CCNA-Ready
M4 10% of exam domain 4.0 (10%)

IP Services

NAT, DHCP, DNS, NTP, SSH, syslog, SNMP, QoS, file transfer. Know the role and the port for each.

01

4.1 NAT (static, dynamic, PAT)

  • Terminology: inside local/global, outside local/global. Static = 1:1 mapping. Dynamic = from a pool.
  • PAT / overload = many private hosts share one public IP, distinguished by source port (the common home/office case).
  • Mark interfaces "ip nat inside" / "ip nat outside"; verify with "show ip nat translations".
02

4.3/4.6 DHCP (DORA) & relay

  • DORA: Discover, Offer, Request, Ack. Server UDP 67, client UDP 68.
  • A DHCP relay ("ip helper-address" on the client-facing interface) forwards the broadcast Discover as unicast to a server on another subnet.
03

4.3 DNS

  • DNS resolves names → IP. UDP/53 for queries; TCP/53 for zone transfers and responses >512 bytes.
04

4.2 NTP

  • Synchronizes clocks (critical for logs/certs). UDP 123. Stratum 0–15 (lower = closer to the reference clock).
  • ntp server <ip> makes a client; ntp master makes a reference. Sync takes minutes.
05

4.8 SSH remote access

  • Steps: hostname + ip domain-name → crypto key generate rsa (≥768 bits) → ip ssh version 2 → username/secret → line vty / login local / transport input ssh.
  • SSH (TCP 22) is encrypted and replaces Telnet (TCP 23, plaintext).
06

4.5 Syslog

  • Severity 0 Emergency (most severe) … 7 Debugging (least). Selecting level N logs N and everything more severe.
  • Destinations: console, buffer, monitor (vty), or a syslog host (UDP 514). Format: %FACILITY-SEVERITY-MNEMONIC.
07

4.4 SNMP

  • Manager (NMS) polls Agents. MIB/OID is the data structure. Get/Set, plus Trap (162) / Inform notifications.
  • v1/v2c use plaintext community strings; v3 adds authentication and encryption.
08

4.7 QoS (concepts)

  • Per-hop behavior: classify → mark (DSCP 6-bit, e.g. EF=46 for voice; CoS 3-bit at L2) → queue.
  • Policing drops/re-marks excess traffic; shaping buffers and delays it. QoS only matters under congestion.
09

4.9 TFTP / FTP

  • TFTP: UDP 69, no authentication - use on a trusted LAN (e.g. IOS image transfer).
  • FTP: TCP 21 control / 20 data, has authentication but credentials are plaintext.