Hierarchical network design involves dividing the network into discrete layers.

Access Layer The access layer interfaces with end devices, such as PCs, printers, and IP phones, to provide access to the rest of the network. The access layer can include routers, switches, bridges, hubs, and wireless access points (AP). The main purpose of the access layer is to provide a means of connecting devices to the network and controlling which devices are allowed to communicate on the network. distribution layer aggregates the data received from the access layer switches before it is transmitted to the core layer for routing to its final destination. The distribution layer controls the flow of network traffic using policies and delineates broadcast domains by performing routing functions between virtual LANs (VLANs) defined at the access layer. VLANs allow you to segment the traffic on a switch into separate subnetworks. For example, in a university you might separate traffic according to faculty, students, and guests. Distribution layer switches are typically high-performance devices that have high availability and redundancy to ensure reliability. Core Layer The core layer of the hierarchical design is the high-speed backbone of the internetwork. The core layer is critical for interconnectivity between distribution layer devices, so it is important for the core to be highly available and redundant. The core area can also connect to Internet resources. The core aggregates the traffic from all the distribution layer devices, so it must be capable of forwarding large amounts of data quickly.
Multiple Access - This means that all machines on the network are free to use the network whenever they like so long as no one else is transmitting.

Fast Ethernet/Gigabit Ethernet: allows up to 100 Mb/s of traffic per switch port PoE, dramatically increases the overall price of the switch across all Cisco Catalyst switch product lines, so it should only be considered when voice convergence is required or wireless access points are being implemented, and power is difficult or expensive to run to the desired location link aggregation: allows the switch to use multiple links simultaneously. Quality of Service The distribution layer switches also need to support QoS to maintain the prioritization of traffic coming from the access layer switches that have implemented QoS

Explain how CSMA/CD works Ethernet uses a protocol called CSMA/CD, this stands for Carrier Sense, Multiple Access with Collision Detection. To understand what this means lets separate the three parts Carrier Sense - When a device connected to an Ethernet network wants to send data it first checks to make sure it has a carrier on which to send its data (usually a piece of copper cable connected to a hub or another machine).

Collision Detection - A means of ensuring that when two machines start to transmit data simultaneously, that the resultant corrupted data is discarded, and re-transmissions are generated at differing time intervals.

VLANS;

Convergence Convergence is the process of combining voice and video communications on a data network. Converged networks require extensive management in relation to Quality of Service (QoS), because voice and video data traffic needed to be classified and prioritized on the network

Traditionally LANS are geographical groupings of computers VLANs allow PCs in different geographical locations to be in the same network (or subnetwork). They are grouped by function not by location. VLANs are created on switches Inter VLAN communication requires a router VLANs are identified by a number or an assigned name VLAN benefits Security Cost reduction Higher performance Broadcast storm mitigation Improved IT staff efficiency Simpler project or application management Data (user) VLAN Configured to carry user-generated traffic only Voice VLANS Used to carry voice traffic in a converged network Default VLAN When a switch boots, all its ports are automatically a member of the default VLAN which, for Cisco switches, is VLAN 1. VLAN 1 cannot be renamed or deleted By default, layer 2 control traffic, such as CDP and STP uses VLAN1 The administrator can make and use another VLAN as the default VLAN (i.e. the VLAN that switch ports automatically belong). In such a case, VLAN 1 would then only be used for control traffic such as CDP).

Network diameter is the number of devices that a packet has to cross before it reaches its destination. Access layer switches facilitate the connection of end node devices to the network. For this reason, they need to support features such as port security: llows the switch to decide how many or what specific devices are allowed to connect to the switch VLAN: are an important component of a converged network. Voice traffic is typically given a separate VLAN

Management VLAN (default is VLAN 1 but change it to another) This is any VLAN (defaults to VLAN 1) used to access the management capabilities of a switch. The management VLAN is assigned an IP address and a subnet mask to allow remote connection to the switch for administration

purposes using Telnet or SSH. Think of it as a virtual interface, the IP address and subnet mask are not assigned to an actual physical interface on the switch. For security reasons change the management VLAN 1 to some other VLAN. The Cisco activities use VLAN 99. Native VLAN (default is VLAN 1 but change it to another)

Trunk links between switches allow data from any VLAN to cross between the switches. Issues arise relating to non-VLAN originating traffic crossing trunks. To address this a VLAN named the native VLAN is created to which trunk ports are associated. VLAN 1 is normally used for the native VLAN but, for security reasons, it is wise to use a different VLAN other than VLAN 1. The Cisco activities use VLAN 99 for the native VLAN. TRUNCK A trunk is a point-to-point link between two network devices that carries traffic from more than one VLAN. A VLAN trunk allows you to extend the VLANs across an entire network. Cisco supports IEEE 802.1q for coordinating trunks on Fast Ethernet and Gigabit Ethernet interfaces. Configure an 802.1Q Trunk on a switch port S1(config)# interface fa0/1 S1(config-if)# switchport mode trunk S1(config-if)# switchport trunk native vlan 99 S1(config-if)# end Verify trunk configuration S1# show interfaces fa0/1 switchport

switches that the switch port is preparing to participate in the active topology. Learning - The port prepares to participate in frame forwarding and begins to populate the MAC address table. Forwarding - The port is considered part of the active topology and forwards frames and also sends and receives BPDU frames. Disabled - The Layer 2 port does not participate in spanning tree and does not forward frames. The disabled state is set when the switch port is administratively disabled.

Create a VLAN S1# configure terminal S1(config)# vlan 20 S1(config-vlan)# name students S1(config-vlan)# end Assign a port to the VLAN statically S1# configure terminal S1(config)# interface fa0/18 S1(config-if)# switchport mode access S1(config-if)# switchport access vlan 20 S1(config-if)# end Verify the VLAN configuration S1# show vlan brief

VTP S1# show vtp status will give details including the following... VTP Version = 1 VTP Domain Name = null VTP Mode = Server Config Revision = 0 VLANs = 1 VTP allows network administrators to separate a network of interconnected switches into smaller management VTP domains to help reduce VLAN management. A VTP domain consists of one switch or several interconnected switches sharing the same VTP domain name. VTP domains limit the extent to which configuration changes made on VTP enabled switches are propagated in the network

Server Purpose Manage domain and VLAN config

Client Updates VTP configurations. Cannot change VLAN configs.

Transparent Only manages local VLAN configs that are not shared with VTP domain. Only forwards VTP adverts No. Only local VLAN config stored in NVRAM No

Respond to VTP adverts? Global VLAN config preserved on restart? Update other VTP enabled switches?

Participates fully Yes. Held in NVRAM.

Participates fully

No. Held in RAM.

Yes

Yes

Blocking - The port is a non-designated port and does not participate in frame forwarding. The port receives BPDU frames to determine the location and root ID of the root bridge switch and what port roles each switch port should assume in the final active STP topology. Listening - STP has determined that the port can participate in frame forwarding according to the BPDU frames that the switch has received thus far. At this point, the switch port is not only receiving BPDU frames, it is also transmitting its own BPDU frames and informing adjacent