Switching Flashcards
What is a repeater?
Generates a new clean copy of the exact signal
What is a Hub?
A hub is the same as a repeater with more ports; basically a multi port repeater
What layer to hubs and repeaters operate at?
Physical layer
Describe what happens when a collision occurs?
voltage on the wire changes, thats how the device knows a collision has occurred. The devices will then send a jam signal so other devices know not to transmit data due to a collision. Both devices then invoke a “backoff timer”, each will then start the process over again by listening to the wire and transmitting when clear. The backoff timers are totally random so it is unlikely the hosts will have the same problem again.
True or False - Switches break up broadcast domains
False - Routers and VLANS break up broadcast domains, switches add collision domains.
A switch has 12 ports with 12 devices plugged in, how many collision domains are there?
12
What is Microsegmentation?
One host - One collision domain
What will a Cisco switch do with an incoming frame?
Forward it - Flood it - Filter it
How does a switch build a MAC address table?
By looking at the source MAC address
How does a Cisco switch decide what to do with the incoming frame?
The switch will check to see if there is an entry in its MAC address table for the source MAC address and then the switch will use its MAC address table to check if there is an entry for the destination MAC address.
What is the command to see the MAC address table
show mac-address-table
True or False - If the switch does not have an entry for the destination MAC address, it will flood every port with the frame.
False - The switch will flood every port EXCEPT the port the frame came in on.
What is an unknown Unicast Frame?
host to host transmission where the switch doesn’t have the destination MAC address in MAC table.
What does a switch do when it filters the frame?
Drops the frame.
True or False - Switches NEVER send a frame back out the same port it came in on.
True
What is flooding?
Flooding is performed when the switch has no entry for the frame’s destination MAC address. When the frame is flooded it is sent out every port except the one it came in on.
What is Forwarding?
When the switch does have an entry for the frames destination MAC address. The frame will be sent out only one port with Forwarding
What is Filtering?
When the switch has an entry for both the source and destination MAC address and the MAC table indicates that both addresses are found off the same port
What ports are a Broadcast frame sent out on?
Every port except the one that received it. Broadcast frames are intended for all hosts, and the MAC broadcast address is
FF-FF-FF-FF-FF-FF
What is the default time a MAC address is stored?
300 Seconds
Once the switch decides whether to Forward, Filter or Flood the frame…what other decision needs to be made?
What processing method will be used to handle this forwarding. The processing options are: Store-and-forward, Cut-through, fragment-free
What is Store and forward?
Store and forward is the default for new switches. It provides more error detection than Cut-hrough or fragment-free, has no error recovery, and is slower than Cut-hrough and fragment-free
What is Cut-through?
Cutthrough will forward as soon as frame comes in, Cut-through is fastest, and only Mac address is read
What is fragment free?
Fragment free checks the first 64 bytes for corruption and then forwards if there is none. Fragment free offers middleground between store and forward and Cut-through
What is the danger of a Broadcast Storm?
Broadcast storms can overwhelm a switch’s memory and CPU capabilities, rendering the switch virtually useless.
How do you limit Broadcasts?
Increase the amount of broadcast domains by creating smaller groups.
What is the purpose of a VLAN?
VLANS limit and segment broadcast domains (breaks them into smaller groups)
What is the default VLAN on a Cisco switch?
VLAN 1
True or False - Traffic can be sent from one VLAN to another without the intervention of a layer 3 device
False - NO Traffic can be sent from one VLAN to another without the intervention of a layer 3 device
What protocol does a ping utilize?
ICMP
What do we use a ping for?
Basic connectivity test
What command would you use to see all VLAN’s on a switch?
Show VLAN
or
Show VLAN brief
The Cisco switching model consists of three layers. The __________, ____________, and _____________. This model defines ____________ for switches
Access
Distribution
Core
Roles
True or False - VLAN’s are also a security feature.
True
What does STP stand for?
Spanning Tree Protocol
What is Spanning Tree used for?
To Prevent switching loops - STP will determine a loop free path for frames, and ports that are not on that path will be placed into blocking mode
True or False - Spanning Tree is enabled by default
True
True or False - Unused VLANS can be used as a security feature?
True - Cisco switch ports are open by default, close the unused port with the “shutdown” command, and place them in an unused VLAN
What are the three options for a port-security violation?
Protect - drops the violating frames and transmits a message to the log indicating an issue but does not shut the port
Restrict - simply drops the violating frames
Shutdown - Default mode - drops the violating frames and shuts down the port which will now be listed as err-disabled, also transmits to the log indicating the action taken
What is the commmand to verify port security is running?
show port-securtity interface f0/2 (example)
What is the command for an port security when you don’t know the MAC address?
sw2(config-if)#switchport port-security mac-address sticky
What does the mac-address sticky command do?
The first source MAC address learned on the port will be the secure address, and all others will be onon-secure unless you use the maximum option to change that. - This is commonly used when configuring port security and the MAC address is unknown.
What command would you use to find out if a non-secure address has hit a specific port and shut it down? Also, What other indicator will there be that a port has been shut down by port security?
sw2#sho int fast 0/3 (example)
The port LED will be dark
What command would you use to protect the switch’s console port with a password?
line con 0
password cisco (example)
Why do you have to configure a password for telnet?
Without a password on the VTY lines, no user will be able to telnet to a Cisco router or switch.
What is the command do set up a password for telnet?
line vty 0 15
password cisco (example)
login
What mode are you in when you see this sympbol “ > “
User exec mode
What mode are you in when you see this symbol “#” ?
Privlileged EXEC mode, also referred to as the enable mode
True or False - Using an enable mode password is always optional
False - for telnet and SSH users to access enable mode the enable password must be configured OR the following command must be configured on the VTY lines - config# username jsmith privilege 15 password cisco (example)
What does an amber light on the port LED mean?
If it doesn’t go away in a few seconds, it indicates a problem.
Typically, What level would you start your troubleshooting at?
Physical layer
What does configuring the “logging synchronous” command do?
By configuring the logging synchronous command on the console port, your telling the router to hold such messages until it detects no input from the keyboard and no other output from the router.
what does do ?
Takes the cursor all the way to the front of your current command
