CBT IT Certification Training

Unlimited IT Certification Courses via Streaming Video

Login to this site requires ssl communication.
Click here to reload the page over ssl.

  • Lost your password?

  • Back to login
Loading
Login to this site requires ssl communication.
Click here to reload the page over ssl.

  • Lost your password?

  • Back to login
Loading
  • Home
  • Courses
        • Amazon
          • Solutions Architect
          • SysOps Associate
        • CompTIA
          • CASP+
          • Cloud Essentials
          • CySA+
          • Data+
          • Linux+
          • Network+
          • PenTest+
          • Project+
          • Security+
        • Juniper
          • JNCIA-Junos
          • JNCIA-SEC
          • JNCIS-ENT
          • JNCIS-SEC
        • Wireshark
          • WCNA
        • Career
          • How to Break into IT
          • IT Freelancing
          • Ace Your IT Exams
        • DevOps
          • DevOps Foundations
          • Docker Basics
        • Linux
          • CompTIA Linux+
          • Linux LPI Essentials
          • Linux LPIC-1
          • Linux LPIC-2
          • Linux LPIC-3 Security
          • Red Hat RHCSA
        • TCP-IP
          • IP Subnetting
          • IPv6 Associate
          • IPv6 Professional
          • IPv6 Expert
        • Python
          • PCEP
          • PCAP
        • Cisco
          • CCNA Primer
          • CCNA Exam Coaching
          • CCNA
          • CCNA CyberOps
          • DevNet Associate
          • CCNP – ENARSI
          • CCNP ENCOR Primer
          • CCNP – ENCOR
          • CCST – Networking
        • Google
          • Cloud Architect
        • Microsoft
          • Microsoft SQL Server
          • Windows 10
          • Windows Server 2016
          • Microsoft Security
          • Azure Fundamentals
          • Azure Administrator
          • Azure Developer
        • ITIL
          • ITIL Foundations
        • Coding Academy
          • PhP Fundamentals
          • MySQL Fundamentals
          • Web Development
          • Python For Beginners
        • EC Council
          • Certified Ethical Hacker
        • ISC2
          • SSCP
        • VMware
          • VCA Data Center
        • Wireless
          • CWNA
          • CWSP
  • Racks
    • GNS3 VM – Virtual Cisco Rack
    • Live Cisco Racks
  • Tour
  • Blog
  • Join
  • Join
  • Free IT Training
    • Free CCNA Study and Lab Guide
    • CCNA Security Study and Lab Guide
    • CompTIA Network+ Study Guide
    • CompTIA Security+ Study Guide
    • Network Design Workbook
    • Free IT Webinars
    • Free IT Exams
    • Free Labs
  • Meet the Trainers
  • Help
    • Helpdesk
    • FAQ
    • Contact Us
    • Privacy
    • Meet the Trainers
  • Products
    • IT Study Guides
  • Start $1 Trial
  • Login
  • Members
    • Account
    • Exam Coaching
    • Exams
    • Forum
    • Live Cisco Rack Training
    • Members Training
    • Member Bonuses
    • My Courses
    • Nuggets
  • Home
  • Courses
        • Amazon
          • Solutions Architect
          • SysOps Associate
        • CompTIA
          • CASP+
          • Cloud Essentials
          • CySA+
          • Data+
          • Linux+
          • Network+
          • PenTest+
          • Project+
          • Security+
        • Juniper
          • JNCIA-Junos
          • JNCIA-SEC
          • JNCIS-ENT
          • JNCIS-SEC
        • Wireshark
          • WCNA
        • Career
          • How to Break into IT
          • IT Freelancing
          • Ace Your IT Exams
        • DevOps
          • DevOps Foundations
          • Docker Basics
        • Linux
          • CompTIA Linux+
          • Linux LPI Essentials
          • Linux LPIC-1
          • Linux LPIC-2
          • Linux LPIC-3 Security
          • Red Hat RHCSA
        • TCP-IP
          • IP Subnetting
          • IPv6 Associate
          • IPv6 Professional
          • IPv6 Expert
        • Python
          • PCEP
          • PCAP
        • Cisco
          • CCNA Primer
          • CCNA Exam Coaching
          • CCNA
          • CCNA CyberOps
          • DevNet Associate
          • CCNP – ENARSI
          • CCNP ENCOR Primer
          • CCNP – ENCOR
          • CCST – Networking
        • Google
          • Cloud Architect
        • Microsoft
          • Microsoft SQL Server
          • Windows 10
          • Windows Server 2016
          • Microsoft Security
          • Azure Fundamentals
          • Azure Administrator
          • Azure Developer
        • ITIL
          • ITIL Foundations
        • Coding Academy
          • PhP Fundamentals
          • MySQL Fundamentals
          • Web Development
          • Python For Beginners
        • EC Council
          • Certified Ethical Hacker
        • ISC2
          • SSCP
        • VMware
          • VCA Data Center
        • Wireless
          • CWNA
          • CWSP
  • Racks
    • GNS3 VM – Virtual Cisco Rack
    • Live Cisco Racks
  • Tour
  • Blog
  • Join
  • Join
  • Free IT Training
    • Free CCNA Study and Lab Guide
    • CCNA Security Study and Lab Guide
    • CompTIA Network+ Study Guide
    • CompTIA Security+ Study Guide
    • Network Design Workbook
    • Free IT Webinars
    • Free IT Exams
    • Free Labs
  • Meet the Trainers
  • Help
    • Helpdesk
    • FAQ
    • Contact Us
    • Privacy
    • Meet the Trainers
  • Products
    • IT Study Guides
  • Start $1 Trial
  • Login
  • Members
    • Account
    • Exam Coaching
    • Exams
    • Forum
    • Live Cisco Rack Training
    • Members Training
    • Member Bonuses
    • My Courses
    • Nuggets

Port-Based Traffic Control

Lab 13 

Catalyst Switch Port-Based Traffic Control

Back to book index.

Lab Objective:

The objective of this lab exercise is for you to learn and understand how enable port-based traffic control features on Cisco IOS Catalyst switches.

Lab Purpose:

Catalyst switch port-based traffic control features are implemented at the port-level on Cisco IOS Catalyst switches and provide per-port security on these devices.

Lab Difficulty:

This lab has a difficulty rating of 8/10.

Readiness Assessment:

When you are ready for your certification exam, you should complete this lab in no more than 15 minutes. 

Lab Topology:

Please use any single switch to complete this lab:

Lab 13 1

NOTE:

 

This lab is based on a Cisco Catalyst switch with 24-10/100 FastEthernet ports and 2-1000Mbs GigabitEthernet ports. If you do NOT have a similar switch, substitute the port numbers or port ranges used in this lab with those available on your switch. For example, if you only have 12-10/100 FastEthernet ports and a Task refers to Ports 1-24, simply adjust the question to Ports 1-12 so that you can complete the lab on your switch. In a similar manner, if a Task asks for configuration on the GigabitEthernet ports, and you only have a 12-port 10/100 FastEthernet switch, simply substitute GigabitEthernet0/1 and GigabitEthernet0/2 with FastEthernet0/11 and FastEthernet0/12, for example.

Lab 13 Configuration Tasks 

Task 1:

Configure the hostname on Sw1 as illustrated in the diagram. In addition to this configure Sw1 so that it operates in Transparent mode switch in VTP domain SECURITY. This domain should be secured by the password secure for security purposes. 

Task 2:

Configure storm control on ports FastEthernet0/1 – FastEthernet0/8 as follows:

Traffic Type Suppress when exceeds (%) Forward when below (%)
Broadcast 15 10
Multicast 80 50
Unicast 95 75

When these thresholds are exceeded, Sw1 should send an SNMP Trap notification to server 192.168.1.254. This server uses the SNMP community STRMCTRL as a RO community.

Task 3:

Configure FastEthernet0/9 – FastEthernet0/15 so that there is never an exchange of Unicast, Broadcast, or Multicast traffic between these ports on the switch.

Task 4:

Configure FastEthernet0/16 – FastEthernet0/24 so that these ports send an SNMP trap when a MAC address is added to the entries already learned.

Lab 13 Configuration and Verification

Task 1:

Switch(config)#hostname Sw1

Sw1(config)#vtp mode transparent

Setting device to VTP TRANSPARENT mode.

Sw1(config)#vtp domain SECURITY

Changing VTP domain name from Null to SECURITY

Sw1(config)#vtp password secure

Setting device VLAN database password to secure

Sw1(config)#exit

Sw1#

Sw1#show vtp status

VTP Version                     : 2

Configuration Revision          : 0

Maximum VLANs supported locally : 250

Number of existing VLANs        : 5

VTP Operating Mode              : Transparent

VTP Domain Name                 : SECURITY

VTP Pruning Mode                : Enabled

VTP V2 Mode                     : Enabled

VTP Traps Generation            : Disabled

MD5 digest                      : 0x32 0xB2 0x45 0x18 0xB1 0x28 0x56 0x70

Configuration last modified by 0.0.0.0 at 3-1-93 00:17:41

 Task 2:

Sw1(config)#int range fastethernet0/1 – 8

Sw1(config-if-range)#storm-control broadcast level 15.00 10.00

Sw1(config-if-range)#storm-control multicast level 80.00 50.00

Sw1(config-if-range)#storm-control unicast level 95.00 75.00

Sw1(config-if-range)#storm-control action trap

Sw1(config-if-range)#exit

Sw1(config)#snmp-server host 192.168.1.254 traps STRMCTRL

Sw1(config)#snmp-server community STRMCTRL ro 10

Sw1(config)#access-list 10 permit 192.168.1.254

Sw1(config)#exit

Sw1#

Sw1#show snmp

Chassis: FOC0730W239

0 SNMP packets input

0 Bad SNMP version errors

0 Unknown community name

0 Illegal operation for community name supplied

0 Encoding errors

0 Number of requested variables

0 Number of altered variables

0 Get-request PDUs

0 Get-next PDUs

0 Set-request PDUs

0 SNMP packets output

0 Too big errors (Maximum packet size 1500)

0 No such name errors

0 Bad values errors

0 General errors

0 Response PDUs

0 Trap PDUs

SNMP global trap: disabled

 

SNMP logging: enabled

Logging to 192.168.1.254.162, 0/10, 0 sent, 0 dropped.

SNMP agent enabled

Sw1#

Sw1#

Sw1#show storm-control broadcast

Interface  Filter State   Trap State     Upper    Lower    Current  Traps Sent

———  ————-  ————-  ——-  ——-  ——-  ———-

Fa0/1      Forwarding     Below rising    15.00%   10.00%    0.00%           0

Fa0/2      Forwarding     Below rising    15.00%   10.00%    0.00%           0

Fa0/3      Forwarding     Below rising    15.00%   10.00%    0.00%           0

Fa0/4      Forwarding     Below rising    15.00%   10.00%    0.00%           0

Fa0/5      Forwarding     Below rising    15.00%   10.00%    0.00%           0

Fa0/6      Forwarding     Below rising    15.00%   10.00%    0.00%           0

Fa0/7      Forwarding     Below rising    15.00%   10.00%    0.00%           0

Fa0/8      Forwarding     Below rising    15.00%   10.00%    0.00%           0

—-[Truncated Output]—-

Sw1#

Sw1#show storm-control multicast

Interface  Filter State   Trap State     Upper    Lower    Current  Traps Sent

———  ————-  ————-  ——-  ——-  ——-  ———-

Fa0/1      Forwarding     Below rising    80.00%   50.00%    0.00%           0

Fa0/2      Forwarding     Below rising    80.00%   50.00%    0.00%           0

Fa0/3      Forwarding     Below rising    80.00%   50.00%    0.00%           0

Fa0/4      Forwarding     Below rising    80.00%   50.00%    0.00%           0

Fa0/5      Forwarding     Below rising    80.00%   50.00%    0.00%           0

Fa0/6      Forwarding     Below rising    80.00%   50.00%    0.00%           0

Fa0/7      Forwarding     Below rising    80.00%   50.00%    0.00%           0

Fa0/8      Forwarding     Below rising    80.00%   50.00%    0.00%           0

—-[Truncated Output]—-

Sw1#

Sw1#show storm-control unicast

Interface  Filter State   Trap State     Upper    Lower    Current  Traps Sent

———  ————-  ————-  ——-  ——-  ——-  ———-

Fa0/1      Forwarding     Below rising    95.00%   75.00%    0.00%           0

Fa0/2      Forwarding     Below rising    95.00%   75.00%    0.00%           0

Fa0/3      Forwarding     Below rising    95.00%   75.00%    0.00%           0

Fa0/4      Forwarding     Below rising    95.00%   75.00%    0.00%           0

Fa0/5      Forwarding     Below rising    95.00%   75.00%    0.00%           0

Fa0/6      Forwarding     Below rising    95.00%   75.00%    0.00%           0

Fa0/7      Forwarding     Below rising    95.00%   75.00%    0.00%           0

Fa0/8      Forwarding     Below rising    95.00%   75.00%    0.00%           0

 Task 3:

Sw1(config)#int range f0/9 – 15

Sw1(config-if-range)#switchport protected

Sw1(config-if-range)#exit

Sw1(config)#exit

Sw1#

Sw1#show interfaces fastethernet0/15 switchport

Name: Fa0/15

Switchport: Enabled

Administrative Mode: dynamic desirable

Operational Mode: down

Administrative Trunking Encapsulation: dot1q

Negotiation of Trunking: On

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 1 (default)

Voice VLAN: none

Administrative private-vlan host-association: none

Administrative private-vlan mapping: none

Operational private-vlan: none

Trunking VLANs Enabled: ALL

Pruning VLANs Enabled: 2-1001

Capture Mode Disabled

Capture VLANs Allowed: ALL

 

Protected: true

 

Voice VLAN: none (Inactive)

Appliance trust: none

 Task 4:

Sw1(config)#mac-address-table notification

Sw1(config)#snmp-server enable traps mac-notification

Sw1(config)#interface range f0/16 – 24

Sw1(config-if-range)#snmp trap mac-notification added

Sw1(config-if-range)#exit

Sw1(config)#exit

Sw1#

Sw1#show mac-address-table notification

MAC Notification Feature is Enabled on the switch

Interval between Notification Traps : 1 secs

Number of MAC Addresses Added : 0

Number of MAC Addresses Removed : 0

Number of Notifications sent to NMS : 0

Maximum Number of entries configured in History Table : 1

Current History Table Length : 0

MAC Notification Traps are Enabled

History Table contents

———————-

Sw1#

Sw1#

Sw1#show mac-address-table notification interface f0/24

MAC Notification Feature is Enabled on the switch

Interface            MAC Added Trap MAC Removed Trap

———            ————– —————-

FastEthernet0/24     Enabled        Disabled

Lab 13 Configurations

Sw1 Configuration

Sw1#show run

Building configuration…

 

Current configuration : 3453 bytes

!

version 12.1

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Sw1

!

no logging console

!

ip subnet-zero

vtp domain SECURITY

vtp mode transparent

!

spanning-tree mode pvst

no spanning-tree optimize bpdu transmission

spanning-tree extend system-id

!

!

interface FastEthernet0/1

no ip address

storm-control broadcast level 15.00 10.00

storm-control multicast level 80.00 50.00

storm-control unicast level 95.00 75.00

storm-control action trap

!

interface FastEthernet0/2

no ip address

storm-control broadcast level 15.00 10.00

storm-control multicast level 80.00 50.00

storm-control unicast level 95.00 75.00

storm-control action trap

!

interface FastEthernet0/3

no ip address

storm-control broadcast level 15.00 10.00

storm-control multicast level 80.00 50.00

storm-control unicast level 95.00 75.00

storm-control action trap

!

interface FastEthernet0/4

no ip address

storm-control broadcast level 15.00 10.00

storm-control multicast level 80.00 50.00

storm-control unicast level 95.00 75.00

storm-control action trap

!

interface FastEthernet0/5

no ip address

storm-control broadcast level 15.00 10.00

storm-control multicast level 80.00 50.00

storm-control unicast level 95.00 75.00

storm-control action trap

!

interface FastEthernet0/6

no ip address

storm-control broadcast level 15.00 10.00

storm-control multicast level 80.00 50.00

storm-control unicast level 95.00 75.00

storm-control action trap

!

interface FastEthernet0/7

no ip address

storm-control broadcast level 15.00 10.00

storm-control multicast level 80.00 50.00

storm-control unicast level 95.00 75.00

storm-control action trap

!

interface FastEthernet0/8

no ip address

storm-control broadcast level 15.00 10.00

storm-control multicast level 80.00 50.00

storm-control unicast level 95.00 75.00

storm-control action trap

!

interface FastEthernet0/9

switchport protected

no ip address

!

interface FastEthernet0/10

switchport protected

no ip address

!

interface FastEthernet0/11

switchport protected

no ip address

!

interface FastEthernet0/12

switchport protected

no ip address

!

interface FastEthernet0/13

switchport protected

no ip address

!

interface FastEthernet0/14

switchport protected

no ip address

!

interface FastEthernet0/15

switchport protected

no ip address

!

interface FastEthernet0/16

no ip address

snmp trap mac-notification added

!

interface FastEthernet0/17

no ip address

snmp trap mac-notification added

!

interface FastEthernet0/18

no ip address

snmp trap mac-notification added

!

interface FastEthernet0/19

no ip address

snmp trap mac-notification added

!

interface FastEthernet0/20

no ip address

snmp trap mac-notification added

!

interface FastEthernet0/21

no ip address

snmp trap mac-notification added

!

interface FastEthernet0/22

no ip address

snmp trap mac-notification added

!

interface FastEthernet0/23

no ip address

snmp trap mac-notification added

!

interface FastEthernet0/24

no ip address

snmp trap mac-notification added

!

interface GigabitEthernet0/1

no ip address

!

interface GigabitEthernet0/2

no ip address

!

interface Vlan1

no ip address

no ip route-cache

shutdown

!

ip http server

!

access-list 10 permit 192.168.1.254

snmp-server community STRMCTRL RO 10

snmp-server enable traps MAC-Notification

snmp-server host 192.168.1.254 STRMCTRL

!

line con 0

line vty 5 15

!

mac-address-table notification

end

content-filler

ABOUT US

This site has been created to help you make the best out of your IT career. Whether you are trying to get your first job, get promoted, or start your own IT business, we have a course for you.

MOST POPULAR

  • Account
  • Forum
  • Live Cisco Rack Training
  • Members Training
  • Member Bonuses
  • My Courses

Members

  • Account
  • Forum
  • Live Cisco Rack Training
  • Members Training
  • Member Bonuses
  • My Courses

Newsletter

Subscription Form

Secure Site

website security secure

Copyright Reality Press Ltd . / Paul Browning

Insert/edit link

Enter the destination URL

Or link to existing content

    No search term specified. Showing recent items. Search or use up and down arrow keys to select an item.