Cisco CCNP Certification / BCMSN Exam Tutorial: Uplinkfast
Posted on June 17th, 2010
You remember from your CCNA studies that when a port goes through the transition from blocking to forwarding, youre looking at a 50-second delay before that port can actually begin forwarding frames.
Configuring a port with PortFast is one way to get around that, but again, you can only use it when a single host device is found off the port. What if the device connected to a port is another switch?
A switch can be connected to two other switches, giving that local switch a redundant path to the root bridge, and thats great – we always want a backup plan! However, STP will only allow one path to be available, but if the available path to the root switch goes down, there will be a 50-second delay due to the STP timers MaxAge and ForwardDelay before the currently blocked path will be available.
The delay is there to prevent switching loops, and we cant use PortFast to shorten the delay since these are switches, not host devices. What we can use is Uplinkfast.
The ports that SW3 could potentially use to reach the root switch are collectively referred to as an uplink group. The uplink group includes the ports in forwarding and blocking mode. If the forwarding port in the uplink group sees that the link has gone down, another port in the uplink group will be transitioned from blocking to forwarding immediately. Uplinkfast is pretty much PortFast for wiring closets. (Cisco recommends that Uplinkfast not be used on switches in the distribution and core layers.)
Some additional details regarding Uplinkfast:
The actual transition from blocking to forwarding mode takes about three seconds.
Uplinkfast cannot be configured on a root switch.
Uplinkfast is configured globally. You cant run Uplinkfast on some ports or on a per-VLAN basis – its all or nothing.
The original root port will become the root port again when it detects that its link to the root switch has come back up. This does not take place immediately. The switch uses the following formula to determine how long to wait before transitioning back to the forwarding state:
( 2 x FwdDelay) + 5 seconds
Uplinkfast will take immediate action to ensure that the switch upon which it is configured cannot become the root switch. First, the switch priority will be set to 49,152, which means that if all other switches are still at their default priority, theyd all have to go down before this switch can possibly become the root switch. Additionally, the STP Port Cost will be increased by 3000, making it highly unlikely that this switch will be used to reach the root switch by any downstream switches.
And you just know theres got to be at least one option with this command, right? Lets run IOS Help and see.
SW2(config)#spanning-tree uplinkfast ?
max-update-rate Rate at which station address updates are sent
When there is a direct link failure, dummy multicast frames are sent to the MAC destination 0100.0ccd.cdcd. The max-update-rate value determines how many of these frames will be sent in a 100-millisecond time period.
Mastering the details of UplinkFast, BackboneFast, BPDU Guard, and Loop Guard are vital to your success on the CCNP exams, and one or more of these features are in use on almost every network in the world. Learn these features for success in both the exam room and the real world!
Tags: CCNA, CCNP
Filed under CCNA, CCNP, Cisco Certification | No Comments »
Cisco Ccnp Certification Exam Tutorial: Knowing Radius And Tacacs+ For Your Iscw Exam
Posted on June 11th, 2010
As part οf yοur CCNP certificatiοn exam studies, particularly fοr the ISCW exam, yοu need tο be very clear οn the differences between TACACS+ and RADIUS.
As a CCNA and future CCNP, yοu’ve already cοnfigured authenticatiοn in the fοrm οf creating a lοcal database οf usernames and passwοrds fοr bοth Telnet access and PPP authenticatiοn. This is sοmetimes called a self-cοntained AAA deplοyment, since nο external server is invοlved.
It’s mοre than likely that yοu’ll be using a server cοnfigured fοr οne οf the fοllοwing security prοtοcοls:
TACACS+, a Ciscο-prοprietary, TCP-based prοtοcοl
RADIUS, an οpen-standard, UDP-based prοtοcοl οriginally develοped by the IETF
An οbviοus questiοn is “If there’s a TACACS+, what abοut TACACS?” TACACS was the οriginal versiοn οf this prοtοcοl and is rarely used tοday.
Befοre perfοrming AAA Authenticatiοn cοnfiguratiοn, there are sοme οther TACACS+ / RADIUS differences yοu shοuld be aware οf:
While TACACS+ encrypts the entire packet, RADIUS encrypts οnly the passwοrd in the initial client-server packet.
RADIUS actually cοmbines the authenticatiοn and authοrizatiοn prοcesses, making it very difficult tο run οne but nοt the οther.
TACACS+ cοnsiders Authenticatiοn, Authοrizatiοn, and Accοunting tο be separate prοcesses. This allοws anοther methοd οf authenticatiοn tο be used (Kerberοs, fοr example), while still using TACACS+ fοr authοrizatiοn and accοunting.
RADIUS dοes nοt suppοrt the Nοvell Async Services Interface (NASI) prοtοcοl, the NetBIOS Frame Prοtοcοl Cοntrοl prοtοcοl, X.25 Packet Assembler / Disassembler (PAD), οr the AppleTalk Remοte Access Prοtοcοl (ARA οr ARAP). TACACS+ suppοrts all οf these.
RADIUS implementatiοns frοm different vendοrs may nοt wοrk well tοgether, οr at all.
RADIUS can’t cοntrοl the authοrizatiοn level οf users, but TACACS+ can.
We’ll discuss the uses οf bοth οf these prοtοcοls in a future CCNP certificatiοn tutοrial! Lοοk fοr mοre CCNA, CCENT, and CCNP tutοrials right here οn this same website!
Tags: CCNA, CCNP
Filed under CCNA, CCNP | No Comments »
Cisco CCNA / CCNP Certification Exam: Cabling Your Home Lab
Posted on June 9th, 2010
More CCNA and CCNP candidates than ever before are putting together their own home labs, and there’s no better way to learn about Cisco technologies than working with the real thing. Getting the routers and switches is just part of putting together a great CCNA / CCNP home lab, though. You’ve got to get the right cables to connect the devices, and this is an important part of your education as well. After all, without the right cables, client networks are going to have a hard time working!
For your Cisco home lab, one important cable is the DTE/DCE cable. These cables have two major uses in a home lab. To practice directly connecting Cisco routers via Serial interfaces (an important CCNA skill), you’ll need to connect them with a DTE/DCE cable. Second, if you plan on having a Cisco router act as a frame relay switch in your lab, you’ll need multiple DTE/DCE cables to do so. (Visit my website’s Home Lab Help section for a sample Frame Relay switch configuration.)
If you have multiple switches in your lab, that’s great, because you’ll be able to get a lot of spanning tree protocol (STP) work in as well as creating Etherchannels. To connect your switches, you’ll need crossover cables.
You’ll need some straight-through cables as well to connect your routers to the switches.
Finally, if you’re lucky enough to have an access server as part of your lab, you’ll need an octal cable to connect your AS to the other routers and switches in your lab. The octal cable has one large connector on one end and eight numbered RJ-45 connectors on the other end. The large connector should be attached to the async port on your AS, and the numbered RJ-45 connectors will be connected to the console ports on your other routers and switches.
Choosing and connecting the right cables for your Cisco CCNA / CCNP home lab is a great learning experience, and it’s also an important part of your Cisco education. After all, all great networks and home labs all begin at Layer One of the OSI model!
Tags: CCNA, CCNP, Cisco CCNA
Filed under CCNA, CCNP | No Comments »
CCNP ROUTE Portable Command Guide
Posted on May 27th, 2010
Review & Description
CCNP ROUTE Portable Command Guide
All the ROUTE 642-902 Commands in One Compact, Portable Resource
Scott Empson
Hans Roth
Preparing for the CCNP exam? Working as a network professional? Here are all the CCNP-level commands for the Implementing Cisco IP Routing (ROUTE) exam you need in one handy resource. The CCNP ROUTE Portable Command Guide is filled with valuable, easy-to-access information and is portable enough for use whether you’re in the server room or the equipment closet.
This book helps you memorize commands and concepts as you work to pass the CCNP ROUTE exam (642-901). The guide summarizes all CCNP certification-level Cisco IOS? Software commands, keywords, command arguments, and associated prompts, providing you with tips and examples of how to apply the commands to real-world scenarios. Configuration examples throughout the book provide you with a better understanding of how these commands are used in simple network designs.
Use CCNP ROUTE Portable Command Guide as a quick, offline resource for research and solutions.
–Logical “how-to” topic groupings inside the front and back covers provide one-stop research
–Compact size makes it easy to carry with you, wherever you go
–Helps you review important commands before taking the CCNP ROUTE certification exam
–“Create Your Own Journal” appendix with blank, lined pages enables you to personalize the book for your own needs
This book is part of the Cisco Press Certification Self-Study Product Family, which offers readers a self-paced study routine for Cisco certification exams. Titles in the Cisco Press Certification Self-Study Product Family are part of a recommended learning program from Cisco Systems that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press.
Tags: 642-901, CCNP, CCNP exam, sco certification
Filed under CCNP | No Comments »
Passing Cisco’s CCNA and CCNP Exams: Traceroute
Posted on May 20th, 2010
In preparation for your CCNA and CCNP exam success, you’ve got to learn to troubleshoot Cisco routers. And while ping is a great basic IP connectivity tool, it doesn’t give you all the information you need to diagnose network connectivity issues.
Let’s say you have six routers between CityA and CityB. You send a ping from A to B, and get this return:
R1#ping 172.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.1.1.1, timeout is 2 seconds:
…..
Success rate is 0 percent (0/5)
The five periods indicate that there is no IP connectivity to CityB. Problem is, that’s about all ping tells you. You can have 5 or 50 routers between the two points, so how can you tell which downstream router has the problem?
That’s where traceroute comes in. Traceroute sends three datagrams with a Time To Live (TTL) of 1. Those datagrams will timeout once they hit the first router in the path, and that router will respond with an ICMP Time Exceeded message.
In response, the sending router sends three more datagrams, but these have a TTL of 2. This means that the next router in line will send back ICMP Time Exceeded messages. This process continues until the final destination (CItyB) is reached the output of the command shows us the path the data took:
Router1#traceroute 271.1.1.1
Type escape sequence to abort.
Tracing the route to 271.1.1.1
1 20.1.1.1 4 msec 4 msec 4 msec
2 30.1.1.1 20 msec 16 msec 16 msec
3 271.1.1.1 16 msec * 16 msec
How does this help troubleshoot a problem? Let’s say that the second router in this path, 30.1.1.1, doesn’t know how to get to 271.1.1.1. The output would look like this:
Router1#traceroute 271.1.1.1
Type escape sequence to abort.
Tracing the route to 271.1.1.1
1 20.1.1.1 4 msec 4 msec 4 msec
2 30.1.1.1 20 msec 16 msec 16 msec
3 * * *
This indicates that the router at 30.1.1.1 doesn’t know how to get to the final destination. Now you have a better idea of which router has an issue!
Now here’s the bad part: you’re going to get 30 lines of three asterisks, and until you abort this traceroute, you’re going to just watch those asterisks go across the screen. There’s an abort sequence that the router mentions in the first line of the console output, but the router doesn’t tell you what it is! So I will – this top-secret sequence is TWICE, one right after the other.
That keystroke takes a little getting used to, but a CCNA or CCNP can do it! Add this command to your Cisco skill set, and it will serve you well both on the CCNA and CCNP exams and your real-world networks. And you’ll impress your friends by knowing how to stop a traceroute!
Tags: CCNA, CCNP
Filed under Cisco Certification | No Comments »
Is Your Knowledge of SY0-201 Correct
Posted on May 13th, 2010
In the recent years, the IT certification examination has attracted the more attention. Some people say: “The more IT certification you have, the more competitive you are.” Those who hold this view is not a minority. Does it really as these people thought, that each IT certification has the high value? It is not true. Having participated in CompTIA SY0-201, or having got CompTIA Security+ certification can not wipe away all the obstacles in the workplace for you Does it mean that the 220-702 exam or the CompTIA Security+ certification is worthless? Also, this view is incorrect. Attending CompTIA examinations must have some understanding and knowledge about IT field and this obviously has value.
Then, what is the right understanding of IT certification examination? It is to take the exam and acquire the certification with a correct state. Take CompTIA Security+ examination for example, the correct understanding is: CompTIA Security+ is still a primary certification and it does not represent the highest level of technique. CompTIA Security+ is the basis of CompTIA, and the fundamental certification to do the Internet business. And it is basically impossible to come true if you simply hope that after aquirement of CompTIA Security+ certificate, you will get a great promotion on both material and work basis. If you are only restricted to VCP-410, then it will not be so valuable. However, you can access to the network word of you pass the SY0-201, and you may have big breakthrough in the future for stepping into the IT industry. From this point of view, there is no doubt that CompTIA CompTIA Security+ is valuable. In fact, “taking exams to acquire certification” is not the aim. To improve your ability and acquire stronger strength and self-confidence so as to be a hot technologist and win an ideal career development is the most important thing.
Certification is not the end, you have to update your knowledge and skill day by day for succeeding in the competition. Only like this, the IT certificate in your hands can bright into play of its utmost value.
Other Popular Exam
Pass4sure 642-631 : SECURITY+ CERTIFICATION EXAMPass4sure 642-359 : 642-359 HardCopyPass4sure BR0-001 : CompTIA Bridge Exam – Security+Pass4sure 642-436 : CompTIA Security+ (2008 Edition) ExamPass4sure CCNP : CCNP HardCopyPass4sure BR0-002 : CompTIA Network + Bridge Exam
Tags: 220-702, 642-359, 642-436, 642-631, CCNP, CompTIA, CompTIA Security+, VCP-410
Filed under CompTIA Certification | No Comments »