Features
Features:

Product Tour >

Edraw AI >

Paid Plans:

Individuals >

Business >

Eduaction >
Resources
Blog

History

How-tos & Tips

Discovery

Biography

Business Analysis

Examples

AI concept Map

Free AI Mind Map Generator

Onenote Mind Map

Bcg Matrix Examples

Nike Marketing Strategy

Unilever SWOT Analysis

Make Mind Maps in Google Docs

Guide

FAQs

What's New

Resource Center
Templates
All Templates

Brain Storming Templates

Strategy and Planning Templates

Project Management Templates

Product Management Templates

Human Resources Templates

Agile Workflow Templates

Marketing Templates

Education Templates

Fun and Games Templates

User Gallery
Download
Pricing
Enterprise

CCNA review brain map

Regarding the CCNA review mind map, the content of switches and routers has been organized. I hope this mind map will be helpful to you.

Edited at 2023-04-24 18:01:24

PlotWizard

Recent works View more works>>

CCNA review brain map

PlotWizard

Recent works View more works>>

Recommended to you
Outline

CCNA-orentation
- 47
HOSSAM
Cisco Certified Network Associate
- 60
- 3
HOSSAM
Device File Transfer and Disaster Recovery Mind Map
- 12
PlotWizard
Cisco Certified CCNA Networking Basics
- 19
- 1
PlotWizard

CCNA review brain map

switch

Remote login

telnet remote login

Configuration steps

enable password

Activate telnet (login) under line vyt

Enable telnet protocol

Set telnet login password

Configure VLAN IP address (interface IP address can be configured on layer 3)

Configure the default gateway (configure as needed

Configuration commands

IOU1(config)#enab

IOU1(config)#enable password cisco

IOU1(config)#line vty 0 4

IOU1(config-line)#password cisco

IOU1(config-line)#login

IOU1(config-line)#transport input telnet

IOU1(config)#int e0/0

IOU1(config-if)#ip address 192.168.1.1 255.255.255.0

IOU1(config-if)#exit

IOU1(config)#ip default-gateway 192.168.1.254

SSH remote login

Domain name configuration

hostname configuration

enable password settings

Set rsa asymmetric key

Create user and login password locally

Allow ssh and telnet protocols under line vty

Configure local user password login (longin local)

spanning tree

STP

Root bridge selection method

Compare bridge ID (smaller one first)

Compare MAC addresses (smaller ones first)

How to select BLK

Prioritize blocking links with low bandwidth

If the bandwidth is the same, the one with a higher port number will be closed.

Configuration commands

Modify priority to set root bridge

SW2(config)#spanning-tree vlan 1 priority? <0-61440> bridge priority in increments of 4096

SW2(config)#spanning-tree vlan 1 priority 4096

View spanning tree priorities

SW2(config)#do show spanning-tree VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 32769 Address aabb.cc00.0600 Cost 100 Port 2 (Ethernet0/1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address aabb.cc00.0700 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 15 seconds Interface Role Sts Cost Prio.Nbr Type ------------------ ---- --- --------- -------- ------- -------------------------- Et0/1 Root LRN 100 128.2 Shr Et0/2 Altn BLK 100 128.3 Shr Et0/3 Desg FWD 100 128.4 Shr Et1/0 Desg FWD 100 128.5 Shr Et1/1 Desg FWD 100 128.6 Shr Et1/2 Desg FWD 100 128.7 Shr Et1/3 Desg FWD 100 128.8 Shr Et2/0 Desg FWD 100 128.9 Shr Et2/1 Desg FWD 100 128.10 Shr Et2/2 Desg FWD 100 128.11 Shr Et2/3 Desg FWD 100 128.12 Shr Et3/0 Desg FWD 100 128.13 Shr Et3/1 Desg FWD 100 128.14 Shr Et3/2 Desg FWD 100 128.15 Shr Et3/3 Desg FWD 100 128.16 Shr

MST

Configuration steps

MST—one spanning tree per instance

1. Configuration instance

2. Configure the MST version number

3. Configure the MST name to be consistent

Configure instance VLANx priority

Configuration commands

SW1

SW1(config)#spanning-tree mode mst SW1(config)#spanning-tree mst configuration SW1(config-mst)#instance 1 vlan 1,3,5 SW1(config-mst)#instance 2 vlan 2,4,6 SW1(config-mst)#revision 1 SW1(config-mst)#name MST-1 SW1(config-mst)#exit SW1(config)#spanning-tree mst 1 root primary SW1(config)#spanning-tree mst 2 root secondary

SW1

SW2(config)#spanning-tree mode mst SW2(config)#spanning-tree mst configuration SW2(config-mst)#instance 1 vlan 1,12,3 SW2(config-mst)#instance 2 vlan 2,4,6 SW2(config-mst)#revision 1 SW2(config-mst)#name MST-1 SW2(config)#spanning-tree mst 2 root primary SW2(config)#spanning-tree mst 1 root secondary

View MST configuration information

SW2(config-mst)#show current Current MST configuration Name[MST-1] Revision 2 Instances configured 3 Instance Vlans mapped ----------------------------------------------------- -------------------------- 0 11,13-4094 1 1,3,5,7,9,12 2 2,4,6,8,10 -------------------------------------------------- --------------------------

PVST and PVST are compatible, but PVST and MST are not compatible (MST is based on instance spanning tree, and PVST is based on VLAN spanning tree, so you cannot have both.

View command

Spanning tree viewing command

do show spanning-tree

Spanning tree security (BPDU protection)

BPDU guard

The access interface filters BPDUs and will be filtered as long as the rules are violated.

IOU1(config)#int e0/0 IOU1(config-if)#switchport mode access IOU1(config-if)#spanning-tree bpduguard enable

BPDU filter

The access interface filters BPDUs. BPDUs received are filtered by default, but the interface status is not affected.

IOU1(config)#int e0/0 IOU1(config-if)#switchport mode access IOU1(config-if)#spanning-tree bpdufilter enable

root guard

Root bridge protection is done on the trunk of all switches in the LAN.

IOU1(config)#int e0/0 IOU1(config-if)#spanning-tree guard root

link aggregation technology

Configuration steps

Close the ports that need to be aggregated

Select aggregation protocol (manual on / automatic lacp)

open port

(Layer 3) Close the Layer 2 port

(Layer 3) Configure IP address

Layer 2 configuration commands

SW2(config)#int ran e0/0-1 SW2(config-if-range)#shutdown SW2(config-if-range)#channel-group 1 mode on SW2(config-if-range)#no shutdown

Layer 3 configuration commands

SW2(config)#int ran e0/0-2 SW2(config-if-range)#shutdown SW2(config-if-range)#channel-group 1 mode on Creating a port-channel interface Port-channel 1 SW2(config-if-range)#no shutdown SW2(config-if-range)#exit SW2(config)#int port-channel 1 SW2(config-if)#no switchport SW2(config-if)#ip address 192.168.1.1 255.255.255.0 SW2(config-if)#exit

router

single arm routing

Configuration steps

Configure the link connecting the switch and router to trunk mode

Enter interface/subinterface

Configure the IP address and release the corresponding VLAN

Configuration commands

IOU3(config)#host R1 R1(config-if)#no shutdown R1(config-if)#int e0/0.1 R1(config-subif)#encapsulation dot1Q 100 R1(config-subif)#ip add 10.1.1.1 255.255.255.0 R1(config-subif)#exit

Static routing

Configuration steps

Target network number-subnet-next hop IP address

Target network number-subnet-output interface

Configuration commands

R1(config)#ip route 192.168.2.1 255.255.255.255 12.1.1.2

R2(config)#ip route 192.168.1.1 255.255.255.255 12.1.1.1 R2(config)#ip route 192.168.2.1 255.255.255.255 23.1.1.3

R3(config)#ip route 192.168.1.1 255.255.255.255 23.1.1.2

Default route

Any network segment-any subnet-next hop/outbound interface

R2(config)#ip route 0.0.0.0 0.0.0.0 12.1.1.1

Loopback port (emulated PC)

R3(config)#int loopback 0 R3(config-if)#ip address R3(config-if)#ip address 192.168.1.2 255.255.255.0 R3(config-if)#exit

dynamic routing

advantage

Automatically generate routing table

trigger update

Automatically determine the optimal path based on hop count

Routing delivery loop

RIP

Configuration steps

Select RIP protocol

Configuration version number (commonly used 2)

Announce port IP/network segment

Configuration commands

R2(config)#router rip R2(config-router)#version 2 R2(config-router)#network 12.1.1.2 R2(config-router)#network 12.0.0.0

route summary

Automatic summary

R2(config)#router rip R2(config-router)#auto-summary

Manual aggregation

R2(config)#router rip R2(config-router)#int e0/0 R2(config-if)#ip summary-address rip 192.168.1.1 255.255.255.0

RIP delivers default route

Method 1: Route redistribution

significance

Broadcast a learned routing protocol through another routing protocol to achieve network interoperability. In order to implement route redistribution, the router must run multiple routing protocols simultaneously. In this way, each routing protocol can read all or part of the routing table and broadcast it with other new protocols.

Configuration steps

Configure routing protocols

Redistribute a routing protocol and set the metric (priority) subnet

Configure other routing protocols again

Redistribute routes to other protocols, set metric values

Configuration commands

R2(config)#router ospf 1 R2(config-router)#redistribute rip metric 100 subnets R2(config-router)#exit R2(config)#router rip R2(config-router)#redistribute ospf 1 metric 2 R2(config-router)#exit

Method two:

R2(config)#router rip R2(config-router)#default-information originat

OSPF

Design Principles

Backbone area (0)

Non-backbone area (non-0 area)

All zones must be mounted on zone 0

Configuration steps

Select OSPF routing protocol

Configure router-id according to requirements (default is loopback address, can be specified as an IP address that does not exist on this machine)

Declare the local address and area (must be used with anti-mask)

router-id automatic selection rules

The IP with the largest priority loopback port

If there is no loopback port, select the IP with the largest physical port.

Configuration commands

R2(config)#router ospf 1 R2(config-router)#router-id 192.168.1.1 R2(config-router)#network 12.1.1.0 0.0.0.255 area 0 R2(config-router)#network 23.1.1.2 0.0.0.0 area 0

Default announcement (advertise all opened ports on this machine)

R2(config)#router ospf 1 R2(config-router)#network 0.0.0.0 0.0.0.0 area 0

View command

R2(config)#do show ip ospf neighbor

EIGRP

Configuration steps

Select eigrp as the routing mode and configure the self-made system number (AS)

Announcement (can be combined with anti-mask announcement)

Configuration commands

R2(config)#routereigrp 1 R2(config-router)#network 12.1.1.2 R2(config-router)#network 23.1.0.0 R2(config-router)#network 23.1.0.0 0.0.255.255

Routing link bandwidth modification

R2(config)#int e0/0 R2(config-if)#bandwidth? <1-10000000> Bandwidth in kilobits R2(config-if)#bandwidth 100000

DHCP

Configuration steps

Enable DHCP service

Configure DHCP pool range

Configure gateway address

Configure DNS service

Configure excluded addresses as needed

Configuration commands

R2(config)#ip dhcp pool namedhcp R2(dhcp-config)#network 192.168.1.0 255.255.255.0 R2(dhcp-config)#default-router 192.168.1.1 R2(dhcp-config)#dns-server 192.168.1.2 R2(dhcp-config)#exit R2(config)#ip dhcp excluded-address 192.168.1.1

ACL

Keywords

192.168.1.1 0.0.0.0, which can be abbreviated by using the IP address with the keyword in front (host 192.168.1.1)

0.0.0.0 255.255.255.255 Ignore all address bits and use the keyword any to abbreviate the expression

in interface

out outgoing interface

Standard ALC (1-99)

Allow a single network segment to pass

R2(config)#access-list 1 permit 192.168.1.0 0.0.0.255 R2(config)#int e0/0 R2(config-if)#ip access-group 1 out

Deny specific hosts

config)#access-list 1 deny 192.168.1.2 0.0.0.0

config)#access-list 1 permit 0.0.0.0 255.255.255.255

Allow all hosts except 192.168.1.2 (hidden deny all)

config)#int e0/0

config-if)#ip access-group 1 out

Deny specific network segments

config)#access-list 1 deny 192.168.1.0 0.0.0.255

config)#access-list 1 permit any

config)#int e0/0

config-if)#ip access-group 1 out

Control VTY access

config)#access-list 1 permit 192.168.1.0 0.0.0.255

config)#line vty 0 4

config-vty)#access-class 1 in

Named ACL instance

config)#ip access-list standard name-acl

config-std-nacl)#deny host 192.168.1.1

config-std-nacl)#permit 192.168.0.0 0.0.255.255

config-std-nacl)#int e0/0

config-if)#ip access-group name-acl out

Extended ACL (100-199)

Deny FTP traffic from specific network segments

config)#access-list 101 deny tcp 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255 eq 21

config)#access-list 101 permit ip any any (allow all passes except the above)

config-std-nacl)#int e0/0

config-if)#ip access-group 101 out

NAT

S-NAT (many-to-one)

config)#access-list 1 permit 192.168.1.0 0.0.0.255

config)#ip route 0.0.0.0 0.0.0.0 S2/0

config)#ip nat inside source list 1 interface S2/0 overload

S-NAT (many-to-many)

config)#ip nat source list 1 pool x-name

config)#ip nat pool x-name 172.16.16.1 172.16.16.2 netmask 255.255.255.0

S-NAT (static NAT)

config)#ip nat inside source ststic 192.168.1.1 172.16.16.1

ip nat internal source static internal network address external network address

S-NAT (static PAT)

config)#ip nat source static tcp 172.16.16.2 80 int e0/0 80

ip nat source static service external network address port number internal network access port corresponding to internal network