target network number-subnet-output interface
Configuration commands
R1(config)#ip route 192.168.2.1 255.255.255.255 12.1.1.2
R2(config)#ip route 192.168.1.1 255.255.255.255 12.1.1.1 R2(config)#ip route 192.168.2.1 255.255.255.255 23.1.1.3
R3(config)#ip route 192.168.1.1 255.255.255.255 23.1.1.2
Default route
Any network segment-any subnet-next hop/outbound interface
R2(config)#ip route 0.0.0.0 0.0.0.0 12.1.1.1
Loopback port (emulated PC)
R3(config)#int loopback 0 R3(config-if)#ip address R3(config-if)#ip address 192.168.1.2 255.255.255.0 R3(config-if)#exit
dynamic routing
advantage
Automatically generate routing table
trigger update
Automatically determine the optimal path based on hop count
Routing delivery loop
RIP
Configuration steps
Select RIP protocol
Configuration version number (commonly used 2)
Announce port IP/network segment
Configuration commands
R2(config)#router rip R2(config-router)#version 2 R2(config-router)#network 12.1.1.2 R2(config-router)#network 12.0.0.0
route summary
Automatic summary
R2(config)#router rip R2(config-router)#auto-summary
Manual aggregation
R2(config)#router rip R2(config-router)#int e0/0 R2(config-if)#ip summary-address rip 192.168.1.1 255.255.255.0
RIP delivers default route
Method 1: Route redistribution
significance
Broadcast a learned routing protocol through another routing protocol to achieve network interoperability. In order to implement route redistribution, the router must run multiple routing protocols simultaneously. In this way, each routing protocol can read all or part of the routing table and broadcast it with other new protocols.
Configuration steps
Configure routing protocols
Redistribute a routing protocol and set the metric (priority) subnet
Configure other routing protocols again
Redistribute routes to other protocols, set metric values
Configuration commands
R2(config)#router ospf 1 R2(config-router)#redistribute rip metric 100 subnets R2(config-router)#exit R2(config)#router rip R2(config-router)#redistribute ospf 1 metric 2 R2(config-router)#exit
Method two:
R2(config)#router rip R2(config-router)#default-information originat
OSPF
Design Principles
Backbone area (0)
Non-backbone area (non-0 area)
All zones must be mounted on zone 0
Configuration steps
Select OSPF routing protocol
Configure router-id according to requirements (default is loopback address, can be specified as an IP address that does not exist on this machine)
Declare the local address and area (must be used with anti-mask)
router-id automatic selection rules
The IP with the largest priority loopback port
If there is no loopback port, select the IP with the largest physical port.
Configuration commands
R2(config)#router ospf 1 R2(config-router)#router-id 192.168.1.1 R2(config-router)#network 12.1.1.0 0.0.0.255 area 0 R2(config-router)#network 23.1.1.2 0.0.0.0 area 0
Default announcement (advertise all opened ports on this machine)
R2(config)#router ospf 1 R2(config-router)#network 0.0.0.0 0.0.0.0 area 0
View command
R2(config)#do show ip ospf neighbor
EIGRP
Configuration steps
Select eigrp as the routing mode and configure the self-made system number (AS)
Announcement (can be combined with anti-mask announcement)
Configuration commands
R2(config)#routereigrp 1 R2(config-router)#network 12.1.1.2 R2(config-router)#network 23.1.0.0 R2(config-router)#network 23.1.0.0 0.0.255.255
Routing link bandwidth modification
R2(config)#int e0/0 R2(config-if)#bandwidth? <1-10000000> Bandwidth in kilobits R2(config-if)#bandwidth 100000
DHCP
Configuration steps
Enable DHCP service
Configure DHCP pool range
Configure gateway address
Configure DNS service
Configure excluded addresses as needed
Configuration commands
R2(config)#ip dhcp pool namedhcp R2(dhcp-config)#network 192.168.1.0 255.255.255.0 R2(dhcp-config)#default-router 192.168.1.1 R2(dhcp-config)#dns-server 192.168.1.2 R2(dhcp-config)#exit R2(config)#ip dhcp excluded-address 192.168.1.1
ACL
Keywords
192.168.1.1 0.0.0.0, which can be abbreviated by using the IP address with the keyword in front (host 192.168.1.1)
0.0.0.0 255.255.255.255 Ignore all address bits and use the keyword any to abbreviate the expression
in interface
out outgoing interface
Standard ALC (1-99)
Allow a single network segment to pass
R2(config)#access-list 1 permit 192.168.1.0 0.0.0.255 R2(config)#int e0/0 R2(config-if)#ip access-group 1 out
Deny specific hosts
config)#access-list 1 deny 192.168.1.2 0.0.0.0
config)#access-list 1 permit 0.0.0.0 255.255.255.255
Allow all hosts except 192.168.1.2 (hidden deny all)
config)#int e0/0
config-if)#ip access-group 1 out
Deny specific network segments
config)#access-list 1 deny 192.168.1.0 0.0.0.255
config)#access-list 1 permit any
config)#int e0/0
config-if)#ip access-group 1 out
Control VTY access
config)#access-list 1 permit 192.168.1.0 0.0.0.255
config)#line vty 0 4
config-vty)#access-class 1 in
Named ACL instance
config)#ip access-list standard name-acl
config-std-nacl)#deny host 192.168.1.1
config-std-nacl)#permit 192.168.0.0 0.0.255.255
config-std-nacl)#int e0/0
config-if)#ip access-group name-acl out
Extended ACL (100-199)
Deny FTP traffic from specific network segments
config)#access-list 101 deny tcp 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255 eq 21
config)#access-list 101 permit ip any any (allow all passes except the above)
config-std-nacl)#int e0/0
config-if)#ip access-group 101 out
NAT
S-NAT (many-to-one)
config)#access-list 1 permit 192.168.1.0 0.0.0.255
config)#ip route 0.0.0.0 0.0.0.0 S2/0
config)#ip nat inside source list 1 interface S2/0 overload
S-NAT (many-to-many)
config)#ip nat source list 1 pool x-name
config)#ip nat pool x-name 172.16.16.1 172.16.16.2 netmask 255.255.255.0
S-NAT (static NAT)
config)#ip nat inside source ststic 192.168.1.1 172.16.16.1
ip nat internal source static internal network address external network address
S-NAT (static PAT)
config)#ip nat source static tcp 172.16.16.2 80 int e0/0 80
ip nat source static service external network address port number internal network access port corresponding to internal network