CCNAX v2.0 ICND1 100-101 ICND2 200-101 Official Cert Guide

CCNA Exam
Exam Number: 200-120 CCNA
Associated Certifications: CCNA Routing and Switching
Duration: 90 minutes (50-60 questions)
Available Languages: English
Click Here to Register: Pearson VUE
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions
Register for Courses: CCNAX v2.0 course and other offerings

 New version of CCNA Exam Is Now Available
From March 26, 2013 through September 30, 2013, candidates can choose to take either the 640-802 CCNA exam or the 200-120 CCNA exam.

 Beginning October 1, 2013, the 200-120 CCNA exam will be the only exam available for registration. Candidates who register for the 200-120 CCNA exam should prepare using
200-120 CCNA exam topics.

ICND1 100-101 Official Cert Guide 
ICND2 200-101 Official Cert Guide

Read more »

Cisco Packet Tracer 6.0.1

Cisco Packet Tracer 6.0.1

We are pleased to announce the release of Cisco Packet Tracer (PT) 6.0.1, which includes the following new protocol support and enhanced functionality:  

• Supports IOS 15.2 and its licensing methodology
• Provides enhanced IPv6 support
• Supports new devices such as ISR 1941, ISR 2901, ISR 2911, terminal server interface, and servers with two network interface cards
• Supports Hot Standby Router Protocol (HSRP) and ACL sequence numbers
• Provides new capability with PT LAN and WAN Multiuser Servers to create multiuser games and activities
• Provides new capability with PT Bridge to connect real network equipment to the Packet Tracer environment

For windows
Download Cisco Packet Tracer 6.0.1 for Windows (no tutorials)

Download Cisco Packet Tracer 6.0.1 for Windows (with tutorials)
Backup Link
Download Cisco Packet Tracer 6.0.1 

Cisco packet tracer 6.0.1 For linux

Download Cisco Packet Tracer 6.0.1 for Ubuntu

Read more »

Cisco Load Balancing Scenario

Objective

•  Maipu 1800 CPE router need to perform load balancing in between two outgoing interfaces F0 and F1
•  If one WAN link is down, then another wan link will be primary, vice versa.
• As the faulty link is restored, Both WAN link should do load balancing for LAN traffic.

Topology 

Description 

Load Balancing

Load balancing is based on a combination of source and destination packet information; it allows you to optimize resources by distributing traffic over multiple paths for transferring data to a destination. You configure load balancing on outbound interfaces on a per-destination or per-packet basis.

Types Load balancing – Per destination load balancing and Per packet load balancing.

   Per-Destination and Per-Packet

Per-destination load balancing allows the router to distribute packets based on the destination address, and uses multiple paths to achieve load sharing. Packets for a given source-destination host pair are guaranteed to take the same path, even if multiple paths are available. For example, given two paths to the same network, all packets for destination1 on that network go over the first path, all packets for destination2 on that network go over the second path, and so on. Per-destination load balancing is enabled by default when you start the router, and is the preferred load balancing for most situations.

Per-packet load balancing allows the router to send successive data packets over paths without regard to individual hosts or user sessions. It uses the round-robin method to determine which path each packet takes to the destination. With per-packet load balancing enabled, the router sends one packet for destination1 over the first path, the second packet for (the same) destination1 over the second path, and so on. Per-packet load balancing ensures balancing over multiple links.

Although path utilization with per-packet load balancing is beneficial, packets for a given pair of source-destination hosts might take different paths. This means that per-packet load balancing can introduce reordering of packets. This load balancing method would be inappropriate for certain types of data traffic (such as voice traffic over IP) that depend on packets arriving at the destination in sequence.

Use per-packet load balancing to ensure that a path for a single source-destination pair does not get overloaded. If the bulk of data passing through parallel links is for a single pair, per-destination load balancing overloads a single link while other links have very little traffic. Enabling per-packet load balancing allows you to use alternate paths to the same busy destination.

Devices used in Testing 

Maipu 1800-22-AC

IOS Details 

Main Configuration:

interface fastethernet0

 description ### ISP1 ###

 ip address 100.1.1.1 255.255.255.252

 keepalive gateway 100.1.1.2

 exit

interface fastethernet0

 description ### ISP2 ###

 ip address 200.1.1.1 255.255.255.252

 keepalive gateway 200.1.1.2

 exit

interface vlan1

 description ### LOCAL LAN ###

 ip address 201.1.1.1 255.255.255.0

 exit

ip route 0.0.0.0 0.0.0.0 100.1.1.2

ip route 0.0.0.0 0.0.0.0 200.1.1.2

Output 

Show ip route

router#sh ip route

S   0.0.0.0/0 [1/100] via 100.1.1.2, 0:01:10, fastethernet0

S   0.0.0.0/0 [1/100] via 200.1.1.2, 0:01:04, fastethernet1

Notes 

• By default per destination load balancing will work.
• To configure per packet load balancing
• router(config)#ip load-sharing per-packet
• After above configuration, load balancing will work per packet basis.
• As F0 (ISP-1) link is down, all LAN traffic will take F1 as primary path, vice versa.
• After faulty link restored, Traffic will be again go with configured load balancing algorithm. 

d    Hope this testing report will help you in live network implementations. 

Read more »

How to Time-based, Inbound Rate Limiting

Slaptijack reader Raj is looking for a way to limit inbound traffic on his switch ports based on the time of day. Specifically, he wants to restrict speed to 256 Kbps between 9 AM and 9 PM, and allow up to 1 Mbps the rest of the day. I've done something similar to this in the past, but with only one restriction, not two. Hopefully, this configuration will work!
Note: This post is based on the work of a previous post on Cisco Catalyst rate limiting. Although I know that this will work in some cases, it may not work in yours. In other words, your mileage may vary.

Raj, the key to time-based rate limiting is to use the time range command built into IOS. In your case, we want to define the time range from 9 AM to 9 PM:

time-range DAILY-0900-2100
 periodic daily 7:00 to 21:00

Next, we need our access lists:

ip access-list extended ACL-0900-2100
 permit ip any any time-range DAILY-0900-2100
ip access-list extended ACL_ALL_HOURS
 permit ip any any

And now our class maps to define which traffic to match:

class-map match-all 256K
 match access-group name ACL-0900-2100
class-map match-all 1M
 match access-group name ACL_ALL_HOURS

And finally, our policy map:

policy-map POLICY-IN
 class 256K
  police 256000 8000 exceed-action drop
 class 1M
  police 1000000 12500 exceed-action drop

Put it all together, and it looks like this:

time-range DAILY-0900-2100
 periodic daily 7:00 to 21:00
!
ip access-list extended ACL-0900-2100
 permit ip any any time-range DAILY-0900-2100
ip access-list extended ACL_ALL_HOURS
 permit ip any any
!
class-map match-all 256K
 match access-group name ACL-0900-2100
class-map match-all 1M
 match access-group name ACL_ALL_HOURS
!
policy-map POLICY-IN
 class 256K
  police 256000 8000 exceed-action drop
 class 1M
  police 1000000 12500 exceed-action drop

Read more »

How to Inbound Rate Limiting on Cisco Catalyst Switches

If you need to limit the inbound bandwidth of a switch port on a Cisco Catalyst, the key is in the QoS configuration.
This particular configuration was done on a Cisco Catalyst 2960.

As I mentioned, the key is QoS. The first thing you need to do is globally enable QoS with the mls qos configuration command. Once this command is enabled, QoS is enabled on all ports with default settings.
Next, we'll need an access-list to match traffic on. In this example, we are going to police all traffic coming through the switch port, so our access-list will match all IP addresses.

ip access-list extended ACL_SLAP
 permit ip any any

A class map is necessary to classify our traffic.

class-map match-all CLASS_SLAP
  match access-group name ACL_SLAP

The policy map dictates what we want done to the traffic class previously defined. The police configuration command sets our rate limit in this example to 8 Mbps the a burst size of 100 KB. The burst size is the trickiest part of this command. If the burst is set too low, your traffic will not be able to approach the maximum allowed throughput do to packet drops.
Because TCP window scaling halves the window size for each dropped packet, it's important to set the burst size at a level that doesn't impact performance. The rule of thumb is that the burst size should be double the amount of traffic sent at the maximum rate at a given round-trip time. In this example, I assumed a round-trip time of 50 ms which results in a burst size of 100 KB.

policy-map POLICY_SLAP
  class CLASS_SLAP
    police 8000000 100000 exceed-action drop

Finally, apply the policy-map to the switch port with the service-policy configuration command.

interface GigabitEthernet0/2
 service-policy input POLICY_SLAP

And now you're done. In our example, we configured a switch port to only allow inbound traffic at 8 Mbps. We won't be able to truly max the 8 Mbps, but we should come close.

This is the full text rate limiting example

mls qos

ip access-list extended ACL_SLAP
 permit ip any any
 
class-map match-all CLASS_SLAP
  match access-group name ACL_SLAP

policy-map POLICY_SLAP
  class CLASS_SLAP
    police 8000000 100000 exceed-action drop

interface GigabitEthernet0/2 

 service-policy input POLICY_SLAP 

Read more »

How to enable routing on a 2960 series?

Your 2960 need to run IOS Version 12.2.55 or higher to enable lanbase-routing
To enable routing we need two things. Firstly activate the functionality sdm prefer lanbase-routing and subsequently enable ip routing.

You need to reload for the change to take place.
After the system reload, you can use the show sdm prefer command to verify the change.

An example of routing between vlan.

Now if you ping from the vlan 1 to the vlan 2 it should work. 

Read more »

Hướng dẫn cấu hình Router Cisco Loadbalancing trên 2 tuyến FTTH

1. Cấu hình Interface kết nối 2 tuyến FTTH
CISCO(config)#int g0/0
CISCO(config-if)#description #FTTH FPT#
CISCO(config-if)#pppoe enable group global
CISCO(config-if)#pppoe-client dial-pool-number 1
CISCO(config-if)#no shut
 CISCO(config)#int g0/1
CISCO(config-if)#description #FTTH VNPT#
CISCO(config-if)#pppoe enable group global
CISCO(config-if)#pppoe-client dial-pool-number 2
CISCO(config-if)#no shut CISCO(config)#dialer-list 1 protocol ip permit
2. Khai báo thông tin chứng thực 2 tuyến FTTH 
CISCO(config)#int dialer 1
CISCO(config-if)#description #FTTH FPT#
CISCO(config-if)#ip address negotiated
CISCO(config-if)#ip mtu 1492
CISCO(config-if)#ip nat outside
CISCO(config-if)#encapsulation ppp
CISCO(config-if)#dialer pool 1
CISCO(config-if)#dialer-group 1
CISCO(config-if)#ppp pap sent-username password 0 
CISCO(config-if)#no shut 
CISCO(config-if)#exit 
 CISCO(config)#int dialer 2 
CISCO(config-if)#description #FTTH VNPT# 
CISCO(config-if)#ip address negotiated 
CISCO(config-if)#ip mtu 1492 
CISCO(config-if)#ip nat outside 
CISCO(config-if)#encapsulation ppp 
CISCO(config-if)#dialer pool 2 
CISCO(config-if)#dialer-group 1 
CISCO(config-if)#ppp pap sent-username password 0 
CISCO(config-if)#no shut 
CISCO(config-if)#exit
3. Cấu hình Loadbalancing 
CISCO(config)#track 1 interface Dialer1 ip routing 
CISCO(config-track)#delay down 5 up 10 
CISCO(config)#track 2 interface Dialer2 ip routing 
CISCO(config-track)#delay down 5 up 10 
CISCO(config)#route-map nat1 permit 10 
CISCO(config-route-map)#match interface Dialer1 
CISCO(config-route-map)#set interface Dialer1 
CISCO(config)#route-map nat2 permit 20 
CISCO(config-route-map)#match interface Dialer2 
CISCO(config-route-map)#set interface Dialer2 
CISCO(config)#ip nat inside source route-map nat1 interface Dialer1 overload 
CISCO(config)#ip nat inside source route-map nat2 interface Dialer2 overload 
CISCO(config)#ip route 0.0.0.0 0.0.0.0 Dialer1 track 1 
CISCO(config)#ip route 0.0.0.0 0.0.0.0 Dialer2 track 2

Read more »

How can we limit the bandwidth on Cisco router ?

We have a router, f0/0 will be for the Internet connection with bandwidth of 30Mbps.
Its f0/1 will be connected to a switch for internal networks.
This link will be separated to 3 VLANs for 3 internal networks.
Is there is a way to guarantee 10Mbps for each VLAN but allow use up to 30Mbps when another two VLANs are not using any Internet bandwidth?
We worry about download bandwidth from internet.

The 3 internal networks will all have public IPs and they belong to their own subnets. There won't be NAT/PAT. Is there a sample config. available?

The following example polices the inside interface to 30Mbps. It also utilizes a fair queue mechanism so that all subnets are queued equally yet can use the entire purchased rate in the absence of competing traffic.

Command:

access-list 101 permit ip any a.a.a.a w.w.w.w ## Subnet A

access-list 102 permit ip any b.b.b.b w.w.w.w ## Subnet B

access-list 103 permit ip any c.c.c.c w.w.w.w ## Subnet C

class-map subnet-a
match access-group 101

class-map subnet-b
match access-group 102

class-map subnet-c
match access-group 103

policy-map subnets
class-map subnet-a
bandwidth percent 33
class-map subnet-b
bandwidth percent 33
class-map subnet-c
bandwidth percent 33
exit

policy-map physical
class class-default
police 30000000 conform-action transmit exceed-action drop
service-policy subnets
exit

int fa0/1
service-policy output physical
exit

    The parent policy (physical) limits the traffic to 30Mbps. The child policy (subnets) allocates 33% of available bandwidth to each subnet. In this case it should be very close to 10Mbps for each subnet. This is a fair queue mechanism so it will only enforce the 10Mbps limit if all subnets are in contention with each other. If subnet A and B are idle subnet C can take all 30Mbps.

    A it to the physical interface should affect all traffic traversing that interface; which includes all sub-interfaces. Please click here for an example.

    If this techniques doesn't support 1800 you could police each sub-interface. This would ensure good service for everyone but leave bandwidth unused and unavailable during idle times.

Read more »

Video Introduction to New CCNAv5.0 Curriculum

CCNAv5.0........

As previously announced, NetAcad is releasing a new version of our CCNA curriculum this year. We are delighted to share an exciting video introduction to the new CCNA curriculum with you. This is one of many communications we will be sending over the coming months to provide regular updates on our progress and share more in-depth information, including the scope and sequence, equipment requirements, and phase release plans.

You told us what you wanted and we listened. This short video begins with an animation that captures the essence of how the flexibility of the new CCNA curriculum will enable you to accommodate diverse student learning goals and personalize the courses to fit your own teaching style.

As a reminder, we are targeting phased releases of the new CCNA courses starting in June 2013, with all courses to be available by December 2013. Thank you for your continued collaboration as we bring you this exciting new version of CCNA.

The new CCNA curriculum represents the future of Mind Wide Open teaching and learning.

Join us in the new CCNA experience.

Read more »