Archives for August 2014

CCNP SWITCH – Objective 1.2.b UDLD

August 28, 2014 by Rowell Dionicio 6 Comments

UDLD is Unidirectional Link Detection protocol.

A link is considered unidirectional when the link is up on both sides but one of the sides is not receiving packets sent by the remote side while the remote side still receives packets sent by the local side.

Layer 2 protocol works with Layer 1 mechanisms to determine the physical link status.

UDLD detects identities of neighbors and shutting down misconnected ports. It exchanges protocol packets between the neighbors. Both devices on the link must support UDLD and have it enabled.

When enabled, each switch port will have the port’s own device/port ID in the UDLD packets and the neighbor’s device/port IDs seen by UDLD on that port. Neighbor ports should see their own device/port ID in the received packets. If the neighbor doesn’t see their own device/port ID for a specified duration of time, the link is considered unidirectional.

When UDLD kicks in the following console message is displayed for the affected port(s):

UDLD-3-DISABLE: Unidirectional link detected on port 1/2. Port disabled

Port remains shut down unless manually reenabled or until the errdisable timeout expires, if configured.

There are two operational modes:

Normal
Aggressive

CCNP SWITCH – Configuring and Verifying CDP

August 26, 2014 by Rowell Dionicio Leave a Comment

These are notes for CCNP SWITCH, 300-115, Objective 1.2.a CDP only. LLDP will come in a following post.

CDP, or Cisco Discovery Protocol, runs on Cisco devices to learn about directly connected devices. It runs on Layer 2 and sends to multicast address 01:00:0C:CC:CC:CC.

Embedded within CDP advertisements are TLVs, or type-length-value. The advertisements contain time-to-live information and are sent every 60 seconds. Additional information is inside an advertisement:

Cisco IOS Version
Hardware platform
IP addresses of interfaces
Locally connected devices advertising CDP
Active interfaces
Hostname
Duplex setting
VTP domain
Native VLAN

Configuring CDP

CDP can be enabled and disabled globally with the cdp run command. To disable, add the no keyword in front.

To enable/disable CDP on an interface:

config t
interface g1/0/1
no cdp enable

The CDP transmission time specifies the frequency of transmitting CDP packets. It can be tuned with the cdp timer seconds command.

The CDP hold time specifies the time for which a receiving device should hold information before discarding it and the command to tune the hold time is cdp holdtime seconds.

CDP version 2 is the latest release and in order to enable or disable CDP v2 advertisements use the cdp advertise-v2 command.

Monitoring and Maintaining CDP

There are number of commands used to monitor CDP. There are two clear cdp commands used to reset and clear information. The other five are show commands.

clear cdp counters will reset the CDP traffic counters on the switch.

clear cdp table will remove the CDP information about neighbors from the table.

show cdp will display information such as interval between advertisements, holdtime value, and whether CDPv2 advertisements are enabled. [Read more…] about CCNP SWITCH – Configuring and Verifying CDP

Objective 1.1.c Troubleshoot Err-disable Recovery

August 20, 2014 by Rowell Dionicio Leave a Comment

The content on this page are my notes on objective 1.1.c – Troubleshoot Err-disable Recovery – of the CCNP SWITCH 300-115 Cisco certification. You can view the previous notes for objective 1.1.a – SDM Templates – and 1.1.b – Managing MAC Address Table.

Error Disable Recovery is the act of a switch detecting an error condition and then automatically turns the err-disabled interface back on after a default time. You can specify reasons for an interface to become re-enabled.

When a port goes into err-disabled it will shut down and stop sending and receiving traffic. The LED changes to orange and err-disabled will be shown under the show interfaces command.

The reason why an interface would go into err-disable is because of an error condition. This tells a network engineer there is a problem with the port and prevents the port from causing other ports to fail. Some of the causes for err-disable:

Bad cable
Bad network interface card
Port duplex mismatch
Port channel misconfiguration
BPDU guard violation
UDLD condition
Late-collision detection
Link-flap detection
Security violation
PAgP flap
L2TP guard
DHCP snooping rate-limit
Incorrect GBIC/SFP module or cable
ARP Inspection
Inline power

How do you determine the reason of err-disable

Type the command show errdisable recovery to display the ErrDisable Reason column and find out if you have autorecovery enabled. As you can see in the list below, autorecovery for all the features listed are disabled.

SW#show errdisable recovery
ErrDisable Reason Timer Status
----------------- --------------
udld Disabled
bpduguard Disabled
security-violatio Disabled
channel-misconfig Disabled
vmps Disabled
pagp-flap Disabled
dtp-flap Disabled
link-flap Disabled
l2ptguard Disabled
psecure-violation Disabled
sfp-config-mismat Disabled
gbic-invalid Disabled
dhcp-rate-limit Disabled
unicast-flood Disabled
storm-control Disabled
arp-inspection Disabled
loopback Disabled
Timer interval: 300 seconds
Interfaces that will be enabled at the next timeout:
SW#

To enable autorecovery use the following syntax:

errdisable recovery cause cause-name [Read more…] about Objective 1.1.c Troubleshoot Err-disable Recovery

Cisco MAC Address Table

August 19, 2014 by Rowell Dionicio Leave a Comment

A switch maintains an dynamically built address table using the source MAC addresses of received frames. The switch takes the received frame and it’s incoming MAC address of the sending device with the LAN port it was received on and puts that in the address table.

If the switch receives a frame and sees that the destination MAC address is not listed in the address table it will flood that frame to all LAN ports of the same VLAN. When the destination replies, the switch adds that source MAC address to the table.

MAC entries are retained on switch reboot. To maintain a clean table, an aging timer is used to remove inactive MAC addresses from the table. This aging timer is configured in seconds.

Aside from dynamically learning MAC addresses, you can also configure Static MAC addresses. The syntax for configuring a static MAC address is:

SW1(config)#mac address-table static mac_address vlan vlan-id {drop | interface {type slot/port} | port-channel number} [auto-learn]

SW1#conf t
SW1(config)#mac address-table static aaaa.bbbb.cccc vlan 10 interface gigabitethernet 1/0/4

To delete a static MAC address add the no keyword in front of the command above.

Configure the Aging Timer

Configure the aging timer for all MAC addresses on the switch:

SW1#conf t
SW1(config)#mac address-table aging-time seconds [vlan vlan-id]

The time range is from 10 – 1000000. Configuring an aging time of 0 disables aging.

Clearing Dynamic Addresses

This command clears all dynamic MAC entries from the MAC address table:

SW1#clear mac address-table dynamic

You can be more granular with clearing addresses. Here is the syntax:

SW1#clear mac address-table dynamic {address mac_address} {interface [type slot/port | port-channel number} {vlan vlan_id}

Verifying the MAC Address Table

Use these show commands:

show mac address-table to display the contents of the MAC address table.

SW1#show mac address-table
 Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
 All 000d.bdd3.4e80 STATIC CPU
 All 000d.bdd3.4e81 STATIC CPU
 All 000d.bdd3.4e82 STATIC CPU
 10 0090.7f9b.0a35 DYNAMIC Po10
 10 0090.7f9b.0a36 DYNAMIC Po10
Total Mac Addresses for this criterion: 5

show mac address-table aging-time to display the aging time for all VLANs on the switch.

SW1#sh mac address-table aging-time
Global Aging Time: 300
Vlan Aging Time
---- ----------
 60 100

New Cisco CCNP Routing and Switching Exam

August 11, 2014 by Rowell Dionicio Leave a Comment

It was only a matter of time until Cisco changed the CCNP Routing and Switching certification. With the CCNA and CCIE revised, the CCNP was a matter of “when”. The last day to take the CCNPv1 exams will be on January 29th, 2015.

Do you already have some CCNPv1 exams under your belt? You can mix and match and still obtain the CCNP certification. Cisco published this CCNP Exam Combination Tool which helps you determine which combination of exams are required to complete your CCNP.

The CCNP exam changes, in my opinion, are good. The objectives are clear and it appears they have removed those “Planning..” objectives. With the new CCNPv2 changes we get concrete objectives. You know exactly what you’re being tested on. The type of objectives you see in version 2 are “Configure and Verify”, “Troubleshoot”, or “Explain/Describe”.

It’s possible they decided to move the version 1 objectives of “Implementation Plan” and “Verification Plan” to the Design track.

Just a few of the changes that stuck out to me:

Inclusion of VRF lite in ROUTE.
Describe DMVPN and EVN in ROUTE.
Configuring NetFlow in ROUTE.
SDM templates in SWITCH.
Explain what Frame Relay is (thought this could have been removed.)

Breakdown

CCNP SWITCH Study – SDM Templates

August 7, 2014 by Rowell Dionicio Leave a Comment

The notes on this page follow along the CCNP – Implementing Cisco IP Switched Networks, 300-115. Objective 1.1.a SDM templates of parent objective 1.1 Configure and verify switch administration.

Download the mind map of this objective.

SDM stands for Switching Database Manager. The SDM manages layer 2 and layer 3 switching information. It is maintained on the Ternary Content Addressable Memory, or TCAM. The TCAM itself is used for forwarding lookups. These lookups are done in hardware by the ACL engine. It’s supposed to be fast compared to doing it in software.

The ACL engine determines how the switch will handle each packet by either permitting or denying. Although the TCAM can provide a performance increase, there are limited amount of entries which can lead to resource contention and exhaustion.

Architecture

Most switches have one TCAM and it is shared between Layer 2 and Layer 3 for forwarding entries, RACLs, VACLs, and QoS ACLs.

The table structure is broken out into the following tables:

Layer 2 Learning – Port learning policies
Layer 2 Forwarding – Learned unicast and multicast addresses
Layer 3 Routing – Used for unicast and multicast route lookups
ACL and QoS – Identifying traffic according to security and QoS ACLs

SDM Templates

There are three predefined templates:

Routing Template – Maximizes resources for unicast routing and is used when a switch is used as a router or route aggregator.
VLAN Template – Unicast routing is disabled and allows for the maximum number of supported MAC addresses. Implemented when a switch is purely a layer 2 device.
Default Template – The best of both worlds, a mixture between the routing and VLAN template.

Each template has two versions, the Desktop Template and the Aggregator Template. The Aggregator Template is limited to specific switches.

When modifying the SDM template on a switch it is required to reload the switch in order to use the new SDM template.

In the scenario of a switch stack, the SDM template on the master switch overrides a newly added switch’s SDM template. [Read more…] about CCNP SWITCH Study – SDM Templates