Cisco press CCNP self study CCNP practical studies switching oct 2003 ISBN 1587200600

Publisher: Cisco Press Pub Date: October 08, 2003 ISBN: 1-58720-060-0 Real-world scenarios represent the whole range of CCNP BCMSN 642-811 exam topics CCNP Practical Studies: Switching

By Justin Menga

Publisher: Cisco Press Pub Date: October 08, 2003 ISBN: 1-58720-060-0

Real-world scenarios represent the whole range of CCNP BCMSN 642-811 exam topics

CCNP Practical Studies: Switching (CCNP Self-Study) provides CCNP candidates with an in-depth, hands-on experience in configuring Cisco Catalyst switches This practical guide shows intermediate level networkers how to apply the theoretical knowledge they have gained through CCNP coursework and exam preparation Configuration labs performed within this book will cover all technologies tested on the BCMSN 642-811 exam, as well as

a number of real world scenarios that will test users' overall understanding of multilayer switching The labs come complete with full explanations, highlighting why the chosen commands and techniques are recommended.

In addition to applicable labs, this book also provides general information on various

switching technologies, as well as tips, tricks, shortcuts, and caveats for deploying Cisco switching gear in production environments This book also includes exercises (similar to traditional mathematics exercises) that will help readers internalize, practice, and

memorize certain concepts and thought processes necessary to successfully deploy a switched network.

Part of the Practical Studies series from the Cisco Press, CCNP Practical Studies: Switching

provides self-study based hands-on experience As such, it can be used in conjunction with other Cisco Press titles and is an excellent companion to instructor-led training from a Cisco Learning Partner.

By Justin Menga

Publisher: Cisco Press Pub Date: October 08, 2003 ISBN: 1-58720-060-0

information storage and retrieval system, without written

permission from the publisher, except for the inclusion of briefquotations in a review

as accurate as possible, but no warranty or fitness is implied

The information is provided on an "as is" basis The authors,Cisco Press, and Cisco Systems, Inc., shall have neither liabilitynor responsibility to any person or entity with respect to anyloss or damages arising from the information contained in thisbook or from the use of the discs or programs that may

accompany it

Feedback Information

At Cisco Press, our goal is to create in-depth technical books ofthe highest quality and value Each book is crafted with careand precision, undergoing rigorous development that involvesthe unique expertise of members from the professional

technical community

Readers' feedback is a natural continuation of this process Ifyou have any comments regarding how we could improve thequality of this book, or otherwise alter it to better suit yourneeds, you can contact us through e-mail at

feedback@ciscopress.com Please make sure to include thebook title and ISBN in your message

trademark or service mark

Credits

Indonesia • Ireland • Israel • Italy Japan • Korea • Luxembourg

• Malaysia • Mexico • The Netherlands • New Zealand • Norway

• Peru • Philippines • Poland • Portugal Puerto Rico • Romania •Russia • Saudi Arabia • Scotland • Singapore • Slovakia •

Study are service marks of Cisco Systems, Inc.; and Aironet,ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco,the Cisco Certified Internetwork Expert logo, Cisco IOS, theCisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems

Capital, the Cisco Systems logo, Empowering the Internet

Generation, Enterprise/Solver, EtherChannel, EtherSwitch, Fast

Printed in the USA

Dedication

This book is dedicated to my beautiful wife Tania, who enduredmany late nights while I was busy tearing my hair out writingthis book

Justin Menga is a dual-certified Cisco Certified Internetwork

Expert (CCIE No 6640) in the Routing and Switching and

Security tracks He has eight years of networking experience,working with many products from major vendors Justin holdsthe premier qualifications for Cisco, Microsoft, and Check Point,demonstrating his understanding of both networks and

applications and the underlying security required for both

He is employed as a network design consultant for Logical CSI

in New Zealand, a global network integration company withoffices in more than 40 countries worldwide Previously, he wasemployed by Compaq Global Services in a similar role He isresponsible for the pre-sales support, design, and proof-of-concept testing for complex networks that require a broad mix

of technologies These technologies include routing, switching,network, and wireless security and Voice over IP Recently,

Andy Barkl, CCNP, CCDP, has over 19 years of experience in

the IT field He's the owner of MCT & Associates LLC, a technicaltraining and consulting firm in Phoenix, Arizona

Henry Benjamin, CCIE No 4695, is triple-CCIE-certified,

having attained Routing and Switching in May 1999, ISP Dial inJune 2001, and Communications and Services in May 2002 Hehas more than 10 years experience with Cisco networks

including planning, designing, and implementing large IP

networks running IGRP, EIGRP, BGP, and OSPF Recently, Henrypreviously worked for a large IT organization based in Sydney,Australia, as a key Network Designer, designing and

implementing networks all over Australia and Asia

In the past two years, Henry has been a key member of theCCIE global team based in Sydney, Australia As a senior andcore member of the team, his tasks include writing new

laboratory examinations and questions for the coveted CCIER/S, CCIE Security, and CCIE C/S tracks, as well as the CCIE-written Recertification Examinations Henry has authored three

other titlesCCIE Security Exam Certification Guide and CCNP

Practical Studies: Routing from Cisco Press and CCIE Routing and Switching Exam Cram Henry holds a Bachelor of

Aeronautical Engineering degree from Sydney University

(1991)

Stephen A Daleo, president of Golden Networking

Consultants, Inc., is a network consultant whose clients includethe University of South FloridaSt Petersburg and North BrowardHospital District (Fort Lauderdale, Florida) Steve was one of thecourse developers for Cisco Internet Learning Solutions

GroupBCMSN 2.0 class Steve is a frequent contributor to thetechnical content of Cisco Press books and an active Cisco

Certified Systems Instructor (97025) teaching the BCMSN,

Drew Rosen, CCIE No 4365, is a Product Marketing Manager

in Cisco's Internet Learning Solutions Group In his present role,Drew manages a team of technical consultants focusing on

educational products for enterprise and service provider

markets Previously, Drew spent 4 years as a systems engineerfor Cisco, working on large named accounts in the enterprisespace He has been involved in the production and launch ofnumerous ILSG products including Building Scalable Cisco

Internetworks (BSCI), Configuring BGP on Cisco Routers

(CBCR), Configuring Cisco Routers for IS-IS (CCRI), AdvancedMPLS VPN Solutions (AMVS), Building Metro Optical Networks(BCMON), and Implementing Quality of Service (QoS) Drewlives in Florida with his wife, Meredith, and daughter, Chelsea

Jeff Saxe, CCIE No 9376, is Network Engineer and a proud

member of the IT Systems Group at Crutchfield Corporation, amail-order/Web retailer of car stereo and home theater

equipment founded in 1974 He has managed the company'sLAN and WAN for a few years, including both Voice over FrameRelay and Voice over IP equipment for a remote call center Jeffpreviously worked in computer support for the newspaper

publishing and educational software industries He graduatedfrom the University of Virginia with a distinguished major in

There are two fundamental components of modern networkstodayrouting and switching The Cisco Certified Network

Professional (CCNP) certification is a popular networking

certification that is the next step in career certification followingthe Cisco Certified Network Associate (CCNA) certification Ciscorepresents qualified individuals at three tiers, CCNP-qualifiedpeople represent the middle tier, while CCNA represents thelower tier, and CCIE the highest tier Demand for CCNPs is high,especially for organizations that need people to implement andsupport Cisco-based networks One of the requirements of

obtaining CCNP is to pass the CCNP Switching exam, which

tests your knowledge of switching concepts, protocols, and theconfiguration of Cisco Catalyst switches This book is designed

to provide you with a greater understanding of how to configure(and support) Cisco Catalyst switches

The primary goal of this book is to provide a practical

understanding of how to configure and support Cisco Catalystswitches The CCNP certification provides you with the

theoretical knowledge required to implement local-area

networks (LAN) networks; however, it is important that when itcomes to the crunch and you need to configure or troubleshoot

a real-life network, you have the practical experience,

knowledge, and confidence to respond quickly and effectively.The more ways you can learn about a subject, the better Thisbook is designed to provide a practical approach to not justCCNP switching objectives, but also LAN switching in general

This book is targeted at networking professionals who possess atheoretical understanding of the concepts and principles of LANswitching but want to apply this knowledge to real-world

scenarios You need to possess at least CCNA-level knowledge

of routing and switching if you want to use this book to its fullextent The value of practical experience in any type of workcannot be overstated, and this book gives you the practical

experience and confidence to implement real-life switched

networks After reading this book, you should also possess amuch deeper understanding of LAN switching theory and

operation It is amazing how a theoretical concept that mightconfuse you in reading becomes clearer after actually puttingthe concept into practice

If you are purchasing this book for certification reasons, theprimary certification audience of this book is obviously the

prospective CCNP candidate This book covers the material

included in the new CCNP Switching 3.0 exam This book is also

an excellent book for any potential CCIE Routing + Switchingcandidates because the focus of the book is mainly around theCatalyst 3550 switch, which is the switch now used in the CCIERouting + Switching lab If you are not pursuing a certificationand are considering buying this book because you need to

implement and support Cisco Catalyst switches, this book isalso perfect for you The content covered is designed to take areal-world perspective on LAN switching, focusing on featuresthat are common and important to real-life networks, ratherthan just focusing on the CCNP Switching exam objectives

This book consists of 11 chapters and two appendixes The firstten chapters focus on specific LAN switching technologies, withthe final chapter providing a comprehensive switching self-studylab that incorporates content from all of the preceding chapters.The three appendixes provide solutions to this final lab chapter

Each chapter begins with a brief introductory section, whichbackgrounds the key concepts and principles associated withthe content covered in each chapter Next, a number of

scenarios are presented, each with a network topology and aset of requirements Each scenario is designed to demonstratehow to implement and configure specific technologies and

features related to the chapter content in a manner that allowsyou to relate to real-world networks The scenarios are

designed so that readers can build the topologies described ineach scenario in their own labs at home or at work If you haveaccess to the equipment discussed in the scenarios of this book,you are encouraged to attempt as many scenarios as you can inyour own lab

After completing the configuration of each scenario, you areshown how to verify, monitor, and troubleshoot your

configurations The scenarios do not just contain purely

practical informationdetailed background and explanations oftechnologies are provided where deemed necessary, ensuringyou gain a strong understanding of exactly what you are

network and to provide basic LAN connectivity for devicesthat allow basic communications between each device

interfaces as a single EtherChannel bundle, which allowsyou to increase the performance and resiliency of

connections Next, you learn about VLAN trunking protocoland how you must configure it Trunking is then examinedand you learn how to multiplex the traffic from multiple

Chapter 6 , "Layer 3 Switching" This chapter covers

Layer 3 switching in depth and discusses the need for Layer

3 switches in modern LAN networks This chapter focusesprimarily on the Cisco Catalyst 6000/6500 series switch

family and the components that make up the product, such

as Supervisor engines, Policy Feature Cards (PFCs), andmultilayer switching feature cards (MSFCs) You learn aboutMultilayer switching (MLS) and Cisco Express Forwarding(CEF) and how these provide the foundation for L3

switching on Catalyst switches

Chapter 7 , "Multicast Routing and Switching" This

chapter covers multicast routing and how you can controlmulticast traffic on the LAN You learn about multicast

routing and how Cisco Layer 3 switches support this

feature You also learn how multicast routers can

interoperate with switches, allowing switches to constrainmulticast traffic to only those ports that wish to receive

multicast traffic, using features such as Internet Group

Management Protocol (IGMP) snooping and Cisco GroupManagement Protocol (CGMP)

Chapter 8 , "Traffic Filtering and Security" This chapter

shows you how you to secure your switching infrastructure

by securing management access, securing device access tothe switch, and implementing traffic filtering to ensure

network security policy is conformed to You learn how tosecure the management interface for a Catalyst switch,

enhance security by using AAA, provide user-based

authentication and authorization to the LAN using 802.1x,and implement filtering of traffic received on ports and

VLANs

Chapter 9 , "Quality of Service" This chapter shows you

how to configure end-to-end quality of service (QoS) in aLAN switched network, as well as how to provide QoS

classification and marking when looking at the entire

network You learn how to configure basic concepts of

QoSclassification, marking, policing, and scheduling TheCisco Catalyst switch platforms and how they implementQoS are discussed, which is important when selecting whichswitch platform you should implement Voice over IP andhow Cisco Catalyst switches can interact with Cisco IP

phones is also covered

Chapter 10 , "Maintenance, Monitoring, and

Troubleshooting" This chapter shows you how to monitor,

maintain, and troubleshoot Cisco Catalyst switch networks.You learn about common issues in switched networks andhow you can identify and resolve these issues You also

learn how to upgrade your switch and how you can recoverfrom lost passwords or missing operating system files

Finally, you learn how to capture traffic from the switchingbackplane using SPAN, RSPAN, and VLAN access controllists (ACLs)

Chapter 11 , "Comprehensive Switching Self-Study Lab" The final chapter provides a self-study lab scenario,

which tests how well you understand the content provided

in this book The scenario consists of initially configuring aflat, Layer 2 topology and then converting it into a

multilayer topology Appendixes A and B provide full

solutions to each part of the scenario

Appendix A , "Comprehensive Switching Self-Study Lab Part I Solution" Provides complete solutions for the

first section of the self-study lab in Chapter 11

Appendix B , "Comprehensive Switching Self-Study

second section of the self-study lab in Chapter 11

While working through this book, you ideally want to have

access to the equipment upon which the various scenarios areconfigured By working through the scenarios on the actual

equipment, you gain confidence in your ability to actually makefeatures work in the real world Of course, some of the

equipment discussed in this book is very expensive, and youmight not have access to some or all of the equipment Becauseyou might not, each configuration step is discussed in full whererequired, and full working configurations are provided, whichensures that you can follow each scenario This means that yougain the same value out of this book, whether you have access

to physical equipment or not

Note that most scenarios in this book assume a basic

configuration is already in place, which includes parameterssuch as device name and any other parameters indicated duringthe scenario

to have access to a wide variety of Catalyst hardware platforms,some of them very expensive

Catalyst 4000/4500 Most Catalyst operating system

(CatOS) configuration is based upon the Catalyst

4000/4500 switch A cheap alternative to the Catalyst

4000/4500 is the Catalyst 2900 series switches, which arebased upon the Catalyst 4000 switch (they run the sameoperating system image) but run on a fixed platform with asmall form-factor

Cisco routers Some scenarios include Cisco IOS routers to

provide traditional routing functions When selecting a

router platform for use in each of the scenarios, the

minimum recommended platform is the Cisco 2621 router,which includes 2 x 10/100BaseT network ports, althoughsome scenarios may permit the use of lower end routers

connectivity between different hosts on the network

Ideally, you should have a least two hosts on your network,each running Windows 2000/XP or the operating system ofyour choice

If you work for a company that has a lab or holds spares for theequipment used in this book, then you are in luck, and this willmost likely become your source of equipment If you do nothave this luxury, you can always contact your local Cisco

representatives and see if you can obtain loan equipment orgain access to customer lab facilities Provided the

aforementioned methods fail, you need to purchase the

equipment There are numerous sites on the Internet that sellcheap, used Cisco equipment; an example of this includes theeBay auction site at www.ebay.com Another option is to useproduct simulators For example, Cisco offers a product calledthe Cisco Interactive Mentor (CIM), which enables users to

simulate the configuration of real-world networks

It is important to note that Cisco switching equipment can beextremely expensive compared to more common devices such

as routers; it is unlikely you will be able to afford the purchase

of a Catalyst 6000 switch, even if it is second hand Many of theconfigurations in this book can be completed on lower end

based) or the Catalyst 2950 series switches (Cisco IOS-based).Realize that some features might not be supported on theseplatforms

Access to This Equipment

If you exhaust all possible avenues and find that you cannot getequipment, do not despair Each scenario in this book takes youthrough configuration, verification, and troubleshooting

processes step-by-step, providing you with all the necessaryinformation, configurations, and figures to simulate the scenario

in real life Ensure that you pay closer attention to the examplesincluded in each chapter, spending time to thoroughly analyzehow features are configured and the outputs generated whenverifying configuration

Cisco Systems, Inc., uses a standardized set of icons to

represent devices in network topology illustrations The iconlegend that follows shows the most commonly used icons thatyou might encounter throughout this book

Throughout this book, you will see the following icons used fornetworking devices:

The following icons are used for peripherals and other devices:

The conventions used to present command syntax in this bookare the same conventions used in the Cisco IOS Software

Command Reference The Command Reference describes theseconventions as follows:

Vertical bars (|) separate alternative, mutually exclusiveelements

Square brackets ([ ]) indicate optional elements

Braces ({ }) indicate a required choice

Braces within brackets ([{ }]) indicate a required choicewithin an optional element

Boldface indicates commands and keywords that are

entered exactly as shown

Italics indicates arguments for which you supply values.

This book is all about switches, which are network devices thatprovide local-area network (LAN) connectivity for end devicessuch as servers, PCs, and printers This book focuses almostentirely on Ethernet switches, which have become the mostpopular Layer 2 devices in modern networks Cisco has

traditionally been famous for their router, which is a Layer 3device In the past decade or so, Cisco has heavily invested inproducing market-leading LAN switches, and consequently nowholds the number one position worldwide in terms of LAN switchsales In the past few years, switches have also evolved frombeing just Layer 2 devices that understand only Layer 2

operations to intelligent devices that possess an understanding

of the Layer 3/4 parameters that define different types of trafficpossess the ability to act as a high-performance Layer 3 router

on the LAN in some platforms (referred to as Layer 3

switching) Cisco's switch portfolio is comprised of the Cisco

Catalyst product family, which provides traditional Layer 2

switches, Layer 2 switches that possess Layer 3/4 intelligence,and Layer 3 switches that combine switching and routing

Scenario 1-1: Installing a Cisco Catalyst Switch onto theNetwork

Scenario 1-2: Configuring Network Management Access tothe Switch

Scenario 1-3: Configuring Ethernet Device ConnectivityScenario 1-4: Configuring System Time

Scenario 1-5: Monitoring and Troubleshooting Device

Connectivity

The Cisco Catalyst switch family represents one of the mostpopular LAN switches on the market today The Catalyst range

is designed to meet the needs of a wide range of

customersfrom small to medium businesses, right up to largeenterprise networks and service providers Cisco Catalyst

switches provide high performance, scalability, manageability,and many other intelligent features that ensure their success todate

I find that Cisco Catalyst switches present one of more difficultproduct sets to work with, simply because of the large range ofswitch families available, the vast differences in features

between low-end and high-end platforms, and the different

operating systems used When you select a switch platform andmodel to use to build a LAN network, you must bear in mindthat these differences exist; otherwise, you might purchase one

or more switches that don't quite do the job you expected

Cisco Catalyst switches can physically described by one of twodevice types:

Fixed-configuration switch

Chassis-based switch

The fixed-configuration switch consists of a fixed number or

ports contained within a fixed chassis that includes an internalswitch processor Some of these devices provide a limited

degree of modularity in that they include modular slots that can

be populated by variety of different modules The major

advantages of fixed-configuration switches are low cost andease of deployment The major disadvantages of a fixed-

configuration switch are a lack of flexibility and the introduction

switches include high performance, flexibility, simplified

management, and extended product lifetime Chassis-basedswitches also commonly offer redundancy features to ensurethe failure of a module, power supply, or other component doesnot cause a network outage The major disadvantage of

chassis-based switches is the high cost involved

Table 1-1 indicates the various models that comprise the CiscoCatalyst switch family

End of Sale Recommended replacement = Catalyst 2950

Catalyst

2900XL/3500XL

Fixed Configuration 10/100BASE-T + 1000BASE-X Uplinks

End of Sale Recommended replacement = Catalyst 2950/3550

Catalyst 2900G Fixed Configuration

10/100BASE-T + 1000BASE-X Uplinks

Legacy Recommended replacement = Catalyst 2950/3550

Current

Catalyst 3750 Fixed Configuration

10/100/1000BASE-T + 1000BASE-X Uplinks

Catalyst

5000/5500

Recommended replacement = Catalyst 6000/6500

Catalyst

6000/6500

switching environment, based upon size, network traffic, andfeatures required One way of classifying the general role of aswitch is to identify the hierarchical layer in which the switch isoperating Well-designed LAN networks can be divided into

as fast as possible, due to the high volumes of traffic withinthe core The core layer can either be a Layer 2 only core or

For many networks, a network switch can provide the functions

of two layers or even the entire three Only the very large

networks typically have distinct core, distribution, and accesslayers; smaller networks typically have a combined

core/distribution layer and an access layer Following the

core/distribution/access layer design provides a hierarchicalnetwork that can easily scale as the network grows Figure 1-1

Cisco Catalyst Switch Platforms

As described in Table 1-1, a number of Cisco Catalyst switchplatforms are available, each of which are suitable for differentswitching environments depending on the size, complexity,

features required and of course cost In this section, each of theCisco Catalyst switch platforms that are available for purchaseand not considered legacy switches are described (i.e., the

platforms highlighted bold in Table 1-1) This includes the