Sie sind auf Seite 1von 5


Switches Domain: Core Concepts and Design

*All network equipments are rated at half duplex.

Q. Whats wrong with Plug n Play switch network(Addition of switches without proper
network planning)?
1. Chance for failure
2. Brodacast traffic (Once you reached 500 hosts per network, broadcast traffic
will become excessive)
3. Multicasting issues (Not handled properly in plug n play switch)
4. Security issues
5. MAC flooding

Enterprise Composite Network Model:

-Enterprise Edge (Connection to external network & Firewall is installed here)
-Enterprise Campus
+ Core Layer (all the distribution layer connect to core layer)
+ Distribution layer
+ Access layer

*Network Designing
1. Restrict VLANS to switch blocks (Access+Distribution layer)
2. Implement Management Vlan
3. Separate Voice traffic
4. Implement Multicast support.

*MSFC : Multilayer Switch Feature Card

Vlans Configuration and Verification
*Vlan Functions ::
1. Logically grouping
2. Segments Brodacast domains
3. Subnet Correlation (Vlan grouping, 1 Vlan = 1 Subnet)
4. Access control
5. Quality of Service

#Local Vlans do not extend beyong the distribution layer.

#Local Vlans are routed to other destinations via core.
#Local Vlans should be created aorund physical boundaries.

Vlans: In-Depth Trunking
# Untagged packets entering trunk are sent on native vlan.
# DTP Modes:
Access :Access port on
Trunk :Trunk mode on and sends DTP packets
Dynamic Auto :Automatically change between Access or Trunk but do not
send any DTP packets. Auto on both side => Access port.
Dynamic Desirable**** :DEFAULT MODE (Dynamincally change mode but desires to be
Non-Negotiate :not send DTP packtes. Most secure and recommended way.

DTP can be spoofed...

VLANs:VLAN Trunking Protocol (VTP)
Server (DEFAULT) :
#Power to change VLAN information
#Sends and receive VTP updates
#Saves Vlan Config

#Cannot change vlan
#Send and receive VTP updates
#Does not save vlan config (vlan config stays on RAM).

#Change or update Vlan info.
#Forwards (Pass through) VTP updates (VTP V2)
#Does not listen to VTP advertisements.
#Saves Vlan config.

VTP Pruning:: (Most people don't use it)

#Trims unnecesary broadcast traffic from crossing trunk links
#Only works on VTP Servers

Configuring VTP:
1.Verify current VTP status (show vtp status, verify that config. rev is "0")
2.Configure VTP Domain and password. (DOMAIN name is case sensitive)
3.Configure VTP mode
4.Set VTP version number.


#Native vlan mismatch

#Trunk negotiation issues

*Auto-TO-AUTO does not become trunk
*Avoid DTP (sw non-negotiate)

#VTP Updates not applying

-Verify VTP domain name (case sensitive)/password
-Verify VTP version (Can't have mix of version)
-Verify Trunk Links
-Delete Falsh:vlan.dat and reboot

STP (PVST) - 1
#One Designated port per link
#Bridge with Root Port cannot be ROOT BRIDGE.

Best Path Election:

1. Elect Root (using Bridge ID + MAC)
2. Find ROOT Ports (Low cost path to root)
3. Lower Bridge ID on equal cost path
4. Lower port number

STP (PVST) - 2


EtherChannel Aggregating Redundant Links
PAGP (Port Aggregation Protocol):*CISCO Properietary

*Port Modes: Auto (not proactive), Desirable (Want to be etherchannel) and ON


Auto - Auto = will never set as an etherchannel (both sides will keep waiting)

LACP (Link Aggregation Control Protocol):

#Industry Standard (802.3ad)
#Port Modes : Active, Passive and ON

Auto Passive
Desirable Active

# All ports must use same setup and duplex.

# Interface in a bundle are redundant.
# No Interface in bundle can be SPAN(Switched Port ANalyzer) ports.
# Interfaces in Bundle must be in same VLAN /Trunk.
# Any changes to PORT-CHANNEL affects all bundled ports.
# Any changes to individual ports affect only that port.

L3 Switching InterVLAN Routing Extraorinaire
# Router on a stick
1.Simple to setup
2. Lower Cost
1.Congestion on Link
2.Single point of failure
3.Delay of routing (routers are very slow)

L3 Switching Understanding CEF Optimization
# CEF Exceptions
1) Packets with IP header options
2) Packets with TTL expired
3) Packets destined to Tunnel Interface
4) Packets with unsupported encapsulations
5) Packets requiring fragmentation (MTU Exceeded)

Redundancy in the Campus: HSRP, VRRP and GLBP
# HSRP (Hot-Standby Router Protocol)
1) Cisco proprietery in 1994
2) Hello of 3sec and Hold on Timer of 10sec

# VRRP (Virtual Router Redundancy Protocol)

1) IETF in 1999
2) Not Proprietery
3) Faster default Timers, Hello of 1sec and Hold of Timer of 3sec
4) Master router can share virtual IP address (Can have same virtual IP as
mIP used by master router)
5) Can only set hello timers.
6) Only two options (Learn or advertise) timer.
7) Only need to set timers on Master (advertise) and rest of the routers in
group will learn from master.
8) If Master notices tracked interface going done, it will decrement its
priority to "0". In HSRP it is defined by administrator.

# GLBP (Gateway Load Balancing Protocol)

** Multi active scenarior.Equal and un equal Load balancing supported. Where as

HSRP and VRRP does not support load balancing.

** Single VIP (virtual IP) with multiple MACs.

1) Cisco proprietery in 2005

2) Identical to HSRP but allows ACTIVE-ACTIVE connection that adds load

* Gateways organizes into standby groups
* One gateway Active, others in standby state
* Virtual ROuter ID (IP) and MAC Address generated
* Hello messages are sent once every 3 sec; Dead after 10 sec (Tunable to faster)


0000.0C 07.AC XX
======= ====== ==
Vendor ID HSRP ID Standby
(Cisco) Group number

*Active/Stanby becomes MASTER/BACKUP
*Stanby group becomes VRRP group commands
*Master router can share VIRTUAL IP
*1 sec hello timer and 3sec of hold down timer
*Timers can be set only on MASTER, BACKUP will follow MASTER
*No option for hold on timer, it automatically sets holdon timer based on hello

* Single VIP with multiple MACS
* MASTER acts as Active Virtual Gateway (AVG) and knows all the virtual MACS
* Other Routers act as Active Virtual Forwarders (AVF)
* Could be equal or unequal load balancing
* ROUND ROBIN load balancing by DEFAULT