Today I was able to complete quite a few labs. I did take my time to understand how the technology worked for each of them. I guess thats why It took me about 7 hours to do all of them. That is along time, but I do think it will pay off huge for me when I start doing the full scale labs.
First Lab was MST Root bridge election, followed by more MST(Load balancing using cost, load balancing with port-priority.) Configuring this was pretty similar to manipulating 802.1d spanning tree. Of course the major differences being that RSTP is enabled by default with MST and the other difference being you can map multiple VLAN MSTP processes to 1 instance, or multiple instances.
Next lab was configuring a protected port. I never new about this option on switches. Basically it acts as a stripped down version of Private VLAN's. The major difference is, the protected port feature is only locally significant on that switch, it can't span multiple switches like private vlan's can. So lets say you have two devices connected to 2 different ports on the same switch and you don't want them to talk to each other. All you have to do is configure each of those switchports with the switchport protected command. Of course like always, make sure they are unable to ping each other after the feature is enabled.
Next on the lab list today was Storm-control. Basically you can configure the switchport to limit the amount of unicast, multicast, or broadcast traffic it receives either by PPS(packets per second) or BPS(bits per second)
Next on the list today was static CAM entries. One of the requirements of the lab was cool and I learned something once again, YAY!! -- progress. The scenario had R1, R4, and R6 connected via VLAN 146. It wanted you to configure a static CAM entry so that traffic destined to the FastEthernet port of R4 was dropped. At first I was like what the hell, how is that possible. After searching through the command reference I found that when adding the static cam entry, you are able to enter the drop command. For example ( mac address-table static mac-addr VLAN 1 drop. So now traffic coming from R4 trying to communicate to R1 or R6 will be dropped or anyone communicating to R4 will drop as well.
Next were SPAN, and RSPAN. You would use this mainly to monitor traffic on certain interfaces or VLAN's, and send that traffic to another local switchport (SPAN), or a remote switchport (RSPAN). With RSPAN, you also need to configure a RSPAN Vlan transport Vlan. To do this configure your VLAN i.e VLAN 500, then inside of the VLAN configuration stipulate (remote-span). Of course this VLAN needs to exist on the switch you want to monitor traffic from and the switch you want to send the traffic to. So if your in VTP Transparent, statically configure on each switch, if VTP server, do it on the server.Pretty straightforward configuration.
The next lab was configuring switchports for both switchport access VLAN, and switchport voice vlan. No need to comment on anything here, basic stuff.
Next lab was where I learned something again. It was focused on Cisco IP Phone QoS Trust, and CoS Extend. The lab requirement wanted to configure the switchport to trust QoS Markings coming from a cisco-phone. That was pretty straigtforward (mls qos trust cisco-phone) or something like that, I dont have the command reference open hehe. Lastly, it wanted you to set the CoS of the data coming from the extended port on the Cisco phone. I think the command was something like switchport priority extend cos 1. Of course you need to tell the switchport to trust cos, and enable mls qos globally.
Next was flexlinks. Flexlink config is pretty straightforward. You configure a switchport and tell it what port will be its backup interface should it go down. You can also configure preemption to force the active port to be used if it comes back online.
Next was Fallback bridging. This was pretty straightforward as well. The lab wanted you to configure R1 and R4 with IPv4 and IPv6 addresses. Both routers were connected to the same Switch. They wanted you to configure IP addresses on the switch to be in the same Broadcast domain as R1 and R4 with Layer 3 SVI's. Also, it requested to enable RIP on all devices for these addresses. Then, after looking at the DOC CD for this all that was needed was to go configure each device in the same bridge group. Then Pings from R1 to R4 via IPv6 addresses were successful.
Last but not least, was Private VLAN's. I took a little while on this one becase I forgot how to associate the VLAN's. Also, I Forgot you need to be in VTP transparent mode. When configuring this and your layer 2 network extends multiple switches, its takes a little bit to configure each switch with all the private vlans. So the basic idea is you can segregate different hosts/devices and only allow communication in a few different ways. So there are a few different port types in Private VLAN config. The 1st is Promiscuous port, which is able to talk to every port. The 2nd is community port. The community port is able to talk to any devices in that same exact community VLAN.For example, if device A is in VLAN 1000 and device B is configure as a community port in VLAN 2000, they will not be able to talk, However they will be able to talk to the promiscuous port. If device A and Device B are in the same community VLAN lets say VLAN 1000, then they can talk. The last port is the Isolated port. When a port is configured as a isolated port it can only talk to the promiscuous port, and nothing else.
I only have PPP with PAP/CHAP, and PPOE left on the switching labs left in the Volume 1 Switching lab. After that I might focus on IP Routing tech labs.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment