S8-Ethernet Switching Flashcards
What is a Deterministic Network?
Network Access should be very Organized and Orderly
What is a Contention-based Network?
a method where multiple devices compete for access to a shared resource
What is CSMA/CD
“Carrier Sense Multiple Access with Collision Detections”
a network access method used in Ethernet networks to coordinate access to a shared medium,
what is CS in CSMA/CD?
“Carrier Sensing”
Ethernet devices can listen to the network to determine if there is already a signal being transmitted.
What does Carrier mean in electronics?
Refers to a signal that carries information or data
What is the MA in CSMA/CD?
“Multiple Access”
Many devices with the ability to access, listen on or transmit on the same network.
what is CD in CSMA/CD?
“Collision Detection”
Random Backoff Timer
Collision resolution method where two devices pick a random timer and attempt retransmission once the timer hits 0.
What is a Collision Domain?
a network segment where devices can potentially collide when transmitting data simultaneously on a shared medium, typically in half-duplex Ethernet networks
Role of an Ethernet Switch
Increases scalability of a network by creating multiple collision domains
HUB
Layer 1 device that connects multiple network devices. acts as a multiport repeater
Passive Hub
Repeats signal, no amplification
Active Hub
Repeats signal, With Amplification
Smart Hub
Active hub with enhanced features eg.
- Simple Network management protocol (SNMP)
BRIDGE
Layer 2 Network device that makes intelligent forwarding decisions based on physical device addressing (MAC address).
- breaks up collision domains
SWITCH
Layer 2 network devices that connects multiple network segments together. Acts like a multiport bridge making forwarding decisions based off of MAC addressing.
How does a Switch behave?
Breaks up a collision domain by treating each port as it’s own collision domain w/ a bridge allowing for physical device addressing.
ROUTER
Layer 3 device that connects multiple networks and makes forwarding decisions based on logical network information (IP Address)
- acts as a bridge between broadcast domains
L3 SWITCH
Switch that can make routing decisions and connects entire networks , not just network segments.
How does a L3 switch behave?
Each of its ports is treated as it’s own broadcast & collision domain w/ IP & MAC routing capabilities.
What is a VLAN?
“Virtual Local Area Network”
Logical subdivision of a given network that segments into separate broadcast domains.
What Layer does VLANs operate at?
Layer 2
What are some Benefits of a VLAN?
- Enhanced Security
- Improved Performance
- Increased management
- improved cost efficiency
How does a VLAN enhance security?
- segments network which isolates sensitive data and reduces data breaches.
How does a VLAN improve Performance?
Reduces the size of a broadcast domain, decreasing the amount of traffic being sent over that segment.
How does a VLAN increase Management?
Makes it easier to implement policies and troubleshoot issues.
each VLAN is treated as a separate network segment allowing for separate rules to be applied to different VLANs.
How does a VLAN improve cost efficiency?
allows you to create separate logical networks using the same physical hardware.
Where is the VLAN Database contained on a Cisco Switch?
in a Flat file called VLAN.DAT
What type of information is contained within a VLAN database?
- VLAN identifier
- VLAN name
- MTU size
what is an SVI
“Switch Virtual Interface”
Allows switches to route traffic between different VLANs
What some VLAN Configuration types?
- 802.1Q Tagging
- Native VLAN
- Voice VLAN
- Link Aggregation
- Speed and Duplex Config
what is 802.1Q Tagging?
“VLAN Tagging”
Refers to the IEEE standard that facilitates the management of multiple VLANs on a single network
How does VLAN Tagging work?
A VLAN Tag containing a VLAN identifier (VID) is inserted into an Ethernet Frame that allows your switches to identify and forward the frames to the proper VLAN
What is Trunking?
Transmission of traffic between different VLANs over the same physical network, while maintaining traffic from each VLAN separate.
What is a Native VLAN?
the VLAN that untagged traffic is assigned to when it enters a trunk port, allowing devices that don’t tag their traffic to still communicate on a network with VLANs
What is a Voice VLAN?
Specialized VLAN dedicated to voice traffic (VoIP)
Why is Voice VLAN important?
Ensures the Quality and reliability of voice communication is upheld by separating voice traffic out from your regular traffic.
- Voice traffic is sensitive to delays and packet loss
what is a QoS policy?
“Quality of Service”
Set of rules that aim to guarantee the performance of specific network traffic (e.g., voice, video, data) by assigning priorities and allocating bandwidth accordingly.
What is Link Aggregation?
“Port Channeling/Bonding”
Method used in networks to combine multiple connections into a single, logical link
Purpose of Port Bonding?
Combines multiple network links so that data can be distributed across multiple links to utilize the combined bandwidth of all those links.
- used to support Trunking lines between switches
How does port bonding provide redundancy and resiliency?
Allows network traffic to flow over the remaining links if one of the bonded links fails.
What are Speed & Duplex Configurations?
Speed
- Rate of data transfer in Mbps/Gbps
Duplex
- Mode of communication Half or Full
Half - send OR receive
Full - send AND receive
What is Auto-Negotiation?
Devices automatically select the highest performance settings in common
Spanning Tree Protocol (802.1d)
Network protocol that prevents looping of network traffic and permits redundant links between switches
what is a Broadcast Storm?
A situation where a large number of broadcast packets flood the network, overwhelming switches and endpoints.
What is a Switching loop?
Occurs when there are multiple paths between network devices, creating a cycle where data packets endlessly circulate.
How does STP prevent Looping?
Root Bridge
Non-root Bridge
Root Bridge
A switch is elected to act as a reference point for the entire spanning tree.
Which switch is selected to act as a Root Bridge?
Switch with the lowest Bridge ID (BID)
what is in a Bridge ID (BID)?
A priority value and a Mac address
What is a Non-Root Bridge?
All other switches in an STP topology
What is a Root Port?
a port on a non-root bridge switch that offers the shortest path to the root bridge, and is always in a forwarding state.
What is a Designated Port?
Closest port to the root bridge on a network segment.
in STP what are the ports on the Root Bridge considered?
All the ports on a Root Bridge are designated ports
What are Non-Designated Ports?
Ports that block traffic to create loop-free topology
How do Non-designated ports receive Data?
As a Bridge Protocol Data Unit (BPDUs)
What Transitions does a Non-designated port make to reach a forwarding state?
- blocking
- listening
- learning
- forwarding
Blocking state
BPDUs Received, but not forwarded
Listening State
populates the MAC Address table, but does not forward frames
Learning State
Processes BPDUs and Determines role within the spanning tree
Forwarding State
Forwards Frames for operations
what is Link Cost?
Priority value given to a link based on the speed of that link.
- Faster link = lower cost
What is NAC?
“Network Access Control”
Method for increasing network security by inspecting devices connecting to the network. (Network customs)
What are parts of a NAC inspection process?
- Port Security
- MAC Filtering
- 802.11x Authentication
Port Security
Securing Physical network ports to prevent unauthorized access
MAC Filtering
Limits network access based on Physical Device addressing (MAC Address)
Allowlisting
Allows specified devices, blocks the rest
- more secure
Blocklisting
Blocks specified devices, allows the rest
- less secure
802.1x Authentication
Network Authentication framework that ensures only authenticated users access network services.
How does 802.1x work?
Works by encapsulating Extensible Authentication Protocol (EAP) within your network’s frames.
- enables the use of various authentication methods eg. Usernames & Passwords, Smart cards, digital certificates etc.
What 3 components are involved in the 802.1x process?
- Supplicant
- Authenticator
- Authentication server
Supplicant
User Device seeking to access the network
Authenticator
Network device the user wants to connect to
Authentication Server
Server on the network that will authenticate the user’s device
What Agents are used to check each device that connects to the network?
- Persistent Agents
- Non-persistent Agents
Persistent Agents
Software that Can continuously monitor and enforce compliance with an organization’s security policies
- usually installed on company owned devices
Non-persistent agents
Allows users to connect to the network and access a captive portal which then asks the user to run a temporary agent that assesses the device’s compliance and then removes itself.
- usually installed on user’s personally owned devices
What are some ways NACs can be tailored?
- Time-based
- Location-based
- Role-based
- Rule-based
Time-based
Regulates access to specified hours
Location-based
Regulates access based on verified physical location
Role-based
Regulates access based on the user’s role within an Org.
Rule-based
Regulates access based on a set of predefined rules
What is an MTU?
“Maximum Transition Unit”
Largest size of a data packet or frame that can be sent over a network.
- Max load cap. for frames inside a network
What is the standard MTU size for Wired Ethernet?
1500 bytes
What is it recommended to configure a smaller MTU size?
- Wireless Networks
- VPN connections (1400-1450 bytes)
- PPPoE connections (1400-1420 bytes)
What are JUMBO Frames?
Frames that exceed the standard ethernet MTU size of 1500 bytes.
What is the default size of a JUMBO Frame?
9000 bytes
Why are JUMBO frames beneficial?
more data can be moved inside of a single frame
- reducing overhead,
- reduce switch processor load
- improve data transfer and throughput speeds.
Where are JUMBO Frames ideal?
- High-bandwidth Applications
- Storage are networks
- Large File transfers
- Video Streaming
- Server-Server communications
What is Fragmentation in JUMBO Frames?
When a Jumbo frame encounters a network segment with a smaller MTU size, the frame will have to be split up into smaller frames.
Potential Drawbacks of JUMBO Frames
- Misconfiguration
- Fragmentation
- Harder to troubleshoot
