Term
|
Definition
| De-encapsulating and re-encapsulating a packet in a data link frame (routers, Layer 3 switches) ■ Adding or removing an 802.1Q trunking header (routers and switches) ■ Matching the destination MAC address to the MAC address table (Layer 2 switches) ■ Matching the destination IP address to the IP routing table (routers, Layer 3 switches) ■ Encrypting the data and adding a new IP header (for VPN processing) ■ Changing the source or destination IP address (for NAT processing) ■ Discarding a message due to a filter (ACLs, port security) |
|
|
Term
|
Definition
■ Routing protocols (OSPF, EIGRP, RIP, BGP)
■ IPv4 ARP
■ IPv6 NDP
■ Switch MAC learning
■ STP |
|
|
Term
|
Definition
|
|
Term
|
Definition
| ASIC logic --- TCAM table lookup |
|
|
Term
| A controller, or SDN controller |
|
Definition
| Centralizes the control of the networking devices |
|
|
Term
|
Definition
SBI: It is an interface between a program (the controller) and a program
(on the networking device) that lets the two programs communicate, with one goal being to allow the controller to program the data plane forwarding tables of the networking device. |
|
|
Term
|
Definition
| An API is a method for one application (program) to exchange data with another application.an API is an interface to an application program. Programs process data, so an API lets two programs exchange data.an API often exists as usable code—functions, variables, and data structures—that can be used by one program to communicate and copy structured data between the programs across a network. |
|
|
Term
|
Definition
■ OpenFlow (from the ONF; https://www.opennetworking.org)
■ OpFlex (from Cisco; used with ACI)
■ CLI (Telnet/SSH) and SNMP (from Cisco; used with APIC-EM) |
|
|
Term
|
Definition
A controller’s Northbound Interface (NBI) opens the controller so its data and functions can
be used by other programs, enabling network programmability, with much quicker development.
Programs can pull information from the controller, using the controller’s APIs. The
NBIs also enable programs to use the controller’s abilities to program flows into the devices
using the controller’s SBIs. |
|
|
Term
| REST API (Representational State Transfer) |
|
Definition
REST (Representational State Transfer) describes a type of API that
allows applications to sit on different hosts |
|
|
Term
|
Definition
■ Open SDN Controller and OpenFlow
■ Cisco Application Centric Infrastructure (ACI) and OpFlex
■ Cisco APIC Enterprise Module (APIC-EM) |
|
|
Term
|
Definition
| A LAN includes all devices in the same broadcast domain.A broadcast domain includes the set of all LAN-connected devices, so that when any of the devices sends a broadcast frame, all the other devices get a copy of the frame. So, from one perspective, you can think of a LAN and a broadcast domain as being basically the same thing. |
|
|
Term
The following list summarizes the
most common reasons for choosing to create smaller broadcast domains (VLANs): |
|
Definition
■ To reduce CPU overhead on each device by reducing the number of devices that receive
each broadcast frame
■ To reduce security risks by reducing the number of hosts that receive copies of frames
that the switches flood (broadcasts, multicasts, and unknown unicasts)
■ To improve security for hosts that send sensitive data by keeping those hosts on a separate
VLAN
■ To create more flexible designs that group users by department, or by groups that work
together, instead of by physical location
■ To solve problems more quickly, because the failure domain for many problems is the
same set of devices as those in the same broadcast domain
■ To reduce the workload for the Spanning Tree Protocol (STP) by limiting a VLAN to a
single access switch |
|
|
Term
|
Definition
| Cisco proprietary trunking protocol |
|
|
Term
|
Definition
RFC defined trunking protocol (common today).802.1Q
inserts an extra 4-byte 802.1Q VLAN header into the original frame’s Ethernet header.802.1Q header, only the 12-bit VLAN ID field inside the 802.1Q header matters. |
|
|
Term
| Cisco switches VLAN range |
|
Definition
Cisco switches break the range of VLAN IDs (1–4094) into two ranges: the normal range
and the extended range. All switches can use normal-range VLANs with values from 1 to
1005. Only some switches can use extended-range VLANs with VLAN IDs from 1006 to
4094. The rules for which switches can use extended-range VLANs depend on the configuration
of the VLAN Trunking Protocol (VTP), |
|
|
Term
|
Definition
802.1Q also defines one special VLAN ID on each trunk as the native VLAN (defaulting
to use VLAN 1). By definition, 802.1Q simply does not add an 802.1Q header to frames in
the native VLAN. When the switch on the other side of the trunk receives a frame that does
not have an 802.1Q header, the receiving switch knows that the frame is part of the native
VLAN. Note that because of this behavior, both switches must agree on which VLAN is the
native VLAN.The 802.1Q native VLAN provides some interesting functions, mainly to support connections
to devices that do not understand trunking. For example, a Cisco switch could be cabled to a switch that does not understand 802.1Q trunking. The Cisco switch could send
frames in the native VLAN—meaning that the frame has no trunking header—so that the
other switch would understand the frame. The native VLAN concept gives switches the
capability of at least passing traffic in one VLAN (the native VLAN), which can allow some
basic functions, like reachability to telnet into a switch. |
|
|
Term
|
Definition
Layer 3 switches can be configured to act only as a Layer 2
switch, or they can be configured to do both Layer 2 switching as well as Layer 3 routing. |
|
|
Term
| Creating VLAN ON a Cisco switch |
|
Definition
Step 1.
To configure a new VLAN, follow these steps:
A. From configuration mode, use the vlan vlan-id command in global configuration
mode to create the VLAN and to move the user into VLAN configuration
mode.
B. (Optional) Use the name name command in VLAN configuration mode
to list a name for the VLAN. If not configured, the VLAN name is
VLANZZZZ, where ZZZZ is the four-digit decimal VLAN ID.
Step 2.
For each access interface (each interface that does not trunk, but instead
belongs to a single VLAN), follow these steps:
A. Use the interface type number command in global configuration mode to
move into interface configuration mode for each desired interface.
B. Use the switchport access vlan id-number command in interface configuration
mode to specify the VLAN number associated with that interface.
C. (Optional) Use the switchport mode access command in interface configuration
mode to make this port always operate in access mode (that is, to
not trunk). |
|
|
Term
|
Definition
VTP is a Cisco proprietary
tool on Cisco switches that advertises each VLAN configured in one switch (with the
vlan number command) so that all the other switches in the campus learn about that VLAN.
However, for various reasons, many enterprises choose not to use VTP.
■ The server switches can configure VLANs in the standard range only (1–1005).
■ The client switches cannot configure VLANs.
■ Both servers and clients may be learning new VLANs from other switches, and seeing
their VLANs deleted by other switches, because of VTP.
■ The show running-config command does not list any vlan commands. |
|
|
Term
|
Definition
| Port connected to end user devices. |
|
|
Term
|
Definition
| Always use in switch to switch connection. |
|
|
Term
| Dynamic desirable command option |
|
Definition
Initiates negotiation messages and responds to negotiation messages to
dynamically choose whether to start using trunking |
|
|
Term
| Dynamic auto command option |
|
Definition
Passively waits to receive trunk negotiation messages, at which point
the switch will respond and negotiate whether to use trunking |
|
|
Term
|
Definition
Same idea and configuration as the access VLAN on an access port, but
defined as the VLAN on that link for forwarding the traffic for the device connected to
the phone on the desk (typically the user’s PC). |
|
|
Term
|
Definition
The VLAN defined on the link for forwarding the phone’s traffic. Traffic
in this VLAN is typically tagged with an 802.1Q header |
|
|
Term
| Data and Voice VLAN Configuration |
|
Definition
Step 1.
Use the vlan vlan-id command in global configuration mode to create the data
and voice VLANs if they do not already exist on the switch.
Step 2.
Configure the data VLAN like an access VLAN, as usual:
A. Use the interface type number command in global configuration mode to
move into interface configuration mode.
B. Use the switchport access vlan id-number command in interface configuration
mode to define the data VLAN.
C. Use the switchport mode access command in interface configuration mode
to make this port always operate in access mode (that is, to not trunk).
Step 3.
Use the switchport voice vlan id-number command in interface configuration
mode to set the voice VLAN ID. |
|
|
Term
| Summary: IP Telephony Ports on Switches |
|
Definition
■ Configure these ports like a normal access port to begin: Configure it as a static access
port and assign it an access VLAN.
■ Add one more command to define the voice VLAN (switchport voice vlan vlan-id).
■ Look for the mention of the voice VLAN ID, but no other new facts, in the output of
the show interfaces type number switchport command.
■ Look for both the voice and data (access) VLAN IDs in the output of the show
interfaces type number trunk command.
■ Do not expect to see the port listed in the list of operational trunks as listed by the show
interfaces trunk command . |
|
|
Term
|
Definition
Global config command that both creates the
VLAN and puts the CLI into VLAN configuration
mode |
|
|
Term
|
Definition
| VLAN subcommand that names the VLAN |
|
|
Term
|
Definition
VLAN mode subcommand that enables (no
shutdown) or disables (shutdown) the VLAN |
|
|
Term
| [no] shutdown vlan vlan-id |
|
Definition
Global config command that has the same effect as
the [no] shutdown VLAN mode subcommands |
|
|
Term
vtp mode {server | client | transparent
| off} |
|
Definition
| Global config command that defines the VTP mode |
|
|
Term
switchport mode {access | dynamic
{auto | desirable} | trunk} |
|
Definition
Interface subcommand that configures the trunking
administrative mode on the interface |
|
|
Term
| switchport access vlan vlan-id |
|
Definition
Interface subcommand that statically configures the
interface into that one VLAN |
|
|
Term
switchport trunk encapsulation {dot1q |
isl | negotiate} |
|
Definition
Interface subcommand that defines which type
of trunking to use, assuming that trunking is
configured or negotiated |
|
|
Term
| switchport trunk native vlan vlan-id |
|
Definition
Interface subcommand that defines the native
VLAN for a trunk port |
|
|
Term
|
Definition
Interface subcommand that disables the negotiation
of VLAN trunking |
|
|
Term
| switchport voice vlan vlan-id |
|
Definition
Interface subcommand that defines the voice
VLAN on a port, meaning that the switch uses
802.1Q tagging for frames in this VLAN |
|
|
Term
show interfaces interface-id
switchport |
|
Definition
Lists information about any interface regarding
administrative settings and operational state |
|
|
Term
| show interfaces interface-id trunk |
|
Definition
Lists information about all operational trunks (but no
other interfaces), including the list of VLANs that can
be forwarded over the trunk |
|
|
Term
show vlan [brief | id vlan-id | name
vlan-name | summary] |
|
Definition
| Lists information about the VLAN |
|
|
Term
|
Definition
| Displays VLAN information |
|
|
Term
|
Definition
| Lists VTP configuration and status information |
|
|
