SWITCH v2.0 - Implementing Cisco IP Switched Networks

Networking/Server/Operating Systems
  LearnITAnytime Online Subscription (1 Year Subscription - $195.00)
  IT Online Library (1 Year Subscription - $1595.00)
  Private Mentoring 3 Hours ($225)
If quantity is more than 1, Please add all Attendees' Names /Voucher #/ Learning Credit below separated with a comma. If not specified, we will contact you prior to the class start date. Special Instructions


SWITCH v2.0, a five-day ILT course, includes major updates and follows an updated blueprint. (However, note that this course does not cover all items listed on the blueprint.) Some older topics have been removed or simplified, while several new IPv6 routing topics have been added. The course content has been adapted to Cisco IOS Software Release 15 and technically updated.

The goal of the course is to build upon the knowledge and skills from CCNA Routing and Switching and help you expand competencies to plan, implement, and monitor a scalable routing network.


Upon completing this course, the learner will be able to meet these overall objectives:


    1. Describe the hierarchical campus structure, basic switch operation, use of SDM templates, PoE, and LLDP
    2. Implement VLANs and trunks, explain VTP, implement DHCP in IPv4 and IPv6 environments, and configure port aggregation3. Implement and optimize the STP mechanism that best suits your network: PVST+, Rapid PVST+, or MST4. Configure routing on a multilayer switch
    5. Configure NTP, SNMP, IP SLA, and port mirroring, and verify StackWise and VSS operation
    6. Implement first-hop redundancy in IPv4 and IPv6 environments
    7. Secure the campus network according to recommended practices


    This section lists the skills and knowledge that learners must possess to benefit fully from the curriculum. It includes recommended Cisco learning offerings that the learners may complete to benefit fully from this curriculum.

    The knowledge and skills that a learner must have before attending this course are as follows:

    • Describing network fundamentals
    • Establishing Internet and WAN connectivity (IPv4 and IPv6)
    • Managing network device security
    • Operating a medium-sized LAN with multiple switches, supporting VLANs, trunking, and spanning tree
    • Troubleshooting IP connectivity (IPv4 and IPv6)
    • Configuring and troubleshooting EIGRP and OSPF (IPv4 and IPv6)
    • Configuring devices for SNMP, syslog, and NetFlow access
    • Managing Cisco device configurations, Cisco IOS images, and licenses

    It is highly recommended that this course be taken after the following Cisco courses:

    • Interconnecting Cisco Networking Devices v2.0, Part 1 (ICND1 v2.0) and Part 2 (ICND2 v2.0), or
    • Interconnecting Cisco Networking Devices: Accelerated Version 2.0 (CCNAX v2.0)

    Who Should Attend

    Learners who aim to be network professionals and who have knowledge that is obtained from Cisco CCNA courses


    Course Introduction

    • Overview
    • Course Goal and Objectives
    • Course Flow
    • Additional References
    • Your Training Curriculum

    Module 1: Basic Concepts and Network Design

      Lesson 1: Analyzing Campus Network Structure
      • Hierarchical Network Design
      • Layers in the Hierarchical Model
      • Building Cisco Enterprise Campus Architecture
      • Access Layer
      • Distribution Layer
      • Core Layer
      • Is a Core Layer Needed?
      • Types of Cisco Switches
      • Routed vs. Switched Campus Architecture

      Lesson 2: Comparing Layer 2 and Multilayer Switches

      • Layer 2 Switch Operation
      • Multilayer Switch Operation
      • Frame Rewrite
      • CAM and TCAM
      • Distributed Hardware Forwarding
      • Cisco Switching Methods
      • Route Caching
      • Topology-Based Switching

      Lesson 3: Using Cisco SDM Templates

      • What Are SDM Templates?
      • SDM Template Types
      • Changing the SDM Template
      • Choosing the Correct Template

      Lesson 4: Implementing LLDP

      • LLDP Introduction
      • Enabling LLDP
      • Discovering Neighbors Using LLDP

      Lesson 5: Implementing PoE

      • The Need for PoE
      • PoE Components
      • PoE Standards
      • PoE Negotiation
      • Configuring and Verifying PoE

    Module 2: Campus Network Architecture

      Lesson 1: Implementing VLANs and Trunks
      • The Native VLAN
      • Switch Port Mode Interactions
      • Deploying VLANs
      • End-to-End vs. Local VLANs
      • Voice VLAN Overview
      • Voice VLAN Configuration
      • Switch Configuration for Wireless Network Support

      Lesson 2: Introducing VTP

      • The Role of VTP
      • VTP Modes
      • VTP Versions
      • Default VTP Configuration
      • Overwriting VTP Configuration
      • VTP Configuration Recommendation

      Lesson 3: Implementing DHCP

      • DHCP Overview
      • DHCP Relay
      • DHCP Options

      Lesson 4: Implementing DHCP for IPv6

      • Stateless Autoconfiguration Overview
      • DHCPv6 Overview
      • DHCPv6 Operation
      • Stateless DHCPv6 Overview
      • DHCPv6 Relay Agent

      Lesson 5: Configuring Layer 2 Port Aggregation

      • The Need for EtherChannel
      • EtherChannel Mode Interactions
      • Layer 2 EtherChannel Configuration Guidelines
      • EtherChannel Load-Balancing Options
      • EtherChannel Load-Balancing Operation
      • EtherChannel Guard

    Module 3: Spanning Tree Implementation

      Lesson 1: Implementing RSTP
      • STP Overview
      • STP Standards
      • STP Operation
      • Bridge Protocol Data Units
      • Root Bridge Election
      • Root Port Election
      • Designated Port Election
      • STP Port States
      • Per VLAN Spanning Tree
      • RSTP Port Roles
      • Comparison of RSTP and STP Port States
      • STP Topology Changes
      • RSTP Topology Changes
      • RSTP Link Types

      Lesson 2: Implementing STP Stability Mechanisms

      • Cisco STP Toolkit
      • UplinkFast
      • BackboneFast
      • PortFast
      • Securing a PortFast Interface with BPDU guard
      • Disabling STP with BPDU filter
      • The Problem with Unidirectional Links
      • Loop Guard Overview
      • Loop Guard Configuration
      • Loop Guard Verification
      • UDLD Overview
      • UDLD Configuration
      • Comparing Loop Guard with UDLD
      • UDLD Recommended Practices
      • STP Stability Mechanism Recommendations
      • Flex Links

      Lesson 3: Implementing MST

      • Introducing MST
      • MST Regions
      • STP Instances with MST
      • Extended System ID for MST
      • Configuring MST Path Cost
      • Configuring MST Port Priority
      • MST Protocol Migration
      • MST Recommended Practices

    Module 4: Inter-VLAN Routing

      Lesson 1: Implementing Inter-VLAN Routing Using a Router
      • Inter-VLAN Routing Using an External Router
      • External Router: Advantages and Disadvantages

      Lesson 2: Configuring a Switch to Route

      • Switch Virtual Interfaces
      • Routed Switch Ports
      • SVI autostate exclude Command
      • SVI Configuration Checklist
      • Layer 2 EtherChannel vs. Layer 3 EtherChannel
      • Layer 3 EtherChannel Configuration

    Module 5: High-Availability Networks

      Lesson 1: Configuring Network Time Protocol
      • The Need for Accurate Time
      • Configuring the System Clock Manually
      • Network Time Protocol
      • NTP Modes
      • Securing NTP
      • NTP Source Address
      • NTP Versions
      • NTP in an IPv6 Environment
      • Simple Network Time Protocol
      • SNTP Configuration

      Lesson 2: Implementing SNMP Version 3

      • SNMP Overview
      • SNMP Versions
      • SNMP Recommendations
      • SNMPv3 Configuration
      • Verifying the SNMPv3 Configuration

      Lesson 3: Implementing the Cisco IOS IP SLA

      • Cisco IOS IP SLA Introduction
      • IP SLA Source and Responder
      • IP SLA Operation with Responder
      • IP SLA Responder Time Stamps
      • Configuring Authentication for the IP SLA
      • Configuration Example: UDP Jitter

      Lesson 4: Implementing Port Mirroring for Monitoring Support

      • What Is SPAN?
      • SPAN Terminology
      • Remote SPAN
      • Local SPAN Configuration
      • Verifying the Local SPAN Configuration
      • RSPAN Configuration
      • Verifying the RSPAN Configuration

      Lesson 5: Verifying Switch Virtualization

      • The Need for Logical Switching Architectures
      • What Is StackWise?
      • StackWise Benefits
      • Verifying StackWise
      • Redundant Switch Supervisors
      • Supervisor Redundancy Modes
      • What Is VSS?
      • VSS Benefits
      • Verifying VSS

    Module 6: First Hop Redundancy Protocol Implementation

      Lesson 1: Configuring Layer 3 Redundancy with HSRP
      • The Need for First-Hop Redundancy
      • The Idea Behind the First-Hop Redundancy Process
      • HSRP State Transition
      • HSRP and STP
      • Load Sharing with HSRP
      • The Need for Interface Tracking with HSRP
      • HSRP Interface Tracking
      • HSRP and Object Tracking
      • HSRP Authentication
      • HSRP Timers
      • HSRP Versions

      Lesson 2: Configuring Layer 3 Redundancy with VRRP

      • About VRRP
      • Tracking and VRRP
      • VRRP Interface-Tracking Configuration

      Lesson 3: Configuring Layer 3 Redundancy with GLBP

      • Introducing GLBP
      • GLBP vs. HSRP
      • GLBP States
      • GLBP Load-Balancing Options
      • GLBP Authentication
      • GLBP and STP
      • Tracking and GLBP

      Lesson 4: Configuring First Hop Redundancy Protocol for IPv6

      • IPv6 Native First-Hop Redundancy
      • Why FHRP in IPv6?
      • HSRP for IPv6
      • GLBP for IPv6

    Module 7: Campus Network Security

      Lesson 1: Implementing Port Security
      • Overview of Switch Security Issues
      • Recommended Practices for Switch Security
      • Unauthorized Access by Rogue Devices
      • Switch Attack Categories
      • MAC Flooding Attack
      • Introducing Port Security
      • Port Error Conditions
      • Error-Disabled Port Automatic Recovery
      • Port Access Lists
      • Configure Port Access Lists

      Lesson 2: Implementing Storm Control

      • Storm Control
      • Configuring Storm Control
      • Verifying Storm Control Behavior

      Lesson 3: Implementing Access to External Authentication

      • AAA Framework Overview
      • Benefits of AAA Usage
      • Authentication Options
      • RADIUS and TACACS+
      • Enabling AAA and Configuring a Local User for Fallback
      • Configuring RADIUS for Console and vty Access
      • Configuring TACACS+ for Console and vty Access
      • Configuring Authorization and Accounting
      • Limitations of TACACS+ and RADIUS
      • Identity-Based Networking
      • IEEE 802.1X Port-Based Authentication
      • IEEE 802.1X Configuration Checklist

      Lesson 4: Mitigating Spoofing Attacks

      • DHCP Spoofing Attacks
      • DHCP Snooping
      • DHCP Snooping Configuration
      • IP Source Guard
      • IP Source Guard Configuration
      • ARP Spoofing
      • Dynamic ARP Inspection
      • DAI Configuration

      Lesson 5: Securing VLAN Trunks

      • Switch Spoofing
      • Protecting Against Switch Spoofing
      • VLAN Hopping
      • Protecting Against VLAN Hopping
      • VLAN Access Lists
      • VACL Interaction with ACL and PACL
      • Configuring VACLs

      Lesson 6: Configuring PVLANs

      • The Need for PVLANs
      • Introduction to PVLANs
      • PVLAN Port Types
      • PVLAN Configuration
      • PVLAN Verification
      • PVLANs Across Multiple Switches
      • Protected Port Feature

      Lesson 7: Module Summary

    Lab Outline

      Discovery 1: Investigating the CAM
      Discovery 2: Configuring VLANs and Trunks
      Discovery 3: VTP Operation
      Discovery 4: Exploring DHCP
      Discovery 5: Obtaining IPv6 Addresses Dynamically
      Discovery 6: EtherChannel Configuration and Load Balancing
      Discovery 7: Discovering and Modifying STP Behavior
      Discovery 8: Root Guard
      Discovery 9: Configuring MST
      Discovery 10: Routing with an External Router
      Discovery 11: Routing on a Multilayer Switch
      Discovery 12: NTP Configuration
      Discovery 13: IP SLA Echo Configuration
      Discovery 14: Configuring and Tuning HSRP
      Discovery 15: Configure VRRP and Spot the Differences from HSRP
      Discovery 16: Configure GLBP
      Discovery 17: Port Security



        Challenge 1: Network Discovery
        Challenge 2: Configure DHCP
        Challenge 3: Configure DHCPv6
        Challenge 4: Configure EtherChannel
        Challenge 5: Implement RSTP
        Challenge 6: Improve STP Configuration
        Challenge 7: Configure MST
        Challenge 8: Configure Routing Between VLANs with a Router
        Challenge 9: Configure Routing on a Multilayer Switch
        Challenge 10: Configure NTP
        Challenge 11: Configure Network Monitoring Using the Cisco IOS IP SLA
        Challenge 12: Configure HSRP with Load Balancing
        Challenge 13: Configure VRRP with Load Balancing
        Challenge 14: Implement GLBP
        Challenge 15: Configure HSRP for IPv6
        Challenge 16: Control Network Access with Port Security