October 19, 2013
The second item under the topics in the new ICND2 200-101 exam, requires that you can identify PVSTP.
PVSTP or Per VLAN Spanning Tree Protocol does just that, each VLAN will have a different STP setup or topology, as it is done on per VLAN basis.
As the engineer this provides you with a great tool to load balance traffic over the network, using some configuration options you can decide what switches will become root.
Note: All of the interfaces on the Root switch will be DP’s
The above example show you how the two VLANs have a different topology.
Leave a Comment » | 
ICND2 Topics, Networking, Protocols, Switches, VLANs | Tagged: 2001-101, ccna exam, cicsco, cisco switches, cisco swittching, icnd2, per vlan spanning tree protocol, PVSTP, switches, topology, vlan | 
Permalink
Posted by Josh Gahan
October 15, 2013
If you are going to setup a LAN with redundant paths, it is important that STP is running. If not you will be opening yourself up to these few problems
- Broadcast Storms
- MAC Table instability
- Multiple frame transmission
While the issue of broadcast storms may seem obvious, the other two may not be the things you think about at all. In the case of MAC table instability your switches will experience frequent updates to their MAC tables with wrong entires, from the looped frames which are being sent around the LAN.
The second issue of Multiple frame transmission can be somewhat, a disastrous side affect of not running STP. Duplicate copies of the looping frame can end up at the end host, in turn completely confusing it, resulting in discarded frames.
Luckily though on CISCO switches STP is on by DEFAULT
Leave a Comment » | Networking, Protocols, Switches, Troubleshoot | Tagged: broadcast storms, ccna, ccna exam, cisco, cisco switching, computer networks, frames, icnd2, icnd2 exam, it networking, mac, MAC table, networking, stp, switches | Permalink
Posted by Josh Gahan
October 1, 2013
The diagram below is the network in use:
Switch 3
FA0/1 – DP
FA1/1 – DP
Switch 1
FA1/1 – RP
FA0/1 DP
Switch 2
FA1/1 – RP
FA0/1 – DP
Switch 0
FA0/1 – RP
FA1/1 – ALTN
The lab for this example can be downloaded by clicking here
Leave a Comment » | ICND2 Topics, IOS Commands, Networking, Protocols, Switches, Troubleshoot | Tagged: ccna, ccna exam, cisco, cisco ios, cisco networking, cisco switches, hints n tips, icnd2, iOS, ios commands, labs, lan, Microsegmentation, networking, study, switch, switches | Permalink
Posted by Josh Gahan
August 26, 2013
- VTP server mode
- No VTP domain name
- VLAN 1 and VLAN’s 1002-1005 are automatically configured (cannot be deleted)
- All access interfaces are assigned to VLAN 1 (an implied switchport access vlan 1 command)
Leave a Comment » | IOS Commands, Networking, Protocols, Switches, VLANs, VTP | Tagged: 4094 vlans, access port, ccna defaults, ccna exam, ccna study, cisco defaults, cisco ios, default vlan, icnd2, iOS, sccess switch, switches, trunking, virtual lan, vlan, vlan 1002, vlan 1003, vlan 1004, vlan 1005, VLAN Trunking Protocol, vlan1, vlans, vtp domain name, vtp server mode | Permalink
Posted by Josh Gahan
August 15, 2013
- Create designs that allow you to group users more easily by either those working together or department
- Allows you to segment the LAN which has the positive affect of reducing the overhead on each LAN segment
- Provide Spanning Tree Protocol (STP) with less work to do by limiting a VLAN to an access switch
- By keeping hosts that work together on a single VLAN, you are able to enforce stronger security by keeping the data on a individual VLAN
- Seperate CISCO IP Phone traffic from the PC traffic
You could simplify this further:
- Security
- Performance
- Design
Leave a Comment » | Networking, VLANs | Tagged: broadcast, broadcast domains, broadcasts, ccna, ccna exams, design, icnd2, lan, network design, performance, security, stp, switches, vlan, vlans, Voip | Permalink
Posted by Josh Gahan
May 31, 2013
- Switch ports connected to a single device and microsegment the LAN, providing dedicated bandwidth to that single device.
- Switches allow multiple simultaneous conversations between devices on different ports
- Switch ports connected to a single device support full duplex, in effect doubling the amount of bandwidth available to the device.
- Switches support rate adaptation, which means that devices that use different ethernet speeds can communicate through the switch (HUBS CANNOT)
Leave a Comment » | Networking, Switches | Tagged: adaptation, benefits of switching, ccent, ccna exam, cisco, cisco networking, cisco switches, full duplex, icnd1, microsegment, Microsegmentation, segment, switch ports, switches, switching | Permalink
Posted by Josh Gahan
May 30, 2013
Denial of Service (DoS)
- Erasers try to harm the host, destroying hardware and files
- Crashers cause hosts to fail or no longer allow hosts to connect to the network
- Flooders flood the network with packets to make the network unusable.
Reconnaissance Attacks
- The goal is to gather information to perform an access attack and causing harm can be a side effect.
Access Attack
- An attempt to steal data typically for some type of financial gain.
*This topic will definitely be asked in the exam room, make note and have this stuff drilled in
Leave a Comment » | Networking, Security | Tagged: access attack, ccent, ccent exam, ccna, ccna exam, cisco, denial of service, dos, icnd1, networking, recon attack, reconnaissance attack, router, security, switches, types of attacks | Permalink
Posted by Josh Gahan
May 30, 2013
There are many motivations for using a VLAN:
- To create more flexible designs that group users by department or by groups that work together, instead of by physical location.
- To segment devices into smaller LANS (Broadcast Domains) to reduce overhead caused to each host in the VLAN
- To reduce the workload for STP by limiting a VLAN to a single access switch
- To separate traffic sent by an IP phone from traffic sent by PC’s connected to the phones
Leave a Comment » | Networking, Switches | Tagged: ccent. icnd1. 640-822, ccna, lan, switches, virtual lan, vlan, vlans, why use a vlan | Permalink
Posted by Josh Gahan
April 28, 2013
Switches examine the source MAC address of the received frame, switches can take a few possible options if it discovers that the incoming MAC address on that port is NOT SECURE.
- shutdown (the switch shuts down the port and sends a log message and drops the frame/s , also the interface status will read err-disabled you have to run a no shutdown to open the port again) ON BY DEFAULT
- restrict (drops the frames and transmits a log message but does not shutdown the port)
- protect (only drops the frames)
When configuring Port security and the source MAC address is unknown switchport port-security mac-address sticky can be used and the switch will use the first mac address learned as the Secure MAC address
Leave a Comment » | Networking, Security, Switches | Tagged: advice, ccent, ccent exam, ccna, ccna exam, cent, cisco, cisco hardware, cisco ios, cisco switches, cisco switching, did you know, err-disabled, hints n tips, information technology, iOS, ios commands, it, it security, mac, mac address, networking, packet, port security, protocol, router, security, switches, TCP, transmission control protocol, UDP | Permalink
Posted by Josh Gahan
April 28, 2013
Cisco Switch Defaults
- All cisco switch ports are open by (DEFAULT)
- Attempting to trunk (DEFAULT)
- Remember all ports are in VLAN1
Best practice habits should include
- Close Unused ports (shutdown command)
- Stop the port from trunking with (switchport mode access command)
- Place all unused Ports into an unused VLAN
Remember the switches should be locked away in a secure room and or a cabinet
Leave a Comment » | Networking, Security, Switches | Tagged: ccent, ccna, ccna exam, cent exam, cisco, cisco ios, cisco switches, information technology, iOS, ios commands, it networking, networking, security, study, switches | Permalink
Posted by Josh Gahan
