Well, it’s that time again. Time to re-certify my CCIE R&S certification by passing the written test. To prepare for the re-certification test I am reading from the book CCIE Routing and Switching Exam Guide Volume 3 (a very good book!).

The bottom line is this: The CCIE Routing and Switching written exam is a TOUGH TEST not be taken lightly. Even a veteran CCIE like myself can fail it miserably if you are not careful. As I read through the book I will take some notes and post them here. Here is Part 1…

=====BEGIN STUDY NOTES PART 1======= If the field following the Source Address (Type/Length) is less than 1536 it represents a Length field then we know the frame is an original IEEE Ethernet with an 802.2 field with DSAP, SSAP and Control. If the DSAP field is 0xAA, then we know the frame has a SNAP header.

the most significant bit of the most significant byte identifies mcast mac address

vtp clients do not need domain name configured, they will assume name from first update received. vtp servers will not send out updates until a domain name is configured. vlan.dat stored in flash, not NVRAM

vlan.dat is a utility of VTP and therefore extended range VLANs cannot be configured in vlan.dat, only configuration mode.

Normal range VLANs (when in VTP Transparent mode) are stored in both vlan.dat in Flash and in running configuration. If the two differ during boot up the switch uses only vlan.dat contents. Extended range VLANs are stored in running configuration only.

ISL adds a new header and trailer with a new CRC. The SA of the ISL header is that of the switch, not the original SA of the encapsulated frame.

A Type field of 0x8100 identifies a 802.1Q tag to follow.

‘switchport mode trunk’ says “always trunk on this end, and I will send DTP to attempt to negotiate a trunk on the other end”

‘switchport nonegotiate’ says “do not send DTP from this end”

‘switchport mode dynamic desirable’ says “ask other end to trunk with DTP and trunk if negotiation succeeds” If DTP negotiation fails become an access port.

‘switchport mode dynamic auto’ says “if the other end asks me to be a trunk with DTP, then become a trunk, but I wont initiate any negotitation. If no one asks me to become a trunk then become an access port.”

‘swithport mode access’ says “Never trunk on this end, and I will send out DTP to help my link partner reach the same conclusion.”

Routers do not talk DTP, only switches.

The subinterface number on a router does not need to match the VLAN number, only the ‘encapsulation’ subinterface command needs to match the VLAN.

The lowest bridge ID becomes a spanning tree root switch. The bridge ID is a priority value followed by the switch MAC address.

A root port is the port with the least cost path to the root switch.

“MAC address reduction” is a technique to provide a unique bridge ID per spanning tree instance (per-VLAN) without using multiple different MAC addresses from the switch. This is done by using the last 12 bits from the 2-byte priority field to represent the VLAN number (called System ID Extension). The first 4 bits of the 2-byte priority field are still used to configure a priority value in increments of 4096

default 1d STP timers: Hello = 2sec FwdDelay = 15sec MaxAge = 20sec

a switch will age all entries in its CAM in FwdDelay seconds after receiving a BPDU with the TCA flag set. Before a port changes from Block to Forwarding it goes into Listening state and then Learning state (to prevent temporary loops). Each state is the length of FwdDelay.

Transition from Forwarding to Blocking can be made immediately.

802.1Q trunks do not support PVST natively. When using 802.1Q trunks with non-Cisco switches, the switches must follow the IEEE standard and have a single STP instance for all VLANs running on the native VLAN (CST - Common Spanning Tree). Cisco switches do support PVST+ over 802.1Q trunks so a all Cisco network works fine with multiple instances per VLAN.

Cisco switches accomplish the PVST+ with 802.1Q by sending VLAN tagged BPDU’s to a multicast MAC address of 0100.0CCC.CCCD. Cisco PVST+ switches read and interpret the BPDU while non-Cisco switches forward them along like any other Mcast packet. This allows two Cisco PVST+ domains separated by a non-Cisco CST domain to be joined together.

The non-Cisco CST domain applies the STP topology of the native VLAN to all VLANs.

UplinkFast - Tracks alternate root ports - when a RP is lost (interface fails), an alternate RP is immediately transitioned to Forwarding and Triggers CAM updates of all switches. Ideal for access layer switches with links to dual/redundant dist/core switches. UplinkFast also optimizes the role of an edge switch by setting priority to 49,152, setting port costs to 3000. The idea being an edge access switch should likely never become a Root switch or a transit switch. UplinkFast’s CAM updates are not done via the TCN/TCA process. Rather, CAM updates are done by flooding multicast frames containing the source MACs of all its locally known MACs. The dest MAC address of the flooded multicast frame is 0100.0CCD.CDCD

BackboneFast - Avoids waiting for MaxAge when a RP stops receiving hellos. The switch sends a special Root Link Query RLQ BPDU out the port missing the hellos asking if that upstream switch is still receiving hellos from the root switch. The upstream switch can respond back with another RLQ that the path to root is lost. At which point the switch has the knowledge it needs to know that a STP topology change is needed.

Three RSTP port types: Point-to-point Edge Shared

RSTP is basically the IEEE standard implementation of Cisco’s PortFast, UplinkFast, and BackboneFast enhancements with other minor timer shortcuts to improve convergence. RSTP will only wait for 3 missing hellos, as opposed to 10. RTSP also skips the Listening state when transitioning a port from Discarding to Forwarding.

802.1s MST uses 802.1w RSTP for fast convergence

A group of MST switches with a common configuration is a region. A MST region presents itself as a single switch to non-MST or other MST regions connected to it. The STP instance connecting to these other regions is called the Internal Spanning Tree (IST).

Root Guard ports will recover when the undesired superior BPDUs are no longer received. BPDU Guards err-disables a port that receives a BPDU.

Loop Guard places a port in STP loop-inconsistent state when it stops receiving BPDUs, and will recover when BPDUs are again received.

When there are y host bits there 2y minus 2 address available.

When there are x bits used for subnetting then 2x subnets exist assuming the same mask is used for all subnets.

With PAT, a single IP address can support up to 65,000 connections.

====== END STUDY NOTES PART 1 ==========