The majority of business networks rely on Cisco hardware, specifically routers and switches. The thing about hardware is that it has a long shelf life, and even when it’s time to replace it, it’s easier to stick with the tried and true. Hence, large corporations, small businesses, and everybody in between depends on the proper care and feeding of their Cisco gear to stay in business. Networks are not “set it and forget it.” They’re in continual flux. Whenever an organization hires or fires an employee, or whenever an employee moves desks or departments, someone has to make a change to the network. When a business adds more heads (and more computers), it may have to expand its network by adding more Cisco devices. This book will teach you how to configure Cisco routers and switches to accommodate these types of moves, additions, and changes.
Let’s start off by making sure this book is right for you. If you’re interested in becoming a Cisco Certified Network Administrator (CCNA) or Cisco Certified Entry Networking Technician (CCENT), consider this book a foundational prerequisite. Although this book alone doesn’t aim to make you a CCNA or CCENT, it does give you a solid foundation that will save you a lot of time and effort later on should you decide to pursue certification. In addition to giving you a clear conceptual understanding of routers and switches that many certification books lack, this book will also teach you how to maintain a Cisco network, expand it to accommodate organizational growth, and perform a little bit of troubleshooting.
Large organizations often have the luxury of hiring one or more network administrators. These folks may hold an advanced Cisco certification and spend their days doing nothing but working on the network. But surprisingly, even some large organizations have only a handful of full-time network administrators. Small to midsize organizations often can’t afford even one full-time network administrator, so the task of managing the network usually falls on one of the people in charge of handling the workstations, servers, and applications. At first blush, this seems to be a match made in heaven. This person who knows the ins and outs of the company’s critical servers and applications is in a prime position to see how those components fit in with the rest of the network. They have a holistic view of the IT landscape and are well suited to the task.
But more and more organizations are finding this arrangement to be problematic. What if the person who normally does all the “network stuff” is on vacation and a new user in a remote office needs network access? What if that person is out sick and a user needs to move departments? What if the business wants to expand the network into a new suite but has to wait for that person to do all the work of expanding the network? Hiring a full-time network administrator is overkill. The problem isn’t that they’re lazy or don’t care. The problem isn’t that they don’t want anyone else to do it instead (they probably wish someone else would!). The problem is that they’re the only one who knows how to administer the network!
In the absence of the de facto network administrator, you have two choices: wait for them to return or attempt to do it yourself. This book is for those who can’t wait and must take the reins. I’ll show you how to perform the most common network administration tasks. I’ll show you how to get new users set up on the network, how to handle moves and changes, how to secure the network using IP access lists, and even how to increase its capacity to accommodate growth using VLAN trunks and IP routing. I’ll share enough nerdy networking theory to help you understand why networks work the way they do and to give you a practical foundation should you decide to delve deeper into networking later on.
I’ve met a lot of IT professionals for whom the network is a mysterious web of cables and boxes that somehow connects together all the computers, servers, and applications they’re so familiar with. But the one thing that remains a mystery to them is the network. They want to learn it, but they don’t know where to even begin. They have some network knowledge, but they don’t know what they don’t know. This book is for any IT professional who wants (or needs) to become proficient with Cisco networks over the next 30 days.
Try to focus on one chapter a day. Each chapter should take about 30 minutes to read and 30 minutes to practice. Read this book sequentially. Although you can use it as a desk reference later on, it’s important that you start at the beginning and give each chapter time to soak in.
Chapters 2 through 22 represent the meat of the book, so you can expect to finish in about a month. Resist the temptation to jump straight to a particular chapter because it covers something you’ve recently encountered or are specifically interested in. I’ve organized the chapters with the most common and foundational configuration tasks first, and you should start with those so you’ll have plenty of time to repeat them and build proficiency.
The majority of chapters contain a lab for you to complete. Each lab includes a set of tasks for you to complete and maybe even a set of questions to answer to test your practical and conceptual understanding of what you learned in that chapter. The answers are not in the book, but you can find them under the Source Code link at https://www.manning.com/books/learn-cisco-network-administration-in-a-month-of-lunches. Just remember that you’ll learn much better by figuring out the answers for yourself.
Cisco networks use a plethora of technologies, many of them quite complex. This book gives you a gentle introduction to the most commonly used technologies, just enough to get your feet wet and become proficient at configuring them on a real network. If you find yourself needing more information as you gain experience, I’ll point you to additional resources that you can use to expand your skill set.
Sometimes you need just a little more information to understand the more esoteric aspects of networking. The “Above and beyond” sidebars provide this sort of additional information that you may find helpful when learning a more difficult topic. If you’re feeling rushed, feel free to skip these and come back to them later.
The only way to learn Cisco network administration is to perform the same tasks you would when administering a real network, which is exactly why this book provides the hands-on labs just described. In order to complete the labs, you must have an appropriate lab setup. Let’s start with the bare minimum requirements.
For starters, you’ll need a laptop computer with a network interface card (NIC). It can be Windows or Mac OS X, but regardless of the operating system, you’ll need to have administrator or root access. You’ll also need to decide whether you want to practice on an existing network or set up your own lab. The next few sections offer guidance on choosing your lab environment.
The best way to learn how to administer a real Cisco network is to practice on one. The ideal way to do this is to build or borrow a lab using genuine Cisco routers and switches. Your organization may already have one available, but my experience tells me that most places don’t maintain a separate network lab. They do, however, often have some extra gear lying around. When it comes to building your own lab, you can either get hold of used Cisco gear or set up a virtual lab using software that simulates real Cisco equipment. Let’s go through the advantages and disadvantages of each.
Building a lab with physical Cisco equipment gives you a better understanding of what a network looks like. When you can see an Ethernet cable going from one switch to another, you know how and where switches are connected. The connections between various devices are easy to visualize and consequently easier to remember. You also get the satisfaction of hearing an Ethernet cable snap into place and connecting a console cable to the back of the switch to reset the switch’s password. These are real, valuable network administration skills that only a physical lab can provide.
If you have a friend or employer who is willing to loan you their Cisco gear, this is your cheapest option. If you can’t beg or borrow, your other option is to purchase it. Used Cisco gear is inexpensive, but it’s not free.
Table 1.1 lists the Cisco equipment I recommend for your lab along with rough price estimates. You’ll need two layer-3 Catalyst switches and one router. For administering your lab network, your computer must have one free USB or RS-232 serial port. You’ll also need a blue Cisco rollover cable, sometimes called a console cable. If you don’t have an RS-232 serial port, you’ll need a serial-to-USB adapter.
|
Device |
Quantity |
Model |
Price estimate (USD) |
|---|---|---|---|
| Catalyst 3560 (layer-3 switch) | 2 | WS-C3560-24TS-S | $120 |
| 1841 Integrated Services Router | 1 | CISCO1841-SEC/K9 | $60 |
| Console/rollover cable | 1 | 72-3383-01 | $10 |
When you acquire your switches and router, you can probably get the seller to throw in a rollover cable for free. At the very least, you may be able to purchase one at a reduced cost.
The advantages and disadvantages of a virtual lab are essentially the inverse of those of the physical lab. A virtual lab doesn’t require the commitment of purchasing or borrowing physical equipment. But understand that a virtual lab can’t provide the same administration experience or help you develop the same skills that hands-on access to physical Cisco gear can. Connecting a real computer to a virtual lab network is very different than connecting one to a physical network. If you decide to go the virtual route, the lab set-up guide under the Source Code link at https://www.manning.com/books/learn-cisco-network-administration-in-a-month-of-lunches has up-to-date information on virtual lab options.
My goal is not to teach you how to configure a virtual lab environment from scratch; it’s to teach you how to maintain a real, fully functional Cisco network like you would find in an organizational environment. There are significant differences between a virtual lab and a real network, and I’m not going to point them out because you aren’t going to encounter them on a real production network.
One of the more popular virtual lab environments is GNS3. GNS3 is a powerful network virtualization platform, but that power comes with some trade-offs. For starters, it’s more complicated to set up than a physical lab. Second, you have to obtain a copy of Cisco’s Internetwork Operating System (IOS), which is proprietary, copyrighted Cisco software that’s available only to individuals and organizations that have a support agreement with Cisco. This means if you want to use GNS3, you’ll need to find and download a compatible IOS image.
Another option is to use the Cisco Virtual Internet Routing Lab (VIRL). VIRL is not free, but it’s not terribly expensive either. The personal edition is about $200 per year. The advantage of VIRL is that it’s blessed by Cisco, and they offer technical support and keep it up to date with bug fixes and new features. The disadvantage is that, like GNS3, it’s complicated to set up.
If using your own physical or virtual lab is out of the question, a possible alternative is to practice on a live, production network. This will give you most of the advantages that a physical lab offers, but you won’t be able to complete all of the hands-on labs. Also, practicing on a live network is not without its risks. If you choose to practice on a production network, you’ll need the blessing of the network administrator or team responsible for the network. You’ll need what’s called a privileged account to administer routers and switches, and you’ll also need physical access to those devices.
Although you can perform some of the hands-on labs on a production network, I prefer that you make every effort to get access to a physical lab. If you can’t get access to a physical lab, then I recommend that you use a virtual lab. Both VIRL and GNS3 will require some horsepower. You’ll need a Windows 7 or later machine with 8 GB of RAM and 60 GB of available disk space. For VIRL, you’ll also need an Intel processor that supports virtualization extensions (VT-x) with extended page tables (EPT). Let’s summarize:
Cisco’s Internetwork Operating System is the software that controls Cisco routers and switches. It’s what you’re really interacting with when you configure a Cisco device. I wrote this book for IOS version 15, and everything in it should be accurate for that version. If you build a lab from used equipment, you’re likely to run into an older version. That’s probably not going to be a problem, because the tasks you’ll be performing are fundamental, and the configuration specifics haven’t changed much over the years. Cisco equipment has a long shelf life, and some organizations keep their Cisco networking equipment around for a long time. You’re likely to run into an older IOS version sooner or later, so don’t fret if you don’t have the latest and greatest IOS.
Many organizations have a mix of old and new Cisco equipment. The newer equipment will have at a minimum IOS version 15, whereas older equipment could have IOS version 12 or even earlier. Generally, different IOS versions are compatible, so a switch running IOS 12.4 can interoperate with a switch running IOS 15.0 without much hassle. Again, because you’ll be performing fundamental configuration tasks, you’ll find that what works on a brand-new Cisco switch running IOS 15 also works on a dirty, banged-up switch running IOS 12.4. But my focus is on IOS 15. If you use a different version, just understand that some commands may be a little bit different, and I’m not going to point out those differences.
Visit the Source Code link at https://www.manning.com/books/learn-cisco-network-administration-in-a-month-of-lunches for complete instructions on setting up your lab. If along the way you have any questions or run into any problems, be sure to visit the official forum for this book on the book’s web page.
Some organizations vigilantly keep all of their Cisco equipment up to date with the latest IOS versions. Others happily will keep the same router around for 10 years, and when it fails, the network administrator will go to an online garage sale site to find an identical replacement. You never know what you’re going to encounter, and that’s why I strive to be as version-neutral as possible. Nearly everything you’ll learn applies to every Cisco router and switch you’re likely to encounter, whether you’re working on your lab or in an organizational environment.
If you decide to do your own research on Cisco equipment and software versions, you’ll quickly become inundated with massive amounts of marketing lingo and details about Cisco’s wide variety of offerings. Cisco creates products to serve organizations of every size, from small mom-and-pop shops to large international organizations. You should understand that this book covers only a small sliver of the Cisco ecosystem. Although this book will make you an immediately effective Cisco network administrator, it won’t turn you into a master of every device and application that has the word Cisco on it. In an organizational environment, you may run into Cisco switches that run the Nexus Operating System (NX-OS) instead of IOS. Although NX-OS has some significant architectural differences from IOS, the command-line configuration is mostly the same for the tasks you’ll perform in this book. The skills you’ll learn in the coming chapters will translate easily to NX-OS, so don’t be rattled by anyone who tells you you’re missing out on the next big thing by sticking with IOS. You’re not. In fact, the opposite is true. You’re learning fundamental skills that you will use day after day regardless of which platform or software version you’re working on.
At this point you’re probably ready to dive right into the practical, hands-on chapters. First, though, there are two questions that bug a lot of newcomers to networking:
In the next chapter, I clearly answer both of these questions by giving you the big picture of how Cisco networks operate. If you’ve tried to grasp networking concepts before and found them difficult or confusing, the next chapter is going to be a pleasant surprise.
I’ve designed the rest of this book so that each chapter teaches you something you can use immediately in a real production environment. That means I’ll often skip over or give light treatment to some of the theoretical underpinnings. You don’t need a deep theoretical understanding of networking concepts in order to be an immediately effective network administrator. When necessary, I’ll cover the theory after you’ve practiced enough that you can clearly visualize how the theory relates to specific network administration tasks. When given the choice between telling you something and showing you something, I’ll almost always choose to show you first. That doesn’t mean I won’t cover theory at all. I will, but only to the extent that you can take that theory and apply it to real-world scenarios and configuration tasks. Remember, this book is a starting point, and you can spend years (as many do) studying the details of how and why networks work the way they do. But you have to learn to crawl before you can run. Again, my goal for this book is to make you an immediately effective network administrator, not an eventually effective one. So without further delay, let’s get started on your first lesson.