/

Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide Foundation learning for SWITCH 642-813

Froom, Richard Sivasubramanian, Balaji Frahim, Erum
Innbundet / 2010 / Engelsk

Produktdetaljer

ISBN
9781587058844
Publisert
2010-07-01
Utgiver
Vendor
Cisco Press
Vekt
1122 gr
Høyde
232 mm
Bredde
196 mm
Dybde
34 mm
Aldersnivå
06, P
Språk
Product language
Engelsk
Format
Product format
Innbundet
Antall sider
560

Forfatter
Froom, Richard
Sivasubramanian, Balaji
Frahim, Erum

Biographical note

Richard E. Froom, CCIE No. 5102, attended Clemson University where he majored in computer engineering. While attending Clemson, Richard held positions at different times for the university network team, IBM, and Scientific Research Corporation. After graduation, Richard joined Cisco. Richard's first role within Cisco was as a TAC engineer supporting Cisco Catalyst switches. After several years in the TAC, Richard moved into a testing role supporting Cisco MDS and SAN technologies. In 2009, Richard moved into the Enhanced Customer Aligned Testing Services (ECATS) organization within Cisco as a test manager of a team focused on testing customer deployments of UCS and Nexus.

Balaji Sivasubramanianis a product line manager in the Cloud Services and Switching Technology Group focusing on upcoming products in the cloud services and Data Center virtualization area. Before this role, Balaji was a senior product manager for the Catalyst 6500 switches product line, where he successfully launched the Virtual Switching System (VSS) technology worldwide. He started his Cisco career in Cisco Technical Assistant Center working in the LAN switching products and technologies. Balaji has been a speaker at various industry events such as Cisco Live and VMworld. Balaji has a Master of Science degree in computer engineering from the University of Arizona and a Bachelor of Engineering degree in electrical and electronics from the College of Engineering, Guindy, Anna University (India).

Erum Frahim, CCIE No. 7549, is a technical leader working for Enhanced Customer Aligned Testing Services (ECATS) at Cisco. In her current role, Erum is leading efforts to test Datacenter solutions for several Cisco high-profile customers. Prior to this, Erum managed the Nexus platform escalation group and served as a team lead for Datacenter SAN Test lab under the Cisco Datacenter Business Unit. Erum joined Cisco in 2000 as a technical support engineer. Erum has a Master of Science degree in electrical engineering from Illinois Institute of Technology and also holds a Bachelor of Engineering degree from NED University, Karachi Pakistan. Erum also authors articles in CertificationMagazine and Cisco.com.

Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide Foundation learning for SWITCH 642-813

Froom, Richard Sivasubramanian, Balaji Frahim, Erum
Innbundet / 2010 / Engelsk
Froom, Richard Sivasubramanian, Balaji Frahim, Erum
Innbundet / 2010 / Engelsk
Nettpris:
660,-
Laveste pris siste 30 dager: 660,-
Ikke i salg
Klikk og hent
Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide: Foundation learning for SWITCH 642-813 Richard Froom, CCIE No. 5102Balaji SivasubramanianErum Frahim, CCIE No. 7549 Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide is a Cisco (R) authorized learning tool for CCNP (R) and CCDP (R) preparation. As part of the Cisco Press foundation learning series, this book covers how to plan, configure, and verify the implementation of complex enterprise switching solutions using the Cisco Campus Enterprise Architecture. The Foundation Learning Guide also covers secure integration of VLANs, WLANs, voice, and video into campus networks. Each chapter opens with the list of topics covered to clearly identify the focus of that chapter. At the end of each chapter, a summary and review questions provide you with an opportunity to assess and reinforce your understanding of the material. Throughout the book detailed explanations with commands, configurations, and diagrams serve to illuminate theoretical concepts. Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide is ideal for certification candidates who are seeking a tool to learn all the topics covered in the SWITCH 642-813 exam. - Serves as the official book for the Cisco Networking Academy CCNP SWITCH course - Provides a thorough presentation of the fundamentals of multilayer switched network design - Explains the implementation of the design features such as VLAN, Spanning Tree, and inter-VLAN routing in the multilayer switched environment - Explains how to implement high-availability technologies and techniques - Covers security features in a switched network - Presents self-assessment review questions, chapter topics, summaries, command syntax explanations, network diagrams, and configuration examples to facilitate effective studying This book is in the Foundation Learning Guide Series. These guides are developed together with Cisco (R) as the only authorized, self-paced learning tools that help networking professionals build their understanding of networking concepts and prepare for Cisco certification exams.
Les mer
Chapter 1 Analyzing the Cisco Enterprise Campus ArchitectureIntroduction to Enterprise Campus Network Design 2 Regulatory Standards Driving Enterprise Architectures 4 Campus Designs 5 Legacy Campus Designs 5 Hierarchical Models for Campus Design 6 Impact of Multilayer Switches on Network Design 7 Ethernet Switching Review 7 Layer 2 Switching 8 Layer 3 Switching 10 Layer 4 and Layer 7 Switching 11 Layer 2 Switching In-Depth 12 Layer 3 Switching In-Depth 12 Understanding Multilayer Switching 14 Introduction to Cisco Switches 15 Cisco Catalyst 6500 Family of Switches 15 Cisco Catalyst 4500 Family of Switches 15 Cisco Catalyst 4948G, 3750, and 3560 Family of Switches 16 Cisco Catalyst 2000 Family of Switches 16 Nexus 7000 Family of Switches 16 Nexus 5000 and 2000 Family of Switches 17 Hardware and Software-Switching Terminology 17 Campus Network Traffic Types 18 Peer-to-Peer Applications 21 Client/Server Applications 21 Client-Enterprise Edge Applications 23 Overview of the SONA and Borderless Networks 25Enterprise Campus Design 27 Access Layer In-Depth 29 Distribution Layer 29 Core Layer 31 The Need for a Core Layer 32 Campus Core Layer as the Enterprise Network Backbone 33 Small Campus Network Example 33 Medium Campus Network Example 34 Large Campus Network Design 34 Data Center Infrastructure 35PPDIOO Lifecycle Approach to Network Design and Implementation 37 PPDIOO Phases 37 Benefits of a Lifecycle Approach 38 Planning a Network Implementation 39 Implementation Components 40 Summary Implementation Plan 40 Detailed Implementation Plan 42Summary 43Review Questions 43Chapter 2 Implementing VLANs in Campus Networks 51Implementing VLAN Technologies in a Campus Network 52 VLAN Segmentation Model 53 End-to-End VLAN 54 Local VLAN 55 Comparison of End-to-End VLANs and Local VLANs 56 Mapping VLANs to a Hierarchical Network 57 Planning VLAN Implementation 58 Best Practices for VLAN Design 59 Configuring VLANs 60 VLAN Ranges 60 Verifying the VLAN Configuration 63 Troubleshooting VLANs 67 Troubleshooting Slow Throughput 67 Troubleshooting Communication Issues 68Implementing Trunking in Cisco Campus Network 68 Trunking Protocols 69 Understanding Native VLAN in 802.1Q Trunking 71 Understanding DTP 72 Cisco Trunking Modes and Methods 72 VLAN Ranges and Mappings 73 Best Practices for Trunking 73 Configuring 802.1Q Trunking 74 Verifying Trunking Configurations 76 Troubleshooting Trunking 77VLAN Trunking Protocol 78 VTP Pruning 81 VTP Versions 82 VTP Versions 1 and 2 82 VTP Version 3 83 VTP Messages Types 83 Summary Advertisements 83 Subset Advertisements 84 Advertisement Requests 84 VTP Authentication 84 Best Practices for VTP Implementation 84 Configuring VTP 85 Verifying the VTP Configuration 85 Troubleshooting VTP 87Private VLANs 87 Private VLANs Overview 88 Private VLANs and Port Types 88 Private VLAN Configuration 90 Configuring Private VLANs in Cisco IOS 91 Verifying Private VLAN 92 Private VLAN Configuration Example 93 Single Switch Private Configuration 93 Private VLAN Configuration Across Switches 94 Port Protected Feature 97Configuring Link Aggregation with EtherChannel 97 Describe EtherChannel 98 PAgP and LACP Protocols 101 PAgP Modes 101 LACP Modes 103 Configure Port Channels Using EtherChannel 105 Guidelines for Configuring EtherChannel 105 Layer 2 EtherChannel Configuration Steps 106 Verifying EtherChannel 108 EtherChannel Load Balancing Options 110Summary 112Review Questions 113Chapter 3 Implementing Spanning Tree 119Evolution of Spanning Tree Protocols 119Spanning Tree Protocol Basics 121 STP Operation 122Rapid Spanning Tree Protocol 125 RSTP Port States 126 RSTP Port Roles 127 Rapid Transition to Forwarding 129 RSTP Topology Change Mechanism 132 Bridge Identifier for PVRST+ 136 Compatibility with 802.1D 137 Cisco Spanning Tree Default Configuration 137 PortFast 138 Configuring the PortFast Feature 138 Configuring the Basic Parameters of PVRST+ 140Multiple Spanning Tree 141 MST Regions 143 Extended System ID for MST 144 Configuring MST 145Spanning Tree Enhancements 150 BPDU Guard 152 BPDU Filtering 153 Root Guard 155 Preventing Forwarding Loops and Black Holes 158 Loop Guard 158 UDLD 161 Comparison Between Aggressive Mode UDLD and Loop Guard 165 Flex Links 166Recommended Spanning Tree Practices 168Troubleshooting STP 171 Potential STP Problems 171 Duplex Mismatch 172 Unidirectional Link Failure 172 Frame Corruption 173 Resource Errors 173 PortFast Configuration Error 174 Troubleshooting Methodology 174 Develop a Plan 175 Isolate the Cause and Correct an STP Problem 175 Document Findings 177Summary 178References 179Review Questions 179Chapter 4 Implementing Inter-VLAN Routing 183Describing Inter-VLAN Routing 184 Introduction to Inter-VLAN Routing 184 Inter-VLAN Routing Using an External Router (Router-on-a-Stick) 186 External Router: Advantages and Disadvantages 189 Inter-VLAN Routing Using Switch Virtual Interfaces 190 SVI: Advantages and Disadvantages 192 Routing with Routed Ports 192 Routed Port: Advantage and Disadvantages 193 L2 EtherChannel Versus L3 EtherChannel 194Configuring Inter-VLAN Routing 194 Inter-VLAN Configuration with External Router 195 Implementation Planning 195 Inter-VLAN Configuration with SVI 197 Implementation Plan 197 Switch Virtual Interface Configuration 198 SVI Autostate 199 Configuring Routed Port on a Multilayer Switch 200 Verifying Inter-VLAN Routing 201 Troubleshooting Inter-VLAN Problems 204 Example of a Troubleshooting Plan 205 Configuration of Layer 3 EtherChannel 206 Routing Protocol Configuration 208 Verifying Routing Protocol 208Implementing Dynamic Host Configuration Protocol in a Multilayer Switched Environment 210 DHCP Operation 211 Configuring DHCP and Verifying DHCP 212 Configure DHCP on the Multilayer Switch 212 Configure DHCP Relay 213 Verifying DHCP Operation 214Deploying CEF-Based Multilayer Switching 215 Multilayer Switching Concepts 215 Explaining Layer 3 Switch Processing 216 CAM and TCAM Tables 217 Distributed Hardware Forwarding 220 Cisco Switching Methods 221 Route Caching 222 Topology-Based Switching 223 CEF Processing 225 CEF Operation and Use of TCAM 227 CEF Modes of Operation 227 Address Resolution Protocol Throttling 228 Sample CEF-Based MLS Operation 230 CEF-Based MLS Load Sharing 231 Configuring CEF and Verifying CEF Configuration 232 CEF-Based MLS Configuration 232 CEF-Based MLS Verification 232Troubleshooting CEF 236Summary 237Review Questions 237Chapter 5 Implementing High Availability and Redundancy in a Campus Network 243Understanding High Availability 244 Components of High Availability 244 Redundancy 245 Technology 246 People 246 Processes 247 Tools 248 Resiliency for High Availability 249 Network-Level Resiliency 249 High Availability and Failover Times 249 Optimal Redundancy 251 Provide Alternate Paths 252 Avoid Too Much Redundancy 253 Avoid Single Point of Failure 253 Cisco NSF with SSO 254 Routing Protocols and NSF 255Implementing High Availability 255 Distributed VLANs on Access Switches 256 Local VLANs on Access Switches 256 Layer 3 Access to the Distribution Interconnection 257 Daisy Chaining Access Layer Switches 257 StackWise Access Switches 259 Too Little Redundancy 260Implementing Network Monitoring 262 Network Management Overview 262 Syslog 263 Syslog Message Format 265 Configuring Syslog 267 SNMP 269 SNMP Versions 270 SNMP Recommendations 272 Configuring SNMP 272 IP Service Level Agreement 273 IP SLA Measurements 273 IP SLA Operations 275 IP SLA Source and Responder 275 IP SLA Operation with Responder 275 IP SLA Responder Timestamps 277 Configuring IP SLA 277Implementing Redundant Supervisor Engines in Catalyst Switches 280 Route Processor Redundancy 281 Route Processor Redundancy Plus 282 Configuring and Verifying RPR+ Redundancy 283 Stateful Switchover (SSO) 284 Configuring and Verifying SSO 285 NSF with SSO 286 Configuring and Verifying NSF with SSO 287Understanding First Hop Redundancy Protocols 288 Introduction to First Hop Redundancy Protocol 288 Proxy ARP 289 Static Default Gateway 290 Hot Standby Router Protocol (HSRP) 291 HSRP States 294 HSRP State Transition 295 HSRP Active Router and Spanning Tree Topology 296 Configuring HSRP 296 HSRP Priority and Preempt 297 HSRP Authentication 298 HSRP Timer Considerations and Configuration 299 HSRP Versions 301 HSRP Interface Tracking 302 HSRP Object Tracking 304 HSRP and IP SLA Tracking 305 Multiple HSRP Groups 306 HSRP Monitoring 307 Virtual Router Redundancy Protocol 309 VRRP Operation 311 VRRP Transition Process 312 Configuring VRRP 312 Gateway Load Balancing Protocol 315 GLBP Functions 316 GLBP Features 317 GLBP Operations 318 GLBP Interface Tracking 318 GLBP Configuration 322 GLBP with VLAN Spanning Across Access Layer Switches 322Cisco IOS Server Load Balancing 323 Cisco IOS SLB Modes of Operation 325 Configuring the Server Farm in a Data Center with Real Servers 326 Configuring Virtual Servers 328Summary 330Review Questions 331Chapter 6 Securing the Campus Infrastructure 333Switch Security Fundamentals 334 Security Infrastructure Services 334 Unauthorized Access by Rogue Devices 336 Layer 2 Attack Categories 337Understanding and Protecting Against MAC Layer Attack 339 Suggested Mitigation for MAC Flooding Attacks 341 Port Security 341 Port Security Scenario 1 341 Port Security Scenario 2 342 Configuring Port Security 343 Caveats to Port Security Configuration Steps 344 Verifying Port Security 345 Port Security with Sticky MAC Addresses 347 Blocking Unicast Flooding on Desired Ports 348Understanding and Protecting Against VLAN Attacks 349 VLAN Hopping 349 VLAN Hopping with Double Tagging 350 Mitigating VLAN Hopping 351 VLAN Access Control Lists 352 Configuring VACL 353Understanding and Protecting Against Spoofing Attacks 355 Catalyst Integrated Security Features 355 DHCP Spoofing Attack 356 DHCP Snooping 358 ARP Spoofing Attack 361 Preventing ARP Spoofing Through Dynamic ARP Inspection 362 IP Spoofing and IP Source Guard 368 Configuring IPSG 370Securing Network Switches 372 Neighbor Discovery Protocols 372 Cisco Discovery Protocol 373 Configuring CDP 373 Configuring LLDP 375 CDP Vulnerabilities 375 Securing Switch Access 376 Telnet Vulnerabilities 377 Secure Shell 377 VTY ACLs 378 HTTP Secure Server 379 Authentication Authorization Accounting (AAA) 380 Security Using IEEE 802.1X Port-Based Authentication 387 Configuring 802.1X 389Switch Security Considerations 390 Organizational Security Policies 391 Securing Switch Devices and Protocols 391 Configuring Strong System Passwords 392 Restricting Management Access Using ACLs 392 Securing Physical Access to the Console 393 Securing Access to vty Lines 393 Configuring System Warning Banners 393 Disabling Unneeded or Unused Services 394 Trimming and Minimizing Use of CDP/LLDP 395 Disabling the Integrated HTTP Daemon 395 Configuring Basic System Logging 396 Securing SNMP 396 Limiting Trunking Connections and Propagated VLANs 396 Securing the Spanning-Tree Topology 396 Mitigating Compromises Launched Through a Switch 397Troubleshooting Performance and Connectivity 398 Techniques to Enhance Performance 398 Monitoring Performance with SPAN and VSPAN 400 Using SPAN to Monitor the CPU Interface of Switches 403 Monitoring Performance with RSPAN 404 Monitoring Performance with ERSPAN 408 Monitoring Performance Using VACLs with the Capture Option 410 Troubleshooting Using L2 Traceroute 412 Enhancing Troubleshooting and Recovery Using Cisco IOS Embedded Event Manager 413 Performance Monitoring Using the Network Analysis Module in the Catalyst 6500 Family of Switches 414Summary 415Review Questions 416Chapter 7 Preparing the Campus Infrastructure for Advanced Services 419Planning for Wireless, Voice, and Video Application in the Campus Network 420 The Purpose of Wireless Network Implementations in the Campus Network 420 The Purpose of Voice in the Campus Network 421 The Purpose of Video Deployments in the Campus Network 423 Planning for the Campus Network to Support Wireless Technologies 423 Introduction to Wireless LANs (WLAN) 423 Cisco WLAN Solutions as Applied to Campus Networks 426 Comparing and Contrasting WLANs and LANs 428 Standalone Versus Controller-Based Approaches to WLAN Deployments in the Campus Network 429 Controller-Based WLAN Solution 430 Traffic Handling in Controller-Based Solutions 433 Traffic Flow in a Controller-Based Solution 434 Hybrid Remote Edge Access Points (HREAP) 435 Review of Standalone and Controller-Based WLAN Solutions 436 Gathering Requirements for Planning a Wireless Deployment 436 Planning for the Campus Network to Support Voice 437 Introduction to Unified Communications 438 Campus Network Design Requirements for Deploying VoIP 439 Planning for the Campus Network to Support Video 440 Voice and Video Traffic 441 Video Traffic Flow in the Campus Network 442 Design Requirements for Voice, Data, and Video in the Campus Network 444Understanding QoS 444 QoS Service Models 446 AutoQoS 447 Traffic Classification and Marking 448 DSCP, ToS, and CoS 448 Classification 449 Trust Boundaries and Configurations 450 Marking 451 Traffic Shaping and Policing 451 Policing 452 Congestion Management 453 FIFO Queuing 453 Weighted Round Robin Queuing 453 Priority Queuing 455 Custom Queuing 455 Congestion Avoidance 455 Tail Drop 456 Weighted Random Early Detection 456Implementing IP Multicast in the Campus Network 458 Introduction to IP Multicast 459 Multicast IP Address Structure 462 Reserved Link Local Addresses 463 Globally Scoped Addresses 463 Source-Specific Multicast Addresses 463 GLOP Addresses 464 Limited-Scope Addresses 464 Multicast MAC Address Structure 464 Reverse Path Forwarding 465 Multicast Forwarding Tree 466 Source Trees 467 Shared Trees 468 Comparing Source Trees and Shared Trees 469 IP Multicast Protocols 470 PIM 470 Automating Distribution of RP 474 Auto-RP 474 Bootstrap Router 475 Comparison and Compatibility of PIM Version 1 and Version 2 476 Configuring Internet Group Management Protocol 478 IGMPv1 478 IGMPv2 478 IGMPv3 479 IGMPv3 Lite 479 IGMP Snooping 480Preparing the Campus Infrastructure to Support Wireless 484 Wireless LAN Parameters 484 Configuring Switches to Support WLANs 484 Preparing the Campus Network for Integration of a Standalone WLAN Solution 484 Preparing the Campus Network for Integration of a Controller-Based WLAN Solution 485Preparing the Campus Infrastructure to Support Voice 487 IP Telephony Components 487 Configuring Switches to Support VoIP 488 Voice VLANs 488 QoS for Voice Traffic from IP Phones 490 Power over Ethernet 491 Additional Network Requirements for VoIP 493Preparing the Campus Infrastructure to Support Video 494 Video Components 494 Configuring Switches to Support Video 495Summary 496Review Questions 497Appendix A 503 9781587058844 TOC 5/20/2010
Les mer

Relaterte produkter

Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide: Foundation learning for SWITCH 642-813 Richard Froom, CCIE No. 5102Balaji SivasubramanianErum Frahim, CCIE No. 7549 Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide is a Cisco (R) authorized learning tool for CCNP (R) and CCDP (R) preparation. As part of the Cisco Press foundation learning series, this book covers how to plan, configure, and verify the implementation of complex enterprise switching solutions using the Cisco Campus Enterprise Architecture. The Foundation Learning Guide also covers secure integration of VLANs, WLANs, voice, and video into campus networks. Each chapter opens with the list of topics covered to clearly identify the focus of that chapter. At the end of each chapter, a summary and review questions provide you with an opportunity to assess and reinforce your understanding of the material. Throughout the book detailed explanations with commands, configurations, and diagrams serve to illuminate theoretical concepts. Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide is ideal for certification candidates who are seeking a tool to learn all the topics covered in the SWITCH 642-813 exam. - Serves as the official book for the Cisco Networking Academy CCNP SWITCH course - Provides a thorough presentation of the fundamentals of multilayer switched network design - Explains the implementation of the design features such as VLAN, Spanning Tree, and inter-VLAN routing in the multilayer switched environment - Explains how to implement high-availability technologies and techniques - Covers security features in a switched network - Presents self-assessment review questions, chapter topics, summaries, command syntax explanations, network diagrams, and configuration examples to facilitate effective studying This book is in the Foundation Learning Guide Series. These guides are developed together with Cisco (R) as the only authorized, self-paced learning tools that help networking professionals build their understanding of networking concepts and prepare for Cisco certification exams.
Les mer
Chapter 1 Analyzing the Cisco Enterprise Campus ArchitectureIntroduction to Enterprise Campus Network Design 2 Regulatory Standards Driving Enterprise Architectures 4 Campus Designs 5 Legacy Campus Designs 5 Hierarchical Models for Campus Design 6 Impact of Multilayer Switches on Network Design 7 Ethernet Switching Review 7 Layer 2 Switching 8 Layer 3 Switching 10 Layer 4 and Layer 7 Switching 11 Layer 2 Switching In-Depth 12 Layer 3 Switching In-Depth 12 Understanding Multilayer Switching 14 Introduction to Cisco Switches 15 Cisco Catalyst 6500 Family of Switches 15 Cisco Catalyst 4500 Family of Switches 15 Cisco Catalyst 4948G, 3750, and 3560 Family of Switches 16 Cisco Catalyst 2000 Family of Switches 16 Nexus 7000 Family of Switches 16 Nexus 5000 and 2000 Family of Switches 17 Hardware and Software-Switching Terminology 17 Campus Network Traffic Types 18 Peer-to-Peer Applications 21 Client/Server Applications 21 Client-Enterprise Edge Applications 23 Overview of the SONA and Borderless Networks 25Enterprise Campus Design 27 Access Layer In-Depth 29 Distribution Layer 29 Core Layer 31 The Need for a Core Layer 32 Campus Core Layer as the Enterprise Network Backbone 33 Small Campus Network Example 33 Medium Campus Network Example 34 Large Campus Network Design 34 Data Center Infrastructure 35PPDIOO Lifecycle Approach to Network Design and Implementation 37 PPDIOO Phases 37 Benefits of a Lifecycle Approach 38 Planning a Network Implementation 39 Implementation Components 40 Summary Implementation Plan 40 Detailed Implementation Plan 42Summary 43Review Questions 43Chapter 2 Implementing VLANs in Campus Networks 51Implementing VLAN Technologies in a Campus Network 52 VLAN Segmentation Model 53 End-to-End VLAN 54 Local VLAN 55 Comparison of End-to-End VLANs and Local VLANs 56 Mapping VLANs to a Hierarchical Network 57 Planning VLAN Implementation 58 Best Practices for VLAN Design 59 Configuring VLANs 60 VLAN Ranges 60 Verifying the VLAN Configuration 63 Troubleshooting VLANs 67 Troubleshooting Slow Throughput 67 Troubleshooting Communication Issues 68Implementing Trunking in Cisco Campus Network 68 Trunking Protocols 69 Understanding Native VLAN in 802.1Q Trunking 71 Understanding DTP 72 Cisco Trunking Modes and Methods 72 VLAN Ranges and Mappings 73 Best Practices for Trunking 73 Configuring 802.1Q Trunking 74 Verifying Trunking Configurations 76 Troubleshooting Trunking 77VLAN Trunking Protocol 78 VTP Pruning 81 VTP Versions 82 VTP Versions 1 and 2 82 VTP Version 3 83 VTP Messages Types 83 Summary Advertisements 83 Subset Advertisements 84 Advertisement Requests 84 VTP Authentication 84 Best Practices for VTP Implementation 84 Configuring VTP 85 Verifying the VTP Configuration 85 Troubleshooting VTP 87Private VLANs 87 Private VLANs Overview 88 Private VLANs and Port Types 88 Private VLAN Configuration 90 Configuring Private VLANs in Cisco IOS 91 Verifying Private VLAN 92 Private VLAN Configuration Example 93 Single Switch Private Configuration 93 Private VLAN Configuration Across Switches 94 Port Protected Feature 97Configuring Link Aggregation with EtherChannel 97 Describe EtherChannel 98 PAgP and LACP Protocols 101 PAgP Modes 101 LACP Modes 103 Configure Port Channels Using EtherChannel 105 Guidelines for Configuring EtherChannel 105 Layer 2 EtherChannel Configuration Steps 106 Verifying EtherChannel 108 EtherChannel Load Balancing Options 110Summary 112Review Questions 113Chapter 3 Implementing Spanning Tree 119Evolution of Spanning Tree Protocols 119Spanning Tree Protocol Basics 121 STP Operation 122Rapid Spanning Tree Protocol 125 RSTP Port States 126 RSTP Port Roles 127 Rapid Transition to Forwarding 129 RSTP Topology Change Mechanism 132 Bridge Identifier for PVRST+ 136 Compatibility with 802.1D 137 Cisco Spanning Tree Default Configuration 137 PortFast 138 Configuring the PortFast Feature 138 Configuring the Basic Parameters of PVRST+ 140Multiple Spanning Tree 141 MST Regions 143 Extended System ID for MST 144 Configuring MST 145Spanning Tree Enhancements 150 BPDU Guard 152 BPDU Filtering 153 Root Guard 155 Preventing Forwarding Loops and Black Holes 158 Loop Guard 158 UDLD 161 Comparison Between Aggressive Mode UDLD and Loop Guard 165 Flex Links 166Recommended Spanning Tree Practices 168Troubleshooting STP 171 Potential STP Problems 171 Duplex Mismatch 172 Unidirectional Link Failure 172 Frame Corruption 173 Resource Errors 173 PortFast Configuration Error 174 Troubleshooting Methodology 174 Develop a Plan 175 Isolate the Cause and Correct an STP Problem 175 Document Findings 177Summary 178References 179Review Questions 179Chapter 4 Implementing Inter-VLAN Routing 183Describing Inter-VLAN Routing 184 Introduction to Inter-VLAN Routing 184 Inter-VLAN Routing Using an External Router (Router-on-a-Stick) 186 External Router: Advantages and Disadvantages 189 Inter-VLAN Routing Using Switch Virtual Interfaces 190 SVI: Advantages and Disadvantages 192 Routing with Routed Ports 192 Routed Port: Advantage and Disadvantages 193 L2 EtherChannel Versus L3 EtherChannel 194Configuring Inter-VLAN Routing 194 Inter-VLAN Configuration with External Router 195 Implementation Planning 195 Inter-VLAN Configuration with SVI 197 Implementation Plan 197 Switch Virtual Interface Configuration 198 SVI Autostate 199 Configuring Routed Port on a Multilayer Switch 200 Verifying Inter-VLAN Routing 201 Troubleshooting Inter-VLAN Problems 204 Example of a Troubleshooting Plan 205 Configuration of Layer 3 EtherChannel 206 Routing Protocol Configuration 208 Verifying Routing Protocol 208Implementing Dynamic Host Configuration Protocol in a Multilayer Switched Environment 210 DHCP Operation 211 Configuring DHCP and Verifying DHCP 212 Configure DHCP on the Multilayer Switch 212 Configure DHCP Relay 213 Verifying DHCP Operation 214Deploying CEF-Based Multilayer Switching 215 Multilayer Switching Concepts 215 Explaining Layer 3 Switch Processing 216 CAM and TCAM Tables 217 Distributed Hardware Forwarding 220 Cisco Switching Methods 221 Route Caching 222 Topology-Based Switching 223 CEF Processing 225 CEF Operation and Use of TCAM 227 CEF Modes of Operation 227 Address Resolution Protocol Throttling 228 Sample CEF-Based MLS Operation 230 CEF-Based MLS Load Sharing 231 Configuring CEF and Verifying CEF Configuration 232 CEF-Based MLS Configuration 232 CEF-Based MLS Verification 232Troubleshooting CEF 236Summary 237Review Questions 237Chapter 5 Implementing High Availability and Redundancy in a Campus Network 243Understanding High Availability 244 Components of High Availability 244 Redundancy 245 Technology 246 People 246 Processes 247 Tools 248 Resiliency for High Availability 249 Network-Level Resiliency 249 High Availability and Failover Times 249 Optimal Redundancy 251 Provide Alternate Paths 252 Avoid Too Much Redundancy 253 Avoid Single Point of Failure 253 Cisco NSF with SSO 254 Routing Protocols and NSF 255Implementing High Availability 255 Distributed VLANs on Access Switches 256 Local VLANs on Access Switches 256 Layer 3 Access to the Distribution Interconnection 257 Daisy Chaining Access Layer Switches 257 StackWise Access Switches 259 Too Little Redundancy 260Implementing Network Monitoring 262 Network Management Overview 262 Syslog 263 Syslog Message Format 265 Configuring Syslog 267 SNMP 269 SNMP Versions 270 SNMP Recommendations 272 Configuring SNMP 272 IP Service Level Agreement 273 IP SLA Measurements 273 IP SLA Operations 275 IP SLA Source and Responder 275 IP SLA Operation with Responder 275 IP SLA Responder Timestamps 277 Configuring IP SLA 277Implementing Redundant Supervisor Engines in Catalyst Switches 280 Route Processor Redundancy 281 Route Processor Redundancy Plus 282 Configuring and Verifying RPR+ Redundancy 283 Stateful Switchover (SSO) 284 Configuring and Verifying SSO 285 NSF with SSO 286 Configuring and Verifying NSF with SSO 287Understanding First Hop Redundancy Protocols 288 Introduction to First Hop Redundancy Protocol 288 Proxy ARP 289 Static Default Gateway 290 Hot Standby Router Protocol (HSRP) 291 HSRP States 294 HSRP State Transition 295 HSRP Active Router and Spanning Tree Topology 296 Configuring HSRP 296 HSRP Priority and Preempt 297 HSRP Authentication 298 HSRP Timer Considerations and Configuration 299 HSRP Versions 301 HSRP Interface Tracking 302 HSRP Object Tracking 304 HSRP and IP SLA Tracking 305 Multiple HSRP Groups 306 HSRP Monitoring 307 Virtual Router Redundancy Protocol 309 VRRP Operation 311 VRRP Transition Process 312 Configuring VRRP 312 Gateway Load Balancing Protocol 315 GLBP Functions 316 GLBP Features 317 GLBP Operations 318 GLBP Interface Tracking 318 GLBP Configuration 322 GLBP with VLAN Spanning Across Access Layer Switches 322Cisco IOS Server Load Balancing 323 Cisco IOS SLB Modes of Operation 325 Configuring the Server Farm in a Data Center with Real Servers 326 Configuring Virtual Servers 328Summary 330Review Questions 331Chapter 6 Securing the Campus Infrastructure 333Switch Security Fundamentals 334 Security Infrastructure Services 334 Unauthorized Access by Rogue Devices 336 Layer 2 Attack Categories 337Understanding and Protecting Against MAC Layer Attack 339 Suggested Mitigation for MAC Flooding Attacks 341 Port Security 341 Port Security Scenario 1 341 Port Security Scenario 2 342 Configuring Port Security 343 Caveats to Port Security Configuration Steps 344 Verifying Port Security 345 Port Security with Sticky MAC Addresses 347 Blocking Unicast Flooding on Desired Ports 348Understanding and Protecting Against VLAN Attacks 349 VLAN Hopping 349 VLAN Hopping with Double Tagging 350 Mitigating VLAN Hopping 351 VLAN Access Control Lists 352 Configuring VACL 353Understanding and Protecting Against Spoofing Attacks 355 Catalyst Integrated Security Features 355 DHCP Spoofing Attack 356 DHCP Snooping 358 ARP Spoofing Attack 361 Preventing ARP Spoofing Through Dynamic ARP Inspection 362 IP Spoofing and IP Source Guard 368 Configuring IPSG 370Securing Network Switches 372 Neighbor Discovery Protocols 372 Cisco Discovery Protocol 373 Configuring CDP 373 Configuring LLDP 375 CDP Vulnerabilities 375 Securing Switch Access 376 Telnet Vulnerabilities 377 Secure Shell 377 VTY ACLs 378 HTTP Secure Server 379 Authentication Authorization Accounting (AAA) 380 Security Using IEEE 802.1X Port-Based Authentication 387 Configuring 802.1X 389Switch Security Considerations 390 Organizational Security Policies 391 Securing Switch Devices and Protocols 391 Configuring Strong System Passwords 392 Restricting Management Access Using ACLs 392 Securing Physical Access to the Console 393 Securing Access to vty Lines 393 Configuring System Warning Banners 393 Disabling Unneeded or Unused Services 394 Trimming and Minimizing Use of CDP/LLDP 395 Disabling the Integrated HTTP Daemon 395 Configuring Basic System Logging 396 Securing SNMP 396 Limiting Trunking Connections and Propagated VLANs 396 Securing the Spanning-Tree Topology 396 Mitigating Compromises Launched Through a Switch 397Troubleshooting Performance and Connectivity 398 Techniques to Enhance Performance 398 Monitoring Performance with SPAN and VSPAN 400 Using SPAN to Monitor the CPU Interface of Switches 403 Monitoring Performance with RSPAN 404 Monitoring Performance with ERSPAN 408 Monitoring Performance Using VACLs with the Capture Option 410 Troubleshooting Using L2 Traceroute 412 Enhancing Troubleshooting and Recovery Using Cisco IOS Embedded Event Manager 413 Performance Monitoring Using the Network Analysis Module in the Catalyst 6500 Family of Switches 414Summary 415Review Questions 416Chapter 7 Preparing the Campus Infrastructure for Advanced Services 419Planning for Wireless, Voice, and Video Application in the Campus Network 420 The Purpose of Wireless Network Implementations in the Campus Network 420 The Purpose of Voice in the Campus Network 421 The Purpose of Video Deployments in the Campus Network 423 Planning for the Campus Network to Support Wireless Technologies 423 Introduction to Wireless LANs (WLAN) 423 Cisco WLAN Solutions as Applied to Campus Networks 426 Comparing and Contrasting WLANs and LANs 428 Standalone Versus Controller-Based Approaches to WLAN Deployments in the Campus Network 429 Controller-Based WLAN Solution 430 Traffic Handling in Controller-Based Solutions 433 Traffic Flow in a Controller-Based Solution 434 Hybrid Remote Edge Access Points (HREAP) 435 Review of Standalone and Controller-Based WLAN Solutions 436 Gathering Requirements for Planning a Wireless Deployment 436 Planning for the Campus Network to Support Voice 437 Introduction to Unified Communications 438 Campus Network Design Requirements for Deploying VoIP 439 Planning for the Campus Network to Support Video 440 Voice and Video Traffic 441 Video Traffic Flow in the Campus Network 442 Design Requirements for Voice, Data, and Video in the Campus Network 444Understanding QoS 444 QoS Service Models 446 AutoQoS 447 Traffic Classification and Marking 448 DSCP, ToS, and CoS 448 Classification 449 Trust Boundaries and Configurations 450 Marking 451 Traffic Shaping and Policing 451 Policing 452 Congestion Management 453 FIFO Queuing 453 Weighted Round Robin Queuing 453 Priority Queuing 455 Custom Queuing 455 Congestion Avoidance 455 Tail Drop 456 Weighted Random Early Detection 456Implementing IP Multicast in the Campus Network 458 Introduction to IP Multicast 459 Multicast IP Address Structure 462 Reserved Link Local Addresses 463 Globally Scoped Addresses 463 Source-Specific Multicast Addresses 463 GLOP Addresses 464 Limited-Scope Addresses 464 Multicast MAC Address Structure 464 Reverse Path Forwarding 465 Multicast Forwarding Tree 466 Source Trees 467 Shared Trees 468 Comparing Source Trees and Shared Trees 469 IP Multicast Protocols 470 PIM 470 Automating Distribution of RP 474 Auto-RP 474 Bootstrap Router 475 Comparison and Compatibility of PIM Version 1 and Version 2 476 Configuring Internet Group Management Protocol 478 IGMPv1 478 IGMPv2 478 IGMPv3 479 IGMPv3 Lite 479 IGMP Snooping 480Preparing the Campus Infrastructure to Support Wireless 484 Wireless LAN Parameters 484 Configuring Switches to Support WLANs 484 Preparing the Campus Network for Integration of a Standalone WLAN Solution 484 Preparing the Campus Network for Integration of a Controller-Based WLAN Solution 485Preparing the Campus Infrastructure to Support Voice 487 IP Telephony Components 487 Configuring Switches to Support VoIP 488 Voice VLANs 488 QoS for Voice Traffic from IP Phones 490 Power over Ethernet 491 Additional Network Requirements for VoIP 493Preparing the Campus Infrastructure to Support Video 494 Video Components 494 Configuring Switches to Support Video 495Summary 496Review Questions 497Appendix A 503 9781587058844 TOC 5/20/2010
Les mer

Produktdetaljer

ISBN
9781587058844
Publisert
2010-07-01
Utgiver
Vendor
Cisco Press
Vekt
1122 gr
Høyde
232 mm
Bredde
196 mm
Dybde
34 mm
Aldersnivå
06, P
Språk
Product language
Engelsk
Format
Product format
Innbundet
Antall sider
560

Forfatter
Froom, Richard
Sivasubramanian, Balaji
Frahim, Erum

Biographical note

Richard E. Froom, CCIE No. 5102, attended Clemson University where he majored in computer engineering. While attending Clemson, Richard held positions at different times for the university network team, IBM, and Scientific Research Corporation. After graduation, Richard joined Cisco. Richard's first role within Cisco was as a TAC engineer supporting Cisco Catalyst switches. After several years in the TAC, Richard moved into a testing role supporting Cisco MDS and SAN technologies. In 2009, Richard moved into the Enhanced Customer Aligned Testing Services (ECATS) organization within Cisco as a test manager of a team focused on testing customer deployments of UCS and Nexus.

Balaji Sivasubramanianis a product line manager in the Cloud Services and Switching Technology Group focusing on upcoming products in the cloud services and Data Center virtualization area. Before this role, Balaji was a senior product manager for the Catalyst 6500 switches product line, where he successfully launched the Virtual Switching System (VSS) technology worldwide. He started his Cisco career in Cisco Technical Assistant Center working in the LAN switching products and technologies. Balaji has been a speaker at various industry events such as Cisco Live and VMworld. Balaji has a Master of Science degree in computer engineering from the University of Arizona and a Bachelor of Engineering degree in electrical and electronics from the College of Engineering, Guindy, Anna University (India).

Erum Frahim, CCIE No. 7549, is a technical leader working for Enhanced Customer Aligned Testing Services (ECATS) at Cisco. In her current role, Erum is leading efforts to test Datacenter solutions for several Cisco high-profile customers. Prior to this, Erum managed the Nexus platform escalation group and served as a team lead for Datacenter SAN Test lab under the Cisco Datacenter Business Unit. Erum joined Cisco in 2000 as a technical support engineer. Erum has a Master of Science degree in electrical engineering from Illinois Institute of Technology and also holds a Bachelor of Engineering degree from NED University, Karachi Pakistan. Erum also authors articles in CertificationMagazine and Cisco.com.

Relaterte produkter