Vous êtes sur la page 1sur 4

Exam Essentials - 15

Understand the main purpose of the Spanning Tree Protocol in a switched LAN.
The main purpose of STP is to prevent switching loops in a network with redundant switched
Remember the states of STP. The purpose of the blocking state is to prevent the use of
looped paths. A port in listening state prepares to forward data frames without populating the
MAC address table. A port in learning state populates the MAC address table but doesn’t
data frames. A port in forwarding state sends and receives all data frames on the bridged port.
Also, a port in the disabled state is virtually nonoperational.
Remember the commandshow spanning-tree. You must be familiar with the command show
spanning-tree and how to determine the root bridge of each VLAN. Also, you can use the show
spanning-tree summary command to help you get a quick glimpse of your STP network and root
Understand what PortFast and BPDU Guard provide. PortFast allows a port to transition
to the forwarding state immediately upon a connection. Because you don’t want other switches
connecting to this port, BPDU Guard will shut down a PortFast port if it receives a BPDU.
Understand what EtherChannel is and how to configure it. EtherChannel allows you to
bundle links to get more bandwidth, instead of allowing STP to shut down redundant ports. You
can configure Cisco’s PAgP or the IEEE version, LACP, by creating a port channel interface and
assigning the port channel group number to the interfaces you are bundling.

Exam Essentials - 16
Understand how to mitigate threats at the access layer. You can mitigate threats at the
access layer by using port security, DHCP snooping, dynamic ARP inspection, and identitybased
Understand TACACS+ and RADIUS. TACACS+ is Cisco proprietary, uses TCP, and can
separate services. RADIUS is an open standard, uses UDP, and cannot separate services.
Remember the differences between SNMPv2 and SNMPv3. SNMPv2 uses UDP but can
use TCP; however, v2 still sends data to the NMS station in clear text, exactly like SNMPv1, plus
SNMPv2 implemented GETBULK and INFORM messages. SNMPv3 uses TCP and authenticates
users, plus it can use ACLs in the SNMP strings to protect the NMS station from unauthorized
Understand FHRPs, especially HSRP. The FHRPs are HSRP, VRRP, and GLBP, with HSRP
and GLBP being Cisco proprietary.
Remember the HSRP virtual address. The HSRP MAC address has only one variable piece
in it. The first 24 bits still identify the vendor who manufactured the device (the organizationally
unique identifier, or OUI). The next 16 bits in the address tell us that the MAC address is a
HSRP MAC address. Finally, the last 8 bits of the address are the hexadecimal
representation of the HSRP group number.
Let me clarify all this with an example of what an HSRP MAC address would look like:
Exam Essentials - 17
Know EIGRP features. EIGRP is a classless, advanced distance-vector protocol that supports
IP and now IPv6. EIGRP uses a unique algorithm, called DUAL, to maintain route information
and uses RTP to communicate with other EIGRP routers reliably.
Know how to configure EIGRP. Be able to configure basic EIGRP. This is configured the
same as RIP with classful addresses.
Know how to verify EIGRP operation. Know all of the EIGRP show commands and be
familiar with their output and the interpretation of the main components of their output.
Be able to read an EIGRP topology table. Understand which are successors, which are
feasible successors, and which routes will become successors if the main successor fails.
You must be able to troubleshoot EIGRP. Go through the EIGRP troubleshooting
scenario and make sure you understand to look for the AS number, ACLs, passive interfaces,
variance, and other factors.
Be able to read an EIGRP neighbor table. Understand the output of the show ip eigrp
neighbor command.
Understand how to configure EIGRPv6. To configure EIGRPv6, first create the
autonomous system from global configuration mode and perform a no shutdown. Then enable
EIGRPv6 on each interface individually.

Exam Essentials - 18
Compare OSPF and RIPv1. OSPF is a link-state protocol that supports VLSM and classless
routing; RIPv1 is a distance-vector protocol that does not support VLSM and supports only
classful routing.
Know how OSPF routers become neighbors and/or adjacent. OSPF routers become
neighbors when each router sees the other’s Hello packets and the timers match between
Be able to configure single-area OSPF. A minimal single-area configuration involves only
two commands: router ospf process-id and network x.x.x.x y.y.y.y area Z.
Be able to verify the operation of OSPF. There are many show commands that
provideuseful details on OSPF, and it is useful to be completely familiar with the output of each:
show ip ospf, show ip ospf database, show ip ospf interface, show ip ospf neighbor, and show ip

Exam Essentials - 19
Know the scalability issues multi-area OSPF addresses. The primary problems in singlearea
OSPF networks are the large size of the topology and routing tables as well as the excessive
computation of the SPF algorithm due to the large number of link-state updates that occur in
single area.
Know the different types of OSPF routers. Backbone routers have at least one interface in
area 0. Area border routers (ABRs) belong to two or more OSPF areas simultaneously. Internal
routers have all of their interfaces within the same area. Autonomous system boundary routers
(ASBRs) have at least one interface connected to an external network.
Know the different types of LSA packets. There are seven different types of LSA packets
that Cisco uses, but here are the ones you need to remember: Type 1 LSAs (router link
advertisements), Type 2 LSAs (network link advertisements), Type 3 and 4 LSAs (summary
LSAs), and Type 5 LSAs (AS external link advertisements). Know how each functions.
Be able to monitor multi-area OSPF. There are a number of commands that provide
information useful in a multi-area OSPF environment: show ip route ospf, show ip ospf
show ip ospf, and show ip ospf database. It’s important to understand what each provides.
Be able to troubleshoot OSPF networks. It’s important that you can work your way
through the troubleshooting scenario that I presented in this chapter. Be able to look for
neighbor adjacencies, and if they are not there, look for ACLs set on the routing protocol,
interfaces, and wrong network statements.
Understand how to configure OSPFv3. OSPFv3 uses the same basic mechanisms that
OSPFv2 uses, but OSPFv3 is more easily configured by placing the configuring OSPFv3 on a
basis with ipv6 ospf process-ID area area.

Exam Essentials - 20
Remember the Cisco steps in troubleshooting an IPv4 and IPv6 network.
1. Check the cables to find out if there’s a faulty cable or interface in the mix and verify the
interface’s statistics.
2. Make sure that devices are determining the correct path from the source to the destination.
Manipulate the routing information if needed.
3. Verify that the default gateway is correct.
4. Verify that name resolution settings are correct.
5. Verify that there are no ACLs blocking traffic.
Remember the commands to verify and troubleshoot IPv4 and IPv6. You need to
remember and practice the commands used in this chapter, especially ping and traceroute
on Windows). But we also used the Windows commands ipconfig and route print and Cisco’s
commands show ip int brief, show interface, and show route.
Remember how to verify an ARP cache with IPv6. The command show ipv6 neighbors
shows the IP-to-MAC-address resolution table on a Cisco router.
Remember to look at the statistics on a router and switch interface to determine
problems. You’ve got to be able to analyze interface statistics to find problems if they exist, and
this includes speed and duplex settings, input queue drops, output queue drops, and input and
output errors.
Understand what a native VLAN is and how to change it. A native VLAN works with
only 802.1q trunks and allows untagged traffic to traverse the trunk link. This is VLAN 1 by
default on all Cisco switches, but it can be changed for security reasons with the switchport
vlan vlan command.
Exam Essentials - 21
Remember the default serial encapsulation on Cisco routers. Cisco routers use a
proprietary High-Level Data-Link Control (HDLC) encapsulation on all their serial links by
Remember the PPP Data Link layer protocols. The three Data Link layer protocols are
Network Control Protocol (NCP), which defines the Network layer protocols; Link Control
Protocol (LCP), a method of establishing, configuring, maintaining, and terminating the point-
connection; and High-Level Data-Link Control (HDLC), the MAC layer protocol that
encapsulates the packets.
Be able to troubleshoot a PPP link. Understand that a PPP link between two routers will
show up and a ping would even work between the router if the layer 3 addresses are wrong.
Remember the various types of serial WAN connections. The serial WAN connections
that are most widely used are HDLC, PPP, and Frame Relay.
Understand the term virtual private network. You need to understand why and how to
use a VPN between two sites and the purpose that IPsec serves with VPNs.
Understand how to configure and verify a GRE tunnel. To configure GRE, first
configure the logical tunnel with the interface tunnel number command. Configure the mode
transport, if needed, with the tunnel mode mode protocol command, then configure the IP
on the tunnel interfaces, the tunnel source and tunnel destination addresses, and your physical
interfaces with global addresses. Verify with the show interface tunnel command as well as the
Ping protocol.

Exam Essentials - 22
Understand switch stacking and StackWise. You can connect up to nine individual
switches together to create a StackWise.
Understand basic cloud technology. Understand cloud services such as SaaS and others
and how virtualization works.
Have a deep understanding of QoS. You must understand QoS, specifically marking; device
trust; prioritization for voice, video, and data; shaping; policing; and congestion management in
Understand APIC-EM and the path trace. Read through the APIC-EM section as well as the
APIC-EM path trace section, which cover the CCNA objectives fully.
Understand SDN. Understand how a controller works, and especially the control and data
plane, as well as the northbound and southbound APIs.