CCDA 640-864 Summary Notes – Day 5

LAN Hardware

Repeaters

• Layer 1 device
• Connects separate segments
• Do not control broadcasts or collision domains
• Forward frames out all other interfaces
• Protocol transparent
• understands bits
• Amplify the signals
• 5-4-3 Rule:
  

  The maximum path between two stations on the network should not be more than five segments, with four repeaters between those segments, and no more than three populated segments.

• The round-trip propagation delay in one collision domain must not exceed 512-bit times.

Hubs

• Concentrate thinnet and 10BASE-T networks to the wiring closet
• Layer 1 device
• More ports than repeaters
• The round-trip propagation delay in one collision domain must not exceed 512-bit times.
• Forward frames out all other interfaces
• Protocol transparent
• understands bits
• Amplify the signals
• Devices share the bandwidth in a single collision domain
• 5-4-3 Rule:

The maximum path between two stations on the network should not be more than five segments, with four repeaters between those segments, and no more than three populated segments.

Bridges

• Connects separate segments
• Layer 2 device
• Control collision domains
• Learn MACs
• understands frames
• Forwards frames to the destination MAC
• Flood all unknown and broadcast traffic
• Do not forward frames for MAC addresses that are in the same segment as incoming
• Store and forward: Store entire frames, check CRC then forward
• Protocol transparent
• Implement STP
• Each port is a single collision  domain
• Only 1 broadcast domain

Switches

• Lower latency than bridges
• Either Store and forward or cut through mode (forwards frame after reading the MAC address and does not check for errors
• Each port is a single collision  domain
• Only 1 broadcast domain
• More ports than bridges
• understands frames
• faster than bridges
• Learn MAC per port
• Implement STP
• Transparent to protocols from layer 3 and above
• Do not control broadcasts on the network
• Provide full bandwidth in each direction when full duplex
• Can use VLANs for segmentation

Routers

• Forward based on layer 3 addresses
• Control collision domains
• Control broadcast domains
• understands packets
• Each interface is a separate brodcast domain
• Are aware of layer 3 protocols
• Each interface is a collision domain
• Transfer data link protocols eq ethernet to token ring or serial
• Filter traffic based on layer 3
• Multicast routing
• Route redundancy
• load balancing
• Hiererchial addressing

Layer 3 switches (multilayer switches)

• Can run routing protocols
• The use of switching technologies at the network layer
  greatly accelerates packet forwarding between connected LANs, including VLANs.
• Routing is used to implement features such as security
• Functions as layer 2 and 3 devices
• Protocol aware
• understands packets

Campus LAN Design and Best Practices

Large Building LANs

• Major datacenters
• High speed communication
• Usually HQ
• Redundancy required

Campus LANs

• Connects buldings in a campus
• Redundancy required

Small or Remote LANs

• Small number of nodes
• Connects remote offices

Access Layer Best Practices

• Consider number of users or ports required
• Consider connectivity speed for each host
• VLANs implemented. limit VLANs to a single closet
• Fast Ethernet, Gigabit Ethernet, or port channels
• Redundancy and QoS features
• Use Rapid Per-Vlan STP (RPVST+)
• Trunks should be configered as on and on with no-negotiate
• Prune VLANs on distribution switch
• Use VTP Transparent mode
• No trunking on host ports
• Implement routing for faster convergence and layer 3 load balancing
• Enable portfast on end user and server ports; Loopguard – If BPDUs are not received on a non-designated port, and loop guard is enabled, that port is moved into the STP loop-inconsistent blocking state, instead of the listening / learning / forwarding state; Root Guard – Prevents external switches from becoming root; BPDU Guard – Disables PortFast-enabled port if a BPDU is received

The root guard is used on designated ports, and it does not allow the port to become non-designated. The loop guard works on non-designated ports and does not allow the port to become designated through the expiration of max_age. The root guard cannot be enabled on the same port as the loop guard. When the loop guard is configured on the port, it disables the root guard configured on the same port.

Distribution Layer Best Practices

• Should not be limited in preformance
• Use fast hop redundancy protocols between access and distribution
• Use layer 3 routing between the distribution and core for fast convergence and load balancing
• Use layer 3 triangles and not squares 
• VLAN routing on distribution switches
• route summarization on distribution switches to the core
• Use Virtual Switching System (VSS) on catalyst 6500 to eliminate need for STP and redundancy protocols

VSS is network system virtualization technology that pools multiple Cisco 6500 Series Switches into one virtual switch, increasing operational efficiency, boosting nonstop communications, and scaling system bandwidth capacity to 1.4 Tbps. At the initial phase, a VSS will allow two physical Cisco Catalyst 6500 Series Switches to operate as a single logical virtual switch called a virtual switching system 1440 (VSS1440).

Core Layer Best Practices

• Redundant triangle connections between switches
• Use routing
• Use layer 3 switches
• Use two equal-cost paths to every destination network