In part 1 and part 2 of my CCNA recaps, I tried to cover a few important concepts in the course of material learned that will help solidify things that may seem confusing at first glance. In part 3 of my series, we will continue this journey. As mentioned before, if you would like to view the raw compilation of my notes, please check my repo.
Each section is separated by a divider, so feel free to skip around.
The scaling networks material starts off kind of bland because it begins by talking about enterprise networks and the grander scale of how businesses operate. It's important to know that network traffic needs to be converged, and that we have to be aware of varying business needs.
With that said, I'll cover a few things really fast because the three-layer hierarchical design model is important. This design is separated by access, or user connectivity, distribution, which deals with traffic forwarding between networks, and the high speed backbone or core. There are also a few different architectural models in enterprise network design, which range from campus style infrastructure to service provider edges, but I'm going to gloss over this because it's pretty cut and dry.
The big takeaway here is that designing to scale is important and you should care about having the redundancy to handle single points of failure, and limiting failure domain size, because it means less people are affected when bad things happen (a failure domain is just a fancy way of saying an area of a network is experiencing issues). The material briefly covers why OSPF and EIGRP are good choices for larger hierarchical design because of how they're easily expansive, and quickly dives into switch categories for enterprise networks and the form factors involved.
We're going to focus a little on LAN redundancy, because it's good to know how things like Spanning Tree and First Hop Redundancy Protocols work to manage issues. You know how everyone is always screaming about performing backups because they're important? Well, apply this kind of thinking to network design as well, because if something happens you want to ensure a backup method is available to keep things running while main issues are worked on.
There are a few considerations to look into, like MAC database instability, broadcast storms and multiple frame transmission, which I'll bring up in a second. MAC database instability occurs when same frame copies are being received on different switch ports. This consumes resources and impairs forwarding capabilities. Basically, if there isn't a way to block these frames, they continue to propagate because of how forwarding works. Broadcast storms are probably the most familiar of the three because they're commonly seen with misconfigurations. They basically flood broadcasts everywhere out of all ports in an endless loop. When a loop like this happens, it consumes bandwidth needed for traffic, effectively creating a DoS, while putting strain on network adapters. Multiple frame transmissions deal with unicast frame copies, because some protocols only expect one transmission. When more than one unicast is received, errors happen. These duplicates aren't always recognized, but spanning tree helps to prevent this.
Spanning tree is based on an algorithm invented by Radia Perlman, who published a paper in 1985 called: "An Algorithm for Distributed Computation of a Spanning Tree in an Extended LAN". This is extremely important because STP ensures only one logical path between all destinations when setup. It checks for redundant paths that cause loops and blocks them with a "blocking-state".
Bippity Boppity BPDU's
I spoke a little bit about STP, but let's dive in more. The algorithm works because it determines which switch ports have to be put in these blocking-states to prevent loops, but to do this, it has to designate a single switch as what's known as the root bridge. This root bridge becomes a point for path calculations because switches using STP exchange BPDU frames (Bridge Protocol Data Unit), which help determine which switch has the lowest BID, or Bridge ID on a network. BID's contain three primary fields: Priority value, the MAC address of the sending switch, and an optional extended system ID. The combination of these three fields helps make the lowest BID determination and after a root bridge is picked, the algorithm can calculate the shortest path to it.
/* Handy STP Commands */ switch(config-if) spanning-tree cost <value> // You can set a cost value between 1-200,000,000 // Verify port/path cost to root bridges sh spanning-tree
I'm going to briefly summarize PortFast and BPDU Guard, but you should be looking at this material and have some ground in it. When switches are configured with PortFast, ports transition from blocking to forwarding states. With BPDU guard, ports can be shut down and put in an error-disabled state on a BPDU reciept. Below, I've listed a few configuration commands:
/* PortFast configuration on a port */ switch(config-if) spanning-tree portfast // Each interface to enable on switch(config) spanning-tree portfast default // Enables PF on all non-trunking interfaces
/* Configuring BPDU Guard on a Layer 2 access port */ switch(config-if) spanning-tree bpduguard enable switch(config) spanning-tree portfast bpduguard default
/* Configure Rapid PVST+ on a Cisco Switch */ switch conf t switch(config) spanning-tree mode rapid-pvst switch(config) int fa0/1 switch(config-if) spanning-tree link-type point-to-point // Specify the link type switch(config-if) end switch spanning-tree detected-protocols
/* Show commands */ sh spanning-tree sh spanning-tree vlan <vlanID> // Get the STP information for a specific VLAN
First Hop Redundancy Protocols
I'll cover a tiny definition of these because Cisco mentions HSRP (Hot Standby Router Protocol), VRRP v2 (Virtual Router Redundancy Protocol) and GLBP (Gateway Load Balancing Protocol). HSRP and GLBP are both Cisco-proprietary protocols. GLBP allows load balancing between redundant routers and helps to protect traffic from failed routers and circuits. HSRP is for transparent failovers by placing devices in an active, or standby state. Active states are used for packet routing, but if something fails for whatever reason, standby goes into effect. HSRP monitors routing status and helps to keep packets forwarded when an active router fails. VRRP2 is an election protocol that dynamically assigns responsibility. One router is elected a virtual master, while others act as backups if the master fails.
Open Shortest Path First is a classless, link state protocol that uses the SPF algorithm to find the best path, while quickly propagating changes. It's also extremely scalable and relatively easy to configure. You will learn a good deal about OSPF while reading through materials, which includes the issues with LSA flooding and how the Designated Router and Backup Designated Router help provide a solution on multi-access networks. I'm not going to cover this, but in short, if the DR stops producing Hello packets, the BDR comes in to take its place. I will list a few handy commands to know:
/* Single-Area OSPFv2) */ sh ip ospf neighbor // Verify that routers formed adjacencies with neighbors sh ip protocols // Verify config info sh ip ospf sh ip ospf int // Lists every OSPF-enabled interface sh ip ospf int br // Sumarizes status of OSPF-enabled interfaces
Lastly, the scaling networks portion of CCNA material covers EIGRP, or Enhanced Interior Gateway Routing Protocol, which was released in 1992. It has both link-state and advanced distance vector features. As mentioned in part 2 of the series, it uses DUAL, or Diffusing Update Algorithm. DUAL helps create loop-free backup paths by storing routes and alternating them when needed. You should know this protocol well. Doing so actually helps to understand some of the underlying issues with BGP hijacks as well, if you feel inclined to do a comparison. I won't be delving into this portion either, since it's a huge topic within itself, but make sure you study up on this. With that, I am going to wrap up my recap of this portion of CCNA material.