{"id":906,"date":"2024-12-24T01:37:31","date_gmt":"2024-12-23T22:37:31","guid":{"rendered":"https:\/\/itgen.itbumper.com\/?page_id=906"},"modified":"2024-12-24T01:37:32","modified_gmt":"2024-12-23T22:37:32","slug":"0099_cisco-general-ccna","status":"publish","type":"page","link":"https:\/\/itgen.itbumper.com\/?page_id=906","title":{"rendered":"0099_Cisco: General CCNA"},"content":{"rendered":"\n\n
\n#General CCNA\n#=====================================================================\n#Redurant Internet Connection\n#\t-Single Homed\t= 1 connection to 1 ISP\n#\t-Dual Homed\t\t= 2 connections to 1 ISP\n#\t-Multihomed\t\t- 1 connection to each of 2 ISP\n#\t-Dual Multihomed- 2 connections to each of 2 ISP\n\n#=====================================================================\n\n#=====================================================================\n\n#MPLS\n#Multi Protocol Label Switching\n#\tCE router - Customer Edge router\n#\tPE router - Provider Edge router\n#\tP  router - Provider Core router\n\n#\t\t\t\t  |-Service Provider|\n# Office A (CE)===|PE|=====P=====|PE|===(CE) Office B\n#\t\t\t\t  |-Service Provider|\n\n#The CE Routers do not use MPLS, it is only used by the PE and P routers\n#When using a layer 3 MPLS VPN, the CE and PE routers using OSPF, for example, to share routing information\n#When using a layer 2 MPLS VPN, the CE and PE routers do not form peering\n#\t-The ISP`s network is entirely transparent to the CE routers\n#\t-In effect, it is like the two CE routers are directly connected. Their WAN interfaces will be in the same subnet\n#\t-If a routing protocol is used, the two CE routers will peer directly with each other\n\n#=====================================================================\n\n\n#=====================================================================\n\n#Internet VPNs \n#Private WAN services such as leased lines and MPLS provide security because each customers traffic is separated \n#by using dedicated physical connections (leased lines) or by MPLS tags. Another way is using VPNs.\n#CCNA coves only Site-to-Site using IPsec and Remote-access VPNs using TLS\n\n#Site-to-Site VPN\n#There are some limitations to standart IPSec:\n#\t-IPSec doesn`t support broadcast and multicast traffic, only unicast. This means that routing protocolas such as OSPF\n\t can`t be used over the tunnels because they rely on multicast traffic, but this can be solved with "GRE over IPSec"\n\t-Configuring a full-mesh of tunnels between many sites is a labor-intensive task, but this can be solved with Cisco DMVPN\n\n#GRE over IPsec\n#Generic Routing Encapsulation creates tunnels like IPSec, however it doesn`t encrypt the original packet, so it is not secure\n#However it has the advantage of being able to encapsulate a wide variety of layer 3 protocols as well as broadcast and multicast messages\n#To get the flexibility of GRE with the security of IPSec "GRE over IPSec" can be used\n#ORIGINAL PACKET+GRE HEADER+IPSec HEADER-->Encrypt-->Encryped {IPSec HEADER and IP HEADER}\n#=====================================================================\n\n#=====================================================================\n#DMVPN (Dynamic Multipoint VPN) is a Cisco solution. It allows routers to dynamically create a full mesh of IPSec tunnels\n#without having to manually configure every single tunnel\n\n$HOW TO, Steps:\n#\t1. Configure IPSec tunnels to a hub site. (Each router must have a connection with main router)\n#\t2. The hub (main) router gives each route information about how to form an IPSec tunnel with the other routers\n\n#Remote-Access VPNs\n#Remote-access VPNs typacally use TLS (Transport Layer Security)\n#\t-TLS also provides security for HTTPS\n#\t-TLS was formerly known as SSL (Secure Socket Layer) and developed by Netscape, but it was renamed to TLS\n#\t-VPN client software - Cisco AnyConnect (TLS VPN Tunnel)\n#=====================================================================\n\n#=====================================================================\n#Architectures\n#\t-2-Tier and 3-Tier LAN Architectures\n#\t-Spine-Leaf Architecture (DATA-center)\n#\t-SOHO (Small Office Home Office)\n\n#\t-STAR Topology\n#\t-Full Mesh\n#\t-Portial Mesh\n\n#2-Tier Campus LAN Desing\n#\t-Access Layer\n#\t-Distribution Layer\n#Also called "Collapsed Core" desing because it omits a layer that is found in the 3-Tier design the Core Layer\n\n#\tAccess Layer - usually setup QoS, Port Security, DAI, PoE, etc\n#\tDistribution Layer - usually it is an edge between L2 and L3. WAN, Services etc\n#If you have more than 3 distribution layer in a single location - use Core Layer\n#\tCore Layer:\n#\t-Connected Distribution layers together in large LAN networks\n#\t-The focus is a speed (fast transport)\n#\t-CPU-intensive operations such as security, QoS maiking \/ classification, etc shoukd be avoided at this layer\n#\t-Connections are all layer 3. No spannigt-tree\n#\t-Should maintain connectivity throught the LAN even if device fail\n#=====================================================================\n#\tUCS\t(Unified Computing System)\n\n#\tVirtualisation types:\n#\t\t- Type 1 hypervisor (Bare-Metall)\n#\t\t\tThe type of hypervisor which runs directly on top of the hardware\n#\t\t\tVMWare ESXi, MS Hyper-V, QEMU-KVM\n#\t\t- Type 2 hypervisor (Hosted hypervisor)\n\t\t\tThe hypervisor runs as a programm on an operating system like a regular computer programm\n\t\t\tOracle Virtual Box, VMWare  Workstation etc\n\t\t\t\n#\tBoth types use Virtual switching\n\n#\tCloud Services\n#\t- On-premises\n#\t\tAll servers, network devices, and over infrastructure are located on a company property\n#\t\tAll equipment is purchased and owend by the company using it\n#\t\tThe company is responsible for the nexessary space, power, colling and etc\n#\t- Colocation\n#\t\tData centers that rent out space for customers to put their infrastructure (servers, network devices)\n#\t- Cloud Services\n#\t\tTo understand what the clous is, lets look at the following outined is SP 800-145\n#\t\t\ta) Five essential characteristics\n#\t\t\tb) Three service models\n#\t\t\tc) Four deployment models\n#\t\t\n#\t\ta)\n#\t\t\t- On demand self-service \t#User can choose to start and stop using a service\n#\t\t\t- Broad network access\t\t#Provide access for IP Phones (ie UISCOM), Think-clients etc \n#\t\t\t- Resource pooling\t\t\t#Provide resources when needed\n#\t\t\t- Rapid elasticity\t\t\t#Quick Scalability\n#\t\t\t- Measured service\t\t\t#Need more resources - pay more, less - less\n\n#\t\tb)\t\n#\t\t\t- Sofware as a Service (SaaS) - like Office 365, gmail etc\n#\t\t\t- Platform as a Service (PaaS)\n#\t\t\t- Infrastructure as a Service (IaaS) -like Amazon EC2\n\n#\t\tc)\n#\t\t\t- Public cloud like AWS, AZURE, GCP, OCI, IBM cloud, Alibaba cloud\n\t\t\t- Prived cloud\n\t\t\t- Community cloud\n\t\t\t- Hybrid cloud\n#=====================================================================\n<\/pre><\/div>","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"categories":[],"tags":[],"_links":{"self":[{"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/pages\/906"}],"collection":[{"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=906"}],"version-history":[{"count":1,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/pages\/906\/revisions"}],"predecessor-version":[{"id":907,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=\/wp\/v2\/pages\/906\/revisions\/907"}],"wp:attachment":[{"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=906"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=906"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itgen.itbumper.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=906"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}