This topic is more relevant to the CCIE SP track so I will just briefly go over the concept of this.

801.1Q-in-Q tunneling AKA Q-in-Q is a method of passing VLAN traffic across a WAN. At a simple level a SP switch tags incoming frames with an extra 802.1Q header and its passed through the WAN, where at the egress port of the SP network the tag is removed. The customer frames then have their original 802.1Q headers preserved after traveling across the WAN.

Q-in-Q allows customer networks to tagged frames across a shared SP WAN, other layer 2 protocols such as CDP and VTP are also allowed and it does not matter if the customer does not have unique VLAN numbers.

Private VLANs (PVLANs) are not something I have been able to lab as I dont have a layer 3 switch (not yet anyway but I am saving my pennies for a Cisco 3550) and I havnt used them at work.

Anyway, PVLANs are a method of isolating ports in the same VLANs to provide security, a good example of their application is in a Service Provider Network where many end customers are connected to ports on a switch. They could put all of the customer ports on an isolated port in the PVLAN (more on that in a bit), and the gateway on a promiscuous port (again more in a bit) and a customer with multiple ports could be in their own community.

There are 3 types of ports in a PVLAN ports, promiscuous, community, and isolated.

Promiscuous ports: These ports can communicate with all other ports in the PVLAN including community and isolated. In the service provider example above the gateway would probably be on a promiscuous port.

Isolated ports: These ports are cant communicate with any other ports, except promiscuous ports. Isolated ports cannot talk to each other and in the example above the customers would be connected to a isolated port.

Community ports: These ports can communicate with other ports in the same community and promiscuous ports, but cant communicate with ports in other communities, or isolated ports. In the example above a customer with multiple connections could be in the their own community, this would allow layer 2 connectivity between the ports and they would still be able to access the gateway but have isolation from isolated ports.

VLANs numbered 1 to 1005 are considered “normal” and ones higher than this are considered extended (VLANs 1006 to 4094). These VLANs cannot be stored in the vlan.dat file which resides in flash as standard range VLANs are, instead they are only stored in the running config. The switch must also be in VTP transparent mode as these VLANs cannot be sent in VTP updates.

VLAN Numbers Summary

VLAN 0 is reserved and not available for use

VLAN 1 is the default  VLAN on all Cisco Switches, the VLAN cant be deleted or changed, its not advertised by VTP as it does not need to be as its a default and cant be removed/changed

VLANs 2 to 1001 Normal range VLANs for allocation

VLANs 1002 to 1005 are used for FDDI and TR translational bridging and shouldn’t be used for anything other than these purposes, they are also not advertised by VTP

VLANs 1006 to 4094 are extended range VLANs which cant be advertised by VTP and the switch must be configured in VTP transparent mode.

Its also an interesting point that when a switch starts up it checks the VTP mode and domain name from the startup-config and vlan.dat file, if they are different it ignores the startup-config and only uses the vlan.dat file

Today I found out another interesting bit of information about the MAC address, actually its not just 1 bit its 2 bits.

The most significant byte is the first byte in the address and in that byte the last bit is the most significant bit.

Also the most significant bit is called the Individual/Group (I/G) bit and the next most significant bit is the Universal/Local (U/L) bit.

If the I/G bit is set to 0 it defines that the address is unicast and conversely if it is set to 1 it is multicast or broadcast.

If the U/L bit is set to 0 it means the address is vendor assigned but it if it set to 1 it is administratively assigned, its noted tha many devices do not enforce the rule of the U/L bit.

Automatic Medium-Dependant Interface Crossover is a licenced technology from HP. According to their website at http://www.hp.com/hpinfo/abouthp/iplicensing/automdix.html 200million ports supporting the technology will ship this year.

Its not supported on all Cisco switches, & it prevents the wrong cable from being installed, eg a striaight through between two switches, by simply swapping the transmit and receive pairs if the wrong cable has been used.

Chapter 1 on Ethernet mentioned about autonegotation using Fast Link Pulses so I wanted to find a little bit more about how this works. Cisco devices detect link speed and duplex settings using Fast Link Pulses (FLP) which is adapted from Normal Link Pulses (NLP) defined in the 10BASET specifications. This negotiation will only occur over 8 wire twisted pair copper and as such wont happen on other media types such as Fiber.

Upon an interface coming up a FLP burst will send 17 pulses of 100ns each representing a Link Code Word (LCW) which informs the other end of the link about the media speed and type and standards to use. The LCW only sends enough information to setup link speed of 100Mbps, so for Gigabit speeds multiple LCWs are sent which contain extra information such as master/slave settings, and multiport capabilities.

Although other media types such as fiber don’t use FLP they do use similar auto negotiation protocols.

Before FLP was defined devices would send an idle signal down the wire and the other end would train to it this is called parallel detection.

Its really important to note that the 802.3u standard does not specify what FLP should do if the link has statically defined speed/duplex settings, so it reverts to parallel detection and correctly sets the speed but assumes the link it half duplex. This results in a duplex mismatch if one end of link is coded for 100Mbps Full and the other for autonegotiate.

I have heard very good reviews about the CCIE routing and Switching Exam Certification Guide, Third Edition by Cisco Press. There are 20 chapters & appendices in the book spread across 10 sections. My target starting from next week is to read and blog about, at least 2 chapters a week. From what I have heard from around the office is the CCIE written is a culmination of all the CCNP modules with a little bit of extra detail, but that is just hear say and I don’t have first hand experience of this.

Once the book has been read I will recover any of my weak points and establish my readiness for the exam by using the question database which is included with the book. I am not going to put a definitive time on taking the written yet as I am unsure of how other commitments will affect me or what additional books learning will be required.