CCNP Switch – SPAN/RSPAN

SPAN or Switched Port Analyzer, tells the switch to send a copy of frames out of another switch port. This is usually used for traffic sniffers (Wireshark for example).

To set this up:

SW1(config)#monitor session 1 source int fa 1/0/1 (This is the switch port that we want to monitor)

SW1(config)#monitor session 1 dest int fa 1/0/12 (This is where the copy of the frames will be sent)

Along with monitoring a single interface, we can also monitor an entire VLAN’s traffic.

SW1#show monitor

RSPAN

RSPAN (Remote Switched Port Analyzer) is the same as SPAN, only it gives you the ability to have the copied frames sent to a port that is not on the local switch.

With RSPAN, you need to create a VLAN that will be used to carry the copied frames.

 SW1(config)#vlan 50

SW1(config-if)#name RSPAN

SW1(config-if)#remote-span

SW1(config-if)#exit

Now that we have a VLAN created for RSPAN, this can be used as a destination to send the copied frames too.

SW1(config)#monitor session 2 source int fa 1/0/1

SW1(config)#monitor sessions 2 dest remote vlan 50

Now we need to set this up on the remote switch. Ensure that the vlan exists on the remote switch.

SW2(config)#monitor sessions 3 source remote vlan 50

SW2(config)#monitor session 3 dest int fa 0/7

 

 

 

CCNP Switch – UDLD

Unidirectional Link Detection (UDLD) is typically used on Fibre connections. As there will usually be two fibre strands for each connection (one for sending and one for receiving), the switch or router will have not know if one of the links are damaged. Due to them being one way links.

UDLD is a layer 2 technology that allows the two end points to communicate with each other using a Well-Known MAC address.

UDLD Well-Known MAC address = 01:00:0C:CC:CC:CC

UDLD Messages are usually sent around every 15 seconds and the device will expect to see the message returned.

If the device receives no return reply, then it will put the port into the ‘err-disabled’ state.

There are two modes that UDLD can be configured as:

• Normal – Marks port as ‘Undetermined state’ and generates a syslog message.
• Aggressive – Sends UDLD message every second for 8 seconds. If no reply after this point, the port will be put into ‘err-disabled’ state. (This is the recommended mode)

To configure this:

SW1(config)#udld aggressive

This turns UDLD globally, but only enables on fibre ports.

You can also turn this on, on a port by port basis by using the below:

SW1(config)#int fa 0/1

SW1(config-if)#udld port aggressive

To look at all ports and their UDLD status:

SW1#show udld

To reset all ports after recovery:

SW1#udld reset

CCNP Switch – PoE

Power over Ethernet is a means of supplying power via the Ethernet cable (e.g. a Cat 5, Cat 5e or Cat 6). Devices such as Wireless access points, IP Phones and CCTV devices can be powered by this means.

It may also be a good idea to have a UPS in between the switch powering devices and the power supply powering the switch.

Uninterruptible Power Supply (UPS) can be used to provide uninterrupted power (for the life of the UPS’s battery) to a device, in the event of a power outage. In some cases, companies can also have a generator as a back up option, on top of the UPS.

PoE Components:

• Power Source Equipment (PSE)
• Powered Device (PD) – Such as a Wireless Access point, IP Phone or CCTV camera.
• Ethernet Cable (Usually using pins 1,2,3 and 6)

If the device (switch) doesn’t have PoE, then you could use a Power Injector. This is a device that sits between an Ethernet switch and a device needing power, and provides power (typically on pins 4,5,7 and 8) to the device needing power.

PoE Standards:

• Cisco Inline Power (7.7 Watts)
• IEEE 802.3af (15.4 Watts)
• IEEE 802.3at (PoE+) (25.5 Watts (51 Watts using eight wires))

 

To configure PoE

SW1#conf t

SW1(config)#int fa 0/1

SW1(config-if)#power inline auto

Please be aware that PoE is normally enabled by default.

SW1#show power inline

 

CCNP Switch – CDP vs. LLDP

CDP (Cisco Discovery Protocol) is a Cisco proprietary protocol that allows Cisco devices to dynamically discover other Cisco devices that are layer 2 adjacent.

For example, the command:

SW1#show cdp neighbors

Confirms that we have a layer 2 adjacency with SW2 and SW3 out of port Fa 1/0/13 and /14.

As this is a Cisco proprietary protocol, it’ll only support Cisco devices. This can be a problem if we’re running a mixed vendor environment.

LLDP (Link Layer Discovery Protocol) or IEE 802.1AB, is an industry standard protocol that allows network devices supporting LLDP (that are Layer 2 adjacent), to discover each other.

TLV (Type-Length-Value) Information, is specific characteristics of an LLDP-speaking device, which can be advertised to a neighboring LLDP-speaking device.

To specify what LLDP TLV’s you want to send/receive:

SW1(config)#lldp tlv-select ?

LLDP commands in general are very similar to CDP.

To see if LLDP is running:

SW1#show lldp

To enable LLDP:

SW1#lldp run

To see LLDP connected devices:

SW1#show lldp neighbors

To see more detail:

SW1#show lldp neighbors detail

To turn off lldp on an individual interface:

SW1#conf t

SW1(config)#int fa 1/0/1

SW1(config-if)#no lldp receive

SW1(config-if)#no lldp transmit

SW1(config-if)#end

 

CCNP Switch – SDM Templates

Switch Database Management  (SDM) Templates, are collections of settings that can allocate a switches resources (e.g. TCAM resources) in different ways, depending on the role and how we’re going to be using that switch.

This includes preferences for more VLAN’s, to be able to learn more MAC addresses, or to perform routing.

To view the current SDM template, type following show command:

SW1#show sdm prefer

If you wish to change the current SDM template, you’d need to issue the following commands:

SW1#conf t

SW1(config)#sdm prefer ?

You’ll then be presented with the following options to choose from:

• Access – Access layer switch that can learn many VLAN’s but not do much routing
• Default – Balanced setup
• Dual IPv4 and IPv6 – Support for both IPv4 and IPv6 (Use this if you want to support dual stack routing of both IPv4 and IPv6)
• Routing – This would be a good setting to use at a distribution or core layer switch, that needs to keep track of multiple routes (remember, this setting does not include IPv6)
• VLAN – Tells the switch to allocate most resources to Layer 2 Unicasts and many many MAC addresses

To enable IPv6 dual stack:

SW1(config)#sdm prefer dual-ipv4-and-ipv6 default

The changes will only take effect, once the switch has been reloaded.

As you can see from the above, IPv6 is now supported. Well, at least it will be after issuing the below command:

SW1(config)#ipv6 unicast-routing

To show the current TCAM utilization, issue the command:

SW1#show platform tcam utilization

Before using SDM templates, Cisco recommends that we try and optimize the switch. Examples of this would be to reduce the amount of ACL’s or QoS policies we have running.

 

CCNP Switch – Layer 2 vs. Multilayer switches

Firstly the MAC address structure is split in two and looks like follows:

Organisationally Unique Identifier (OUI) | Assigned by the Vendor

Layer 2 forwarding is performed by looking at the CAM (Content Addressable Memory) table. The MAC address is added into the CAM table, once a frame is received on a port of the switch. As the CAM table is populated, the switch can forward frames only to the device that needs it, based on the information found in the CAM table. If the destination MAC is not known by the switch, the frame will be flooded out of all ports, except the port on which it was received.

There is also a TCAM table – This works in the same way as the CAM table, but holds things like security ACL’s and Quality of service ACL’s.

A TCAM table is a table which can be queried using values of 0, 1, or x, where x is a ‘don’t care’ bit. Ternary means it can use three values.

This allows the switch to make very fast decisions, based on:

• Where should the frame be forwarded?
• Should the frame be forwarded?
• With what QoS treatment should the frame be forwarded?

Layer 3 Switches

Layer 3 switches can make forwarding decisions based upper-layer information, such as IP addresses, alongside the typical layer 2 switch functionality.

They still have the CAM and TCAM tables, but in addition to this, they have the FIB (Forwarding Information Base), which forwards packets based on layer 3 information.

Cisco Express Forwarding (CEF) is a packet switching technology that makes forwarding decisions using two tables, the FIB and the Adjacency table.

A Layer 3 switch will still make the same decisions based on:

• Where should the frame be forwarded?
• Should the frame be forwarded?
• With what QoS treatment should the frame be forwarded?

Switches use Application Specific Integrated Circuits (ASIC’s) – This is a high speed integrated circuit designed for a specific purpose (for example, frame forwarding).

Switches can have multiple TCAM tables for different ACL’s (inbound, outbound etc). This allows the switch to do parallel processing.

Update

So, it’s been a while since my last post…..almost a year actually. I ended up going for my ICND2 in November as I intended to and I passed at the first time of trying. I was really chuffed, as I really felt like this would be the key to my getting a foot in the door into the world of I.T.

Once I’d got my full CCNA, I applied for numerous jobs, ranging from first line Service Desk type roles, to NOC and Junior Networking roles. I didn’t get much luck at this point, until a friend of mine passed my CV onto the company that he works for, for a NOC position.

I didn’t get the job at the first time of asking, but was called back in March, (when another position came up) for a second interview and got offered the position. So all in all, it was about 4/5 months before I managed to get my first IT role. I was beginning to lose hope of ever getting my career started. I guess good things come to those who wait (or who have friends in positions to put good words in for you).

So, I’m about 4 months into my I.T. career at this point, and I’m amazed at how much there is to learn. My head aches almost daily, which is a far cry from the none IT related positions I’ve done previously. Along with learning my new role, I’m also trying to study for my CCNP (starting with switch). I figure I need to get as much learning done in my own time as I can. I’ve got some catching up to do in regards to where some people are within their respective careers, compared to me at my age.

At this point, I think I’m going to try and use this blog as a means of me revising. Posting blog entries on each chapter of my studies as I go through them. Hopefully, it’ll help cement the knowledge in my own head a bit better than just writing it down on paper.

Wayne

Study update

It’s been a few weeks since my last post. In that time, I’ve continued going through the CCNA material. I’m almost ( a couple of videos left) at the end of the ICND2 series I’m watching. I’ve made notes on all topics and once completed, will lab the various topics using my notes as backup, until I feel comfortable enough to do them from memory.

I’ve booked my ICND2 exam for the beginning of November. I think I’d have been ready sooner, however due to not being able to get the time off work, November was the earliest date available.

I feel pretty confident about the exam. I think once I’ve labbed things a little, I’ll be set.

I’ve started labbing tonight, running through very simply labs on Etherchannel, HRSP and EIGRP. I’ll go through more complex stuff in the coming weeks and hopefully, build a complete lab that encompasses almost all topics from both the ICND1 and ICND2.

I guess the main topic that’s going to take a bit of work is on WAN’s. There are loads of differences between all of the different technologies. I’m not really sure what I’ll need to know for the exam and in how much detail, so I’ll need to learn as much as possible.

All in all, with the exception of STP (which I found a little boring) ICND2 has been tenfold more interesting that ICND1. Especially SNMP and Netflow.

Learning about networking and all the intricacies that go along with that have been great but seeing what you can do with the monitoring that SNMP and Netflow offer, really blew my mind. It may sound sad, but I’m so excited to be able to get to use some of the SNMP and Netflow specific applications.

Wayne

EIGRP

I’m coming towards the end of the videos on EIGRP. This routing protocol seems really cool. No areas to worry about like OSPF, however, the metric calculations were a little confusing to me at first, especially the ‘K’ value concept.

EIGRP calculates the best path to a destination based on the K Value formula.

There are 5 K Values:

K1 – Bandwidth

K2 – Load

K3 – Delay

K4 – Reliability

K5 – MTU

These are then used in a formula to calculate the metric:

metric = [K1 * bandwidth + (K2 * bandwidth) / (256 – load) + K3 * delay] * [K5 / (reliability + K4)]

Dread started to overcome me a little when I first saw this. What a ridiculous formula! OPSF is much simpler, let’s use that!

When it was broken down a little though, it’s much clearer.

The K values themselves will be switched on (1) or switched off (0) and the only values switched on by default (and according to a friend working in the industry, it’s this way most if not all of the time) are bandwidth and delay. So, essentially, the metric is calculated by the following formula:

Metric = (Bandwidth + Delay) x 256

Phew!

Other than that, EIGRP seems easy enough and troubleshooting shouldn’t be too much of an issue. I just need to remember that the autonomous system number needs to match (different to the process number in OSPF) and any other issues should be easy enough to spot, providing I remember the show commands (show ip eigrp topology and show ip protocols are my favourites).

Next up, First Hop Redundancy Protocols.

I can’t wait to run some labs with these. As so much of networking seems to be about redundancy, it’ll be nice to actually learn something that’ll help me install and configure a redundant network. So far it’s just been about the basics, now we’re getting into the details. It’s really interesting.

Wayne

The beginning

First of all, welcome to my new blog. I’m not going to be sharing this among friends or colleagues, as I’m just using it to splurge my thoughts, as I go through this process. However, if you happen to stumble upon it, welcome.

I passed my CCENT nearly two weeks ago. It was a great feeling to pass that exam, but as it’s really only part 1 of the real certification goal (to at least get me some interviews), the feeling didn’t last long.

I was really nervous leading up to the exam, as it’s been about 15 years since I last took a proper test. I won’t say it was easy, because I’d studied pretty hard for it, but I finished it in 25 minutes. There was a moment as I was getting towards the end, that I though,”crap, have I majorly messed up here? I can’t be finished already?”, but it was all good, I got a score of 933/1000, which I feel is a pretty solid score considering I don’t work in IT.

In preparation for the test I read the Todd Lammle CCNA book and watched a number of different video series’.

All I’ll say is, choose as many different sources of information as possible. Everyone has a different learning style. I found the less detailed videos better in the beginning, just to give me the overall concept, but once I was feeling comfortable, I needed a little more substance and found the more in depth material essential to filling in the gaps.

Once, I’d been over these, it was a matter of labbing for the last couple of weeks before my exam. The main lab I ran, was this:

I think its a lab from the ICND2 part of one of the video courses. It’s meant as a refresher, before you get into the ICND2 stuff, but it’s an excellent review lab to make sure you’ve got the concepts and configs down.

It’s got most of the ICND1 topics included. Trunks, Vlans, VLSM, OSPF, NAT, DHCP, ACL’s etc.

Anywho, so yeah, I passed and now I’m working on the ICND2 material. I found STP a bit of a bore/chore, but now I’m going through multi area OSPF and the routing protocol I hadn’t touched yet, EIGRP.

There doesn’t seem to be a massive amount of content within the ICND2, but it seems much deeper.

Wish me luck!

Wayne