Upload
javierdb2012
View
213
Download
0
Embed Size (px)
Citation preview
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 1/76
BCMSN
Course Management
Overview Building Cisco Multilayer Switched Networks (BCMSN) v3.0 is an instructor-led course presented by Cisco Systems Training partners. This five-day course will instruct the learner inhow to create an efficient and expandable enterprise network by installing, configuring,monitoring, and troubleshooting network infrastructure equipment according to the CampusInfrastructure module in the Enterprise Composite Network Model (ECNM).
OutlineThe Course Management section of the Course Administration Guide includes these topics:
Overview
Course Instruction Details
Post-Course Evaluations
Course VersionThis course updates Building Cisco Multilayer Switched Networks (BCMSN) v2.1.
Course Objectives Upon completing this course, the learner will be able to meet these overall objectives:
Describe the Campus Infrastructure module of the ECNM Define VLANs to segment network traffic and manage network utilization Explain the procedure for configuring both 802.1Q and ISL trunking between two switches
so that VLANs that span the switches can connect Describe how VLAN configuration of switches in a single management domain can be
automated with the Cisco proprietary VTP Implement high availability technologies and techniques using multilayer switches in a
campus environment Describe WLANs Describe and configure switch infrastructure to support voice Describe and implement security features in a switched network
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 2/76
2 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Target AudiencePeople who fulfill the following functions are the primary audience for this course:
An individual who is a network administrator, network engineer, network manager, orsystems manager
People who fulfill the following function are the secondary audience for this course:
An individual who is a network designer
Learner Skills and KnowledgeThe knowledge and skills that a learner must have before attending this course include thefollowing:
Completion of the course Interconnecting Cisco Network Devices (ICND)
Ability to complete the initial configuration of a switch
Ability to configure a switch with VLANs Ability to create basic interswitch connections
Ability to troubleshoot a VLAN
Ability to complete the initial configuration of a router
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 3/76
© 2006 Cisco Systems, Inc. Course Administration Guide 3
Course Instruction DetailsThis topic provides the information that you need to prepare the course materials and set up theclassroom environment.
Instructor RequirementTo teach this course, instructors must have attended the following training or completed thefollowing requirements:
Certified Cisco Systems Instructor who is certified in BCMSN delivery
Should have earned the Cisco CCNP ® or CCIE ® certification
Note Submit questions concerning instructor certification to [email protected].
Classroom Reference MaterialsThese items should be available for the learner during the course:
Student Guide
Paper, pen, pencils, and/or other miscellaneous office supplies needed to support learners
Class EnvironmentThis information describes recommended class size and classroom setup:
Room set up classroom-style, with chairs and tables Room sized for 16 learners
Eight pairs of chairs sharing access to eight laptops or terminals
Projector to display course PowerPoint slides
Projection screen as needed
Sufficient power for all equipment
For local labs, rack and floor space for all equipment
For remote labs, access to Internet for all learners and instructor
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 4/76
4 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Course FlowThis is the suggested course schedule. You may make adjustments based on the skills,knowledge, and preferences of the learners in attendance. The presentation of all topics isoptional for noncertification offerings , but you are encouraged to use them because they are
designed to reinforce the lesson concepts and ensure that learners apply some of the concepts.
Day 1:
8:30–9:00(0830–0900)
Course Introduction
9:00–10:20(0900–1020)
Lesson 1-1: Introducing Campus Networks
10:30–12:00(1030–1200)
Quiz 1-1: Describing the Campus Infrastructure Module
Lab 1-2: Getting Started with Cisco Catalyst Equipment
12:00–1:00
(1200–1300)
Lunch
1:00–1:40(1300–1340)
Lesson 2-1: Implementing Best Practices for VLANTopologies
1:40-2:20(1340-1420)
Lesson 2-2: Implementing VLANs
2:20-3:00(1440-1500)
Lesson 2-3: Implementing Trunks
3:00-3:40(1500-1540)
Lesson 2-4: Propagating VLAN Configurations with VTP
3:40-4:20(1540-1620)
Lesson 2-5: Correcting Common VLAN ConfigurationErrors
4:20-5:00(1620-1700)
Lab 2-1: Configuring VLANs and VTP
5:00 (1700) Day ends
Day 2:
8:00–8:30(0800–0830)
Review of Day 1
8:30–9:30(0830–0930)
Lesson 3-1: Describing the STP
9:30–10:30(0930–1030)
Lab 3-1: Configuring Primary and Backup Root Bridges
10:30–11:00(1030–1100) Lesson 3-2: Implementing RSTP
11:00-12:00(1100–1200)
Lab 3-2: Implementing PVRST
12:00–1:00(1200–1300)
Lunch
1:00–1:20(1300–1320)
Lesson 3-3: Implementing MSTP
1:20-2:00(1320–1400)
Lab 3-3: Implementing MST
2:00-2:20(1400–1420)
Lesson 3-4: Configuring Link Aggregation withEtherChannel
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 5/76
© 2006 Cisco Systems, Inc. Course Administration Guide 5
2:20-3:10(1420–1510)
Lab 3-4: Configuring EtherChannel
Lab 3-5: Troubleshooting Spanning Tree
3:10-3:40(1510–1540)
Lesson 4:1: Describing Routing Between VLANs
Quiz 4-1: Describing Routing Between VLANs
3:40-4:00(1540–1600)
Lesson 4-2: Enabling Routing Between VLANs on aMultilayer Switch
4:00-5:001600–1700)
Lab 4-2: Routing Between VLANs
5:00 (1700) Day ends
Day 3:
8:00–8:30(0800–0830)
Review of Day 2
8:30-10:20(0830-1020)
Lab 4-2: Routing Between VLANs (continued fromDay 2)
10:20- 11:00(1020-1100)
Lesson 4-3: Deploying CEF-Based Multilayer Switching
11:00-12:00(1100–1200)
Lesson 5-1: Configuring Layer 3 Redundancy with HSRP
12:00–1:00(1200–1300)
Lunch
1:00–1:30(1300–1330)
Lesson 5-2: Optimizing HSRP
1:30-3:00(1330–1500)
Lab 5-1: Enabling and Optimizing HSRP
3:00-5:00
(1500–1700)
Lesson 5-3: Configuring Layer 3 Redundancy with VRRP
and GLBP 5:00 (1700) Day ends
Day 4: Wireless LANs
8:00–8:30(0800–0830)
Review of Day 3
8:30–10:00(0830–1000)
Lesson 6-1 Introducing WLANs
Lesson 6-2 Describing WLAN Topologies
10:10–12:00(1010–1200)
Lesson 6-3 Explaining WLAN Technology and Standards
12:00–1:00(1200–1300)
Lunch
1:00–3:00(1300–1500)
Lab 6-1: Configuring Switches for WLANs
Lesson 6-4 Configuring Cisco WLAN Clients
3:10–5:00(1510–1700)
Lesson 6-5 Implementing WLANs
Lesson 6-6 Configuring WLANs
Lab 6-2: Setting Up the WLAN Controller
Lab 6-3: Configuring the Controller via the Web BrowserLab 6-4: Configuring a Wireless Client (Optional)
5:00 (1700) Day ends
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 6/76
6 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Day 5:
8:00–8:30(0800–0830)
Review of Day 4
8:30–9:15(0830–0915)
Lesson 7-1: Planning for Implementation of Voice in aCampus Network
9:15–10:00(0915–1000)
Lesson 7-2: Accommodating Voice Traffic on CampusSwitches
10:00–11:00(1000–1100)
Lab 7-1: Configuring IP Telephony Support
11:00-11:20(1100–1120)
Lesson 8-1: Understanding Switch Security Issues
11:20-11:40(1120–1140)
Lesson 8-2: Protecting Against VLAN Attacks
11:40-12:00(1140–1200)
Lesson 8-3: Protecting Against Spoof Attacks
12:00–1:00(1200–1300)
Lunch
1:00–1:20(1300–1320)
Lesson 8-4: Describing STP Security Mechanisms
1:20-1:40(1320–1340)
Lesson 8-5: Preventing STP Forwarding Loops
1:40-2:00(1340–1400)
Lesson 8-6: Securing Network Switches
2:00-2:45(1400–1445)
Case Study 8-1: Applying Security Practices to SecureDevices in the Campus
2:45-3:30(1445–1530)
Case Study 8-2: Using Security Tools to Secure Devicesin the Campus
3:30-5:00(1530-1700)
Lab 8-3: Applying Security Tools
5:00 (1700) Wrap-up
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 7/76
© 2006 Cisco Systems, Inc. Course Administration Guide 7
High-Level Course OutlineThis subtopic provides an overview of how the course is organized. The course contains thesecomponents:
Course Introduction Network Requirements
Defining VLANs
Implementing Spanning Tree
Implementing Inter-VLAN Routing
Implementing High Availability in a Campus Environment
Wireless LANs
Configuring Campus Switches to Support Voice
Minimizing Service Loss and Data Theft in a Campus Network Lab Guide
Detailed Course OutlineThis in-depth outline of the course structure lists each module, lesson, and topic.
Course Introduction
The Course Introduction provides learners with the course objectives, prerequisite learner skillsand knowledge, and general administrative information. The Course Introduction presents thecourse flow diagram and the icons used in the course illustrations and figures. This coursecomponent also designates time for the learners to introduce themselves and describe their
backgrounds, giving the instructor valuable information about the knowledge and experiencelevels of the learners.
Overview
— Learner Skills and Knowledge
Course Goal and Objectives
Course Flow
Your Training Curriculum
— CCNP Career Certifications
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 8/76
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 9/76
© 2006 Cisco Systems, Inc. Course Administration Guide 9
The lesson includes these activities:
Quiz 1-1: Describing the Campus Infrastructure Module
Lab 1-2: Getting Started with Cisco Catalyst Equipment
Module 2: Defining VLANs
This module defines the purpose of VLANs and describes how VLAN implementation cansimplify network management and troubleshooting and can improve network performance.When VLANs are created, their names and descriptions are stored in a VLAN database that can
be shared between switches. The learner will see how design considerations determine whichVLANs will span all the switches in a network and which VLANs will remain local to a switch
block.
The configuration components of this module will describe how individual switch ports maycarry traffic for one or more VLANs, depending on their configuration as access or trunk ports.This module explains both why and how VLAN implementation occurs in an enterprisenetwork.
Lesson 1: Implementing Best Practices for VLAN Topologies
Upon completing this lesson, the learner will be able to identify how various technologies are best implemented within the Campus Infrastructure module. This ability includes being able tomeet these objectives:
List the issues that can occur in a poorly designed network
Given a sample organization, explain how to designate VLANs for the organization
Describe the different network interconnection technologies and identify their appropriateusage in a campus network
Determine the equipment and cabling needs on the various links of VLANs in a campusnetwork
Map a hierarchical IP addressing scheme to the VLANs in a campus network
Identify the most common traffic sources and their destination on a campus network
The lesson includes these topics:
Describing Issues in a Poorly Designed Network
Grouping Business Functions into VLANs
Describing Interconnection Technologies
Determining Equipment and Cabling Needs Mapping VLANs in a Hierarchical Network
Considering Traffic Source to Destination Paths
Lesson 2: Implementing VLANs
VLANs are used to create logical broadcast domains and Layer 3 segments in a given network.A VLAN is considered a logical segment because the traffic it carries may traverse multiple
physical network segments. This lesson will examine how switch ports can be staticallyconfigured to belong to one or more VLANs and how various ports on a single switch can
belong to different VLANs. End-to-end VLANs will be differentiated from local VLANs.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 10/76
10 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Local VLANs exist within the context of a single switch or switch block, whereas end-to-endVLANs span multiple network segments interconnected by switches.
Upon completing this lesson, the learner will be able to meet these objectives:
Define an end-to-end VLAN
Define a local VLAN
Describe the benefits of implementing local VLANs in a campus network
Describe the VLAN configuration modes and their functions
Define a VLAN access port
List the commands to implement a VLAN
List the steps to create a VLAN and associate it with an access port
The lesson includes these topics:
Describing End-to-End VLANs
Describing Local VLANs
Benefits of Local VLANs in an Enterprise Campus Network
VLAN Configuration Modes
Explaining VLAN Access Ports
Describing VLAN Implementation Commands
Implementing a VLAN
Lesson 3: Implementing Trunks
Switch ports carrying traffic for multiple VLANs are called trunk ports. As frames frommultiple VLANs traverse trunk ports, the switch must identify each frame to associate it with agiven VLAN. This lesson will examine the differences between Inter-Switch Link (ISL) and802.1Q, two protocols used to mark frames on a trunk link.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe a VLAN trunk in an enterprise network
Describe ISL trunking
Describe 802.1Q trunking
Define an 802.1Q native VLAN
Explain VLAN ranges and their usage
Identify the commands used to configure trunking
Explain the procedure to configure trunking
The lesson includes these topics:
Explaining VLAN Trunks
Describing ISL Trunking
Describing 802.1Q Trunking
Explaining 802.1Q Native VLANs
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 11/76
© 2006 Cisco Systems, Inc. Course Administration Guide 11
Explaining VLAN Ranges
Describing Trunking Configuration Commands
Configuring Trunking
Lesson 4: Propagating VLAN Configurations with VTP
When VLANs span multiple switches, a protocol is needed to accurately manage VLANinformation at each switch. This protocol is referred to as VLAN Trunk Protocol (VTP) and isused to ensure that all switches in a given group, or VTP domain, have the same informationabout the VLANs present in that domain. This lesson will examine VTP and how it allows eachswitch to participate in the VTP domain. The VTP mode determines if and when updates aresent by a switch.
Upon completing this lesson, the learner will be able to meet these objectives:
Define a VTP domain in a campus network
Define VTP
Describe the three different VTP modes
Describe VTP Pruning
Describe how VTP distributes and synchronizes VLAN information
Describe the commands used to configure and verify a VTP management domain
Describe the procedures to configure a VTP management domain
Describe the procedure to add a new switch to an existing VTP domain
The lesson includes these topics:
Explaining VTP Domains
Describing the VTP
VTP Modes
Describing VTP Pruning
Describing VTP Operation
Describing VTP Configuration Commands
Configuring a VTP Management Domain
Adding New Switches to an Existing VTP Domain
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 12/76
12 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lesson 5: Correcting Common VLAN Configuration Errors
When VLANs span multiple switches, there are configuration challenges and issues to beovercome. VLAN configuration problems include security issues related to the 802.1Q nativeVLAN and Dynamic Trunking Protocol (DTP).
Upon completing this lesson, the learner will be able to meet these objectives:
Identify the security issues with 802.1Q native VLANs
Describe how to resolve the security issues with 802.1Q native VLANs
List key problems that result from trunk link configuration
Identify best practices for resolving trunk link problems
Identify common problems with VTP configuration
Describe best practice for VTP configuration
The lesson includes these topics:
Describing Issues with 802.1Q Native VLANs
Resolving Issues with 802.1Q Native VLANs
Describing Trunk Link Problems
Resolving Trunk Link Problems
Common Problems with VTP Configuration
Best Practice for VTP Configuration
The lesson includes this activity:
Lab 2-1: Configuring VLANs and VTP
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 13/76
© 2006 Cisco Systems, Inc. Course Administration Guide 13
Module 3: Implementing Spanning Tree
This module introduces the fundamentals of Spanning Tree Protocol (STP) operation in aswitched network. The root bridge will be explained as well as how the root bridge and its
backup are elected. Features for enhancing the performance of STP will be covered—namely,
Rapid STP (RSTP) and Multiple STP (MSTP). The learner will discover how EtherChannel isconfigured and how it interoperates with STP. The module also provides guidelines onimproving STP resiliency when network faults occur.
Lesson 1: Describing the STP
In a campus network where there are redundant links between switches, STP manages whichlinks will provide an active Layer 2 path, which ones will be inactive, and which ones will
provide redundancy in the case of active path failure. This lesson will examine the generalcomponents and operation of STP in a switched network.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe a transparent bridge Identify the traffic patterns in a bridge loop
Define a loop-free network
Describe the 802.1D STP
Define a root bridge
Describe the four port roles
Describe PortFast, PVST+, RSTP, MSTP, and PVRST
The lesson includes these topics:
Describing Transparent Bridges
Identifying Traffic Loops
Explaining a Loop-Free Network
Describing the 802.1D STP
Describing the Root Bridge
Describing Port Roles
Explaining Enhancements to STP
The lesson includes these activities:
Lab 3-1: Configuring Primary and Backup Root Bridges
Lesson 2: Implementing RSTP
Rapid Spanning Tree Protocol (RSTP) is an improvement on the original 802.1D STP standard.RSTP provides much faster convergence when topology changes occur in a switched network.Through the use of specific port states, port roles, and link types, RSTP very quickly adapts tonetwork topology transitions. A proposal and agreement process between neighbor switches isunique to RSTP. Also, Topology Change Notifications (TCNs) are transferred in a verydifferent manner than they are in 802.1D STP operation. Configuration of RSTP is much thesame as in 802.1D, except for a few variations and identifiable characteristics in the spanningtree verification commands.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 14/76
14 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe the RSTP
Describe the three RSTP port states
Describe the five different RSTP port roles
Explain an edge port
Describe the function of the different RSTP link types
Differentiate the 802.1w use of the BPDU from 802.1D
Describe the stages of the RSTP proposal and agreement process
Describe the process that RSTP uses to notify all bridges in the network of a TC
Describe the commands used to implement RSTP
Explain the procedure to implement RSTP in a switched network
The lesson includes these topics:
Describing the RSTP
Describing RSTP Port States
Describing RSTP Port Roles
Explaining Edge Ports
Describing RSTP Link Types
Examining the RSTP BPDU
Identifying the RSTP Proposal and Agreement Process
Identifying the RSTP TCN Process
Describing PVRST Implementation Commands
Implementing PVRST Commands
The lesson includes this activity:
Lab 3-2: Implementing PVRST
Lesson 3: Implementing MSTP
Per VLAN Spanning Tree (PVST) creates a single instance of spanning tree for each VLAN inthe network. This may impose a processing load on a switch when many VLANs are present.Multiple Spanning Tree Protocol (MSTP) reduces this loading by allowing a single instance ofspanning tree to run for multiple VLANs. Specific configuration and verification steps must befollowed to properly implement MSTP.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe MSTP
Describe the characteristics of an MST region
Describe changes to the Bridge Priority field to accommodate the MSTP instance number
Describe how MSTP operates with CST
Describe the commands used to implement MSTP
Explain the procedure to implement MSTP in a switched network
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 15/76
© 2006 Cisco Systems, Inc. Course Administration Guide 15
The lesson includes these topics:
Explaining MSTP
Describing MSTP Regions
Describing the Extended System ID
Interacting Between MSTP Regions and 802.1Q
Describing MSTP Implementation Commands
Configuring and Verifying MSTP
The lesson includes these activities:
Lab 3-3: Implementing MST
Lesson 4: Configuring Link Aggregation with EtherChannel
When multiple physical links exist between two switches, these links can be bundled into a
single logical link that provides high aggregate bandwidth and fault tolerance for interswitchconnectivity. This lesson will examine the specifics of EtherChannel.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe EtherChannel
Compare the PAgP and LACP
Describe the commands used to configure EtherChannel
Describe the guidelines and best practices for configuring port channels usingEtherChannel
Configure load balancing among the ports included in an EtherChannel
The lesson includes these topics:
Describing EtherChannel
Describing the PAgP and LACP Protocols
Describing EtherChannel Configuration
Configuring Port Channels Using EtherChannel
Configuring Load Balancing over EtherChannel
The lesson includes these activities:
Lab 3-4: Configuring EtherChannel Lab 3-5: Troubleshooting Spanning Tree
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 16/76
16 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Module 4: Implementing Inter-VLAN Routing
A switch with multiple VLANs requires a means of passing Layer 3 traffic between thoseVLANs. This module describes both the process and various methods of routing traffic fromVLAN to VLAN. A router that is external to the Layer 2 switch hosting the VLANs can
provide the inter-VLAN routing.When routing occurs within a Cisco Catalyst multilayer switch, Cisco Express Forwarding(CEF) is deployed to facilitate Layer 3 switching through hardware-based tables, providing anoptimal packet-forwarding process. When CEF is implemented, routing is enabled betweenVLANs through the configuration of switch virtual interfaces (SVIs) associated with thevarious VLANs on the multilayer switch.
Lesson 1: Describing Routing Between VLANs
Layer 2 switching involves processing frames with respect to their data link layer headers.Information from those headers is stored within the content addressable memory (CAM) tablein the switch, which in turn provides the information required to make the forwarding decisionsas frames traverse the switch. When multiple Layer 2 VLANs are configured on a switch, aLayer 3 process is required for inter-VLAN communication. VLAN-to-VLAN packet transfercan occur on a Layer 3 device external to the switch.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe how inter-VLAN routing works using an external router
Describe the commands used to configure inter-VLAN routing using an external router
Explain the procedure to configure inter-VLAN routing using an external router
Explain how switching interfaces use the forwarding engine to implement Layer 2 andLayer 3 switching
Describe the frame rewrite process
The lesson includes these topics:
Inter-VLAN Routing Using an External Router
Describing Inter-VLAN Routing Using External Router Configuration Commands
Configuring Inter-VLAN Routing Using an External Router
Explaining Multilayer Switching
Frame Rewrite
Quiz 4-1: Describing Routing Between VLANs
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 17/76
© 2006 Cisco Systems, Inc. Course Administration Guide 17
Lesson 2: Enabling Routing Between VLANs on a Multilayer Switch
When multiple VLANs are configured on a multilayer switch, routing between those VLANscan occur on the switch itself through the configuration of Layer 3 switch virtual interfaces(SVIs). SVIs are configured and verified using Layer 3 Cisco IOS commands to facilitate inter-VLAN routing on a multilayer switch. It is also possible to convert Layer 2 switch ports tooperate as Layer 3 interfaces.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe a Layer 3 SVI
Describe commands used to configure inter-VLAN routing on a multilayer switch throughan SVI
Explain the procedure to configure inter-VLAN routing on a multilayer switch
Describe a routed port on a multilayer switch
Describe commands used to configure a routed port on a multilayer switch
Explain the procedure to configure routed ports on a multilayer switch
The lesson includes these topics:
Describing Layer 3 SVI
Describing Configuration Commands for Inter-VLAN Communication on a MultilayerSwitch
Configuring Inter-VLAN Routing on a Multilayer Switch
Describing Configuration Commands for Routed Ports on a Multilayer Switch
Describing Routed Ports on a Multilayer Switch
Configuring Routed Ports on a Multilayer Switch
Lesson 3: Deploying CEF-Based Multilayer Switching
Layer 3 switching provides a wire-speed mechanism by which to route packets betweenVLANs using tables that store Layer 2 and Layer 3 forwarding information in hardware. CiscoExpress Forwarding (CEF) is the most efficient means of providing Layer 3 switching on amultilayer switch. CEF uses a very specific process to build forwarding tables in hardware andthen uses that table information to forward packets at line speed.
Upon completing this lesson, the learner will be able to meet these objectives:
Explain Layer 3 switch processing
Explain a CEF-based multilayer switch
Describe the process that a multilayer switch uses to forward packets
Describe the commands used to configure CEF on Cisco Catalyst multilayer switches
Explain the procedure to enable CEF-based MLS
Describe common problems that can occur with CEF and solutions
Describe the commands used to troubleshoot CEF on multilayer switches
Explain the procedure to troubleshoot problems with CEF-based MLS
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 18/76
18 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
The lesson includes these topics:
Explaining Layer 3 Switch Processing
Explaining CEF-Based Multilayer Switches
Identifying the Multilayer Switch Packet Forwarding Process
Describing CEF Configuration Commands
Enabling CEF-Based MLS
Describing Common CEF Problems and Solutions
Describing CEF Troubleshooting Commands
Troubleshooting Layer 3 CEF-Based MLS
The lesson includes these activities:
Lab 4-2: Routing Between VLANs
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 19/76
© 2006 Cisco Systems, Inc. Course Administration Guide 19
Module 5: Implementing High Availability in a Campus Environment
A network with high availability provides alternative means by which all infrastructure pathsand key servers can be accessed at all times. The Hot Standby Router Protocol (HSRP) is oneof those software features that can be configured to provide Layer 3 redundancy to network
hosts. HSRP optimization provides immediate or link-specific failover as well as a recoverymechanism. Virtual Router Redundancy Protocol (VRRP) and Gateway Load BalancingProtocol (GLBP) are derivatives of HSRP, providing additional Layer 3 redundancy features,such as load balancing.
Lesson 1: Configuring Layer 3 Redundancy with HSRP
Businesses and consumers that rely on intranet and Internet services for their mission-criticalcommunications require and expect their networks and applications to be continuouslyavailable to them.
Customers can satisfy their demands for near-100 percent network uptime if they leverage theHSRP in Cisco IOS software. HSRP provides network redundancy for IP networks in a mannerthat ensures that user traffic immediately and transparently recovers from first-hop failures innetwork edge devices or access circuits.
However, routing issues exist as we examine various means of providing redundancy for thedefault gateway of each segment. Because of this, HSRP has very specific attributes thatwarrant further description, as does a delineation of HSRP operations on the network. HSRPinterfaces transition through a series of states as they find their role in the capacity of active orstandby HSRP router.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe routing issues that occur when using default gateways and proxy ARP
Describe how router device redundancy works
Describe HSRP
Describe how HSRP operates to provide a nonstop path redundancy for IP
Describe the six HSRP states and their functions
Describe the commands used to configure HSRP
Explain the procedure to enable HSRP
The lesson includes these topics
Describing Routing Issues
Identifying the Router Redundancy Process
Describing HSRP
Identifying HSRP Operations
Describing HSRP States
Describing HSRP Configuration Commands
Enabling HSRP
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 20/76
20 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lesson 2: Optimizing HSRP
HSRP has options that allow it to be configured to define the order in which the active andstandby router are selected for expedited failover, for recovery from failover, and to specifywhich interface is to be monitored for HSRP failover. Specific commands are used to optimizeand tune HSRP operations for greatest failover resiliency. There is also a set of commands for
verifying and debugging HSRP general and optimized operations.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe the options that can be configured to optimize HSRP
Explain the procedure to determine which HSRP operations require tuning in theirnetworks
Describe how a single router can be a member of multiple HSRP-standby groups tofacilitate load sharing
Describe the commands used to debug HSRP operations
Explain the procedure to debug HSRP operations
The lesson includes these topics:
Describing HSRP Optimization Options
Tuning HSRP Operations
Describing Load Sharing
Describing HSRP Debug Commands
Debugging HSRP Operations
Lab 5-1: Enabling and Optimizing HSRP
Lesson 3: Configuring Layer 3 Redundancy with VRRP and GLBP
As the name would imply, Virtual Router Redundancy Protocol (VRRP) provides routerinterface failover in a manner similar to HSRP but with added features and IEEE compatibility.The process by which VRRP operates is defined in this lesson. The Gateway Load BalancingProtocol (GLBP) and its operations will be defined and differentiated from both HSRP andVRRP. Specific commands are used to implement and to verify VRRP and GLBP.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe VRRP Describe how VRRP supports transitions from a master to a backup router
Describe the commands used to configure VRRP and GLBP Describe GLBP Describe how GLBP provides balanced traffic on a per-host basis, using a round-robin
scheme
The lesson includes these topics:
Describing VRRP Identifying the VRRP Operations Process Configuring VRRP Describing the GLBP Identifying the GLBP Operations Process
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 21/76
© 2006 Cisco Systems, Inc. Course Administration Guide 21
Module 6: Wireless LANs
This module introduces wireless LANs (WLANs). WLAN is an access technology that has anincreasing significance for network access in offices, factories, hotels, airports, and at home.This module explains the differences between wired and wireless LANs, describes WLAN
topologies, and teaches the learner how to implement Cisco WLAN solutions.
Lesson 1: Introducing WLANs
This lesson introduces WLANs. WLAN is an access technology that has an increasingsignificance for network access in offices, factories, hotels, airports, and at home. Uponcompleting this lesson, the learner will be able to meet these objectives:
Describe the different wireless data technologies that are currently available
Describe WLANs
Distinguish WLANs from other wireless data networks
Describe similarities and differences between WLANs and wired LANs
The lesson includes these topics:
Wireless Data Technologies
Wireless LANs
WLANs and Other Wireless Technologies
WLANS and LANs
Lesson 2: Describing WLAN Topologies
This lesson explains different WLAN topologies. WLAN topologies refer to the placement and
application of WLANs. Upon completing this lesson, the learner will be able to meet theseobjectives:
Describe types of WLAN topologies
Describe WLAN access topologies
Explain roaming between wireless cells
Describe WLAN support for VLANs and QoS
Describe wireless mesh networking
The lesson includes these topics:
WLAN Topologies Typical WLAN Topologies
Roaming Through Wireless Cells
Wireless VLAN Support
Wireless Mesh Networking
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 22/76
22 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lesson 3: Explaining WLAN Technology and Standards
This lesson explains WLAN technology and the WLAN standards. This knowledge isimportant for the design, configuration, operation, and troubleshooting of WLANs. Uponcompleting this lesson, the learner will be able to meet these objectives:
Describe the WLAN frequency bands and RF transmission Describe WLAN regulations, standards, and certification bodies
Describe the IEEE 802.11b standard
Describe the IEEE 802.11a standard
Describe the IEEE 802.11g standard
Compare the 802.11b, 802.11g, and 802.11a standards for data rates, throughput, andcoverage
Identify best practices for WLAN office design
Explain the need for WLAN security and describe the available WLAN security solutions
The lesson includes these topics:
Unlicensed Frequency Bands
WLAN Regulation and Standardization
IEEE 802.11b Standard
IEEE 802.11a Standard
IEEE 802.11g Standard
802.11 Comparison
General Office WLAN Design WLAN Security
The lesson includes this activity:
Lab 6-1: Configuring Switches for WLANs
Lesson 4: Configuring Cisco WLAN Clients
This lesson describes the Cisco 802.11a/b/g WLAN client and utilities to configure the clientadapter. Upon completing this lesson, the learner will be able to meet these objectives:
Install the Cisco WLAN client adapter and the Cisco ADU Use the Cisco ADU to configure the Cisco 802.11a/b/g WLAN client adapter
Use the Cisco ADU for diagnostics and troubleshooting of the WLAN client adapters
Use the Cisco Aironet Site Survey Utility to get information about available WLANs
Describe the WLAN configuration through Windows XP
Describe the Cisco ACAU
Describe the Cisco Wireless IP Phone
Describe the features and benefits of the Cisco Compatible Extensions program
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 23/76
© 2006 Cisco Systems, Inc. Course Administration Guide 23
The lesson includes these topics:
Cisco 802.11a/b/g WLAN Client Adapters
Cisco ADU Installation
ADU Diagnostics: Advanced Statistics
Cisco Aironet Site Survey Utility: Associated AP Status
Windows XP WLAN Configuration
Cisco Aironet Client Administration Utility
Cisco Wireless IP Phone
Cisco Compatible Extensions Program for WLAN Client Devices
Lesson 5: Implementing WLANs
This lesson describes WLAN implementations. Both autonomous and lightweight WLANsolutions are described. Other topics include PoE (Power over Ethernet) and WLAN antennas.
Upon completing this lesson, the learner will be able to meet these objectives: Describe the implementation of the Cisco autonomous and lightweight WLAN solution that
is part of the Cisco implementation of WLANs
Describe how LWAPP is used in the Cisco lightweight WLAN implementation
Describe the components of the Cisco WLAN implementations
Describe Cisco Unified Wireless Networks
Describe Cisco Aironet access points and bridges
Describe PoE for access points and IP phones
Identify the types of antennas to use in WLAN environments
Explain multipath distortion
Describe the decibel calculation
Explain the established EIRP guidelines
The lesson includes these topics:
Cisco WLAN Implementation
Lightweight Access Point Protocol
Describing WLAN Components
Cisco Unified Wireless Network Cisco Aironet Access Points and Bridges
Power over Ethernet
Explaining WLAN Antennas
Multipath Distortion
Definition of Decibel
Effective Isotropic Radiated Power
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 24/76
24 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lesson 6: Configuring WLANs
Upon completing this lesson, the learner will be able to configure autonomous and lightweightCisco WLAN solutions.
Upon completing this lesson, the learner will be able to meet these objectives:
List the different methods that can be used to configure autonomous access points
Describe the role performed by autonomous access points and bridges in a radio network
Describe how to configure an autonomous access point
Describe how to configure a WLAN controller
Describe how to perform the initial configuration of WLAN controllers via the commandline and web browser
Describe how to configure WLAN controllers via the web browser
The lesson includes these topics:
Autonomous Access Point Configuration
Role of Autonomous Access Points in a Radio Network
Autonomous Access Point Configuration via the Web Browser
Lightweight WLAN Controller Configuration
Cisco WLAN Controller Boot Menu
Web Wizard Initial Configuration
The lesson includes these activities:
Lab 6-2: Setting Up the WLAN Controller
Lab 6-3: Configuring the Controller via the Web Browser
Lab 6-4: Configuring a Wireless Client (Optional)
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 25/76
© 2006 Cisco Systems, Inc. Course Administration Guide 25
Module 7: Configuring Campus Switches to Support Voice
When migrating to a VoIP network, all network requirements, including power and capacity planning, must be examined. In addition, congestion avoidance techniques should beimplemented. This module will highlight the basic issues and define initial steps to take to
ensure that the VoIP implementation works correctly.
Lesson 1: Planning for Implementation of Voice in a Campus Network
IP telephony services are often provided over the campus infrastructure. To have data and voiceapplication traffic harmoniously coexist, mechanisms must be set in place to differentiate trafficand to offer priority processing to delay sensitive voice traffic. Quality of service (QoS)
policies mark and qualify traffic as it traverses the campus switch blocks. Specific VLANs keepvoice traffic separate from other data to ensure that it is carried through the network withspecial handling and with minimal delay. Specific design and implementation considerationsshould be made at all campus switches supporting VoIP.
Upon completing this lesson, the learner will be able to meet these objectives:
Explain why an organization would want to run VoIP on the network
Describe the main components of a VoIP network, including IP-enabled PBX, user end-devices, gateways and gatekeepers, and the IP network
Compare the uniform bandwidth consumption of voice traffic to the intermittent bandwidthconsumption of data traffic
Describe a VoIP call flow through a network and where contention for bandwidth betweendata traffic and voice traffic will occur
Explain an auxiliary VLAN
Identify a solution for latency, jitter, bandwidth, packet loss, reliability, and security
Explain the importance of high availability in the campus network to support a VoIPimplementation, including such regulations as E911 that require 99.999 percent systemavailability for phones
Explain the need to add a UPS to wiring closets that do not already have them and to provision switches with inline power for IP phones
The lesson includes these topics:
Explaining Converged Network Benefits
Describing VoIP Network Components
Explaining Traffic Characteristics of Voice and Data Describing VoIP Call Flow
Explaining Auxiliary VLANs
Describing QoS
Explaining the Importance of High Availability for VoIP
Explaining Power Requirements in Support of VoIP
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 26/76
26 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lesson 2: Accommodating Voice Traffic on Campus Switches
VoIP traffic and data will share the same infrastructure. To avoid congestion and subsequentintermittent VoIP communications, QoS must be configured as close to the end device as
possible. To accomplish this, QoS trust boundaries must be configured. Several options areavailable to accomplish this task. This module will provide a brief overview of those options.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe how QoS is applied for voice traffic in the campus module
Describe LAN-based classification and marking using a Layer 2 Cisco Catalyst workgroupswitch
Describe QoS trust boundaries and their significance in LAN-based classification andmarking
Explain the procedure to configure an access switch for the attachment of a Cisco IP Phone
Describe basic commands to be considered when voice traffic will traverse a switch
Explain the use of Cisco AutoQoS in Cisco Catalyst switches Describe the commands that enable Cisco AutoQoS on Cisco Catalyst switches
The lesson includes these topics:
QoS and Voice Traffic in the Campus Model
LAN-Based Classification and Marking
Describing QoS Trust Boundaries
Configuring a Switch for Attachment of a Cisco IP Phone
Describing Basic Switch Commands to Support Attachment of a Cisco IP Phone
What Is Cisco AutoQoS VoIP?
Configuring Cisco AutoQoS VoIP on a Cisco Catalyst Switch
The lesson includes this activity:
Lab 7-1: Configuring IP Telephony Support
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 27/76
© 2006 Cisco Systems, Inc. Course Administration Guide 27
Module 8: Minimizing Service Loss and Data Theft in a Campus Network
This module defines the potential vulnerabilities within a network related to VLANs. After thevulnerabilities are identified, solutions for each vulnerability are discussed, and configurationcommands are defined. The module also discusses port security for denial of MAC spoofing,
MAC flooding, and using PVLANs and VACLs to control VLAN traffic. VLAN hopping,DHCP spoofing, ARP spoofing, and STP attacks are also explained. The learner will also learnabout potential problems, resulting solutions, the method to secure the switch access with useof vty ACLs, and implementing SSH for secure Telnet access.
Lesson 1: Understanding Switch Security Issues
Basic security measures should be taken to guard against a host of attacks that can be launchedat a switch and its ports. Specific measures can be taken to guard against MAC flooding, whichis a common Layer 2 malicious activity.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe switch and Layer 2 security as a subset of an overall network security plan Describe how a rogue device gains unauthorized access to a network
Categorize switch attack types and list mitigation options
Describe how a MAC flooding attack works to overflow a CAM Campus Backbone Layertable
Describe how port security is used to block input from devices based upon Layer 2restrictions
Describe the procedure to configure port security on a switch
Explain the sticky MAC option with port security
Describe security in a multilayer switched network
Describe the methods that can be used for authentication using AAA
Describe port-based authentication using 802.1x
The lesson includes these topics:
Overview of Switch Security Concerns
Describing Unauthorized Access by Rogue Devices
Switch Attack Categories
Describing a MAC Flooding Attack
Describing Port Security
Configuring Port Security on a Switch
Port Security with Sticky MAC Addresses
Authentication, Authorization, and Accounting
Authentication and Authorization Methods
802.1x Port-Based Authentication
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 28/76
28 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lesson 2: Protecting Against VLAN Attacks
On networks using trunking protocols, there is a possibility of rogue traffic “hopping” from oneVLAN to another, thereby creating security vulnerabilities. These VLAN hopping attacks are
best mitigated by close control of trunk links.
Private VLANs (PVLANs) can be configured to establish security regions within a singleVLAN without subnetting, and VLAN access control lists (VACLs) can be used to filter trafficwithin a VLAN.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe how VLAN hopping occurs and why it is a security vulnerability
Explain the procedure to configure a switch to mitigate VLAN hopping attacks
Describe VACLs and their purpose as part of VLAN security
Explain the procedure to configure VACLs
Explain the purpose of a PVLAN
Explain the procedure to configure PVLANs as a means of network security
The lesson includes these topics:
Explaining VLAN Hopping
Mitigating VLAN Hopping
VLAN Access Control Lists
Configuring VACLs
Explaining PVLANs
Configuring PVLANs
Lesson 3: Protecting Against Spoof Attacks
DHCP, MAC, and Address Resolution Protocol (ARP) spoofing are all methods used to gainunauthorized access to a network or to redirect traffic for malicious purposes. DHCP snooping,
port security, and dynamic ARP inspection (DAI) can be configured to guard against thesethreats.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe what happens in a network during a DHCP spoof attack
Describe how the DHCP snooping feature provides security by filtering trusted DHCPmessages and then using these messages to build and maintain a DHCP snooping bindingtable
Explain the procedure to configure DHCP snooping and IP Source Guard
Describe what happens in a network during an attack using ARP spoofing
Describe how DAI determines the validity of an ARP packet based on the valid MACaddress to IP address bindings stored in a DHCP snooping database
Describe the commands that can be used to configure DAI
Explain the procedure to protect a network from ARP spoofing attacks
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 29/76
© 2006 Cisco Systems, Inc. Course Administration Guide 29
The lesson includes these topics:
Describing a DHCP Spoof Attack
Describing DHCP Snooping
Configuring DHCP Snooping
Describing ARP Spoofing
Describing DAI
Describing Commands to Configure DAI
Protecting Against ARP Spoofing Attacks
Lesson 4: Describing STP Security Mechanisms
After STP operations are stable in a switched network, the administrator may want to guardagainst rogue switches being attached to the network because these switches may take on therole of the root or backup root bridge. Bridge protocol data unit (BPDU) guard, BPDU filtering,
and root guard are features that attempt to contain the points at which switches and root bridgescan be attached to the network.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe the methods that are available to protect the operation of STP
Describe the commands to configure BPDU guard
Describe the commands to configure BPDU filtering
Describe how root guard is used to improve the stability of Layer 2 networks
Describe the commands used to configure root guard
The lesson includes these topics:
Protecting the Operation of STP
Describing BPDU Guard Configuration
Describing BPDU Filtering Configuration
Describing Root Guard
Describing Root Guard Configuration Commands
Lesson 5: Preventing STP Forwarding Loops
Spanning tree operations can be severely disrupted by links that pass traffic in one direction andnot in the other direction. The Cisco Catalyst platform provides features to guard against thiscondition. Unidirectional Link Detection (UDLD) and loop guard protect the network fromanomalous conditions that result from unidirectional link conditions.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe how UDLD is used to detect and shut down unidirectional links
Describe how loop guard is used to protect against Layer 2 forwarding loops
Describe the commands used to configure UDLD and loop guard
Compare the features of loop guard and UDLD as they protect against unidirectional links
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 30/76
30 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
The lesson includes these topics:
Describing UDLD
Describing Loop Guard
Configuring UDLD and Loop Guard
Preventing STP Failures Caused by Unidirectional Links
Lesson 6: Securing Network Switches
The devices on any network must be secured. A number of vulnerabilities can be reduced bysetting passwords on physical and virtual ports, disabling unneeded services, forcing theencryption of sessions, and enabling logging at the device level.
Upon completing this lesson, the learner will be able to meet these objectives:
Describe how CDP can be used for an attack against a network
Describe the security vulnerabilities in the Telnet option
Describe security vulnerabilities in the SSH
Describe vty ACLs
Describe the commands used to apply ACLs to vtys
Describe general security considerations that should be applied in any switched network
The lesson includes these topics:
Describing Vulnerabilities in the CDP
Describing Vulnerabilities in the Telnet Protocol
Describing Vulnerabilities in the SSH Describing vty ACLs
Describing Commands to Apply ACLs to vty
Best Practices: Switch Security Considerations
The lesson includes these activities:
Case Study 8-1: Applying Security Practices to Secure Devices in the Campus
Case Study 8-2: Using Security Tools to Secure Devices in the Campus
Lab 8-3: Applying Security Tools
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 31/76
© 2006 Cisco Systems, Inc. Course Administration Guide 31
Course EvaluationsCisco uses a post-course evaluation system, Metrics That Matter (MTM), for its instructor-ledcourses. The instructor must ensure that each learner is aware of the confidential evaluation
process and that all learners submit an evaluation for each course. There are two options forlearners to complete the evaluation.
For Classes with Internet Access
A URL will be made available, specific to each Cisco Learning Partner. Obtain the URL fromyour MTM system administrator before the last day of class.
1. Upon completion of the course, instruct the learners to enter the URL into the browser.
2. Make sure that the learners enter their e-mail addresses (used only for a follow-upevaluation).
Note Sixty days following a learning event, learners will receive a brief follow-up evaluation, and,again, responses will be kept confidential. E-mail addresses will not be used for marketingpurposes. (If learners do not have e-mail addresses, they may type in a “dummy” address.)
3. Instruct the learners to select the appropriate course from the drop-down list.
4. Instruct the learners to complete the course evaluation and click Submit one time only.
5. Advise the learners to wait for “Thank you” to appear on the screen before leaving.
For Classes Without Internet Access
A paper-based version of the post-course evaluation is available. Your MTM systemadministrator can provide you with copies.
1. Distribute paper-based evaluations at the beginning of the last day of class.
2. Instruct the learners to complete the survey only after completing the course.
3. Collect the evaluations and submit them to your MTM system administrator.
To View Evaluation Results
To view your post-course evaluation results:
1. Go to www.metricsthatmatter.com/client . (Reminder: All data is confidential; you will see
only your own data.)2. Log in using your ID and the password sent to you from MTM or provided by the MTM
system administrator at your company, to ensure confidentiality.
3. Choose Menu Option > Learner Evaluation Reports :
— Evaluation Retrieval Tool
— Class Evaluation Summary Report
4. Search for and choose the appropriate class.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 32/76
32 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lab Setup
OverviewThe purpose of the Lab Setup section is to assist in the setup and configuration of the trainingequipment for the course Building Cisco Multilayer Switched Networks (BCMSN) v3.0. Thissection includes these topics:
Lab Topology
Hardware and Software Requirements
Workstation Configuration
Lab Equipment Configuration
General Lab Setup
Lab 1-2: Getting Started with Cisco Catalyst Equipment Lab 2-1: Configuring VLANs and VTP
Lab 3-1: Configuring Primary and Backup Root Bridges
Lab 3-2: Implementing PVRST
Lab 3-3: Implementing MSTP
Lab 3-4: Configuring EtherChannel
Lab 3-5: Troubleshooting Spanning Tree
Lab 4-2: Routing Between VLANs
Lab 5-1: Enabling and Optimizing HSRP
Lab 6-1: Configuring Switches for WLANs
Lab 6-2: Setting Up the WLAN Controller
Lab 6-3: Configuring the Controller via the Web Browser
Lab 6-4: Configuring a Wireless Client (Optional)
Lab 7-1: Configuring IP Telephony Support
Lab 8-3: Applying Security Tools
Configuration Files Summary
Lab Activity Solutions
Teardown and Restoration
Preparation for Non-Lab Activities
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 33/76
© 2006 Cisco Systems, Inc. Course Administration Guide 33
Lab TopologyThis topic describes the lab topology for Building Cisco Multilayer Switched Networks (BCMSN) v3.0.
© 2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.0—1
Visual Objective
Each pod is created and configured independently of any other pod in the topology. Withineach lab, learners are responsible for only their pod equipment. A pod is a grouping of switchesand routers composed of client devices, access switches, distribution switches, and access to thecore. The learner is not responsible for the core equipment.
Device Name
DeviceNameAbbreviation
AssignedPod
AdditionalInformation
PC – 1 XPC1 X-POD “X” – Pod ID
PC – 2 XPC2 X-POD “X” – Pod ID
Access Sw 1 XASW1 X-POD “X” – Pod ID
Access Sw 2 XASW2 X-POD “X” – Pod ID
Distribution 1 XDSW1 X-POD “X” – Pod ID
Distribution 2 XDSW2 X-POD “X” – Pod ID
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 34/76
34 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Hardware and Software RequirementsThese tables list the recommended equipment to support the lab activities.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 35/76
© 2006 Cisco Systems, Inc. Course Administration Guide 35
Hardware Equipment List
Numberof Units
Cisco Part Number Product Description
Building Access Submodule Equipment
2 WS-C2950G-12-EI Cisco Catalyst 2950 with the following options:
Twelve 10/100 Fast Ethernet ports with two GigabitInterface Converter (GBIC) slots
IOS Enhanced Image
2 CAB-AC 110 V power cord (for Catalyst 2950)
Wireless LAN Equipment
4 AIR-AP1020-x-K9
Or
AIR-LAP1242AG-x-K9
Cisco Series Lightweight AP with external antennas
Replace “x” with country code
8 AIR-ANT4941 2.4 GHz,2.2 dBi Dipole Antenna (two per AP for externalantennas)
4 or 8 AIR-ANT5135D-R 5GHz 3.5dBi Dipole Antenna (one per AP 1020, or elsetwo per AP LAP1242AG)
12 or 16 Attenuators Suggested Option
(12 attenuators if AP1020 which has two 2.4 GHz + one 5GHz antennas, else 16 if AP LAP1242AG which has two2.4 + two 5 GHz atennas)
Approximately 10 to 40 dBi attenuators to reduce RFpower on external antennas. Needed when APs are in veryclose proximity (same rack). The exact amount ofattenuation will depend on AP surrounding environmentand APs proximity to each other.
Country power regulation will vary the specific type ofattenuators.
Example vendor: www.terrawaveonline.com
1 RF Cage/Rack Optional
Cage or rack for RF containment and isolation from otherproduction environment APs
Example vendor: www.equiptoelec.com
4 Clients Fixed client to associate to AP (Linksys USB print server
WPS54G has been tested and recommended)
4 AIR-PWR-1000 Cisco PoE power supply for AP (not necessary if usingPoE Cat 3560 switch)
4 AIR-WLC2006-K9 Cisco 2000 Series WLAN Controller
6 AIR-CB21AG-A-K9 Wireless client with a/b/g radio for laptop with cardbus slot
Building Distribution Submodule Equipment
2 WS-C3750G-24T-S Cisco Catalyst 3750 with the following options:
Twenty-four 10/100/1000 Ethernet ports and four SFP
ports
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 36/76
36 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Numberof Units
Cisco Part Number Product Description
IOS enhanced image, required to support EIGRProuting
2 CAB-AC 110 V power cord (for Catalyst 3750)
Campus Backbone Submodule Equipment
2 WS-C4503-S2+48 Catalyst 4503 with the following option:
IOS enhanced image, required to support EIGRProuting
2 CAB-AC 110 V power cord (for Catalyst 4503)
Additional Equipment
Software List
Cisco IOS Software Versions
Platform Cisco IOS Image Name Comment
Access Switches
WS-C2950G-12-EI c2950-i6q4l2-mz.121-22.EA1.bin Cisco Catalyst 2950
Distribution Switches
WS-C3750G-24T-S c3750-advipservicesk9-tar.122-25.SED.tar Cisco Catalyst 3750
Backbone Switches
WS-C4503-S2+48 cat4000-i9k91s-mz.122-25.EWA5.bin Cisco Catalyst 4503
PC Router
CISCO1721 c1700-sy-mz.121-17 If available for reuse
Term server Router
CISCO3640 c3640-ik8s-mz.122-11 If available for reuse
CISCO2811 c2800nm-ipbase-mz.124-4.T.bin Replaces 3640 for new labs
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 37/76
© 2006 Cisco Systems, Inc. Course Administration Guide 37
Lab Equipment ConfigurationThis equipment configuration information is necessary for initial setup of the lab configuration.
BCMSN v3.0 Updated Equipment ListThis table lists the recommended equipment to support the laboratory activities.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 38/76
38 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Laboratory Equipment List
Numberof Units
Cisco Part Number Product Description
Building Access Submodule Equipment
8 WS-C2950G-12-EI Cisco Catalyst 2950 with the following options:
Twelve 10/100 Fast Ethernet ports with twoGigabit Interface Converter (GBIC) slots
IOS Enhanced Image
8 CAB-AC 110 V power cord (for Cisco Catalyst 2950)
Building Distribution Submodule Equipment: Order Through May 2, 2006
4 WS-C3550-12T Cisco Catalyst 3550 with the following options:
Twelve 10/100/1000 Ethernet ports and twoGBIC ports
IOS enhanced image, required to supportEnhanced Interior Gateway Routing Protocol(EIGRP) routing
4 CAB-AC 110 V power cord (for Cisco Catalyst 3550)
OR
as 3550 Will be End of Sale After May 2 , 2006
4 WS-C3560G-24TS-E Cisco Catalyst 3560 with the following options:
Twenty-four 10/100/1000 Ethernet ports and fourSFP ports
IOS enhanced image, required to support EIGRProuting
4 CAB-AC 110 V power cord (for Cisco Catalyst 3560)
Campus Backbone Submodule Equipment
2 WS-C3560G-24TS-E Cisco Catalyst 3560 with the following options:
Twenty-four 10/100/1000 Ethernet ports and fourSFP ports
IOS enhanced image, required to support EIGRProuting
2 CAB-AC 110 V power cord (for Cisco Catalyst 3560)
Wireless Lab Equipment
1 WS-C3560-24PS-E Cisco Catalyst 3560 with the following options:
Twenty-four 10/100 Ethernet ports with Powerover Ethernet (PoE) and four SFP ports
IOS enhanced image, required to support EIGRProuting
1 CAB-AC 110 V power cord (for Cisco Catalyst 3560)
4 AIR-WLC2006-K9 Wireless LAN Controller
4 CAB-AC 110 V power cord (for WLC2006)
4 AIR-LAP1242AG-x-K9 Lightweight access point with external antennas
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 39/76
© 2006 Cisco Systems, Inc. Course Administration Guide 39
Numberof Units
Cisco Part Number Product Description
(recommended)
The console port of this access point can beconnected to the terminal server (optional)
Power over Ethernet required for lab
Replace “x” with country code (e.g., A for US, E forEurope)
4 AIR-AP1020-x-K9 Alternative lightweight access point with internalantennas (used by default) and external antennas
Replace “x” with country code (e.g., A for US, E forEurope)
8 AIR-ANT4941 Two 2.4 GHz dipole antennas per access point
4 (8) AIR-ANT5135D-R One or two 5 GHz dipole antennas per access point
(one per AP 1020, else two per AP LAP1242AG)
4 Wireless Client The selected device depends on the implementationof the lab. Optional, but strongly suggested to providea client to verify configuration via ping
The following devices have been tested as wirelessclients:
• Cisco AIR-CB21AG-x-K9 client adapter
• Linksys WUSB11 or WUSB54G USB clientadapter
• Linksys WPS54G USB print server(recommend as the simplified fixed clientsolution)
12 or 16 Attenuators Suggested option
(12 attenuators if AP1020, which has two 2.4 GHzplus one 5 GHz antennas, or else 16 if APLAP1242AG, which has two 2.4 plus two 5 GHzantennas)
Approximately 10 to 40 dBi attenuators to reduce RFpower on external antennas. Needed when APs are invery close proximity (same rack). The exact amount ofattenuation will depend on AP surroundingenvironment and APs proximity to each other.
Country power regulation will vary the specific type ofattenuators.
Example vendor: www.terrawaveonline.com
1 RF Cage/Rack Optional
Cage or rack for RF containment and isolation fromother production environment APs
Example vendor: www.equiptoelec.com
Additional Equipment
1 CISCO2811(or equivalent system)
Cisco router security bundle 2811 with AC power,2FE, 4HWICs, 2PVDMs, 1NME, 2AIMS, IP BASE, 64Flash/256DRAM (Could use anothermodel/combination as long as it supports NM-32A for
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 40/76
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 41/76
© 2006 Cisco Systems, Inc. Course Administration Guide 41
Cisco IOS Software Versions
Platform IOS Image Name Comment
Access Switches
WS-C2950G-12-EI c2950-i6q4l2-mz.121-22.EA1.bin Cisco Catalyst 2950
Distribution Switches
WS-C3550-12T-E c3550-i5q3l2-mz.121-22.EA2.bin Cisco Catalyst 3550
WS-C3560G-24TS-E c3560-ipservices-tar.122.SEB.tar For Cisco Catalyst 3550 starting onMay 3, 2006
Backbone Switches
WS-X4014 cat4000-i5s-mz.122-25.EW.bin Cisco Catalyst 4000 with SupervisorIII
WS-C3560G-24TS-E c3560-ipservices-tar.122.SEB.tar For Cisco Catalyst 4000 starting onJuly 26, 2004
PC Router
CISCO1721 c1700-sy-mz.121-17
CISCOSOHO91-K9-64
soho91-k9oy6-mz.124-1.bin Replaces 1721 for new labs
Term server Router
CISCO3640 c3640-ik8s-mz.122-11
CISCO2811 Cisco IOS 12.3 IP Plus software Replaces 3640 for new labs
Wireless Lab
WS-3560-24PS-E c3560-advipservicesk9-tar.122-25.SEE.tar
AIR-WLC2006-K9 AIR-WLC2006-K9-3-2-116-21.aes
General Lab SetupThis information details the procedure to set up and configure the lab equipment. Follow thesesteps carefully:
Step 1 Install Cisco IOS software on the access switches if necessary.
Step 2 Install Cisco IOS software on the distribution switches if necessary.
Step 3 Install Cisco IOS software on the backbone switches if necessary.
Step 4 Install Cisco IOS software on the Cisco PC routers if necessary.
Step 5 Install Cisco IOS software on the Cisco terminal server router if necessary.
Step 6 Copy the appropriate base configuration file into NVRAM on each of the switchesand PC routers. The files are as follows:
asw-wiped-config.txt for the Building Access switches
dsw-wiped-config.txt for the Building Distribution switches
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 42/76
42 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
bbsw-wiped-config.txt for the Campus Backbone switches
PC xy-base.txt for the PC routers, where x is the building number and y is thefloor number
Step 7 Copy the configuration files needed for the laboratory activities of Module 5 into NVRAM on the Campus Backbone switches:
bbsw1-lab5a-paste.txt and bbsw1-lab5b-paste.txt onto Campus Backboneswitch 1
bbsw2-lab5a-paste.txt and bbsw2-lab5b-paste.txt onto Campus Backboneswitch 2
Step 8 Configure the Cisco Router Terminal Server. The file BCMSN-3-0-Terminal-Server-Configuration.txt contains a terminal server configuration that you can use asthe basis for your configuration. The first laboratory activity instructs the learners toaccess the terminal server menu, so be certain that your menu configuration matchesthe activity or that appropriate instructions are provided to the learners. The
provided terminal server configuration requires the following wiring connections:
Aysnc 01 ==> ASW21Aysnc 02 ==> ASW22Aysnc 03 ==> ASW23Aysnc 04 ==> ASW24Aysnc 05 ==> DSW121Aysnc 06 ==> DSW122Aysnc 07 ==> BBSW2Aysnc 08 ==> ASW11Aysnc 09 ==> ASW12Aysnc 10 ==> ASW13Aysnc 11 ==> ASW14Aysnc 12 ==> DSW111
Aysnc 13 ==> DSW112Aysnc 14 ==> BBSW1Aysnc 15 ==> Power1 (optional)Aysnc 16 ==> Power2 (optional)Aysnc 25 ==> PC-Router11Aysnc 26 ==> PC-Router12Aysnc 27 ==> PC-Router13Aysnc 28 ==> PC-Router14Aysnc 29 ==> PC-Router21Aysnc 30 ==> PC-Router22Aysnc 31 ==> PC-Router23Aysnc 32 ==> PC-Router24
Step 9 Configure a TACACS-TFTP-FTP server running on either Windows NT server or
Windows 2000 server. Follow these steps: Start installing Cisco Secure 2.4 on the server, following the instructions
provided with the software.
When prompted for the authentication database, click the Check theCiscoSecure ACS database only radio button.
When prompted for access server details, specify authentication withTACACS+, and then provide the name and IP address of the first access switch.Use cisco as the key.
Do not select any advanced options, and make sure that login monitoring isenabled.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 43/76
© 2006 Cisco Systems, Inc. Course Administration Guide 43
Follow the instructions to complete the installation.
Start Cisco Secure Access Control Server to begin configuration.
Use Group Setup to rename Group 1 to myway .
Use User Setup to add the user tacacstest to the group myway with the
password letmein .Use Network Configuration and the Add Entry button to configure each of the access switchesfor TACACS authentication, entering the name, IP address, and TACACS key for each.
WLANs LabStep 1 Install Cisco IOS software on the WLAN lab switch if necessary.
Step 2 Copy the appropriate base configuration file into NVRAM on each of the switchesand PC routers. The files are as follows:
WSW1-initial-config.txt for the WLAN lab switch
Step 3 Configure the Cisco Router Terminal Server. The file BCMSN-3-0-Terminal-Server-Configuration.txt contains a terminal server configuration that you can use asthe basis for your configuration. The first lab activity instructs the learners to accessthe terminal server menu, so be certain that your menu configuration matches theactivity or that appropriate instructions are provided to the learners. The providedterminal server configuration requires the following wiring connections:
Aysnc 01 ==> WSW1Aysnc 02 ==> 1WLC1Aysnc 03 ==> 1WLC2Aysnc 04 ==> 2WLC1Aysnc 05 ==> 2WLC2Aysnc 06 ==> 3WLC1Aysnc 07 ==> 3WLC2Aysnc 08 ==> 4WLC1Aysnc 09 ==> 4WLC2
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 44/76
44 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lab 1-2: Getting Started with Cisco CatalystEquipment
This topic details the lab activity for Lab 1-2.
ObjectivesYou will complete these tasks in this lab:
Run Telnet to connect to the remote lab
Access and use the class menu to verify connectivity to the remote lab terminal server
Establish a connection to the access and distribution switches and verify connectivity
Verify the initial switch configuration and connectivity between the switches
Visual ObjectiveThe figure displays the lab topology that you will use to complete this lab.
©2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.0—1
Visual Objective
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 45/76
© 2006 Cisco Systems, Inc. Course Administration Guide 45
SetupThe table describes how to set up lab configurations with equipment for this lab.
Device
Configuration
File to Install Configuration Instructions
PC router Default Default blank configuration
Access switch Default Default blank configuration
Distribution switch Default Default blank configuration
Additional Setup NotesEnsure that learners successfully prepare their lab equipment and successfully complete this lab
because it will enable successful completion of subsequent labs.
Common IssuesThis subtopic presents common issues for this lab.
Unsuccessful Completion of Lab: Ensure that each learner successfully completes this lab because it is required for the proper completion of the next lab.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 46/76
46 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lab 2-1: Configuring VLANs and VTPThis topic details the lab activity for Lab 2-1.
ObjectivesYou will complete these tasks in this lab:
Create a VTP management domain
Configure trunking
Configure VLANs
Verify the VTP and VLAN status
Associate VLANs with ports on your switch
Visual ObjectiveThe figure illustrates what you will accomplish in this activity.
©2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.0—2
Visual Objective
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 47/76
© 2006 Cisco Systems, Inc. Course Administration Guide 47
SetupThe table describes how to set up lab configurations with equipment for this lab.
Device
Configuration
File to Install Configuration Instructions
PC router Lab 2-1 start PC Sets router to beginning of lab configuration
Access switch Lab 2-1 start ASW Sets switch to beginning of lab configuration
Distribution switch Lab 2-1 start DSW Sets switch to beginning of lab configuration
Additional Setup NotesThis lab is dependent on proper overall configuration of the course lab and the consequentsuccessful completion of the previous lab exercise.
Common IssuesThis subtopic presents common issues for this lab.
Unsuccessful Completion of Lab: Ensure that each learner successfully completes this lab because it is required for the proper completion of the next lab.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 48/76
48 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lab 3-1: Configuring Primary and Backup RootBridges
This topic details the lab activity for Lab 3-1.
ObjectivesYou will complete these tasks in this lab:
Configure a new primary root bridge and a backup root bridge on each VLAN so that theloop-free topology uses the root bridge as a reference point
Use the show running-config , show spanning-tree detail , show spanning-tree root ,show spanning-tree vlan vlan-id bridge , and show spanning-tree vlan vlan-id rootcommands to confirm that the primary root bridge for the specific VLAN has moved to thenew primary root bridge
Verify that a backup root bridge exists
Visual ObjectiveThe figure illustrates what you will accomplish in this activity.
©2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.0—3
Visual Objective
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 49/76
© 2006 Cisco Systems, Inc. Course Administration Guide 49
SetupThe table describes how to set up lab configurations with equipment for this lab.
Device
Configuration
File to Install Configuration Instructions
PC router Lab 3-1 start PC Sets router to beginning of lab configuration
Access switch Lab 3-1 start ASW Sets switch to beginning of lab configuration
Distribution switch Lab 3-1 start DSW Sets switch to beginning of lab configuration
Additional Setup NotesThis lab is dependent on proper overall configuration of the course lab and the consequentsuccessful completion of the previous lab exercise.
Common IssuesThis subtopic presents common issues for this lab.
Unsuccessful Completion of Lab: Ensure that each learner successfully completes this lab because it is required for the proper completion of the next lab.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 50/76
50 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lab 3-2: Implementing PVRSTThis topic details the lab activity for Lab 3-2.
ObjectivesYou will complete these tasks in this lab:
Configure PVRST in access and distribution switches
Ensure that PVRST is working through link failure testing
Visual ObjectiveThe figure displays the lab topology that you will use to complete this lab.
©2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.0—3
Visual Objective
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 51/76
© 2006 Cisco Systems, Inc. Course Administration Guide 51
SetupThe table describes how to set up lab configurations with equipment for this lab.
Device
Configuration
File to Install Configuration Instructions
PC router Lab 3-2 start PC Sets router to beginning of lab configuration
Access switch Lab 3-2 start ASW Sets switch to beginning of lab configuration
Distribution switch Lab 3-2 start DSW Sets switch to beginning of lab configuration
Additional Setup NotesThis lab is dependent on proper overall configuration of the course lab and the consequentsuccessful completion of the previous lab exercise.
Common IssuesThis subtopic presents common issues for this lab.
Unsuccessful Completion of Lab: Ensure that each learner successfully completes this lab because it is required for the proper completion of the next lab.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 52/76
52 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lab 3-3: Implementing MSTPThis topic details the lab activity for Lab 3-3.
ObjectivesYou will complete this task in this lab:
Configure MST on the Building Access and Building Distribution switches and verify theconfiguration
Visual ObjectiveThe figure displays the lab topology that you will use to complete this lab.
©2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.0—3
Visual Objective
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 53/76
© 2006 Cisco Systems, Inc. Course Administration Guide 53
SetupThe table describes how to set up lab configurations with equipment for this lab.
Device
Configuration
File to Install Configuration Instructions
PC router Lab 3-3 start PC Sets router to beginning of lab configuration
Access switch Lab 3-3 start ASW Sets switch to beginning of lab configuration
Distribution switch Lab 3-3 start DSW Sets switch to beginning of lab configuration
Additional Setup NotesThis lab is dependent on proper overall configuration of the course lab and the consequentsuccessful completion of the previous lab exercise.
Common IssuesThis subtopic presents common issues for this lab.
Unsuccessful Completion of Lab: Ensure that each student successfully completes this lab because it is required for the proper completion of the next lab.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 54/76
54 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lab 3-4: Configuring EtherChannelThis topic details the lab activity for Lab 3-4.
ObjectivesYou will complete this task in this lab:
Configure EtherChannel on the distribution switches so that the time for spanning tree toconverge after a network event is shortened, and available bandwidth is being betterutilized
Visual ObjectiveThe figure displays the lab topology that you will use to complete this lab.
©2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.0—3
Visual Objective
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 55/76
© 2006 Cisco Systems, Inc. Course Administration Guide 55
SetupThe table describes how to set up lab configurations with equipment for this lab.
Device
Configuration
File to Install Configuration Instructions
PC router Lab 3-4 start PC Sets router to beginning of lab configuration
Access switch Lab 3-4 start ASW Sets switch to beginning of lab configuration
Distribution switch Lab 3-4 start DSW Sets switch to beginning of lab configuration
Additional Setup NotesThis lab is dependent on proper overall configuration of the course lab and the consequentsuccessful completion of the previous lab exercise.
Common IssuesThis subtopic presents common issues for this lab.
Unsuccessful Completion of Lab: Ensure that each learner successfully completes this lab because it is required for the proper completion of the next lab.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 56/76
56 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lab 3-5: Troubleshooting Spanning TreeThis topic details the lab activity for Lab 3-5.
ObjectivesYou will complete these tasks in this lab:
Troubleshoot trunks and VLANs in a multi-VLAN environment
Troubleshoot spanning-tree domains
Troubleshoot STP forwarding
Visual ObjectiveThe figure displays the lab topology that you will use to complete this lab.
©2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.0—3
Visual Objective
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 57/76
© 2006 Cisco Systems, Inc. Course Administration Guide 57
SetupThe table describes how to set up lab configurations with equipment for this lab.
Device
Configuration
File to Install Configuration Instructions
PC router Lab 3-5 start PC Sets router to beginning of lab configuration
Access switch Lab 3-5 start ASW Sets switch to beginning of lab configuration
Distribution switch Lab 3-5 start DSW Sets switch to beginning of lab configuration
Additional Setup NotesThis lab is dependent on proper overall configuration of the course lab and the consequentsuccessful completion of the previous lab exercise.
Common IssuesThis subtopic presents common issues for this lab.
Unsuccessful Completion of Lab: Ensure that each learner successfully completes this lab because it is required for the proper completion of the next lab.
Ensure that the learner detects and solves each problem configured on the switches
Wrong VTP domain name
VLANs deleted
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 58/76
58 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lab 4-2: Routing Between VLANsThis topic details the lab activity for Lab 4-2.
Caution It is absolutely necessary that all of the previous multilayer switch steps have beensuccessfully configured and verified by the instructor before proceeding with this activity.
ObjectivesYou will complete these tasks in this lab:
Configure a Building Distribution multilayer switch for routing
Configure VLAN interfaces for IP addresses with Layer 3 routing
Reconfigure the IP addresses in your network to enable inter-VLAN routing
Verify the Campus Backbone switch configuration for routing
Verify inter-VLAN Layer 3 routing
Disable routing and verify loss of Layer 3 connectivity
Visual ObjectiveThe figure displays the lab topology that you will use to complete this lab.
©2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.0—4
Visual Objective
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 59/76
© 2006 Cisco Systems, Inc. Course Administration Guide 59
SetupThe table describes how to set up lab configurations with equipment for this lab.
Device
Configuration
File to Install Configuration Instructions
PC router Lab4-2 start PC Sets router to beginning of lab configuration
Access switch Lab 4-2 start ASW Sets switch to beginning of lab configuration
Distribution switch Lab 4-2 start DSW Sets switch to beginning of lab configuration
Additional Setup NotesThis lab is dependent on proper overall configuration of the course lab and the consequentsuccessful completion of the previous lab exercise. The instructor should ensure that errorshave been introduced to each learner’s lab.
Common IssuesThis subtopic presents common issues for this lab.
Unsuccessful Completion of Lab: Ensure that each learner successfully completes this lab because it is required for the proper completion of the next lab.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 60/76
60 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lab 5-1: Enabling and Optimizing HSRPThis topic details the lab activity for Lab 5-1.
Activity ObjectiveYou will complete these tasks in this lab:
Configure HSRP on the router
Test HSRP on routers by simulating a failure
Test HSRP tuning enhancements using the preempt command
Troubleshoot HSRP on the routers
Visual Objective
The figure displays the topology that you will use to complete this lab.
©2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.0—5
Visual Objective
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 61/76
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 62/76
62 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lab 6-1: Configuring Switches for WLANsThis topic details the lab activity for Lab 6-1.
ObjectivesYou will complete these tasks in this lab:
Configure VLANs on the switch
Configure DHCP on the switch
Prepare the switch for a WLAN controller and a lightweight access point
Visual ObjectiveThe figure displays the topology that you will use to complete this lab.
©2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.0—6
WLAN Lab
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 63/76
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 64/76
64 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lab 6-2: Setting Up the WLAN ControllerThis topic details the lab activity for Lab 6-2.
ObjectivesYou will complete these tasks in this lab:
View the boot options screen and select the correct option to continue the system bootsequence
Answer questions presented by the startup wizard
Input basic configuration information when prompted by the startup wizard
Visual ObjectiveThe figure displays the topology that you will use to complete this lab.
©2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.0—6
WLAN Lab
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 65/76
© 2006 Cisco Systems, Inc. Course Administration Guide 65
SetupThe table describes how to set up lab configurations with equipment for this lab.
Device
Configuration
File to Install Configuration Instructions
Campus Backboneswitches
None None
Building Distributionswitches
None None
Building Access switches None None
Wireless lab switch None None
Additional Setup NotesThis lab is dependent on proper overall configuration of the course lab and the consequentsuccessful completion of the previous lab exercise.
Common IssuesThis subtopic presents common issues for this lab.
This lab initializes the WLAN controller for the next lab. Make sure that the IP addressesare configured correctly.
Ensure that each learner successfully completes this lab because it is required for the propercompletion of the next lab.
Sometimes the access point does not associate to the WLAN controller. This association is
required for the next lab and client connectivity for WLAN. The solution is to reboot theaccess point. Using Power over Ethernet, this can done by shutting down and thenre-enabling the switch port to which the access point is connected. The procedure isoutlined in the lab guide.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 66/76
66 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lab 6-3: Configuring the Controller via the WebBrowser
This topic details the lab activity for Lab 6-3.
ObjectivesYou will complete these tasks in this lab:
Open the web browser and connect to the controller by entering the IP address of thecontroller
Establish a controller web session to your WLAN controller
Use the controller web to monitor the WLAN controller, log in and answer questions
Use the controller web to configure a WLAN
Use the controller web to configure connectivity to the WLAN controller Use the controller web to save configuration changes
Use the capabilities of the controller web to modify the default auto RF values
Use the controller web to check network connectivity
Visual ObjectiveThe figure displays the topology that you will use to complete this lab.
©2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.0—6
WLAN Lab
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 67/76
© 2006 Cisco Systems, Inc. Course Administration Guide 67
SetupThe table describes how to set up lab configurations with equipment for this lab.
Device
Configuration
File to Install Configuration Instructions
Campus Backboneswitches
None None
Building Distributionswitches
None None
Building Access switches None None
Wireless lab switch None None
Additional Setup NotesThis lab is dependent on proper overall configuration of the course lab and the consequentsuccessful completion of the previous lab exercise. The instructor should ensure that errorshave been introduced to each learner’s lab.
Common IssuesThis subtopic presents a common issue for this lab.
This lab requires access via web browser to the WLAN controller.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 68/76
68 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lab 6-4: Configuring Switches for WLANsThis topic details the lab activity for Lab 6-4.
ObjectivesYou will complete these tasks in this lab:
Install the CB21AG client card
Configure the CB21AG client card
Visual ObjectiveThe figure displays the topology that you will use to complete this lab.
©2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.0—6
WLAN Lab
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 69/76
© 2006 Cisco Systems, Inc. Course Administration Guide 69
SetupThe table describes how to set up lab configurations with equipment for this lab.
Device
Configuration
File to Install Configuration Instructions
Campus Backboneswitches
None None
Building Distributionswitches
None None
Building Access switches None None
Wireless lab switch None None
Additional Setup NotesThis lab is dependent on a WLAN in the classroom or remote access to a PC with a WLANclient adapter installed.
This lab is optional.
Common IssuesThere are no known issues for this lab.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 70/76
70 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lab 7-1: Configuring IP Telephony SupportThis topic details the lab activity for Lab 7-1.
ObjectivesYou will complete these tasks in this lab:
Configure access ports to carry voice traffic in 802.1Q frames
Configure CoS override for data frames on access switches
Configure voice traffic frames into the distribution layer
Configure CoS override for data frames on distribution switches
Visual Objective
The figure displays the lab topology that you will use to complete this lab.
©2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.0—1
Visual Objective
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 71/76
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 72/76
72 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Lab 8-2: Applying Security ToolsThis topic details the lab activity for Lab 8-2.
ObjectivesYou will complete these tasks in this lab:
Correctly identify security risks
Select the correct tools to minimize the identified risks
Configure devices to prevent attacks so that the potential risk for network serviceinterruption or data loss is reduced
Visual ObjectiveThe figure displays the lab topology that you will use to complete this lab.
©2006 Cisco Systems, Inc. All rights reserved. BCMSN v3.0—7
Visual Objective
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 73/76
© 2006 Cisco Systems, Inc. Course Administration Guide 73
SetupThe table describes how to set up lab configurations with equipment for this lab.
Device
Configuration
File to Install Configuration Instructions
PC router Lab 8-2 start PC Sets router to beginning of lab configuration
Access switch Lab 8-2 start ASW Sets switch to beginning of lab configuration
Distribution switch Lab 8-2 start DSW Sets switch to beginning of lab configuration
Additional Setup NotesThis lab is dependent on proper overall configuration of the course lab and the consequentsuccessful completion of the previous lab exercise.
Common IssuesThis subtopic presents common issues for this lab.
Unsuccessful Completion of Lab: Ensure that each learner successfully completes this lab because it is required for the proper completion of the next lab.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 74/76
74 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 © 2006 Cisco Systems, Inc.
Configuration Files SummaryThis topic details the course configuration files, which provide information about the startingcondition of each lab.
Configuration Filename Comments
Core-BBS1 Core configuration for BBS1 Core router
Core-BBS2 Core configuration for BBS2 Core router
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 75/76
© 2006 Cisco Systems, Inc. Course Administration Guide 75
Teardown and RestorationThis topic describes how to tear down and restore the equipment that is used in the course.
If laptops are used for remote access, pack up the laptops and ensure that proper shipping isarranged for.
8/13/2019 BCMSN30CAG
http://slidepdf.com/reader/full/bcmsn30cag 76/76