About Interesting Posts
Interesting documents about a variety of subjects from around the world. Posted on
edocr
.
Switch
Address
Route
Ethernet
MAC Address
Cert Guide Volume
Official Cert Guide
CCIE Route
Chapter
About Interesting Posts
Interesting documents about a variety of subjects from around the world. Posted on
edocr
.
Switch
Address
Route
Ethernet
MAC Address
Cert Guide Volume
Official Cert Guide
CCIE Route
Chapter
Cisco Press 800 East 96th Street Indianapolis, IN 46240 CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Fifth Edition Narbik Kocharians, CCIE No. 12410 Peter Palúch, CCIE No. 23527 CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1, Fifth Edition Narbik Kocharians, CCIE No. 12410 Peter Palúch, CCIE No. 23527 Copyright© 2015 Pearson Education, Inc. Published by: Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA All rights reserved. No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the publisher, except for the inclusion of brief quotations in a review. Printed in the United States of America First Printing August 2014 Library of Congress Control Number: 2014944345 ISBN-13: 978-1-58714-396-0 ISBN-10: 1-58714-396-8 Warning and Disclaimer This book is designed to provide information about Cisco CCIE Routing and Switching Written Exam, No. 400-101. Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied. The information is provided on an “as is” basis. The authors, Cisco Press, and Cisco Systems, Inc. shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book or from the use of the discs or programs that may accom- pany it. The opinions expressed in this book belong to the authors and are not necessarily those of Cisco Systems, Inc. Trademark Acknowledgments All terms mentioned in this book that are known to be trademarks or service marks have been appropri- ately capitalized. Cisco Press or Cisco Systems, Inc., cannot attest to the accuracy of this information. Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark. Special Sales For information about buying this title in bulk quantities, or for special sales opportunities (which may include electronic versions; custom cover designs; and content particular to your business, training goals, marketing focus, or branding interests), please contact our corporate sales department at corpsales@pearsoned.com or (800) 382-3419. For government sales inquiries, please contact governmentsales@pearsoned.com . For questions about sales outside the U.S., please contact international@pearsoned.com . Feedback Information At Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each book is crafted with care and precision, undergoing rigorous development that involves the unique expertise of members from the professional technical community. Readers’ feedback is a natural continuation of this process. If you have any comments regarding how we could improve the quality of this book, or otherwise alter it to better suit your needs, you can contact us through email at feedback@ciscopress.com . Please make sure to include the book title and ISBN in your message. We greatly appreciate your assistance. Publisher: Paul Boger Associate Publisher: Dave Dusthimer Business Operation Manager, Cisco Press: Jan Cornelssen Executive Editor: Brett Bartow Managing Editor: Sandra Schroeder Senior Development Editor: Christopher Cleveland Senior Project Editor: Tonya Simpson Copy Editor: John Edwards Technical Editors: Paul Negron, Sean Wilkins Editorial Assistant: Vanessa Evans Cover Designer: Mark Shirar Composition : Tricia Bronkella Indexer: Tim Wright Proofreader: Chuck Hutchinson iv CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 About the Authors Narbik Kocharians , CCIE No. 12410 (Routing and Switching, Security, SP), is a Triple CCIE with more than 32 years of experience in the IT industry. He has designed, implemented, and supported numerous enterprise networks. Narbik is the president of Micronics Training Inc. ( www.micronicstraining.com ), where he teaches CCIE R&S and SP boot camps. Peter Palúch , CCIE No. 23527 (Routing and Switching), is an assistant professor, Cisco Networking Academy instructor, and instructor trainer at the Faculty of Management Science and Informatics, University of Zilina, Slovakia. Peter has cooperated in various educational activities in Slovakia and abroad, focusing on networking and Linux-based network server systems. He is also active at the Cisco Support Community, holding the Cisco Designated VIP award in LAN & WAN Routing and Switching areas since the award program inception in 2011. Upon invitation by Cisco in 2012, Peter joined two Job Task Analysis groups that assisted defining the upcoming CCIE R&S and CCNP R&S cer- tification exam topics. Peter holds an M.Sc. degree in Applied Informatics and a doctoral degree in the area of VoIP quality degradation factors. Together with his students, Peter has started the project of implementing the EIGRP routing protocol into the Quagga open-source routing software suite, and has been driving the effort since its inception in 2013. v About the Technical Reviewers Paul Negron , CCIE No. 14856, CCSI No. 22752, has been affiliated with networking technologies for 17 years and has been involved with the design of core network ser- vices for a number of service providers, such as Comcast, Qwest, British Telecom, and Savvis to name a few. He currently instructs all the CCNP Service Provider–level courses, including Advanced BGP, MPLS, and the QoS course. Paul has six years of experience with satellite communications as well as ten years of experience with Cisco platforms. Sean Wilkins is an accomplished networking consultant for SR-W Consulting ( www.sr-wconsulting.com ) and has been in the field of IT since the mid 1990s, working with companies such as Cisco, Lucent, Verizon, and AT&T as well as several other private companies. Sean currently holds certifications with Cisco (CCNP/CCDP), Microsoft (MCSE), and CompTIA (A+ and Network+). He also has a Master of Science in informa- tion technology with a focus in network architecture and design, a Master of Science in organizational management, a Master’s Certificate in network security, a Bachelor of Science in computer networking, and Associates of Applied Science in computer infor- mation systems. In addition to working as a consultant, Sean spends most of his time as a technical writer and editor for various companies; check out this work at his author web- site: www.infodispersion.com . vi CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Dedications From Narbik Kocharians: I would like to dedicate this book to my wife, Janet, for her love, encouragement, and continuous support, and to my dad for his words of wisdom. From Peter Palúch: To my family, students, colleagues, and friends. vii Acknowledgments From Narbik Kocharians: First, I would like to thank God for giving me the opportunity and ability to write, teach, and do what I truly enjoy doing. Also, I would like to thank my family, especially my wife of 29 years, Janet, for her constant encouragement and help. She does such an amaz- ing job of interacting with students and handling all the logistics of organizing classes as I focus on teaching. I also would like to thank my children, Chris, Patrick, Alexandra, and my little one, Daniel, for their patience. A special thanks goes to Mr. Brett Bartow for his patience and our constant changing of the deadlines. It goes without saying that the technical editors and reviewers did a phenomenal job; thank you very much. Finally, I would like to thank all my students who inspire me every day, and you, for reading this book. From Peter Palúch: The opportunity to cooperate on the new edition of this book has been an honor and privilege beyond words for me. Wendell Odom, who has so gracefully and generously passed the torch to us, was the key person in introducing me to the Cisco Press repre- sentatives as a possible author, and I will be forever indebted to him for all the trust he has blessed us with. I have strived very much to live up to the unparalelled high level of content all previous authors have maintained throughout all editions of this book, and I would like to sincerely thank all of them for authoring such a great book that has signifi- cantly helped me achieve my certification in the first place. My next immense thank you goes to Brett Bartow, the executive editor for this book. Brett’s inviting and forthcoming attitude throughout the time of editing the book, com- pounded with his patience and understanding for my ever-moving (and constantly missed) deadlines, is second to none. He has done all in his power to help us, the authors, without compromising the quality of the work. I would not have been able to complete my work on this volume without the endless sup- port of my family. They have encouraged me, supported me, and gone out of their way to accommodate my needs. Words are not enough to express my gratitude. Psalm 127, whose musical setting in works of Monteverdi, Handel, or Vivaldi I have come to admire, begins with words “Unless the Lord build the house, they labor in vain who build.” Indeed, if it was not first and foremost the Lord’s blessing and help through- out, this work would not have been finished successfully. To my Lord and Savior, Jesus Christ—thank you! viii CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Contents at a Glance Introduction xxiv Part I LAN Switching Chapter 1 Ethernet Basics 3 Chapter 2 Virtual LANs and VLAN Trunking 47 Chapter 3 Spanning Tree Protocol 103 Part II IP Networking Chapter 4 IP Addressing 183 Chapter 5 IP Services 227 Part III IP IGP Routing Chapter 6 IP Forwarding (Routing) 267 Chapter 7 RIPv2 and RIPng 313 Chapter 8 EIGRP 347 Chapter 9 OSPF 453 Chapter 10 IS-IS 563 Chapter 11 IGP Route Redistribution, Route Summarization, Default Routing, and Troubleshooting 633 Part IV Final Preparation Chapter 12 Final Preparation 701 Part V Appendixes Appendix A Answers to the “Do I Know This Already?” Quizzes 707 Appendix B CCIE Exam Updates 713 Index 714 CD-Only Appendix C Decimal to Binary Conversion Table Appendix D IP Addressing Practice Appendix E Key Tables for CCIE Study Appendix F Solutions for Key Tables for CCIE Study Appendix G Study Planner Glossary Contents Introduction xxiv Part I LAN Switching Chapter 1 Ethernet Basics 3 “Do I Know This Already?” Quiz 3 Foundation Topics 8 Ethernet Layer 1: Wiring, Speed, and Duplex 8 RJ-45 Pinouts and Category 5 Wiring 8 Autonegotiation, Speed, and Duplex 9 CSMA/CD 10 Collision Domains and Switch Buffering 10 Basic Switch Port Configuration 11 Ethernet Layer 2: Framing and Addressing 14 Types of Ethernet Addresses 16 Ethernet Address Formats 17 Protocol Types and the 802.3 Length Field 18 Switching and Bridging Logic 19 SPAN, RSPAN, and ERSPAN 22 Core Concepts of SPAN, RSPAN, and ERSPAN 23 Restrictions and Conditions 24 Basic SPAN Configuration 26 Complex SPAN Configuration 26 RSPAN Configuration 26 ERSPAN Configuration 27 Virtual Switch System 28 Virtual Switching System 29 VSS Active and VSS Standby Switch 30 Virtual Switch Link 30 Multichassis EtherChannel (MEC) 31 Basic VSS Configuration 31 VSS Verification Procedures 35 IOS-XE 38 Foundation Summary 41 ix x CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Memory Builders 44 Fill In Key Tables from Memory 44 Definitions 44 Further Reading 45 Chapter 2 Virtual LANs and VLAN Trunking 47 “Do I Know This Already?” Quiz 47 Foundation Topics 51 Virtual LANs 51 VLAN Configuration 51 Using VLAN Database Mode to Create VLANs 52 Using Configuration Mode to Put Interfaces into VLANs 55 Using Configuration Mode to Create VLANs 56 Modifying the Operational State of VLANs 57 Private VLANs 60 VLAN Trunking: ISL and 802.1Q 69 ISL and 802.1Q Concepts 69 ISL and 802.1Q Configuration 71 Allowed, Active, and Pruned VLANs 76 Trunk Configuration Compatibility 76 Configuring Trunking on Routers 77 802.1Q-in-Q Tunneling 79 VLAN Trunking Protocol 83 VTP Process and Revision Numbers 86 VTP Configuration 89 Normal-Range and Extended-Range VLANs 94 Storing VLAN Configuration 94 Configuring PPPoE 96 Foundation Summary 99 Memory Builders 101 Fill In Key Tables from Memory 101 Definitions 101 Further Reading 101 Chapter 3 Spanning Tree Protocol 103 “Do I Know This Already?” Quiz 103 Foundation Topics 107 802.1D Spanning Tree Protocol and Improvements 107 Choosing Which Ports Forward: Choosing Root Ports and Designated Ports 109 Electing a Root Switch 110 Determining the Root Port 111 Determining the Designated Port 113 Converging to a New STP Topology 115 Topology Change Notification and Updating the CAM 117 Transitioning from Blocking to Forwarding 119 Per-VLAN Spanning Tree and STP over Trunks 119 STP Configuration and Analysis 124 Rapid Spanning Tree Protocol 128 New Port Roles, States and Types, and New Link Types 128 Changes to BPDU Format and Handling 132 Proposal/Agreement Process in RSTP 133 Topology Change Handling in RSTP 136 Rapid Per-VLAN Spanning Tree Plus (RPVST+) 137 Multiple Spanning Trees: IEEE 802.1s 137 MST Principles of Operation 138 Interoperability Between MST and Other STP Versions 141 MST Configuration 144 Protecting and Optimizing STP 148 PortFast Ports 148 Root Guard, BPDU Guard, and BPDU Filter: Protecting Access Ports 149 Protecting Against Unidirectional Link Issues 151 Configuring and Troubleshooting EtherChannels 154 Load Balancing Across Port-Channels 154 Port-Channel Discovery and Configuration 157 Troubleshooting Complex Layer 2 Issues 161 Layer 2 Troubleshooting Process 162 Layer 2 Protocol Troubleshooting and Commands 163 Troubleshooting Using Cisco Discovery Protocol 163 Troubleshooting Using Link Layer Discovery Protocol 165 Troubleshooting Using Basic Interface Statistics 167 xi xii CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Troubleshooting Spanning Tree Protocol 170 Troubleshooting Trunking 171 Troubleshooting VTP 172 Troubleshooting EtherChannels 174 Approaches to Resolving Layer 2 Issues 175 Foundation Summary 177 Memory Builders 179 Fill in Key Tables from Memory 179 Definitions 179 Further Reading 179 Part II IP Networking Chapter 4 IP Addressing 183 “Do I Know This Already?” Quiz 183 Foundation Topics 187 IP Operation 187 TCP Operation 187 UDP Operation 188 IP Addressing and Subnetting 188 IP Addressing and Subnetting Review 188 Subnetting a Classful Network Number 189 Comments on Classless Addressing 191 Subnetting Math 192 Dissecting the Component Parts of an IP Address 192 Finding Subnet Numbers and Valid Range of IP Addresses— Binary 193 Decimal Shortcuts to Find the Subnet Number and Valid Range of IP Addresses 194 Determining All Subnets of a Network—Binary 196 Determining All Subnets of a Network—Decimal 198 VLSM Subnet Allocation 200 Route Summarization Concepts 201 Finding Inclusive Summary Routes—Binary 202 Finding Inclusive Summary Routes—Decimal 203 Finding Exclusive Summary Routes—Binary 204 CIDR, Private Addresses, and NAT 205 Classless Interdomain Routing 206 Private Addressing 207 xiii Network Address Translation 207 Static NAT 209 Dynamic NAT Without PAT 210 Overloading NAT with Port Address Translation 211 Dynamic NAT and PAT Configuration 212 IPv6 214 IPv6 Address Format 215 Network Prefix 215 IPv6 Address Types 216 Address Management and Assignment 216 Static Configuration 217 Stateless Address Autoconfiguration 217 Stateful DHCPv6 217 Stateless DHCP 218 IPv6 Transition Technologies 218 Dual Stack 218 Tunneling 219 Translation 220 Foundation Summary 221 Memory Builders 225 Fill in Key Tables from Memory 225 Definitions 225 Further Reading 225 Chapter 5 IP Services 227 “Do I Know This Already?” Quiz 227 Foundation Topics 232 ARP, Proxy ARP, Reverse ARP, BOOTP, and DHCP 232 ARP and Proxy ARP 232 RARP, BOOTP, and DHCP 233 DHCP 234 HSRP, VRRP, and GLBP 236 Network Time Protocol 240 SNMP 241 SNMP Protocol Messages 243 SNMP MIBs 244 SNMP Security 245 Syslog 245 xiv CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Web Cache Communication Protocol 246 Implementing the Cisco IOS IP Service Level Agreement (IP SLA) Feature 249 Implementing NetFlow 250 Implementing Router IP Traffic Export 252 Implementing Cisco IOS Embedded Event Manager 253 Implementing Remote Monitoring 254 Implementing and Using FTP on a Router 255 Implementing a TFTP Server on a Router 256 Implementing Secure Copy Protocol 257 Implementing HTTP and HTTPS Access 257 Implementing Telnet Access 258 Implementing SSH Access 258 Foundation Summary 259 Memory Builders 264 Fill In Key Tables from Memory 264 Definitions 264 Further Reading 264 Part III IP IGP Routing Chapter 6 IP Forwarding (Routing) 267 “Do I Know This Already?” Quiz 267 Foundation Topics 271 IP Forwarding 271 Process Switching, Fast Switching, and Cisco Express Forwarding 272 Load Sharing with CEF and Related Issues 282 Multilayer Switching 286 MLS Logic 286 Using Routed Ports and Port-channels with MLS 287 MLS Configuration 291 Policy Routing 296 Routing Protocol Changes and Migration 299 Planning the Migration Strategy 300 Activating New IGP While Keeping the Current IGP Intact 300 Verifying New IGP Adjacencies and Working Database Contents 301 Deactivating Current IGP 301 Removing New IGP’s Temporary Settings 303 Specifics of Distance-Vector Protocols in IGP Migration 303 xv Foundation Summary 309 Memory Builders 310 Fill In Key Tables from Memory 310 Definitions 310 Further Reading 310 Chapter 7 RIPv2 and RIPng 313 “Do I Know This Already?” Quiz 313 Foundation Topics 316 Introduction to Dynamic Routing 316 RIPv2 Basics 318 RIPv2 Convergence and Loop Prevention 320 Converged Steady-State Operation 327 Triggered (Flash) Updates and Poisoned Routes 328 RIPv2 Convergence When Routing Updates Cease 331 Convergence Extras 334 RIPv2 Configuration 334 Enabling RIPv2 and the Effects of Autosummarization 335 RIPv2 Authentication 337 RIPv2 Next-Hop Feature and Split Horizon 338 RIPv2 Offset Lists 338 Route Filtering with Distribute Lists and Prefix Lists 338 RIPng for IPv6 339 Foundation Summary 342 Memory Builders 345 Definitions 345 Further Reading 345 Chapter 8 EIGRP 347 “Do I Know This Already?” Quiz 347 Foundation Topics 356 EIGRP Basics and Evolution 356 EIGRP Roots: Interior Gateway Routing Protocol 357 Moving from IGRP to Enhanced IGRP 358 EIGRP Metrics, Packets, and Adjacencies 360 EIGRP Classic Metrics 360 Bandwidth Metric Component 361 Delay Metric Component 361 xvi CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Reliability Metric Component 362 Load Metric Component 362 MTU Metric Component 363 Hop Count Metric Component 363 Calculating the Composite Metric 363 EIGRP Wide Metrics 364 Tweaking Interface Metrics to Influence Path Selection 368 EIGRP Packet Format 368 EIGRP Packets 371 EIGRP Packets in Action 371 Hello Packets 372 Acknowledgment Packets 372 Update Packets 373 Query Packet 374 Reply Packets 374 SIA-Query and SIA-Reply Packets 374 Reliable Transport Protocol 374 Router Adjacencies 376 Diffusing Update Algorithm 380 Topology Table 380 Computed, Reported, and Feasible Distances, and Feasibility Condition 384 Local and Diffusing Computations in EIGRP 391 DUAL FSM 397 Stuck-In-Active State 402 EIGRP Named Mode 410 Address Family Section 414 Per-AF-Interface Configuration Section 415 Per-AF-Topology Configuration Section 416 Additional and Advanced EIGRP Features 417 Router ID 417 Unequal-Cost Load Balancing 420 Add-Path Support 421 Stub Routing 423 Route Summarization 427 Passive Interfaces 431 Graceful Shutdown 432 xvii Securing EIGRP with Authentication 432 Default Routing Using EIGRP 435 Split Horizon 436 EIGRP Over the ToP 437 EIGRP Logging and Reporting 443 EIGRP Route Filtering 443 EIGRP Offset Lists 444 Clearing the IP Routing Table 444 Foundation Summary 445 Memory Builders 450 Fill In Key Tables from Memory 450 Definitions 450 Further Reading 450 Chapter 9 OSPF 453 “Do I Know This Already?” Quiz 453 Foundation Topics 460 OSPF Database Exchange 460 OSPF Router IDs 460 Becoming Neighbors, Exchanging Databases, and Becoming Adjacent 461 OSPF Neighbor States 462 Becoming Neighbors: The Hello Process 464 Transmitting LSA Headers to Neighbors 466 Database Description Exchange: Master/Slave Relationship 466 Requesting, Getting, and Acknowledging LSAs 468 Designated Routers on LANs 469 Designated Router Optimization on LANs 470 DR Election on LANs 471 Designated Routers on WANs and OSPF Network Types 472 Caveats Regarding OSPF Network Types over NBMA Networks 474 Example of OSPF Network Types and NBMA 474 SPF Calculation 479 Steady-State Operation 480 OSPF Design and LSAs 480 OSPF Design Terms 480 OSPF Path Selection Process 482 LSA Types 482 LSA Types 1 and 2 484 LSA Type 3 and Inter-Area Costs 488 xviii CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 LSA Types 4 and 5, and External Route Types 1 and 2 492 OSPF Design in Light of LSA Types 496 Stubby Areas 496 OSPF Path Choices That Do Not Use Cost 502 Choosing the Best Type of Path 502 Best-Path Side Effects of ABR Loop Prevention 502 OSPF Configuration 505 OSPF Costs and Clearing the OSPF Process 507 Alternatives to the OSPF network Command 510 OSPF Filtering 510 Filtering Routes Using the distribute-list Command 511 OSPF ABR LSA Type 3 Filtering 513 Filtering Type 3 LSAs with the area range Command 514 Virtual Link Configuration 515 Configuring Classic OSPF Authentication 517 Configuring Extended Cryptographic OSPF Authentication 520 Protecting OSPF Routers with TTL Security Check 522 Tuning OSPF Performance 523 Tuning the SPF Scheduling with SPF Throttling 524 Tuning the LSA Origination with LSA Throttling 526 Incremental SPF 527 OSPFv2 Prefix Suppression 528 OSPF Stub Router Configuration 529 OSPF Graceful Restart 530 OSPF Graceful Shutdown 532 OSPFv3 533 Differences Between OSPFv2 and OSPFv3 533 Virtual Links, Address Summarization, and Other OSPFv3 Features 534 OSPFv3 LSA Types 534 OSPFv3 in NBMA Networks 536 Configuring OSPFv3 over Frame Relay 537 Enabling and Configuring OSPFv3 537 OSPFv3 Authentication and Encryption 546 OSPFv3 Address Family Support 548 OSPFv3 Prefix Suppression 552 OSPFv3 Graceful Shutdown 552 Foundation Summary 553 xix Memory Builders 560 Fill in Key Tables from Memory 560 Definitions 560 Further Reading 561 Chapter 10 IS-IS 563 “Do I Know This Already?” Quiz 563 Foundation Topics 571 OSI Network Layer and Addressing 572 Levels of Routing in OSI Networks 576 IS-IS Metrics, Levels, and Adjacencies 577 IS-IS Packet Types 579 Hello Packets 579 Link State PDUs 580 Complete and Partial Sequence Numbers PDUs 585 IS-IS Operation over Different Network Types 586 IS-IS Operation over Point-to-Point Links 587 IS-IS Operation over Broadcast Links 592 Areas in IS-IS 598 Authentication in IS-IS 608 IPv6 Support in IS-IS 610 Configuring IS-IS 613 Foundation Summary 625 Memory Builders 629 Fill In Key Tables from Memory 630 Definitions 630 Further Reading 630 Chapter 11 IGP Route Redistribution, Route Summarization, Default Routing, and Troubleshooting 633 “Do I Know This Already?” Quiz 633 Foundation Topics 638 Route Maps, Prefix Lists, and Administrative Distance 638 Configuring Route Maps with the route-map Command 638 Route Map match Commands for Route Redistribution 640 Route Map set Commands for Route Redistribution 641 IP Prefix Lists 641 Administrative Distance 644 xx CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Route Redistribution 645 Mechanics of the redistribute Command 645 Redistribution Using Default Settings 646 Setting Metrics, Metric Types, and Tags 649 Redistributing a Subset of Routes Using a Route Map 650 Mutual Redistribution at Multiple Routers 654 Preventing Suboptimal Routes by Setting the Administrative Distance 656 Preventing Suboptimal Routes by Using Route Tags 659 Using Metrics and Metric Types to Influence Redistributed Routes 661 Route Summarization 663 EIGRP Route Summarization 664 OSPF Route Summarization 665 Default Routes 665 Using Static Routes to 0.0.0.0, with redistribute static 667 Using the default-information originate Command 669 Using the ip default-network Command 670 Using Route Summarization to Create Default Routes 671 Performance Routing (PfR) 672 Performance Routing Operational Phases 673 Performance Routing Concepts 674 Authentication 674 Performance Routing Operational Roles 675 Master Controller (MC) 675 Border Router 676 PfR Basic Configuration 677 Configuration of the Master Controller 677 Configuration of the Border Router 681 Task Completion on R3 682 Troubleshooting Complex Layer 3 Issues 683 Layer 3 Troubleshooting Process 684 Layer 3 Protocol Troubleshooting and Commands 686 IP Routing Processes 686 Approaches to Resolving Layer 3 Issues 695 Foundation Summary 696 xxi Memory Builders 698 Fill In Key Tables from Memory 698 Definitions 698 Further Reading 698 Part IV Final Preparation Chapter 12 Final Preparation 701 Tools for Final Preparation 701 Pearson Cert Practice Test Engine and Questions on the CD 701 Install the Software from the CD 701 Activate and Download the Practice Exam 702 Activating Other Exams 702 Premium Edition 703 The Cisco Learning Network 703 Memory Tables 703 Chapter-Ending Review Tools 704 Suggested Plan for Final Review/Study 704 Using the Exam Engine 704 Summary 705 Part V Appendixes Appendix A Answers to the “Do I Know This Already?” Quizzes 707 Appendix B CCIE Exam Updates 713 Index 714 CD-Only Appendix C Decimal to Binary Conversion Table Appendix D IP Addressing Practice Appendix E Key Tables for CCIE Study Appendix F Solutions for Key Tables for CCIE Study Appendix G Study Planner Glossary xxii CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Icons Used in This Book PC PC with Software Sun Workstation Macintosh Terminal File Server Web Server Cisco Works Workstation Printer Laptop IBM Mainframe Cluster Controller Router Bridge Hub Catalyst Switch Multilayer Switch ATM Switch Communication Server Gateway Network Cloud Line: Ethernet Line: Serial Line: Switched Serial Route/Switch Processor LAN2LAN Switch Label Switch Router ATM router Headquarters Branch Office House, Regular ONS 15540 Optical Services Router Cisco MDS 9500 Fibre Channel JBOD Enterprise Fibre Channel disk Cisco MDS 9500 xxiii Command Syntax Conventions The conventions used to present command syntax in this book are the same conventions used in the IOS Command Reference. The Command Reference describes these conventions as follows: ■ Boldface indicates commands and keywords that are entered literally as shown. In actual configuration examples and output (not general command syntax), boldface indicates commands that are manually input by the user (such as a show command). ■ Italic indicates arguments for which you supply actual values. ■ Vertical bars (|) separate alternative, mutually exclusive elements. ■ Square brackets ([ ]) indicate an optional element. ■ Braces ({ }) indicate a required choice. ■ Braces within brackets ([{ }]) indicate a required choice within an optional element. xxiv CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Introduction The Cisco Certified Internetwork Expert (CCIE) certification might be the most chal- lenging and prestigious of all networking certifications. It has received numerous awards and certainly has built a reputation as one of the most difficult certifications to earn in all of the technology world. Having a CCIE certification opens doors professionally and typically results in higher pay and looks great on a resume. Cisco currently offers several CCIE certifications. This book covers the version 5.0 exam blueprint topics of the written exam for the CCIE Routing and Switching certification. The following list details the currently available CCIE certifications at the time of this book’s publication; check www.cisco.com/go/ccie for the latest information. The certifi- cations are listed in the order in which they appear on the web page: ■ CCDE ■ CCIE Collaboration ■ CCIE Data Center ■ CCIE Routing & Switching ■ CCIE Security ■ CCIE Service Provider ■ CCIE Service Provider Operations ■ CCIE Wireless Each of the CCDE and CCIE certifications requires the candidate to pass both a written exam and a one-day, hands-on lab exam. The written exam is intended to test your knowl- edge of theory, protocols, and configuration concepts that follow good design practices. The lab exam proves that you can configure and troubleshoot actual gear. Why Should I Take the CCIE Routing and Switching Written Exam? The first and most obvious reason to take the CCIE Routing and Switching written exam is that it is the first step toward obtaining the CCIE Routing and Switching certification. Also, you cannot schedule a CCIE lab exam until you pass the corresponding written exam. In short, if you want all the professional benefits of a CCIE Routing and Switching certification, you start by passing the written exam. The benefits of getting a CCIE certification are varied and include the following: ■ Better pay ■ Career-advancement opportunities xxv ■ Applies to certain minimum requirements for Cisco Silver and Gold Channel Partners, as well as those seeking Master Specialization, making you more valuable to Channel Partners ■ Better movement through the problem-resolution process when calling the Cisco TAC ■ Prestige ■ Credibility for consultants and customer engineers, including the use of the Cisco CCIE logo The other big reason to take the CCIE Routing and Switching written exam is that it recertifies an individual’s associate-, professional-, and expert-level Cisco certifications, regardless of his or her technology track. Recertification requirements do change, so please verify the requirements at www.cisco.com/go/certifications . CCIE Routing and Switching Written Exam 400-101 The CCIE Routing and Switching written exam, at the time of this writing, consists of a two-hour exam administered at a proctored exam facility affiliated with Pearson VUE ( www.vue.com/cisco ). The exam typically includes approximately 100 multiple-choice questions. No simulation questions are currently part of the written exam. As with most exams, everyone wants to know what is on the exam. Cisco provides gen- eral guidance as to topics on the exam in the CCIE Routing and Switching written exam blueprint, the most recent copy of which can be accessed from www.cisco.com/go/ccie . Cisco changes both the CCIE written and lab blueprints over time, but Cisco seldom, if ever, changes the exam numbers. However, exactly this change occurred when the CCIE Routing and Switching blueprint was refreshed for v5.0. The previous written exam for v4.0 was numbered 350-001; the v5.0 written exam is identified by 400-101. Table I-1 lists the CCIE Routing and Switching written exam blueprint 5.0 at press time. Table I-1 also lists the chapters that cover each topic. Table I-1 CCIE Routing and Switching Written Exam Blueprint Topics Book Volume Book Chapter 1.0 Network Principles 1.1 Network theory 1.1.a Describe basic software architecture differences between IOS and IOS XE 1.1.a (i) Control plane and Forwarding plane 1 1 1.1.a (ii) Impact on troubleshooting and performance 1 1 1.1.a (iii) Excluding a specific platform’s architecture 1 1 xxvi CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Topics Book Volume Book Chapter 1.1.b Identify Cisco Express Forwarding concepts 1.1.b (i) RIB, FIB, LFIB, Adjacency table 1 6 1.1.b (ii) Load-balancing hash 1 6 1.1.b (iii) Polarization concept and avoidance 1 6 1.1.c Explain general network challenges 1.1.c (i) Unicast flooding 1 4 1.1.c (ii) Out-of-order packets 1 4 1.1.c (iii) Asymmetric routing 1 4 1.1.c (iv) Impact of micro burst 1 4 1.1.d Explain IP operations 1.1.d (i) ICMP unreachable, redirect 1 4 1.1.d (ii) IPv4 options, IPv6 extension headers 1 4 1.1.d (iii) IPv4 and IPv6 fragmentation 1 4 1.1.d (iv) TTL 1 4 1.1.d (v) IP MTU 1 4 1.1.e Explain TCP operations 1.1.e (i) IPv4 and IPv6 PMTU 1 4 1.1.e (ii) MSS 1 4 1.1.e (iii) Latency 1 4 1.1.e (iv) Windowing 1 4 1.1.e (v) Bandwidth delay product 1 4 1.1.e (vi) Global synchronization 1 4 1.1.e (vii) Options 1 4 1.1.f Explain UDP operations 1.1.f (i) Starvation 1 4 1.1.f (ii) Latency 1 4 1.1.f (iii) RTP/RTCP concepts 1 4 1.2 Network implementation and operation 1.2.a Evaluate proposed changes to a network 1.2.a (i) Changes to routing protocol parameters 1 7–10 1.2.a (ii) Migrate parts of a network to IPv6 1 4 xxvii Topics Book Volume Book Chapter 1.2.a (iii) Routing protocol migration 1 6 1.2.a (iv) Adding multicast support 2 8 1.2.a (v) Migrate Spanning Tree Protocol 1 3 1.2.a (vi) Evaluate impact of new traffic on existing QoS design 2 3, 4, 5 1.3 Network troubleshooting 1.3.a Use IOS troubleshooting tools 1.3.a (i) debug, conditional debug 1 4 1.3.a (ii) ping, traceroute with extended options 1 4 1.3.a (iii) Embedded packet capture 2 9 1.3.a (iv) Performance monitor 1 5 1.3.b Apply troubleshooting methodologies 1.3.b (i) Diagnose the root cause of networking issues (analyze symptoms, identify and describe root cause) 1 11 1.3.b (ii) Design and implement valid solutions according to constraints 1 11 1.3.b (iii) Verify and monitor resolution 1 11 1.3.c Interpret packet capture 1.3.c (i) Using Wireshark trace analyzer 2 9 1.3.c (ii) Using IOS embedded packet capture 2 9 2.0 Layer 2 Technologies 2.1 LAN switching technologies 2.1.a Implement and troubleshoot switch administration 2.1.a (i) Managing the MAC address table 1 1 2.1.a (ii) errdisable recovery 1 3 2.1.a (iii) L2 MTU 1 1 2.1.b Implement and troubleshoot Layer 2 protocols 2.1.b (i) CDP, LLDP 1 3 2.1.b (ii) UDLD 1 3 2.1.c Implement and troubleshoot VLAN 2.1.c (i) Access ports 1 2 2.1.c (ii) VLAN database 1 2 2.1.c (iii) Normal, extended VLAN, voice VLAN 1 2 xxviii CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Topics Book Volume Book Chapter 2.1.d Implement and troubleshoot trunking 2.1.d (i) VTPv1, VTPv2, VTPv3, VTP pruning 1 2 2.1.d (ii) dot1Q 1 2 2.1.d (iii) Native VLAN 1 2 2.1.d (iv) Manual pruning 1 2 2.1.e Implement and troubleshoot EtherChannel 2.1.e (i) LACP, PAgP, manual 1 3 2.1.e (ii) Layer 2, Layer 3 1 3 2.1.e (iii) Load balancing 1 3 2.1.e (iv) EtherChannel misconfiguration guard 1 3 2.1.f Implement and troubleshoot spanning tree 2.1.f (i) PVST+/RPVST+/MST 1 3 2.1.f (ii) Switch priority, port priority, path cost, STP timers 1 3 2.1.f (iii) PortFast, BPDU Guard, BPDU Filter 1 3 2.1.f (iv) Loop Guard, Root Guard 1 3 2.1.g Implement and troubleshoot other LAN switching technologies 2.1.g (i) SPAN, RSPAN, ERSPAN 1 1 2.1.h Describe chassis virtualization and aggregation technologies 2.1.h (i) Multichassis 1 1 2.1.h (ii) VSS concepts 1 1 2.1.h (iii) Alternatives to STP 1 1 2.1.h (iv) Stackwise 1 1 2.1.h (v) Excluding specific platform implementation 1 1 2.1.i Describe spanning-tree concepts 2.1.i (i) Compatibility between MST and RSTP 1 3 2.1.i (ii) STP dispute, STP Bridge Assurance 1 3 2.2 Layer 2 multicast 2.2.a Implement and troubleshoot IGMP 2.2.a (i) IGMPv1, IGMPv2, IGMPv3 2 7 2.2.a (ii) IGMP snooping 2 7 2.2.a (iii) IGMP querier 2 7 xxix Topics Book Volume Book Chapter 2.2.a (iv) IGMP filter 2 7 2.2.a (v) IGMP proxy 2 7 2.2.b Explain MLD 2 8 2.2.c Explain PIM snooping 2 8 2.3 Layer 2 WAN circuit technologies 2.3.a Implement and troubleshoot HDLC 2 6 2.3.b Implement and troubleshoot PPP 2.3.b (i) Authentication (PAP, CHAP) 2 6 2.3.b (ii) PPPoE 2 6 2.3.b (iii) MLPPP 2 6 2.3.c Describe WAN rate-based Ethernet circuits 2.3.c (i) Metro and WAN Ethernet topologies 2 6 2.3.c (ii) Use of rate-limited WAN Ethernet services 2 6 3.0 Layer 3 Technologies 3.1 Addressing technologies 3.1.a Identify, implement, and troubleshoot IPv4 addressing and subnetting 3.1.a (i) Address types, VLSM 1 4 3.1.a (ii) ARP 1 4 3.1.b Identify, implement, and troubleshoot IPv6 addressing and subnetting 3.1.b (i) Unicast, multicast 1 4 3.1.b (ii) EUI-64 1 4 3.1.b (iii) ND, RS/RA 1 4 3.1.b (iv) Autoconfig/SLAAC, temporary addresses (RFC 4941) 1 4 3.1.b (v) Global prefix configuration feature 1 4 3.1.b (vi) DHCP protocol operations 1 4 3.1.b (vii) SLAAC/DHCPv6 interaction 2 10 3.1.b (viii) Stateful, stateless DHCPv6 1 4 3.1.b (ix) DHCPv6 prefix delegation 1 4 3.2 Layer 3 multicast 3.2.a Troubleshoot reverse path forwarding xxx CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Topics Book Volume Book Chapter 3.2.a (i) RPF failure 2 8 3.2.a (ii) RPF failure with tunnel interface 2 8 3.2.b Implement and troubleshoot IPv4 protocol independent multicast 3.2.b (i) PIM dense mode, sparse mode, sparse-dense mode 2 8 3.2.b (ii) Static RP, auto-RP, BSR 2 8 3.2.b (iii) Bidirectional PIM 2 8 3.2.b (iv) Source-specific multicast 2 8 3.2.b (v) Group-to-RP mapping 2 8 3.2.b (vi) Multicast boundary 2 8 3.2.c Implement and troubleshoot multicast source discovery protocol 3.2.c (i) Intra-domain MSDP (anycast RP) 2 8 3.2.c (ii) SA filter 2 8 3.2.d Describe IPv6 multicast 3.2.d (i) IPv6 multicast addresses 2 7 3.2.d (ii) PIMv6 2 8 3.3 Fundamental routing concepts 3.3.a Implement and troubleshoot static routing 1 6 3.3.b Implement and troubleshoot default routing 1 7–11 3.3.c Compare routing protocol types 3.3.c (i) Distance vector 1 7 3.3.c (ii) Link state 1 7 3.3.c (iii) Path vector 1 7 3.3.d Implement, optimize, and troubleshoot administrative distance 1 11 3.3.e Implement and troubleshoot passive interface 1 7–10 3.3.f Implement and troubleshoot VRF lite 2 11 3.3.g Implement, optimize, and troubleshoot filtering with any routing protocol 1 11 3.3.h Implement, optimize, and troubleshoot redistribution between any routing protocols 1 11 3.3.i Implement, optimize, and troubleshoot manual and auto summarization with any routing protocol 1 7–10 xxxi Topics Book Volume Book Chapter 3.3.j Implement, optimize, and troubleshoot policy-based routing 1 6 3.3.k Identify and troubleshoot suboptimal routing 1 11 3.3.l Implement and troubleshoot bidirectional forwarding detection 1 11 3.3.m Implement and troubleshoot loop prevention mechanisms 3.3.m (i) Route tagging, filtering 1 11 3.3.m (ii) Split horizon 1 7 3.3.m (iii) Route poisoning 1 7 3.3.n Implement and troubleshoot routing protocol authentication 3.3.n (i) MD5 1 7–10 3.3.n (ii) Key-chain 1 7–10 3.3.n (iii) EIGRP HMAC SHA2-256bit 1 8 3.3.n (iv) OSPFv2 SHA1-196bit 1 9 3.3.n (v) OSPFv3 IPsec authentication 1 9 3.4 RIP (v2 and v6) 3.4.a Implement and troubleshoot RIPv2 1 7 3.4.b Describe RIPv6 (RIPng) 1 7 3.5 EIGRP (for IPv4 and IPv6) 3.5.a Describe packet types 3.5.a (i) Packet types (hello, query, update, and so on) 1 8 3.5.a (ii) Route types (internal, external) 1 8 3.5.b Implement and troubleshoot neighbor relationship 3.5.b (i) Multicast, unicast EIGRP peering 1 8 3.5.b (ii) OTP point-to-point peering 1 8 3.5.b (iii) OTP route-reflector peering 1 8 3.5.b (iv) OTP multiple service providers scenario 1 8 3.5.c Implement and troubleshoot loop-free path selection 3.5.c (i) RD, FD, FC, successor, feasible successor 1 8 3.5.c (ii) Classic metric 1 8 3.5.c (iii) Wide metric 1 8 3.5.d Implement and troubleshoot operations 3.5.d (i) General operations 1 8 xxxii CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Topics Book Volume Book Chapter 3.5.d (ii) Topology table, update, query, active, passive 1 8 3.5.d (iii) Stuck in active 1 8 3.5.d (iv) Graceful shutdown 1 8 3.5.e Implement and troubleshoot EIGRP stub 3.5.e (i) Stub 1 8 3.5.e (ii) Leak-map 1 8 3.5.f Implement and troubleshoot load balancing 3.5.f (i) equal-cost 1 8 3.5.f (ii) unequal-cost 1 8 3.5.f (iii) add-path 1 8 3.5.g Implement EIGRP (multiaddress) named mode 3.5.g (i) Types of families 1 8 3.5.g (ii) IPv4 address-family 1 8 3.5.g (iii) IPv6 address-family 1 8 3.5.h Implement, troubleshoot, and optimize EIGRP convergence and scalability 3.5.h (i) Describe fast convergence requirements 1 8 3.5.h (ii) Control query boundaries 1 8 3.5.h (iii) IP FRR/fast reroute (single hop) 1 8 3.5.h (iv) Summary leak-map 1 8 3.5.h (v) Summary metric 1 8 3.6 OSPF (v2 and v3) 3.6.a Describe packet types 3.6.a (i) LSA types (1, 2, 3, 4, 5, 7, 9) 1 9 3.6.a (ii) Route types (N1, N2, E1, E2) 1 9 3.6.b Implement and troubleshoot neighbor relationship 1 9 3.6.c Implement and troubleshoot OSPFv3 address-family support 3.6.c (i) IPv4 address-family 1 9 3.6.c (ii) IPv6 address-family 1 9 3.6.d Implement and troubleshoot network types, area types, and router types 3.6.d (i) Point-to-point, multipoint, broadcast, nonbroadcast 1 9 xxxiii Topics Book Volume Book Chapter 3.6.d (ii) LSA types, area type: backbone, normal, transit, stub, NSSA, totally stub 1 9 3.6.d (iii) Internal router, ABR, ASBR 1 9 3.6.d (iv) Virtual link 1 9 3.6.e Implement and troubleshoot path preference 1 9 3.6.f Implement and troubleshoot operations 3.6.f (i) General operations 1 9 3.6.f (ii) Graceful shutdown 1 9 3.6.f (iii) GTSM (Generic TTL Security Mechanism) 1 9 3.6.g Implement, troubleshoot, and optimize OSPF convergence and scalability 3.6.g (i) Metrics 1 9 3.6.g (ii) LSA throttling, SPF tuning, fast hello 1 9 3.6.g (iii) LSA propagation control (area types, ISPF) 1 9 3.6.g (iv) IP FRR/fast reroute (single hop) 1 9 3.6.g (v) LFA/loop-free alternative (multihop) 1 9 3.6.g (vi) OSPFv3 prefix suppression 1 9 3.7 BGP 3.7.a Describe, implement, and troubleshoot peer relationships 3.7.a (i) Peer-group, template 2 1 3.7.a (ii) Active, passive 2 1 3.7.a (iii) States, timers 2 1 3.7.a (iv) Dynamic neighbors 2 1 3.7.b Implement and troubleshoot IBGP and EBGP 3.7.b (i) EBGP, IBGP 2 1 3.7.b (ii) 4-byte AS number 2 1 3.7.b (iii) Private AS 2 1 3.7.c Explain attributes and best-path selection 2 1 3.7.d Implement, optimize, and troubleshoot routing policies 3.7.d (i) Attribute manipulation 2 2 3.7.d (ii) Conditional advertisement 2 2 3.7.d (iii) Outbound route filtering 2 2 xxxiv CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Topics Book Volume Book Chapter 3.7.d (iv) Communities, extended communities 2 2 3.7.d (v) Multihoming 2 2 3.7.e Implement and troubleshoot scalability 3.7.e (i) Route-reflector, cluster 2 2 3.7.e (ii) Confederations 2 2 3.7.e (iii) Aggregation, AS set 2 2 3.7.f Implement and troubleshoot multiprotocol BGP 3.7.f (i) IPv4, IPv6, VPN address-family 2 2 3.7.g Implement and troubleshoot AS path manipulations 3.7.g (i) Local AS, allow AS in, remove private AS 2 2 3.7.g (ii) Prepend 2 2 3.7.g (iii) Regexp 2 2 3.7.h Implement and troubleshoot other features 3.7.h (i) Multipath 2 2 3.7.h (ii) BGP synchronization 2 2 3.7.h (iii) Soft reconfiguration, route refresh 2 2 3.7.i Describe BGP fast convergence features 3.7.i (i) Prefix independent convergence 2 2 3.7.i (ii) Add-path 2 2 3.7.i (iii) Next-hop address tracking 2 2 3.8 IS-IS (for IPv4 and IPv6) 3.8.a Describe basic IS-IS network 3.8.a (i) Single area, single topology 1 10 3.8.b Describe neighbor relationship 1 10 3.8.c Describe network types, levels, and router types 3.8.c (i) NSAP addressing 1 10 3.8.c (ii) Point-to-point, broadcast 1 10 3.8.d Describe operations 1 10 3.8.e Describe optimization features 3.8.e (i) Metrics, wide metric 1 10 4.0 VPN Technologies xxxv Topics Book Volume Book Chapter 4.1 Tunneling 4.1.a Implement and troubleshoot MPLS operations 4.1.a (i) Label stack, LSR, LSP 2 11 4.1.a (ii) LDP 2 11 4.1.a (iii) MPLS ping, MPLS traceroute 2 11 4.1.b Implement and troubleshoot basic MPLS L3VPN 4.1.b (i) L3VPN, CE, PE, P 2 11 4.1.b (ii) Extranet (route leaking) 2 11 4.1.c Implement and troubleshoot encapsulation 4.1.c (i) GRE 2 10 4.1.c (ii) Dynamic GRE 2 10 4.1.c (iii) LISP encapsulation principles supporting EIGRP OTP 1 8 4.1.d Implement and troubleshoot DMVPN (single hub) 4.1.d (i) NHRP 2 10 4.1.d (ii) DMVPN with IPsec using preshared key 2 10 4.1.d (iii) QoS profile 2 10 4.1.d (iv) Pre-classify 2 10 4.1.e Describe IPv6 tunneling techniques 4.1.e (i) 6in4, 6to4 2 8 4.1.e (ii) ISATAP 2 8 4.1.e (iii) 6RD 2 8 4.1.e (iv) 6PE/6VPE 2 8 4.1.g Describe basic Layer 2 VPN—wireline 4.1.g (i) L2TPv3 general principles 2 10 4.1.g (ii) ATOM general principles 2 11 4.1.h Describe basic L2VPN—LAN services 4.1.h (i) MPLS-VPLS general principles 2 10 4.1.h (ii) OTV general principles 2 10 4.2 Encryption 4.2.a Implement and troubleshoot IPsec with preshared key 4.2.a (i) IPv4 site to IPv4 site 2 10 xxxvi CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Topics Book Volume Book Chapter 4.2.a (ii) IPv6 in IPv4 tunnels 2 10 4.2.a (iii) Virtual tunneling Interface (VTI) 2 10 4.2.b Describe GET VPN 2 10 5.0 Infrastructure Security 5.1 Device security 5.1.a Implement and troubleshoot IOS AAA using local database 2 9 5.1.b Implement and troubleshoot device access control 5.1.b (i) Lines (VTY, AUX, console) 1 5 5.1.b (ii) SNMP 1 5 5.1.b (iii) Management plane protection 2 9 5.1.b (iv) Password encryption 1 5 5.1.c Implement and troubleshoot control plane policing 2 9 5.1.d Describe device security using IOS AAA with TACACS+ and RADIUS 5.1.d (i) AAA with TACACS+ and RADIUS 2 9 5.1.d (ii) Local privilege authorization fallback 2 9 5.2 Network security 5.2.a Implement and troubleshoot switch security features 5.2.a (i) VACL, PACL 2 9 5.2.a (ii) Stormcontrol 2 9 5.2.a (iii) DHCP snooping 2 9 5.2.a (iv) IP source-guard 2 9 5.2.a (v) Dynamic ARP inspection 2 9 5.2.a (vi) port-security 2 9 5.2.a (vii) Private VLAN 1 2 5.2.b Implement and troubleshoot router security features 5.2.b (i) IPv4 access control lists (standard, extended, time-based) 2 9 5.2.b (ii) IPv6 traffic filter 2 9 5.2.b (iii) Unicast reverse path forwarding 2 9 5.2.c Implement and troubleshoot IPv6 first-hop security 5.2.c (i) RA guard 2 9 xxxvii Topics Book Volume Book Chapter 5.2.c (ii) DHCP guard 2 9 5.2.c (iii) Binding table 2 9 5.2.c (iv) Device tracking 2 9 5.2.c (v) ND inspection/snooping 2 9 5.2.c (vii) Source guard 2 9 5.2.c (viii) PACL 2 9 5.2.d Describe 802.1x 5.2.d (i) 802.1x, EAP, RADIUS 2 9 5.2.d (ii) MAC authentication bypass 2 9 6.0 Infrastructure Services 6.1 System management 6.1.a Implement and troubleshoot device management 6.1.a (i) Console and VTY 1 5 6.1.a (ii) Telnet, HTTP, HTTPS, SSH, SCP 1 5 6.1.a (iii) (T)FTP 1 5 6.1.b Implement and troubleshoot SNMP 6.1.b (i) v2c, v3 1 5 6.1.c Implement and troubleshoot logging 6.1.c (i) Local logging, syslog, debug, conditional debug 1 5 6.1.c (ii) Timestamp 2 6 6.2 Quality of service 6.2.a Implement and troubleshoot end-to-end QoS 6.2.a (i) CoS and DSCP mapping 2 3 6.2.b Implement, optimize, and troubleshoot QoS using MQC 6.2.b (i) Classification 2 3 6.2.b (ii) Network-based application recognition (NBAR) 2 3 6.2.b (iii) Marking using IP precedence, DSCP, CoS, ECN 2 3 6.2.b (iv) Policing, shaping 2 5 6.2.b (v) Congestion management (queuing) 2 4 6.2.b (vi) HQoS, subrate Ethernet link 2 3, 4, 5 6.2.b (vii) Congestion avoidance (WRED) 2 4 xxxviii CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Topics Book Volume Book Chapter 6.2.c Describe Layer 2 QoS 6.2.c (i) Queuing, scheduling 2 4 6.2.c (ii) Classification, marking 2 2 6.3 Network services 6.3.a Implement and troubleshoot first-hop redundancy protocols 6.3.a (i) HSRP, GLBP, VRRP 1 5 6.3.a (ii) Redundancy using IPv6 RS/RA 1 5 6.3.b Implement and troubleshoot Network Time Protocol 6.3.b (i) NTP master, client, version 3, version 4 1 5 6.3.b (ii) NTP Authentication 1 5 6.3.c Implement and troubleshoot IPv4 and IPv6 DHCP 6.3.c (i) DHCP client, IOS DHCP server, DHCP relay 1 5 6.3.c (ii) DHCP options 1 5 6.3.c (iii) DHCP protocol operations 1 5 6.3.c (iv) SLAAC/DHCPv6 interaction 1 4 6.3.c (v) Stateful, stateless DHCPv6 1 4 6.3.c (vi) DHCPv6 prefix delegation 1 4 6.3.d Implement and troubleshoot IPv4 Network Address Translation 6.3.d (i) Static NAT, dynamic NAT, policy-based NAT, PAT 1 5 6.3.d (ii) NAT ALG 2 10 6.3.e Describe IPv6 Network Address Translation 6.3.e (i) NAT64 2 10 6.3.e (ii) NPTv6 2 10 6.4 Network optimization 6.4.a Implement and troubleshoot IP SLA 6.4.a (i) ICMP, UDP, jitter, VoIP 1 5 6.4.b Implement and troubleshoot tracking object 6.4.b (i) Tracking object, tracking list 1 5 6.4.b (ii) Tracking different entities (for example, interfaces, routes, IPSLA, and so on) 1 5 6.4.c Implement and troubleshoot NetFlow xxxix Topics Book Volume Book Chapter 6.4.c (i) NetFlow v5, v9 1 5 6.4.c (ii) Local retrieval 1 5 6.4.c (iii) Export (configuration only) 1 5 6.4.d Implement and troubleshoot embedded event manager 6.4.d (i) EEM policy using applet 1 5 6.4.e Identify performance routing (PfR) 6.4.e (i) Basic load balancing 1 11 6.4.e (ii) Voice optimization 1 11 To give you practice on these topics, and pull the topics together, Edition 5 of the CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 includes a large set of CD questions that mirror the types of questions expected for the Version 5.0 blueprint. By their very nature, these topics require the application of the knowledge listed throughout the book. This special section of questions provides a means to learn and practice these skills with a proportionally larger set of questions added specifically for this purpose. These questions will be available to you in the practice test engine database, whether you take full exams or choose questions by category. About the CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 , Fifth Edition This section provides a brief insight into the contents of the book, the major goals, and some of the book features that you will encounter when using this book. Book Organization This volume contains four major parts. Beyond the chapters in these parts of the book, you will find several useful appendixes gathered in Part V . Following is a description of each part’s coverage: ■ Part I , “LAN Switching” ( Chapters 1 – 3 ) This part focuses on LAN Layer 2 features, specifically Ethernet ( Chapter 1 ), VLANs and trunking ( Chapter 2 ), and Spanning Tree Protocol ( Chapter 3 ). ■ Part II , “IP Networking” ( Chapters 4 – 5 ) This part covers details across the spectrum of the TCP/IP protocol stack. It includes Layer 3 basics ( Chapter 4 ) and IP services such as DHCP and ARP ( Chapter 5 ). xl CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 ■ Part III , “IP IGP Routing” ( Chapters 6 – 11 ) This part covers some of the more important topics on the exam and is easily the largest part of this volume. It covers Layer 3 forwarding concepts ( Chapter 6 ), fol- lowed by three routing protocol chapters, one each about RIPv2, EIGRP, OSPF, and IS-IS ( Chapters 7 through 10 , respectively), and concludes with a discussion of IGP redistribution and routing information optimization ( Chapter 11 ). ■ Part IV , “Final Preparation” Chapter 12 , “Final Preparation,” contains instructions about using the testing soft- ware on the CD to verify your knowledge, presents suggestions on approaching your studies, and includes hints about further expanding your knowledge by participating in the Cisco Learning Network. ■ Part V , “Appendixes” ■ Appendix A , “Answers to the ‘Do I Know This Already?’ Quizzes”—This appen- dix lists answers and explanations for the questions at the beginning of each chapter. ■ Appendix B , “Exam Updates”—As of the first printing of the book, this appen- dix contains only a few words that reference the web page for this book, at www.ciscopress.com/title/9781587143960 . As the blueprint evolves over time, the authors will post new materials at the website. Any future printings of the book will include the latest newly added materials in printed form in Appendix B . If Cisco releases a major exam update, changes to the book will be available only in a new edition of the book and not on this site. Note Appendixes C, D, E, F, and G and the Glossary are in printable, PDF format on the CD. ■ Appendix C , “Decimal to Binary Conversion Table” (CD-only)—This appendix lists the decimal values 0 through 255, with their binary equivalents. ■ Appendix D , “IP Addressing Practice” (CD-only)—This appendix lists several practice problems for IP subnetting and finding summary routes. The explana- tions to the answers use the shortcuts described in the book. ■ Appendix E , “Key Tables for CCIE Study” (CD-only)—This appendix lists the most important tables from the core chapters of the book. The tables have much of the content removed so that you can use them as an exercise. You can print the PDF file and then fill in the table from memory, checking your answers against the completed tables in Appendix F . ■ Appendix G, “Study Planner” (CD-only)—This appendix is a spreadsheet with major study milestones, where you can track your progress through your study. ■ Glossary (CD-only)—The Glossary contains the key terms listed in the book. xli Book Features The core chapters of this book have several features that help you make the best use of your time: ■ “Do I Know This Already?” Quizzes: Each chapter begins with a quiz that helps you to determine the amount of time you need to spend studying that chapter. If you score yourself strictly, and you miss only one question, you might want to skip the core of the chapter and move on to the “Foundation Summary” section at the end of the chapter, which lets you review facts and spend time on other topics. If you miss more than one, you might want to spend some time reading the chapter or at least reading sections that cover topics about which you know you are weaker. ■ Foundation Topics: These are the core sections of each chapter. They explain the protocols, concepts, and configuration for the topics in that chapter. ■ Foundation Summary: The “Foundation Summary” section of this book departs from the typical features of the “Foundation Summary” section of other Cisco Press Exam Certification Guides. This section does not repeat any details from the “Foundation Topics” section; instead, it simply summarizes and lists facts related to the chapter but for which a longer or more detailed explanation is not warranted. ■ Key topics: Throughout the “Foundation Topics” section, a Key Topic icon has been placed beside the most important areas for review. After reading a chapter, when doing your final preparation for the exam, take the time to flip through the chapters, looking for the Key Topic icons, and review those paragraphs, tables, figures, and lists. ■ Fill In Key Tables from Memory: The more important tables from the chapters have been copied to PDF files available on the CD as Appendix E . The tables have most of the information removed. After printing these mostly empty tables, you can use them to improve your memory of the facts in the table by trying to fill them out. This tool should be useful for memorizing key facts. That same CD-only appendix contains the completed tables so that you can check your work. ■ CD-based practice exam: The companion CD contains multiple-choice questions and a testing engine. The CD includes 200 questions unique to the CD. As part of your final preparation, you should practice with these questions to help you get used to the exam-taking process, as well as to help refine and prove your knowledge of the exam topics. ■ Key terms and Glossary: The more important terms mentioned in each chapter are listed at the end of each chapter under the heading “Definitions.” The Glossary, found on the CD that comes with this book, lists all the terms from the chapters. When studying each chapter, you should review the key terms, and for those terms about which you are unsure of the definition, you can review the short definitions from the Glossary. ■ Further Reading: Most chapters include a suggested set of books and websites for additional study on the same topics covered in that chapter. Often, these references will be useful tools for preparation for the CCIE Routing and Switching lab exam. Blueprint topics covered in this chapter: This chapter covers the following subtopics from the Cisco CCIE Routing and Switching written exam blueprint. Refer to the full blueprint in Table I-1 in the Introduction for more details on the topics covered in each chapter and their context within the blueprint. ■ Ethernet ■ Speed ■ Duplex ■ Fast Ethernet ■ Gigabit Ethernet ■ SPAN, RSPAN, and ERSPAN ■ Virtual Switch System (VSS) ■ IOS-XE Ethernet has been the mainstay LAN protocol for years, and that is not anticipated to change anytime soon. More often than not, most people studying network and net- work fundamentals are very familiar with the protocol operations, its limitations, and its strengths. This level of familiarity often makes us complacent when it comes to determin- ing a solid starting point for teaching technology. But when we consider how many tech- nologies owe their capacity and capabilities to Ethernet, it becomes clear that this is the best place to start any discussion about networking. Ethernet is so established and use- ful that its role is expanding constantly. In fact, today it has even found its way into the WAN. Ethernet WAN technologies like Metro-Ethernet have changed the way we build geographically dispersed infrastructure and have paved the way for greater throughput in what was traditionally a slow and restrictive mode of transport. So with the understanding that the majority of readers are probably very familiar with Ethernet based on working with it on a day-to-day basis, we still need to ensure that we pay proper due diligence to the technology simply because it is so fundamental to the creation of both the most basic and the most complex network environments, and even though we are for the most part very knowledgeable about its operation, we might have forgotten some of the nuisances of its operation. So in this chapter, the intention is to outline those operations as clearly and succinctly as possible. For exam preparation, it is typically useful to use all the refresher tools: Take the “Do I Know This Already?” quiz, complete the definitions of the terms listed at the end of the chapter, print and complete the tables in Appendix E , “Key Tables for CCIE Study,” and certainly answer all the CD-ROM questions concerning Ethernet. “Do I Know This Already?” Quiz Table 1-1 outlines the major headings in this chapter and the corresponding “Do I Know This Already?” quiz questions. CHAPTER 1 Ethernet Basics 4 CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Table 1-1 “Do I Know This Already?” Foundation Topics Section-to-Question Mapping Foundation Topics Section Questions Covered in This Section Score Ethernet Layer 1: Wiring, Speed, and Duplex 1–4 Ethernet Layer 2: Framing and Addressing 5–6 Switching and Bridging Logic 7 SPAN, RSPAN, and ERSPAN 8–9 Virtual Switch System 10–11 IOS Modernization 12 Total Score To best use this pre-chapter assessment, remember to score yourself strictly. You can find the answers in Appendix A , “Answers to the ‘Do I Know This Already?’ Quizzes.” 1. Which of the following denotes the correct usage of pins on the RJ-45 connectors at the opposite ends of an Ethernet crossover cable? a. 1 to 1 b. 1 to 2 c. 1 to 3 d. 6 to 1 e. 6 to 2 f. 6 to 3 2. Which of the following denotes the correct usage of pins on the RJ-45 connectors at the opposite ends of an Ethernet straight-through cable? a. 1 to 1 b. 1 to 2 c. 1 to 3 d. 6 to 1 e. 6 to 2 f. 6 to 3 Chapter 1: Ethernet Basics 5 3. Which of the following commands must be configured on a Cisco IOS switch inter- face to disable Ethernet autonegotiation? a. no auto-negotiate b. no auto c. Both speed and duplex d. duplex e. speed 4. Consider an Ethernet crossover cable between two 10/100 ports on Cisco switches. One switch has been configured for 100-Mbps full duplex. Which of the following is true about the other switch? a. It will use a speed of 10 Mbps. b. It will use a speed of 100 Mbps. c. It will use a duplex setting of half duplex. d. It will use a duplex setting of full duplex. 5. Which of the following Ethernet header type fields is a 2-byte field? a. DSAP b. Type (in SNAP header) c. Type (in Ethernet V2 header) d. LLC Control 6. Which of the following standards defines a Fast Ethernet standard? a. IEEE 802.1Q b. IEEE 802.3U c. IEEE 802.1X d. IEEE 802.3Z e. IEEE 802.3AB f. IEEE 802.1AD 7. Suppose a brand-new Cisco IOS–based switch has just been taken out of the box and cabled to several devices. One of the devices sends a frame. For which of the following destinations would a switch flood the frames out all ports (except the port upon which the frame was received)? a. Broadcasts b. Unknown unicasts c. Known unicasts d. Multicasts 6 CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 8. Which of the following configuration issues will keep a SPAN session from becom- ing active? a. Misconfigured destination port b. Destination port configured as a trunk c. Destination port shutdown d. Source port configured as a trunk 9. Which of the following are rules for SPAN configuration? a. SPAN source and destination ports must be configured for the same speed and duplex. b. If the SPAN source port is configured for 100 Mbps, the destination port must be configured for 100 Mbps or more. c. In a SPAN session, sources must consist of either physical interfaces or VLANs, but not a mix of these. d. Remote SPAN VLANs must be in the range of VLAN 1–66. e. Only three SPAN sessions can be configured on one switch. 10. What tool is available to reduce the complexity of a modern network infrastructure that has direct impact on both Layer 2 and Layer 3 design? a. Spanning Tree Protocol b. Bridge Assurance c. Virtual Switch Design d. Virtual Switching System e. IOS-XR 11. In a Virtual Switch System configuration, what operational component is used to transport Control, Management, and Data Plane traffic between peers? a. VPC-Link b. Sham-Link c. Virtual Switch Link d. Port-Channel e. Ether-Channel Chapter 1: Ethernet Basics 7 12. Cisco IOS was expanded so that it could support modern enterprise deployments by moving away from a monolithic architecture to a more modular design model. What is this current version of IOS? a. CUOS b. IOS-NG c. LINUX d. IOS-XE e. IOS-version 2.0 8 CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Foundation Topics Ethernet Layer 1: Wiring, Speed, and Duplex Before you make an Ethernet LAN functional, end-user devices, routers, and switches must be cabled correctly. To run with fewer transmission errors at higher speeds, and to support longer cable distances, variations of copper and optical cabling can be used. The different Ethernet specifications, cable types, and cable lengths per the various specifica- tions are important for the exam, and are listed in the “Foundation Summary” section, later in this chapter. RJ-45 Pinouts and Category 5 Wiring You should know the details of crossover and straight-through Category 5 (Cat 5), Cat 5e, or Cat 6 cabling for almost any networking job. The EIA/TIA defines the cabling specifications for Ethernet LANs ( www.eia.org and http://www.tiaonline.org ), including the pinouts for the RJ-45 connects, as shown in Figure 1-1 . Figure 1-1 RJ-45 Pinouts with Four-Pair UTP Cabling The most popular Ethernet standards (10BASE-T and 100BASE-TX) each use two twisted pairs (specifically pairs 2 and 3 shown in Figure 1-1 ), with one pair used for transmission in each direction. Depending on which pair a device uses to transmit and receive, either a straight-through or crossover cable is required. Table 1-2 summarizes how the cabling and pinouts work. Table 1-2 Ethernet Cabling Types Type of Cable Pinouts Key Pins Connected Straight-through T568A (both ends) or T568B (both ends) 1–1; 2–2; 3–3; 6–6 Crossover T568A on one end, and T568B on the other 1–3; 2–6; 3–1; 6–2 Key Topic Key Topic Chapter 1: Ethernet Basics 9 Many Ethernet standards use two twisted pairs, with one pair being used for transmis- sion in each direction. For example, a PC network interface card (NIC) transmits on pair 1,2 and receives on pair 3,6; switch ports do the opposite. So, a straight-through cable works well, connecting pair 1,2 on the PC (PC transmit pair) to the switch port’s pair 1,2, on which the switch receives. When the two devices on the ends of the cable both transmit using the same pins, a crossover cable is required. For example, if two connected switches send using the pair at pins 3,6 and receive on pins 1,2, the cable needs to con- nect the pair at 3,6 on one end to pins 1,2 at the other end, and vice versa. Note Crossover cables can also be used between a pair of PCs, swapping the transmit pair on one end (1,2) with the receive pins at the other end (3,6). Cisco also supports a switch feature that lets the switch figure out whether the wrong cable is installed: Auto-MDIX (automatic medium-dependent interface crossover) detects the wrong cable and causes the switch to swap the pair it uses for transmitting and receiving, which solves the cabling problem. (As of publication, this feature is not sup- ported on all Cisco switch models.) Autonegotiation, Speed, and Duplex By default, each Cisco switch port uses Ethernet autonegotiation to determine the speed and duplex setting (half or full). The switches can also set their duplex setting with the duplex interface subcommand, and their speed with—you guessed it—the speed interface subcommand. Switches can dynamically detect the speed setting on a particular Ethernet segment by using a few different methods. Cisco switches (and many other devices) can sense the speed using the Fast Link Pulses (FLP) of the autonegotiation process. However, if auto- negotiation is disabled on either end of the cable, the switch detects the speed anyway based on the incoming electrical signal. You can force a speed mismatch by statically configuring different speeds on both ends of the cable, causing the link to no longer function. Switches detect duplex settings through autonegotiation only. If both ends have auto- negotiation enabled, the duplex is negotiated. However, if either device on the cable disables autonegotiation, the devices without a configured duplex setting must assume a default. Cisco switches use a default duplex setting of half duplex (HDX) (for 10-Mbps and 100-Mbps interfaces) or full duplex (FDX) (for 1000-Mbps interfaces). To disable autonegotiation on a Cisco switch port, you simply need to statically configure the speed and the duplex settings. Ethernet devices can use FDX only when collisions cannot occur on the attached cable; a collision-free link can be guaranteed only when a shared hub is not in use. The next few topics review how Ethernet deals with collisions when they do occur, as well as what is different with Ethernet logic in cases where collisions cannot occur and FDX is allowed. 10 CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 CSMA/CD The original Ethernet specifications expected collisions to occur on the LAN. The media were shared, creating a literal electrical bus. Any electrical signal induced onto the wire could collide with a signal induced by another device. When two or more Ethernet frames overlap on the transmission medium at the same instant in time, a collision occurs; the collision results in bit errors and lost frames. The original Ethernet specifications defined the Carrier Sense Multiple Access with Collision Detection (CSMA/CD) algorithm to deal with the inevitable collisions. CSMA/CD minimizes the number of collisions, but when they occur, CSMA/CD defines how the sending stations can recognize the collisions and retransmit the frame. The fol- lowing list outlines the steps in the CSMA/CD process: 1. A device with a frame to send listens until the Ethernet is not busy (in other words, the device cannot sense a carrier signal on the Ethernet segment). 2. When the Ethernet is not busy, the sender begins sending the frame. 3. The sender listens to make sure that no collision occurred. 4. If there was a collision, all stations that sent a frame send a jamming signal to ensure that all stations recognize the collision. 5. After the jamming is complete, each sender of one of the original collided frames randomizes a timer and waits that long before resending. (Other stations that did not create the collision do not have to wait to send.) 6. After all timers expire, the original senders can begin again with Step 1. Collision Domains and Switch Buffering A collision domain is a set of devices that can send frames that collide with frames sent by another device in that same set of devices. Before the advent of LAN switches, Ethernets were either physically shared (10BASE2 and 10BASE5) or shared by virtue of shared hubs and their Layer 1 “repeat out all other ports” logic. Ethernet switches greatly reduce the number of possible collisions, both through frame buffering and through their more complete Layer 2 logic. By definition of the term, Ethernet hubs ■ Operate solely at Ethernet Layer 1 ■ Repeat (regenerate) electrical signals to improve cabling distances ■ Forward signals received on a port out all other ports (no buffering) As a result of a hub’s logic, a hub creates a single collision domain . Switches, however, create a different collision domain per switch port, as shown in Figure 1-2 . Key Topic Key Topic Chapter 1: Ethernet Basics 11 Larry Archie Bob SW1 Larry 1 Collision Domain 10BASE-T, using Shared hub Multiple Collision Domain 10BASE-T, using Switch Solid Lines Represent Twisted Pair Cabling Archie Bob Hub1 Figure 1-2 Collision Domains with Hubs and Switches Switches have the same cabling and signal regeneration benefits as hubs, but switches do a lot more—including sometimes reducing or even eliminating collisions by buffering frames. When switches receive multiple frames on different switch ports, they store the frames in memory buffers to prevent collisions. For example, imagine that a switch receives three frames at the same time, entering three different ports, and they all must exit the same switch port. The switch simply stores two of the frames in memory, forwarding the frames sequentially. As a result, in Figure 1-2 , the switch prevents any frame sent by Larry from colliding with a frame sent by Archie or Bob—which by definition puts each of the PCs attached to the switch in Figure 1-2 in different collision domains. When a switch port connects through cable to a single other nonhub device—for exam- ple, like the three PCs in Figure 1-2 —no collisions can possibly occur. The only devices that could create a collision are the switch port and the one connected device—and they each have a separate twisted pair on which to transmit. Because collisions cannot occur, such segments can use full-duplex logic. Note NICs operating in HDX mode use loopback circuitry when transmitting a frame. This circuitry loops the transmitted frame back to the receive side of the NIC so that when the NIC receives a frame over the cable, the combined looped-back signal and received sig- nal allows the NIC to notice that a collision has occurred. Basic Switch Port Configuration The three key configuration elements on a Cisco switch port are autonegotiation, speed, and duplex. Cisco switches use autonegotiation by default; it is then disabled if both the speed and duplex are manually configured. You can set the speed using the speed { auto | 10 | 100 | 1000 } interface subcommand, assuming that the interface supports multiple Key Topic 12 CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 speeds. You configure the duplex setting using the duplex { auto | half | full } interface sub- command. Example 1-1 shows the manual configuration of the speed and duplex on the link between Switch1 and Switch4 from Figure 1-3 , and the results of having mismatched duplex settings. (The book refers to specific switch commands used on IOS-based switches, referred to as “Catalyst IOS” by the Cisco CCIE blueprint.) 0/13 000a.b7dc.b78d 0200.3333.3333 0200.4444.4444 000f.2343.87cd 0/13 0/6 0/4 0/3 0010.a49b.6111 SW1 SW4 PC1 R4 R3 Figure 1-3 Simple Switched Network with Trunk Example 1-1 Manual Setting for Duplex and Speed, with Mismatched Duplex switch1# show interface fa 0/13 FastEthernet0/13 is up, line protocol is up Hardware is Fast Ethernet, address is 000a.b7dc.b78d (bia 000a.b7dc.b78d) MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 100Mb/s ! remaining lines omitted for brevity ! Below, Switch1's interface connecting to Switch4 is configured for 100 Mbps, ! HDX. Note that IOS rejects the first duplex command; you cannot set duplex until ! the speed is manually configured. switch1# conf t Enter configuration commands, one per line. End with CNTL/Z. switch1(config)# int fa 0/13 switch1(config-if)# duplex half Duplex will not be set until speed is set to non-auto value switch1(config-if)# speed 100 05:08:41: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/13, changed state þto down Chapter 1: Ethernet Basics 13 05:08:46: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/13, changed state þto up switch1(config-if)# duplex half !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ! NOT SHOWN: Configuration for 100/half on Switch4's int fa 0/13. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ! Now with both switches manually configured for speed and duplex, neither will be ! using Ethernet auto-negotiation. As a result, below the duplex setting on Switch1 ! can be changed to FDX with Switch4 remaining configured to use HDX. switch1# conf t Enter configuration commands, one per line. End with CNTL/Z. switch1(config)# int fa 0/13 switch1(config-if)# duplex full 05:13:03: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/13, changed state to down 05:13:08: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/13, changed state to up switch1(config-if)# ̂Z switch1# sh int fa 0/13 FastEthernet0/13 is up, line protocol is up ! Lines omitted for brevity Full-duplex, 100Mb/s ! remaining lines omitted for brevity ! Below, Switch4 is shown to be HDX. Note ! the collisions counters at the end of the show interface command. switch4# sh int fa 0/13 FastEthernet0/13 is up, line protocol is up (connected) Hardware is Fast Ethernet, address is 000f.2343.87cd (bia 000f.2343.87cd) MTU 1500 bytes, BW 100000 Kbit, DLY 1000 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Half-duplex, 100Mb/s ! Lines omitted for brevity 5 minute output rate 583000 bits/sec, 117 packets/sec 25654 packets input, 19935915 bytes, 0 no buffer Received 173 broadcasts (0 multicast) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 173 multicast, 0 pause input 0 input packets with dribble condition detected 26151 packets output, 19608901 bytes, 0 underruns 54 output errors, 5 collisions, 0 interface resets 0 babbles, 54 late collision, 59 deferred 0 lost carrier, 0 no carrier, 0 PAUSE output 0 output buffer failures, 0 output buffers swapped out 14 CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 02:40:49: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/13 (not full duplex), with Switch1 FastEthernet0/13 (full duplex). ! Above, CDP messages have been exchanged over the link between switches. CDP ! exchanges information about Duplex on the link, and can notice (but not fix) ! the mismatch. The statistics on Switch4 near the end of the example show collisions (detected in the time during which the first 64 bytes were being transmitted) and late collisions (after the first 64 bytes were transmitted). In an Ethernet that follows cabling length restric- tions, collisions should be detected while the first 64 bytes are being transmitted. In this case, Switch1 is using FDX logic, meaning that it sends frames anytime—including when Switch4 is sending frames. As a result, Switch4 receives frames anytime, and if sending at the time, it believes a collision has occurred. Switch4 has deferred 59 frames, meaning that it chose to wait before sending frames because it was currently receiving a frame. Also, the retransmission of the frames that Switch4 thought were destroyed because of a collision, but might not have been, causes duplicate frames to be received, occasionally causing application connections to fail and routers to lose neighbor relationships. Ethernet Layer 2: Framing and Addressing In this book, as in many Cisco courses and documents, the word frame refers to the bits and bytes that include the Layer 2 header and trailer, along with the data encapsulated by that header and trailer. The term packet is most often used to describe the Layer 3 header and data, without a Layer 2 header or trailer. Ethernet’s Layer 2 specifications relate to the creation, forwarding, reception, and interpretation of Ethernet frames. The original Ethernet specifications were owned by the combination of Digital Equipment Corp., Intel, and Xerox—hence the name “Ethernet (DIX).” Later, in the early 1980s, the IEEE standardized Ethernet, defining parts (Layer 1 and some of Layer 2) in the 802.3 Media Access Control (MAC) standard, and other parts of Layer 2 in the 802.2 Logical Link Control (LLC) standard. Later, the IEEE realized that the 1-byte Destination Service Access Point (DSAP) field in the 802.2 LLC header was too small. As a result, the IEEE introduced a new frame format with a Sub-Network Access Protocol (SNAP) header after the 802.2 header, as shown in the third style of header in Figure 1-4 . Finally, in 1997, the IEEE added the original DIX V2 framing to the 802.3 standard as well, as shown in the top frame in Figure 1-4 . Table 1-3 lists the header fields, along with a brief explanation. The more important fields are explained in more detail after the table. Key Topic Chapter 1: Ethernet Basics 15 Table 1-3 Ethernet Header Fields Field Description Preamble (DIX) Provides synchronization and signal transitions to allow proper clocking of the transmitted signal. Consists of 62 alternating 1s and 0s, and ends with a pair of 1s. Preamble and Start of Frame Delimiter (802.3) Same purpose and binary value as DIX preamble; 802.3 simply renames the 8-byte DIX preamble as a 7-byte preamble and a 1-byte Start of Frame Delimiter (SFD). Type (or Protocol Type) (DIX) 2-byte field that identifies the type of protocol or protocol header that follows the header. Allows the receiver of the frame to know how to process a received frame. Length (802.3) Describes the length, in bytes, of the data following the Length field, up to the Ethernet trailer. Allows an Ethernet receiver to predict the end of the received frame. Destination Service Access Point (802.2) DSAP; 1-byte protocol type field. The size limitations, along with other uses of the low-order bits, required the later addition of SNAP headers. Source Service Access Point (802.2) SSAP; 1-byte protocol type field that describes the upper-layer protocol that created the frame. Control (802.2) 1- or 2-byte field that provides mechanisms for both connectionless and connection-oriented operation. Generally used only for connectionless operation by modern protocols, with a 1-byte value of 0x03. Key Topic Dest. Address Preamble Source Address Type/ Length FCS Data Ethernet (DIX) and Revised (1997) IEEE 802.3 8 6 6 2 Variable 4 Original IEEE Ethernet (802.3) IEEE 802.3 with SNAP Header 7 1 6 6 2 1 1 1-2 Variable 4 Dest. address Preamble D S A P S S A P Source address FCS Data SFD Length Control 802.3 802.2 802.3 7 1 6 6 2 1 1 1-2 3 2 Variable 4 Dest. address Preamble D S A P S S A P Source address FCS Data SFD Length Control TYPE OUI 802.3 802.2 802.3 SNAP Figure 1-4 Ethernet Framing Options Key Topic 16 CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Field Description Organizationally Unique Identifier (SNAP) OUI; 3-byte field, generally unused today, providing a place for the sender of the frame to code the OUI representing the manufacturer of the Ethernet NIC. Type (SNAP) 2-byte Type field, using same values as the DIX Type field, overcoming deficiencies with size and use of the DSAP field. Types of Ethernet Addresses Ethernet addresses, also frequently called MAC addresses, are 6 bytes in length, typically listed in hexadecimal form. There are three main types of Ethernet address, as listed in Table 1-4 . Table 1-4 Three Types of Ethernet/MAC Address Type of Ethernet/ MAC Address Description and Notes Unicast Fancy term for an address that represents a single LAN interface. The I/G bit, the least significant bit in the most significant byte, is set to 0. Broadcast An address that means “all devices that reside on this LAN right now.” Always a value of hex FFFFFFFFFFFF. Multicast A MAC address that implies some subset of all devices currently on the LAN. By definition, the I/G bit is set to 1. Most engineers instinctively know how unicast and broadcast addresses are used in a typical network. When an Ethernet NIC needs to send a frame, it puts its own unicast address in the Source Address field of the header. If it wants to send the frame to a particular device on the LAN, the sender puts the other device’s MAC address in the Ethernet header’s Destination Address field. If the sender wants to send the frame to every device on the LAN, it sends the frame to the FFFF.FFFF.FFFF broadcast destina- tion address. (A frame sent to the broadcast address is named a broadcast or broadcast frame , and frames sent to unicast MAC addresses are called unicasts or unicast frames .) Multicast Ethernet frames are used to communicate with a possibly dynamic subset of the devices on a LAN. The most common use for Ethernet multicast addresses involves the use of IP multicast. For example, if only 3 of 100 users on a LAN want to watch the same video stream using an IP multicast–based video application, the applica- tion can send a single multicast frame. The three interested devices prepare by listening for frames sent to a particular multicast Ethernet address, processing frames destined for that address. Other devices might receive the frame, but they ignore its contents. Because the concept of Ethernet multicast is most often used today with IP multicast, most of the rest of the details of Ethernet multicast are covered in Volume 2, Chapter 7 , “Introduction to IP Multicasting.” Key Topic Chapter 1: Ethernet Basics 17 Ethernet Address Formats The IEEE intends for unicast addresses to be unique in the universe by administer- ing the assignment of MAC addresses. The IEEE assigns each vendor a code to use as the first 3 bytes of its MAC addresses; that first half of the addresses is called the Organizationally Unique Identifier (OUI) . The IEEE expects each manufacturer to use its OUI for the first 3 bytes of the MAC assigned to any Ethernet product created by that vendor. The vendor then assigns a unique value in the low-order 3 bytes for each Ethernet card that it manufactures—thereby ensuring global uniqueness of MAC addresses. Figure 1-5 shows the basic Ethernet address format, along with some additional details. 1st Byte 1st Byte 2nd Byte 3rd Byte 4th Byte 5th Byte 6th Byte I/G Bit OUI Most Significant Bit Most Significant Byte Least Significant Bit U/L Bit Least Significant Byte Vendor-Assigned Figure 1-5 Ethernet Address Format Note that Figure 1-5 shows the location of the most significant byte and least significant bit in each byte. IEEE documentation lists Ethernet addresses with the most significant byte on the left. However, inside each byte, the leftmost bit is the most significant bit, and the rightmost bit is the least significant bit. Many documents refer to the bit order as canonical . Regardless of the term, the bit order inside each byte is important for under- standing the meaning of the two most significant bits in an Ethernet address: ■ The Individual/Group (I/G) bit ■ The Universal/Local (U/L) bit Table 1-5 summarizes the meaning of each bit. Key Topic 18 CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 Table 1-5 I/G and U/L Bits Field Meaning I/G Binary 0 means that the address is a unicast; Binary 1 means that the address is a multicast or broadcast. U/L Binary 0 means that the address is vendor assigned; Binary 1 means that the address has been administratively assigned, overriding the vendor-assigned address. The I/G bit signifies whether the address represents an individual device or a group of devices, and the U/L bit identifies locally configured addresses. For example, the Ethernet multicast addresses used by IP multicast implementations always start with 0x01005E. Hex 01 (the first byte of the address) converts to binary 00000001, with the least significant bit being 1, confirming the use of the I/G bit. Note Often, when overriding the MAC address to use a local address, the device or device driver does not enforce the setting of the U/L bit to a value of 1. Protocol Types and the 802.3 Length Field Each of the three types of Ethernet header shown in Figure 1-4 has a field identifying the format of the Data field in the frame. Generically called a Type field, these fields allow the receiver of an Ethernet frame to know how to interpret the data in the received frame. For example, a router might want to know whether the frame contains an IP packet, an IPX packet, and so on. DIX and the revised IEEE framing use the Type field, also called the Protocol Type field. The originally defined IEEE framing uses those same 2 bytes as a Length field. To distin- guish the style of Ethernet header, the Ethernet Type field values begin at 1536, and the length of the Data field in an IEEE frame is limited to decimal 1500 or less. That way, an Ethernet NIC can easily determine whether the frame follows the DIX or original IEEE format. The original IEEE frame used a 1-byte Protocol Type field (DSAP) for the 802.2 LLC standard type field. It also reserved the high-order 2 bits for other uses, similar to the I/G and U/L bits in MAC addresses. As a result, there were not enough possible combinations in the DSAP field for the needs of the market—so the IEEE had to define yet another type field, this one inside an additional IEEE SNAP header. Table 1-6 summarizes the meaning of the three main Type field options with Ethernet. Key Topic Chapter 1: Ethernet Basics 19 Table 1-6 Ethernet Type Fields Type Field Description Protocol Type DIX V2 Type field; 2 bytes; registered values now administered by the IEEE DSAP 802.2 LLC; 1 byte, with 2 high-order bits reserved for other purposes; registered values now administered by the IEEE SNAP SNAP header; 2 bytes; uses same values as Ethernet Protocol Type; signified by an 802.2 DSAP of 0xAA Switching and Bridging Logic In this chapter so far, you have been reminded about the cabling details for Ethernet along with the formats and meanings of the fields inside Ethernet frames. A switch’s ulti- mate goal is to deliver those frames to the appropriate destination(s) based on the destina- tion MAC address in the frame header. Table 1-7 summarizes the logic used by switches when forwarding frames, which differs based on the type of destination Ethernet address and on whether the destination address has been added to its MAC address table. Table 1-7 LAN Switch Forwarding Behavior Type of Address Switch Action Known unicast Forwards frame out the single interface associated with the destination address Unknown unicast Floods frame out all interfaces, except the interface on which the frame was received Broadcast Floods frame identically to unknown unicasts Multicast Floods frame identically to unknown unicasts, unless multicast optimizations are configured For unicast forwarding to work most efficiently, switches need to know about all the unicast MAC addresses and out which interface the switch should forward frames sent to each MAC address. Switches learn MAC addresses, and the port to associate with them, by reading the source MAC address of received frames. You can see the learning process in Example 1-2 , along with several other details of switch operation. Figure 1-6 lists the devices in the network associated with Example 1-2 , along with their MAC addresses. Key Topic Key Topic 20 CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 VLAN 1: IP Address 10.1.1.1 MAC Address 000a.b7dc.b780 VLAN 1: IP Address 10.1.1.4 MAC Address 000f.2343.87c0 R4 0/13 000a.b7dc.b78d 0200.3333.3333 0200.4444.4444 000f.2343.87cd 0/13 R3 0/6 0/4 0/3 0010.a49b.6111 SW1 SW4 PC1 Figure 1-6 Sample Network with MAC Addresses Shown Example 1-2 Command Output Showing MAC Address Table Learning (Continued) Switch1# show mac-address-table dynamic Mac Address Table ------------------------------------------ Vlan Mac Address Type Ports ---- ----------- ---- ----- 1 000f.2343.87cd DYNAMIC Fa0/13 1 0200.3333.3333 DYNAMIC Fa0/3 1 0200.4444.4444 DYNAMIC Fa0/13 Total Mac Addresses for this criterion: 3 ! Above, Switch1's MAC address table lists three dynamically learned addresses, ! including Switch4's FA 0/13 MAC. ! Below, Switch1 pings Switch4's management IP address. Switch1# ping 10.1.1.4 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.1.1.4, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms ! Below Switch1 now knows the MAC address associated with Switch4's management IP ! address. Each switch has a range of reserved MAC addresses, with the first MAC ! being used by the switch IP address, and the rest being assigned in sequence to ! the switch interfaces – note 0xcd (last byte of 2 nd address in the table above) ! is for Switch4's FA 0/13 interface, and is 13 (decimal) larger than Switch4's ! base MAC address. Chapter 1: Ethernet Basics 21 Switch1# show mac-address-table dynamic Mac Address Table ------------------------------------------ Vlan Mac Address Type Ports ---- ----------- ---- ----- 1 000f.2343.87c0 DYNAMIC Fa0/13 1 000f.2343.87cd DYNAMIC Fa0/13 1 0200.3333.3333 DYNAMIC Fa0/3 1 0200.4444.4444 DYNAMIC Fa0/13 Total Mac Addresses for this criterion: 4 ! Not shown: PC1 ping 10.1.1.23 (R3) PC1's MAC in its MAC address table ------------------------------------------ Vlan Mac Address Type Ports ---- ----------- ---- ----- 1 000f.2343.87c0 DYNAMIC Fa0/13 1 000f.2343.87cd DYNAMIC Fa0/13 1 0010.a49b.6111 DYNAMIC Fa0/13 1 0200.3333.3333 DYNAMIC Fa0/3 1 0200.4444.4444 DYNAMIC Fa0/13 Total Mac Addresses for this criterion: 5 ! Above, Switch1 learned the PC's MAC address, associated with FA 0/13, ! because the frames sent by the PC came into Switch1 over its FA 0/13. ! Below, Switch4's MAC address table shows PC1's MAC off its FA 0/6 switch4# show mac-address-table dynamic Mac Address Table ------------------------------------------- Vlan Mac Address Type Ports ---- ----------- -------- ----- 1 000a.b7dc.b780 DYNAMIC Fa0/13 1 000a.b7dc.b78d DYNAMIC Fa0/13 1 0010.a49b.6111 DYNAMIC Fa0/6 1 0200.3333.3333 DYNAMIC Fa0/13 1 0200.4444.4444 DYNAMIC Fa0/4 Total Mac Addresses for this criterion: 5 ! Below, for example, the aging timeout (default 300 seconds) is shown, followed ! by a command just listing the mac address table entry for a single address. switch4# show mac-address-table aging-time Vlan Aging Time ---- ---------- 1 300 switch4# show mac-address-table address 0200.3333.3333 Mac Address Table 22 CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1 ------------------------------------------- Vlan Mac Address Type Ports ---- ----------- -------- ----- 1 0200.3333.3333 DYNAMIC Fa0/13 Total Mac Addresses for this criterion: 1 SPAN, RSPAN, and ERSPAN Cisco Catalyst switches support a method of directing all traffic from a source port or source VLAN to a single port. This feature, called SPAN (for Switch Port Analyzer) in the Cisco documentation and sometimes referred to as session monitoring because of the commands used to configure it, is useful for many applications. These include monitor- ing traffic for compliance reasons, for data collection purposes, or to support a particu- lar application. For example, all traffic from a voice VLAN can be delivered to a single switch port to facilitate call recording in a VoIP network. Another common use of this feature is to support intrusion detection/prevention system (IDS/IPS) security solutions. SPAN sessions can be sourced from a port or ports, or from a VLAN. This provides great flexibility in collecting or monitoring traffic from a particular source device or an entire VLAN. The destination port for a SPAN session can be on the local switch, as in SPAN opera- tion. Or it can be a port on another switch in the network. This mode is known as Remote SPAN, or RSPAN. In RSPAN, a specific VLAN must be configured across the entire switching path from the source port or VLAN to the RSPAN destination port. This requires that the RSPAN VLAN be included in any trunks in that path, too. See Figure 1-7 for the topology of SPAN, Figure 1-8 for that of RSPAN, and Figure 1-9 for that of Encapsulated Remote SPAN (ERSPAN). Egress Traffic Ingress Traffic Source Span Ports Destination Span Port Sniffer Switch Figure 1-7 SPAN Topology Chapter 1: Ethernet Basics 23 Switch S1 6/1 Sniffer Switch S2 ISL TRUNK 5/1 5/2 A Figure 1-8 RSPAN Topology IP/MPLS Cloud SPAN Source Device Network Analyzer Device SPAN Destination Host A Host B GRE-Encapsulated Monitored Traffic Figure 1-9 ERSPAN Topology The information in this section applies specifically to the Cisco 3560 switching platform; the Cisco 3750 and many other platforms use identical or similar rules and configuration commands. Core Concepts of SPAN, RSPAN, and ERSPAN To understand SPAN, RSPAN, and ERSPAN, it helps to break them down into their fun- damental elements. This also helps you understand how to configure these features. In SPAN, you create a SPAN source that consists of at least one port or at least one VLAN on a switch. On the same switch, you configure a destination port. The SPAN source data is then gathered and delivered to the SPAN destination. In RSPAN, you create the same source type—at least one port or at least one VLAN. The destination for this session is the RSPAN VLAN, rather than a single port on the switch. At the switch that contains an RSPAN destination port, the RSPAN VLAN data is deliv- ered to the RSPAN port.