Feedback Information

At Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each book is crafted with care and precision, undergoing rigorous development that involves the unique expertise of members from the professional technical community. Readers' feedback is a natural continuation of this process. If you have any comments regarding how we could improve the quality of this book, or otherwise alter it to better suit your needs, you can contact us through email at...

About the Author

David Hucaby, CCIE No. 4594, is a lead network engineer for the University of Kentucky, where he works with healthcare networks based on the Cisco Catalyst, ASA, FWSM, and VPN product lines. David has a bachelor of science degree and master of science degree in electrical engineering from the University of Kentucky. He is the author of three previous books for Cisco Press, including Cisco ASA and PIX Firewall Handbook, Cisco Field Manual Router Configuration, and Cisco Field Manual Catalyst...

Access Point Operation

An AP's primary function is to bridge wireless data from the air to a normal wired network. An AP can accept connections from a number of wireless clients so that they become members of the LAN, as if the same clients were using wired connections. An AP can also act as a bridge to form a single wireless link from one LAN to another over a long distance. In that case, an AP is needed on each end of the wireless link. AP-to-AP or line-of-sight links are commonly used for connectivity between...

Acknowledgments

It has been my great pleasure to work on another Cisco Press project. I enjoy the networking field very much, and technical writing even more. And more than that, I'm thankful for the joy and inner peace that Jesus Christ gives, making everything more abundant. Technical writing may be hard work, but I'm finding that it's also quite fun because I'm working with very good friends. I can't say enough good things about Chris Cleveland. Somehow Chris is able to handle many book projects all at...

Adjacency Table

A router normally maintains a routing table containing Layer 3 network and next-hop information, and an ARP table containing Layer 3 to Layer 2 address mapping. These tables are kept independently. Recall that the FIB keeps the Layer 3 next-hop address for each entry. To streamline packet forwarding even more, the FIB has corresponding Layer 2 information for every next-hop entry. This portion of the FIB is called the adjacency table, consisting of the MAC addresses of nodes that can be reached...

AP Association and Roaming

When a wireless client is associated with an AP, all data going to and from the client must pass through that AP. Recall from Chapter 17 that a client forms an association by sending an association request message to the AP. If the client is compatible with the WLAN by having the correct SSID, supporting the same data rates, and authenticating correctly, the AP responds with an association reply. An association is maintained with the AP as long as the client stays within range of the AP....

Associate Ports with Private VLANs

First, define the function of the port that will participate on a private VLAN using the following configuration command Switch(config-if) switchport mode private-vlan host I promiscuous If the host connected to this port is a router, firewall, or common gateway for the VLAN, use the promiscuous keyword. This allows the host to reach all other promiscuous, isolated, or community ports associated with the primary VLAN. Otherwise, any isolated or community port must receive the host keyword. For...

Avoiding Collisions in a WLAN

When two or more wireless stations transmit at the same time, their signals become mixed. Receiving stations can see the result only as garbled data, noise, or errors. No clear-cut way exists to determine whether a collision has occurred. Even the transmitting stations won't realize it because their receivers must be turned off while they are transmitting. As a basic feedback mechanism, whenever a wireless station transmits a frame, the receiving wireless station must send an acknowledgement...

Backbone Fast Redundant Backbone Paths

In the network backbone, or core layer, a different method is used to shorten STP convergence. BackboneFast works by having a switch actively determine whether alternative paths exist to the Root Bridge, in case the switch detects an indirect link failure. Indirect link failures occur when a link that is not directly connected to a switch fails. A switch detects an indirect link failure when it receives inferior BPDUs from its designated bridge on either its Root Port or a blocked port....

Basic RF Operation

Radio frequency (RF) communication begins with an oscillating signal transmitted from one device to be received on one or more other devices. This oscillating signal is based around a constant, known frequency. Because the transmitter uses a set frequency, a receiver can tune to the same frequency and receive the same signal. You have probably had this experience by tuning a radio receiver in a car. Basically, the transmitting station has a transmitter that generates the RF signal, an antenna,...

BPDUs in RSTP

In 802.1D, BPDUs basically originate from the Root Bridge and are relayed by all switches down through the tree. Because of this propagation of BPDUs, 802.1D convergence must wait for steady-state conditions before proceeding. RSTP uses the 802.1D BPDU format for backward compatibility. However, some previously unused bits in the Message Type field are used. The sending switch port identifies itself by its RSTP role and state. The BPDU version also is set to 2 to distinguish RSTP BPDUs from...

Bridging Loops

Recall that a Layer 2 switch mimics the function of a transparent bridge. A transparent bridge must offer segmentation between two networks while remaining transparent to all the end devices connected to it. For the purpose of this discussion, consider a two-port Ethernet switch and its similarities to a two-port transparent bridge. A transparent bridge (and the Ethernet switch) must operate as follows The bridge has no initial knowledge of any end device's location therefore, the bridge must...

Bundling Ports with Ether Channel

EtherChannel bundles can consist of up to eight physical ports of the same Ethernet media type and speed. Some configuration restrictions exist to ensure that only similarly configured links are bundled. Generally, all bundled ports first must belong to the same VLAN. If used as a trunk, bundled ports must be in trunking mode, have the same native VLAN, and pass the same set of VLANs. Each of the ports should have the same speed and duplex settings before being bundled. Bundled ports also must...

Can I Use Layer 2 Distribution Switches

This chapter covers the best practice design that places Layer 3 switches at both the core and distribution layers. What would happen if you could not afford Layer 3 switches at the distribution layer Figure 2-5 shows a dual-core campus network with Layer 2 distribution switches. Notice how each access VLAN extends not only throughout the switch block but also into the core. This is because the VLAN terminates at a Layer 3 boundary present only in the core. As an example, VLAN A's propagation...

Command Syntax Conventions

The conventions used to present command syntax in this book are the same conventions used in the IOS Command Reference. The Command Reference describes these conventions as follows Boldface indicates commands and keywords that are entered literally as shown. In actual configuration examples and output (not general command syntax), boldface indicates commands that are manually input by the user (such as a show command). Italics indicate arguments for which you supply actual values. Vertical bars...

Configuring a LACP Ether Channel

To configure switch ports for LACP negotiation, use the following commands Switch(config) lacp system-priority priority Switch(config) interface type mod num Switch(config-if) channel-protocol lacp Switch(config-if) channel-group number mode on I passive I active Switch(config-if) lacp port-priority priority First, the switch should have its LACP system priority defined (1 to 65,535 default 32,768). If desired, one switch should be assigned a lower system priority than the other so that it can...

Configuring a Trust Boundary

When a Cisco IP Phone is connected to a switch port, think of the phone as another switch (which it is). If you install the phone as a part of your network, you probably can trust the QoS information relayed by the phone. However, remember that the phone also has two sources of data The VoIP packets native to the phone The phone can control precisely what QoS information is included in the voice packets because it produces those packets. The user PC data switch port Packets from the PC data...

Contents

Part I Overview and Design of a Campus Network 3 Do I Know This Already Quiz 5 Switching Functionality 9 Layer 2 Switching 10 Layer 3 Routing 11 Layer 3 Switching 11 Layer 4 Switching 12 Multilayer Switching 12 Campus Network Models 13 Shared Network Model 13 LAN Segmentation Model 15 Network Traffic Models 18 Predictable Network Model 19 Hierarchical Network Design 20 Access Layer 21 Distribution Layer 21 Core Layer 22 Do I Know This Already Quiz 27 Modular Network Design 31 Switch Block 32...

Contents at a Glance

Overview and Design of a Campus Network Traditional Spanning Tree Protocol 181 Protecting the Spanning Tree Protocol Topology 243 Router, Supervisor, and Power Redundancy Chapter 17 Wireless LAN Overview 431 Chapter 18 Wireless Architecture and Design 471 Chapter 19 Cisco Unified Wireless Network 497 Part VI Scenarios for Final Preparation 533 Chapter 20 Scenarios for Final Preparation 535 Appendix A Answers to Chapter Do I Know This Already Quizzes and Q& A Sections 555

Core Layer

A campus network's core layer provides connectivity of all distribution-layer devices. The core, sometimes referred to as the backbone, must be capable of switching traffic as efficiently as possible. Core devices, sometimes called campus backbone switches, should have the following attributes Very high throughput at Layer 2 or Layer 3 No costly or unnecessary packet manipulations (access lists, packet filtering) Redundancy and resilience for high availability Devices in a campus network's core...

Dedications

As always, this book is dedicated to the most important people in my life my wife, Marci, and my two little daughters, Lauren and Kara. Their love, encouragement, and support carry me along. I'm so grateful to God, who gives endurance and encouragement (Romans 15 5), and has allowed me to work on projects like this. I would also like to dedicate this book to the memory of two close relatives whom I've lost this year Ralph Hucaby, my uncle, a fellow EE, and a pioneer in the television industry,...

Deploying VLANs

To implement VLANs, you must consider the number of VLANs you need and how best to place them. As usual, the number of VLANs depends on traffic patterns, application types, segmentation of common workgroups, and network-management requirements. An important factor to consider is the relationship between VLANs and the IP addressing schemes used. Cisco recommends a one-to-one correspondence between VLANs and IP subnets. This recommendation means that if a subnet with a 24-bit mask (255.255.255.0)...

Detecting a Powered Device

The switch always keeps the power disabled when a switch port is down. However, the switch must continually try to detect whether a powered device is connected to a port. If it is, the switch must begin providing power so that the device can initialize and become operational. Only then will the Ethernet link be established. Because there are two PoE methods, a Catalyst switch tries both to detect a powered device. For IEEE 802.3af, the switch begins by supplying a small voltage across the...

Distribution Layer

The distribution layer provides interconnection between the campus network's access and core layers. Devices in this layer, sometimes called building distribution switches, should have the following capabilities Aggregation of multiple access-layer devices High Layer 3 throughput for packet handling Security and policy-based connectivity functions through access lists or packet filters Scalable and resilient high-speed links to the core and access layers In the distribution layer, uplinks from...

Do I Know This Already

LWAPP is integral to operating a lightweight access point. What is so special about LWAPP Answer LWAPP is the protocol used to build a tunnel between a lightweight AP and a WLC. Through this protocol, the LAP can be centrally managed, can synchronize code images, and can transport wireless client traffic across a switched network from WLC to LAP. 2. How does a wireless client roam between two LAPs managed by the same WLC Answer The client must move its association from one LAP to another in...

Do I Know This Already Quiz

The purpose of the Do I Know This Already quiz is to help you decide whether you need to read the entire chapter. If you already intend to read the entire chapter, you do not necessarily need to answer these questions now. The 12-question quiz, derived from the major sections in the Foundation Topics portion of the chapter, helps you determine how to spend your limited study time. Table 8-1 outlines the major topics discussed in this chapter and the Do I Know This Already quiz questions that...

Dynamic Trunking Protocol

You manually can configure trunk links on Catalyst switches for either ISL or 802.1Q mode. In addition, Cisco has implemented a proprietary, point-to-point protocol called Dynamic Trunking Protocol (DTP) that negotiates a common trunking mode between two switches. The negotiation covers the encapsulation (ISL or 802.1Q) and whether the link becomes a trunk at all. This allows trunk links to be used without a great deal of manual configuration or administration. The use of DTP is explained in...

EAPBased Security Methods

Fortunately, wireless security has evolved to use other more robust methods. APs can use a variety of authentication methods that leverage external authentication and authorization servers and their user databases. The Extensible Authentication Protocol (EAP) forms the basis for many wireless security methods most of which have similar acronyms that rhyme, such as EAP, PEAP, and LEAP. EAP is defined in RFC 3748, and was originally designed to handle user authentication for PPP users. Because it...

Electing a Root Bridge

For all switches in a network to agree on a loop-free topology, a common frame of reference must exist to use as a guide. This reference point is called the Root Bridge. (The term bridge continues to be used even in a switched environment because STP was developed for use in bridges. Therefore, when you see bridge, think switch.) An election process among all connected switches chooses the Root Bridge. Each switch has a unique Bridge ID that identifies it to other switches. The Bridge ID is an...

Electing Designated Ports

By now, you should begin to see the process unfolding A starting or reference point has been identified, and each switch connects itself toward the reference point with the single link that has the best path. A tree structure is beginning to emerge, but links have only been identified at this point. All links still are connected and could be active, leaving bridging loops. To remove the possibility of bridging loops, STP makes a final computation to identify one Designated Port on each network...

Electing Root Ports

Now that a reference point has been nominated and elected for the entire switched network, each nonroot switch must figure out where it is in relation to the Root Bridge. This action can be performed by selecting only one Root Port on each nonroot switch. The Root Port always points toward the current Root Bridge. STP uses the concept of cost to determine many things. Selecting a Root Port involves evaluating the Root Path Cost. This value is the cumulative cost of all the links leading to the...

Ethernet Concepts

This section reviews the varieties of Ethernet and their application in a campus network. Recall how the bandwidth requirements for each network segment are determined by the types of applications in use, the traffic flows within the network, and the size of the user community served. Ethernet scales to support increasing bandwidths and should be chosen to match the need at each point in the campus network. As network bandwidth requirements grow, you can scale the links between access,...

Ethernet Port Cables and Connectors

Catalyst switches support a variety of network connections, including all forms of Ethernet. In addition, Catalyst switches support several types of cabling, including UTP and optical fiber. Fast Ethernet (100BASE-FX) ports use two-strand multimode fiber (MMF) with MT-RJ or SC connectors to provide connectivity. The MT-RJ connectors are small and modular, each containing a pair of fiber-optic strands. The connector snaps into position, but you must press a tab to remove it. The SC connectors on...

Evaluating an Existing Network

If you are building an enterprise network from scratch, you might find that it is fairly straightforward to build it in a hierarchical fashion. After all, you can begin with switches in the core layer and fan out into lower layers to meet the users, server farms, and service providers. In the real world, you might be more likely to find existing networks that need an overhaul to match the hierarchical model. Hopefully, if you are redesigning your own network, you already know its topology and...

Forwarding Information Base

The Layer 3 engine (essentially a router) maintains routing information, whether from static routes or dynamic routing protocols. Basically, the routing table is reformatted into an ordered list with the most specific route first, for each IP destination subnet in the table. The new format is called a Forwarding Information Base (FIB) and contains routing or forwarding information that the network prefix can reference. In other words, a route to 10.1.0.0 16 might be contained in the FIB along...

Foundation Summary

The Foundation Summary is a collection of information that provides a convenient review of many key concepts in this chapter. If you are already comfortable with the topics in this chapter, this summary can help you recall a few details. If you just read this chapter, this review should help solidify some key facts. If you are doing your final preparation before the exam, this information will hopefully be a convenient way to review the day before the exam. Table 17-5 Quick Comparison of...

Hierarchical Network Design

You can structure the campus network so that each of the three types of traffic flows or services outlined in Table 1-3 is best supported. Cisco has refined a hierarchical approach to network design that enables network designers to logically create a network by defining and using layers of devices. The resulting network is efficient, intelligent, scalable, and easily managed. The hierarchical model breaks a campus network into three distinct layers, as illustrated in Figure 1-5. Figure 1-5...

How This Book Is Organized

Although this book can be read cover to cover, it is designed to be flexible and allow you to easily move between chapters and sections of chapters to cover only the material that you need more work with. Chapters 1 through 19 are the core chapters and can be covered in any order, though some chapters are related and build upon each other. If you do intend to read them all, the order in the book is an excellent sequence to use. When you finish with the core chapters, you have several options on...

How to Use This Book for Study

Retention and recall are the two features of human memory most closely related to performance on tests. This exam-preparation guide focuses on increasing both retention and recall of the topics on the exam. The other human characteristic involved in successfully passing the exam is intelligence this book does not address that issue Adult retention is typically less than that of children. For example, it is common for 4-year-olds to pick up basic language skills in a new country faster than...

Ii

Now, each module should be addressed so that it can be migrated into a proper switch block. Remember that switch blocks always contain the switches necessary to connect a resource (users, servers, and so on) into the core layer. If this is done for the network in Figure 2-8, the network shown in Figure 2-9 might result. Figure 2-9 Migrating Network Modules into Switch Blocks Service Core or Server Farm Provider Module Collapsed Core Switch Block Figure 2-9 Migrating Network Modules into Switch...

Inter Controller Roaming

In some cases, a client might roam from one controller to another. For example, a large wireless network might consist of too many LAPs to be supported by a single WLC. The LAPs could also be distributed over several controllers for load balancing or redundancy purposes. In Figure 19-10, a wireless client is using an association with WLC1 through API. This is similar to Figure 19-8, but now each of the adjacent LAP cells belongs to a different WLC. All the client's traffic passes through the...

Intra Controller Roaming

In Figure 19-8, a wireless client has an active wireless association at location A. The association is with WLC1 through AP1. As you might expect, all traffic to and from the client passes through the LWAPP tunnel between AP1 and WLC1. Figure 19-8 A Wireless Client in an LAP Cell Before Roaming Figure 19-8 A Wireless Client in an LAP Cell Before Roaming The client begins moving in Figure 19-9 and roams into the area covered by AP2. For this example, notice two things The cells provided by AP1...

Layer 2 QoS Classification

Layer 2 frames themselves have no mechanism to indicate the priority or importance of their contents. One frame looks just as important as another. Therefore, a Layer 2 switch can forward frames only according to a best-effort delivery. When frames are carried from switch to switch, however, an opportunity for classification occurs. Recall that a trunk is used to carry frames from multiple VLANs between switches. The trunk does this by encapsulating the frames and adding a tag indicating the...

Layer 2 Switching

Devices that forward frames at Layer 2 involve the following functions MAC addresses are learned from the incoming frames' source addresses. A table of MAC addresses and their associated bridge and switch ports is built and maintained. Broadcast and multicast frames are flooded out to all ports (except the one that received the frame). Frames destined for unknown locations are flooded out to all ports (except the one that received the frame). Bridges and switches communicate with each other...

Lightweight AP Operation

The lightweight AP is designed to be a zero-touch configuration. The LAP must find a WLC and obtain all of its configuration parameters, so you never have to actually configure it through its console port or over the network. The following sequence of steps detail the bootstrap process that an LAP must complete before it becomes active Step 1 The LAP obtains an IP address from a DHCP server. Step 2 The LAP learns the IP addresses of any available WLCs. Step 3 The LAP sends a join request to the...

Managing Error Conditions on a Switch Port

Traditionally, a network-management application was used to detect a serious error condition on a switch port. A switch periodically was polled and switch port error counters were examined to see if an error condition had occurred. If so, an alert was issued so that someone could take action to correct the problem. Catalyst switches can detect error conditions automatically, without any further help. If a serious error occurs on a switch port, that port can be shut down automatically until...

MST Configuration

You must manually configure the MST configuration attributes on each switch in a region. There is currently no method to propagate this information from one switch to another, as is done with a protocol such as VLAN Trunking Protocol (VTP). To define the MST region, use the following configuration commands in the order shown Switch(config) spanning-tree mode mst Step 2 Enter the MST configuration mode Switch(config) spanning-tree mst configuration Step 3 Assign a region configuration name (up...

Multiple Spanning Tree Protocol

Chapter 8 covered two flavors of spanning-tree implementations IEEE 802.1Q and PVST+ both based on the 802.1D STP. These also represent the two extremes of STP operation in a network 802.1Q Only a single instance of STP is used for all VLANs. If there are 500 VLANs, only one instance of STP will be running. This is called the Common Spanning Tree (CST) and operates over the trunk's native VLAN. PVST+ One instance of STP is used for each active VLAN in the network. If there are 500 VLANs, 500...

Network Traffic Models

To design and build a successful campus network, you must gain a thorough understanding of the traffic generated by applications in use, plus the traffic flow to and from the user communities. All devices on the network will produce data to be transported across the network. Each device can involve many applications that generate data with differing patterns and loads. Applications such as email, word processing, printing, file transfer, and most web browsers bring about data traffic patterns...

Objectives and Methods

The most important and somewhat obvious objective of this book is to help you pass the Cisco BCMSN exam (642-812). In fact, if the primary objective of this book were different, the book's title would be misleading however, the methods used in this book to help you pass the BCMSN exam are designed to also make you much more knowledgeable about how to do your job. Although this book and the accompanying CD-ROM have many sample test questions, the method in which they are used is not to simply...

Packet Forwarding Review

When a host must communicate with a device on its local subnet, it can generate an Address Resolution Protocol (ARP) request, wait for the ARP reply, and exchange packets directly. However, if the far end is located on a different subnet, the host must rely on an intermediate system (a router, for example) to relay packets to and from that subnet. A host identifies its nearest router, also known as the default gateway or next hop, by its IP address. If the host understands something about...

Overview and Design of a Campus Network

Chapter 1 Campus Network Overview Chapter 2 Modular Network Design This chapter covers the following topics that you need to master for the CCNP BCMSN exam Switching Functionality This section covers the use of switches in the OSI model layers. You learn about the functions and application of routing and switching in Layers 2, 3, and 4, along with the concept of multilayer switching. Campus Network Models This section presents the concept of a campus network, and describes the traditional...

Building a Campus Network

Chapter 3, Switch Operation This chapter covers Layer 2 and multilayer switch operation, how various CAM and TCAM tables are used to make switching decisions, and how to monitor these tables to aid in troubleshooting. Chapter 4, Switch Port Configuration This chapter covers basic Ethernet concepts, how to use scalable Ethernet, how to connect switch block devices, and how to verify switch port operation to aid in troubleshooting. Chapter 5, VLANs and Trunks This chapter covers basic VLAN...

Layer 3 Switching

Chapter 13 Router, Supervisor, and Power Redundancy This chapter covers the following topics that you need to master for the CCNP BCMSN exam InterVLAN Routing This section discusses how you can use a routing function with a switch to forward packets between VLANs. Multilayer Switching with CEF This section discusses Cisco Express Forwarding (CEF) and how it is implemented on Catalyst switches. CEF forwards or routes packets in hardware at a high throughput. Troubleshooting Multilayer Switching...

Campus Network Services

Chapter 14, IP Telephony This chapter covers how a Catalyst switch can provide power to operate a Cisco IP Phone, how voice traffic can be carried over the links between an IP Phone and a Catalyst switch, QoS for voice traffic, and how to verify that IP Telephony features are functioning properly. Chapter 15, Securing Switch Access This chapter covers switch Authentication, Authorization, and Accounting (AAA) port security using MAC addresses port-based security using IEEE 802.1x DHCP snooping...

Wireless LANs

Chapter 17, Wireless LAN Overview This chapter presents an introduction to wireless LANs, radio frequency theory, and the standards that are used in a wireless LAN. Chapter 18, Wireless Architecture and Design This chapter covers the operational aspects of wireless LANs, such as wireless security, wireless client mobility, and the layout of wireless devices. Chapter 19, Cisco Unified Wireless Network This chapter covers the Cisco Unified Wireless Network and its components, the lightweight...

Port Aggregation Protocol

To provide automatic EtherChannel configuration and negotiation between switches, Cisco developed the Port Aggregation Protocol. PAgP packets are exchanged between switches over EtherChannel-capable ports. Neighbors are identified and port group capabilities are learned and compared with local switch capabilities. Ports that have the same neighbor device ID and port group capability are bundled together as a bidirectional, point-to-point EtherChannel link. PAgP forms an EtherChannel only on...

Port Duplex Mode

You also can assign a specific link mode to Ethernet-based switch ports. Therefore, the port operates in half-duplex, full-duplex, or autonegotiated mode. Autonegotiation is allowed only on UTP Fast Ethernet and Gigabit Ethernet ports. In this mode, the port participates in a negotiation by attempting full-duplex operation first and then half-duplex operation if full duplex is not successful. The autonegotiation process repeats whenever the link status changes. Be sure to set both ends of a...

Port Fast Access Layer Nodes

An end-user workstation is usually connected to a switch port in the access layer. If the workstation is powered off and then turned on, the switch will sense that the port link status has gone down and back up. The port will not be in a usable state until STP cycles from the Blocking state to the Forwarding state. With the default STP timers, this transition takes at least 30 seconds (15 seconds for Listening to Learning, and 15 seconds for Learning to Forwarding). Therefore, the workstation...

Predictable Network Model

Ideally, you should design a network with a predictable behavior in mind to offer low maintenance and high availability. For example, a campus network needs to recover from failures and topology changes quickly and in a predetermined manner. You should scale the network to easily support future expansions and upgrades. With a wide variety of multiprotocol and multicast traffic, the network should be capable of supporting the 20 80 rule from a traffic standpoint. In other words, design the...

Private VLANs

Normally, traffic is allowed to move unrestricted within a VLAN. Packets sent from one host to another normally are heard only by the destination host because of the nature of Layer 2 switching. However, if one host broadcasts a packet, all hosts on the VLAN must listen. You can use a VACL to filter packets between a source and destination in a VLAN if both connect to the local switch. Sometimes it would be nice to have the capability to segment traffic within a single VLAN, without having to...

Qa

The questions and scenarios in this book are more difficult than what you should experience on the actual exam. The questions do not attempt to cover more breadth or depth than the exam however, they are designed to make sure that you know the answer. Rather than allowing you to derive the answers from clues hidden inside the questions themselves, the questions challenge your understanding and recall of the subject. Hopefully, these questions will help limit the number of exam questions on...

R

Radius of Fresnel zones, calculating, 451-452 ranges of ports, selecting, 95 REAP (Cisco Remote Edge Access Point), 509 reception of RF signals, factors affecting absorption, 448-449 diffraction, 449-450 Fresnel zones, 450-452 reflection, 447-448 refraction, 448 scattering, 449 recovering from switch port error conditions, 99 redirect timer (AVFs), 332 redundancy, 313 gateway addresses, 317 HSRP, 318 of Catalyst switches non-stop forwarding, 343 power supplies, 343-345 supervisor...

Rapid PerVLAN Spanning Tree Protocol

Chapter 8, Traditional Spanning Tree Protocol, described PVST+ as the default STP mode on Catalyst switches. In PVST+, one spanning tree instance is created and used for each active VLAN that is defined on the switch. Each STP instance behaves according to the traditional 802.1D STP rules. You can improve the efficiency of each STP instance by configuring a switch to begin using RSTP instead. This means that each VLAN will have its own independent instance of RSTP running on the switch. This...

Redundancy Within a Switch Chassis

The router or gateway redundancy protocols, such as HSRP, VRRP, and GLBP, can provide high availability only for the default gateway addresses. If one of the redundant gateway routers fails, another can pick up the pieces and appear to be the same gateway address. But what happens to the devices that are connected directly to the router that fails If the switching or routing engine fails, packets probably will not get routed and interfaces will go down. Some Cisco switches have the capability...

Redundant Link Convergence

Some additional methods allow faster STP convergence in the event of a link failure PortFast Enables fast connectivity to be established on access-layer switch ports to workstations that are booting up UplinkFast Enables fast-uplink failover on an access-layer switch when dual uplinks are connected into the distribution layer BackboneFast Enables fast convergence in the network backbone (core) after a spanning-tree topology change occurs Instead of modifying timer values, these methods work by...

Router Redundancy in Multilayer Switching

Multilayer switches can act as IP gateways for connected hosts by providing gateway addresses at VLAN SVIs and Layer 3 physical interfaces. These switches can also participate in routing protocols, just as traditional routers do. For high availability, multilayer switches should offer a means of preventing one switch (gateway) failure from isolating an entire VLAN. This chapter discusses several approaches to providing router redundancy, including the following Hot Standby Router Protocol...

Router Supervisor and Power Redundancy

A multilayer switch can provide routing functions for devices on a network, as described in Chapter 12, Multilayer Switching. If that switch happens to fail, clients have no way of having their traffic forwarded their gateway has gone away. Other multilayer switches can be added into the network to provide redundancy in the form of redundant router or gateway addresses. This chapter describes the protocols that can be used for redundant router addresses, load balancing across multiple routers,...

Safari

The Safari Enabled icon on the cover of your favorite technology book means the book is available through Safari Bookshelf. When you buy this book, you get free access to the online edition for 45 days. Safari Bookshelf is an electronic reference library that lets you easily search thousands of technical books, find code samples, download chapters, and access technical information whenever and wherever you need it. To gain 45-day Safari Enabled access to this book Go to Complete the brief...

Scenario 1 Trunking and DTP

This scenario is built around a network of switches connected by trunking links. You need to think about how DTP operates and how trunks are negotiated (or not) between switches. Consider the network shown in Figure 20-1 and answer the questions that follow. Assume that all switches shown support DTP. 1. What is the mode of the link between Catalyst A and Catalyst B 2. Suppose that the network administrator types these commands for interface GigabitEthernet 0 1 on Catalyst B Switch(config)...

Scenario 2 VLANs Trunking and VTP

This scenario is designed to stir your thinking about VLAN and trunking connectivity. You also need to examine switch configurations and apply them to a network diagram. See the diagram shown in Figure 20-2 and answer the questions that follow. Portions of the configurations of the three Catalyst switches are shown above them. interface gigabitethernet 0 1 switchport mode access switchport access vlan 2 interface fastethernet 0 1 switchport mode access switchport access vlan 2 interface...

Scenario 3 Answers

All bundled ports must have the same set of allowed VLANs, the same native VLAN, the same trunk encapsulation, and the same trunk mode. (In addition, the switch ports all must have identical speed and duplex settings.) 2. You can use the following configuration commands CatalystA(config) interface range gigabitethernet 3 1 - 4 CatalystA(config-if) channel-protocol pagp CatalystA(config-if) channel-group 1 mode desirable 3. The Catalyst 6500 default algorithm is the XOR of the source and...

Scenario 3 Ether Channels

This scenario focuses on EtherChannel links between switches. See the diagram shown in Figure 20-3 and answer the questions that follow. 1. Four GigabitEthernet interfaces on Catalyst A are to be bundled into a Gigabit EtherChannel with Catalyst B. If each of these interfaces also is configured as a trunk, what must be similar about them on both switches 2. Catalyst A should actively initiate an EtherChannel with Catalyst B. PAgP negotiation should be used. What commands should be used on each...

Scenario 4 Answers

The spanning-tree topology should look like the diagram in Figure 20-9. Catalyst A is the root bridge, and only the 1000-Mbps link is forwarding. The root ports (RP) and designated ports (DP) are labeled on the diagram. Figure 20-9 Resulting Spanning-Tree Topology for Scenario 4 2. Because the 100-Mbps link is in the Blocking state on Catalyst B, no major change in the topology occurs. Effectively, this link already was disconnected. However, after the physical link status goes down, both...

Scenario 4 Traditional STP

This scenario exercises your ability to think through the Spanning Tree Protocol operation. You are presented with a simple network of two switches. This keeps the STP complexity to a minimum while forcing you to think through the STP convergence process on a live network. Given the network diagram shown in Figure 20-4, complete the following exercises. Figure 20-4 Network Diagram for Scenario 4 1. Manually compute the spanning-tree topology. Note which switch is the root bridge, which ports...

Scenario 5 Advanced STP

A small network consists of two core switches, Catalyst C1 and C2, and an access switch, A1, as shown in Figure 20-5. Advanced Spanning Tree Protocol features will improve the convergence times and reduce the number of STP instances. Answer these questions. Figure 20-5 Network Diagram for Scenario 5 - , . . Bt VLAN 99 Catalyst A1 r I , , 1. To prevent the possibility of a unidirectional link occurring on switch A1's uplinks, what switch feature can be used What commands are necessary to enable...

Scenario 6 Router Redundancy with Hsrp Vrrp and GLBP

This scenario covers two methods by which you can configure multilayer switches to provide redundant router or gateway functionality HSRP, VRRP, and GLBP. A network consists of two VLANs 101 and 102. Suppose that the PCs in VLAN 101 (192.168.101.0 24) use address 192.168.101.1 as their default gateway. The PCs in VLAN 102 (192.168.102.0 24) use 192.168.102.1. 1. What commands are necessary to configure HSRP on a Catalyst switch so that it becomes the active router for VLAN 101 and the standby...

Scenario 7 IP Telephony in a Switched Network

This scenario uses a simple two-switch network to reinforce the concepts needed to properly implement IP telephony. Think about supplying power to the Cisco IP Phone, as well as how to implement QoS trust within this network. Use Figure 20-7 as a reference for the following questions. Figure 20-7 Network Diagram for Scenario 7 Figure 20-7 Network Diagram for Scenario 7 1. Assume that Catalyst B supports Power over Ethernet. If interface Fa1 0 1 has its default configuration, will power be...

Scenario 8 Answers

On a Catalyst 3750, you can use the following commands Switch(config) interface range fastethernet 1 0 1 - 48 Switch(config-if) switchport port-security 2. On a Catalyst 3750, you can use the following commands Switch(config) interface fastethernet 1 0 18 Switch(config-if) switchport port-security Switch(config-if) switchport port-security maximum 24 Switch(config-if) switchport port-security violation restrict The first command line enables port-level security on the switch port. The second...

Scenario 8 Securing Access and Managing Traffic in a Switched Network

This scenario is designed to stir your thinking about how to control access to switched networks, how to control traffic within a VLAN, and how to monitor traffic. 1. Network administrators want to have tight control over hosts moving around within their network. A Catalyst 3750 needs to have port-level security enabled on all 48 of its FastEthernet access-layer ports. Only one host should be connected per port, so the default behavior of shutting down the port is acceptable. What commands are...

Scenario 9 Implementing a Wireless LAN

This scenario is designed to stir your thinking about how to add WLAN components to an existing switched campus network, and how to extend network connectivity to wireless users. In this scenario, a Cisco Wireless LAN Controller (WLC) is positioned at the network core, and Cisco Lightweight Access Points (LAPs) are positioned at the access layer switches. Use Figure 20-8 as a reference for the questions that follow. 1. Suppose that LAP1 is configured to use 802.11g channel 1. What channel...

Scenarios for Final Preparation

This chapter presents scenarios that you can use to review most of the concepts contained in this book. The scenarios are designed to assist you in final preparation for the BCMSN exam. Case studies are presented with network diagrams and questions covering many switching topics. This chapter emphasizes an overall understanding of switching concepts, configuration commands, and network operation. Although the Cisco BCMSN exam might not contain scenarios of this type, you can become better...

Shared Network Model

In the early 1990s, campus networks traditionally were constructed of a single LAN for all users to connect to and use. All devices on the LAN were forced to share the available bandwidth. LAN media such as Ethernet and Token Ring both had distance limitations and limitations on the number of devices that could be connected to a single LAN. Network availability and performance declined as the number of connected devices increased. For example, an Ethernet LAN required all devices to share the...

Sizing AP Cells

The size of AP cells determines the number of APs that must be purchased and deployed to cover an area however, your design should not be driven by the cost alone. AP cell size can also affect the performance of the APs as clients move around or gather in one place. Remember that a WLAN is a shared medium. Within a single AP cell, all the clients associated with that AP must share the bandwidth and contend for access. If the cell is large, a large number of clients could potentially gather and...

Spanning Tree Instances Within MST

MST was designed to interoperate with all other forms of STP. Therefore, it also must support STP instances from each. This is where MST can get confusing. Think of the entire enterprise network as having a single CST topology so that one instance of STP represents any and all VLANs and MST regions present. The CST maintains a common loop-free topology while integrating all forms of STP that might be in use. To do this, CST must regard each MST region as a single black box bridge because it has...

Spanning Tree Communication Bridge Protocol Data Units

STP operates as switches communicate with one another. Data messages are exchanged in the form of Bridge Protocol Data Units (BPDU). A switch sends a BPDU frame out a port, using the unique MAC address of the port itself as a source address. The switch is unaware of the other switches around it, so BPDU frames are sent with a destination address of the well-known STP multicast address 01-80-c2-00-00-00. Configuration BPDU, used for spanning-tree computation Topology Change Notification (TCN)...

STP Root Bridge

STP and its computations are predictable however, other factors might subtly influence STP decisions, making the resulting tree structure neither expected nor ideal. As the network administrator, you can make adjustments to the spanning-tree operation to control its behavior. The location of the Root Bridge should be determined as part of the design process. You can use redundant links for load balancing in parallel, if configured correctly. You can also configure Spanning Tree Protocol (STP)...

STP States

To participate in STP, each port of a switch must progress through several states. A port begins its life in a Disabled state, moving through several passive states and, finally, into an active state if allowed to forward traffic. The STP port states are as follows Disabled Ports that are administratively shut down by the network administrator, or by the system because of a fault condition, are in the Disabled state. This state is special and is not part of the normal STP progression for a...

STP Timers

STP operates as switches send BPDUs to each other in an effort to form a loop-free topology. The BPDUs take a finite amount of time to travel from switch to switch. In addition, news of a topology change (such as a link or Root Bridge failure) can suffer from propagation delays as the announcement travels from one side of a network to the other. Because of the possibility of these delays, keeping the spanning-tree topology from settling out or converging until all switches have had time to...

Strategies for Exam Preparation

The strategy you use to prepare for the BCMSN exam might be slightly different than strategies used by other readers, mainly based on the skills, knowledge, and experience you already have obtained. For example, if you have attended the BCMSN course, you might take a different approach than someone who learned switching through on-the-job training. Regardless of the strategy you use or the background you have, this book is designed to help you get to the point that you can pass the exam with...

Supplying Power to a Device

A switch first offers a default power allocation to the powered device. On a Catalyst 3750-24-PWR, for example, an IP Phone first receives 15.4W (0.32 amps at 48V DC). For Cisco ILP, inline power is provided over data pairs 2 and 3 (RJ-45 pins 1,2 and 3,6) at 48V DC. For IEEE 802.3af, power can be supplied in the same fashion (pins 1,2 and 3,6) or over pairs 1 and 4 (RJ-45 pins 4,5 and 7,8). Now the device has a chance to power up and bring up its Ethernet link, too. The power budget offered to...

Switch Port Aggregation with Ether Channel

As discussed in Chapter 4, Switch Port Configuration, switches can use Ethernet, Fast Ethernet, Gigabit, or 10-Gigabit Ethernet ports to scale link speeds by a factor of ten. Cisco offers another method of scaling link bandwidth by aggregating, or bundling, parallel links, termed the EtherChannel technology. Two to eight links of either Fast Ethernet (FE), Gigabit Ethernet (GE), or 10-Gigabit Ethernet (10GE) are bundled as one logical link of Fast EtherChannel (FEC), Gigabit EtherChannel (GEC),...

Switch Port Configuration

Chapters 1, Campus Network Overview, and 2, Modular Network Design, dealt with the logical processes that you can use to design a campus network. Connections between switch blocks were discussed so that traffic can be transported efficiently across the campus. Single connections, load balancing, and redundant paths connected switches in modular blocks for complete connectivity. However, these paths were only functional paths no specifics were presented about how much traffic the network could...

Switch Spoofing

Recall from Chapter 5, VLANs and Trunks, that two switches can be connected by a common trunk link that can carry traffic from multiple VLANs. The trunk doesn't have to exist all the time. The switches dynamically can negotiate its use and its encapsulation mode by exchanging Dynamic Trunking Protocol (DTP) messages. Although DTP can make switch administration easier, it also can expose switch ports to be compromised. Suppose that a switch port is left to its default configuration, in which the...

Switching Functionality

To understand how switches and routers should be chosen and placed in a network design, you should first understand how to take advantage of data communication at different layers. The OSI reference model separates data communication into seven layers, as shown in Table 1-2. Each layer has a specific function and a specific protocol so that two devices can exchange data on the same layer. A protocol data unit (PDU) is the generic name for a block of data that a layer on one device exchanges...

Tables Used in Switching

Catalyst switches maintain several types of tables to be used in the switching process. The tables are tailored for Layer 2 switching or MLS and are kept in very fast memory so that many fields within a frame or packet can be compared in parallel. All Catalyst switch models use a CAM table for Layer 2 switching. As frames arrive on switch ports, the source MAC addresses are learned and recorded in the CAM table. The port of arrival and the VLAN both are recorded in the table, along with a time...

The Roaming Process

What enables a client to roam in the first place First, adjacent APs must be configured to use different nonoverlapping channels. For example, APs operating under 802.11b or 802.11g must use only channels 1, 6, and 11. An AP using channel 1 must not be adjacent to other APs using channel 1. This ensures that clients will be able to receive signals from a nearby AP without interference from other APs. The roaming process is driven entirely by the wireless client driver not by the AP. The client...

Topology Changes and RSTP

Recall that when an 802.1D switch detects a port state change (either up or down), it signals the Root Bridge by sending topology change notification (TCN) BPDUs. The Root Bridge, in turn, must signal the topology change by sending out a TCN message that is relayed to all switches in the STP domain. RSTP detects a topology change only when a nonedge port transitions to the Forwarding state. This might seem odd because a link failure is not used as a trigger. RSTP uses all of its rapid...

Trademark Acknowledgments

All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized. Cisco Press or Cisco Systems, Inc. cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark. The Cisco Press self-study book series is as described, intended for self-study. It has not been designed for use in a classroom environment. Only Cisco Learning Partners displaying...

Traditional WLAN Architecture

In Chapter 17, Wireless LAN Overview, and Chapter 18, Wireless Architecture and Design, the wireless LAN (WLAN) architecture centered around the wireless access point (AP). Each AP served as the central hub of its own BSS, where clients located with the AP cell gained an association. The traffic to and from each client had to pass through the AP in order to reach any other part of the network. Notice that even though an AP is centrally positioned to support its clients, it is quite isolated and...