Scribd
Upload
98 views1 page

1 - STP VLAN VTP EtherChannel Threat Mitigation - Term

This document provides terminology related to networking interfaces, trunking, VLANs, port channels, link aggregation protocols, authentication protocols, and spanning tree protocols. Some key terms defined include interface administrative modes, encapsulation types, allowed and active VLANs, PAgP and LACP modes, native VLAN, voice VLAN, EtherChannel, trunk matching configurations, VTP modes and versions, 802.1x authentication, MAB authentication, AAA protocols, DHCP snooping, switch stacking technologies, topology changes, STP port roles, and RSTP port roles.

Uploaded by

Olga Brady
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
98 views1 page

1 - STP VLAN VTP EtherChannel Threat Mitigation - Term

This document provides terminology related to networking interfaces, trunking, VLANs, port channels, link aggregation protocols, authentication protocols, and spanning tree protocols. Some key terms defined include interface administrative modes, encapsulation types, allowed and active VLANs, PAgP and LACP modes, native VLAN, voice VLAN, EtherChannel, trunk matching configurations, VTP modes and versions, 802.1x authentication, MAB authentication, AAA protocols, DHCP snooping, switch stacking technologies, topology changes, STP port roles, and RSTP port roles.

Uploaded by

Olga Brady
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Part 1 - Terminology

Interface Administrative Mode

Trunking

DTP

Encapsulation: dot1q, ISL

VLAN Allowed VLANs, Pruned VLANs, Active

PAgP Desirable/Auto 0-4095, 1, 2-1001, 1002-1005, 1006-4094 (Extended)

LACP Active/Passive Native VLAN

On Voice

EtherChannel, PortChannel, ChannelGroup EtherChannel


Match config before MD5 Digest

Change config on the Po after Status and Revision number

Domain and password

To SWITCH: EAPoL - Extensible Authentication Protocol over Ethernet VTP show interfaces switchport

To Server: Radius with EAP Mode: Server, Client, Transparent, Off


Supplicant, Authenticator, Server
Cert/Password 802.1x Version 1, 2, and 3

MAB

802.1D and 802.1W

authorise each user different subset of CLI Hello content


Tacacs+: TCP/49, encrypt whole packet BPDU: Root BID, Sender BID, Root Cost, timers
Cisco ACS (Access Control System) PST timers: Hello, Max Age, Forward Delay
Tacacs+ or Radius
AAA
RADIUS: UDP/1645, 1812, encrypt password Lowest Root Bridge ID

Lowest Path Cost to Root


Superior BPDU
Trusted Lowest sender BID

Binding Table Lowest Sender Port ID

Untrusted Root Election, Root Port Election, Designated Port(s) Election, Blocking, (Alternate
DHCP Snooping Port, Backup Port)
Rate Limiting Election
Different treatment of DHCP server and client messages
Root Bridge (1) ------> BID (Prior/MAC)

One Logical Switch Root Port (1 per SW) ------> total cost to Root ------> neighbor BID
Convergence
FlexStack 2010, 10Gbps, 4SW, Ss and Xs Switch stacking Designated Port (1 per Segment) ------> total cost to Root ------> BID ------> Port Priority

FlexStack-Plus, 20Gbps, 8SW, Xs and XRs Blocking (rest)

More of a HA solution for dist/core VSS (Virtual Switching System) Alternate/Backup (rest)
Switch Stacking and Chassis Aggregation Topology Changes and TCN
Line Cards and Supervisors

Power Supplies STP: RP, DP, BL


Chassis Aggregation Port Roles
MEC (Multichassis EtherChannel) RSTP: RP, DP, ALT, BACK

Active/Standby (1) Control Plane BID structure (2[2+14] + 6) ... Priority (with extended ID + MAC)
Think the 6500s
Active/Active Data Plane (combines processing power) Root Bridge: BID

Single Sw MGMT STP Elections (all goes back to BPDU superiority list) Root Port: Path Cost, Neighbour ID, Neighbour PID (Port priority, then number)

Designated Port: Path Cost, then BID

Costs New and Old (200000) and full Root Path Cost

Default 32768

Primary 24576
Bid Priority (increment by 4096, max 61440)
Secondary 28672

set spanning-tree {vlan x} root -----> 8192

Port Priority

1-240, increment of 16

STP port states Blocking, Listening, Learning, Forwarding, Disabled

RSTP port states Discarding, Learning, Forwarding

RSTP port types p2p, p2p edge, shared, shared edge

PortFast

BPDU Guard

BPDU FIlter

STP Enhancements ??? Root Guard

??? Loop Guard

??? Uplink Fast

??? Backbone Fast

IEEE, STP, PVST,+, RSTP

VLAN, VTP, STP, EtherChannel, AAA, DHCP Snooping, dot1x

You might also like