CCNP Routing and Switching SWITCH 300-115 Official Cert Guide (2015)

---

Technical Content

The current version of this appendix does not contain any additional technical coverage.

Glossary

20/80 rule

Network traffic pattern where 20 percent of traffic stays in a local area, while 80 percent travels to or from a remote resource.

802.1Q

A method of passing frames and their VLAN associations over a trunk link, based on the IEEE 802.1Q standard.

AAA

Authentication, authorization, and accounting services used to control user access to a switch or a switch port.

access layer

The layer of the network where end users are connected.

active virtual forwarder (AVF)

A GLBP router that takes on a virtual MAC address and forwards traffic received on that address.

active virtual gateway (AVG)

The GLBP router that answers all ARP requests for the virtual router address and assigns virtual MAC addresses to each router in the GLBP group.

adjacency table

A table used by CEF to collect the MAC addresses of nodes that can be reached in a single Layer 2 hop.

alternate port

In RSTP, a port other than the root port that has an alternative path to the root bridge.

ARP poisoning

Also known as ARP spoofing. An attack whereby an attacker sends specially crafted ARP replies so that its own MAC address appears as the gateway or some other targeted host. From that time on, unsuspecting clients unknowingly send traffic to the attacker.

Auto-QoS

An automated method to configure complex QoS parameters with a simple IOS macro command.

autonegotiation

A mechanism used by a device and a switch port to automatically negotiate the link speed and duplex mode.

autonomous mode AP

An access point that operates in a standalone mode, such that it is autonomous and can offer a functioning WLAN cell itself.

BackboneFast

An STP feature that can detect an indirect link failure and shorten the STP convergence time to 30 seconds by bypassing the Max Age timeout period.

backup port

In RSTP, a port that provides a redundant (but less desirable) connection to a segment where another switch port already connects.

best effort delivery

Packets are forwarded in the order in which they are received, regardless of any policy or the packet contents.

BPDU

Bridge protocol data unit; the data message exchanged by switches participating in the Spanning Tree Protocol.

BPDU filtering

Prevents BPDUs from being sent or processed on a switch port.

BPDU Guard

An STP feature that disables a switch port if any BPDU is received there.

bridging loop

A condition where Ethernet frames are forwarded endlessly around a Layer 2 loop formed between switches.

broadcast domain

The extent of a network where a single broadcast frame or packet will be seen.

CAM

Content-addressable memory; the high-performance table used by a switch to correlate MAC addresses with the switch interfaces where they can be found.

CDP

Cisco Discovery Protocol; a Cisco proprietary protocol used to advertise and discover directly connected devices automatically

CEF

Cisco Express Forwarding; an efficient topology-based system for forwarding IP packets.

collapsed core

A network design where the core and distribution layers are collapsed or combined into a single layer of switches.

collision domain

The extent within a network that an Ethernet collision will be noticed or experienced.

Common Spanning Tree (CST)

A single instance of STP defined in the IEEE 802.1Q standard.

community VLAN

A type of secondary private VLAN; switch ports associated with a community VLAN can communicate with each other.

Control and Provisioning Wireless Access Point (CAPWAP)

A standards-based tunneling protocol used to transport control messages and data packets between a wireless LAN controller (WLC) and a lightweight access point (LAP). CAPWAP is defined in RFC 4118.

core layer

The “backbone” layer of the network where all distribution layer switches are aggregated.

CoS marking

Class of service marking; a method of marking frames with a QoS value as they cross a trunk link between two switches.

CSMA/CA

Carrier sense multiple access collision avoidance. The mechanism used in 802.11 WLANs by which clients attempt to avoid collisions.

CSMA/CD

Carrier sense multiple access collision detect. A mechanism used on Ethernet networks to detect collisions and cause transmitting devices to back off for a random time.

delay

The amount of time required for a packet to be forwarded across a network.

designated port

One nonroot port selected on a network segment, such that only one switch forwards traffic to and from that segment.

DHCP

Dynamic Host Configuration Protocol; a protocol used to negotiate IP address assignment between a client and a server. The client and server must reside on the same VLAN.

DHCP relay

A multilayer switch that intercepts and relays DHCP negotiation messages between a client and a DHCP server, even if they exist on different VLANs.

DHCP snooping

A security feature that enables a switch to intercept all DHCP requests coming from untrusted switch ports before they are flooded to unsuspecting users.

DHCPv6

A DHCP service that is compatible with IPv6 clients; a switch can assign IPv6 addresses and advertise DHCP-related options.

DHCPv6 Lite

A DHCP service that is compatible with IPv6 clients; IPv6 addresses are obtained through stateless autoconfiguration, but DHCP-related options are advertised through the DHCPv6 Lite server.

differentiated services (DiffServ) model

Packet forwarding is handled according to local QoS policies on a per-device or per-hop basis.

discarding state

In RSTP, incoming frames are dropped and no MAC addresses are learned.

distribution layer

The layer of the network where access layer switches are aggregated and routing is performed.

DTP

Dynamic Trunking Protocol; a Cisco proprietary method of negotiating a trunk link between two switches.

dual core

A network design that has a distinct core layer made up of a redundant pair of switches.

duplex mismatch

A condition where the devices on each end of a link use conflicting duplex modes.

duplex mode

The Ethernet mode that governs how devices can transmit over a connection. Half-duplex mode forces only one device to transmit at a time, as all devices share the same media. Full-duplex mode is used when only two devices share the media, such that both devices can transmit simultaneously.

Dynamic ARP inspection (DAI)

A security feature that can mitigate ARP-based attacks. ARP replies received on untrusted switch ports are checked against known, good values contained in the DHCP snooping database.

edge port

In RSTP, a port at the “edge” of the network, where only a single host connects.

end-to-end VLAN

A single VLAN that spans the entire switched network, from one end to the other.

EtherChannel

A logical link made up of bundled or aggregated physical links.

EtherChannel Guard

A feature that can detect errors in the EtherChannel configuration on a switch.

expedited forwarding (EF)

The DSCP value used to mark time-critical packets for premium QoS handling. EF is usually reserved for voice bearer traffic.

FIB

Forwarding Information Base; a CEF database that contains the current routing table.

flooding

An Ethernet frame is replicated and sent out every available switch port.

forward delay

The time interval that a switch spends in the Listening and Learning states; default 15 seconds.

hello time

The time interval between configuration BPDUs sent by the root bridge; defaults to 2 seconds.

hierarchical network design

A campus network that is usually organized into an access layer, a distribution layer, and a core layer.

host port

A switch port mapped to a private VLAN such that a connected device can communicate with only a promiscuous port or ports within the same community VLAN.

HSRP active router

The router in a Hot Standby Router Protocol (HSRP) group that forwards traffic sent to the virtual gateway IP and MAC address.

HSRP standby router

A router in an HSRP group that waits until the active router fails before taking over that role.

IEEE 802.1X

The standard that defines port-based authentication between a network device and a client device.

IEEE 802.3

The standard upon which all generations of Ethernet (Ethernet, Fast Ethernet, Gigabit Ethernet, 10-Gigabit Ethernet) are based.

inter-VLAN routing

The function performed by a Layer 3 device that connects and forwards packets between multiple VLANs.

IP Service Level Agreement (IP SLA)

A feature within Cisco IOS that can be used to test how specific types of traffic are being handled end to end across a network.

IP SLA responder

A network device that responds to and participates in IP SLA tests.

ISL

Inter-Switch Link; a Cisco proprietary method of tagging frames passing over a trunk link.

isolated VLAN

A type of secondary private VLAN; switch ports associated with an isolated VLAN are effectively isolated from each other.

IST instance

Internal spanning-tree instance; used by Multiple Spanning Tree (MST) to represent an entire region as a single virtual bridge to a common spanning tree.

jitter

The variation in packet delivery delay times.

LACP

Link Aggregation Control Protocol; a standards-based method for negotiating EtherChannels automatically.

Layer 2 roaming

Movement of a WLAN client from one AP to another, while keeping its same IP address.

Layer 3 roaming

Movement of a WLAN client from one AP to another, where the APs are located across IP subnet boundaries.

lightweight access point (LAP)

An access point that runs a lightweight code image that performs real-time 802.11 operations. An LAP cannot offer a fully functioning WLAN cell by itself; instead, it must coexist with a wireless LAN controller.

Lightweight Access Point Protocol (LWAPP)

The tunneling protocol developed by Cisco that is used to transport control messages and data packets between a WLC and an LAP.

link-local address

An IPv6 address used by a device for neighbor discovery; link-local addresses begin with the prefix FE80::/10 followed by an interface identifier in the EUI-64 format. Packets sent from a link-local address must stay on the local link and not be forwarded elsewhere.

LLDP

Link Layer Discovery Protocol; a standards-based protocol used to advertise and discover directly connected devices.

local SPAN

A Switched Port Analyzer (SPAN) session configured to mirror traffic from a source interface or VLAN onto a different interface for monitoring or analysis purposes.

local VLAN

A single VLAN that is bounded by a small area of the network, situated locally with a group of member devices.

Loop Guard

An STP feature that disables a switch port if expected BPDUs suddenly go missing.

Management Information Base (MIB)

A collection of information and data that a network device maintains about itself and its operation. MIB variables can be read or written through SNMP.

Max Age time

The time interval that a switch stores a BPDU before discarding it or aging it out; the default is 20 seconds.

MST

Multiple Spanning Tree protocol, used to map one or more VLANs to a single STP instance, reducing the total number of STP instances.

MST instance (MSTI)

A single instance of STP running within an MST region; multiple VLANs can be mapped to the MST instance.

MST region

A group of switches running compatible MST configurations.

multichassis EtherChannel (MEC)

An EtherChannel made up of links that are bundled across multiple switches that are organized as a single logical or virtual switch.

native VLAN

On an 802.1Q trunk link, frames associated with the native VLAN are not tagged at all.

network access server (NAS)

The function a switch performs as it intervenes between end users and AAA servers.

Network Time Protocol (NTP)

A mechanism used to synchronize a device’s time clock with another, more reliable source.

nonstop forwarding (NSF)

A redundancy method that quickly rebuilds routing information after a redundant Catalyst switch supervisor takes over.

object identifier (OID)

A unique string of digits that identifies a variable or a tree of variables in a MIB.

packet loss

Packets are simply dropped without delivery for some reason.

packet rewrite

Just before forwarding a packet, a multilayer switch has to change several fields in the packet to reflect the Layer 3 forwarding operation.

PAgP

Port Aggregation Protocol; a Cisco-developed method for negotiating EtherChannels automatically.

point-to-point port

In the Cisco implementation of RSTP, a full-duplex port that connects to another switch and becomes a designated port.

PortFast

An STP feature used on a host port, where a single host is connected, that shortens the Listening and Learning states so that the host can gain quick access to the network.

power class

Categories of PoE devices based on the maximum amount of power required; power classes range from 0 to 4.

Power over Ethernet (PoE)

Electrical power supplied to a networked device over the network cabling itself.

primary VLAN

A normal Layer 2 VLAN used as the basis for a private VLAN when it is associated with one or more secondary VLANs.

private VLAN

A special purpose VLAN, designated as either primary or secondary, which can restrict or isolate traffic flow with other private VLANs.

promiscuous port

A switch port mapped to a private VLAN such that a connected device can communicate with any other switch port in the private VLAN.

PVST

Per-VLAN Spanning Tree; a Cisco proprietary version of STP where one instance of STP runs on each VLAN present in a Layer 2 switch.

PVST+

Per-VLAN Spanning Tree Plus; a Cisco proprietary version of PVST that enables PVST, PVST+, and CST to interoperate on a switch.

quality of service (QoS)

The overall method used in a network to protect and prioritize time-critical or important traffic.

Remote Authentication Dial-In User Service (RADIUS)

A standards-based protocol used to communicate with AAA servers.

root bridge

The single STP device that is elected as a common frame of reference for working out a loop-free topology.

Root Guard

An STP feature that controls where candidate root bridges can be found on a switch.

root path cost

The cumulative cost of all the links leading to the root bridge.

root port

Each switch selects one port that has the lowest root path cost leading toward the root bridge.

Route Processor Redundancy (RPR)

A redundancy mode where a redundant supervisor partially boots and waits to become active after the primary supervisor fails.

Route Processor Redundancy Plus (RPR+)

A redundancy mode where a redundant supervisor boots up and waits to begin Layer 2 or Layer 3 functions.

RPVST+

Also known as Rapid PVST+, where RSTP is used on a per-VLAN basis; in effect, RSTP replaces traditional 802.1D STP in the PVST+ operation.

RSPAN

Also known as Remote Switched Port Analyzer, where a SPAN session is split across two independent switches and mirrored data is transported over a special purpose VLAN between them.

RSTP

The Rapid Spanning Tree Protocol, based on the IEEE 802.1w standard.

SDM

Switching Database Manager: A Cisco IOS Software function that configures or tunes memory table space on a LAN switch platform

secondary VLAN

A unidirectional VLAN that can pass traffic to and from its associated primary VLAN, but not with any other secondary VLAN.

Simple Network Management Protocol (SNMP)

A protocol used between an SNMP manager and an SNMP agent to obtain data about device operation or to set configuration parameters.

SNMP agent

A process that runs on the network device being monitored and uses SNMP to provide data to an SNMP manager.

SNMP inform

A message that a network device sends to alert an SNMP manager about an event or a failure. The SNMP manager must acknowledge receipt of the inform by echoing the message back to the SNMP agent in the device.

SNMP manager

A network management system that uses SNMP to poll network devices for operational and configuration data.

SNMP trap

A message that a network device sends to alert an SNMP manager about an event or a failure. The SNMP manager does not need to acknowledge a trap that it receives.

SPAN

Also known as Switched Port Analyzer, where a switch mirrors traffic from a source interface or VLAN onto a different interface for monitoring or analysis purposes.

Spanning Tree Protocol (STP)

A protocol communicated between Layer 2 switches that attempts to detect a loop in the topology before it forms, thus preventing a bridging loop from occurring.

Split-MAC architecture

Normal Media Access Control (MAC) operations are divided into two distinct locations, the LAP and the WLC, such that the two form a completely functioning WLAN cell.

SSID

Service set identifier; a text string that identifies a service set, or a group of WLAN devices, that can communicate with each other.

StackWise

Cisco method to connect multiple switches together to form one logical switch. The switch stack is controlled by one of the member switches, while others can take over the role if needed. Member switches are connected to each other through a dual ring of StackWise cables.

stateful switchover (SSO)

A redundancy mode where a redundant supervisor fully boots and initializes, allowing configurations and Layer 2 tables to be synchronized between an active supervisor and a redundant one.

sticky MAC address

MAC addresses dynamically learned by the port security feature are remembered and expected to appear on the same switch ports.

stratum

A number that indicates in which layer of the NTP hierarchy a time source is located; stratum 1 represents the most authoritative and accurate time source.

superior BPDU

A received BPDU that contains a better bridge ID than the current root bridge.

SVI

Switched virtual interface; a logical interface used to assign a Layer 3 address to an entire VLAN.

switch block

A network module or building block that contains a group of access layer switches, together with the pair of distribution switches that connect them.

switch spoofing

A malicious host uses DTP to masquerade as a switch, with the goal of negotiating a trunk link and gaining access to additional VLANs.

synchronization

In RSTP, the process by which two switches exchange a proposal-agreement handshake to make sure neither will introduce a bridging loop.

syslog

System message logs that are generated by a switch and can be collected locally or sent to and collected on a remote server.

syslog severity level

An indicator of how important or severe a logged event is.

TACACS+ (Terminal Access Controller Access-Control System Plus)

A Cisco proprietary protocol used to communicate with AAA servers.

TCAM

Ternary content-addressable memory; a switching table found in Catalyst switches that is used to evaluate packet forwarding decisions based on policies or access lists. TCAM evaluation is performed simultaneously with the Layer 2 or Layer 3 forwarding decisions.

TCN

Topology Change Notification; a message sent out the root port of a switch when it detects a port moving into the Forwarding state or back into the Blocking state. The TCN is sent toward the root bridge, where it is reflected and propagated to every other switch in the Layer 2 network.

TLV

An attribute formed by type, length, and value parameters; used in LLDP advertisements.

transparent bridge

A network device that isolates two physical LANs but forwards Ethernet frames between them.

trust boundary

A perimeter in a network, formed by switches and routers, where QoS decisions take place. QoS information found inside incoming traffic is evaluated at the trust boundary; either it is trusted or it is not trusted. In the latter case, the QoS information can be altered or overridden. All devices inside the trust boundary can assume that QoS information is correct and trusted, such that the QoS information already conforms to enterprise policies.

UDLD

Unidirectional Link Detection; a feature that enables a switch to confirm that a link is operating bidirectionally. If not, the port can be disabled automatically.

unknown unicast flooding

The action taken by a switch when the destination MAC address cannot be found; the frame is flooded or replicated out all switch ports except the receiving port.

UplinkFast

An STP feature that enables access layer switches to unblock a redundant uplink when the primary root port fails.

VACL

VLAN access control list; a filter that can control traffic passing within a VLAN.

Virtual Switching System (VSS)

Cisco method to join two separate physical switch chassis together as one logical switch. The two chassis are managed by one supervisor, while the other can take over if needed. The switch chassis are connected with VSS links and can be geographically separated.

VLAN

Virtual LAN; a logical network existing on one or more Layer 2 switches, forming a single broadcast domain.

VLAN hopping

A malicious host sends specially crafted frames that contain extra, spoofed 802.1Q trunking tags into an access port, while the packet payloads appear on a totally different VLAN.

VLAN number

A unique index number given to a VLAN on a switch, differentiating it from other VLANs on the switch.

VLAN trunk

A physical link that can carry traffic on more than one VLAN through logical tagging.

voice VLAN

The VLAN used between a Cisco IP Phone and a Catalyst switch to carry voice traffic.

VRRP backup router

A router in a VRRP group that waits until the master router fails before taking over that role.

VRRP master router

The router in a VRRP group that forwards traffic sent to the virtual gateway IP and MAC address.

VSPAN

Also known as VLAN-based Switched Port Analyzer, where a switch mirrors traffic from a source VLAN onto a different interface for monitoring or analysis purposes.

VTP

VLAN Trunking Protocol; used to communicate VLAN configuration information among a group of switches.

VTP configuration revision number

An index that indicates the current version of VLAN information used in the VTP domain; a higher number is more preferable.

VTP domain

A logical grouping of switches that share a common set of VLAN requirements.

VTP pruning

VTP reduces unnecessary flooded traffic by pruning or removing VLANs from a trunk link, only when there are no active hosts associated with the VLANs.

VTP synchronization problem

An unexpected VTP advertisement with a higher configuration revision number is received, overriding valid information in a VTP domain.

wireless LAN controller (WLC)

A Cisco device that provides management functions to lightweight access points and aggregates all traffic to and from the LAPs.