My CCNA notes (living document)

I know there are are a few notes threads around here, but I wanted to make my own notes thread for me, and hopefully it will help others out too. I want this to be a living document, meaning I will update it, and would appreciate the help of the community to recommend any corrections or additions. A little about me, I just finished an academy program at my community college, and I am doing final study preparations before taking the test. I feel pretty solid with the basic concepts, so most of these notes will likely relate to ICND2 material. Thanks.

Spanning Tree Protocol (STP)
Defined by IEEE 802.1D
Purpose: Prevent switching loops in redundant path networks.

Key Terms

Bridge ID – Combination of the bridge priority, default is 32768 and the MAC address if the switch
Root – Switch with the LOWEST bridge ID
Bridge Protocol Data Unit – Ethernet frame that contains the BID and cost to root, used in root election, sent by all switches until converged then only by root after convergence

STP States

Blocking – Frames are not forwarded, but BPDUs are accepted (nondesignated ports)
Listening – Frames are not forwarded, MAC table is not populated, can send and receive BPDUs
Learning – Frames are not forwarded, but MAC table is built and populated
Forwarding – Frames forwarded, continues to populate MAC table
Disabled – cannot accept BPDU or frames (shutdown)

Elections

Root is chosen as the switch with the lowest BID (priority and MAC combo)
Root puts all connected ports in forwarding state
Switches in the same spanning tree will designate a root port as the lowest cost (fastest speed) to the root switch, if line speeds are equal, lowest port number becomes root port
Two directly connected, nonroot switches will elect designated bridge as the lower cost to root, or the lowest BID, this switch will become the designated bridge
The port on the designated bridge will forward, the port on the nondesignated bridge will block

Port Speeds

10Mbps = 100
100Mbps = 19
1Gbps = 4
10Gbps = 2
Root cost is incremented as a BPDU travels through the network on the receiving end, not sending end (leaves root as 0)

Timers

Hello BPDU – 2 seconds
Max Age – 20 seconds (time to wait after not receiving a root hello before restarting STP algorithm)
Forward Delay – 15 seconds (time allotted for each stage of listening and learning before proceeding to next stage, 30 seconds total)
Changing times will only be effective on root switch, but not recommended because of loop possibility

Commands

show spanning-tree (vlan) – shows Root ID, local BID, port forwarding/blocking states

Portfast
Cisco Proprietary
Purpose: Brings up ports faster by bypassing the listening and learning STP states and going directly to forwarding when activated. Can only be used on ports connecting to end-user devices, not for trunk ports!

Commands

(config-if)# spanning-tree portfast

Rapid Spanning Tree Protocol (RSTP)
Defined by IEEE 802.1W

Key Information

RSTP triggers topology changes when any port other than an edge port goes into the forwarding state
BPDUs are sent by every switch in the RSTP tree at the same 2 second interval, if 3 consecutive BPDUs are not received, the link is considered down

Port Roles

Root Port – Same as STP
Alternate Port – Same as STP blocking port
Backup Port – Used with dual connections to the same physical segment
Edge Port – Access port, connects to an end user device, state changes do not trigger RSTP algorithm or election process, acts the same way as an STP port with Cisco Portfast enabled
Point-to-Point Port – Any port that connects to another switch in full duplex mode

States

Discarding – The initial RSTP state, combines STP disabled, blocking, and listening states
Learning – Same as STP, doesn’t process frames, but populates MAC address table
Forwarding – Same as STP, forwards frames, populates MAC table

Per-VLAN Spanning Tree Protocol (PVST)
Purpose: Creates a separate instance of STP for each VLAN on the network

Key Information

Default spanning tree mode on catalyst switches
Allows load balancing between VLANs
Sometimes referred to as PVST+

EtherChannel
Purpose: Aggregates 2-8 switch links to load balance

Key Information

Can aggregate 2-8 Ethernet trunk links
STP considers the EtherChannel to be one link
Even if all but one link in the channel fails, STP algorithm will not be triggered

Commands

(config-int-range)# channel-group (#) mode on

Virtual Local Area Network (VLAN)
Purpose: Segments switches and breaks up broadcast domains by assigning ports to virtual LANs. Used to separate users by department, job function, etc., across one or many switches.

Key Information

Default VLAN on Cisco switches is VLAN 1, cannot be modified
Normal range range is 1-1005, 1001-1005 reserved for legacy FDDI and Token Ring support, 1006-4094 is considered extended range and is not supported by all protocols
Data cannot travel between VLANs without the use of a Layer 3 device

Commands

show vlan brief
show mac-address-table (vlan#)
vlan (#) – creates VLAN
name (word) – names VLAN
(config-if)# switchport mode (access, trunk) – changes mode for port
(config-if)# switchport access vlan (#) – assigns port to VLAN

Trunking
ISL: Cisco proprietary, dot1q: IEEE 802.1Q
Purpose: Allows VLAN traffic over directly connected switches

Inter-Switch Link (ISL)

Cisco proprietary
Encapsulates entire frame with header and trailer
Does not support Native VLAN concept

dot1q

Industry standard, not proprietary
Does not encapsulate frame, but adds a 4 byte header with VLAN number
Does not add header when forwarding Native VLAN traffic

Commands

show interface trunk

Switchport Modes
Purpose: Designates the role of an individual port on a switch.

Modes

Access – Sets the port unconditionally as an access port (for end user devices)
Trunk – Sets the port unconditionally as a trunk port (for connections between other switches)
Dynamic – Attempts to negotiate the port mode as access or trunk based off of the connection on the other end of the cable

Dynamic Modes

Auto – Will trunk if the other end initiates trunking, if both ends are in auto they will not trunk, if other end is in desirable or trunk, a trunk will form
Desirable – Attempts to trunk and will form a trunk if other end is trunk on, desirable, or auto
Nonegotiate – Turns off interface negotiation, goes into trunk mode but Dynamic Trunking Protocol (DTP) information is not forwarded or processed

Command

(config-if)# switchport mode (access, trunk, dynamic)

VLAN Trunking Protocol (VTP)
Cisco Proprietary
Purpose: Manages and distributes VLAN information among switches in the same domain

Key Information

Cannot be used with non-Cisco switches
Domain names must match and are case sensitive
Passwords must match and be configured on every switch in the domain if used

Modes

Server – Can create, modify, or delete VLANs, originates and forwards VTP advertisements every 5 minutes or when its own VTP database has been updated, stores information in NVRAM, default mode for switches, each VTP domain must have at least one server
Client – Cannot create, modify, or delete VLANs, stores VLAN information in running config, accepts and processes VTP advertisements with higher revision numbers than its last VTP update
Transparent – Forwards advertisements but does not process them, can create, modify, and delete VLANs but changes are locally significant only, stores VLAN information in NVRAM

Commands

vtp mode (server, client, transparent) – changes VTP mode
vtp domain (word) – changes VTP domain name
vtp password (word) – changes password
vtp pruning – enables VTP pruning which prevents multicast and broadcast traffic long trunk lines that do not have ports belonging to intended VLANs
show vtp status – displays VTP information to include mode and revision

Inter-VLAN Routing
Purpose: Route packets between different VLANs

Key Information

Requires a layer 3 device, Router or multi-layer switch with an available Fast or Gigabit Ethernet port
Link between switch and router must be a trunk link
Encapsulation between switch and router must match
Each VLAN gets configured with a subinterface on the router end
Encapsulation mode must be entered on the subinterface first with the VLAN number
The subinterface must have a valid IP address from the same subnet as the VLAN
The address of the subinterface becomes the default gateway for that VLAN
The no shutdown command must be issued on subinterfaces' parent port on the router

Commands (on router)

interface fa0/0.1
encapsulation (dot1q/ISL) (vlan#)
ip address (address) (subnet mask)
exit
no shutdown

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

zrockstar

High Data Link Control (HLDC)
Cisco Proprietary
Purpose: WAN encapsulation

Key Information

Default encapsulation on Cisco Routers
Does not support password authentication
Only encapsulates IP

Commands

(config-if)# encapsulation hdlc -- loopback tests must be ran in HDLC

Point to Point Protocol (PPP)
Industry Standard
Purpose: WAN encapsulation

Key Information

Supports Password Authentication Protocol (PAP), Challenge Handshake Authentication Protocol (CHAP), PPP Multilink (link aggregation), and error detection and recovery
Can encapsulate IPX, Appletalk, and IP
Supports PPP callback for dial-up links

Commands

(config-if)# encapsulation PPP

PPP Authentication
Purpose: Username and Password authentication for PPP connections

Challenge Handshake Authentication Protocol (CHAP)

Uses a three-way handshake to authenticate sender and receiver
Doesn't send password over link, instead sends a password hash

CHAP Commands

(config)# username (word) password (word) -- needs to be configured on both ends
(config-if)# ppp authentication chap -- needs to be configured on both ends

Password Authentication Protocol

No challenge or handshake
Password is sent in clear text

Frame Relay
Purpose: WAN connection through frame relay switches

Key Information

Datalink Connection Identifier (DLCI) -- Layer 2 virtual circuit addresses, locally significant only, provided by frame relay provider
Considered Non-Broadcast Multiaccess (does not forward broadcast or multicast traffic by default)
Commited Information Rate (CIR) -- Bandwidth rate of frame relay link as guaranteed by service provider, some frame relay links can use more bandwidth if available
Permanent Virtual Circuit (PVC) -- connection is up all the time
Switched Virtual Circuit (SVC) -- only up when there is data to transmit
Frame Relay Types -- Cisco (default, uses DLCI 1023), ANSI (non-proprietary, uses DLCI 0), Q933A -- Most equipment will negotiate Frame Relay Type dynamically

Local Management Interface (LMI)

LMI messages act as frame connection keepalives between the DCE/DTE
Influences the PVC status as active, inactive, or deleted
Active -- up and running normally
Inactive -- errors occur on the remote end
Deleted -- errors occur on the local end

DLCI Mapping

Static Mapping -- (config-if)# frame map ip (remote IP) (Local DLCI) broadcast -- broadcast is optional, but allows broadcast and multicast traffic across the frame relay link
Dynamic Mapping -- achieved through Inverse ARP, maps DLCI to IP address, can produce unreliable results, can be removed with (config-if)# no frame-relay inverse-arp
Point to Point Subinterface Mapping -- used with dynamic routing protocols to bypass split horizon, (config-subif)# ip address (address) (mask), frame-relay interface-dlci (dlci#)

Congestion Control

Forward Explicit Congestion Notification (FECN) -- congestion notification in the direction of the destination
Backward Explicit Congestion Notification (BECN) -- congestion notification in the direction of the source
Discard Eligible (DE) -- frames sent over the CIR or adjusted with QoS and marked as being able to be dropped if congestion occurs

Commands

show frame map -- verifies encapsulation type
show frame pvc -- shows DE, FECN, BECN count
show frame lmi -- shows LMI status

zrockstar

Static Routing & General Terms

Key Information & General Terms

Administrative Distance -- The trustworthiness of a route, the lower the better
Directly connected routes have an AD of 0, and by default are the must trustworthy routes
Static routes have an AD of 1 and are indicated by an "S" in the routing table
Default Route -- represented by 0.0.0.0 0.0.0.0, and is the interface or address for sent traffic that does not match a routing table entry
Floating Static Route -- a static route with an altered AD to backup a dynamic routing protocol
Split Horizon -- a rule stating a route cannot be advertised out the interface it was received on
Route Poisoning -- a route advertised with an unreachable metric
Convergence -- all routers share the same, current routing table and are just processing updates

Commands

(config)# ip route (ip address) (subnet mask) (nexthop)
(config)# default -- ip route 0.0.0.0 0.0.0.0 (nexthop add or exit int)
show ip route -- shows routing table

Routing Information Protocol (RIP)

Version 1 Key Information

Distance Vector Routing Protocol -- uses hop count as a metric
Administrative Distance -- 120
Update Timer -- broadcasts entire routing table throughout the network every 30 seconds
Invalid -- 3 times the update value, marked as unreachable with a metric of 16, default 180 seconds
Hold Down Timer -- How long the route is marked unreachable , default 180 seconds
Flush -- Total time passed until the route is removed from the table, default 240 seconds
Sends Version 1 updates, receives Version 1 and 2
Load balances over a maximum of 4 equal cost routes
Supports classful routing only, does not send subnet mask

Version 2 Key Information

Supports classless networks, sends subnet mask with routing table
Multicasts routing tables to 224.0.0.1

Commands

(config)# router rip -- starts RIP process
(config-router)# version 2 -- turns on version 2 updates and VLSM support
(config-router)# network (ip address) (subnet mask if v2)
debug ip rip
clear ip route * -- clears routing table, can force a RIP update

Open Shortest Path First (OSPF)

Key Information

Link State Protocol -- sends updates only when topology changes, uses "hello" packets as keepalive
Administrative Distance -- 110
Routes show as "O" in routing table
Metric -- cost (bandwidth), calculation is 100,000,000/bps -- 1785 for 56K, 64 for T1, 10 for Ethernet, 1 for Fast Ethernet
Hello Packet -- allows neighboring devices to dynamically discover each other and serves as a keepalive once neighbor relationships have been established, sent every 10 seconds on broadcast networks, 30 seconds on NBMA networks, this discovery is called an adjacency
Adjacency Requirements -- subnet number and mask must match, hello and dead timers must match, area must match
Hello Timer -- how often hello packets are sent to 224.0.0.5
Dead Timer -- how long a router will wait to hear a hello from an adjacent router before removing the adjacency (40 seconds for broadcast networks, 120 for NBMA)

Router Roles & Election

OSPF uses a designated router and backup designated routers as chosen through an OSPF election
OSPF election results are based off interface priority of 0-255, 0 means the router will never become the designated router, 255 means it will always become the designated router
If a tie occurs during election, the tie is broken by the router with the highest loopback IP address configured, or the highest interface address if loopbacks are not present
Designated Router (DR) -- router that collects Link State Advertisements area routers and multicasts them through the OSPF area
Backup Designated Router (BDR) -- will become the DR if the DR goes down
DROTHERS -- routers not assigned as DR/BDR

Adjacency States

Down -- no hellos received but can still be sent
Attempt -- unicast hello packets sent to neighbor (used on NBMA networks)
Init -- First hello packet received, but router ID not included
2-WAY -- each router has received a hello packet containing its own router ID
ExStart -- exchange of data can begin between DROTHERS and their DR/BDR
Exchange -- contain link state databases
Loading -- sending link state requests
Full -- routers have full adjacency with neighbors

Router Types

Internal Router -- all interfaces are in the same OSPF area
Area Border Router -- at least one interface is in area 0 and connects other areas to area 0
Backbone Router -- connects to area 0

OSPF Authentication Commands

ip ospf authentication-key (password) -- sets password, max 8 digits
ip ospf authentication -- enables authentication
ip ospf authentication message-digest -- enables MD hasing
ip ospf message-digest-key (#) md5 (password)

Commands

(config)# router ospf (process id 1-65,535 -- does NOT have to match other routers!)
(config-router)# network (ip address) (wildcard) area (#)
(config-router)# router-id (ip address) -- configures router ID for OSPF election
(config-if)# ip ospf network non-broadcast -- configured on serial line to use on NBMA networks since OSPF does not use split horizon
(config-router)# default information-originate -- propagates the default static route through the dynamic network
(config-if)# ip ospf priority (0-255) -- sets election priority
show ip ospf neighbors
show ip ospf interface

Enhanced Interior Gateway Routing Protocol (EIGRP)

Key Information

Cisco Proprietary
Administrative Distance -- 90
Metric -- default is a calculation of bandwidth and delay, but load and reliability can also be used
Uses Diffusing Update Algorithm (DUAL) to calculate metric, routes show as "D" in routing table
Is a distance vector routing protocol but is often referred to as a hybrid
Supports multi-protocol operation, VLSM/CIDR, and rapid convergance
Multicasts hello packets to 224.0.0.10 to establish, maintain, and keepalive neighbor relationships
Can load balance across up to 16 unequal cost routes (default 4 when active)
Only send updates when topology changes

Neighbor Relationships

To form an EIGRP relationship the following must match: autonomous system (AS) number and metric weights
DUAL query is sent to neighbors to find routes

EIGRP Tables

Route Table -- contains the best routes (lowest metric) in the network
Topology Table -- contains all feasible routes in the network
Neighbor Table -- contains no routes, but EIGRP neighbors

EIGRP Routes

Successor -- best route to network
Feasible Successor -- alternate, loop-free routes to network, the feasible successor with the lowest metric will become the successor if the successor goes down

Topology Codes

P -- passive, the route is functional, this is the ideal state
A -- active, route is currently being calculated by DUAL

Commands

router eigrp (AS number -- unlike OSPF, this must match!)
no auto-summary -- disables network address summary on classful boundaries, highly recommended for EIGRP
network (IP address) (wildcard mask -- optional but recommended)
variance (multiple) -- enables EIGRP unequal cost load balancing
show ip protocol
show ip eigrp topology
show ip eigrp neighbors
show ip eigrp interface

zrockstar

Ipv6, nat, vpn, ipsec

zrockstar

Reserved for ACL

zrockstar

reserved for other

oli356

Great post so far! I'm sure it will help others out, including myself

zrockstar

Glad to help Oli. If you notice anything that needs to be fixed, let me know. This has been helping me out a lot too. I have been scoring high in these areas on my practice test after starting this, so I think they are pretty good notes.

jdgstat

Very nice zrockstar. I agree with Oli356. It'll be extremely helpful to others that are studying, including myself and 2 others here at work. I've taken CCNA classes through the a local tech school around (using the Cisco learning website), so this will be very helpful to make sure I have all areas covered. Thanks!

zrockstar

You're welcome JDG, and welcome to Tech Exams! This site has so much good info and many helpful people. Don't be afraid to ask anything while studying, everyone here will help.

Arysta

Thanks for this! I just started studying for the CCNA this week, so it's great timing. It's a good checklist to compare against to make sure I'm covering everything.

zrockstar

Updated with routing notes. I would appreciate it if some pros would put some eyes on this and recommend any changes/additions. Thanks.

nitrored

Thanks , that is really going to help me !!

X10MMX

This is awesome.. I am currently studying for my CCNA! Thanks zrockstar

onesaint

This is great. Thanks for posting it.

LinuxRacr

I'm digging these notes! Thanks for posting.

bcall64

Thanks so much for posting these notes! It's a quick reference when I'm not sure about something.

Daniactual

Great post! Thanks a lot for sharing your notes...

synseq

Cool. Thanks for the notes. I don't like relying on any one book or source when studying for a certification. I like to study a variety of sources because some may have better methods for studying and learning than others.

sthompson86

I have passed my CCNA, but wow awesome notes.

jude56g

Looks great!

MWJN

Hi zrockstar congratulations on passing
Looking to take ICND2 exam in early September
Wonderd will you be adding notes for IPV6, NAT, VPN, IPSEC & ACL?
Notes are really good for the ICND2 exam review & I am sure that others are finding them very useful aswell
Thanks

dcren21

Thanks for posting these notes. They are helpful.

j.petrov

Awesome Notes! thanks a ton!

MWJN

Hi ZRockstar
Did you write up any additional notes for the IPV6, NAT, VPN, IPSEC & ACL objectives?
Will you be posting them now that you have passed the CCNA, Congratulations
Will be taking the exam soon in September and was impressed by how easy and simple you had made the topics for exam review
Many thanks

zrockstar

MWJN wrote: »

Hi ZRockstar
Did you write up any additional notes for the IPV6, NAT, VPN, IPSEC & ACL objectives?
Will you be posting them now that you have passed the CCNA, Congratulations
Will be taking the exam soon in September and was impressed by how easy and simple you had made the topics for exam review
Many thanks

Thanks MW I have them written by hand, I will review them to see if I can easily transcribe them into the same format.

MWJN

Hi ZRockstar
Many thanks
Look forward to seeing them for reviewing and others will agree
Thanks again

NetworkVeteran

High Data Link Control (HLDC)

It's HDLC not HLDC and that stands for High-Level Data Link Control.

Cisco Proprietary

HDLC is not Cisco-proprietary. cHDLC (Cisco HDLC) is!

Only encapsulates IP

This is certainly not true. I just checked one of my cHDLC links and a 30-section capture caught CLNP, IS-IS, CDP, SLARP, and ES-IS. CLNP is a network-layer alternative to IP.

NetworkVeteran

1001-1005 reserved for legacy FDDI and Token Ring support

That should be 1002-1005.

NetworkVeteran

(config-router)# network (ip address) (subnet mask if v2)

Unfortunately, no. You cannot provide a subnet mask in your RIPv2 network commands.

zrockstar

Thanks NV, it's not letting me edit my previous posts. I'll try to figure it out tomorrow and make the changes.