Configure switch-to-switch connectivity for the VLAN based solution

Scenario:

New users are being adding to the 45^th floor of ACME Inc. corporate office. There are only (2) ports left on the existing switch. Your network manager tells you to take a 24 port switch (F45Access2) that you have in stock and interconnect it to the existing access switch (F45Access1). Here are the requirements for the install:

1.       F45Access2 must be able to receive updated VLAN information when new VLANs are added to F45Access1

2.       Use the (2) available ports (fa0/23 and fa0/24) on F45Access1 and create a single, logical trunk link to F45Access2

3.       Make sure that only VLANs 10-20 are allowed to traverse the link

4.       VLAN 10 is not assigned to any users and will be designated as the Native VLAN

Implement

To propagate VLANs automatically from F45Access1 to F45Access2, we’ll need to set up VTP:

Configure F45Access1 as the VTP server:

Use VTP version 2 and set the domain name to ACMEinc:

Verify the VTP configuration:

Configure the etherchannel ports:

Only allow VLANs 10-20 to traverse the trunk:

On F45Access2, configure as VTP client. **Note prior to completing the following steps, make sure that the switch trunks are disconnected. This will prevent the VLAN database on F45Access1 from being overwritten.

Configure the etherchannel ports:

Only allow VLANs 10-20 to traverse the trunk:

Now compare the VTP revision number on both switches. In this case F45Access1 has a lower configuration revision number. If we were to connect the switches to each other, F45Access2 would overwrite F45Access1 vlan database:

All we have to do is add/delete a VLAN a few times to bump the configuration revision on F45Access1:

Now connect the trunk links and you should see syslog output like this:

Verify the trunk link. We can see that the trunk link is up and only allowing vlans 10-20:

Verify the etherchannel. We can see that the correct ports are in the etherchannel bundle:

Verify VTP. From the “show vlan” output, we can see that the vlan database from F45Access1 has propagated over to F45Access2 – both databases are identical.

Determine network resources needed for implementing a VLAN based solution on a network

642-813 Exam topic numero uno here we go!

Topic Notes 

• Identify the number of users accessing the network
•  Identify applications that will run over the network (VoIP, IM, email)
•  For said applications, figure out the type of traffic pattern. Traffic will flow directly between users for IM and VoIP (except for call signaling). Traffic will flow from client to data center server for email
• Uplinks should be able to handle all users communicating at the same time
• Uplink sizing:
•  Uplinks connecting the Access layer to Distribution should have an over-subscription ratio of no more than 20 to 1
•    Uplinks connecting Distribution layer to Core should have an over-subscription ratio of no more than 4 to 1

Let’s put it to use

Using the guidelines/notes from above, let’s apply it to a real-world scenario.

Scenario:

ACME Inc. is building a branch office to support its outstanding sales growth. The business unit decides that 250 employees will be staffed at the new site. Each employee will be given a laptop with a standard image with an email and IM client.  Each user will also have a VoIP phone.

It is determined through traffic studies/packet captures (Wireshark) that each user will use up to 500Mbps during peak business hours.

The user population will be split between (2) Access layer switches, the layer 3 boundary will reside on (2) redundant distribution layer switches. Finally, the Distribution layer switches will interconnect to (2) redundant Core layer switches via routed link.

Each of the (2) port channels between the Access and Distro layer switches should have a minimum of (2) physical 1Gbps ports (4Gbps total). This requirement is calculated with 500Mbps (application requirement) X 125 users = 62.5 Gbps / 20 (over subscription ratio for Access to Distro interconnects) =3.125 Gbps.

Each of the Distribution switches must be able to support the load of both access switches (in the event that one of the distribution switches fails). (2) port channels interconnect Distro to Core. (2) 10Gbps links per port channel are needed. This is calculated by 500Mbps x 250 users = 125Gbps / 4 (over subscription ratio for Distro to Core interconnects) = 31.25 Gbps.



 



642-813 SWITCH exam topics

I think it makes sense to put all of our cards on the table and list all of the topics covered in the exam. A post covering each ambiguous Cisco topic should do the trick - does that sound good to y'all?

Implement VLAN based solution, given a network design and a set of requirements
- Determine network resources needed for implementing a VLAN based solution on a network
- Create a VLAN based implementation plan
- Create a VLAN based verification plan
- Configure switch-to-switch connectivity for the VLAN based solution
- Configure loop prevention for the VLAN based solution
- Configure Access Ports for the VLAN based solution
- Verify the VLAN based solution was implemented properly using show and debug commands
- Document results of VLAN implementation and verification


Implement a Security Extension of a Layer 2 solution, given a network design and a set of requirements
- Determine network resources needed for implementing a Security solution
- Create a implementation plan for the Security solution
- Create a verification plan for the Security solution
- Configure port security features
- Configure general switch security features
- Configure private VLANs Configure VACL and PACL
- Verify the Security based solution was implemented properly using show and debug commands
- Document results of Security implementation and verification

Implement Switch based Layer 3 services, given a network design and a set of requirements
- Determine network resources needed for implementing a Switch based Layer 3 solution
- Create an implementation plan for the Switch based Layer 3 solution
- Create a verification plan for the Switch based Layer 3 solution
- Configure routing interfaces Configure Layer 3 Security
- Verify the Switch based Layer 3 solution was implemented properly using show and debug commands
- Document results of Switch based Layer 3 implementation and verification

Prepare infrastructure to support advanced services
- Implement a Wireless Extension of a Layer 2 solution
- Implement a VoIP support solution
- Implement video support solution

Implement High Availability, given a network design and a set of requirements
-Determine network resources needed for implementing High Availability on a network
- Create a High Availability implementation plan
- Create a High Availability verification plan
- Implement first hop redundancy protocols
- Implement switch supervisor redundancy
- Verify High Availability solution was implemented properly using show and debug commands
- Document results of High Availability implementation and verification

Let's get this party started!

"I love deadlines. I like the whooshing sound they make as they fly by." - Douglas Adams

 

The best way I know how to accomplish something is to make a list of to-do's with dates and hold myself to them. I expect to be heckled if I fail to meet my objectives!

Goal #1: Take the CCNP 642-813 SWITCH exam and pass by 2/16/2010
https://learningnetwork.cisco.com/community/certifications/ccnp/switch?tab=overview

Goal #2: Take the CCNP 642-902 ROUTE exam and pass by 3/16/2010
https://learningnetwork.cisco.com/community/certifications/ccnp/route?tab=overview

Goal #3: Take the CCNP 642-832 TSHOOT exam and pass by 4/16/2010
https://learningnetwork.cisco.com/community/certifications/ccnp/tshoot?tab=overview

Following the OSI model, I feel like the order of the tests is a logical progression. I think the timeline is more than sufficient but we'll see!

Welcome to Gateway of Last Resort!

About Me
Hello, my name is Matt Corrigan, I've been in IT for the past 6 years. I really found my calling when I landed a Jr. Network Engineering position 3 years ago. There's a saying that goes something like, "If you love what you do, you'll never work a day in your life" - well, this is it for me! I really enjoy the challenge and am absolutely amazed at the breadth of opportunities that this industry provides (general routing/switching, firewalls, wireless, data center networking, virtualization, etc.). When I'm not "networking" I enjoy spending time with my baby girl and beautiful wife, hunting, fishing, and working on my truck.

Purpose of This Site
After procrastinating and finally getting my CCNA and JNCIA certifications, I decided that it was time to "turn up the heat" and really start knocking out some certs. I want to chronicle my journey on the road to CCNP and beyond (JNCIS, CCSA maybe?) and hopefully contribute something of value to my peers and anyone else looking for free educational resources. Some sites that have inspired me to create this blog are as follows:

http://aconaway.com/
http://blog.alwaysthenetwork.com/
http://etherealmind.com/
http://packetlife.net/