Network Fundamentals: Switch Configuration and Boot

Questions and Answers

What is a primary advantage of using SSH over Telnet for remote access?

SSH uses less network bandwidth.

SSH can connect without requiring a username.

SSH offers an encrypted management connection. (correct)

SSH allows for faster connection speeds.

Which command is essential for verifying SSH support on a switch?

show running-config

show ip interface

show version (correct)

show ssh status

When configuring SSH, which command ensures that only the local database is used for authentication?

transport input ssh

login local (correct)

enable secret

username admin privilege

What type of connection do Gigabit Ethernet and 10Gb Ethernet NICs require to function properly?

Full-duplex connections

What must be present in the IOS version of a switch to utilize SSH?

An IOS version with cryptographic capabilities indicated by 'k9'.

What command would you use to check the duplex and speed settings on a switch interface?

show interfaces interface_id

Which command would be most appropriate to secure multiple unused switch ports at once?

interface range

What should be done after generating RSA key pairs during SSH configuration?

Configure the vty lines.

Which feature allows an interface to automatically detect the required cable type for connection?

Auto-MDIX

Which command would be used to check the current SSH connections from a remote device?

show users

What command can be used to verify the settings of the Auto-MDIX feature?

show controllers Ethernet-controller

Which of the following is a commonly forgotten step in configuring SSH?

Configuring the IP domain name.

What does the first parameter indicate when using the show interfaces command?

Carrier detect signal

Which of the following statements regarding fiber ports is correct?

Fiber ports only operate at one speed and are full-duplex.

What is the significance of verifying duplex and speed settings on a switch?

To prevent connectivity issues

What is the purpose of keepalives in data link layer protocols?

To determine protocol status.

What is the primary function of DHCPv4 in a network?

To dynamically assign IPv4 addresses and network configuration information.

Which of the following messages is sent first in the DHCPv4 leasing process?

DHCP Discover

What type of message does the DHCPv4 server send in response to a client's DHCP Discover?

DHCP Offer

Which UDP port is used by the DHCPv4 client to send messages?

UDP port 68

What are the last two steps in the DHCPv4 leasing process?

DHCP Request and DHCP Acknowledgment

In a switched network that implements DHCP, what might a common issue to troubleshoot involve?

Failure of a device to respond to a DHCP Discover message.

What is a characteristic of a dedicated DHCPv4 server in a network?

It is easy to manage and scalable.

Which statement best describes the role of a Cisco router in DHCPv4?

It can be configured to provide DHCPv4 services.

What command is used to create a DHCPv4 pool on a Cisco router?

ip dhcp pool pool-name

Which command is used to verify the DHCPv4 configuration?

show running-config | section dhcp

When configuring a DHCPv4 server, which command is used to exclude specific IPv4 addresses?

ip dhcp excluded-address

What role do routers play in the context of DHCPDISCOVER messages?

Act as relay agents for broadcasts

What command should be used to configure a router as a DHCPv4 client?

ip address dhcp

Which command provides information about DHCP server statistics?

show ip dhcp server statistics

In a wireless router, how is IPv4 addressing information typically obtained?

Automatically received from the ISP

How can the operation of DHCPv4 be verified after configuration?

Using the command show ip dhcp binding

What is the primary action a Stateful DHCPv6 client performs?

Sends a DHCPv6 REQUEST message for an IPv6 address

Which command is necessary to verify the Stateless DHCPv6 configuration?

show ipv6 dhcp pool

Which configuration step is not part of setting up a Stateless DHCPv6 server?

Allow the router to send RS messages

What is the purpose of the command 'ipv6 nd managed-config-flag' in a Stateful DHCPv6 server configuration?

To indicate that the device will manage address configuration

Which step is required when configuring a router as a Stateful DHCPv6 client?

Allow the router to send RS messages

Which command would you use to enable IPv6 routing on a router intended as a DHCPv6 server?

ipv6 unicast-routing

What follows after configuring a DHCPv6 pool on the router for Stateless DHCPv6?

Configure interface with ipv6 dhcp server pool-name

To which command does workload allocation for DNS servers pertain in Stateful DHCPv6 server setup?

dns-server dns-server-address

Which command would you use to verify the DHCPv6 configuration on a router?

show ipv6 interface

What command should be used to check the bindings created by a Stateful DHCPv6 server?

show ipv6 dhcp binding

When configuring a router as a DHCPv6 relay agent, which command is required?

ipv6 dhcp relay destination destination-address

To verify the transmission and receipt of DHCPv6 messages, which debugging command should you use?

debug ipv6 dhcp detail

What is the main purpose of configuring DHCPv6 in a network?

To manage IP addresses in small to medium-sized networks

What is essential to remember when the DHCPv6 server is on a different network than the client?

The router must be configured as a DHCPv6 relay agent

In what scenario is 'debug ipv6 dhcp detail' particularly useful?

When troubleshooting DHCPv6 issues

Which command would NOT be helpful when troubleshooting DHCPv6?

show ipv4 dhcp bindings

Study Notes

Chapter 5: Switch Configuration

• The chapter covers configuring basic switch settings to meet network requirements.
• Configuring initial settings on a Cisco switch is included.
• Configuring switch ports to meet network needs is detailed.
• Switch security best practices for a small to medium sized business network.
• Management virtual interfaces on a switch are explained.
• Port security features for restricting network access.

Switch Boot Sequence

• Power-on self-test (POST) is a program in ROM, used to check hardware (CPU, RAM).
• The boot loader, also in ROM, initializes CPU parts, flash file system, and locates IOS image.
• IOS image location is defined by the BOOT environment variable.
• If BOOT variable isn't set, the switch searches flash for an executable image to load.
• If no executable image is found, the switch displays a prompt and allows commands for operating system files.
• If IOS loads, switch interfaces and commands in startup-config file load.
• The startup-config file is in NVRAM.
• The boot system command sets the BOOT environment variable.

Switch LED Indicators

• System LED indicates switch power status.
• Port LEDs represent link status.
• Off: no link or shutdown.
• Green: link present.
• Blinking green: data activity.
• Alternating green and amber: link fault.
• Amber: port not sending data (typical for first 30 seconds of connectivity).
• Blinking amber: port is preventing switch loop.

Preparing for Basic Switch Management

• To configure a switch for remote access, the switch needs an IP address, subnet mask, and a gateway.
• One virtual interface (SVI): used to manage the switch.
  • Assigns a switch IP address
• Management VLAN is usually VLAN 1.

Configuring Basic Switch Management Access with IPv4

• Global configuration mode is entered.
• Interface configuration mode for SVI (VLAN 99) is entered.
• Management interface IP address is configured(172.17.99.11 255.255.255.0).
• Management interface is enabled (no shutdown).
• Returns to privileged EXEC mode.
• Default gateway for the switch is configured(172.17.99.1).
• Returns to privileged EXEC mode.
• Running configuration saved to startup configuration.

Configure Switch Ports

• Gigabit and 10Gb Ethernet NICs need full-duplex connections to function.
• Full-duplex communication is bidirectional (send and receive simultaneously).
• Half-duplex communication is unidirectional (send or receive).
• Some switches have auto settings for duplex and speed, which can cause issues if mismatched.
• Check duplex and speed settings by using the show interface interface_id command.
• All fiber ports operate at one speed and are always full-duplex .
• Switch ports configured to use auto-MDIX for automatic crossover configuration.

Verifying Switch Port Configuration

• Commands for checking interface status and configuration:
  • show interfaces (interface-id)
  • show startup-config
  • show running-config
  • show flash
  • show version
  • show history
  • show ip (interface-id)
  • show mac-address-table
  • show mac address-table

Network Access Layer Issues

• Use the show interfaces command to find media problems.
• The first parameter checks the physical layer (Layer 1) for a carrier detect signal.
• The second parameter checks the data link layer (Layer 2) for correct protocol configuration and keepalives.

Chapter Summary 5

• Configure basic switch settings to meet network requirements.
• Configure a switch using security best practices in a small to medium-sized business network.

Chapter 8: DHCP

• Chapter discusses implementing and troubleshooting DHCPv4 and DHCPv6 across multiple LANs in a small or medium sized business network.
• DHCPv4 operation, configuration and troubleshooting details are covered.
• DHCPv6 operation, configuration and troubleshooting details are covered.

DHCPv4 Operation

• DHCPv4 dynamically assigns IPv4 addresses and other configuration information.
• A dedicated DHCPv4 server is efficient for managing IP addresses.
• Cisco routers can act as DHCPv4 servers.
• Four-step process for a client to obtain a lease:
  1. DHCP Discover (DHCPDISCOVER)
  2. DHCP Offer (DHCPOFFER)
  3. DHCP Request (DHCPREQUEST)
  4. DHCP Acknowledgment (DHCPACK)

- The DHCPv4 message format has specific codes and fields.



### DHCPv6 Configuration and verification

 - Includes SLAAC (Stateless Address Autoconfiguration)
 - Covers how to configure and verify DHCPv6 configurations on a router as both a client and a server.



### Switch Port Security

- Port security limits valid MAC addresses allowed on ports.
- Security violation occurs if an unknown MAC address sends data to a port.
- Static security MAC addresses are configured manually.
- Dynamic security MAC address learning occurs and is removed after a reboot.
- Sticky security MAC address learning is dynamic, persists across restarts and is configurable in switchport-security mac-address sticky.

Description

This quiz covers Chapter 5 on configuring basic switch settings for network requirements, focusing on both initial settings and security practices. It also delves into the switch boot sequence, detailing the steps from power-on self-test to loading the IOS image. Enhance your networking knowledge by testing your understanding of switch operations and configurations.