Spanning Tree Protocol (STP) - Cisco Systems

       The Spanning Tree Protocol (STP) is a network protocol that ensures a loop-free topology for any bridged Ethernet local area network. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them. Spanning tree also allows a network design to include spare (redundant) links to provide automatic backup paths if an active link fails, without the danger of bridge loops, or the need for manual enabling/disabling of these backup links.
       Spanning Tree Protocol (STP) is standardized as IEEE 802.1D. As the name suggests, it creates a spanning tree within a mesh network of connected layer-2 bridges (typically Ethernet switches), and disables those links that are not part of the spanning tree, leaving a single active path between any two network nodes.

Use the Diagram of the Network before you troubleshoot a bridging loop... CLICK>>>>

You need to know these items, at minimum:

• The topology of the bridge network
• The location of the root bridge
• The location of the blocked ports and the redundant links

This knowledge is essential for at least these two reasons:

• In order to know what to fix in the network, you need to know how the network looks when it works correctly.
• Most of the troubleshooting steps simply use show commands to try to identify error conditions. Knowledge of the network helps you focus on the critical ports on the key devices.

The following algorithm is used to determine the root port or designated port (which is your best path to the root):

1. Lowest root bridge id
2. Lowest root path cost
3. Lowest sender bridge id
4. Lowest sender port number

RSTP Operation RSTP adds new bridge port roles in order to speed convergence following a link failure.
RSTP bridge port roles:
Root - A forwarding port that is the best port from Nonroot-bridge to Rootbridge
Designated - A forwarding port for every LAN segment
Alternate - An alternate path to the root bridge. This path is different than using the root port.
Backup - A backup/redundant path to a segment where another bridge port already connects.
Disabled - Not strictly part of STP, a network administrator can manually disable a port

 

The previous diagram illustrates the Spanning Tree Physical Cable/Logical Diagram 

 

 The previous diagram illustrates the Spanning Tree (STP) scenario

Useful Commands
Cisco IOS Software Commands 

• show interfaces
• show spanning-tree
• show bridge
• show processes cpu
• debug spanning-tree
• logging buffered

References: 

• http://www.cisco.com/…/technologies_tech_note09186a008009482f.shtml 
• http://www.cisco.com/…/guide/stp_enha.html#wp1033403
• http://www.cisco.com/…/technologies_tech_note09186a00800ae96b.shtml

Read More

Cisco - IOS Tutorial

       Long time ago before I attend my CCNA in Bangkok, I have no idea how those Network Administrator/IT Engineer configure Cisco router and switch. Just know they have good knowledge on the cisco coding.

       While configure a cisco router, there are few kind of mode can be use:

1.User Mode
2.Priviledge Mode
3.Config Mode
4.Interface Mode
5.line mode

Cisco Router Basic Configuration Need:
1.Password + Secret
2.Hostname
3.Interface (IP and subnet mask, no shut, and clock rate)
4.Line configuration



All this routing require different command for different protocol. To learn how to use the cisco router command from below lab...

       The above code are just a very basic configuration for cisco router, there are more advance configuration need for routing purpose such as static routes, default routes and dynamic routes. Within dynamic routes, there are also RIP Routes (Routing Information Protocol), IGRP Routes (Interior Gateway Routing Protocol) OSPF Routes (Open Shortest Path First) and EIGRP Routes (Enhanced Interior Gateway Routing Protocol)

Configuring Inter-VLAN Routing

Read More

Visio Network Stencils

       As a network engineer more than 10 years, there will be a number of different times that a network diagram will be used to offer a layout of how the network is constructed and connected together. The knowledge of how to create and interpret these diagrams is vital in a number of different circumstances. This blog is intended to be a primer on cisco network diagrams, what the Cisco symbols are, how to download the Cisco Visio Stencils and how show the example of the network diagram.


       There are certainly a number of different things that a new network engineer needs to learn before being considered experienced. One of the most underrated skills is the ability to both create and understand network diagrams. As a network engineer, there will be a number of different times that a network diagram will be used to offer a layout of how the network is constructed and connected together. The knowledge of how to create and interpret these diagrams is vital in a number of different circumstances.


       Benefit of the network diagramming that is one way of graphically representing tasks in a project in a way which is easy for the managers and the team members to understand easily Representing Activities in terms of a network diagram.  Cisco SymbolizationCisco uses its own brand of networking symbols. Since Cisco has a large Internet presence and designs a broad variety of network devices, its list of symbols ("Network Topology Icons") is exhaustive. As of July 19, 2011 this list can be found at

http://www.cisco.com/web/about/ac50/ac47/2.html

So here are the example of a networking diagram I made with the Visio program about Data Center High Level Design Diagram

       These are really useful for impressing the management with fancy network diagrams!...There are lots of Visio stencils of Cisco devices available to download here:
Cisco Visio Stencils

http://www.cisco.com/en/US/products/hw/prod_cat_visios.html

Read More

Cisco VTP: VLAN Trunking Protocol

       VLAN Trunking Protocol (VTP) is a Cisco Layer 2 messaging protocol that manages the addition, deletion, and renaming of VLANs on a network-wide basis. Virtual Local Area Network (VLAN) Trunk Protocol (VTP) reduces administration in a switched network. When you configure a new VLAN on one VTP server, the VLAN is distributed through all switches in the domain. This reduces the need to configure the same VLAN everywhere. VTP is a Cisco-proprietary protocol that is available on most of the Cisco Catalyst Family products.

       VTP ensures that all switches in the VTP domain are aware of all VLANs. There are occasions, however, when VTP can create unnecessary traffic. All unknown unicasts and broadcasts in a VLAN are flooded over the entire VLAN. All switches in the network receive all broadcasts, even in situations where few users are connected in that VLAN. VTP pruning is a feature used to eliminate (or prune) this unnecessary traffic.

Read More

Cisco Telephony Providing...

     Cisco Telephony Providing The Very Best In Communications Hardware. Every modern business has come to depend upon up to date information and communication technology hardware within the last couple of decades. 

      The manner in which businesses operate has noticeably changed due to modern communications having advanced. There are not many aspects of the business world which have not developed with such improvements. For a business to keep up their presence in the market they have to make sure that the their hardware and software is both current and fully maintained.

Read More

In-depth Analys Of Network Cabling

     ‘Networking’, is a term that is commonly used for PCs and laptops, which have already become essential parts of our daily lives, nowadays. Because of this, it is not unusual to find a computer or laptop in each and every home and office. And in organizations, where numerous computers are already present, a good network topologies system becomes a must to have in place, because it lets the people work impeccably and accomplish the maximum output. Apart from this, the data cable which is used for networking is the only source for sharing data between various computers at a time.

     Moreover, networking is also termed as the mainstay for any business,

Read More

Better network management

     Companies now are looking forward to better network management. Better network management means better and more effective productivity. All problems related to network management are taken care of with great care in all companies.

     Companies are looking forward to tools and software which shall you with your network configuration management. T FTP server for network is a new revolution which is being introduced by Spice-works for all its users in September 2010. The main benefit of this server is it’s built in T FTP server which is completely free.

      There are a number of functional benefits for those who use T FTP server for network.

Read More

OSI Model to Troubleshoot Networks

       Some of you might be thinking “theoretical models don’t help me” or “the OSI model is just some engineering thing for the nerds”. However, in reality, it is quite the opposite. The OSI model can help you. Let me show you how.
Using the OSI model
       First off, I want you to have a visual image of the OSI mode. It looks like this:
This graphic is courtesy of the Abdus Salam International Centre for Theoretical Physics
       On the left hand side is a user. On the right hand side, you could have a server. Every request AND response has to travel from the left, down every layer, to the physical layer, across the physical layer, up the layers on the right, and up to the server on the top right hand corner.

Read More

Voice VLAN QoS Policy

       The following is a basic QoS Policy for a branch office router to prioritize voice traffic . The assumption made is that the voice traffic is marked at source (i.e. ip phones). This is an example of a LLQ (Low Latency Queue) in which voice traffic is placed in a priority queue and all other traffic is placed in a WFQ (Weighted Fair Queue). DMVPN is being used for connectivity back to the main office so we have to use the qos pre-classify command to ensure QoS is applied before data is encrypted and markings on the tunneled packets are preserved. Congestion management and avoidance is implement using a WFQ (Weighted Fair Queue) and WRED (Weighted Random Early Discard) for all non voice traffic.

class-map match-all VOICE
match ip dscp ef
class-map match-any CALL-SIGNALING
match ip dscp cs3
class-map match-any CRITICAL-DATA
match ip dscp cs6
match ip dscp af21 af22
match ip dscp cs2
policy-map WAN-EDGE
class VOICE

priority 256
class CALL-SIGNALING
bandwidth 32
class CRITICAL-DATA

Read More

Network Security

       An enterprise network design must include security measures to mitigate network attacks. Fortunately, with the modularity of the Cisco Enterprise Architecture, you can address security concerns on a module-by-module basis. This section introduces the concept of a security policy, reviews various types of network attacks, discusses the elements of the Cisco Self-Defending Network, and helps you select appropriate security design components for the various locations in an enterprise network.

Network Security Concepts
       Organizational requirements and potential threats drive the scope of a security design. At its essence, network security measures should not only defend against attacks and guard against unauthorized access, these measures should also prevent data theft and comply with security legislation, industry standards, and company policy.

       Consider the following threats and risks facing today’s enterprise networks:
Threats:

• Reconnaissance—A reconnaissance attack gathers information about the target of an attack (for example, the customer’s network). For example, a reconnaissance attack might use a port-scanning utility to determine what ports (for example, Telnet or FTP ports) are open on various network hosts.
• Gaining system access—After attackers gather information about their target, they often attempt to gain access to the system. One approach is to use social egnineering, where they convince a legitimate user of the system to provide their login credentials. Other approaches for gaining access include exploiting known system vulnerabilities or physically accessing the system.
• Denial of service (DoS)—A DoS attack can flood a system with traffic, thereby consuming the system’s processor and bandwidth. Even though the attacker does not gain system access with a DoS attack, the system becomes unusable for legitimate users.

Read More