CCNA Switching, Routing, and Wireless Essentials - Module 1 Notes

Module 1: Basic Device Configuration - Introduction\n\n## 1.0.1 Why should I take this module?\n* Purpose: To gain precise control over network devices (switches and routers) beyond their built-in configurations.\n* Analogy: Similar to customizing a model train set from a simple oval track to a more complex layout with multiple trains, network administrators need to reconfigure devices to meet specific network requirements.\n* Skills: This module emphasizes hands-on skills through Syntax Checker and Packet Tracer activities.\n\n## 1.0.2 What will I learn to do in this module?\n* Module Title: Basic Device Configuration\n* Module Objective: Configure devices using security best practices.\n\n# Configure a Switch with Initial Settings\n\n## 1.1.1 Switch Boot Sequence\n* Overview: Before configuration, a Cisco switch must complete a five-step boot sequence.\n* Step 1: Power-On Self-Test (POST)\n * Loaded from ROM.\n * Checks the CPU subsystem, including the CPU, DRAM, and the flash file system portion of the flash device.\n* Step 2: Boot Loader Software Load\n * The boot loader, a small program stored in ROM, runs immediately after successful POST.\n* Step 3: Low-Level CPU Initialization\n * The boot loader initializes CPU registers, controlling physical memory mapping, quantity, and speed.\n* Step 4: Flash File System Initialization\n * The boot loader initializes the flash file system on the system board.\n* Step 5: IOS Operating System Load\n * The boot loader locates and loads a default IOS operating system software image into memory.\n * Control of the switch is then given to the IOS.\n\n## 1.1.2 The boot system Command\n* Automatic Boot Process: The switch attempts to boot using information in the BOOT environment variable.\n* Default Behavior: If the BOOT variable is not set, the switch loads the first executable file it finds.\n* Catalyst 2960 Series: The image file is typically in a directory named after the image file (excluding the $.bin$ extension).\n* IOS Initialization: The IOS initializes interfaces using commands from the startup-config file.\n* startup-config: This file is named config.text and is located in flash memory.\n* Setting BOOT Variable: Use the boot system global configuration mode command to specify the IOS image path.\n * Example: boot system flash:/c2960-lanbasek9-mz.150-2.SE/c2960-lanbasek9-mz.150-2.SE.bin (specifies IOS in a distinct folder).\n* Verification: Use the show boot command to display the current IOS boot file setting.\n\n## 1.1.3 Switch LED Indicators\n* Purpose: To quickly monitor switch activity and performance.\n* Variations: LEDs and their placement differ across switch models and feature sets.\n* Mode Button: Used to toggle through different port LED status modes: Port Status, Port Duplex, Port Speed, and (if supported) Power over Ethernet (PoE) status.\n* System LED:\n * Off: System not powered on.\n * Green: System operating normally.\n * Amber: System receiving power but not functioning properly.\n* Redundant Power System (RPS) LED:\n * Off: RPS off or improperly connected.\n * Green: RPS connected and ready for backup power.\n * Blinking Green: RPS connected but unavailable (providing power to another device).\n * Amber: RPS in standby or fault condition.\n * Blinking Amber: Internal switch power supply failed; RPS is providing power.\n* Port Status LED (Default Mode):\n * Off: No link or port administratively shut down.\n * Green: Link present.\n * Blinking Green: Activity (sending/receiving data).\n * Alternating Green-Amber: Link fault.\n * Amber: Port blocked (e.g., Spanning Tree Protocol blocking to prevent loops), not forwarding data (typical during $30$ seconds of activation).\n * Blinking Amber: Port blocked to prevent a possible loop in the forwarding domain.\n* Port Duplex LED (Green when selected):\n * Off: Half-duplex mode.\n * Green: Full-duplex mode.\n* Port Speed LED (Green when selected):\n * Off: $10$ Mbps operation.\n * Green: $100$ Mbps operation.\n * Blinking Green: $1000$ Mbps operation.\n* Power over Ethernet (PoE) Mode LED (if supported):\n * Off (PoE mode not selected): No ports denied power or in fault.\n * Blinking Amber (PoE mode not selected): At least one port denied power or has a PoE fault.\n * Green (PoE mode selected):\n * Port LED Off: PoE off.\n * Port LED Green: PoE on.\n * Port LED Alternating Green-Amber: PoE denied (exceeds switch power capacity).\n * Port LED Blinking Amber: PoE off due to a fault.\n * Port LED Amber: PoE for the port has been disabled.\n\n## 1.1.4 Recovering from a System Crash\n* Boot Loader Access: The boot loader provides a command-line interface to the switch's flash memory if the operating system is missing or damaged.\n* Access Steps via Console:\n 1. Connect a PC to the switch console port using a console cable. Configure terminal emulation software.\n 2. Unplug the switch power cord.\n 3. Reconnect the power cord. Within $15$ seconds, press and hold the Mode button while the System LED is flashing green.\n 4. Continue holding until the System LED turns briefly amber and then solid green. Release the Mode button.\n 5. The boot loader switch: prompt appears in the terminal emulation software.\n* Boot Loader Commands:\n * help or ?: View available commands.\n * set: View the current BOOT environment variable path.\n * flash_init: Initialize the flash file system.\n * dir flash:: View directories and files in flash.\n * BOOT=flash:<path_to_IOS_image>: Change the BOOT environment variable to load a new IOS.\n * boot: Load the IOS without arguments (uses the BOOT variable).\n* Capabilities: The boot loader supports initializing/formatting flash, installing new IOS, changing the BOOT environment variable, and recovering lost/forgotten passwords.\n\n## 1.1.5 Switch Management Access\n* Requirement: For remote management, the switch needs a Switch Virtual Interface (SVI) configured.\n* SVI Configuration: Must include an IPv4 address and subnet mask, or an IPv6 address and prefix length.\n* SVI Nature: A virtual interface, not a physical port.\n* Remote Network Management: A default gateway must be configured on the switch to manage it from a remote network. This is similar to host device IP configuration.\n\n## 1.1.6 Switch SVI Configuration Example\n* Default Management VLAN: VLAN 1, with all ports assigned to it by default.\n* Security Best Practice: Use a VLAN other than VLAN 1 for management (e.g., VLAN 99).\n* Step 1: Configure the Management Interface (SVI)\n * Enter VLAN interface configuration mode.\n * Assign IPv4 and IPv6 addresses:\n * IPv4: interface vlan 99, ip address 172.17.99.11 255.255.255.0\n * IPv6: ipv6 address 2001:db8:acad:99::1/64\n * Note: The SVI for VLAN 99 will only show "up/up" when VLAN 99 is created and a device is connected to a port associated with VLAN 99.\n * Note: For IPv6 addressing on a Cisco Catalyst 2960 (IOS version $15.0$), the command sdm prefer dual-ipv4-and-ipv6 default and a switch reload might be required.\n* Step 2: Configure the Default Gateway\n * Essential for remote management from indirectly connected networks.\n * Note: An IPv6 default gateway is often not required because the switch can receive this information from a Router Advertisement (RA) message.\n* Step 3: Verify Configuration\n * Use show ip interface brief and show ipv6 interface brief to check the status of physical and virtual interfaces.\n * Confirms IPv4 and IPv6 addresses on VLAN 99.\n * Note: An IP address on an SVI is for remote management access only; it doesn't enable the switch to route Layer 3 packets.\n\n# Configure Switch Ports\n\n## 1.2.1 Duplex Communication\n* Full-Duplex Communication:\n * Increases bandwidth efficiency.\n * Allows simultaneous data transmission and reception (bidirectional).\n * Requires microsegmentation (one device per switch port).\n * No collision domain associated with a full-duplex switch port.\n * Required by Gigabit Ethernet and $10$ Gb NICs.\n * Collision detection circuit on the NIC is disabled.\n * Offers $100\%$ efficiency in both directions.\n * Modern switches use full-duplex by default.\n* Half-Duplex Communication:\n * Unidirectional data flow.\n * Causes performance issues and often results in collisions.\n * Typically found in older hardware like hubs.\n\n## 1.2.2 Configure Switch Ports at the Physical Layer\n* Manual Configuration: Switch ports can be configured for specific duplex and speed settings.\n * duplex {auto | full | half}: Sets the duplex mode.\n * speed {auto | 10 | 100 | 1000}: Sets the speed.\n * Example Commands (S1):\n * interface FastEthernet0/1\n * duplex full\n * speed 100\n* Default Settings: On Cisco Catalyst $2960$ and $3560$ switches, speed and duplex default to auto.\n * $10/100/1000$ ports: operate in half or full-duplex at $10$ or $100$ Mbps; operate only in full-duplex at $1000$ Mbps ($1$ Gbps).\n* Autonegotiation: Useful when connecting devices with unknown or variable speed/duplex settings.\n* Best Practice: Manually set speed and duplex for known devices (servers, dedicated workstations, network devices) to prevent issues.\n* Troubleshooting: Check duplex and speed settings for mismatches, which can cause connectivity problems (often due to autonegotiation failure).\n* Fiber-Optic Ports: (e.g., $1000BASE-SX$) operate only at one preset speed and are always full-duplex.\n\n## 1.2.3 Auto-MDIX\n* Purpose: Automatically detects required cable type (straight-through or crossover), eliminating the need for specific cables when connecting devices.\n* Historical Context: Previously, specific cable types were required (e.g., straight-through for switch-to-host, crossover for switch-to-switch).\n* Enabling Auto-MDIX: Use the mdix auto interface configuration mode command.\n * Note: Auto-MDIX is enabled by default on newer Cisco Catalyst $2960$ and $3560$ switches but not on older $2950$ and $3550$ models.\n* Prerequisite: For Auto-MDIX to function correctly, the interface speed and duplex must be set to auto.\n* Verification: Use show controllers ethernet-controller <interface> phy | include MDIX to check if the feature is On or Off.\n\n## 1.2.4 Switch Verification Commands\n* A table summarizing useful show commands for switch verification. (Content is implied by the text, not explicitly listed in detail here, but acknowledged as a crucial component).\n\n## 1.2.5 Verify Switch Port Configuration\n* show running-config: Verifies overall switch configuration.\n * Example output:\n * Fast Ethernet 0/18 configured with management VLAN 99.\n * VLAN 99 has IPv4 address 172.17.99.11 255.255.255.0.\n * Default gateway set to 172.17.99.1.\n* show interfaces: Displays status and statistics for network interfaces.\n * Example output for show interfaces FastEthernet0/18:\n * First line indicates interface up/up (operational).\n * Displays duplex full and speed 100 Mbps.\n\n## 1.2.6 Network Access Layer Issues\n* show interfaces for Media Issues: Output provides insight into common problems.\n* Line and Data Link Protocol Status:\n * First Parameter ("FastEthernet0/18 is up"): Refers to the hardware layer (carrier detect signal).\n * Second Parameter ("line protocol is up"): Refers to the data link layer (keepalives received).\n* Interpreting Status:\n * Interface up, Line Protocol down: Problem exists (e.g., encapsulation type mismatch, error-disabled interface on other end, hardware issue).\n * Line Protocol and Interface both down: Cable not attached, or other interface problem (e.g., other end administratively down).\n * Interface administratively down: Manually disabled using the shutdown command.\n* Media Errors (Counters and Statistics): show interfaces output includes various error counters indicating performance issues even if the circuit isn't completely failed.\n * Common Errors (detected by show interfaces):\n * Runts: Ethernet frames shorter than $64$ bytes. Often caused by malfunctioning NICs or collisions.\n * Giants: Ethernet frames larger than the maximum allowed size.\n * CRC errors: Indicate media or cable errors, electrical interference, loose/damaged connections, or incorrect cabling. Suggests too much noise on the link.\n * Collisions: Normal in half-duplex. Should never occur on a full-duplex interface.\n * Late collisions: Collisions occurring after $512$ bits of frame transmission. Common causes are excessive cable lengths or duplex misconfiguration (one end full, other half). Always indicative of an issue and should not occur in a properly designed/configured network.\n\n## 1.2.7 Interface Input and Output Errors\n* Input Errors: Sum of all errors in received datagrams on an interface. Includes:\n * Runt Frames: Ethernet frames shorter than the minimum $64$-byte length. Usual cause: malfunctioning NICs; can also be from collisions.\n * Giants: Ethernet frames larger than the maximum allowed size.\n * CRC errors: Common on Ethernet and serial interfaces, usually indicating a media or cable error (electrical interference, loose/damaged connections, incorrect cabling). Indicates excessive noise on the link; inspect cable and eliminate noise sources.\n* Output Errors: Sum of all errors preventing final transmission of datagrams out of an interface. Includes:\n * Collisions: Normal in half-duplex. Should never be seen on a full-duplex interface.\n * Late collisions: Collision after $512$ bits of frame transmitted. Most common causes: excessive cable lengths, duplex misconfiguration (e.g., one end full-duplex, other half-duplex – late collisions seen on the half-duplex end). Requires configuring the same duplex setting on both ends. Should not occur in a properly designed and configured network.\n\n## 1.2.8 Troubleshooting Network Access Layer Issues\n* General Principle: Most issues occur during initial implementation, but ongoing maintenance and troubleshooting are required due to cabling damage, configuration changes, or new device connections.\n* Troubleshooting Process (No/Bad Connection):\n 1. Check Interface Status: Use show interfaces.\n 2. If Interface is Down:\n * Verify proper cables are used; check for damage. Replace suspected bad cables.\n * If still down, suspect a speed mismatch. Autonegotiation usually handles this, but misconfiguration or hardware/software issues can cause it. Manually set the same speed on both ends if suspected.\n 3. If Interface is Up, but Connectivity Issues Exist:\n * Check for Excessive Noise: Use show interfaces for increased runts, giants, and CRC errors. If present, find/remove noise sources, verify cable length (not exceeding max), and cable type.\n * Check for Excessive Collisions: If collisions or late collisions are present, verify duplex settings on both ends. Autonegotiation typically handles duplex. If a mismatch is suspected, manually set duplex to full on both ends.\n\n## 1.2.9 Syntax Checker - Configure Switch Ports\n* Objective: Configure FastEthernet0/1 duplex, speed, and MDIX to auto, then save configuration.\n* Commands:\n * S1# configure terminal\n * S1(config)# interface FastEthernet0/1\n * S1(config-if)# duplex auto\n * S1(config-if)# speed auto\n * S1(config-if)# mdix auto\n * S1(config-if)# end\n * S1# copy running-config startup-config\n\n# Secure Remote Access\n\n## 1.3.1 Telnet Operation\n* Protocol: Older protocol using TCP port $23$.\n* Security Flaw: Transmits login authentication (username and password) and data in plaintext (unencrypted).\n* Vulnerability: A threat actor can easily capture sensitive information using tools like Wireshark. (Example: captured username admin, password ccna).\n\n## 1.3.2 SSH Operation\n* Protocol: Secure Shell, uses TCP port $22$.\n* Security Feature: Provides a secure (encrypted) management connection to a remote device.\n* Recommendation: SSH should replace Telnet for all management connections.\n* Benefits: Strong encryption for device authentication (username and password) and for all transmitted data between communicating devices.\n* Example: Wireshark capture of an SSH session shows encrypted username and password, unlike Telnet.\n\n## 1.3.3 Verify the Switch Supports SSH\n* Requirement: The switch must run an IOS software version that includes cryptographic (encrypted) features and capabilities.\n* Identification: Look for "k9" in the IOS filename.\n* Verification Command: Use show version on the switch.\n\n## 1.3.4 Configure SSH\n* Prerequisites: The switch must have a unique hostname and correct network connectivity settings (e.g., SVI configured).\n* Step 1: Verify SSH Support\n * Command: show ip ssh. If the IOS doesn't support cryptography, this command will be unrecognized.\n* Step 2: Configure the IP Domain\n * Command: ip domain-name <domain-name> (Global config mode).\n * Example: ip domain-name cisco.com\n* Step 3: Generate RSA Key Pairs\n * Generating RSA keys automatically enables the SSH server.\n * Command: crypto key generate rsa (Global config mode).\n * Modulus Length: Administrator is prompted to enter a modulus length. A length of $1024$ bits is common, but longer lengths ($2048$, $4096$) are more secure but take longer to generate and use.\n * SSH Version: It's a best practice to explicitly configure SSH version 2 immediately after this (or before). ip ssh version 2 (Global config mode). Version 1 has known security flaws.\n * Deleting Keys: crypto key zeroize rsa (Global config mode) deletes keys and disables the SSH server.\n* Step 4: Configure User Authentication (Local)\n * Command: username <username> secret <password> (Global config mode).\n * Example: username admin secret ccna\n* Step 5: Configure the VTY Lines\n * Command: line vty 0 15 (Line config mode).\n * Command: transport input ssh (Limits connections to SSH only, preventing Telnet).\n * Command: login local (Requires authentication against the local username database).\n* Step 6: Enable SSH Version 2\n * Command: ip ssh version 2 (Global config mode). (This ensures only version 2 is used, overriding default support for both 1 and 2).\n\n## 1.3.5 Verify SSH is Operational\n* Client Software: Use an SSH client (e.g., PuTTY) on a PC to connect.\n* Connection Parameters (Example):\n * SSH enabled on switch S1.\n * S1 SVI VLAN 99 IPv4 address: 172.17.99.11.\n * PC1 IPv4 address: 172.17.99.21.\n* Process:\n 1. Initiate SSH connection from PC1 to S1's SVI IP address.\n 2. User is prompted for username and password.\n 3. Enter configured credentials (e.g., admin and ccna).\n 4. Successful connection to the switch CLI via SSH.\n* Verification Command: Use show ip ssh on the switch to display SSH version and configuration data. (Example shows SSH version $2$ enabled).\n\n# Basic Router Configuration\n\n## 1.4.1 Configure Basic Router Settings\n* Similarities to Switches: Cisco routers and switches share a similar modal operating system, command structures, and many commands.\n* Initial Configuration Tasks (Always Performed):\n * Name the device: hostname <router-name> (Global config mode). Distinguishes it from other devices.\n * Configure passwords:\n * Enable secret password: enable secret <password> (Global config mode).\n * Console line password: line console 0, password <password>, login (Line config mode).\n * VTY line passwords: line vty 0 4, password <password>, login (Line config mode).\n * Encrypt all plaintext passwords: service password-encryption (Global config mode).\n * Configure a banner: banner motd #<message># (Global config mode). Provides legal notification against unauthorized access. The # acts as a delimiting character.\n * Save changes: copy running-config startup-config (Privileged EXEC mode).\n\n## 1.4.2 Syntax Checker - Configure Basic Router Settings\n* Example Configuration Walkthrough:\n * Router# configure terminal -> Router(config)# hostname R2\n * Router(config)# enable secret class\n * Router(config)# line console 0 -> Router(config-line)# password cisco -> Router(config-line)# login -> Router(config-line)# exit\n * Router(config)# line vty 0 4 -> Router(config-line)# password cisco -> Router(config-line)# login -> Router(config-line)# exit\n * Router(config)# service password-encryption\n * Router(config)# banner motd #Authorized Access Only!#\n * Router(config)# exit\n * R1 copy running-config startup-config\n\n## 1.4.3 Dual Stack Topology\n* Distinguishing Feature: Routers and switches support different types of interfaces.\n* Switches: Layer $2$ devices, typically have multiple FastEthernet or Gigabit Ethernet ports for LANs.\n* Routers: Support both LANs and WANs, interconnecting different network types. Have diverse interfaces.\n * Example G2 ISRs: One or two integrated Gigabit Ethernet interfaces, High-Speed WAN Interface Card (HWIC) slots for serial, DSL, cable interfaces.\n* Purpose: The dual stack topology is used to demonstrate configuration of router IPv4 and IPv6 interfaces.\n\n## 1.4.4 Configure Router Interfaces\n* Requirements for Interface Availability:\n * IP Address Configuration:\n * IPv4: ip address <ip-address> <subnet-mask> (Interface config mode).\n * IPv6: ipv6 address <ipv6-address>/<prefix-length> (Interface config mode).\n * Activation: Interfaces are shutdown by default. Use no shutdown to enable (Interface config mode). Physical layer becomes active when connected to another device.\n * Description (Optional but Recommended): description <text> (Interface config mode). Up to $240$ characters; helpful for troubleshooting and identifying third-party connections.\n* Example Configuration (R1 Interfaces): Showing commands for interface GigabitEthernet0/0/0, interface GigabitEthernet0/0/1, interface Serial0/0/0, including IP addresses, IPv6 addresses, descriptions, and no shutdown.\n\n## 1.4.5 Syntax Checker - Configure Router Interfaces\n* Objective: Configure R2's IPv4 and IPv6 interfaces.\n* GigabitEthernet 0/0/0:\n * interface g0/0/0\n * ip address 10.1.1.1 255.255.255.0\n * ipv6 address 2001:db8:acad:4::1/64\n * description Link to LAN 3\n * no shutdown\n* GigabitEthernet 0/0/1:\n * interface g0/0/1\n * ip address 10.1.2.1 255.255.255.0\n * ipv6 address 2001:db8:acad:5::1/64\n * description Link to LAN 4\n * no shutdown\n* Serial 0/0/0:\n * interface s0/0/0\n * ip address 209.165.200.226 255.255.255.252\n * ipv6 address 2001:db8:acad:3::226/64\n * description Link to R1\n * no shutdown\n\n## 1.4.6 IPv4 Loopback Interfaces\n* Description: A logical interface internal to the router; not assigned to a physical port and cannot be connected to other devices.\n* Nature: A software interface that is automatically "up" as long as the router functions.\n* Usefulness:\n * Testing and Management: Ensures at least one interface is always available for testing internal routing processes or management.\n * Emulating Networks: Can emulate networks behind the router.\n * Lab Environments: Used to create additional interfaces to simulate more networks for practice (e.g., simulating an internet link).\n* Configuration: Simple to enable and assign an address.\n* Multiple Loopbacks: A router can have multiple loopback interfaces. Each requires a unique IPv4 address not used by other interfaces.\n* Example:\n * interface Loopback0\n * ip address 192.168.1.1 255.255.255.0\n\n# Verify Directly Connected Networks\n\n## 1.5.1 Interface Verification Commands\n* Purpose: To verify router configuration and connectivity.\n* Useful show Commands:\n * show ip interface brief: Summary of all IPv4 interfaces (address, status).\n * show ipv6 interface brief: Summary of all IPv6 interfaces (address, status).\n * show running-config interface <interface-id>: Displays configuration specifically applied to the named interface.\n * show ip route: Displays the IPv4 routing table in RAM.\n * show ipv6 route: Displays the IPv6 routing table in RAM.\n * Cisco IOS 15: Active interfaces appear with two entries: 'C' (Connected) and 'L' (Local).\n * Previous IOS versions: Only a single 'C' entry.\n\n## 1.5.2 Verify Interface Status\n* show ip/ipv6 interface brief Output: Quickly reveals interface status.\n* "Status of up" and "Protocol of up": Indicates active and operational interfaces.\n* Troubleshooting: Any other output (e.g., "down/down") indicates configuration or cabling problems.\n\n## 1.5.3 Verify IPv6 Link Local and Multicast Addresses\n* show ipv6 interface brief Output:\n * Displays two configured IPv6 addresses per interface:\n * Global Unicast Address: Manually entered.\n * Link-Local Unicast Address: Automatically added (starts with FE80), required for an IPv6 network interface.\n* show ipv6 interface gigabitethernet 0/0/0 (More Detail):\n * Displays interface status.\n * Lists all IPv6 addresses (global, link-local, and multicast addresses starting with FF02).\n\n## 1.5.4 Verify Interface Configuration\n* show running-config interface Output: Displays current commands applied to a specified interface.\n* Additional Detailed Commands:\n * show interfaces: Displays interface information and packet flow counts for all device interfaces.\n * show ip interface: Displays IPv4-related information for all router interfaces.\n * show ipv6 interface: Displays IPv6-related information for all router interfaces.\n\n## 1.5.5 Verify Routes\n* show ip route / show ipv6 route Output:\n * Reveals directly connected network entries and local host route entries.\n * 'C' (Connected): Indicates a directly connected network. When an interface is configured with a global unicast address and is "up/up", its prefix and prefix length are added as a connected route.\n * 'L' (Local): Local host route.\n * Administrative distance of $0$.\n * For IPv4, uses a $/32$ mask.\n * For IPv6, uses a $/128$ mask (the global unicast address applied to the interface).\n * Used by the router to efficiently process packets destined to its own interface IP address.\n* ping Command: Used to verify Layer $3$ connectivity. Identical for IPv4 and IPv6, just use the appropriate address format.\n * Example: ping 2001:db8:acad:1::10 (from R1 to PC1).\n\n## 1.5.6 Filter Show Command Output\n* Paging Output: Commands with multiple screens of output pause after $24$ lines, displaying --More--.\n * Press Enter for the next line.\n * Press Spacebar for the next set of lines.\n * terminal length <number>: Specifies the number of lines to display. terminal length 0 prevents pausing.\n* Filtering Commands (After Pipe |): Improves CLI user experience by displaying specific sections of output.\n * section <filtering-expression>: Shows the entire section that starts with the expression.\n * include <filtering-expression>: Includes all output lines that match the expression.\n * exclude <filtering-expression>: Excludes all output lines that match the expression.\n * begin <filtering-expression>: Shows all output lines from the point matching the expression onwards.\n* Note: Output filters can be combined with any show command.\n\n## 1.5.7 Syntax Checker - Filter Show Command Output\n* Examples:\n * Filter show running-config for 'line con' section: R1# show running-config | section line con\n * Filter for 'down' interfaces in brief listing: R1# show ip interface brief | include down\n * Exclude 'up' interfaces in brief listing: R1# show ip interface brief | exclude up\n * Filter show running-config to begin at 'line': R1# show running-config | begin line\n\n## 1.5.8 Command History Feature\n* Purpose: Temporarily stores executed commands for recall.\n* Navigation:\n * Recall older commands: Ctrl+P or Up Arrow key (starts with most recent).\n * Recall more recent commands: Ctrl+N or Down Arrow key.\n* Default Behavior: Command history is enabled by default, capturing the last $10$ command lines.\n* Verification: show history (Privileged EXEC mode) displays the buffer contents.\n* Changing Buffer Size: terminal history size <number> (User EXEC mode) customizes the number of command lines recorded for the current terminal session.\n* Example: terminal history size 200, show history.\n\n## 1.5.9 Syntax Checker - Command History Features\n* Examples:\n * Set history size to $200$: R1> terminal history size 200\n * Display command history: R1> show history