CCNA
Notes and current progress on my CCNA studies.

Jeremy's IT Lab: CCNA 200-301 Course Index
This index provides a comprehensive breakdown of the CCNA 200-301 complete course by Jeremy's IT Lab, including direct links to lectures, labs, and extra resources.
Playlist Link: Jeremy's IT Lab CCNA Playlist
Day
Topic
Content Type
Duration
Link
Day 1
Network Devices
Lecture
30:26
Watch
Anki Flashcards
Extra
14:56
Watch
Packet Tracer Introduction
Lab
15:18
Watch
Day 2
Interfaces and Cables
Lecture
35:52
Watch
Connecting Devices
Lab
5:33
Watch
Day 3
How the TCP/IP Model Actually Works
Lecture
42:42
Watch
OSI Model
Lab
8:05
Watch
Day 4
Intro to the CLI
Lecture
31:06
Watch
Basic Device Security
Lab
10:26
Watch
Day 5
Ethernet LAN Switching (Part 1)
Lecture
38:13
Watch
Day 6
Ethernet LAN Switching (Part 2)
Lecture
33:41
Watch
Analyzing Ethernet Switching
Lab
10:29
Watch
Day 7
IPv4 Addressing (Part 1)
Lecture
40:21
Watch
Day 8
IPv4 Addressing (Part 2)
Lecture
30:42
Watch
Configuring IP Addresses
Lab
10:06
Watch
Day 9
Switch Interfaces
Lecture
32:28
Watch
Configuring Interfaces
Lab
11:54
Watch
Day 10
IPv4 Header
Lecture
30:11
Watch
Day 11
Routing Fundamentals (Part 1)
Lecture
31:00
Watch
Static Routing (Part 2)
Lecture
37:44
Watch
Configuring Static Routes
Lab 1
12:29
Watch
Troubleshooting Static Routes
Lab 2
9:45
Watch
Day 12
The Life of a Packet
Lecture
20:13
Watch
Life of a Packet
Lab
15:36
Watch
Day 13
Subnetting (Part 1)
Lecture
28:54
Watch
Day 14
Subnetting (Part 2)
Lecture
24:47
Watch
Day 15
Subnetting (Part 3 - VLSM)
Lecture
23:53
Watch
Subnetting (VLSM)
Lab
14:59
Watch
Day 16
VLANs (Part 1)
Lecture
23:45
Watch
VLANs (Part 1)
Lab
11:02
Watch
Day 17
VLANs (Part 2)
Lecture
40:01
Watch
VLANs (Part 2)
Lab
23:23
Watch
Day 18
VLANs (Part 3)
Lecture
32:32
Watch
VLANs (Part 3)
Lab
25:19
Watch
Day 19
DTP/VTP
Lecture
37:34
Watch
DTP/VTP
Lab
18:47
Watch
Day 20
Spanning Tree Protocol (Part 1)
Lecture
38:39
Watch
Analyzing STP
Lab
18:55
Watch
Day 21
Spanning Tree Protocol (Part 2)
Lecture
42:18
Watch
PortFast (STP Toolkit)
Lecture
17:34
Watch
BPDU Guard & BPDU Filter
Lecture
24:24
Watch
Root Guard
Lecture
19:44
Watch
Loop Guard
Lecture
18:49
Watch
Configuring STP (PVST+)
Lab
17:09
Watch
Day 22
Rapid Spanning Tree Protocol
Lecture
43:01
Watch
Rapid STP
Lab
19:50
Watch
Day 23
EtherChannel
Lecture
41:33
Watch
Configuring EtherChannel
Lab
25:03
Watch
Day 24
Dynamic Routing
Lecture
44:38
Watch
Floating Static Routes
Lab
23:20
Watch
Day 25
RIP & EIGRP
Lecture
43:42
Watch
Configuring EIGRP
Lab
26:14
Watch
Day 26
OSPF Part 1
Lecture
39:40
Watch
Configuring OSPF (1)
Lab
22:07
Watch
Day 27
OSPF Part 2
Lecture
36:55
Watch
Configuring OSPF (2)
Lab
22:10
Watch
Day 28
OSPF Part 3
Lecture
47:53
Watch
Configuring OSPF (3)
Lab
21:25
Watch
Day 29
First Hop Redundancy Protocols (FHRP)
Lecture
40:25
Watch
Configuring HSRP
Lab
22:01
Watch
Day 30
TCP & UDP
Lecture
33:59
Watch
Wireshark Demo (TCP/UDP)
Lab
11:15
Watch
Day 31
IPv6 Part 1
Lecture
39:26
Watch
Configuring IPv6 (Part 1)
Lab
18:02
Watch
Day 32
IPv6 Part 2
Lecture
39:33
Watch
Configuring IPv6 (Part 2)
Lab
21:02
Watch
Day 33
IPv6 Part 3
Lecture
43:50
Watch
Configuring IPv6 (Part 3)
Lab
19:17
Watch
Day 34
Standard ACLs
Lecture
46:51
Watch
Standard ACLs
Lab
27:01
Watch
Day 35
Extended ACLs
Lecture
40:55
Watch
Extended ACLs
Lab
22:08
Watch
Day 36
CDP & LLDP
Lecture
39:23
Watch
CDP & LLDP
Lab
24:37
Watch
Day 37
NTP
Lecture
42:46
Watch
NTP
Lab
19:08
Watch
Day 38
DNS
Lecture
30:11
Watch
DNS
Lab
17:31
Watch
Day 39
DHCP
Lecture
37:02
Watch
DHCP
Lab
17:49
Watch
Day 40
SNMP
Lecture
29:21
Watch
SNMP
Lab
13:37
Watch
Day 41
Syslog
Lecture
27:58
Watch
Syslog
Lab
14:03
Watch
Day 42
SSH
Lecture
31:07
Watch
SSH
Lab
15:50
Watch
Day 43
FTP & TFTP
Lecture
30:55
Watch
FTP & TFTP
Lab
15:36
Watch
Day 44
NAT (Part 1)
Lecture
32:10
Watch
Static NAT
Lab
14:12
Watch
Day 45
NAT (Part 2)
Lecture
29:40
Watch
Dynamic NAT
Lab
15:01
Watch
Day 46
QoS (Part 1)
Lecture
32:33
Watch
Voice VLANs
Lab
20:18
Watch
Day 47
QoS (Part 2)
Lecture
41:46
Watch
QoS
Lab
15:41
Watch
Day 48
Security Fundamentals
Lecture
38:40
Watch
Kali Linux Demo
Lab
10:25
Watch
Day 49
Port Security
Lecture
34:28
Watch
Port Security
Lab
17:03
Watch
Day 50
DHCP Snooping
Lecture
28:23
Watch
DHCP Snooping
Lab
15:41
Watch
Day 51
Dynamic ARP Inspection
Lecture
32:50
Watch
Dynamic ARP Inspection
Lab
20:53
Watch
Day 52
LAN Architectures
Lecture
28:06
Watch
STP & FHRP Synchronization
Lab
19:11
Watch
Day 53
WAN Architectures
Lecture
37:34
Watch
GRE Tunnels
Lab
22:04
Watch
Day 54
Virtualization & Cloud (Part 1)
Lecture
38:41
Watch
Containers (Part 2)
Lecture
13:33
Watch
VRF (Part 3)
Lecture
18:03
Watch
Oracle VirtualBox
Lab
8:43
Watch
Day 55
Wireless Fundamentals
Lecture
35:57
Watch
Day 56
Wireless Architectures
Lecture
38:21
Watch
Day 57
Wireless Security
Lecture
33:53
Watch
Day 58
Wireless Configuration
Lecture
46:38
Watch
Wireless LANs
Lab
17:28
Watch
Day 59
Intro to Network Automation (Part 1)
Lecture
33:27
Watch
AI & Machine Learning (Part 2)
Lecture
41:49
Watch
Day 60
JSON, XML, & YAML
Lecture
28:56
Watch
Day 61
REST APIs (Part 1)
Lecture
31:45
Watch
REST API Authentication (Part 2)
Lecture
29:15
Watch
Day 62
Software-Defined Networking
Lecture
28:19
Watch
Day 63
Ansible, Puppet, & Chef (Part 1)
Lecture
21:33
Watch
Terraform (Part 2)
Lecture
22:29
Watch
Final
CCNA Mega Lab!
Lab
2:38:50
Watch

Day 1: Network Devices and Fundamentals
CCNA 200-301 Study Guide: Fundamental Concepts & Tools
The Cisco Certified Network Associate (CCNA) certification is a foundational credential in the networking industry. Achieving CCNA status validates your ability to install, operate, and troubleshoot modern enterprise networks.
1.0 The CCNA 200-301 Certification: An Overview
1.1 Deconstructing the Exam
The CCNA 200-301 is a comprehensive test assessing a broad range of networking knowledge.
Attribute
Details
Exam Code
200-301
Duration
Approximately 120 minutes
Question Count
50–60 questions
Passing Score
Approximately 85%
Prerequisites
None (CompTIA A+ and Network+ knowledge recommended)
Registration
Pearson VUE
1.2 Core Knowledge Domains
Study time should be allocated in proportion to these weights:
Network Fundamentals (20%): Components, topology, cabling, IPv4/IPv6, and virtualization.
Network Access (26%): VLANs, STP, EtherChannel, and Cisco Wireless/WLAN.
IP Connectivity (25%): Routing tables, packet forwarding, and OSPFv2.
IP Services (10%): NAT, NTP, DHCP, DNS, SNMP, and SSH.
Security Fundamentals (15%): Device access control, VPNs, ACLs, and wireless security.
Automation and Programmability (10%): Controller-based networking, APIs, Puppet, Chef, and Ansible.
1.3 Evolution of Cisco Certification
In February 2020, Cisco streamlined its certification path:
Technician (CCT): Entry point for hands-on support.
Associate (CCNA): The industry benchmark for network professionals.
Professional (CCNP): Specialization (Enterprise, Security, Data Center, etc.).
Expert (CCIE): Expert-level skills validation.
Architect (CCAr): The highest level; involves defending a complex design before a committee.
2.0 Foundational Networking Concepts
2.1 Defining the Network
Network: A collection of connected devices (computers, servers, switches) sharing resources.
Collision Domain: A network segment where data frames can collide. Layer 2 switches mitigate this by creating a separate collision domain for each port (micro-segmentation).
Broadcast Domain: A logical division where all devices can reach each other via Layer 2 broadcast. Routers are the primary devices used to segment these domains.
2.2 Device Roles and Functions
Role
Primary Function
Endpoints
Source or destination for traffic (PCs, Laptops, IP Phones).
Servers
Provide services and resources (File storage, Web hosting, Apps).
3.0 Essential Network Hardware
3.1 Layer 2 Switches
Function: Provides connectivity for devices on a LAN. Forwards data based on MAC addresses.
Operations: Switches build a MAC address table to perform forwarding, filtering, or flooding.
Performance: Eliminates collisions through micro-segmentation.
3.2 Layer 3 Routers
Function: Connects disparate networks and makes forwarding decisions based on IP addresses.
Decision-making: Uses a routing table to find the best path based on "longest prefix match" and "administrative distance."
3.3 Firewalls
Function: Monitors and filters traffic based on security rules.
Capability: Uses stateful packet inspection to track the state of active TCP connections.
4.0 Strategic Study Resources & Preparation
4.1 Recommended Materials
Core Study Guides: Understanding Cisco Networking Technologies (Vol. 1) and CCNA Certification Study Guide (Vol. 2) by Todd Lammle.
Practice Tests: CCNA Certification Practice Tests: Exam 200-301 (1,200 questions).
4.2 Proven Exam Techniques
Read Carefully: "Read twice, answer once."
Use Elimination: Rule out obviously incorrect choices first.
No Backtracking: The current format does not allow you to change previous answers. Double-check before clicking "Next."
Command Syntax: Cisco IOS allows abbreviations (e.g., sh run for show running-config).
4.3 Post-Exam Process
Immediate Notification: Pass/Fail status is displayed on-screen immediately.
Score Report: Provided by the administrator, detailed by section.
Official Confirmation: Typically arrives within 2–4 weeks.
 

Day 2: Interfaces and Cables
CCNA 200-301 Study Guide: Physical Interfaces and Cabling
1.0 The Foundation of Networking: The Physical Layer
While often overlooked in favor of more complex topics like routing and switching, the Physical Layer is the fundamental building block upon which all network communication depends. If the physical connection is flawed, no amount of configuration at higher layers can compensate.
Its strategic importance is reflected in the CCNA curriculum under the "Network Fundamentals" domain, which constitutes 20% of the total exam score. Mastery of this layer involves developing a diagnostic mindset to solve common connectivity problems.
This guide addresses the following CCNA exam objectives:
1.3: Compare physical interface and cabling types (Fiber, Copper, Connections).
1.4: Identify interface and cable issues (collisions, errors, duplex/speed mismatches).
2.0 Core Concepts: Bits, Bytes, and Network Speed
Understanding the difference between bits and bytes is essential for evaluating network performance correctly.
Bit: The smallest unit of data, represented as a binary 1 or 0.
Byte: A group of 8 bits.
Measurement Standard: Network bandwidth is measured in bits per second (bps), while storage is measured in Bytes (B).
Network Speed Unit Conversions
Abbreviation
Name
Equivalent
Kbps
Kilobits per second
1,000 bps
Mbps
Megabits per second
1,000,000 bps
Gbps
Gigabits per second
1,000,000,000 bps
Tbps
Terabits per second
1,000,000,000,000 bps
3.0 Copper Cabling: The Workhorse of Ethernet
Unshielded Twisted Pair (UTP) is the most ubiquitous form of network media. It is defined by the IEEE 802.3 standards.
Physical Characteristics of UTP
Shielding: "Unshielded" means it lacks metallic foil, making it susceptible to Electromagnetic Interference (EMI).
Twisted Pairs: Wires are twisted to cancel out EMI and reduce crosstalk.
Connector: Uses an 8-pin RJ-45 connector.
Distance Limitation: Maximum effective distance of 100 meters.
Duplex: Modern copper Ethernet operates in Full-Duplex (simultaneous send/receive), eliminating collisions.
Common Ethernet Standards (Copper)
Speed
Common Name
IEEE Standard
Cable Cat
Pairs Used
100 Mbps
Fast Ethernet
802.3u
Cat5
2
1 Gbps
Gigabit Ethernet
802.3ab
Cat5e
4
10 Gbps
10 Gigabit Ethernet
802.3an
Cat6/6a
4
4.0 Wiring Schemes, Pinouts, and Device Connections
You must understand how devices transmit (TX) and receive (RX) data on specific pins.
Device Grouping (MDI vs. MDI-X)
Group A (MDI): Transmit on pins 1 and 2. (PCs, Routers, Wireless APs).
Group B (MDI-X): Transmit on pins 3 and 6. (Switches, Hubs).
Cable Selection
Straight-Through Cable: Connects devices from different groups (e.g., PC to Switch). Pins are wired 1-to-1.
Crossover Cable: Connects devices from the same group (e.g., Switch to Switch). Pin 1 is swapped with 3; Pin 2 is swapped with 6.
Auto MDI-X: A modern feature that automatically detects and adjusts pinouts, allowing straight-through cables to be used for almost any connection.
5.0 Fiber Optic Cabling: For Speed and Distance
Fiber optics transmit data using pulses of light through a glass or plastic core. It is immune to EMI and supports much longer distances than copper.
Feature
UTP (Copper)
Fiber Optic
Cost
Low
High
Max Distance
Short (100m)
Long (Up to 100km)
EMI Immunity
Low
High (Total)
Security
Low
High
Fiber Optic Types
Multimode (MMF):
Source: LED.
Core: Wider, allowing multiple paths (modes) of light.
Use Case: Short distances (building/campus), typically up to 550m.
Single-mode (SMF):
Source: Laser.
Core: Narrow, allowing only one path of light.
Use Case: Long-haul (cities/ISPs), reaching many kilometers.
Common Fiber Optic Standards
Speed
Standard
Fiber Type
Max Distance
1 Gbps
1000Base-LX
SMF/MMF
5km (SMF) / 550m (MMF)
1 Gbps
1000Base-SX
MMF
550m
10 Gbps
10GBase-LR
SMF
10km
10 Gbps
10GBase-SR
MMF
300m
6.0 Physical Layer Troubleshooting Checklist
When a link is down, follow this systematic framework:
Distance: Check if the run exceeds 100m for copper.
Cable Type: Ensure the correct cable (Straight-through vs. Crossover) is used if Auto MDI-X is disabled.
Media Mismatch: Ensure MMF cables are not plugged into SMF optics.
Interface Status: Check for speed/duplex mismatches. A mismatch can lead to late collisions, high error counts, and degraded performance.
Exam Quick Reference
PC to Switch: Straight-Through.
Switch to Switch: Crossover.
Router to Router: Crossover.
Copper Limit: 100 meters.
High EMI Environment: Use Fiber.
Short Distance Fiber: Multimode (MMF).
Long Distance Fiber: Single-mode (SMF).

Day 3: OSI Model and TCP/IP Suite
CCNA 200-301 Study Guide: Networking Models & Data Encapsulation
Understanding the structure, scope, and rules of the CCNA 200-301 exam is the foundational first step toward successful certification. This guide explores the conceptual models that govern all data communication.
1.0 The CCNA 200-301 Exam Landscape
1.1 Key Exam Metrics
Familiarizing yourself with the core metrics of the exam will help you manage your time effectively.
Attribute
Details
Exam Code
200-301
Duration
120 minutes
Question Count
Approximately 50–60
Passing Score
Approximately 85%
Formats
Multiple-choice, drag-and-drop, router simulations
Mentor's Note: With 120 minutes for roughly 60 questions, you have about two minutes per question. Do not get bogged down in a single simulation; they test both knowledge and speed.
1.2 Core Knowledge Domains
Domain
Weight
Key Topics
Network Fundamentals
20%
Routers, switches, cabling, IPv4/IPv6
Network Access
26%
VLANs, trunks, STP (RSTP), EtherChannel
IP Connectivity
25%
Routing tables, static routing, OSPFv2
IP Services
10%
NAT, DHCP, DNS, SNMP, QoS, SSH
Security Fundamentals
15%
VPNs, ACLs, Layer 2 security
Automation
10%
APIs (REST), SDN, JSON
2.0 The Foundation: Why Networking Models Matter
Standardized networking models provide a vendor-neutral framework, ensuring that devices from different manufacturers (e.g., Cisco and Juniper) can interoperate.
2.1 Core Terminology
Protocol: A set of logical rules defining how devices communicate (the "grammar" of the conversation).
Standard: An agreed-upon specification that ensures interoperability (e.g., Ethernet or Wi-Fi).
2.2 Key Standards Organizations
IEEE: Focuses on LAN and Physical layer standards (e.g., 802.3 Ethernet, 802.11 Wi-Fi).
IETF: Focuses on Internet protocols (e.g., TCP/IP, HTTP), documented as RFCs (Requests for Comments).
3.0 The OSI Model: A Theoretical Framework
The Open Systems Interconnection (OSI) model is a 7-layer conceptual framework. It provides a precise vocabulary for discussing network functions and troubleshooting.
The 7 Layers of the OSI Model
Layer
Name
Function & Examples
7
Application
Interface for network applications (HTTP, FTP, SMTP).
6
Presentation
Data formatting, encryption, and compression (JPEG, SSL).
5
Session
Manages dialogues/sessions between applications.
4
Transport
End-to-end communication and reliability (TCP, UDP).
3
Network
Logical addressing (IP) and path determination (Routing).
2
Data Link
Physical addressing (MAC), framing, and error detection.
1
Physical
Transmission of raw bits over physical media (Fiber, Copper).
Mnemonic: Please Do Not Throw Sausage Pizza Away (Physical to Application).
4.0 The TCP/IP Model: The Practical Standard
The TCP/IP model is the implemented framework used by the modern internet. It condenses the OSI model into fewer layers.
TCP/IP Layer
OSI Equivalent
Core Function
Key Protocols
Application
7, 6, 5
Process-to-process communication
HTTP, DNS, SMTP
Transport
4
End-to-end delivery via Ports
TCP, UDP
Internet
3
Routing packets across networks
IPv4, IPv6, ICMP
Network Access
2, 1
Local delivery and signaling
Ethernet, Wi-Fi
5.0 Data Flow: Encapsulation & Decapsulation
Encapsulation is the process of wrapping data with protocol information (headers) as it moves down the stack.
5.1 Protocol Data Units (PDUs)
Memorize these terms for the exam. Each layer's "chunk" of data has a specific name:
Layer 4 PDU: Segment (TCP) or Datagram (UDP).
Layer 3 PDU: Packet.
Layer 2 PDU: Frame.
Layer 1 PDU: Bit.
Payload: The data content carried inside a PDU from the layer above.
5.2 The Step-by-Step Flow
Encapsulation (Sending): Data moves from Layer 7 down to Layer 1. Each layer adds a header (and Layer 2 adds a trailer for error checking).
Decapsulation (Receiving): Data moves from Layer 1 up to Layer 7. Each layer strips off its corresponding header after processing the control information.
6.0 Key Layer Functions and Addressing Schemes
6.1 Layer 4: The Transport Layer
Uses Port Numbers to distinguish between different applications (e.g., HTTP = Port 80).
TCP: Connection-oriented, reliable, uses a three-way handshake.
UDP: Connectionless, "fire-and-forget," low overhead, ideal for voice/video.
6.2 Layer 3: The Network Layer
Responsible for moving data across different logical networks (Routing).
Addressing: Uses IP Addresses (Global scope).
Device: Routers are the primary Layer 3 devices.
6.3 Layer 2: The Data Link Layer
Responsible for delivery between two devices on the same local segment (Hop-to-Hop).
Addressing: Uses MAC Addresses (Local scope).
Device: Switches are the primary Layer 2 devices.
Error Detection: Uses the Frame Check Sequence (FCS) in the trailer.
7.0 The Mail System Analogy
Application (The Letter): The actual message.
Transport (The Recipient): The specific person the letter is for (Port Number).
Network (The Address): The street, city, and zip code (IP Address).
Data Link (The Truck): The local delivery from mailbox to post office (MAC Address/Hop).
Physical (The Road): The actual cables/wires (Media).
8.0 CCNA Exam Quick Reference
Core Addressing Summary
Layer
Address Type
Scope / Purpose
Layer 4
Port Number
Identifies specific Application/Process.
Layer 3
IP Address
Logical address used for Global routing.
Layer 2
MAC Address
Physical address used for Local delivery.

Day 4: Introduction to the CLI
CCNA 200-301 Study Guide: Device Management & CLI Fundamentals
Mastering initial device access and Command-Line Interface (CLI) navigation is the foundation for all network configuration, troubleshooting, and security hardening. These skills are central to Domain 1.0 (Network Fundamentals) and Domain 5.0 (Security Fundamentals).
1.0 Establishing the Initial Console Connection
Before network-based protocols (SSH/Telnet) can be used, you must establish "out-of-band" access. This is the only reliable method for managing unconfigured devices.
1.1 Physical Hardware and Cabling
Console Port: A dedicated management port (RJ-45 or USB mini-B).
Rollover Cable: A specialized cable with reversed pinouts designed for serial communication.
USB-to-Serial Adapter: Required for modern PCs lacking native DB9 serial ports.
Critical Note: A rollover cable is electrically incompatible with standard Ethernet signaling. Using a standard Ethernet cable in a console port will not work and may cause hardware damage.
1.2 Terminal Emulator Configuration
Use an application like PuTTY or Tera Term with the following precise serial settings:
Setting
Value
Baud Rate (Speed)
9600 bps
Data Bits
8
Parity
None
Stop Bits
1
Flow Control
None
2.0 Mastering the Cisco IOS CLI
The Cisco Internetwork Operating System (IOS) uses a hierarchical mode structure to prevent accidental configuration errors by restricting sensitive commands to specific modes.
2.1 The Hierarchy of CLI Modes
Mode Name
Prompt
Access Method
Core Function
User EXEC
Router>
Default on login.
Basic monitoring/connectivity tests.
Privileged EXEC
Router#
enable
Full "show" commands, file mgmt, reloads.
Global Config
Router(config)#
configure terminal
Commands affecting the entire device.
Interface Config
Router(config-if)#
interface [type/id]
Specific interface settings (IP, Speed).
2.2 Navigation & Productivity Shortcuts
Command/Shortcut
Purpose and Operational Impact
exit
Moves back one level in the hierarchy.
end or Ctrl+Z
Immediately returns to Privileged EXEC mode.
?
Context-sensitive help; lists available commands/options.
Tab
Command completion; also verifies correct syntax.
do
Executes a Privileged EXEC command from configuration modes.
3.0 Core Device Configuration and Security
3.1 Establishing Identity and Access
Hostname: Use hostname [Name] in Global Config to identify the device.
Securing Privileged Access:
enable password: Insecure. Stores password in plain text. Do not use.
enable secret: Best Practice. Stores password as a strong cryptographic hash.
Precedence Rule: If both are configured, the device always enforces the enable secret and ignores the plain-text password.
3.2 Password Obfuscation & Reversal
service password-encryption: Applies weak, reversible encryption to plain-text passwords to prevent "shoulder surfing."
The no Command: Prefix any command with no to remove or reverse it (e.g., no hostname).
4.0 Managing and Saving Configuration Files
It is vital to distinguish between active (volatile) memory and permanent storage.
4.1 The Two Key Configuration Files
File Type
Storage Location
Persistence
View Command
Running Configuration
RAM
Volatile: Lost on power loss.
show running-config
Startup Configuration
NVRAM
Non-Volatile: Persists on reboot.
show startup-config
4.2 Persisting Changes
To save active changes, you must copy the running configuration to the startup configuration:
copy running-config startup-config
5.0 Study Summary: Critical Recall
Console Settings: 9600, 8, N, 1 (8-N-1).
Access Escalation: User EXEC $\rightarrow$ enable $\rightarrow$ Privileged EXEC $\rightarrow$ conf t $\rightarrow$ Global Config.
Encryption Best Practice: Always use enable secret over enable password.
Final Step: Always perform a copy run start before exiting your session to ensure changes survive a reboot.

Days 5, 6: Ethernet LAN Switching
CCNA 200-301 Study Guide: Ethernet Switching and ARP
1.0 Ethernet's Role in the LAN: Layer 2 Fundamentals
Ethernet is the foundational technology for modern Local Area Networks (LANs). It defines how devices connect and communicate within a local environment across Layers 1 and 2 of the OSI model.
Layers of Operation
Layer 1 (Physical): Defines cabling (Fiber, UTP), connectors (RJ-45), and electrical/optical signaling.
Layer 2 (Data Link): Establishes media access rules and physical addressing via MAC addresses.
The Function of a Network Switch
Switches are Layer 2 devices that make intelligent forwarding decisions, creating a more efficient network than legacy hubs.
Concept
Definition
Switch Impact
Collision Domain
A network section where packets can collide if sent simultaneously.
Each switch port is a separate collision domain. In full-duplex, collisions are eliminated.
Broadcast Domain
The area where a broadcast frame (sent to all) is propagated.
Switches forward broadcasts out all ports. Only routers (Layer 3) segment broadcast domains.
Duplex Communication Modes
Half-Duplex: One-way communication at a time. Uses CSMA/CD to manage collisions. (Legacy/Hubs).
Full-Duplex: Simultaneous two-way communication. Standard in modern switching; eliminates collisions.
2.0 Anatomy of an Ethernet Frame
The Ethernet frame is the Layer 2 Protocol Data Unit (PDU). The standard Ethernet II frame structure is detailed below:
Field
Size
Description
Preamble
7 Bytes
Alternating 1s and 0s for clock synchronization.
SFD
1 Byte
Start Frame Delimiter; signals the start of the Destination MAC.
Destination MAC
6 Bytes
Address of the recipient. FFFF.FFFF.FFFF indicates a broadcast.
Source MAC
6 Bytes
Address of the sender. Used by switches to learn device locations.
Type / Length
2 Bytes
Value $\ge 1536$ = Type (e.g., 0x0800 for IPv4). Value $\le 1500$ = Length.
Data (Payload)
46–1500 B
Encapsulated Layer 3 packet. Padding added if $< 46$ bytes.
FCS
4 Bytes
Frame Check Sequence; uses CRC to detect transmission errors.
3.0 Understanding MAC Addressing
A Media Access Control (MAC) address is a 48-bit (6-byte) unique physical identifier "burned into" the NIC.
Format: 12 Hexadecimal characters (e.g., 000C.29B0.119D).
MAC Address Structure
OUI (Organizationally Unique Identifier): The first 3 bytes. Assigned by the IEEE to manufacturers (e.g., Cisco, Intel).
NIC Specific: The last 3 bytes. A unique serial number assigned by the manufacturer.
4.0 The Core Logic of an Ethernet Switch
Switches use a MAC Address Table (also known as the CAM Table) to map MAC addresses to physical ports.
A. The Learning Process
Switch receives a frame.
Inspects the Source MAC.
Records the MAC and the incoming port in the table.
Aging: Entries are removed after 300 seconds (default) if no new traffic is seen from that MAC.
B. The Forwarding Process
Decision based on the Destination MAC:
Destination Type
Condition
Action
Known Unicast
MAC is in the table.
Forward out the specific port only.
Unknown Unicast
MAC is NOT in the table.
Flood: Send out all ports except the source.
Broadcast
MAC is FFFF.FFFF.FFFF.
Flood: Send out all ports except the source.
Multicast
MAC starts with 0100.5E.
Flood (unless IGMP Snooping is active).
C. Internal Switching Methods
Store-and-Forward: Receives entire frame, checks CRC (error check), then forwards. Most reliable.
Cut-Through: Forwards as soon as the Destination MAC is read. Fastest, but forwards errors.
Fragment-Free: Buffers the first 64 bytes (where most collisions occur) before forwarding.
5.0 Bridging the Gap: Address Resolution Protocol (ARP)
ARP resolves a known Layer 3 IP address to an unknown Layer 2 MAC address.
ARP Request: A broadcast (FFFF.FFFF.FFFF) asking "Who has IP X.X.X.X?"
ARP Reply: A unicast response from the target device providing its MAC address.
ARP Cache: Devices store these mappings locally to avoid repeated broadcasts.
Cisco Check: show arp
Windows Check: arp -a
6.0 Practical Verification (Cisco IOS)
MAC Table Commands
show mac address-table: Displays the CAM table.
clear mac address-table dynamic: Flushes all learned entries.
clear mac address-table dynamic interface [ID]: Flushes entries for a specific port.
Ping Output Symbols
!: Success (ICMP Echo Reply received).
.: Timeout (Commonly seen on the first ping due to ARP resolution delay).
U: Unreachable (Routing error; no path to the destination).
7.0 Synthesis: The Operational Loop
Host A wants to talk to Host B (IP known, MAC unknown).
Host A sends an ARP Request (Broadcast).
Switch learns Host A's MAC and floods the ARP Request.
Host B sends an ARP Reply (Unicast).
Switch learns Host B's MAC and forwards the reply to Host A.
Host A encapsulates the data in a frame and sends it; the Switch performs Known Unicast forwarding.

Days 7, 8: IPv4
CCNA 200-301 Study Guide: IPv4 and Core Router Configuration
1.0 Introduction
This guide covers Layer 3 fundamentals, IPv4 addressing, and core router configuration. These topics align with the Network Fundamentals (20%) and IP Connectivity (25%) domains of the CCNA 200-301 exam.
2.0 Layer 3 Fundamentals: The Role of the Router
The Network Layer (Layer 3) provides logical addressing and path determination across different network segments.
Key Characteristics of a Router
Path Selection: Uses a Routing Table to determine the most efficient path for packets.
Broadcast Domain Boundary: Routers do not forward broadcasts by default. Each interface is a separate broadcast domain.
Interface Default State: Unlike switches, Cisco router interfaces are administratively down by default. They require the no shutdown command to function.
3.0 Deconstructing the IPv4 Address
An IPv4 address is a 32-bit logical identifier represented in Dotted Decimal Notation (e.g., 192.168.1.1).
3.1 Structure
Network Portion: Identifies the specific subnet.
Host Portion: Identifies the specific device on that subnet.
3.2 Binary Foundations
The octet (8 bits) serves as the fundamental building block of IPv4 addressing. Each bit position within an octet corresponds to a specific power of 2 ($2^n$), decreasing from left to right.
Positional Values Table
Bit Position
7
6
5
4
3
2
1
0
Power of 2
2^7
2^6
2^5
2^4
2^3
2^2
2^1
2^0
Decimal Value
128
64
32
16
8
4
2
1
TL;DR: An octet represents values from 0 to 255. To calculate a decimal value, sum the decimal weights of every bit set to "1".
Examples:
192 in binary: 11000000 ($128 + 64$)
255 in binary: 11111111 (All bits on)
4.0 IPv4 Address Classification (Classful System)
While modern networks use CIDR (Classless), understanding the original classes is essential for the exam.
Class
Range (1st Octet)
Default Mask
Hosts per Network
Use Case
A
1 – 126
255.0.0.0 (/8)
16,777,214
Very Large Networks
B
128 – 191
255.255.0.0 (/16)
65,534
Medium/Large Networks
C
192 – 223
255.255.255.0 (/24)
254
Small Networks
D
224 – 239
N/A
N/A
Multicast
E
240 – 255
N/A
N/A
Experimental
5.0 Private vs. Public Addressing (RFC 1918)
Private addresses are used internally and are not routable on the public internet.
5.1 RFC 1918 Private Ranges
Class A: 10.0.0.0 – 10.255.255.255
Class B: 172.16.0.0 – 172.31.255.255
Class C: 192.168.0.0 – 192.168.255.255
5.2 Special Reserved Ranges
Loopback: 127.0.0.1 (Tests the local TCP/IP stack).
APIPA: 169.254.0.0/16 (Self-assigned when DHCP fails).
6.0 Essential Network Calculations
6.1 Reserved Addresses in a Subnet
Network Address: The first address (all host bits are 0). Identifies the subnet.
Broadcast Address: The last address (all host bits are 1). Used to communicate with all hosts on the subnet.
6.2 Calculating Usable Hosts
To find the number of usable host IPs:
$$2^h - 2$$
(Where $h$ is the number of host bits. The $-2$ accounts for the Network and Broadcast addresses.)
7.0 Core Cisco IOS Router Configuration
7.1 Basic Configuration Workflow
Router> enable                                        # Enter Privileged EXEC mode
Router# configure terminal                            # Enter Global Configuration mode
Router(config)# interface GigabitEthernet0/0/0        # Enter Interface mode
Router(config-if)# ip address 192.168.1.1 255.255.255.0 # Assign IP/Mask
Router(config-if)# description Link to LAN-SWITCH-01   # Optional Label
Router(config-if)# no shutdown                         # Enable the interface
Router(config-if)# end                                 # Exit to Privileged EXEC
Router# copy running-config startup-config            # Save to NVRAM
7.2 CLI Shortcuts
do: Execute EXEC commands from config modes (e.g., do show ip int brief).
no: Negates a command (e.g., no shutdown to enable, no ip address to remove).
8.0 Verification and Troubleshooting
Command
Purpose
show ip interface brief
Concise summary of IP, status (Up/Down), and Protocol.
show interfaces
Detailed stats, error counters (CRC, Collisions), and Layer 1/2 health.
show running-config
View the current active config in RAM.
ping
Tests end-to-end Layer 3 connectivity.
9.0 Key Takeaways for the Exam
Binary: You must be able to convert between decimal and binary quickly.
Default Off: Always remember no shutdown for routers.
Volatile Memory: Configurations in RAM are lost on reboot; always copy run start.
Subnetting: Never assign the Network or Broadcast addresses to a host.

Day 9: Switch Interfaces
CCNA 200-301 Study Guide: Switch Interface Configuration & Troubleshooting
Introduction: Mastering the Fundamentals of Network Access
The configuration of Layer 2 switchports is a fundamental skill for network professionals. It represents the point of entry for all devices into the network. This guide covers default states, speed/duplex negotiation, collision domains, and essential troubleshooting commands.
CCNA Exam Objectives Covered:
1.1: Role and function of network components (Switches)
1.4: Identify interface and cable issues (collisions, errors, duplex/speed mismatch)
2.1: Configure and verify Layer 2 protocols (Switching)
1.0 Default Interface States: Routers vs. Switches
Cisco devices have different default behaviors based on their role. Switches are generally "plug-and-play," while routers follow a "security-first" approach.
1.1 Comparative Analysis of Default Settings
Feature
Router Interface
Switch Interface
Default State
Disabled (shutdown)
Enabled (no shutdown)
Status (Unplugged)
administratively down / down
down / down
Status (Connected)
up / up (after manual enable)
up / up (immediate)
Security Practice
Enable only necessary ports.
Shutdown all unused ports.
Security Note: Because switchports are active by default, an unauthorized user can gain network access just by plugging in. Always manually disable unused ports.
2.0 Mastering Speed and Duplex Settings
Speed: The data rate (10, 100, 1000 Mbps).
Duplex: The direction of flow (Half = one way at a time; Full = simultaneous).
2.1 The Autonegotiation Process
By default, ports use autonegotiation to find the highest common denominator for speed and duplex. If a 1 Gbps port connects to a 100 Mbps port, they agree on 100 Mbps/Full.
2.2 The Duplex Mismatch
A mismatch occurs when one side is hardcoded (manual) and the other is set to Auto. The "Auto" side disables negotiation and must guess:
Speed: Sensed via electrical signal (usually successful).
Duplex Rule:
If Speed = 10 or 100 Mbps $\rightarrow$ Default to Half-Duplex.
If Speed = 1000 Mbps or higher $\rightarrow$ Default to Full-Duplex.
Result: A 100 Mbps link where one side is Full and the other defaults to Half causes massive Late Collisions and CRC errors.
3.0 Understanding Collision Domains and CSMA/CD
Device
Collision Domain Logic
Duplex Capability
Hub (Layer 1)
All ports share one collision domain.
Half-Duplex only.
Switch (Layer 2)
Each port is a separate collision domain.
Full-Duplex capable.
3.1 The Role of CSMA/CD
Carrier Sense Multiple Access with Collision Detection manages media access in Half-Duplex environments.
Full-Duplex: Collisions are impossible; CSMA/CD is disabled.
Half-Duplex: Devices must listen before talking; CSMA/CD is enabled.
4.0 Verification and Troubleshooting
4.1 Essential "show" Commands
Command
Purpose
show ip interface brief
High-level status: Status (L1) and Protocol (L2).
show interfaces status
(Switch only) Tabular view of VLAN, Speed, and Duplex.
show interfaces <id>
Detailed counters and error statistics.
4.2 Interpreting Error Counters
Runts: Frames $< 64$ bytes. Often caused by collisions.
Giants: Frames $> 1518$ bytes.
CRC: Checksum failure. Indicates corrupted data, usually due to bad cabling or EMI.
Late Collisions: Occur after the first 64 bytes. The primary indicator of a duplex mismatch or excessive cable length ($> 100$m).
5.0 CLI Configuration Command Reference
5.1 Basic Interface Setup
SW1(config)# interface g0/1
SW1(config-if)# description ## Connection to Server_01 ##
SW1(config-if)# speed 100           # Manual speed: 10, 100, 1000
SW1(config-if)# duplex full         # Manual duplex: full, half
SW1(config-if)# shutdown            # Disable port
SW1(config-if)# no shutdown         # Enable port
5.2 Bulk Configuration
SW1(config)# interface range f0/1 - 10, g0/1 - 2
SW1(config-if-range)# description ## User Access Ports ##
SW1(config-if-range)# shutdown
5.3 Saving Configuration
Standard: copy running-config startup-config
Shortcuts: copy run start or write memory (wr)
6.0 Key Takeaways Summary
Defaults: Switchports are no shutdown by default; Router ports are shutdown by default.
Mismatches: If autonegotiation fails at 10/100 Mbps, the auto-side defaults to Half-Duplex.
Troubleshooting: Use show interfaces to find Late Collisions (Mismatch) or CRC Errors (Bad Cable).
CSMA/CD: Only active on Half-Duplex links.

Day 10: IPv4 Header
CCNA 200-301 Study Guide: The IPv4 Header and Layer 3 Operations
1.0 The Role of the Network Layer (Layer 3)
The primary role of the Network Layer is to provide logical addressing and path determination to move data between different networks.
PDU: The Protocol Data Unit at Layer 3 is the Packet.
Exam Weight: This falls under the IP Connectivity domain, representing 25% of the CCNA exam score.
Focus: Understanding how routers interpret routing tables, make forwarding decisions, and establish connectivity.
2.0 Analyzing the IP Routing Table (Exam Obj. 3.1)
The routing table is a router's primary map of the network. Each entry provides the instructions needed to forward a packet toward its final destination.
Components of a Routing Table Entry
Component
Code/Ref
Function
Protocol Code
3.1.a
Identifies how the route was learned (e.g., C: Connected, S: Static, O: OSPF, D: EIGRP).
Prefix
3.1.b
The destination network address.
Network Mask
3.1.c
Defines the size of the network (e.g., /24). Used for "longest match" decisions.
Next Hop
3.1.d
The IP of the next router or the local exit interface.
Admin Distance
3.1.e
The "trustworthiness" of the route source (Lower is better).
Metric
3.1.f
The "cost" calculated by the routing protocol (Lower is better).
Gateway of Last Resort
3.1.g
The Default Route used when no specific match exists.
3.0 Static Route Types (Exam Obj. 3.3)
Static routes are manually configured and are resource-efficient. You must be able to configure and verify these four types:
Default Route: The "Gateway of Last Resort" (usually 0.0.0.0/0). Points to the ISP.
Network Route: A path to a specific destination subnet (e.g., 192.168.10.0/24).
Host Route: A route to a single IP address using a $/32$ mask (IPv4) or $/128$ (IPv6).
Floating Static Route: A backup route with a higher Administrative Distance (AD) than the primary dynamic route. It only appears in the routing table if the primary fails.
4.0 Core Layer 3 Operational Concepts
4.1 The Router's Forwarding Decision Logic (Exam Obj. 3.2)
When a router receives a packet, it uses a strict three-step hierarchical logic to find the "best path":
Longest Prefix Match: The router prefers the most specific route. A match for $/26$ always beats a match for $/24$.
Administrative Distance (AD): If the prefix lengths are identical, the router chooses the source with the lowest AD.
Connected: 0
Static: 1
OSPF: 110
Routing Protocol Metric: If the AD is also identical (same protocol), the path with the lowest calculated cost (metric) is chosen.
4.2 First Hop Redundancy (FHRP) (Exam Obj. 3.5)
The purpose of FHRP is to eliminate the single point of failure inherent in having only one default gateway.
Mechanism: Multiple physical routers act as a single Virtual Router.
Benefit: If the active physical router fails, a standby router takes over the virtual IP address seamlessly, ensuring continuous connectivity for end hosts without manual configuration changes.
5.0 CCNA Exam Quick Reference Summary
IP Connectivity: Domain 3; 25% of the exam.
Selection Hierarchy: Longest Match $\rightarrow$ AD $\rightarrow$ Metric.
OSPFv2: Requires knowledge of neighbor adjacencies and DR/BDR selection.
Static Routing: Know how to configure and verify Network, Host, and Floating routes.
FHRP: Understand its role in providing a resilient default gateway.

Day 11: Routing Fundamentals
CCNA 200-301 Study Guide: IP Routing Fundamentals & Static Routing
1.0 Introduction: The Core of IP Connectivity
IP routing is the Layer 3 function that enables communication across different network segments. It is a major component of the IP Connectivity domain, representing 25% of the CCNA exam.
Layer 2 Switching vs. Layer 3 Routing
Function
Layer 2 Switching
Layer 3 Routing
Primary Role
Forwards traffic within a single LAN/broadcast domain.
Forwards traffic between different IP networks/subnets.
PDU Handled
Frame. Decisions based on Destination MAC.
Packet. Decisions based on Destination IP.
Unknown Destination
Floods the frame to all ports (except source).
Drops the packet if no matching route is found.
2.0 Deconstructing the IP Routing Table
The routing table is a RAM-based map of the network. The command to view it is show ip route.
Routing Table Components
Component
Description
Significance
Source Code
A letter code (e.g., S, C, L, O, R).
Identifies how the route was learned and its trustworthiness.
Destination Network
The remote network prefix and mask.
The "destination" target for incoming packets.
Admin Distance (AD)
A value from 0–255.
Tie-breaker for trustworthiness (Lower is better).
Metric
Path "cost" calculated by the protocol.
Tie-breaker if multiple routes have the same AD.
Next Hop
The IP of the next router in the path.
The immediate next device to receive the packet.
Exit Interface
The local physical/virtual outbound port.
The "door" the packet leaves through.
Automatically Populated Routes
Connected (C): The network segment directly attached to an active interface.
Local (L): A host route ($/32$) for the specific IP assigned to the router's interface.
3.0 The Path Selection Process: A Router's Logic
Routers follow a non-negotiable, three-step hierarchical logic to determine the "Best Path."
Longest Prefix Match (LPM): The router prefers the most specific route (the one with the longest subnet mask).
Example: For destination 10.1.1.5, a /32 route beats a /24 route.
Administrative Distance (AD): If prefix lengths are identical, the router selects the source with the lowest AD.
Connected: 0
Static: 1
OSPF: 110
Metric: If both prefix length and AD are identical, the path with the lowest cost (metric) is chosen.
4.0 Static Routing: Manual Network Navigation
Static routes are manually configured using the ip route command. They are ideal for "Stub" networks with a single exit path.
Advantages
Disadvantages
Low CPU/RAM overhead (no protocol calculations).
Not scalable for large, complex networks.
Highly predictable and explicit traffic flow.
Requires manual intervention for every topology change.
Secure (does not advertise network info).
High administrative effort.
Configuration Methods
Next-Hop IP: Recommended for multi-access (Ethernet) segments.
ip route 10.2.2.0 255.255.255.0 192.168.1.2
Exit Interface: Primarily for point-to-point links.
ip route 10.2.2.0 255.255.255.0 g0/1
Fully Specified: Provides both interface and next-hop; avoids recursive lookups.
ip route 10.2.2.0 255.255.255.0 g0/1 192.168.1.2
5.0 The Default Route: Gateway of Last Resort
The default route acts as a safety net for packets that do not match any other specific entry in the routing table.
Syntax: 0.0.0.0 0.0.0.0 (CIDR notation: /0).
Logic: Because it has a prefix length of zero, it is the least specific route possible and is only used if all other entries fail to match.
Verification: Identified in the routing table by the code S*. The asterisk (*) signifies the active candidate for the gateway of last resort.
6.0 Packet Forwarding Mechanics: L2 and L3 Journey
As a packet travels across routers, its encapsulation changes.
IP Addresses (Layer 3): Remain unchanged from source to destination (unless NAT is applied).
MAC Addresses (Layer 2): Are rewritten at every hop. Each router replaces the source MAC with its own exit interface and the destination MAC with the next hop's address.
The Forwarding Procedure
De-encapsulate: Strip the L2 frame to see the L3 packet.
Lookup: Find the best path in the routing table.
Re-encapsulate: Wrap the packet in a new L2 frame for the next hop.
7.0 Core Troubleshooting for Static Routes
Verify Interface Status: Use show ip interface brief. Interfaces must be up/up. A static route is removed if its exit interface is down.
Confirm Route Presence: Use show ip route. Ensure no typos were made during configuration.
Recursive Lookup Check: The router must have a valid route to the Next-Hop IP for the static route to be installed in the table.
Ensure Route Symmetry: Check that the return path exists on the remote router. Routing is a one-way decision.
8.0 Summary of Key Concepts
LPM is the first rule of routing; specificity always wins.
Static Routes have a default AD of 1.
Connected Routes have the lowest possible AD of 0.
Default Routes handle all otherwise unmatchable traffic and use the /0 mask.

Day 12: Life of a Packet
CCNA 200-301 Study Guide: The Life of a Packet
Introduction: Mastering the Fundamental Journey
The journey of an IP packet is the cornerstone of network engineering. It weaves through multiple high-value exam domains, including Network Fundamentals, Network Access, and IP Connectivity. Understanding how routers and switches interact to move data is essential for both the CCNA exam and real-world troubleshooting.
1.0 Strategic Overview of the CCNA 200-301 (v1.1) Exam
The CCNA 200-301 is a 120-minute assessment covering six major domains. A rock-solid understanding of the first three domains (totaling 71% of the exam) is the key to passing.
Exam Domain Breakdown
Domain
Weight
Key Topics
1.0 Network Fundamentals
20%
Routers/Switches/Firewalls, Topologies (2-tier/3-tier/Spine-Leaf), Cabling, IPv4/IPv6 Subnetting, Virtualization.
2.0 Network Access
26%
VLANs, Trunks (802.1Q), CDP/LLDP, EtherChannel (LACP), Spanning Tree (PVST+), Wireless Architecture (WLC/AP).
3.0 IP Connectivity
25%
Routing Table interpretation, Forwarding Decisions (LPM/AD/Metric), Static Routing, OSPFv2, FHRP.
4.0 IP Services
10%
NAT (Static/Pools), NTP, DHCP, DNS, SNMP, Syslog, SSH, QoS (PHB), TFTP/FTP.
5.0 Security Fundamentals
15%
Threats/Exploits, Access Control Lists (ACLs), Layer 2 Security (DHCP Snooping/DAI), AAA, WPA2/WPA3.
6.0 Automation & Programmability
10%
Controller-based networking, Cisco DNA Center, APIs (REST/CRUD), JSON, Config Management (Puppet/Chef/Ansible).
2.0 The Core Principles of Data Transmission
The "Golden Rules" govern every Layer 3 packet movement across a network.
The Two Golden Rules
IP Addresses Remain Constant: The Source and Destination IP addresses in the packet header are end-to-end identifiers. They do not change as the packet moves through routers (unless NAT is applied).
MAC Addresses Change at Each Hop: MAC addresses are local, next-hop delivery instructions. Every router along the path rewrites the Layer 2 frame header.
Device Roles
Switches (Layer 2): Forward frames within a single segment based on the MAC Address Table. They do not inspect or modify the IP packet inside the frame.
Routers (Layer 3): Act as gatekeepers between networks. They de-encapsulate the frame, inspect the Destination IP, decrement the TTL, and re-encapsulate the packet into a new frame for the next hop.
3.0 ARP: The Bridge Between Layer 3 and Layer 2
The Address Resolution Protocol (ARP) resolves a known Layer 3 IP address to an unknown Layer 2 MAC address.
ARP Request: A broadcast (FFFF.FFFF.FFFF) asking "Who has IP X.X.X.X?"
ARP Reply: A unicast message from the target device providing its MAC address.
ARP Cache: A local table where mappings are stored temporarily to reduce broadcast traffic.
4.0 A Packet's Journey: A Four-Hop Walkthrough
Scenario: PC1 (192.168.1.1) sends a packet to PC4 (192.168.4.1).
Step 1: The Source (PC1 to R1)
Logic: PC1 sees that PC4 is on a different subnet. It must send the packet to its Default Gateway (R1).
Frame 1:
Source IP: 192.168.1.1 | Dest IP: 192.168.4.1
Source MAC: PC1_MAC | Dest MAC: R1_g0/0_MAC
Step 2: The First Hop (R1 to R2)
Logic: R1 receives the frame, strips the L2 header, and looks up 192.168.4.1 in its routing table. It finds the next hop is R2.
Frame 2:
Source IP: 192.168.1.1 | Dest IP: 192.168.4.1
Source MAC: R1_s0/0_MAC | Dest MAC: R2_s0/0_MAC
Step 3: The Intermediate Hop (R2 to R4)
Logic: R2 de-encapsulates, decrements TTL, and finds the path to the 192.168.4.0/24 network via R4.
Frame 3:
Source IP: 192.168.1.1 | Dest IP: 192.168.4.1
Source MAC: R2_s0/1_MAC | Dest MAC: R4_s0/1_MAC
Step 4: The Final Delivery (R4 to PC4)
Logic: R4 sees that 192.168.4.0/24 is a directly connected network. It ARPs for PC4's MAC.
Frame 4:
Source IP: 192.168.1.1 | Dest IP: 192.168.4.1
Source MAC: R4_g0/1_MAC | Dest MAC: PC4_MAC
5.0 Verification and Diagnostic Commands
Host Commands (Windows/Linux)
Command
Purpose
Key Output
ping <IP>
Test L3 connectivity.
Successful replies or timeouts.
arp -a
Display local ARP cache.
IP-to-MAC mappings.
ipconfig /all
Show local IP configuration.
IP, Mask, Gateway, and MAC (Physical Addr).
Cisco IOS Commands
Command
Purpose
Key Output
show ip arp
Display router's ARP table.
Mappings of IPs to MACs on connected segments.
show interface <ID>
View detailed stats.
MAC address and Burned-In Address (BIA).
show ip route
Inspect routing decisions.
Path selection for specific destination IPs.
6.0 Conclusion: Key Takeaways
IP Addresses are for end-to-end delivery.
MAC Addresses are for hop-to-hop delivery.
Routers strip and rebuild Layer 2 frames at every hop.
ARP is the essential glue that allows a device to build a frame when it only knows an IP address.

Days 13, 14, 15: IPv4 Subnetting
CCNA 200-301 Study Guide: Network Fundamentals & IPv4 Subnetting
1.0 Understanding the CCNA 200-301 Exam Landscape
The Cisco Certified Network Associate (CCNA) certification is the industry benchmark for associate-level networking. Mastery of these domains is the first step toward a successful networking career.
Exam Blueprint at a Glance
Attribute
Details
Exam Code
200-301 v1.1
Duration
120 Minutes
Passing Score
Variable (scaled)
Core Knowledge Domains
Network Fundamentals (20%)
Network Access (20%)
IP Connectivity (25%) — The largest and most critical domain.
IP Services (10%)
Security Fundamentals (15%)
Automation and Programmability (10%)
2.0 IPv4 Addressing: The Foundation
An IPv4 address is a 32-bit logical identifier. It is presented in Dotted Decimal Notation (e.g., 192.168.1.1), where 32 bits are divided into four 8-bit octets.
Legacy Classful Addressing
Before CIDR, IP addresses were assigned in rigid blocks. While largely obsolete, these boundaries still inform default behaviors in Cisco IOS.
Class
First Octet Range
Default Mask
Max Usable Hosts
Original Purpose
A
1 - 126
255.0.0.0 (/8)
$16,777,214$
Global Organizations
B
128 - 191
255.255.0.0 (/16)
$65,534$
Mid-to-Large Networks
C
192 - 223
255.255.255.0 (/24)
$254$
Small Local Networks
3.0 CIDR: Modern IP Allocation
Classless Inter-Domain Routing (CIDR) replaced the rigid classful system in 1993. It allows for Variable-Length Subnet Masking (VLSM), enabling administrators to ignore class boundaries and use any prefix length (e.g., /25, /29).
Benefits of CIDR:
Efficiency: Allocates only the space needed.
Aggregation: Allows multiple routes to be summarized into one.
Conservation: Slows the exhaustion of the limited IPv4 address space.
4.0 Mastering Subnetting Mechanics
Key Terminology
Network Portion: Identified by binary 1s in the mask; defines the "neighborhood."
Host Portion: Identified by binary 0s in the mask; defines the specific "house."
Borrowed Bits ($S$): Bits taken from the host portion to create subnets.
Core Formulas
Total Subnets: $2^S$
Usable Hosts per Subnet: $2^H - 2$
Critical Exam Tip: Always subtract $2$. Every subnet reserves the Network Address (all host bits 0) and the Broadcast Address (all host bits 1).
The Block Size (The "Magic Number")
The Block Size is the decimal value of the last bit "borrowed" in the mask.
Metaphor: Think of block size as the standard spacing for street addresses. If the block size is $64$, the "streets" (subnets) start at .0, .64, .128, and .192.
5.0 Practical Application Scenarios
5.1 Scenario: Meet Host Requirements
Given: 192.168.1.0/24. Need: 4 subnets with ~45 hosts each.
Subnets: $2^S \ge 4 \Rightarrow S=2$.
Hosts: Remaining host bits $H = 8 - 2 = 6$.
Calculation: $2^6 - 2 = 62$ usable hosts (Requirement met).
New Prefix: $/24 + 2 = /26$.
Block Size: $64$ (from the $/26$ mask bit value).
Resulting Subnets:
192.168.1.0/26
192.168.1.64/26
192.168.1.128/26
192.168.1.192/26
5.2 Scenario: Skill Check
Problem: Find the Subnet ID for host 192.168.5.57/27.
Block Size: $/27$ means the increment is $32$ ($256 - 224 = 32$).
Subnet Ranges: $0, 32, 64, 96 \dots$
Find the Fit: $.57$ falls between $32$ and $64$.
Answer: Subnet ID is 192.168.5.32/27.
6.0 Special-Use Prefix Lengths
Prefix
Usage
Notes
/30
Traditional P2P Link
Provides $2$ usable addresses ($2^2 - 2$).
/31
Modern P2P Link
$2$ usable addresses; no separate net/broadcast (RFC 3021).
/32
Host Route / Loopback
Identifies exactly one IP address.
7.0 VLSM: Maximum Efficiency
The "Golden Rule" of Variable-Length Subnet Masking (VLSM): Always allocate address blocks starting from the largest host requirement and proceed to the smallest.
Example Allocation ($192.168.1.0/24$):
LAN A (110 hosts): Needs $/25$. Assigned: 192.168.1.0/25 (Range: .0 – .127).
LAN B (45 hosts): Needs $/26$. Assigned: 192.168.1.128/26 (Range: .128 – .191).
LAN C (29 hosts): Needs $/27$. Assigned: 192.168.1.192/27 (Range: .192 – .223).
WAN Link (2 hosts): Needs $/30$. Assigned: 192.168.1.240/30 (Range: .240 – .243).
8.0 Rapid Reference Cheat Sheet
Prefix
Mask (Last Octet)
Block Size
Usable Hosts
/24
.0
$256$
$254$
/25
.128
$128$
$126$
/26
.192
$64$
$62$
/27
.224
$32$
$30$
/28
.240
$16$
$14$
/29
.248
$8$
$6$
/30
.252
$4$
$2$
/31
.254
$2$
$2$
/32
.255
$1$
$1$

Days 16, 17, 18: VLANs
CCNA 200-301 Study Guide: VLANs, Trunking, and DTP
1.0 Foundational Concepts: Introduction to VLANs
Virtual LANs (VLANs) provide the mechanism for network segmentation at Layer 2. By creating distinct broadcast domains, administrators can logically group users regardless of their physical location on the switch.
1.1 The Metaphor: The Soundproof Office
Think of a large, open-plan office where everyone is shouting. This is a single broadcast domain; the noise (broadcast traffic) makes it hard for anyone to focus. Implementing VLANs is like building soundproof glass walls. People in the "Sales" room can talk to each other without distracting the "Finance" room, even though they are all in the same building (on the same physical switch).
1.2 Core Benefits
Broadcast Containment: ARP requests and other broadcasts are limited to a single VLAN.
Enhanced Security: Users in different VLANs cannot communicate at Layer 2. Inter-VLAN communication requires a Layer 3 device (Router or Multilayer Switch).
Improved Performance: Reduces CPU overhead on host devices by eliminating irrelevant broadcast processing.
1.3 VLAN Ranges
Cisco switches support two ranges of VLAN IDs:
VLAN Range
Numeric Range
Storage Location
Notes
Normal
1 – 1005
vlan.dat (Flash)
VLANs 1002–1005 are reserved for legacy tech.
Extended
1006 – 4094
running-config (NVRAM)
Requires VTP Transparent mode on older switches.
1.4 Basic VLAN Configuration
# 1. Create and name the VLAN
Switch(config)# vlan 10
Switch(config-vlan)# name SALES
# 2. Assign a port to the VLAN (Access Port)
Switch(config)# interface g0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
2.0 Inter-Switch Communication: VLAN Trunking
Trunking allows a single physical link to carry traffic for multiple VLANs between switches.
2.1 The 802.1Q Tagging Protocol
IEEE 802.1Q (Dot1q) is the industry-standard protocol for trunking. It inserts a 4-byte (32-bit) tag into the Ethernet header to identify the VLAN ID.
TPID: Set to 0x8100 to identify a tagged frame.
VLAN ID: A 12-bit field, allowing for $2^{12}$ (4,096) unique VLANs.
2.2 The Native VLAN
By default, traffic on the Native VLAN is sent across a trunk untagged.
Security Risk: VLAN 1 is the default native VLAN and a target for "VLAN hopping" attacks.
Best Practice: Change the native VLAN to an unused ID (e.g., 999) and ensure it matches on both ends of the link.
2.3 Trunk Configuration
Switch(config)# interface g0/1
# Switch(config-if)# switchport trunk encapsulation dot1q  (Required on older hardware)
Switch(config)# switchport mode trunk
Switch(config)# switchport trunk native vlan 99
Switch(config)# switchport trunk allowed vlan 10,20,30    # VLAN Pruning
3.0 Automated Negotiation: Dynamic Trunking Protocol (DTP)
DTP is a Cisco proprietary protocol that automates the formation of trunk links. While convenient, it is considered a security risk in modern networks.
3.1 DTP Operational Modes
Access: Permanent non-trunking state.
Trunk: Permanent trunking state; actively negotiates with the neighbor.
Dynamic Auto: Passive; becomes a trunk only if the neighbor is set to Trunk or Desirable.
Dynamic Desirable: Active; attempts to convert the link to a trunk.
No-Negotiate: Disables DTP advertisements entirely (switchport nonegotiate).
3.2 DTP Negotiation Outcomes
Local Mode
Neighbor: Auto
Neighbor: Desirable
Neighbor: Trunk
Neighbor: Access
Dynamic Auto
Access
Trunk
Trunk
Access
Dynamic Desirable
Trunk
Trunk
Trunk
Access
Trunk
Trunk
Trunk
Trunk
Mismatch
Access
Access
Access
Mismatch
Access
4.0 Verification and Best Practices
4.1 Key Verification Commands
Command
Purpose
show vlan brief
Lists all active VLANs and their assigned access ports.
show interfaces trunk
Shows active trunks, encapsulation, and allowed/native VLANs.
show interface [ID] switchport
Displays administrative vs. operational modes (e.g., DTP status).
4.2 Security Best Practices
Disable DTP: Use switchport mode access and switchport nonegotiate on user-facing ports.
Hard-code Trunks: Never rely on Dynamic Auto; use switchport mode trunk.
VLAN Pruning: Only allow necessary VLANs across a trunk to save bandwidth.
Secure the Native VLAN: Move the native VLAN away from VLAN 1 and use a dedicated "dummy" VLAN.
TL;DR Summary
VLANs break one large broadcast domain into multiple smaller logical ones.
802.1Q is the standard for trunking; it uses tags to keep traffic separated on inter-switch links.
Native VLAN traffic is untagged; mismatches cause traffic "leaking" and security issues.
DTP should be disabled on all production ports to prevent unauthorized trunking and VLAN hopping.

Day 19: DTP and VTP Protocols
CCNA 200-301 Study Guide: Cisco's DTP and VTP Protocols
1.0 Introduction: The Enduring Relevance of DTP and VTP
While DTP and VTP are no longer standalone topics in the current CCNA curriculum, they remain critical "under-the-hood" protocols. They govern the default behavior of Cisco Catalyst switches and can cause significant troubleshooting and security issues if left unmanaged.
Understanding these protocols is essential for interpreting switch behavior, securing networks against Layer 2 vulnerabilities, and ensuring stable trunking.
2.0 Dynamic Trunking Protocol (DTP)
DTP is a Cisco-proprietary protocol designed to automate the creation of trunk links. It negotiates whether a link should be an access port or a trunk and determines the encapsulation (typically 802.1Q).
2.1 DTP Administrative Modes
Mode
Behavior
Negotiation Stance
Access
Permanent access port.
Disables DTP.
Trunk
Permanent trunk port.
Actively sends DTP frames.
Dynamic Auto
Passive; becomes a trunk only if requested.
Listens only (Default for most switches).
Dynamic Desirable
Active; attempts to convert link to a trunk.
Actively negotiates.
2.2 DTP Negotiation Outcomes
Local Mode
Remote: Auto
Remote: Desirable
Remote: Trunk
Remote: Access
Dynamic Auto
Access
Trunk
Trunk
Access
Dynamic Desirable
Trunk
Trunk
Trunk
Access
Trunk
Trunk
Trunk
Trunk
Mismatch
Access
Access
Access
Mismatch
Access
The "Auto" Trap: If both switches are left in the default Dynamic Auto state, a trunk will never form. Both sides wait passively for the other to start the negotiation, resulting in a standard access link.
2.3 Security Risks: VLAN Hopping
A malicious actor can spoof DTP frames to trick a dynamic port into becoming a trunk. Once a trunk is formed, the attacker gains access to all VLANs allowed on that link, bypassing network segmentation.
Best Practices:
End-User Ports: Always use switchport mode access to disable negotiation.
Trunk Links: Hardcode using switchport mode trunk and disable negotiation with switchport nonegotiate.
3.0 VLAN Trunking Protocol (VTP)
VTP maintains a consistent VLAN database across a network. It allows an administrator to add, delete, or rename VLANs on one switch and have those changes propagate to all other switches in the domain.
3.1 VTP Operational Modes
Server (Default): Can create, modify, and delete VLANs. Changes are advertised to the domain and saved in NVRAM (vlan.dat).
Client: Cannot change VLANs locally. Synchronizes its database with the Server. In VTP v1/v2, changes are not saved to NVRAM (lost on reboot).
Transparent: Does not synchronize with the domain. It forwards VTP advertisements but does not process them. Local VLANs can be created but are not advertised. Configuration Revision is always 0.
3.2 The "VTP Bomb"
VTP uses a Configuration Revision Number to track updates. A switch will always overwrite its database if it receives an advertisement with a higher revision number.
The Risk: If you connect a repurposed switch with a high revision number and the same domain name, it can instantly overwrite the production VLAN database, potentially deleting all VLANs and causing a network-wide outage.
Safety Procedure to Reset Revision to 0:
Isolate the switch.
Change VTP mode to Transparent (this resets revision to 0).
Change VTP mode back to Client/Server.
Verify with show vtp status.
4.0 Configuration and Verification Command Reference
4.1 DTP Commands
Objective
Command
Set port to static access
switchport mode access
Set port to static trunk
switchport mode trunk
Disable DTP on interface
switchport nonegotiate
Verify interface status
show interfaces <id> switchport
4.2 VTP Commands
Objective
Command
Set VTP mode
vtp mode {server | client | transparent}
Set VTP domain
vtp domain <name>
Set VTP password
vtp password <pass>
Verify VTP status
show vtp status
5.0 Key Troubleshooting Insights
VTP Version Limits: VTP v1 and v2 only synchronize Normal Range VLANs (1–1005). To sync Extended Range VLANs (1006–4094), you must use VTP v3 or Transparent mode.
VTP Pruning: This feature prevents unnecessary broadcast traffic from flooding across trunks to switches that don't have active ports in those VLANs.
Native VLAN Mismatch: DTP does not fix Native VLAN mismatches. If one side is VLAN 1 and the other is VLAN 99, you will receive CDP error messages and traffic will leak between VLANs.

Days 20, 21, 22: Spanning Tree Protocol
CCNA 200-301 Study Guide: Layer 2 Switching and Spanning Tree Protocol
1.0 The Critical Need for Spanning Tree Protocol (STP)
In modern networks, redundancy is a necessity for high availability. However, redundant physical links at Layer 2 create a lethal risk: switching loops. Unlike Layer 3 packets, which have a Time-to-Live (TTL) field to kill a packet if it circles too long, Layer 2 Ethernet frames have no expiration mechanism.
The Consequences of a Loop
Broadcast Storms: A single broadcast frame is duplicated endlessly, consuming all bandwidth and crashing switch CPUs.
MAC Table Instability (MAC Flapping): The switch sees the same source MAC appearing on different ports simultaneously, causing its forwarding logic to fail.
Duplicate Frame Delivery: A host receives multiple copies of the same unicast frame, causing application errors.
The Metaphor: Think of STP as a Tree Pruner. It looks at a messy, circular bush of redundant wires and "prunes" (blocks) specific branches so that only a single, logical tree remains where every leaf (host) has exactly one path to the root.
2.0 Core Mechanics of Legacy STP (IEEE 802.1D)
STP creates a loop-free topology by electing a single reference point called the Root Bridge.
2.1 The Root Bridge Election
The switch with the numerically lowest Bridge ID (BID) is elected the Root Bridge.
$$Bridge\ ID = Bridge\ Priority + Extended\ System\ ID\ (VLAN\ ID) + MAC\ Address$$
Default Priority: 32,768 (must be changed in increments of 4,096).
Tie-breaker: If priorities are equal, the switch with the lowest MAC address wins.
Outcome: All ports on the Root Bridge are Designated Ports (DP) and are in a forwarding state.
2.2 STP Path Cost
Each non-root switch finds the "cheapest" path to the root based on cumulative link costs.
Link Speed
802.1D Cost (Legacy)
802.1w Cost (Rapid)
10 Mbps
100
2,000,000
100 Mbps
19
200,000
1 Gbps
4
20,000
10 Gbps
2
2,000
2.3 STP Port Roles
Root Port (RP): The single port on a non-root switch with the lowest cost to the Root Bridge.
Designated Port (DP): The port on a segment that provides the best path to the Root. One DP per segment.
Non-Designated Port: A port that is Blocking to prevent a loop.
3.0 STP Port States and Convergence
To prevent loops while calculating the topology, 802.1D uses a timer-based approach.
State
Forward Data?
Learn MACs?
Notes
Blocking
No
No
Listens for BPDUs.
Listening
No
No
15s delay. Determining roles.
Learning
No
Yes
15s delay. Building the MAC table.
Forwarding
Yes
Yes
Fully operational.
Total Convergence Time: 30–50 seconds. This delay is the primary weakness of legacy STP.
4.0 Rapid Spanning Tree Protocol (RSTP - 802.1w)
RSTP is the modern standard. It replaces slow timers with a Proposal-Agreement Handshake, allowing for sub-second convergence.
4.1 RSTP Enhancements
Discarding State: Combines the legacy Blocking and Listening states.
Alternate Port: A pre-calculated backup for the Root Port. If the RP fails, the Alternate Port goes to forwarding immediately.
Backup Port: A backup for a Designated Port (rare, used with hubs).
Edge Ports: Ports connected to end devices (PCs). They transition to forwarding immediately.
5.0 The STP Security Toolkit
To prevent accidental loops or malicious Root Bridge hijacking, use these standard features:
PortFast: Configured on access ports (PCs/Servers). Bypasses Listening/Learning to prevent DHCP timeouts.
BPDU Guard: If a port with BPDU Guard receives a BPDU (indicating someone plugged in a switch), it puts the port in err-disabled state.
Root Guard: Prevents a downstream switch from becoming the Root Bridge.
Loop Guard: Prevents loops caused by unidirectional link failures (e.g., fiber strands failing).
6.0 Configuration and Verification Commands
6.1 Configuration
# Set the mode to Rapid PVST (Recommended)
Switch(config)# spanning-tree mode rapid-pvst
# Set the Root Bridge (Method 1: Macro)
Switch(config)# spanning-tree vlan 10 root primary
# Set the Root Bridge (Method 2: Priority)
Switch(config)# spanning-tree vlan 10 priority 4096
# Configure Access Port security
Switch(config)# interface g0/1
Switch(config-if)# spanning-tree portfast
Switch(config-if)# spanning-tree bpduguard enable
6.2 Verification
Command
Purpose
show spanning-tree
General overview of roles, costs, and Bridge IDs.
show spanning-tree vlan <id>
STP status for a specific VLAN.
show spanning-tree summary
High-level look at states and global features.
7.0 Key Takeaways Summary
STP prevents loops by logically blocking redundant paths.
Election is based on the Lowest Bridge ID.
Legacy STP (802.1D) is too slow (30-50s); RSTP (802.1w) is the standard.
Security: Always use PortFast + BPDU Guard on all user-facing ports to protect the topology.

Day 23: EtherChannel
CCNA 200-301 Study Guide: EtherChannel
1.0 EtherChannel: Definition and Strategic Purpose
EtherChannel (also known as a Port Channel or Link Aggregation Group - LAG) bundles multiple physical switch ports into a single logical link. This technology is essential for creating high-bandwidth, resilient backbones in campus networks.
1.1 The Strategic Goals
Increased Bandwidth: Aggregates the capacity of individual links (e.g., two 1Gbps links become a single 2Gbps logical channel).
Link Redundancy: If one physical link in the bundle fails, traffic is automatically redistributed across the remaining active links without a total connection loss.
Load Balancing: Uses a hashing algorithm to distribute traffic flows across all active members of the bundle.
1.2 Interaction with Spanning Tree Protocol (STP)
Normally, parallel links between switches create a Layer 2 loop, causing STP to block all but one link. EtherChannel resolves this by presenting the bundle to STP as a single logical interface. STP allows the entire Port Channel to remain in a forwarding state, enabling all physical ports to contribute to the combined bandwidth.
2.0 Negotiation Protocols and Configuration Modes
EtherChannel can be configured statically or dynamically. LACP is the modern industry standard and is preferred for its vendor-neutral compatibility.
2.1 Protocol Comparison
Feature
LACP (Link Aggregation Control Protocol)
PAgP (Port Aggregation Protocol)
Standard
IEEE 802.3ad (Industry Standard)
Cisco Proprietary
Best Practice
Preferred (Multi-vendor support)
Use only between Cisco devices
Modes
Active / Passive
Desirable / Auto
2.2 Negotiation Outcomes
Protocol
Mode Combination
Result
LACP
Active + Active
Success
LACP
Active + Passive
Success
LACP
Passive + Passive
Failure
PAgP
Desirable + Desirable
Success
PAgP
Desirable + Auto
Success
PAgP
Auto + Auto
Failure
The "On" Mode: This mode forces the interface to bundle without negotiation. It is risky because it does not verify if parameters (speed, duplex, VLANs) match on the other end, which can lead to Layer 2 loops or packet loss.
3.0 Load Balancing Mechanism
EtherChannel does not use round-robin distribution. Instead, it uses a hash-based method to categorize traffic into "flows."
Flow Consistency: All packets in a specific conversation (e.g., a single file transfer) are mapped to the same physical link.
Prevention of Out-of-Order Delivery: By keeping a flow on one link, the switch ensures packets arrive in the correct sequence, preventing TCP performance degradation.
Hashing Options: Switches can hash based on Source/Destination MAC, IP, or Port numbers.
4.0 Critical Configuration Guidelines
For a Port Channel to form, the following parameters must match on all member interfaces:
Speed and Duplex
VLAN Membership (Access VLAN or Allowed VLAN list for Trunks)
STP Settings
4.1 Link Limits
PAgP: Up to 8 active links.
LACP: Up to 16 links (8 active and 8 hot-standby).
Channel Group Number: This ID is only locally significant; it does not need to match the number on the neighboring switch.
5.0 Implementation Workflow
5.1 Layer 2 EtherChannel (Switch-to-Switch)
SW1(config)# interface range g0/1 - 2
SW1(config-if-range)# channel-group 1 mode active
SW1(config-if-range)# exit
SW1(config)# interface port-channel 1
SW1(config-if)# switchport mode trunk
SW1(config-if)# switchport trunk allowed vlan 10,20
5.2 Layer 3 EtherChannel (Routed Port)
SW1(config)# interface range g0/1 - 2
SW1(config-if-range)# no switchport
SW1(config-if-range)# channel-group 1 mode active
SW1(config-if-range)# exit
SW1(config)# interface port-channel 1
SW1(config-if)# ip address 10.1.1.1 255.255.255.252
6.0 Verification and Troubleshooting
Command
Purpose
show etherchannel summary
Most Important. Shows Port Channel status and member port states.
show etherchannel load-balance
Displays the current hashing algorithm in use.
show interface port-channel <id>
Shows the logical interface status (Up/Down) and bandwidth.
Common Status Codes in show etherchannel summary:
(P): Bundled in Port Channel (Operational).
(D): Down / Suspended (Mismatched parameters).
(I): Stand-alone (Negotiation failed).
SU: Layer 2 Port Channel, In Use.
RU: Layer 3 Port Channel, In Use.
TL;DR: CCNA Exam Cram
Purpose: Aggregate links for Bandwidth ($+$) and Redundancy.
Protocol: Use LACP (Active/Active) whenever possible.
Logic: STP sees one link; Traffic is balanced by Flow Hashing.
Requirement: Speed, Duplex, and VLANs must match on all ports.
Verification: show etherchannel summary is your best friend.

Day 24: Dynamic Routing
CCNA 200-301 Study Guide: IP Connectivity
1.0 Introduction
IP Connectivity is the mechanism that enables communication between devices on different network segments. It is the core function of Layer 3 devices (routers and multilayer switches). In the CCNA 200-301 exam, this domain accounts for 25% of the total score.
2.0 Foundational Routing Methods: Static vs. Dynamic
The choice between static and dynamic routing impacts scalability, resiliency, and administrative overhead.
Feature
Static Routing
Dynamic Routing
Configuration
Manually defined by an administrator.
Automatically learned from neighbors.
Adaptability
Fixed; requires manual intervention if a link fails.
Automatically recalculates paths during topology changes.
Scalability
Low; impractical for large networks.
High; manages thousands of routes efficiently.
Resources
Low CPU/RAM requirements.
Requires CPU/RAM to run protocol algorithms.
Best Use Case
Stub networks or Default Gateways.
Large enterprise core/distribution layers.
3.0 Deconstructing Dynamic Routing Protocols
Dynamic protocols are classified by their Scope (where they run) and their Algorithm (how they calculate math).
3.1 Classification by Scope
Interior Gateway Protocol (IGP): Used within a single Autonomous System (AS).
Examples: OSPF, EIGRP, RIP, IS-IS.
Exterior Gateway Protocol (EGP): Used to connect different Autonomous Systems.
Example: BGP (The protocol of the Internet).
3.2 Classification by Algorithm
Distance Vector: "Routing by rumor." Routers only know what neighbors tell them.
Examples: RIP (Metric: Hop Count), EIGRP (Advanced Distance Vector).
Link State: Every router has a complete map of the topology.
Examples: OSPF, IS-IS (Metric: Cost/Bandwidth).
Path Vector: Specific to BGP; uses AS-Path information to prevent loops.
4.0 The Router's Path Selection Logic
When a router learns multiple paths to the same destination, it uses a strict three-step hierarchy to choose the best route for the Routing Table.
Step 1: Longest Prefix Match (LPM)
The router prefers the most specific route (the longest subnet mask). This rule overrides everything else.
Example: A packet destined for 10.1.1.5 matches both 10.0.0.0/8 and 10.1.1.0/24.
Winner: 10.1.1.0/24 because $24 > 8$.
Step 2: Administrative Distance (AD)
If prefix lengths are identical, the router chooses the most "trustworthy" source.
Route Source
Default AD
Connected
0
Static
1
EIGRP (Internal)
90
OSPF
110
RIP
120
Step 3: Metric
If the prefix length and AD are identical, the router chooses the path with the lowest cost (metric) calculated by the protocol.
5.0 Advanced Routing Concepts
5.1 Floating Static Routes
A Floating Static Route is a backup route with a manually configured AD higher than the primary dynamic protocol.
Primary: OSPF (AD 110)
Backup: Static Route (AD 111)
Logic: The static route "floats" (stays out of the table) until the OSPF route fails.
Command: ip route 10.0.2.0 255.255.255.0 192.168.1.1 111
5.2 Equal-Cost Multi-Path (ECMP)
If multiple paths have the same Prefix Length, same AD, and same Metric, the router installs all of them and load-balances traffic across them.
6.0 Essential Command Reference
6.1 Verification
Command
Purpose
show ip route
View the IPv4 routing table.
traceroute <ip>
Trace the hop-by-hop path to a destination.
show ip protocols
Verify dynamic routing protocol parameters and AD.
6.2 Configuration
Standard Static Route:
ip route <network> <mask> <next-hop-ip>
Default Route (Gateway of Last Resort):
ip route 0.0.0.0 0.0.0.0 <next-hop-ip>
Loopback Interface (Stable Management IP):
interface Loopback0
7.0 TL;DR Summary
Selection Logic: Longest Match $\rightarrow$ Lowest AD $\rightarrow$ Lowest Metric.
Distance Vector protocols see neighbors; Link State protocols see the whole map.
Floating Static Routes are created by increasing the AD of a static route to exceed the dynamic protocol's AD.
BGP is the only EGP; it is a Path Vector protocol.

Day 25: RIP and EIGRP Routing Protocols
CCNA Study Guide: Comparative Analysis of RIP and EIGRP
1.0 Introduction
While OSPFv2 is the primary protocol for configuration on the CCNA 200-301 exam, understanding RIP and EIGRP is essential for mastering routing fundamentals. These protocols represent the evolution of distance-vector logic and provide context for why modern networks are designed the way they are.
2.0 Routing Information Protocol (RIP)
RIP is the classic "Routing by Rumor" protocol. It is a legacy Interior Gateway Protocol (IGP) that relies on periodic updates and a simplistic view of the network.
2.1 Core Characteristics
Algorithm: Bellman-Ford (Distance Vector).
Metric: Hop Count. Each router is one hop; the path with the fewest routers is chosen.
Maximum Hop Count: 15. A hop count of 16 is considered "infinite" (unreachable).
Administrative Distance (AD): 120.
Update Timer: Full routing table broadcast/multicast every 30 seconds.
2.2 Evolution: RIPv1 vs. RIPv2
RIP evolved to support modern networking requirements like VLSM and CIDR.
Feature
RIPv1
RIPv2
Addressing
Classful (A, B, C)
Classless (VLSM/CIDR)
Subnet Masks
Not sent in updates
Included in updates
Transmission
Broadcast (255.255.255.255)
Multicast (224.0.0.9)
Authentication
Not supported
Supported
2.3 Basic Configuration
Router(config)# router rip
Router(config-router)# version 2
Router(config-router)# no auto-summary
Router(config-router)# network 192.168.1.0
Router(config-router)# passive-interface g0/0
Router(config-router)# default-information originate
3.0 Enhanced Interior Gateway Routing Protocol (EIGRP)
EIGRP is an Advanced Distance Vector (or Hybrid) protocol. It is designed for extremely fast convergence and efficiency, utilizing the Diffusing Update Algorithm (DUAL).
3.1 Core Characteristics
Algorithm: DUAL.
Multicast Address: 224.0.0.10.
Administrative Distance (AD): 90 (Internal), 170 (External).
Convergence: Very fast due to pre-calculated backup paths.
Routing Code: Identified in the routing table by the letter D (for DUAL).
3.2 The Composite Metric
EIGRP uses a complex formula considering multiple path attributes. By default, only Bandwidth and Delay are used.
$$Metric = ([Slowest\ Bandwidth + Sum\ of\ Delays] \times 256)$$
3.3 EIGRP Terminology (DUAL)
Term
Definition
Successor
The best, lowest-metric route installed in the routing table.
Feasible Successor (FS)
A loop-free backup route.
Feasible Distance (FD)
The local router's total metric to the destination.
Reported Distance (RD)
The metric advertised by a neighbor to reach the destination.
The Feasibility Condition: For a neighbor to be a Feasible Successor, its RD must be less than the current FD ($RD < FD$). This ensures a loop-free backup path.
4.0 Advanced Features and Configuration
4.1 Unequal-Cost Load Balancing
EIGRP is the only IGP that supports unequal-cost load balancing. Using the variance command, a router can distribute traffic across paths with different metrics if the backup path is a Feasible Successor.
4.2 Configuration Example
Router(config)# router eigrp 100
Router(config-router)# eigrp router-id 1.1.1.1
Router(config-router)# network 10.0.0.0 0.0.0.255
Router(config-router)# no auto-summary
Router(config-router)# variance 2
5.0 Verification and Troubleshooting Commands
Command
Purpose
show ip protocols
Summarizes all active routing protocols (timers, AD, networks).
show ip route [rip | eigrp]
Filters the routing table for specific protocol entries.
show ip eigrp neighbors
Verifies successful adjacencies with neighboring routers.
show ip eigrp topology
Displays the DUAL database, including Successors and FS.
6.0 Head-to-Head Comparison: RIP vs. EIGRP
Feature
RIP
EIGRP
Type
Distance Vector
Advanced Distance Vector
Metric
Hop Count
Bandwidth + Delay
Convergence
Slow
Very Fast
Load Balancing
Equal Cost Only
Equal & Unequal Cost
Admin Distance
120
90
Standard
Industry Standard
Cisco (Open since 2013)

Days 26, 27, 28: OSPF
CCNA Study Guide: OSPFv2 (Exam Topic 3.4)
1.0 OSPFv2 Fundamentals: The Link-State Advantage
Open Shortest Path First (OSPF) is a Link-State Interior Gateway Protocol (IGP). Unlike distance-vector protocols that rely on "routing by rumor," OSPF routers build a complete, synchronized map of the network topology.
The Metaphor: The GPS vs. The Signpost
Distance Vector (RIP): Like a signpost. It tells you "Network X is 4 miles that way," but you don't know what the road looks like or if there is a bridge out further ahead.
Link-State (OSPF): Like a GPS map. Every router has a complete map of every "road" (link) and "intersection" (router) in the area. Each router can independently calculate the best path using the map.
Core Characteristics
Attribute
Description
Protocol Type
Link-State IGP
Algorithm
Dijkstra’s Shortest Path First (SPF)
Admin Distance (AD)
110
Multicast Addresses
224.0.0.5 (All OSPF Routers), 224.0.0.6 (DR/BDR)
2.0 The Path to Adjacency: OSPF Core Operations
OSPF routers must go through a structured process to become fully adjacent and synchronize their Link State Database (LSDB).
The 3-Step Process
Become Neighbors: Routers discover each other via Hello packets.
Exchange LSAs: Routers share Link State Advertisements (LSAs) to synchronize their databases.
Calculate Routes: Once the LSDB is identical, each router runs the SPF algorithm to find the best paths.
OSPFv2 Neighbor States
State
Description
Down
No Hellos received.
Init
Hello received, but your own Router ID is not in the neighbor's list.
2-Way
Bidirectional communication confirmed (DR/BDR election happens here).
ExStart
Determining Master/Slave relationship for data exchange.
Exchange
Exchanging Database Descriptors (DBDs) (summaries of the LSDB).
Loading
Requesting specific missing info via LSRs and LSUs.
Full
LSDBs are fully synchronized. Normal operation.
3.0 Essential OSPF Components
3.1 Router ID (RID) Selection
The RID is a unique 32-bit identifier for the router. It is selected in this order:
Manual Configuration: router-id 1.1.1.1 (Best Practice).
Highest Loopback IP: Highest IP on any active loopback interface.
Highest Physical IP: Highest IP on any active physical interface.
3.2 The OSPF Metric: Cost
OSPF calculates cost based on interface bandwidth. A lower cumulative cost is preferred.
$$Cost = \frac{Reference\ Bandwidth}{Interface\ Bandwidth}$$
Important: The default reference bandwidth is 100 Mbps. On modern networks (Gigabit or 10G), you must manually increase this to ensure OSPF can distinguish between different high-speed links.
Command: auto-cost reference-bandwidth 1000 (for 1 Gbps links).
3.3 LSA Types (CCNA Focus)
Type 1 (Router LSA): Sent by every router; describes its own links/interfaces.
Type 2 (Network LSA): Generated by the Designated Router (DR); describes the routers on a multi-access segment.
Type 5 (External LSA): Describes routes redistributed from outside the OSPF domain (e.g., a Static Route).
4.0 Network Types and the DR/BDR Election
On multi-access networks (like Ethernet), OSPF elects a Designated Router (DR) and a Backup Designated Router (BDR) to manage LSA flooding and reduce the number of adjacencies.
Feature
Broadcast (Ethernet)
Point-to-Point (Serial)
DR/BDR Election
Yes
No
Hello / Dead Timer
10s / 40s
10s / 40s
DR/BDR Election Hierarchy
Highest Interface Priority: Default is 1. A priority of 0 makes a router ineligible.
Highest Router ID: The tie-breaker if priorities are equal.
Note: The election is non-preemptive. If a new router with a higher priority joins the network, it will not become the DR until the current DR/BDR process is reset or the current DR fails.
5.0 OSPFv2 Configuration
5.1 Basic Implementation
# Method 1: Traditional Network Command
Router(config)# router ospf 1
Router(config-router)# router-id 1.1.1.1
Router(config-router)# network 10.1.1.0 0.0.0.255 area 0
# Method 2: Interface-level Command (Preferred)
Router(config)# interface g0/0
Router(config-if)# ip ospf 1 area 0
5.2 Common Optimizations
Passive Interface: Prevents Hellos from being sent to user segments (Security/Efficiency).
passive-interface g0/1
Default Route Propagation:
default-information originate (Injects the 0.0.0.0/0 route into OSPF).
6.0 Troubleshooting OSPF Adjacency Issues
If two routers fail to reach the FULL state, check for mismatches in these parameters:
Area ID: Must match.
Subnet & Mask: Must be on the same primary subnet.
Hello/Dead Timers: Must match (Default 10/40).
Authentication: Passwords and types must match.
MTU Size: If they mismatch, routers get stuck in ExStart/Exchange.
Unique Router IDs: Duplicate RIDs prevent adjacency.
TL;DR Summary
Link-State: OSPF uses a map (LSDB), not rumors.
Election: Lowest Bridge ID wins (Priority, then RID).
Cost Formula: Reference Bandwidth / Interface Bandwidth.
Convergence: Moves through 7 states; FULL is the goal.
Multi-access: Uses DR/BDR to reduce LSA flooding on Ethernet.
Troubleshooting: Check Area, Timers, Subnet, and MTU if adjacencies fail.

Day 29: First Hop Redundancy Protocols
CCNA Study Guide: First Hop Redundancy Protocols (FHRP)
1.0 Introduction: The Default Gateway as a Single Point of Failure
In a standard network, end-user devices rely on a single Default Gateway to reach the outside world. If the physical router providing that gateway fails, the entire subnet loses connectivity.
First Hop Redundancy Protocols (FHRP) mitigate this risk by grouping multiple physical routers into a single logical, redundant gateway.
The Metaphor: The Shared Doorway
Imagine an office with only one exit. If that door jams, everyone is trapped. FHRP is like having two doors side-by-side that appear as one "virtual door" to the employees. If one door sticks, people automatically walk through the other without even realizing the first one failed.
2.0 Core FHRP Concepts and Mechanisms
2.1 The Building Blocks of Redundancy
Virtual IP (VIP): The single IP address shared by the group. This is what hosts use as their Default Gateway.
Virtual MAC (VMAC): A shared Layer 2 address associated with the VIP.
Active/Master Router: The router currently responsible for forwarding traffic sent to the VIP.
Standby/Backup Router: The router(s) listening for "Hello" messages from the Active router, ready to take over.
2.2 The Automatic Failover Process
Health Monitoring: Routers exchange Hello messages via multicast.
Failure Detection: If the Standby router stops hearing Hellos for a specific duration (the Hold Time), it assumes the Active router has failed.
Role Transition: The Standby router promotes itself to Active.
Gratuitous ARP (GARP): The new Active router sends a GARP to the switch. This forces the switch to update its MAC address table so that frames destined for the VMAC are now sent to the new router's physical port.
3.0 Comparative Analysis of Major FHRPs
Feature
HSRP
VRRP
GLBP
Full Name
Hot Standby Router Protocol
Virtual Router Redundancy Protocol
Gateway Load Balancing Protocol
Owner
Cisco Proprietary
Open Standard
Cisco Proprietary
Primary Roles
Active / Standby
Master / Backup
AVG / AVF
Load Balancing
No (Active/Passive)
No (Active/Passive)
Yes (Active/Active)
Preemption
Disabled by Default
Enabled by Default
Enabled by Default
Multicast IP
224.0.0.102 (v2)
224.0.0.18
224.0.0.102
Virtual MAC Address Formats
HSRP v1: 0000.0C07.ACXX (XX = Group ID)
HSRP v2: 0000.0C9F.FXXX (XXX = Group ID)
VRRP: 0000.5E00.01XX (XX = Group ID)
GLBP: 0007.B400.XXYY (XX = Group ID, YY = Forwarder ID)
4.0 Deep Dive: Hot Standby Router Protocol (HSRP)
HSRP is the most common FHRP encountered in Cisco environments.
4.1 Election and Preemption
Highest Priority: The router with the highest priority wins (Default: 100, Range: 0–255).
Highest IP: If priorities are tied, the router with the highest IP address on the interface wins.
Preemption: If a primary router reboots, it will not take back the Active role by default, even if it has a higher priority. Preemption must be manually enabled to allow the "better" router to seize control back.
4.2 HSRP Versions
Feature
HSRP v1
HSRP v2
Group Range
0 – 255
0 – 4095
IPv6 Support
No
Yes
Multicast Addr
224.0.0.2
224.0.0.102
Timer Support
Seconds
Milliseconds
5.0 HSRP Configuration and Verification
5.1 Configuration Example
Router(config)# interface g0/0
Router(config-if)# standby version 2
Router(config-if)# standby 1 ip 10.0.0.1         # Set Virtual IP
Router(config-if)# standby 1 priority 150        # Make this the preferred Active
Router(config-if)# standby 1 preempt             # Allow it to take back control
5.2 Verification Commands
Command
Purpose
show standby
Detailed view of roles, VIP, VMAC, and timers.
show standby brief
Concise summary of all HSRP groups and their states.
6.0 CCNA Exam Essentials (Key "Gotchas")
Traceroute Behavior: When tracing a path from a host, the first hop will show the Physical IP of the active router, not the Virtual IP.
GLBP Roles: * AVG (Active Virtual Gateway): Answers ARP requests and assigns different VMACs to routers.
AVF (Active Virtual Forwarder): The routers that actually forward the data.
GARP Importance: Failover relies on the switch updating its MAC table via the Gratuitous ARP. Without it, the switch would continue sending frames to the dead router's port.
TL;DR Summary
FHRP provides a Virtual IP (Gateway) that stays active even if a physical router fails.
HSRP is Cisco's standard; VRRP is the open-standard equivalent.
GLBP is the only one that does true active-active load balancing.
Election: Highest Priority wins; use Preemption to ensure the primary router regains control after a reboot.
Verification: Use show standby brief to quickly check which router is currently Active.

Day 30: TCP and UDP
CCNA 200-301 Study Guide: Transport Layer (Layer 4)
1.0 The Role of the Transport Layer (Layer 4)
The Transport Layer serves as the bridge between application-level protocols and the network-level protocols responsible for routing. It manages the end-to-end conversation between applications on different hosts.
1.1 Core Functions
Session Multiplexing: Allows a host to handle multiple simultaneous sessions (e.g., multiple browser tabs) by assigning unique source port numbers to each session.
Application Identification: Uses destination port numbers to direct incoming data to the correct service (e.g., Port 80 for HTTP).
Segmentation: Breaks large data streams into smaller "segments" that fit within the network's Maximum Transmission Unit (MTU).
2.0 Deep Dive: TCP (Transmission Control Protocol)
TCP is connection-oriented and designed for applications that require absolute data integrity. It has a 20-byte header.
2.1 Key Characteristics
Reliable: Uses acknowledgments (ACKs) and retransmissions for lost data.
Ordered: Uses Sequence Numbers to ensure data is reassembled in the correct order.
Flow Control: Uses Windowing to prevent a sender from overwhelming a receiver.
2.2 Connection Management
The Three-Way Handshake (Establishment):
SYN: Client sends a request to synchronize.
SYN-ACK: Server acknowledges and requests a return connection.
ACK: Client acknowledges the server.
The Four-Way Handshake (Termination): Uses FIN and ACK flags to gracefully close both sides of the virtual circuit.
2.3 Reliability Mechanisms
Forward Acknowledgment: The ACK number indicates the next byte expected (e.g., if you receive byte 1000, you send ACK 1001).
Sliding Window: A dynamic flow control mechanism that adjusts how much data can be sent before an ACK is required based on network conditions.
3.0 Deep Dive: UDP (User Datagram Protocol)
UDP is connectionless and prioritizes speed over reliability. It has a lightweight 8-byte header.
3.1 Key Characteristics
Best-Effort Delivery: No acknowledgments, no retransmissions, and no sequencing.
Low Overhead: No connection setup delay (no handshake).
No Flow Control: Sends data as fast as the application allows.
3.2 Strategic Use Cases
Ideal for real-time traffic like VoIP and Video Streaming, where a dropped packet is better than a delayed/retransmitted one that causes jitter.
4.0 Head-to-Head Comparison: TCP vs. UDP
Feature
TCP
UDP
Type
Connection-Oriented
Connectionless
Handshake
Yes (3-Way)
No
Reliability
Reliable (ACKs/Retransmits)
Unreliable (Best-effort)
Sequencing
Yes
No
Flow Control
Yes (Sliding Window)
No
Header Size
20 Bytes
8 Bytes
Common Uses
HTTP, FTP, SMTP, SSH
VoIP, DNS, DHCP, SNMP
5.0 Layer 4 Addressing: Port Numbers
Ports are 16-bit addresses (0 – 65,535) used to identify specific application processes.
5.1 Port Number Ranges
Well-Known Ports (0 – 1,023): Common services (HTTP, SSH, etc.).
Registered Ports (1,024 – 49,151): Assigned for specific vendor applications.
Ephemeral Ports (49,152 – 65,535): Temporary source ports used by clients.
5.2 Essential Well-Known Ports for the CCNA
Protocol
Port(s)
Transport
Description
FTP
20, 21
TCP
File Transfer (21-Control, 20-Data)
SSH
22
TCP
Secure Remote Access
Telnet
23
TCP
Unencrypted Remote Access
SMTP
25
TCP
Sending Email
DNS
53
UDP/TCP
Name Resolution
DHCP
67, 68
UDP
Dynamic IP Assignment
TFTP
69
UDP
Trivial FTP
HTTP
80
TCP
Web Browsing (Cleartext)
POP3
110
TCP
Retrieving Email
SNMP
161, 162
UDP
Network Management
HTTPS
443
TCP
Secure Web Browsing
Syslog
514
UDP
System Logging
6.0 Practical Context & Key Exam Takeaways
6.1 Session Tracking
Request: Source Port: 51234 (Ephemeral) $\rightarrow$ Destination Port: 80 (Well-Known).
Reply: Source Port: 80 $\rightarrow$ Destination Port: 51234.
The reversal of port numbers is how a host keeps track of distinct conversations.
6.2 The DNS Exception
DNS primarily uses UDP 53 for speed. However, it switches to TCP 53 if the response exceeds 512 bytes or during Zone Transfers between servers.
6.3 Core Analogy
TCP is a Certified Letter: Requires a signature, has tracking, and pages are numbered.
UDP is a Postcard: Fast and cheap; you drop it in the mail and hope it arrives.

Days 31, 32, 33: IPv6
CCNA 200-301 Study Guide: IPv6 Fundamentals and Routing
1.0 Context: IPv6 in the CCNA 200-301 Exam
IPv6 is a core competency woven throughout the CCNA curriculum. Understanding both the theory and practical configuration is essential for success in the following domains:
Domain
Name
Weight
1.0
Network Fundamentals
20%
2.0
Network Access
20%
3.0
IP Connectivity
25%
Concepts are distributed across notation, address types, stateless autoconfiguration (SLAAC), and Neighbor Discovery Protocol (NDP).
2.0 The Architectural Shift: Header Improvements
IPv6 was designed to solve IPv4 address exhaustion, providing a 128-bit address space ($2^{128}$ addresses). It also introduced a more efficient, fixed-size 40-byte header.
Key Header Changes
No Checksum: Error checking is handled at Layer 2 and Layer 4, reducing CPU overhead at every Layer 3 hop.
Hop Limit: Replaces "Time to Live" (TTL). It performs the same function: preventing infinite loops.
Next Header: Replaces the "Protocol" field. It identifies the payload (TCP, UDP, ICMPv6) or chains extension headers.
Flow Label: A 20-bit field that allows routers to identify and prioritize specific traffic flows for Quality of Service (QoS).
3.0 Mastering IPv6 Notation
Because a 128-bit address is too long to write in full, RFC 5952 defines rules for compression.
Rule 1: Omit Leading Zeros: In any 16-bit hextet, leading zeros are unnecessary.
Example: 0db8 becomes db8.
Rule 2: The Double Colon (::): A single contiguous string of all-zero hextets can be replaced with ::.
Constraint: This can only be used once per address to avoid ambiguity.
Rule 3: Use Lowercase: Characters a through f should be lowercase for a consistent representation.
Example Compression:
Full: 2001:0db8:0000:0000:0000:ff00:0042:8329
Compressed: 2001:db8::ff00:42:8329
4.0 A Taxonomy of IPv6 Address Types
IPv6 eliminates Broadcast addresses, replacing them with more efficient Multicast methods.
4.1 Unicast (One-to-One)
Unicast Type
Address Range
Description
Global Unicast (GUA)
2000::/3
Publicly routable on the internet.
Unique Local (ULA)
fc00::/7
Private addresses for internal use; typically starts with fd.
Link-Local (LLA)
fe80::/10
Automatic for local link communication. Not routable.
Loopback
::1/128
Equivalent to 127.0.0.1.
4.2 Multicast (One-to-Many)
All multicast addresses begin with ff00::/8.
ff02::1: All Nodes (local link).
ff02::2: All Routers (local link).
ff02::1:ffxx:xxxx: Solicited-Node Multicast (used for address resolution).
4.3 Anycast (One-to-Nearest)
A single address assigned to multiple devices. Routers deliver the packet to the topologically "closest" device.
5.0 Interface ID and Address Assignment
5.1 Modified EUI-64 Process
A device can generate its own unique 64-bit Interface ID from its 48-bit MAC address:
Split the MAC address in half.
Insert fffe in the middle.
Flip the 7th bit (Universal/Local bit).
5.2 Assignment Methods
SLAAC: Host uses Router Advertisement (RA) messages to learn the prefix and generates its own Interface ID.
Stateless DHCPv6: Host uses SLAAC for its IP, but asks DHCP for "other" info (DNS, Domain Name).
Stateful DHCPv6: Host obtains its full configuration (including IP) from a DHCPv6 server.
6.0 Neighbor Discovery Protocol (NDP)
NDP replaces ARP and operates over ICMPv6. It uses targeted multicasts instead of noisy broadcasts.
Message Type
ICMPv6 Type
Purpose
Neighbor Solicitation (NS)
135
"Who has this IP?" (ARP Request equivalent).
Neighbor Advertisement (NA)
136
"I have that IP, here is my MAC." (ARP Reply equivalent).
Router Solicitation (RS)
133
Host asks, "Are there any routers here?"
Router Advertisement (RA)
134
Router says, "I am here, use this prefix."
7.0 Practical Application: CLI Reference
Global Configuration
# Mandatory command to allow the router to forward IPv6 packets
Router(config)# ipv6 unicast-routing
# Static Default Route
Router(config)# ipv6 route ::/0 <next-hop>
# Standard Static Route
Router(config)# ipv6 route <prefix>/64 <next-hop>
Interface Configuration
Router(config-if)# ipv6 enable                      # Generates an LLA only
Router(config-if)# ipv6 address 2001:db8:1::1/64    # Static GUA
Router(config-if)# ipv6 address autoconfig          # Use SLAAC
Router(config-if)# ipv6 address fe80::1 link-local  # Manually set LLA
Verification
show ipv6 interface brief: High-level status check.
show ipv6 route: View the IPv6 routing table.
show ipv6 neighbors: View the Neighbor Cache (equivalent to the ARP table).
8.0 Conclusion: Core Takeaways
Link-Local Addresses (fe80::/10) are mandatory for local communication and serve as the next-hop for routing protocols.
ipv6 unicast-routing must be enabled globally for a Cisco device to function as a router.
NDP replaces ARP, using Solicited-Node Multicasts for efficiency.
Header Efficiency: Removing the checksum and fixing the header size at 40 bytes improves core routing performance.

Days 34, 35: Access Control Lists
CCNA 200-301 Study Guide: Mastering Access Control Lists (ACLs)
1.0 Introduction: The Role of ACLs
In network engineering, an Access Control List (ACL) acts as a security bouncer. It inspects every packet attempting to cross a router interface and decides to Permit or Deny it based on specific rules.
Beyond security, ACLs are also used to "match" or classify traffic for:
NAT (Network Address Translation)
QoS (Quality of Service)
Demand Dial Routing
2.0 The Core Principles of ACL Processing
ACL logic is strict and predictable. Routers follow three fundamental rules when evaluating a packet against a list:
Sequential Order (Top-Down): The router starts at the first line and moves down.
First Match Execution: As soon as a match is found, the action (Permit/Deny) is taken, and processing stops. The router does not check subsequent lines.
The Implicit Deny: Every ACL ends with an invisible, unwritten deny any any. If a packet doesn't match any of your permit rules, it is dropped.
Instructor's Note: Because of the implicit deny, every functional ACL must contain at least one permit statement, or it will block 100% of traffic.
Application Rules
One ACL per interface, per protocol, per direction.
An interface can have one inbound IPv4 ACL and one outbound IPv4 ACL.
3.0 Standard vs. Extended ACLs
Feature
Standard ACL
Extended ACL
Criteria
Source IP Address only.
Source/Dest IP, Protocol, and Ports.
Number Range
1–99 and 1300–1999
100–199 and 2000–2699
Granularity
Low (Sledgehammer)
High (Scalpel)
Placement
Closest to the Destination
Closest to the Source
The Placement Logic
Standard (Sledgehammer): Since it only checks the source, placing it near the source might block the user from reaching everything. Place it near the destination to be specific.
Extended (Scalpel): Since it knows exactly where the packet is going and what port it's using, place it near the source to drop unwanted traffic early and save bandwidth.
4.0 Wildcard Masks and Syntax
4.1 Wildcard Mask Logic
Wildcard masks are the inverse of subnet masks.
0 bit: Match Exactly.
1 bit: Ignore ("Don't Care").
Keywords:
host: Equivalent to wildcard 0.0.0.0 (matches one IP).
any: Equivalent to wildcard 255.255.255.255 (matches everything).
4.2 Configuration Syntax
Standard ACL:
access-list 10 permit 192.168.1.0 0.0.0.255
Extended ACL:
access-list 101 permit tcp 10.1.1.0 0.0.0.255 any eq 80
Pro Tip: The established keyword in Extended ACLs allows return traffic for already active TCP sessions but blocks new connections initiated from the outside.
5.0 Essential Protocol and Port Reference
Service
Protocol
Port
Transport
ICMP
1
N/A
IP
TCP
6
N/A
IP
UDP
17
N/A
IP
SSH
N/A
22
TCP
Telnet
N/A
23
TCP
DNS
N/A
53
TCP/UDP
HTTP
N/A
80
TCP
HTTPS
N/A
443
TCP
TFTP
N/A
69
UDP
6.0 ACL Management and Verification
6.1 Editing with Sequence Numbers
Modern IOS allows you to edit specific lines without deleting the whole list:
ip access-list extended 101
no 20 (Deletes line 20)
25 permit udp any any eq 53 (Inserts new rule at line 25)
Resequencing: ip access-list resequence 101 10 10 (Starts at 10, increments by 10).
6.2 Verification Commands
show access-lists: The most important command. Shows the rules and the "hit counts" (how many times a rule was matched).
show ip interface <id>: Confirms if an ACL is applied and in which direction (In/Out).
7.0 Key Takeaways Summary
Top-Down Logic: Once a match is made, the router stops looking.
Implicit Deny: If you don't permit it, it's denied by default.
Standard: Match Source IP; place near Destination.
Extended: Match Source, Dest, Protocol, Port; place near Source.
Troubleshooting: Use show access-lists to check hit counts and verify your logic is actually catching traffic.

Day 36: CDP and LLDP
CCNA 200-301 Study Guide: Layer 2 Discovery (CDP & LLDP)
1.0 Fundamentals of Layer 2 Discovery
Layer 2 discovery protocols act as the "digital handshake" of a network, allowing devices to identify neighbors without requiring an IP address. They operate at the Data Link Layer, meaning discovery occurs as long as the physical link is up and the protocol is enabled.
Core Attributes
Operational Scope: Information is strictly point-to-point. Discovery frames are processed by the direct neighbor and then discarded; they are never forwarded.
Shared Data: Device IDs (Hostnames), IP addresses (for management), platform/capabilities, and local/remote interface mappings.
Security Risk: These protocols are "chatty" and broadcast sensitive topology data. Standard Practice: Disable discovery on untrusted ports (e.g., user-facing access ports) to prevent reconnaissance.
2.0 Cisco Discovery Protocol (CDP)
CDP is a Cisco-proprietary protocol used for identifying and managing Cisco hardware.
Operational Defaults
Status: Enabled globally and on all interfaces by default.
Multicast MAC: 0100.0CCC.CCCC
Default Timers:
Hello Timer: 60 seconds.
Holdtime: 180 seconds.
Version 2 (Default): Includes enhanced features like Native VLAN and duplex mismatch detection.
Configuration & Management
Command
Mode
Purpose
cdp run
Global
Enables CDP globally.
no cdp run
Global
Disables CDP globally.
cdp enable
Interface
Enables CDP on a specific port.
cdp timer [sec]
Global
Adjusts advertisement frequency.
cdp holdtime [sec]
Global
Adjusts neighbor retention time.
Verification Commands
show cdp: Checks global status and timers.
show cdp neighbors: Provides a summary table of adjacent Cisco devices.
show cdp neighbors detail: Provides Layer 3 addresses and software versions.
show cdp entry [name]: Focuses on a specific neighbor.
3.0 Link Layer Discovery Protocol (LLDP)
LLDP (IEEE 802.1AB) is the vendor-neutral standard required for discovery in multi-vendor environments.
Operational Defaults
Status: Typically disabled by default on Cisco switches.
Multicast MAC: 0180.C200.000E
Default Timers:
Hello Timer: 30 seconds.
Holdtime: 120 seconds.
Reinit Delay: 2 seconds.
Configuration & Management
Unlike CDP, LLDP allows for granular control over transmission and reception.
Command
Mode
Purpose
lldp run
Global
Enables LLDP globally.
lldp transmit
Interface
Enables sending LLDP frames on the port.
lldp receive
Interface
Enables processing incoming LLDP frames.
lldp timer [sec]
Global
Configures advertisement frequency.
lldp holdtime [sec]
Global
Configures the holdtime.
Verification Commands
show lldp
show lldp neighbors
show lldp neighbors detail
Note: LLDP uses B (Bridge) in its capability codes where CDP uses S (Switch).
4.0 Protocol Comparison Matrix
Feature
Cisco Discovery Protocol (CDP)
Link Layer Discovery (LLDP)
Ownership
Cisco Proprietary
IEEE 802.1AB (Standard)
Cisco Default
Enabled
Disabled
Hello Timer
60 Seconds
30 Seconds
Holdtime
180 Seconds
120 Seconds
Interface Logic
cdp enable (Binary)
transmit / receive (Granular)
VTP Support
Yes
No
Capability Code
S (Switch)
B (Bridge)