News & Tools
- Why You Should Start Using a VPN (and How to Choose the Best One for Your Needs)
- NordVPN is running a special: Save 75%, get the 3-year plan at $2.99 per month.
- Adventures in Networking: Part history, part tutorial, all interesting by Paul Lutus
- Zero-configuration networking (zeroconf) is a set of technologies that automatically creates a usable computer network based on the Internet Protocol Suite (TCP/IP) when computers or network peripherals are interconnected. It does not require manual operator intervention or special configuration servers.
Exam 2 Debriefing
- Make sure to bring in your hard-copy of the Quiz, with your answers to review in class.
- Make sure to bring your completed Lab-05 simulation file to class.
Chapter 10: Layer 2 Switching
The three functions of a switch.
- Address learning
- forward/filter decisions
- loop avoidance.
Configuring an IP address on a switch
- The Management VLAN Interface, is a routed interface on every Cisco switch and is called interface VLAN 1.
Port Security on a Switch
(Chapter 10, pg. 417)
- Protect: When the number of secure MAC addresses reaches the maximum limit allowed on the port, packets with unknown source addresses are dropped until you remove a sufficient number of secure MAC addresses to drop below the maximum value or increase the number of maximum allowable addresses.
You are not notified that a security violation has occurred.
- Restrict: When the number of secure MAC addresses reaches the maximum limit allowed on the port, packets with unknown source addresses are dropped until you remove a sufficient number of secure MAC addresses to drop below the maximum value or increase the number of maximum allowable addresses.
In this mode, you are notified that a security violation has occurred. An SNMP trap is sent, a syslog message is logged, and the violation counter increments.
- Shutdown: A port security violation causes the interface to become error-disabled and to shut down immediately, and the port LED turns off. When a secure port is in the error-disabled state, you can bring it out of this state by entering the errdisable recovery cause psecure-violation global configuration command, or you can manually re-enable it by entering the shutdown and no shut down interface configuration commands. This is the default mode.
Restrict and shutdown violation modes alert you via SNMP that a violation has occurred on a port.
- Note: There’s an error in Appendix B, pg. 1005: Answer to Chapter 10 Review Question 11: The correct answer should be A, C and the explanation should read: “Shutdown and restrict mode will alert you…”
Summary of the different port states
|State||Forward Frames||Learn MAC Addresses||Duration|
Spanning Tree Protocol (STP)
Chapter 15 (Enhanced Switching Technologies, R&S 2nd Ed.), pages 602 – 618
- The function of Spanning Tree Protocol (STP) is to prevent Layer 2 switching loops and broadcast storms in a Local Area Network (LAN).
- The Spanning Tree Protocol (STP) allows redundant links in a network to prevent complete network failure if an active link fails, without the danger of Layer 2 Switching loops.
Bridge Protocol Data Unit (BPDU)
- Bridge Protocol Data Units (BPDUs) are messages exchanged between the switches inside an interconnected redundant Local Area Network (LAN).
- Bridge Protocol Data Units (BPDUs) frames contain information regarding the Switch ID, originating switch port, MAC address, switch port priority, switch port cost etc.
- Bridge Protocol Data Units (BPDUs) frames are sent out as multicast messages regularly at multicast destination MAC address 01:80:c2:00:00:00. When Bridge Protocol Data Units (BPDUs) are received, the Switch uses a mathematical formula called the Spanning Tree Algorithm (STA) to know when there is a Layer 2 Switch loop in network and determines which of the redundant ports needs to be shut down.
- The basic purpose of the Bridge Protocol Data Units (BPDUs) and the Spanning Tree Algorithm (STA) is to avoid Layer 2 Switching loops and Broadcast storms.
Spanning Tree Protocol (STP): Port States
The ports on a switch with enabled Spanning Tree Protocol (STP) are in one of the following four port states.
- A port in the blocking state does not participate in frame forwarding and also discards frames received from the attached network segment.
- During blocking state, the port is only listening to and processing BPDUs on its interfaces.
- During the listening state the port discards frames received from the attached network segment and it also discards frames switched from another port for forwarding.
- At this state, the port receives BPDUs from the network segment and directs them to the switch system module for processing.
- During the learning state, the port is listening for and processing BPDUs.
- In the listening state, the port begins to process user frames and starts to update the MAC address table.
- But the user frames are not forwarded to the destination.
- A port in the forwarding state forwards frames across the attached network segment.
- In a forwarding state, the port will process BPDUs, update its MAC Address table with frames that it receives, and forward user traffic through the port.
- Forwarding State is the normal state.
Note: “Disabled” is not one of the four STP states. Disabled (technically, is not a transition state). A port in the administratively disabled state doesn’t participate in frame forwarding or STP. A port in the disabled state is virtually nonoperational.
Read / Do / Watch
CCNA Routing and Switching Study Guide 2nd Edition
- Read Chapter 11: VLANs and InterVLAN Routing
- Do the: Written Lab
- Do the: Review Questions
- Do the: Hands-on Labs
- Switchport Security Concepts and Configuration
- Quizlet.com – CCNA 3 chap 6 by kodiak117 (VLANs)
- What is a VLAN? How to Setup a VLAN on a Cisco Switch
- VLANs and Trunks for Beginners – Part 1 (video)
- How to Configure VLANs on a Cisco Switch
- How to define the VLANs allowed on a trunk link
- e.g. c3550(config-if)# switchport trunk allowed vlan remove 5-10,12
- InterVLAN Routing
- Cisco’s Overview of Routing between VLANs
- CCNA – VLAN Questions
- Cisco IOS and Router Command Referenc: VLAN Commands
- The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win