Key Topic Review Flashcards

Question

Explain how traffic is distributed in EtherChannel

Answer 1

Frames are forwarded dependent on a hashing algorithm. Hashing algorithm can be based on IP address, destination IP address, combo of src and dest IP addresses, source and destination MAC addresses, or TCP/UDP port numbers. The switch hashes based on the number of ports grouped into the EtherChannel. If two ports are bundled together a 1 bit index is required. Either the lowest-order address bit or the XOR of the last bit of the addresses in the frame is used as the index.

Answer 2

PAgP packets are exchanged between switches over EtherChannel-capable ports. Ports that have the same neighbor device ID and port group capability are bundled together as a bidirectional, point-to-point EtherChannel link. PAgP forms an EtherChannel only on ports that are configured for either identical static VLANs or trunking. PAgP can be configured in active mode (desirable), in which a switch actively asks a far-end switch to negotiate an EtherChannel, or in passive mode, in which a switch negotiates an EtherChannel only if the far end initiates it.

Answer 3

LACP also identifies neighbor (like PAgP). It also assigns switches on either end roles. The switch with the lowest system priority (2-byte priority value followed by MAC) is allowed to make decisions about what ports actively are participating in EtherChannel at any given time. Ports contain port priority (2 byte priority and 2 byte port number). Up to 8 ports may be active at any given time.

Answer 4

By default PAgP operates in silent submode with the desirable and auto modes, and allows ports to be added to an EtherChannel even if the other end of the link is silent and never transmits PAgP packets. If no packets are received from the other end PAgP assumes the channel should be built anyway. If you want to ensure traffic is sent use the non-silent subcommand. If PAgP isn't heard on a port than PAgP reports to spanning tree that the port is down.

Answer 5

Contains modes on, passive and active. Each interface included in a single EtherChannel bundle must be assigned to the same unique channel group number. Can contain standby interfaces.

Answer 6

EtherChannel on mode does not send or receive PAgP or LACP packets. Therefore, both ends should be set to on mode before the channel can form. EtherChannel desirable (PAgP) or active (LACP) mode attempts to ask the far end to bring up a channel. Therefore, the other end must be set to either desirable or auto mode. EtherChannel auto (PAgP) or passive (LACP) mode participates in the channel protocol, but only if the far end asks for participation. Therefore, two switches in the auto or passive mode will not form an EtherChannel. PAgP desirable and auto modes default to the silent submode, in which no PAgP packets are expected from the far end. If ports are set to nonsilent submode, PAgP packets must be received before a channel will form.

Answer 7

Listens for frames and learns their source. Uses destination to determine what port to send frame out. Floods broadcast and unknown unicast The bridging process must be effectively transparent

Answer 8

See page 130

Answer 9

Two types: Configuration BPDU: Used for spanning tree configuration Topology Change Notification (TCN) BPDU: Used to announce changes in the network topology

Answer 10

Each switch has a unique bridge ID made up of a 2 byte bridge priority that defaults to 32,768 followed by the 6 byte MAC address. Each switch after bootup first sends out BPDUs to other switches listing itself as the root bridge. If a switch hears a better (in this case lower) advertisement, it sets that switch as the root

Answer 11

Port cost is set based on the bandwidth of a link. Cost is whatever is the advertised cost plus the cost of the incoming port. These are the advertisements sent out. The lowest cost path becomes the root port.

Answer 12

Lowest cost on a single ethernet segment. Based on the following in order: 1) Lowest root bridge ID 2) Lowest root path cost to root bridge 3) Lowest sender bridge ID 4) Lowest sender port ID The ports on the segment that aren't the designated port enter into blocking mode.

Answer 13

Disabled: Ports that are administratively shut down Blocking: Ports cannot receive or transmit data or add MAC addresses to the table. Can receive BPDUs Listening: Allowed to send and receive BPDUs. May become a root port or designated port. Will return to blocking if it loses status. Lasts for forwardDelay seconds. Learning: Port sends and receives BPDUs and can learn MAC addresses. Also lasts forwardDelay seconds. Forwarding: Fully functioning port. Typically belongs to an end user connection.

Answer 14

Hello Time: Time between configuration BPDUs send by the root bridge. Root bridge sets hello time. Default is 2 seconds. Forward Delay: The time interval that a switch port spends in both the listening and learning states. Default is 15 seconds. Max Age: The time interval that a switch stores a BPDU before discarding it. Assumes topology change if Max Age reached without hearing a hello. Default is 20 seconds.

Answer 15

A topology change occurs when a switch either moves a port into the forwarding state or moves a port from the forwarding or learning state to the blocking state. The switch sends a TCN BPDU out its root port so that the root bridge receives news of the topology change. Continues sending TCN BPDUs every Hello Time interval until an ack is received. Eventually the root bridge hears the notification and sends out an ack and sends a configuration BPDU with the topology change flag set causing each switch to shorten their aging times to the forward delay value down from a default of 300 seconds.

Answer 16

IEEE 802.1Q specification for STP. One instance of spanning tree for all VLANs. No capability for load balancing.

Answer 17

Allows one instance of spanning tree per VLAN. PVST+ effectively supports switches running PVST, PVST+, and CST in the same network.

Answer 18

If defaults are left in place, there is no guarentee that the slowest switch might not accidentally become the root bridge. No clear backup is created if all defaults are left. Location of root bridge may be inadequate.

Answer 19

Configure one switch as a root bridge in a determined fashion. Configure another switch as a secondary root bridge, in case of primary root bridge failure.

Answer 20

Both default to 32,768 however, extended must be multiples of 4096. 0 is valid. Command is spanning-tree vlan vlan-list priority bridge-priority

Answer 21

Enables fast connectivity to be established on access-layer switch ports to workstations that are booting. Changes the listening and learning states to a negligable amount of time.

Answer 22

Sets a potential designated or root port to blocking on a leaf node. The moment the root port fails it brings up the secondary link without waiting.

Answer 23

Short circuits the max age timer. If an indirect link failure is detected actively seeks to bring up a port before the max-age timer expires. Still must go through forward delay on listening and learning.

Answer 24

The root guard ensures that the port on which root guard is enabled is the designated port. Normally, root bridge ports are all designated ports, unless two or more ports of the root bridge are connected together. If the bridge receives superior STP Bridge Protocol Data Units (BPDUs) on a root guard-enabled port, root guard moves this port to a root-inconsistent STP state. This root-inconsistent state is effectively equal to a listening state. No traffic is forwarded across this port. In this way, the root guard enforces the position of the root bridge. Simple Version: This port can't become a root port. Returns to normal state when the port stops hearing superior BPDUs. Affects all VLANs!

Answer 25

If any BPDU is received on a port where BPDU Guard is enabled, that port immediately is put into the errdisable state.

Answer 26

When enabled, keeps track of the BPDU activity on nondesignated ports. While BPDUs are received, the port is allowed to behave normally. When BPDUs go missing the port is moved to a loop inconsistent state. Works on a per-VLAN basis.

Answer 27

Monitors the link to see if it is truly bidirectional. A switch sends special layer 2 UDLD frames identifying its switch port at regular intervals. Expects far end to echo. Two modes: Normal Mode: Only marks port with as having undetermined state and logs to syslog on failure. Aggressive Mode: Places in errdisable state if failure is detected.

Answer 28

Prevents BPDUs from being processed on a port and effectively disables STP on that port.

Answer 29

Root Port: The one switch port on each switch that has the best root path cost to root. Designated Port: The switch port on a network segment that has the best root path cost to the root. Alternate Port: A port that has an alternative path to the root, different from the path the root port takes. This path is less desirable than the root path. Backup Port: A port that provides a redundant, but less desirable, connection to a segment where another switch port already connects.

Answer 30

Discarding: Incoming frames are dropped and no MAC addresses are learned. Combines 802.1d disabled, blocking, and listening states. Learning: Incoming frames are dropped, but MAC addresses are learned. Forwarding: Incoming frames are forwarded according to MAC addresses that have been learned.

Answer 31

RSTP (802.1w) BPDUs are distinguished from 802.1D BPDUs by the version number in the BPDU. RSTP can coexist with 802.1D. If a version 0 BPDU is detected on a port that port operates by 802.1D rules.

Answer 32

Edge Port: A port at the edge of the network, where only a single host connects. Root Port: The port that has the best cost to the root of the STP instance. Point-to-point port: Any port that connects to another switch and becomes a designated port. This port is designated by a handshake process where one switch proposes that its port becomes the designated port and the other side must agree.

Answer 33

For each nonedge port, the switch exchanges a proposal-agreement handshake to decide the state of each end of the link. Each switch assumes it should become the designated port for the segment and sends a proposal suggesting this. Before agreement the inferior switch moves all nonedge ports to discarding. The sender with the superior BPDU becomes the designated port. The switch with the inferior BPDU responds with an agreement message and moves the root port to the forwarding state. The sender's designated port also begins forwarding. For each non-edge port in the discarding state a new proposal message is sent.

Answer 34

RSTP detects a topology change only when a nonedge port transitions to the Forwarding state. BPDUs, with their topology change bit set, are sent out all the nonedge designated ports. This is done until the TC timer expires, after two intervals ofteh hello time.

Answer 35

By enabling portfast. (spanning-tree portfast)

Answer 36

spanning-tree mode rapid-pvst

Answer 37

MST can work with 802.1Q and PVST+. Organized into MST regions. For regions to be interoperable the following must occur: MST configuration name (32 characters) MST configuration revision number (0 to 65535) MST instance-to-VLAN mapping table (4096)

Answer 38

Within a single MST region, an Internal Spanning Tree (IST) runs to work out a loop-free topology between the links where CST meets the region boundary and all switches inside the region. Think of the IST instance as locally significant CST, bounded by the edges of the region. IST presents the entire region as a single virtual bridge to the outside.

Answer 39

Inside a region, the actual MST instances (MSTI) exist alongside the IST. Cisco supports a maximum of 16 MSTIs in each region with IST always being MSTI 0 leaving 1-15 for use.

Answer 40

VLANs must be transported by a layer 3 device

Answer 41

A logical interface that represents an entire VLAN.

Answer 42

Contains subnets in order of specificity from most specific to least specific. When a switch receives a packet it can examine the destination address and find the longest match.

Answer 43

Recall that the FIB keeps the Layer 3 next-hop address for each entry. To streamline packet forwarding even more, the FIB has corresponding Layer 2 information for every next-hop entry. This portion of the FIB is called the adjacency table, consisting of the MAC addresses of nodes that can be reached in a single Layer 2 hop.

Answer 44

Client sends a broadcast DHCP discover message with its MAC address. Server replies with DHCP offer containing IP address, subnet mask, default gateway, and some parameters for using the IP address. Client sends a DHCP request formally requesting the offered address. The DHCP server responds with a DHCP ACK message.

Answer 45

Configure a layer 3 interface that joins the same VLAN as the client machines. This interface can be the default gateway for the clients and can act as a DHCP relay. Next use the ip helper-address command to identify the IP address of the actual DHCP server.

Answer 46

Cisco has refined a hierarchical approach to network design that enables network designers to organize the network into distinct layers of devices. The resulting network is efficient, intelligent, scalable, and easily managed.

Answer 47

Access switches usually provide layer 2 vlan connectivity between users. Devices in this layer should have the following capabilities: ``` Low cost per switch port High port density Scalable uplinks to higher layers User access functions such as VLAN membership, traffic and protocol filtering, and quality of service (QoS) Resiliency through multiple uplinks ```

Answer 48

The distribution layer provides interconnection between the campus network's access and core layers. Devices in this layer should have the following capabalities: Aggregation of mulitple access-layer devices High layer 3 throughput for packet handling Security and policy-based connectivity functions through access lists or packet filters QoS features Scalable and resilient high-speed links to the core and access layers

Answer 49

A campus network's core layer provides connectivity of all distribution-layer devices. Core devices should have the following attributes: Very high throughput at Layer 3 No costly or unnecessary packet manipulations (access lists, packet filtering) Redundancy and resilience for high availability Advanced QoS functions

Answer 50

Recall how a campus network is divided into access, distribution, and core layers. The switch block contains switching devices from the access and distribution layers. All switch blocks then connect into the core block, providing end-to-end connectivity across the campus.

Answer 51

The switch block becomes fully dependent on spanning-tree convergence to keep the connections loop free. RSTP should be used on all the switches to improve the convergence time. The link between the two distribution switches must be a layer 2 link. The access VLAN must extend across this link so that users on either access switch can reach the layer 3 gateway.

Answer 52

All layer 2 connectivity should be contained within the access layer. The distribution layer should only have layer 3 links. See page 260 for design pictures. Design 1 No dependence on STP convergence; each VLAN extends to the distribution switches, but no further. Therefore, the STP topology is always converged. A layer 3 link is needed between the distribution switches to carry routing updates. Design 2 Requires layer 3 capable access switches. No dependence on STP convergence; each VLAN extends to the distribution switches, but no further. Therefore, the STP topology is always converged. Layer 3 links between the access and distribution switches carry routing updates. Network stability is offered through the fast convergence of the routing protocol.

Answer 53

A collapsed core block is one in which the hierarchy's core layer is collapsed into the distribution layer. Here, both distribution and core functions are provided within the same switch devices. See page 261 for pictures

Answer 54

A dual core connects two or more switch blocks in a redundant fashion. Although the collapsed core can connect two switch blocks with some redundancy, the core is not scalable when more switch blocks are added. See page 263 for pictures

Answer 55

Each of the routers that provides redundancy for a given gateway address is assigned to a common HSRP group. One router is elected as the primary, or active, HSRP router; another is elected as the standby HSRP router; and all the others remain in the listen HSRP state. The routers exchange HSRP hello messages at regular intervals so that they can remain aware of each other's existence and that of the active router. The router with the highest priority wins the election.

Answer 56

For the virtual router addres, HSRP defines a special MAC address of the form 0000.0c07.acxx where xx represents the HSRP group number as a two-digit hex value.

Answer 57

VRRP provides one redundant gateway address from a group of routers. The active router is called the master router, whereas all others are in the backup state. The master router is the one with the highest router priority in the VRRP group. The virtual router MAC address is of the form 0000.5e00.01xx, where xx is a two-digit hex VRRP group number.

Answer 58

One router in the GLBP group is elected the active virtual gateway (AVG). This router has the highest priority value, or the highest IP address in the group, if there is no highest priority. The AVG answers all ARP requests for the virtual router address. Which MAC address it returns depends on which load-balancing algorithm it is configured to use. The AVG assigns the necessary virtual MAC addresses to each of the routers participating in the GLBP group. You may have up to 4. Each of these routers is referred to as an active virtual forwarder, forwarding traffic received on its virtual MAC address.

Answer 59

Round Robin: Each new ARP request for the virtual router address receives the next available virtual MAC address in reply. This method is default. Weighted: The GLBP group interface's weighting value determines the proportion of traffic that should be sent to that AVF. If interface tracking is not configured, the maximum weighting value configured is used to set the relative proportions among AVFs. Host dependent: Each client that generates an ARP request for the virtual router address always receives the same virtual MAC address in reply.

Answer 60

Route processor redundancy: The redundant supervisor is only partially booted and initialized. When the active module fails, the standby module must reload every other module in the switch and then initialize all the supervisor functions. Route processor redundancy plus (RPR+): The redundant supervisor is booted, allowing the supervisor and the route engine to initialize. No layer 2 or 3 functions are started. When the active module fails, the standby module finishes initializing without reloading other switch modules allowing switch ports to retain their state. Stateful Switchover: The redundant supervisor is fully booted and initialized. Both the startup and running configuration contents are synchronized between the supervisor modules. Layer 2 and 3 functions are ready.

Answer 61

Nonstop forwarding is an interactive method that focuses on quickly rebuilding the Routing Information Base (RIB) table after a supervisor switchover. Instead of waiting on any configured layer 3 routing protocols to converge and rebuild the FIB, a router can use NSF to get assistance from other NSF-aware neighbors.

Answer 62

Provides inline power over the UTP cable.

Answer 63

0: 15.4W 1: 4.0W 2: 7.0W 3: 15.4W 4: Up to 50W

Answer 64

A unique VLAN known as the voice VLAN ID or VVID. In addition to voice, it will also carry the QoS information for the voice packets.

Answer 65

Delay: The amount of time it takes to get from one network device to another. The time it takes for a packet to make a round trip is called the latency. Jitter: Variation in delay Loss: The loss of data in its totality

Answer 66

A network that just forwards packets in the order they were received as fast as it can has no real QoS and is called best effort delivery.

Answer 67

DiffServ requires no advance reservations; QoS is handled dynamically, in a distributed fashion. DiffServ applies QoS on a per hop basis to a whole group of similar flows. Diffserv also bases its QoS decisions on information contained in each packet header.

Answer 68

When a trunk adds a tag indicating the source VLAN number the encapsulation also includes a field that can mark the class of service (CoS) of each frame. 802.1Q: The user field contains three 802.1p priority bits that indicate the frame CoS. Native VLAN are not tagged. Inter-Switch Link (ISL): Each fram is taged with a 15-bit VLAN ID and a 4-bit user field. The lower 3 bits of the user field are used as a class of service value.

Answer 69

Class 0: Default class - offers only best effort forwarding Class 1-4: Assured forwarding (AF) classes. Higher AF class numbers indicate the presence of higher-priority traffic. Class 5: Expedited forwarding (EF): Least likely to be dropped. Class 6-7: Internetwork control and network control respectively. Set aside for network control traffic. Each class has three levels of drop precedence. The higher the value, the more likely it is to be dropped. DON'T FORGET IT'S 6 BITS NOT 8!

Answer 70

The perimeter formed by switches that do not trust incoming QoS is called the trust boundary. Usually includes everything on the internal network except end user devices.

Answer 71

1) Enable QoS on the switch: mls qos * Default to untrusted 2) Define the QoS parameter that will be trusted: interface type mod/num mls qos trust {cos | ip-precedence | dscp} 3) mls qos trust device cisco-phone 4) switchport priority extend {cos value | trust}

Answer 72

Collision avoidance works be requiring all stations to listen before they transmit a frame. When a station has a frame that needs to be sent, one of the two following conditions occurs: No other device is transmitting: The station can transmit its frame immediately. The intended receiving station must send an acknowledgement frame to confirm that the original frame arrived intact and collision-free Another device is already transmitting a frame: The station must wait until the frame in progress has completed; then it must wait a random amount of time before transmitting its own frame.

Answer 73

Any group of wireless devices is known as a service set. The devices must share a common service set identifier (SSID), which is a text frame included in every frame sent.