Access Layer Switches

Recall that access layer devices should have these features High port density to connect to end users Uplinks to higher layers of the campus network Layer 2 services (traffic filtering and VLAN membership) For small campus networks, the Catalyst 1900 or 2820 series switches can be used as access layer devices. Their smaller port densities can connect 10BaseT users and hubs, while connecting to distribution layer switches with 100BaseX uplinks. The Catalyst 2900XL and 3500XL switches are useful...

Anatomy of an HSRP Message

All routers in a standby group send or receive HSRP messages. These messages are used to determine and maintain the router roles within the group. HSRP messages are encapsulated in the data portion of User Datagram Protocol (UDP) packets and use port number 1985. These packets are addressed to an all router multicast address with a Time to Live (TTL) of one (1). Figure 9-5 shows the general format for an HSRP message. Anatomy of an HSRP Message 1 Octet 1 Octet 1 Octet 1 Octet The HSRP message...

Answers to Chapter 10 Do I Know This Already Quiz

1 Name the three types of traffic available in today's multimedia environment Unicast traffic, broadcast traffic, and multicast traffic. 2 What Layer 4protocol is used to carry multicast traffic The transport layer protocol UDP is used to carry multicast traffic. UDP is a simpler, more efficient protocol because there is no flow control, reliability, or error recovery added to IP. 3 What Class of IP address is used in a multicast environment IP multicast is Class D. 4 Describe the makeup of the...

Answers to Chapter 11 QA Section

1 Which Internet Request for Comment (RFC) deals with multicasts RFC 1112 is titled Host Extensions for IP Multicasting and was the original specification. RFC 2236, titled Internet Group Management Protocol, Version 2, is the most recent. 2 What is the name of the industry standard protocol that deals with multicast groups The Cisco proprietary protocol IGMP is the industry standard, and CGMP is the Cisco proprietary protocol. 3 What command enables multicast routing on a Cisco router At the...

Answers to Chapter 12 QA Section

A policy is a firm's documented standard of network access for their users. 2 What is the access layer defined as The access layer is defined at the point at which a user enters the network. 3 Is HTTP access normally enabled on a Cisco router What is the main purpose of using HTTP HTTP access is normally disabled on a Cisco router. The main purpose of using it is to make configuration easier. 4 Name at least two components relating to controlling access to network devices. Physical security,...

Answers to Chapter 13 Do I Know This Already Quiz

1 What is the main method of out-of-band management for Cisco switches The main method of out-of-band management is the console connection. 2 What is an application that uses SNMP to perform in-band management CiscoWorks 2000. 3 CDP operates at what layer of the OSI model CDP operates at the data link layer. 4 What is the command to verify that RMON is enabled on the switch show snmp 5 Using a troubleshooting model, what step is generally taken after ascertaining all the facts 6 What is the...

Answers to Chapter 2 Do I Know This Already Quiz

1 Describe the differences between Layer 2, Layer 3, and Layer 4 switching. In Layer 2 switching, frames are forwarded based on the Layer 2 source and destination MAC addresses. In Layer 3 switching, network layer source and destination addresses (IP, IPX, and so forth) are used. In Layer 4 switching, some application information is taken into account along with Layer 3 addresses. For IP, this information includes the port numbers from such protocol types as UDP and TCP. 2 What is multilayer...

Answers to Chapter 2 QA Section

1 Where is the most appropriate place to connect a block of enterprise servers Why A block of enterprise servers should be connected into the core, just as switch blocks are. This maximizes connectivity from the servers to all other devices in the network. In effect, all users will see the same number of switch hops to access a server. Connecting into the core also provides maximum scalability as more server blocks can be added in the future. 2 Describe the differences between Layer 2, Layer 3,...

Answers to Chapter 3 Do I Know This Already Quiz

1 What are the different Ethernet technologies and their associated IEEE standards Ethernet (10 Mbps, IEEE 802.3), Fast Ethernet (100 Mbps, IEEE 802.3u), and Gigabit Ethernet (1000 Mbps, IEEE 802.3z) 2 What benefits result with switched Ethernet over shared Ethernet Switched Ethernet ports receive dedicated bandwidth, have a reduced collision domain, and have increased performance due to segmentation or fewer users per port. 3 At what layer are traditional 10 Mbps Ethernet, Fast Ethernet, and...

Answers to Chapter 3 QA Section

1 What are the different Ethernet technologies and their associated IEEE standards Ethernet (10 Mbps, IEEE 802.3), Fast Ethernet (100 Mbps, IEEE 802.3u), and Gigabit Ethernet (1000 Mbps, IEEE 802.3z) 2 What benefits result with switched Ethernet over shared Ethernet Switched Ethernet ports receive dedicated bandwidth, have a reduced collision domain, and have an increased performance due to segmentation or fewer users per port. 3 When a 10 100 Ethernet link is autonegotiating, which will be...

Answers to Chapter 4 Do I Know This Already Quiz

1 What is a VLAN When is it used A VLAN is a group of devices on the same broadcast domain, as a logical subnet or segment. VLANs can span switch ports, switches within a switch block, or closets and buildings. VLANs are used to group users and devices into common workgroups across geographical areas. VLANs help provide segmentation, security, and problem isolation. 2 What are two types of VLANs, in terms of spanning areas of the campus network End-to-end (spans entire campus network) and local...

Answers to Chapter 4 QA Section

1 What is a VLAN When is it used A VLAN is a group of devices on the same broadcast domain, as a logical subnet or segment. VLANs can span switch ports, switches within a switch block, or closets and buildings. VLANs are used to group users and devices into common workgroups across geographical areas. VLANs help provide segmentation, security, and problem isolation. 2 When a VLAN is configured on a Catalyst switch port, in how much of the campus network will the VLAN number be unique and...

Answers to Chapter 5 Do I Know This Already Quiz

1 What is EtherChannel What types of switch links can it be used with EtherChannel is a method for aggregating multiple physical Ethernet ports into a single logical link. EtherChannel can be used with full-duplex Fast Ethernet or Gigabit Ethernet links. 2 How is traffic distributed over an EtherChannel Traffic is distributed according to addresses contained in frames passing through the switch not according to port loads or equal distribution across the individual ports in a bundle. Switches...

Answers to Chapter 6 Do I Know This Already Quiz

1 What is the basic unit of ATM data What is its basic format (header, payload, and so forth) The basic ATM data unit is the cell. An ATM cell consists of a 5-byte header and a 48-byte payload. 2 What is an ATM edge device What Cisco devices can be used An ATM edge device interfaces native ATM to other media. For example, Cisco Catalyst switches (5000 and 6000) can be used to bridge between LAN ports and an ATM LANE module. Also, Cisco routers (4500 4700, 7500, for example) can bridge between...

Answers to Chapter 7 Do I Know This Already Quiz

1 Where can a router be placed in relation to switches for interVLAN routing External to the switches or internal (integrated) to a switch. 2 What types of links can be used to interconnect switches and an external router How many VLANs can be carried on each Links can be used with one VLAN per physical link, using any supported media. Trunk links can also be used to carry multiple VLANs over a single link, using such media as Fast Ethernet, Gigabit Ethernet, ATM LANE, and FDDI. 3 What trunking...

Answers to Chapter 9 Do I Know This Already Quiz

1 What is the name of the protocol that allows a set of routers that are working together to form one virtual-router Hot Standby Router Protocol or HSRP. 2 What is the minimum number of routers needed to perform HSRP The minimum number of routers needed is at least two. One functions as an active router and one as a standby. 3 In a properly functioning virtual router, what happens when the active router fails In a properly functioning HSRP environment, packets will still be routed in the event...

Answers to Chapter 9 QA Section

1 What is the name of the protocol that allows a set of routers that are working together to form one virtual router Hot Standby router Protocol or HSRP. 2 What problem makes HSRP necessary The fact that there isn't a dynamic protocol to discover new default gateways for hosts in the event of failure. 3 What is the minimum number of routers needed to perform HSRP The minimum number of routers needed is at least two. One functions as an active router and one as a standby. 4 What is the RFC that...

Backbone Fast Redundant Backbone Paths

In the network backbone, or Core layer, a different method is used to shorten STP convergence. BackboneFast works by having a switch actively determine if alternate paths exist to the root bridge in the event that the switch detects an indirect link failure. Indirect link failures occur when a link not directly connected to a switch fails. A switch detects an indirect link failure when it receives inferior BPDUs from its Designated Bridge on either its root port or a blocked port. (Inferior...

Breakout Boxes Fox Boxes and BERTsBLERTs

Breakout boxes, fox boxes, and bit block error rate testers are digital interface testing tools used to measure the digital signals present at PCs, printers, modems, CSU DSUs, and other peripheral interfaces. These devices can monitor data line conditions, analyze and trap data, and diagnose problems common to data communication systems. Traffic from data terminal equipment (DTE) through data communications equipment (DCE) can be examined to help isolate problems, identify bit patterns, and...

Bridging Loops

Recall that a Layer 2 switch mimics the function of a transparent bridge. A transparent bridge must offer segmentation between two networks, while remaining transparent to all the end devices connected to it. For the purpose of this discussion, consider a two-port Ethernet switch and its similarities to a two-port transparent bridge. A transparent bridge (and the Ethernet switch) must operate as follows The bridge has no initial knowledge of the location of any end device therefore, the bridge...

Broadcast Traffic

In a broadcast design, an application sends only one copy of each packet using a broadcast address. If this technique is used, however, broadcasts either must be stopped at the broadcast domain boundary with a Layer 3 device or transmitted to all devices in the campus network. Broadcasting a packet to all devices can be inefficient if only a small group in the network actually needs to see the packet as demonstrated in Figure 10-3. Broadcast multimedia is dispersed throughout the network just...

Bundling Ports with Ether Channel

Fast EtherChannel is available on the Catalyst 1900, 2820, 2900, 2900XL, 3500XL, 4000, 5000, and 6000 families. Gigabit EtherChannel is supported only on the Catalyst 2900, 2900XL, 4000, 5000, and 6000 families. Most of the switch families support a maximum of four FE or GE links bundled in a single EtherChannel link. However, the Catalyst 6000 family supports up to eight bundled links for a total throughput of 1600 Mbps (FEC) or 16 Gbps (GEC). The Catalyst 6000 also supports up to 128...

Cells and SAR

All types of traffic are transported over ATM as small cells. Using cells of an optimal fixed size allows the following benefits Low latency, high throughput Small cells can be moved very quickly from switch to switch with a low propagation delay for the short serialized data from each cell. Fixed-size cells then can be relayed at a predictable rate. ATM switches also use hardware-based switching and reduced addressing and decision spaces to speed cell relay. Multiservice traffic Traffic from...

Cisco Discovery Protocol CDP

Cisco Discovery Protocol (CDP) is media- and protocol-independent and runs on all Cisco-manufactured equipment including routers, bridges, access and communication servers, and switches. With CDP, network management applications can retrieve the device type and the SNMP-agent address of neighboring devices (see Figure 13-5). Applications are now enabled to send SNMP queries to neighboring devices. Figure 13-5 A Typical Cisco Network Environment with CDP Enabled Figure 13-5 A Typical Cisco...

Collapsed Core

A collapsed core block is one where the core layer of the hierarchy is collapsed into the distribution layer. Here, both distribution and core functions are provided within the same switch devices. This situation is usually found in smaller campus networks, where a separate core layer (and additional cost or performance) is not warranted. Figure 2-9 shows the basic collapsed core design. Although the distribution and core layer functions are performed in the same device, keeping these functions...

Common Spanning Tree CST

The IEEE 802.1Q standard specifies how VLANs are to be trunked between switches. As well, it specifies only a single instance of STP for all VLANs. This instance is referred to as the Common Spanning Tree (CST) or the Mono Spanning Tree (MST). All BPDUs are transmitted over VLAN 1, the management VLAN. Having a single STP for many VLANs simplifies switch configuration and reduces switch CPU load during STP calculations. However, the STP can cause limitations, too. Redundant links between...

Configure Routing Processes

Once connectivity has been configured between the switch and a route processor, you must also configure routing. Routes are paths to distant networks known on the local route processor, along with metrics for path costs and the addresses of next-hop route processors. In this fashion, a router hands off packets destined for a remote network to a neighboring router who is closer to the destination. Routers are used by end-user devices when the destination is not attached to the local network...

Configuring a Rendezvous Point

One of the features that you have to configure if you use PIM in sparse mode is a Rendezvous Point (RP). The routers learn that they are RPs automatically. RPs are used by multicast senders in a sparse mode environment to announce their existence. Through the destination, receivers learn about new senders. Multi-RP environments can be configured for any given multicast group. One term used in the description of RPs is leaf routers. Leaf routers are either directly connected to a multicast group...

Configuring CGMP Leave

In some cases, you may want multicast group to be removed from the forwarding tables, freeing up bandwidth. The command to accomplish this, called CGMP leave, is as follows A multicast router sends out group queries periodically. In a normal participating mode, the multicast hosts would send a reply to these queries. If, after a given number of queries no response is given by any members of a group, that group is then eligible to be pruned from the forwarding tables of the switch.

Configuring IP Multicast

IP multicast and the task configuring it are somewhat advanced topics. Fortunately, the material on the CCNP Switching exam covers only the basics of configuring IP multicast. We will do the same here, but will list as optional a few of the advanced tasks. The two basic tasks in enabling multicast are Enabling IP multicast routing Enabling PIM on an interface Advanced tasks are optional and include the following Configuring a rendezvous point Configuring the Time To Live (TTL) threshold...

Configuring Multilayer Switching

The basic tasks for configuring multilayer switching include the following 2 Assigning a VLAN ID to a route processor interface. 3 Adding the interfaces to the same VLAN Trunking Protocol (VTP) domain as the switch. 4 Enabling MLS on every interface. 5 Configuring the MLS Management interface. Before you can configure MLS for a specific VLAN or interface, you must globally enable the MLSP that operates between the route processor and the switch. To enable MLSP on the route processor, enter the...

Configuring the LECS

The LECS is configured on a major ATM interface, not on a subinterface. First you must build the LECS database of ELANs and their associated LES NSAP addresses. Configure the LECS database with the following commands ATM(Config) lane database database-name ATM(lane-config-database) name elan1-name server-atm-address les1-nsap-address ATM(lane-config-database) name elan2-name server-atm-address les2-nsap-address ATM(lane-config-database) name The database-name argument is a text string that...

Console Port Connection

The console port is the local (out-of-band) console terminal connection to the switch a DB-25 female connector shown in Figure 13-2. Other switches may require different console cables in conjunction with modular plugs instead of the DB-25. Figure 13-2 The Catalyst 5000 Console Port Figure 13-2 The Catalyst 5000 Console Port To use the console port, connect via a straight-through cable, an EIA TIA-232 terminal (configured for 9600 baud, no parity, eight data bits, and one stop bit), modem, or...

Contents at a Glance

Chapter 1 All About the Cisco Certified Network Professional and Design Professional Certification 3 Chapter 2 Campus Network Design Models 15 Chapter 3 Basic Switch and Port Configuration 65 Chapter 4 VLANs and Trunking 97 Chapter 5 Redundant Switch Links 145 Chapter 6 Trunking with ATM LANE 203 Chapter 7 InterVLAN Routing 241 Chapter 8 Multilayer Switching 265 Chapter 9 Overview of Hot Standby Routing Protocol 301 Chapter 11 Configuring Multicast Networks 369 Chapter 12 Controlling Access in...

Debugging Multicast

Many potential commands can be used when debugging multicast. We will go over a couple of the most important here. You can find documentation on other debugging commands at CCO (www.cisco.com). The first command of significance, show ip pim neighbor, displays the PIM neighbor table as demonstrated earlier in Example 11-1. Another relevant command, show ip mroute, shows the entries in the multicast routing table. The general syntax for this command is as follows DallasR1> show ip mroute...

Dense Mode Routing Protocols

The first method for multicast routing is based on the assumption that the multicast group members are densely distributed throughout the network and bandwidth is plentiful, meaning that almost all hosts on the network belong to the group. These dense mode multicast routing protocols rely on periodic flooding of the network with multicast traffic to set up and maintain the distribution tree. Dense mode routing protocols include the following Distance Vector Multicast Routing Protocol (DVMRP)...

Displaying MLS Cache Entries

To display the MLS cache entries, enter the following command in privilege EXEC mode This command might be used as a troubleshooting tool or just to check the status of a particular flow that you're interested in. This command can be further defined to show MLS cache entries for the parameters defined in Table 8-2. To remove entries from the MLS cache, enter the clear mls entry command in privilege EXEC mode. Table 8-3 lists how to remove MLS cache entries based on given criteria. Table 8-2...

Displaying VTP Domain Information

Sometimes seeing VTP domain information is useful. The show mls rp vtp-domain command allows you to see domain information for a specific VTP domain Router show mls rp vtp-domain vtp domain name The display resulting from this command (see Example 8-4) shows a subset of the show mls rp command display. The following information is a result of issuing the show mls rp vtp-domain command The name of the VTP domain(s) in which the MLS-RP interfaces reside. Statistical information for each VTP...

Distribution Layer Switches

Switches used in the distribution layer should offer these features Aggregation of access layer devices High Layer 3 throughput InterVLAN routing Robust Layer 3 functionality In the distribution layer, uplinks from all access layer devices are aggregated, or come together. Therefore, the distribution layer switches must be capable of processing the total volume of traffic from all the connected devices. These switches should have a port density of high-speed links to support the collection of...

Distribution Trees

For efficient transmission of multicast traffic, designated routers construct a tree that connects all members of an IP multicast group. A distribution tree specifies a unique forwarding path between the subnet of the source and each subnet containing members of the multicast group. A distribution tree has just enough connectivity so that there is only one loop-free path between every pair of routers. Because each router knows which of its lines belong to the tree, the router can copy an...

Do I Know This Already Quiz

The purpose of the Do I Know This Already quiz is to help you decide which parts of this chapter to use. If you already intend to read the entire chapter, you do not necessarily need to answer these questions now. The quiz helps you make good choices of how to spend your limited study time. The quiz is sectioned into five smaller quizlets, which correspond to the five major headings in the Foundation Topics section of the chapter. Although your answer may differ somewhat from the answers given,...

Electing a Root Bridge

For all switches in a network to agree on a loop-free topology, a common frame of reference must exist to use as a guide. This reference point is called the Root Bridge. (The term bridge continues to be used even in a switched environment because STP was developed for use in bridges. Therefore, when you see bridge, think switch.) The Root Bridge is chosen by an election process among all connected switches. Each switch has a unique Bridge ID that it uses to identify itself to other switches....

Electing Designated Ports

By now, you should begin to see the process unfolding a starting or reference point has been identified, and each switch connects itself toward the reference point with the closest single link. A tree structure is beginning to emerge, but links have only been identified at this point. All links are still connected and could be active, leaving bridging loops. To remove the possibility of bridging loops, STP makes a final computation to identify one Designated Port on each network segment....

Electing Root Ports

Now that a reference point has been nominated and elected for the entire switched network, each non-root switch must figure out where it is in relation to the Root Bridge. This action can be performed by selecting only one Root Port on each non-root switch. STP uses the concept of cost to determine many things. Selecting a Root Port involves evaluating the Root Path Cost. This value is the cumulative cost of all the links leading to the Root Bridge. A particular switch link has a cost...

Enabling and Verifying Port Security Using the set CLI on set Command Based Switches

Use the following commands to enable and verify port security on a set command-based switch Switch (enable) set port security mod_num port_num enable mac address Switch (enable) show port mod_num port_num For example, consider the setup in Figure 12-5. Figure 12-5 Enabling and Verifying Port Security Example 12-8 demonstrates how to enable and then verify port security for the set command-based switch in Figure 12-5. Example 12-8 Enabling Verifying Port Security on a set Command-Based Switch...

Enabling PIM on an Interface

When you enable multicast routing on a route processor or router, it is processed on an individual interface basis. Enabling each individual interface used with a specific multicast routing protocol is necessary. The command to enable PIM on an interface is DallasR1> (config-if) ip pim dense-mode sparse-mode sparse-dense-mode The options for this command are defined as follows. dense-mode Enables dense mode of operation. Dense mode is used when all routers in the network will need to...

Enabling VTP Pruning on a CLIBased Switch

VTP pruning is enabled using the set vtp pruning enable command. If this command is used on a VTP server, pruning is enabled for the entire management domain. By default, VTP pruning is disabled. When pruning is enabled with this command, all VLANs become eligible for pruning on all trunk links, if needed. The default list of pruning eligibility can be modified. Like VLAN trunking, you can first clear VLANs from the eligibility list using the clear vtp pruneeligible vlan-range command. Then,...

Ether Channel Configuration

Before configuring switch ports into an EtherChannel bundle, you should make sure the switch module supports it. Use the show port capabilities module port command to do this. (This command is available on Catalyst software versions 4.x and later.) Example 5-1 demonstrates using the show port capabilities command to ensure the switch module supports EtherChannel bundling. Example 5-1 show port capabilities Command Output On this and other early Ethernet modules, only certain ports can be...

Extent of VLANs

To implement VLANs, you must give some consideration to the number of VLANs you'll need and how best to place them. As usual, the number of VLANs will be dependent on traffic patterns, application types, segmenting common workgroups, and network management requirements. However, an important factor to consider is the relationship between VLANs and the IP addressing schemes used. Cisco recommends a one-to-one correspondence between VLANs and IP subnets. This recommendation means that if a Class...

External Router Support

If the switch supports an externally attached MLS-RP, the switch must be manually configured to recognize that MLS-RP. To manually include an external MLS-RP, enter the following command in privilege EXEC mode on the switch Switch (enable) set mls include ip-addr where ip-addr is the MLS IP address of the external router. To determine the IP address of the MLS-RP, enter the show mls rp command on the MLS-RP. Perform this command only for external routers. The MLS-SE automatically includes the...

Foundation Summary

The Foundation Summary is a collection of tables and figures that provides a convenient review of many key concepts in this chapter. For those of you already comfortable with the topics in this chapter, this summary could help you recall a few details. For those of you who just read this chapter, this review should help solidify some key facts. For any of you doing your final preparation before the exam, the following tables and figures will hopefully be a convenient way to review the day...

Foundation Topics Access Policies

Access policies are the defining guidelines that are necessary to create a level of access control. An access policy is a firm's documented standard of network access for the firm's users. Access policies may vary widely just like the business itself. Different size businesses may require a different type of access policy. In general, a corporate network security policy, whether or not it covers access, is designed to protect to the level of the data it is securing. An access policy may define...

Foundation Topics ATM Review

This section presents a brief review of ATM concepts and operation. Although it is not necessary to know the intimate details of ATM, how to configure an ATM switch, or how the underlying ATM protocols work, you should understand ATM well enough to effectively design and configure LANE. ATM is designed to provide multiple service types (voice, video, and data) over single pipelines very efficiently. All traffic is transported as small fixed-size cells. As well, traffic is not moved based on...

Foundation Topics InterVLAN Routing Background

Several chapters have dealt with the foundations of network design, VLANs, and trunking. However, VLANs have been presented as isolated broadcast domains. The next two chapters discuss how to transport traffic between VLANs using Layer 3 functions. VLANs are typically configured on Layer 2 switches to form broadcast domains. VLANs can exist in one or more switches through the use of trunking. As well, VLANs usually represent subnetworks of Layer 3 protocols. Since Layer 2 switches do not use...

Foundation Topics Monitoring Cisco Switches

You can monitor and manage your Catalyst switches in a number of different ways. One way is primarily through a console port using either the command-line interface (CLI) or other methods for performing network management functions, such as Cisco Discovery Protocol (CDP), Embedded Remote Monitoring (RMON), or Switched Port Analyzer (SPAN). The console port is an EIA TIA-232 DCE interface to which you can connect a console terminal or modem. The type of connector, however, used depends on the...

Foundation Topics Switching Functionality

To understand how switches and routers should be chosen and placed in a network design, you should first understand how to take advantage of data communication at different layers. The OSI model separates data communication into seven layers, as shown in Table 2-2. Each layer has a specific function and a specific protocol so that two devices can exchange data on the same layer. A protocol data unit (PDU) is the generic name for a block of data that a layer on one device exchanges with the same...

Foundation Topics Virtual LANs

Consider a network design that consists of Layer 2 devices only. For example, this design could be a single Ethernet segment, an Ethernet switch with many ports, or a network with several interconnected Ethernet switches. A fully Layer 2 switched network is referred to as a flat network topology. A flat network is a single broadcast domain, such that every connected device sees every broadcast packet that is transmitted. As the number of stations on the network increases, so does the number of...

General Troubleshooting Model

When you're troubleshooting a network environment, a systematic approach works best. Define the specific symptoms, identify all potential problems that could be causing the symptoms, and then systematically eliminate each potential problem (from most likely to least likely) until the symptoms disappear. Figure 13-7 illustrates the process flow for the general problem-solving model. This process flow is not a rigid outline for troubleshooting an internetwork it is a foundation from which you can...

Gigabit Ethernet

Fast Ethernet can be scaled by an additional order of magnitude with the use of Gigabit Ethernet (which supports 1,000 Mbps or 1 Gbps) using the same IEEE 802.3 Ethernet frame format as before. This scalability allows network designers and managers to leverage existing knowledge and technologies to install, migrate, manage, and maintain Gigabit Ethernet networks. However, the physical layer has been modified to increase data transmission speeds. Two technologies were merged together to gain the...

Gigabit Ethernet Port Cables Connectors

Gigabit Ethernet connections take a different approach by providing modular connectivity options. Catalyst switches with Gigabit Ethernet ports have standardized rectangular openings that accept Gigabit Interface Converters (GBICs). GBIC modules provide the media personality for the port so that various types of cables can be connected. In this way, the switch chassis is completely modular and requires no major change to accept a new media type. Instead, the appropriate GBIC module is...

Hierarchical Network Design

The campus network can be structured so that each of the three types of traffic flows or services outlined in Table 2-3 can be best supported. Cisco has devised a hierarchical approach to network design that enables network designers to logically create a network by defining and using layers of devices. The resulting network is efficient, intelligent, scalable, and easily managed. The hierarchical model breaks a campus network down into three distinct layers, as illustrated in Figure 2-6....

How to Best Use This Chapter

By taking the following steps, you can make better use of your study time Keep your notes and answers for all your work with this book in one place for easy reference. Take the Do I Know This Already quiz and write down facts and concepts (even if you never look at the information again). Use the diagram in Figure 2-1 to guide you to the next step.

How to Use This Book to Pass the Exam

One way to use this book is to start at the beginning and read it cover to cover. Although that would help you prepare, most people would not take that much time, particularly if you already knew a lot about some of the topics in the book. The rest of you might want to consider a different strategy on how to best use this book, depending on what training you have had. This book is designed to help you get the most out of the time you take to study. At the beginning of each chapter, you are...

IGMP Version

IGMP uses IP datagrams to transmit information about multicast groups. The datagram consists of a 20-byte IP header and an 8-byte IGMP message. According to the IGMPvl specification, one multicast router per LAN must periodically transmit Host Membership Query messages to determine which host groups have members on the querier's directly attached networks. IGMP query messages are addressed to the all-host group (224.0.0.1) and have an IP Time-To-Live (TTL) equal to one. This TTL ensures that...

InterVLAN Routing Configuration

This section presents a more detailed look at configuring interVLAN routing using both external and integrated Cisco route processors. Routing, in itself, is a complex and extensive topic. Only the basic routing protocol configuration is presented here, to provide simple but functional routing between VLANs. If you need further information on the various routing protocols, refer to the Interconnecting Cisco Network Devices (ICND) and Building Scalable Cisco Networks (BSCN) courses or course...

IP Route Filtering

Consider the network device setup in Figure 12-7. The command syntax in Example 12-11 indicates that the routing process of Enhanced Interior Gateway Routing Protocol (EIGRP) will send the network of 140.20.0.0 255.255.0.0 in its routing updates out E0 0 (Ethernet) but will filter all other networks. If the core is connected to VLAN10, it will receive only 140.20.15.0 and only 140.20.15.0.0 will be allowed to traverse the core. Example 12-11 Configuring IP Route Filtering The options for the...

Issues with Traditional Methods

This section deals with various traditional methods that have been used, but for one reason or another are ineffective in some failure modes. These methods include default gateways, proxy ARP, RIP, and IRDP. In Figure 9-2, Router A is responsible for routing packets for Subnet A, and Router B is responsible for handling packets on Subnet B. If Router A goes down or otherwise becomes unavailable to the PC, the routing protocols used between the rest of the routers will converge at some point and...

Ive Learned Switching From Experience But I Will Not Be Taking the Bcmsn Course Now What

If you feel that you know a fair amount about switching topics already but are worried about the topics you have not worked with, some study strategies to follow are Use this book exactly as described in the opening pages of each of Chapters 2 through 13. Each chapter begins with a quiz that helps you assess the basic topics you need to study. The quiz also directs you to the appropriate sections of the chapter to increase your knowledge on specific topics rather than requiring you to read the...

LAN Segmentation Model

Referred to as network segmentation, localizing the traffic and effectively reducing the number of stations on a segment is necessary to prevent collisions and broadcasts from reducing a network segment's performance. By reducing the number of stations, the probability of a collision decreases because fewer stations can be transmitting at a given time. For broadcast containment, the idea is to provide a barrier at the edge of a LAN segment so that broadcasts cannot pass or be forwarded on...

LANE Components

To understand how LANE works within a larger switched network, you should first understand how emulated LANs (ELANs) differ from virtual LANs (VLANs). Recall that virtual LANs are used on Catalyst switches as a means to segment traffic into logical networks. VLANs can also be trunked between switches. Similarly, ELANs are used by ATM devices to segment traffic into logical networks. However, ELANs exist only within the ATM domain. ELANs and VLANs remain separate except where they are physically...

LANE Configuration

This section discusses the procedures for configuring the various LANE components on Cisco Catalyst switches. The order that the components are configured is important because each component is dependent upon another. On Cisco ATM devices, ELANs are configured on ATM subinterfaces. This configuration makes it possible to support many ELANs over a single ATM link. As well, the LANE components necessary for a specific ELAN must be configured on the respective subinterface for that ELAN (ATM 0.1,...

Managing Multicast Traffic

In the world of multicasting, the concept of sending a multicast within a single broadcast domain is a somewhat trivial process. However, when we extend this into multiple segments within a campus environment over multiple switches and routers, we complicate matters significantly. The sending process specifies a destination address defined as a multicast address. The device driver in the sending server converts this address to the corresponding Ethernet address and sends the packet out on the...

MLS Caching

MLS caching is a process that occurs based on individual flows. In this section, we will walk through the process, step by step, in order to gain an intimate knowledge of just what occurs. The Switching Engine (SE) is involved in the process to maintain the cache for MLS flows. Packets in a flow are compared to the cache. Cache entries are based on one-way flows. In other words, a flow from Host A to Host B would be one flow and a flow in the reverse direction would be another flow. This action...

Modifying STP Timers on a CLIBased Switch

Use the following commands to modify STP timers on a CLI-based switch Switch(enable) set spantree hello interval vlan Switch(enable) set spantree fwddelay delay vlan Switch(enable) set spantree maxage agingtime vlan The Hello Timer triggers periodic hello messages to be sent to other bridges and sets the interval that a bridge expects to hear a hello from its neighboring bridges. BPDUs are sent every 2 seconds by default. The Hello Timer can be modified per VLAN with the set spantree hello...

Modifying STP Timers on IOSBased Switches

The following commands can be used on an IOS-based switch to modify STP timers Switch(config) spanning-tree vlan vlan-list hello-time seconds Switch(config) spanning-tree vlan vlan-list forward-time seconds Switch(config) spanning-tree vlan vlan-list max-age seconds The Hello Timer defaults to 2 seconds and can be set from 1 to 10 seconds per VLAN. The Forward Timer defaults to 15 seconds and can be set from 4 to 200 seconds per VLAN. The Max Age Timer defaults to 20 seconds and can be set from...

Modular Network Design

A campus network can be designed in a logical manner, using a modular approach. In this approach, each layer of the hierarchical network model can be broken down into basic functional units. These units, or modules, can then be sized appropriately and connected together, while allowing for future scalability and expansion. Campus networks can be divided into the following basic elements Other related elements can exist. Although these elements don't contribute to the overall function of the...

Multicast Address Structure

IP multicasting is the transmission of an IP data frame to a multicast group, identified by a single IP address. Because the multicast group is identified by a single IP address rule, the IP multicast datagram contains a specific combination of the destination MAC address and a destination IP address. The range of IP addresses is divided into classes based on the high order bits of a 32-bit IP address. IP multicast uses Class D addresses. A Class D address consists of 1110 as the higher order...

Multicast Traffic

The most efficient solution for transmitting multimedia is one in which a multimedia server sends one copy of each packet, addressing each packet to a special multicast address. Unlike the unicast environment, a multicast server sends out a single data stream to multiple clients. Unlike the broadcast environment, the client device decides whether to listen to the multicast address. Multicasting saves bandwidth and controls network traffic by forcing the network to replicate packets only when...

Multilayer Switching

Switching technologies have matured over the years and now are a standard part of the campus network. Switching has solved a couple of problems, namely a lack of bandwidth and the inability to have disparate physical groups logically connected. Recently we've taken switching to a higher level, incorporating a routing function within the switch itself. Add some new software that allows true Layer 3 switching, and you have a recipe for success in the campus network. The performance levels are...

Multilayer Switching Components

The Cisco MLS implementation includes the following components Multilayer Switching Switch Engine (MLS-SE) The switching entity that handles the function of moving and rewriting the packets. The MLS-SE is an NFFC residing on a Supervisor Engine III card in a Catalyst switch. It can also be a Supervisor I and the PFC on the 6000 series. Multilayer Switching Route Processor (MLS-RP) An RSM, RSFC, MSFC, or an externally connected Cisco 7500, 7200, 4500, 4700, or 8500 series router with software...

Network Traffic Models

To design and build a successful campus network, you must gain a thorough understanding of the traffic generated by applications in use, plus the traffic flow to and from the user communities. All devices on the network will produce data to be transported across the network. Each device could involve many applications that generate data with differing patterns and loads. Applications such as electronic mail, word processing, printing, file transfer, and most web browsers bring about data...

Output Lists

Figure 8-5 illustrates an output access list applied to the interface. In this case, the MLS-SE learns of this change through the MLSP process and then enforces security for the flow. Enforcement of the access list would purge any entries for flows on that interface from the MLS cache. Any new flows would then be created based on the restrictions imposed by the access list. The next packet in the flow becomes a candidate packet and the process of establishing a MLS cache entry is initiated. New...

Overview of Hot Standby Router Protocol

Hot Standby Router Protocol (HSRP) was conceived as a method of providing a level of fault tolerance in the network. HSRP is a Cisco proprietary protocol that is outlined in RFC 2281 (www.isi.edu in-notes rfc2281.txt). The HSRP protocol protects against a failure of the first-hop router. HSRP picks up where the default router left off. You can have a routing protocol capable of discovering dynamic routes, but when it comes to the default route on hosts, there isn't a means to change this in the...

Overview of Multilayer Switching

Catalyst switches are the basis for Layer 3 switching in the Cisco environment. Multilayer Switching (MLS) performs IP data (also IPX and IP multicast) packet flows at a much higher level of performance than traditional routing. This preserves the CPU of an upstream router without compromising functionality. Figure 8-2 shows that the first packet through enters and exits the router illustrated. Subsequent packets would be switched. Figure 8-2 Multilayer Switching Flow First Packet Through...

Passwords

There are several different ways to access every Cisco device. Every method of accessing the device should have a password applied to prevent unauthorized access. Out-of-band management options include the console port and the auxiliary port. In-band management options include Trivial File Transfer Protocol (TFTP) servers and Simple Network Management Protocol (SNMP)-based network management systems, such as CiscoWorks 2000. Virtual terminal ports that are used for terminal access and are...

Passwords and User Access

Normally, a network device should be configured to secure it from unauthorized access. Catalyst switches offer a simple form of security by setting passwords to restrict who can log in to the user interface. Two levels of user access are available regular login, or EXEC mode, and enable login, or privileged mode. EXEC mode is the first level of access, which gives access to the basic user interface through any line or the console port. The privileged mode requires a second password and gives...

Physical Layer Troubleshooting

The most common network problems can be traced to cable problems. The following questions will help determine whether there is a UTP cable problem. Are the cables the correct type for this installation Category 3 cabling can only support 10BaseT. Was a Category 3 cable installed instead of a category 5 For Category 5 cabling, was the cable installed correctly Severe bends in a Category 5 cable can cause a 10 100-Mbps interface to run at 10 Mbps. Some devices do not handle auto negotiation...

Planning for Multicast Services in a Network

So what's needed to deploy IP multicast A lot of patience and planning is needed. OK, so maybe patience and planning aren't the only things needed, but they help. All devices in the network should be able to interpret multicasts. What devices are important How about routers, switches, and servers, for starters. All your clients receiving multicasts might be helpful. The point here is that the network interface cards (NICs) should support multicasts. The use of switches is generally a...

Predictable Network Model

Ideally, a network needs to be designed with a predictable behavior in mind to offer low maintenance and high availability. For example, a campus network needs to recover from failures and topology changes quickly and in a predetermined manner. The network should be scalable to easily support future expansions and upgrades. With a wide variety of multiprotocol and multicast traffic, the network should be able to support the 20 80 rule from a traffic standpoint. In other words, the network...

Root Bridge Configuration

To prevent the surprises outlined in the previous section, you should always do two things Set a Root Bridge in a determined fashion. Set a secondary Root Bridge in case of primary Root Bridge failure. As the common reference point, the Root Bridge (and the secondary) should be placed near the center of the network. For example, a switch in the Distribution layer would make a better Root Bridge choice than one in the Access layer because more traffic is expected to pass through the Distribution...

Routing over Trunk Links

A more robust and cost effective approach uses trunk links between the switches and routers, instead of multiple physical links. Because trunk links transport multiple VLANs over a single link, only one link to an external router is required. A router connected to a switch by a single trunk link is usually referred to as a router on a stick, or a one-armed router. However, a router can also connect to several switches using trunk links. This connection provides end-to-end Layer 3 connectivity...

Routing with Multiple Physical Links

The simplest and most straightforward method of routing between VLANs is to use several physical links between switches and an external router. Each link is configured for a single VLAN, so that a link is there for each VLAN to be routed. This approach is shown in Figure 7-2. Catalyst A is configured for three VLANs (1, 2, and 3). The switch is connected to the router using three separate links, each assigned to one of the three VLANs. Catalysts B and C each have only one VLAN (4 and 5,...

Scenario 111 Answers

1 To configure IP multicast on the router, enter the following command at the global configuration prompt 2 To configure PIM in sparse mode, enter the following command at the interface prompt Router (config-if) ip pim sparse-mode 3 To display PIM information about interface VLAN10, enter the following command at the prompt 4 To display the PIM neighbor tables, enter the following command at the prompt 5 To configure an RP, enter the following command while in global configuration mode...

Scenario 122 Answers

1 The correct answer is as follows Switchl(enable)set banner motd Unauthorized access will be prosecuted 2 The correct configuration is as follows interface VLAN100 access-group 101 out access list 101 permit tcp any any eq smtp 3 The correct configuration is as follows router eigrp 225 network 172.16.0.0 distribute-list 5 out VLAN200 access-list 5 permit 172.16.100.0 0.0.0.255 4 The configuration that accomplishes the goal for this exercise is as follows privilege configure level 3 username...

Scenario 141

Refer to the network diagram in Figure 14-1 and complete the following tasks. Assume that each of the Catalysts has a MAC address formed from its one letter name (Catalyst A aa-aa-aa-aa-aa-aa, Catalyst B bb-bb-bb-bb-bb-bb, and so on). 1 Assume that all Catalyst switches have the default VTP configurations. Which Catalyst will become a VTP server 2 Catalyst A is configured with the following commands set vtp domain alpha set vlan 101 VLAN101 set vlan 102 VLAN102 Which other Catalyst will learn...

Scenario 143 Answers

1 A and B are in the Access Layer, while C and D could be considered to be in the Distribution Layer or a combination Distribution Core Layer. In the latter case, this scenario would be called a Collapsed Core. 2 Spanning Tree is ineffective in this network because the Layer 2 VLANs terminate at the Layer 3 route processors on Catalysts C and D. In other words, both links from each Access Layer switch are forwarding for all VLANs. Therefore we must exploit the Layer 3 technology to gain load...

Scenario 21 Answers Small Campus Network Design

1 See Figure 2-13 for a network drawing. For a network of this size, a collapsed core can be used, as shown in the diagram. Figure 2-13 Network Diagram for Scenario 2-1 Solution Figure 2-13 Network Diagram for Scenario 2-1 Solution 2 Access layer switches could be Catalyst 1900, if 10-Mbps Ethernet will be used for a long time. Otherwise, Catalyst 2900XL or 3500XL switches could be used for 10 100 connectivity. 3 At the distribution layer, either Catalyst 2926G, 2948G-L3, or Catalyst 5000s with...

Scenario 22 Answers Medium Campus Network Design

1 See Figure 2-14 for a network drawing. Each building is considered to be a switch block, with two distribution switches each for redundancy. Two switches are used in the core for a dual core design. Figure 2-14 Network Diagram for Scenario 2-2 Solution Figure 2-14 Network Diagram for Scenario 2-2 Solution 2 Because the customer requires the same switch platform for all locations, the Catalyst 5000 series becomes a natural choice. Fast Ethernet media is used from all access layer switches to...

Scenario 23 Answers Large Enterprise Campus Network Design

1 This network could be improved by moving toward a hierarchical campus design. A Layer 2 backbone is being used with two switches, though they are not redundant. The distribution layer uses traditional routers, causing a potential bottleneck for all traffic passing into the core. All other enterprise resources connect into the distribution layer routers, probably because the routers inherently support WAN connections and Layer 3 routing. 2 See Figure 2-15 for a new network design drawing....

Scenario 23 Large Enterprise Campus Network Design

A large corporate campus has an existing routed and switched network environment in place. Although the actual network is much larger, the basic structure is shown in Figure 2-12. Both the server farm and the mainframe are considered enterprise resources. All switches in use are Layer 2-only devices. Figure 2-12 Diagram for Scenario 2-3 Figure 2-12 Diagram for Scenario 2-3 2 Redraw this network so that it follows the hierarchical campus network design model. 1 What improvements can be made to...