Ccna

Video day1:
- Nodes in network: switch, router, firewall, client, server (client, server còn là
end hosts, endpoints)
- SRS (Spaced repetition software): tài liệu đặc tả
- Next-generation firewall
- Host-based firewalls là software app
- end user dc hieu ng dung truy cap dua vao web hoac phan mem
============================================================
Video day2: Interface and cable:
TU MOI
- wiring: he thong day dien
- copper wiring: day dong
- fiber: soi
- aspects: cac khia canh
- agreed upon system: thong nhat he thong
- interpreted: thong dich
- straight-through cable: cap thang (pin 1 connect pin 1)
- demonstrate: chung minh
- crossover cable: cap cheo (pin 1 connect pin 2)
- auto MDI-X:
- SFP transceiver - small form-factor pluggable: bo thu phat sfp
- fiber optic cable: soi cap quang
- characteristic: dac trung
- reflec: phan chieu
- multimode fiber: cap quang da mode
- single-mode fiber: cap quang don mode
LY THUYET
- RJ-45 connector dc sd tren end of the copper ethernet cable

- network protocol sd vs muc dich cho network devices
- Ethernet standards (copper): chuan doc 10BASE-t, 100BASE-t, ...
+ BASE = tham khao baseband signaling.
+ T = twisted pair
- UTP cable - unshileded twisted pair: day tieu chuan cua standard ethernet
+ chong lai anh huong cua EMI - electromagnetic interference (song dien tu)
+ 10BASE-T va 100BASE-T: sd 2 pairs(4 wires)
+ 1000BASE-T va 10GBASE-T: sd 4 pairs (4 wires)
- 10BASE-T va 100BASE-T
+ Transmit - Tx, Receive - Rx
+ straight-through cable: pin 1 connect pin 1 and pin 2 connect pin 2
+ crossover cable: pin 1 connect pin 3 and pin 2 connect pin 4
+ auto MDI-X: pin connect co the tu dong ket noi cheo hay thang
- 1000BASE-T va 10GBASE-T
+ Moi cap day (pair) co 2 chieu
- fiber optic cable: truyen light qua glass fiber
- multimode fiber:
CHU Y
- cable ethernet co 2 RJ 45-connector
============================================================
Video day3:
TU MOI:
- adjacent layer interaction: tuong tac lop lien ke (lk khac tu tang tren cung
xuong)
- same - layer interaction: tuong tac lop tuong tu (lk cung tang nhu htpps vs nhau)
- decryption: ma hoa
-
- dialogues: cuoc doi thoai
BAI HOC
- protocol: mot thiet lap cua nhung quy tac dinh nghia nhưng thiet bi mang va phan
mem nen hoat dong
- Application layer cung cap process-to-process communications
- transport layer: cung cap host-to-host communication or end-to-end communication,
data se them l4 header
- Den tang transport layer data se dc phan doan bang viec them L4 Header (data - L4
Header)
- netword layer them l4 header va ip address dc bao gom o tang nay (data - L4
Header - L3 Header)
- data link: cung cap node-to-node connective (PC to Switch, SW to R, R to R, etc),
them l2 header vs l4 trailer (L2 Trailer - Data - L4 Header - L3 Header - L2
Header)
- Ca qua trinh tu luc data -> frame o datalink layer dc goi la DPUs (protocol data
units)
- TCP/IP dc phat trien boi DARRA
- Network layer cua OSI model map vs internet layer cua TCP/IP.
-
CHU Y:
- Network engineers ko thuong xuyen lm viec o 3 tang dau cua OSI model ma la cua
app devs
- All People Seem To Need Data Processing (cum tu de nho ve cac tang trong OSI
model)
- Please Do Not Teach Student Pointless Acronyms
============================================================
Video day 4: CLI
TU MOI
BAI HOC
- Console port cua catalyst 2960-s, co 2 cong console port la rj-45 va usb mini-b
- Rollover cable
- n stop bit hieu don gia moi n bits cua du lieu, thi 1 bit dung dc gui di de danh
dau su ket thuc cua n bit du lieu
- Dau ">" trong CLI bieu thi cua user EXEC mode trong Router>
- Router trong Router> dc bieu thi la hostnam cua thiet bi
- User EXEC mode rat han che con hieu la mode ng dung, hau nhu ko config dc j
- Nhap lenh "Router>enable" se hien thanh "Router#" - "#" nghia la chuyen sang che
privileged EXEC mode
- Nhap lenh "configure terminal" or "conf t" de vao Global configure mode
- Nhap lenh "enable password PASSWORD" trong do PASSWORD la pass can dat
- Co 2 loai configuration files rieng biet dc giu tren may trong mot lan la:
+ Running-config = xem dc configuration file hien tai
+ Startup-config = restart lai config
- Nhap lenh "write" trong mode privileged EXEC de luu file configuration
- Nhap lenh "enable secret Cisco" o mode global configure de ma hoa password
- Nhap lenh "do sh run" o mode global configure de hien thi, la shotcut cua show
running-config
CHU Y
- Cai dat mac dinh cua Cisco la speed 9600 bits per second, 8 data bits, 1 stop
bit, no parity va no flow control
- Khi enable secret r ma muon truy cap vao privileged EXEC mode thi bat buoc phai
nhap mk o phan enable secret
============================================================
Video day 5+6: Ethernet LAN Switching
TU MOI
- corrupted data: du lieu bi hong
- intergrate: ket hop
- reachabiliy: kha nang tiep can
-
BAI HOC
- Ethernet Frame: gom co Eth Header - Packet - Eth Trailer
+ Trong do Eth Header gom cac field: Preamble - SFD (Start Frame Delimiter) -
Destination - Source - Type (Type doi khi con dc goi la length field)
+ Trong do Eth trailer chi co 1 field: FCS (Frame Check Sequence)
- Preamble dai 7 bytes, luan phien 1's va 0's (10101010*7), dong bo receiver clocks
cua no
- SFD dai 1 byte, co mau la 10101011, danh dau su ket thuc cua preamble
- Destinatuon va Source deu co 6 bytes, la chi noi gui va nhan, bao gom dia chi
dich va nguon "MAC address"
- Type or Length dai 2 bytes, mang gtri 1500 or less la chieu dai cua encapsulated
packet (in bytes)
+ Cao hon 1500 o truong nay bieu thi cho loai cua encapsulated packet (Ipv4 or
Ipv6), va chieu dai dc d/n qua phg thuc khac
- FCS - framce check sequence dai 4 bytes
+ Phat hien du lieu bi hong bang CRC algorithm qua du lieu nhan vao
- MAC address co 6 bytes physical address assigned cho thiet bi khi no dc tao
+ Con dc hieu la BIA - Burned in address
+ La globally unique
+ 3 bytes dau la OUI - Organizationally Unique Identifier dc assigned cho company
lm thiet bi do
+ 3 bytes cuoi la unique cho chinh thiet bi do
+ Dc viet nhu 12 hexadecimal
+ Switch se tu hoc va co bang MAC Address Table - Dynamic MAC Address
+ Unknown Unicast frame = FLOOD the frame nghia la khi 1 PC chua bit tim
destination, SW se copy frame va gui di het cac interface tru interface nhan vao
va neu ko dung Dest o PC dau thi PC nhan vao se drop va nguoc lại
+ Know Unicast frame = FORWARD nghia la SW da biet dc Dest cua PC gui trc va chi
don gian huong no den dest do
- Size of Ethernet header + trailer se co 18 bytes (ko co Preamble vs SFD)
+ Size of Ethernet frame (Header + Payload + [Packet] + Trailer)
+ Minimum size cua Ethernet frame la 64 bytes, payload co size la 46 bytes
+ VD: 34 bytes packet + 12 bytes padding = 46 bytes
- ARP - Address Resolution Protocol dc dung de discover MAC address (layer 2
address) nhu IP address (Layer 3 address)
+ Gom 2 messages ARP Request va ARP reply
+ ARP request la broadcast la gui tat ca cac host trong network
+ ARP Reply unicast la chi gui cho mot host (host da gui request)
- Ping la mot tien ich mang ung de kiem tra reachabiliy, do luong round-trip time
+ Cung sd 2 messages nhu ARP la ICMP echo request va ICMP echo reply
+ Nhung ICMP echo request ko co broacast
CHU Y
- Hieu nhieu hon ve destination va source cua MAC address
- Dynamic MAC addresses se bi xoa tu MAC addess table sau 5 min neu ko hd - Dieu
nay goi la Aging
- Preamble vs SFD thuong ko dc coi la 1 phan cua Ethernet header
============================================================
Day 7+8: IPv4 Addressing
TU MOI
BAI HOC
- VD 192.168.1.0/24
+ Network portion la 24 bit dau va 8 bit sau la host portion
- Cau hinh
+ r1#show ip interface brief: cho biet tinh trang cua cac interface cua router =
R1(config)#do show ip interface brief
+ R1(config)#interface gigabitEthernet 0/0: de config interface nay
+ R1(config-if)#ip address broadcast-add subnetmask: gan ip cho interface
+ R1(config-if)#no shutdown: de enable interface nay
+ R1(config-if)#description ## mota ##: them mo ta
+ R1(config-if)#end: ket thuc mode
+ R1#sh startup-config: xem cau hinh da config
+ administratively down la interface da disabled vs "shutdown" command, la default
status cua cisco router
+ column status la chi layer 1 status, column protocol la chi layer 2 status
CHU Y
- Router can co mot IP address
- The broadcast bi han che o local network
- IPv4 dc goi la dotted decimal
- Host portion cua dia chi tat ca deu la 0 = network address va ko the dc coi la 1
host
- Host portion cua dia chi tat ca deu la 1 = broadcast address va ko the dc coi la
1 host
============================================================
Day 9: Switch interfaces
TU MOI
- duplex: song cong
- auto-negotatiation: tinh nang tu dong dam phan
- SFP (Small Form-factor Pluggable): bo thu phat SFP
- collision: su va cham
- CSMA/CD (Carrier sense multiple access with collision detection): 1 phuong thuc
de ngan chan su va cham trong thiet half-direx
- CRC (Cyclic redundancy check):
BAI HOC
- Mot so thiet bi Cisco
+ ASR 1000 - X Router co 8 SFP interfaces for fiber-optic cables
+ Catalust 9200 Switch
- CSMA/CD mot phuong thuc ngan chan viec collision
+ Trc khi SW gui frames, devices "listen" mien xung dot cho den khi no phat hien ra
cac thiet bi khac ko sending
+ Neu mot collision xay ra, thiet bi gui 1 jamming signal de thong bao cho nhung
thiet bi khac khi 1 collision da xay ra
+ Mot so thiet bi se cho 1 chu ky time ngau nhien trc khi gui frames again
+ Tien trinh lap lai
- Speed/Duplex Autonegotiation
+ Interfaces co the chay o cac speeds khac nhau (10/100 or 10/100/1000) co settings
mac dinh cua speed auto va duplex auto
+ Interfaces "advertise" cac kha nang cua no den thiet bi lan can, va negotiate
speed and duplex settings tot nhat va ca 2 deu co kha nang
- Mot so ghi nho ve Interface error
+ Runts: Frames ma no nho hon minimum frame size (64 bytes)
+ Giants: Frames ma no to ho maximum frame size (1518 bytes)
+ CRC: Frames ma no bi that bai khi CRC check (trong Ethernet FCS trailer)
+ Frame: Frames ma no co 1 format ko dung
+ Input errors: tong so loi tim dc, nhu tren co 4
+ Output errors: Frames the SW da co gui, nhung that bai vi loi
COMMAND
- R1(config-if)#speed 1000: thiet 1000Mbs (1000 vi dung cong giga)
- R1(config-if)#duplex full: thiet lap duplex
- R1(config-if)#int range g0/1 - 2: set thiet lap cho g0/1 den g0/2
CHU Y
- Nhung thiet bi attached vs 1 hub phai dc operate trong half duplex
- Nhung thiet bi attached vs 1 switch phai dc operate trong full duplex
- Neu autonegotiation bi vo hieu hoa tren thiet bi dc ket noi vs switch
+ Speed: SW se co gang sense the speed cua thiet bi khac dang van hanh tai do (neu
no that bai sense the speed, no se sd speed thap nhat dc ho tro)
++ VD: 10 Mbps trong 10/100/1000 interface
++ Duplex: Neu speed la 10 or 100 Mbps, SW se sd half duplex, con 1000Mbs or hon se
sd full duplex
- duplex mismath se dien ra collisions nen fai sd autonegotiation tren toan bo
thiet bi
============================================================
Day 10: IPv4 Header
TU MOI
- TCP (Tranmission Control Protocol): 1 giao thuc chinh cua internet protocol suit
- UDP ( User Datagram Protocol):
- underlying network infrastructure: co so mang ha tang
- out of order: ko theo thu tu
BAI HOC
- IPv4 Header fields
+ Version field
++ Identifies the version of IP used: IPv4 = 4 (0100), IPv6(0110)
++ Trg nay luon co chieu dai la 4 bits
+ Internet Header Length (IHL)
++ Co chieu dai la 4 bits
++ La truong cuoi cua IPv4 header (Options). nen trg nay can thiet de chi ra tong
length cua header
++ Value of 5 = 5 x 4 bytes = 20 bytes
++ Minimum value la 5 (20 bytes)
++ Maximum value la 15 (60bytes va lq den 1111 = 15)
+ DSCP filed (different services code point)
++ Sd cho QoS (Quality of Service)
++ Sd uu tien cho delay sensitive data (streaming voice, video, etc.)
++ Trg nay dc sd to xd traffic len nhan priority treatment
+ ECN filed (Explicit congestion Notification)
++ Cung cap end-to-end notification cua su tac nghen ma ko co dropping packets
++ La mot optional field y/c ca 2 endpoints, cung nhu underlying network
infrastructure de ho tro no
+ Total Length field
++ Co tong chieu dai la 16 bits
++ Bieu thi cho tong chieu dai cua packet (L3 Header + L4 Segment)
++ Measured trong bytes (ko 4-byte increments giong IHL)
++ Minimum value of 20 (IPv4 header ko co encapsulated data)
++ Maximum value of 65535 (16-bits value va lq den 1111111111111111 = 65535)
+ Identification field
++ Co tong chieu dai la 16bits
++ Neu mot goi bi phan manh vi qua to, trg nay se dung de xac thuc goi phan manh do
++ Cac fragments cua cung packet se co own IPv4 header cua chinh no vs cung gtri
trg nay
++ Packets bi fragmented neu to hon MTU (Maximum Transmission Unit)
++ Fragments dc tap hop boi receiving host
+ Flag filed
++ Co tong chieu dai la 3bits
++ Sd de control/identify fragments
++ Bit 0: reserved (du tru), thg set la 0
++ Bit 1: Don't Fragment (DF bit), dc dung de indicate mot packet kko nen bi
fragmented
++ Bit 2: More Fragment (MF bit), set la 1 neu no co nhieu fragments trong packet,
set 0 cho fragments cuoi
+ Fragment Offset field
++ Co tong chieu dai la 13 bits
++ Dc sd de indicate vi tri cua fragment trong original, unfragmented IP packet
++ Cho phep fragmented packets dc tap hop lai mac du cac fragments ko theo thu tu
+ Time to live field (TTL)
++ 1 router se drop mot packet vs mot TTL la 0
++ Tranh cac infinite loops
++ Ban dau dc thiet ke de bieu thi maximum lifetime in seconds
++ Trong thuc te, bieu thi 1 "hop count", moi lan packet arrives 1 router, router
giam TTL xuong 1, va khi TTL xuong 0, packet se drop
+ Protocol field
++ Bieu thi protocol cua encapsulated L4PDU
++ TCP value: 6, UDP value: 7, ICMP value: 1, OSPF: 89 (List of IP protocol
numbers)
+ Header Checksum filed
++ La mot calculated checksum dc sd de kt nhungn loi trong IPv4 Header
++ Khi 1 router nhan 1 packet, no tinh toan checksum cua header va so sanh no vs
cai trong field nay cua header
++ Neu calculated checksum ms va checksum cua IPv4 header ko match, no co nghia la
co loi xay ra nen router drops the packet
++ IP dua tren encapsulated protocol de detect errors o encapsulated data
++ Ca TCP va UDP deu co own checksum fields cho detect errors trong encapsulated
data
+ Source/Destination IP Address Fields
++ Deu co 32 bits vi do la dia IPv4
++ Ip cua ng gui va ng nhan
+ Option fields
++ Co chieu dai tu 0 - 320 bit
++ Hiem khi dc sd
++ IHL field lon hon 5, options co san
++ Options field IPv4 wiki
CHU Y
- Qua Internet Stream Protocol sd mot Internet Protocol co gtri la 5, nhung no chua
dc sd cong khai
- XD chieu cua header trong 4 byte increment (4 byte tang dan)
- Unfragmented packet se luon co MF bit set sang 0
- De xuat mac dinh TTL la 64
- Header checksum dc dung chi de check errors trong IPv4 header, ko trong
encapsulated data
============================================================
Day 11: Routing Fundamentals
TU MOI
- square bracket: dau ngoac vuong
- slash: dau gach cheo
BAI HOC
- Routing la mot tien trinh routers sd de tim path noi ma IP packets nen take over
1 network de tiep can their destination
+ Routers store routes cho cac destination trong mot routing table
- Co 2 loai routing table chinh:
+ Dynamic Routing: Routers sd dynamic routing protocols (vd: OSPF) de chia routing
infor vs mot vai automatically khac va build routing table
+ Static Routing: 1 network engineer/admin config bang tay tren router
- Mot route tells the router: gui 1 packet den destination X, hoac tu gui chinh no.
- trong show ip route co cac thuoc tinh:
+ Codes: la ds cac protocols khac nhau routes co the dung de hoc routes, va no cung
la dai dien chung trong routing table
+ L la local, tuyen dg den dia chi IP thuc dc cau hinh tren interface (vs a/32
mask).
+ C la connected, tuyen dg den network the interface dc connected (vs netmask chinh
xac dc config tren interface)
++ VD ve connected route: R1 G0/2 IP = 192.168.1.1/24, R1 bit rang neu toi can gui
1 packet den bat ky host trong 192.168.1.0/24, t fai gui ra ngoai G0/2
++ VD ve local route: A/32 netmask dc sd chi dinh chinh xac IP address tren
interface, R1 bit rang neu toi nhan mot packet danh cho ip add nay, the message la
cua toi
- Muon gui packets den cac dia chi dich ben ngoai local network, chung phai gui
packets den default gateway
+ Default gateway configuration con dc goi la mot default route
- Static routes:
+ Khi R1 nhan frame from PC1, no se de-encapsulation no(xoa L2 Header/trailer) va
nhin vao ben trong packet
+ No se check routing table tu most-specific matching route
+ Theo video co 2 poosible path packets from PC1 to PC4 co the co:
++ PC1 - R1 - R3 - R4 - PC4 (TRONG VIDEO SE CHON CAI NAY)
++ PC1 - R1 - R2 - R4 - PC4
- [1/0] hien thi trong static routes nghia: [Administrative distance/metric]
- Giai thich chuyen packet tu PC1 den PC4
+ O tang 2 diem den la PC1's default gateway, r1's interface la G0/2
+ R1 co packet va cong viec cua no la forward no den next-hop, R3
+ No se escapsulates the packet trong 1 Ethernet frame moi (Luc nay diem den cua
frame la next-hop's MAC address)
+ MAC of R3's G0/0 interface (R3 co packet va phai forward no den next-hop, R4
+ Mot lan nua nhu tren ta co MAC of R4's G0/1 interface
+ Gio R4 co packet va tu do ket noi dc vs diem den network - no co the forwark
packet den PC4
+ No lm bang cach encapsulating the packet trong 1 frame vs PC4's MAC nhu diem den.
- Ngoai ra con config bang exit-interface o static route
COMMAND
- R1(config)# ip route ip-address netmask next-hop
- R1(config)# ip route ip-address netmask exit-interface
- R1(config)# ip route ip-address netmask exit-interface next-hop
- R1# sh ip route: de xem routing table
CHU Y
- End hosts thuong ko can them bat ky specific routes -> de gui packets ngoai local
network, toi nen gui chung den default gateway cua no
- Khi 2 route muon giao tiep ma khac local network can dam bao two-way reachability
- Default route la mot route to 0.0.0.0/0
- Neu router ko co nhiu hon bay ky routes nao math vs packet's destination ip add,
route se foward packet bang cach sd default route
-
============================================================
Day 12: The life of packet
TU MOI
- ARP (Address Resolution Protocol)
BAI HOC
- ARP (Address Resolution Protocol) dung chu yeu de truyen goi tin vs MAC address
va cach hoc biet cua router
- Tu khi cac thiet bi hoan thanh thong qua ARP process, no se can ARP requests va
replies nua, packet se don gian forward tu device den device
- Bang viec de-encapsulated va sau do re-encapsulated
CHU Y
-
============================================================
Day 13+14+15: Subnetting (Quan trong)
TU MOI
- CIDR (Classless Inter - Domain Routing)
- IANA (Internet Assigned Numbers Authority)
- IETF
- VLSM (variable-length Subnet Masks)
- FLSM
BAI HOC
- CIDR (Classless Inter - Domain Routing) y/c class a/8, class b/16, class c/24 se
bi xoa
- Network nho hon dc goi la "subnetworks" hoac "subnets"
- Ta sd subnet de chia nho mang lon ra thanh nhieu mang nho vs muc dich ko de thua
nhung mang dc chia ra ma ko dung toi
- Chia mang lon thanh 5 subnet co gtri bang nhau vs /24
+ Tim dc bao nhiu bits dua vao "borrow"
+ Tu host portion vs borrow 0 bits ta ko the co subnet nao
+ Borrow 1 bit = co them 2 subnets
+ Borrow 2 bit = co them 4 subnets
+ Borrow 3 bit = co them 8 subnets -> nen subnet dau se la 192.168.255.0/27
- VLSM nghia la tat ca subnets sd cung do dai prefix.
- Tuy nhien do la tien trinh tao ra cac subnets co size khac nhau, VLSM phuc tap
hon FLSM
- Cac buoc VLSM:
+ Sap xep subnet co so host lon nhat o dau ko gian dia chi
+ Sap xep subnet co so host lon thu hai ngay sau no va dia chi network dau cua no
chinh la dia chji tip theo cua subnet thu hai nay
+ Lap qua trinh den khi cac subnet deu dc chia
CHU Y
- khi chia subnet, Tim broadcast address of subnet dau, dia chi tiep theo là
network address cua subnet tip va lap lai vs cac subnet khac
- 2^x = number of subnets (x = so bits "borrow")
- 2^n - 2 = number of hosts (n = so host bits)
============================================================
Day 16+17+18: VLANs
TU MOI
- ISL(inter-switch link)
- VLANs (Virtual Local Area Networks)
BAI HOC
- 1 LAN la mot sigle broadcast domain, bao gom cac thiet trong broadcast domain do
+ Mot broadcast domain la 1 nhom cac thiet se nhan mot broadcast frame (destination
MAC FFFF.FFFF.FFFF) gui cho bat ky thanh vien nao
++ Performance: Nhiu broadcast traffic ko can thiet se lam giam di performance
++ Security: trong 1 office neu bn muon han che ai do access, se ko co td vi PCs co
the reach cac huong khac ma ko can traffic passing thong qua router (ko td)
- VLANs dac diem:
+ Dc configured tren switches tren 1 per-interface basis
+ logically separate end hosts o layer 2
- Mot access port la 1 switchport ma no thuoc ve 1 single VLAN, thg connect den end
hosts(PCs)
- Cac switchports mang multiple VLANs dc goi la "trunk port"
- VLAN TAGGING, switchs se "tag" tat ca frames ma no gui qua duong trunk. No cho
phep receiving switch bit VLAN frame thuoc ve
- Co 2 loai trunking protocol chinh: ISL(inter-switch link) va IEEE 802.1Q (dot 1q)
- 802.1Q tag dc them vao giua Source va Type/Length fields cua Ethernet frame - tag
co 4 bytes
+ 802.1Q tag format
+ Gom 2 fields chinh la:
++ Tag Protocol Identifier (TPID): 16 bit, thuong co gtri la 0x8100, the hien cua
frame 802.1Q-tagged
++ Tag Control Information (TCI): gom 3 sub-fields
+++ PCP (priority code point): 3 bit, dc su boi CoS, quan trong trong traffic trong
congested network
+++ DEI (drop eligible indicator): 1 bit, dung de indicate frames bi drop neu
network bi congeted
+++ VID (VLAN ID) - QUAN TRONG: 12 bit , xac thu VLAN the frame thuoc ve, 4096
VLAN, range tu 0 - 4095, chi dung 1 - 4094
++++ range cua VLAN dc chia lm 2 sections: normal VLANs: 1 - 1005 va extended
VLANs: 1006 - 4094
- Native VLAN la 1 chuc nang cua dot1q, la VLAN 1 theo default o tat cac trunk
ports
+ Switch ko them dot1q tag cho frames trong native VLAN
+ Khi mot switch nhan 1 untagged frame tren 1 trunk port, no se gan frame thuoc ve
native VLAN
- ROAS (Router on a stick): ten cua 1 method cua inter-VLAN vi chi co 1 single
physical interface ket ns vs router vs switch
+ Dc sd cho route giua multiple VLANs sd single interface tren route va switch
- Co 2 cach de config native VLAN tren 1 router
+ SD comman "encapsulation dot1q vlan-id native" tren router subinterface - tell
router co subinterface nay thuoc ve native VLAN va chuc nang no giong native VLAN o
1 switch
++ No se cho rang untagged frame thuoc ve native VLAN va frames gui tren native
VLAN se ko dc tagged
+ Config ip add cho native VLAN tren router's physical interface
- SVIs (Switch Virtual Interfaces): la virtual interface ban co assign IP address
cho 1 multilayer switch
+ configure mot vai PC de dung SVI (ko fai router) nhu mot gateway address
+ De gui traffic sang subnets/VLAN khac, PCs se gui traffic sang switch va switch
se route the traffic
+ SVIs la shutdown theo mac dinh, nen fai dung lenh "no shutdown:
COMMAND
- sw1(config)#int range g1/0 - 3: set thiet lap cho g1/0 den g1/3
- sw1(config-if-range)#switchport mode access: set interface nhu 1 access port (GHI
CHU TREN aceess port la j)
- sw1(config-if-range)#switchport access vlan 10: set tat ca thanh vlan0010
- sw1(config)#do sh vlan brief: xem cac VLANs
- sw1(config)#vlan 10: set thiet lap cho vlan10
- sw1(config-vlan)#name HR: set vlan10 vs ten HR
- sw1(config-if)#switchport trunk encapsulation dot1q: set cong switch o mode trunk
(lenh set up cho ROAS config)
- sw1(config-if)#switchport mode trunk: set mode trunk dc chap nhan khi co lenh
tren
- sw1# sh int trunk: xem cac int co trunk port
- sw1(config-if)#switchport trunk allowed vlan: conf vlan dc hd vs trunk
- sw1(config-if)#switchport trunk allowed vlan remove 20: xoa cai vlan 20
- sw1(config-if)#switchport trunk native vlan: conf native vlan dc hd vs trunk
- r1(config)#default int g0/0: set default cho int do
- sw1(config)#ip routing: enable layer 3 routing tren switch (QUAN TROONG)
- sw1(config)#no switchport: config int nhu mot routed port
CHU Y
- Trunk ports = tagged ports
- Access ports = untagged ports
- VLANs muc dich:
+ Giam thieu viec mua switch cho moi mot phong ban, sd VLAN de seperate no trong
layer 2
- 1 switch se ko forward traffic directly giua cac VLANs bao gom ca
broadcast/unknow unicast traffic
- 1 switch ko perform inter-VLAN routing (dinh tuyen giua ca VLAN). Ma fai send
traffic qua routing
- Router co co che inter-vlan routing
- De han che interfaces va router se ko du interface cho mot vai VLAN nen dung
trunk port
- ISL ko dc sd vi thiet bi cisco ko ho tro ma dung dot1q chu yeu
- Native VLAN matches giua cac switches
- Subinterface number (g0/0.10) ko dc match vs VLAN number
- Frames trong native VLAN ko dc tagged
- Tinh bao mat thi nen thay native VLAN sang 1 unsued VLAN
============================================================
Day 19: DTP, VTP (KO CO TRONG EXAM 200-301 NEN XEM SAU)
TU MOI
- DTP (dynamic trunking protocol)
- VTP (VLAN trunking protocol)
BAI HOC
- DTP la protocol doc quyen cua Cisco cho phep switches negotiate ve status cua
switchports cua no cho access ports khac hoac trunk ports ma ko manually conf no
+ Cho phep cisco switcher tu dong xac thuc trang thai interface (access or trunk)
ma ko fai manual config
+
- VTP la protocol doc quyen cua Cisco cho phep bn config VLANs tren 1 central
switch, no act nhu 1 server ma switches khac co the synchoronize, ma ko can config
VLANs tren switch
CHU Y
- Vi muc dich security, manual config la can thiet. DTP nen dc disabled tren tat ca
switchports
============================================================
Day 20 + 21: STP (Spanning Tree Protocol)
TU MOI
- network redundancy: du phong mang
- STP (Spanning Tree Protocol)
- PVST (Per-VLAN Spanning)
- BPDUs (Bridge Protocol Data Units)
- converged: hoi tu
- collision domain: va cham
- stable: on dinh
BAI HOC
- Spanning tree la 1 layer 2 protocol
- Broadcast storm, khi co du looped broadcasts tich tru trong mang, network se bi
qua congested boi legitimate traffic dc dung trong network.
+ Clock-wise loop
+ Counter - clockwise loop
+ MAC Address Flapping: xay ra khi switch tiep tuc update the int trong bang MAC
address table cua no, co che Dynamic Address update nhieu lan khi source MAC
address den tu interface
- STP hay con goi la Classic Spanning Tree Protocol
+ STP ngan chan Layer 2 loops bang viec dat redundant ports trong 1 blocking state,
ve co ban la vo hieu hoa interface
+ Nhung int hd nhu backups no co the chuyen sang forwarding state neu 1 active int
fails
+ Interfaces trong forwarding state hd binh thuong. Chung send va receive tat ca
normal traffic
+ Interfaces trong blocking state chi gui hoac nhan STP messages (dc goi la BPDUs =
Bridge Protocol Data Units)
+ STP lua chon cac ports dang forwading va ports dang blocking, STP tao 1 single
path to/from vai point trong network
+ STP enabled switches gui/nhan Hello BPDUs ra khoi all interfaces, time default la
2 second (Moi lan 2 giay)
+ Neu 1 switch nhan 1 Hello BPDU tren 1 interface, no bit rang interface dc
connected den another switch
- BPDUs dc sd cho viec:
+ Switches sd 1 filed trong STP BPDU, bridge ID field, de chon 1 root bride cho
network
+ Switch vs lowest BridgeID tro thanh root bridge
+ Tat ca ports tren root bridge la DESIGNATED PORT dc dat trong mot forwarding
state, va switches khac trong topology phai co 1 path de reach the root bridge
- Bridge ID gom Bridge Priority(16bit) + MAC Address(48bit)
+ Gia tri mac dinh Bridge Priority la 32768 (bit 1 dau cua 16bit) tren all
switches, nen theo mac dinh the MAC address dc sd nhu tie-breaker
++ Nen lowest MAC address la the root bridge
++ Bridge ID gom 2 phan: Bridge Priority(4 bits) + Extended System ID (=VLAN ID)
(12 bits)
++ VLAN ID gtri mac dinh la 1 (bit 1 cuoi 12 bit) -> gtri mac dinh cua bridge
priority la 23769
++ Extended system ID dc set va ko the changed (vi no dc xac dinh boi VLAN ID
++ Chi co the thay doi tong bridge priority trong units cua 4096 (bit thu 13 cua
Bride ID)
- Port roles trong Spanning tree
+ Forwarding state - designated port
+ Blocking state - non-designated ports, int o day van nhan STP BPDUs nhung ko
forward STP BPDUs va learn MAC address
+ Listening state: dien ra sau blocking state
+ Forwarding state: dien ra sau listening state
- Khi switch powered on, no se coi no la root bridge, se tu bo no neu nhan mot
'superior' BPDU (lower bridge id)
+ Moi lan topology converged va tat ca switchs agree trong root bridge, chi co root
bridge gui BPDUs
- Cac buoc tao loop-gree Layer 2 LANs
+ B1: The switch vs lowest bridge id elected nhu the root bridge (co cost la 0).
Tat ca ports trong root bridge la designated ports.
+ B2: Nhung switch con lai se chon ONE trong so cac int cua no la root port. Int vs
lowest root cost se la root port (La mot forwarding state).
++ Neu cung root cost no se chon tiep lowest neighbor bridge ID
++ Se chon tiep toi lowest neighbor port id (= port priority (128) + port number)
++ Root cost mang gtri theo int (10 Mbps: 100, 100 Mbps: 19, 1 Gps: 4, 10 Gbps: 2)
++ Logic cua SW: khi int nhan vao dau se mang gtri ban dau cua sw trc, int dau ra
se co cost dc cong them vao cost o cong gtri dau
- (Ko thuoc role cua Spanning tree) Disabled state hieu don gian la mot int
administratively diasbled, mean shutdown
- Listening and lerning la transitional states no dc di khi 1 int dc active, hoac
khi 1 blocking port phai transition chuyen thanh forwarding state vi 1 thay doi o
network topology
- Sau khi blocking state, int designated or root role vao LISTENING steate (non-
designated luon bi block)
+ Listening state dai 15 seconds long theo default. Xd boi Forward delay timer
+ Int nay chi forwards/receives STP BPDUs
+ Int nay ko send/receives regular traffic
+ Int nay ko hoc MAC address tu regular traffic di den int
- Sau khi learning state, 1 designated or root port se vao Learning state
+ Learning state dai 15 sec long theo default. XD boi Forward delay timer - Mac
dinh mat 30s de chuyen ca Listening va Learning states sang forwarding state
+ Int nay chi forwards/receives STP BPDUs
+ Int nay ko send/receives regular traffic
+ Int nay HOC MAC address tu regular traffic di den int
- RSTP vs Cisco's Rapid PVST+ operates doi khi giong nhau nen goi cung ten dc
- Diem giong giua STP va RSTP
+ RSTP servers co cung muc dich nhu STP,blocking specifics ports de tranh Layer 2
loops.
+ RSTP elects 1 root bridge vs cung role nhu STP
+ RSTP elects root port vs cung nhu rules nhu STP
+ RSTP elects designated port vs cung rules nhu STP
- Diem khac giua STP vs RSTP
+ RSTP cost nhieu hon STP cost (ex: 10mps: 2000000, 100 Mbps: 200000, ...)
+ Giam so states xuong con 3 states so vs STP la: discarding (blocking + disable
cua STP), Learning, forwarding
++ Neu 1 port la administrativelu disabled (shutdown) = discarding state
++ Neu 1 port dc cho phep nhung blocking traffic de tranh prevent layer 2 loops =
discarding state
- RSTP roles
+ Root port role duy tri unchanged trong RSTP
++ Port gan nhat vs root bridge tro thanh root port cho switch
++ Root bridge chi la switch ko co 1 root port
+ Designated port role duy tri unchanged trong RSTP
++ Port trong 1 segment (collision domain) gui the best BPDU la segment's
designated port (moi lan 1 segment)
+ Non-designated port role dc split into (chia thanh) 2 roles rieng biet trong
RSTP:
++ Alternate port role
+++ RSTP alternate port role la 1 discarding port nhan 1 superior BPDU tu switch
khac
+++ Day giong nhu bn hc ve blocking ports o classic STP
+++ Neu root port fails, switch co the immediately move its best alternate port de
forwarding
++ Backup port role
- STP optional feature dc build into RSTP la PortFast, BackboneFast va UplinkFast
(KO TEST)
+ BackboneFast cho fep SW3 expire the made age timers trong its int va nhanh chong
forward the superior BPDUs sang SW@
+ This funcionality dc built into RSTP, nen no ko can config
- Tat ca swiches chay Rapid STD gui their own BPDUs moi hello time (2s)
- Switches 'age' the BPDU information nhanh hon nhiu. Trong classic STP, switch cho
10 hello intervals (20s), trong rapid STP, switch coi 1 neighbor lost neu no miss 3
BPDUs (6s). No se 'flush' tat ca MAC address learned trong int nay
- RSTP link types
+ RSTP phan biet giua 3 diff 'link type'
++ Edge: 1 cong dc ketnoi toi 1 end host. Move ngay thanh forwarding, ko can
negotiation
++ Point-to-point: 1 direct connection giua 2 SW
++ Shared: 1 connection den 1 hub. Phai operate trong half-duplex mode.
COMMNAD
- show spanning-tree vlan 1: xem cau hinh o vlan1 (mac dinh se la vlan0001)
- RSTP backup port role la 1 discarding port nhan 1 superior BPDU tu int khac
trong cung same switch
+ Dieu nay xay ra khi 2 int dc connected cho cung collision domain (via a hub)
+ Nhung hub ko dc dung trong modern networks, nen se ko xay ra 1 RSTP backup port
+ RSTP backup port chuc nang nhu 1 backip cho a designated port
CHU Y
- Phan lon PCs chi co 1 single network int card (NIC), nen nhiu may chu (servers)
phai co nhieu NICs
- Redundancy cung cap nhieu path keet noi giua cac switch vs nhau
- Spanning Tree Protol de khac phuc tinh trang Mac Address Flapping
- Hub (chi don gian flooded frames ra khoi all interfaces) co trc Bridge(co STP
nhung ko dung trong modern networks) va co trc Switch
- Routers, PCs, etc ko sd STP, nen no ko gui Hello BPDUs
- Cisco switches sd 1 version cua STP goi la PVST (Per-VLAN Spanning), PVST chay
mot STP 'instance' rieng biet trong moi VLAN -> moi VLAN o int khac nhau co the
forwarding/blocking
- Cac port dc ket vs switch's root port nen la designated port, cac switch khac se
ko the block no
- The NEIGHBOR switch port ID se dung lm break the tie, ko fai local switch port ID
- Moi collision domain co 1 single STP designated port, 1 cong se la designated
port cong con lai se la non-designated
- Network stable thi moi spanning tree int se dc stable
+ Move ngay lap tuc sang forwarding state, chuc nang nay giong nhu 1 optional
feature classic STP goi la UplinkFast. (vi no dc build into RSTP, ko can activate
UplinkFast khi dung RSTP/ Rapid PVST+
- RSTP ko fai 1 time-based spanning tree alogrithm giong 802.1D. Nhung RSTP offer 1
improvement nhiu hon 30s hoac hon ca 802.D de chuyen 1 link sang forwarding. The
heart of protocol nay la new bridge-bridge handshake mechanism - cho phep cong truc
tiep chuyen sang forwarding
- Int vs lowest port id se dc chon nhu designated port, va cai khac se la backup
port
- BPDU Type: Configuration (0x02) nghia la RSTP BPDU co protocol v2, classic ST co
v0, con (0x00) nghia la classic STP
- Classic STP, chi root bridge originated BPDUs, va switches khac chi forwarded the
BPDUs chung nhan. Con rapid STP, tat switches originate va gui their own BPDUs tu
their designated ports
-

Ccna

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ccna

Uploaded by

Copyright:

Available Formats

Video day1:

- RJ-45 connector dc sd tren end of the copper ethernet cable

You might also like