CCNA

Day 01
 Network Fundamentals

1.1 Explain the role and function of network components

1.1.a Routers
1.1.b Layer 2 and Layer 3 switches
1.1.c Next-generation firewalls and IPS
1.1.d Access points
1.1.e Controllers (Cisco DNA Center and WLC)
1.1.f Endpoints
1.1.g Servers
1.1.h PoE
 1. Routers (1.1.a)
Role: Routers act as the traffic police of a network, directing data packets
between different networks based on destination IP addresses.
Function: They maintain routing tables, make forwarding decisions, and support
various routing protocols like OSPF, BGP, etc., to ensure efficient data delivery.

Topology: In a basic network topology, routers are placed at network boundaries,

such as between a local area network (LAN) and the internet, as shown in the
diagram below:
Internet
|
[Router]
|
+------+------+
| |
[Switch] [Router]
(LAN) (WAN)
 2. Layer 2 and Layer 3 switches (1.1.b)
Role: Layer 2 switches forward data based on MAC addresses within a LAN, while
Layer 3 switches add routing capabilities based on IP addresses.

Function: They facilitate communication within a network by efficiently

directing traffic to the appropriate ports.
Topology: In a lab environment, Layer 2 switches are often used within a LAN
for device connectivity, while Layer 3 switches handle routing between VLANs
or subnets. Here's a simplified lab topology:

[Router] --- [Layer 3 Switch] --- [Access Point]

|
[Layer 2 Switch]
|
+----+----+
| |
[Endpoint] [Server]
 3. Next-generation firewalls and IPS (1.1.c)

Role: Next-generation firewalls (NGFWs) and Intrusion Prevention

Systems (IPS) are security devices that monitor and control
network traffic to protect against threats.
Function: NGFWs inspect packets, apply security policies, and can
block malicious activities, while IPS devices detect and prevent
intrusions in real-time.
Topology: NGFWs and IPS devices are typically placed at network
perimeters or critical points to safeguard against external
threats, as shown below:

[Router] --- [NGFW/IPS] --- [Switch]

 4. Access points (1.1.d)
Role: Access points (APs) provide wireless connectivity for
devices to connect to a wired network.
Function: They broadcast wireless signals, authenticate users,
and manage data transmission between wireless devices and
the network.
Topology: APs are strategically positioned within an area to
ensure optimal coverage and connectivity, especially in
environments where wired connections are not feasible:

[Router] --- [Switch] --- [AP]

|
[Endpoint]
 5. Controllers (Cisco DNA Center and WLC) (1.1.e)

Role: Controllers centralize management and configuration of

network devices like APs, switches, and routers.
Function: They provide a single interface for provisioning,
monitoring, and troubleshooting network components, enhancing
efficiency and control.

Topology: Controllers are typically placed in a central

location within the network, connected to various devices
for centralized management:

[Controller]
| |
[Switch] [AP]
 6. Endpoints (1.1.f)
Role: Endpoints are devices like computers, printers, and
smartphones that initiate or consume network communications.
Function: They interact with the network to access resources,
exchange data, and perform tasks, serving as the endpoints of
data transmission.
Topology: Endpoints are distributed throughout the network,
connecting to switches or APs for network access:

[Router] --- [Switch] --- [Endpoint]

|
[Server]
 7. Servers (1.1.g)

Role: Servers provide centralized resources and services

to network users, such as file storage, applications, and
databases.
Function: They handle client requests, process data, and
manage network-related services, supporting various
functions critical to business operations.
Topology: Servers are often located in a data center or
server room, connected to the network infrastructure for
accessibility:

[Router] --- [Switch] --- [Server]

 8. PoE (Power over Ethernet) (1.1.h)

Role: PoE technology enables devices like IP phones,

cameras, and APs to receive power and data over a single
Ethernet cable.

Function: It simplifies installation, reduces cabling

complexity, and ensures reliable power supply to network-
connected devices.

Topology: PoE switches are deployed to provide power to

PoE-enabled devices, eliminating the need for separate
power sources:

[Router] --- [PoE Switch] --- [PoE Device]

1.2 Describe characteristics of network topology architectures

1.2.a Two-tier
Day 02
1.2.b Three-tier
1.2.c Spine-leaf
1.2.d WAN
1.2.e Small office/home office (SOHO)
1.2.f On-premise and cloud
1.2 Describe characteristics of network topology architectures

1.2.a Two-tier
1.2 Describe characteristics of network topology architectures
1.2.a Two-tier

Characteristics:

Simplified architecture designed for small to medium-sized networks.

Combines core and distribution layers into a single layer.
Offers cost-effectiveness and ease of management.
Suitable for environments where network traffic is not extremely
high and where scalability requirements are moderate.
 Diagram:
Here's a simplified diagram illustrating a two-tier network topology:

Distribution/Core
Switches

/|\
|

Aggregated Links
|
+----------+----------+
| | |

Access Switch Access Switch Access Switch

| | |

Devices Devices Devices

1.2 Describe characteristics of network topology architectures
1.2.b Three-tier
Characteristics:
Highly structured and scalable architecture, suitable for large enterprise networks.
Separates the network into three distinct layers: Core, Distribution, and Access.
Enhances performance, manageability, and redundancy.
Facilitates modularity, allowing for easy network expansion and integration of new
technologies.
Topology and Design Details:
Design Details:
Access Layer: The layer where end devices such as computers, printers, and IP phones
are connected. It provides user access to the network.
Distribution Layer: This layer aggregates the data received from the access layer
switches before it is routed to the core layer. It also implements policies, routing
between VLANs, and network access control.

Core Layer: This is the backbone of the network, providing high-speed, highly
available interconnections between distribution layers. It ensures efficient and
fast data transfer across the network and connects to external networks.
Three-tier Core Layer
Switches

/|\
|
High-speed Backbone Links
|
+------------------+------------------+
| |

Distribution Distribution
Switches Switches
/|\ /|\
| |
Aggregated Links Aggregated Links
| |
+-------+-------+ +-------+-------+
| | | |
Access Access Access
Access Switches Switches
Switches
Switches
| | | |
Devices Devices Devices Devices
1.2.c Spine-leaf
Characteristics:
Designed for data centers and cloud environments.
Provides high bandwidth and low latency.
Ensures consistent performance, scalability, and redundancy.
Supports east-west traffic (server-to-server communication) effectively.
Topology and Design Details:
Design Details:
Leaf Layer: Connects directly to end devices such as servers and storage systems.
Spine Layer: High-capacity switches that interconnect all leaf switches,
providing multiple paths for data traffic.
Each leaf switch is connected to every spine switch, creating a full-
mesh topology between the spine and leaf layers.
This architecture allows for predictable performance and easy
scaling by adding more spine or leaf switches.
 BL1 BL2
BL-1 BL-2

L3 Fabric

Spine-1 Spine-2

L3 Fabric

vFW
vIPS
vLB
LEAF-01 LEAF-0N

2x25G 2x25G 2x25G

2x25G

Physical & Virtualized server

 1.2.d WAN (Wide Area Network)
Characteristics:
Connects geographically dispersed locations over large distances.
Utilizes various transmission technologies such as leased lines,
MPLS (Multiprotocol Label Switching), VPN (Virtual Private Network),
satellite links, and the internet.
Enables communication and resource sharing across different cities,
countries, or continents.
Offers high scalability to accommodate the growth of an
organization's network.
Incorporates redundancy and fault tolerance to ensure reliable
connectivity.
Topology and Design Details:

Design Details:

Core Routers: Facilitate long-distance data transfer between

different regions and handle high volumes of traffic.
Edge Routers: Connect local area networks (LANs) to the WAN, manage
traffic entering and leaving the local network, and often include
security functions such as firewalls.

Transmission Media: May include fiber optics, coaxial cables,

wireless links, satellite links, and public internet connections.
Protocols: Common WAN protocols include MPLS, Frame Relay, ATM
(Asynchronous Transfer Mode), and IPsec for secure VPN connections.
Topology:

Point-to-Point: A direct connection between two locations, providing

a dedicated and private communication line.
Hub-and-Spoke: A central hub connects to multiple remote sites. The
hub serves as a primary point for communication, with each spoke
(remote site) connecting back to the hub.
Full Mesh: Every site connects directly to every other site,
providing multiple paths for redundancy and ensuring high
availability.
Partial Mesh: Some sites are interconnected, while others connect
through intermediate sites. This topology balances cost and
redundancy.
Diagram:
Here's a simplified diagram illustrating a WAN topology:
Point-to-Point Topology: Hub-and-Spoke Topology:

Full Mesh Topology:

1.2 Describe characteristics of network topology architectures
1.2.e Small Office/Home Office (SOHO)

Characteristics:
Simple and cost-effective network setup tailored for small offices
or home use.

Typically supports a limited number of devices and users.

Easy to set up and maintain with minimal technical expertise

required.
Provides essential network services such as internet access, file
sharing, and printing.
Topology and Design Details:

Design Details:

Router/Modem: A single device often combines the functions of a

router, switch, and modem. It connects the local network to the
internet.
Switch (optional): Used to expand the number of wired connections if
there are more devices than available ports on the router.
Wi-Fi Access Point: Provides wireless connectivity for mobile
devices such as laptops, tablets, and smartphones. Often integrated
into the router.
Devices: Include desktops, laptops, printers, IP phones, and other
networked devices.

Security: Basic firewall and encryption features are typically

provided by the router to secure the network.
Topology:
Star Topology: Central router/modem connects directly to each
device. This simple layout minimizes cabling and is easy to manage.

Diagram:
1.2 Describe characteristics of network topology architectures
1.2.f On-premise and Cloud

Characteristics:
On-premise:
Infrastructure: Hosted within the organization's own data center
or facilities.
Control: Full control over hardware, software, and data.
Security: High level of control over security measures and
compliance with regulations.
Cost: High initial capital expenditure for hardware and software;
ongoing maintenance and operational costs.
Scalability: Limited by physical hardware constraints and may
require significant investment to scale up.
Latency: Generally lower latency for internal users as data and
applications are hosted locally.
Cloud:

Infrastructure: Hosted offsite by a cloud service provider (e.g.,

AWS, Azure, Google Cloud).
Control: Limited control over physical hardware; control over
virtual environments and configurations.
Security: Shared responsibility model; the provider handles physical
security, while the customer manages data security and access
controls.
Cost: Pay-as-you-go pricing model with lower initial costs;
operational expenditure varies based on usage.
Scalability: Highly scalable with the ability to quickly provision
and de-provision resources.
Latency: Potentially higher latency due to data traveling over the
internet; mitigated by using content delivery networks (CDNs) and
regional data centers.
Hybrid:

Combination of On-premise and Cloud: Integrates both environments to

leverage the benefits of each.
Flexibility: Can run workloads in the most suitable environment,
balancing cost, performance, and security.
Disaster Recovery: Enhanced options for backup and disaster recovery
by using cloud resources.
Complexity: Requires integration and orchestration between on-
premise and cloud systems.
Topology and Design Details:

On-premise Topology:
Design Details:

Data Center: Contains servers, storage systems, networking equipment

(switches, routers, firewalls), and backup systems.
Local Area Network (LAN): Connects end-user devices (computers,
printers, IP phones) to the data center and each other.
Security Measures: Firewalls, intrusion detection/prevention systems
(IDS/IPS), and physical security controls.
 Users Diagram:

Router Firewall

Switch A Switch A

VM Host A VM Host A

HA Cluster HA Cluster

Containers Containers
& VMs & VMs
Cloud Topology:

Design Details:

Cloud Provider Infrastructure: Includes virtual servers,

storage, databases, and networking provided as services.

Virtual Private Network (VPN): Securely connects the on-

premise network to the cloud environment.

Internet Connectivity: Users access cloud services over

the internet using secure protocols (e.g., HTTPS, VPN).
 [Users]
Diagram:
|
[Cloud Firewall]
|
[Cloud Network]
|
---------------------------------------
| | | |
[Cloud VMs] [Cloud Containers] [Serverless Functions]
| | | |
[Auto-Scaling][Kubernetes/EKS/AKS/GKE] [Event-Driven Tasks]
|
[Load Balancers]
|
[API Gateway/Rate Limiting]
|
[DevNet Resources]
Cloud Topology:

Design Details:

Cloud Provider Infrastructure: Includes virtual servers, storage,

databases, and networking provided as services.

Virtual Private Network (VPN): Securely connects the on-premise

network to the cloud environment.
Internet Connectivity: Users access cloud services over the
internet using secure protocols (e.g., HTTPS, VPN).
Hybrid Topology:

Design Details:

On-premise Data Center: Hosts critical applications and sensitive

data.
Cloud Environment: Hosts scalable applications, storage, and backup
solutions.
Secure Connectivity: VPN or dedicated connection (e.g., AWS Direct
Connect, Azure ExpressRoute) between on-premise and cloud
environments.
Load Balancing: Distributes workloads between on-premise and cloud
resources based on demand and policy.
 On-Premises Cloud
[Users] [Users]
Diagram:
| |
------------ ------------
VPN VPN
Gateway Gateway
------------ ------------
| |
[Firewall] [Cloud Firewall]
| |
[Switch A] [Cloud Network]
| |

[VM Host A] [VM Host B] [Cloud VMs] [Cloud

Storage]

[HA Cluster] [HA Cluster] [Cloud Containers]

[DevNet VMs]

[Containers & VMs] [Containers & VMs] [DevNet

Containers]

[DevNet] [DevNet] [Jenkins, Docker, K8s]

 1.3 Compare physical interface and cabling types Day 03

1.3.a Single-mode fiber, multimode fiber, copper

1.3.b Connections (Ethernet shared media and point-to-point)
 1.3.a Single-mode Fiber, Multimode Fiber, and Copper Comparison
Chart

Here's a detailed comparison chart that outlines the key

characteristics and differences between single-mode fiber, multimode
fiber, and copper cabling:
 Single-mode Fiber:

Core Diameter: 8-10 microns, which allows only a single light mode
to propagate.
Light Source: Laser.
Bandwidth & Distance: Ideal for long-distance communication (up to
100 km or more) with very high bandwidth.
Cost: Higher initial cost due to precision requirements.
Use Cases: Suitable for long-haul telecommunication networks,
undersea cables, and high-speed metro networks.
 Multimode Fiber:

Core Diameter: 50 or 62.5 microns, allowing multiple light modes

to propagate.
Light Source: LED or VCSEL.
Bandwidth & Distance: Effective for shorter distances (typically up
to 2 km), with lower bandwidth than single-mode over long distances.
Cost: Moderate, cheaper than single-mode but more expensive than
copper.
Use Cases: Common in LANs, data centers, and intra-building
connections.
 Copper (Twisted Pair):

Medium: Electrical signals travel through twisted copper pairs.

Distance: Effective for distances up to 100 meters.
Cost: Lowest initial cost.
Use Cases: Predominantly used in LANs, home networks, and short-
distance applications.
Installation & Maintenance: Easiest to install and maintain, but
susceptible to EMI.
1.3.a Single-mode Fiber, Multimode Fiber, and Copper Comparison Chart (Part 1)
1.3.a Single-mode Fiber, Multimode Fiber, and Copper Comparison Chart (Part 2)
 1.3.b Connections (Ethernet Shared Media and Point-to-Point)

Ethernet Shared Media:

Characteristics:

Also known as broadcast networks, where multiple devices share the

same physical medium.
Uses CSMA/CD (Carrier Sense Multiple Access with Collision
Detection) for managing access to the network medium.
Devices on the network can send data to all other devices, and each
device listens to the network for data addressed to it.
Commonly used in Ethernet LANs, such as Ethernet hubs and older
Ethernet switches operating in half-duplex mode.
 Topology:

Shared medium topology typically employs bus or star-bus

configurations.
In a bus topology, all devices are connected to a single cable,
while in a star-bus topology, devices are connected to a central hub
or switch, which in turn is connected to a shared cable.
Advantages:

Simple and cost-effective to implement.

Suitable for small to medium-sized networks with moderate traffic.

Disadvantages:
Susceptible to collisions, especially as the network size increases
or when network traffic is high.
 Point-to-Point Connections:
Characteristics:

Each connection provides a dedicated communication channel between

two devices.
Commonly used in WAN links, point-to-point connections ensure
reliable and secure data transmission between distant locations.
Typically implemented using leased lines, T1/E1 lines, or Ethernet
links.
Topology:

Point-to-point connections create a direct link between two devices,

often spanning long distances.

This topology does not involve shared media; each connection has its
own dedicated resources.
 Advantages:

High reliability and performance as there is no contention

for bandwidth.
Enhanced security as data is transmitted directly between
two endpoints.
Suitable for long-distance communication and critical
applications requiring consistent performance.

Disadvantages:

Higher cost compared to shared media solutions, especially

for long-distance links.
May require specialized equipment and configuration,
particularly for WAN connections over long distances.
 Conclusion:

Ethernet Shared Media networks are suitable for small to medium-

sized LANs where simplicity and cost-effectiveness are key
considerations. However, they may suffer from performance
degradation and collisions as the network grows.

Point-to-Point Connections are ideal for long-distance communication

and critical applications requiring high reliability and security.
While they offer superior performance and security, they come with
higher costs and may require specialized equipment and
configuration.