This is the fourth in a series of articles on the six sections of Cisco’s CCNA certification exam 200-301, which earns the CCNA (Cisco Certified Network Associate) certification.
As a reminder, in this series we’re taking a look at all the many things you need to know for the Cisco’s 200-301 CCNA certification exam. The 200-301 Exam blueprint is divided into 6 components, each component having a different weight associated with it. Here are the categories, weights, and possibly the number of questions for each:
- 1.0 Network Fundamentals – 20% – 20 questions
- 2.0 Network Access – 20% – 20 questions
- 3.0 IP Connectivity – 25% – 25 questions
- 4.0 IP Services – 10% – 10 questions
- 5.0 Security Fundamentals – 15% – 15 questions
- 6.0 Automation and Programmability – 10% – 10 questions
The fourth area of focus for the new CCNA exam is IP Services. Here is a breakdown from Cisco of the components of the IP Services section which makes up 10% of the total exam.
4.0 IP Services
4.1 Configure and verify inside source NAT using static and pools
4.2 Configure and verify NTP operating in a client and server mode
4.3 Explain the role of DHCP and DNS within the network
4.4 Explain the function of SNMP in network operations
4.5 Describe the use of syslog features including facilities and levels
4.6 Configure and verify DHCP client and relay
4.7 Explain the forwarding per-hop behavior (PHB) for QoS such as classification, marking, queuing, congestion, policing and shaping
4.8 Configure network devices for remote access using SSH
4.9 Describe the capabilities and function of TFTP/FTP in the network
On to IT Services, or said another way, all the ways in which we facilitate the relationship between network elements and endpoints and the services ecosystem that makes it all look beautiful. Let’s dive in:
Configure and verify inside source NAT using static and pools
Hopefully we all know that you cannot globally route private IP addresses over the Internet. With that being the case, we have to have a function in NAT (Network address translation) devices that will convert our private IP address space into public IP address space (unless you are strictly using IPv6). This is what NAT is all about. You will be well served to remember the four addresses that go along with stateful NAT, those being inside private and public and outside private and public. Remember your access control lists or the overload, and remember that it is the NAT device (notice I don’t say router here, because we also do this in firewalls) that does all the heavy lifting on this. Also remember that we can statically NAT things, but static rules do not go away until we tell them to.
Configure and verify NTP operating in a client and server mode
In addition to NAT, and all the various ways NAT’ing gets done, there is also time. I know you might think it’s silly, but that song lyric “time is on my side, yes it is, yes it is” comes to mind. Go ahead, laugh out loud, its ok. If any questions are asked about this, remember the relationships. There is NTP association (do I have a relationship with a time source?) and there is NTP status (are we in good communication?).
Explain the role of DHCP and DNS within the network
Who wants to sign right up and go give 10,000 Windows devices an IP address, mask, and gateway? What’s that, no takers? How about writing static DNS entries into the hosts file on 10,000 endpoints….well you guys are no fun. Remember DORA when thinking about DHCP, and that the IP helper address is your friend when your DHCP server lives on another network other than the one requesting addressing and DNS server information.
Explain the function of SNMP in network operations
UDP port 161 is the culprit here. Also remember that SNMP (Simple Network Management Protocol) comes in three basic flavors, and in the third flavor, can either be unencrypted and unauthenticated, authenticated and not encrypted, or authenticated and encrypted. Also remember the message types that come from the Manager toward the agent and from the agent (overlooking the MIB) toward the Manager. Remember also that in addition to getting things from the device and the value this has to putting configuration things on the device.
Describe the use of syslog features including facilities and levels
I have to be honest with you all and tell you that the mnemonic EACEWNID just worked for me. You can come up with your own, or you can use mine….as long as you remember all 8 levels. Also remember that logging is your friend, and even if you are not sending information about logging to an external server, the devices keep at least a little bit of it for you.
Configure and verify DHCP client and relay
OK, so back once again to DHCP. What I will say here is that you can look at any of these services and say that they exist in two parts really. There is the service itself and what it is intended to do for the network, and then there are the devices that rely upon the service, or have a relationship with it. I suspect that this is what they are referring to here – the service itself. You will be well served to remember that in order for a service to be meaningful, it has to have subscribers or clients. So this part of the DHCP conversation is about the relationship that the client has with the service. You know, the radio buttons we enable in our Windows machines, or the way we tell a router interface to go get an IP address and other configuration parameters from a server.
Explain the forwarding per-hop behavior (PHB) for QoS such as classification, marking, queuing, congestion, policing and shaping
On to all the moving parts of QoS (Quality of Service). So simply said, when I was growing up, being tall from a very early teenage year, I was among the first to be selected on choosing teams for a pick up game of basketball. The whole challenge with that is that I could not hit the broad side of a barn standing 10 feet from it – but I was tall. The same goes for QoS. QoS selects, based on our configuration, traffic that is chosen over other traffic when there is the possibility of congestion on the network. So classification, marking and queuing is all about how we tell the network elements to look for that traffic, and congestion management, policing and shaping are the ways in which the devices manage congestion when everyone wants to go first and go now. PHB is the overall function of all these components put together, so when you are studying this section, pay attention to things like WRED and CBWFQ. Also pay attention to what happens to traffic that is shaped versus traffic that is policed.
Configure network devices for remote access using SSH
Last night my lovely bride of 29 years brought me (you have to love this stuff) three chocolate chip cookies that she had made from scratch along with a small glass of milk. OMG, they were the best home-made cookies I had ever eaten. She looked at me with excitement as she shared that she had tried a different method and altered the recipe just slightly to produce the result. Now I know you are thinking what in the world does this have to do with SSH? Well, simple really. There are individual components (flour, sugar, etc.,) that go into making cookies. In the same way, remember all the components of SSH. There is the defined hostname, the key generation, the domain name, and the selection of the SSH protocol (and in the same way that I like version 1 cookies, I liked version 2 much more.
Describe the capabilities and function of TFTP/FTP in the network
You will be well served to remember the differences between TFTP and FTP. Recall that one is UDP based and the other TCP based. Also remember what we use them for – backups you know – the department of redundancy department of redundancy department. Also recall that usually space is not an issue when putting things on an external server, but we do need to be mindful when putting things on our network elements (recall the <show file system> command).
Again, thanks for taking the time to read these, my hope is that they are helpful in some way. Also remember that I believe in you and have confidence that you will succeed. Happy examing everyone.