CCNP BCMSN Portable Command Guide

Description

Table of Contents

Introduction.....................xiii

Chapter 1

Network Design Requirements.....................1

Cisco Service-Oriented Network Architecture.....................1

Cisco Enterprise Composite Network Model.....................2

Chapter 2 VLANs.....................3

Creating Static VLANs.....................3

    Using VLAN-Configuration Mode.....................3

    Using VLAN Database Mode.....................4

Assigning Ports to VLANs.....................5

Using the range Command.....................5

Dynamic Trunking Protocol.....................5

Setting the Encapsulation Type.....................6

Verifying VLAN Information.....................7

Saving VLAN Configurations.....................7

Erasing VLAN Configurations.....................8

Verifying VLAN Trunking.....................9

VLAN Trunking Protocol.....................9

    Using Global Configuration Mode.....................9

    Using VLAN Database Mode.....................10

Verifying VTP.....................12

Configuration Example: VLANs.....................13

    3560 Switch.....................13

    2960 Switch.....................15

Chapter 3 STP and EtherChannel.....................17

Spanning Tree Protocol.....................18

    Enabling Spanning Tree Protocol.....................18

    Configuring the Root Switch.....................18

    Configuring a Secondary Root Switch.....................19

    Configuring Port Priority.....................19

    Configuring the Path Cost.....................20

    Configuring the Switch Priority of a VLAN.....................20

    Configuring STP Timers.....................21

    Verifying STP.....................21

    Optional STP Configurations.....................22

        PortFast.....................22

        BPDU Guard.....................22

        BPDU Filtering.....................23

        UplinkFast.....................24

        BackboneFast.....................24

        Root Guard.....................24

        Loop Guard.....................25

        Unidirectional Link Detection.....................25

    Changing the Spanning-Tree Mode.....................26

    Extended System ID.....................27

    Enabling Rapid Spanning Tree.....................27

    Enabling Multiple Spanning Tree.....................28

    Verifying MST.....................29

    Troubleshooting Spanning Tree.....................29

    Configuration Example: STP.....................30

    Core Switch (3560).....................30

    Distribution 1 Switch (3560).....................31

    Distribution 2 Switch (3560).....................32

    Access 1 Switch (2960).....................33

    Access 2 Switch (2960).....................34

EtherChannel.....................34

    Interface Modes in EtherChannel.....................35

    Guidelines for Configuring EtherChannel.....................35

    Configuring L2 EtherChannel.....................36

    Configuring L3 EtherChannel.....................36

    Verifying EtherChannel.....................37

    Configuration Example: EtherChannel.....................38

    DLSwitch (3560).....................39

    ALSwitch1 (2960).....................40

    ALSwitch2 (2960).....................41

Chapter 4 Inter-VLAN Routing.....................43

Configuring Cisco Express Forwarding.....................43

Verifying CEF.....................44

Troubleshooting CEF.....................44

Inter-VLAN Communication Using an External Router:

Router-on-a-Stick.....................45

Inter-VLAN Communication Tips.....................46

Inter-VLAN Communication on a Multilayer Switch Through a

Switch Virtual Interface.....................46

    Removing L2 Switchport Capability of a Switch Port.....................46

    Configuring Inter-VLAN Communication.....................47

Configuration Example: Inter-VLAN Communication.....................48

    ISP Router.....................49

    CORP Router.....................50

    L2Switch2 (Catalyst 2960).....................52

    L3Switch1 (Catalyst 3560).....................54

    L2Switch1 (Catalyst 2960).....................56

Chapter 5 High Availability.....................59

Hot Standby Routing Protocol.....................59

    Configuring HSRP.....................59

    Verifying HSRP.....................60

    HSRP Optimization Options.....................60

        Preempt.....................60

        HSRP Message Timers.....................61

        Interface Tracking.....................62

    Debugging HSRP.....................62

Virtual Router Redundancy Protocol.....................62

    Configuring VRRP.....................63

    Verifying VRRP.....................64

    Debugging VRRP.....................64

Gateway Load Balancing Protocol.....................65

    Configuring GLBP.....................65

    Verifying GLBP.....................68

    Debugging GLBP.....................68

Configuration Example: HSRP.....................69

    Router 1.....................69

    Router 2.....................70

Configuration Example: GLBP.....................71

    Router 1.....................72

    Router 2.....................73

Chapter 6 Wireless Client Access.....................75

Configuration Example: 4402 WLAN Controller Using the

Configuration Wizard.....................75

Configuration Example: 4402 WLAN Controller Using the

Web Interface.....................84

Configuration Example: Configuring a 3560 Switch to Support

WLANs and APs.....................94

Configuration Example: Configuring a Wireless Client.....................96

Chapter 7 Minimizing Service Loss and Data Theft.....................101

Configuring Static MAC Addresses.....................101

Switch Port Security.....................102

Verifying Switch Port Security.....................103

Sticky MAC Addresses.....................104

Mitigating VLAN Hopping: Best Practices.....................105

Configuring Private VLANs.....................105

Verifying PVLANs.....................106

Configuring Protected Ports.....................107

VLAN Access Maps.....................107

Verifying VLAN Access Maps.....................109

Configuration Example: VLAN Access Maps.....................109

DHCP Snooping.....................111

Verifying DHCP Snooping.....................113

Dynamic ARP Inspection.....................113

Verifying DAI.....................114

802.1x Port-Based Authentication.....................114

Cisco Discovery Protocol Security Issues.....................116

Configuring the Secure Shell Protocol.....................117

vty ACLs.....................117

Restricting Web Interface Sessions with ACLs.....................118

Disabling Unneeded Services.....................118

Securing End-Device Access Ports.....................119

Chapter 8 Voice Support in Campus Switches.....................121

Attaching a Cisco IP Phone.....................121

Verifying Configuration After Attaching a Cisco IP Phone.....................123

Configuring AutoQoS: 2960/3560.....................123

Verifying AutoQoS Information: 2960/3560.....................124

Configuring AutoQoS: 6500.....................124

Verifying AutoQoS Information: 6500.....................124

Create Your Own Journal Here.....................125

Back Cover

All the BCMSN 642-812 commands in one compact, portable resource

Preparing for the CCNP® certification? Working as a network professional? Here are all the CCNP-level commands for the BCMSN exam you need in one condensed, portable resource. The CCNP BCMSN Portable Command Guide is filled with valuable, easy-to-access information and is portable enough for use whether you're in the server room or the equipment closet.

This book will help you memorize commands and concepts as you work to pass the CCNP BCMSN exam (642-812). The guide summarizes all CCNP certification-level Cisco IOS® Software commands, keywords, command arguments, and associated prompts, providing you with tips and examples of how to apply the commands to real-world scenarios. Sample configurations throughout the book provide you with a better understanding of how these commands are used in simple network designs.

The topics in this portable command guide cover how to do the following:

• Implement VLANs
• Conduct the operation of Spanning Tree Protocol and EtherChannel in a hierarchical network
• Implement inter-VLAN routing
• Implement gateway redundancy technologies
• Describe and configure wireless client access
• Describe and configure security features in a switched network
• Configure support for voice

Scott Empson is currently the assistant program chair of the bachelor of applied information systems technology degree program at the Northern Alberta Institute of Technology in Edmonton, Alberta, Canada, teaching Cisco® routing, switching, and network design courses in certificate, diploma, and applied degree programs at the post-secondary level. He is also the program coordinator of the Cisco Networking Academy® Program at NAIT, a Regional Academy covering central and northern Alberta. He has earned three undergraduate degrees and currently holds several industry certifications, including CCNP, CCDA®, CCAI, and Network+.

• Access all CCNP BCMSN commands-use as a quick offline resource for research and solutions
• Logical “how-to” topic groupings provide one-stop research
• Great for review before taking the CCNP BCMSN certification exam
• Compact size makes it easy to carry with you, wherever you go
• “Create your own journal” section with blank, lined pages allows you to personalize the book for your needs

This book is part of the Cisco Press® Certification Self-Study Product Family, which offers readers a self-paced study routine for Cisco® certification exams. Titles in the Cisco Press Certification Self-Study Product Family are part of a recommended learning program from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press.

Category: Cisco Press-Cisco Certification

Covers: CCNP BCMSN Certification 642-812

Author

Scott Empson

is currently the assistant program chair of the bachelor of applied information systems technology degree program at the Northern Alberta Institute of Technology in Edmonton, Alberta, Canada, where he teaches Cisco routing, switching, and network design courses in a variety of different programs-certificate, diploma, and applied degree-at the post secondary level. Scott is also the program coordinator of the Cisco Networking Academy Program at NAIT, a Regional Academy covering central and northern Alberta. He has earned three undergraduate degrees: a bachelor of arts, with a major in English; a bachelor of education, again with a major in English/language arts; and a bachelor of applied information systems technology, with a major in network management. He currently holds several industry certifications, including CCNP, CCDA, CCAI, and Network+. Before instructing at NAIT, he was a junior/senior high school English/language arts/computer science teacher at different schools throughout northern Alberta. Scott lives in Edmonton, Alberta, with his wife, Trina, and two children, Zachariah and Shaelyn, where he enjoys reading, performing music on the weekend with his classic rock band “Miss Understood,” and studying the martial art of Taekwon-Do.