LAN switching fundamentals Flashcards
What are the two primary switch forwarding methods
Store and forward
Cut through
Maybe fragment free?
What is store and forward switching
error checking is performed against the frame, and any frame with errors is discarded
What is cut through switching
no error checking is performed against the frame, which makes forwarding the frame through the switch faster than store-and-forward switches
What is a collision domain
Network segments that share the same bandwidth between devices.
Each switch port represents a new segment
Each segment is a collision domain
What is the flash
Storage location the keeps the IOS image
What is the NVRAM
Non volatile RAM, where the startup config is save
What is the RAM
Volatile. Holds the running config
What is the ROM
This is where the POST is stored.
What is the switch boot sequence
Power on self test (POST)
Switch loads boot loader
BL performs low level CPU initialisation and initialises CPU registers
BL initialises flash file system
BL locates and loads default IOS in to memory and hands control over to IOS
What is Automatic Medium-Dependant Interface Crossover (auto-MDIX)
When enabled, automatically detects the required cable connection type and configures the connection appropriately
What are the steps to configuring SSH on a switch
Verify SSH is supported on device (sh ip ssh)
Configure IP domain (ip domain-name)
Generate RSA key pairs (crypto key generate rsa)
Configure user authentication (username __ secret ___)
Configure VTY lines (login local)
Enable SSH version 2 (ip ssh ver 2)
What is port security
Specifies a single MAC address or a group of valid MAC address allowed on a port
What is static port security
Manually configured on a port using the switchport port-security mac-address mac-address interface config command
What is dynamic port security
Dynamically learned and stored only in the address table
Removed when switch restarts
What is sticky port security
Address that can be dynamically learned or manually configured then stored in the address table and added to the running config
How is a security violation triggered
Either when a MAC address that is not in the address table attempts to access the interface when it is full, or if an address is being used on two secure interface in the same vlan
What are the 3 violation modes
Protect
Restrict
Shutdown
What is protect mode
When reaching the limit of secure mac address, packets with unknown source address are dropped until sufficient number of mac addresses are removed or number of allowed addresses increases
There is no notification that violation has occurred
What is restrict mode
When reaching the limit of secure mac address, packets with unknown source address are dropped until sufficient number of mac addresses are removed or number of allowed addresses increases
There is a notification to say violation has occured
What is shutdown mode
Interface becomes error disabled and turns off port LED
What are some benefits of VLANs
Improved security
Segregation
Better performance
Smaller broadcast domains
What is a data VLAN
Configured to carry user generated traffic
What is a default VLAN
VLAN 1, all switchports become part of the default VLAN after initial boot up loading default config.
Can not be deleted or renamed
What us a native VLAN
Untagged VLAN on an 802.1q trunked switchport
What us a mgmt VLAN
VLAN configured to access the management capabilities of a switch
What is a voice VLAN
A separate VLAN that is need to support VOIP
What is Dynamic Trunking Protocol (DTP)
Manages trunk negotiation if neighbour switch is configured in a trunk mode that supports DTP.
What are the DTP interface modes
Switchport mode dynamic auto
Switchport mode dynamic desirable
Switchport nonegotiate
What is Vlan Trunking Protocol (VTP)
Not a trunking protocol
Allows the copy of vlans from one switch to another
What are the 3 VTP modes
Client
Server
Transparent
What is the default security violation mode
Shutdown
What are the 3 main rules that define a native vlan
It must match on both ends of a trunk link
It is VLAN 1 by default
It is only available with 802.1q encapsulation
What is Link Layer Discovery Protocol (LLDP)
Like CDP, but non Cisco proprietary.
How does 802.1q identify what VLAN the frame belongs to.
VLAN Identifier field - 12 bits
