640-604 640-604 Switching 3.0 Study Guide Switching 3.0 (Building Cisco Multilayer Switched Networks) Version 1.1 www.testking.com -1- 640-604 Switching 3.0 TABLE OF CONTENTS List of Tables List of Acronyms Introduction The Campus Network 1.1 The Traditional Campus Network 1.1.1 Collisions 1.1.2 Bandwidth 1.1.3 Broadcasts and Multicasts 1.2 The New Campus Network 1.3 The 80/20 Rule and the New 20/80 Rule 1.4 Switching Technologies 1.4.1 Open Systems Interconnection Model 1.4.1.1 Data Encapsulation 1.4.1.2 Layer Switching 1.4.1.3 Layer Switching 1.4.1.4 Layer Switching 1.4.1.5 Multi-Layer Switching (MLS) 1.4.2 The Cisco Hierarchical Model 1.4.2.1 Core Layer 1.4.2.2 Distribution Layer 1.4.2.3 Access Layer 1.5 Modular Network Design 1.5.1 The Switch Block 1.5.2 The Core Block 1.5.2.1 Collapsed Core 1.5.2.2 Dual Core 1.5.2.3 Core Size 1.5.2.4 Core Scalability 1.5.2.5 Layer Core Basic Switch and Port Configuration 2.1 Network Technologies 2.1.1 Ethernet 2.1.1.1 Ethernet Switches 2.1.1.2 Ethernet Media www.testking.com -2- 640-604 Switching 3.0 2.1.2 Fast Ethernet 2.1.3 Gigabit Ethernet 2.1.4 10Gigabit Ethernet 2.1.5 Token Ring 2.2 Connecting Switches 2.2.1 Console Port Cables and Connectors 2.2.2 Ethernet Port Cables and Connectors 2.2.3 Gigabit Ethernet Port Cables and Connectors 2.2.4 Token Ring Port Cables and Connectors 2.3 Switch Management 2.3.1 Switch Naming 2.3.2 Password Protection 2.3.3 Remote Access 2.3.4 Inter-Switch Communication 2.3.5 Switch Clustering and Stacking 2.4 Switch Port Configuration 2.4.1 Port Description 2.4.2 Port Speed 2.4.3 Ethernet Port Mode 2.4.4 Token Ring Port Mode Virtual LANs (VLANs) and Trunking 3.1 VLAN Membership 3.2 Extent of VLANs 3.3 VLAN Trunks 3.3.1 VLAN Frame Identification 3.3.2 Dynamic Trunking Protocol 3.3.3 VLAN Trunk Configuration 3.4 VLAN Trunking Protocol (VTP) 3.4.1 VTP Modes 3.4.1.1 Server Mode 3.4.1.2 Client Mode 3.4.1.3 Transparent Mode 3.4.2 VTP Advertisements 3.4.2.1 Summary Advertisements 3.4.2.2 Subset Advertisements 3.4.2.3 Client Request Advertisements 3.4.3 VTP Configuration 3.4.3.1 Configuring a VTP Management Domain 3.4.3.2 Configuring the VTP Mode 3.4.3.3 Configuring the VTP Version www.testking.com -3- 640-604 Switching 3.0 3.4.4 VTP Pruning 3.5 Token Ring VLANs 3.5.1 TrBRF 3.5.2 TrCRF 3.5.3 VTP and Token Ring VLANs 3.5.4 Duplicate Ring Protocol (DRiP) Redundant Switch Links 4.1 Switch Port Aggregation with EtherChannel 4.1.1 Bundling Ports with EtherChannel 4.1.2 Distributing Traffic in EtherChannel 4.1.3 Port Aggregation Protocol (PAgP) 4.1.4 EtherChannel Configuration 4.2 Spanning-Tree Protocol (STP 4.3 Spanning-Tree Communication 4.3.1 Root Bridge Election 4.3.2 Root Ports Election 4.3.3 Designated Ports Election 4.4 STP States 4.5 STP Timers 4.6 Convergence 4.6.1 PortFast: Access Layer Nodes 4.6.2 UplinkFast: Access Layer Uplinks 4.6.3 BackboneFast: Redundant Backbone Paths 4.7 Spanning-Tree Design 4.8 STP Types 4.8.1 Common Spanning Tree (CST) 4.8.2 Per-VLAN Spanning Tree (PVST) 4.8.3 Per-VLAN Spanning Tree Plus (PVST+) Trunking with ATM LAN Emulation (LANE) 5.1 ATM 5.1.1 The ATM Model 5.1.2 Virtual Circuits 5.1.3 ATM Addressing 5.1.3.1 VPI/VCI Addresses 5.1.3.2 NSAP Addresses 5.1.4 ATM Protocols www.testking.com -4- 640-604 Switching 3.0 5.2 LAN Emulation (LANE) 5.2.1 LANE Components 5.2.2 LANE Operation 5.2.3 Address Resolution 5.2.4 LANE Component Placement 5.2.5 LANE Component Redundancy (SSRP) 5.3 LANE Configuration 5.3.1 Configuring the LES and BUS 5.3.2 Configuring the LECS 5.3.3 Configuring Each LEC 5.3.4 Viewing the LANE Configuration InterVLAN Routing 6.1 InterVLAN Routing Design 6.1.1 Routing with Multiple Physical Links 6.1.2 Routing over Trunk Links 6.1.2.1 802.1Q and ISL Trunks 6.1.2.2 ATM LANE 6.2 Routing with an Integrated Router 6.3 InterVLAN Routing Configuration 6.3.1 Accessing the Route Processor 6.3.2 Establishing VLAN Connectivity 6.3.2.1 Establishing VLAN Connectivity with Physical Interfaces 6.3.2.2 Establishing VLAN Connectivity with Trunk Links 6.3.2.3 Establishing VLAN Connectivity with LANE 6.3.2.4 Establishing VLAN Connectivity with Integrated Routing Processors 6.3.3 Configure Routing Processes 6.3.4 Additional InterVLAN Routing Configurations Multilayer Switching (MLS) 7.1 Multilayer Switching Components 7.2 MLS-RP Advertisements 7.3 Configuring Multilayer Switching 7.4 Flow Masks 7.5 Configuring the MLS-SE 7.5.1 MLS Caching www.testking.com -5- 640-604 Switching 3.0 7.5.2 Verifying MLS Configurations 7.5.3 External Router Support 7.5.4 Switch Inclusion Lists 7.5.5 Displaying MLS Cache Entries Cisco Express Forwarding (CEF) 8.1 CEF Components 8.1.1 Forwarding Information Base (FIB) 8.1.2 Adjacency Tables 8.2 CEF Operation Modes 8.3 Configuring Cisco Express Forwarding 8.3.1 Configuring Load Balancing for CEF 8.3.1.1 Per-Destination Load Balancing 8.3.1.2 Per-Packet Load Balancing 8.3.2 Configuring Network Accounting for CEF The Hot Standby Router Protocol (HSRP) 9.1 Traditional Redundancy Methods 9.1.1 Default Gateways 9.1.2 Proxy ARP 9.1.3 Routing Information Protocol (RIP) 9.1.4 ICMP Router Discovery Protocol (IRDP) 9.2 Hot Standby Router Protocol 9.2.1 HSRP Group Members 9.2.2 Addressing HSRP Groups Across ISL Links 9.3 HSRP Operations 9.3.1 The Active Router 9.3.2 Locating the Virtual Router MAC Address 9.3.3 Standby Router Behavior 9.3.4 HSRP Messages 9.3.5 HSRP States 9.4 Configuring HSRP 9.4.1 Configuring an HSRP Standby Interface 9.4.2 Configuring HSRP Standby Priority 9.4.3 Configuring HSRP Standby Preempt 9.4.4 Configuring the Hello Message Timers 9.4.5 HSRP Interface Tracking 9.4.6 Configuring HSRP Tracking 9.4.7 HSRP Status 9.5 Troubleshooting HSRP www.testking.com -6- 640-604 Switching 3.0 10 Multicasts 10.1 Unicast Traffic 10.2 Broadcast Traffic 10.3 Multicast Traffic 10.4 Multicast Addressing 10.4.1 Multicast Address Structure 10.4.2 Mapping IP Multicast Addresses to Ethernet 10.4.3 Managing Multicast Traffic 10.4.4 Subscribing and Maintaining Groups 10.4.4.1 IGMP Version 10.4.4.2 IGMP Version 10.4.5 Switching Multicast Traffic 10.5 Routing Multicast Traffic 10.5.1 Distribution Trees 10.5.2 Multicast Routing Protocols 10.5.2.1 Dense Mode Routing Protocols 10.5.2.2 Sparse Mode Routing Protocols 10.6 Configuring IP Multicast 10.6.1 Enabling IP Multicast Routing 10.6.2 Enabling PIM on an Interface 10.6.2.1 Enabling PIM in Dense Mode 10.6.2.2 Enabling PIM in Sparse Mode 10.6.2.3 Enabling PIM in Sparse-Dense Mode 10.6.2.4 Selecting a Designated Router 10.6.3 Configuring a Rendezvous Point 10.6.4 Configuring Time-To-Live 10.6.5 Debugging Multicast 10.6.6 Configuring Internet Group Management Protocol (IGMP) 10.6.7 Configuring Cisco Group Management Protocol (CGMP) 11 Controlling Access in the Campus Environment 11.1 Access Policies 11.2 Managing Network Devices 11.2.1 Physical Access 11.2.2 Passwords 11.2.3 Privilege Levels 11.2.4 Virtual Terminal Access 11.3 Access Layer Policy www.testking.com -7- 640-604 Switching 3.0 11.4 Distribution Layer Policy 11.4.1 Filtering Traffic at the Distribution Layer 11.4.2 Controlling Routing Update Traffic 11.4.3 Configuring Route Filtering 11.5 Core Layer Policy 12 Monitoring and Troubleshooting 12.1 Monitoring Cisco Switches 12.1.1 Out-of-Band Management 12.1.1.1 Console Port Connection 12.1.1.2 Serial Line Internet Protocol (SLIP) 12.1.2 In-Band Management 12.1.2.1 SNMP 12.1.2.2 Telnet Client Access 12.1.2.3 Cisco Discovery Protocol (CDP) 12.1.3 Embedded Remote Monitoring 12.1.4 Switched Port Analyzer 12.1.5 CiscoWorks 2000 12.2 General Troubleshooting Model 12.2.1 Troubleshooting with show Commands 12.2.2 Physical Layer Troubleshooting 12.2.3 Troubleshooting Ethernet 12.2.3.1 Network Testing 12.2.3.2 The Traceroute Command 12.2.3.3 Network Media Test Equipment www.testking.com -8- 640-604 Switching 3.0 LIST OF TABLES TABLE 1.1: TABLE 2.1: TABLE 2.2: TABLE 2.3: TABLE 2.4: TABLE 5.1: TABLE 7.1: TABLE 8.1: TABLE 10.1: TABLE 11.1: TABLE 12.1: TABLE 12.2: TABLE 12.3: TABLE 12.4: TABLE 12.5: OSI Encapsulation Coaxial Cable for Ethernet Twisted-Pair and Fiber Optic Cable for Ethernet Fast Ethernet Cabling and Distance Limitations Gigabit Ethernet Cabling and Distance Limitations Automatic NSAP Address Generation for LANE Components Displaying Specific MLS Cache Entries Adjacency Types for Exception Processing Well-Known Class D Addresses Access Policy Guidelines Keywords and Arguments for the set snmp trap Command CiscoWorks 2000 LAN Management Features Ethernet Media Problems Parameters for the ping Command Parameters for the traceroute Command www.testking.com -9- 640-604 Switching 3.0 LIST OF ACRONYMS AAA Authentication, Authorization, and Accounting ABR Area Border Router ACF Advanced Communications Function ACK Acknowledgment bit (in a TCP segment) ACL Access Control List ACS Access Control Server AD Advertised Distance ADSL Asymmetric Digital Subscriber Line ANSI American National Standards Institute API Application Programming Interface APPC Advanced Program-to-Program Communications ARAP AppleTalk Remote Access Protocol ARE All Routes Explorer ARP Address Resolution Protocol ARPA Advanced Research Projects Agency ARPANET Advanced Research Projects Agency Network AS Autonomous System ASA Adaptive Security Algorithm ASBR Autonomous System Boundary Router ASCII American Standard Code for Information Interchange ASIC Application Specific Integrated Circuits ATM Asynchronous Transfer Mode AUI Attachment Unit Interface Bc Committed burst (Frame Relay) B channel Bearer channel ( ISDN) BDR Backup Designated Router Be Excess burst (Frame Relay) BECN Backward Explicit Congestion Notification (Frame Relay) BGP Border Gateway Protocol BGP-4 BGP version BIA Burned-in Address (another name for a MAC address) www.testking.com - 10 - 640-604 Switching 3.0 The line vty_number vty_range command takes you into the selected configuration mode of the vtys The most common use of this command is line vty This command indicates that you are modifying the vty (the first vty) to vty The access-class command applies the access list to the interface The access list is a standard access list that indicates the source addresses that are either permitted or denied The in | out condition must be specified at the access-class statement indicates whether the source address should be allowed to establish a Telnet session with this device or allowed to Telnet out of this device Use caution with the access-class command Starting in release 11.0 (6) and later, Cisco allows web browser access to configure your Cisco network device This access is provided via HTTP and, while easier, it does create some potential security issues If you turn on HTTP server, no security is default for this command To enable HTTP access, enter the following command: Switch(config)#ip http server Password security for web access can be applied similar to console and virtual terminal access The following command can be used to specify what kind of authentication should be used: Switch(config)#ip http authentication [ aaa | enable | local | tacacs ] The four types of authentication that can be set in this command are: • aaa, which indicates that authentication, authorization, and accounting (AAA) should be used for authentication; • enable, which indicates that the enable password should be used This is the default method; • local, which indicates that the local user database is used for authentication information; and • tacacs, which indicates that a TACACS server should be used for authentication 11.3 Access Layer Policy The access layer is the entry point for users to access the network Cable connections are generally pulled from an access layer switch to offices and cubicles in a company For this reason, the network devices of the access layer are physically the most vulnerable At the access layer you should use port security to limit the Media Access Control (MAC) addresses allowed to use the switch so as to prevent unauthorized users from gaining access to the network at all Also, the default VLAN of all ports is VLAN1, which is also the default management VLAN Users entering the network on ports that were not configured would be in this VLAN Cisco recommends that the management VLAN be moved to another VLAN to prevent users from entering the network on VLAN1 on an unconfigured port 11.4 Distribution Layer Policy Most of the access control policy would be implemented at the distribution layer This layer is also responsible for ensuring that data stays in the switch block unless that data is specifically permitted outside of the switch block, and sending the correct routing and service information to the core Policy at the www.testking.com - 107 - 640-604 Switching 3.0 distribution layer ensures that the core block or the WAN blocks are not burdened with traffic that has not been explicitly permitted A distribution layer policy also protects the core and the other switch blocks from receiving incorrect information, such as incorrect routes, that may harm the rest of the network Access control at the distribution layer falls into three different categories: defining which user traffic passes between VLANs and ultimately to the core; defining which routes are seen by the core block and the switch block; and defining which services the switch block will advertise out to the rest of the network 11.4.1 Filtering Traffic at the Distribution Layer Many of the access control methods used at the distribution layer rely on the creation of an access control list Two types of IP access lists are available: standard and extended Both types of access list are a series of permission based on a set of test criteria However, the standard access list allows for a test criteria of only the source address while the extended access list allows for greater degree of control by checking the source and destination addresses as well as the protocol type and the port number or application type of the packet A standard access list is easier for the router to process; an extended access list, however, provides a greater degree of control Access lists are created for a variety of applications and can be used for controlling access in the campus network by applying them in different capacities These include: applying the access list to the interface for traffic management purposes through the use of the protocol access-group command; applying the access list to a line for security purposes through the use of the access-class command; managing routing update information through the use of the distribution-list command; and managing services update information through the use of commands such as ipx outputsap-filter in order to determine which services are advertised 11.4.2 Controlling Routing Update Traffic Controlling the routing table of the core block has the advantage of reducing the size of the routing table at the core block, allowing it to process packets faster; preventing users from getting to networks that have not been advertised, unless they have a static or default route to get there; and preventing incorrect information from propagating through the core block There are two methods available for controlling the routing information that is sent to the core block: • Route summarization Depending on which routing protocol is used, a summarized entry of all the available routes of the switch block can be sent from the distribution layer to the core • Distribution lists A distribution list can be used to indicate what routes the distribution layer can advertise to the core, or conversely, what the core can accept from the switch block 11.4.3 Configuring Route Filtering The basic method for configuring route filtering is by using the distribute-list command This method is used in large routed networks but can also be used by Route Switch modules (RSMs) in a large switched network The syntax for configuring route filtering for inbound routing updates is: R1(config-router)# distribute-list access_list_number | name in [ type number ] www.testking.com - 108 - 640-604 Switching 3.0 Similarly, the syntax for configuring route filtering for outbound routing updates is R1(config-router)# distribute-list access_list_number | name out [ interface-name ] Routing_process | autonomous_system_number The arguments for this command are: • access_list_number, which specifies the number of the previously created standard access list • in | out, which defines the filtering on either incoming routing updates or outgoing routing updates • interface_name, which specifies the name of the interface 11.5 Core Layer Policy The core block is responsible for moving data quickly All the devices that are designed to be core block solutions are optimized to move data as quickly as possible For this reason, the core block should have as little policy as possible The only policies that should be applied at the core block are those that relate to quality of service (QoS) commands for congestion management and congestion avoidance QoS implementations vary, depending on hardware used and versions of IOS Please see your IOS-specific documentation for details www.testking.com - 109 - 640-604 Switching 3.0 12 Monitoring and Troubleshooting 12.1 Monitoring Cisco Switches You can monitor and manage your Catalyst switches in a number of different ways One way is primarily through a console port using either the command-line interface (CLI) or other methods for performing network management functions, such as Cisco Discovery Protocol (CDP), Embedded Remote Monitoring (RMON), or Switched Port Analyzer (SPAN) The console port is an EIA/TIA-232 DCE interface to which you can connect a console terminal or modem The type of connector, however, used depends on the hardware On a Catalyst 5000 with Supervisor I or II, a rollover cable is used with the above hardware On a Supervisor III or a Catalyst 6000, a straight through cable is used in conjunction with a modular plug Other kinds of switches may be different Through the console port, you can directly access the CLI or configure a Serial Line Internet Protocol (SLIP) interface to access such network management functions as Telnet, ping, and SNMP An IP address can be assigned to the Cisco switch for management purposes Once the address is in place, you can direct Telnet to access the IP address of the switch to reach the CLI You can also use the IP address of the switch to access an SNMP agent, such as CiscoWorks 2000 12.1.1 Out-of-Band Management Out-of-band management access for Cisco switches is performed via a console port connection or the Serial Line Internet Protocol (SLIP) 12.1.1.1 Console Port Connection The console port is the local console terminal connection to the switch Depending on the type of switch used, connect an EIA/TIA-232 terminal, a modem, or a network management workstation to the switch, via a straight-through cable to use the console port The console port enables you to: configure the switch using a command-line interface; monitor network statistics and errors; configure SNMP agent parameters; and to download software updates to the switch or distribute software images residing in Flash memory to attached devices 12.1.1.2 Serial Line Internet Protocol (SLIP) You can access the Cisco switch command line using SLIP, which is a version of Internet Protocol (IP) that runs over serial links and allows IP communications through the console port Catalyst series switches support out-of-band management through the use of a modem attached to the console port This out-of-band connection works in conjunction with SLIP The out-of-band connection can be used to: establish a Telnet session that provides access to the Cisco switch CLI; use the Telnet Server feature; and establish an SNMP management session that provides the capability to use an SNMP based management platform such as the CiscoWorks 2000 solution To establish an out-of-band connection on a Cisco switch, connect a 100 percent Hayes compatible modem by means of a straight-through cable with a 25 pin D type connector The modem should be configured for auto answer mode Use the SLIP (sl0) interface for point-to-point SLIP connections between the switch and an IP host www.testking.com - 110 - 640-604 Switching 3.0 12.1.2 In-Band Management In-band management access for Cisco switches is performed using the Simple Network Management Protocol (SNMP); Telnet; or the Cisco Discovery Protocol (CDP) 12.1.2.1 SNMP Simple Network Management Protocol (SNMP) is an application layer protocol designed to facilitate the exchange of management information between network devices The SNMP system consists of a SNMP manager, a SNMP agent, and a Management Information Base (MIB) Instead of defining a large set of commands, SNMP places all operations in a get-request, getnextrequest, and set-request format A SNMP manager can get a value from an SNMP agent or store a value into that SNMP agent The SNMP manager can be part of a network management system (NMS), and the SNMP agent can reside on a networking device such as a switch The SNMP agent can respond to MIBrelated queries being sent by the NMS A SNMP agents can access a MIB variable using the get-request or get-next-request format; set a MIB variable; and can SNMP trap The latter is used to notify a network management station that an extraordinary event has occurred at an agent When a trap condition occurs, the SNMP agent sends an SNMP agent trap message to each of the network management stations as specified in the trap receiver table To configure SNMP on a switch, configure the SNMP community strings via the set snmp community { read-only | read-write | read-write-all } [ community_name ] command Then assign a trap receiver address and community via the set snmp trap rcvr_address rcvr_community command If desired, configure the switch so that it issues an authentication trap via the set snmp trap enable command The keywords for the set snmp community command are: • read-only, which assigns read-only access to the specified SNMP community • read-write, which assigns read-write access to the specified SNMP community • read-write-all, which assigns read-write access to the specified SNMP community • community_name, which is an optional parameter that specifies the name of the SNMP community The default SNMP community strings are as follows: An IP permit trap is sent when unauthorized access based on the IP permit list is attempted The set snmp trap command is a privileged mode switch command used to enable or disable the different SNMP traps on the system or to add an entry into the SNMP authentication trap receiver table The default configuration has SNMP traps disabled Use the show snmp command to verify the appropriate traps were configured The syntax for the set snmp trap command is: set snmp trap { enable | disable } [ all | module | chassis | bridge | repeater | auth | vtp | ippermit | vmps | config | entity | stpx ] set snmp trap rcvr_address rcvr_community Table 12.1 list the keywords and arguments for the set snmp trap command TABLE 12.1: Keywords and Arguments for the set snmp trap Command www.testking.com - 111 - 640-604 Switching 3.0 Keyword or Argument Definition enable Keyword to activate SNMP traps disable Keyword to deactivate SNMP traps all Optional keyword to specify all trap types module Optional keyword to specify the moduleUp moduleDown traps from the CISCO-STACK-MIB chassis Optional keyword to specify the ciscoSyslogMIB bridge Optional keyword to topologyChange traps repeater Optional keyword to specify the rptrGroupChange, and rptrResetEvent traps auth Optional keyword to specify the authenticationFailure trap vtp Optional keyword to specify the VTP ippermit Optional keyword to specify the IP Permit Denied access vmps Optional keyword to specify the vmVmpsChange trap config Optional keyword to specify the sysConfigChange entity Optional keyword to specify the entityMIB trap stpx Optional keyword to specify the STPX trap rcvr_address IP address or IP alias of the system to receive SNMP traps rcvr_community Community name to use when sending authentication traps specify the newRoot and and rptrHealth, 12.1.2.2 Telnet Client Access Remote, in-band SNMP management is possible through any LAN or ATM interface assigned to the same VLAN as the Supervisor module's NMP IP address In-band connections can be used to establish Telnet sessions to the Cisco switch CLI or SNMP management sessions on an SNMP-based management platform Cisco switches provide outgoing Telnet functionality from the CLI; this allows a network manager to use Telnet from the CLI of the switch to other devices on the network Using Telnet, a network manager can maintain a connection to a Cisco switch while also connecting to another switch or router Cisco switches support up to eight simultaneous Telnet sessions Telnet sessions disconnect automatically after remaining idle for a configurable time period To access the switch through a Telnet session, you must first set the IP address for the switch 12.1.2.3 Cisco Discovery Protocol (CDP) Cisco Discovery Protocol (CDP) is media- and protocol-independent and runs on all Cisco manufactured equipment With CDP, network management applications can retrieve the device type and the SNMP-agent address of neighboring devices Applications are now enabled to send SNMP queries to neighboring devices CDP enables network management applications to dynamically discover Cisco devices that are neighbors of already known devices, neighbors running lower-layer transparent protocols in particular CDP runs on all www.testking.com - 112 - 640-604 Switching 3.0 media that support the Subnetwork Access Protocol (SNAP) CDP runs over the data link layer only, not the network layer Therefore, two systems that support different network layer protocols can learn about each other Cached CDP information is available to network management applications However, Cisco devices never forward a CDP packet When new information is received, old information is discarded 12.1.3 Embedded Remote Monitoring Cisco switches provide support for the Embedded Remote Monitoring (RMON) of Ethernet and Fast Ethernet ports Embedded RMON allows you to monitor network activity It enables you to access and remotely monitor the RMON specification RFC 1757 groupings of statistics, historical information, alarms, and events for any port through SNMP or the TrafficDirector Management application The RMON feature monitors network traffic at the data link layer of the OSI model without requiring a dedicated monitoring probe or network analyzer RMON enables a network manager to analyze network traffic patterns, set up proactive alarms to detect problems before they affect users, identify heavy network users as candidates to move to dedicated or higher speed ports, and perform trend analysis for long-term planning The statistics group of the RMON specification maintains utilization and error statistics for the switch that is monitored Statistics include information about collisions; cyclic redundancy checks (CRC) and alignment; undersized or oversized packets; jabber; fragments; broadcast, multicast, and unicast messages; and bandwidth utilization To configure a Cisco switch for RMON, activate SNMP remote monitoring support via the set snmp rmon enable command 12.1.4 Switched Port Analyzer Cisco switches have a Switched Port Analyzer (SPAN) feature which enables you to monitor traffic on any port for analysis by a network analyzer device or RMON probe This feature also provides RMON2 statistics on all nine RMON groups and all seven layers of the OSI model Enhanced SPAN (E-SPAN) enables you to monitor traffic from multiple ports with the same VLAN to a port for analysis The SPAN redirects traffic from an Ethernet, Fast Ethernet, or Fiber Distributed Data Interface (FDDI) port or VLAN to an Ethernet or Fast Ethernet monitor port for analysis and troubleshooting You can monitor a single port or VLAN using a dedicated analyzer such as a Network Associates Sniffer, or an RMON probe, such as a Cisco SwitchProbe 12.1.5 CiscoWorks 2000 CiscoWorks is Cisco Systems' network management software It is based on Simple Network Management Protocol (SNMP) and is used for managing networks with one integrated platform This includes topology maps, configuration services, and important system, device, and performance information CiscoWorks 2000 can be integrated with popular SNMP management platforms, such as HP OpenView, for seamless management of complex networks Additionally, CiscoWorks 2000 solutions can be used independently of these SNMP management applications and not require these services to be fully functional The various features of CiscoWorks 2000 LAN Management are discussed in Table 12.2 TABLE 12.2: CiscoWorks 2000 LAN Management Features Feature Description www.testking.com - 113 - 640-604 Switching 3.0 Campus Bundle for ATM and LANE This product is an updated version of the former ATM Director The Campus Bundle offers network discovery and display, ATM and LANE configuration, user tracking, LAN/WAN traffic, and performance management capabilities on a device and networkwide basis CiscoView A graphical management application providing dynamic status, statistics, and comprehensive configuration information for local or remote Cisco internetworking products CiscoView displays a physical view of a device backplane, with graphs and color-coding for at-a-glance status and to display performance and other statistics In addition, CiscoView has the ability to modify configurations such as trap, IP route, virtual LAN (VLAN), and bridge configurations Campus Manager Campus Manager features include: intelligent discovery and display of large Layer networks on browser-accessible topology maps; configuration of VLAN/LANE and ATM services and assignment of switch ports to those services link and device status display based upon SNMP polling; identification of Layer configuration discrepancies; diagnostic tools for connectivity related problems between end stations, and Layer and Layer devices; automatic location and correlation of information on users by media access control (MAC), IP address, NT or NetWare Directory Services (NDS) login or UNIX hostname, with their physical connections to the switched network TrafficDirector Offers graphical reporting and analysis of RMON collected traffic data both from RMON enabled Catalyst switches and from external SwitchProbes, which are also available from Cisco Resource Manager Essentials A suite of Web-based applications offering network management solutions for Cisco switches, access servers, and routers The suite consists of Inventory Manager, Change Audit, Device Configuration Manager, Software Image Manager, Availability Manager Syslog Analyzer, and Cisco Management Connection 12.2 General Troubleshooting Model You should deploy a systematic troubleshooting technique that can eliminate different possibilities and move step-by-step toward the real causes of the problem The following is a generally accepted troubleshooting model It presents a flow chart that can effectively guide you through your troubleshooting tasks www.testking.com - 114 - 640-604 Switching 3.0 • Define the problem in terms of the associated symptoms and possible causes • Gather facts from different sources Talk to network administrators, other support engineers, managers, and anyone that can provide relevant information Run some basic tests (such as ping, trace, etc) • Consider all possibilities and eliminate the improbable possibilities so as to set a boundary for the problem area Order the possibilities that you believe might be the cause of the network problem based on their likelihood • Create an action plan for each possibility in order to solve the problem Ensure the security and performance implications of each of your proposed actions are acceptable • Implement the action plan for each possibility in the order of their likelihood Every action and change must be documented so that you can reverse your actions if they are not appropriate • Observe the results of each action See if the problems or symptoms have been eliminated and that other normal network operations are not disrupted or adversely affected • Document the facts and report the problem as solved if the symptoms have disappeared and the problem has been solved without creating new ones Documenting your work will save you and others a lot of time and effort in the future Also document the date and time that you made changes • Go through an iteration process of implementing actions and observing results if there are still unresolved issues Consider the next action plan and go about implementing it There will be times that you remain with no possibility in hand while your network problems persist In this event, you will have www.testking.com - 115 - 640-604 Switching 3.0 to think of more possibilities This may require that you gather more facts that you might have overlooked 12.2.1 Troubleshooting with show Commands There are a number of show commands that you can use for troubleshooting hardware, configuration, or network problems in a switched network environment These are: • show system, which displays the power supply, fan, temperature alarm, system, and modem status; the number of days, hours, minutes, and seconds since the last system restart; the baud rate; the MAC address range; and the system name, location, and contact • show arp, which displays the contents of the ARP table and aging time • show atm, which displays the ATM interfaces, traffic, VC and VLAN information and status • show cam dynamic, which displays the dynamic CAM table • show config, which displays the current system configuration • show fddi, which displays the settings of the FDDI/CDDI module • show flash, which displays the Flash code names, version numbers, and sizes • show interface, which displays the Supervisor module network interface information • show ip route, which displays the IP route information • show log, which displays the system or module error log • show mac, which displays the MAC counters for all the installed modules • show module, which displays module status and information • show netstat, which displays statistics for the various TCP/IP stack protocols and state of active network connections • show port, which displays the port status and counters for all installed modules • show spantree, which displays the Spanning Tree information for the VLANs, including port states • show system, which displays the status of the power supply, fan, temperature alarm, system, and uptime • show test, which displays the results of diagnostic tests on the specified modules • show trunk, which displays the ISL/Dot1Q information including trunking status • show vlan, which displays the virtual LAN type, status and assigned modules and ports 12.2.2 Physical Layer Troubleshooting The most common network problems can be traced to cable problems Check that the correct cable is used Category cabling can only support 10BaseT Check whether a 10/100-Mbps connection is connected at 10 Mbps instead of 100 Mbps Check whether the cable is a crossover, rollover or straight-through cable by comparing the RJ-45 connector wiring at both ends of the cable, including all wiring closet connections Check the devices' port link integrity LED on both ends of the cable www.testking.com - 116 - 640-604 Switching 3.0 12.2.3 Troubleshooting Ethernet Table 12.3 outlines problems commonly encountered on Ethernet networks TABLE 12.3: Ethernet Media Problems Media Problem Possible Solution Excessive noise Use the show interfaces ethernet EXEC command to determine the status of the router’s Ethernet interfaces Check cables to determine whether any are damaged Look for badly spaced taps that could be causing reflections If you are using 100BaseTX, make sure you are using Category cabling Excessive collisions Use the show interfaces ethernet command to check the rate of collisions Use a time domain reflectometer (TDR) to find any unterminated Ethernet cables Look for a jabbering transceiver attached to a host Excessive runt frames In a shared Ethernet environment, runt frames are almost always caused by collisions If the collision rate is high, refer to the problem “Excessive collisions” earlier in this table If runt frames occur when collisions are not high or in a switched Ethernet environment, then they are the result of underruns or bad software on a network interface card Use a protocol analyzer to try to determine the source address of the runt frames Late collisions (collision that occurs beyond the first 64 bytes of an Ethernet frame) Use a protocol analyzer to check for late collisions Late collisions usually occur when Ethernet cables are too long or when there are too many repeaters in the network Check the diameter of the network and make sure it is within specification No link integrity on 10BaseT Make sure you are not using 100BaseT4 when only two 100BaseT4, or 100BaseTX pairs of wire are available 100BaseT4 requires four pairs Check for 10BaseT, 100BaseT4, or 100BaseTX mismatch Determine whether there is cross-connect Check for excessive noise 12.2.3.1 Network Testing The ping command is one of the most useful troubleshooting tools when performing network testing The ping command is supported at the user and privileged exec modes In user mode, you must specify an IP address or a host name, if the host name can be resolved to an IP address, with the ping command The ping command tests the round-trip path to and from a target In privileged mode, you must enter a protocol, a target IP address, a repeat count, datagram size, and a timeout in seconds Generally, the syntax for the ping command is: ping –s ip_address [ packet_size] [ packet_count] www.testking.com - 117 - 640-604 Switching 3.0 TABLE 12.4: Parameters for the ping Command Parameter Purpose -s Causes ping to send one datagram per second, printing one line of output for every response received The ping command does not return any output when no response is received ip_address The IP address or IP alias of the host Packet_size This optional parameter represents the number of bytes in a packet, from to 2000 bytes, with a default of 56 bytes The actual packet size is eight bytes larger because the switch adds header information Packet_count This optional parameter represents the number of packets to send 12.2.3.2 The Traceroute Command The traceroute command was introduced with the release 10.0 of Cisco IOS and can be used to find the path between IP devices The traceroute command can be executed in user and privileged exec modes, but in privileged exec mode, you can use the extended traceroute, which is more flexible and informative This command can be very useful in troubleshooting by determining where along a particular network path a particular problem might be as the traceroute command displays a hop-by-hop path through an IP network from the switch to a specific destination host The syntax for the traceroute command is: traceroute [ -n ] [- w wait_time ] [ -i initial_ttl ] [ -m max_ttl ] [ -p dest_port ] [ -q nqueries ] [ -t tos ] ip_address [ data_size ] TABLE 12.5: Parameters for the traceroute Command Parameter Description -n Prevents traceroute from performing a DNS lookup for each hop on the path Only numerical IP addresses are printed -w wait_time Specifies the amount of time that traceroute will wait for an ICMP response message The allowed range for wait time is to 300 seconds; the default is -i initial_ttl Causes traceroute to send ICMP datagrams with a TTL value equal to initial_ttl instead of the default TTL of This causes traceroute to skip processing for hosts that are less than initial_ttl hops away -m max_ttl Specifies the maximum TTL value for outgoing ICMP datagrams The allowed range is to 255; the default value is 30 -p dest_port Specifies the base UDP destination port number used in traceroute datagrams This value increments each time a datagram is sent The allowed range is to 65535; the default base port is 33434 -q nqueries Specifies the number of datagrams to send for each TTL value The allowed range is to 1000; the default is -t tos Specifies the TOS to be set in the IP header of the outgoing www.testking.com - 118 - 640-604 Switching 3.0 datagrams The allowed range is to 255; the default is ip_address IP alias or IP address in dot notation of the destination host data_size Number of bytes, in addition to the default of 40 bytes, of the outgoing datagrams The allowed range is to 1420; the default is 12.2.3.3 Network Media Test Equipment Third party equipment that can be used to troubleshoot networks includes: • Volt/Ohm meters and digital multimeters used to check for cable connectivity and continuity • Cable testers or scanners, also test for connectivity but are more sophisticated than Volt/Ohm meters Are able report cable conditions such as attenuation, near-end crosstalk (NEXT), and noise Can also provide the measurement of a cable's impedance • TDRs and OTDRs, devices that provide time domain reflectometer (TDR and optical TDR or OTDR for fiber-optic cable testing), wire-map, and traffic monitoring functionality Can locate opens, shorts, kinks, sharp bends, crimps, and impedance mismatches • Breakout Boxes, Fox Boxes, and bit/block error rate testers (BERTs/BLERTs) are digital interface testing tools used to measure the digital signals present at computers, printers, modems, CSU/DSUs, and other peripheral interfaces These devices can monitor data line conditions, analyze and trap data, and diagnose problems common to data communication systems Traffic from data terminal equipment (DTE) through data communications equipment (DCE) can be examined to help isolate problems, identify bit patterns, and ensure that the proper cabling has been installed • Network monitors, Layer tools used to capture, display and save traffic passing through a network cable Can take the raw data and provide information on frame sizes, number of erroneous frames, MAC addresses, number of broadcasts, etc • Network analyzers are similar to network monitors but are capable of interpreting and displaying the packet, segment, and other (higher) protocol data units (PDUs) Can be used to study the format or behavior of certain protocols; to check time delays between request and response www.testking.com - 119 - 640-604 Switching 3.0 Asynchronous Transfer Mode (ATM), 21, 27, 29, 32, 46, 47, 48, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 82, 84, 122, 124, 126 Addressing, 70 ATM LAN Emulation (LANE), 47, 68, 69, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 82, 84, 124 Model, 68 Protocols, 71 Virtual Circuits, 69 ATM LAN Emulation (LANE) ATM LAN Emulation (LANE), 47, 68, 69, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 82, 84, 124 Broadcast and Unknown Server (BUS), 72, 73, 74, 75, 76, 77, 78, 80, 82, 85 LAN Emulation Client (LEC), 72, 73, 74, 75, 76, 77, 79, 80, 83, 84 LAN Emulation Configuration Server (LECS), 72, 73, 75, 76, 77, 78, 79, 80, 82, 84 LAN Emulation Server (LES), 72, 73, 74, 75, 76, 77, 78, 79, 80, 82, 85 Broadcast Traffic, 21, 44, 45, 52, 57, 58, 72, 73, 104, 129 Broadcasts Traffic, 21, 23, 25, 28, 29, 30, 32, 36, 39, 40, 44, 52, 53, 58, 72, 73, 74, 75, 79, 81, 104, 108, 123 Cisco Express Forwarding (CEF), 81, 93, 94, 95, 96 Adjacency Tables, 93 Configuration, 94 Forwarding Information Base (FIB), 93, 94 Operation Modes, 94 Cisco Group Management Protocol (CGMP), 88, 106, 108, 111, 113, 114 Cisco Hierarchical Model, 26-30 The Access Layer, 26, 27, 28, 29, 30, 31, 32, 34, 35, 37, 44, 45, 46, 63, 64, 108, 115, 117 The Core Layer, 26, 27, 30, 31, 32, 65, 115, 119 The Distribution Layer, 26, 27, 28, 29, 30, 31, 34, 35, 37, 45, 64, 75, 115, 118, 119 CiscoWorks 2000, 45, 116, 120, 123, 124 Default Gateway, 97 Duplicate Ring Protocol (DRiP), 55 Ethernet, 21, 24, 28, 32-35, 36, 37, 42, 46, 47, 54, 56, 57, 71, 84, 98, 105, 106, 112, 123, 127 10Gigabit Ethernet, 35 Fast Ethernet, 33, 34, 42, 46, 56, 82, 84, 123 Gigabit Ethernet, 28, 34, 35, 37, 42, 46, 48, 56, 82, 84 Media, 32, 127 Multicast Address Mapping, 105 Port Mode, 42 Switches, 32 Hello Message, 87, 88, 89, 100, 101 Hot Standby Router Protocol (HSRP), 30, 97, 98, 99, 100, 101, 102, 103 Addressing, 98 Configuration, 100, 101, 102 Group Members, 98 Messages, 100 Operation, 99 States, 100 Status, 102 Troubleshooting, 103 ICMP Router Discovery Protocol (IRDP), 97 Internet Group Management Protocol (IGMP), 106, 107, 108, 111, 113 InterVLAN Routing, 81, 83, 86 Configuration, 83, 86 Design, 81 Establishing VLAN Connectivity, 83, 84, 85 Multicast Traffic, 21, 25, 57, 104, 107, 108 Addressing, 105 Configuration, 111 Distance Vector Multicast Routing Protocol (DVMRP), 105, 110 Distribution Trees, 109 Multicast Open Shortest Path First (MOSPF), 110 Protocol Independent Multicast Dense Mode (PIMDM), 110 Routing, 108 Switching, 108 Multicasts Traffic, 23, 25, 27, 28, 40, 50, 52, 55, 59, 64, 66, 72, 73, 87, 88, 98, 100, 104, 105, 106, 107, 108, 109, 110, 111, 112, 113, 114, 123 Multi-Layer Switching (MSL), 26, 87, 88 Caching, 91 Configuration, 88 Network Design, 28 Collapsed Core, 30 Core Block, 29, 30, 31, 34, 35, 45, 118, 119 Layer Core, 31 www.testking.com - 120 - 640-604 Switching 3.0 Mainframe Block, 29 Server Block, 29 Switch Block, 29, 30, 31, 34, 35, 45, 46, 118, 119 The 20/80 Rule, 22, 23, 45 The 80/20 Rule, 23, 45 WAN Block, 29 OSI (Open System Interconnection) Model, 23, 24, 68, 69, 123 Port Aggregation Protocol (PAgP), 57 Proxy ARP, 97 Remote Access, 39 Access Layer Policy, 117 Access Policies, 115 Core Layer Policy, 119 Distribution Layer Policy, 118 Privilege Levels, 116 Route Filtering, 119 Virtual Terminal Access, 116 Routing Information Protocol (RIP), 22, 97, 105, 110 Spanning-Tree, 31, 53, 58, 59, 62, 64, 65, 109 Common Spanning Tree, 66 Communication, 59 Design, 65 Per-VLAN Spanning Tree, 66 Per-VLAN Spanning Tree Plus, 66 States, 62 Timers, 62, 63 Spanning-Tree Protocol (STP), 30, 31, 58, 59, 60, 61, 62, 63, 65, 66 Switch Clustering, 41 Token Ring, 21, 32, 35-36, 38, 42, 43, 46, 52, 53, 54, 55, 71, 84 Port Mode, 42-43 VLANs, 52-54, 55 Troubleshooting Ethernet, 127 HSRP, 103 Model, 125 Network Testing, 128 Physical Layer, 127 show Commands, 126 traceroute Command, 128 Unicast Traffic, 52, 53, 58, 104, 108, 110, 123 Virtual LANs (VLANs), 22, 23, 29, 30, 39, 41, 44-, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 66, 74, 79, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 99, 108, 115, 117, 122, 123, 124, 126 Dynamic, 44, 45 End-to-End, 45 Local, 45 Local VLANs, 45 Membership, 44-45 Static, 44, 57 Token Ring VLANs, 52-54, 55 Trunks, 45-46, 47-48, 49, 55 VLAN Trunking Protocol (VTP), 45, 47, 48-52, 55 Advertisements, 49-50 Modes, 48-49 www.testking.com - 121 - ... www.testking.com - 18 - 640-604 Switching 3.0 Switching 3.0 (Building Cisco Multilayer Switched Networks) Exam Code: 640-604 Certifications: Cisco Certified Network Professional (CCNP) Cisco Certified Design... This Study Guide To benefit from this Study Guide we recommend that you: • Although there is a fair amount of overlap between this Study Guide and the 640-607 Study Guide, and the 640-606 Study Guide, ... Prerequisites: Cisco CCNA 640-607 - Routing and Switching Certification Exam for the CCNP track or Cisco CCDA 640-861 - Designing for Cisco Internetwork Solutions Exam About This Study Guide This Study Guide