2.1.g (i) SPAN, RSPAN, ERSPAN SPAN What problem does it solve? Switchport analyzer (SPAN) We need visibility on the traffic coming into our LAN. We have a network monitor device that we want to send copies of the frames to. SPAN ports allow you to mirror a port to another one so you can capture …
2.1.f (iv) Loopguard, Rootguard
2.1.f (iv) Loopguard, Rootguard RootGuard Root guard makes sure that if we receive a superior BPDU on certain ports that we don't trust them, and we can put the port into blocking state. Root guard should be enabled on "edge" or access ports. It's usually accompanied by portfast. When a superior BPDU comes in, our …
2.1.f (iii) Portfast, BPDUguard, BPDUfilter
2.1.f (iii) Portfast, BPDUguard, BPDUfilter PortFast With RSTP this is now an open standard and is called an EDGE port, however the configuration is still very similar to 802.1d portfast Allows a port running STP to go from blocking to forwarding immediately. This skips listening and learning (15 + 15 sec) Should only be enabled …
Continue reading "2.1.f (iii) Portfast, BPDUguard, BPDUfilter"
2.1.f (i) PVST+/RPVST+/MST
2.1.f (i) PVST+/RPVST+/MST 802.1D Classic STP and PVST+ Note that when focusing on legacy spanning tree, we are actually focusing on per vlan spanning tree + which runs classic STP per vlan. We don't actually have the option of 802.1D or classic spanning-tree in our switches. Before we begin you should know what a burned …
2.1.f Implement and Troubleshoot Spanning-tree
2.1.f Implement and Troubleshoot Spanning-tree In this top most section I'd look to go over the Bridge Protocol Data Unit (BPDU) which is the building block of spanning-tree. Let's go in-depth on the headers, their values, and their differences in version iterations. 802.1D Spanning Tree / PVST+ BPDU You should utilize my anki notes that …
Continue reading "2.1.f Implement and Troubleshoot Spanning-tree"
2.1.e (iv) Etherchannel misconfiguration guard
Etherchannel misconfiguration guard is a feature enabled by default on all switches, if you wish to turn it off (crazy) you may use no spanning-tree etherchannel guard misconfig or turn it back on with the spanning-tree etherchannel guard misconfig To verify: show spanning-tree summary When one side is misconfigured for a static etherchannel the …
Continue reading "2.1.e (iv) Etherchannel misconfiguration guard"