Cloud & Networking
Reader small image

You're reading from  Implementing and Administering Cisco Solutions: 200-301 CCNA Exam Guide

Product typeBook
Published inNov 2020
PublisherPackt
ISBN-139781800208094
Edition1st Edition
Tools
Cisco UCS
Concepts
Network Security
Right arrow
Author (1)
Glen D. Singh
Glen D. Singh
author image
Glen D. Singh

Glen D. Singh is a cybersecurity author, educator and SecOps professional. His areas of expertise are cybersecurity operations, offensive security tactics and techniques, and enterprise networking. He holds a Master of Science (MSc) in cybersecurity and many industry certifications from top awarding bodies such as EC-Council, Cisco, and Check Point. Glen loves teaching and mentoring others while sharing his wealth of knowledge and experience as an author. He has written many books, which focus on vulnerability discovery and exploitation, threat detection, intrusion analysis, incident response, network security, and enterprise networking. As an aspiring game changer, Glen is passionate about increasing cybersecurity awareness in his homeland, Trinidad and Tobago.
Read more about Glen D. Singh

Right arrow

Chapter 5: Implementing VLANs, Layer 2 Discovery Protocols, and EtherChannels

As you're building your network, you will be learning a lot about configurations and techniques to ensure you have an optimally performing network. However, let's not forget about the actual engineering aspect of computer networking. There are many technologies at all layers of the OSI reference model, and a TCP/IP protocol suite that helps us to create an efficient network.

Throughout this chapter, you will learn about the importance of segmenting a flat physical network into smaller broadcast domains to improve both network security and the efficiency of network performance, using a layer 2 technology known as Virtual Local Area Network (VLAN). You will also learn about the various types of VLANs and useable ranges within an organization, and how to implement and establish end-to-end connectivity between devices and different VLANs on a network.

Additionally, you'll discover how to...

Technical requirements

To follow along with the exercises in this chapter, please ensure that you have met the following hardware and software requirement:

The code files for this chapter are available at https://github.com/PacktPublishing/Implementing-and-Administering-Cisco-Solutions/tree/master/Chapter%2005.

Check out the following video to see the Code in Action:https://bit.ly/33WlzIG

Understanding VLANs

In a small LAN operating at optimal performance, there are typically a few devices exchanging messages simultaneously. As an organization grows to support more business services, so does a network to support more connected users and network applications. Physically, expanding a network seems simple, but we also need to consider the logical traffic flow and its capacity between devices. For us humans, we don't see the actual traffic flowing across a network without using tools such as Wireshark.

Important note

Wireshark is a network protocol analyzer that has the ability to display the raw details within a packet.

Let's imagine that within an organization, there are hundreds of devices all connected to the same physical network. If one device sends a broadcast (shouts on the network), all other connected devices will receive and process each broadcast message. What if a lot more devices are generating broadcast messages simultaneously? The high...

Layer 2 Discovery Protocols

In this section, we will discuss two popular layer 2 protocols that help us as networking professionals to map a network topology without seeing a network diagram. At the end of this topic, you'll be able to determine the roles, local interfaces, model numbers, and even IP addresses of directly connected neighbor devices while having a clear idea of the actual network topology.

The following exercises are executed in our existing VLAN topology lab.

Cisco Discovery Protocol (CDP)

CDP is a Cisco proprietary protocol that operates at layer 2, the data link layer. CDP is used to assist Cisco devices to learn about their directly connected neighbors, such as other switches and routers. CDP is enabled by default on Cisco switches and routers.

Important note

Devices exchange advertisements (messages) using a multicast address, 01:00:0C:CC:CC:CC.

A CDP message contains the following:

  • The IOS version
  • The device model and type
    • ...

Understanding and configuring EtherChannels

Let's imagine you are connecting two switches using their GigabitEthernet interfaces; your objective is to combine the bandwidth of the two physical interfaces to get a total of 2 GB/s between the switches. Making the physical connections between both switches does not simply combine the bandwidth automatically. The following diagram shows a visual representation of the connection:

Figure 5.28 – Two switches connected together

Why is one link blocked between the switches? By default, Cisco switches have a layer 2 loop prevention protocol known as Spanning-Tree Protocol (STP). Therefore, physically interconnecting switches, as shown in the previous diagram, will cause STP to automatically block one of the interfaces.

This is where EtherChannels come in to save us once more. An EtherChannel allows us to combine multiple physical ports on a switch to create a single logical interface. Therefore, the...

Summary

In this chapter, you have learned the importance of segmenting a network using VLANs to improve both network performance and security. You also now have the hands-on experience to create and assign VLANs, configure both access and trunk ports, and perform inter-VLAN routing on a Cisco network. You have gained the skills needed to implement and perform network discovery using the LLDP layer 2 protocol. Lastly, you have gained the knowledge and hands-on experience of merging physical interfaces into a single logical interface known as an EtherChannel.

I hope this chapter has been informative and helps you in your journey toward implementing and administrating Cisco solutions and preparing for the CCNA 200-301 certification. In the next chapter, Chapter 6, Understanding and Configuring Spanning-Tree, you will learn how to segment your network to improve performance and security and implement link aggregation technologies and discovery protocols.

Questions

The following is a short list of review questions to reinforce your learning and help you identify the areas you need to revisit:

  1. Which VLANs are not usable on a Cisco IOS switch?

    A. 945

    B. 1002

    C. 1001

    D. 1

  2. When creating VLANs, where does the switch store the VLANs?

    A. running-config

    B. startup-config

    C. vlan.bin

    D. vlan.dat

  3. Which mode allows a switch interface to carry multiple VLANs?

    A. Access

    B. Up

    C. Trunk

    D. Administratively up

  4. Which standard defines tagged traffic?

    A. IEEE 802.1Q

    B. IEEE 802.3ab

    C. IEEE 802.1X

    D. IEEE 802.11

  5. Which command disables DTP on an interface?

    A. switchport trunk encapulation dot1q

    B. switchport nonegotiate

    C. switchport access no vlan

    D. switchport no dtp

  6. Which port states will create a trunk?

    A. Switch A – Dynamic Auto and Switch B – Dynamic Auto

    B. Switch A – Dynamic Auto and Switch B – Dynamic Desirable

    C. Switch A – Dynamic Auto and Switch B – Access

    D. Switch A – Access and Switch...

lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 8 of 26
Next Chapter
You have been reading a chapter from
Implementing and Administering Cisco Solutions: 200-301 CCNA Exam Guide
Published in: Nov 2020Publisher: PacktISBN-13: 9781800208094
© 2020 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Author (1)

author image
Glen D. Singh

Glen D. Singh is a cybersecurity author, educator and SecOps professional. His areas of expertise are cybersecurity operations, offensive security tactics and techniques, and enterprise networking. He holds a Master of Science (MSc) in cybersecurity and many industry certifications from top awarding bodies such as EC-Council, Cisco, and Check Point. Glen loves teaching and mentoring others while sharing his wealth of knowledge and experience as an author. He has written many books, which focus on vulnerability discovery and exploitation, threat detection, intrusion analysis, incident response, network security, and enterprise networking. As an aspiring game changer, Glen is passionate about increasing cybersecurity awareness in his homeland, Trinidad and Tobago.
Read more about Glen D. Singh

Other recommended products

Related to this chapter

CCENT/CCNA: ICND1 100-105 Certification Guide

CCENT/CCNA: ICND1 100-105 Certification Guide

CCENT is the entry-level certification for those looking to venture into the networking world. This book is designed to help you prepare for the ICND Part 1 (100 – 105) exam, thus obtaining the CCENT certification. Apart from learning computer network essentials, you will be able to enhance your networking skills by learning switching and routing, troubleshooting, security, and more

BookApr 2018362 pages
Cisco Certified CyberOps Associate 200-201 Certification Guide

Cisco Certified CyberOps Associate 200-201 Certification Guide

The Cisco Certified CyberOps Associate 200-201 certification exam helps you gain the skills and knowledge needed to prevent, detect, analyze, and respond to cybersecurity incidents. This book offers complete up-to-date coverage of the 200-201 exam so you can confidently pass first time while getting hands-on cybersecurity experience.

BookJun 2021660 pages
CCNA Security 210-260 Certification Guide

CCNA Security 210-260 Certification Guide

With a CCNA Security certification, you can demonstrate the skills required to develop a security infrastructure, recognize threats to networks, and mitigate security threats. Geared towards Cisco Security, the practical aspects of this book will help you clear the CCNA Security Exam (210-260) by increasing your knowledge of Network Security.

BookJun 2018518 pages
CCNA Routing and Switching 200-125 Certification Guide

CCNA Routing and Switching 200-125 Certification Guide

Cisco Certified Network Associate (CCNA) Routing and Switching is one of the most important certificates in order to stay up-to-date with networking skills. This Certification Guide covers everything you need to know in order to pass the CCNA Routing and Switching 200-125.

BookOct 2018504 pages
CompTIA Network+ Certification Guide

CompTIA Network+ Certification Guide

CompTIA Network+ Certification Guide makes the most complex Network+ concepts easy to understand despite having no prior knowledge. It offers exam tips in every chapter along with access to practical exercises and exam checklist that map to the exam objectives and it is the perfect study guide to help you pass CompTIA Network+ exam.

BookDec 2018422 pages
Implementing Cisco Networking Solutions

Implementing Cisco Networking Solutions

Most enterprises use Cisco networking equipment to design and implement their networks. However, some networks outperform networks in other enterprises in terms of performance and meeting new business demands, because they were designed for the present while keeping the future in mind. This book talks about how to design and implement enterprise networks for small to mid-size organizations efficiently and effectively, so that the network design can accommodate newer demands from the users in a seamless manner, ranging from adding more branches/ users to adding new services, and evaluating and implementing new technologies to optimize costs, or enhance the user experience.

BookSep 2017436 pages5
Networking Fundamentals

Networking Fundamentals

Networks are a collection of computers, servers, mobile devices or other computing devices connected with a view to sharing data. This book will help you get well-versed with the basic concepts of networking and will help you to pass Microsoft's MTA Networking Fundamentals Exam 98-366

BookDec 2019510 pages
Learn Kali Linux 2019

Learn Kali Linux 2019

The current trend of various hacking and security breaches displays how important it has become to pentest your environment, to ensure end point protection. This book will take you through the latest version of Kali Linux to efficiently deal with various crucial security aspects such as confidentiality, integrity, access control and authentication.

BookNov 2019550 pages
MCSA Windows Server 2016 Certification Guide: Exam 70-741

MCSA Windows Server 2016 Certification Guide: Exam 70-741

This practical certification guide covers the most important exam objectives in exam 70-741. Additionally, this certification guide will come in handy when preparing to take exam 70-743.

BookApr 2019182 pages
Advanced Infrastructure Penetration Testing

Advanced Infrastructure Penetration Testing

This book is a hands-on experience and a comprehensive understanding of advanced penetration testing techniques and vulnerability assessment and management. It takes you far beyond common techniques to compromising complex network devices , modern operating systems and help you secure high security environments.

BookFeb 2018396 pages
Cisco ACI Cookbook

Cisco ACI Cookbook

Cisco ACI cookbook is a step by step guide that simplifies the complex Cisco Application Centric Infrastructure for you. Using the practical recipes in this book you can efficiently develop and adapt hybrid environments for your organisation. This book provides an all-round idea of Cisco ACI and will enable you to develop skills using which you can automate IT tasks efficiently.

BookMay 2017424 pages
Practical Network Automation

Practical Network Automation

Network automation is the process of automating the management and functionality of computer networks. Numerous tools, methodologies, and technologies are used to automate a network; this book covers all these functionalities.

BookNov 2017266 pages

Personalised recommendations for you

Based on your interests and search pattern

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions

Designing and Implementing Microsoft Azure Networking Solutions Exam Ref AZ-700 is an all-encompassing guide to the AZ-700 exam and contains all the information you need to succeed in the world of virtual networking with Azure. With this book, you will be fully prepared for the exam and the world of cloud networking.

BookAug 2023524 pages
Microsoft 365 Security, Compliance, and Identity Administration

Microsoft 365 Security, Compliance, and Identity Administration

The Microsoft 365 Security, Compliance, and Identity Administration is a comprehensive guide that helps you employ Microsoft 365's robust suite of features and empowers you to optimize your administrative tasks.

BookAug 2023630 pages
Zero Trust Overview and Playbook Introduction

Zero Trust Overview and Playbook Introduction

Get started on Zero Trust with this step-by-step playbook and learn everything you need to know for a successful Zero Trust journey with tailored guidance for every role, covering strategy, operations, architecture, implementation, and measuring success. This book will become an indispensable reference for everyone in your organization.

BookOct 2023240 pages
The Self-Taught Cloud Computing Engineer

The Self-Taught Cloud Computing Engineer

This self-study book helps you master multiple clouds, including AWS, Azure, and GCP, and serves as a roadmap to becoming a certified cloud computing expert. The book will guide you to develop a professional cloud career by helping you build a broad cloud knowledge base, developing hands-on cloud computing skills, and getting cloud certified.

BookSep 2023472 pages
Technology Operating Models for Cloud and Edge

Technology Operating Models for Cloud and Edge

This book will help you build and create ownership of a technology operating model, as well as connect your leadership with engineering and operations, keeping your internal and external customers in mind. It provides practical tips on why, where, and how to make the cloud and edge platform paradigm sing for you, your team, and your organization.

BookAug 2023228 pages
Azure Architecture Explained

Azure Architecture Explained

Azure is the preferred platform to build mission-critical and secure apps. This book provides comprehensive coverage of essential Azure products, services, and solutions vital for every solution architect's success. Elevate your knowledge and master the critical components of Azure to excel in your role with Azure Architecture Explained.

BookSep 2023446 pages
Pentesting Active Directory and Windows-based Infrastructure

Pentesting Active Directory and Windows-based Infrastructure

This practical guide helps you explore the pentesting of Microsoft infrastructure in detail, and enhances your offensive skillset by showing you the different ways to perform security assessment. This book will help blue teamers and IT engineers get up to speed with possible security issues they may encounter in their Windows environments.

BookNov 2023360 pages
Practical Ansible

Practical Ansible

In Practical Ansible, you'll work with the latest release of Ansible and learn to solve complex issues quickly with the help of task-oriented scenarios. You'll start by installing and configuring Ansible to automate monotonous and repetitive IT tasks and get to grips with concepts such as playbooks, inventories, plugins, collections, and network modules.

BookSep 2023420 pages
Windows 11 for Enterprise Administrators

Windows 11 for Enterprise Administrators

Microsoft’s launch of Windows 11 is a step toward satisfying the enterprise administrator’s needs for better management and enhanced user experience customization. This book provides the enterprise administrator with the knowledge needed to fully utilize the advanced feature set of Windows 11 Enterprise.

BookOct 2023286 pages
The Linux DevOps Handbook

The Linux DevOps Handbook

This book is for software and IT professionals seeking knowledge on Linux systems and DevOps practices. This book will provide you with guidance and tools to learn and gain proficiency in managing Linux-based infrastructures and knowledge of DevOps.

BookNov 2023428 pages2