Home > Store

Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide: (CCNP SWITCH 300-115), Rough Cuts

Add To My Wish List

Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide: (CCNP SWITCH 300-115), Rough Cuts

By Richard Froom, Erum Frahim
Published Mar 10, 2015 by Cisco Press. Part of the Foundation Learning Guides series.

Premium Item

Sorry, this book is no longer in print.

Not for Sale

Description

Sample Content

Updates

More Information

Description

Copyright 2015
Edition: 1st

Premium Item
ISBN-10: 0-13-396408-6
ISBN-13: 978-0-13-396408-0

This is the Rough Cut version of the printed book.

Now fully updated for the new Cisco SWITCH 300-115 exam, Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide is your Cisco® authorized learning tool for CCNP® or CCDP® preparation. Part of the Cisco Press Foundation Learning Series, it teaches you how to plan, configure, verify, secure, and maintain complex enterprise switching solutions using Cisco Catalyst® switches and Enterprise Campus Architecture.

The authors show you how to build scalable multilayer switched networks, create and deploy global intranets, and perform basic troubleshooting in environments using Cisco multilayer switches for client hosts and services. They begin by reviewing basic switching concepts, network design, and campus network architecture. Next, they present in-depth coverage of spanning-tree, inter-VLAN routing, first-hop redundancy, network management, advanced switch features, high availability, and campus network security.

Each chapter opens with a list of topics that clearly identify its focus. Each chapter ends with a summary of key concepts for quick study, as well as review questions to assess and reinforce your understanding. Throughout, configuration examples, and sample verification outputs illustrate critical issues in network operation and troubleshooting.

This guide is ideal for all certification candidates who want to master all the topics covered on the SWITCH 300-115 exam.

Serves as the official textbook for version 7 of the Cisco Networking Academy CCNP SWITCH course
Covers basic switching terminology and concepts, and the unique features of Cisco Catalyst switch designs
Reviews campus network design, including network structure, roles of Cisco Catalyst switches, and differences between Layer 2 and multilayer switches
Introduces VLANs, VTP, Trunking, and port-channeling
Explains Spanning Tree Protocol configuration
Presents concepts and modern best practices for interVLAN routing
Covers first-hop redundancy protocols used by Cisco Catalyst switches
Outlines a holistic approach to network management and Cisco Catalyst device security with AAA, NTP, 802.1x, and SNMP
Describes how to use advanced features to improve campus network resiliency and availability
Shows how to establish switch physical redundancy using Stackwise, VSS, or redundant supervisors
Explains advanced security features



Sample Content

Introduction xx

Chapter 1 Fundamentals Review 1

Switching Introduction 2

Hubs and Switches 2

Bridges and Switches 2

Switches of Today 3

Broadcast Domains 3

MAC Addresses 4

The Basic Ethernet Frame Format 4

Basic Switching Function 5

VLANs 6

The Spanning Tree Protocol 6

Trunking 7

Port Channels 7

Multilayer Switching 8

Summary 8

Chapter 2 Network Design Fundamentals 9

Campus Network Structure 9

Hierarchical Network Design 10

Access Layer 12

Distribution Layer 13

Core Layer (Backbone) 14

Layer 3 in the Access Layer 17

The Cisco Enterprise Campus Architecture 19

The Need for a Core Layer 20

Types of Cisco Switches 22

Comparing Layer 2 and Multilayer Switches 24

MAC Address Forwarding 24

Layer 2 Switch Operation 25

Layer 3 (Multilayer) Switch Operation 26

Useful Commands for Viewing and Editing Catalyst Switch MAC Address Tables 27

Frame Rewrite 28

Distributed Hardware Forwarding 28

Cisco Switching Methods 29

Route Caching 30

Topology-Based Switching 31

Hardware Forward Details 33

Study Tips 34

Summary 34

Review Questions 35

Chapter 3 Campus Network Architecture 41

Implementing VLANs and Trunks in Campus Environment 41

VLAN Overview 42

VLAN Segmentation 44

End-to-End VLANs 44

Local VLANs 45

Comparison of End-to-End VLANs and Local VLANs 46

Mapping VLANs to a Hierarchical Network 47

Implementing a Trunk in a Campus Environment 49

Understanding Native VLAN in 802.1Q Trunking 52

Understanding DTP 53

VLAN Ranges and Mappings 54

Configuring, Verifying, and Troubleshooting VLANs and Trunks 55

Verifying the VLAN Configuration 57

Configuring VLANs and Trunks 61

Best Practices for VLANs and Trunking 65

Voice VLAN Overview 67

Switch Configuration for Wireless Network Support 69

VLAN Trunking Protocol 70

VTP Overview 70

VTP Modes 71

VTP Versions 73

VTP Pruning 74

VTP Authentication 75

VTP Advertisements 75

VTP Messages Types 77

Summary Advertisements 77

Subset Advertisements 77

Configuring and Verifying VTP 78

Overwriting VTP Configuration (Very Common Issue with VTP) 87

Best Practices for VTP Implementation 93

Implementing EtherChannel in a Switched Network 94

The Need for EtherChannel 94

EtherChannel Mode Interactions 97

LACP 97

PAgP 98

Layer 2 EtherChannel Configuration Guidelines 99

EtherChannel Load-Balancing Options 100

Configuring EtherChannel in a Switched Network 102

EtherChannel Configuration and Load Balancing 103

EtherChannel Guard 108

Study Tips 109

Summary 110

Review Questions 110

Chapter 4 Spanning Tree in Depth 119

Spanning Tree Protocol Overview 120

STP Need 120

STP Standards 121

STP Operations 122

Bridge Protocol Data Units 124

Root Bridge Election 124

Root Port Election 126

Designated Port Election 128

STP Port States 129

Per-VLAN STP Plus (PVST+) 130

STP Topology Changes 131

Rapid Spanning Tree Protocol 133

RSTP Port Roles 134

Comparison of RSTP and STP Port States 135

RSTP Topology Changes 136

RSTP Link Types 138

Configuring and Modifying STP Behavior 140

Changing STP Priority 143

STP Path Manipulation 145

STP Timers 148

Implementing STP Stability Mechanisms 151

Use UplinkFast 153

Use BackboneFast 154

Use PortFast 156

Securing PortFast Interface with BPDU Guard 158

Disabling STP with BPDU Filter 159

Use Root Guard 161

Loop Guard Overview 164

Use UDLD 166

UDLD Recommended Practices 170

Use FlexLinks 171

STP Stability Mechanisms Recommendations 175

Configuring Multiple Spanning Tree Protocol 179

Introducing MST 179

MST Regions 182

STP Instances with MST 183

Extended System ID for MST 185

Configuring and Verifying MST 185

Configuring MST Path Cost 192

Configuring MST Port Priority 193

MST Protocol Migration 194

MST Recommended Practices 194

Troubleshooting STP 196

Potential STP Problems 196

Duplex Mismatch 196

Unidirectional Link Failure 197

Frame Corruption 197

Resource Errors 198

PortFast Configuration Errors 198

Study Tips 198

Summary 199

Review Questions 200

Chapter 5 Inter-VLAN Routing 203

Describing Inter-VLAN Routing 204

Introduction to Inter-VLAN Routing 204

Inter-VLAN Routing Using an External Router 206

Configuring Inter-VLAN Routing Using an External Router 207

Routing with an External Router 208

External Routers: Advantages Disadvantages 211

Inter-VLAN Routing Using Switch Virtual Interfaces 212

SVI: Advantages and Disadvantages 214

Routing with Routed Ports 214

Routed Ports: Advantages 215

Configuring Inter-VLAN Routing Using SVI and Routed Ports 216

Routing on a Multilayer Switch 217

Using the SVI autostate exclude Command 220

SVI Configuration Checklist 221

Troubleshooting Inter-VLAN Problems 222

Example of a Troubleshooting Plan 223

Layer 2 Versus Layer 3 EtherChannel 225

Layer 3 EtherChannel Configuration 226

Verifying Routing Protocols 229

Implementing DHCP 231

DHCP Overview 231

Configuring DHCP in Multilayer Switched Network 233

Configuring a DHCP Relay 239

Configuring DHCP Options 239

Study Tips 240

Summary 241

Review Questions 242

Chapter 6 First-Hop Redundancy 247

Overview of FHRP and HSRP 247

The Need for First-Hop Redundancy 248

HSRP Overview 250

HSRP State Transition 253

Aligning HSRP with STP Topology 254

Configuring and Tuning HSRP 255

Forwarding Through the Active Router 257

Load Sharing with HSRP 263

The Need for Interface Tracking with HSRP 265

HSRP Interface Tracking 266

HSRP and Object Tracking 268

Configuring HSRP Authentication 271

Tuning HSRP Timers 272

HSRP Versions 274

Configuring Layer 3 Redundancy with VRRP 274

About VRRP 275

Configuring VRRP and Spotting the Differences from HSRP 276

VRRP and Authentication 279

Tracking and VRRP 280

Configuring Layer 3 Redundancy with GLBP 282

Introducing GLBP 282

Comparing GLPB to HSRP 283

GLBP States 284

Configuring and Verifying GLBP 285

GLBP Load-Balancing Options 294

GLBP Authentication 295

GLBP and STP 295

Tracking and GLBP 296

Study Tips 300

Summary 301

References 301

Review Questions 302

Chapter 7 Network Management 305

AAA 305

Authentication Options 307

RADIUS and TACACS+ Overview 308

RADIUS Authentication Process 309

TACACS+ Authentication Process 310

Configuring AAA 311

Configuring RADIUS for Console and vty Access 311

Configuring TACACS+ for Console and vty Access 312

AAA Authorization 313

AAA Accounting 314

Limitations of TACACS+ and RADIUS 315

Identity-Based Networking 316

IEEE 802.1X Port-Based Authentication Overview 316

IEEE 802.1X Configuration Checklist 318

Network Time Protocols 319

The Need for Accurate Time 320

Configuring the System Clock Manually 320

Network Time Protocol Overview 323

NTP Modes 324

Other NTP Configuration Options 326

NTP Example 326

NTP Design Principles 329

Securing NTP 331

NTP Source Address 333

NTP Versions 333

SNTP 335

PTP/IEEE-1588 336

SNMP 336

SNMP Overview 337

SNMP Versions 339

SNMP Best Practices 339

SNMPv3 Configuration Example 340

Verifying SNMP Version 3 Configuration 342

Study Tips 344

Summary 345

Review Questions 345

Chapter 8 Switching Features and Technologies for the Campus Network 351

Discovery Protocols 352

Introduction to LLDP 352

Basic Configuration of LLDP 353

Discovering Neighbors Using LLDP 355

Unidirectional Link Detection 357

UDLD Mechanisms and Specifics 358

UDLD Configuration 358

Leveraging UDLD and STP Loop Guard Together 360

Power over Ethernet 360

PoE Components 362

PoE Standards 362

PoE Negotiation 362

Configuring and Verifying PoE 363

SDM Templates 364

SDM Template Types 365

Choosing the Right SDM Template 367

System Resource Configuration on Other Platforms 367

Monitoring Features 368

SPAN and RSPAN Overview 368

SPAN Configuration 371

RSPAN Configuration 372

IP SLA 374

Introduction to IP SLA 375

IP SLA Source and Responder 377

IP SLA Configuration 377

IP SLA Operation with Responder 379

IP SLA Time Stamps 381

Configuring Authentication for IP SLA 382

IP SLA Example for UDP Jitter 383

Study Tips 384

Summary 385

Review Questions 385

Chapter 9 High Availability 393

The Need for Logical Switching Architectures 394

What Is StackWise? 395

StackWise Benefits 396

Verifying StackWise 396

What Is VSS? 397

VSS Benefits 398

Verifying VSS 399

Redundant Switch Supervisors 401

Supervisor Redundancy Modes 402

Stateful Switchover 403

Nonstop Forwarding 404

Study Tips 405

Summary 405

Review Questions 406

References 406

Chapter 10 Campus Network Security 409

Overview of Switch Security Issues 410

Cisco Switch Security Configuration Best Practices 411

Campus Network Vulnerabilities 414

Rogue Access 414

Switch Vulnerabilities 415

MAC Flooding Attacks 417

Introducing Port Security 419

Port Security Configuration 420

Port Error Conditions 422

Err-Disabled Automatic Recovery 423

Port Access Lists 424

Storm Control 425

Introduction to Storm Control 426

Configuring and Verifying Storm Control on an Interface 427

Mitigating Spoofing Attacks 430

DHCP Spoofing Attacks 430

DHCP Snooping 432

DHCP Option 82 433

DHCP Snooping Example Configuration 433

IP Source Guard 436

IPSG Configuration 438

ARP Spoofing 439

Dynamic ARP Inspection 440

DAI Configuration 441

Securing VLAN Trunks 443

Switch Spoofing 444

VLAN Hopping 446

Protecting Against VLAN Hopping 447

VLAN Access Lists 448

VACL Interaction with ACLs and PACLs 449

Configuring VACLs 450

Private VLANs 451

Introduction to PVLANs 452

PVLAN Port Types 453

PVLAN Configuration 454

PVLAN Verification 456

PVLANs Across Multiple Switches 457

Using the Protected Port Feature 458

Study Tips 458

Summary 459

Review Questions 460

Appendix A Answers to Chapter Review Questions 469

9781587206641 TOC, 4/14/2015



Updates

Submit Errata



More Information



InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.

Privacy Notice

Overview

Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security

Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children

This site is not directed to children under the age of 13.

Marketing

Pearson may send or direct marketing communications to users, provided that

Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
Such marketing is consistent with applicable law and Pearson's legal obligations.
Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out

Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

As required by law.
With the consent of the individual (or their parent, if the individual is a minor)
In response to a subpoena, court order or legal process, to the extent permitted or required by law
To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
To investigate or address actual or suspected fraud or other illegal activities
To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links

This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020

Email Address

Corporate, Academic, and Employee Purchases