CCIE Routing & Switching知识点速览指南

需积分: 10 56 浏览量更新于2024-07-24 收藏 1.19MB PDF 举报

"本资源是一份由Krzysztof Załęski（CCIE #24081）编撰的CCIE Routing and Switching（RS）快速复习手册，适合备考CCIE的朋友们使用。这份文档并非官方发布，而是作者根据个人学习经验，以思维导图的形式，主要依据Cisco IOS 12.4的相关文档整理而成。它的目标是帮助考生快速准备CCIE笔试和实验室考试，而不是全面的学习参考。文档特点在于提供简洁明了的要点，旨在通过易于理解的方式梳理复杂的网络技术和概念。由于版权问题，该文档是免费的，但禁止任何形式的销售，并且明确指出它并未得到Cisco Systems, Inc.的赞助、认可或关联。提到的所有术语，包括Cisco、CCIE、CCVP等，都是Cisco公司的商标或注册商标，在美国和其他国家受到法律保护。尽管文档不能替代完整的备考资料，但对于考生来说，它可能是一个有效的补充学习材料，能够帮助他们在有限的时间内抓住关键知识点，提升考试效率。如果你正在寻找一种高效的学习策略，或者想要在备考过程中节省时间，这份快速复习Kit可能会成为你的有力工具。最后，如果你有任何疑问或需要进一步的解释，可以通过邮件cshyshtof@gmail.com与作者联系，获取更新版本或其他支持。"

Page 10 of 57

By Krzysztof Zaleski, CCIE #24081. This Booklet is available for free and can be freely distributed in a form as is. Selling is prohibited.

EATURES

(G) spanning-tree mode mst

LL SWITCHES WITHIN A REGION MUST HAVE IDENTICAL CONFIGURATION

(

DIFFERENT CONFIGURATION MEANS DIFFERENT REGION

)

IST (MSTI 0)

NTERNAL

PANNING

REE

VLAN-

INSTANCE MAPPING IS NOT PROPAGATED WITH

BPDU. O

NLY DIGEST WITH REGION NAME AND REVISION NUMBER IS SENT

MSTI – M

ULTIPLE

PANNING

REE

NSTANCES

(

ONE

OR MORE

) - RSTP

INSTANCES WITHIN A REGION

. RSTP

IS ENABLED AUTOMATICALLY BY DEFAULT

RSTP

INSTANCE THAT EXTENDS

CST

INSIDE REGION

EPRESENTS

MST

REGION AS

CST

VIRTUAL BRIDGE TO OUTSIDE

MST R

EGION REPLICATES

IST BPDU

S WITHIN EACH

VLAN

TO SIMULATE

PVST+

NEIGHBOR

spanning-tree mst configuration

name <name>

revision <number>

instance <id> vlan <range>

show pending

P TO

16 MST

INSTANCES

(

NO LIMIT FOR

VLAN

) –

THERE IS ALWAYS ONE INSTANCE

: 0

HE ONLY INSTANCE THAT SENDS AND RECEIVES

BPDU

. A

LL OF THE OTHER

STP

INSTANCE

INFORMATION IS CONTAINED IN

M-

RECORDS

WHICH ARE ENCAPSULATED WITHIN

MSTP BPDU

HEN THE

IST

CONVERGES

THE ROOT OF THE

IST

BECOMES THE

CIST

REGIONAL ROOT

CIST – (

COMMON AND INTERNAL SPANNING TREE

)

COLLECTION OF THE

IST

S IN EACH

MST

REGION

AND THE COMMON SPANNING TREE

(CST)

THAT INTERCONNECTS THE

MST

REGIONS AND SINGLE SPANNING TREES

MST

802.1S

NSTANCES

ONFIGURATION

STP

PARAMETERS RELATED TO

BPDU

TRANSMISSION

(

HELLO TIME

ETC

)

ARE CONFIGURED ONLY ON THE

CST

INSTANCE

BUT AFFECT ALL

MST

INSTANCES

. H

OWEVER

EACH

MSTI

CAN HAVE OWN TOPOLOGY

(

ROOT BRIDGE

PORT COSTS

)

IST

AND

MST

INSTANCES DO NOT USE THE MESSAGE

AGE AND MAXIMUM

AGE INFORMATION IN THE CONFIGURATION

BPDU

COMPUTE THE

STP

TOPOLOGY

. I

NSTEAD

THEY USE THE PATH COST TO THE ROOT AND A HOP

COUNT MECHANISM

(

DEFAULT HOPS

20)

spanning-tree mst <instance-id> root {primary | secondary}

spanning-tree mst <other STP parameters, timers>

spanning-tree mst max-hops <count>

Y DEFAULT

ALL

VLAN

S ARE ASSIGNED TO THE

IST.

DGE PORTS ARE DESIGNATED BY

spanning-tree portfast

ACH SWITCH DECREMENTS HOP

COUNT BY

1. I

F SWITCH RECEIVES

BPDU

WITH HOP

COUNT

= 0,

THEN IT DECLARES ITSELF AS A ROOT OF NEW

IST

INSTANCE

VLAN

S MAPPED TO SINGLE

MSTI

MUST HAVE THE SAME TOPOLOGY

(

ALLOWED

VLAN

S ON TRUNKS

)

Final IST topology

MST region 1 MST region 3

MST region 2

FE FE

SW1 SW2

SW3

SW7

SW6

SW4 SW5

SW8

SW9

SW10

MSTIs

IST

MSTIs

IST

MSTIs

IST

802.1d802.1d

802.1d

CIST regional root CIST regional root

CIST regional root

and CST root

IST topology is hidden

to other regions

ACH REGION SELECTS OWN

CIST

REGIONAL ROOT

. I

T MUST BE A BOUNDARY SWITCH WITH LOWEST

CIST

EXTERNAL PATH COST

XTERNAL

BPDU

S ARE TUNNELED

(CIST

METRICS ARE PASSED UNCHANGED

)

ACROSS THE REGION AND PROCESSED ONLY BY BOUNDARY SWITCHES

HEN SWITCH DETECTS

BPDU

FROM DIFFERENT REGION IT MARKS THE PORT ON WHICH IT WAS RECEIVED AS BOUNDARY PORT

OUNDARY PORTS EXCHANGE

CIST

INFORMATION ONLY

. IST

TOPOLOGY IS HIDDEN BETWEEN REGIONS

WITCH WITH LOWEST

BID

AMONG ALL BOUNDARY SWITCHES IN ALL REGIONS IS ELECTED AS

CST

ROOT

. I

T IS ALSO A

CIST

REGIONAL ROOT WITHIN OWN REGION

Page 11 of 57

By Krzysztof Zaleski, CCIE #24081. This Booklet is available for free and can be freely distributed in a form as is. Selling is prohibited.

ORTFAST

PLINKFAST

ACKBONEFAST

MMEDIATELY SWITCHES OVER TO FORWARDING STATE

. A

VOID

TCN

GENERATION FOR END HOSTS

BPDU

GUARD SHOULD BE ENABLED ON THAT PORT

(IF) spanning-tree portfast

(G) spanning-tree uplinkfast [max-update-rate <rate>]

rate

THEN NO MULTICAST FLOODING TAKES PLACE

(150

DEFAULT

)

SED ON ACCESS SWITCH WITH MULTIPLE UPLINKS TO CORE

RIORITY IS AUTOMATICALY SET TO

49152

SO THE SWITCH WILL NOT BECOME

ROOT

. P

ORT COST IS SET TO

3000

SO IT WILL NOT TRANSIT ANY TRAFFIC

RACKS ALTERNATE ROOT PORT

(

SECOND BEST PATH

)

TO IMMEDIATELY SWITCH OVER

URING SWITCHOVER TO NEW

RP,

FOR EACH CONNECTED

MAC

IT MULTICASTS FRAME WITH

EACH

MAC

FORCING OTHER SWITCHES TO UPDATE

CAM. O

THER

MAC

S ARE CLEARED

(G) spanning-tree backbonefast

NDIRECT LINK FAILURE DETECTION

RECOVERY WITHIN

SEC

LL SWITCHES WITHIN A DOMAIN MUST BE CONFIGURED

F FIRST

ELLO IS MISSED SWITCH SENDS

OOT

INK

UETY

(RLQ)

OUT THE PORT

WHERE

ELLO WAS EXPECTED

. I

F NEIGHBOR SWITCH LOST PREVIOUS ROOT TOO

(

ROOTS

ARE COMPARED FOR THE SWITCH AND THE NEIGHBOR

IT INFORMES THAT SWITCH AND

CONVERGENCE

(STP)

OCCURS WITHOUT WAITING FOR

AXAGE TIMEOUT

(20

SEC

)

(G) spanning-tree portfast default

CONVERGENCE

BPDU

GUARD

OOT GUARD

OOP GUARD

BPDU

FILTER

UDLD

FIBER AND COPPER

(

COPPER USES

INK

ULSES

SO NOT SO SUSCEPTIBLE

)

ORMAL MODE DOES NOTHING EXCEPT SYSLOG

GGRESIVE MODE ATTEMPTS TO RECONNECT ONCE A SECOND

TIMES BEFORE ERR

DISABLING

SES

PROBES EVERY

SEC TO MAC

01:00:0C:CC:CC:CC. M

UST BE

ACK

ED BY REMOTE END

F CONFIGURED FOR THE FIRST TIME IT IS NOT ENABLED UNTILL FIRST

ELLO IS HEARD

(IF) udld enable

F NO

BPDU

S ARE RECEIVED ON A BLOCKED PORT FOR A SPECIFIC LENGTH OF

TIME

OOP

UARD PUTS THAT PORT

(

PER

VLAN)

INTO LOOP

INCONSISTENT

BLOCKING STATE

RATHER THAN TRANSITIONING TO FORWARDING STATE

(IF) spanning-tree guard loop

ENDS LOCAL PORT

AND REMOTE

(

SEEN

)

PORT

ID. R

EMOTE END COMPARES WITH OWN STATE

AN BE ENABLED ON NON

DESIGNATED PORTS ONLY

UTOMATIC RECOVERY IF

BPDU

IS RECEIVED

ANNOT BE CONFIGURED ON BACKUP PORTS WHEN UPLINKFAST IS CONFIGURED

(IF) spanning-tree guard root

AN BE ENABLED ON DESIGNATED PORTS ONLY

. O

PPOSITE TO LOOP GUARD

(IF) spanning-tree bpdufilter enable

IT DOES NOT SEND ANY

BPDU

S AND DROPS ALL

BPDU

S IT RECEIVES

ERR

DISABLE PORTFAST PORT UPON RECEIVING

BPDU

(IF) spanning-tree bpduguard enable

(G) spanning-tree portfast bpduguard default

(G) spanning-tree portfast bpdufilter default

PORTFAST PORT SWITCHES TO NON

PORTFAST UPON RECEIVING

BPDU

THERCHANNEL

GUARD

(G) spanning-tree etherchannel guard misconfig

MISCONFIGURATION CAN OCCUR IF THE SWITCH INTERFACES ARE CONFIGURED

IN AN

THER

HANNEL

BUT THE INTERFACES ON THE OTHER DEVICE ARE NOT

. I

ETHERCHANNEL IS NOT DETECTED ALL BUNDLING PORTS GO INTO ERR

DISABLE

PPLIES TO ALL THE

VLAN

S TO WHICH THE INTERFACE BELONGS

(G) spanning-tree loopguard default

(G) udld {aggressive | enable}

FFECTS FIBER CONNECTIONS ONLY

PORT

PROTECTION

(IF) udld port aggressive – F

OR FIBER AND

UTP

LINKS

PORTCHANNEL

(G) port-channel load-balance {src-mac | dst-mac}

XOR

ON RIGHTMOST BITS OF

MAC

(IF) channel-group <1-64> mode {passive | active}

OAD BALANCING

ISCO

IEEE 802.3

LACP

ISCO

802.1

EHAVIOUR

ON ON

O DYNAMIC NEGOTIATION

. F

ORCED

OFF OFF

ORT

HANNEL DISABLED

AUTO PASSIVE

AIT FOR OTHER SIDE TO INITIATE

DESIRABLE ACTIVE

NITIATE NEGOTIATION

WITCH WITH LOWEST SYSTEM PRIORITY MAKES DECISIONS ABOUT WHICH

PORTS PARTICIPATE IN BUNDLING

(

SWITCH USED PORT

PRIORITIES

)

PORTS CAN BE SELECTED

BUT ONLY MAX

IS USED

EST IS IN STANDBY

(LACP

PORT

PRIORITY AND

ORT

DECIDE WHICH ARE STANDBY

;

LOWER IS BETTER

)

N SILENT MODE ETHERCHANNEL CAN BE BUILT EVEN IF

PACKETS ARE NOT RECEIVED

HE SILENT SETTING IS FOR CONNECTIONS TO FILE SERVERS OR PACKET ANALYZERS

(IF) channel-protocol lacp

P TO EIGHT COMPATIBLY CONFIGURED

THERNET INTERFACES

(IF) channel-protocol pagp

GNORES SUPERIOR

ELLOS RECEIVED ON A USER PORT

(

ROOT

INCONSISTENT

)

(G) udld message time <sec> -

FREQUENCY OF PROBES

(IF) pagp port-priority <#>

HE PHYSICAL PORT WITH THE HIGHEST PRIORITY

(

DEFAULT IS

128)

THAT IS OPERATIONAL AND

HAS MEMBERSHIP IN THE SAME

THER

HANNEL IS THE ONE SELECTED FOR

TRANSMISSION

(G) pagp learn-method {aggregation-port | physical-port}

(IF) lacp port-priority <#> (

DEFAULT

32768,

LOWER BETTER

)

(G) lacp system-priority <#> (

LOWER BETTER

)

show lacp sys-id

(IF) channel-group <1-64> mode {auto | desirable} [non-silent]

Root

SW2 SW3

R R

SW1

SW2 SW3

Root

30 seconds

switch over

UPPORTED ON

PVST+,

RAPID

-PVSTP+

MST

Page 12 of 57

By Krzysztof Zaleski, CCIE #24081. This Booklet is available for free and can be freely distributed in a form as is. Selling is prohibited.

BRIDGING

RANSPARENT

IRB

NTEGRATED ROUTING AND BRIDGING MAKES IT POSSIBLE TO ROUTE A SPECIFIC PROTOCOL BETWEEN

ROUTED INTERFACES AND BRIDGE GROUPS

OR ROUTE A SPECIFIC PROTOCOL BETWEEN BRIDGE GROUPS

HE BRIDGE

GROUP VIRTUAL INTERFACE IS A NORMAL ROUTED INTERFACE THAT DOES NOT SUPPORT

BRIDGING

BUT DOES REPRESENT ITS CORRESPONDING BRIDGE GROUP TO THE ROUTED INTERFACE

ACKETS COMING FROM A ROUTED INTERFACE

BUT DESTINED FOR A HOST IN A BRIDGED

DOMAIN

ARE ROUTED TO

BVI

AND FORWARDED TO THE CORRESPONDING BRIDGED INTERFACE

LL ROUTABLE TRAFFIC RECEIVED ON A BRIDGED INTERFACE IS ROUTED

TO OTHER ROUTED INTERFACES AS IF IT IS COMING DIRECTLY FROM

BVI.

OMPLIES WITH THE

IEEE 802.1D

STANDARD

bridge <bridge-group> protocol ieee

(IF) bridge-group <bridge-group>

CRB

OUTE A GIVEN PROTOCOL AMONG ONE GROUP OF INTERFACES AND CONCURRENTLY

BRIDGE THAT PROTOCOL AMONG A SEPARATE GROUP OF INTERFACES

ROTOCOL MAY BE EITHER ROUTED OR BRIDGED ON A GIVEN INTERFACE

BUT NOT BOTH

bridge crb

HEN

CRB

IS ENABLED

YOU MUST CONFIGURE EXPLICIT

BRIDGE ROUTE COMMAND FOR ANY PROTOCOL THAT IS TO BE

ROUTED ON THE INTERFACES IN A BRIDGE GROUP

bridge irb

interface bvi <bridge-group>

bridge <bridge-group> route <protocol>

bridge <bridge-group> bridge <protocol>

bridge <bridge-group> address <mac-address> {forward | discard} [<intf>]

SPAN

RSPAN

RANSMIT

) SPAN –

CATCH FRAMES AFTER ALL MODIFICATION AND PROCESSING IS PERFORMED BY THE SWITCH

. I

N THE

CASE OF OUTPUT

ACL

IF THE

SPAN

SOURCE DROPS THE PACKET

THE

SPAN

DESTINATION WOULD ALSO DROP THE PACKET

ECEIVE

) SPAN –

CATCH FRAMES BEFORE ANY MODIFICATION OR PROCESSING IS PERFORMED BY THE SWITCH

. D

ESTINATION

PORT STILL RECEIVES A COPY OF THE PACKET EVEN IF THE ACTUAL INCOMING PACKET IS DROPPED BY

ACL

QOS

DROP

HE REFLECTOR PORT

3550

ONLY

)

LOOPS BACK UNTAGGED TRAFFIC TO THE SWITCH

. I

T IS INVISIBLE TO ALL

VLAN

HE TRAFFIC IS THEN PLACED ON THE

RSPAN VLAN

AND FLOODED TO ANY TRUNK PORTS THAT CARRY THE

RSPAN VLAN

OU CANNOT USE

RSPAN

TO MONITOR

AYER

PROTOCOLS

(CDP, VTP, STP)

monitor session 1 source interface fastethernet0/1 [rx | tx | both]

monitor session 1 destination interface fastethernet0/8

monitor session 1 source vlan 5 rx

vlan <id>

remote-span (

ON SOURCE SWITCH ONLY

REMOTE SWITCH WILL LEARN THIS INFORMATION

)

OU MUST CREATE THE

RSPAN VLAN

IN ALL SWITCHES THAT WILL PARTICIPATE IN

RSPAN (VTP

CAN BE USED

)

SW1: monitor session 1 destination remote vlan 901 reflector-port fastethernet0/1

SW2: monitor session 1 source remote vlan 901

SW2: monitor session 1 destination interface fastethernet0/5

OU CAN MONITOR INCOMING TRAFFIC ON A SERIES OR RANGE OF PORTS AND

VLAN

OU CANNOT MONITOR OUTGOING TRAFFIC ON MULTIPLE PORTS

. O

NLY

2 SPAN

SESSIONS PER SWITCH

monitor session <#> filter vlan <vlan-ids> (L

IMIT THE

SPAN

SOURCE TRAFFIC TO SPECIFIED

VLAN

)

O ACCESS PORT MUST BE CONFIGURED IN THE

RSPAN VLAN. I

T CANNOT BE

1002-1005

SW1: monitor session 1 source interface fastethernet0/1 [rx | tx | both]

SW1: monitor session 1 source vlan 5 rx

MACRO

(IF) macro apply USER_PORT $vlanID 10

macro name USER_PORT

switchport mode access

switchport access vlan $vlanID

spanning-tree portfast

ANGE

define interface-range <name> <intf range>

interface range macro <name>

MARTPORT

FTER APPLYING MACRO TO INTERFACE OR TO GLOBAL

CONFIG

, macro description <name>

WILL BE ADDED

OMMON

ROTOCOL

YPES

802.1

8100

ARP 0

0806

RARP 0

8035

IP 0

0800

6 0

86DD

PPP

E 0

8863/0

8864

MPLS 0

8847/0

8848

IS-IS 0

8000

LACP 0

8809

802.1

888E

THERNET STARNDARDS

IEEE 802.2 LLC

IEEE 802.3

FE 100M

BPS

IEEE 802.3

GE 1000M

BPS

PTICAL

IEEE 802.3

GE 1000M

BPS

OPPER

IEEE 802.3

10GE

bridge protocol A

route protocol A

bridge and route

protocol A

BVI

bridge <bridge-group> route <protocol>

EATURES

MAC

NOTIFICATION

(G) snmp-server enable traps mac-notification

mac address-table notification change [history-size <#>] [interval <sec>]

Y DEFAULT TRAPS ARE SENT EVERY

SEC

. H

ISTORY SIZE IS

(IF) snmp trap mac-notification {added | removed}

LEX

INK

LEX

INKS ARE A PAIR OF A

AYER

INTERFACES WHERE ONE INTERFACE IS CONFIGURED TO ACT AS

A BACKUP TO THE OTHER

. U

SERS CAN DISABLE

STP

AND STILL RETAIN BASIC LINK REDUNDANCY

REEMPTION CAN BE ENABLED SO TRAFFIC GOES BACK TO PRIMARY LINK AFTER IT COMES BACK UP

MAC

ADDRESS

TABLE MOVE UPDATE FEATURE ALLOWS THE SWITCH TO PROVIDE RAPID BIDIRECTIONAL

CONVERGENCE WHEN A PRIMARY LINK GOES DOWN AND THE STANDBY LINK BEGINS FORWARDING TRAFFIC

BACKUP LINK DOES NOT HAVE TO BE THE SAME TYPE

STP

IS AUTOMATICALY DISABLED ON

LEX

INK PORTS

(IF) switchport backup interface <intf>

(IF) switchport backup interface <intf> preemption mode [forced | bandwidth | off]

FORCED

–

ACTIVE ALWAYS PREEMPTS

;

BANDWIDTH

INTF WITH HIGHER

ALWAYS ACTS AS ACTIVE

(IF) switchport backup interface <intf> preemption delay <sec> (

DEFAULT

SEC

)

(IF) switchport backup interface <intf> mmu primary vlan <vlan-id>

F NOT DEFINED

THE LOWEST

VLAN

IS USED FOR

MAC-

ADDRESS MOVE UPDATES

(G) mac address-table move update transmit

NABLE THE ACCESS SWITCH TO SEND

MAC

ADDRESS

TABLE MOVE UPDATES TO OTHER SWITCHES

(G) mac address-table move update receive

NABLE THE SWITCH TO GET AND PROCESS THE

MAC

ADDRESS

TABLE MOVE UPDATES

ALLBACK

BRIDGING

ITH FALLBACK BRIDGING

THE SWITCH BRIDGES TOGETHER TWO OR MORE

VLAN

S OR

ROUTED PORTS

ESSENTIALLY CONNECTING MULTIPLE

VLAN

S WITHIN ONE BRIDGE DOMAIN

ALLBACK BRIDGING DOES NOT ALLOW SPANNING TREES FROM

VLAN

S TO COLLAPSE

. E

ACH

VLAN

HAS OWN

SPT

INSTANCE

AND A SEPARATE

SPT,

CALLED

VLAN-

BRIDGE

SPT,

WHICH RUNS ON TOP OF THE BRIDGE GROUP TO PREVENT LOOPS

bridge <bridge-group> protocol vlan-bridge

(IF) bridge-group <bridge-group>

Y DEFAULT

SWITCH FORWARDS ANY FRAMES IT HAS DYNAMICALLY LEARNED

. B

THE SWITCH ONLY FORWARD FRAMES

WHOSE

MAC

ADDRESSES ARE STATICALLY CONFIGURED

(

STATIC

MAC

FOR BRIDGE

NOT FOR MAC

ADDRESS

TABLE

!!!).

(G) mac address-table notification change

1) no bridge <group> acquire

2) bridge <group> address <mac> {forward | discard} [<interface>]

剩余56页未读，继续阅读

obabySong

粉丝: 0
资源: 2

CCIE Routing & Switching知识点速览指南

计算机组成原理知识点整理-2014.pdf

奥迪RS6汽车使用手册用户操作说明书pdf电子版下载.pdf

(完整word版)计算机网络知识点整理要点.doc

高二地理地理信息技术在区域发展中的应用知识点整理.pdf

SDAU RS遥感英语单词整理

ccie_rs笔记

省级重点高中整理精品独家高考地理必背知识点.pdf

J2EE全部要学知识整理

rs考研专业课复习资料

RS1571故障排除指南.pdf

最新资源