Symbols Numerics A
Total Page:16
File Type:pdf, Size:1020Kb
I N D E X GLOP, 484–485 Symbols IP multicast, 480 limited-scope, 484 ! (exclamation point) character, 105 MAC address notification, 317–318 # (pound sign) character, 105 NAT, 649 reserved link local, 483–484 Numerics source-specific multicast, 484 virtual MAC, 573 10-Gigabit, 54 adjacencies, 393–394, 408 10-Mbps Ethernet, 48 ADSL (asymmetric digital subscriber line), 56 802.1D, compatibility with RSTP, 230 agents, relay (DHCP), 379 802.1Q, 156–158 aggregate policers, 448 802.1X Aggressive mode UDLD (A-UDLD), 336–338, 604 configuration exercise, 663–669 configuration exercises, 354 network access security, 639–641 versus Loop Guard, 272 AppleTalk Remote, 624 applications A Auto QoS, 463 Cisco AVVID, 16 AAA statistics, 291 accounting, 625, 629 voice, 596 authentication, 173, 623–626 Application-Specific Integrated Circuits. See ASICs authorization, 624, 627 applying RACLs, 643 configuration exercise, 663–669 Architecture for Voice, Video and integrated Data. configuring, 630–631 See Cisco AVVID aaa authentication login command, 626 ARP (Address Resolution Protocol), 12 aaa new-model command, 87, 626 DAI, 654–658 access as a security feature, 658–659 firewalls, 647–648 throttling, 396–398 hopping attacks (VLAN), 660–661 ASICs (Application-Specific Integrated Circuits), physical, 619 5–6, 275 unauthorized, 77 assured forwarding, 431–432 access control lists. See ACLs asymmetric digital subscriber line (ADSL), 56 access layer, 18 attacks, 655, 660–661 access-layer switches, 50 attenuation, 720 accounting, 625, 629 A-UDLD (Aggressive mode UDLD), ACLs (access control lists), 4, 618, 643 336–338, 604 PACLs, 646 configuration exercises, 354 RACLs, 643 versus Loop Guard, 272 security, 642 authentication, 173, 623–626 VACLs, 644 authorization, 624, 627 vty lines, 619 auth-proxy, 627 active keyword, 513 Auto QoS, 463 adding switches, 186 auto-negotiation, 53, 767 Address Resolution Protocol. See ARP Auto-RP, 494–495 addresses availability (VoIP), 4 globally scoped, 484 AVVID. See Cisco AVVID 788 baby giants B C baby giants, 157, 326 C, 39, 78 BackboneFast, 260 cable plants, 597 configuration.exe, 281–286 CallManager. See Cisco CallManager configuring, 264 CAM (content addressable memory), 398 link failures, 261 Campus Backbone in RSTP, 227 layer, 66 backup ports, 225 submodule, 23, 26 backup root bridges, 211 Campus Infrastructure module, 57 black holes, preventing, 269–271 campus networks, 19, 132–133 blocking state, 206 Canonical Format Indicator boot system flash command, 102 (CFI), 156 bootstrap router (BSR), 495–496 case studies BPDUs (Bridge Protocol Data Units), 203 aggressive mode UDLD, filtering, 266 340–344 formats, 226–227 design (C language), 69–70 frames, 204 preventing VLAN hopping attacks, Guard, 258, 264 660–661 TCN, 213 Catalyst 2950 switches, 696–697 timers, 204 power redundancy, 552 bridge IDs, 202 reflector ports, 738 Bridge Protocol Data Units. See BPDUs WRR, 453 bridge virtual interface (BVI), 373 Catalyst 2955 switches, 738 bridging Catalyst 2970 switches, 453–454 backup/primary root, 211 Catalyst 3550 switches, 37–38, 694–696 loops, 198 power redundancy, 552 building loop-free networks, 200 security, 38–39 Loop Guard, 270 updating software versions, 105 preventing, 199–200 Catalyst 3560 switches, 37–39, 69, troubleshooting, 277 693–694 signaling topology changes, 213–215 Catalyst 3750 switches, 37–38, 691–693 study tips, 240–241 security, 38–39 broadcasting SRR, 453–454 domains, 7 Catalyst 4500 switches, 550–552, 688–691 packets, 480 high availability, 535 suppression, 324–325 redundancy, 534 BSR (bootstrap router), 495–496 security, 37 building, 462 SSO, 540–544 loop-free networks, 200 Catalyst 6500 modules, 686 networks (Layer 3), 16–17 Catalyst 6500 switches, 77, 679–682, 687 Building Access submodule, 23, 26 configuring, 452 Building Distribution submodule, 23, 26 deployment scenarios, 687 burst size, 447 features of, 34–35 BVI (bridge virtual interface), 373 high availability, 535 Cisco Firewall Services Module 789 hybrid-mode, 78 centralized/distributed switching, 395–396 line cards, 682 commands, 414 redundancy, 534 configuration, 404–406 redundant power supplies, 550–552 adjacency tables, 408–411 security, 36 CEF tables, 406 service modules, 681 distributed switching, 396 Supervisor Engine 720, 685 load sharing, 404 Supervisor Engine I, 682 sample operation, 402–403 Supervisor Engine II, 683–684 study tips, 412–414 VACL actions, 644 switching table architectures Catalyst QoS trust concept, 437 CAM, 398 Catalyst switches, 540–542, 549 TCAM, 399, 401 authorization, 624 troubleshooting BackboneFast, 263 configuration exercise, 415–418 bridge IDs, 202 debugging CEF on Layer 3 Engine, 410 Cisco IOS-based, 728 methodology, 411–412 configuring verification, 405 multilayer switching, 391 centralized switching, 395–396 voice VLANs, 608–612 CFI (Canonical Format Indicator), 156 as VTP servers, 174 channeling (EtherChannel), 298 EtherChannel, 298 chromatic dispersion, 720 L2 traceroute availability, 746 Cisco AVVID, 15, 41 multilayer, 369 applications, 16 policing, 448 IP, 597 pVLANs, 148 network topology, 16 QoS fundamentals, 433–443 supported components, 15 redundant Supervisor Engines, 533–542 Cisco CallManager, 165, 448, 596 RSPAN feature support, 738 Cisco Catalyst switches. See Catalyst switches security, 617 Cisco CatOS ACLs, 618 compared to Cisco IOS (Native Mode), 78 disabling, 620–621 configuring VLANs, 140 passwords, 618 converting to Cisco IOS (Native Mode), 106 physical access, 619 differences as compared to Cisco IOS, 79 software images, 96, 99–100 feature parity with Cisco IOS, 78–79 troubleshooting, 107 MDGs, 316–317 configuration commands, 109 switches, 82 connecting switches, 111 configuration changes, 94 debug commands, impact and use, 109 DNS lookup, 90 IP connectivity, 112 passwords, 86 show and debug commands, 108 Syslog destination, 91 updating software versions, 101–102, 105 time adjustments, 85 VMPS support, 135 Cisco CatOS-based switches wavelengths, 718 L2 traceroute command output, 748 CDP (Cisco Discovery Protocol), 311, 314, 621 SPAN configuration, 730 CEF (Cisco Express Forwarding), 4, 391–395, 539 Cisco Discovery Protocol (CDP), 311, 314, 621 CEF-based MLS, 391–395 Cisco Express Forwarding. See CEF ARP throttling, 396–398 Cisco Firewall Services Module, 34 790 Cisco IFS Cisco IFS, 96 performance management, 757 determining IFS size and contents, 98 QoS, 465 formatting and copying images, 96 redundancy, 584 prefix descriptions, 97–98 RSPAN, 738 Cisco IOS, 163–164 security, 663–664 Catalyst switches, 115–121 show, 516 configuring AAA authorization, 628 show catalyst6000 traffic-meter, 290 debug command, 108 show interface, 83, 112 differences as compared to Cisco CatOS, 79 show ip mroute, 513–514 feature parity with Cisco CatOS, 78–79 show ip route, 112 file system, 96 show logging, 288 determining size and contents, 98 show process cpu, 289 image naming, 99–100 show running-config interface, 143 global configuration mode, 137–139 show system, 290 naming conventions, 100 shutdown interface-level, 290 show command, 108 snmp-server user, 94 switches spanning-tree portfast, 285 DNS lookup, 90 srr-queue bandwidth shape, 454 NTP settings, 85 srr-queue bandwidth share, 454 Syslog destination, 91 STP, 281 time adjustments, 85 study tips, 114 VLAN database configuration mode, 137 switchport, 185 voice VLANs, 599 switchport host, 140 Cisco IOS Server Load Balancing (SLB), 578–583 VLANs, 179, 381 Cisco IOS-based switches, SPAN configuration, 731 vtp domain domain-name, 184 Cisco IP Phones, 596 vtp mode, 184 configuring, 599 vtp password, 184 daisy-chain topology, 598 vtp v2-mode, 174 Cisco LRE (Long-Reach Ethernet), 55–56 Common Spanning Tree (CST), 232 Cisco Metro solutions, 703–705 community VLANs, 147 classification, 444 comparing clear commands, 516 PIM versions, 496–497 clear vlan command, 141 shared/source trees, 490–491 CLI (command-line interface), 77 compatibility of PIM, 496–497 command-line interface (CLI), 77 components commands CEF, 393–395 bridging, 241 Cisco AVVID, 15 CEF-based MLS, 414 Internet Connectivity module, 29 clear, 516 IP telephony, 595–596 copy running-config startup-config, 102 Remote Access module, 30 debug ip cef, 411 VPN module, 30 enable secret, 618 configuration exercises encryption-type, 86 802.1X, 663, 665–669 IP telephony, 607 AAA, 663–669 line vty, 86 aggressive mode UDLD, 354 local SPN, 731 Cisco IOS-based Catalyst switches, multicast traffic deployment, 518 115–121 CWDM modules 791 configuring policy maps, 443 BackboneFast, 281–286 PortFast, 257, 285–286 QoS on Catalyst switches, 466–472 protocol filtering, 320 Root Guard, 285 PVST+ RPR+, 586–588 port cost, 220 spanning-tree, 242–248 root bridges, 219–220 UplinkFast, 284 Root Guard, 268, 285 VLANs, 181–185 RSPAN, 738 voice VLANs, 608–612 SNMP, 93–94 EtherChannel, 346–350 SPAN, 730 HSRP, 589–591 SRM, 547 inter-VLAN routing, 385 SSO, 542 configuring, 115–121, 570, 653–654 STP, 221–223, 244 AAA, 630–631 switches for SSH, 88 accounting, 629 Syslog destination, 91 authentication, 626 UDLD, 338–339 authorization, 627 UplinkFast, 259, 284 aggressive mode UDLD, 343 VACL with the capture option, 744 Auto QoS, 463 virtual servers (SLB), 582 baby giant and jumbo frame support, 329 VLANs, 138–139, 141 BackboneFast, 264, 281–286 private VLANs, 148–151, 188–189 BPDU filtering, 266 verifying configuration, 141–143 broadcast and multicast suppression, 325 VSPAN, 732 burst size, 447 VTP, 173–176 CEF, 406 WRED, 460 CEF-based MLS, 404–406 WRR on Catalyst 6500 switches, 452 debounce timer feature, 323 connecting DHCP snooping, 651