Wassim

I have read and practiced almost all subjects. Now I need to review the ones I forgot. Yeah I am conscious that I’ve forgotten many concepts and configuration commands. So I need a second and maybe a third and fourth review. At the same time, I’m fed up with my job. No real challenges. I’m impatient to see who’s going to take my place as part of the current contract.

There can be switchport trunk encapsulation negotiate on one side, and switchport trunk encapsulation isl | dot1q on the other end:

without switchport port-security command, the feature is not activated. So even if we issue (config-if)# switchport port-security mac-address 0000.05e0.0101 , it is still not there. And any plugged port will be to your surprise operational: now with switchport port-security , the Cisco port security feature is activated. Any interface with a MAC address other than the one specified will lead to a port err-disable state Now, we increase the number of allowed MAC addresses on a single port where Cisco port security is enabled But that doesn’t activate interface fas0/6. In fact, it’s still in Err-disabled state: So we shut/no shut the interface and that brings it up once again:

In this post, I expose some of my notes about Vlan Trunking Protocol (VTP) on Cisco gear. VTP and Pruning VLAN 1 is not eligible for pruning. So when you try to prune it manually on a switch, you get the following IOS error message: VLAN 1 does not appear on the list of VTP pruned VLANs by the way: Only on the VTP server can we set the “vtp pruning” command, which will propagate to VTP clients only. With it you do not need to configure VTP pruning manually on VTP clients. you can not add a list of pruning vlans in the same row, like you do in adding allowed vlans: to see which VLANs are eligible to be VTP pruned: “show interface {trunk int} switchport”: VTP Modes if there are extended VLANs on a switch, it can not neither be in VTP client nor in server mode. IOS will simply return an error message: the opposite: you can not create extended VLANs while the switch is in VTP server or client mode:

Here are a couple of notes I gathered around the subject of Cisco Etherchannel. We start by some concepts then learn how to configure L3 Etherchannels. Etherchannel concepts EtherChannel is a technology that allows a set of ports to be bundled into one logical interface. There is the logical port (the bundle) and one or more physical ports that constitute it. The physical ports are also called member ports . When one member port fails, traffic that was flowing through it gets redirected over the remaining operational member ports, transparently to the end user and without the network administrator intervention. A physical port can be a member of only one Etherchannel. We can configure an Etherchannel between a network device and a router, a switch, a server,… An EtherChannel can be: a Fast EtherChannel: an EtherChannel formed from Fast Ethernet interfaces a Giga EtherChannel: an EtherChannel formed from Gigabit Ethernet interfaces a port Channel: a layer 3 EtherChannel A port chan...

Here are a couple of commands for viewing and troubleshooting CEF. Cisco Express Forwarding Commands By default, Cisco Express Forwarding and Fast Switching are enabled. (config-if)# no ip route-cache This command disables both Fast Switching and CEF. (config-if)# ip route-cache This command enables Fast Switching only. Cisco Express Forwarding is still disabled if we don’t activate it. (config-if)# ip route-cache cef activates Cisco Express Forwarding under the interface # show platform tcam utilization displays TCAM limits and actual utilization # debug ip cef table This command monitors changes on the Cisco Express Forwarding adjacency table. Let’s run the debug command on a multilayer switch: We list ARP entries: If we remove one entry from ARP table with  clear ip arp  {IP address}: We can see that there’s a change in the Cisco Express Forwarding adjacency table. Indeed, there...

In this short port we explore the possible DTP modes and configure them on a Catalyst switch. We also learn what the outcome would be if we combine them. When configuring the Dynamic Trunking Protocol, Cisco recommends to set trunking as static. But here is the behaviour if we don’t set it to “switchport mode trunk”. For Catalyst 2960 and Catalyst 3560, I found that the default Dynamic Trunking Protocol mode is “dynamic auto”. Key behaviours: Dynamic auto+ dynamic auto = access dynamic auto+ access/trunk = access/trunk Dynamic desirable + access = access Dynamic desirable + else = trunk Default modes Here are a couple of outputs that reveal the default Dynamic Trunking Protocol modes, on Catalyst 2960 and Catalyst 3560: on Catalyst 2960 on a 3560 A combination of the above I’m going to set different DTP modes on both ends of the link, and see the behaviour of DTP on Catalyst switches. I have SW1 and SW0. Dynamic desirable + Access –> Access W...