1 Configure Layer 2 EtherChannel group on links between each of the Catalyst switches. Use IEEE standard trunking protocol and make sure ONLY VLAN 1 can carry non-tagged frames.
Configuring the Native VLAN for Untagged Traffic
A trunk port configured with IEEE 802.1Q tagging can receive both tagged and untagged traffic. By default, the switch forwards untagged traffic in the native VLAN configured for the port. The native VLAN is VLAN 1 by default.
Note The native VLAN can be assigned any VLAN ID.
2 Make sure the EtherChannel favors where frames are headed.?
~ Typically the channel-group forwards frames based on the source address for loadbalancing.
3560′s can balance on IP as well as MAC. The instruction says “frames”.
3 The QOS feature should be applied to interface SOlO. The queues should be configured as
follows:
Queue: 1 Protocol: All Other IP Packet Count 100
Queue: 2 Protocol: RDP (tcp/3389) Packet Count: 90
Queue: 3 Protocol: TelneUSSH Packet Count: 80
Queue: 4 Protocol: ARP Packet Count: 70
Queue: 5 Protocol: COP Packet Count 60
Queue: 6 Protocol: Default Packet Count: 50
queue-list 1 protocol ip 1 list 101
queue-list 1 protocol arp 4
queue-list 1 protocol cdp 5
queue-list 1 protocol ip 6 list 104
queue-list 1 protocol ip 2 tcp 3389
queue-list 1 protocol ip 3 tcp telnet
queue-list 1 protocol ip 3 tcp 22
queue-list 1 queue 1 byte-count 100
queue-list 1 queue 2 byte-count 90
queue-list 1 queue 3 byte-count 80
queue-list 1 queue 4 byte-count 70
queue-list 1 queue 5 byte-count 60
queue-list 1 queue 6 byte-count 50
===============================
gotcha
1 changing the vtp domain name to ipexpert.com on all 4 switches. sw1 -server, 2-4-client
then changing it to ipexpert on sw1 did not change it on all the other switches
verification is very important after every task!
2. !
interface Ethernet0/1
description Link to BB1
ip address 150.50.200.1 255.255.255.0
half-duplex
no cdp enable <<<<<<<<<<<<<<<<<<<<<<<<<<<<< did not see on sw.
3. missed
Make sure the router’s ARP table is always in line with the DHCP assignments. All other ARP
replies should be ignored.
update arp on the DHCP pool
4.
snmp I only put the acl on the ro comm string. it should have been on both.
snmp-server community ipexpert RO 1
snmp-server community trepxepi RW 1
I put the wrong community on the snmp-server host. it should be the RW comm.
snmp-server host 150.50.6.125 trepxepi
I didn’t enable snmp-server system-shutdown!!
I enabled the wrong trap.
Correct: snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
5. NTP config was over analyzed
wrong:ntp authentication-key 1 md5 121015120A1B09163E 7
ntp authenticate
ntp master 1
correct: ntp source Loopback0
ntp master 4
6. skipped and forgot this ip bandwidth-percent eigrp 100 40 – use 40% of the bandwidth
===================================
All traffic received on the Ethernet interface on R2 should be marked for discard should the
Frame Relay network experience congestion.
?Unnecessary multicast and broadcast traffic should not transverse between the switches.?
?Use an industry-standard trunking protocol. Make sure ONLY VLAN 1 can carry untagged
frames.?
vtp do ipexpert
vtp m client
vtp prun
100 users
100.0/25 =
2^7=128-2=126 – so you have up t0 126 users
32-7=25 so your mask os /25
2^(32-25)-2=126 hosts
9.0/26
2^5=32-2 30 users
5-32= /27mask 128+62+32 255.255.255.224
br network – hard code a dr then on each rtr do a sho ip ospf to see where to build the virtual-link
sh ip os nei – look for the DR / hub and buid from there.
———————
uplinkfast – 1 – 5 seconds – detects direct link failures.
accelerate the choice of a new root port when a link or switch fails or when the spanning tree reconfigures itself. The root port transitions to the forwarding state immediately without going through the listening and learning states, as it would with the normal spanning-tree procedures.
Backbonefast – 30 seconds – twice the forward delay timer. – detects indirect link failures. BackboneFast optimizes the maximum-age timer. BackboneFast tries to find an alternate path to the root. “spanning-tree max-age”
Stick Backbonefast in your core and Uplinkfast at your distribution. It’s all about placement.
Table 15-3 Default Spanning-Tree Configuration
Enable state
Enabled on VLAN 1.
Spanning-tree mode
PVST+. (Rapid PVST+ and MSTP are disabled.)
Switch priority
32768.
Spanning-tree port priority (configurable on a per-interface basis)
128.
Spanning-tree port cost (configurable on a per-interface basis)
1000 Mbps: 4.
100 Mbps: 19.
10 Mbps: 100.
Spanning-tree VLAN port priority (configurable on a per-VLAN basis)
128.
Spanning-tree VLAN port cost (configurable on a per-VLAN basis)
1000 Mbps: 4.
100 Mbps: 19.
10 Mbps: 100.
Spanning-tree timers
Hello time: 2 seconds.
Forward-delay time: 15 seconds.
Maximum-aging time: 20 seconds.
Transmit hold count: 6 BPDUs
———————————————
check MTU if you see this:
*Mar 3 12:13:43.213: %OSPF-5-ADJCHG: Process 1, Nbr 150.50.2.2 on Vlan12 from LOADING to FULL, Loading Done
variance vs maximum-paths
It’s not vs you need both commands.
The maximum-paths makes sure you have 2 paths in the routing table, only then will the variance command work. So you need both. 
Scott Morris:
The other thing to consider is that your FD is used to determine whether it’s even valid to show up in your topology table to begin with. This FD check happens BEFORE the variance command is looked at.
I often have the entertainment of this problem with students in my CCIE classes… Load balancing sounds all well and good until you start trying to make it work. If you have a T1 on one side and a 64k link on the other, you can put “variance 100″ in there if it makes you feel better, but it’s not going to help.
Until both routes are in your EIGRP topology table, your variance calculation will never help it. So you have to check that first. Then your variance command will help load balance. THEN you need to look at tthe “show ip router (ip#)” output and see the traffic-share ratio determined, and perhaps tweak that even more to achieve the perfect balance you so desire!
All Catalysts should be configured to allow an expedite queue on trunking interfaces.
-+ Very simply, this is looking for a priority type command on the necessary
interface(s).
Configure R2 router to prevent bogus source ip addresses from being received from R1 and BB1
routers.
-+ Configure the R2 router to verify the reverse path for any source ip address.
This should be configured on the interface pointing to the R1 and BB1 routers.
lab 27
If topology changes occur, there should be no more than two seconds of user traffic interruption.
-+ Normal TCN goes through listening, learning and then back to forwarding. 30
seconds is the typical interruption. RSTP helps reduce that. This will modify
your choice for the last instruction!
The input queue depth on the Ethernet interface of R2 should be set to 25 more than the default.
sol: hold-queue 100 input
http://www.cisco.com/en/US/customer/docs/ios/interface/command/reference/ir_f1.html#wp1025850
R2 should have a queue size of 500 for broadcasts.
~ Broadcast-queue is part of the frame-relay command set.
R2 should also utilize 5000 bytes/second and broadcast no more than 10000 broadcast packets
per transmission .
~ Additional parameters for the above task.
sol: frame-relay broadcast-queue 500 5000 10000
router ospf 1
net 150.50.100.0 0.0.0.255 a 0
————————————
uplinkfast – 1 – 5 seconds – detects direct link failures.
accelerate the choice of a new root port when a link or switch fails or when the spanning
tree reconfigures itself. The root port transitions to the forwarding state immediately
without going through the listening and learning states, as it would with the normal
spanning-tree procedures.
Backbonefast – 30 seconds – twice the forward delay timer. – detects indirect link
failures. BackboneFast optimizes the maximum-age timer. BackboneFast tries to find an
alternate path to the root. “spanning-tree max-age”
Stick Backbonefast in your core and Uplinkfast at your distribution. It’s all about
placement.
Table 15-3 Default Spanning-Tree Configuration
Feature
Default Setting
Enable state
Enabled on VLAN 1.
For more information, see the “Supported Spanning-Tree Instances” section.
Spanning-tree mode
PVST+. (Rapid PVST+ and MSTP are disabled.)
Switch priority
32768.
Spanning-tree port priority (configurable on a per-interface basis)
128.
Spanning-tree port cost (configurable on a per-interface basis)
1000 Mbps: 4.
100 Mbps: 19.
10 Mbps: 100.
Spanning-tree VLAN port priority (configurable on a per-VLAN basis)
128.
Spanning-tree VLAN port cost (configurable on a per-VLAN basis)
1000 Mbps: 4.
100 Mbps: 19.
10 Mbps: 100.
Spanning-tree timers
Hello time: 2 seconds.
Forward-delay time: 15 seconds.
Maximum-aging time: 20 seconds.
Transmit hold count: 6 BPDUs
•If you do not intend to trunk across those links, use the switchport mode access interface configuration command to disable trunking.
•To enable trunking to a device that does not support DTP, use the switchport mode trunk and switchport nonegotiate interface configuration commands to cause the interface to become a trunk but to not generate DTP frames.
frame-relay map ip 150.50.100.2 402 broadcast tcp header-compression active
R4(config-if)#frame-relay map ip 150.50.100.2 402 broadcast ?
cisco Use CISCO Encapsulation
compress Enable TCP/IP and RTP/IP header compression
ietf Use RFC1490/RFC2427 Encapsulation
nocompress Do not compress TCP/IP headers
payload-compression Use payload compression
rtp RTP header compression parameters
tcp TCP header compression parameters
$0.50.100.2 402 broadcast tcp header-compression active
ppp quality 85
BPDU Type 2
Version 2 indicates Rapid Spanning Tree. In particular, running MST
spanning-tree ort£ast trunk
