CCIE SEC General Networking

Basics
1. Have you tried switching it off & on again?
OSI Layers
1. Application
  1. Layer 7
  2. SMTP
  3. HTTP
2. Presenetation
  1. Layer 6
  2. XML / HTML
  3. GIF / JPEG
3. Session
  1. Layer 5
  2. Controls Connections... i.e. source port to destination port.. and source port tied to applications
4. Transport
  1. Layer 4
  2. TCP
  3. UDP
  4. ICMP
5. Network
  1. Layer 3
  2. Logical Addressing
  3. IP
  4. Routing
6. Data-Link
  1. Layer 2
  2. MAC Addresses
  3. ARP
  4. Switching
7. Physical
  1. Layer 1
  2. Physical Connections, plugs
  3. Fibre / Copper
TCP/IP Protocols
1. ICMP
  1. Protocol 1
  2. Types
    1. 0 Echo Reply
    2. 3 Destination Unreachable
    3. 4 Source Quench
    4. 5 Redirect
    5. 8 Echo Request
    6. 11 TTL Expired
2. TCP
  1. Protocol 6
  2. Connection-Orientated
3. UDP
  1. Protocol 17
  2. Connection LESS
4. IP v4
  1. Class A
  2. Class B
  3. Class C
  4. Class D
    1. MultiCast
  5. Class E
    1. Experimental
  6. RFC 1918
  7. RFC 2827
5. IP v6
Switching
1. VTP
  1. Modes
    1. Server
      1. DEFAULT!
    2. Client
    3. Transparent
      1. All VLANS are local
  2. Layer 2 Frames
  3. Domains
    1. Revision Number
      1. To re-Set to 0
      2. Change Domain Name
      3. Change Switch Mode
    2. VLANS in domain
    3. Paramaters
      1. Mode
      2. Version 2
      3. Version 2
      4. Pruning
2. VLANS
3. Spanning Tree
  1. BPDU
    1. Notication Frames
      1. Note Generated by spanning-tree portfast
    2. Config Frames
    3. Set with Source Mac & root bridge MAC
  2. Security
    1. Root Gurad
      1. Stops new root Bridge BPDUs, allows switches to connect
    2. BPDU Guard
      1. Rejects ANY BPDU
    3. Loop Gurad
      1. Stops Loops forming if no BPDU recieved
    4. UDLC
      1. UNI-Directional Loop Detection
      2. used to detect if tx or rx breaks
      3. Normal Mode = Log
      4. Aggressive Mode = Err_Disable Port
    5. BPDU Filter
      1. Filters Outbound BPDU
4. Trunking
Routing Protocols
1. RIP
  1. Distance Vector
  2. UDP 520
  3. Admin Distance 120
  4. Load Balance upto 16 paths
  5. Version 1
    1. Broadcast Updates
    2. Classfull
    3. No Authentication
  6. Version 2
    1. Classless, VLSM = ok!
    2. Auto Summary on Class
    3. MULTICAST - 224.0.0.8
    4. Authentication
2. EIGRP
  1. Admin Distance 90
3. IGRP
  1. Admin Distance 100
4. OSPF
  1. Admin Distance 110
  2. Multicast
    1. 224.0.0.5 (all SPF/link state routers, also known as AllSPFRouters)
    2. 224.0.0.6 (all Designated Routers, AllDRouters)
  3. OSPF does not use TCP or UDP but uses IP directly, via IP protocol 89
  4. Open Shortest Path First
  5. Classless, VLSM = ok!
  6. Link-State Routing Protocol
  7. LSA
    1. Link State Announcement
      1. Types
      2. LSA 1
      3. LSA 2
      4. LSA3
  8. IGP (Interior gateway protocol)
  9. All Areas must connect to Area 0
    1. Virtual Link can create a temp link to area 0
    2. Area 0 is the backbone area
  10. Stub Area
    1. A stub area is an area which does not receive external routes except the default route
  11. Configuring OSPF Authentication on a Virtual Link
    1. ip ospf authentication-key cisco
    2. area 1 virtual-link 3.3.3.3 authentication-key cisco
  12. Sample Configuration for Authentication in OSPF
    1. Types
      1. Null Authentication
      2. Plain Text Authentication
      3. MD5 Authentication
    2. show ip ospf interface serial0
5. BGP
  1. TCP 179
IP Multicast