Cisco Catalyst 2960系列交換器(LAN Base & LAN Lite) Q & A

標題：Cisco Catalyst 2960系列交換器(LAN Base & LAN Lite) Q & A

Q1: 請問2960可以透過IOS軟體升級或降級達到功能的新增或減少嗎? A1: No，2960 不支援軟體相互更新 Q2: 請問2960 LAN Base 與 LAN Lite 主要的差異在哪裡? A2: 重點的主要差異如下: ‧ Gigabit Ethernet connectivity in 8, 24, and 48 port configurations ‧ RPS support and support for a wide range of SFP transceivers ‧ Enhanced security through Layer 2-4 access control lists (ACLs), DHCP Snooping, and more    extensive Network Admission Control  capabilities such as Web authentication and 802.1x   enhancements ‧ Additional QoS capabilities: The LAN Base IOS supports policing, class and policy maps,    differentiated services code point (DSCP), AutoQoS, and configurable queue weights, buffers,     and thresholds ‧ Higher network-level availability with features such as Flex Links and Link State Tracking ‧ Increased number of VLANs (256) and other enhancements such as IPv6 Host, MLD    Snooping, LLDP-MED, RSPAN, MVR, DHCP Option 82, and IP SLA (responder) Q3: 請問哪些是2960 LAN Base 與 LAN Lite相同功能? A3: 相同點如下: ‧ Scalable and secure network management: Secure Shell (SSH), Secure Sockets Layer (SSL),     Secure Copy Protocol (SCP), and SNMPv3 crypto ‧ Network management tool support by CiscoWorks, Cisco Network Assistant, and Catalyst     Device Manager ‧ Baseline Network Admission Control and 802.1x MAC Auth Bypass and Protected Port ‧ Voice VLAN and voice-aware port security, BPDU Guard, and Root Guard ‧ Standard QoS with Class of Service (CoS) marking, Shaped Round Robin, Weighted Tail Drop,      and Strict Priority scheduling ‧ Link aggregation using Port Aggregation Protocol (PAgP) and 802.3ad LACP ‧ Complete Spanning Tree Protocol support via 802.1s, 802.1w, and PVST+ ‧ VLAN Trunking Protocol (VTP), Cisco Discovery Protocol v2, and LLDP ‧ Multicast support in hardware with IGMP Snooping, Filtering, and Querier ‧ Troubleshooting and monitoring tools such as TDR, SPAN, and UDLD

Spanning Tree Link Type and lt's applications...

分成兩種Type: P2p and Shared

P2p link type指的是port為full duplex，通常在STP的過程中會比較快收斂；
而Shared指的是half duplex( 也可設定spanning-tree link-type shared   )，在STP過程中收斂較慢。

Loop Guard使用原則:

1. Loop Guard用在跟其他鄰近Switch連接的port (non-edge port)上

2.不要在Portfast port上同時使用Loop Guard，反之亦然 (跟第一點的描述相同，就是接edge
   device的port上不要啟用loop guard)；而因為dynamic vlan port(通常就是edge port)上需要該
   port為portfast，所以也不建議在dynamic vlan port上設定loop guard。

3.不要在link type是shared的port上使用loop guard

4.不要在同一個port上同時使用loop guard和root guard

5.建議在access switch的root port和alternate root port(目前是blocked port)上設定loop guard

Root guard是強行指定某個port為root port。


RSTP (802.1w)的運行過程中不使用到任何timer做參數，而是使用link type和edge port

802.11N MIMO的spatial stream

802.11N MIMO的spatial stream指的是802.11N所使用的天線中所形成的傳輸空間，這些空間分成transmit、receive、transmit and receive，每一台AP所能夠使用的傳輸空間不同，大致上可分為以下幾種:

1x1:1 - 1 transmitter, 1 receiver, can transmit or receive 1 spatial stream

1x2:1 - 1 transmitter, 2 receivers, can transmit 1 spatial stream, but receive 2 spatial streams

2x2:2 - 2 transmitters, 2 receivers, can transmit and receive 2 spatial streams

2x3:2 - 2 transmitters, 3 receivers, can transmit and receive 2 spatial streams

3x3:2 - 3 transmitters, 3 receivers, can transmit and receive 2 spatial streams

3x3:3 - 3 transmitters, 3 receivers, can transmit and receive 3 spatial streams

4x4:4 - 4 transmitters, 4 receivers, can transmit and receive 4 spatial streams

不同的傳輸空間所能夠提供的傳輸速度大概有300 Mbps (2x2:2), 450 Mbps (3x3:3), and 600 Mbps (4x4:4).

使用Spanning Tree做Layer2 Load Sharing 的運用

使用Spanning Tree最常做的運用就是用來做不同VLAN在不同trunk link上的流量負載分流。
以本案為例，Switch0 Fa0/1<-->Switch1 Fa0/1間 與 Switch0 Fa0/2<-->Switch1 Fa0/2間都是VLAN trunk，我們建立兩個VLAN(VLAN1、VLAN2)，原本的Spanning Tree結果，VLAN1和VLAN2的Blocking port會在Switch0的Fa0/2上，我們在Switch0上使用spanning-tree vlan 2 root primary讓vlan2的Root bridge為Switch0，也讓vlan2的blocking port在switch1的fa0/2上。

現在我們希望讓vlan 2的blocking port改成switch1的Fa0/1(當然，也可以讓vlan 2的blocking port也是在switch0上，但為了公平起見，我們希望switch1也有blocking port)，在switch上可以調整的設定有兩種:

1.調整port priority
2.調整port cost

以上兩種設定的值一定是調整upstream的switch，在本案例中要改變switch1上的spanning tree port的狀態就要調整switch0(switch0為switch1的upstream、switch1為switch0的upstream)。

設定的方式就是打開原本的blocking port(打開Switch1的Fa0/2)或是block原本相比較的
port(關閉Switch1的Fa0/1)

A.調整port priority

    option1:調整switch0的Fa0/1，讓其port priority的值大於預設值128

    option2:調整switch1的Fa0/2，讓其port priority的值小於預設值128


    option1: Switch0(config)#interface fa 0/1
                 Switch0(config-if)#spanning-tree vlan 2 port-priority 240

   
    option2:Switch1(config)#interface fa 0/2
                Switch1(config-if)#spanning-tree vlan 2 port-priority 0



B.調整port cost

    option1:調整switch0的Fa0/1，讓其port cost的值大於預設值19

    option2:調整switch1的Fa0/2，讓其port cost的值小於預設值19


    option1: Switch0(config)#interface fa 0/1
                 Switch0(config-if)#spanning-tree vlan 2 cost 21

   
    option2:Switch1(config)#interface fa 0/2
                Switch1(config-if)#spanning-tree vlan 2 cost 18