Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide - Richard Froom, Erum Frahim

Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide

(CCNP SWITCH 300-115)
Buch | Hardcover
512 Seiten
2015
Cisco Press (Verlag)
978-1-58720-664-1 (ISBN)
89,95 inkl. MwSt
  • Titel ist leider vergriffen;
    keine Neuauflage
  • Artikel merken
Now fully updated for the new Cisco SWITCH 300-115 exam, Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide is your Cisco® authorized learning tool for CCNP® or CCDP® preparation. Part of the Cisco Press Foundation Learning Series, it teaches you how to plan, configure, verify, secure, and maintain complex enterprise switching solutions using Cisco Catalyst® switches and Enterprise Campus Architecture.

 

The authors show you how to build scalable multilayer switched networks, create and deploy global intranets, and perform basic troubleshooting in environments using Cisco multilayer switches for client hosts and services. They begin by reviewing basic switching concepts, network design, and campus network architecture. Next, they present in-depth coverage of spanning-tree, inter-VLAN routing, first-hop redundancy, network management, advanced switch features, high availability, and campus network security.

 

Each chapter opens with a list of topics that clearly identify its focus. Each chapter ends with a summary of key concepts for quick study, as well as review questions to assess and reinforce your understanding. Throughout, configuration examples, and sample verification outputs illustrate critical issues in network operation and troubleshooting.

 

This guide is ideal for all certification candidates who want to master all the topics covered on the SWITCH 300-115 exam.

 



Serves as the official textbook for version 7 of the Cisco Networking Academy CCNP SWITCH course
Covers basic switching terminology and concepts, and the unique features of Cisco Catalyst switch designs
Reviews campus network design, including network structure, roles of Cisco Catalyst switches, and differences between Layer 2 and multilayer switches
Introduces VLANs, VTP, Trunking, and port-channeling
Explains Spanning Tree Protocol configuration
Presents concepts and modern best practices for interVLAN routing
Covers first-hop redundancy protocols used by Cisco Catalyst switches
Outlines a holistic approach to network management and Cisco Catalyst device security with AAA, NTP, 802.1x, and SNMP
Describes how to use advanced features to improve campus network resiliency and availability
Shows how to establish switch physical redundancy using Stackwise, VSS, or redundant supervisors
Explains advanced security features

 

Richard Froom, CCIE No. 5102, is a manager within the Solution Validation Services (SVS) team at Cisco. Richard previously worked as a network engineer in the Cisco TAC and in various customer-facing testing organizations within Cisco. Richard holds CCIEs in Routing and Switching and in Storage Networking. Richard currently focuses on expanding his team’s validation coverage to new technologies in the data center, including Application Centric Infrastructure (ACI), OpenStack, Intercloud Fabric, and big data solutions with Hadoop.   Erum Frahim, CCIE No. 7549 , is a technical leader working in the Solution Validation Services (SVS) group at Cisco. In her current role, Erum is leading efforts to test data center solutions for several Cisco high-profile customers and leading all the cross-business units interlock. Most recently, she is working on Application Centric Infrastructure (ACI), UCS Director, OpenStack, and big data. Before this, Erum managed the Nexus platform escalation group and served as a team lead for the data center storage-area network (SAN) test lab under the Cisco data center business unit. Erum joined Cisco in 2000 as a technical support engineer. Erum has a Master of Science degree in electrical engineering from Illinois Institute of Technology and also holds a Bachelor of Engineering degree from NED University, Karachi, Pakistan. Erum also authors articles in Certification Magazine and on Cisco.com and has participated in many CiscoLive Events. In her spare time, Erum enjoys her time with her husband and child.

                Introduction xx

Chapter 1 Fundamentals Review 1

                Switching Introduction 2

                                Hubs and Switches 2

                                Bridges and Switches 2

                                Switches of Today 3

                                Broadcast Domains 3

                                MAC Addresses 4

                                The Basic Ethernet Frame Format 4

                                Basic Switching Function 5

                                VLANs 6

                                The Spanning Tree Protocol 6

                                Trunking 7

                                Port Channels 7

                                Multilayer Switching 8

                Summary 8

Chapter 2 Network Design Fundamentals 9

                Campus Network Structure 9

                                Hierarchical Network Design 10

                                Access Layer 12

                                Distribution Layer 13

                                Core Layer (Backbone) 14

                                Layer 3 in the Access Layer 17

                                The Cisco Enterprise Campus Architecture 19

                                The Need for a Core Layer 20

                Types of Cisco Switches 22

                                Comparing Layer 2 and Multilayer Switches 24

                                MAC Address Forwarding 24

                                Layer 2 Switch Operation 25

                                Layer 3 (Multilayer) Switch Operation 26

                                Useful Commands for Viewing and Editing Catalyst Switch MAC Address Tables 27

                                Frame Rewrite 28

                                Distributed Hardware Forwarding 28

                                Cisco Switching Methods 29

                                Route Caching 30

                                Topology-Based Switching 31

                                Hardware Forward Details 33

                Study Tips 34

                Summary 34

                Review Questions 35

Chapter 3 Campus Network Architecture 41

                Implementing VLANs and Trunks in Campus Environment 41

                                VLAN Overview 42

                                VLAN Segmentation 44

                                End-to-End VLANs 44

                                Local VLANs 45

                                Comparison of End-to-End VLANs and Local VLANs 46

                                Mapping VLANs to a Hierarchical Network 47

                                Implementing a Trunk in a Campus Environment 49

                                Understanding Native VLAN in 802.1Q Trunking 52

                                Understanding DTP 53

                VLAN Ranges and Mappings 54

                                Configuring, Verifying, and Troubleshooting VLANs and Trunks 55

                                Verifying the VLAN Configuration 57

                                Configuring VLANs and Trunks 61

                                Best Practices for VLANs and Trunking 65

                                Voice VLAN Overview 67

                                Switch Configuration for Wireless Network Support 69

                VLAN Trunking Protocol 70

                                VTP Overview 70

                                VTP Modes 71

                                VTP Versions 73

                                VTP Pruning 74

                                VTP Authentication 75

                                VTP Advertisements 75

                                VTP Messages Types 77

                                Summary Advertisements 77

                                Subset Advertisements 77

                                Configuring and Verifying VTP 78

                                Overwriting VTP Configuration (Very Common Issue with VTP) 87

                                Best Practices for VTP Implementation 93

                Implementing EtherChannel in a Switched Network 94

                                The Need for EtherChannel 94

                                EtherChannel Mode Interactions 97

                                LACP 97

                                PAgP 98

                                Layer 2 EtherChannel Configuration Guidelines 99

                                EtherChannel Load-Balancing Options 100

                                Configuring EtherChannel in a Switched Network 102

                                EtherChannel Configuration and Load Balancing 103

                                EtherChannel Guard 108

                Study Tips 109

                Summary 110

                Review Questions 110

Chapter 4 Spanning Tree in Depth 119

                Spanning Tree Protocol Overview 120

                                STP Need 120

                                STP Standards 121

                                STP Operations 122

                                Bridge Protocol Data Units 124

                                Root Bridge Election 124

                                Root Port Election 126

                                Designated Port Election 128

                                STP Port States 129

                                Per-VLAN STP Plus (PVST+) 130

                                STP Topology Changes 131

                Rapid Spanning Tree Protocol 133

                                RSTP Port Roles 134

                                Comparison of RSTP and STP Port States 135

                                RSTP Topology Changes 136

                                RSTP Link Types 138

                                Configuring and Modifying STP Behavior 140

                                Changing STP Priority 143

                                STP Path Manipulation 145

                                STP Timers 148

                Implementing STP Stability Mechanisms 151

                                Use UplinkFast 153

                                Use BackboneFast 154

                                Use PortFast 156

                                Securing PortFast Interface with BPDU Guard 158

                                Disabling STP with BPDU Filter 159

                                Use Root Guard 161

                                Loop Guard Overview 164

                                Use UDLD 166

                                UDLD Recommended Practices 170

                                Use FlexLinks 171

                                STP Stability Mechanisms Recommendations 175

                Configuring Multiple Spanning Tree Protocol 179

                                Introducing MST 179

                                MST Regions 182

                                STP Instances with MST 183

                                Extended System ID for MST 185

                                Configuring and Verifying MST 185

                                Configuring MST Path Cost 192

                                Configuring MST Port Priority 193

                                MST Protocol Migration 194

                                MST Recommended Practices 194

                Troubleshooting STP 196

                                Potential STP Problems 196

                                Duplex Mismatch 196

                                Unidirectional Link Failure 197

                                Frame Corruption 197

                                Resource Errors 198

                                PortFast Configuration Errors 198

                Study Tips 198

                Summary 199

                Review Questions 200

Chapter 5 Inter-VLAN Routing 203

                Describing Inter-VLAN Routing 204

                                Introduction to Inter-VLAN Routing 204

                                Inter-VLAN Routing Using an External Router 206

                                Configuring Inter-VLAN Routing Using an External Router 207

                                Routing with an External Router 208

                                External Routers: Advantages Disadvantages 211

                                Inter-VLAN Routing Using Switch Virtual Interfaces 212

                                SVI: Advantages and Disadvantages 214

                                Routing with Routed Ports 214

                                Routed Ports: Advantages 215

                                Configuring Inter-VLAN Routing Using SVI and Routed Ports 216

                                Routing on a Multilayer Switch 217

                                Using the SVI autostate exclude Command 220

                                SVI Configuration Checklist 221

                                Troubleshooting Inter-VLAN Problems 222

                                Example of a Troubleshooting Plan 223

                Layer 2 Versus Layer 3 EtherChannel 225

                                Layer 3 EtherChannel Configuration 226

                                Verifying Routing Protocols 229

                Implementing DHCP 231

                                DHCP Overview 231

                                Configuring DHCP in Multilayer Switched Network 233

                                Configuring a DHCP Relay 239

                                Configuring DHCP Options 239

                Study Tips 240

                Summary 241

                Review Questions 242

Chapter 6 First-Hop Redundancy 247

                Overview of FHRP and HSRP 247

                                The Need for First-Hop Redundancy 248

                                HSRP Overview 250

                                HSRP State Transition 253

                                Aligning HSRP with STP Topology 254

                                Configuring and Tuning HSRP 255

                                Forwarding Through the Active Router 257

                                Load Sharing with HSRP 263

                                The Need for Interface Tracking with HSRP 265

                                HSRP Interface Tracking 266

                                HSRP and Object Tracking 268

                                Configuring HSRP Authentication 271

                                Tuning HSRP Timers 272

                                HSRP Versions 274

                Configuring Layer 3 Redundancy with VRRP 274

                                About VRRP 275

                                Configuring VRRP and Spotting the Differences from HSRP 276

                                VRRP and Authentication 279

                                Tracking and VRRP 280

                                Configuring Layer 3 Redundancy with GLBP 282

                                Introducing GLBP 282

                                Comparing GLPB to HSRP 283

                                GLBP States 284

                                Configuring and Verifying GLBP 285

                                GLBP Load-Balancing Options 294

                                GLBP Authentication 295

                                GLBP and STP 295

                                Tracking and GLBP 296

                Study Tips 300

                Summary 301

                References 301

                Review Questions 302

Chapter 7 Network Management 305

                AAA 305

                                Authentication Options 307

                                RADIUS and TACACS+ Overview 308

                                RADIUS Authentication Process 309

                                TACACS+ Authentication Process 310

                                Configuring AAA 311

                                Configuring RADIUS for Console and vty Access 311

                                Configuring TACACS+ for Console and vty Access 312

                                AAA Authorization 313

                                AAA Accounting 314

                                Limitations of TACACS+ and RADIUS 315

                Identity-Based Networking 316

                                IEEE 802.1X Port-Based Authentication Overview 316

                                IEEE 802.1X Configuration Checklist 318

                Network Time Protocols 319

                                The Need for Accurate Time 320

                                Configuring the System Clock Manually 320

                                Network Time Protocol Overview 323

                                NTP Modes 324

                                Other NTP Configuration Options 326

                                NTP Example 326

                                NTP Design Principles 329

                                Securing NTP 331

                                NTP Source Address 333

                                NTP Versions 333

                                SNTP 335

                                PTP/IEEE-1588 336

                SNMP 336

                                SNMP Overview 337

                                SNMP Versions 339

                                SNMP Best Practices 339

                                SNMPv3 Configuration Example 340

                                Verifying SNMP Version 3 Configuration 342

                Study Tips 344

                Summary 345

                Review Questions 345

Chapter 8 Switching Features and Technologies for the Campus Network 351

                Discovery Protocols 352

                                Introduction to LLDP 352

                                Basic Configuration of LLDP 353

                                Discovering Neighbors Using LLDP 355

                Unidirectional Link Detection 357

                                UDLD Mechanisms and Specifics 358

                                UDLD Configuration 358

                                Leveraging UDLD and STP Loop Guard Together 360

                Power over Ethernet 360

                                PoE Components 362

                                PoE Standards 362

                                PoE Negotiation 362

                                Configuring and Verifying PoE 363

                SDM Templates 364

                                SDM Template Types 365

                                Choosing the Right SDM Template 367

                                System Resource Configuration on Other Platforms 367

                Monitoring Features 368

                                SPAN and RSPAN Overview 368

                                SPAN Configuration 371

                                RSPAN Configuration 372

                IP SLA 374

                                Introduction to IP SLA 375

                                IP SLA Source and Responder 377

                                IP SLA Configuration 377

                                IP SLA Operation with Responder 379

                                IP SLA Time Stamps 381

                                Configuring Authentication for IP SLA 382

                                IP SLA Example for UDP Jitter 383

                Study Tips 384

                Summary 385

                Review Questions 385

Chapter 9 High Availability 393

                The Need for Logical Switching Architectures 394

                What Is StackWise? 395

                                StackWise Benefits 396

                                Verifying StackWise 396

                What Is VSS? 397

                                VSS Benefits 398

                                Verifying VSS 399

                Redundant Switch Supervisors 401

                                Supervisor Redundancy Modes 402

                                Stateful Switchover 403

                Nonstop Forwarding 404

                Study Tips 405

                Summary 405

                Review Questions 406

                References 406

Chapter 10 Campus Network Security 409

                Overview of Switch Security Issues 410

                Cisco Switch Security Configuration Best Practices 411

                Campus Network Vulnerabilities 414

                                Rogue Access 414

                                Switch Vulnerabilities 415

                                MAC Flooding Attacks 417

                Introducing Port Security 419

                                Port Security Configuration 420

                                Port Error Conditions 422

                                Err-Disabled Automatic Recovery 423

                                Port Access Lists 424

                Storm Control 425

                                Introduction to Storm Control 426

                                Configuring and Verifying Storm Control on an Interface 427

                Mitigating Spoofing Attacks 430

                                DHCP Spoofing Attacks 430

                                DHCP Snooping 432

                                DHCP Option 82 433

                                DHCP Snooping Example Configuration 433

                                IP Source Guard 436

                                IPSG Configuration 438

                                ARP Spoofing 439

                                Dynamic ARP Inspection 440

                                DAI Configuration 441

                Securing VLAN Trunks 443

                                Switch Spoofing 444

                                VLAN Hopping 446

                                Protecting Against VLAN Hopping 447

                                VLAN Access Lists 448

                                VACL Interaction with ACLs and PACLs 449

                                Configuring VACLs 450

                Private VLANs 451

                                Introduction to PVLANs 452

                                PVLAN Port Types 453

                                PVLAN Configuration 454

                                PVLAN Verification 456

                                PVLANs Across Multiple Switches 457

                                Using the Protected Port Feature 458

                Study Tips 458

                Summary 459

                Review Questions 460

Appendix A Answers to Chapter Review Questions 469

9781587206641 TOC, 4/14/2015

Erscheint lt. Verlag 28.5.2015
Verlagsort Indianapolis
Sprache englisch
Maße 191 x 238 mm
Gewicht 1038 g
Themenwelt Mathematik / Informatik Informatik Netzwerke
Informatik Weitere Themen Zertifizierung
ISBN-10 1-58720-664-1 / 1587206641
ISBN-13 978-1-58720-664-1 / 9781587206641
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich