101-labs-comptia-network-hands-pdf

About the Author

• Paul Browning worked as a police officer in the UK for 12 years before transitioning to IT.
• He gained IT certifications and worked for Cisco Systems, providing WAN support.
• In 2002, he founded an IT consulting company, designing, installing, configuring, and troubleshooting global networks.
• He began teaching IT courses and has helped many people pass IT exams and advance their careers.
• In 2006, he launched howtonetwork.com, a leading IT certification website.
• Moved to Brisbane in 2013 and enjoys guitar, reading, coffee, and Brazilian jiu-jitsu.

Introduction – 101 Labs

• Most training manuals focus on theoretical knowledge, neglecting practical application.
• 101 Labs transforms study guide knowledge into valuable, real-world skills for network engineers.
• The book focuses on configuring and troubleshooting commands through step-by-step instructions.
• It encourages readers to create their own labs, add technologies, and troubleshoot problems.

101 CompTIA Network+ Labs

• The Network+ exam is essential for those wanting a career in IT. Topics include:
  • TCP/IP.
  • Security.
  • Networking protocols and standards.
  • Best practices.
  • Subnetting and IP addressing.
  • IPv6.
  • Troubleshooting tools and software.
  • Wireless.
  • Routing protocol basics.
• CompTIA recommends 9–12 months of experience before taking the exam.
• Performance-based questions (PBQs) test configuration and troubleshooting skills.
• The book provides 101 hands-on labs to prepare readers for the exam and real-world network environments.
• The labs cover configuration of services, protocols, and equipment.
• Topics are grouped into relevant categories, including configuration of NIC teaming.
• It is impossible to understand a technology without configuring it.

Instructions

• Follow the labs sequentially.
• Refer to free resources at www.101labs.net/resources for software installation tips.
• DO NOT configure these labs on live networks.
• Use a Network+ study guide for theory.
• Any Packet Tracer switch and 1841 router models should work for the labs.
• Commands are enclosed in single quotes (e.g., ‘ping 192.168.1.1’).
• Technical support is not available; each lab has been tested.
• Video training is available with a discount code (‘101book’) .

Lab 1. SSH

• Objective: Enable SSH access to a Cisco router.

• Telnet access should be avoided.

• To configure SSH:

  • Create a hostname.
  • Create a domain name.
  • Generate a crypto key.

• Steps:

  • Configure hostnames R0 and R1 on two routers.
  • Add IP addresses to Ethernet interfaces and use the no shut command.
  • Ping across the link to ensure connectivity.
  • Secure Router1 for SSH:
    • Set a domain name: ip domain-name 101labs.net
    • Generate RSA keys: crypto key generate rsa
    • Set timeout and retry options:
      • ip ssh time-out 60
      • ip ssh authentication-retries 2
    • Permit SSH connections on VTY lines:
      • line vty 0 15
      • transport input ssh
      • password cisco
  • Connect to Router1 from Router0 using SSH: ssh -l paul 192.168.1.2
  • Verify that Telnet connections are refused.

Lab 2. DNS

• Objective: Configure a DNS entry on a generic server and test it from a host device.
• DNS allows using hostnames instead of IP addresses in the browser address bar.
• Steps:
  • Connect a PC and a server to a switch.
    _ Add IP addresses via the IP configuration utility.
• On the PC add the IP address 192.168.1.5. The subnet mask should auto-complete, and the DNS server IP address should be 192.168.1.1.
  • On the server configure the IP address 192.168.1.1 255.255.255.0.
  • Ensure you can ping the server from the PC.
  • Test on the PC if you can reach the web URL www.mypage.com. The PC can’t resolve this name because there is no DNS entry.
  • Create a DNS record on the server for this URL and associate it with the server’s own IP address. Use the ‘DNS’service, add the URL www.mypage.com, and hit the ‘Add’ button. Ensure DNS is turned on. The default record type is ‘A Record’. You have now created an A record for the domain.
  • Using the web browser on the PC, enter the domain name www.mypage.com. It should resolve this time.

Lab 3. Telnet

• Objective: Enable Telnet access to a device.
• Telnet allows remote connections to network devices, but it’s not recommended for commercial use due to unencrypted sessions.
• Steps:
  • Connect a PC to a Cisco router.
  • Configure IP addresses on both sides and ping across the link.
  • Configure the router to permit incoming Telnet sessions using virtual terminal lines (VTY):
    • line vty 0 15
    • transport input telnet
    • password cisco
  • Test the connection by telnetting from the PC to the router. You should be challenged for the password.
  • Optionally, use the show line command to view allocated Telnet lines.

Lab 4. Network Time Protocol

• Objective: Enable an NTP server and configure a device to synchronize its clock time from the server.
• NTP servers are essential for internet functionality.
• Steps:
  • Connect a generic server to a Cisco router using a crossover cable.
  • Configure IP addresses on both sides.
  • Ping across the link to ensure connectivity.
  • Check the clock time on the router using show clock; it should be inaccurate.
  • Configure the router to obtain its clock time from the server:
  • ntp server 192.168.1.1
  • Configure the server to give the time via NTP.
  • Allow time for the router clock to update.
  • Issue NTP show commands:
    • show ntp associations
    • show ntp status
  • Verify the updated clock time using show clock.

Lab 5. DHCP

• Objective: Learn how DHCP servers allocate IP information.
• DHCP is used to allocate IP information to hosts.
• Steps:
  • Connect a generic server to a Cisco switch using straight-through cables.
  • Configure the DHCP information on the server:
    • Address start: 192.168.1.2
    • Subnet mask: 255.255.255.0
    • Pool name: 101Pool
  • Configure the hosts to obtain information via DHCP.
  • Check the configuration by issuing the ipconfig command on the hosts.

Lab 6. TCP

• Objective: Learn how to recognize a TCP packet.
• TCP enables connection-oriented services and protocols to run over networks.
• Steps:
  • Install Putty onto your device.
  • Download Putty from https://putty.org/.
  • Check on Google for hosts that permit Telnet.
  • Boot Wireshark on your main PC and check the correct interface is the one being monitored.
  • Click on the interface name to open the capture window.
  • Open the Putty utility and enter the URL you wish to telnet to.
  • Change from the default SSH to Telnet.
  • Your Telnet session should work.
  • Go to Wireshark and in the filter box, type ‘telnet' so you can see only the relevant traffic.
  • If you click on one of the packets, you can drill down to more detail.

Lab 7. UDP

• Objective: Learn how to recognize a UDP packet.
• UDP is used by many services and protocols, such as RIP, DNS, SNMP, and DHCP. UDP offers low overhead but with no guarantee of delivery.
• Steps:
  • Install Wireshark or another packet sniffer onto your device.
  • Open a web browser, but don’t input any URL yet.
  • Boot Wireshark on your main PC and check the correct interface is the one being monitored.
  • Browse to a website which isn’t in your local cache.
  • Go to Wireshark. Stop the captures by pressing the red square.
  • Then use the filter bar to search for DNS. For some reason you have to use lowercase for the search!
  • Click on one of the DNS entries and drill into the packet capture. Check the entries against the UDP image below.
  • Check the above packet capture for the checksum fields.
  • UDP does have a checksum for error checking, but that’s about it.

Lab 8. ICMP

• Objective: Learn how to recognize an ICMP packet.
• ICMP is used to report on reliability and send error messages. ICMP isn’t used to transport data.
• Steps:
  • Install Wireshark or another packet sniffer onto your device.
  • Boot Wireshark on your PC and check the correct interface is the one being monitored.
  • Ensure Wireshark is capturing general network traffic.
  • Open a command line window by typing ‘cmd’ in the search bar.
  • Ping a common URL, such as cisco.com. Many sites will block ICMP, so find one which doesn’t (or ping an internal machine on your network).
  • Use the Wireshark filter bar to narrow down results and use ICMP traffic. It only works if you type in lowercase!
  • Note that ping uses ICMP echo request and echo reply packets.
  • Compare the other fields with the command line output. You should be able to identify the response time, length, etc.
  • You will find the time to live (TTL) field in the IP header.

Lab 9. VLANs

• Objective: Configure VLANs and see why you need a Layer 3 device to communicate between them.
• VLANs segment your network for easier administration and added security.
• Steps:
  • Connect four hosts to a Cisco switch using straight-through cables.
  • Allocate IP addresses to the hosts from within the subnets they are assigned to:
    • VLAN 10: 192.168.10.0
    • VLAN 20: 192.168.20.0
  • Configure interfaces F0/1 and F0/2 into VLAN 10 and F0/3 and F0/4 into VLAN 20. Force the ports to be access-only (to never become a trunk), which you do with the switchport mode access command.
  • Check the VLANs on the switch and which ports are in which VLANs using the show vlan brief command.
  • Test some pings. You should be able to ping between hosts in the same VLAN but not to the other VLAN (you would need a router to be able to do this).

Lab 10. Switching Loops

• Objective: Learn how to spot a switching loop on your layer 2 networks.
• Switching loops can cause network crashes.
• Steps:
  • Connect three switches and one PC onto the canvas.
  • Connect them up as per the diagram. add the IP address to the PC and default gateway of 192.168.1.2 (which doesn’t exist on the network).
  • Name the switches and then turn off STP in order to create a switching loop.
  • Set Packet Tracer to simulation mode so you can see the packets moving across the network. Set ‘Edit Filters’ to show only ARP and ICMP.
  • From the PC, ping host 192.168.1.2. You can press the play button in the simulation mode. Keep pressing play and watch the packet travel around the network endlessly, never resolving the ARP request for the host.
  • The packet capture window quickly fills with ARP requests.
  • You can fix this particular issue by reenabling STP on the switches for VLAN1 Here is how to do it on Switch0. Repeat the steps on the other switches.

Lab 11. MAC Address Table

• Objective: Learn how a switch populates its MAC table in order to quickly forward frames out of the correct interface.
• When switches boot, that have no directory of which MAC addresses are connected to which interface.
• Steps:
  • Connect four hosts to a Cisco switch using straight-through cables.
  • Check the MAC address table on the switch. It should be empty at the moment.
  • Allocate IP addresses to the hosts from within the subnet 192.168.1.0.
  • From one of the PCs ping the other three.

Lab 12. ARP Table

t* Objective: Learn how to interrogate a router ARP table.

• ARP maps IP addresses to MAC addresses. It allows a router to encapsulate a packet correctly before forwarding.
• Steps:
  • Connect a router to a switch. Add hosts as indicated in the diagram. You will need a crossover cable for the one directly connected to the router. Check the router ARP table (which will be empty) and then configure IP addresses as per the diagram.
• Configure the hosts with an IP address and the default gateway, which should be the router interface it connects to. Remember that there are two networks, so choose the correct gateway IP address.
  • Ping each of the four hosts. The first ping packet will fail as the ARP request- and-response process takes place.
  • Check the ARP table. A dash (–) indicates that the entry is directly connected and will never time out. Other entries will eventually time out.
  • After a minute or so issue the command again and check the age column.

Lab 13. Static IP Routes

• Objective: Learn how to configure static IP routing.
• Small networks don't need dynamic routing protocols.
• Steps:
  • Connect two routers together using a crossover cable.
  • Add the IP addresses to the routers connecting the interfaces and then the loopback interfaces.
  • Ping from R0 to R1 to check the connection works.
  • Ping from the loopback interface on R0 to the loopback on R1. Because the routers have no route to these networks, the ping packet will fail. You need to use an extended ping command which lets you specify the source interface.
  • Add static routes.
    • $R0(config)#ip route 172.16.0.0 255.255.0.0 192.168.1.2$
    • $R1(config)#ip route 10.0.0.0 255.0.0.0 g0/0$
  • Test your static routes by pinging each loopback interface from the opposite router.

Lab 14. RIP

• Objective: Learn how to configure the routing protocol RIP.
• RIP was created to allow dynamic routing for small networks.
• Steps:
  • Connect two routers together using a crossover cable.
  • Add the IP addresses to the routers connecting the interfaces and then the loopback interfaces.
  • Ping from R0 to R1 to check the connection works.
  • Configure RIP on both R0 and R1 to advertise the connected networks.
    • $R0(config)#router rip$
    • $R0(config-router)#network 10.0.0.0$
    • $R0(config-router)#network 192.168.1.0$
    • $R1(config)#router rip$
    • $R1(config-router)#network 192.168.1.0$
    • $R1(config-router)#network 172.16.0.0$
  • Check the routing table with the ‘show ip route’ command and the routing configurations with the ‘show ip protocols’ command.
  • Ping the remote network IP address.
  • Change the version of RIP to 2 and check the routing table again. You may need to clear it first with the ‘clear ip route *’ command.
    • $R0(config)#router rip$
    • $R0(config-router)#version 2$
    • $R0(config-router)#no auto-summary$

Lab 15. EIGRP

• Objective: Learn how to configure the EIGRP routing protocol.
  • EIGRP was developed by Cisco Systems as an advanced distance vector routing protocol.
  • Steps:
  • Connect two routers together using a crossover cable.
  • Add the IP addresses to the routers connecting the interfaces and then the loopback interfaces.
  • Ping from R0 to R1 to check the connection works.
  • Configure EIGRP on both R0 and R1 to advertise the connected networks. The number 10 below refers to the autonomous system the networks will be placed into.
    • $R0(config)#router eigrp 10$
    • $R0(config-router)#network 10.0.0.0$
    • $R0(config-router)#network 192.168.1.0$
    • $R1(config)#router eigrp 10$
    • $R1(config-router)#network 192.168.1.0$
    • $R1(config-router)#network 172.16.0.0$
  • Check the routing table with the ‘show ip route’ command and the routing configurations with the ‘show ip protocols’ command.
  • Ping the remote network IP address.
  • There are many other commands you can use with every routing protocol, but they’re well outside the syllabus requirements.

Lab 16. OSPF

• Objective: Learn how to configure the OSPF routing protocol.
  • OSPF is a link state routing protocol which scales very well for large to very large networks.
• Steps:
  • Connect two routers together using a crossover cable.
  • Add the IP addresses to the routers connecting the interfaces and then the loopback interfaces.
  • Ping from R0 to R1 to check the connection works.
  • Configure OSPF on both R0 and R1 to advertise the connected networks.
    • $R0(config)#router ospf 10$
    • $R0(config-router)#network 10.1.1.0 0.0.15.255 area 0$
    • $R0(config-router)#network 192.168.1.0 0.0.0.3 area 0$
    • $R1(config)#router ospf 20$
    • $R1(config-router)#network 192.168.1.0 0.0.0.3 area 0$
    • $R1(config-router)#network 172.16.1.0 0.0.0.255 area 0$
  • Check the routing table with the ‘show ip route’ command and the routing configurations with the ‘show ip protocols’ command.
  • Ping the remote network IP address.
  • There are many other commands you can use with every routing protocol, but they’re well outside the syllabus requirements

Lab 17. BGP

• Objective: Learn how to configure BGP.
• BGP is the protocol which allows the internet to function.
• Steps:
  • Connect two routers together using a crossover cable.
  • Add the IP addresses to the routers connecting the interfaces and then the loopback interfaces.
  • Ping from R0 to R1 to check the connection works.
  • Configure BGP on both routers.
    • $R0(config)#router bgp 1$
    • $R0(config-router)#neighbor 192.168.1.2 remote-as 2$
    • $R0(config-router)#network 1.1.1.0 mask 255.255.255.0$
    • $R1(config)#router bgp 2$
  • Check the routing table with the ‘show ip route’ command and the routing configurations with the ‘show ip protocols’ command.
  • Issue the ‘show tcp brief’ and ‘show ip bgp neighbors’ commands.

Lab 18. IPv6 Addressing

• Objective: Learn how to configure IPv6 addressing on an interface.
  • Most networks are in the process of transitioning from IPv4 to IPv6.
• Steps:
  • Connect two routers together using a crossover cable.
  • Add the IPv6 addresses to the routers’ interfaces. Note that, at least on Cisco routers, you need to enable IPv6 first.
    • $Router(config)#ipv6 unicast-routing$
    • $R0(config-if)#ipv6 address 2001:c001:b14:2::c12/125$
    • $R0(config-if)#no shut$
  • Use the auto-address facility for Router1.
    • $Router(config)#ipv6 unicast-routing$
    • $R1(config-if)#ipv6 address autoconfig$
    • $R1(config-if)#no shut$
  • Check the interfaces are up.
  • Pin from R0 to R1. Use an exit interface on Ethernet links.
    • $R0#ping ipv6 FE80::2E0:F9FF:FED7:3401$

Lab 19. RIPng

• Objective: Learn how to configure RIPng
• Steps:
  • Connect two routers together using a crossover cable.
  • Enable IPv6 and then add the IPv6 addresses to the routers connecting the interfaces and then the loopback interfaces.
    • Router>enRouter#conf tEnter configuration commands, one per line. End with CNTL/ZR0(config)#ipv6 unicast-routingR0(config)#int f0/0R0(config-if)#ipv6 add 2001::1/64R0(config-if)#no shutR0(config-if)#int lo0R0(config-if)#ipv6 add 2000::1/64R0(config-if)#exit
  • Enable RIPng on all interfaces. Add the tag ‘101labs’so they all identify as belonging to the same RIP process
  • Check the RIPng database.
  • Check the IPv6 routing table. You should see the remote network listed.
    • $
  • Issue the ‘show ipv6 protocols’ command.

Lab 20. EIGRP for IPv6

• Objective: Learn how to configure EIGRP for IPv6
• Steps:
  • Connect two routers together using a crossover cable.
  • Enable IPv6 and then add the IPv6 addresses to the routers connecting the interfaces and then the loopback interfaces
    • Router>enRouter#conf tEnter configuration commands, one per line. End with CNTL/ZR0(config)#host R0(config)#ipv6 unicast-routingR0(config)#int f0/0R0(config-if)#ipv6 add 2001::1/64R0(config-if)#no shutR0(config-if)#int lo0R0(config-if)#ipv6 add 2000::1/64R0(config-if)#exit
  • Enable EIGRP for IPv6 on the interfaces and set the identifier for the router, which will be an IPv4 address.
    • . In order to enable EIGRP for IPv6 you must issue the ‘no shutdown’ command.
  • There are four show commands we can check for EIGRP. Here is the output for one of them:
  • Check the EIGRP for IPv6 routing table
  • Issue the ‘show ipv6 protocols’ command.

Lab 21. OSPFv3

• Objective: Learn how to configure OSPFv3
• Steps:
  • Connect two routers together using a crossover cable.
  • Enable IPv6 and then add the IPv6 addresses to the routers connecting the interfaces and then the loopback interfaces.
    *Enable OSPFv3 on R0. Set the router ID as 1.1.1.1 and the process on the router as 1, and put all interfaces into area 0
  • Check the OSPF IPv6 routing table.
  • Enter some IPv6 OSPF show commands

Lab 22. IPv6 EUI-64 Addressing

• Objective: Learn how to connect IPv6 EUI-64 addressing on an interface
• Steps:
  • Use any Cisco routers
    *Check the MAC address on the interface. EUI-64 will use this for the host portion of the adderess
  • Configure IPv6 on the router and then add the network portion of the IPv6, leaving EUI064 to take care of the host portion
  • Check the interface had been configured and is using the EUI-64 address

Lab 23. Static NAT

• Objective: Learn how to configure static network address translation (NAT)
• Steps:
  • Connect a host to a router via a crossover cable. Add another router, which will be the IP address the host pings.
• Set the IP configuration for the host. The Ethernet interface should be 172.16.1.2 and the default gateway 172.16.1.1, which will be the closest IP address of R0.
  • Configure IP addressing on R0 and R1. The routers are connected via G0/1
  • Add a static route on R1 to send all traffic to R0.
  • Add your NAT configuration to R0. The address 172.16.1.2 should be NAT-ted to 10.0.0.1 Note that you must tell the router which is the inside/outside of your network for the purposes of NAT
  • Test your configuration by pinging 192.168.1.2 from your host. R0 should swap (NAT) this address for 10.0.0.1. Check the NAT table on R0.

Lab 24. NAT Pool

• Objective: Learn how to configure a pool of network address translation(NAT) addresses
• Steps:
  • Connect a couple of hosts to a switch. Connect two routers via a crossover cable.
  • Set the IP configuration for the hosts. The Ethernet interfaces should be 172.16.1.2 and .3 and the default gateway 172.16.1.1, which will be the closest IP address of R0.
  • Configure IP addressing on R0 and R1. The routers are connected via G0/1
  • Add a static route on R1 to send all traffic to R0
  • Add your NAT configuration to R0 Source list should be NAT-ted to a pool of addresses from the 10.0.0.0/8 network. * For a NAT pool we must add a bit more configuration We create a NAT pool, a source list which tells the router which pool to use, and then an access list
    *Test your configuration by pinging 192.168.1.2 from your host.

Lab 25. Port Address Translation

• Objective: Learn how to configure port address translation (PAT).
• Steps:
  • Connect a couple of hosts to a switch. Connect two routers via a crossover cable
  • Set the IP configuration for the hosts. The Ethernet interfaces should be 172.16.1.2 and .3 and the default gateway 172.16.1.1, which will be the closest IP address of R0.
  • Configure IP addressing on R0 and R1. The routers are connected via G0/1
  • Add a static route on R1 to send all traffic to R0.
  • Add your PAT configuration to R0. The network 172.16.0.0 should be NAT-ted to a pool of addresses from the 10.0.0.0/8 network NOTE that we are using the same IP address twice;
  • Test your configuration by pinging 192.168.1.2 from your hosts R0 should swap (PAT) this address for an address from the pool but tag a port number onto it

Lab 26. Port Forwarding

• Objective: Learn how to configure port forwarding.
• Steps:
  • Connect a server and a PC to a router using crossover cables. The PC will browse to the web server, and the router will perform port forwarding.
• Set the IP configuration for the host and server The server Ethernet interface should be 172.16.1.2 and the default gateway 172.16.1.1, which will be the closest IP address of R0
  • Configure IP addressing on Router 0
    *Router>enableRouter#config tRouter(config)#host R0R0(config)#int g0/0R0(config-if)#ip add 172.16.1.1 255.255.0.0Router(config-if)#no shutR0(config-if)#int g0/1R0(config-if)#ip add 192.168.1.1 255.255.255.0Router(config-if)#no shut R1(config-if)#exit
    Enable your Connection by pinging the Server and the PC
    Add the port forwarding and NAT configurations to the router to ensure connections on port 80 for IP 10.0.0.2 is forwarded on to 172.16.1.2.
    Test your configuration by connecting to the Browser Web on server PC. check that the table configuration matches that of the router

Lab 27. Standard Access Control Lists

• Objective: Learn how to configure a standard access list *Steps
  • Connect two routers with a crossover cable. We will use loopback interfaces to simulate networks/hosts.
  • Ping across the link. R0#ping 192.168.1.2
  • Configure a static route on R0 and R1 so each can reach the network on the other side, and then test with the ‘ping