Help
Options
Question
What two decisions does a Cisco switch?
click to flip
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't know
Question
What are the steps a L2 switch use to build a MAC address table?
Remaining cards (119)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
switching #3
| Question | Answer |
|---|---|
| What two decisions does a Cisco switch? | 1) To forward, flood, filter a frame. 2) How to process the frame |
| What are the steps a L2 switch use to build a MAC address table? | 1) examine the source MAC address of incoming frame. 2) If not in mac-address table, an entry is place their containing MAC address and port number of the originating host. |
| Why build VLANs? | Used to segment the network. |
| What is the primary purpose of a network repeater? | Repeat an electrical signal on the physical medium (it’s all 1s and 0s). |
| What is attenuation of a signal? | The gradual weakening of an electrical signal as it travels (ex: radio signal). |
| At what OSI layer does a repeater and/or hub operate? | They are strictly OSI layer 1 (The OSI physical layer) devices. |
| What is a network hub? | A multiport repeater. |
| What are the two issues with hub? | 1)Only one device (PC) can send data at a time (collision domain). 2) |
| What is used to prevent collisions when hosts are on a shared Ethernet segment? | Carrier Sensing Multiple Access with Collision Detection (CSMA/CD). |
| What are the step CSMA/CD uses to prevent shared Ethernet segment from having data collisions? | 1) A host will listen to the wire. 2) If media is in use, host backs off and tried again later. 3) If media not in use, host sends data. |
| What is the issue with the CSMA/CD process? | When two PC send data at the exact same time, collision occurs, voltage on wire changes destroying the data. |
| How is the issue of "two PC sending data at the same time" on a shared Ethernet segment resolved? | PC will send a "jam signal" which tells the other hosts that they shouldn't send data due to a collision. |
| What kind of topology does a shared Ethernet segment create? | One large collision domain (everyone shares the bandwidth) and one large broadcast domain (everyone get a transmitted segment). |
| What functionality does a bridge" introduce into a shared Ethernet segment? | The creation of multiple collision domains (still one broadcast domain). Results in fewer collisions. |
| What devices "segment" (creates a logical partition/divisions) a LAN into smaller collision domains? | Bridges, switches and routers (it also segments broadcast domains). |
| In the old days, what was the difference between bridges and switches? | Marketing (well not quite but basically it's true). |
| What is the advantage of a switch over a bridge? | The ability to place each individual host into its own "un-shared" collision domain (dedicated switch port, collisions cannot occur). |
| When using a switch with full duplex NIC card, how much is the theoretical bandwidth avaliable? | 100Mbps upstream + 100 Mbps downstream = 200 Mbps. |
| What is one function Cisco switches do not do by default? | Breakup broadcast domains. |
| How many collision domains exits when you use a hub? | One big collision domains consisting of all connected hosts. |
| When a host is connected to their own switchport, how many collision domains exist? | Each host connected to their own swith port has their own individual collision domain. |
| How many devices are allowed to transmit when connected to a hub? | One device is allowed to tranmit at a time resulting in shared bandwidth.Switches allow hosts to transmit simultaneously. |
| When one host connected to a sends a broadcast, how many devices receive it? | All devices conecgted to the hub receive the broadcast... By default, a hub creates one broadcast domain. |
| By default, when one host connected to a switch sends a broadcast, how many devices receive it? | All hosts receive it unless it some host are configured in a seperate VLAN. |
| What is the term "microsegmentation"? | Used in Cisco documentation to describe the "one host, one collision domain" effect because you have the host connected to its own switch port. |
| What are the 3 things a Cisco switch will do with an incoming frame? | Forward it, Flood it, or Filter it. |
| What does a Cisco switch consult when deciding what to do with an incomming frame? | They consult the MAC address table to check if there's an entry for the destination address - but first it will check to see if there is an entry for the source MAC address. |
| In a Cisco switch, what is usd to construct the MAC address table? | The source address of the frame is used to construct the table. |
| What is the IOS command to list the MAC address table in a CISCO L2 switch? | show mac-address-table dynamic (dynamic entries only). |
| What happens to a frame when Cisco switch has no entry for the destination MAC address in its MAC address table? | It will "Flood" the frame to all ports on the switch "except" the port that the frame arrived on. |
| What is a "unknown" unicast frame? | Occurs when the switch doesn't have an entry for a destiantion host so the frame is flooded, when it is really only destine for a single host. |
| When will a Cisco switch "filter" a L2 frame? | When the source and destination MAC address are assigned to the same port. (remember the HUB example). |
| When will a Cisco switch send out a frame on the same port it came in on? | Never, the switch will "never" send a frame back out on the same port the frame came in on. |
| When does a switch flood a frame? | When the switch has no entry for the frame's destination MAC address. |
| WHat always occurs with a Unknown unicast frame? | It is always flooded to all ports. |
| When does a switch forward a frame? | WHen the switch has an entry for the frame's destination MAC address. |
| What type of L2 frame is sent out to every port on the switch (except the one it came in on)? | A broadcast frame. |
| What is the MAC broadcast address? | FF-FF-FF-FF-FF-FF |
| What occurs with dynamically discovered MAC address in a switches MAC address table? | By default, the age out of the table after 300 seconds (5 minutes). |
| What is the IOS command to set a MAC address tables aging parameter? | mac-address-table aging-time 300 (seconds) |
| What will occur if a source MAC address moves to a different switch port? | Switch will age out old entry in MAC address table and create a new entry for the source MAC at the new port location. |
| Once a switch decides to forward, filter, or flood a frame, what descision must it make? | Whether to process the frame via "Store-and-forward, cut-through", or "fragment-free". |
| In a Cisco switch, what occurs in Store-and-forward"? | The entire frame is first stored and then forwarded. |
| What is a frame FCS (Frame-Check-Sum)? | Allows the receiver of a frame to determine if the frame was corrupted during transmission (Highest level of Error-detection). Can perform error-detection before forwarding. |
| What occurs when a switch decides to "Cut-through" a frame? | Switch only reads the MAC addresses before forwarding process begin - no error detection. Very fast but also forwards corrupted frames. |
| What occurs when a switch decides to use "Fragment-free" to process a frame? | The first 64 bytes of a frame is checked for damage before forwarding. |
| What can occur when broadcast segments are sent on the network? | Broadcasts can cause other broadcasts to occur - it the cummlative effect which is bad not the broadcast itself. |
| What is a broadcast storm? | The continual generation of new broadcast messages. |
| What are the two results a broadcast storm on the network? | Overwhelm a switches memory and CPU, and it will use up all the bandwidth. |
| How do you limit broadcasts? | Through the creation of smaller broadcast domains (use VLANs). Segment the network. |
| Where are IP addresses used? | The network layer (Layer 3) of the OSI model (routing layer). |
| What is the switch command to view the vlans? | show vlan brief (VLAN 1 is the default). |
| What are the commands to place a switchport (24) into its own VLAN? | (port level) interface fast 0/24, switchport access vlan 24, switchport mode access (makes it an access port, not a trunk port). |
| Advantage to creating a VLAN? | Segment network to limit broadcast? |
| What is vital to remember when attempting to send pings/data segment between VLANs? | By default, no traffic can be sent from one VLAN to another without the intervention of a Layer 3 device (ex: Router). |
| What is a Cisco switching model? | Way to describe roles within a Cisco switching network. |
| What are the "Cisco three layer switching model" layers? | Core (connect multiple building), Distribution (interconnect the access layer switches), Access (connect end users to network) |
| What is a switching loop? | Forms When a segment is transmitted and ends up being switched back and forth between the same switches and never gets to its final destination. |
| What does Cisco switches use to prevent switching loops? | By default, Cisco switches use Spanning Tree Protocol (STP) to prevent switching loops. |
| How does Spanning Tree Protocol operate? | It determines a loop-free path (Best path) for frames, and ports that are not on that path will be placed into blocking mode. |
| What is one of the criteria STP uses for determining the "Best path"? | The speed of the links. |
| What are three undesirable defaults setting for unused switch ports in a Cisco switches when it comes to security? | Cisco switches are "open" by default (routers are closed), Actively attempting to trunk, all ports are in VLAN1 (everybody knows that). |
| What is the switch input command to view status of a port? | show int fast 0/4 (for switch port ) |
| What are the interconnections between switches refered to? | Trunks |
| What switch input command prevents a port from trunking? | switchport mode access |
| What is the switch command to shutdown a unused port? | shutdown |
| How does switch port security work? | If the incoming source MAC address connection to a port is considered secure, the user will be able to access the network. |
| What occurs in switch port security if the incoming source MAC address is considered "unsecure"? | One of three options: protect, restrict, violation options. |
| What switch input command enables "port security"? | switchport port-security (@interface level). |
| What must you do to a port to enable switch port security? | Must make it an access port. Prevent it from trunking using the "switchport mode access" (@interface level). |
| What does the "aging" option on port security provide? | How long to age the MAC address. |
| What does the "mac-address" option provide for port security? | The number of secure MAC addresses. |
| What does the "maximum" option provide for port security? | Maximum number of secure MAC addresses (default is 1). |
| What does the "violation" option provide for port security? | Specifies what should occur if a non-secure MAC address is received on the port. |
| What are the three option provided by port security when a non-secure MAC address attempts to access a secure port | protect, restrict, violation. |
| What is the default mode for port security voilation? | shutdown - shuts down the port, logs the error, drops the voilating frame.Port must be manually re-opened. |
| What actions are taken if the port security mode is set to "restrict"? | Drops the violating frame, logs error, but doesn't close the port. |
| What actions are taken if the port security mode is set to "protect"? | Violating frame is dropped. |
| What are the series of input commands required to shutdown a port if a non-secure frame is received on port 0/3 | int fast 0/3, switchport mode acces (make it an access port, switchport port-security (enable port security option), switchport port-security mac-address xxxx.yyyy.zzzz |
| What occurs if the "sticky port security" option is active on a switch port? | The first source MAC address learned on the port will be the secure address (good if you don't know the host MAC address). |
| What is the input command to set the "sticky port" option on a switch port? | switchport port-security mac-address sticky |
| What is the command to verify port security on a port? | show port-security int fast 0/3 |
| What in the switch input command to re-open a port? | no shutdown |
| What is the input comamnd to verify the status of a switch port? | show int fast 0/3 |
| Hubs provide what kind of collision domain? | One big collision domain. Hub do nothing to breakup collision domains. |
| How many devices can transmit at one time when using a hub? | Only one device can transmit at any one time. They all share the same bandwidth. |
| How many devices can transmit at the same time when connected to a L2 switch? | Switches allow hosts to transmit simultaneously. |
| When a host is connected to a switch, who else will receive the frame? | All other hosts will receive the frame but this can be modified by the use of a VLAN. |
| What is an Unknown unicast frame? | A frame that is destin for a single host but the switch doesn't know where that host is yet, so it will flood the frame to everyone (except the port that frame came in on). |
| What is the first step a cisco switch takes when it receives a frame (very important)? | It first checks the source MAC address to see if it is on the MAC addres table. If no, it places it in the table sit it knows which port the source host is on. |
| If a Cisco switch know where (by learning) the destination port is located (what port), then it won't have to _______ the frame. | Flood. |
| What is the one rule about switching that always is true? | Switches never send a frame back out the same port it came on. |
| When does a Cisco switch Flood a frame? | when it has no entry for the frames's destination MAC address. Sent out on every port execept the one it came in on. |
| WHen does a Cisco switch Forward a frame? | When the switch does have an entry for the frames's destination MAC address. Forwarding a frame means the frames is being sent out only one one port on the switch. |
| When does a Cisco switch Filter a frame? | When the switch does have and entry for both the source and destination MAC address, and the MAC table table indicates that both addersses are found of fthe same port. |
| On a Cisco switch, what is a Broadcast frame? | THey are intended for all hosts and the MAC broadcast address is all F's (FF-FF-FF-FF-FF-FF) |
| Dynamically created MAC address table entries age out over time. What is the default time interval?for this aging? | 300 seconds (5 minutes) |
| What are other names for a switches MAC address table? | CAM (Content Addressable Menmory) table, bridge table, switching table, MAC table. |
| What is the advantage of dynamically learned MAC addersses? | The switch will dynamically adapt teh MAC address table when there is a change in the network. |
| Anothe desision the switch must make is what processing method will be used to handle the frame. What are the 3 methods? | Store-and-forward (default, FCS is checked before forwaring, best error detection of the three), cut-through (FCS not checked before forwarding), fragment-free (look on the first 64 types of incoming frame) |
| What is a broadcast storm? | The continual generation and re-generation of new broadcasts. It can overwhelm a switch's menory and CPU capabilities. |
| What is teh basic switch command to see the vlans? | "show vlan brief" |
| What are the commands to place a switch port into a vlan? | conf t, interface fastEthernet 0/23, switchport mode access, switchport access vlan 24 |
| How much traffic (ping) can be sent from on VLAN to another without the intervention of a Layer 3 device (router)? | None..... |
| What is a switching loop? | Can be caused by having redundency (good thing) in the switching network. Forms when a frame is transmitted and ends up being sent back-and-forth between the same switches never reaching its destination. |
| What does Cisco switches use to prevent switching loops? | Spanning tree protocol (STP) - (enabled by default)- It determines a loop-free path (best path)for frames, and ports that are not on that path will be placed into blocking mode? |
| What is one of the criteria STP uses when determining its "best path"? | Speed of the links. |
| What is an often over-looked security feature on switches? | Using unused VLANS as a port security feature. |
| What are some un-desirable port defaults on many Cisco swithes? | 1) There open (by default), actively attemtping to trunk, and all ports are in VLAN1 (eveybody knows that). |
| What aer three things to do to increase switch security? | Closed unused ports (shutdown), prevent ports from trunking with the switchport mode access, place the port into an unused VLAN. |
| What is Cisco "port security" | Port security on a "port level" basis. |
| How is a port on a Cisco switch stopped from trunking to another switch? | Set the switch port mode to "access" (switchport mode access). |
| What is the command to enable port security on a Cisco switch? | switchport port-security |
| What are the option associated with port security? | aging , mac-address (specify secure mac addresses, maximum (specify how many secure MAC addresses there will be - default = 1), violation - specify what show happen if a non-secure source MAC address is received on the port). |
| When a port security is enables with a violation setting of "protect", what will occur of a security violation occurs? | Drops the frames (that's it) |
| When a port security is enabled with a violation setting of "restrict", what will occur of a security violation occurs? | drop violating frames and transmit a message to log indicating an issue, port is not shutdown. |
| When a port security is enabled with a violation setting of "shutdown", what will occur of a security violation occurs? | shuts the port down, drops the frames, sends a message to log indicating the action taken. |
| What will occur if a port is configured with "sticky port security" | the first source MAC address learned on the port will be the secure address (unless "maximum option" is changed. |
| What does it mean with a port is disabled with "err-disabled" next to the protocol message? | Means that an error of some kind has shut that port down. |
| Can a switch port set to trunking mode have port security enabled? | No, only "access" switch ports can have port security enabled. |
Created by:
lu_man_99