Tag: switches

CCNP R&S Switch: Private VLANs

by Samuel Mitchell, posted in Cisco, Routing & Switching, Security

This article describes the Private VLANs on a Cisco switch.

There are three (3) type of Private VLANs:

  1. Primary
  2. Isolated
  3. Community

There are two port types that are associated with Private VLANs:

  • Promiscuous
  • Host

You can configure a host port to be associated with either an Isolated or Community VLAN.

Individual ports in an Isolated VLAN cannot communicate with any other port except the port in the primary VLAN.

All Ports in a Community VLAN can communicated with other ports in the same VLAN and with the port in the Primary VLAN.

Promiscuous port can communicate with all ports in either an Isolated or Community VLAN that it is associated with.

Private VLANs can be replicated to other switches using VTPv3.

Secondary VLANs (Community and Isolated) can only be mapped to one Primary VLAN (Promiscuous).

Cisco reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/50sg/configuration/guide/Wrapper-46SG/pvlans.pdf

VMware VCP 6.7-DCV – Objective 1.8 – Differentiate between VDS and VSS

by Samuel Mitchell, posted in VMware

The following notes will assist you to prepare for this objective:

  • You will need to know the features set of both type of switch
    • Standard and Distributed switch
    • Select the appropriate switch given a scenario
    • Understand level of effort in administration
  • Don’t let questions mislead you on feature set
    • Standard switches have significant functionality
  • Learn what the standards actually mean
    • IEEE 802.1q / IEEE 802.3ad
  • Also be able to differentiate discovery protocols
    • When would you use LLDP or CDP?
    • Does that affect switch choice?
  • Be able to determine when a feature is appropriate
    • Health check
    • Beacon probing – detect uplink failure
    • Notify switches – switch cache mac address
    • Roll back
    • Traffic shaping
    • NIOC
  • Questions on NIC teaming rules are possible
  • Can you draw out how traffic flows given each load balancing algorithm is used?
    • Route based on originating virtual port
    • Route based on source MAC hash
    • Route based on source IP hash
    • Route based on physical NIC load
    • Explicit failover order

Reference:

vSphere Networking Guide pdf – Chapter 8 – Networking Policies

VMware VCP 6.7-DCV – Objective 1.9 – Describe the purpose of cluster and the features it provides

by Samuel Mitchell, posted in VMware

The following notes will assist you to prepare for this objective:

  • Be aware of additional features of both HA and DRS
    • HA provides option to enable VM fault tolerance
    • HA provides optional VM Component Protection
    • DRS rules control placement (affinity)
    • DRS provides optional DPM
  • Make sure you have read and experimented with admission control
    • Remember this is a gating of VM power on operations
    • What is slot size? Different from %?
  • Ultimately DRS is automating vMotion
    • So what stops vMotion from working?
    • Incompatible CPUs!
  • Ensure you have looked at Enhanced vMotion Compatibility (EVC)
    • Can you explain CPU masking?
    • Can you pick the appropriate use-case from implementation of either?
  • You need to have awareness of vMotion Encryption

Reference:

vSphere Availability Guide pdf – Chapter 2 – Creating and Using vSphere HA Clusters

vSphere Resource Management Guide pdf

  • Chapter 10 – Managing Resource Pools
  • Chapter 11 – Creating a DRS Cluster

vSphere Security Guide pdf – Chapter 6 – Encrypted vSphere vMotion