CISCO STUDY GUIDE Building Cisco Multilayer Switched Networks (BCMSN) 640-504 Edition 2 Congratulations!! You have purchased a Testkiller, Ltd Study Guide. This study guide is a selection of keypoints you will need to know to pass the official CCNP 640-504 Switching exam. Study and memorize the fol- lowing concepts, keypoints and problems for approximately 15 to 20 hours and you will be prepared to take the exams. We guarantee it! Remember, average study time is 15 to 20 hours and then you are ready!!! GOOD LUCK! DISCLAIMER This study guide and/or material is not sponsored by, endorsed by or affiliated with Cisco Systems, Inc. Cisco®, Cisco Systems®, CCDA™, CCNA™, CCDP™, CCNP™, CCIE™, CCSI™, the Cisco Systems logo and the CCIE logo are trademarks or registered trademarks of Cisco Systems, Inc. in the United States and certain other countries. All other trademarks are trademarks of their respective owners . Guarantee If you use this study guide correctly and still fail the exam, send your official score notice and mailing address to: Testkiller, Ltd 8200 Pat Booker Rd. #368 San Antonio, TX 78233 We will gladly refund the cost of this study guide. However, you will not need this guarantee if you follow the above instructions. This material is protected by copyright law and international treaties. Un- authorized reproduction or distribution of this material, or any portion thereof, may result in severe civil and criminal penalties, and will be prose- cuted to the maximum extent possible under law.  Copyright 2001 Testkiller, Ltd. All Rights Reserved. Table of Contents Overview of a Campus Network . 1 A Solution to Broadcast Domain Issues: Localize Traffic . 1 Current Campus Networks 1 The 80/20 Rule 1 The New 20/80 Rule . 1 The Emerging Campus Network 2 Emerging Campus Structure . 2 The Hierarchical Model 2 The Access Layer 2 The Distribution Layer 3 The Core Layer . 3 The Building Block Approach 3 Connecting the Switch Block 3 Cable Media Types . 3 Ethernet . 4 Fast Ethernet .4 Cabling Switch Block Devices . 4 Configuring Connectivity within the Switch Block 4 Defining Common Workgroups with LANs . 4 Layer2 Campus Network 4 VLANs 5 Defining VLAN Boundaries . 5 Link Types 5 VLAN Frame Identification Methods . 5 Configuring a Trunk Link . 6 VTP Modes of Operation 6 Managing Redundant Links 7 Contents of BPDU 7 Spanning-Tree Port States . 7 Inter-VLAN Routing . 7 Improving IP Routing Performance with Multilayer Switching . 8 MLS Components . 8 Creating a NULL Domain 8 Configuring HSRP for Fault Tolerance Routing 8 Routing Issues in a Redundant Environment 8 HSRP Group Members . 9 HSRP States 9 Multicast Overview . 9 Controlling Access to the Campus Network . 9 Applying Policies in a Hierarchical Model . 9 Managing Network Devices . 10 Port Security 10 www.testkiller.com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email con- tent checking & anti-virus software and LANguard network security software. http://www.gfi.com/tt.shtml 1 Key Concepts Building Cisco Multilayer Switched Networks Overview of a Campus Network A campus is a building or group of buildings connected into one enterprise network that consists of many LANs. A campus is further defined as a company or a portion of a com- pany contained in a fixed geographic area. The major problem with traditional networks is availability and performance. These two problems are impacted by the amount of bandwidth in the network. A Solution to Broadcast Domain Issues: Localize Traffic There are two main options for addressing the broadcast containment issue for large switched LAN sites. The first option is to use routers to create many subnets, logically segmenting the traffic. LAN broadcasts do not pass through routers. The second option is to implement virtual LANs (VLANs) within the switched network. Current Campus Networks Most campus networks now consists of two components: 1. LAN switches 2. Routers The 80/20 Rule Ideally the end users with common interests or work patterns are placed in the same logi- cal network as the servers they access most often. The 80/20 rule states that in a properly designed network environment 80% of the traffic on a given network segment is local. Not more than 20% of the network traffic should move across the backbone. Backbone congestion indicates that the traffic patterns are not meeting the 80/20 rule. The New 20/80 Rule Traffic patterns are moving toward what is now referred to as the 20/80 model. In the 20/80 model only 20% of traffic is local to the workgroup LAN and 80% of the traffic is required to go off the local network. www.testkiller.com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email con- tent checking & anti-virus software and LANguard network security software. http://www.gfi.com/tt.shtml 2 The Emerging Campus Network The key requirements placing pressure on the emerging campus designs are as follows: • Fast convergence • Deterministic paths • Deterministic failover • Scalable size and throughput • Centralized applications • The new 20/80 Rule • Multiprotocol support • Multicasting Emerging Campus Structure Services can be separated into three separate categories: 1. Local services 2. Remote services 3. Enterprise services The Hierarchical Model The layers within the hierarchical model are defined as follows: 1. Access layer 2. Distribution layer 3. Core layer The Access Layer Some of the functions represented by Access layer are Shared bandwidth, Switched bandwidth, and Layer 2 services. www.testkiller.com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email con- tent checking & anti-virus software and LANguard network security software. http://www.gfi.com/tt.shtml 3 The Distribution Layer The multitude functions of the Distribution layer are as follows: • VLAN aggregation • Department of workgroup access • Broadcast or multicast domain functions • Inter-VLAN routing • Media translation • Security The Core Layer The core layer is responsible for providing connectivity between switched blocks, provid- ing access to other blocks, such as the WAN block, and switching frames or packets as quickly as possible. The Building Block Approach The two major elements for a campus network are Switch block and Core block. These include three contributing variables: • Server block • WAN block • Mainframe block Connecting the Switch Block Campus networks carry a variety of traffic types. As more applications and users are con- figured into the campus network, the need for available bandwidth increases. Cable Media Types A variety of cable media types have been deployed for local-area networks, including Ethernet, Token Ring and FDDI. In order to increase the overall performance to the us- www.testkiller.com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email con- tent checking & anti-virus software and LANguard network security software. http://www.gfi.com/tt.shtml 4 ers, you must either increase the overall bandwidth of the network, or decrease the num- ber of devices on the same shared media cable segment. Ethernet One solution to the bandwidth crunch is Ethernet Switching, which dynamically allocates dedicated 10 Mbps connections to each user on the network. Fast Ethernet For campuses with existing Ethernet installations, increasing the network speed from 10 Mbps to 100 Mbps is preferable to investing in a completely new LAN technology. Cabling Switch Block Devices There are two basic types of cable connections: 1. through the console port 2. through the Ethernet port Configuring Connectivity within the Switch Block After the switches have been physically cabled, some basic system settings that should be assigned are: • Limiting access to the switch • Setting the host or prompt name to the switch • Defining the switch’s IP address and subnet mask • Identifying a port or an interface with a unique description • Setting the port speed • Defining the full duplex port • Verifying connectivity Defining Common Workgroups with LANs Layer2 Campus Network www.testkiller.com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email con- tent checking & anti-virus software and LANguard network security software. http://www.gfi.com/tt.shtml 5 With Layer2 campus networks you encounter problems of flat network structures, secu- rity management, and managing multiple paths to a destination. VLANs VLANs solve many of the issues of the Layer2 Network by allowing efficient bandwidth utilization, security management, load-balancing multiple paths, and the isolation of problem components. Defining VLAN Boundaries The number of VLANs in the switch block will vary widely depending on several factors. These factors include traffic patterns, types of applications, network management needs and group commonality. When scaling VLANs in the switch block, there are two basic methods of defining the VLAN boundaries: 1. End-to-end VLANs 2. Local VLANs Link Types There are three basic VLAN link types: 1. Access Links 2. Trunk Links 3. Hybrid Links VLAN Frame Identification Methods There are four basic Frame ID methods: 1. Inter-switch link (ISL) 2. IEEE 802.1Q 3. LAN Emulation (LANE) 4. 802.10 www.testkiller.com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email con- tent checking & anti-virus software and LANguard network security software. http://www.gfi.com/tt.shtml 6 Fields in an ISL encapsulation: • Destination Address (DA) • Frame Type (TYPE) • User-defined Bits (USER) • Source address (SA) • Length (LEN) • SNAP/LLC • High bits of the source address (HSA) • VLAN ID • BPDU/CDP indicator • Index (INDX) • Reserved for FDDI and Token Ring • Encapsulated Frame • Frame Check Sequence Configuring a Trunk Link Fast Ethernet and Gigabit Ethernet trunking can be set up in any of the following modes: • On • Off • Desirable • Auto • Nonegotiate VTP Modes of Operation There are three VTP modes of operation: 1. Server www.testkiller.com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email con- tent checking & anti-virus software and LANguard network security software. http://www.gfi.com/tt.shtml 7 2. Client 3. Transparent Managing Redundant Links The basic functionality of a switch is identical to that of a transparent bridge. By defini- tion a bridge must not modify the frames that it forwards. A bridge learns addresses by listening on a port for a device’s source MAC address. The bridge then forwards the broadcast it receives out all ports except for the port that initially received the broadcast. If a destination MAC address is unknown, sometimes called an unknown unicast, the bridge forwards the frame out all ports except for the port that initially received the frame. When a bridge receives a frame, it either filters it if the frame’s destination is out the receiving port, or forwards the frame if the destination is on a different port. Contents of BPDU The BPDU contains the following information: • Root information • Path cost • Bridge information • Port information • Timers Spanning-Tree Port States There are five types of Spanning Tree Port states: 1. Blocked 2. Listen 3. Learn 4. Forward 5. Disabled Inter-VLAN Routing [...]... fails or is taken down for maintenance Routing Issues in a Redundant Environment Hosts learn which router they should use by the following methods: • Default gateway • Proxy ARP • Routing protocol 8 www .testkiller. com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email content checking & anti-virus software and LANguard network security software http://www.gfi.com/tt.shtml... Unicast • Broadcast • Multicast Controlling Access to the Campus Network Access control cannot be implemented until a standard access policy has been created Applying Policies in a Hierarchical Model 9 www .testkiller. com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email content checking & anti-virus software and LANguard network security software http://www.gfi.com/tt.shtml... to allow limited access to a network device, and limiting virtual terminal or telnet access Port Security A MAC address can be allowed by either static or dynamic assignment of the MAC address 10 www .testkiller. com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email content checking & anti-virus software and LANguard network security software http://www.gfi.com/tt.shtml... have identified important concepts in this section that are required knowledge to pass the exam Please ensure that you absolutely know and understand these keypoints prior to sitting for the exam 11 www .testkiller. com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email content checking & anti-virus software and LANguard network security software http://www.gfi.com/tt.shtml... config all command must be executed on the switch and be rebooted in order to enter a switch into an existing VTP domain without altering the configuration of the systems currently on the domain 12 www .testkiller. com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email content checking & anti-virus software and LANguard network security software http://www.gfi.com/tt.shtml... command to disable CGMP on a set command based switch 21 Know that you can have no more than 90 meters from the punch down block to the switch when you are preparing to install a UTP cable connection 13 www .testkiller. com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email content checking & anti-virus software and LANguard network security software http://www.gfi.com/tt.shtml... Gigabit Ethernet 31 Know that ISL and 802.1Q are two good solutions for carrying VLANs over a single link 32 Know that VTP configuration does not affect how you assign ports to VLAN 1 on a switch 14 www .testkiller. com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email content checking & anti-virus software and LANguard network security software http://www.gfi.com/tt.shtml... spantree portfast [module/port] command to enable fast EtherChannel 44 Know that the set spantree portfast enable command ensures timely host access to the network in a spanning-tree environment 15 www .testkiller. com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email content checking & anti-virus software and LANguard network security software http://www.gfi.com/tt.shtml... switched VLAN corresponds to an ISI trunk interface 55 Know that to determine the best loop-free path to the root, the spanning tree protocol places the port with the lowest port ID in forwarding mode 16 www .testkiller. com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email content checking & anti-virus software and LANguard network security software http://www.gfi.com/tt.shtml... that may cause the ports to be automatically disabled 65 Know that the top slot of the chassis in a Catalyst 5000 switch contains the console and network ports in the supervisory engine module 17 www .testkiller. com GFI - Security & Communication tools for NT/2000: FAXmaker fax server software, Mail essentials email content checking & anti-virus software and LANguard network security software http://www.gfi.com/tt.shtml . Building Cisco Multilayer Switched Networks (BCMSN) 640-504 Edition 2 Congratulations!! You have purchased a Testkiller, Ltd Study Guide. This study guide is. is a selection of keypoints you will need to know to pass the official CCNP 640-504 Switching exam. Study and memorize the fol- lowing concepts, keypoints