O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Cisco Networks: Engineers’ Handbook of Routing, Switching, and Security with IOS, NX-OS, and ASA

Book Description

This book is a one-stop desk reference and synopsis of basic knowledge and skills for Cisco certification preparation. For beginning and experienced network engineers tasked with building LAN, WAN, and data center connections, this book lays out clear directions for installing, configuring, and troubleshooting networks with Cisco devices. The full range of certification topics is covered, including all aspects of IOS, NX-OS, and ASA software. The emphasis throughout is on solving the real-world challenges engineers face in configuring network devices, rather than on exhaustive descriptions of hardware features.

This practical desk companion doubles as a comprehensive overview of the basic knowledge and skills needed by CCENT, CCNA, and CCNP exam takers. It distills a comprehensive library of cheat sheets, lab configurations, and advanced commands that the authors assembled as senior network engineers for the benefit of junior engineers they train, mentor on the job, and prepare for Cisco certification exams. Prior familiarity with Cisco routing and switching is desirable but not necessary, as Chris Carthern, Dr. Will Wilson, Noel Rivera, and Richard Bedwell start their book with a review of the basics of configuring routers and switches. All the more advanced chapters have labs and exercises to reinforce the concepts learned.

This book differentiates itself from other Cisco books on the market by approaching network security from a hacker’s perspective. Not only does it provide network security recommendations but it teaches you how to use black-hat tools such as oclHashcat, Loki, Burp Suite, Scapy, Metasploit, and Kali to actually test the security concepts learned.

Table of Contents

  1. Cover
  2. Title
  3. Copyright
  4. Dedication
  5. Contents at a Glance
  6. Contents
  7. About the Author
  8. About the Technical Reviewer
  9. Acknowledgments
  10. Introduction
  11. Chapter 1: Introduction to Practical Networking
    1. Tools of the Trade
    2. Open Systems Interconnection (OSI) Model
    3. Physical Layer
    4. Data Link Layer
    5. Network Layer
    6. Transport Layer
      1. Connection-Oriented
    7. Session Layer
    8. Presentation Layer
    9. Application Layer
      1. The OSI Model: Bringing It All Together
    10. TCP/IP Protocol
      1. TCP/IP Application Layer
      2. TCP/IP Transport Layer
      3. TCP/IP Internet Layer
      4. TCP/IP Network Interface Layer
      5. Reliability
      6. Three-Way Handshake and Connection Termination
      7. User Datagram Protocol
    11. Port Numbers
    12. Types of Networks
      1. Personal Area Network
      2. Local Area Network
      3. Campus Area Network
      4. Metropolitan Area Network
      5. Wide Area Network
      6. Wireless Wide Area Network
      7. Virtual Private Network
    13. Hierarchical Internetwork Model
    14. Summary
  12. Chapter 2: The Physical Medium
    1. The Physical Medium
    2. Standards
    3. Cables
      1. Twisted Pair Cable
      2. Coaxial Cable
      3. Fiber Optical Cabling
      4. Fiber Optic Transmission Rates
      5. Wireless Communication
    4. The Ethernet
    5. Duplex
      1. Time-Division Duplexing
      2. Frequency-Division Duplexing
    6. Autonegotiation
    7. Unidirectional Link Detection
    8. Common Issues
      1. Duplex Mismatch
      2. Bad Connector Terminations
    9. Summary
  13. Chapter 3: Data Link Layer
    1. Protocols
      1. The Address Resolution Protocol (ARP)
      2. The Reverse Address Resolution Protocol (RARP)
    2. Link Layer Functions
      1. Framing
      2. Addressing
      3. Synchronizing
      4. Flow Control
    3. Link Layer Discovery Protocol (LLDP)
      1. Class of Endpoints
      2. LLDP Benefits
    4. Cisco Discovery Protocol (CDP)
    5. Summary
  14. Chapter 4: The Network Layer with IP
    1. IP Addressing (Public vs. Private)
      1. Public
      2. Private
    2. IPv4
      1. Class A
      2. Class B
      3. Class C
      4. IPv4 Packet Header
    3. IPv6
      1. IPv6 Packet Header
    4. Classless Inter-Domain Routing
    5. Subnetting
      1. Subnet Mask
    6. Variable Length Subnet Masking
      1. Classful Subnetting
    7. Subnetting Exercises
    8. Subnetting Exercise Answers
      1. Exercise 1 Answers
      2. Exercise 2 Answers
      3. Exercise 3 Answers
      4. Exercise 4 Answers
    9. Summary
  15. Chapter 5: Intermediate LAN Switching
    1. Configuration Help
    2. Displaying the Running Configuration
    3. Configuring the Router
    4. Switching
    5. EtherChannel
    6. Spanning Tree Protocol
      1. Why Do You Need STP?
      2. How STP Works
      3. Bridge Protocol Data Units
      4. Rapid Spanning Tree Protocol
    7. Exercises
    8. Exercise Answers
      1. Exercise 1
      2. Exercise 2
      3. Exercise 3
    9. Summary
  16. Chapter 6: Routing
    1. Static Routing
      1. The Process of Routing
      2. Default Routing
      3. Testing Connectivity
    2. Dynamic Routing Protocols
      1. Distance-Vector Routing Protocol
      2. Link-State Routing Protocol
      3. Hybrid Routing Protocol
    3. RIP
      1. Configuration
      2. Authentication
    4. EIGRP
    5. OSPF
      1. Configuring OSPF
      2. Router ID
    6. BGP
      1. BGP Configuration
    7. Administrative Distance
      1. RIP
      2. EIGRP
      3. OSPF
      4. BGP
    8. Exercises
    9. Exercise Answers
      1. Exercise 1
      2. Exercise 2
      3. Exercise 3
      4. Exercise 4
      5. Exercise 5
    10. Summary
  17. Chapter 7: VLANs, Trunking, VTP, and MSTP
    1. Virtual Logical Network (VLAN)
      1. VLAN Configuration
    2. Trunking
      1. Trunk Configuration
      2. Routing Between VLANs
      3. Routing VLANs Configurations
    3. VLAN Trunking Protocol
      1. VTP Modes
    4. Multiple Spanning Tree Protocol
      1. MSTP Configuration
    5. Exercises
    6. Exercise Answers
      1. Exercise 1
      2. Exercise 2
      3. Exercise 3
    7. Summary
  18. Chapter 8: Basic Switch and Router Troubleshooting
    1. Troubleshooting 101
      1. Documenting Your Network
    2. First Things First: Identify the Problem
      1. Top-Down Approach
      2. Bottom-Up Approach
    3. Physical Medium and Ethernet
    4. VLANs and Trunks
    5. EtherChannel
    6. VTP
    7. Spanning Tree
    8. Routing
      1. Static Routing
    9. Dynamic Routing
      1. RIP
      2. EIGRP
      3. OSPF
      4. BGP
    10. Exercises
    11. Exercise Answers
      1. Exercise 1
      2. Exercise 2
      3. Exercise 3
      4. Exercise 4
      5. Exercise 5
      6. Exercise 6
      7. Exercise 7
    12. Summary
  19. Chapter 9: Network Address Translation and Dynamic Host Configuration Protocol
    1. NAT
      1. Static Nat
      2. Dynamic NAT
      3. Port Address Translation (PAT)
    2. DHCP
      1. DHCP Process
      2. Setting up a Router As a DHCP Client
      3. Setting up a Router to Send a Request to a DHCP Server
      4. Setting up a Router As a DHCP Server
    3. Exercises
    4. Exercise Answers
      1. Exercise 1
      2. Exercise 2
      3. Exercise 3
      4. Exercise 4
    5. Summary
  20. Chapter 10: Management Plane
    1. The Management Plane Defined
    2. Authentication and Authorization Basics
      1. User Accounts
    3. Password Recovery
    4. Banners
    5. Management Sessions
      1. Telnet
      2. SSH
      3. Console and Auxiliary Lines
    6. Disabling Services
      1. Disabled Services
      2. Disabled Services on Interfaces
    7. Authentication, Authorization, and Accounting (AAA)
      1. RADIUS
      2. TACACS+
    8. Monitoring/Logging
      1. Simple Network Management Protocol
      2. syslog
    9. Exercises
    10. Exercise Answers
      1. Exercise 1
      2. Exercise 2
      3. Exercise 3
    11. Summary
  21. Chapter 11: Data Plane
    1. Traffic Protocols
    2. Filters and Introduction to Data Plane Security
    3. State Machines
    4. Stateful Protocols
    5. Stateless Protocols
    6. NetFlow and sFlow
    7. Exercises
    8. Summary
  22. Chapter 12: Control Plane
    1. Layer 2
    2. Routing Protocols
      1. Interior Gateway Protocols
      2. Exterior Gateway Protocols
    3. Protocol Independent Multicasting
    4. Domain Name System
    5. Network Time Protocol
    6. Exercises
      1. Preliminary Work
      2. OSPF
      3. BGP
      4. NTP
      5. EIGRP Named Mode with Authentication
      6. Multicast
    7. Exercise Answers
      1. Preliminary Configuration
      2. OSPF
      3. BGP
      4. NTP
      5. EIGRP Name Mode with Authentication
      6. Multicast
    8. Summary
  23. Chapter 13: Introduction to Availability
    1. High Availability
    2. First Hop Redundancy Protocol (FHRP)
      1. HSRP
      2. VRRP
      3. GLBP
    3. Multilinks
    4. Availability Exercises
    5. Exercise Answers
      1. Exercise 1
      2. Exercise 2
      3. Exercise 3
      4. Exercise 4
    6. Summary
  24. Chapter 14: Advanced Switching
    1. Port Security
    2. DHCP Snooping
    3. HSRP
    4. VRRP
    5. Server Load Balancing (SLB)
    6. TFTP
    7. IOS Switch Upgrade
    8. Password Recovery
      1. Virtual Switching Systems (VSS)
    9. Advanced Switching Exercises
    10. Advanced Switching Exercise Answers
      1. Exercise 1
      2. Exercise 2
    11. Summary
  25. Chapter 15: Advanced Routing
    1. Policy-Based Routing Using Route Maps
    2. Redistribution
      1. RIP Redistribution Overview
      2. EIGRP Redistribution Overview
      3. OSPF Redistribution Overview
      4. BGP Redistribution Overview
      5. Avoiding Loops and Suboptimal Routing
    3. EIGRP
      1. Unicast
      2. Summarization
      3. Load Balancing
      4. EIGRP Stub
      5. Traffic Engineering with EIGRP
      6. Authentication
    4. Multiarea and Advanced OSPF
      1. Summarization
      2. OSPF Stub
      3. Cost Manipulation
      4. OSPF Virtual Link
      5. Authentication
    5. BGP
      1. Address Families
      2. Peer Groups and Templates
      3. Dynamic Neighbors
      4. Next Hop Issues with iBGP
      5. Anycast
      6. Traffic Engineering with BGP
    6. IPv6 Routing
      1. EIGRPv6
      2. OSPFv3
    7. GRE Tunnels
      1. BGP Issues
    8. IPSec
      1. IOU8 Configuration
      2. IOU9 Configuration
    9. Advanced Routing Exercises
      1. Exercise 1: EIGRP and OSFP Redistribution
      2. Exercise 2: GREand IPSEC
      3. Exercise 3: BGP
      4. Exercise 4: IPv6 OSPF and EIGRP Redistribution
    10. Exercise Answers
      1. Exercise 1
      2. Exercise 2
      3. Exercise 3
      4. Exercise 4
    11. Summary
  26. Chapter 16: Advanced Security
    1. Owning Your Spanning Tree
    2. Securing Your Trunks and Ports
    3. 802.1x (dot1x)
      1. Examples Using OpenSSL to Generate Signed Certificates
    4. CDP and LLDP
    5. ARP the Way to IP
    6. Private VLANs
      1. Use Case
      2. Promiscuous vs. Community vs. Isolated
      3. Configuration
      4. Using Extended ACLs, PACL, and VACL
      5. VACL
      6. PACL
    7. AAA
      1. Use Case
      2. Console
      3. AUX Port
      4. VTY Ports
      5. Local Authentication and Authorization
      6. Remote AAA (TACACS, RADIUS)
      7. Configuration
    8. Advanced Security Exercises
      1. Exercise 1: Extended ACL Exercises
      2. Exercise 2: AAA Exercises
    9. Exercise Answers
      1. Exercise 1
      2. Exercise 2
    10. Summary
  27. Chapter 17: Advanced Troubleshooting
    1. Access Control List
    2. VACL
    3. PACL
    4. Network Address Translation
      1. Static NAT
      2. Dynamic NAT
      3. Overload
    5. HSRP, VRRP, and GLBP
      1. HSRP
      2. VRRP
    6. EIGRP
    7. OSPF
    8. BGP
      1. Neighbor Relationships
      2. Missing Prefixes
    9. Route Redistribution
      1. EIGRP
      2. OSPF
    10. GRE Tunnels
      1. Recursive Routing
    11. IPSec
    12. IPv6
    13. Advanced Troubleshooting Exercises
    14. Exercise Answers
      1. Exercise 1
      2. Exercise 2
    15. Summary
  28. Chapter 18: Effective Network Management
    1. Logs
    2. Simple Network Management Protocol
    3. Service Level Agreements and Embedded Event Manager
    4. sFlow and Netflow Tools
    5. Intrusion Detection and Prevention Systems
    6. Management and Design of Management Data
    7. Exercises
      1. syslog
      2. SNMP
      3. Service Policy
    8. Exercise Answers
      1. Initial Configuration
      2. syslog
      3. SNMP
      4. Service Policy
    9. Summary
  29. Chapter 19: Data Center and NX-OS
    1. NX-OS
      1. SSH and Telnet
      2. User Accounts
    2. VLAN
      1. Configuring a Non-Routed VLAN
      2. Configuring a VLAN As a Routed Switched Virtual Interface (SVI)
    3. VLAN Trunking Protocol
    4. EIGRP
    5. OSPF
    6. BGP
    7. Port Channels
    8. Port Profiles
    9. FEX
    10. First Hop Redundancy Protocols
      1. HSRP
      2. VRRP
      3. GLBP
    11. Network Virtualization
      1. Virtual Device Context (VDC)
      2. Virtual Port Channel (vPC)
      3. Virtual Routing and Forwarding (VRF) Lite
    12. NX-OS Exercise
    13. Exercise Answer
    14. Summary
  30. Chapter 20: Wireless LAN (WLAN)
    1. Wireless LANs (WLANs)
    2. Wireless Standards
    3. Wireless Components
      1. Wireless Access Points
      2. Wireless Controllers/Switches
      3. Wireless Bridges
      4. Wireless Repeaters
      5. Wireless Antennas
    4. Installing a WLAN
      1. Wireless Site Survey
      2. Range, Signal Strength, and Performance
      3. Access Point Installation
      4. Access Point Configuration
      5. WLAN Controller Installation
      6. WLAN Controller Configuration
    5. Security
      1. Encryption and Authentication
      2. Threats and Vulnerabilities
    6. Wireless Exercise
    7. Exercise Answers
    8. Summary
  31. Chapter 21: ASA and IDS
    1. Testing Policies in Safe Environment
    2. Initial Setup
    3. Baseline the Network
    4. Access Rules
    5. Open Services
    6. Anti-Spoofing
    7. Fragmentation
    8. Designing Service Policies
      1. Passwords
  32. Chapter 22: Introduction to Network Penetration Testing
    1. Overview
    2. Reconnaissance and Scanning
      1. Vulnerability Assessment
    3. Exploitation
    4. Summary
  33. Chapter 23: Multiprotocol Label Switching
    1. Multiprotocol Label Switching Basics
      1. Label Protocols
      2. LDP Security and Best Practices
      3. LDP Verification
    2. MPLS VPN
      1. Site-to-Site VPN
      2. Shared Extranet
      3. Leaking Prefixes
    3. IPv6 over MPLS
    4. Exercises
      1. MPLS Backbone
      2. Site-to-Site VPN
      3. Leak to Customer B
      4. Tunneling IPv6
    5. Exercise Answers
      1. MPLS Backbone
      2. Site-to-Site VPN
      3. Leak to Customer B
      4. Tunneling IPv6
    6. Summary
  34. Index