Home > Switch Questions

Switch Questions

April 15th, 2017 in SWITCH 300-115 Go to comments

Question 1

Explanation

The command “mac address-table aging-time 180” specifies the time before an entry ages out and is discarded from the MAC address table. The default is 300 seconds. Entering the value 0 disables the MAC aging.

Question 2

Question 3

Explanation

The switch learns which port the host is attaching by examining the source MAC address in frames received on a port. For example switch receives a frame with source MAC of 0000.0000.aaaa (abbreviated as “aaaa”) on port Fa0/1, it populates its MAC address-table with an entry like this “host aaaa on Fa0/1”. If the switch receives a frame with the same “aaaa” MAC from Fa0/2 then there will be a flap and the switch will log something like this:

%MAC_MOVE-SP-4-NOTIF: Host 0000.0000.aaaa in vlan 1 is flapping between port 0/1 and port 0/2

This flapping phenomenon may be the result of a Layer loop somewhere in your network, especially when STP is disabled for some reasons.

If you don’t want to see this message then issue the “no mac-address-table notification mac-move” or place a static entry with the “mac-address-table static 000.0000.aaaa vlan 1 interface fa0/1″on the switch. The command “mac-address-table notification mac-move” is disabled by default on 6500 & 7600 series but enabled by default on other series.

Question 4

Explanation

Storm control prevents traffic on a LAN from being disrupted by a broadcast, multicast, or unicast storm on one of the physical interfaces. A LAN storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. Errors in the protocol-stack implementation, mistakes in network configurations, or users issuing a denial-of-service attack can cause a storm.
Storm control (or traffic suppression) monitors packets passing from an interface to the switching bus and determines if the packet is unicast, multicast, or broadcast. The switch counts the number of packets of a specified type received within the 1-second time interval and compares the measurement with a predefined suppression-level threshold.

Storm control uses one of these methods to measure traffic activity:
+ Bandwidth as a percentage of the total available bandwidth of the port that can be used by the broadcast, multicast, or unicast traffic
+ Traffic rate in packets per second at which broadcast, multicast, or unicast packets are received
+ Traffic rate in bits per second at which broadcast, multicast, or unicast packets are received

With each method, the port blocks traffic when the rising threshold is reached. The port remains blocked until the traffic rate drops below the falling threshold (if one is specified) and then resumes normal forwarding. If the falling suppression level is not specified, the switch blocks all traffic until the traffic rate drops below the rising suppression level. In general, the higher the level, the less effective the protection against broadcast storms.

The command “storm-control broadcast level 75 65” limits the broadcast traffic up to 75% of the bandwidth (75% is called the rising threshold). The port will start forwarding broadcast traffic again when it drops below 65% of the bandwidth (65% is called the falling threshold).

Note: If you don’t configure the falling threshold, it will use the same value of the rising threshold.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_25_fx/configuration/guide/2960scg/swtrafc.html#wp1063295

Question 5

Explanation

By using the “storm-control broadcast level [falling-threshold]” we can limit the broadcast traffic on the switch.

Question 6

Explanation

The command “show mac address-table” displays the MAC address table along with the port associated for the switch. The ‘show mac address-table address ” gives a more specific view of a specific MAC address.

Question 7

Question 8

Explanation

The command “storm-control action {shutdown | trap} ” specifies the action to be taken when a storm is detected. The default is to filter out the traffic and not to send traps.
+ Select the shutdown keyword to error-disable the port during a storm.
+ Select the trap keyword to generate an SNMP trap when a storm is detected.

Comments
Comment pages
1 5 6 7 796
  1. Anonymous
    May 24th, 2017

    Can someone please explain what 246q dump and 191 is and where can I get these?

Comment pages
1 5 6 7 796
  1. No trackbacks yet.