R&S Quick Notes – SwitchingMay 18, 2009
With the insane amount of theory to go through before the big day comes, it is only normal for a couple of items to get lost in the masses. On top of that, regardless of the material you used to study, you are bound to come across a couple small things that you have not seen before. Apart from my 400 pages of everything there is to know for the R&S, I took the time to compile, format and index a book of my CCIE R&S short notes. While compiling all my notes, labbing, and reading the Cisco DOC and other blogs, that I made shorter list of the most important tid-bits and any beeg gothas to look out for on the big day.
Hope these help some of you :)
- If different VTP domain names between 2 switches, you cant use DTP. Must use manual trunking.
- When configuring 802.1x, DO NOT forget to add “aaa authentication login default none”, else you might lock the switch and forfeit any points related to that switch.
- Always confirm your MD5 to be same when configuring VTP PASSWORDS, with “sh vtp status”
- To enable WCCP on a 3550, you have to change the SDM template to ‘extended-match’
- STP Timers question-1: Change the STP timers when a port initially comes up to 44 sec. Answer: Blocking is always 20 sec, (44-20 = 24/2) each listening and learning timers should be configured at 12 sec.
- STP Timers question-2: Change the STP timers, that in the event of convergence, delay should be no more than 20 sec. Answer: (20/2) each listening and learning timers should be configured at 10 sec.
- MAC-ACL’s will only match NON-IP traffic. 3560 sees IPv6 traffic as IP-traffic, but 3550 sees IPv6 traffic as NON-IP-traffic, so a 3550 can use a MAC-ACL for IPv6 traffic.
- Ethertypes used with MAC-ACL’s not on DOC-CD/CMD-Help :
– 0x0806 : IP ARP
– 0x0800 : IPv4
– 0x86DD : IPv6
– 0x4242 : CST (Common Spanning Tree)
– 0xAAAA : All Cisco proprietary (VTP, STP, CDP, DTP, UDLD, PAgP)
– 0xFFFF : all NON-IP
- VLAN-ACL’s: ONLY a ACL-Permit performs the “forward”/”drop” function in the access-map. A ACL-deny will be ignored. So to deny traffic with VLAN ACL’s, permit the traffic and use a “drop” action in the access-map.
- Storm-Control: Multicast amount must be equal or greater that the broadcast amount.
- Uplinkfast used when a direct link failure is detected.
- Backbonefast – used to determine indirect link failure.
- Root Bridge Election: 1-Lowest Bridge-ID (Priority [32768 ] + Sys-Id-Ext[=vlan]) & 2-Lowest MAC
- Root Port Election: 1-Lowest cost to Root, 2-Lowest upstream Bridge-ID, 3-Lowest Port-ID (Port Priority + Port Number)
- Influencing local Root Port election – change the Port Cost.
- Influencing the Root Port of directly connected downstream switch – change the Port Priority.