Network Fundamentals: Switch Configuration and Boot

Questions and Answers

What is a primary advantage of using SSH over Telnet for remote access?

SSH uses less network bandwidth.

SSH can connect without requiring a username.

SSH offers an encrypted management connection. (correct)

SSH allows for faster connection speeds.

Which command is essential for verifying SSH support on a switch?

show running-config

show ip interface

show version (correct)

show ssh status

When configuring SSH, which command ensures that only the local database is used for authentication?

transport input ssh

login local (correct)

enable secret

username admin privilege

What type of connection do Gigabit Ethernet and 10Gb Ethernet NICs require to function properly?

Full-duplex connections (B)

What must be present in the IOS version of a switch to utilize SSH?

An IOS version with cryptographic capabilities indicated by 'k9'. (D)

What command would you use to check the duplex and speed settings on a switch interface?

show interfaces interface_id (C)

Which command would be most appropriate to secure multiple unused switch ports at once?

interface range (A)

What should be done after generating RSA key pairs during SSH configuration?

Configure the vty lines. (C)

Which feature allows an interface to automatically detect the required cable type for connection?

Auto-MDIX (B)

Which command would be used to check the current SSH connections from a remote device?

show users (D)

What command can be used to verify the settings of the Auto-MDIX feature?

show controllers Ethernet-controller (C)

Which of the following is a commonly forgotten step in configuring SSH?

Configuring the IP domain name. (A)

What does the first parameter indicate when using the show interfaces command?

Carrier detect signal (D)

Which of the following statements regarding fiber ports is correct?

Fiber ports only operate at one speed and are full-duplex. (B)

What is the significance of verifying duplex and speed settings on a switch?

To prevent connectivity issues (A)

What is the purpose of keepalives in data link layer protocols?

To determine protocol status. (C)

What is the primary function of DHCPv4 in a network?

To dynamically assign IPv4 addresses and network configuration information. (B)

Which of the following messages is sent first in the DHCPv4 leasing process?

DHCP Discover (C)

What type of message does the DHCPv4 server send in response to a client's DHCP Discover?

DHCP Offer (D)

Which UDP port is used by the DHCPv4 client to send messages?

UDP port 68 (C)

What are the last two steps in the DHCPv4 leasing process?

DHCP Request and DHCP Acknowledgment (A)

In a switched network that implements DHCP, what might a common issue to troubleshoot involve?

Failure of a device to respond to a DHCP Discover message. (D)

What is a characteristic of a dedicated DHCPv4 server in a network?

It is easy to manage and scalable. (C)

Which statement best describes the role of a Cisco router in DHCPv4?

It can be configured to provide DHCPv4 services. (B)

What command is used to create a DHCPv4 pool on a Cisco router?

ip dhcp pool pool-name (D)

Which command is used to verify the DHCPv4 configuration?

show running-config | section dhcp (A)

When configuring a DHCPv4 server, which command is used to exclude specific IPv4 addresses?

ip dhcp excluded-address (D)

What role do routers play in the context of DHCPDISCOVER messages?

Act as relay agents for broadcasts (A)

What command should be used to configure a router as a DHCPv4 client?

ip address dhcp (D)

Which command provides information about DHCP server statistics?

show ip dhcp server statistics (A)

In a wireless router, how is IPv4 addressing information typically obtained?

Automatically received from the ISP (D)

How can the operation of DHCPv4 be verified after configuration?

Using the command show ip dhcp binding (B)

What is the primary action a Stateful DHCPv6 client performs?

Sends a DHCPv6 REQUEST message for an IPv6 address (D)

Which command is necessary to verify the Stateless DHCPv6 configuration?

show ipv6 dhcp pool (B)

Which configuration step is not part of setting up a Stateless DHCPv6 server?

Allow the router to send RS messages (B)

What is the purpose of the command 'ipv6 nd managed-config-flag' in a Stateful DHCPv6 server configuration?

To indicate that the device will manage address configuration (C)

Which step is required when configuring a router as a Stateful DHCPv6 client?

Allow the router to send RS messages (C)

Which command would you use to enable IPv6 routing on a router intended as a DHCPv6 server?

ipv6 unicast-routing (A)

What follows after configuring a DHCPv6 pool on the router for Stateless DHCPv6?

Configure interface with ipv6 dhcp server pool-name (D)

To which command does workload allocation for DNS servers pertain in Stateful DHCPv6 server setup?

dns-server dns-server-address (D)

Which command would you use to verify the DHCPv6 configuration on a router?

show ipv6 interface (A)

What command should be used to check the bindings created by a Stateful DHCPv6 server?

show ipv6 dhcp binding (A)

When configuring a router as a DHCPv6 relay agent, which command is required?

ipv6 dhcp relay destination destination-address (C)

To verify the transmission and receipt of DHCPv6 messages, which debugging command should you use?

debug ipv6 dhcp detail (D)

What is the main purpose of configuring DHCPv6 in a network?

To manage IP addresses in small to medium-sized networks (A)

What is essential to remember when the DHCPv6 server is on a different network than the client?

The router must be configured as a DHCPv6 relay agent (B)

In what scenario is 'debug ipv6 dhcp detail' particularly useful?

When troubleshooting DHCPv6 issues (A)

Which command would NOT be helpful when troubleshooting DHCPv6?

show ipv4 dhcp bindings (B)

Flashcards

Full-duplex connection

A communication method where data can be sent and received simultaneously in both directions.

Gig/10Gb Ethernet NICs

Network Interface Cards that support Gigabit and 10 Gigabit Ethernet speeds.

Auto-MDIX

A feature that automatically detects and configures the cable type (straight-through or crossover).

Show interface command

A command to check duplex and speed settings, commonly used for Network troubleshooting.

Layer 1

The physical layer of the network, responsible for the physical transmission of data.

Layer 2

The data link layer, responsible for reliable data transfer across the network.

Carrier Detect

The signal indicating the physical connection’s readiness.

Show interfaces

A command to detect network media issues and check the status of physical layers.

SSH vs. Telnet

SSH is a secure protocol for remote access, while Telnet transmits data in plain text.

SSH Prerequisites

IOS version with cryptographic capabilities is needed for SSH configuration.

Key Generation

Crucial step in SSH setup, involves creating public and private key pairs.

User Authentication

SSH setups needs to use a secure method of authentication for accessing the target device.

SSH Version 2

The default SSH version used for enhanced security and compatibility.

Local Database

Using local database for username and password verification inside the SSH config

Verifying SSH

Testing the SSH connection from a client device to the switch.

Interface Range Command

A command for configuring multiple switch ports simultaneously.

DHCPv4

Dynamically assigns IPv4 addresses and network configurations to clients.

DHCPv4 Client

A device that requests and receives an IPv4 address from a server.

DHCPv4 Server

A device that provides IPv4 addresses and configuration information to clients.

DHCP Discover (DHCPDISCOVER)

A broadcast message from a client to find a DHCP server.

DHCP Offer (DHCPOFFER)

A unicast response from a server to a client with an address offer.

DHCP Request (DHCPREQUEST)

A broadcast message from the client accepting or rejecting an offer.

DHCP Acknowledgment (DHCPACK)

A final unicast message from the server confirming the address assignment.

DHCP Message Format

Specific structure of DHCPv4 messages using UDP ports 68 (client) and 67 (server).

DHCPv4 Server Configuration

Configuring a router to distribute IP addresses dynamically to devices on a network.

Excluded IP Addresses

Specific IP addresses or ranges that a DHCP server will not assign.

DHCPv4 Pool

A range of IP addresses a DHCP server can assign.

DHCPv4 Relay

A router acting as a intermediary to forward DHCP requests to a DHCP server.

DHCPv4 Client Configuration

Setting a device to receive its IP address automatically from a DHCP server.

DHCPv4 Verification

Checking the configuration and operation of the DHCP server.

DHCPv4 Helper Address

An IP address on a router used to relay DHCP messages.

IP Address DHCP

The router or device configures to receive its IP address via DHCP.

Stateful DHCPv6 Client

A DHCPv6 client that requests an IPv6 address and other configuration parameters from a DHCPv6 server.

Stateless DHCPv6 Server

A DHCPv6 server that provides only an IPv6 address to clients, relying on other mechanisms like router advertisement for configuration.

Configure a Stateless DHCPv6 Server (Step 1)

Enable IPv6 routing on the router using the command ipv6 unicast-routing.

Configure a Stateless DHCPv6 Server (Step 2)

Create a DHCPv6 pool using the command ipv6 dhcp pool pool-name.

Configure a Stateless DHCPv6 Server (Step 3)

Define parameters for the DHCPv6 pool, such as DNS server addresses using dns-server server-address.

Configure a Stateless DHCPv6 Server (Step 4)

Bind the DHCPv6 pool to an interface using the command ipv6 dhcp server pool-name.

Configure a Stateless DHCPv6 Client (Step 1)

Enable IPv6 on the interface using the command ipv6 enable.

Configure a Stateless DHCPv6 Client (Step 2)

Enable automatic IPv6 address configuration using the command ipv6 address autoconfig.

Stateful DHCPv6 Server

A DHCPv6 server that maintains a database of assigned IPv6 addresses and their corresponding client information. It provides a more secure and efficient allocation of IP addresses by tracking the state of each client's IP address.

DHCPv6 Relay Agent

A router that forwards DHCPv6 messages between clients on a network and a DHCPv6 server located on a different network. It acts as a middleman, translating between the client's requests and the server's responses.

Verify Stateful DHCPv6

Checking if the DHCPv6 server is correctly configured and functioning. It involves inspecting the server's configuration, the allocated addresses, and the clients' IP addresses.

Show ipv6 dhcp pool

A command used to display the configuration of a DHCPv6 pool, which specifies the range of IP addresses available for allocation.

Show ipv6 dhcp binding

A command used to show the current DHCPv6 bindings, which detail the assigned IPv6 addresses and their associated client information.

Show ipv6 interface

A command used to verify the configuration and status of IPv6 interfaces, including DHCPv6 settings.

Debug ipv6 dhcp detail

A command used to enable detailed debugging of DHCPv6 messages, providing a deeper insight into the communication between clients and the server.

Troubleshooting DHCPv6

The process of identifying and resolving issues related to DHCPv6, such as incorrect configuration, network problems, or server failures.

Study Notes

Chapter 5: Switch Configuration

• The chapter covers configuring basic switch settings to meet network requirements.
• Configuring initial settings on a Cisco switch is included.
• Configuring switch ports to meet network needs is detailed.
• Switch security best practices for a small to medium sized business network.
• Management virtual interfaces on a switch are explained.
• Port security features for restricting network access.

Switch Boot Sequence

• Power-on self-test (POST) is a program in ROM, used to check hardware (CPU, RAM).
• The boot loader, also in ROM, initializes CPU parts, flash file system, and locates IOS image.
• IOS image location is defined by the BOOT environment variable.
• If BOOT variable isn't set, the switch searches flash for an executable image to load.
• If no executable image is found, the switch displays a prompt and allows commands for operating system files.
• If IOS loads, switch interfaces and commands in startup-config file load.
• The startup-config file is in NVRAM.
• The boot system command sets the BOOT environment variable.

Switch LED Indicators

• System LED indicates switch power status.
• Port LEDs represent link status.
• Off: no link or shutdown.
• Green: link present.
• Blinking green: data activity.
• Alternating green and amber: link fault.
• Amber: port not sending data (typical for first 30 seconds of connectivity).
• Blinking amber: port is preventing switch loop.

Preparing for Basic Switch Management

• To configure a switch for remote access, the switch needs an IP address, subnet mask, and a gateway.
• One virtual interface (SVI): used to manage the switch.
  • Assigns a switch IP address
• Management VLAN is usually VLAN 1.

Configuring Basic Switch Management Access with IPv4

• Global configuration mode is entered.
• Interface configuration mode for SVI (VLAN 99) is entered.
• Management interface IP address is configured(172.17.99.11 255.255.255.0).
• Management interface is enabled (no shutdown).
• Returns to privileged EXEC mode.
• Default gateway for the switch is configured(172.17.99.1).
• Returns to privileged EXEC mode.
• Running configuration saved to startup configuration.

Configure Switch Ports

• Gigabit and 10Gb Ethernet NICs need full-duplex connections to function.
• Full-duplex communication is bidirectional (send and receive simultaneously).
• Half-duplex communication is unidirectional (send or receive).
• Some switches have auto settings for duplex and speed, which can cause issues if mismatched.
• Check duplex and speed settings by using the show interface interface_id command.
• All fiber ports operate at one speed and are always full-duplex .
• Switch ports configured to use auto-MDIX for automatic crossover configuration.

Verifying Switch Port Configuration

• Commands for checking interface status and configuration:
  • show interfaces (interface-id)
  • show startup-config
  • show running-config
  • show flash
  • show version
  • show history
  • show ip (interface-id)
  • show mac-address-table
  • show mac address-table

Network Access Layer Issues

• Use the show interfaces command to find media problems.
• The first parameter checks the physical layer (Layer 1) for a carrier detect signal.
• The second parameter checks the data link layer (Layer 2) for correct protocol configuration and keepalives.

Chapter Summary 5

• Configure basic switch settings to meet network requirements.
• Configure a switch using security best practices in a small to medium-sized business network.

Chapter 8: DHCP

• Chapter discusses implementing and troubleshooting DHCPv4 and DHCPv6 across multiple LANs in a small or medium sized business network.
• DHCPv4 operation, configuration and troubleshooting details are covered.
• DHCPv6 operation, configuration and troubleshooting details are covered.

DHCPv4 Operation

• DHCPv4 dynamically assigns IPv4 addresses and other configuration information.
• A dedicated DHCPv4 server is efficient for managing IP addresses.
• Cisco routers can act as DHCPv4 servers.
• Four-step process for a client to obtain a lease:
  1. DHCP Discover (DHCPDISCOVER)
  2. DHCP Offer (DHCPOFFER)
  3. DHCP Request (DHCPREQUEST)
  4. DHCP Acknowledgment (DHCPACK)

- The DHCPv4 message format has specific codes and fields.



### DHCPv6 Configuration and verification

 - Includes SLAAC (Stateless Address Autoconfiguration)
 - Covers how to configure and verify DHCPv6 configurations on a router as both a client and a server.



### Switch Port Security

- Port security limits valid MAC addresses allowed on ports.
- Security violation occurs if an unknown MAC address sends data to a port.
- Static security MAC addresses are configured manually.
- Dynamic security MAC address learning occurs and is removed after a reboot.
- Sticky security MAC address learning is dynamic, persists across restarts and is configurable in switchport-security mac-address sticky.

Description

This quiz covers Chapter 5 on configuring basic switch settings for network requirements, focusing on both initial settings and security practices. It also delves into the switch boot sequence, detailing the steps from power-on self-test to loading the IOS image. Enhance your networking knowledge by testing your understanding of switch operations and configurations.