Presentation is loading. Please wait.

Presentation is loading. Please wait.

Bellevue University CIS 341A Final Review. The test Monday, August 4, 2008 50 Question multiple choice, True/False, and fill in the blanks. You have the.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Bellevue University CIS 341A Final Review. The test Monday, August 4, 2008 50 Question multiple choice, True/False, and fill in the blanks. You have the."— Presentation transcript:

1 Bellevue University CIS 341A Final Review

2 The test Monday, August 4, 2008 50 Question multiple choice, True/False, and fill in the blanks. You have the entire period to complete the exam. Closed book, closed notes, closed communication between students.

3 Scoring 2 points for each correct answer If the entire class gets a question wrong, it will be thrown out and 2 points will be credited to each student

4 What to study The review slides Chapters 8-11 and 14 in your text The quizzes The lab assignments

5 What the exam will cover Layer 2 Switching VLANs Access lists NAT Wide Area Network Protocols

6 Layer 2 Switching Purposes for using switching –Used to break up collision domains –Cost-effective, resilient internetwork Purpose for Spanning-Tree Protocol (STP) –Stops loops in layer 2 switched networks

7 A Layer 2 Switch Breaks up collision domains Doesn’t break up broadcast domains

8 Before Layer 2 Switching

9 Switched LANs

10 Typical Switched Designs

11 Layer 2 Switching Provides Hardware-based bridging using ASICs (Application Specific Integrated Circuits) Wire speed Low latency Low cost

12 Limitations of Layer 2 Switching Layer 2 switches do not break up broadcast domains. Layer 2 switches have no internal security.

13 Layer 2 Switching Functions Address Learning: Layer 2 switches remember the source hardware address of each frame received on an interface. The address is saved in the forward/filter table along with the interface number. Forward/filter decision: When a frame is received, the switch compares the destination hardware address with the entries in the table. If a match is found, the frame is forwarded out the interface associated with that address. If a match is not found, the frame is repeated to all other interfaces. Loop avoidance: Loops can occur if redundant connections are made between switches to improve network reliability. Spanning tree protocol turns off alternate paths until they are needed. That way, traffic has a single path from point of origin to destination.

14 How Switches Learn Hosts’ Locations

15 Spanning Tree Protocol A layer 2 protocol used to prevent loops in a switched network containing redundant connections between switches. Activates alternate paths when primary paths fail.

16 Spanning-Tree Terms STP Root Bridge BPDU Bridge ID Nonroot Bridge Root port Designated port Port cost Nondesignated port Forwarding port Block port

17 Spanning-Tree Port States Disabled - Administratively down Blocking - Receive BPDUs only Listening – Send and receive BPDUs and receive traffic Learning – save MAC address information Forwarding – send/receive traffic

18 Root Bridge A master bridge that transmits network topology control information to other bridges. The bridge having the lowest numbered bridge ID is elected as the root bridge. The 64 bit bridge ID consists of the priority number and MAC address value.

19 Bridge Protocol Data Unit Sent out on each port by each switch. Used by other switches to elect a root bridge and block or allow traffic on ports that are connected between switches

20 Spanning-Tree Example

21 LAN Switch Types Cut-through (FastForward) FragmentFree (modified cut-through) Store-and-forward

22 Virtual LANs (VLANs) Definition: A logical grouping of network users and resources connected to administratively defined ports on a switch. –Layer 2 switches break up collision domains –VLANs break up broadcast domains Features: –Provides a level of security over a flat network –Simplify network management –Add flexibility and scalability to the network

23 Broadcast Control Broadcasts occur in every protocol Bandwidth & Broadcasts Flat network VLANs & Broadcasts

24 Security Flat network problems VLANs

25 Flexibility & Scalability Layer-2 switches only read frames –Can cause a switch to forward all broadcasts VLANs –Essentially create broadcast domains Greatly reduces broadcast traffic Ability to add wanted users to a VLAN regardless of their physical location Additional VLANs can be created when network growth consumes more bandwidth

26 Flat Network

27 VLANs

28 Components of a VLAN One or more VLAN capable switches One or more VLAN capable Layer 3 switches or routers –Provide routing between VLANs

29 VLAN Memberships Static VLANs –Typical method of creating VLANs –Most secure A switch port assigned to a VLAN always maintains that assignment until changed Dynamic VLANs –Node assignment to a VLAN is automatic MAC addresses, protocols, network addresses, etc –VLAN Management Policy Server (VMPS) MAC address database for dynamic assignments MAC-address to VLAN mapping

30 Types of VLAN Links Access link –Carries traffic for only one VLAN Trunk link –Carries traffic for multiple VLANs

31 Identifying VLANs (cont.)

32 Frame Tagging Definition: A means of keeping track of frames as they travel from VLAN to VLAN The tag identifies the destination VLAN for the frame The tag is added to the frame by a VLAN capable Layer 3 Switch or Router that serves as a gateway between VLANs It is removed before the frame is sent out of the access port that is connected to the destination host

33 VLAN ID Methods Inter-Switch Link (ISL) –Cisco proprietary –FastEthernet & Gibabit Ethernet only IEEE 802.1q –Must use if trunking between Cisco & non- Cisco switch

34 Inter-Switch Link (ISL) Protocol Definition: A means of explicitly tagging VLAN information onto an Ethernet frame –Allows VLANs to be multiplexed over a trunk line –Cisco proprietary –External tagging process

35 VLAN Trunk Protocol (VTP) Purpose: to manage all configured VLANs across a switch internetwork & maintain consistency –Allows an administrator to add, delete, & rename VLANs

36 VTP Benefits Benefits –Consistent configuration –Permits trunking over mixed networks –Accurate tracking –Dynamic reporting –Plug-and-Play A VTP server must be created to manage VLANs

37 VTP Modes

38 VTP Modes of Operation Server –Default for all Catalyst switches –Minimum one server for a VTP domain Client –Receives information + sends/receives updates –Cannot make any changes Transparent –Does not participate in a VTP domain but forwards VTP advertisements –Can add/delete VLANs –Locally significant

39 Routing Between VLANs

40 Configuring VLANs Creating VLANs Assigning Switch Ports to VLANs Configuring Trunk Ports Configuring Inter-VLAN routing

41 Access Lists List of conditions that Characterize Packets. Purpose: –Used to permit or deny packets moving through the router –Permit or deny Telnet (VTY) access to or from a router –Create dial-on demand (DDR) interesting traffic that triggers dialing to a remote location

42 Important Rules Packets are compared to each line of the assess list in sequential order Packets are compared with lines of the access list only until a match is made –Once a match is made & acted upon no further comparisons take place An implicit “deny” is at the end of each access list –If no matches have been made, the packet will be discarded

43 Types of Access Lists Standard Access List –Filter by source IP addresses only Extended Access List –Filter by Source IP, Destination IP, Protocol Field, Port Number Named Access List –Another way to create standard and extended access lists. –Allows the use of descriptive names to ease network management.

44 Application of Access Lists Inbound Access Lists –Packets are processed after they are received and before they are routed to the outbound interface Outbound Access Lists –Packets are processed after they are routed to the outbound interface and before they are sent Traffic that originates in the router is not processed through an access list.

45 Wildcard A 32 bit binary number used to specify what part of an IP address must match precisely an access list entry and what part can be any value. –A zero must match (wild card turned off for that bit) –A one can be any value (wild card turned on for that bit)

46 Using a Wildcard to Specify a Range of Subnets Network address = 172.16.8.0/16 Wildcard = 0.0.0.255 This wild card represents the range of IP addresses from 172.16.8.0 – 172.16.8.255

47 Controlling VTY (Telnet) Access Why?? –Without control, any user could Telnet to a router via VTY and try to gain access Controlling access –Create a standard IP access list Permitting only the host/hosts authorized to Telnet into the router –Apply the ACL to the VTY line with the access-class command

48 Net Address Translation (NAT) Allows private IP addresses to be represented by a smaller number of public IP addresses. Configured in a router Three types: –Static –Dynamic –Overloaded (Port Address Translation)

49 Benefits of NAT You can keep reduce the visibility of your private network. You don’t have to change your internal IP addresses when your ISP changes your public IP address. You can use the same private IP addresses for several different networks.

50 Static NAT 1 to 1 correspondence between private and public IP addresses You must designate both addresses manually by interface

51 Configuring Static NAT ip nat inside source static 10.1.1.1 170.46.2.2 ! interface Ethernet0 ip address 10.1.1.10 255.255.255.0 ip nat inside ! interface Serial0 ip address 170.46.2.1 255.255.255.0 ip nat outside !

52 Dynamic NAT Allows outside IP addresses to be dynamically shared by a number of internal addresses. Requires that you define a pool of outside addresses to be used

53 Configuring Dynamic NAT ip nat pool todd 170.168.2.2 170.168.2.254 netmask 255.255.255.0 ip nat inside source list 1 pool todd ! interface Ethernet0 ip address 10.1.1.10 255.255.255.0 ip nat inside ! interface Serial0 ip address 170.168.2.1 255.255.255.0 ip nat outside ! access-list 1 permit 10.1.1.0 0.0.0.255 !

54 Overloaded NAT Also known as Port Address Translation Allows multiple inside IP addresses to access a pool of outside IP address Uses ports to differentiate between inside addresses. The outside addresses must be defined, along with a range of inside addresses that may have access to them.

55 Configuring PAT 55 ip nat pool globalnet 170.168.2.1 170.168.2.1 netmask 255.255.255.0 ip nat inside source list 1 pool globalnet overload ! interface Ethernet0/0 ip address 10.1.1.10 255.255.255.0 ip nat inside ! interface Serial0/0 ip address 170.168.2.1 255.255.255.0 ip nat outside ! access-list 1 permit 10.1.1.0 0.0.0.255

Download ppt "Bellevue University CIS 341A Final Review. The test Monday, August 4, 2008 50 Question multiple choice, True/False, and fill in the blanks. You have the."

Similar presentations

Access Control List (ACL)

Access Control List (ACL)
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—2-1 Extending Switched Networks with Virtual LANs Introducing VLAN Operations.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—2-1 Extending Switched Networks with Virtual LANs Introducing VLAN Operations.
Virtual LANs.

Virtual LANs.
1 Version 3 Module 8 Ethernet Switching. 2 Version 3 Ethernet Switching Ethernet is a shared media –One node can transmit data at a time More nodes increases.

1 Version 3 Module 8 Ethernet Switching. 2 Version 3 Ethernet Switching Ethernet is a shared media –One node can transmit data at a time More nodes increases.
Sybex CCNA 640-802 Chapter 8: Layer-2 Switching Instructor & Todd Lammle.

Sybex CCNA Chapter 8: Layer-2 Switching Instructor & Todd Lammle.
1 25\10\2010 Unit-V Connecting LANs Unit – 5 Connecting DevicesConnecting Devices Backbone NetworksBackbone Networks Virtual LANsVirtual LANs.

1 25\10\2010 Unit-V Connecting LANs Unit – 5 Connecting DevicesConnecting Devices Backbone NetworksBackbone Networks Virtual LANsVirtual LANs.
© Wiley Inc. 2006. All Rights Reserved. CCNA: Cisco Certified Network Associate Study Guide CHAPTER 8: Virtual LANs (VLANs)

© Wiley Inc All Rights Reserved. CCNA: Cisco Certified Network Associate Study Guide CHAPTER 8: Virtual LANs (VLANs)
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,

(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
LOGO Local Area Network (LAN) Layer 2 Switching and Virtual LANs (VLANs) Local Area Network (LAN) Layer 2 Switching and Virtual LANs (VLANs) Chapter 6.

LOGO Local Area Network (LAN) Layer 2 Switching and Virtual LANs (VLANs) Local Area Network (LAN) Layer 2 Switching and Virtual LANs (VLANs) Chapter 6.
Layer 2 Switch  Layer 2 Switching is hardware based.  Uses the host's Media Access Control (MAC) address.  Uses Application Specific Integrated Circuits.

Layer 2 Switch  Layer 2 Switching is hardware based.  Uses the host's Media Access Control (MAC) address.  Uses Application Specific Integrated Circuits.
Layer 2 Switching. Overview Introduction Spanning Tree Protocol Spanning Tree Terms Spanning Tree Operations LAN Switch Types Configuring Switches.

Layer 2 Switching. Overview Introduction Spanning Tree Protocol Spanning Tree Terms Spanning Tree Operations LAN Switch Types Configuring Switches.
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.

Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.
Connecting LANs, Backbone Networks, and Virtual LANs

Connecting LANs, Backbone Networks, and Virtual LANs
We will be covering VLANs this week. In addition we will do a practical involving setting up a router and how to create a VLAN.

We will be covering VLANs this week. In addition we will do a practical involving setting up a router and how to create a VLAN.
Sybex CCNA 640-802 Chapter 9: VLAN’s Instructor & Todd Lammle.

Sybex CCNA Chapter 9: VLAN’s Instructor & Todd Lammle.
Ch. 8 – VLANs (Virtual LANs)

Ch. 8 – VLANs (Virtual LANs)
Semester 1 Module 8 Ethernet Switching Andres, Wen-Yuan Liao Department of Computer Science and Engineering De Lin Institute of Technology

Semester 1 Module 8 Ethernet Switching Andres, Wen-Yuan Liao Department of Computer Science and Engineering De Lin Institute of Technology
Sybex CCNA 640-802 Chapter 11: VLAN’s Instructor & Todd Lammle.

Sybex CCNA Chapter 11: VLAN’s Instructor & Todd Lammle.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 7 Spanning-Tree Protocol Cisco Networking Academy.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 7 Spanning-Tree Protocol Cisco Networking Academy.
CCNA Guide to Cisco Networking Fundamentals Fourth Edition

CCNA Guide to Cisco Networking Fundamentals Fourth Edition

Similar presentations

Ads by Google