Symbols Numerics Seeptgmedia.pearsoncmg.com/images/1587051508/index/... · 2009. 6. 9. · I N D E...

I N D E X

Symbols! (exclamation point) character, 102# (pound sign) character, 102

Numerics10 Gigabit Ethernet, 5210-Mbps Ethernet, 4610/100/1000-Mbps auto-negotiation architecture,

742–744802.1D, compatibility with RSTP, 223802.1Q packet tagging, 683802.1X

configuration exercise, 607–610network access security, 598–600port authorization state, 599–600

AAAA

accounting, 593, 596–597authentication, 591–593authorization, 592–594configuration exercise, 607–610

aaa authentication login command, 593aaa new-model command, 90, 593access layer, 17accounting, 593, 596–597ACLs (access control lists), 4, 586–587

QoS ACLs, 601RACLs, 602security, 601VACLs, 602

Address Resolution Protocol (ARP), 11addressing

Fibre Channel, 638MAC address notification, 304–305

adjacencies, 379adjacency tables, 363ADSL (asymmetric digital subscriber line), 54

aggressive mode UDLD, 320–322configuration exercises, 333–334versus Loop Guard, 265

AppleTalk Remote Access (ARA), 592ARA (AppleTalk Remote Access), 592arbitrated loop topology, 640Architecture for Voice, Video and Integrated Data.

See Cisco AVVIDarchitectures (Fibre Channel), 637ARP (Address Resolution Protocol), 11ASICs (application-specific integrated circuits), 4,

268assured forwarding, 399, 400asymmetric digital subscriber line (ADSL), 54attenuation, 680authentication, 591–593

VTP, 171authorization, 592–594auth-proxy, 594auto-negotiation

10/100/1000-Mbps architecture, 742–744concerns, 51control register auto-negotiation bit description,

745mixing with manual configurations, 744purpose of, 741

auto-RP, 470AVPs, 592AVVID. See Cisco AVVID

Bbaby giants, 155, 315BackboneFast, 250

configuration exercise, 274–276configuring, 254link failures, 252

black holes, preventing, 261–264blocking state, 195boot system flash command, 100bootstrap routers (BSRs), 471BPDU Guard, 248, 255

BCMSN.book Page 763 Monday, March 15, 2004 9:06 AM

764

BPDUs (Bridge Protocol Data Units), 192filtering, 256format, 219frame formats, 193skewing, 257TCN, 203timers, 194

bridge IDs, 191bridge virtual interface (BVI), 347bridges, signaling topology changes, 202–204bridging loops, 188

Loop Guard, 263preventing, 190troubleshooting, 270

broadcast, 454broadcast domains, 6broadcast suppression, 311–312BSRs (bootstrap routers), 471buffer-to-buffer credit, 654Building Access submodule, 22, 25, 437Building Distribution submodule, 22, 25, 438burst size, 418BVI (bridge virtual interface), 347

CCAM (content addressable memory), 368Campus Backbone layer, 65Campus Backbone submodule, 22, 25Campus Infrastructure module, 55campus networks

designinglarge campus networks, 60–63medium-sized campus networks, 58–59small campus, 57

integrating storage networking, 647VLANs, 128–129

campuses, 19case studies

aggressive mode UDLD, 322–327designing a Cisco multilayer switched network,

69–70Catalyst 2950 switches, 37, 627–628

power redundancy, 523WRR, 425

Catalyst 2955 switches, 37

Catalyst 2970 switches, 425Catalyst 3550 switches, 36, 625–626

metro Ethernet solutions, 665power redundancy, 523updating software versions, 102

Catalyst 3750 switches, 36, 623–624metro Ethernet solutions, 664SRR, 425

Catalyst 4500 switches, 36, 620–621metro Ethernet solutions, 664redundant power supplies, 521–522

Catalyst 6500 switches, 34, 613, 663configuring

Q-in-Q tunneling, 690WRR, 423

deployment scenarios, 620image naming, 98line cards, 616metro Ethernet solutions, 663OS, 80redundant power supplies, 521–522service modules, 615SRM, 516

configuring, 518displaying status, 519failure scenario, 518

Supervisor Engine I, 616Supervisor Engine II, 617Supervisor Engine 720, 618VACL actions, 602

Catalyst 7600 switches, 663Catalyst QoS trust concept, 405Catalyst switches

authorization, 592BackboneFast, 253bridge IDs, 191Cisco IOS–based

SPAN, 706configuring

as VTP servers, 172multicast, 485multilayer switching, 361

configuring voice VLANs (configuration exercise), 577, 578, 579, 580, 581

EtherChannel, 282L2 traceroute availability, 724Loop Guard, 264

BPDUs (Bridge Protocol Data Units)


765

metro Ethernet positions, 663MST support, 230multilayer, 342policing, 418port authorization state of 802.1X, 599–600pVLANs, 143QoS fundamentals, 401–402

classification, 404–412congestion avoidance, 427–430congestion management, 420–426marking, 413–415traffic conditioning, 416–419

redundant Supervisor Engine uplink modules, 520redundant Supervisor Engines, 508–510

route processor redundancy, 510–511RPR+, 512–515

RPVST+ support, 217RSPAN feature support, 716security, 585

ACLs, 586–587disabling the integrated HTTP daemon, 589disabling unneeded services, 588passwords, 586physical access, 587

software images, 95–98troubleshooting, 104

configuration commands, 106connecting to switches via console ports,

108debug commands, impact and use, 106IP connectivity, 109show and debug commands, 105

updating software versions, 99–102VMPS support, 131wavelengths, 677

CDP, 293–294minimizing use of, 589

CDWM, 678–679CEF (Cisco Express Forwarding), 361–363, 514CEF-based MLS, 361–363

configuration, 375viewing Layer 3 Engine adjacency table, 378viewing Layer 3 Engine CEF table, 376

distributed switching, 365–366load sharing, 374sample operation, 372

switching table architecturesCAM, 368TCAM, 369–371

troubleshootingconfiguration exercise, 382–386debugging CEF on Layer 3 Engine, 380methodology, 381

verification, 375CEF-based MMLS, 480CGMP (Cisco Group Management Protocol), 483–484channeling (EtherChannel), 282chromatic dispersion, 680Cisco AVVID, 14, 38

applications, 15network topology, 15supported components, 14

Cisco AVVID IP telephony solution, 568Cisco Catalyst switches. See also Catalyst switches

configuration of management parameters, 83clock and NTP settings, 86–88DNS, 92management IP address, 85system logging, 92system names, 84Telnet and SSHs, 89–91

managing configurations, 93overview, 34

Cisco CatOScompared to Cisco IOS (Native Mode), 80, 83configuring VLANs, 136converting to Cisco IOS (Native Mode), 103feature parity with Cisco IOS (Native Mode),

81–82MDGs, 303–304switches, 86

configuration changes, 94displaying STP information, 214DNS lookup, 92passwords, 89syslog destination, 93time adjustments, 88

verifying trunking configurations, 163Cisco CatOS–based switches

L2 traceroute command output, 726SPAN configuration, 708

Cisco Express Forwarding (CEF), 361–363, 514Cisco Group Management Protocol (CGMP), 483–484

Cisco Group Management Protocol (CGMP)


766

Cisco IFS, 95determining IFS size and contents, 97formatting and copying images, 95prefix descriptions, 96

Cisco IOSconfiguring

AAA authorization, 596Catalyst switches (exercise), 111–117IEEE 802.1Q trunking, 160–161ISL trunking, 159

debug command, 105file system, 95

determining size and contents, 97image naming, 97–98

global configuration mode, 133–135hybrid mode, 98image upgrading, 101Native Mode

compared to Cisco CatOS, 80, 83converting to from Cisco CatOS, 103feature parity with Cisco CatOS, 81–82naming conventions, 98show command, 105

switchesconfiguring for SSH, 91DNS, 92DNS lookup, 92L2 traceroute command output, 725NTP settings, 88SPAN configuration, 709syslog destination, 93time adjustments, 88

verifying trunking configurations, 161–162VLAN database configuration mode, 133voice VLANs, 570

Cisco IOS Server Load Balancing. See SLBCisco IP phone daisy-chain topology, 569Cisco LRE (Long-Reach Ethernet), 54Cisco MDS 9000 multilayer switches, 649

iSCSI/FCIP, 651multipath forwarding, 652port channeling, 652VSANs, 650zoning, 653

Cisco metro solutions, 660example, 661generic hierarchy, 662

metro Ethernet switching products, 662Catalyst 3550 switches, 665Catalyst 4500 switches, 664Catalyst 6500/Cisco 7600 switches, 663

optical platforms, 662Cisco SN 542x iSCSI routers, 654–655Cisco StackWise technology, 624Cisco storage solutions, 648

Cisco MDS 9000 multilayer switches, 649–652Cisco SN 542x iSCSI routers, 654–655

classification, 404–409NBAR, 410–412policy-based routing, 412

clear vlan command, 137CLI (command-line interface), 79clock settings (Cisco Catalyst switches), 86–88commands (SCSI), 634Common Spanning Tree (CST), 225community VLANs, 142components

CEF, 363Cisco AVVID, 14Internet Connectivity module, 29Remote Access module, 30VPN module, 30

compression (header compression), 435configuration exercises

802.1X, 606–610AAA, 606–610aggressive mode UDLD, 333–334configuring

BackboneFast, 274–276Cisco IOS–based Catalyst switches,

111–117HSRP, 560–562multicast in multilayer switched networks,

494–498QoS on Catalyst Switches, 440–446Root Guard, 277RPR+, 557–559spanning-tree priorities and spanning-tree

port cost, 234–241UplinkFast, 277VLAN, trunking, and VTP in multilayer

switched networks, 176–180voice VLANs on a Catalyst switch, 577–581

EtherChannel, 328–332

Cisco IFS


767

inter-VLAN routing using SVI on Building Distribution switch, 358

troubleshooting CEF-based MLS, 382–386VACLs, 607, 610

configuring, 542AAA accounting, 596–597AAA authentication, 593AAA authorization, 594aggressive mode UDLD, 326baby giant and jumbo frame support, 318BackboneFast, 254, 274–276broadcast and multicast suppression, 312burst size, 418CEF-based MLS, 375

viewing Layer 3 Engine adjacency table, 378viewing Layer 3 Engine CEF table, 376

Cisco IOS–based Catalyst switches, 111–117debounce timer feature, 310DHCP snooping, 315DNS lookup, 92err-disable timer, 298EtherChannel, 288–290FCIP, 647HSRP, 534–541IEEE 802.1Q trunking, 160–161inter-VLAN routing, verifying configuration, 350iSCSI, 644ISL trunking, 159LACP, 285MAC address notification, 305management parameters of Cisco Catalyst

switches, 83management IP address, 85system names, 84

marking, 415MDGs, 304MST, 230–233multicast, 485–486

IGMP snooping, 487sparse-dense mode with BSR, 487

multilayer switched networks, 79, 361NAM, 728policing, 419PortFast, 247–248protocol filtering, 307

PVST+port cost, 210root bridges, 209

Root Guard, 260, 277RPR+, 515RSPAN, 717–718SPAN, 708SRM, 518STP, 211–213, 236switches for SSH, 91syslog destination, 93UDLD, 322UplinkFast, 249, 277VACL with the capture option, 722virtual servers, 554VLANs, 133–137

private VLANs, 147verifying configuration, 138–139

VTP, 171–174WRED, 431WRR on Catalyst 6500 switches, 423

congestion avoidancetail drop, 427WRED, 428–430

congestion management, 420FIFO queuing, 421priority queuing, 425–426WRR, 422–424

console ports, connecting to switches, 108content addressable memory (CAM), 368converting Cisco CatOS to Cisco IOS (Native Mode),

103copy command, 93copy running-config startup-config command, 514copy tftp flash command, 100copying images on the Cisco IFS, 95core layer, 17core LSRs, 697CQ (custom queuing), 426creating

loop-free spanning treesplanning root bridge selection, 198–199root bridge election, 198selection of root and designated ports, 200

VLANs, 135–137crypto key generate command, 90CST (Common Spanning Tree), 225

CST (Common Spanning Tree)


768

custom queuing (CQ), 426CWDM GBIC modules, 679CWDM OADM modules, 679

DDAS (Direct Attached Storage), 633data paths (Catalyst 6500 switches), 615data-link technologies, 45

10 Gigabit Ethernet, 5210-Mbps Ethernet, 46Fast Ethernet, 47Fast Ethernet and Gigabit Ethernet auto-

negotiation, 51GBICs, 53Gigabit Ethernet, 48–50LRE, 54

debounce timer feature, 309configuring, 310enabling, 309

debug all command, 107debug command, 107debugging CEF on the Layer 3 Engine, 380default gateway router redundancy, 523

GLBP, 547HSRP, 527–542IRDP, 525proxy ARP, 524static default gateway configuration, 526VRRP, 543–546

deleting VLANs, 135–136deploying IP telephony solutions, 575designing

multilayer switched networkscase study, 69–70Cisco Catalyst switches and data-link

technologies, 55configuration, 79data-link technologies, 45large campus networks, 60–63medium-sized campus networks, 58–59selecting Layer 2 or Layer 3 switches, 56Server Farm module, 63–66small campus networks, 57

networks (IP telephony), 567–574DHCP snooping, 313–314

DHCP-based management IP configuration, 307–308DiffServ (differentiated services) model, 389, 396

IP precedence bit mappings, 398packet classification, 397

directed VLAN service (DVS), 669Direct Attached Storage (DAS), 633disabled state, 195disabling

CDP, 589integrated HTTP daemon, 589Telnet access, 116unneeded or unused services, 588

discard adjacency, 379distance limitations

Ethernet wire, 48Gigabit Ethernet, 50

distributed switching, 366distribution layer, 17DNS, configuring on switches, 92drop adjacency, 379DSCP, 405duplex mismatch, 266DVS (directed VLAN service), 669DWDM

metro Ethernet, 674–675OADMs, 678optical multiplexers, 678wavelengths, 676

dynamic VLANs, 131

EE-Commerce module, 28EDFAs (eribium doped fiber amplifiers), 678Edge Distribution module, 24Edge Distribution submodule, 23egress LER, 697EIGRP (Enhanced Interior Gateway Routing

Protocol), 62electing a root bridge, 198EMI (Enhanced Multilayer Image), 625enabling

debounce timer feature, 309NDE as source for NAM, 732passwords, 89

encapsulation dot1Q 1 native command, 349

custom queuing


769

end-to-end VLANs, benefits in campus networks, 129Enhanced Interior Gateway Routing Protocol

(EIGRP), 62Enhanced Multilayer Image (EMI), 625enhancing network performance

critical success tasks, 704monitoring with RSPAN, 714

configuring, 717–718guidelines and restrictions, 714–715

monitoring with VACL with the capture option, 721–722

SPAN, 705–706configuring, 708guidelines and restrictions, 706monitoring CPU interface of switches,

711–712VSPAN

configuration, 710guidelines and restrictions, 707

Enterprise Campus, 21infrastructure, 22meeting the needs of Enterprise networks, 25sample implementation, 24submodules, 22–24

Enterprise Composite Network Model, 12, 17Campus Infrastructure module, 55Enterprise Campus, 21–24Enterprise Edge, 19, 26

E-Commerce module, 28Internet Connectivity module, 29modules, 27Remote Access module, 30sample implementation, 31VPN module, 30WAN module, 30

Gigabit Ethernet, deployment strategies, 49IP telephony deployment best practices, 575overview, 18sample implementation, 20Service Provider Edge, 19, 31

ISP module, 32PSTN module, 32sample implementation, 33

Enterprise Edge, 19, 26, 68E-Commerce module, 28Internet Connectivity module, 29modules, 27

Remote Access module, 30sample implementation, 31VPN module, 30WAN module, 30

Enterprise Edge submodule, 25enterprise MANs, 665enterprise networks, storage, 64EoMPLS (Ethernet over Multiprotocol Label

Switching), 691–693characteristics, 694–695frames, 696–697functionality, 694multipoint, 698

erase startup-config command, 94eribium doped fiber amplifiers (EDFAs), 678err-disable timer, 298ESCON (Ethernet, Enterprise Systems Connection),

661EtherChannel, 282

configuration example, 287–290configuration exercises, 328–332guidelines, 286LACP modes, 285–286link redundancy, 507load balancing, 290–292PAgP modes, 284

Ethernet10 Gigabit Ethernet, 5210-Mbps Ethernet, 46baby giants, 315Fast Ethernet, 47Gigabit Ethernet, 48

deployment strategies, 49distance limitations, 50

jumbo frames, 317–318metro Ethernet, 54, 665

CDWM, 678–679connectivity and transport, 666–669DWDM, 675EoMPLS, 691–697EoMPLS multipoint, 698optical distance challenges, 680–681Q-in-Q Catalyst configuration, 689SONET, 670–672tunneling, 681–687WDM, 673–674

EtherChannel


770

EtherChannel (continued)metro Ethernet switching products, 662–663

Catalyst 3550 switches, 665Catalyst 4500 switches, 664

trunking modes, 158wire standards and maximum distances, 48

Ethernet over Multiprotocol Label Switching. See EoMPLS

Ethernet, Enterprise Systems Connection (ESCON), 661

EtherType fields, 686exclamation point (!) character, 102expedited forwarding, 400

FFast Ethernet, 47, 51fast link pulses (FLPs), 742FCID (Fibre Channel_ID), 638FCIP (Fibre Channel over IP), 633

configuring, 647implementing, 646overview, 646

FEC (Forwarding Equivalence Class), 697Fibre Channel, 636

addressing, 638architecture, 637buffer-to-buffer credit, 654comparison with IP, 641port types, 639topologies, 639–640

Fibre Channel over IP. See FCIPFibre Channel_ID (FCID), 638FIBs, 363FICON (Fibre Connection), 661FIFO queuing, 421file systems, 95filtering

BPDU, 256DHCP snooping, 313

flooding, blocking unicast flooding on desired ports, 302

FLPs (fast link pulses), 742formatting images on the Cisco IFS, 95forward delay timer, 195

Forwarding Equivalence Class (FEC), 697forwarding loops, preventing, 261, 264forwarding state, 195Frame Relay, ATM, and PPP module, 33frames

baby giants, 155, 315BPDUs, 193corruption, 268EoMPLS, 696IEEE 802.1Q, 154ISL, 151jumbo, 317–318

functional areas (Enterprise Composite Network Model), 20

GGBICs (Gigabit Interface Converters), 53Gigabit Ethernet, 48

deployment strategies, 49distance limitations, 50Fast Ethernet and Gigabit Ethernet auto-

negotiation, 51GLBP (Gateway Load Balancing Protocol), 547global configuration mode, 135globally scoped addresses, 458GLOP addressing, 459groups, multicast, 456

Hhardware-switching, 4header compression, 435hello time timer, 195high availability, 503–504, 507

IP telephony solutions, 574Host Side IGMP Library (HSIL), 478Hot Standby Router Protocol. See HSRPHSIL (Host Side IGMP Library), 478HSRP (Hot Standby Routing Protocol), 7, 527, 542

configuration exercise, 560–562configuring, 534–542load balancing, 532states, 529

EtherChannel


771

virtual MAC address, 530virtual router, 528

Hybrid OS, 80

IIEEE 802.1D, 191. See also STPIEEE 802.1Q, 150

implementing, 152–155trunking, 207

configuring, 160–161verifying configuration, 161–163

IEEE 802.1Q-in-Q tunneling, 157IEEE 802.1w. See RSTPIGMP

IGMPv1, 473IGMPv2, 474–475IGMPv3, 476

query message field description, 476report packet field description, 477

IGMPv3 lite, 478snooping, 482, 487

image naming (Cisco IOS), 97–98images

loading on a Catalyst switch, 100transport methods, 103

implementingFCIP, 646IEEE 802.1Q, 152–155iSCSI, 642ISL, 150–152pVLANs, 143redundant Supervisor Engine uplink modules,

520VSANs, 650zoning, 653

infrastructure (Enterprise Campus), 22inpkts keyword, 708integrated services (IntServ) model, 389, 395intelligent, 627interfaces (Catalyst 6500 switches), 614Internet Connectivity module, 29Internet service providers (ISPs), 5Internetwork Packet Exchange (IPX), 592Inter-Switch Link (ISL), 150

inter-VLAN routing, 339–341configuration exercise, 358IP broadcast forwarding, 352–353multilayer Catalyst switches, 341–344

bridge virtual interface, 347switch virtual interface, 345–346

router on a stick, 347–349UDP broadcast forwarding, 353verifying configuration, 350

IntServ (integrated services) model, 389, 395IP

addresses, 457–459comparison with Fibre Channel, 641gateways, 643

IP helper-address command, 353IP multicast protocol, 484–485

IGMPIGMPv1, 473IGMPv2, 475IGMPv3, 476–477IGMPv3 lite, 478

PIM, 466automating distribution of RP, 469PIM sparse-dense mode, 469PIM-DM, 467PIM-SM, 468version comparison and compatibility, 472–473

IP multicast shared tree distribution, 464IP multicast source distribution tree, 464IP RTP Priority, 432–433IP telephony

deployment best practicies, 575high availability, 574network design recommendations, 567–568

network bandwidth provisioning, 571network management, 573power considerations, 572QoS, 568security, 574voice (auxiliary) VLANs, 569–570

IPX (Internetwork Packet Exchange), 592IRDP, 525iSCSI (IP over SCSI), 633

configuring, 644implementing, 642IP gateways, 642–643overview, 642

iSCSI (IP over SCSI)


772

ISL (Inter-Switch Link), 150implementing, 150, 152trunking

configuring, 159verifying configuration, 161–163

isolated VLANs, 142ISP module, 32ISPs (Internet service providers), 5ITU grid, 677

J–LJBODs (just a bunch of disks), 634jitter, 393jumbo frames, 317, 318just a bunch of disks (JBODs), 634

L2 traceroute commandavailability on Catalyst switches, 724output from Cisco IOS–based switches, 725

LACPconfiguring, 285modes, 285–286

large campus networks, 60, 63latency, 392Layer 2

Cisco CatOS, 80legacy switches, 6multicast protocols, 481

CGMP snooping, 483–484IGMP snooping, 482

multilayer switching, 12protocols

CDP, 293–294UDLD, 319

switching, 6, 9Layer 3

marking, 413multilayer switching, 12protocol filtering, 306–307switching, 7, 10, 14

ARP, 11packet rewriting, 10routing protocol support, 343viewing Layer 3 Engine adjacency table, 378viewing Layer 3 Engine CEF table, 376

Layer 4performance, 8QoS marking, 6terminology, 7

Layer 7 switching, 8layers

multilayer switched networks, 5Network Design Hierarchical Model, 17PDUs, 9Server Farm module, 65

leaky token buck algorithm, 417learning state, 195LFI (link fragmentation and interleaving), 435limited-scope addresses, 459line cards (Catalyst 6500 switches), 616link-efficiency mechanisms, 434–435links

failures, 252redundancy, 507spanning-tree path cost, 191unidirectional link failures, 267

listening state, 195LLQ (low-latency queuing), 432load balancing

EtherChannel, 290–292HSRP, 532

load sharing (CEF-based MLS), 374local VLANs, benefits in campus networks, 129Loop, 264Loop Guard, 261–264

Root Guard, 264versus aggressive mode UDLD, 265

loop-free spanning trees, creatingplanning root bridge selection, 198–199root bridge election, 198selection of root and designated ports, 200

loopsbridging, preventing, 190bridging loops, 188

low-latency queuing (LLQ), 432

MMAC addresses, 191

notification, 304–305managing Catalyst switch configurations, 93

ISL (Inter-Switch Link)


773

mappings (VLANs), 156marking, 413

configuring, 415Layer 3, 415

max age timer, 195MDGs (Multiple Default Gateways), 303–304metro Ethernet, 54, 665

CDWM, 678–679connectivity and transport, 666–667

DVS, 669TLS, 668

DWDM, 675EoMPLS, 691–693

characteristics, 695frames, 696–697functionality, 694

multipoint, 698optical distance challenges, 680–681SONET, 670–672tunneling, 681

802.1Q packet tagging, 683no tunneling, 682Q-in-Q Catalyst configuration, 689tag stacking (Q-in-Q tunneling), 684–687

WDM, 673–674metro Ethernet switching products, 662–663

Catalyst 3550 switches, 665Catalyst 4500 switches, 664

metro solutions. See Cisco metro solutionsMFIB (multicast forwarding information base), 481MFSC (Multilayer Feature Switch Card) model, 103MLS (multilayer switching), 361

CEF-based MLS, 363configuration, 375distributed switching, 366load sharing, 374sample operation, 372switching table architectures, 368–371troubleshooting, 380–386verification, 375viewing Layer 3 Engine adjacency table,

378viewing Layer 3 Engine CEF table, 376

traditional MLS, 362mls nde sender command, 731

MMLS (multicast multilayer switching), 479mode rpr-plus command, 559monitoring IP multicast traffic, 489–493monitoring performance

RSPAN, 714configuring, 717–718guidelines and restrictions, 714–715

VACL with the capture option, 721–722moving configurations from one device/component to

another, 93MSFC (Multilayer Switch Feature Card), 79, 616MST (Multiple Spanning Tree), 224–226

802.1Q, 225configuring, 230–233IST instances, 228instances, 229PVST+, 225regions, 227

multicastconfiguring, 485–487forwarding tree, 463

shared trees, 464source trees, 463

group membership, 456hardware-based switching methods, 479

CEF-based MMLS, 480MFIB, 481MMLS, 480

IP address structure, 457GLOP addresses, 459reserved link local addresses, 458

overview, 453–455RPF, 460–461suppression, 312

multicast forwarding information base (MFIB), 481multicast multilayer switching (MMLS), 479multilayer Catalyst switches, inter-VLAN routing,

341–344bridge virtual interface, 347IP broadcast forwarding, 352–353router on a stick, 347–349switch virtual interface, 345–346UDP broadcast forwarding, 353verifying configuration, 350

Multilayer Switch Feature Card (MSFC), 79, 103, 616

Multilayer Switch Feature Card (MSFC)


774

multilayer switched networks, 5Catalyst switch security, 585–587Cisco AVVID, 14

applications, 15supported components, 14

configuring, 79data-link technologies, 45

10 Gigabit Ethernet, 5210-Mbps Ethernet, 46Fast Ethernet, 47Fast Ethernet and Gigabit Ethernet auto-

negotiation, 51GBICs, 53Gigabit Ethernet, 48–50LRE, 54

default gateway router redundancy, 523GLBP, 547HSRP, 527–542IRDP, 525proxy ARP, 524static default gateway configuration, 526VRRP, 543–546

designingcase study, 69–70Cisco Catalyst switches and data-link

technologies, 55large campus networks, 60–63medium-sized campus networks, 58–59selecting Layer 2 or Layer 3 switches, 56Server Farm module, 63–66small campus networks, 57

DHCP snooping, 314Enterprise Composite Network Model, 12, 17

Enterprise Campus, 21Enterprise Edge, 19, 26–31overview, 18Service Provider Edge, 19, 31–33submodules, 22–24

Enterprise Edge, 68EtherChannel, 287introduction, 3IP multicast protocol, 484–485

IGMP, 473–478PIM, 466–469, 472–473

Layer 2design properties, 9switching, 6

Layer 3, 10, 14ARP, 11packet rewriting, 10switching, 7

Layer 4performance, 8terminology, 7

Layer 7 switching, 8multicast

group membership, 456IP address structure, 457–459overview, 453–455RPF, 460–461

multicast forwarding tree, 463shared trees, 464source trees, 463

multicast hardware-based switching methods, 479CEF-based MMLS, 480MFIB, 481MMLS, 480

OSI reference model, 5QoS, 388–389, 436

assured forwarding, 399–400Building Access submodule, 437Building Distribution submodule, 438Campus Backbone, 439Catalyst fundamentals, 401–415congestion avoidance, 427–430congestion management, 420–426DiffServ model, 396–398expedited forwarding, 400IntServ model, 395jitter, 393latency, 392need for, 390–391packet loss, 394service models, 395traffic conditioning, 416–419

routed ports, 344trunking, 149

multilayer switching. See MLSmultipath forwarding, 652Multiple Default Gateways (MDGs), 303–304Multiple Spanning Tree. See MST, 224

multilayer switched networks


775

NNAM (Network Analysis Module), 727

performance monitoring in Catalyst 6500 switches, 727

autostart collections, 732configuration, 728data sources, 730NDE as data source, 732troubleshooting common problems, 735verifying configuration, 734

versions, 727naming images (Cisco IOS), 97–98

NAT (network address translation), 4NBAR, 410–412NDE (NetFlow Data Export), 730

as a traffic source for NAM, 731enabling, 732

network address translation (NAT), 4Network Analysis Module. See NAMNetwork Design Hierarchical Model layers, 17Network Management Processor (NMP), 616Network Management submodule, 23–25Network Time Protocol (NTP), 7networks, 224, 484

bandwidth provisioning, 571designing IP telephony systems, 567–574enhancing performance

critical success tasks, 704monitoring CPU interface of switches with

SPAN, 711–712SPAN, 705–708VSPAN, 707, 710

Ethernet (metro), 54high availability, 503–504, 507management, considerations for IP telephony

solutions, 573monitoring performance

RSPAN, 714–718VACL with the capture option, 721–722

port security, 295blocking unicast flooding on desired ports,

302restricting traffic based on host MAC

addresses, 300–301

traffic based on host MAC addresses, 296–299

securityACLs, 601network access (802.1X), 598–600private VLANs, 604QoS, 605

storage networkingcampus network integration, 647Cisco SN 542x iSCSI routers, 654–655Cisco storage solutions, 648–652FCIP, 646Fibre Channel, 636–641iSCSI, 642overview, 634–635

VLANs, 128configuring, 133–137, 147deleting, 136dynamic, 131implementing in campus networks, 128–129ranges, 132ranges and mappings, 156service provider–managed VLAN services,

157static, 131troubleshooting, 140–145trunking, 148–155trunking configuration, 159–163trunking modes and methods, 157–158trunking troubleshooting, 163verifying configuration, 138–139

NLPs (normal link pulses), 742NMP (Network Management Processor), 616no monitor session command, 716no switchport command, 289no switchport interface command, 344node World Wide name (nWWn), 638nonlinearities, 681non-RPF multicast traffic, 461normal link pulses (NLPs), 742NTP (Network Time Protocol), 7NTP settings (Cisco Catalyst switches), 86–88null adjacency, 379nWWn (node World Wide name), 638

nWWn (node World Wide name)


776

OOADMs (optical add/drop multiplexers), 678–679OIR (Online Insertion and Removal) of standby

Supervisor Engines, 513ONS, 662Open Shortest Path First (OSPF), 62optical add/drop multiplexers (OADMs), 678optical platforms (Cisco metro solutions), 662OS

Cisco CatOS compared to Cisco IOS (Native Mode), 80

Hybrid OS, 80OSI reference model, 5OSPF (Open Shortest Path First), 62

Ppackets

loss, 101, 394rewriting, 11VoIP, 571

PAgP modes, 284passwords, 89, 586PBR (policy-based routing), 412PDUs (protocol data units), 8Per VLAN Spanning Tree Plus. See PVST+performance

enhancingcritical success tasks, 704SPAN, 705–708, 711–712VSPAN, 707, 710

Layer 4 switching, 8performance monitoring, NAM (Catalyst 6500

switches), 727autostart collections, 732configuration, 728data sources, 730NDE as data source, 732troubleshooting common problems, 735verifying configuration, 734

permanent filters, 301PFC (Policy Feature Card), 616PIM, 466

automating distribution of RP, 469dense mode, 467

PIM sparse-dense mode, 469PIM-SM, 468version comparison and compatibility, 472–473

PIM sparse-dense mode, 469PIM-DM (dense mode), 467PIM-SM (sparse mode), 468plain old telephone service (POTS), 54PMD (polarization mode dispersion), 680point-to-point topology, 639polarization mode dispersion (PMD), 680policing, 417

burst size, 418configuring, 419

policy-based routing (PBR), 412Policy Feature Card (PFC), 616PortFast, 246

BPDU filtering, 257configuration errors, 268configuring, 248

portschanneling, 652checking status, 272configuring cost, 210EtherChannel, 286Fibre Channel, 639Root Guard, 258–260roles (RSTP), 218routed, 344security, 295

blocking unicast flooding on desired ports, 302

restricting traffic based on host MAC addresses, 300–301


spanning-tree port states, 196POTS (plain old telephone service), 54pound sign (#) character, 102power (loss of), 572power supplies, redundancy, 521–522preventing bridging loops, 190priority queuing, 425private VLANs, 604

configuring, 147troubleshooting, 142–145

protocol data units (PDUs), 8

OADMs (optical add/drop multiplexers)


777

protocolsLayer 2

CDP, 293, 294multicast, 481–484

MST, 232storage networking

FCIP, 646Fibre Channel, 636–641iSCSI, 642

STP, 187trunking, 150

IEEE 802.1Q, 152–155ISL, 150–152VTP, 163–173

UDLD, 319proxy ARP, 524pruning, 167PSTN module, 32punt adjacency, 379pVLANs

configuring, 147port structure, 143troubleshooting, 142–145

PVST+ (Per VLAN Spanning Tree Plus), 205configuring

port cost, 210root bridges, 209

MAC address allocation and reduction, 206MST, 225

QQ-in-Q Catalyst configuration, 689Q-in-Q STP, 687Q-in-Q tunneling, 684–688QoS (quality of service), 4, 388–389, 605

Catalyst switches, 401–402classification, 404–412congestion avoidance, 427–430congestion management, 420–426marking, 413–415traffic conditioning, 416–419

classification, 567jitter, 393latency, 392marking in Layer 4, 6

multilayer switched networks, 436Building Access submodule, 437Building Distribution submodule, 438Campus Backbone, 439

need for, 390–391packet loss, 393–394service models, 395

assured forwarding, 399–400DiffServ model, 396

IP precedence bit mappings, 398packet classification, 397

expedited forwarding, 400IntServ model, 395

WANsIP RTP Priority, 432–433link-efficiency mechanisms, 435LLQ, 432WFQ, 431

QoS ACLs, 601quality of service. See QoS

RRACLs (router access control lists), 601–602RADIUS, 592random early detection (RED), 428–429ranges (VLANs), 132, 156Rapid Spanning Tree Protocol. See RSTPrapid transition to forwarding, 220–221RED (random early detection), 428–429redundancy, 504

Catalyst 6500 switch SRM, 516configuring, 518displaying status, 519failure scenario, 518

default gateway routers, 523GLBP, 547HSRP, 527–542IRDP, 525proxy ARP, 524static default gateway configuration, 526VRRP, 543–546

link redundancy, 507redundant power supplies, 521–522redundant Supervisor Engine, uplink modules,

520

redundancy


778

redundancy (continued)route processor, 510–511RPR+, 512–513

configuring, 515switchover, 514

Redundant Power Systems (RPSs), 523redundant Supervisor Engines, 508–510

route processor redundancy, 510–511RPR+, 512–515

redundant switched networks, 506Remote Access module, 30remote RSPAN, 714–715reserved link local addresses, 458resiliency (STP), 255resource errors, 268restricting traffic based on host MAC addresses, 300root bridges

configuring, 209election, 198planning selection, 198–199selection (sample selection), 201

Root Guard, 258–259configuration exercise, 277configuring, 260Loop Guard, 264

root port selection (sample scenario), 202route processor redundancy, 510–511router access control lists (RACLs), 601router on a stick feature, 347–349routers

BSRs, 471redundancy, 516–519

routinginter-VLAN routing, 339–341

bridge virtual interface, 347IP broadcast forwarding, 352–353multilayer Catalyst switches, 341–344router on a stick, 347–349switch virtual interface, 345–346UDP broadcast forwarding, 353verifying configuration, 350

protocols, support for Cisco Catalyst Layer 3 switches, 343

RPF (Reverse Path Forwarding), 460–461RPR+, 512–513

configuring, 515, 557–559switchover, 514

RPSs (Redundant Power Systems), 523RSPAN

configuring, 717–718guidelines and restrictions, 714–715performance monitoring, 714remote, 714–715session support, 721

RSTP (Rapid Spanning Tree Protocol), 216802.1D compatibility, 223BPDU format, 219port roles, 218rapid transition to forwarding, 220–221topology change mechanism, 222–223

SSANs, 64, 651SCSI (Small Computer System Interface), 634SCSI over IP. See iSCSIsecondary VLANs, 142Secure-HTTP (S-HTTP), 7security

AAAaccounting, 593, 596–597authentication, 591–593authorization, 592–594

ACLs, 601Catalyst switch configurations, 585

ACLs, 586–587disabling the integrated HTTP daemon, 589disabling unneeded services, 588passwords, 586physical access, 587

IP telephony solutions, 574network access (802.1X), 598–600ports, 295

blocking unicast flooding on desired ports, 302

restricting traffic based on host MAC addresses, 300–301


private VLANs, 604QoS, 605SNMP, 590STP, 590

redundancy


779

system logging, 590system warning banners, 588

Server Farm access layer, 65–67Server Farm distribution layer, 65Server Farm module, 63

infrastructure architecture, 65–66SANs, 64switches, 64

Server Farm submodule, 23–25servers (VTP), 172Service Provider Edge, 31

ISP module, 32PSTN module, 32sample implementation, 33

service provider–managed VLAN services, 157

set boot system flash command, 100shaped round robin (SRR), 425shaping, 416Shared STP (SSTP), 208shared trees, 464show adjacency command, 379show adjacency detail command, 379show command, 105show current command, 231show interfaces command, 139show ip cef command, 376show ip cef detail command, 376show ip mroute command, 489show ip pim interface command, 492show ip pim interface count command, 493show mac address-table interface command,

139show pending command, 231show processes cpu command, 272show running-config command, 139show spanning-tree command, 212show vlan command, 138show VTP domain command, 174show vtp status command, 174S-HTTP (Secure-HTTP), 7Single Router Mode (SRM), 516


size (Cisco IFS), 97

SLB (Cisco IOS Server Load Balancing), 550configuring

the server farm with real servers, 552–553virtual servers, 554–555

modes of operation, 552slow throughput, troubleshooting, 141small campus networks, 57Small Computer System Interface (SCSI), 634SMI (Standard Multilayer Image), 625SNAP (Subnetwork Access Protocol), 293SNMP, security, 590snooping (DHCP), 313–314software, updating versions, 99–102software-switching, 4SONET, 670–672source trees, 463Source-Specific Multicast (SSM), 458SPAN (Switched Port Analyzer), 651, 705–706

configuring, 708guidelines and restrictions, 706monitoring CPU interface of switches, 711–712session support, 721troubleshooting Catalyst 6500 switches, 713

spanning tree protocol. See STPSpanning-Tree Algorithm (STA), 190spanning-tree path cost, 191spanning-tree port states, 194–196sparse-dense mode with BSR, 487SRM (Single Router Mode), 516


SRR (shaped round robin), 425, 664SSH (Secure Shell), 89–90

accessing switches during an upgrade, 100configuring switches for, 91establishing IP connectivity, 109software support, 90

SSM (Source-Specific Multicast), 458SSTP (Shared STP), 208STA (Spanning-Tree Algorithm), 190Standard Multilayer Image (SMI), 625static default gateway configuration, 526static filters, 301static VLANs, 131steady state STP, 321storage (enterprise networks), 64

storage (enterprise networks)


780

storage networkingcampus network integration, 647Cisco storage solution, 648

Cisco MDS 9000 multilayer switches, 649–652

Cisco SN 542x iSCSI routers, 654–655overview, 634–635protocols

FCIP, 646Fibre Channel, 636–641iSCSI, 642

STP (spanning tree protocol), 187, 191BackboneFast, 250

configuring, 254link failures, 252

BPDUs, 192frame format, 193timers, 194

bridge IDs, 191configuring, 211–213, 236enhancements, 246events debug, 271IEEE 802.1Q trunks, 207Multiple Spanning Tree (MST), 224–226

802.1Q, 225configuring, 230–233IST instances, 228MST instances, 229PVST+, 225regions, 227

operation overview, 197planning root bridge selection, 198–199root bridge election, 198selection of root and designated ports, 200

overview, 187port path cost, 210PortFast, 246–248PVST+. See PVST+Q-in-Q STP, 687resiliency, 255

BPDU filtering, 256BPDU Guard, 255BPDU skewing, 257–258Root Guard, 258–260

RSTP, 216BPDU format, 219port roles, 218rapid transition to forwarding, 220–221topology change mechanism, 222–223

sample election process scenario, 201–202security, 590spanning-tree path cost, 191spanning-tree port states, 194–196topology changes, 202–204troubleshooting, 266

duplex mismatch, 266frame corruption, 268inappropriate STP diameter parameter

tuning, 269methodology, 270–272PortFast configuration errors, 268resource errors, 268unidirectional link failures, 267

UplinkFast, 248–249STS-1 (synchronous transport signal-level 1), 671subnets, routing packets between, 7Subnetwork Access Protocol (SNAP), 293Supervisor Engine I, 616Supervisor Engine II, 617Supervisor Engine 720, 618Supervisor Engines

OIR, 513redundancy, 508–510

route processor redundancy, 510–512RPF+, 515RPR+, 513–514

uplink modules, 520suppression

broadcast, 311–312multicast, 312

Switched Fabric topology (Fibre Channel), 640Switched Port Analyzer. See SPANswitches

Cisco Catalyst switchesCatalyst 2950, 627–628Catalyst 3550, 625–626Catalyst 3750, 623–624Catalyst 4500, 620–621Catalyst 6500, 613–618clock and NTP settings, 86–88

storage networking


781

configuration of management parameters, 83–85

DNS, 92managing configurations, 93system switches, 92Telnet and SSH, 89–91troubleshooting, 104–109updating software versions, 99–102

Cisco CatOS, 86displaying STP information, 214MDGs, 303–304passwords, 89

Cisco IOSDNS, 92NTP settings, 88

Cisco MDS 9000 multilayer switches, 649configuring for SSH, 91converting to Cisco IOS (Native Mode) from

Cisco CatOS, 103high availability, 503–507legacy Layer 2 switches, 6multilayer, 12Root Guard, 259Server Farm module, 64VTP-transparent switches, 166

switchingdistributed, 366hardware-switching, 4Layer 2, 6, 9Layer 3, 7, 10, 14

ARP, 11packet rewriting, 10

Layer 4performance, 8terminology, 7

Layer 7, 8software-switching, 4table architectures

CAM tables, 368TCAM, 369–371

terminology, 5switchport command, 289, 706synchronous data, 660synchronous transport signal-level 1 (STS-1), 671system logging, 92, 590system names, configuring meaningful names, 84

TTACACS+, 592tag stacking (Q-in-Q tunneling), 684–687tail drop, 427TC (Topology Change) bit set, 203TCAM (ternary content addressable memory), 4TCN, 203Technology Ability field, 743Telnet, 89

accessing switches during an upgrade, 100disabling access, 116establishing IP connectivity, 109

terminologyLayer 4 switching, 7switching, 5

ternary content addressable memory (TCAM), 4TFTP, packet loss, 101throughput, troubleshooting slow, 141time stamping, 86TLS (transparent LAN service), 668topologies, 569

Fibre Channel, 639–640metro Ethernet, 55multiple Ethernet technologies, 46

topology change mechanism (RSTP), 222–223traffic, 394

conditioningpolicing, 417–419shaping, 416

congestion avoidancetail drop, 427WRED, 428–430

congestion management, 420custom queuing, 426FIFO queuing, 421priority queuing, 425WRR, 422–424

DHCP snooping, 314load balancing (EtherChannel), 290–292monitoring, 489–493restricting based on host MAC addresses, 300

TrafficDirector application, 728transparent LAN service (TLS), 668

transparent LAN service (TLS)


782

troubleshootingCatalyst switches, 104

Catalyst 6500 switches using SPAN, 713configuration commands, 106connecting to switches via console ports,

108debug commands, impact and use, 106IP connectivity, 109show and debug commands, 105

CEF-based MLSconfiguration exercise, 382–386debugging CEF on Layer 3 Engine, 380methodology, 381

forwarding loops and black holes, 261, 264L2 traceroute command

availability on Catalyst switches, 724output from Cisco IOS–based witches, 725

NAM, 735preventing bridging loops, 190STP, 266

duplex mismatch, 266frame corruption, 268inappropriate STP diameter parameter

tuning, 269methodology, 270–272PortFast configuration errors, 268resource errors, 268unidirectional link failures, 267

trunking, 163VLANs, 140

communication issues, 141private VLANs, 142–145slow throughput, 141

VTP, 175trunking, 651

limiting connections, 590protocols, 163–173troubleshooting, 163VLANs, 148

configuration, 159–161IEEE 802.1Q, 152–155ISL, 150–152modes and methods, 157–158multilayer switched networks, 149protocols, 150verifying configurations, 161, 162, 163

trusting DSCP, 405

tunnelingIEEE 802.1Q-in-Q tunneling, 157metro Ethernet, 681

802.1Q packet tagging, 683no tunneling, 682Q-in-Q Catalyst configuration, 689tag stacking (Q-in-Q tunneling), 684–687

UUDLD (Unidirectional Link Detection) protocol, 245,

319–322case study, 325configuring, 322

UDP broadcast forwarding, 353unicast flooding, blocking on desired ports, 302unicast suppression, 312unidirectional links

failures, 267Loop Guard, 263

updating software versions on Catalyst switches, 99–102

UplinkFast, 248configuration exercise, 277configuring, 249

UTP (unshielded twisted-pair), 47

VVACLs (VLAN access control lists), 601–602

capture option, monitoring performance, 721–722configuration exercise, 607, 610

verifyingCEF-based MLS, 375IP multicast traffic, 489–493STP configuration, 211–213VLAN configuration, 138–139VTP configuration, 174

Virtual Private Networks, 3Virtual Router Redundancy Protocol. See VRRPVirtual Switched Port Analyzer. See VSPANVLAN access control lists (VACLs), 601VLAN management policy servers (VMPSs), 131

troubleshooting


783

VLANs (Virtual LANs), 6, 125, 128configuring, 133–137

private VLANs, 147verifying configuration, 138–139

deleting, 136dynamic, 131implementing in campus networks, 128–129inter-VLAN routing, 339–341

IP broadcast forwarding, 352–353multilayer Catalyst switches, 341–344router on a stick, 347–349switch virtual interface, 345–347UDP broadcast forwarding, 353verifying configuration, 350

load balancing, 224private VLANs as a security feature, 604propagated, 590PVST+, 205ranges and mappings, 132, 156service provider–managed VLAN services, 157static, 131troubleshooting, 140

communication issues, 141private VLANs, 142–145slow throughput, 141

trunking, 148configuration, 159–161IEEE 802.1Q, 152–155ISL, 150–152modes and methods, 157–158multilayer switched networks, 149protocols, 150troubleshooting, 163verifying configurations, 161–163

voice, 569VMPSs (VLAN management policy servers), 131voice (auxiliary) VLANs, 569–570

configuration exercise, 577–581VoIP

IP telephony QoS features, 568packets, 571

VPN module, 30

VPNs (Virtual Private Networks), 3VRRP (Virtual Router Redundancy Protocol), 7,

543–545configuring, 545–546operation details, 545

VSANs, 650, 653VSPAN (Virtual Switched Port Analyzer), 705, 710

configuration, 710guidelines and restrictions, 707

VTP, 163–164advertisements, 166authentication, 171configuring, 171–173modes of operation, 165pruning, 167troubleshooting, 175versions, 168–170

VTP-transparent switches, 166VTYs, securing access to, 587

W–ZWAN module, 30WANs, QoS

IP RTP Priority, 433link-efficiency mechanisms, 435LLQ, 432WFQ, 431

warning banners, 588wavelengths (electromagnetic spectrum), 675WDM (Wave Division Multiplexing), 673–675WFQ (weighted fair queuing), 431WRED (weighted random early detection),

428–431write erase command, 94WRR (weighted round robin), 422–425WS-SVC-NAM-1, 727WS-SVC-NAM-2, 727WS-X6380-NAM, 727

zoning, 653

zoning


Symbols Numerics Seeptgmedia.pearsoncmg.com/images/1587051508/index/... · 2009. 6. 9. · I N D E...

Documents

Transcript of Symbols Numerics Seeptgmedia.pearsoncmg.com/images/1587051508/index/... · 2009. 6. 9. · I N D E...