Chapter 2 : Configure a Network Operating System

Posted on by dtsagitap

       A network operating system enables device hardware to function and provides an interface for users to interact. In the CCNA course of study, students learn to configure both devices that connect to the network (end devices such as PCs) and devices that connect networks together (intermediary devices like routers and switches). Learning to configure the Cisco Internetwork Operating System (Cisco IOS) on Cisco routers and switches is a large part of the Cisco CCNA program of study.

Operating System

operating system

  1. Shell – the user interface that allows users to request specific tasks from the computer. These requests can be made either through the CLI or GUI interfaces.
  2. Kernel – communicates between the hardware and software of a computer and manages how hardware resources are used to meet software requirements.
  3. Hardware – the physical part of a computer including underlying electronics.

Access Methods

       There are several ways to access the CLI environment and configure the device. The most common methods are:

  • Console – A physical port of a cisco device that provides access to the device via a dedicated management channel, also known as out-of-band access
  • SSH – A protocol to establish a remote secure CLI connection over the network.
  • Telnet – An insecure method of remotely establishing a CLI session through a virtual interface, over a network.

Primary Command Modes

command

       As a security feature, the Cisco IOS software separates management access into the following two command modes:

  • User EXEC Mode – This mode has limited capabilities but is useful for basic operations. It allows only a limited number of basic monitoring commands but does not allow the execution of any commands that might change the configuration of the device. The user EXEC mode is identified by the CLI prompt that ends with the > symbol.
  • Privileged EXEC Mode – To execute configuration commands, a network administrator must access privileged EXEC mode. Higher configuration modes, like global configuration mode, can only be reached from privileged EXEC mode. The privileged EXEC mode can be identified by the prompt ending with the # symbol.

Configuration Command Modes

Two common sub-configuration modes include:

  • Line Configuration Mode – Used to configure console, SSH, Telnet, or AUX access.
  • Interface Configuration Mode – Used to configure a switch port or router network interface.

Basic IOS Command Structure

Basic ios command

  • Keyword– a specific parameter defined in the operating system (in the figure, ip protocols)
  • Argument – not predefined; a value or variable defined by the user (in the figure, 192.168.10.5)

Hotkeys and Shortcuts

table1

table2

Device Names

       Hostnames that appear in CLI prompts can be used in various authentication processes between devices, and should be used on topology diagrams. Identify network devices, hostnames should:

  • Start with a letter
  • Contain no spaces
  • End with a letter or digit
  • Use only letters, digits, and dashes
  • Be less than 64 characters in length

Configure Hostnames

hostnm

        As shown in Figure, from the privileged EXEC mode, access the global configuration mode by entering the configure terminal command. Notice the change in the command prompt.

       From global configuration mode, enter the command hostname followed by the name of the switch and press Enter. Notice the change in the command prompt name.

Note: To remove the configured hostname and return the switch to the default prompt, use the no hostname global config command.

Secure Device Access

       The use of weak or easily guessed passwords continues to be a security issue in many facets of the business world. Network devices, including home wireless routers, should always have passwords configured to limit administrative access.

       Cisco IOS can be configured to use hierarchical mode passwords to allow different access privileges to a network device.

Configure Passwords

       The most important password to configure is access to the privileged EXEC mode, as shown in Figure 1. To secure privileged EXEC access, use the enable secret password global config command.

exec
Figure 1

       To secure the user EXEC access, the console port must be configured, as shown in Figure 2. Enter line console configuration mode using the line console 0 global configuration command. The zero is used to represent the first (and in most cases the only) console interface. Next, specify the user EXEC mode password using the password password command. Finally, enable user EXEC access using the login command. Console access will now require a password before gaining access to the user EXEC mode.

console
Figure 2

       Virtual terminal (VTY) lines enable remote access to the device. To secure VTY lines used for SSH and Telnet, enter line VTY mode using the line vty 0 15 global config command, as shown in Figure 3. Many Cisco switches support up to 16 VTY lines that are numbered 0 to 15. Next, specify the VTY password using the password password command. Lastly, enable VTY access using the login command.

vty
Figure 3

Encrypt Password

       The startup-config and running-config files display most passwords in plaintext. This is a security threat since anyone can see the passwords used if they have access to these files.

      To encrypt passwords, use the service password-encryption global config command. The command applies weak encryption to all unencrypted passwords. This encryption applies only to passwords in the configuration file, not to passwords as they are sent over the network.

Use the show running-config command to verify that passwords are now encrypted.

Banner Messages

       To create a banner message of the day on a network device, use the banner motd # the message of the day # global config command. The “#” in the command syntax is called the delimiting character. It is entered before and after the message. The delimiting character can be any character as long as it does not occur in the message. For this reason, symbols such as the “#” are often used. After the command is executed, the banner will be displayed on all subsequent attempts to access the device until the banner is removed.

Save the Running Configuration File

There are two system files that store the device configuration:

  • startup-config – The file stored in Non-volatile Random Access Memory (NVRAM) that contains all of the commands that will be used by the device upon startup or reboot. NVRAM does not lose its contents when the device is powered off.
  • running-config – The file stored in Random Access Memory (RAM) that reflects the current configuration. Modifying a running configuration affects the operation of a Cisco device immediately. RAM is volatile memory. It loses all of its content when the device is powered off or restarted.

 

Chapter 1 : Explore The Network

Posted on by dtsagitap

       This chapter introduces the platform of data networks upon which our social and business relationships increasingly depend. The material lays the groundwork for exploring the services, technologies, and issues encountered by network professionals as they design, build, and maintain the modern network.

How Networks Support we communicate?

Some forms of communication include:

  • Texting –  Texting enables instant real-time communication between two or more people.
  • Social Media – Social media consists of interactive websites where people and communities create and share user-generated content with friends, family, peers, and the world.
  • Collaboration Tools – tools that allow individuals to work together as a team on a project, no matter where they are located.
  • Blogs – web pages easily updated and edited by a person who wants to express his or her opinions about any subject.
  • Wikis – a web page that can be created and edited by a group of people.
  • Podcasting – a technology that allows people to access a website and download an audio recording delivered by someone.
  • Peer-to-Peer (P2P) File Sharing – Peer-to-Peer file sharing allows people to share files with each other without having to store and download them from a central server. the user joins P2P network by simply installing the P2P software. P2P file sharing has not been embraced by everyone. Many people are concerned about violating the laws of copyrighted materials.

Intermediary Network Devices

       Intermediary devices connect the individual end devices connect the individual end devices to the network and can connect multiple individual networks to form an internetwork. These intermediary devices provide connectivity and ensure that data flows across the network.

intermediary

Network Media

       Modern networks primarily use three types of media to interconnect devices and to provide the pathway over which data can be transmitted. These media are:

Copper – data is encoded into electrical impulses

Copper

Glass or Plastic Fibers (Fiber Optic Cable) – data is encoded as pulses of light

fiber optic

Wireless Transmission – data is encoded using wavelengths from the electromagnetic spectrum

wireless

Network Representations

representations

       Diagrams of networks often use symbols, like those shown in Figure, to represent the different devices and connections that make up a network. A diagram provides an easy way to understand how devices in a large network are connected. This type of “picture” of a network is known as a topology diagram. The ability to recognize the logical representations of the physical networking components is critical to being able to visualize the organization and operation of a network.

Topology Diagrams

Topology diagrams are mandatory for anyone working with a network. They provide a visual map of how the network is connected.

There are two types of topology diagrams:

  1. Physical Topology Diagrams – identify the physical location of intermediary devices and cable installation.
  2. Logical Topology Diagrams – identify devices, ports, and addressing scheme.

Types of Networks

  • Local Area Network (LAN) – A network infrastructure that provides access to users and end devices in a small geographical area, which is typically an enterprise, home, or small business network owned and managed by an individual or IT department.
  • Wide Area Network (WAN) – A network infrastructure that provides access to other networks over a wide geographical area, which is typically owned and managed by a telecommunications service provider.

Other Type of Networks Include:

  • Metropolitan Area Network (MAN) – A network infrastructure that spans a physical area larger than a LAN but smaller than a WAN (e.g., a city). MANs are typically operated by a single entity such as a large organization.
  • Wireless LAN (WLAN) – Similar to a LAN but wirelessly interconnects users and end points in a small geographical area.
  • Storage Area Network (SAN) – A network infrastructure designed to support file servers and provide data storage, retrieval, and replication.

Continue reading Chapter 1 : Explore The Network