Thursday, February 6, 2014

Layer 2 Technologies

The Core foundation of the lab is going to be based on each underlying layer. The 5.0 blueprint’s foundation is its Layer 2 technologies.

Today’s lessons learned were based on Ethernet, L2 Swithports, trunking and DOT.1Q.
My lab consists 2  3650 and 2 x 3550 switches.

Core Tasks:
----------------------

ACCESS PORTS
------------------
 Verify port:  Sh interface 1/1 switchport (show everything about the port)
The operational mode | Dynamic | Auto | trunk and the link negotiation.
Note: Is negotiate mode trunking is off, this means the port is static configured for access.

One you reason you would want to run ports in “Auto mode” is if you we’re deploying Cisco phones. The built-in switch in the phone will negotiate a trunk to the switch. Other wide this is a security vulnerability

TRUNKING
--------------
Carries VLAN assignment in frame. Encapsulation dot.1q native or untagged frame
ISL (Cisco Proprietary) tags and encapsulates entire frame.
Note: to tell DOT.1Q not to tag frames – use the 
CMD # vlan dot1q tag native

Verification commands:
# sh interface trunk – view all trunk links
# sh int FA 1/1 switchport  - will show native vlan


DTP
-------------
Enabled by default.
Desirable Mode
   Desirable mode – initiates trunk negotiation
    #swport mode dynamic desirable
    Swport mode trunk
Auto Mode
    Auto mode listens for trunk negotiation
    # Swport mode dynamic auto
    Note: if both ports are set for auto they will never form a trunk.
Verification: # s hint FA x/x trunk

Port types that will form trunks:
Auto
Desirable
Desirable
Desirable
ON
ON
ON
Desirable



To turn OFF DTP set port for nonegotiate
# Swport nonegotiate

Note: in a high availability and high avail environments use:
#swport mode trunk
#swport nonegotiate

For example voice networks. Trunk negotiatoion (DTP) causes excess latency and takes longer for trunks to form .
Note: Make sure both sides of the trunk are configured the same. If one side is set to not send DTP and the other sends DTP. It could cause a Layer 2 loop.

Verifications:
Sh spanning-tree
If both switches agree on a per instance or per vlan STP instance of who is root. That means that bi-directional communication is happening.

Peripheral Tasks:
----------------------------

STP, PVST, RPVST, L2 Security, DHCP, L2, QOS, etc.

No comments:

Post a Comment