 |  |  |
 |
 | Module 1 - 8: Outline |
|  |
 |  |  |
 |
 | Module : Designing a Network Using the Campus Infrastructure Module |
|  |
 |
 | |
| Describing the Campus Infrastructure Module |
|
 | |
| Devices in a nonhierarchical network |
 |
| Layer 2 network issues |
 |
| Routed network issues |
 |
| What is a multilayer switch? |
 |
| Issues with multilayer switches in a nonhierarchical network |
 |
| Enterprise Composite Network model |
 |
| Enterprise Composite Network model benefits |
 |
| Modules of the Enterprise Campus |
 |
| Campus Infrastructure module |
|
 |
| Deploying Technology in the Campus Infrastructure Module |
|
 | |
| Issues in a poorly designed network |
 |
| Designing a hierarchical IP addressing scheme |
 |
| Interconnection technologies |
 |
| Determining equipment and cabling needs |
 |
| Mapping VLANs in a hierarchical network |
 |
| Traffic types |
 |
| Considering traffic source to destination path |
 |
| Cisco Catalyst configuration interfaces |
 |
| Cisco IOS interface |
|
 |
| |
 | | |
|  |
 |
 | Module : Defining VLANs |
|  |
 |
 | |
| Implementing VLANs |
|
 | |
| What is an end-to-end VLAN? |
 |
| What is a local VLAN? |
 |
| VLAN configuration modes |
 |
| What are VLAN access ports? |
 |
| Benefits of local VLANs in the Enterprise Composite Network Model |
 |
| VLAN implementation commands |
 |
| How to implement a VLAN |
|
 |
| Supporting Multiple VLANs on a Single Trunk |
|
 | |
| What is a VLAN trunk? |
 |
| What is a VLAN trunking protocol? |
 |
| Comparing ISL and 802.1Q trunking protocols |
 |
| ISL trunking protocol |
 |
| 802.1Q trunking protocol |
 |
| What is an 802.1Q native VLAN? |
 |
| VLAN ranges |
 |
| Identifying the modes for Dynamic Trunking Protocol |
 |
| Trunking configuration commands |
 |
| How to configure trunking |
 |
| Configuring an ISL trunk |
 |
| Configuring an 802.1Q trunk |
 |
| Using trunking protocols in the Campus Infrastructure module |
 |
| Resolving trunk link problems |
|
 |
| Propagating VLAN Information with VTP |
|
 | |
| What is a VTP domain? |
 |
| What is the VTP protocol? |
 |
| VTP modes |
 |
| Describing VTP operation |
 |
| VTP configuration commands |
 |
| How to configure a VTP management domain |
 |
| Verifying the VTP configuration |
 |
| Best practices: configuring switches in a VTP domain |
 |
| How to add a new switch to an existing VLAN |
|
 |
| |
 | | |
|  |
 |
 | Module : Implementing Spanning Tree |
|  |
 |
 | |
| Defining the Spanning Tree Protocol – STP |
|
 | |
| Transparent bridges |
 |
| Identifying traffic loops |
 |
| Preventing loops in a layer 2 network |
 |
| The 802.1D Spanning Tree Protocol |
 |
| What is a root bridge? |
 |
| Identifying the root selection process |
 |
| 802.1D port roles |
 |
| Forming an association with the root bridge |
 |
| Example: determining the active topology |
|
 |
| Maintaining and Configuring STP |
|
 | |
| Identifying Spanning Tree Port states and timers |
 |
| Identifying topology changes |
 |
| What is a backup root bridge? |
 |
| Priority commands |
 |
| How to configure a root bridge |
 |
| Comparing Common Spanning Tree and Per VLAN Spanning Tree – PVST |
|
 |
| Configuring PortFast |
|
 | |
| What is PortFast? |
 |
| PortFast configuration commands |
 |
| How to configure PortFast |
|
 |
| Guarding Against Rogue STP Root Bridges |
|
 | |
| Protecting Spanning Tree |
 |
| BPDU guard configuration commands |
 |
| BPDU filtering configuration commands |
 |
| What is root guard? |
 |
| Root guard configuration commands |
 |
| How to configure root guard |
|
 |
| Configuring UplinkFast |
|
 | |
| What is a link fault? |
 |
| What is UplinkFast? |
 |
| UplinkFast configuration commands |
 |
| How to configure UplinkFast |
|
 |
| Configuring BackboneFast |
|
 | |
| What are indirect link failures? |
 |
| What is BackboneFast? |
 |
| BackboneFast configuration commands |
 |
| How to configure BackboneFast |
|
 |
| Configuring EtherChannel |
|
 | |
| What is EtherChannel? |
 |
| Port Aggregation Protocol – PAgP and Link Aggregation Control Protocol – LACP |
 |
| EtherChannel configuration commands |
 |
| Configuring port channels using EtherChannel |
 |
| Load balancing over Ethernet |
 |
| Guidelines and best practices for configuring EtherChannel |
|
 |
| |
 | | |
|  |
 |
 | Module : Spanning Tree Enhancements |
|  |
 |
 | |
| Troubleshooting Spanning Tree |
|
 | |
| STP problems |
 |
| Spanning Tree debug commands |
 |
| How to troubleshoot STP problems |
|
 |
| Preventing Forwarding Loops |
|
 | |
| Unidirectional link detection |
 |
| What is loop guard |
 |
| How to prevent STP failures due to unidirectional links |
 |
| Configuring UDLD and Loop Guard |
|
 |
| Implementing the Rapid Spanning Tree Protocol – RSTP |
|
 | |
| The Rapid Spanning Tree Protocol – RSTP |
 |
| RSTP port states |
 |
| RSTP port roles |
 |
| What are edge ports? |
 |
| RSTP link types |
 |
| Examining the RSTP BPDU |
 |
| Identifying the RSTP proposal and agreement process |
 |
| Identifying the RSTP topology change notification process |
 |
| RSTP implementation commands |
 |
| How to implement RSTP |
|
 |
| Implementing the Multiple Spanning Tree Protocol – MSTP |
|
 | |
| What is MST? |
 |
| MST regions |
 |
| The Extended System ID |
 |
| Interacting between MST regions and 802.1Q networks |
 |
| MST implementation commands |
 |
| How to configure and verify MST |
|
 |
| |
 | | |
|  |
 |
 | Module : Implementing Multilayer Switching |
|  |
 |
 | |
| Describing Routing Between VLANs |
|
 | |
| Inter-VLAN routing using multiple interfaces on an external router |
 |
| Inter-VLAN routing using an external router and a single trunk |
 |
| Inter-VLAN routing using an external router configuration commands |
 |
| How to configure Inter-VLAN routing using an external router |
|
 |
| Deploying Cisco Express Forwarding – CEF-Based Multilayer Switching |
|
 | |
| What is Layer 2 switching? |
 |
| What is multilayer switching? |
 |
| What is a CEF-based multilayer switch? |
 |
| Identifying the multilayer switch packet forwarding process |
 |
| CEF-based tables and MLS lookups |
 |
| ARP throttling |
 |
| CEF-Based MLS operation and frame rewrite |
 |
| Configuring and verifying CEF |
 |
| Common CEF problems and solutions |
 |
| How to troubleshoot Layer 3 connectivity in a CEF-based multilayer switch |
|
 |
| Enabling Routing Between VLANs on a Multilayer Switch |
|
 | |
| Layer 3 switch virtual interface – SVI |
 |
| Routed interfaces on a multilayer switch |
 |
| Configuration commands for inter-VLAN communication on a multilayer switch |
 |
| How to configure inter-VLAN routing on a multilayer switch |
|
 |
| |
 | | |
|  |
 |
 | Module : Implementing Redundancy in the Routing Layer |
|  |
 |
 | |
| Configuring Layer 3 Redundancy with Hot Standby Routing Protocol – HSRP |
|
 | |
| Identifying the router redundancy process |
 |
| Routing issues |
 |
| What is HSRP? |
 |
| Identifying HSRP operations |
 |
| HSRP states |
 |
| HSRP configuration commands |
 |
| How to enable HSRP |
|
 |
| Optimizing HSRP |
|
 | |
| Load sharing |
 |
| HSRP optimization options |
 |
| Tuning HSRP operations |
 |
| HSRP debug commands |
 |
| How to debug HSRP operations |
|
 |
| Configuring Layer 3 Redundancy with Virtual Router Redundancy Protocol – VRRP and Gateway Load Balancing Protocol – GLBP |
|
 | |
| What is VRRP? |
 |
| Identifying the VRRP operations process |
 |
| What is GLBP? |
 |
| Identifying the GLBP operations process |
 |
| VRRP and GLBP configuration commands |
 |
| How to enable VRRP and GLBP |
|
 |
| Implementing Hardware and Software Redundancy on Modular Switches |
|
 | |
| What is Route Processor Redundancy Plus – RPR+? |
 |
| Redundant supervisor engine configuration commands |
 |
| How to implement redundant supervisor engines |
 |
| Cisco Catalyst 6500 switch |
 |
| What is stateless switchover – SSO? |
 |
| What is Single Router Mode – SRM? |
 |
| Failure with SRM and SSO |
 |
| How to configure and verify SRM with SSO |
 |
| What is Nonstop Forwarding – NSF? |
 |
| Identifying NSF aware protocols |
 |
| Failover with NFS and SSO |
 |
| How to configure NSF |
 |
| Redundant power supply configuration |
 |
| How to configure redundant power supplies |
|
 |
| Describing High Availability in Multilayer Switching |
|
 | |
| What is redundancy in a switched network? |
 |
| Benefits and drawbacks of device-level fault tolerance |
 |
| Benefits and Drawbacks of redundant network topology |
 |
| Redundancy with stacked switches |
 |
| High availability: access layer best practices |
 |
| High availability: distribution layer best practices |
 |
| Layer 2 and 3 redundancy alignment |
 |
| High availability: core layer best practices |
|
 |
| |
 | | |
|  |
 |
 | Module : Minimizing Service Loss and Data Theft in a Switched Network |
|  |
 |
 | |
| Switch Security Issues |
|
 | |
| Overview of switch security concerns |
 |
| Switch attack categories |
 |
| Describing a MAC flooding attack |
 |
| Describing port security |
 |
| Port security configuration commands |
 |
| How to configure and verify port security on a switch |
 |
| Port security with sticky MAC addresses |
|
 |
| Mitigating VLAN Attacks |
|
 | |
| What is VLAN hopping? |
 |
| How to mitigate VLAN hopping |
 |
| What Is a private VLAN? |
 |
| Configuring PVLANs |
 |
| Configuring VLAN security using access lists |
|
 |
| Mitigating Spoof Attacks |
|
 | |
| Describing a DHCP spoof attack |
 |
| Describing DHCP Snooping |
 |
| DHCP Snooping configuration commands |
 |
| How to configure DHCP Snooping |
 |
| Describing a MAC spoof attack |
 |
| Describing ARP spoofing |
 |
| What is Dynamic ARP Inspection? |
 |
| How to configure Dynamic ARP Inspection |
|
 |
| Implementing Authentication, Authorization, and Accounting – AAA |
|
 | |
| What is AAA? |
 |
| Describing the AAA process |
 |
| Authentication and authorization methods |
 |
| Configuring basic AAA and authentication |
 |
| Configuring AAA authorization |
 |
| Configuring AAA accounting and comprehensive AAA |
 |
| 802.1x port based authentication |
|
 |
| Defending Network Switches |
|
 | |
| CDP security issues |
 |
| Vulnerabilities in Telnet |
 |
| VTY ACLs |
 |
| Secure Shell Protocol - SSH |
 |
| Best practices: switch security considerations and security policies |
 |
| Best practices: secure switch access |
 |
| Best practices: secure switch protocols |
 |
| Best practices: mitigating compromises launched through a switch |
 |
| Capturing traffic in a switched network |
|
 |
| |
 | | |
|  |
 |
 | Module : Configuring Campus Switches to Support Voice and Video Applications |
|  |
 |
 | |
| Accommodating Voice Traffic on Campus Switches |
|
 | |
| Voice traffic on a Cisco infrastructure |
 |
| What is a voice VLAN? |
 |
| Voice considerations in campus submodules |
 |
| Network design considerations for voice |
 |
| Quality of Service – QoS basics |
 |
| QoS and voice traffic in the campus module |
 |
| QoS trust boundaries |
 |
| QoS traffic classification and marking |
 |
| Basic switch commands to support attachment of a Cisco IP phone |
 |
| How to configure a switch for attachment of a Cisco IP phone |
|
 |
| Configuring IP Multicast |
|
 | |
| IP multicast |
 |
| IP multicast address structure |
 |
| IP multicast address ranges |
 |
| What is Reverse Path Forwarding – RPF? |
 |
| What is Protocol Independent Multicast – PIM? |
 |
| PIM modes |
 |
| What is Internet Group Management Protocol – IGMP? |
 |
| Describing the IGMP snooping process |
 |
| IP multicast configuration commands |
 |
| How to enable IP multicast |
|
 |
| |
 | | |
|  |
 |  |  |