41.0 The steps involved in implementing VLAN access lists:
1. Define VLAN Access Map. To define a VLAN access-map use the command:
Switch(config)# vlan access-map <map-name) [sequence-number].
Access map statements are performed according to the sequence number.
2. Define matching conditions to identify traffic to be filtered.
Use the access-map configuration command:
Switch(config-access-map)#
match {ip address {acl-address {<acl-number> |<acl name>}}
| {ipx address {<acl-number> | <acl name>}} | {mac address <acl-name>}
3. Define the action to be performed on the filtered traffic. Use
the command:
Switch(config-access-map)# action {drop | forward
[capture] | redirect <interface type> <mod>/<num>}
4. Apply the VACL to a VLAN interface. Use the global configuration
command:
Switch(config)# vlan filter <map-name> vlan-list <list-of-vlans-here>
To configure Rapid Spanning Tree Protocol (RSTP) on an edge port,
use the command
Switch(config-if)# spanning-tree portfast.
To enable Multiple Spanning Tree (MST) on a switch, use the command
Switch(config)# spanning-tree mode mst
To enter MST configuration
mode on a switch, use the command
Switch(config)# spanning-tree
mst configuration
42.0 The following are true about protected STP topology
using Cisco switches:
1. When using "root guard" feature,
a switch port blocks all superior BPDUs, or the ones with better
bridge ID. No data can be sent or received through the port that
is blocking any such BDPUs.
2. bpduguard is recommended to be
enabled where PortFast is enabled. This is normally done on access
layer switches, where the end user systems are connected.
3.
True, a port configured with BPDU guard is put into errdisable state
when a BPDU is received.
4. BPDU guard is recommended on
switch ports with PortFast already enabled.
UDLD monitors a port for bi-directional flow of data. This is done by sending Layer2 UDLD frames identifying the switch port at regular intervals. The far-end port echos the frames with its own identification added. If UDLD does not receive the echos, the port is either flagged or disabled depending on the configuration. All connected devices must support UDLD in order for the protocol to successfully identify the unidirectional links.
43.0 If you have enabled STP protection features, the
following command lists the ports that have been labeled as having
inconsistent state:
Show spanning-tree inconsistentports
The
following command enables you to look at reasons for inconsistencies:
Show spanning-tree interface <type> <mod>/<num> [detail]
44.0 Catalyst switches typically use the following two
types of files:
1. IOS image files: The switch binary software
resides in the IOS image files. The IOS image files are internally
stored in Flash memory of the switch.
2. Configuration files:
These are the text files containing the configuration commands for
operation of the switch.
The command:
copy running-config startup-config
-allows
the running configuration file to be saved onto the startup configuration
file on the switch. Make sure that you use this command whenever
you have made any configuration changes to the switch. Otherwise,
your configuration command are not permanently saved in the switch
memory, and lost soon after power cycling the switch.
The command:
copy startup-config running-config
-allows startup configuration
file to be copied into the current running configuration file.
copy running-config tftp:
-Copies the running configuration
of a switch to a TFTP server. You will be prompted for the server
address and destination filename.
copy tftp: startup-config
-This command is useful to restore the startup-config file incase
the original is lost or corrupt. The command loads the startup-config
file from a remote tftp server.
Frequently used show commands on a switch:
Show version: The
command displays
f. The current version of IOS running
in a switch
g. Available hardware, RAM, Flash memory,
h. Switch uptime
i. Configuration register's content
j. Reason
for the last reload etc.
Show running-config [interface <type> <mod>/<num>
| vlan <vlan-id> | module <mod>]: The command displays the
contents of the configuration file.
Show tech-support: The command
is primarily used to send switch information to Cisco TAC support
personnel.
Verify flash:<filename> -This command is used to
verify whether the Flash contents are intact, and not corrupted.
The checksum of the flashfile specified is verified for correctness.
Given below are some of the important Gigabit Ethernet specifications:
1000Base-CX
1000Base-T
1000Base-SX
1000Base-LX/LH
1000Base-ZX
he IOS image file name represents the IOS version along with
other information. The image file has the format
xxxxx-yyyyy-zz.aaa-bbb.ccc.bin
xxxxx represents the Catalyst switch model. Here c4550 Corresponds
to Catalyst 4550
yyyyy corresponds to the feature set available
with the image.
Zz denotes the file format
Aaa-bbb.ccc represents
IOS version.
aaa: represents the major release
bbb represents
the maintenance release
ccc represents build level.
In the
example given,
121-11c.EAI means version 12.1(12c)EAI.
45.0 The following are true about Virtual Router Redundancy
protocol (VRRP):
1. VRRP will have one master router, and
all other routers are in the backup state.
2. VRRP router priorities
range from 1 to 254. By default, the priority is set to 100. 254
is the highest priority.
3. The MAC address of the virtual router
is of the form 0000.5e00.01xx, where xx is the VRRP group number
in the range 0 to 255 or 0 to ff hex.
4. The interval for VRRP
advertisements is 1 second by default.
5. All VRRP routers are
configured to preempt the current master router by default. The
router priority should be highest for the preemption to occur.
<--Previous 0 1 2 3 4 5 6 7 8 9 Next-->