Dugga 1

Dugga 1

Chapter 1
1. Hierarchical models
  1. Access layer
    1. Provide access for workstations, servers, APs etc
    2. High availability, convergence, security
  2. Distribution layer
    1. Service and control boundary between access and core layers
    2. Uses switches to segment workgroups and isolate network problems
  3. Core layer
    1. BACKBONE!
    2. Scalability and fast convergence
2. Layer 4/7 switching
  1. TCP/UDP
    1. TCP SYN, FIN, RST
  2. Application information
    1. Content intelligence
3. Multilayer switching
  1. Layer 2 switching
    1. Based on MAC
    2. Frames are not modified
    3. Catalyst 2960
      1. Some layer 3 features
        QoS
        Network access control based on IP
  2. Layer 3 switching
    1. Can use routing protocols such as BGP, OSPF, EIGRP
    2. Highly scalable designs
Chapter 2
1. VLAN technologies in a campus network
  1. End-to-end VLAN
    1. Oldschool!
    2. Every VLAN geographically exist everywhere
    3. Same IP subnet
    4. Switches typically operate in VTP server/client mode
  2. Local VLAN
    1. Exist between access and distrbution switches
    2. Traffic only routed at the distribution and core levels to reach destinations on other networks
    3. VTP transparent
    4. Geopraphically local
  3. Best practices
    1. Local VLAN model
      1. 1-3 VLANs per access module and limit those to a couple of access and distribution switches
    2. Avoid VLAN1 as backhole
    3. Use Dot1Q
    4. Avoid VTP
2. Trunking
  1. ISL
    1. Cisco
    2. 26 byte junk
  2. Dot1Q
    1. IEEE
    2. 4 byte tag
  3. Native VLAN
    1. Untagged traffic
    2. Dot1Q should have the same native on both sides!
  4. Dynamic trunking protocol
    1. Access
      1. Permanent non trunking
    2. Trunk
      1. Permanent trunking
      2. Negotiates
    3. Nonegotiate
      1. Trunk if other end is
      2. Use when connecting to device that does not support DTP
    4. Dynamic desirable
      1. Actively attempt to convert the link to trunk
        Trunk if neighbor is
    5. Dynamic auto
      1. Willing to convert to trunk
        If neighbor is dynamic desirable or trunk
3. VTP
  1. Client
    1. Cannot create, change, delete
    2. Forwards
    3. Do not save
  2. Server
    1. Creates, modifies, deletes
    2. Sends and forwards
    3. Saves
  3. Transparent
    1. Create, deletes, modifies
    2. Forwards but does not synch
    3. Saves
  4. Pruning
    1. trunk connection is flooding traffic neccessarily
  5. Versions
    1. 1
    2. 2
    3. 3
  6. Message types
    1. Summary adverstisemnts
      1. 5 minute increments
      2. Current VTP domain name, revision number
    2. Subset advertisements
      1. Contians VLAN information
      2. After summary
    3. Advertisements requests
      1. Switch has been reset
      2. VTP domain name change
      3. When recieved summary with higher revision number
  7. Same password in all domain
4. Private VLANs
  1. Primary private
    1. Secondary private
      1. End devices
  2. Community private
    1. Talk to others in the same community and promiscuous
  3. Isolated private
    1. Talk to promiscuous
  4. Port types
    1. Isolated
    2. Promiscuous
    3. Community
  5. Save IP
  6. Port protected feature for those that does not support
5. EtherChannel
  1. Bundle links together
  2. Protocols for messages
    1. PAgP
      1. Cisco
      2. Auto, desirable, on, non-silent
    2. LACP
      1. IEEE 803.ad
      2. Passive, active, on
  3. Load balancing
    1. Hash
      1. Not same link if source MAC
Chapter 3
1. RSTP (802.1w)
  1. PVRST+ (Cisco)
    1. Per VLAN
  2. All VLANs
  3. Port roles
    1. Port states
      1. Discarding
      2. Learning
      3. Forwarding
    2. Root
      1. On switches with link at root bridge
      2. Forwards
    3. Designated
      1. On root bridge and non-root bridges
      2. Forwards
    4. Alternate
      1. With an alternate path to root bridge
      2. Disabled (not forwarding)
    5. Backup
      1. Additional port on designated switch with a redundant link to sement for which the switch is designated
    6. Disabled
  4. Link types
    1. Shared (half-duplex)
    2. P2p (full-duplex)
    3. Edge port (portfast, workstations)
      1. Allowed to transition directly to forwarding (skipping listening, learning)
      2. If recieves BPDUs
        Looses edge port status and becomes part of spanning-tree
    4. Root ports
      1. Do not use the link parameter
    5. Alternate, backup ports
      1. Do not use the link parameter in most cases
    6. Designated ports
      1. Make the most use of link parameter
      2. Rapid transition if link is p2p
2. MSTP (802.1s)
  1. VLAN list
  2. To reduce total number of spanning-tree instances
  3. Different regions
    1. Instances
  4. Enables load-balancing
3. Recommended STP practices
  1. Ethernet does not include TTL
  2. Using layer 3 between distribution and core allows multipathing (up to 16)
4. STP (802.1D)
  1. Basics
    1. Root bridge
      1. Lowest priority or MAC
      2. priority.macaddress
    2. Port roles
      1. Root port
        On switches with direct link to root bridge
        Forward data
      2. Designated port
        On root and non-root bridges
        Forward data
      3. Nondesignated port
        Not forwarding data (blocking)
      4. Disabled port
        Shut down
    3. Port states
      1. Blocking
        Non-designated port
        20 sec
      2. Listening
        Receiving and sending BPDUs
        15 sec
      3. Learning
        Prepares to participate in forwarding
        15 sec
      4. Forwarding
      5. Disabled
  2. PVSTP+ (Cisco)
    1. Per VLAN
  3. All VLANs
5. Enhancements
  1. Prevent unwanted devices from becoming root bridge
    1. BPDU guard
      1. On Portfast enabled ports
        Shut down port if recieve BPDU
    2. BPDU filtering
      1. Prevent sending BPDUs out access ports
      2. If you enable with BPDU guard, BPDU filtering takes precendence
    3. Root guard
      1. Forces an interface to become desinganted
        Prevent surrounding switches from becoming a root switch
      2. If it recieves superiour STP BPDUs, the port moves to a root-inconsistent state
        "listening"
        Does not forward traffic out that port
  2. Loop guard
    1. Port BPDU free
      1. Forward traffic
      2. An extra check before transitioning to the STP forwarding state
      3. STP loop-inconsitent state
        If BPDU recieved
        The port transitions through STP states according to the recieved BPDU
        Recovery automatic
        "SPANTREE-2-LOOPGUARDBLOCK: port 3/2 restored in vlan 3."
        Does not pass traffic
    2. Enable on all non-designated ports
  3. UDLD
    1. Unidirectional link
      1. When traffic is transmitted between neighbors in one direction only
    2. Useful on a fiber port to prevent network issues resulting in miswiring
    3. When enabled
      1. Periodically send UDLD packets to neighbors
        Expects packets to be echoed back before predetermined timer expires
        If timer expries
        Determined unidirectional
        Shut down
    4. Modes
      1. Normal
        Undetermined state if stops receiving BPDUs
      2. Aggressive
        Tries to reestablish
    5. Must be enabled on both sides
6. Flex links
  1. Alternative soution to STP
  2. Based on defining an active/standby link pair on a common access switch
  3. Configured on one layer 2 interface by assigning another as flex link or backup
    1. When one of the links is up and forwarding, the other is in standby mode
      1. Redy to begin forwarding traffic if the other link shuts down
7. Troubleshoot
  1. Duplex mismatch
  2. Unidirectional link failure
  3. Frame corruption
  4. Resource errors
  5. Portfast configuration error
  6. Inappropriate STP diameter parameter tuning

Nächster

Beschreibung

Zusammenfassung der Ressource

ähnlicher Inhalt

	Erstellt von Tess - vor mehr als 11 Jahre