0 ratings0% found this document useful (0 votes)
259 views151 pagesJex 10 A Sgds
Jex-10-A-Sgds
Uploaded by
Sơn ĐàoCopyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF or read online on Scribd
0 ratings0% found this document useful (0 votes)
259 views151 pagesJex 10 A Sgds
Jex-10-A-Sgds
Uploaded by
Sơn ĐàoCopyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF or read online on Scribd
You are on page 1/ 151
OO HOHHHHHHHHEKEHHHHH
eo KHOU
Junos Enterprise Switching
10.a
Student Guide
JUNIPELr
NETWORKS
‘Worldwide Education Services
£494 North Matha Avenue
Sunnie, c& 94089
1208:7482000
‘wn unger
‘Course Number: EDU EX
>
3
a Contents
>
DARE Casein “
. Chapter 2: Layer 2 Switching .
a Eat apres
. an
(Chapter 3: Vitual Local Aree Networks...
2 Sater eananions Fa
a ee fe
settee iaaas i
2
~ Chapter 4: Spanning Tree. eee ceeeeeeeees . 44
®
ae eS
S Prontarure BU Pon a
- TSeinsenaigsnemagiee 3s
hopterS Part Sae0y ooveseeesetsstesseeneteneresetneeseeeses
2 Metals ate
Prarie ai Se
» {ab 4: Implementing Pur Seu. baz
amr e deve Srey an Frat Ps aree
Somer co
a (SSE pte tae is oe
Chapter 7: High Avaablty. o-oo eee
vero of ah Avia tre
o
Uni Aasoeton Groupe
‘Contr na Montrng rua Csse rar
2 {br impemerting run Chas yo 60
MODDDRDRHADDRORDOHMOHHNHTHT AHHH O
‘Appendix A: Acronym ist.
Appendix B: Answer Key’
wkd
Bt
eis
i:
i‘
Course Overview
Objectves
Intendes Audience
“hs wad coro designed to provide stents wth ints
‘ontigrationexampee. Th sucess noe
Trough demonstator enhance ab, dete wl in exprence ncoiguingand
er secu comping core. you hau be be
it ene of npn etched As
Desc anger ben onopta anders
Lena pstoms that euport Leeming
Conf naracn er Layer 2 etching operation
Dipl onsitret he Ere hing abe
sein wa,
cone and manta LAN
line VAN tng operatic
ringer,
Lotasme scartage ot uslng RTP overs,
Cane and ont STP
Ls and deere various prt eeu etre:
Confreand mantra eet feature
stand describe some deve sacar fue
be rts data unt (SPD ep, naa ttn ete
Cong and manta assy testes
Describe owe te eupor for x Sr Eden eees:
stand ero some etre ta promt highly
Canfgie and manta igh avai tees
Deseret orcpis nd operational tata ital hans and
Imolement tue casi with mute E1200 ene,
‘Tis cous bene insu rapes fr soning and mentoring EKSore nth.
aus Green +
‘Couree Lowel
‘Course Agenda
Prorequistes Dey
PODDAHD OH H
@ 7
SOewewueueuee
ay
wo
€
«
‘i
e:
‘
‘|
‘|
e:
Z
‘i
ne trv Suteng
e's
Chapter Objectives e = Introductions
» After successfully completing this chapter, you will be € i >. " Before we get started...
able to ea + Whatis your name?
* Get to know one another | + Where do you work?
* Identify the objectives, prerequisites, facilities, and € 3 + What'is your primary role in your
materials used during this course ela organization?
+ Identify additional Education Services courses at Juniper | + What kind of network experience
Networks €'3 do you have?
+ Describe the Juniper Networks Certification Program e | - + Are you certified on Juniper Networks?
+ Whats the most important thing for
€ a you to learn in this training session?
€ i 2
es
ne ea ones
Tes at se! questo foro to aneedrngt nro,
eStore Natori. coun: an
«vane ms ote Pen e923
ea
es
e=3
es
es
e232
‘iar 2 Couns incocion wont women ‘aie neeion Ghape 13
es
oo
o
@ ©
os Erion Suiting,
suns Sree Sting
>
Course Contents = Prerequisites
= Contents: 3 = The prerequisites for this course are the following:
+ Chapter 1: Course Introduction = + Basic networking knowledge
+ Chapter 2: Layer 2 Switching + Understanding of the OSI model and TCP/IP
+ Chapter 3: Virtual Local Area Networks > * The introduction to Junos Software (IIS) course—or
* Chapter 4: Spanning Tree a equivalent knowledge
* Chapter 5: Port Security - * The Junos Routing Essentials JRE) course—or equivalent
3 knowledge
+ Chapter 6: Device Security and Firewall Filters.
* Chapter 7: High Availability
DURRCSHIVHereFaaanSei
(Course Contants 3 Prerequisites
“Theale iat ne oie me sue inthe cous Th de iat
pitas fortis couse
@
ours neato aerinipmcret meet Couaetncesion + Chapter
THMDADMDDMDHRDDRHDHHO HHH HDD
@
eww
uns Ereorpie Shing, un Entepice Switching
Course Administration Education Materials
* Available materials for classroom-based
and instructor-led online classes:
+ Lecture material
+ Lab guide
* Lab equipment.
" Self-paced online courses also available
‘http://www juniper-net/training/technical_education/
= The basics:
+ Sign-in sheet
= Schedule
+ Classtimes
+ Breaks
+ Lunch
+ Break and restroom facilities
+ Fire and safety procedures
* Communications
+ Telephones and wireless devices
+ Internetaccess,
oe Gee
@
wo
‘General Course Administration
“Those documents general aepetfssoom anniv,
a ‘raining and Study Materials
“Teste describes Eaveton Srvns atria thatee ealablfereferenc both the
RMDD DDH HHHHHHHHHH HD
oe
om
wo @
m®.
ee
buns rare Sting,
ur Ernie Sohn
Additional Resources
"For those who want more:
+ Juniper Networks Technical Assistance Center (JTAC)
+ http://www.juniper.net/support/requestingsupport. html
+ Juniper Networks books —-
+ http://www juniper.net/training/inbooks/
+ Hardware and software technical
documentation
+ Online: htto://mww juniper.net/techpubs/
+ Image files for offline viewing:
http://www juniper.net/techpubs/resources/edrom html
* Certification resources
+ http://www Juniper.net/training/certification/resources htm!
eeeedeeeee
Satisfaction Feedback
= —
Foedback
naaBaanaan
"To receive your certificate, you must complete the
survey
+ Either you will receive a survey to complete at the end of
class, or we will e-mail it to you within two weeks
+ Completec surveys help us serve you better!
€
€ 8
stort ; set rn
€3 Eseries at et a
€9a
es
es
els
Ss
Sapa cman — 5 = Si Oo
es
anon tein Saching
Juniper Networks Education Services
Curriculum
= Formats:
* Classroom-based instructor-led technical courses
+ Online instructor-led technical courses
+ Hardware installation eLearning courses as well as technical
eLearning courses
= Complete list of courses:
+ http://www juniper net/training/technical_education/
Juniper Networks Education Services Curiulum
Dane Netw Education Sr vet can Nels enue tatu wethe koe eae
‘ely and manta cetetcte, igh peromarce netare bth etre and serves
Powder enutonnants We nee spat Walang wen don aves ard nat koe
Powdng you wih netucorie haravn courses the ceo ndoine es else
enveiet atpaced earning cous,
course List
ousan acces th te Eeueton Sores feng coering a wie ang paorme st
epi/mumjanperneainng/ectnca eked
nos rere Suton,
Juniper Networks Certification Program
= Why earn a Juniper Networks certification?
+ Juniper Networks certification makes you stand out
+ Unleash your creativity acrossthe
entire network JUNIPEr ss yasenet:
+ Deliveryour vision. design, and
architecture
+ Sets you apart from your peers
* Capitalize on the promise of the
New Network
+ Develop and deploy the services
youneed
+ Lead the way and increase you" value
* Unique benefits for certitied individuals
Juniper Networks Cortiication Program
‘lune etwas cerfston he benomark aie ae competence on urize Nears
‘schol
(hapa 5-30 + cove ton sooner
Janos Energie Sutin €93 moa Fieri Sting
Juniper Networks Certifica es Certification Preparation
sees €9 "Training and study resources:
e = * Juniper Networks Certification Program Web site.
www juniper net/ certification
€s + Education Services training classes
é wu
2 * Juniper Networks documentation and white papers
‘Specialist Level QNCIS) i es www juniper net/techpubs
r = Preparing for practical exams requires a lot of,
fA ea e= hands-on practice:
ea + On-the-Job experience
- + Education Services training classes
es + Equipment access
Juniper Networks Certification Program Overview
3 Prepon ond Susieg
‘epee CtatnPogan NE sn setae ate sr er ord ead ping oo toate
that enable participants to demonstrate competence ith Juniper Networks technology trough @ mens " * So emrrnte tees mene
Scien opm pensar nonin ee cose
‘nd npr Newer pit contigietion and tovblesnesingsha, ty teen
‘enc one eon see
+ Mate rent ot
+ win toa em an
+ tancrencngonedtotsing sme
roc aetna eat
‘tetra eet helene a rons
SEenpan one ce esate sarc cones a
Pele a etn eae we concthanéen eee sane
secon ung Pernod bers Seen
fixate ioe teen n otank Mest vak EINES Wake
[Soiree team sider eoan ten ene sean
sone
Doo @ &
«
é
‘Sure rein hagr 218
‘hpi 1-52» Cove iain
sere jnbornet om arn
DDODDDDODDD®
a
&
suo renpran sueening
Questions
‘Any Questons?
typunee ey quero or ons abou th cas you erator we eset that ou We
‘hem now eo thatyurarstar can bes ads your ease aun soe
‘haptr 1-14 + Couae owen
€93
Junos Enterprise Switching
Chapter 2: Layer 2 Switching
na rar tee
naa Eten ashing
Chapter Objectives
* After successfully completing this chapter, you will be
able to:
+ List benefits of implementing switched LANs
> Ethemet Bridging Basics
= Terminology and Design Considerations
" Overview of Enterprise Switching Platforms
>
=
>
a Agenda: Layer 2 Switching
>
—
DOHMH HHO OO
DODDDDODDDODD®
wo
* Describe transparent bridging concepts and operations = * Enabling and Monitoring Layer 2 Switching Operations
* Describe terms and design considerations for switched LANS =
+ List enterprise platforms that support Layer 2 switching
* Configure interfaces for Layer 2 switching operations =
* Display and interpret the Ethernet switching table =p
ey Ethernet Bring Bales
“This Chapter Discusses:
: ‘The de atthe opin we cverin thi chapter We nat the highghe pifat.
‘ones of mplementng enna A
Tanna mig concent and operations
Terminiog and ds coraideraos far eviched LAs
Enterpi patoen hat support Lape 2eiching
Congo of atace for ayer 2 operons and
Dela and inarpetngtheEhemetewtcing ate
(haps 2-2 + tayo? Sucing soompngernet nip Layer 25wrng » chepter2-3
Shared Versus Switched LANs (1 of 2)
= Shared LANs:
* Combine all devices as part of a single collision domain
which can increase the chance of collisions
+ Flood traffic out all ports to all devices which can consume
network resources and introduce security risks,
Stored Medium Cation amon
“Taffic sent from User A to UserC ls
| seen by allother users on segment
‘Shared LANs
(On sshd Eterna al on aha and commute ough coreran mum A
‘Sens prtipatingnashered medion ae parte sta casey Sonam
8 coppertared pncl maim This ype of momenta ony aan
singe sea fdas ative node perpatng nth saved terat LAN toto
‘atten Wi beretraremtng ine ei ae, he nods begin tented omen
Iie nde inten a ditt th nani ond ren ager sarang dee once
“ing sond tte the nes conus to aetet eating thy papessncymaease
_unen anne dos ssc raname wae that wf epats otal ot onthe ib an
een al sh ros en te
(Chapter 2-4 + Laver 2Swtng
uns rere Sting
‘Shared LANs (conta)
[Ethernet Ate ware rg events femal, simple twee. Over tne LAR he
‘become ner nd more compan Avon Era LAN gow th aoa clans on cht LAN
‘abo gow, erro user ar adn oa ta Ere opr ach prtcestingeace
ecoton nines ot elem al ether prs
‘Sevtnan, Tie unin cansumeton eek
Inottblydeeanee re vr fsanoy on De,
arene
yer 2Sathing + Chapter 2-5
as rere Sen €9 noe Etre Sten
es
Shared Versus Switched LANs (2 of 2) ea How Does Bridging Work?
3 ™ Bridging builds and maintains bridge table using the
a following mechanisms:
"= Bridged (or switched) LANs:
+ Break a single collision domain into multiple smaller
collision domains: minimizing the chance of collisions
Bridging Mechanisms
+ Perform intelligent forwarding decisions based on the Sere
contents of the forwarding table (or bridge table)
; rrng) evga
Piupralie
cp ate
sw
w
Shared Vetum /Calson Dora
‘Traffic sent from User A to User G
Is forwarded based! on Uidye table
o
aig
3 ns JMET Mea
‘Switohed LAN
-Athovgh sare exit etoan share ancentned LAN, snthas LANE ot hv the eae
Ine ttn shard ean ghana pesns se Ssh Ute ees
ing clison Sonal a mall smaler ston dom,
How Does Bridging Work?
Deira inthe IEE 8020-2008 standard, bldg sdseses some to heer olen of
Sead Ebetie Bigg reeangenacn = uenngecotcy con
he tehood at coson va osu T peach ao ctareeparmanoe
Ung swith eases news performance an minnie tome typ of ery ik by ony
fervarang vate trend deeatn rater an aay ode al comedies
does Swe ul snd mantan afrwacng ae see known a brag abet mae
‘raring section Wetseune tetanus sisinn sy bul aa fran age ae
‘ebiteccuent ogee
Sedge and elacan of ttace pn ardent igely gouge we be
Sine orges La ie siggy gon omar ren na rege enero
o bce efx nonin a tae hare At ener
Bugg asta ferns ow 6a vig ae ester win
‘oteapd ns agian mesos souce tn asm al cover poser
2 sete otal ite str rng cor Nese
‘Seige eco Neco lta biganschnaneindetaon teaver
oo
nape Layer 2Suching up ‘wire (er 2c» Chaxter2-7
DODDODDDDDRDHDDAH THD
o
o ©
io rnp ching, € i 3 oon arpa Swtoing,
Bridging Mechanisms: Learning
Bridging Mechanisms: Forwarding (1. of 2)
ie ecuenene
Learning
Learning |[Forwarding|
*iCaceresere Tacomas a
wget rome ‘toon sain aos
T
rao fej] Fe
rcraregane rte somone
roa te tens ebaret ames
mR]a=belesje) tem
Peery Bil ees Bo sacootasoa es
si. vc on2502 a7
Leoming ena Fonvarding Part
en no frat rat a natin een The fren mare vest sca dl tte pst ttm a nem
©: smth ton ssw otaon ears We asc
€a manta rareronntan
abr urn tee ne oe
itso peony ed a Stave mune iotonenrarontek entices eaten
be dab an nial inatce on EX Sara nes, The
Ti erg fone
easter: fit)
suecaovischt at tharnat-nvitehing-option intertacunge-0/0/0.0107
novmac-leeriog Disable nk lessning for this interface
Chapter 2-8 + Layer 2 Sing
sm npernet ‘yer 2Swtting + chapter 2-@
ana rere Sutin = unas Fein ing,
Bridging Mechanisms: Forwarding (2 of 2) iy Bridging Mechanisms: Flooding
i)
Yeu cage l
veo erage ene vane a) [ro[pa] soe] om ea] Otero cenrvarn te eet
eles SO I suc'Sidna nes
iasemue siazinan/>
€
€
€
€
€
[Forwaraing] es Learning
- - a —
e
€
e
€
ery eet a0 woorStibenas
wontiene Ql 30 aes € 9 GH motown
Forwarding: Part 2 & 9
‘baer 2 0 = Une BOmtchng ommayent serie Layer 2entaing » Chaper 2-8
oe
we
ane rere Stein,
ans reise Swtclog
Bridging Mechanisms: Filtering
Learning
ovens ar ng
uc cossanone26 -
Pet sa
fe) -cosacenen
“These musvetes toma sth tarsal nti kame the devon asalted her
sess ate anesthe ee acid ero MAC we C0 268802188)
Tats ate eased ge
‘eto fneo aacertebate,
Sapte 2082 © Laer 2g omnis
DODDRRHDHDDHTTDHHHDHH HDT THD
oe oo w
eoueaamwuw
wo
Bridging Mechanisms: Aging
Learning | Forwarding | Flooding| ritering |[Aging]
Aging
Fay, the snch wes agit anu that oy ave MAC adtes ena re nthe beetle.
Fer eazh WA adores nthe beable, he tn rca tmestmp af en the rrmaton
ape Be whahing + Chapter 2-13
anes rare Sting ins crepe swecneg
ang
Think About It
Agenda: Layer 2 Switching
* Given the topology and bridge table below, what
device(s) will receive the packet sent by User B?
= Ethernet Bridging Basics
Terminology and Design Considerations
* Overview of Enterprise Switching Platforms
* Enabling and Monitoring Layer 2 Switching Operations
CR
oeeeeeyu
By
ween dl Bs 222A monStnnn
aoe
woaitthons BA QD weosttinuse
[al-cosaacennas
Think About Terminology and Design Considerations
Thee Nhl te tepe we dc
pms know tat heute be rece User and ser even thoughts ais
€
€
e
«
€
€
€
€9
©
e
€
€
€
Se
taper 2-24 + Layer Swening sem anipernet eunpernet| (yer 2Swiching » ehaper 2-38,
wa
on
y
a
une Crane Oi,
Janes reprise Stein
o
Hierarchical Design
Functions of Layers (1 of 2)
* Switched networks are often hierarchical and may
consist of access, aggregation, and core layers
* Benefits of a hierarchical network design include:
+ Modularty-faciitates change
+ Function-toftayer mapping-isolatesfauts
sao
Ss
conta
" Layers are defined to aid successful network design
and to represent functionality found within a network
aege
ow
oe
o
Functions of Layers: Part 4.
hen design isc ewe nto indivi lyre re defined andrepetet specie
“urconsfoune nthine neva i stn ristaery hovay tate sos, geet
‘troton an cotter mst ext clot an tnt yl devs
o
1 of mull ior. The dagyam one side
sugeatn for dtrouto) end eos achat
‘hese lye paros urgue esporabtiee We coe thefuneon ofeach jer on acabeatuent
we
fecitement ot doeatrate arse income cnn, The ee te fest
seek eign ana orprecetuntonaty teste nny seve
5
“Tues pig ue acces, aggregation, acces and pono et asengton tne
‘actors cormiymemared nessa WS tai sneak ksoud ee
Inoupeatadconetarty nae lr
‘hana array cote spe porn [tne he pte ata tan ath ete
‘Because rncton are mapped to inviulyr, fut rlsingto ope incon canbe
Isis tat urate’ coresponigier Te abit ele fut oa specter can
(Gea empty Uouleshostng eos
we
é
®
Shapira 28 + cnye 2 Stang woe ipeet ‘wie nat ayer Beating» ohap
5
TDHRHRDRODOHDDRHHRDRHDHDHHHHHH
a
anes rape Swing 2 ono npn ting
Functions of Layers (2 of 2)
a Branch and Data Center: A Comparison
= The functicn of the various layers can be combined
into a single device (such a Virtual Chassis)
i 2
Virtual Chassis
ere had wR ace eee
See
Functions of Layers: Part 2 a Comparing Environments
This ede usvtes some porte ocomparkans betwee rah and data ener envronmanth AS
3 Semana ie ima erronra ph tae es Sins a a
a ‘hl ta carter an many cama envonmets Inman Bransn eons, cae nd
“ageaton tere are conned ent ras untns me Fevemed on ame pies
Tho implemen of the tress cn bein set ees can be ein ina sings
“seth orca be emt agate ne mene nw he nes re leone shoul aye
-Sepnd ante nee requreren andthe cevign Sbjct,
3 ‘You cane that te pes of devies found withn the diferent snvronments can vay In branch
‘rcampus ernment eu til sey se ae rang of ons Conese a ne acess et
‘Sosens usc ntonly Ws ass aehave en peo sa actcaet
Spur tnecouce Stovorensom strana pers os esos na ona
a roan oui pc one
‘eycon anos nan pe tnt un tinh at onan on ay Yu
: ‘tan errant sae se agton espa coos
nkaggegmon go (0) We ure
Unk segogston ne ubeequert hep
‘urine to show some common design crsideratonYourenvonmen and ésin
‘mpemncton may vary Wom shown en he de
oe
‘hapter 2-48 + Laer 2 Switching ripen ‘wenn Loyer25wiening + Charter2-89
DODDRDODDRHD DD DH DH DDD HD H HOH
oe
we
bao Erorpie Sting duns Ernie Stein
Agenda: Layer 2 Switching
"Ethernet Bridging Basics
» Terminology and Design Considerations
> Overview of Enterprise Switching Platforms
* Enabling and Monitoring Layer 2 Switching Operations
"Basic Layer 2 switching features are supported on the
enterprise platforms shown below:
3
a
a Enterprise Devices and Layer 2 Switching
>=
3
3
> t
3 Jseries SRX Series (Branch) EXSories
* This course focuses on the EX Series switches
a i fv dhe RNUUMIPEN Wetman sean
(Overview of Enterprise Switching Platforms
‘Tre aide ilps the tpiowe disuse net
9 Enerpise Devices and Layer 2 Switching
‘hd ates een pt rst nh ns Of an hat apn Lat 2
chr operaton Ne tht De Series and bran i Sais rat suppert aoe Laer
a cheers sportcon ese. Ta pray can) Sara bor
) Seren fer tte tecnica puesto at om ne nett
Ase trio of te x Sve awtnes hat rane June 8 flew
a + Tho £2200 lne of faedcongon vie a el fr sca ee epee
3 lnranc andres fen, a wees compuxnetwai au slater confgraons
ste aralabie tong 2 and 30/00/SS008N52% parte ha wthos Pow oat
ere Pas).
The £13200 le of faecoriguaton tee del oases deeymen
Inbranen ndeet fon, wl capa nter For ptr cargos
= fe aati org 28 and 8 30/200/S000BNSE porte mth ter fae atl
Foner oe berate
- ‘onnnues on ert page
3
‘hapter2-20 © Laer Bang mopar mungerne| Laver 2owtahing + chapter2-21
DODDRDRRORHRDRHDHDHDHHHH HHH DH
o
nt Entec Sitchin
Ena Dinan ae 2Setng oi)
Th E4200 ine Ebner ideal for data
{arty camp nd tranch tice omer Egt ear connguatona ae
alale eng 28 are 48 10/100 1000845 ort wi ee Ro paral Paver
fer tere ao 4100/2000 BASEX pats wi no PAE We deus Vitus
iy 24500 Sharan el rhe 0 ge
‘egaston cepoymets,
Ine 1 noc ant on do gmp a aa carte
sain
pte 38¢ Gigabit Ebert ore 0 gabe Ener pate tre speed, leringone
‘Teint highest nao 10g fara pr ara TeENBSIG eh
200
unos Ernie Sw2cing
EX Serles Placement
pesceuree
a EXSeties Pacoment
{hs she museaten pening fhe aie EX Sees es ta center nd
‘womjngernet Layee Suteing + Shp a-28
DODRDRDRDRDRDHDRHDHDD HD HHH HHH HHH H
e
€ 3
nos rere tng es een
Separation of Control and Forwarding ea ieee Tetris eames tn
: ntainamgscang a iatchclancons ae
Seen be RE proven Yel snct ne susen vette nag a
"Control functions are performed on the RF and €s Sectors ames, aca, obo win shh dogs abit ad etme
forwarding functions are performed on the PFE €3
+ Ine number of PFES varies between EX platforms I
€es3
es
es
€ 3
es
3
(os)
Cano and Forwarding Functions 4
Rendanimpstaieasentestinen woscressipeaimenn EFS
ecm instante Bowens alton acho nee ete
€a
ionraltcetcimcewaeteee oe e-
‘anette emp one ea
e323
‘entnuedon ten ge ea
2
2
omen wm yh arma
€93
anos rage Sting, €3 nen ttn
Frame Processi
: Unknown Source es Frame Processing: Known Destination
ap and deta
‘Sastre 9 onthe sure ei ama PFE longo
‘he sma Vu Chul stm We oer Val haw tae
sanded the hese othe RE toupee Dead, whch ptt Oe NAS
‘earnngerecee
tate oncan PE waar € ; 2
‘eco cinngn estenqun ptr ou, |
Shaper
(ayer Soci vwwunperne ence Layer 2Swiening » Chore 2-27
2unoserearanee Sune, uns Eerie Sutclag
Frame Processing: Unknown Destination Frame Processing: Routed Packet
PFEpartens hia 9
ie Sitch, PFE atters 9 Uaioe
du the esbation
€
e
e
e
e
€
€
€
€
€
e
€
€
e
seapennet jrket sant beth FE dessin IP eb tte sth
jr tonal op nested
3 (EE abo
3 be Sortie.
=
7 o—e- ming “MM -@—- =
3
=
2 Frame Processing: Routed Packet
oka formset the RE
Laer 3 frvarang tbe erty ets
the estnaton ogee othe
‘itch dn Layer 3 omarcrg tao ont, ho pochets dceeea
hn 2-08 © nr 7 aig on iar at eine Layer Snening » Char 2-29|
un Etre Stn es unos Ereoie Stoning
es
Agenda: Layer 2 Switching e's Case Study: Topology and Objectives
# Ethernet Bridging Basics €'3 * Enable switching on Switch-1 to facilitate Layer 2
= Terminology and Design Considerations es access for the users illustrated in the diagram below
= Overview of Enterprise Switching Platforms. es = Use operational mode commands to verify proper
Enabling and Monitoring Layer 2 Switching Operations Layer 2 switching operations
e:3
€:3 ark aes onc
wamign” & ssn
€:9 a
a (lee
eis BH mpklere
Enabling and Monitoring Ler 2 Switching Operations
The ide hips ttn daca nat
(ase Stuy: Topology and Objectives
The ce dpe tne tangy nd obese or ute sy
Chapter 2°30 + Umer 2Swtehng om iriperaet orient (aye 2whcing » Chagter2-3t.
ino Eras Swteing
Enabling Basic Layer 2 Functionality
"Use family ethernet-switching to configure
Participating interfaces for Layer 2 operations
ey
Enabling Basic Layer 2 Functionally
‘The Erne owthing process enc onaba iy dete on Ek Sees shes
inaster:0}
ferGavitchoi> ahow eyaten proomeses | natch ‘pid ennd*
‘netiontto Eterna ontching proces you must enable inefce for Let 2 operat.
‘The ge atates Layer 2intarace canton examples You can dfn ach heeace
auealy ered, ou can epee on
‘he ctanrface to forma sh the mabes eee nto
Centnuedon te next pa,
‘hapto2-52 » Laer 2oniahng ‘nia
TTT HHO H
rm
non Emerge Stoning
Enabling Base Layer 2 Funevonaly (contd)
carpe!
naoter:0) (eate intertaces)
seceedcenlt sow
076 to ge-b/0/8
iinliy echernet-etcening
Fens of conga metodo ae, jo mua oe and
va for interfaces operating.in Layer 2 a ain ee interface configuration
opal Nt thai testosterone bX ees ony
ars et EX ds) erat Congo ra?
(yer 2aeiing » Snape 98
snes nore sung,
Verifying Interface State (1 of 2)
" Once configuration changes are activated, use the
show interfaces terse command to verify
= SH dherblien’ widicale *
interface status:
Spr a and ig ree
sd a Lape 2 sete gigi
‘aman onthe nee,
DRORDRADADDDHDHHDHHDH HHH H
uns reise Suteing
Verifying Interface State (2 of 2)
"Use the show interfaces extensive
command to view detailed interface information
including default settings and error conditions:
Vertying Interface Stat: Part 2
Thi de Huts the show dntartaces extensive cand which shel fr
Speed and Duplex satings we sat’ Aut
ang buteome stuatone mg oat whae ou mut
to rate efits mgr pay when
eating wi ther vendor. which pons poet wea operon that sat au
Inipi needtanerdease the sped ane duper etingen set ade och
Centhued on tenet pa
"er Rating» Ohapor 3-35
os Eres Sitching
Vorityng interface State: Part 2 (cont)
‘he loving sonst ieaace confuatonwhaeauo-egsttin Sale and he
‘eed nd supersetings a Nadcodeta 3000 mops a fupexeapectney
etauvitch-i> ahow contigurat ion intertaoesg0-0/0/6
speed
1
d
tankiy sthernst-aviteningy
(masters)
(haper 2-96 + Umer 2Sntohine
@
ie ob
wo
RHTHHRH ODD
owe
un rene Sate
Viewing Bridge Table Entries
"Use the show ethernet-switching table
command to view contents of the bridge table:
weg Syne BBs pep esns BO wale
tc enna
Bll meine
‘Viewing Bridge Table Entries
-scching tbe cars rar fe ie
cats feot ae einen avon dosnten teu estes bg
Cantnued on tenet ee
smanpernet ayer 2Sething + Chaper2-37
anette Setting 3 ne nt Sting
2
SECS sw terns abe mnie Clearing Bridge Table Entries
o =Use the clear ethernet-switching table
commands to clear bridge table entries
You can clear entries based on interface, MAC, or VLAN
Tyee: Roos
Type: Learn, Ager 0, Learned: 1:30 .
ewthop indaes 1505 ar oceees
‘ype: Learn, Ages 1-00, tesrneds 25 °
ewthop indaxt 3306
To ewe Lape 2owarngtale, mau th show route forvarding-table fasi3y
sthernat-meitoning comer
Sxeination ‘type REREE Next hop type Index tier Nett povzeve8:ts
Sareuuauiee vet Be S eninge Tbe Eis
Ue the clear ethernat-andtshing table commando os
Ss ‘tes iia. Sponai you can Glarnaual MAG ones ral MAC eter saroatea with @
a ‘tei LAW ung te evade opr show nthe flowing ozo¥t
oascers0)
“Simstecl> xecute thie comand
Seinen Layer 2Selehing + Chater 2-39
DRHRRAHAHDHDDHDTHHHHHHHHD THAD H
) ®
®.
wD «
+ coniguatin ot wrtacs orLyer partir an
+ ipayan interratgthe Etat ttn table
Chap + Layer 25mg swonunipeene ‘eorbriparon Ler 2S + Chapter 2-83
€ 93
ano ruining es oo rape Suter
es
Defining Static Bridge Table Entries es Summary
You can define static bridge table entries under e's * In this chapter, we:
[edit ethernet-switching-options]: e's + Listed benefits of implementing switched LANs
guberme-ovsccnogopticns * Described transparent bridging concepts and operations
aia es + Described terms and design considerations for switched LANS
roman €'3 + Listed enterprise platforms that support Layer 2 switching
+ Configured interfaces for Layer 2 switching operations
es * Displayed and interpreted the Ethernet switching table
we webtse ea
es
(a ers
Defining State Bdge Table Entries hs ‘This Chapter Discussed:
Normal MAC aes iar nd nase ge abe done whe ate e3 Bena ofnpementng ented LN
‘i + Yasue winnaar
e9 2 aaa
exe + expen pate tat pr Lp 2 eing
€
€
€
e
€
€
€
®
ers
!
ans otng eT 3 os rei Setng
€ i 3
Review Questions € i 3 Lab 1: Implementing Layer 2 Switching
What are the key differences between shared and € i 3 = Enable interfaces for Layer 2 operations.
switched LANs? €:3 * Verify contents of Ethernet switching table.
. List and describe the bridging mechanisms I .
. What layers exist in hierarchical Layer 2 networks e i 3
and what functions are associated with each layer? € i >
ei 2
Si »
ers
els
TE els
ei 2 Lab 4 implementing Layer 2 Swiches
| * ‘sie pein epee ro
: & 3
«= 2
€ 2
= 3
& 2
e323
hope 248 + Ly 2 Swing lg en
es
anon tryin Shing
3 juniper
Junos Enterprise Switching
rr
‘Chapter 3: Virtual Local Area Networks
DODDHTRHRHOHTDH HHH
ow
Chaper 2-44 + Layer 26ntaing ‘wom nent
es
Gi 3
oars Setting ej 3 re iit Seeing
e;3
Chapter Objectives e 3 Agenda: Virtual Networks
" After successfully completing this chapter, you will be € i 3 > Overview of VLANs
able to: era ™ Configuring and Monitoring VLANs
+ Explain the concept of a virtual LAN (VLAN) a | > "Voice VLAN
oepecne a 2 | sree wan
i es .
+ Describe voice VLAN and native VLAN concepts. I Cee
+ Explain inter-VLAN routing operations € i 2
* Configure and monitor inter-VLAN routing ea
es
els
e/>
Tia Chepter Discusses: es ‘vere of ANE
+ Thecconcept of a virtual network: 1 “The slide lists the topics we cover in this chapter We discuss the highlighted topic first
gen id eee € i 2
Sea e=2
a a
«>
© i 2
€ i 2
Sj 2
iapera-2 + Ws Loace wate minaret ‘eerie iin ac ators» Cha
oi 2.
e;3
nes re Satin es aro rte Sting
What Is a VLAN? ea Switch Port Designations
e393 " Switch ports operate in either access or trunk mode
es + By default all switch ports are access ports and belong to
‘the default VLAN, which is an untagged VLAN
* Alogical LAN that allows you to assign users to a
common broadcast domain based on business needs
and regardless of physical location
Fa em
VLAN 0is assodatedwith the
172.23.10.0/24broadcast domain
e
€
€
€
€
€
€
span Was be poured ea
€
€
e
€
e
€
€
©
VLAN Defined
‘en uta ce etree ae nga oie tt
2 Layer 2Switeh Port Designations
Layer 2 iarfcea can bese operas in thar acess otk meds, By defo stated
@
‘pte So4 » vera Lea Novara wre iar at repre Viva Local Aes Network » Chae 3-5
ine Eerie Scin, uns Ener chi
ow w
Trunk Ports
Access Ports
a w&
"Trunk ports typically connect switches to other
switches or a router with VLAN tagging configured
* Trunk ports typically carry tagged traffic
* Access ports typically connect to end-user devices
such as computers, IP phones, and printers
+ Access ports typically carry untagged traffic
@
ae, coon El
gy
seers
AccessPorts A Access Ports
go Bo
@
ee
o
SUPE ee a
‘Access Ports
‘As shownin the tration nthe sie acess ors ply connects ands ens such 36
‘Somers Ppones sngpitar Aon ports Ypealy Beare ene VAN and senna
‘nora ean el Sa vce A whan pooh
rte taoretel anfgrton and belong te cea VN
“Trunk Ports
‘Ava eta connct anc nn an age ie an cng tk
‘hve pialcarmeson, and sept att tagging wt ine opens AN
“unk porta ca car urnggatie when conigtedwi the nativecrian-Sa seme
‘We one te mat vervlan-a configuration oon ata nthe ate
hapar 3-6 = viel Lact rea twee ‘writ ‘em unpernet ‘Wrua Lea ea Netware» Chaper 3-7
ROORDRDRORORDOODDHHTH HHH DOD
Ge
9
nos Eerie Stein
non Ere Shing
Example of Tagging Traffic: Step 1
= User A sends traffic toward User C through an access
port on Switch-1; the traffic is received by Switch-1 as
untagged frames:
(reo [se
cae l we
VLAN Os assocatedwith the
172.23.10.0/24 broadcast domain
nh tne nsdn ish aed
tropa se ed Oth rng
Cretan Us thug nt ert St hatte oe Swe. ee
Urmgged Ihe example anu at the ana ath? already have Ne MAC
‘orartes othe ensune Sovees nto ig ls
Example of Tagging Traffic: Step 2
* Switch-1 performs a lookup in its bridge table, tags
the Ethernet frames with VLAN ID 10 and forwards
the frames out its trunk port:
ro] on [sa [aefven| oom fs
wi, Ne ee
Dene, 0
‘VLAN 10s associated with the
172.23.10.0/24 broadcastdomain
“Tagging Wai Example: Par 2
‘Sit emsrine the source and dsination MAC aires and perf slosh in riee
‘able taetemne now he ees shouts hele Seva fies emacing nye te
‘Sstration NAC ean ite fe ae, tage cach Cerna: ame wah LAND 30 on foward
‘he ngnd rane outthe poe ears ata he Wank pr somacted OSwech nthe
Chapor 2-8 + viel acl rea Netnsa ver iiperet
ox Eras Sting
Example of Tagging Traffic: Step 3
*" Switch-2 performs a lookup in its bridge table,
removes the VLAN tag and forwards the frames out
the appropriate access port toward User C:
a el
mite POX aa
cai,
“Tagging Tate Example: Part 3
‘tS an Kmart AC ta
Agenda: Virtual Networks
= Overview of VLANs
> Configuring and Monitoring VLANs.
=» * Voice VLAN
= = Native VLAN
~ "Routed VLAN Interfaces (RVIs)
‘Configuring and Monitoring VANS
These nigilges the topowe deus net.
@
‘soe rier
oe
DODD HDHHRHHHHHHHHH OHH HH
‘Vital Lacalaea etna » Chapter 3-13
nan rte aching
The default VLAN
"All switch ports not specifically assigned to a user-
defined VLAN belong to the default VLAN
+ The factory-default configuration facilitates plug-and-play
aw
weeeuee
uno Enepiee Stoning
Default VLAN conta)
‘ou ansugn on 6029 ag mn he df VLA 8 sow inthe lowhutpt
(maczars0)(aate)
Baiting configuration node a fe
fnastec.0)
oe
e
|
ei
a
Gi
a
ei
implementation by enabling all switch ports for Layer 2 e: Stas ee
operations and associating them with the default VLAN a |
l
e i 3 Sronieso
ea
cps er |
ej 2
“ymencenacie € j 3
Gi 2
Detour vay era
{Soviet own ote sie we cas tt degoute WAN dre pt an 80210 aE |
ani sina are ae recone Si 3
SRgcentan ju mod dof abt Oe eis
Contndon terrae |
gi 2
i 3
gi a
a a
ens
hopes 2-12 + wae ha Netra wma é “woven ‘a ac he New» ret 38
©
un ErarpaeSatohing
ow
dunes Entarpie Shing
Case Study: Topology and Objectives
"Configure Switch-1 and Switch-2 to participate in
VLAN V49 and VLAN V20 using the details below:
10 (VLAN ID 10) is associated with
the 172.23 10.0/24 broadcast domain
wctninss cree
(Case Study: Topology and Objectives
Tree dpay te tplgy ed testes
‘Chapter 3-48 + Viale Neva swneonpernet
= - — EE,
iL ian @:! bes |
ee eS
oeeeee &
wo
SFB HHE
DHDDDHDHHDOHHDHHHHHRHA DT DH
o
ae
oo
Configuring VLANs
Hee caps asain om Evish Eve shoud have «ana conten |
tnasters0)teai-)
10 (VLANID 20) is associated with
the 172.23.10.0/24 broadcast domain
uc th ener ce
‘Configuring VLANs
This thows he equrec LAN eof urcae muy Now He adaional congureion
‘optone re arate ue te (ode lane] Meret vel We cov sme oe ated
‘Siongraton pone nseneensrt secs ard caper
(aoeerso) (ease)
Eayer 3 incartace for this VLAN
‘Wun ange in the form ‘
Boo oe oe HHH HTHHEEEE
wo
in Eras Sting
Verifying VLAN Assignments
"Use the show vlans command te verify VLAN
assignments
parctouter Vat
Pipe thzough « coumand
irom ‘ial Local AveeNaterie Choper3-20
é|
wo
uno rari Seng, a Erie Sing
ov 1
Agenda: Virtual Networks What if...?
aw
= Overview of VLANs = What if an IP phone and a PC are connected to the
same switch port and you want the traffic sourced
= Configuring and Monitoring VLANs
from those devices associated with different VLANs?
Voice VLAN
* Native VLAN
* Routed VLAN Inter‘aces (RVIs)
wo@eeeoue
wo
Volee Vian
w
Th se ite top we dace net
wo
es eon can be proves ty newark
nd roes,ughou tenet
‘he at seer ses rraduce evo VLAN confiaton at, heh can eure atest
ooo @ © w&
‘hayes 9-20 = Wout orale Hewat mpingernet Feoriniparnet ‘ituallcalavea Netware» Chaper3-2
Cn ee de Wd dl
a
)
DDODDRDDODDDDD DH DH HHH
@
1
aro Enterprise Shing i 9 unos Eerie Sich
i?
Voice VLAN i 3 Voice VLAN Configuration: 1 of 2
Associates VoIP parameters
"The voice VLAN feature enables access ports to i 3 Idi etharet-neitching-opene wih alfaccena pore
accept both untagged (data) and tagged (voice) traffic = a
and separate that traffic into different VLANs - rametersith
+ Used with CoS to differentiate data and voice waffic i = betel
* Voice VLAN and CoS values can be communicated to IP 12
phones through Link Layer Discovery Protocol (LLDP-MED) | 7
a) Referenced VLAN andforwardingelass must
Voice VLAN
“pea natn semitone coon o Uae VP tat from ur tt
reat thas pen fai
fe The wee LAN ature re fortha purpose ace NAN cobs sang acess
rw sept eagaes aa ewe Se goed ie ot
‘a tnt na sopra VAN By Sonata, ators cans
sae atic erent eae) wh ar por)
prone wth
ou can manual aegn tse vase othe P
Prone drcty thou te ws ef LIDPSED LIDPAED ls oud the sep of couse
be defined locally on switch
poryeo fs]
Network
=
or
Volee VIAN Configuration: Part
‘hi ale atte the ba heraeny suc slong mth he labia ong pine
vvovated wih be vee AN featur.
(Chapnr 3-22 + Val aon rea Newari ‘ipa
‘wwipernet ‘Veta Leal ion Netecta » Chapter 3-28
ie
n
w
w@
ine Erepie Steig
Monitoring the Voice VLAN
G@aéé@w
w
)
wee &
es
wo
‘Monitoring the Voice VLAN
‘is age Mutat the nec otpt baad on or sane configuration show an the pret
tla, ery cases ttt acess po igp0/0/00}e tact wn ease voLce
w
“i ae proves a mare compet congurtnexerplebesd on cu sample topology Wich
woo ww
A
woo w i
‘apr 3-28 + wruelLocal na NeOworS veocunper ne ensnpecne ‘ual Loca ees Netware» Chapter 9-25
DHOORDRORODHRHRORODD HAHAH HTH YH ®H H
wo
wo
w
www
ou Erie Stang, noe Ererre Senne
Agenda: Virtual Networks What If
3 "The default behavior for trunk ports is to only send
a and receive tagged traffic. What if you needed to pass
untagged Layer 2 traffic through trunk ports?
" Overview of VLANs
" Configuring and Monitoring VLANs
= Voice VLAN
> Native VLAN
= Routed VLAN Interfaces (RVIs)
noapic
| mmm FRO —— pee arama
3 | sesame wo Stee Nps crane
AecessPors
Native VLAN a What if .2
“Tre deft har on X Saran atcha fr rk pot et ony and and esha tagged ai
“he em tht you aie cnign an wager Wa, seh are eau VN, oe nk pe The
a ‘Savgeon ise aaitanshown at
taeeerse) oat
a SESSA tw anentnom ere
finly seeenesceeiching (
a Ene
a a '
2 onetaawieohe is some
2 Seng uae mi
= sepa and eeprom acon
‘Chazer a8 + Vituel acel Aa Newora wcunpernet vnunet ‘Vivace Awe Netware» Chaper 3-27
DOODDRDRHHRHHDHDRHHHHOHDHTDHHDOD
w
®
c=
uns treerneeSuteing es 2a ere sung
eS
The native-vlan-idOption y A Configuration Example
"The native-vlan-id option enables trunk ports to a) [ Now: Captre ie taken fom Switch. Sth shoud havea sme configuration. |
accept untagged traffic in addition to tagged traffic »
* Configured on trunk ports of all switches expected to
process untagged traffic s
=
‘ose a mraneam
3 noma 2722303
rmeearamnasre Sa] Drones assign : rma sna snaioat “nave tensor)
rensa esau
“ona a seraany naa ee
2 raat mune
‘ithe dele AN toes (ay th WAND
(hapa 3-28 itu asa Naor ‘ert bmioernet
THAMMDODDDMADDR OHHH HH
=
configuration Examole
‘actos acorn ma ae naire vied eae
neon aban thc grays rto ecomlgre®
Mees et annecarnpd er onsac ens tAtear wale aae
ator dotauie va
wow uiparet| ‘Wiel Locales Nato Capt 3-29
Jane EresaieSuteing ows Energie Suen,
Monitoring the Native VLAN Assignment Agenda: Virtual Networks
= Overview of VLANs
* Configuring and Monitoring VLANs
*Voice VLAN
= Native VLAN
Routed VLAN Interfaces (RVIs}
LATA TT hp
aaa i
“Thea hip tho tp
OTH THRHTHHHHEHTHHOHHHHHeY
PPTMRMAPADR HADDAD
a
ow
‘Chapter 3-30 + Vel Loc a Newore wounpet ‘iu Lea ees Networa » Chapar St
meeerergiseSutcning
What Is It? implementing RVis
= Arouted VLAN interface (RVI) is a logical Layer 3
interface defined on an EX Series switch that
facilitates inter-VLAN ane
= RVIs are typically defined on aggregation or access
switches, depending on the implementation
+ All EX Series switches support RVIs as well as other Layer 3
routing operations
DOHA A HD
@ougcwuww
we
mnueap oewe
—
agen e|>
e| 3
e's
cee e! >
i eS |
vices require a default gntenay uhich points to RVI defined onthe switch. | gi 2
es
ven Be Le npn
‘nce artes ere a 7 etcemnsngtnnneuen tents notte baer sper teoe
es crema ae top gtr mn tent e145 sles Lne 3 xing pea. Chck yer Ham epee eeureraen eget
‘Tantra tn seatgunon ntontnagwen ea € |
el 3
e.
el:
e:
tee
Sania We oemamcoee er i. Vino sana» 8
Cra
I
at
wo
Jue rain Sing,
Case Study: Topology and Objectives
* Define three RVIs, one for each VLAN shown below, to
function as the gateway for the respective VLAN
+ Use an IP address of 172.23.1x.1/24, where xis the unique
value assigned to the corresponding subnet
wun ee uae wa iS eo we
veces BME Mt eH) we reson
we ranam A FO aes reas
romeo 17223ss20/4
‘Case Study Topelogy and Objectives
‘Tres sly th oplay ae eects ror ese su
‘wnwsunpernet
@
wowed
oegegd e & w
Tt.
Configuring RVIs
rotten ton a tows anes
> sGhaasrevorg era ne ses
ig
IE) nates sraase rc
ee,
ey ava snes
wsecsasnes EID aa ma memaaye
Configuring RV's
‘The de shows te cotguatonreauron Sten. The vin 36, vlan 5 ar lan 36 is
‘int or Waka vv an espace hough nt sawn ne ear
{soem urtuna on ato at ana the ree WANE must so Be ay ened
‘Spemieconmunanione
in trie ching ess suns eer Swen
Associating RVIs with VLANs
es Verifying Interface State
Ya v8 MAN 15
Note: RVle must be aceociated with @ VLAN and must
have an operational Layer2 interface participatingin
that VLAN before they become operational
‘Associating RVs with VANS — ering ieartane State
he ikon eee wh tak oper A, Ti se seats the commande and asamp ouput honing deed ital the
rs “nlite hurt te conan le up shonin
pd rong rth
ri must be seesaw 3 VN ant VN mt
fae before eR beam operon
Fle nthe Lape aes aac wth als defn one prev sae
ew atleston peraonaLer
‘Obst 9-36 » Vira Lcal Avs Newer espa seehnpernae Viale nea Neinaha ~ Chapa 97
ans eran Sting
ns Entepie Steg
Verifying Routing and Reachability
In this chapter, we:
insti fereach dete Fi
7 eco ene deeraton s
Dap tart ae Deco +
‘Vitale Ares Nettie
Sse see eaeie ane eamina een
woe
ebeue
TTTHFHOPTOHDHDHDRHDHH DHA HHH
wo
(a
oe
=
3
a Summary
a |
3
+ Explained the concept of a virtual LAN (VLAN)
* Described access and trunk port modes
* Configured and monitored VLANs
+ Described voice VLAN and native VLAN concepts
+ Explained inter-VLAN routing operations
= Configured and rronitored inter-VLAN routing
This Chaptor Discussed:
+ The coneet
+ Confira and mantong tA
ace and nate VLAN concep an xniguatn
+ ar A outing operators: and
+ Coniuraton and mentoring at ete LAK roving
‘ual Lal Aaa Network » Chapter 3-29
ej 3
unos Etargie Sting Si 3 mos terpie Sth
es
Review Questions e| 2 Lab 2: Implementing Virtual Networks
1. What Layer 2 port modes can be assigned to a ej 3 * Configure and monitor VLANs.
See aeene neers Shaaat ea * Configure and monitor inter-VLAN routing.
. What is the purpose of the voice VLAN? 1
. When is the native-vlan-id option used? ej 3
. Describe how inter-VLAN routing can be es
implemented on a switch a 2
el»
|
ej?
Gj 2
e3 i ae
een unetons | 3 Lab 2 implementing tua Networks,
‘ne std rst sts fr i
2 ej 3
; € is
. els
sj 3
sj 2
€ i g
ee ee eee © i 3
hope 2-40 + Wace Ava Wena wine aan
si 2
sj 2
Juniper
Junos Enterprise Switching
‘Chapter 4: Spanning Tree
POPP HPHPnHOenOR OOH OH DOODOAOAAD ®
a a i i i ee a ee i
VOODOO CCTT
ane rearpie Steg
ve
€ i 3
oe rtrreSthing € i 2 Jon Erie thing
es
Chapter Objectives €| = Agenda: Spanning Tree
= After successfully completing this chapter, you will be € 3 Spanning Tree Protocol (STP)
able to: es = Rapid Spanning Tree Protocol (RSTP)
Ce ne rte € | a "Configuring and Monitoring STP and RSTP
* Describe STP and RSTP operations = Protection Features
+ List some advantages of using RSTP over STP es ann
* Configure and monitor RSTP | eee
* Describe the BPDU, loop, and root protection features € | = + Root Protection
* Configure and monitor the BPDU, loop, and root protection ea
features |
es
els
€ 3
‘is chapter Dis e353 Spanning Ti Protos!
+ Instances when a apenning tree is required; | ‘Tie deliv Ure topos we cover in this chapter We dlacuse the highlighted topic frst.
évartage of ing FST or ST € i 3
caguon aa menoning SP an RS |.
Up st pte: snd € i 3
‘enereon ad menting 1, ep. an pct eine. ela
ee
€ 3a
es
Si 2
Shaped? » pang ae wait oe Sensing = har 3
es.
anes nares Sec
una Enters Swteing
e=
es
= Whatwill Switch-1 and Switch-2 do if they receive a es
broadcast frame or a frame destined to an unknown |
MAC address?
Test Your Knowledge
wow bdo as| EPPA coun eg a.
— a e aC ne :
sini MN O08
Both itches woud fod te rames cut all es
Eo esse |
Test Your Knowledge
This se servs a6 avew previ coerd conser. The de unas he eect
fires Youcah anna exami natn Suter | ant 2 a5 th ame
iene re ohh anew sed an pa ts
‘hapterdd + Spain Toe wo unperne
What If ...?
= What if a broadcast frame or a frame with an
unknown destination MAC address were sent into a
Layer 2 network with redundant paths?
1)
909 EF
at
bocottttena Ma
What?
‘a pravousy mented sve od braatestrames an ames fer unknown MAC adeno
Thtche mil cotmuauny fed thes
cononousy fended toon 8 Lt 2
‘mechani su eee spanning te rte (STP) We cover STP on uber sin 8
rote
sem anpernet Spanning » &
suns Erepie Stir es une Ertepie Steg,
Spanning Tree : How Does it Work?
* Spanning Tree Protocol (STP) «Steps for creating a spanning tree include:
+ Defined in the IEEE 802.1D-1998 specification 4. Switches exchange bridge protocol data units (BPDUs}
* Builds loop-free paths in redundant Layer 2 networks 2, Rootbridge is elected
+ Automatically rebuilds tree when topology changes 3, Portrole and state are determined
4
oe Treeis fully converged
‘un ste ot ee)
How Does t Work?
“i side gga te baie toa forcretingaspnnngves Nehgngn be of these tpn
'STPicetine nthe rit of Beil ad cuore Enna (IES) £0210 1998
‘spcteon ST a simple Lae 2 ptocl tht reve spe a ease he es ath
{rough a entcnesntwors that contain redundant pate STP hey weormended hay
ae 2 etna envionment here redundant pea eo mig eit heh alg coanget
sev SP utrateay eb the oe
Not hat noes verin of SP mtn pd Spening Te Peel ETP, Mule
‘Spaning Tee Pret! STP) ana LAN Speirs Pose STP) These never versions
‘St nclue rnanconana over the rna STP We cov! he RTP mn ea ier me reper,
SP son yeu o rn separa nance of spanningtoe «gue VAN whe VST alone
‘puto runoneermerespamiigueeintanesoreschVLAN MSP and eet te,
Soporte came
@
‘hapter4-6 » Spanning oe vaunpecnet
ing
i
|
!
|
|
®
RPDDDRDRTHD®
we 5)
wo
no tari Shir, une rere Sutin
BPDU—Ethernet Frame Format
[pasa] [ute] erou Fes)
Configuration BPDU Format (1 of 3)
ww
= Ethernet frame:
* Destination Address: The bridge group address
(04:80:C2:00:00:00)
* Source Address—The outgoing port of the originating switch
*Length
+ LLC Header
+ DSAP and SSAP ~ 0x42 (Bridge Spanning Tree Protocol)
"= BPDU types:
+ Configuration BPDUs
+ Usedtto build the spanning tree topology
+ Topology change notification (TCN) BPDUs
+ Repcrts topology changes
"Configuration BPDU fields:
‘* Protocol ID—O (STP)
+ Protocol Version—O {IEEE 802.1D-1998)
* BPDU Type—0 (Configuration BPDU)
+ Flags
wy
+ Topology Change Acknowledgment Flag (Bit 8)
+ Topology Change Flag (Bit 4)
* Root iD
+ A.uniquelD of the bridge that the transmitting,
bridge believes to be the root,
+ Root Path Cost
+ Local switch’s calculated cost to root bridge:
a
zr
@
wo
w
‘Configuration BPOU Format Part
“uvan an twat tured up llparcpatig ge end ct contiguson SPOW o
wo
w
‘ease or SP Tha nme io cvtara an Le header a
ome (AP of na wn etre ath ge ST ‘Srey fon ect ihe tire Gefen orn
“he fllonngit provides brit eanaon teach fhe BPOU ie:
+ Pots 0 value ney 0.
Protea! Vn Ti lu sna,
+ BPOUhpe Te ald detainee whch fe we B°OU Formats tame contains
‘enfin BPDU or TEN BPD
Fags Tis tla ved to nan charge nthe ate oplgy we Sun
o
‘BPOU Types
‘TP urs B°0U pala exchange nomadic tne tha. To pes ef FOU eit
‘amapaton BOs an pio eangentitcaton (Ton) POL Canin BDU etme
‘Yettetopiogy ofa LN STP urs tha sort tat the PDUs pase les aon.
‘dent root prs foreach itch, erat enigtad por 263 sca LAN sgt en
rata inna soan woop tee eg Tee oe
o
wo
oe
ect DT ald contain he ig) of the root rig, At conerene.
‘fntguratin BPDUs nthe ged net shoud corn te sr
(orsinge¥UAN Some nett antes beak ute to SI
ory nabrg WAC aoe.
+ ot Path as Th vie une costo al ink ecg the ot rigs
oe
[haptor4-8 + Spening Te ewig men pera Spooning Ti Chapa a
Ee
ej
ai
5
«|
a
eis
qi
a
qi
ql
a
a
a
a
a
a
Ti
a
Ge
a
ins Eerie Sting June Eneprie Sting
2
Configuration BPDU Format (2 of 3) oy Configuration BPDU Format (3 of 3)
| “a H = Configuration BPDU fields (contd.): 3 “welee—|? * Configuration BPDU fields (contd.):
* Bridge ID fie * * Message Age—age of configuration
cae + Bridge Priority The prionty of becoming the 3 message
* root bridge. the designated bridge. or both 2 mae + Time since generation of configuration BPDU
(lower is better) = + Enables bridge to discard information that
+ Bridge Address—The unique MAC address of eisai ates
a bite deal 3 + Max Age—A timeout value to remove
+ Port Priority-Used as the tlebreaker to a eging BPDU information (set by the root)
determine the designatedport.the root port. + Hello Time—interval that configuration
or both for a LAN (lower is better) = BPDUs are sent by designated ports
+ Forward Delay—The delay time before
3 transferring the state of a port to.
forwarding (set by the root)
3
configuration B°DU Format: Part 2 3 canguraton BPDU Fomat Pat's
‘allo crinueonot ne ean of FU ta henge cristo epee
+ tte (20 Miva ere egal ee ae BFL + Mg Age ed cr egy rere
Too the ome mvj aange nich fo asge dt ut 2 ‘tomtbon on neca oe
fr teoven ewes The EDs combination othe sda i's piy
Become rector ceognated be andre loge aan (anus MRO ses ee + MaxAge: Teva the mas tine tha BeDU
a Dieta agg imer ring te ops change
ins + Hao Tre: Th valu te tne betean pero contain BPEL
+ Faruad Onley. This wu ath ine a ge sande inthe teagan earning
fate lo evtucrestnare dug the tpa change rtson posers.
+ t(D Thi fd contains #unqu wae fer every por. Thi valu 2 sntinaton |
‘he eutound ports pory anc aunique ac Topeanrthe pat Toe dtu et
om i 28 ory inarfcs nan Bt Sore onc, The anche
Beats the pot umber andro canet angie ar amo gea/e/Oortne
{evolve 128513, wrarear ge/0yl conan te valve 12614
be G
‘hayer 4-10 + Spanning ioe vmungernet vonejunpernet
DRODDDDOPMDTADTHM HT HHH HHH
owe
wl
ae
rot rere Satching pos energie stoning
TCN BPDU Format
Building a Spanning Tree (1 of 3)
a
o
“Sejm |! *TCN BPDU fields
* Protocol ID—Ox0000 (STP)
ete * Protocol Version—0x00 (IEEE 802.1D-
1998)
@
= Switches exchange configuration BPDUs:
* They do not flood—instead each bridge uses information in
the received BPDUs to generate its own
* Root bridge is elected based on BPDU information:
* Criterion for election is the bridge ID
+ The election process reviews priority first_towestprioity wins
+ Ifthe priority values are the same, bridge addresses (MAC) are
compared-the lowest identitier wins
Sich Gu Br) ‘Seid bead ste
airs nly orange | cotta 00 tarot
Tortonecsebe cate | %
$F ae
swten
@
+ BPDU Type—Ox80 (TCN BPDU)
Ten BPoU
These sows the ormt one TON BFDU. TN BPDUE are wet smneunechangsin he
‘eva oplegy We sib te Uagein rave deat n shpat
‘xchange of PDUs
Shichespariiptngin atthe ntork ening STP eenange POL wit each ter. Tough
‘he autargee 6POLe neigrterg sien become arr wh es er aa te
"nornaton neonate rot bg Each age rece acm configuration BDU
Seed pon Bran utc em regerng eas Non bas Sr es
700s es hy woud oy mules Eee ame
ik
Root ridge Elaction
SrP lots te rot be
‘Scomnpuabe prety ue a aunase dee one, nhc the yen MAC ass Each
te teine he rot wie the ety vue foe swe
alle swe, Pelton he
Femaninewtahes na slaca he siten nth ne lost WAC ads ah ok dee
2
vmpnpernee Senior Sparing ee ©
DRHODDAPHMAMDTHDTT HHH HHH HH
oowe a
san resisting,
Bullding a Spanning Tree (2 of 3)
* Least-cost path calculation to root bridge determines
; port role determines port state:
on
Allportson rot bridge assume designated pertrole and fornarcingstate
Foot ports on siltches replaced inthe forwarding state: roctbrkge has no reot ports
Designated ports on designated bridges are placed the forwardingstate
il other ports are placed inthe Bickingstate
Btoerigrnrotson ih Ga nc)
D-ronrangareasoramspor
O- Bing
ort Rola and State Datermintion
‘nce terete sconces ana deve perform a laeoe sth calclton tothe
‘ote. Teena tenes dere teat snore Teh oe
‘nich ors blongngt th rot ridge aaume he desist pore fermarting sae
Each oats atures art ur while the ort oaret tthe fou bg fared on
leascont pth caleulson ote roatbigh. Een terface has ot snaisedod ata bsad 09
the contig ape antatae operating at 10 Mops osiore ot of 200000, anime
"pratt 100 ps asues cost of 200000, on itare paring at Copa seu a.
‘at f 20.00, and aniorace opeatinga 30 Gopesesumar sotto SOD8, Ft hae we
Siteae patna thorst ig, the sh get tne lm ater athe oto
‘The ot part for ean nnvaatantans paced nthe formar at,
‘Sanat designate be.
Iseatcot pat csleaton om ae
‘Seagate bag hatmulpeparte onrate to he an sepa ha ert ihe oes 1
[erstingon at UN cogent sled we degra
‘he rman stat Al port ot lest a0 ot pot
‘locking tat We bac stata, poe do ot aon
gated bridge slcton
iets LiN anger cnosan ath asia prt ie
‘Chapter 4-H8 » Spanning Tine prey
eeuvvweveuea«a
e
oe
aw
3
Jane Eerie Sutching
Building a Spanning Tree (3 of 3)
= The tree is fully converged
* All traffic between Host A to Host B flows through the root
bridge (Switch-1)
Sete ot a)
Full Tree Convergence
‘The comergnce dl can oe up
and man oe tnt 20 scone) ae sluts the coreg ay
‘STP 2th forwngaly» te madrum an teas sown an estas, a vate
[essing between Hsth and ost Bante na eat be (Sah)
inet Sparing ae » Chapar 35
aves Ect ny erty eg
==
Reco! 1
nvergence Example (1 of 2) j : Reconvergence Example (2 of 2)
* Steps: *
. 1 * Steps (contd.):
witch G fails 7. The root bridge sets the topology change flag
Sutton E's port leaves forwarding state ] and sends an updated configuration BPDU
‘Switch E sends TCNs out root port = 8. Switches B and C relay the topology
every 2 seconds Until B’s root port | change flag to downstream switches
‘ 1
receives TCN ACK (configuration BPDU) | 9. All nonroot bridges change the
Switch B sends TCN ACK a MAC address forwarding table
aging timer to equal the forwarding
delay time (default: 15 seconds)
Switch B sends TCN out root port
Switch A sends TON ACK
Reconvergence Example: Part 2
‘Th ae shows the remand fh steps inl a sa aconargence cents. Once
‘he sonet ie change he MAC dees formar tin totshoreres itera
Sarwotne pare eo sce yet te et a arts am te MAC abla
‘oupthanomaliaring posse.
Chopra * Senoing ee peat
Sparing ie » Chapter 7
2
2
=)
RRP? OH
2unee reine Sutting
Agenda: Spanning Tree
= Spanning Tree Protocol (STP)
Rapid Spanning Tree Protocol (RSTP)
* Configuring and Monitoring STP and RSTP
= Protection Features
* BPDU Protection
+ Loop P|
* Root Prot
tection
Rapid Spanning Tree Protocol
‘The side ies tre ope we cuss rot
aedaed
a
noe Eerie SwAcing
Rapid Spanning Tree Protocol (RSTP)
= RSTP was first defined in IEEE 802.1w and later
incorporated into IEEE 802.1D-2004
* Convergence improvements:
+ Point-to-point link designation
« Allows for rapid recovery from fallures because a new root port of
‘designated port can transition to forwarding without waiting for the
protocol timers to expire
«Edge port designation
* Aport that connects to a LAN with ne other bridgesattached
+ Ttis always in the forwarding state
« Direct and indirect link failure and recovery
TUNIS Sas eri ener
ISTP Defined
api penning ree Protucol (RSTP) ws ogoaly efi in the SE B02.
Fa rep EES 802102008 apeteton MTP osu a ranber
(DtP a partomrg the sare bain.
STP Convergence Improvements
st? povies ter ecmergnes tine than arg TP RST ete carn ks 3
Far sarc spars p inte tnatent tk can waa oe frm»
Fa ey procl ome tere 25 proves fext etwoT comergene WN =
reac Pan tae) deseamar te stn vanaton si covered 0 TP Th
tetra cota ean nay uh 8
haptr 4-18 Soaning Tee
NnDDDDRD ®
a ¢
a
aw wd
wow spore ‘owringTen + Cheper 4-19
une Eerie Shing
RSTP Port Roles
= RSTP introduces new port roles:
+ Alternate port
+ Providesan alternate path to the root
bridge essentially a backup roct port)
+ Blocks traffic while receiving superior
PDUs from a neighboring switch
+ Backup port:
+ Providesa redundant path to a segment
(on designated switches only)
+ Blocks traffic while a more preferred port
funetonsas the designated port —
= RSTP continues to use the root Ateneo
sean
and designated port roles
[STP invoduces New Port Roles
stPinueducs the aenate a bck atl An aerate ori ate port nathas
‘torue-generalyngherart path tone ea ecg ne event at the oat pa, the
Sterate pr aaumes roof the ot port aa i placed th fornarang sat Aart ports
scesin ne dicen ae bss soptor BPD ram aighnngsuenes arate
[orsarefoun on sntenespertpatgin a hard sgren or wen ya ot naoning
[re despa rage
nen a designate be hae muti presconeced a
a0 segment sts ae ot
‘Satay pars cone designate port le gon aucteall negation an ti placed
‘storming sate
‘ech ports ae pace inthe casarngstte. Whe the decrdngtate, bchip prs recsie
‘Super BPOUs fom te dongs port
Continued Use of Root and Designated Ports
STP cones to ue the root nd elated port las. On srs ect forth rot nro
Spenng ee ‘wiper
oo» ww
ooeouwe
@vebboo
w
aaa PPK AMT PO DTT HH HH Ho
V9HOOOEYD
nes Erterpie Suton
RST BPDU Format
pasta |: "RST BPDU fields that differ from STP:
“ae + Protocol Version—Ox02
(IEEE 802.10-2004)
+ BPDU Type—0x02 (RST BPDU)
+ Flags
+ Topology Change Acknowledgement Fag (Bit 8)
+ AgreementFiag (Bit 7)
+ Forwarding Fag (Bit 6)
+ Learning Fiag (Bit 5)
+ Port Role (Bits 3 and 4)
+ Proposal Flag (it 2)
+ Topology Change Flag (Bit 4)
* Version 4 Length—0x0000
FIORE werise erin Seay
‘Configuration BPOU Differences
‘ nbeckward compat wit ST fa device sigue fo RET eaves STP POU ret
‘Dare hapur fat? ernment ange ope of he S°0U enna named Reps Spanning ee
POU so BPO Pst Bro uae a iar format the STP conguationGFDUS RTP dees
“Ste tp of 8POUyaslang atte praca orson an BPOU Ye fe, The BPDUS aan
‘Sesame a stoun ane ce he founingie ea orompbano eas
“+ TeNAcknowadgct The lagi uted hen ahrowieng ST? To:
+ Ageament and roots The flag at sects heck wanton anew
(eign pore tte oweang ta
+ Forwarding endearing Teco gs
por
"Backup? = Root and 3+ Desinaed, ane
+ TepleyChange TP uae caniguaton BPDUs wih tht et tnt ter
toch tat tapas change
STBPOUs cinta Vr 4 Lng a esa et 030000. Tal tows fre
‘noe TP
to sone the tate fe send
‘wom ier Sparing ree» Chapter 4-23
nee rtarpie Swching
2a Ereie Siting,
Transitioning to the Forwarding State
= Original STP (802.1D-1998)
+ Takes 30 seconds before the ports start forwarding traffic
after port erablement
+ 2x forwaiding delay (listening + learning)
= RSTP (802.1D-2004):
+ Uses a propasal-and-agreement handshake on point-to-
point links instead of timers
+ Exceptions are alternate ports that immediately transition to root,
and edge ports that immediately transition to the forwarding state
+ Nonedgedesignated ports transition to the forwarding state once
they receive explicit agreement
‘STP Forwarding State Transition
Wane arn STP, a define in 802103900, a prec aka more nan 30 scan etre ®
‘ornrcs tae As prs nae, put ention tough letenngane arg ats
cesta te omens somo tn ears Sse
STP Forwarding State Transition
fos becuse t sce a proonntandegrenmant anata recran en paitioaort ins
betes of te nerbate proces used STP OnX Sau decent pos cers
‘ileiplexnace ne conmsere pont pot hag, wheres eter ar pertng a pac
trod re concave aaa LAN
oot grt a ee rts anon tthe erating sale nm hon ein
Imeeage chs etchen Ege port ae ports that have cre conection oer ans,
Baca ese conrarcoe cat rasta lope the ar saan the owarang tat wit ay
{hin 9 stn pa sons ot oa SOU om he souresing cee, tsa sees
thea ran aap pore nen e awn racenes cant|gusion essase on eswh porate
Centguredtobe on ee pot kimmectay ranges thepots antmal panning ort
Ironese ot.
Nonadgedesirted prs anton othe fawanng ta on ser recip an lit
Sgooent fom tne aed sch,
Chapter 4-24 + Spanning Tee ew hoieae
POHURDHRADAARARAAAAA ARES FT gg
pe eS
VORUHHHTHHHHHHHHOHHHH HY
Topology Change Reconvergence
= Topology changes occur only when nonedge ports
transition to the forwarding state:
«Port transitions to the discarding state no longer trigger the
STP TCN/TCN Acknowledgment sequence
* The initiator floods RSTP TCNs (RST BPDU with TCN flag set)
out of all designated ports as well as out of the root port
* Because of the received RSTP TCN. switches flush the
majority of MAC addresses in the bridge table
+ Switches do not flush MAC addresses learnedfrom edge ports
+ Switches do not flush MAC addresseslearnedion port receiving TCN
“Topology Changes
“Ynen using ate aro on ay partiting ants pr ease etopobey change to ocu
ot educate nba ftplopchngse and mpove ovr easy wn the eter
_Eeereng Tol ony ae ones Forts wanton te orarigette, ena ports
‘Say nparaicorns een Ep Opn ee rs
FIP ale proses iroromed two sity because tone not gararate 8 TN when a pat
“Tannese docodngsat, th RP Toe re not gered wen ep aornst ately
(dab scons rom the ste oplgy Soup eons, or pasaly eles om
fern ensianring
tho ractpr. sna wactona Se nelpbonngentehes ht ae nat ntepath oe neato
{Rotor bg dotnet af the tomaton tom the ont base fa the ange
[porsete hagnst env, he ees Su the ret of te HC arenes ste in
rev atouss onward To nid nthe ook Rowe, Nush WAC acess
Sena cm acy cntgue eget
gerne th nttng dln Rodel carta ort wl
‘wo nbernet Spanning Te + Chepar 4-28
ines Eerie Stating
Jane rere Sing
Indirect Link Failure
Direct Link Failure
* When an indirect link failure occurs:
* Switch-2's root port fails—it assumes it is the new root
* Switch-3 receives inferior BPDUs from Switch-2—it moves
the alternate port to the designated port role
+ Switch-2 receives superior BPDUs, knows it is not the root,
and designates the port connecting to Switch-3 as the
root port
= When a direct link failure occurs:
+ Alternate port transitions to forwarding state and assumes
root port role following the failure of the old root port
+ Switch-3 signals upstream switches to flush their MAC.
tables by sending RSTP TCNs out new root port
+ Upstream switches only flush MAC entries that they learned on
active ports that did not recelve the RSTP TCNs (except edge ports)
swten
‘sen ea re) Ser oor)
Farag: @
ekng=
atte ©
aspen
Fonecng ©
Boaing= ©
oath
Dasigeistort=
tera tar= &
DOHHHODH HHH HHH
Ss = =
Indirect tok Faire Direct Link Faire
‘The ce aaa ype sonaiin wich rc nk tre csi
ASIP pros ap eon f nk ores
nae
eases. a pel scenario fr amine
‘wo iiprnat
eee
YVHSOUUHHTHTHTHOHDHHHHHOHHDHeevee
“wn ipernes Spennsa re + Chapter 27
DDADDARRHDRD™®
afl
ino rere Shing ues repre Switching
RSTP Interoperability with STP
Agenda: Spanning Tree
= STP and RSTP interoperability considerations:
+ Ifaswitch supports only the 802.1D-1998 STP protocol, it
discards any RSTP BPDUs it receives
+Ifan RSTP-capable switch receives 802,1D-1998 BPDUs, it
reverts to 802.1D-1998 STP mode on the receiving
interface only and sends STP BPDUs
Protocol (STP)
= Rapid Spanning Tree Protocol (RSTP)
> Configuring and Monitoring STP and RSTP
= Protection Features
+ BPI
anning Tr
mt men? smien
Promearerono Proweaneren-002 Pract ersen-002
guzrcen ne) eee eoziooon ‘eee e020 200
Interoperabity Considerations
‘Shthes confer ST an STP wlntroprta whan nether Heweve ousoul eee
‘fem bale consieratons nme ¥ ath suse ay TP mt sorsnnet ons coe
Configuring and Monitoring STP and RSTP
tne sha ngs te tp we aout ne
Funning pe RTP POU. The RTP consi swtch yp veevingsTe SPOUS,
"avr to STP mee, tu alonngiterpa soy etncan te Sons
‘apt 428 » Goenning Te sorejnpernet renee Sparing ve » Chapter 4-28
A a mw
SOKRKHTKTHHHXDOHDHHOHHHHHHH HY
DDDBDDMDDODHDHHDHTHR HHH HHH HH
ne
a
une rari Sutin nes Erarie Sutin,
=
Configuring STP = Configuring RSTP
5 iso protests ete)
: beiogespesority 228)
= — ett 2 eine
2 esas tem sarcosne SIP
oy laud oes dowerom deve'sletcot att
on orate owe a)
wo
fou nntace na rns cpaetng i Face mete
Deas cs ao er races oping 1G:
‘eutnetacs mas formar operated alain ate
ow
we
fe RST contigo long wi seers ngmgnes mtnge. tet
lavas ved by aewtch anne teh eels Seine on he
€
€
€
e
€
€
<
€
|
€
€
e
€
e
€
€
|
|
!
!
!
!
!
eon inipernet| ‘wane “Sonning Tee + Chester 4-31
wo
ino erearpnee Sting ee Energie Switching
Monitoring STP and RSTP (1 of 2) Monitoring STP and RSTP (2 of 2)
Seereuitch aha
show StF bridge parameters
Shov STP intertate parseeters
mei ‘ew wate spaaaing Tree Protocol information
Lureetewitcho stow apanning-tree interface
spanning tese sntartace paransters for instance 0
interface port 1D Setignated _oesignated
ge-0/0/10.0 20:52” 1282523 32760.00196280700
Geoosiico | 128:s00
useetseiteh> show spanning-tree bridge
Steele patenctars a Rest
Cumataive coe t> ct
geovoyis.o1z6es28 (1281528
= 32768.0019e2503fe0 20000
lserGowttch> show spanning-tree statistics sntertace
loay changes a loa peers eo
fopolosy change + 42 seconds
cues
genov0/a2
ge0/0/13.0
ge0/0/18-0
ge-0/0rt5.0
ms
‘Monitoring Spanning Tee Operation: Part 4 Monitoring Spanning Tree Operation: Part 2
‘his ae ows pice ut fre show spanning-tree interface an bow
‘is sl nd tenet ovate some conn perationalinede commancs uted oman te
Tplining:erewstatiovios Interface comms
Cm)
SS
vem jnperne ‘Souringies » Chapter 4-33
‘haptor4-52 » Sonning Tee a
¥9RV9OKRHTHOKOHOOHXOKOHOHHKHHHHHHHY
amie et
a
ance ergnneSutaning
we
sues Ener Sing
oeuee
Test Your Knowledge (1 of 4)
Test Your Knowledge (2 of 4)
* Which switch will be elected the root bridge?
= What role and state will be assigned to the various
switch ports?
‘Test Your Knowledge: Part 2
“ia ge desire et our undertancingef he aus onion opt
Into orto ed state detmitn he how the eo ou ca me
accetace smmunatn sey satning ee rics herman
eertoiteh-l> show speaning-tree bridge show
(STP bridge parameters ating tree tues pas
ore Thieriace Pore 2D Designcecs ross sate role
Chaptr a4 + Spannnaiee vo jnpecnet
DAMADHAHDHHMHHHARHHHHH
weve OHHH HE GY
‘
anes rarpie Swen: a ange Energie Stn
w
Test Your Knowledge (3 of 4) Test Your Knowledge (4 of 4)
wo
Assume ge-0/0/8 on Switch-1 has failed, what role
and state will be assigned to the remaining ports?
a] = Based on the modified configurations, what role and
state will be assigned to Switch-4's ports?
13 _Egoean | ER eacne
Fowsring: ©
ease ©
fotPon=
i t ——_ cesienmtons ©
‘Test Your Knowiegge: Fart
‘is a i coslgradto test your understanding he varius cniguraionaponsand hw hey
‘ela te prasad sate detamioaon na shown nthe ftawing ops you coves te shoe
rats very spenigve inate imaton
= Test Yor Knowledge: Pat 4
mistepe iar on a thaum ne tage. Yc os shoe
2 peelitescareeriot aol
DRORRHHHHHHHAHHHHHH TH
wo
Sige, (Eas (Bae Soo me Sas ky EEE, och amc “Ete asa
sonia ane 13
wee: ae een ls
a 525 92768.001962816500 2000 WD EEG aa
els
a mw els a eee
aon Eerie Sting
Agenda: Spanning Tree
# Spanning Tree Protocol (STP)
= Rapid Spanning Tree Protocol (RSTP)
= Configuring and Monitoring STP and RSTP
Protection Features
->BPDU Protection
Protection Festures: BPOU Protection
“Tse ighigis the pie Sains vs,
oper 48 + Spanning Tine pip
nos Eerie Sw2cing
What I
2
* Given the topology below, what if User A connects a
personal (unauthorized) switch running the spanning
tree protocol to Switch-2?
‘Seen ox en) ator spanng tea Sint
- rs
‘seen? swans
mens
| EPDL= would be exchangpa.a new STPealclaton would
‘ocr andthe rote seh woul become part ofthe
[__spenningteepotentalyleacingto a network outage
rte a strianr Acne ogi nth oh ne 0 a
ing ee cleo sear Onc the
{panning te calsdaton compl ha mgue nin woud han bee
{annrgtee macsaen
org
platy uae a ar 2p oven compte Meer
sos eran sung
on EreprieSwching
BPDU Protection
= BPDU protection prevents rogue switches from
connecting to the network and causing undesired
Layer 2 topology changes and possible outages
+ If a BPDU is received on a protected interface. the interface
is disabled and transitions to the blocking state
‘Eage ports cisabiea t BDU Sete Goo ne)
Feceived on protectedinterface
‘ranting tne nto o# och sate
‘ou can congue 8° petaconon aan hn agpantin each tate nt
Tuning SP We our FOU contgraton net
Chapa 4-40 + Spaning ee wwiunpernet
eee ew
evo
oeoww
o
RVMAPRDAADAAHHHHHHHHHHHHTATAT
oe & oO w wo
Configuring BPDU Protection
* BPDU protection can be enabled on switches whether
of not the spanning tree protocol enabled:
‘Contguring BPOU Protection
‘oven contge PD pon nie tat nemigFOU Te he mato
‘rguston suai tp entrain example sued we pan
‘ral andi tte cngraton mao sneer nose suse
‘hans congue sating Fuca eaves = SOU tom he mg uh conected
10/0/00.Smch2 was treon ho gejoye tase on Secange on oe
‘arena ames
ipa Spanning hag att
= June ttre Stein
€
not ep sneer €
€
Monitoring BPDU Protection esa Agenda: Spanning Tree
a es = Spanning Tree Protocol (STP)
els ® Rapid Spanning Tree Protocol (RSTP)
* Configuring and Monitoring STP and RSTP
> Protection Features
es *BPDU Prot
es Loop Protection
* Root Pro
‘ioe GPOU vate ction
es a Tie
‘a Protection Features: Loop Protection
Ieee gages topowe aout ne
Monitoring BPOU Protection
To sete that econ woking prop onthe STPeueig ech, wee show
spenning- tree inter eace seston se armen Ta con tht he sp
Spimaney one nto rtungsT unos ana
‘There commands route te matin cht tte nde change onthe prtactietraces,
oto th BP are aon roman stendng aie the peat athe
imarace Veit whe iso meaning a tbetomes» S2DU nesratar cn Tha SPDU
svar at cages tars oon, ring tem fon ng
@
the dleable-tincoat optor
nner) Late, etarn- etching opto)
SScitoh-2f wa paachiock Saable-tinweat?
ebte-tincoue> | tleable timeout for BODU Protect (20..3600 seconde)
hte 260 retreat tte dot rit bike Yo
thernat nesting bpaucarrorcommandor na
‘Chanter 42 » Spanning Te oie som jnpecne Sparing » Chapt 643
ooo e
g
:
cat
;
Ce
“ih
sane Exepie Sting
What If...?
Given the topology below, what if BPDUs sent by
‘Switch-2 were not received by Switch-3?
ni Gee Be) ‘mon ft ee)
swien sich ach
‘Sniteh-3 waits until the maxcage timer expires then
‘ransitionsitssltemate port to the designated port
rleand the forwatdingstate thus removingthe
blocked port and causingaa Layer 2 loop
‘wat 2
‘tem pune of STF Tan ST a pow Ln 2 ep preron,ch havare
‘Bertie Sicha condo Lae 2 open rue ee Cae
(haper 4a SpaningTiee 1
a
age
ou
TRHRTHHHH HH
wo
DODDDDRDHDDHHD
unos Erepie Suen
Loop Protection
«The loop protection feature provides additional
protection against Layer 2 loops by preventing non-
designated ports from becoming designated ports
+ Enable loop protection on all non-designated ports
+ Ports that detect the loss of BPDUSs transition to the “loop
inconsistent” role which maintains the blockingstate
+ Port automaticaly transitions back lv previous or new role when it
receives BPDU ‘suey (ho 8)
{Loop Protection
‘nen ae tection is nate th pani
“rvenaes oan we ecoing On
‘hole conection ants imac soem aration ow afce oa wads
‘Sorina buco tie spanning oohing sa wen he
‘We resmrmend hat iyou enable preteen, jou eaeiton leitch traces that hav 8
‘hana cf becoming ate ripe pr Lanpotcton nt ei wren is nalec on
unos Eras Seng
Configuring Loop Protection
* Configure loop protection on non-designated ports
(root and alternate ports):
Sct rc)
‘concen wih bep ele fue
‘Configuring Loop Protection
‘The se tts the ecured angio rep preteen on Sieh. tad asta
evi eng lutte tee one bach. opin whe avalon ser,
‘a tected rte mma anatones the 1S opine) ar omein the san,
(Gls0state The biock epton ss wre hsed bg ertine othe worsanes og
rely ete aan option whch dos rate a change of he porto bt
eee gern tothe nosvayen gle Hie a semoptone wed, the
mes the desgute orton arene ke atte aren AD] a
ree he manage tine expres
fit ta anna canbe og ero precton st pele,t e th
‘Chapter 4-46 + Spanning ee ppt
POMRDROMMDAMAAH HTT TH TT 1
HRUOKDHHTHTKOHOKHHHHKEHTHTHHTHHHY
Monitor
anes Eons sen,
ring Loop Protection
Niece
cee eee
magerso)
bereowitch-3> show iog messages | mat
Vong ip Pon
terreno vargas ty
i neon
SCbsiomaicteeteamnntssen a tg
a oe
Seana eager terete ae
Spite enatecte tt atpenicctvtrceonsoet
Senn Sorbet apenas
Shem daeber ase hrmtneteanstcousonbatstnguem
seca tense epenenn
mowers
dor 27 20105127 “ewiteh-3 eawd( 40764): SWD_STR_LOOP_PROTECT.CLEARED: ge-0/0/32.0;
‘orn iipernet|
Anos eres Swiching
anes rare Swing
Agenda: Spanning Tree
= Spanning Tree Protocol (STP)
= Rapid Spanning Tree Protocol (RSTP)
* Configuring and Monitoring STF and RSTP.
Protection Features
*BPDU Pro
* Loop Protection
Root Protection
UN EG atromar
Protection Festures: Root Polson
Te oe liens tatoo we dacues no
‘bata 4-48 » Spain Tow nba
DHTHHHHDHHHHH HHH |
NnDDDDDAD
HRC HTHHHTHERHTHHHTH ELEY
fle
What If...?
* Given the topology and details below, what if a rogue
switch with a bridge priority of 4096 was connected to
the Layer 2 network?
‘sch ier re)
Presta
Aesraaion
sairh> wens
Sb
‘PDUs would be exchanged anew STP caicuabon
would occur andthe roge switch would become the
nen rootbridge potential leading a networkoutage
Watt?
Cie neta One comecadte te nar the rogue onchange S25 wi Sr?
“sven Intameaoer au aparingts ellen our Once he spaning Ue alton 6
‘Sompata,temgueentchia ne ne ot bag ote eparsingtes Maung wastorted
‘Seve becom ut oft spanning wea woe eco et bigs Pe Le 2
‘Seuihore cote regnie eopacanw anesrina newores ers: perme een
‘Sompate newer ge
ommunzerne Spanning roe Chapter 4-9
no rari Sachin on Eres Seong
Root Protection
NOH
Le E
Configuring Root Protection
* Enable root protection to avoid unwanted STP
topology changes and root bridge placement
+ Ifa superior BPDU is received on a protected interface, the
interface is disabled and transitions to the blocking state
= Enable root protection on ports that should not
receive superior BPDUs from the root bridge and
should not be elected as the root port:
Swen feccerdy) Sune.
Prensa rm
Pronty= 32% Prot = 32k Prot 52
Root Protection
Exel ot rtton on ntact that nou ot ewe apa PDUs adel ot be
sie eat por. Tee roe bor cna ort bee oer
ooking rac. is lching prove aaah ha shu ne be neo te fom ng
-lesedthe ote
Configuring Root Protection
‘hs sldeuetes anna npln cian fh agen atten Sito
ct poacon has bec enabadr spots at
Aer ee tops reeling superior 6°0U8 on th interface wth ot protect, the rete
‘turner tate, foewedy a esnng sate and ray bch rmardng se
covery ack te forint atom
a puny mentees,
fotoningouet
1 congre a rartce ahr opp
otgue, he canton wl at orm
(nazter:0) {east protocote zat)
fecdoviech if show ineertacere-0/0/6.0
Epiureinesut-aetion 1
arospute ne spanninguee oplgy
maecer:0} {ease protocete rate)
wanes ‘Spannng Vee + Chapter 452
DHDDADHDOHHHHHRHHHH H H
oo
SSO HTEHHTHHKEHHHKHEHHDY
fe
oe es ene
ex
Monitoring Root Protection e& : Summary
es "In this chapter, we:
es + Explained when a spanning tree is required
+ Described STP and RSTP operations
+ Listed some advantages of using RSTP over STP
* Configured and monitored RSTP
Reais
m
* Described the BPDU, loop, and root protection features
= Configured and monitored the BPDU, loop, and root
protection features
©
‘This Chapter Discussed:
avanti RTP over STP;
Centiguatin and matornger STP an TP,
P04, ep and rotprtstion etre nt
Confgraton and montrngot 8°, root pceron fates,
Soe yu cnet retetan anise te
70 st pon nig ou an wesw spanner neta”
ipl oe prewar verace thn eens th ae te
Smeenew ten then tareae ma tomer spans hoe
ontack ios oweng tt Reco otra
“ww ier Spanning re » Chapter 4-83
DORDDRDTDRHOD DHOOM ®
VSO HTETDTHOHOHHTHTDTWD
om
ane Eerie Sting a Espine Sling
Review Questions
Lab 3: Implementing Spanning Tree
. Whatiis the purpose of STP?
. Describe how to build a spanning tree.
. How are STP and RSTP different?
. Whatiis the purpose of the BPDU protection feature?
* Configure and monitor RSTP and protection features.
Lab 3: implementing Spanning Tee
“Testers ne apestes forthe
3
3
3
3
3
3
3
3
3
3
3
3
3
1,
I
i?
=2
1,
I,
i,
I
=>
i,
i
a
2
‘haper 464» Souming Tne vo hepa
up nt Serine»
DADRADDHHDHHDHHHHHHH AHHH ©
fii
Junos Enterprise Switching
JUNIPer
‘Chapter 5: Port Security
PnOnDnDRODDRDRORDDRDDDHDDHDDHDHAA DH
A A
vSveooKoKvUNOKDKHHOKDKOKOHOHHUUHHHWY
uns erearpeSatehing
‘Shanta 4-58 + SpennngTiee
Chapter Objectives
After successfully completing this chapter, you will be
able to:
+ List and describe various port security features.
* Configure and monitor port security features
Inepeton (an
Cantgaton and ning he rma sant fai,
€
€
€
€
€
€
€
€
ez
e=
ena
ez
(os)
es
esa
ea
&
e
e
©
a
Agenda: Port Security
MAC Limiting
= DHCP Snooping
= Dynamic ARP Inspection (DAI)
"IP Source Guard
(MAC Limiting
owe Entering,
“The atthe tain ne cvrin this chat We cat te ghaad topes
Pon Seairy + Chee S-3
ins Eerie Song
The Factory-Default Configuration
= By default, Layer 2 interfaces do not have a defined
limit on how many MAC addresses can be learned
* Once a physical connection is handed to a user, that user
can connect multiple devices to the network through a rogue
switch or even a wireless device
taka, sommes og sch or wieles coe oth nts ooning asses neat
We dacs evr pr scutes tought is chaper ht cnbat pte seurty
‘tat are inheter withthe taut eanfgusten stings Nets ate otlete
ih deve ators th tees
*yschon/ on Usual
rial pub oe
‘ops/conen/oncees sonar utter omc song
vem juniperet
KHANH MH
owe eeue
COCO
i
ai
i
aT
bi
I
Si
e:
:
e:
|
©:
el
el
el
el!
I
un reise Sitchig
Think About It
= What issues could arise from the following scenarios?
or
ea Ropewinsdorcn
————
ie
oe from the scensriog
Mmtnanaget pcb apn eno
nc reugnoat te chaps can opiate some these potas.
Por Secu + ChasterS-6
ns Erearie Sting
MAC Limiting
"Use MAC limiting to protect your network by:
+ Limiting the number of MAC addresses learned ona port.
+ Preventing MAC address spoofing by explicitly conf guring
allowed MAC addresses for a port or monitoring MAC
address movement between ports in a VLAN
warigcy to ceived oon eon cat nt of |
MAC Limiting
"Mk iting peta tort anche, ax wl ak thar trkretources, og atk at 88
Ink dteste_ Som ele of ace ate We arcane to ap eter pea
Inclie MAE foodng end MAC pong Beth WAG Faoig and WR aposingcan oe ue Rofl
‘che they acta a denaloeorce (035) stack, when nears aes, seme o ence
‘eer ates MAC ining cn be irplemerteduing tw tet ethooe
Inenrstmatnes tows yout spat hemasimun nurber of MC adresses that con be are
‘ona singe Lge: 2 ace port One teste eaches the MAC it Wl saa ne
‘Nc aosesees sujet bang ogped based ane conte eon
‘heswcond method allows yout defn alowaa MAC adseee fora pei aces port Ay MAC
‘doen tats not ning wil stb are permite teak sate
QOD ®
—
é
DOADDHRODHOHHHDHHHH OH H
une EnerieOcing,
Allowed MAC Address
= Use the allowed MAC address option to statically bind
specific MAC addresses to a particular port
MAC to Port Mapping
outs ere caen ee, | fwscasaess: Saba
~ |etancenes Sonne
| sores Brom te assooomarert
oasesosmer gone
feozomsosuss moma
ae fT
‘lowed MAC Address
Wo MACliniingmetate xt te cloned MAC acess pn andthe MAC imtapton These
lates ap deserts the slowest arene ton Wn th lowes WIC noses open #|
‘ote poms of enes ests powers acne oughta aac eter at based ane
Micoaaone tha requ rewoage oft oats He eae
‘hiranmana war neuer mov om sn port sch pore
rom unpernet Por Sesury + Cher 5-7
suns erage Sting
a
MAC Address Limit
= Use the MAC address limit option to limit the number
of MAC addresses learned through a specific port
Permitted number ef Mace
oe
seca,
| Sanne
LSaReweess, | es
|
a
“seen Spelt —eseaa ap eames BO) wean
ie
i a
apnea tas |
MAC Adress Limit
etn peta WA omar table aga oud You nl th est on
‘nial neeaces, Th MAC unt dete and vases Sependng one Needs was ach
Seuorar in ervcrens tat prey snd soo tonsa an
‘ey petits one aroun ere acre Pe coaecten mnmens sae
10/0/60 Te accommodate ares roqueren @/0/00 la coiges vit «WOE one
‘ho Astreienitn mamging pth po =
‘tga arson Wereerhe nore rca eee
Chapt 5-8 + Pon ecariy ‘ww iiper
owe
Te ae
DPHHMHMH HH OHM H
wo
DROHRODDODHD OD
A
eueweeedde
eee we
MAC Move Limit
"Use the MAC move limit option to limit the number of
times a MAC address can move to a new interface
+ Helps prevent MAC spoofing and Layer 2 loops
ientirgona prin ests [~
I a Such
po]
| aaa
MAC Move Limiting
NAC move tng used se number af es MAC a
anos Era
nn
MAC Limiting Actions
= When a MAC address or MAC move limit is exceeded,
the switch can perform one of the following actions:
ySI08
Drop offending frames
‘and generate errorlog
sw cozeeaco nan IE
.
vn B
we cozsescenee
Note: fa MAC limiting violation oecur
[MAC Umiting Actions
‘nen MA ting vlan zr, the ath pate o oh flowing stone
liter Was meve th
1: Dose nto te pact bt gnats a ystam gern
shut doum Osi he pr, lock data at, and gona & trogen
‘ntinudon re nex pg.
‘hopterS-20 » Pa Socuty vwew iipernet|
@eeuueuueuueueas
LRM VPDAMMPATT HHT HHH onan
OHHH HHHHHWY
nes Eras Swtning
MAC Limiting Actions (ont)
oe tht can config aoc withthe post -arror-dLsable daument aon dees
vesvor-aiseb tats seats Sea teow
ntganton wang
naster:t) [ede ethernet-aeieching-opt ons]
pert able |
‘rs atacny ete a Ssbady ef anda ak tveutrange 1013600
Tange Evang srerecsey oon re a oe ening er on
yacht conan arenes
ypu hve rood ont farce ora ee lt a err
‘Guitar dns ers th arse are nse eu can igs
‘Secxino sree by esongtre char eeharast -ertohingport-acror
‘Sronané We poe sn uancle st oaengita ining ser sa nt ran
os Eras Sitehig, nes Enterprising
Configuring MAC Limiting (conta)
‘Tha tolowing eae sure th unt ofthe none achn ne coe:
Configuring MAC Limiting
;
1
; —> cima
locecae a
ett selon
dre nodal arte or VAN ttre
priest T
inacsroveciinse]1 action shutaovay apron
21180,
scien cptons Poser] Jenne
(apie So12 © Pon Secury orm niparat sor nar net or Secriy » Chapter 5-13
DODDDDDHHRHHHHDH HHH HAH HH
VOOR TCHHHHHHHHHHTHHHHHHD
of
nna Feng ing os Entepriae Shing,
Monitoring MAC Limiting
Clearing MAC Limiting Violations
"Use clear ethernet-switching port-error
interface to clear MAC limiting violations:
"Use show log messages to view violations:
"Use show ethernet-switching interfaces
to view interface state details:
“oo
‘Monitoring MAC Limiting
“Thi tnt seme same ctste ued a dtemin the fects fhe WAC Inn
Srrgwoton open
Clearing MAC Limiting Viltions
stad he anchor auireeovey fom porter dale cordions, you ean
styounave not cored the anc on
Sgup dase traces many srongta clas thereat eth
‘Chapter 5-28 » Foner woanernet ‘wow unpre Pet seca + Caper 36
DHRDRAHHHHDHHDHHHHHHAHAAH YD
Gs
eve GGT KDUHTHHKTKHKHHKHKHHKHY
if
You might also like
- JNCIE-SEC-11.a - C10 - Extended ImplementationConcepts - PpsNo ratings yetJNCIE-SEC-11.a - C10 - Extended ImplementationConcepts - Pps24 pages
- Test-King JN0-102 v2018-11-17 by Marcus 259qNo ratings yetTest-King JN0-102 v2018-11-17 by Marcus 259q137 pages
- JEX - Junos Enterprise Switching - Detailed Lab Guide - 10.a PDFNo ratings yetJEX - Junos Enterprise Switching - Detailed Lab Guide - 10.a PDF78 pages
- How To Junos Pulse Secure Access Cluster Upgrade 1No ratings yetHow To Junos Pulse Secure Access Cluster Upgrade 111 pages
- Junos Troubleshooting in The NOC: DiagramsNo ratings yetJunos Troubleshooting in The NOC: Diagrams49 pages
- Introduction To The Junos Operating SystemNo ratings yetIntroduction To The Junos Operating System2 pages
- JNCIP-SP Exam Objectives (Exam - JN0-660) - Juniper Networks PDFNo ratings yetJNCIP-SP Exam Objectives (Exam - JN0-660) - Juniper Networks PDF3 pages
- Deploying Cisco Service Provider Network Routing (642-883) : Exam DescriptionNo ratings yetDeploying Cisco Service Provider Network Routing (642-883) : Exam Description2 pages
- Juniper Test-King JN0-360 v2019-02-22 by Tyler 260qNo ratings yetJuniper Test-King JN0-360 v2019-02-22 by Tyler 260q172 pages
- Exam JN0-664 Topic 1 Question 11 Discussion - ExamTopicsNo ratings yetExam JN0-664 Topic 1 Question 11 Discussion - ExamTopics1 page
- NetScreen-to-SRX Series Migration Service Sales PresentationNo ratings yetNetScreen-to-SRX Series Migration Service Sales Presentation19 pages
- CCNP Enterprise Design ENSLD 300 420 Official Cert Guide 2nd Edition Anthony Bruno & Steve Jordan Available Any FormatNo ratings yetCCNP Enterprise Design ENSLD 300 420 Official Cert Guide 2nd Edition Anthony Bruno & Steve Jordan Available Any Format142 pages
- Juniper - Pass4sure - jn0 102.v2015!05!22.by - Phillip.255qNo ratings yetJuniper - Pass4sure - jn0 102.v2015!05!22.by - Phillip.255q77 pages
- Exam JN0-664 Topic 1 Question 21 Discussion - ExamTopicsNo ratings yetExam JN0-664 Topic 1 Question 21 Discussion - ExamTopics2 pages
- B Cisco Nexus 7000 Series NX-OS Fundamentals Configuration Guide Release 6.xNo ratings yetB Cisco Nexus 7000 Series NX-OS Fundamentals Configuration Guide Release 6.x144 pages
- Juniper:Certification Paths by CredentialNo ratings yetJuniper:Certification Paths by Credential16 pages
- JUNIPER Certification Paths by CredentialNo ratings yetJUNIPER Certification Paths by Credential11 pages
- DS Cisco ASA All in One Next Generation Firewall IPS and VPN Services 3rd EditionNo ratings yetDS Cisco ASA All in One Next Generation Firewall IPS and VPN Services 3rd Edition1,248 pages
- Architecture and Design of Opt TransportNo ratings yetArchitecture and Design of Opt Transport45 pages
- Ruijie RG-WLAN Series Access Points Web-Based Configuration Guide, Release 11.1 (5) B40P2No ratings yetRuijie RG-WLAN Series Access Points Web-Based Configuration Guide, Release 11.1 (5) B40P271 pages
- Ruijie RG-WLAN Series Access Points RGOS Configuration Guide, Release 11.1 (5) B40P2No ratings yetRuijie RG-WLAN Series Access Points RGOS Configuration Guide, Release 11.1 (5) B40P21,249 pages
