CCENT/CCNA ICND1 100-105 Official Cert Guide Quotes

“The comparison between the previous two figures shows one of the most classic mistakes when troubleshooting networks. Sometimes, the temptation is to connect to a router and ping the host on the attached LAN, and it works. So, the engineer moves on, thinking that the network layer issues between the router and host work fine, when the problem still exists with the host’s default router setting.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“First, to understand why the standard and extended ping results have different effects, consider first the standard ping 172.16.1.51 command on R1, as shown previously in Figure 23-7. As a standard ping command, R1 used its LAN interface IP address (172.16.1.1) as the source of the ICMP Echo. So, when the host (A) sent back its ICMP echo reply, host A considered the destination of 172.16.1.1 as being on the same subnet. Host A’s ICMP echo reply message, sent back to 172.16.1.1, would work even if host A did not have a default router setting at all! In comparison, Figure 23-8 shows the difference when using an extended ping on Router R1. An extended ping from local Router R1, using R1’s S0/0/0 IP address of 172.16.4.1 as the source of the ICMP echo request, means that host A’s ICMP echo reply will flow to an address in another subnet, which makes host A use its default router setting.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“172.16.1.51 and vice versa. You can reasonably assume that the switches learned the MAC addresses of the router and the host, adding those to the MAC address tables. Host A and Router R1 completed the ARP process and list each other in their respective Address Resolution Protocol (ARP) tables. The failure of a ping, even with two devices on the same subnet, can point to a variety of problems, like those mentioned in this list.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“If the ping works, it confirms the following, which rules out some potential issues: The host with address 172.16.1.51 replied. The LAN can pass unicast frames from R1 to host”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“Testing using a ping of another device on the LAN can quickly confirm whether the LAN can pass packets and frames. Specifically, a working ping rules out many possible root causes of a problem. For instance, Figure 23-7 shows the ICMP messages that occur if R1 issues the command ping 172.16.1.51, pinging host A, which sits on the same VLAN as R1.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“Testing LAN Neighbors with Standard Ping”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“Host B can send ICMP echo reply messages to R1’s 172.16.4.1 IP address (hosts send echo reply messages to the IP address from which the echo request was received).”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“As a quick aside, the example shows a common and normal behavior with ping commands: the first ping command shows one failure to start, but then the rest of the messages work. This usually happens because some device in the end-to-end route is missing an ARP table entry. Now think about troubleshooting and what a working ping command tells us about the current behavior of this internetwork. First, focus on the big picture for a moment: R1 can send ICMP echo request messages to host B (172.16.2.101). R1 sends these messages from its outgoing interface’s IP address (by default), 172.16.4.1 in this”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“First, take a moment to review the output of the first IOS ping command. By default, the Cisco IOS ping command sends five echo messages, with a timeout of 2 seconds. If the command does not receive an echo reply within 2 seconds, the command considers that message to be a failure, and the command lists a period. If a successful reply is received within 2 seconds, the command displays an exclamation point. So, in this first command, the first echo reply timed out, whereas the other four received a matching echo reply within 2 seconds.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“commands like ping. As a protocol, ICMP does not rely on TCP or UDP, and it does not use any application layer protocol. It exists as a protocol used to assist IP by helping manage the IP network functions.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“Ping Command Basics The ping command tests connectivity by sending packets to an IP address, expecting the device at that address to send packets back. The command sends packets that mean “if you receive this packet, and it is addressed to you, send a reply back.” Each time the ping command sends one of these packets and receives back the message sent back by the other host, the ping command knows a packet made it from the source host to the destination and back. More formally, the ping command uses the Internet Control Message Protocol (ICMP), specifically the ICMP echo request and ICMP echo reply messages. ICMP defines many other messages as well, but these two messages were made specifically for connectivity testing by”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“root cause of the problem may be happening, further isolating the problem. This section begins with a brief explanation of how ping works. It then moves on to some suggestions and analysis of how to use the ping command to isolate problems by removing some items from consideration.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“Problem Isolation Using the ping Command Someone sends you an email or text, or a phone message, asking you to look into a user’s network problem. You Secure Shell (SSH) to a router and issue a ping command that works. What does that result rule out as a possible reason for the problem? What does it rule in as still being a possible root cause? Then you issue another ping to another address, and this time the ping fails. Again, what does the failure of that ping command tell you? What parts of IPv4 routing may still be a problem, and what parts do you now know are not a problem? The ping command gives us one of the most common network troubleshooting tools. When the ping command succeeds, it confirms many individual parts of how IP routing works, ruling out some possible causes of the current problem. When a ping command fails, it often helps narrow down where in the internetwork the”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“Examining Information Learned by CDP CDP discovers basic information about neighboring routers and switches without needing to know the passwords for the neighboring devices. To discover information, routers and switches send CDP messages out each of their interfaces. The messages essentially announce information about the device that sent the CDP message. Devices that support CDP learn information about others by listening for the advertisements sent by other devices.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“Analyzing Topology Using CDP and LLDP The first two major sections of this chapter showed two features—Syslog and NTP—that work the same way on both routers and switches. This final section shows yet another feature common to both routers and switches, with two similar protocols: the Cisco Discovery Protocol (CDP) and the Link Layer Discovery Protocol (LLDP). This section focuses on CDP, followed by LLDP.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“For instance, consider the topology in Figure 33-6, with Router R4 on the right acting as NTP server and the other routers acting as clients. R4 has three IP addresses that the clients could put in their ntp server address commands. Now consider what happens when one interface on R4 fails, but only one. No matter which of the three interfaces fails, that IP address on that interface cannot be used to send and receive packets. In that case, for any NTP clients that had referred to that specific IP address There would likely still be a route to reach R4 itself. The NTP client would not be able to send packets to the configured address because that interface is down.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“NTP Using a Loopback Interface for Better Availability An NTP server will accept NTP messages arriving to any of its IPv4 addresses by default. However, the clients reference a specific IP address on the NTP server. That creates an availability issue.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“The configuration in Example 33-8 works, but in many cases, routers might have multiple ntp server commands configured for redundancy. The goal is to have at least one usable clock source (servers per multiple ntp server commands, or internal clock as per the ntp master command). The router then chooses the best NTP clock source based on the stratum level. The stratum level defines the quality of the clock source; the lower the stratum, the better the source.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“Implementing NTP Clients, Servers, and Client/Server Mode With NTP, servers supply information about the time of day to clients, and clients react by adjusting their clocks to match. The process requires repeated small adjustments over time to maintain that synchronization. The configuration itself can be simple (to the extent covered in this book), or it can be extensive once you add security configuration and redundancy. As an example, just to show the basic syntax and show commands, consider Figure 33-5. It has three routers, all of which will use NTP. R1 will act as an NTP client, R3 as an NTP server, but R2 will be in client/server mode.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“First, note that the example configures the same message level at the console and for terminal monitoring (level 7, or debug), and the same level for both buffered and logging to the syslog server (level 4, or warning). The levels may be set using the numeric severity level or the name as shown earlier in Figure 33-3. The show logging command confirms those same configuration settings and also lists the log messages per the logging buffered configuration.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“Configuring and Verifying System Logging With the information in Table 33-2, configuring syslog in a Cisco IOS router or switch should be relatively straightforward. Example 33-2 shows a sample, based on Figure 33-4. The figure shows a syslog server at IP address 172.16.3.9. Both switches and both routers will use the same configuration shown in Example 33-2, although the example shows the configuration process on a single device, Router R1.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“Log Message Severity Levels Log messages may just tell you about some mundane event, or they may tell you of some critical event. To help you make sense of the importance of each message, IOS assigns each message a severity level (as noted in the same messages in the preceding page or so). Figure 33-3 shows the severity levels: the lower the number, the more severe the event that caused the message. (Note that the values on the left and center are used in IOS commands.)”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“Log Message Format IOS defines the format of log messages. The message begins with some data fields about the message, followed”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“Storing Log Messages for Later Review With logging to the console and to terminals, an event happens, IOS sends the messages to the console and terminal sessions, and then IOS can discard the message. However, clearly, it would be useful to keep a copy of the log messages for later review, so IOS provides two primary means to keep a copy. IOS can store copies of the log messages in RAM by virtue of the logging buffered global configuration command. Then any user can come back later and see the old log messages by using the show logging EXEC command. As a second option—an option used frequently in production networks—all devices store their log messages centrally to a syslog server. RFC 5424 defines the Syslog protocol, which provides the means by which a device like a switch or router can use a UDP protocol to send messages to a syslog server for storage. All devices can send their log messages to the server. Later, a user can connect to the server (typically with a graphical user interface) and browse the log messages from various devices. To configure a router or switch to send log messages to a syslog server, add the logging {address|hostname} global command, referencing the IP address or hostname of the syslog server. Figure 33-2 shows the ideas behind the buffered logging and syslog logging.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“Storing Log Messages for Later Review With logging to the console and to terminals, an event happens, IOS sends the messages to the console and terminal sessions, and then IOS can discard the message. However, clearly, it would be useful to keep a copy of the log messages for later review, so IOS provides two primary means to keep a copy. IOS can store copies of the log messages in RAM by virtue of the logging buffered global configuration command. Then any user can come back later and see the old log messages by using the show logging EXEC command. As a second option—an option used frequently in production networks—all devices store their log messages centrally to a syslog server. RFC 5424 defines the Syslog protocol, which provides the means by which a device like a switch or router can use a UDP protocol to send messages to a syslog server for storage. All devices can send their log messages to the server. Later, a user can connect to the server (typically with a graphical user”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“Figure 33-1 summarizes these key points about how IOS on a Cisco router or switch processes log messages for currently connected users. In the figure, user A sits at the console, and always receives log messages. On the right, the fact that user B sees messages (because user B issued the terminal monitor command after login), and user C does not, shows that each user can control whether or not she receives log messages.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“sending of log messages to all logged users. However, that default configuration is not enough to allow the user to see the log messages. The user must also issue the terminal monitor EXEC command during the login session, which tells IOS that this terminal session would like to receive log messages.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“Sending Messages in Real Time to Current Users Cisco IOS running on a device at least tries to allow current users to see log messages when they happen. Not every router or switch may have users connected, but if some user is logged in, the router or switch benefits by making the network engineer aware of any issues. By default, IOS shows log messages to console users for all severity levels of messages. That default happens because of the default logging console global configuration command. In fact, if you have been using a console port throughout your time reading this book, you likely have already noticed many syslog messages, like messages about interfaces coming up or going down. For other users (that is, Telnet and SSH users), the device requires a two-step process before the user sees the messages. First, IOS has another global configuration setting—logging monitor—that tells IOS to enable the”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“IOS can send the messages to anyone currently logged in to the device. It can also store the message so that a user can later look at the messages. The next few pages examine both topics.”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide

“When an event happens that the device’s OS thinks is interesting, how does the OS notify us humans? Cisco”
― Wendell Odom, CCENT/CCNA ICND1 100-105 Official Cert Guide