Escolar Documentos
Profissional Documentos
Cultura Documentos
jynfolYoabmxm;
I J
X
bk 7 m;
I w7m; J
I oH C m J
I wdt
k m; OD;xdyyf efqif &Scd ;kd uefawmhyg.?
J
I
( azaz )/ ( arar )
w,fw,f/ rmrm;
q7m udknDnDaxG;
( ud_k zdK; )
wkt
d m; Tpmtky-f zifh uefawmhyg.?
aZmfvif; (YOUTH Computer Co., Ltd) rS
a&;om;xkwfa0NyD;aompmtkyfrsm;
apwemrsm;pGmjzifh
aZmfvif;
pma&;ol
rmwdum
CHAPTER 1 Introduction
C HAPTE R 2 IOS
CH A P T E R 7 Switching
CHAPTER 8 VLAN
9.1 SecurityESiAccess-List
hf wd\
Yk tajccHoabmw&m;rsm; - 178
9.1.1 Secured Network wpfctk wGi;f StoH
d ;k tESKe;f rsm; - 179
9.1.2 Cisco IOS Firewall - 182
9.1.3 Basic and Advanced Traffic Filtering - 184
9.2 Access Lists rsm;taMumif; - 186
9.2.1 Access Lists tvkyfvkyfyHk - 186
9.2.2 Traffic \ Direction trsdK;tpm;rsm; - 187
9.2.3 Access List aqmuf&mwGivd f u
k ef moifah omtcsurf sm; - 190
9.2.4 ACL aMumifa h vsmuh somG ;Edik af omSecurity Threats rsm; - 191
9.2.5 ACL udo k ;kH r,fq&kd if'gawGurjkd zpfraevkyaf y;zdv
Yk ykd gw,f - 192
9.3 Basic Access List rsm;taMumif; - 192
9.3.1 Standard Access List - 192
9.3.2 Wildcard Mask - 195
9.3.3 Block Size, Wildcard wdkYeJYywfowfrSwfp&mrsm; - 196
9.3.4 Create vkyfNyD;om; Standard Access List udkInterface
ay:wiG Apply
f vkyjf cif; - 198
9.3.5 Extended Access List - 202
9.3.6 Client rsm;rSTelnet jzifAccess
h vkycf iG yhf rmPtm;uefo
Y wfjcif; - 209
9.4.1 Advanced Access List rsm;taMumif; - 210
9.5.1 aqmufNyD;oGm;aomAccess List rsm;udjk yefvnfMunfh jI cif; - 217
9.6 IOS Firewall ESiProxy
hf Server - 218
9.6.1 Cisco IOS Firewall (Context-Based Access Control) - 218
9.6.2 Authentication Proxy - 220
C H A P T E R 10 NAT
yHk 1.1
Product of YOUTH
-5-
1.3 Cisco Certifications vrf;aMumif;rsm;
1/ Entry (CCENT)
2/ Associate (CCNA)
3/ Professional (CCNP)
4/ Expert (CCIE)ESihf
5/ Architect wdyYk jJ zpfygw,f/tJ'h rD mS rSGeneral Certifications rSmvrf;aMumif;u(7)ckjyefcJG
xGuo
f mG ;ygao;w,f/ tJ'h gawGukd wpfcg wef;pDNy;D azmfjy&r,fq&kd ifjzifh -
CCDA
1/ LAN ESiWAN
hf udkaumif;pGmInstall vkyw
f wf&r,f/Configure vkywf wf&r,f/Oper-
ate vkyE f ikd &f r,f/aemufawmhWireless Access Services udka&myJ/'gawGtm;vHk;udkSecure
jzpfpmG vkyEf ikd &f r,f/aemufNy;D awmhNetwork ao;ao;av;uaetv,ftvwfNetwork
avmufxdudkConfigure vkyEf ikd &f r,f/Troubleshoot vkyEf ikd &f r,f/Performance vnf;aumif;
&r,f/Network uao;ao;av;yguGefysLwmtvHk;ta&twGufodyfrrsm;ygbl;/500atmufaygh/
t[D;/ 'gutao;uae tv,ftvwfyJ ydS gao;w,f/
2/ aemufNyD;awmhIP, IPV6, EIGRP, RIP, RIPv2, OSPF, Serial Connections, Frame Re-
lay, DSL, PPPoE, LAN Switching, VLANs, Ethernet, Security, Access Lists, Cable
wdu
Yk v
kd nf;toH;k jyKEikd &f r,f/
2/ 'kw,
d enf;vrf;uawmh pmar;yGJ 2 ck ajz&r,f/
Product of YOUTH
-9-
- 640-822 qdkwInterconnecting
Jh Cisco Networking Devices 1 (ICND1) &,f
- 640-816 qdkwIntroduction
Jh to Cisco Networking Devices 2 (ICND2) &,fyg/
yHk 1.2
ICND1 (640-822) atmifc&hJ if ICND2 (640-816)
Exam udODk ;pGmajzyg/ Exam udquf
k ajzyg/
atmifc&hJ if
CCNA (640-802) Exam atmifc&hJ if CCNA
udk wdu
k f u
dk af jzjcif; jzpfNy/D
1.8 'DvdkyHkpHawGar;rSm
yHk 1.3
owdxm;&rSmuar;cGef;awGudkzwfvdkuf&if'grSr[kwMultiple
f Choice awGudkMunfhvdkuf&if
ar;cGe;f awGu wpfcEk iS w
hf pfcw
k al eovdv
k dk tajzawGu [d[k mvdv k kd 'D[mvdvk kd jzpfwwfygw,f/
t*Fvdyfvdkajym&ifawmhAmbiguous ayg/h 'd[ G jzpfaewm/tJ'h guawmhCCNA rSmrSr[kwfbl;/
Product of YOUTH
- 11 -
'Dvpmar;yG
kd aJ wGu'Dtwdik ;f csn;f yJ/Command awGu kd x f nfw h t hJ cgrmS vnf;'Dtwdik ;f ygy/J aSUaemuf
tpDtpOfruswmwd?Yk pmvH;k wpfv;kH pESpv f ;kH pjyKwu f secf w
hJ mwdtJ Yk o
h vdjk zpfomG ;wmeJ'gY utrS kd waf y;rSm
r[kwfawmhygbl;/'DawmhuRefawmftaeeJYpmar;yGJajzr,fholawGudktBuHay;csifwmuHands-on
Experience awGudkBudrfzefrsm;pGmvkyfyg/tJhovdkvkyfae&if;eJY'DudpawG[mudk,fhtwGufbmrS
r[kwaf wmhbJ vkyaf eusupd w pfcv k kd jzpfomG ;ygvrd rhf ,f/ aeYpOfxrif;pm;aewm arSmifBu;D rJBu;D
xJrmS xrif;xdik pf m;vnf;yg;pyfayguu f v kd ukd pf rf;p&mrvdb k ;l /bmvdv Yk nf;qdak wmhtusijhf zpfomG ;wm/
tJo
h vkrd sKd ; oifcef;pmawG[m ud, k thf wGuf vkyaf eustvkyw f pfcv k kd jzpfomG ;Nyq
D akd wmhrS 0ifajzap
csiw
f myg/
yHk 1.4
2/ ar;cGe;f awGukd aocsmzwfyg/ ar;cGe;f uSnaf evdYk &dS ifvnf; pmwpfv;kH csi;f wpfaMumif;csi;f
aocsmzwfyg/ bmar;wmvJ odcsiaf ZmeJY ar;cGe;f tqH;k udk wpfcgwnf;ausmrf zwfyge/YJ aMomf 'gukd
ar;wmyJ 'Dtajzigoo d uG qdNk y;D tm;&yg;& ajzcsvukd w
f wfygw,f/ tJ'h gawGaMumifh tusrsm;wmyg/
wpfcsKd Uu ar;cGe;f udk tvGwu f suxf m;w,f/ ar;cGe;f udk aocsmrzwfawmh txJrmS ar;cGe;f vSnx hf m;
wmudrod k b;l /'DtajzyJqNkd y;D wef;ajzcsvukd w
f m/'gpmr&vdu Yk swmr[kwb f ayg
J q
h vdu Yk swmjzpfomG ;Ny/D
oluolusreS ;f vJoad &m'gb,fvjkd zpfwmvJaygholtm;vH;k ajzEdik w f ,fayghponfjzifhjzpfwwfygw,f/
yHk 1.5
Product of YOUTH
- 13 -
4/ Multiple Choice ar;cGe;f awGuaj kd zwJt
h cgb,f[mutajzrSev f nf;qdw k mudoJ k upJG mG
rodc&hJ ifbmutrSev f nf;qdw k m'd[G jzpfaecJ&h ifoifvyk &f rSmuolay;xm;wJMultiple h Choice
xJrS rjzpfEikd w
f hJ tajzawGukd t&ifq;kH z,fxw k yf pfvukd yf g/ Ny;D &if tJ'h gawGukd rpOf;pm;eJaY wmh/ wjznf;
jznf;eJScope
Y udu k sO;f csvu
kd /f rjzpfEikd af wmhwmawGz,fxw k Nf y;D t[rf;tvSr,fawGa&G;ovdak ygAh sm
Zumwifayg/h aemufq;kH Zumwifxu J wu,ft h ajzrSeu f kd a&G;xkwEf ikd zf Ykd BuKd ;pm;&rSm jzpfygw,f/
aAsmifawmifawmif aAaA;*sd awGygawGvyk rf aeeJaY emf/
6/ ajzNy;D oGm;wmeJoif
Y atmifvm;ratmifb;l vm;qdw k mudcsk ucf si;f od&rSmjzpfygw,f/Ny;D awmh
tJ'h Exam
D Centre uaeoift h rSwyf gwatmif
hJ jrifaMumif;Report udkxkwfay;vdkufrSmjzpfygw,f/
tJ'h gav;udk aocsmodr;f xm;yg/ vH;k 0 raysmufygapeJ/Y tJ'h t D xJrmS vnf; pmar;yGEJ iS yhf wfoufwhJ
Code awGPIN (Personal Identification Number) awGygygw,f/ta&;taMumif;wpfcc kv k aJG csmcf &hJ if
'gav;utoH;k 0ifrmS yg/atmifjrifaMumif;udtrS k wpf m&if;ESiw hf uGCisco udk&ufydkif;twGif;ydkYay;rSm
jzpfwt hJ wGuaf Mumifh oifuaerS wpfzefypYkd &mrvdyk gb;l / wpfcak wmhydS gw,f/ 'gu ud, k af jzwJh Edik if H
ESiExam
hf Centre ay:vnf;rlwnfygw,f/Ny;D &ifcefr Y eS ;f ajcwpfvavmufrmS Certificate udk
&Syd gvrd rhf ,f/'DxufyMkd umcsivf nf;Mumygvrd rhf ,f/pmar;yGaJ jzqdpk Ofuwnf;ujznfph u G &f wJhForm
rSmCertificate udak y;ydaYk pcsiw f vd
hJ ypf mtwdik ;f a&mufv dS mrSmjzpfygw,f/
uRefawmfCertified Novell Administrator ajzwke;f uawmh,d;k ',m;rSmajzwmjzpfygw,f/
atmifwek ;f uawmh tcsed u f mvu 1996 Mo*kwv f wke;f avmufuyg/ vdypf majymif;bmajymif;eJY
wu,fwrf;uRefawmhfvufxCertificate J a&mufvmcsdefu1997{NyDavmufrSa&mufvmwm
jzpfygw,f/uReaf wmft h ouft&G,u f tJ'h w D ek ;f uavwdu k v f opfYkd &u G af <u&ifawmifvGr;f armwwfwhJ
touf 20 t&G,jf zpfygw,f/ 'Dawmhvnf; aysmv f ukd w f hJ jzpfjcif;aygAh sm/ vrf;avQmuf&ifawmif
ajrBuD;u atmufudk wpfayavmufedrfh0ifaeovdkyJ/ tJh'D vufrSwfwpfckaMumifhyJ uRefawmf[m
wpfjcm;toufarG;0rf;ausmif;rIawGuravh kd vmjzpfawmhbuG J eyf sLwmESiyhf touf
J arG;0rf;ausmif;jyK
Road to CCNA (Exam 640-802)
- 14 -
cJyh gw,f/uReaf wmfajymcsiw f mutcktcsed uf awmhvli,fawGukduReaf wmft h awGUtBuKH awGjyefajym
&r,fh tcsed af &mufomG ;NyjD zpfwmaMumifh BuKH czhJ ;l orQav;awG oifcef;pmav;awGukd uReaf wmf
tvsi;f oifoh vdk rQa0ay;oGm;OD;rSm jzpfw,fqw kd hJ taMumif;av;yg/
Product of YOUTH
- 15 -
Printer Sharing tpSw d hJ Service, Video Conferencing Service, Web Service tpSw d hJ Ser-
vice awGtrsKd;rsKd;udkvufcH&SdEkdifr,fvdkYajymwmjzpfygw,f/atmufrSmazmfjyxm;wJhyHkav;udkMunfh
vdu
k yf g/
yHk 1.6
yHk 1.7
wpfzufrmS azmfjyay;xm;wJyh t
kH wdik ;f tckq&kd ifod;D jcm;pDadS ewJNetwork
h A ESiNet-
hf
work B qdkwNetwork
Jh (2)ckuawG
kd UjrifEikd yf gw,f/
Product of YOUTH
- 17 -
yHk 1.8
atmufrSmuRefawmfqufjyD;awmhoD;jcm;pDSdaewJNetwork
h (2)ckudkxyfrHazmfjyvdkuf
ygw,f/ 'Dxufyjkd y;D em;vnfomG ;apcsiv
f yYkd g/
yHk 1.9
yHk 1.10
yHrk mS jyxm;wJt
h wdik ;f oD;jcm;pD&adS ewJNetwork
h (2)ckjzpfwNetwork
hJ A ESiNetwork
hf B
ukduRefawmfwdkYawGuRouter wpfvHk;udktoHk;jyKNyD;Internetwork csw d q f ufjyxm;ygw,f/'gaMumifh
vnf;uRefawmfutxufrSmRouter awGuInternetwork awGjzpfatmifzefw;D ay;Edik w f ,fvYkd
azmfjycJw
h myJjzpfygw,f/'DawmhuReaf wmfwaYdk wGox d m;&rSmuInternetwork vdkYajymvdkufwmeJYtJh'D
Product of YOUTH
- 19 -
Internetwork qdw
k mLAN (Local Area Network) 'grrS [kwWAN
f (Wide Area Network)
yJjzpfjzpfueG &f uf(Network) [mwpfckxufrucsdwfqufxm;EkdifwmudInternetworking
k vdo
Yk x
d m;&
rSmyJjzpfygw,f/Internetwork twGucf sw d qf ufz&Ykd eftoH;k jyK&r,fhDevice awGuawmhSwitch,
Hub ESiBridge
hf tpSwd Device
hJ awGudktoHk;jyK&rSmyJjzpfygw,f/atmufrSmSwitch, Hub ESihf
Bridge wdkYudktoHk;jyKNyD;Internetworking csdwfqufxm;yHkudkazmfjyay;xm;ygw,f/
yHk 1.11
yHk 1.12
yHk 1.13
Product of YOUTH
- 21 -
1/ BudK; eHygwf 1 u BudK;eHygwf 8 udkoGm;r,f/
2/ BudK; eHygwf 2 u BudK;eHygwf 7 udkoGm;r,f/
3/ BudK; eHygwf 3 u BudK;eHygwf 6 udkoGm;r,f/
4/ BudK; eHygwf 4 u BudK;eHygwf 5 udkoGm;r,f/
5/ BudK; eHygwf 5 u BudK;eHygwf 4 udkoGm;r,f/
6/ BudK; eHygwf 6 u BudK;eHygwf 3 udkoGm;r,f/
7/ BudK; eHygwf 7 u BudK;eHygwf 2 udkoGm;r,f/
8/ BudK; eHygwf 8 u BudK;eHygwf 1 udkoGm;r,f/
Product of YOUTH
- 23 -
PA R T 1
Introduction
1/ Routing
2/ Switching
3/ Telecommunication
4/ Intenetworking qdw
k 0ef
hJ aqmifraI wGyjJ zpfMuygw,f/
Product of YOUTH
- 25 -
yHk 2.1
R IOS qdw
aomtpdwt
k mRouter ESiSwitch
jzpfygw,f/Kernel qdw
ESiInterface
hf
hf trsm;pk&JUKernel yJ
k mOperating System &JUrSrd jzpf
f ydik ;f wpfcjk zpfNy;D ol[mqd&k ifjzifHardware
h
jyKvyk jf cif;?Security ydkif;qdkif&mwdkYuLow
dk
Level enf;jzifManage
h vkyjf cif;jzpfygw,f/
uJuReaf wmfwoif
Ykd cef;pm1rSmPacket Tracer udkInstall vkyjf ycJw
h ,f/'Dawmh
yHk 2.2
yHk 2.4
yHk 2.5
Product of YOUTH
- 29 -
'DvMode
kd awGrSmrdrdub,fvdkConfiguration vkycf sio f vJqw kd may:rw l nfjy;D Mode awGudk
a&G;cs,&f rSmjzpfygw,f/
uJ..Cisco Router awG?Switch awGrSmyg0ifwMode Jh awGupkd wif&iS ;f jyay;ygrh ,f/
yxrOD;qHk;Mode uawmhJ' Donuts Mode tJav..a,mifv[k Ykd wyf gjy/D ,ckCisco Router
awG?Switch awGrSmyg0ifwModeJh tm;vH;k pkpak ygi;f(5)ck&ydS gw,f/'gawGuawmhAsm-
'guawmh'kw, d Mode wpfcyk gy/J if; Mode rSmCisco Router eJSwitch h awGudk
0ifa&mufjyifqifEikd w
f Command
hJ awGyg0ifygw,f/'gayr,f'Dh Mode rSmawmhIOS qdkwSys- Jh
tem wpfcv k ;kH ud0if
k a&mufjyifqifEidk zf &Ykd eftwGuaf wmhCommand wcsKd rY yg0ifao;ygb;l /
tJ.aemufq;kH yg0ifwMode
hJ uawmhSetup Mode yJjzpfygw,f/if;Mode [m
Configuration Dialog Box awGetj
YJ yeftvSeq
f ufo,
G af y;jcif;udqd
k v
k ykd gw,f/
uJ.tckuRefawmfwCisco
dkY Router eJSwitch
Y awGrSmyg0ifwMode
Jh awGudkod&SdoGm;
jyaD emf/tckMode wpfcck si;f pD&hJPrompt wpfcck si;f pDuakd zmfjyay;ygrh ,f/qdvk wkd mu'DPrompt
[mb,fMode udak &muf&adS ejyv D q
J w
kd mayg/h jyefajymjyr,faemf/Prompt udkMunfhNyD;awmhudk,f
b,fMode udak &mufaeovJqw kd modEikd yf gw,f/'DawmhckeuajymcJwh Mode
hJ 5ckxuJ ta&;Bu;D
wJPrompt
h 3ckupwif
kd Si;f jyygawmhr,f/
yHk 2.6
2/ Privileged Mode
Product of YOUTH
- 31 -
Router> enable
Router#
yHk 2.7
Router#configure terminal
Router(config)#
yHk 2.8
tckuReaf wmfwRouter
Ykd udPhysically
k t&b,fvckd sw d qf ufrvJ? [kwfNyD..pjyD;avhvm
Mu&atmifaemf/'DvAkd s/yxrOD;qH;k Router awGupkd wifrcsw d q f ufcifCisco uaeRouter awGudk
Series tvdu k xf wk x
f m;wJt
h aMumif;udajk ymjycsiyf gao;w,f/bmjzpfvv Ykd nf;qdak wmhrwlnw
D hJ
Router Series awGtay:rw l nfjy;D if;rSmyg0ifwInterface
hJ awGuvnf;uGJjym;oGm;ygw,f/
jyefajymjyr,faemf/Cisco urwlnDwJhRouter awGudkSeries tvdu k xf w k v
f yk x
f m;wmjzpfygw,f/
tJoh vdSeries
k rwlnDawmhwmeJYolwdkYawG&JUInterface uvnf;rwlawmhygb;l /tck'aD e&mrSm
Cisco &J2600 h Series xJuRouter &JInterface h ud&k iS ;f jyay;ygrh ,f/tJ..if;2600 Series
Router awGuCisco uxkwfwJhModular Router awGyjJ zpfygw,f/'D2600 Series xJu2621
Series Router &Jh Interface ud& k iS ;f jyay;ygrh ,f/bmjzpfv'DYkd 2621 Router udk iS ;f jy&ovJqakd wmh
olutoHk;vnf;rsm;w,faemufNyD;Modular Router jzpfwJhtwGufvkdtyf&ifCards awG
pdu
k of ;kH vdv Yk nf;&wJt
h wGuaf Mumifrh v Ykd yYkd g/
yHk 2.9
(6)
yHk 2.10
1/ yxrtqift
h aeeJYUser Mode uaeenable Command udktoHk;jyKPrivileged Mode
Road to CCNA (Exam 640-802)
- 34 -
udo
k mG ;ay;yg/
3/ aemufq;kH taeeJinterface
Y fastethernet 0/0 udk&dkufxnfhyguRouter &JFastEthernet
h
Port twGi;f ud0ifk a&mufomG ;ygvrd rhf ,f/'Dae&mrSminterface qdw k mCommand wpfcjk zpfNy;D
fastethernet 0/0 qdw k mRouter &JUFastethernet Port ESpcf t k xJuyxrPort udq k vkd ckd siw
f mjzpf
ygw,f/yH2.9k ud&nf
k neT ;f Ny;D ajymwmyg/tJ'h rD mS Fastethernet Port ESpcf k wdS ,fav/tu,frsm;
oifu'kw, d Port udoGk m;csiw f ,fq&kd ifb,fvkd u
kd rf vJ/interface fastethernet 0/1 vdkYdkufrSm
ayg/h tdak uaemf em;vnfNyv D xYkd ifygw,f/
4/ 'Dae&mrSmrnfonfInterface
h rsdK;udkrqdkoGm;csifyguif;Interface qdkwCommand
Jh
udktoHk;jyKjyD;0ifa&mufEdkifygw,f/uJaumif;NyD'DawmhInterface udkb,fvdkoGm;&rvJqdkwmudkyJ
uReaf wmfajymjy&ao;wmyg/ tJ'h rD mS vky&f r,fh vkyaf qmifcsuaf wGukd rSi;f jy&ao;ygb;l /
yHk 2.11
Product of YOUTH
- 35 -
2.8 Mode wpfcck si;f pD Command rsm;Munfjh cif;
yHk 2.12
yHk 2.13
yHk 2.14
yHk 2.16
yHk 2.17
yHk 2.18
yHk 2.19
yH2.20
k onfHardware ydkif;udkazmfjyxm;wJhyHkjzpfygw,f/
yHk 2.20
Product of YOUTH
- 39 -
'Dae&mrSmshow version qdkwCommand Jh [mSoftware, Boot Image ESiHardware hf
ydik ;f qdNk y;D tydik ;f 3 ydik ;f ygw
dS mudk odapcsiyf gaomaMumifh tckvkd wpfyikd ;f csi;f pDukd yHw
k pfyjkH zifh cGx
J w
k f
jyoay;cJw h mjzpfygw,f/
2.11 rdrt
d oH;k jyKr,fh Router ESihf Switch rsm;tm;emrnfay;jcif;
yHk 2.21
2/ if;rSwqifhostname
h qdo
k nfCommand
h tm;toHk;jyKrdrdajymif;csifwJhemrnftm;
&du
kd x
f nfEh ikd yf gw,f/'Dae&mrSmhostname qdo k nfCommand
h tm;toHk;jyKRouter1 vdeYk mrnfay;cJh
ygw,faemf/
yHk 2.22
1/ enable secret
2) enable password qdkwCommand
Jh ESpcf u
k toH
kd ;k jyK owfrw
S af y;Edik yf gw,f/
yHk 2.23
Product of YOUTH
- 41 -
yHkrSmuRefawmfwdkYPrivileged Mode udk0ifa&muf7eftwGuenable f vdkYdkufvdkufwmeJY
t&ifqwpf
kd cgwnf;0ifomG ;aomfjim;vnf;tckwpfcgrmS awmhPassword qdjk y;D vmawmif;ygw,f/
'Dae&mrSmuRefawmfwdkYzeffwD;ay;xm;wJcisco
h qdkwJhpmvHk;udk&dkufxnfhjyD;rSSPrivileged Mode udk
a&muf&EdS ikd rf mS jzpfygw,f/
uJ..tckuReaf wmfwPrivileged
Ykd Mode twGufPassword udkb,fvdkzeffwD;&rvJqdkwm
odomG ;jyadD emf/'Dvykd Password
J zefwD;&mrSmenable secret Command eJYenable password
Command udtoH k ;k jyKjcif;udv k nf;em;vnfomG ;NyaD emf/[kwNf y/D ,ckif;Command ESpcf u
k Ekd idI ;f ,SOf
jyyghr,f/ atmuffrSmazmfjyay;xm;wJhyHkudk MunfhEdkifygw,f/
yHk 2.24
yHk 2.25
Product of YOUTH
- 43 -
uJ..tckaemufxyfpw d 0f ifpm;p&mCommand wpfcu
k &Skd i;f jyay;ygrh ,f/uReaf wmfwv
Ykd uf&dS
toHk;jyKaewJRouter
h awG?Switch awG&JConfiguration
h awGujkd yefMunfzh v Ykd w
kd ,fav/tckuReaf wmf
wdkY wpfzufrSmazmfjyxm;wJhyHkudkMunfhyg/
yHk 2.26
yHk 2.27
Password du
k x
f nf&h ef
Interface udppf
k aq;jcif;qdw
k muif;Interface ESiyhf wfoufaewJIP
h Address, Subnet
Mask pwJtaM
h umif;t&mrsm;udMk unfh jI cif;yifjzpfygw,f/tck'aD e&mrSmRouter &JUInterface
awGukd b,fvpkd pfaq;MurvJaygah emf/ [kwjf yaD emf/ atmufrmS azmfjyxm;aomyHu
k Mkd unfyh gO;D /
yHk 2.28
if;yHkrSmFastEthernet &JInterface
h wpfcyk MJ unfwh mjzpfaomaMumif'Dh ae&mrSmFastEthernet
Interface ESifhywfoufNyD;yJazmfjyay;wmjzpfygw,f/tu,frsm;Router rSmSdorQInterface
awGuwpfkd cck si;f azmfjyay;apcsi&f ifshow ip interface qdkwCommand Jh udktoHk;jyKygw,f/
qdkvdkwmushow ip interface command &JUaemufrSmfastethernet 0/0 vdkYdkufxnfhvdkufwm
jzpfygaomaMumif'Dh ae&mrSmfastethernet 0/0 ESifhoufqdkifwmudkyJjyay;wmjzpfNyD;show ip
interface vdy Yk dJ u
k &f ifawmhb,fou
Yl Mkd unfrh ,fqw kd mrygawmhb;l /'gaMumifhRouter rSmSdorQ
Inteface awGtukefay:vmrSmjzpfygw,f/aemufxyfyHkudkqufvufavhvmMunfhyg/
LogoutESiExit
hf Command qdkwmuRefawmfwdkYvufSdtoHk;jyKaewJRouter h awGxJu
Mode wpfcck si;f pDuaejyefxuG cf si&f ifoH;k wmjzpfygw,f/OyrmPrivileged Mode uaeUser
Mode udjk yefxu
G cf siyf guLogout odkYr[kwExit f udtoH
k ;k jyKEikd yf gw,f/
Product of YOUTH
- 49 -
PA R T 1
Introduction
uJtckRouter twGif;rSmyg0ifwJhtpdwftydkif;rsm;udkpjyD;avhvmMuwmayghaemf/
Components Description
yHk 3.1
Product of YOUTH
- 53 -
3.2 Router Boot Sequence taMumif;
2/ 'kw,
d wpfcsurf mS awmhCisco IOS udpwif k &mS azGz&Ydk efeLoad
YJ vkyf&eftwGuBootstrap
f
qdkwProgram
Jh uvkyaf qmifay;ygw,f/tJif;Bootstrap qdkwProgram Jh u(ROM) xJrSm
yg0ifygw,f/yHrk eS t
f m;jzifah wmhAsmCisco IOS uRouter xJuFlash MemoryrSmyJodrf;ay;ygw,f/
yHk 3.2
tckuReaf wmfwCisco
Ydk IOS udkBackup vkyfzkdY&mvdktyfwJhtaMumif;t&mudkazmfjyay;ygh
r,f/'Dae&mrSmtckuReaf wmfwvuf
Ykd &tdS oH;k jyKaewJhCisco IOS udkBackup/Restore awGvkyfay;
vk&dY w,fAs/bmjzpfvIOS
Ykd udkBackup vkyf&ovJqdk&iftaMumif;trsdK;rsdK;aMumifhIOS uysufoGm;
Product of YOUTH
- 55 -
cJ&h ifjyefRestore vkyEf ikd af tmifBackup vkyw f mjzpfygw,f/tJ'v
D rkd sK;d Backup eJRestore
Y awG
pwif rjyKvyk af o;cif od&r,fh tcsut f vufav;awG Sad o;w,fAs/ 'gawGukd ajymjyay;ygrh ,f/
if;tcsut f vufawGeud YJ u k n
f rD o
S mIOS ukdBackup eJRestore
Y vkyv
f &yg
Ykd w,f/if;wdrYk mS -
(2) eJif
Router Y ;TFTP Server tMum;qufoG,ftoHk;jyKrnfCable
h Type onfEthernet
Crossover Cable jzpf&ygr,f/
yHk 3.3
R 'Doifcef;pmuawmhuReaf wmfwYkdtaeeJYoDt&kd t
ay;Edik yf gw,f/ bmvdv
D &yJajymjy
Yk nf;qdak wmh jyKvyk jf yzd&Yk m tcuf
tcJuTFTP Server aMumifjh zpfygw,f/'gaMumifol
ywfoufwJh oDtdk&Dav;yJzwfNyD;auseyfay;yg/
h eYJ
yHk 3.5
tck'Dae&mrSmRouter ay:rSm&SdwConfiguration
Jh awGudkTFTP Server ay:oYkdCopy
ul;jcif;udazmf
k jyay;ygrh ,f/'DvAkd suReaf wmfwIOS Ykd udkBackup ( okdYr[kwf) Restore vky&f ef
TFTP Server udktoHk;jyKMuygw,f/'DvdkyRunning J jzpfaewJConfiguration
h awGudkvnf;Copy
ul;Edik yf gw,faemf/
uJRunning jzpfaewJConfiguration
h awGudkTFTP Server ay:oYkdBackup vkyfNyD;oumv
vdt
k yfwt
hJ csed u
f s&ifRestore jyefvyk zf vk
Ydk v
d mjy/D 'DvkdRestore jyefvyk w
f t
hJ cgus&ifb,fvkd
Command udktokH;jyKMurvJ/[kwfjyDaemf/
1/ tJRestore jyefvyk w
f t
hJ csed u
f s&ifyxrOD;qH;k Privileged Mode udkoGm;ay;yg/if;Mode
uaewpfqifcopy
h tftp running-config qdkwCommand
Jh udtoH
k ;k jyKygw,f/if;Command
[mTFTP Server ay:uaeRunning Configuration awGudkRouter ay:ojYkd yefvnfCopy ul;xnhf
ay;wmjzpfygw,f/
Road to CCNA (Exam 640-802)
- 58 -
3.8 Network Connectivity rsm;udk Check vkyjf cif;ESih f
Trouble Shoot jyKvyk jf cif;
tck'Doifcef;pmrSmPing qdkwCommand
Jh udoH
k ;k Munh&f atmifaemf/tJ'aD e&mrSmCisco
IOS &JUPing udavh
k vmMunh&f atmifaemf/if;Ping Command [mCisco Route &JUSwitch awG
rSmUser Mode aum?Privileged Mode rSmygtoH;k jyKv&Ed
Ykd ik yf gw,f/
yHk 3.6
2/ Traceroute udtoH
k ;k jyKjcif;
yHk 3.7
yHk 3.8
Product of YOUTH
- 61 -
tckuReaf wmfwaYkd wG[mCDP udktoHk;jyKNyD;Internetwork xJrmS Sad ewJCisco
h Device
awG&UJ tcsut
f vufawGuMkd unfrh ,fq&kd iftoH;k jyK&r,fhCommand uawmh" show cdp "
Command udktoHk;jyK&rSmyJjzpfygw,/fatmufrSmuRefawmfCommand udktoHk;jyK&r,fhyHkpHudk
azmfjyay;xm;ygw,f/
yHk 3.9
yHk 3.10
yHk 3.11
yHk 3.12
Product of YOUTH
- 63 -
tckuReaf wmfCDP udkb,fvdkrsdK;toHk;jyK&rvJqdkwmudkazmfjyNyD;oGm;ygNyD/'gayod
uRefawmfwdkYuCDP udtoHk ;k rjyKcsib
f ;l /ydwcf siw
f ,fqd&k ifawmhtoH;k jyK&r,fCommand
h u
" no cdp run " qdkwCommand
Jh yJjzpfygw,f/if;Command udktoHk;jyKr,fqdk&ifawmhuRefawmfwdkY
odxm;&rSmuCisco Device xJrmS ygadS ewJCDP h Protocol udktvkyfrvkyfEdkifatmifydwfxm;
vdkufwmyJjzpfygw,f/uRefawmfatmufrSmCommand toHk;jyKyHkudkazmfjyay;xm;ygw,f/
yHk 3.13
yHk 3.14
Product of YOUTH
- 65 -
uJ..Router awGb,fvdktvkyfvkyfovJwJh..aygufwl;xrf;NyD;tvkyfvkyfMuwmaygh/
tJava,mifvaYkd emf..Router awGb,fvt kd vkyvf yk o
f vJq&kd ifRouting vkyif ef;pOfawGuajkd z
Sif;ay;&eftwGuftvkyfvkyfMuwmayghAsm/Router awGuRouting vkyif ef;pOfawGub,f kd vykd pkH eH YJ
ajzSi;f ay;ovJq&kd ifRouter awGrSmRouting ydik ;f awGuajkd zSi;f ay;zd&Yk efolw&Ykd UJ uk, d yf ikd fIOS
(Inter-Network Operation System) ygy dS gw,f/tJ'Inter-
D Network Operation System BuD;
uRouting vkyif ef;pOfBu;D udajk zSi;f ay;ygw,f/
Routing qdw k vk
hJ yif ef;pOfrmS tvkyv f yk w
f yHhJ pk u
H t
kd ydik ;f (2)ydik ;f jzifcGh jJ cm;MunfEh ikd yf gw,f/
tJ'guawmhRouted Protocol udktoHk;jyKNyD;Routing vkyif ef;pOfuvk kd yjf cif;ESiRoutinghf Protocol
udktoHk;jyKNyD;Routing vkyif ef;pOfuvk kd yjf cif;wdjYk zpfygw,f/Routed Protocol awGuawmhOyrm
taeeJaY jym&&ifIPv4 ESiIPv6 hf jzpfygw,f/Routing Protocol uawmhRIP, EIGRP ESiOSPF hf wdkY
jzpfygw,f/aemufNy;D Router awG[mComputers or Host awGNetwork rdwmrrdwmudkolu*k
rpdkufbl;/ol*kpdkufNyD;vkyfaqmifay;wmuNetwork awGwpfcek w YJ pfcNetwork
k rdatmifcsw d q f uf
ay;Edik zf u Ykd ykd vk
J yaf qmifay;wmjzpfygw,f/'gaMumifuR h eaf wmfwaYkd wG[mNetwork awGwpfcek w YJ pfck
csw
d q f ufawmhr,fqw kd meJYRouter awGudktoHk;jyKNyD;csdwfquf&wmjzpfygw,f/
Router awG[mrdrdvufcH&SdvmwJData h Packet awGudkoufqdkif&mvrf;aMumif;ay:odkY
Forward vkyfay;ygw,f/ aemufNyD;Data Packet awGomG ;zd& Yk eftwdq k ;kH eJtj
Y refq;kH vrf;aMumif;
awGuv kd nf;SmazGwu G cf suaf y;ygw,f/tJ'v D kdRouting vkyif ef;pOfBu;D jzpfwData hJ Packet awGudk
Forward vkyjf cif;?Data Packet awGoGm;zkdY&eftjrefqHk;eJYtwdkqHk;vrf;aMumif;awGudkwGufcsufay;
&wmuawmhRouter xJrSmyg&SdwJhIOS(Internetwork Operation System)BuD;uvkyfaqmifay;
wmjzpfygw,f/'gaMumifv h nf;Router udkOSI Model xJuLayer 3 Device wpfct k jzpfodadS e
Muwmjzpfygw,f/IP Network rSmqd&k ifRouting vkyif ef;pOfawG[mIP Routing Tables udkMunhfjyD;
Road to CCNA (Exam 640-802)
- 68 -
tvkyv f yk yf gw,f/IP jzifNetwork
h csdwfqufxm;wJComputers
h or Hosts awGtm;vHk;[mvnf;
IP Routing Table eJy Y tvk
J yv f yk Mf uygw,f/Routing Table qdkwmuawmhInter-network awG&JU
Map (ajryH)k yJjzpfygw,f/if;Routing Table onfRemote Netowrk udkb,fvdk&Sm&r,fqdkwmudk
azmfjyay;w,f/IP Packet awGb,fuaeb,foo Ydk mG ;&r,fqw kd mudazmf
k jyay;xm;ygw,f/'gaMumifh
uRefawmfwdkYawGIP Routing Table uktoH d ;k jyK&jcif;onfData Packet awGudkForward vkyfay;zkdY
&eftwGutoH f ;k jyKwmyJjzpfygw,f/tJ'v D Forward
kd vkyfay;vkdufwJhData Packet udktjcm;
Router or Host wdu Yk vufc&H &Syd gw,f/aemufjy;D Router awG[mData Packet awGudkwpfae&mrS
wpfae&modForward
Yk vky&f mwGiDestination
f Address udy k MJ unhjf y;D ydaYk qmifay;ygw,f/'gaMumifh
Router awGonfData Packet awG&JUDestination Address uky d zwf
J ygw,f/uJ...'Davmufq&kd if
Router awG&JUtvkyfvkyfyHkudkem;vnfavmufNyDvdkYxifygw,f/
yHk 4.1
yHk 4.2
yHkrSmjyxm;wJhtwdkif;uRefawmfwdkUawG[mRouterudktoHk;csNyDf;Network csdwfqufvdkufwJh
twGufaMumifhNetwork A eJU Network B [mbmaMumifhNetwork csw d rf ad e&wmvJq&kd if
Router onf Network A odkUr[kwf Network B rSydkUvdkufwDeta Jh Packet awGudkDertination
Network qDodkU Forward vkyfay;vdkufvdkUNetwork rdomG ;&jcif;yJjzpfygw,f/
atmufrSmuRefawmfNetwork A eJUNetwork B udRouter k rScd ifNetwork csw d q
f uf
vdkUr&wJhyHkeRouter
JY udktoHk;csNyD;Network csw d q f ufv&Ykd wJyh u kH Oyrm
kd taeeJ, Y OS Nf y;D qGjJ yay;xm;
ygw,f/ aoaocsmcsmav; *&kpu kd Nf y;D Munfv
h ukd yf gO;D aemf/
Product of YOUTH
- 71 -
yHk 4.3
uJ..b,fvv kd Router
J udkuRefawmfwdkUawGb,fvdkae&mrsKd;rSmtoHk;cs&r,fqdkwmudkem;vnf
oGm;NyDvm;/'gqdk&ifqufNyD;awmhuRefawmfatmufrSm Router wpfvHk;udktoHk;jyKNyD;Network
trsm;BuD; csdwfqufxm;yHkudk azmfjyay;xm;ygw,f /
aumif;NyD'Davmufqdk&ifuRefawmfwdkUawG[mRouter qdkwmudkb,fvdkae&mrsKd;rSmtoHk;cs
&r,fqw kd mudem;vnf
k oabmayguNf yv D Ukd xifygw,f/'gaMumifu h Reaf wmf Router awGudkb,fvkd
ae&mrsKd;rSm toHk;csrvJqdkwmudk 'DrSmyJ tqHk;owfvdkufygr,f/
But.. vQmSnwf ,fvUkd awmhrxifvu kd yf geaYJ emf...xyfNy;D owday;csiv f yYkd g/Router udt
k oH;k cs
r,fah e&mu Network awGtrsm;Mu;D ukwpf d cek w YJ pfcrdk atmifcswd q
f uf&rJah e&mrSmtoH;k cs&
r,fqw kd mudk owdxyfay;csiv f yYkd g . . . 'gygyaJ emf/
Product of YOUTH
- 73 -
yHk 4.5
yHk 4.6
yHk 4.7
yHk 4.8
Product of YOUTH
- 77 -
NyDvkYdxifygw,f/uRefawmfwkdYodxm;&rSmuModular Router ESiFixed
hf Router wkdY&JUt"duuGm
jcm;csufawGuawmhModular Card awGxyfrHpdkufoGif;NyD;toHk;jyKvkdY&wmeJYtoHk;jyKvdkYr&wmyJ
jzpfygw,f/
Product of YOUTH
- 79 -
Core Layer -High Data Transfer Rate
-High Network Fault Tolerance
yHk 4.9
Product of YOUTH
- 81 -
tckq&kd ifWindows rSm&SdwJhRouting Table yHu k awG
kd Uz;l jyaD yg/h 'gq&dk ifRouting Table BuD;
udavh
k vmMunh&f atmif/tckjrifae&wmawGuRouter awG[mrdrq d 0ifD vmr,fPacket h awG
udktjcm;IP Node wpfcpk oD Forward
Ydk vkyfay;r,fhRoute qdkwJhvrf;aMumif;awGudkawGUae&wm
jzpfygw,f/
Routing Table xJrSm&SdwRoute
Jh awGucGkd jJ cm;r,fq&dk iftydik ;f (3)ydik ;f eJcGY jJ cm;vd&yg
Yk w,f/
tJ'Route
D awGuawmh-
aumif;jy.D .'Dvq
kd &dk ifuReaf wmftJ'Route
D awGub,f
kd vrdk sK;d eJcGY jJ cm;vd&Yk w,fqw
kd mjyygr,f/
atmufrSmjyxm;wJhRouting Table yHkudkMunhfyg/
yHk 4.10
yHk 4.11
yHk 4.13
Example-
Router(config)#ip route 192.168.0.0 255.255.255.0 10.10.10.1
yHk 4.14
tckuRefawmfazmfjyxm;wJhyHktwdkif;Router A eJRouting
Y Table xJrSmDestination
Product of YOUTH
- 85 -
Network Address ESiNext
hf Hop (Gateway), Router B &JURouting Table xJrmS vnf;Destina-
tion Network Address ESiNext
hf Hop (Gateway) wduYk xyf
kd jznhaf y;vku
d rf ,fq&kd ifNetwork A
ESiNetwork
hf B [mNetwork rdoGm;rSmjzpfygw,f/bmaMumifNetwork
h rdoGm;&wmvJqdkwmudk
qufvufMunhMf u&atmif/
yHk 4.15
Product of YOUTH
- 87 -
yHk 5.1
Product of YOUTH
- 91 -
Network A &JUHost A Computer
IP:192.168.0.2
Mask:255.255.255.0
DG:192.168.0.1
Router A
Fastethernet 0/0 IP: 192.168.0.1
Mask:255.255.255.0
Fastethernet 0/1 IP: 192.168.10.1
Mask:255.255.255.0
Fastethernet 0/2 IP: 192.168.20.1
Mask:255.255.255.0
uRefawmftckazmfjyay;xm;wJDiagram
h twdkif;Router A eJNetwork
Y A, Network B,
Network C wdkYudkNetwork rdoGm;atmifConfiguration vkyMf u&atmif/
Lab 1
Step (1)
Router>
Router>enable
Router#configure terminal
Router(config)#interface fastethernet 0/0
Router(config-if)#ip address 192.168.0.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit
Step (2)
Router(config)#interface fastethernet 0/1
Step (3)
Router(config)#interface fastethernet 0/2
Router(config-if)#ip address 192.168.20.1 255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit
Step (4)
Router(config)#exit
Router#show ip route
yHk 5.2
tckuRefawmfazmfjyay;xm;wJConfiguration
h twkid ;f qd&k ifNetwork A, Network B,
Network C qdkwNetwork
Jh (3)ck[mNetwork rdaeygjy/D Hosts Computers awG?Network rdrrd
Test vkycf si&f ifawmhping command ukdtoHk;jyKNyD;Test vkyEf ikd yf gw,f/aumif;Ny.D ..'gq&kd ifuReaf wmf
tckjyKvyk cf w
hJ Lab
hJ 1 &JUConfiguration ukd&Sif;jyay;yghr,f/
Step(1)
Router>
User exec mode jzpfygw,f/
Product of YOUTH
- 93 -
Router>enable
Router#
Privileged Exec mode jzpfygw,f/
Router#configure terminal
Router(config)#
Global Configuration Mode jzpfygw,f/
Router(config-if)#exit, Router(config)
rdrda&muf&SdaewJhConfiguration Mode xJuaejyefxu
G w
f mjzpfygw,f/
Step(2)
Router(config-if)#no shutdown
Cisco Router ESiCisco
hf Switch wkdYxufInterface rsm;udkDefault t&Shutdown
Road to CCNA (Exam 640-802)
- 94 -
vkyfxm;vdShutdown
kY rjzpfatmifvkyw
f mjzpfygw,f/
Router(config-if)#exit
Router(config)#
rdrda&muf&SdaewJConfiguration
h Mode xJuaejyefxu
G w
f mjzpfygw,f/
Setp(3)
Step(4)
Router(config)#exit
Router#show ip route
Router xJrSm&SdwRouting
Jh Table ukMd unhw
f mjzpfygw,f/
Network A Computer
IP: 192.168.0.2
Mask: 255.255.255.0
DG: 192.168.0.1
Network B Computer
IP: 192.168.20.2
Mask: 255.255.255.0
DG: 192.168.20.1
Router A
Ethernet 0/1 IP: 192.168.0.1
Mask: 255.255.255.0
Ethernet 0/0 IP: 192.168.10.1
Mask: 255.255.255.0
Router B
Ethernet 0/1 IP: 192.168.10.2
Mask: 255.255.255.0
Ethernet 0/0 IP: 192.168.20.1
Mask: 255.255.255.0
Step (1)
Router>
Router>enable
Router#configure terminal
Router(config)#interface ethernet 0/1
Router(config-if)#ip address 192.168.0.1 255.255.255.0
Router(config-if)#no shutdown
Router(config-if)#exit
Step (2)
Step (3)
Router(config)#exit
Router#show ip route
192.168.10.0/24 is driectly connected, to Ethernet 0/0
192.168.0.0/24 is directly connected, to Ethernet 0/1
Setp (4)
Network A eJNetwork
Y B (2)ckudkNetwork rrd&ao;wJhtaMumif;t&if;uawmhNet-
work A xJrSm&SdwJhHost Computer wpfvHk;uData Packet udkRouter qDoyd Ydk aYk qmifay;ygw,f/
Router A onfHost A Computer rSydkYvdkufwJhData Packet &JUDestination Address
udzwf
k ygw,f/Data Packet &JUDestination Address u192.168.20.0/24 jzpfygw,f/tJ't D cgrmS
Router A &JURouting Table xJwiG Desti:Address
f 192.168.20.0/24 ur&Sdbl;av/
'DawmhHost Computer uydkYvdkufwJhData udkRouter A uqufvufjyD;awmhFor-
ward rvkya f y;Edik af wmhwmjzpfygw,f/
aumif;jy'DD vqdk &kd ifuReaf wmfwaYkd wGNetwork A ESiNetwork
hf B (2)ckNetwork rdoGm;atmifvdkY
Router A ESiRouter
hf B wkdY&JURouting Table xJrSmxyfxnhfay;rSomNetwork rdomG ;rSmjzpfygw,f/
Router A
Router B
Product of YOUTH
- 99 -
tckuReaf wmfRouter A ESiRouter
hf B wkdY&JURouting Table xJudkip route command ukd
toHk;jyKNyD;Routing Path awGxyfxnhaf y;vku d w
f mjzpfygw,f/Network A xJuHost Com-
puter ESiNetwork
hf B xJuHost Computer Network rd?rrdukdPing Command jzifprf h ;yg/
Network rdoGm;wmudkawGU&ygvdrfhr,f/
aumif;Ny'gD q&dk ifuReaf wmfNetwork A ESiNetwork
hf B (2)ckNetwork rdomG ;&jcif;
taMumif;udk &Sif;jyay;ygr,f/
yHk 5.6
yHk 5.7
Product of YOUTH
- 101 -
Host Computer qDoForward
Ydk vkyfay;vkdfufygw,f/
yHk 5.8
yHk 5.9
Router A
#ip route 192.168.20.0 255.255.255.0 192.168.10.2
#ip route 192.168.30.0 255.255.255.0 192.168.20.2
Router B
#ip route 192.168.0.0 255.255.255.0 192.168.10.1
#ip route 192.168.30.0 255.255.255.0 192.168.20.2
yHk 5.11
Router C
#ip route 192.168.10.0 255.255.255.0 192.168.20.1
#ip route 192.168.0.0 255.255.255.0 192.168.10.1
Product of YOUTH
- 103 -
yHk 5.12
Router>
Router>enable
Router#configure terminal
Router( config)#hostname Router A
RouterA(config)#enable secret cisco
RouterA(config)#interface ethernet 0/0
RouterA(config-if)#ip address 192.168.0.1 255.255.255.0
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#interface ethernet 0/1
RouterA(config-if)#ip address 192.168.10.1 255.255.255.0
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#ip route 192.168.20.0 255.255.255.0 192.168.10.2
RouterA(config)#ip route 192.168.30.0 255.255.255.0 192.168.20.2
RouterA(config)#exit
RouterA#show ip route
Router>
Router>enable
Router#configure terminal
Router(config)#hostname Router B
RouterB(config)#enable secrect cisco
RouterB(config)#interface ethernet 0/0
RouterB(config-if)#ip address 192.168.10.2 255.255.255.0
RouterB(config-if)#no shutdown
RouterB(config-if)#exit
RouterB(config)#interface ethernet 0/1
RouterB(config-if)#ip address 192.168.20.1 255.255.255.0
RouterB(config-if)#no shutdown
RouterB(config-if)#exit
RouterB(config)#ip route 192.168.0.0 255.255.255.0 192.168.10.1
RouterB(config)#ip route 192.168.30.0 255.255.255.0 192.168.20.2
RouterB(config)#exit
RouterB#show ip route
Router>
Router>enable
Router#configure terminal
Router(config)#hostname Router C
RouterC(config)#enable secret cisco
Product of YOUTH
- 105 -
RouterC(config)#interface ethernet 0/0
RouterC(config-if)#ip address 192.168.20.2 255.255.255.0
RouterC(config-if)#no shutdown
RouterC(config-if)#exit
RouterC(config)#interface ethernet 0/1
RouterC(config-if)#ip address 192.168.30.1 255.255.255.0
RouterC(config-if)#no shutdown
RouterC(config-if)#exit
RouterC(config)#ip route 192.168.0.1 255.255.255.0 192.168.10.1
RouterC(config)#ip route 192.168.0.0 255.255.255.0 192.168.10.1
RouterC(config)#exit
RouterC#show ip route
Router>
Router>enable
Router#configure terminal
Router(config)#hostname Router A
RouterA(config)#enable secret cisco
RouterA(config)#interface ethernet 0/0
RouterA(config-if)#ip address 192.168.0.1 255.255.255.0
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#interface serial 0/0
RouterA(config-if)#ip address 192.168.10.1 255.255.255.0
RouterA(config-if)#clock rate 64000
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#ip route 192.168.20.0 192.168.10.2
RouterA(config)#exit
RouterA#copy running-config startup-config
Router>
Router>enable
Router#configure terminal
Product of YOUTH
- 107 -
Router(config)#hostname Router B
RouterB(config)#enable secret cisco
RouterB(config)#interface ethernet 0/0
RouterB(config-if)#ip address 192.168.20.1 255.255.255.0
RouterB(config-if)#no shutdown
RouterB(config-if)#exit
RouterB(config)#interface serial 0/0
RouterB(config-if)#ip address 192.168.10.2 255.255.255.0
RouterB(config-if)#no shutdown
RouterB(config-if)#exit
RouterB(config)#ip route 192.168.0.0 255.255.255.0 192.168.10.1
RouterB(config)#no shutdown
RouterB(config)exit
RouterB#copy runnig-config startup-config
Router#show controllers
(or)
Router#show controllers serial 0/0
Router A
Fastethernet 0/0 IP: 192.168.0.1
Mask: 255.255.255.0
Serial 0/0 (DTE) IP: 10.10.10.1
Mask: 255.0.0.00
Serial 0/1 (DCE) IP: 20.20.20.1
Mask: 255.0.0.0
Router B
Fastethernet 0/0 IP: 192.168.10.1
Mask: 255.0.0.0
Serial 0/1 (DTE) IP: 30.30.30.1
Mask: 255.0.0.0
Serial 0/0 (DCE) IP: 10.10.10.2
Mask: 255.0.0.0
Product of YOUTH
- 109 -
Router C
Fastethernet 0/0 IP: 192.168.20.1
Mask: 255.255.255.0
Serial 0/0 (DTE) IP: 20.20.20.2
Mask: 255.0.0.0
Serial 0/1 (DCE) IP: 30.30.30.2
Mask: 255.0.0.0
Router>
Router>enable
Router#configure terminal
Router(config)#hostname Router A
RouterA(config)#enable secret cisco
RouterA(config)#interface fastethernet 0/0
RouterA(config-if)#ip address 192.168.0.1 255.255.255.0
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#interface serial 0/0
RouterA(config-if)#ip address 10.10.10.1 255.0.0.0
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#interface serial 0/1
RouterA(config-if)#ip address 20.20.20.1 255.0.0.0
RouterA(config-if)#clock rate 64000
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#ip route 192.168.10.0 255.255.255.0 10.10.10.2
RouterA(config)#ip route 30.30.30.0 255.0.0.0 10.10.10.2
RouterA(config)#ip route 192.168.20.0 255.255.255.0 30.30.30.2
RouterA(config)#ip route 20.20.20.0 255.0.0.0 30.30.30.2
RouterA(config)#exit
Router#copy running-config startup-config
(or)
RouterA#write memory
Router>
Router>enable
Router#configure terminal
Router(config)#hostname Router B
RouterB(config)#enable secret cisco
RouterB(config)#interface fastethernet 0/0
RouterB(config-if)#ip address 192.168.10.1 255.255.255.0
RouterB(config-if)#no shutdown
RouterB(config-if)#exit
RouterB(config)#interface serial 0/1
RouterB(config-if)#ip address 30.30.30.1 255.0.0.0
RouterB(config-if)#no shutdown
RouterB(config-if)#exit
RouterB(config)#interface serial 0/0
RouterB(config-if)#ip address 10.10.10.1 255.0.0.0
RouterB(config-if)#clock rate 64000
RouterB(config-if)#no shutdown
RouterB(config-if)#exit
RouterB(config)#ip route 192.168.20.0 255.255.255.0 30.30.30.2
RouterB(config)#ip route 20.20.20.0 255.0.0.0 30.30.30.2
RouterB(config)#ip route 192.168.0.0 255.255.255.0 20.20.20.1
RouterB(config)#ip route 10.10.10.0 255.0.0.0 20.20.20.1
RouterB(config)#exit
RouterB#copy running-config startup-config
Product of YOUTH
- 111 -
RouterC(config-if)#no shutdown
RouterC(config-if)#exit
RouterC(config)#interface serial 0/1
RouterC(config-if)#ip address 30.30.30.2 255.0.0.0
RouterC(config-if)#clock rate 64000
RouterC(config-if)#no shutdown
RouterC(config-if)#exit
RouterC(config)#ip route 192.168.0.0 255.255.255.0 20.20.20.1
RouterC(config)#ip route 10.10.10.0 255.0.0.0 20.20.20.1
RouterC(config)#ip route 192.168.10.0 255.255.255.0 10.10.10.2
RouterC(config)#ip route 30.30.30.0 255.0.0.0 10.10.10.2
RouterC(config)#exit
RouterC#copy running-config startup-config
Product of YOUTH
- 113 -
Connected Interface 0
Static Route 1
EIGRP 90
IGRP 100
OSPF 110
IS-IS 115
RIP 120
EGP 140
Unknown 255
(3) Hybird
tJ'v D cskd w
d q
f ufxm;wJRouter
h oHk;vHk;rSmRouter B ESiRouter
hf C &JUMum;rSmSdwJhLine
[mFail jzpfomG ;cJ&h ifRouting Loop tJ'DrSmpNyD;awmhjzpfay:ygw,f/atmufuyHkav;udkquf
Munfv
h u
kd yf g/
yHk 6.2
Product of YOUTH
- 119 -
Router A rSRouter C odData
Yk udTransmit
k vkyfvdkufwJhtcsdefrSmRouter B ESiRouter
hf
C uwpfv;kH ESiwhf pfv;kH tjyeftvSecsf w d q f ufxm;w,f/odaYk omfRouter B ESiRouter hf C Mum;
rSmSdwLimit
Jh uFail jzpfaewJhtwGufaMumifData h uRouter B qDojYkd yefvmw,f/jyefvmwJt h cgrmS
Router B uRouter C qDjyefomG ;zdu Yk ykd T
J e;f ygw,f/tJ't D cgrmS Routing Loop [mjzpfay:omG ;
ygw,f/bmtwGufaMumifhvJqdkawmhRouter A rSydkYvdkufwData Jh onfRouter B qDodkYa&mufwJh
tcgrmS tjcm;Link awGqo D jYkd yefoGm;&ef&nfeT ;f xm;wmrSw d twG
hJ uaf Mumiftckh vrkd sKd ;Rout-
ing Loop jzpfay:omG ;&jcif;yJjzpfygw,f/uRea f wmfwaYkd wGonfStatic Route rSmDefault Route
jzpfw0.0.0.0
hJ 0.0.0.0 udxnfk ah y;r,fq&kd ifRouting Loop rjzpfawmhygbl;/
3. Holddown Timer
yHk 6.3
Router>
Router#enable
Router#configure terminal
Router(config)#hostname RouterA
RouterA(config)#enable secret cisco
RouterA(config)#interface ethernet 0/0
RouterA(config-if)#ip address 192.168.0.1 255.255.255.0
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#interface serial 0/0
RouterA(config-if)#ip address 172.0.0.1 255.255.0.0
RouterA(config-if)#clock rate 64000
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#interface serial 0/1
RouterA(config-if)#ip address 172.20.0.2 255.255.0.0
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#router rip
RouterA(config-router)#network 192.168.0.0
RouterA(config-router)#network 172.0.0.0
RouterA(config-router)#network 172.20.0.0
RouterA(config-router)#exit
RouterA(config)#exit
RouterA#copy running-config startup-config
RouterA#show startup-config
Using 581 bytes
!
Version 12.2
no service password encryption
!
hostname RoutA
!
!
enable secret 5 $1$mERr$hx5rVt7rPNoS4WabXKX7m0
!
!
!
ip ssh version 1
Product of YOUTH
- 123 -
!
!
interface Fastethernet 0/0
ip address 192.168.0.1 255.255.255.0
duplex outo
speed outo
!
interface Fastethernet 0/1
no ip address
duplex auto
speed auto
shutdown
!
interface Serial 0/0
ip address 172.0.0.1 255.255.0.0
clock rate 64000
!
interface Serial 0/1
ip address 172.20.0.1 255.255.0.0
!
router rip
network 172.0.0.0
network 172.20.0.0
network 192.168.0.0
!
ip classless
!
!
!
Line Con 0
Line vty 0 4
Login
!
!
end
RouterA#
Router B udConfigure
k vkyyf kH
Router>
Router#enable
Road to CCNA (Exam 640-802)
- 124 -
Router#configure terminal
Router(config)#hostname RouterB
RouterB(config)#enable secret cisco
RouterB(config)#interface fastethernet 0/0
RouterB(config-if)#ip address 192.168.10.1 255.255.255.0
RouterB(config-if)#no shutdown
RouterB(config-if)#exit
RouterB(config)#interface serial 0/0
RouterB(config-if)#ip address 172.10.0.1 255.255.0.0
RouterB(config-if)#clock rate 64000
RouterB(config-if)#no shutdown
RouterB(config-if)#exit
RouterB(config)#interface serial 0/1
RouterB(config-if)#ip address 172.0.0.2 255.255.0.0
RouterB(config-if)#exit
RouterB(config)#router rip
RouterB(config-router)#network 192.168.10.0
RouterB(config-router)#network 172.0.0.0
RouterB(config-router)#network 172.10.0.0
RouterB(config-router)#exit
RouterB(config)#exit
RouterB#copy running-config startup-config
RouterB#show ip route
Router C udConfigure
k vkyyf kH
Router>
Router#enable
Router#configure terminal
Router(config)#hostname RouterC
RouterC(config)#enable secret cisco
RouterC(config)#interface fastethernet 0/0
RouterC(config-if)#ip address 192.168.20.1 255.255.255.0
RouterC(config-if)#no shutdown
RouterC(config-if)#exit
RouterC(config)#interface serial 0/0
RouterC(config-if)#ip address 172.20.0.1 255.255.0.0
RouterC(config-if)#clock rate 64000
RouterC(config-if)#no shutdown
RouterC(config-if)#exit
RouterC(config)#interface serial 0/1
Product of YOUTH
- 125 -
RouterC(config-if)#ip address 172.10.0.2 255.255.0.0
RouterC(config-if)#no shutdown
RouterC(config-if)#exit
RouterC(config)#router rip
RouterC(config-router)#network 192.168.20.0
RouterC(config-router)#network 172.10.0.0
RouterC(config-router)#network 172.20.0.0
RouterC(config-router)#exit
RouterC(config)#exit
RouterC(config)#do show ip route
RouterC(config)#exit
RouterC#copy running-config startup-config
Router A udConfigure
k vkyyf &SkH i;f vif;csuf
Router>
if;onfUser exec mode xJrmS jzpfygw,f/
Router>enable
Router#
if;onfPrivileged exec mode xJrmS jzpfygw,f/
Router#configure terminal
Router(config)
if;onfGlobal Configuration Mode xJrmS jzpfygw,f/
Router(config)#hostname RouterA
RouterA(config)#
if;onfrdr&d UJ Router twGufHostname owfrw
S af y;wmjzpfygw,f/
Example Router(config)#hostname [hostname]
RouterA(config-if)#exit
RouterA(config)#
if;onfrdrad &mufadS eaommode xJuaexGufwJhCommand jzpfygw,f/
Product of YOUTH
- 127 -
Example Router(config-if)#clock rate [clock rate number]
RouterA(config-if)#no shutdown
if;onfrdr&d UJ Interface udkShutdown rjzpfatmifvkyfwCommand
Jh jzpfygw,f/
RouterA(config-if)#exit
RouterA(config)#
if;onfrdrad &mufadS ewJMode
h xJuaejyefxu
G w
f hJCommand jzpfygw,f/
RouterA(config-if)#no shutdown
RouterA(config-if)#
if;command onfrdr0d ifa&mufxm;wJInterface
h udkShutdown rjzpfatmifvkyfwJh
Command jzpfygw,f/
RouterA(config-if)#exit
RouterA(config)#
if;Command onfrdrad &mufadS ewJMode
h xJuaejyefxu
G w
f hJCommand jzpfygw,f/
RouterA(config)#router rip
RouterA(config-router)#
if;Command onfDynamic Routing Protocol jzpfwRIP
hJ udktoHk;jyKr,fhCommand
Road to CCNA (Exam 640-802)
- 128 -
jzpfygw,f/
RouterA(config-router)#network 192.168.0.0
RouterA(config-router)#network 172.0.0.0
RouterA(config-router)#network 172.20.0.0
if;Command onfrdrdRouter &JUInterface rsm;eJYtwlcsdwfqufxm;wJNetwork
h IP
Address rsm;udkowfrSwfay;wmjzpfygw,f/
RouterA(config-router)#exit
RouterA(config)#exit
RouterA#
rdrda&muf&SdaewJMode
h xJuaejyefxu
G w
f mjzpfygw,f/
RouterA#write memory
(or)
RouterA#copy running-config startup-config
if;Command onfRAM xJrmS &Sad ewJRunning
h Configuration awGudkNVRAM
xJoCopy
Ydk ul;xnhw
f mjzpfygw,f/
Router B udConfiguration
k vkyyf &SkH i;f vif;csuf
Router>
Router>enable
Router#
if;Command onfUser exec mode xJrSPrivileged exec mode xJo0if
Ykd wmjzpfw,f/
Router#configure terminal
Router(config)#
if;Command onfPrivilege exec mode xJuaeGlobal Configuration Mode xJoYkd
Product of YOUTH
- 129 -
0ifwmjzpfw,f/
Router(config)#hostname RouterB
RouterB(config)#enable secret cisco
if;Command wGifyxrqHk;Command onfrdrRouter
d &JUhostname udkowfrSwfwJh
Command jzpfygw,f/'kw,
d Command onfrdrRouter
d ukvH
d jk cKH r&I adS tmifPassword ay;wm
jzpfygw,f/
RouterB(config)#router rip
RouterB(config-router)#network 192.168.10.0
RouterB(config-router)#network 172.10.0.0
RouterB(config-router)#network 172.0.0.0
RouterB(config-router)#exit
if;Command wGifyxrqHk;Command onfRIP Protocol udktoHk;jyKr,fhCom-
mand jzpfygw,f/'kw,
d ?wwd,?pwkwCommand
wdkYuawmhrdrRouter
d &JUInterface rsm;eJY
vma&mufcsdwfqufxm;wJNetwork
h IP Address awGudkowfrSwfay;wmjzpfygw,f/bmaMumifh
owfrSwfay;&wmvJqkdawmhuRefawmfwdkY[mRIP Protocol ukdtoHk;jyKxm;vdkYowfrSwfay;&wm
jzpfygw,f/
RouterB(config)#exit
RouterB#copy running config startup config
RouterB#show ip route
RouterB#show running-config
if;Command wGi'kf w,d Command onfRAM rSChanged rsm;udNVRAM
k xJoYkd
Copy ul;xnhw f mjzpfygw,f/wwd,Command onfIP Routing Table ukMd unhw
f mjzpfygw,f/
pwkwCommand uawmhrdrdRouter xJrSm&SdwRunning
Jh vkyfaewJConfiguration
h awGudk
Munhw
f m jzpfygw,f/
RouterC ukConfigure
d vkyyf &SkH i;f vif;csuf
Router>enable
Router#configure terminal
Router(config)#hostname RouterC
RouterC(config)#enable secret cisco
RouterC(config)#
if;Command wGi'kf w,
d Command uGlobal Configuration Mode xJo0if Ydk wm
jzpfygw,f/wwd,Command uawmhrdrdRouter udkhostname owfrw S af y;wmjzpfygw,f/
Product of YOUTH
- 131 -
pwkxCommand
uawmhrdrd&JURouter udvH
k jk cKH atmifPassword owfrw
S w
f mjzpfygw,f/
RouterC(config)#interface fastethernet 0/0
RouterC(config-if)#ip address 192.168.20.1 255.255.0.0
RouterC(config-if)#no shutdown
RouterC(config-if)#exit
if;Command wGifyxrqHk;Command ufastethernet 0/0 Interface xJoYdk
d Command uawmhfastethernet 0/0 ukdip address owfrSwfay;wJh
0ifa&mufwmjzpfygw,f/'kw,
Command yJjzpfygw,f/wwd,Command uawmhfastethernet 0/0 interface udkShutdown
rjzpfatmifvkyfwCommand
Jh jzpfygw,f/
RouterC(config)#interface serial 0/0
RouterC(config-if)#-ip address 172.20.0.1 255.255.0.0
RouterC(config-if)#clock rate 64000
RouterC(config-if)#no shutdown
RouterC(config-if)#exit
if;Command wGifyxrqHk;Command uSerial 0/0 Interface xJo0if
Ydk a&mufwm
jzpfygw,f/'kw,
d Command uawmhSerial 0/0 Interface ukdIP Address owfrSwfay;wJh
Command jzpfygw,f/wwd,Command uawmhSerial 0/0 Interface onfDCE Side jzpfvYdk
Clock Rate owfrSwfay;wJCommand
h jzpfygw,f/
RouterC(config)#router rip
RouterC(config-router)#network 192.168.20.0
RouterC(config-router)#network 172.10.0.0
RouterC(config-router)#network 172.20.0.0
RouterC(config-router)#exit
RouterC(config)#
if;Command wGifyxrqHk;Command uRIP Protocol ukdtoHk;jyKr,fhCommand
jzpfygw,f/'kw,
d ?wwd,?pwkwCommand
wkdYuawmhrdrRouter
d &JUInterface eJcsY w
d q
f ufxm;
wJhNetwork Address wkdYukdowfrSwfay;xm;wmjzpfygw,f/
RouterC(config)#do show ip route
yHk 6.4
Product of YOUTH
- 133 -
RIP v1 ESiRIP
hf v2 wd\
Yk uGmjcm;csuf
RIP v1 RIP v2
RouterA ukConfigure
d vkyyf kH
Router>
Router>enable
Router#configure terminal
Router(config)#hostname RouterA
RouterA(config)#interface ethernet 0/0
RouterA(config-if)#ip address 192.168.0.1 255.255.255.0
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#interface serial 0/0
RouterA(config-if)#ip address 172.0.0.1 255.255.0.0
RouterA(config-if)#clock rate 64000
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#interface serial 0/1
RotuerA(config-if)#ip address 172.20.0.0 255.255.0.0
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
tckavmufqkd&iftxufrSmazmfjyxm;wJCommand
h awGtaMumif;udkuRefawmfvnf;
&Si;f vif;Ny;D oGm;NyjD zpfvem;vnf
Ykd r,fvxif
Ykd ygw,f/'gaMumiftck
h uReaf wmfatmufrmS RIP v2 ukd
toHk;jyK&ef b,fvkd owfrSwf&r,fqdkwmudk azmfjyay;vkdufygw,f/
RouterA(config)#router rip
RouterA(config-router)#network 192.168.0.0
tckazmfjyxm;wJCommand
h xJrSmyxrqHk;Command onfRIP Protocol ukdtoHk;jyKwJh
Command jzpfygw,f/'kw, d ?wwd,?pwkwCommand
awGuawmhrdrdRouter &JUInterface
ukdvma&mufcsdwfqufxm;wJhNetwork Address awGudkowfrSwfay;xm;wmjzpfygw,f/aemufqHk;
Command wpfaMumif;jzpfwJh " RouterA(config-router)#version 2 " uawmhRIP
Protocol v2 udktoHk;jyKr,fvdkYowfrSwfay;wJhCommand jzpfygw,f/
Router>enable
Router#configure terminal
Router(config)#hostname RouterB
RouterB(config)#enable password cisco
RouterB(config)#interface ethernet 0/0
RouterB(config-if)#ip address 192.168.10.1 255.255.255.0
RouterB(config-if)#no shutdown
RouterB(config-if)#exit
RouterB(config)#interface serial 0/0
RouterB(config-if)#ip address 172.0.0.2 255.255.0.0
RouterB(config-if)#clock rate 64000
RouterB(config-if)#no shutdown
RouterB(config-if)#exit
RouterB(config)#interface serial 0/1
RouterB(config-if)#ip address 172.10.0.1 255.255.0.0
RouterB(config-if)#no shutdown
RouterB(config-if)#exit
RouterB(config)#router rip
RouterB(config-router)#network 192.168.10.0
RouterB(config-router)#network 172.10.0.0
RouterB(config-router)#network 172.0.0.0
RouterB(config-router)#version 2
RouterB(config-router)#exit
RouterB(config)#exit
RouterB#write memory (or) copy running config startup-config
Product of YOUTH
- 135 -
Router C ukdConfigure vkyyf kH
Router>enable
Router#configure terminal
Router(config)#hostname RouterC
RouterC(config)#enable secret cisco
RouterC(config)#interface ethernet 0/0
RouterC(config-if)#ip address 192.168.10.2 255.255.255.0
RouterC(config-if)#no shutdown
RouterC(config-if)#exit
RouterC(config)#interface serial 0/0
RouterC(config-if)#ip address 172.20.0.1 255.255.0.0
RouterC(config-if)#clock rate 64000
RouterC(config-if)#no shutdown
RouterC(config-if)#exit
RouterC(config)#interface serial 0/1
RouterC(config-if)#ip address 172.10.0.2 255.255.0.0
RouterC(config-if)#no shutdown
RouterC(config-if)#exit
RouterC(config)#router rip
RouterC(config-router)#network 192.168.20.0
RouterC(config-router)#network 172.20.0.0
RouterC(config-router)#network 172.10.0.0
RouterC(config-router)#version 2
RouterC(config-router)#exit
RouterC(config)do show ip route
RouterC(config)#exit
RouterC#copy running config startup-config
RouterC#
aumif;Nytck
D q&kd if" no network " command toHk;jyKyHkudkem;vnfavmufNyDvdkY
xifygw,f/'gaMumifuR h eaf wmfqufvufNy;D " no router rip " command toHk;jyKyHkudkazmfjyay;
vduk yf gw,f/ 'gayr,fh uReaf wmfwaYdk wG em;vnfxm;&rSm wpfc&k ydS gw,f/
tJ'guawmh" no router rip " command ESi"hf no network " command wdkY&JUuGJ
jym;yHuk em;vnf
kd xm;&rSmjzpfygw,f/uReaf wmftxufrmS azmfjycJw
h hJ" n o n e t w o r k " com-
mand onfDynamic Routing jzpfwRIP hJ xJuNetwork wpfcw k nf;udo k mz,fxw k wf Comma-
hJ
nd jzpfNy;D "no router rip command uawmhDynamic Routing Protocol jzpfwRIP hJ Protocol udk
toHk;rjyKbJydwfvkdufwJhCommand yJjzpfygw,f/
xkad Mumifif
h ;" no router rip " command udktoHk;jyKr,fqdk&ifawmhDynamic
Routing awGtm;vHk;udkz,fxkwfoGm;rSmyJjzpfygw,f/uRefawmfatmufrSmDynamic Routing
jzpfwRIPhJ udk" no router rip " command jzifhydwfvkdufyHkudkazmfjyay;yghr,f/
Product of YOUTH
- 137 -
Router>enable
Router#configure terminal
Router(config)#no router rip
IGRP RIP
yHk 6.5
Router A udConfigure
k vkyyf kH
Router>enable
Router#configure terminal
Router(config)#hostname RouterA
RouterA(config)#enable secret cisco
RouterA(config)#interface ethernet 0/0
RouterA(config-if)#ip address 192.168.0.1 255.255.255.0
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#interface serial 0/0
RouterA(config-if)#ip address 172.0.0.1 255.255.0.0
RouterA(config-if)#clock rate 64000
tJ'Command
D rSmyxrqHk;Command ueigrp protocol udktoHk;jyKwJhtaMumif;
owfrwS w
f mjzpfygw,f/tJ'rD mS " #router eigrp " qdkwmuCommand yg/10 qdkwmu
Autonomous System Number jzpfygw,f/
rSwcf su/f /Autonomous System Number &JURang onf1 to 65535 xd&Syd gw,f/
uJ'gq&kd ifqufvufNy;D awmhuse&f adS ewJCofiguration
h av;awGudkqufvkyfvkdufMu&atmif/
RouterA(config)#exit
RouterA#copy running-config startup config
RouterA#show startup-config
Router>enable
Router#configure terminal
Router(config)#hostname RouterB
RouterB(config)#enable secret cisco
RouterB(config)#interface ethernet 0/0
RouterB(config-if)#ip address 192.168.10.1 255.255.255.0
RouterB(config-if)#no shutdown
Product of YOUTH
- 141 -
RouterB(config-if)#exit
RouterB(config)#interface serial 0/0
RouterB(config-if)#ip address 172.0.0.2 255.255.0.0
RouterB(config-if)#no Shutdown
RouterB(config-if)#exit
RouterB(config)#interface serial 0/1
RouterB(config-if)#ip address 172.10.0.1 255.255.0.0
RouterB(config-if)#clock rate 64000
RouterB(config-if)#no shutdown
RouterB(config-if)#exit
RouterB(config)#router eigrp 10
RouterB(config-router)#network 192.168.10.0
RouterB(config-router)#network 172.0.0.0
RouterB(config-router)#network 172.10.0.0
RouterB(config-router)#exit
RouterB(config)#exit
RouterB#copy running-config startup config
RouterB#show running-config
Router>enable
Router#configure terminal
Router(config)#hostname RouterC
RouterC(config)#enable secret cisco
RouterC(config)#interface ethernet 0/0
RouterC(config-if)#ip address 192.168.20.1 255.255.255.2
Routerc(config-if)#no shutdown
RouterC(config-if)#exit
RouterC(config)#interface serial 0/0
RouterC(config-if)#ip address 172.10.0.2 255.255.0.0
RouterC(config-if)#no Shutdown
RouterC(config-if)#exit
RouterC(config)#interface serial 0/1
RouterC(config-if)#ip address 172.20.0.1 255.255.0.0
RouterC(config-if)#clock rate 64000
RouterC(config-if)#no shutdown
RouterC(config-if)#exit
RouterC(config)#router eigrp 10
RouterC(config-router)#network 192.168.20.0
RouterC(config-router)#network 172.10.0.0
Road to CCNA (Exam 640-802)
- 142 -
RouterC(config-router)#network 172.20.0.0
RouterC(config-router)#exit
RouterC(config)#exit
RouterC#copy running-config startup config
RouterC#show ip router
RouterC#show running-config
yHk 6.6
yHk 6.7
Router A udConfigure
k vkyyf kH
Router>enable
Router#configure terminal
Router(config)#hostname RouterA
RouterA(config)#enable secret cisco
RouterA(config)#interface ethernet 0/0
RouterA(config-if)#ip address 192.168.0.1 255.255.255.0
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#interface serial 0/0
RouterA(config-if)#ip address 172.0.0.1 255.255.0.0
RouterA(config-if)#clock rate 64000
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
RouterA(config)#
txufrSmazmfjyxm;wJConfiguration
h awGuem;vnf
kd aeNyv D xif
Ydk ygw,f/tckuReaf wmf
qufvufNyD;Routing Protocol jzpfwOSPF
hJ eJcsY w
d q
f ufyu
kH &Skd i;f jyayygrh ,f/
Product of YOUTH
- 145 -
RouterA(config)#router ospf 1
RouterA(config-router)#network 192.168.0.0 0.0.0.255 area 0
RouterA(config-router)#network 172.0.0.0 0.0.255.255 area 0
RouterA(config-router)#exit
RouterA(config)#exit
RouterA#copy running-config startup-config
Router B udConfigure
k vkyyf kH
Router>enable
Router#configure terminal
Router(config)#hostname RouterB
RouterB(config)#enable secret cisco
RouterB(config)#interface ethernet 0/0
RouterB(config-if)#ip address 192.168.10.1 255.255.255.0
RouterB(config-if)#no shutdown
RouterB(config-if)#exit
RouterB(config)#interface serial 0/0
RouterB(config-if)#ip address 172.10.0.2 255.255.0.0
RouterB(config-if)#clock rate 64000
RouterB(config-if)#no shutdown
RouterB(config-if)#exit
RouterB(config)#interface serial 0/1
RouterB(config-if)#ip address 172.0.0.2 255.255.0.0
RouterB(config-if)#no shutdown
RouterB(config-i)#exit
RouterB(config)#router ospf 1
RouterB(config-router)#network 172.0.0.0 0.0.255.255 area 0
RouterB(config-router)#network 192.168.10.0 0.0.0.255 area 0
RouterB(config-router)#network 172.10.0.0 0.0.255.255 area 0
RouterB(config-router)#exit
RouterB(config)#exit
RouterB#copy running-config startup-config
Router>enable
Router#configure terminal
Router(config)#hostname RouterC
Product of YOUTH
- 147 -
yHk 7.2
Product of YOUTH
- 153 -
yHk 7.4
tckuRefawmfazmfjyxm;wJNetwork
h Diagram twdkif;Switch &JUIOS udkb,fvdkMan-
age vkyf&r,fqdkwmazmfjyay;vdkufygw,f/
Switch>
Switch>enable
Switch#
Switch#?
wpfzufpmrsufESmudk qufMunfhay;yg/
tckazmfjyxm;wJCommand
h uawmhSwitch xJuPrivileged Mode xJrSmtoHk;jyKEdkifwJh
Command awGuMkd unfE h ikd wf hJHelp Command yJjzpfygw,f/if;Help Command udk" Question
Mark " Sign udtoH
k ;k jyKjcif;jzifMh unfEh ikd yf gw,f/
Switch#configure terminal
Switch(config)#
tckazmfjyay;xm;wJCommand
h uawmhPrivileged Mode xJuaeGlobal Configura-
tion Mode xJoo Ykd mG ;wJCommand
h jzpfygw,f/'gaMumifuR
h eaf wmfwu
Ykd " configure termi-
nal" Command udktoHk;jyKNyD;Global Configuration Mode xJuoG kd m;&rSmjzpfygw,f/
Product of YOUTH
- 155 -
Switch(config)#?
yHk 7.6
Switch(config)#hostname SwitchA
SwitchA(config)#
tcktoHk;jyKxm;wJCommand
h uawmhrdrd&JhSwitch udkHostname owfrSwfay;wmyJ
jzpfygw,f/" hostname " qdkwmuawmhCommand yJjzpfNyD;" SwitchA "uawmhrdrdowfrSwf
csiw
f Hostname
hJ yJjzpfygw,f/
tckazmfjyxm;wJCommand
h uawmhrdrdSwitch &JPrivileged
h Mode udktvG,fwul
0ifa&mufConfigure rvkyaf qmifEikd &f eftwGu"f enable secret " Command udktoHk;jyKNyD;
tckazmfjyxm;wJCommand
h uawmhGlobal Configuration Mode xJuaeFastethernet
0/1 &JInterface
h Mode xJo0
Ykd ifwCommand
hJ yJjzpfygw,f/
Switch(config-if)#?
yHk 7.7
Product of YOUTH
- 159 -
(3) tzGUJ tpnf;wpfcck si;f pDtwGuydf jk y;D Security &Szd &Ykd efvdt
k yfvmjyq
D &kd ifvnf;VLAN udk
toH;k jyKzv
Ykd t
kd yfygvrd rhf ,f/
(5) Increased Security Options - vkNH cKH a&;pepfvnf; ydNk y;D jrifrh m;vmygvrd rhf ,f/
VLAN rSmtrsdK;tpm;tm;jzifh(2)rsdK;owfrSwfxm;ygw,f/
Cisco uaexkwv f yk cf w
hJ Cisco
hJ Switch Series rsm;udkazmfjyay;yghr,f/Cisco uae
xkwv
f yk cf w
hJ Cisco
hJ Switch Series awGuawmh-
- 1900 Series,
- 2820 Series,
- 2900 Series,
- 4000 Series,
- 5000 Series,
- 6000 Series,
- 6500 Series,
- 8500 Series ponfwjYkd zpfygw,f/
- WS-C2950,
- WS-C2960,
- WS-C3550,
- WS-C3560 ESihf
-WS-C3750 Series wd[
Ykd mqd&k ifvlot
d rsm;qH;k Series awGyjJ zpfygw,f/
tJ'Switch
D Series xJrSmSdwPort
Jh awG[mqd7k if10/100/1000 Mbps Ports awGvnf;
Syd gw,f/tcsKd UPort awG[mqk&d ifPoE (Power over Ethernet) udkvnf;Support vkyaf y;Edik yf gw,f/
a,bk,stm;jzifazmf h jy&&ifawmhWS-C2950 ESiWS-C2960
hf Series wdkY[m10/100
Mbps PortsawGyjJ zpfygw,f/WS-C3550 ESiWS-C3560hf wk[
Yd mqd&k ifFull Gigabit &Sw d Port
hJ
awGjzpfjyD;PoE (Power Over Ethernet) udkvnf;Support vkyaf y;Edik yf gw,f/
switch>
Switch>enable
Swtich#
Switch#?
Switch#configure terminal
Switch(config)#
SwitchA(config-if)#exit
SwitchA(config)#
rdrda&mufSdaewJMode
h xJuaejyefxu
G w
f mjzpfygw,f/
SwitchA(config)#exit
SwitchA#show running-config
RAM ay:rSmSdaewJhrdrdjyKjyifxm;wJConfiguration
h Setting awGudkNVRAM ay:odkU
Copy ul;xnfw
h mjzpfygw,f/
yHk 8.2(u)
Product of YOUTH
- 167 -
yHk 8.2 (c)
Switch#configure terminal
Switch(config)#hostname switchA
SwitchA(config)#enable secert cisco
SwitchA(config)#interface fastethernet 0/1
SwitchA(config)#description connetion to PC1
SwitchA(config-if)#exit
SwitchA(config)#line console 0
SwitchA(config-line)#password cisco
SwitchA(config-line)#login
SwitchA(config-line)#exit
SwitchA(config)#exit
yHk 8.3
Switch>enable
Switch#configure terminal
Switch(config)#hostname switchA
SwitchA(config)#enable secret cisco
SwitchA#vlan database
Switch>enable
Switch#vlan database
Switch(vlan)#
Product of YOUTH
- 171 -
txufygCommand onfVLAN Database udkzefwD;r,fhCommandjzpfygw,f/
Switch(config)#hostname switchA
SwitchA(config)#enable secret cisco
Product of YOUTH
- 173 -
o,fomG ; ay; Edik yf gw,f/
'gaMumifhuRefawmfwdkUawG&JUNetwork xJrSmwpfckxufydkwVLAN
Jh awG[mtcsi;f csi;f csw d f
qufawmhr,fq&kd ifTrunk Link ay:rSmcsdwfqufrSomVLAN awGucskd w d q
f ufEikd rf mS jzpfygw,f/
aumif;jy.D ..'gq&kd ifTrunk Link udktoHk;jyKjyD;VLAN awGudkb,fvdkcsdwfqufNyD;vkyf&
r,fqdkwmudk azmfjyay;yghr,f/
yHk 8.4
Switch A Switch B
Switch>enable
Switch#vlan database
Switch(vlan)#exit
Switch(config)hostname switchA
SwitchA(config-if)#exit
SwitchA(config-if)#exit
SwitchA(config-if)#exit
SwitchA(config)#exit
SwitchA#show running-config
SwitchA#show startup-config
Product of YOUTH
- 175 -
SwitchB Configure vkyyf kH
Switch>enable
Switch#vlan database
Switch(vlan)#exit
Switch#configure terminal
Switch(config)#hostname switchB
SwitchB(config-if)#exit
SwitchB(config-if)#exit
SwitchB(config-if)#exit
SwitchB(config)#exit
SwitchB#show vlan 10
SwitchB#show vlan 20
Product of YOUTH
- 177 -
P r o d u c t o f Y O U T H
C o m p l e t e N e t w o r k G u i d e
C C N A, M C S E, M C S A, M C T S
wpfaeYrmS awmh oifu urmt Y qifrh SD Edik if w H umeJY qufo, G v f yk u f ikd &f wJh vkyif ef;SiBf u;D
wpfa,muf jzpfvmNyq D ykd gp/Ykd oif&h UJ ukrP eD YJ taotvJ,OS Nf yKd iw f u kd cf u kd af ewJh wpfjcm;ukrP aD wG
vnf;Sw d ,f/ 'DMum;xJurS oifv h yk if ef;atmifjrifzYkd BuKd ;pm;ae&w,f/ 'gq&kd if oihu f rk P t D wGuf
ta&;tBu;D qH;k u bmjzpfr,fxifovJ/ vHNk cKH a&;yJayg/h vHNk cKH a&;qdw k ahJ e&mrSm ukrP x D u J 0kd ifNy;D
ypn;f cd;k cH&wmudajk ymwmr[kwb f ;l aemf/oifu h rk P &D UJ toufjzpfaewJhData awG?Information
awG? wu,fh xdyw f ef;vsKd U0u S cf suaf wG . . . tJ'gawG ck;d ,lc&H wmvnf; ygygw,f/ tJ'gurS ypn;f
tcd;k cH&wmxuf tyHBk u;D ydq k ;kd ao;w,f/ 'gaMumifh oifom ukrP yD ikd f iS q
f &kd if oifv h ufatmufu
IT Department bufuvlawGudkukrPD&JUSecurity aumif;atmifvkyfay;zdkYyJtaotvJajymawmh
rSmayg/h
oifuolaX;r[kwfbJtJ'DvdkukrPDrsdK;&JUIT bufrSmSystem Administrator eJ0if Y vyk f
ae&wJvl h q&kd ifSecurity aumif;atmifvyk zf u Ykd oifv h ufxaJ &mufvmNy/D 'gq&kd ifawmhCisco
Router awGudkoHk;NyD;Security ydkaumif;atmifb,fvdkvkyfMurvJ/
[kwwf ,fAs...oifwrYkd odao;vdyYk g/'Dvrkd sKd ;Security udkaumif;atmifvkyfzdkYqdk&if
Cisco xJrmS t&rf;toH;k 0ifwenf hJ ;vrf;awGtrsm;Bu;D Syd gw,f/'DChapter xJrSmawmhusL;ausmf
vmwJhHacker awGudkCisco Router awG&,f?IOS Firewall awG&,fudkoHk;NyD;oifhtwGufa&m?
oifNetwork
h twGufygb,fvkdumuG,f&r,fqdkwmaocsmajymjyay;oGm;rSmyg/NyD;awmhoifu
Main Office rSmrSb d ta0;a&muf
J aewJt h csed rf mS Main Office &JUNetwork xJuvH kd Nk cKH pw d cf s&wJh
Connection wpfcb,f k vv kd yk &f rvJqdw k mvnf;ajymjyygO;D r,f/
Cisco eJSecurity
Y ydik ;f vkyrf ,fq&kd ifawmhACL qdkwAccess Jh Control List uvnf;
ta&;Bu;D w,fAs/'gaMumifSimple(Basic) h ACL wd?Yk Advance ACL wdkYudkoHk;NyD;b,fvdkvkyf&
rvJqdkwmvJ'DrSmajymjyrSmyg/Access List udol k aY e&meJo Y aumif
l ;aumif;rGerf eG o f ;kH Edik zf qYkd w kd mu
Router Configuration tydi k ;f rSmodyu f tkd a&;Bu;D wJu@j h zpfygw,f/oifo;kH wwf&ifo;kH wwfovdk
ukd,hfNetwork xJrSmoGm;aewJTraffic h awGuxd kd e;f csKyEf ikd rf mS yg/'DAccess List udkoHk;NyD;Secu-
rity Manager awGuPacket awGoGm;wJhtajctaeawGudkppfwrf;aumufw,f/'Dppfwrf;udk
jyefMunfhNyD;awmhrSecurity
S Policy awGowfrSwfay;Muw,fav/aemufNyD;ACL awGaMumifh
oif&h UJ ta&;ygwhJInternal Network awG?Network xJuServer awGqu D tcG
kd irhf Sw d o hJ al wG?
(Hacker) awG0ifzwfvr Ykd &atmifumuG,af y;Ekid yf gw,f/
Product of YOUTH
- 179 -
'gaMumifACLh taMumif;ydkpHkoGm;atmifBasic ACL eJYAdvanced ACL wdt Yk jyifLayer
-2 Switch awGay:rSmtvkyfvkyfwJhTCP/IP Access List eJMAC Y Access List awGtaMumif;udkyg
xyfavmif;ajymjyay;oGm;ygr,f/
Security twGufb,fvdkCommand awGoH;k &rvJrjycifSecurity Defence vkyfwJhae&mrSm
rodrjzpfwt hJ oH;k tEIe;f awGydS gao;w,f/ 'gawGut kd &ifiS ;f vdu
k w
f mu oift h wGuyf akd umif;r,f
xifygw,f/
yHk 9.1
Firewall ESiDMZ
hf (Perimeter Network)
2/ Firewall
3/ Internal Router
'guawmh odyu
f kd iS ;f ygw,f/ H;k wpfct k wGu?f vkyif ef;wpfct k wGuf pojzifh oifjyKvyk f
ay;xm;wJhNetwork awGrdS mS yg/tJ'Network D awGudkjyefcGJay;zdkYoHk;wJRouter
h jzpfygw,f/
vHNk cKH pw
d cf s&wJNetwork
h wpfcq
k w kd m'D(3)rsKd ;eJwnf
Y aqmufrjS zpfrmS yg/atmufrmS jyxm;wJh
yHkuawmhtJ'Dypnf;(3)rsdK;udkoHk;NyD;aqmufxm;wJhNetwork wpfc&k UJ yykH g/
yHk 9.2
2/ Intrusion Detection
olYrSmqdk&iftawGU&rsm;wJAttack
h awGxJurStjzpfrsm;wJhAttack (102)ckuxk kd wEf w I Nf y;D
jzwfomG ;aewJPacket
h awGudktJ'Attack
D awGewd
YJ u
k pf pfaq;Munfh ykH gy/J 'DtwGuaf y;wJTool
h
Product of YOUTH
- 183 -
av;jzpfygw,f/
3/ ICMP Inspection
4/ Authentication Proxy
6/ Per-User Firewall
oHk;aeusr[kwfwJhpdrf;aewJJava
h Applet awGRun jcif;rSumuG,af y;ygw,f/
Access vmvkyfwUser
Jh awGudkuefYowfxdef;csKyfay;ygw,f/oifowfrSwfay;xm;wJh
Security Policy tvdkufb,fAddress uda k wmhcGiahf y;r,f/b,fInterface uvmwJhUser awG
udak wmh ydwrf ,f ponfjzifh tvkyv
f yk yf gw,f/ oifph w d Bf uKd ux
f ed ;f csKyEf ikd rf mS yg/
Product of YOUTH
- 185 -
2/ Network Address Translation (NAT)
Product of YOUTH
- 187 -
(2) 'Dvdkwpfvdkif;NyD;wpfvdkif;wdkufoGm;wmoleJYudkufnDwJhvdkif;udkawGYNyDqdkwmeJYtJ'Line
D rSm
owfrSwfxm;wJhvkyfaqmifcsuftwdkif;Packet udkvkyfay;NyD;&ifaemufxyffqufrwdkuf
awmhygb;l /
(3) Access List wdkif;&JUtqHk;rSm" Deny " qdw k mav;xnfah y;xm;ygw,f/Access List
xJuLine awGeJYwdkufppfvm&muaeb,fLine eJrY ud S u
k n
f jD cif;rSw
d t
hJ cgus&if
tJ'Packet
D udz,f
k ypfvu dk yf gqw
kd t"d
hJ y,
af v;yg/
2/ Outbound Traffic
udk,fhbufuaeolrsm;qDudkxGufoGm;wJTraffic
h yg/
jrifygovm;/Router A jzpfwoif hJ q h u
D 0if
kd vmwJt0if
h Traffic uInbound Traffic
jzpfNy;D awmhoifqh u
D aeRouter B qDudkjyefxGufoGm;wJhTraffic udkusawmhOutbound Traffic
vdkYac:ygw,f/
uJ'Dwcgawmhoifu
h ,
kd o
f ifRouter B vdkYowfrSwfMunfhvdkufyg/[kwfNyD...yxr
Router A uvmwJhTraffic uoifq h uD 0if
kd vmr,f/'gaMumifInbound
h Traffic jzpfomG ;w,f/
aemufNyD;oifhqDuaeolrsm;qDudkjyefydkYwJhtwGufOutbound Traffic jyefjzpfomG ;ygw,f/yH9.3(c)
k
udk Munfyh g/
Product of YOUTH
- 189 -
'Davmufq&kd ifInbound Traffic eJOutbound
Y Traffic udkSif;avmufygNyD/wu,fvdkY'DrSm
Router C qdwk mxyfrdS ,fq&kd ifvnf;yH9.3(*)vk
k yHd pk rH sKd ;jzpfvmrSmyg/
Inbound eJOutbound
Y udktckSif;NyD;oGm;NyDqdkawmhInbound Access List eJOutbound
Y
Access List awGuquf
kd iS ;f Mu&atmif/
(3) Access List xJudkaemufxyfEntry topfwpfcxyf k xnfrh ,fq&kd ifSNd y;D om;Access
List &JUatmufq;kH uaeyJxyfxnfa h y;&ygr,f/Access List xyfxnfzh t Ykd wGufText
Editor qdkwSoftware
Jh udo
k ;kH ygvtB
Ykd uaH y;csiyf gw,f/
(4) Access List xJuwpfcck u k zskd ucf siwf ,fq&kd ifolUwpfaMumif;wnf;udyk uGJ uzf suyf pfvYkd
r&ygbl;/'Dvdkzsufypfvdkufwm[mAccess List wpfckvHk;udkzsufvdkufwmeJYwlwlygyJ/
'gaMumifh List udwpf
k cck v
k yk cf siwf ,fq f &kd ifText Editor xJudkt&ifqHk;xnfhNyD;awmhrS
jyKjyifwmydak umif;ygw,f/'gayr,fNamed h Access List xJrSmawmh'Dvkdvkyfp&mrvdkygbl;/
wpfaMumif;csi;f zsuyf pfv&Ykd ygw,f/
Product of YOUTH
- 191 -
..*sw
d yf gy/J List wdik ;f rSmtenf;qH;k permit qdkwCommand
Jh av;wpfcak wmhyg&ygr,f/
r[kw&f ifvn;fTraffic awGtukev f ;kH ydwyf pfvtqlYkd c&H csn&f UJ /
tckajymr,ftcs
h uaf wGuACL twGufvdktyfwJhrjzpfraevkyfay;&r,fRules
h awG
jzpfygw,f/
'Dvkkd u
d v
f u
kd w f thJ cg" access-list " qdkwCommand
Jh aemufuxnfzh Access
Ykd List
Number awmif;wmudkawGU&ygvdrfhr,f/
1 to 99 qd& k ifStandard Access List
100 to 199 qd& k ifExtended Access List ponfjzifawG
h U&rSmyg/
'Dae&mrSmudk,fBudKufwJhAccess List Number uday;Ed k ik yf gw,f/' 4 ' vdkUay;Mu&atmif/
Router(config)#access-list 4 ?
deny Specify packets to reject
permit Specify packets to forward
remark Access list entry comment
tif;..'Dtqifu
h a&muf
kd Nyq
D &kd ifawmhSi;f jyp&menf;enf;awmhSv
d mNyAD s/Deny, Permit
ay;wmu 'Dtwdkif;a&;vdkufHkeJY rNyD;bl;/ b,folUudk ay;csifwmvJqdkwm owfrSwfay;&ygOD;r,f/
Any : oluusawmhrnfonfHost
h ?rnfonfNetwork
h udkrqdkoufa&mufapygw,f/
'DCommand aMumifh192.168.4.2 IP Sw
d Host
hJ wpfckwnf;udkyJydwfypf&r,fqdkwm
Router BuD;uodoGm;ygNyD/
'DCommand eJw Y nl w
D aemuf
hJ xyfCommand wpfcvk nf;Sad o;w,f/
Access List xJuHost wpfcck si;f pD?Network wpfcck si;f pD(od)Yk Network trsm;BuD;udk
deny / permit ay;wJt h cgoluY ykd gwoJG ;kH avho;kH xSw d ,f/Wildcard udoif k em;vnfatmifSi;f jyzdq
Yk &kd if
Blocksize udt&if k em;vnfr&S r,fAs/Variable Length Subnet Mask awGrSmNetwork awGcJG
xkww f t hJ cgBlock Size t&cGx J w k o f mG ;wmyg/wenf;tm;jzifhNetwork wpfct k wGi;f rSmSEd ikd w
f hJ
Host ta&twGuq f vkd nf;[kwyf gw,f/wu,fvYVariable kd Length Subnetting taMumif;?IP
Subnetting taMumif;udjk ynhjf ynhp f pkH od
kH csiw
f ,fq&kd ifuReaf wmfwYOUTH Ykd ut&ifwkef;u
xkwcf w hJ Complete
hJ Network Guide pmtkyr f mS pHpk v kH ifvif&Si;f jyxm;ygw,f/tJ'rD mS avhvmMunhf
vdu
k yf g/
Wildcard qdw k mSubnet Mask &JUajymif;jyefygy/J
Oyrm- 192.168.100.1/24 &JUSubnet Mask [m255.255.255.0 aygAh sm/
'gqDecimal
kd udkBinary eJjY y&&if-
Subnet Mask 1111 1111. 1111 1111 . 1111 1111 .0000 0000 255.255.255.0
Wildcard Mask 0000 0000 . 0000 0000 . 0000 0000 . 1111 1111 0.0.0.255
(Subnet \ajymif;jyef)
Oyrm- 160.30.20.40/20
Subnet Mask = 255.255.240.0
Road to CCNA (Exam 640-802)
- 196 -
Subnet Mask 1111 1111. 1111 1111 . 1111 0000 . 000 00000 255.255.240.0
Wildcard Mask 0000 0000 . 0000 0000 . 0000 1111. 1111 1111 0.0.15.255
255.255.255.255
Subnet Mask : - 255.255.255.0
Wildcard Mask : 0 . 0 . 0. 255.
'gapmapmuwGucf w
hJ Wildcard
hJ Mask twdkif;yJr[kwfvm;/
tckwpfacguVariable
f Length udkjyr,f/
Oyrm-160.30.20.40/20
Subnet Mask : 255.255.240.0
255.255.255.255
Subnet Mask : - 255.255.240.0
Wildcard Mask : 0 . 0 . 15 .255
'gah Mumifapmapmuj
h ycJw
h Standard
hJ Access List &JUOyrmxJuHost Address
192.168.10.2 &JUWildcard Mask 0.0.0.255 jzpfcw
hJ mygy/J
'gaMumifHost
h Bit (3)ckuse& f ifBlock Size = 8 yg/
Network cGz J tv,f
Ykd uq
l ;kH enf;udajk ym&&ifawmhBlock Size &JUtvDuo
kd mqdNk y;D cGyJ g/
Block Size u' 8 ' qd& k if' 8 ' tvDudkomqdkygawmh/
8x0 = 0
} 0 to 7
8x1 = 8
} 8 to 15
8x2 = 16
} 16 to 23
8x3 = 24
} 24 to 31
8x4 = 32
(2) ' Any ' udkoHk;wmuWildcard udk' 0.0.0.0 255.255.255.255 ' vdkYoHk;vdkufwmeJYtwl
wlygy/J
Oyrm- Router(config)#access-list 7 deny 192.168.10.4 0 . 0 . 0 .3
9.3.4 Create vkyNf y;D om; Standard Access List udk Interface ay:wiG f
Apply vkyjf cif;/
Interface ay:udkApply vkyw f thJ cgpOf;pm;p&mESpcf k ydS gw,fvuR Ykd eaf wmfajymcJzh ;l w,f/
Inbound Traffic eJOutbound
Y Traffic qdNk y;D (2)rsKd ;Sw
d ,fvajYkd ymcJzh ;l ygw,f/'D(2)rsKd ;&JUu@u
tck'rD mS ygvmygNy/D Router &JUInterface ay:rSmApply vkkyfwmawmh[kwfygNyD/t0ifbuf(Inbou
-nd) Interface rSmvm;?txGufbuf(Outbound) Interface rSmvm;b,frSmxnfh&rSmwkef;/
'Dvadk wGjzpfaerSmpd;k vdYk Oyrm (1)ckeYJ Si;f jyoGm;ygrh ,f/ aocsmMunfah y;ygaemf/
'DExample xJrmS qd&k ifukrP wD pfcx k rJ mS Department wpfcck si;f pDtwGuNetwork f
(3)ckcGx
J m;Ny;D awmhRouter eJjY yefcsw d x
f m;wmyg/
tckjzpfcsiw
f muMarketing bufuClient awGuFinance bufudkoGm;NyD;Access
vkyv
f rYkd &atmif ydwcf siw
f myg/
Product of YOUTH
- 199 -
yHk 9.4
yHk 9.5
Product of YOUTH
- 203 -
awGUMuvm;rodbl;/Extended twGufNumber u100 to 199 &,faemufNyD;2000 to
2699 twGuyf q
J Nkd y;D a&;xm;ao;w,f/'DawmherlemtaeeJ150
Y vdkYay;vdkufr,fuGm/
Router(config)#access-list 150?
deny Specify packets to reject
dynamic Specify a DYNAMIC list of PERMITs or DENYs
permit Specify packets to forward
remark Access list entry comment
Source twGufaG;ay;&ygr,f/
Router (Config)# Access List 150 deny tcp any host 192.168.10.2 eq?
<0-65535> Port number
ftp File Transfer Protocol (21)
pop3 Post Office Protocol v3 (110)
Product of YOUTH
- 205 -
smtp Simple Mail Transport Protocol (25)
telnet Telnet (23)
www World Wide Web (HTTP, 80)
'Dae&mrSmPort Number awGudkList vkyjf yygvrd rhf ,f/oifuTelnet udydk wcf siw
f ,f?ftp
udrk yS wd cf siw
f ,fq&kd ifvnf;&w,fAs/Port Number av;udo k mxnfah y;vdu
k yf g/tckawmhTelnet
udyk yJ w
d jf yygr,f/
Standard eJYywfoufwCommand
Jh awGawmhuek yf gNy/D ydNk y;D pkppk nf;pnf;Sad tmif
Oyrmav;wpfcek jYJ yygO;D r,f/wpfjcm;awmhr[kwyf gb;l /Standard rSmwkef;uay;cJhwJhMarketing eJY
Road to CCNA (Exam 640-802)
- 206 -
Finance Example av;udkyJjyefay;rSmyg/
Example for Extended Access List
yHk 9.6
RouterA(config)#int e1
RouterA(config-if)#ip access-group 150 out
Product of YOUTH
- 207 -
'gNyD;wJhaemufrSmawmhClient 1 uaeFinance bufudkvmwJFTP
h Traffic eJTelnet
Y
Traffic awGudkydwfypfvdkufygNyD/
yHk 9.7
Router A udConfigure
k vkyyf kH
Router>enable
Router#configure terminal
Router(config)#hostname RouterA
RouterA(config)#enable secret cisco
RouterA(config)#interface fastethernet 0/0
RouterA(config-if)#ip address 192.168.0.1 255.255.255.0
RouterA(config-if)#no shutdown
RouterA(config-if)#exit
Router>enable
Router#configure terminal
Router(config)#hostname RouterB
RouterB(config)#enable secret cisco
RouterB(config)#interface fastethernet 0/0
RouterB(config-if)#ip address 192.168.20.1 255.255.255.0
RouterB(config-if)#no shutdown
RouterB(config-if)exit
Product of YOUTH
- 209 -
'gNy;D &ifTraining Network xJuaeSale Network eJol
Y x
Y u
J Web Server ud0if
k Munfvh Ykd
r&wmawGU&ygvdrfhr,f/Basic ACL awGeJYywfoufNyD;ajymp&muawmh'DavmufygyJ/
Router(config)#line vty 0 4
Telnet Line b,fEp
S cf ck sw
d cf iG hf v
fdS o
J wfrw
S af y;wmyg/
Router(config-line)#access-class 50 in
trsKd;tpm;awGtrsm;MuD;&Sdayr,fhtoHk;rsm;wmawGuenf;enf;av;&,fyg/Named ACls
eJSwitch
Y Port ACL awGuawmhtoHk;rsm;ygw,f/'gaMumifh'D(2)ckudkyJuRefawmft"duxm;jyD;
&Si;f oGm;rSmyg/
yHk 9.8
'Dtqifrh mS awmhStandard ACL vm;?Extended ACL vm;a&G;vd&Yk ygjy/D tckawmh&d;k &d;k pif;
pif; Standard ACL udkyJaqmufygOD;r,f/
Product of YOUTH
- 213 -
tckaemufydkif;uaepNyD;deny/permit ay;vdkY&oGm;ygNyD/ydwfcsifwmu192.168.10.0 Net-
work udkyg/
ACL Create vkyjf cif;'DrmS wifjy;D qH;k jyjD zpfygApply vkyjf cif;vkyif ef;Mu;D pwifygawmhr,f
cifAsm/
Router#config t
Router(config)# int e1
Router(config-if)# ip access-group blockLAN2fromLAN1 out
ay;cJhwACL
Jh &JUname yg/
yHk 9.9
Product of YOUTH
- 215 -
olq Y 0D ifvmwJTraffic
h rSeo f rQutJkd 'ACL
D eJwdY u
k pf pfMunhyf gw,f/'gaMumifv
h nf;ACL rSeo f rQ
tuket f a&;Mu;D ygw,fvuR Ykd eaf wmfajymcJwh myg/ajym&&ifACL [mNetwork wpfck&JU*dwfayguf
qdkvnf;rrSm;ygbl;/VLAN wnfaxmifwt hJ cgrmS vnf;ACL awGeJYtvkyfvkyfoGm;wmyg/VLAN
&JUTrunk Port rSmACL udkApply vkyfay;&wmaygh/'DtaMumif;udkawmhVLAN tcef;udoif k zwfxm;
&if odrmS yg/ uReaf wmfr&Si;f jyawmhygb;l /
Switch Port ACL awGrSmawmhIP Traffic awGudkIP Access List awGey YJ xd
J e;f csKyaf y;yg
w,f/ IP-Traffic r[kwfwTraffic Jh awGudkawmhMAC Address eJFilter Y vkyaf y;&ygw,f/
tckuReaf wmfOyrmwpfcek Switch YJ Port ACL tjzpfMAC Address eJAccess Y List vkyf
wmudkajymjyoGm;yghr,f/Extended eJYStandard ACL awGuawmht&ifOyrmawGwkef;uaqmufjycJh
ovkyd q J akd wmh odyrf xl;jcm;ygb;l / uJ..pMu&atmif/aeOD;wpfcak wmh&w dS ,f/tck[muSwitch
ay:rSmCreate vkyaf ew,fqwmarh kd roGm;eJOY ;D /
Switch#config t
Switch#mac access-list?
extended Extended Access List
Switch(config-ext-macl)#deny?
H.H.H 48 bit source MAC address
any any source MAC address
host a single source host
&JUMAC ukxnh
Source d rf vm;?(okrYd [kw)f rnfonhSource
f udkrqdkvmwJhTraffic vkdY
owfrSwfrvm; ar;aeygjyD/
Switch(config-ext-macl)#deny any?
Source
H.H.H 48 bit destination MAC address
any any destination MAC address
host a single destination host
jy;D &ifawmhowfrw
S af y;csiw
f host
hJ &JUMAC address udkowfrSwfygr,f/
Switch(config-ext-macl)#deny any host 2abd.32ce.489f
Switch(config-ext-macl)#int f0/2
Switch(config-if)#mac access-group Mac-List
Access List Name
Product of YOUTH
- 217 -
'gq&dk ifawmhInterface wpfckay:rSmoifaqmufvkdufwSwitch
Jh Port ACL av;uaumif;
aumif; tvkyv f yk af eygjy/D
yHk 9.10
Product of YOUTH
- 221 -
uReaf wmfw?Ydk oifwwYkd awGH;k wGi;f ?tdrw f iG ;f uNetwork (Internal Network) eJInternet
Y
wenf;(External Network) eJcsY w d qf ufwt hJ cgrmS 'DNAT ukdoHk;MurSInternet Connection &rSm
jzpfygw,f/oifaocsmpOf;pm;Munhyf g/uReaf wmfwaYdk wG&UJ Network xJrSmay;xm;wJhIP Address
Range awGeInternet
YJ ay:rSmoHk;aewJIP h Address Range awGeJYwlMu&JUvm;/
uRefawmfwdkYoHk;aewJIP h awGuPrivate Address Range awGxu J ,lo;kH aewmjzpfjy;D
Internet ay:rSmawmhPublic Address Range awGudkoHk;wJhtwGuf'DvkdrwlnDwJhNetwork ESpc fk
udkb,fvkdConnection &atmifcsw d q f ufMurvJ/twGi;f ydik ;f Network uaexGufvmwJhAd-
dress ukdtjyifbufExternal &JUPublic Network Address tjzpfjyefajymif;ay;zdvd Yk vk mwmayg/h
r[kwfbl;vm;/'DvAddress
dk ajymif;ay;zkdYtwGufNAT ukdoHk;MuwmygyJ/
'gaMumifv h nf;oluY Network
kd Address Translation vdkYemrnfay;Muwmaygh/wpf
enf;tm;jzifajh ym&&ifNAT qdw k mPrivate Network to Public Network ?Public Network to
Private Network tjzpfajymif;ay;Edi kw f thJ &mvdajYk ymvd&Yk ygw,f/
(1) oift
h aeeJInternet
Y udv
k nf;csw
d cf siwf ,f/'gayr,foif h Network &JUhost wpfcck si;f pD
twGufvnf;Public IP wpfcck si;f pDcsray;Edik b
f ;l qd&k ifNAT udkoHk;wmtaumif;qHk;ygyJ/
NAT udkConfigure
oGm;cs&rnfRouter
h
Product of YOUTH
- 225 -
10.4 NAT \ toH;k tEIe;f rsm;
yHk 10.3
olu
Y t
kd vG,rf w
S rf ,fq&kd ifOne-to-One Mapping vdrYk w S v
f &yg
Ykd w,f/'Daumifuh oH
kd ;k csi&f if
awmhoifh&JUNetwork xJrSmSdwHost Jh wpfcck si;f pDrmS wu,fInternet
h IP Address wpfcp kD
Szd v
Ykd ykd gw,f/ajym&&ifHost wpfcck si;f pDtwGuPublic
f IP wpfcpk SD x
d m;&r,fo
h abmyg/
yHk 10.4
Static NAT
Router(config)#interface e0
Router(config)#ip address 192.168.10.1 255.255.255.0
Router(config)#ip nat inside
[mtwGif;bufuInterface jzpfwJhtwGu"f ip
E0 nat inside " qdkNyD;Inside
Interface tjzpfaMujimvdu
k w
f myg/
Router(config)#interface s0
Router(config)#ip address 172.46.2.1 255.255.255.0
Router(config)#ip nat outside
Product of YOUTH
- 229 -
(2) Dynamic NAT
yHk 10.6
Dynamic NAT
yHk 10.7
Router(config)#int e0
Router(config)#ip address 192.168.10.1 255.255.255.0
Router(config)#ip nat inside
Router(config)# int s0
Router(config)#ip address 172.46.2.1 255.255.255.0
Router(config)#ip nat outside
yHk 10.8
yHk 10.9
Product of YOUTH
- 233 -
yHk 10.10
ydwfcsifwmuNetwork wpfcv
k ;kH jzpfwt
hJ wGufNetwork Address udxnf
k ah y;ygw,f/
Router(config)#int s0
Router(config-if)#ip address 172.46.2.1 255.255.255.0
Router(config-if)#ip nat outside
Product of YOUTH
- 235 -
(3) Router#sh ip nat statistics
NAT eJYywfoufvError
dkY wpfcck ak y:wt
hJ cgus&ifTroubleshoot jyefvyk zf t
Ykd wGu'Df Comm
-and utoH;k 0ifygw,f/oifCreate vkycf w
hJ hJNAT taMumif;udktao;pdwfjyefawGU&rSmyg/
(2) oifaqmufxm;wJDynamic
h Pool awGxyfrsm;xyfaeovm;MunfMh unfyh g/
(5) ygoifhygxkdufwAddress
Jh awGxnfhxm;NyD;?rygoifhrygxdkufwAddress
Jh awGrxnfrY ad tmif
*kpu
kd af y;yg/
yHk 10.11
Router>enable
Router#configure terminal
Router(config)#hostname RouterA
RouterA(config)#enable secret cisco
Product of YOUTH
- 239 -
Case Study 1 ( Static Route and Dynamic Route rsm;yg0ifonf/)
Router>enable
Router#configure terminal
Router(config)#hostname SRouterA
SRouterA(config)#enable secret cisco
RouterB udConfigure
k vkyyf kH
Router>enable
Router#configure terminal
Router(config)#hostname SRouterB
SRouterB(config)#enable secret cisco
Router>enable
Router#configure terminal
Router(config)#hostname RIPRouterC
Product of YOUTH
- 243 -
RIPRouterC(config)#enable secret cisco
RIPRouterC(config)#router rip
RIPRouterC(config-router)#network 100.0.0.0
RIPRouterC(config-router)#network 192.100.100.0
RIPRouterC(config-router)#network 200.0.0.0
RIPRouterC(config-router)#redistributed static
RIPRouterC(config-router)#exit
Router>enable
Router#configure terminal
Router(config)#hostname RIPRouterD
RIPRouterD(config)#enable secret cisco
RIPRouterD(config)#router rip
RIPRouterD(config-router)#network 200.0.0.0
RIPRouterD(config-router)#network 172.100.0.0
RIPRouterD(config-router)#network 192.200.200.0
RIPRouterD(config-router)#redistributed static
RIPRouterD(config-router)#exit
RIPRouterD(config)#exit
Product of YOUTH
- 245 -
RIPRouterD#copy running-config startup-config
Router>enable
Router#configure terminal
Router(config)#hostname RIPRouterE
RIPRouterE(config)#enable secret cisco
RIPRouterE(config)#router rip
RIPRouterE(config-router)#network 172.100.0.0
RIPRouterE(config-router)#network 200.200.0.0
RIPRouterE(config-router)#network 192.198.100.0
RIPRouterE(config-router)#redistributed static
RIPRouterE(config-router)#exit
Road to CCNA (Exam 640-802)
- 246 -
RIPRouterE(config)#ip route 1.0.0.0 255.0.0.0 200.200.0.1
RIPRouterE(config)#exit
Product of YOUTH
- 247 -
Case Study 2 ( NAT and Access List rsm;yg0ifonf/)
RouterA udConfigure
k vkyyf kH
Router>enable
Router#configure terminal
Router(config)#hostname RouterA
RouterA(config)#enable secret cisco
Product of YOUTH
- 249 -
RouterA(config-router)#exit
RouterB udConfigure
k vkyyf kH
Router>enable
Router#configure terminal
Router(config)#hostname RouterB
RouterB(config)#enable secret cisco
Product of YOUTH
- 251 -
RouterC udConfigure
k vkyyf kH
Router>enable
Router#configure terminal
Router(config)#hostname RouterC
RouterC(config)#enable secret cisco
RouterC(config)#interface fastethernet 0/0
RouterC(config-if)#ip address 100.0.0.2 255.0.0.0
RouterC(config-if)#no shutdown
1/ Ny;D oGm;jyefygNy/D
5/ uReaf wmf\
h cspZf eD;av; tdtNd zKd ;tm;vnf; aus;Zl;wifygw,f/
pma&;ol
aZmfvif;
30 Mo*kwf 2009
Road to CCNA (Exam 640-802)