CCNA Lab Based Class


CCNA ကို ကၽြန္ေတာ္တို႕ လိုက္ႏိုင္ပါ့မလား?

ကၽြန္ေတာ္တို႔ဆီကို မ်ားစြာေမးၾကတဲ့ ေမးခြန္းတစ္ခုပါ။

ပထမဦးစြာ ေျပာခ်င္တာကေတာ့ CCNA ဆိုတာ Network ဆိုတာဘာလဲ Network ထဲမွာ ဘယ္လိုပစၥည္းေတြပါ၀င္သလဲ Network ဟာဘယ္လိုအလုပ္လုပ္သလဲဆိုတာက စတင္ေလ့လာရပါတယ္။  ကၽြန္ေတာ္တို႔ရဲ႔ CCNA Lab Based Class မွာလည္း Networking Fundamental မွ စတင္ကာေလ့က်င့္သင္ၾကားေပးတာျဖစ္ပါတယ္။

ကၽြန္ေတာ္တို႔ CCNA ကို Lab Based အျဖစ္ ေလ့က်င့္သင္ၾကားေပးေနၿပီး၊ လက္ရွိတက္ေ
ရာက္ဆဲ၊ တက္ေရာက္ခဲ့ေသာ ေက်ာင္းသူ၊
ေက်ာင္းသား Network Engineer မ်ားကို ကၽြမ္းက်င္မႈ 100% ရရွိေအာင္ ေလ့က်င့္
သင္ၾကားေပးႏိုင္ခဲ့ၿပီး၊ ISP မ်ား၊ Bank မ်ား၊ Enterprise Company ႀကီးမ်ားမွာ ၀င္ေရာက္ အလုပ္လုပ္ကိုင္ေနၾကၿပီလည္း ျဖစ္ပါတယ္။

CCNA Lab Based Class ဟာ တက္ေရာက္သူမ်ားရဲ႕ Skills မ်ားကို
ျဖည္းျဖည္းခ်င္း ဆဲြတင္သြားမွာျဖစ္ပါတယ္။ ဒါ့ေၾကာင့္ ေလ့လာေနသူမ်ားဟာ သင္ခန္းစာ Lab မ်ားကို ပံုမွန္လုပ္သြားရံုျဖင့္ ကၽြမ္းက်င္တဲ့ Network Engineer တစ္ေယာက္အျဖစ္ ေျပာင္းလဲေပးမယ့္ Program လဲျဖစ္ပါတယ္။ ဒါ့အၿပင္ CCNA Lab Based ဟာ CCNP Level အထိ Course Design ဆဲြထားတာျဖစ္ေသာေၾကာင့္ CCNP ကို ဆက္လက္ေလ့လာရာမွာလည္း မ်ားစြာအေထာက္အကူျပဳမွာျဖစ္ပါတယ္။

Networking Class မ်ားနဲ႕ Network Course မ်ားအေၾကာင္းကိုပိုမိုသိ႐ွိလိုပါက ဖုန္း ၀၉ ၄၂၁၁၈၁၈၀၁ ကိုဆက္သြယ္ေမးျမန္းႏိုင္ပါတယ္။ ေအာက္တိုဘာလအတြင္း ဖြင့္လွစ္မည့္ CCNA Lab Based သင္တန္းအခ်ိန္မ်ားျဖစ္ပါသည္။

တက္ေရာက္လိုသူမ်ား စာရင္းေပးသြင္းအပ့္ႏွံႏိုင္ပါၿပီ။
(တနဂၤေႏြ တနဂၤေႏြ မနက္ ၈း၀၀ မွ ၁၂း၀၀ ထိ သင္တန္းကာလ ၃ လသင္ယူရမည္။ )
သင္တန္းစတင္မည့္ရက္‬ – 23 Oct, 2016

Why iP6 ?
**
သင္တန္း သားတဦးကို Laptop တလံုးစီ သင္ေထာက္ကူ ပစၥည္းစံုလင္စြာျဖင့္ Cisco Real Lab ကိုအခ်ိန္ျပည့္ပံပိုးေပးထား္ၿပီး
** သင္တန္းသားမ်ားဟာလည္း Real Devices Lab မ်ားကို လုပ္ငန္းခြင္အတိုင္းေလ့က်င့္ၾကရမွာျဖစ္လို႔ Real လုပ္ငန္းခြင္မွာ အခက္အခဲမ႐ွိလုပ္ကိုင္ႏိုင္ၾကမွာျဖစ္ပါတယ္။
** IP6‬ တြင္တက္ေရာက္ဆဲ တက္ေရာက္ၿပီးသူမ်ားသည္ ISPs မ်ား Banks မ်ား Enterprise Company ႀကီးမ်ားတြင္ Network_Engineer‬ မ်ားအျဖစ္ ဝင္ေရာက္လုပ္ကိုင္ေနၾကၿပီးျဖစ္ပါတယ္။”

CCNA Lab Based Brief Course Outline
Networking Fundamentals
Ethernet LANs and Switches
LAN Switching
IP Version 4 Address and Subnetting
Advanced IPv4 Addressing
Implementing IPv4
IPv4 Routing
IPv4 Routing Protocols
IPv4 Services
Wide-Area Networks (WANs)
IPv6 Addressing
IPv6 Routing
Network Management

Job Roles:
Network Engineer
Network Specialist
Network Support 

Learning with IP6 Networks is Right choice and  Right place for Next Generation Engineers.

Lab Based  Class ကို တက္ေရာက္ၿပီး သင့္ရဲ႕ Skills ကို အျမင့္မားဆံုးသို႔ ျမွင့္တင္လိုက္ပါ။

Learn Technology, Join IP6.

ညီညီမင္း – Network Instructor
CISCO CCNA, CCDA, CCNP, CCDP,
CCNA-Security, CCNA-Voice, MICROSOFT MCSA, MCSE.

IP6 Networks
အခန္း ၄၂ ။ ၄ လြွာ လိႈင္ရတနာအိမ္ရာတိုက္ ၁ ။
အင္းစိန္လမ္းမ ။ သုခမွတ္တိုင္အန္ီး ။
လိႈင္ျမိဳ႕နယ္။ ။ ရန္ကုန္။
ဖုန္း ၀၉ ၄၂၁၁၈၁၈၀၁

Securing IOS Enable mode CLI

Snapshot from my CCNA teaching note.

• First We creat enable mode security passwords. Two password methods for enable mode are enable password and enable secret. But enable secret is securer than enable password.

• Enable password command stores the password as clear text,  and the only option to encrypt it is the weak service password-encryption command.

• Enable secret command automatically encodes the password, using Message Digest 5 (MD5) hash Before IOS 15 code.

Configuration, Verification & Testing

> Task 1 >>  Let Configure Enable mode Protection Passwords. Both enable secret and enable password will be configured. Let’s see which one IOS will use ?

R1> enable
R1# conf t
R1(config)# enable secret iP6password1
R1(config)# enable password iP6password2
R1(config)# exit
R1# disable
R1> enable
Password: iP6password1  ” Because IOS prefer enable secret than enable password.”
R1# show runn | in enable
enable secret 5 $1$0jxr$Os5Ebw0EAFsSF1hrZDedl/        
enable password iP6password2

> Task 2 >> Let’s delete enable secret. IOS will use enable password only.

R1# conf t
R1(config)# no enable secret
R1(config)# exit
R1# disable
R1> enable
Password: iP6password2
R1# show runn | in enable
enable password iP6password2
R1# show runn | in service password
no service password-encryption  “By default, Password Encryption Services is Disable.”

> Task 3 >> Let’s use Password Encryption Service.

R1# conf t
R1(config)# service password-encryption
R1(config)# exit
R1# show runn | in enable |service password
service password-encryption
enable password 7 110029530713181F132539207A  “Now Password is encrypted by Service”

> Task 4 >> We will remove Password Encryption Service. Let’s check password is still Clear Text or not. In this case, Password still encrypted.

R1# conf t
R1(config)# no service password-encryption
R1(config)# exit
R1# show runn | in enable |service password
no service password-encryption
enable password 7 110029530713181F132539207A  “Although NO Service, Password is still encrypted Before changing it next time. “

> Task 5 >> After changing enable password, We will see password as clear text.

R1# conf t
R1(config)# enable password iP6password3
R1(config)# exit
R1# show runn | in enable |service password
no service password-encryption
enable password iP6password3
R1#

Part 2 LAB သို႕သြားရန္

Part 3 LAB သို႔သြားရန္



My Photo1About author
Nyi Nyi Min
, CCNP, CCDP,
is a Instructor and Course
Developer on CCNA, CCNP, CCIE. He holds multiple
professional certifications from Cisco Juniper,
Microsoft, VMware, etc.. and worked and supported
several enterprise networks. He is Founder of
IP6 Networks (www.ip6networks.com), where he currently teaches
CCNA, CCNP Classes.



 

Is Layer 2 Network important ?

Is Layer 2 Network important ?

If we can’t build the best Layer 2 network,
Our Network is
complex
not scalable
not secure
may be slow bandwidth
difficult management
difficult troubleshooting

If Layer 2 network doesn’t secure, we welcome the attackers and company assets can be lost. Vlan Hopping is one of the attacks.

” Disrupt the Bottom of the Wall, and the Top Is Disrupted, Too “

Everything at Layer 3 and higher is encapsulated into some type of Layer 2 frame. If the
attacker can interrupt, copy, redirect, or confuse the Layer 2 forwarding of data, that
same attacker can also disrupt any type of upper-layer protocols that are being used.

If we can’t monitor Layer 2 network easily, we can lack what happen our networks such as Performance,
Potential Risk etc.

It’ll be sure that building the best Layer 2 Network is the best Networks. 🙂

Enjoy
Nyi.

IPv6 Overview

Why IPv6 ?

Two good reasons to move to IPv6 are as follows:
• IPv6 has more address space available.
• We are running out of public IPv4 addresses.

With IPv6, upper-layer applications still work like you are used to with IPv4.

The biggest change is that we are doing a forklift upgrade to Layer 3 of the OSI model.

Address Format

Length:           IPv6 addresses are 128 bits long.

Groupings:    IPv6 addresses are segmented into eight groups of four hex characters.

Separation of groups:   Each group is separated by a colon (:).

Length of mask:    Usually 50 percent (64 bits long) for network ID, which leaves 50 percent (also 64 bits) for interface ID (using a 64-bit mask).

Number of networks:   The network part is allocated by Internet registries 2^64 (1.8 x 10 19 ). This allows room for billions of networks.

Example Address :

FE00:0000:0000:0001:0000:0000:0000:0056

We can abbreviate the address.

  • remove the leading 0s. A quartet of 0000 will leave a single 0.
  • Replace that set of quartets with double colon ( :: )
  • :: can be used once in a single address

FE00:0000:0000:0001:0000:0000:0000:0056
FE00:0:0:1:0:0:0:56
FE00:0:0:1::56

Mistake
FE:0:0:1::56
FE00::1::56

IPv6 Address Types Brief Overview and Their First Hex Digit(s)

Global Unicast > 2 0r 3 (originally); all not otherwise reserved (today)
Unique Local > FD
Multicast > FF
Link-Local > FE80

Cisco Hierarchical Network Design

Cisco has refined a hierarchical approach to network design that enables network designers to organize the network into distinct layers of devices. The resulting network is
Efficient
Intelligent
Scalable
Easily managed.

Three Layer of Network Design is Access Layer, Distribution Layer, Core Layer.

Access Layer
The access layer exists where the end users are connected to the network. Access switches usually provide Layer 2 (VLAN) connectivity between users. Devices in this layer sometimes called building access switches, should have the following capabilities:
■ Low cost per switch port
■ High port density
■ Scalable uplinks to higher layers
■ High availability
■ Ability to converge network services (that is, data, voice, video)
■ Security features and quality of service (QoS)

Distribution Layer
The distribution layer provides interconnection between the campus network’s access and core layers. Devices in this layer, sometimes called building distribution switches should have the following capabilities:
■ Aggregation of multiple access layer switches
■ High Layer 3 routing throughput for packet handling
■ Security and policy-based connectivity functions
■ QoS features
■ Scalable and redundant high-speed links to the core and access layers
The distribution layer usually is a Layer 3 boundary, where routing meets the
VLANs of the access layer.

Core Layer
A campus network’s core layer provides connectivity between all distribution layer devices. The core, sometimes referred to as the backbone, must be capable of switching traffic as efficiently as possible. Core switches should have the following attributes:
■ Very high Layer 3 routing throughput
■ No costly or unnecessary packet manipulations (access lists, packet filtering)
■ Redundancy and resilience for high availability
■ Advanced QoS functions

** But small or medium-size campus networks might not have the size or volume requirements that would require the functions of all three layers.

Collision and Broadcast Domain

Collision Domain

A collection of PCs, printers, and server are all connected to the same network segment and use the same subnet. All devices on this network segment must share the available bandwidth. If two or more hosts transmit the frames at the same times, the frames will collide and interferer.The boundary around such a shared network is called a collision domain.

Broadcast Domain

Broadcast traffic sending by one host can reach all hosts on a network segment. All hosts deliver the broadcast traffic except Layer 3 devices. The extent of a Layer 2 network, where a broadcast frame can reach, is known as a broadcast domain.

Network Design Scence

To limit the size of a collision domain, we can connect smaller numbers of hosts to individual switch interfaces. To reduce the size of a broadcast domain, we can segment a network or break it up into smaller Layer 2 VLANs.