Cisco
Hierarchical Design Model
3Model:
Access
Distribution
Core
Access: Provides end user
access to the network LAN. Local devices such as phone, computer and local
network.
Distribution:Combination of L2 and L3
switching. Redundant distribution layer switches provides dual path to the
access switches and core switches.Providing Routing policy /route selection/
filtering /summarization /security policy.
Core:Backbone provide high speed
l3 path between distribution layer and other network segment. Gigabyte /fast
Ethernet connectivity. Data / voice / Convergence LAN, WAN, MAN. Reliability
and Scalability. Fast switching for traffic into and out of data center.
Depends upon traffic flow.
Note:
Access Model:
User access port typically fast Ethernet or fast. Access switches
must have the necessary port density and can be either L2 or L3 Switch.
Distribution Model:
Port from user Access to
Distribution layer should be gigabit Ethernet or better.
Distribution switch should
be multilayer or L3 switch.
Core Model:
Link from Distribution to
Core Gigabit Ethernet channel or 10 Gigabit Ethernet.
VLAN-
Virtual LAN
Breaking large network into
smaller pieces.
Benefit:
Minimize the amount of broadcast traffic on logical segment. Logical LAN. Logical Subnet. It defines Broadcast Domain.
Logical subnet is a group of switch port assigned to the same VLAN.VLAN Members
can assign either statically by port or dynamically by Mac Address or username.
Two type of VLAN
End to End –Vlan Members reside on different switches throughout the
network.
Troubleshoot more complex because so may switches can carry
traffic for specific VLAN and Broadcast can travels many switches.
Local VLAN Based on their
location. More scalable and easy troubleshoot. Traffic flow more deterministic.
It enables more redundancy and minimize failure domain.
It requires routing
function to share resource between VLAN.
Vlan
planning
Vlan numbering, name and ip
address Vlan placement local or multiple switches
Are any trunk necessary and
where? VTP parameters. Test and verification
VLAN
Trunk
Trunk is a link that
carries traffic for more then one VLAN.
Trunks multiplex traffic
from multiple VLAN.
Typically connected switches and enable ports on multiple switches
to be assigned to the same VLAN.
Trunk link need a cross
cable
Allow same vlan to access from different switch
Switch from reach trunk,
trunk will add tag and pass to other switch
Trunk protocol ISL and
IEEE 802.1Q (dot 1 q)
ISL
Cisco proprietary
Frame reach the trunk frame
will be encapsulation
Tail and header will add
here
Don’t recognize the native
VLAN.
Native Vlan also adding
tail and header
IEEE 802.1Q (dot 1 q)
Industry standards
Header only added
Recognize the Native VLAN
not adding any tag.
Native Vlan default VLAN and VLAN1 all are same
When a frame comes into a switch port, the frame is tagged
internally within the switch with the vlan number of port. When it reaches the
outgoing port the internal tag is removed. If the exit port is a trunk port its
vlan is identified in either the ISL or 802.1q tag. The Switch on the other end
of the trunk removes the ISL or 802.1q information check the Vlan of the frame
and adds the internal tag. If the exit port is a user port, the original frame
is send out unchanged, making the use of Vlan transparent to the user.
VTP: VLAN
Trunk Protocol
VTP Cisco Property protocol runs over
trunk links and synchronizes the VLAN databases of all
switches in the VTP Domain.
VTP Domain is an administrative group. All the switches with the
group must have the same VTP domain name configured or they do not synchronize
databases.
VTP works
Using the configuration
Revision numbers and VTP advertisements
All switches send out VTP advertisements every five
minutesor when there is a change to the vlan database (When
a VLAN is created deleted or renamed)
VTP advertisements contain a configuration Revision Number.
This number is increased by one for every Vlan chage.
When switch receives a VTP advertisement, it compares the
configuration Revision number against the one in its VLAN database
If the new number is higher, the switch overwrites its
database with the new VLAN information and forwards the information to its
neighbor switches.
If same number switch ignores the advertisement.New number
is lower the switch replies with the more up to date information contained in
its own database.
VTP
Switch Role
VTP Server: default VTP role.
Server can create delete and rename. VTP advertisements and synchronize their
databases with other switches in the domain
Client: Clients cannot make
VLAN changes. VTP Advertisements and Sychronize their database with other
switches in the domain.
Transparent: it can create delete
and rename VLANs. But its Vlan’s are only local.
Adding
New Switch to a VTP domain
Disconnect from network Change to VTP transparent and delete the
VLAN.dat file from its flash memory. Set to fake vtp domain name and into
client mode. Reboot. Configure corrects vtp setting such as domain password
mode and version. Connect the switch to the network & verify that its
receives the correct information.
Issue
VLAN
Physical connectivity
Correct VLAN Configuration
Allowed VLAN.
Trunk Problem:
Both side link trunk modes, check both side configure with same
encapsulation,
Vtp:
Domain name matches of both switches (Case Sensitive)
Check revision number. Password, switches in transparent mode.
HSRP
Hot Standby router protocol (HSRP) is a Cisco property.
Two or more device support a virtual router with a made up Mac
Address and unique ip address
Host use this ip address as their default gateway and the Mac
address for the layer 2 header.
Virtual Mac address is 0000.0c07.ACxx. In which XX is HSRRP group.
Multi group (Virtual router) are allowed.
Active routers forwards traffic.
Standby is backup.
Standby routers send hellos (Multicast 224.0.0.2 Udp port 1985 to
detect a failure of the active router. On failure the sandby device starts
answering messages send to the ip and Mac addresses of virtual router.
Active router is chosen because it has the highest HSRP priority
(Default Priority 100). In case of a tie. The router with the highest
configured ip address wins the election.
If you decide particular switch to become active you must change
the priority to high.. highest priority router become active
HSRP States:
Initial :HSRP is not running
Learn: the router does not know
the virtual ip address and is waiting to hear from the active router.
Listen: the router knows the ip
and Mac of the virtual router but it is not the active or standby router.
Speak: Router Sends periodic:
Hellos and participates in the election of the active router.
Standby: router monitors hellos
from active router and assumes respobsibility if active router fails.
Active: router forwards
packets on behalf of the virtual router.
Along with configuring Priority, configure preempt to enable a
router to take over if the active router has lower priority.
Hello and hold times caller timer
Hello time can change from sec to msec. Default 3 seconds
Hold time also can change form sec to msec default 10 seconds.
Router in the same HSRP group must belong to the same subnet
/VLAN.
Standby group-no Ip virtual-IP-address
HSRP 1 IP 10.0.0.1
Authentication helps prevent unauthorized routers from seeing user
traffic. MD5
Trouble shooting commands
Show standby interface interface
Show standby brief
To monitor
Debug standby
SPANNING TREE PROTOCOL
1. What is the port cost of STP?
Link Speed Cost
10 Mbps 100
100 Mbps 19
1 Gbps 4
10 Gbps 2
What is root Port?
Switch port is closer to root
bridge. (In terms low Cost). Which port is reaching to the root
bridge of the network segment is called root port. Every non root bridge has a
single root port.
What Designated Port?
Every network have single designated port.
Closest to the root bridge. All the ports on the root bridge is designated
port.
What is Non-designated port?
Non designated ports are block traffic for loop free.(redundant
link).
No comments:
Post a Comment