Wednesday, March 18, 2020
TYPES OF GUARD
Its use to implement on an access port configure with PortFast.
If BPDU Guard received BPDU from neighbor device then port become enable.
If BPDU Guard did not receive BPDU from neighbor device then port become Errdisable.
It effectively disables STP on selected ports by preventing them from send or receive any other BDPU of any deivce.
If PortFast status is loss then BPDU Filter will be in disable.
If BPDU Guard is enable on same interface as BPDU filter configure, then BPDU Guard has no effect.`
The root guard ensures that the port on which root guard is enabled is the designated port.
If Root Bridge is not appear on switch, then manually we can enable Root Guard.
Enforcedly provide the root bridge in the network.
It checks BPDUs is not received on a non-designated port & loop guard will be enabled then port move into loop-inconsistent state.
Unidirectional Link Detection (UDLD)-
It work on layer 2 protocol so they can work on keepalive mechanism.& Cisco Proprietary.
It automatically detect the losses of bidirectional link.
In Cisco devices UDLD sends out ID frames every 15 sec & For other devices by default is 7 seconds.
It is an application-layer protocol & used to manage and monitor network devices.
SNMP server use UDP-161 & SNMP agent use UDP-162.
Its software that run on management devices.
It run the network management application that monitor and control managed devices.
Management information base (MIB)-
its database is a text file (.mib), MID & object identifier( OID) file should be assigned to monitoring devices so the device can be control and manage.
SNMP versions –
There are 3 versions of SNMP:
It uses only community strings for authentication, No Authorization & no Privacy in Access mode and no encryption, it use UDP only.
It uses only community strings for authentication, No Authorization & no Privacy in Access mode and no encryption, it use UDP only but can be configure to use TCP.
It uses Hash based MAC with MD5 or SHA for authentication and DES-56 for privacy. This version uses TCP & its more secure then other version.
Its use for control the traffic between the zone which are in group of interface.
There are 3 type of zones – Inside, Outside and DMZ.
Inside Zone –
It protect the data or should not be access from unauthorized person from Outside. It also known as trusted or Internal zone.
This zone is considered to be outside the control of an organization & unsecure from Public network.
It is network resource like File server or Web server so user can be access from outside public network this DMZ is placed behind the Firewall.
So firewall has allow limited access to DMZ server.
Inside-to-Outside and Inside-to-DMZ-
Packet flow from the inside & move toward the outside or the DMZ.
Packet flow from outside & move toward the inside, but it allow only when user requested otherwise it will be block the packet.
DMZ to Inside-
Packet flow from the DMZ & move toward, But it allow only when user requested otherwise it will be block the packet.
Outside to DMZ-
Packet flow from the outside and move toward the DMZ and check by the firewall to allow or denied packet.
It only allowed email, HTTP, HTTPS, or DNS traffic.
DMZ to Outside-
Packet flow from the DMZ and move toward the outside & as per firewall rule it can be allow only specific request.
TYPES OF GUARD BPDU Guard- Its use to implement on an access port configure with PortFast. If BPDU Guard receiv...
Open Shortest Path First (OSPF) OSPF uses the Dijkstra Shortest Path First algorithm to determine the shortest path in the network....
Class of address Class ...
PRIVATE VLAN Its break VLAN domain into Primary LAN & Secondary LAN. Primary VLAN - The traffic move from the promi...