40,99 €
Mehr erfahren.
- Herausgeber: John Wiley & Sons
- Kategorie: Wissenschaft und neue Technologien
- Sprache: Englisch
The practical and conceptual knowledge you need to attain CCNP Enterprise certification From one of the most trusted study guide publishers comes CCNP Enterprise Certification Study Guide: Exam 350-401. This guide helps you develop practical knowledge and best practices for critical aspects of enterprise infrastructure so you can gain your CCNP Enterprise certification. If you're hoping to attain a broader range of skills and a solid understanding of Cisco technology, this guide will also provide fundamental concepts for learning how to implement and operate Cisco enterprise network core technologies. By focusing on real-world skills, each chapter prepares you with the knowledge you need to excel in your current role and beyond. It covers emerging and industry-specific topics, such as SD-WAN, network design, wireless, and automation. This practical guide also includes lessons on: * Automation * Network assurance * Security * Enterprise infrastructure * Dual-stack architecture * Virtualization In addition to helping you gain enterprise knowledge, this study guidecan lead you toward your Cisco specialist certification. When you purchase this guide, you get access to the information you need to prepare yourself for advances in technology and new applications, as well as online study tools such as: * Bonus practice exams * Pre-made flashcards * Glossary of key terms * Specific focus areas Expand your skillset and take your career to the next level with CCNP Enterprise Certification Study Guide.
Sie lesen das E-Book in den Legimi-Apps auf:
Seitenzahl: 739
Veröffentlichungsjahr: 2020
Ähnliche
CCNP®Enterprise Certification Study Guide
Ben Piper
Copyright © 2020 by John Wiley & Sons, Inc., Indianapolis, Indiana
ISBN: 978-1-119-65875-7 ISBN: 978-1-119-65882-5 (ebk.) ISBN: 978-1-119-65880-1 (ebk.)
Manufactured in the United States of America
No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 6468600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.
Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read.
For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002.
Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.
Library of Congress Control Number: 2020935632
TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. CCNP is a registered trademark of Cisco Technology, Inc. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.
I dedicate this book to the Lord Jesus Christ through Whom all things were created and in Whom all things hold together
Acknowledgments
I’d like to thank the following people who helped create this CCNP Enterprise Certification Study Guide: Exam 350-401. A special thanks to Kenyon Brown, senior acquisitions editor, for the opportunity to write this book. Thanks to John Sleeva, project editor, for pushing me to meet my deadlines. His suggestions and edits helped make this book more user friendly. Thanks also go to Christine O’Connor, production editor; Pete Gaughan, content enablement manager; and Louise Watson at Word One, proofreader. Jon Buhagiar reviewed the chapters and questions for technical accuracy. His comments guided by his expertise helped make this book more practical, accurate, and well rounded.
About the Author
Ben Piper is a networking and cloud consultant who has authored multiple books including the AWS Certified Solutions Architect Study Guide: Associate SAA-C01 Exam, Second Edition (Sybex, 2019), AWS Certified Cloud Practitioner Study Guide: Foundational CLF-C01 Exam (Sybex, 2019), and Learn Cisco Network Administration in a Month of Lunches (Manning, 2017). You can contact Ben by visiting his website https://benpiper.com.
CONTENTS
Cover
Acknowledgments
About the Author
Introduction
What Does This Book Cover?
Interactive Online Learning Environment and Test Bank
Exam Objectives
Objective Map
Assessment Test
Answers to Assessment Test
Chapter 1: Networking Fundamentals
The OSI Model
Layer 1: The Physical Layer
Layer 2: The Data Link Layer
Layer 3: The Network Layer
Layer 4: The Transport Layer
Summary
Exam Essentials
Review Questions
Chapter 2: Spanning Tree Protocols
The Need for Spanning Tree
VLANs and Trunking
Rapid Per-VLAN Spanning Tree
Multiple Spanning Tree
Spanning Tree Extensions
Summary
Exam Essentials
Exercises
Review Questions
Chapter 3: Enterprise Network Design
Physical Network Architectures
Layer 2 Design
EtherChannels
First-Hop Redundancy Protocols
Summary
Exam Essentials
Review Questions
Chapter 4: Wireless LAN (WLAN)
Radio Frequency Fundamentals
WLAN 802.11 Standards
Access Point Modes
Roaming and Location Services
Summary
Exam Essentials
Review Questions
Chapter 5: Open Shortest Path First (OSPF)
Link-State Advertisements
Neighbor Operations
Configuring OSPF
Summary
Exam Essentials
Exercises
Review Questions
Chapter 6: Enhanced Interior Gateway Routing Protocol (EIGRP)
EIGRP Fundamentals
Configuring EIGRP
Summary
Exam Essentials
Exercises
Review Questions
Chapter 7: The Border Gateway Protocol (BGP)
BGP Fundamentals
Configuring BGP
Summary
Exam Essentials
Exercises
Review Questions
Chapter 8: Network Address Translation and Multicast
Network Address Translation
Multicast
Summary
Exam Essentials
Exercises
Review Questions
Chapter 9: Quality of Service
Understanding Quality of Service
Classification and Marking
Policing
Queuing
Shaping
Summary
Exam Essentials
Exercises
Review Questions
Chapter 10: Network Virtualization
Virtual Machines, Hypervisors, and Network Virtualization
Generic Routing Encapsulation Tunnels
IP Security
Location/ID Separation Protocol
Virtual Extensible Local Area Network
Virtual Routing and Forwarding
Summary
Exam Essentials
Exercises
Review Questions
Chapter 11: Software-Defined Networking and Network Programmability
What Is Software-Defined Networking?
Software-Defined Access
Software-Defined WAN
Network Programmability and Automation
Summary
Exam Essentials
Exercises
Review Questions
Chapter 12: Network Security and Monitoring
Infrastructure Security
Cisco Security Products
Wireless Security
Monitoring
Summary
Exam Essentials
Exercises
Review Questions
Appendix Answers to Review Questions
Chapter 1: Networking Fundamentals
Chapter 2: Spanning Tree Protocols
Chapter 3: Enterprise Network Design
Chapter 4: Wireless LAN (WLAN)
Chapter 5: Open Shortest Path First (OSPF)
Chapter 6: Enhanced Interior Gateway Routing Protocol (EIGRP)
Chapter 7: The Border Gateway Protocol (BGP)
Chapter 8: Network Address Translation and Multicast
Chapter 9: Quality of Service
Chapter 10: Network Virtualization
Chapter 11: Software-Defined Networking and Network Programmability
Chapter 12: Network Security and Monitoring
Index
Online Test Bank
End User License Agreement
List of Tables
Chapter 1
Table 1.1
Table 1.2
Table 1.3
Chapter 2
Table 2.1
Chapter 3
Table 3.1
Table 3.2
Table 3.3
Table 3.4
Chapter 4
Table 4.1
Table 4.2
Table 4.3
Chapter 8
Table 8.1
Chapter 9
Table 9.1
Table 9.2
Chapter 11
Table 11.1
Table 11.2
Chapter 12
Table 12.1
Table 12.2
List of Illustrations
Chapter 1
Figure 1.1
How layers abstract the network from an application
Figure 1.2
At each layer, data is encapsulated in a PDU and passed down to the n...
Figure 1.3
Layer 2 frame and layer 1 packet, structurally identical to the revis...
Figure 1.4
Early Ethernet over a shared medium compared to Ethernet using a swit...
Figure 1.5
Simple layer 2 and layer 3 topologies
Figure 1.6
Layered representation of the network
Figure 1.7
Encapsulation of a TCP segment and IP packet inside an Ethernet frame...
Chapter 2
Figure 2.1
Physical looped topology
Figure 2.2
Converged STP topology with SW1 as the root
Figure 2.3
Multiple VLANs over 802.1Q trunks
Figure 2.4
Converged STP topology with SW3 as the new root
Figure 2.5
VLAN 1 topology with SW3 as root
Figure 2.6
Converged VLAN 1 topology with SW2
Gi1/0
...
Figure 2.7
Multiple Spanning Tree
Figure 2.8
Physical topology for Exercise 2.1
Chapter 3
Figure 3.1
East-West traffic flow in a data center network using the leaf...
Figure 3.2
Core, distribution, and access tiers
Figure 3.3
Two access-distribution blocks connected to the core
Figure 3.4
Collapsed core
Figure 3.5
Switched vs. routed topology
Figure 3.6
A looped triangle topology
Figure 3.7
A looped square topology
Figure 3.8
Recommended loop-free topology
Figure 3.9
Loop-free U-topology
Figure 3.10
Loop-free inverted-U topology
Figure 3.11
Virtual switch topology
Figure 3.12
Routed access topology
Figure 3.13
EtherChannel between SW3 and SW4
Chapter 4
Figure 4.1
Representation of radio wave at 10 Hz with an amplitude of 1...
Figure 4.2
Amplitude decreases with the square of the distance.
Chapter 5
Figure 5.1
An OSPF topology
Figure 5.2
Layer 2 topology
Chapter 6
Figure 6.1
Simple EIGRP topology
Figure 6.2
EIGRP weighted metric formula
Figure 6.3
EIGRP layer 3 topology
Figure 6.4
Layer 2 topology
Chapter 7
Figure 7.1
BGP peers in different autonomous systems
Figure 7.2
Route propagation and loop prevention among BGP neighbors in...
Figure 7.3
Layer 3 topology using BGP, OSPF, and EIGRP
Chapter 8
Figure 8.1
Inside versus outside networks
Figure 8.2
Static NAT
Figure 8.3
Layer 3 topology
Figure 8.4
Layer 2 topology
Figure 8.5
Multicast topology
Chapter 9
Figure 9.1
Setting a QoS profile
Figure 9.2
The Platinum QoS profile
Chapter 10
Figure 10.1
L2 VM-to-VM traffic using a virtual switching...
Figure 10.2
L2 VM-to-switch traffic using a virtual switc...
Figure 10.3
L3 VM-to-VM traffic using a virtual switch an...
Figure 10.4
L2 VM-to-VM traffic switched internally using...
Figure 10.5
L2 VM-to-VM traffic switched externally using...
Figure 10.6
Underlay topology running BGP. R1 (AS 65001) and R2 (AS 650...
Figure 10.7
GRE topology
Figure 10.8
Using LISP for IP mobility
Figure 10.9
VXLAN flood-and-learn configuration using mul...
Figure 10.10
VRF topology
Chapter 11
Figure 11.1
Scalable groups in Cisco DNA Center
Figure 11.2
Group-based access control policies in Cisco DNA Center
Figure 11.3
Network Settings page under the Design workflow of Cisco DNA Center
Figure 11.4
Inventory page under the Provision workflow of Cisco DNA Center
Figure 11.5
Fabric Infrastructure page under the Provision workflow of Cisco DNA...
Figure 11.6
Fabric Host Onboarding page under the Provision workflow of Cisco DN...
Figure 11.7
The Overall Health dashboard in the Assurance workflow of Cisco DNA ...
Figure 11.8
The Application Health dashboard in the Assurance workflow of Cisco ...
Figure 11.9
The Client Health dashboard in the Assurance workflow of Cisco DNA C...
Figure 11.10
The vManage Network Management System web interface
Chapter 12
Figure 12.1
Example network topology
Figure 12.2
WebAuth login page configuration
Figure 12.3
WLAN list
Figure 12.4
WLAN layer 2 configuration
Figure 12.5
RADIUS server configuration
Figure 12.6
AAA server configuration
Figure 12.7
WLAN WPA2 and 802.1X configuration
Figure 12.8
Specifying security and encryption authentication method
Figure 12.9
Specifying user authentication mode
Figure 12.10
Setting a WPA/WPA2 preshared key
Guide
Cover
Table of Contents
Acknowledgments
Pages
iii
iv
v
vii
ix
xxi
xxii
xxiii
xxiv
xxv
xxvi
xxvii
xxviii
xxix
xxx
xxxi
xxxii
xxxiii
xxxiv
xxxv
xxxvi
xxxvii
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
463
464
465
466
467
468
469
470
471
472
473
474
475
Introduction
Networking is uniquely challenging in that it's not a single technology, but a collection of interdependent technologies that every other aspect of IT depends on. Without networking, there are no connected applications and that means there are no IT employees. Even if you're not sure that you want networking to become your permanent career, becoming an expert at networking will open the doors for other in-demand areas of IT, including security, software development, and cloud computing.
Cisco's Professional Network Certifications
In 2019, Cisco announced updates to its Cisco Certified Network Professional (CCNP) certification program. There are six professional level certifications to choose from:
CCNP Enterprise
CCNP Data Center
CCNP Security
CCNP Service Provider
CCNP Collaboration
Cisco Certified DevNet Professional
Each certification requires passing one core exam and one concentration exam. The core exam for the CCNP Enterprise certification is 350-401 ENCOR, “Implementing Cisco Enterprise Network Core Technologies.” The concentration exams let you focus on a specific specialty, such as routing, wireless, network design, automation, or software-defined networking (SDN). Regardless of the concentration exam you choose, you must pass the ENCOR exam to attain your CCNP Enterprise certification.
Is CCNP Certification Right for You?
Many who attain the Cisco Certified Network Associate (CCNA) don't go on to pursue more advanced Cisco certifications. So why should you consider the CCNP Enterprise certification, and is it right for you? It may be right for you if
You have a passion for networking.
You want to set yourself apart as someone who has a passion for technology and isn't just in it for the money (although there is plenty of that!).
You want to specialize in security, wireless, network automation, cloud, or software-defined networking.
You enjoy tweaking the “nerd knobs” on individual technologies just to see what will happen.
You love facing and overcoming the challenges of troubleshooting.
Study Tips
Before taking the CCNP ENCOR exam, there are a few things to keep in mind. There's no reason that you can't pass the exam the first time. To help you do that, I want to share with you some study tips that have helped me pass several Cisco certification exams on the first try. One of the neglected skills required on any Cisco exam is speed. Being able to troubleshoot a 10-router Open Shortest Path First (OSPF) topology is good. Taking 15 minutes to do it is not so good. I can't stress enough the importance of spending quality time with the command-line interface (CLI). You should spend at least 50 percent of your study time on configuring and troubleshooting a variety of topologies and technologies.
There's an old Latin proverb that repetition is the mother of learning. Repetition—in terms of both study and practice—is going to be your best friend. Understanding networking requires making connections that aren't always obvious, and the more you practice and study, the more opportunities your mind has to make those connections. For years I've used SuperMemo (https://super-memory.com), a flashcard-like program that lets you create your own question-and-answer pairs, quizzes you, and shows you how well you're retaining the information. What makes SuperMemo superior to flashcards is that it identifies the information you've already retained, and it doesn't waste time continuing to quiz you on it. That means you can safely load your collection with hundreds of items while still using your time efficiently.
One last tip: As you read this study guide cover to cover, keep a running list of questions and things you're not sure about. Chances are if you find something confusing, a lot of other people did too, and that makes it good fodder for the exam. Be sure to visit https://benpiper.com/encor for book resources, updates, and errata.
Prerequisites and Lab Requirements
The CCNA certification isn't required to attain the CCNP Enterprise certification. Nevertheless, I strongly recommend that you obtain your CCNA certification or the equivalent experience before embarking on your CCNP Enterprise journey. Refer to the CCNA exam blueprint (www.cisco.com/c/en/us/training-events/training-certifications/certifications/associate/ccna.html) for a full list of topics you should already be familiar with. Because the CCNP Enterprise is a professional-level certification, I don't review some of the basics covered by the CCNA such as subnetting, IPv4, and IPv6 addressing.
You'll need a virtual or physical lab, which you should already have from your previous networking studies. Your lab should be able to support at least eight routers and two layer 3 switches running IOS version 15.2 or later. You should be able to configure your lab on your own by looking at layer 2 and layer 3 diagrams. Topology diagrams will be included in each chapter.
If your existing lab doesn't meet the requirement, Cisco Virtual Internet Routing Lab (http://virl.cisco.com) includes virtual machine images for a variety of switches and routers. These images are virtual machines that run using QEMU and are light on CPU and memory, so you don't need a beast of a server to run simulations, although more resources always help. Other options, although not blessed by Cisco, are GNS3 (https://gns3.com) and EVE-NG (www.eve-ng.net).
How to Use This Book
Hands-on experience is crucial for exam success. Each chapter in this study guide contains hands-on exercises that you should strive to complete during or immediately after your reading of the chapter. The exercises are there to test your understanding, and not to cover every possible permutation of configurations. The exercises are your foundation, and you should build on them by experimenting with them, breaking things, and then figuring out how to fix them.
Each chapter contains review questions to thoroughly test your understanding of the services and concepts covered in that chapter. They also test your ability to integrate the concepts with information from preceding chapters. I've designed the questions to help you realistically gauge your understanding and identify your blind spots. Once you complete the assessment in each chapter, referring to the answer key will give you not only the correct answers but a detailed explanation as to why they're correct. Even if you feel comfortable on a certain topic, resist the urge to skip over the pertinent chapter. I strongly encourage you to carefully read this book from cover to cover so that you can discover your strengths and weaknesses—particularly the ones you may not be aware of. Remember, even though you can't learn networking just by reading a book, it's equally true that you can't learn without reading a book.
The book also contains a self-assessment exam with 36 questions, two practice exams with 50 questions each to help you gauge your readiness to take the exam, and flashcards to help you learn and retain key facts needed to prepare for the exam.
What Does This Book Cover?
This book covers topics you need to know to prepare for the CCNP ENCOR exam:
Chapter 1: Networking Fundamentals This chapter overviews the fundamentals of networking theory and network design.
Chapter 2: Spanning Tree Protocols This chapter covers Spanning Tree protocols, including Rapid Spanning Tree and Multiple Instance Spanning Tree. We also cover VLANs, trunking, and pruning.
Chapter 3: Enterprise Network Design In this chapter, you'll learn the advantages and disadvantages of different physical and layer 2 network designs. We also dive into EtherChannels and first-hop redundancy protocols.
Chapter 4: Wireless LAN (WLAN) This chapter explains the fundamentals of radio frequency, WLAN 802.11 standards, wireless security, and WLAN controller (WLC) design and deployment considerations.
Chapter 5: Open Shortest Path First (OSPF) In this chapter, you'll learn how to configure and troubleshoot OSPF adjacencies, authentication, route filtering, summarization, and more.
Chapter 6: Enhanced Interior Gateway Routing Protocol (EIGRP) This chapter covers advanced EIGRP concepts, including redistribution, multipathing, and path control.
Chapter 7: The Border Gateway Protocol (BGP) In this chapter, you'll learn all about BGP, including path selection, redistribution, summarization, and filtering.
Chapter 8: Network Address Translation and Multicast This two-for-the-price-of-one chapter gives you complete coverage of network address translation and multicast.
Chapter 9: Quality of Service This chapter covers QoS concepts, including queuing, policing, shaping, and classification.
Chapter 10: Network Virtualization This chapter dives deep into virtualization concepts such as server virtualization, network virtualization, generic routing encapsulation, IPsec, LISP, and VXLAN.
Chapter 11: Software-Defined Networking and Network Programmability In this chapter, you'll learn about Cisco's software-defined networking (SDN) solutions, SD-Access, Cisco DNA Center, and SD-WAN. You'll also learn about network automation tools such as Python, RESTCONF, NETCONF, Ansible, Chef, Puppet, and SaltStack.
Chapter 12: Network Security and Monitoring This chapter will show you how to implement infrastructure security best practices and wireless security configurations. You'll also learn about Cisco security products and how to monitor your network using NetFlow, IPSLA, debugs, Syslog, SNMP, and more.
Interactive Online Learning Environment and Test Bank
The interactive online learning environment that accompanies this CCNP Enterprise Certification Study Guide: Exam 350-401 provides a test bank with study tools to help you prepare for the certification exam—and increase your chances of passing it the first time! The test bank includes the following:
Sample Tests All the questions in this book are provided, including the assessment test at the end of this introduction and the chapter tests that include the review questions at the end of each chapter. In addition, there are two practice exams with 50 questions each. Use these questions to test your knowledge of the study guide material. The online test bank runs on multiple devices.
Flashcards The online text banks include 100 flashcards specifically written to hit you hard, so don't get discouraged if you don't ace your way through them at first. They're there to ensure that you're really ready for the exam. And no worries—armed with the review questions, practice exams, and flashcards, you'll be more than prepared when exam day comes. Questions are provided in digital flashcard format (a question followed by a single correct answer). You can use the flashcards to reinforce your learning and provide last-minute test prep before the exam.
Other Study Tools A glossary of key terms from this book is available as a fully searchable PDF.
Go to www.wiley.com/go/sybextestprep to register and gain access to this interactive online learning environment and test bank with study tools.
Exam Objectives
The CCNP ENCOR exam is intended for people who have experience implementing enterprise network technologies including IPv4 and IPv6 architecture, virtualization, monitoring, security, and automation. In general, you should have the following before taking the exam:
A minimum of two years of hands-on experience configuring and troubleshooting routers and switches
Ability to design and configure a network based on customer requirements
Ability to provide implementation guidance
A mastery of IPv4 and IPv6
The exam covers six different domains, with each domain broken down into objectives.
Objective Map
The following table lists each domain and its weighting in the exam, along with the chapters in the book where that domain's objectives are covered.
Domain
Percentage of exam
Chapter
Domain 1: Architecture
15%
1.1 Explain the different design principles used in an enterprise network
1, 3
1.2 Analyze design principles of a WLAN deployment
4
1.3 Differentiate between on-premises and cloud infrastructure deployments
11
1.4 Explain the working principles of the Cisco SD-WAN solution
11
1.5 Explain the working principles of the Cisco SD-Access solution
11
1.6 Describe concepts of wired and wireless QoS
9
1.7 Differentiate hardware and software switching mechanisms
1
Domain 2: Virtualization
10%
2.1 Describe device virtualization technologies
10
2.2 Configure and verify data path virtualization technologies
10
2.3 Describe network virtualization concepts
10
Domain 3: Infrastructure
30%
3.1 Layer 2
1, 2, 3
3.2 Layer 3
1, 5, 6, 7
3.3 Wireless
4
3.4 IP Services
3, 8, 12
Domain 4: Network Assurance
10%
4.1 Diagnose network problems using tools such as debugs, conditional debugs, trace route, ping, SNMP, and syslog
12
4.2 Configure and verify device monitoring using syslog for remote logging
12
4.3 Configure and verify NetFlow and Flexible NetFlow
12
4.4 Configure and verify SPAN/RSPAN/ERSPAN
12
4.5 Configure and verify IPSLA
12
4.6 Describe Cisco DNA Center workflows to apply network configuration, monitoring, and management
11
4.7 Configure and verify NETCONF and RESTCONF
11
Domain 5: Security
20%
5.1 Configure and verify device access control
12
5.2 Configure and verify infrastructure security features
12
5.3 Describe REST API security
11
5.4 Configure and verify wireless security features
4, 12
5.5 Describe the components of network security design
4, 12
Domain 6: Automation
15%
6.1 Interpret basic Python components and scripts
11
6.2 Construct valid JSON encoded file
11
6.3 Describe the high-level principles and benefits of a data modeling language, such as YANG
11
6.4 Describe APIs for Cisco DNA Center and vManage
11
6.5 Interpret REST API response codes and results in payload using Cisco DNA Center and RESTCONF
11
6.6 Construct EEM applet to automate configuration, troubleshooting, or data collection
11
6.7 Compare agent vs. agentless orchestration tools, such as Chef, Puppet, Ansible, and SaltStack
11
Assessment Test
IP depends on which of the following?
Address Resolution ProtocolData link layerNetwork layerTransport layerWhich is not a function of a bridge?
Simulating some properties of a shared physical Ethernet cableMAC-based routingReducing the size of a broadcast domainFrame check sequence validationWhat are the purposes of TCP sequence numbers? (Choose two.)
Error controlOrderingFlow controlReliable deliveryThree switches are connected via 802.1Q trunk links. You need to prevent VLAN 25 traffic from reaching two of the switches. Which of the following can accomplish this? (Choose two.)
Prune VLAN 25 on the trunk links.Use routed interfaces instead of trunks.Configure Spanning Tree to block the ports to the switches.Delete VLAN 25 on the switches.Switch SW1 is running RPVST+ and is connected via a routed interface to SW2, which is running Multiple Spanning Tree. If you add VLAN 2 to both switches and map VLAN 2 to MST1 on SW2, which switch will necessarily be the root for VLAN 2?
SW1SW2The switch with the lowest bridge priorityBoth SW1 and SW2Which of the following can effectively prune a VLAN from a trunk?
BPDU GuardBPDU FilterLoop GuardUDLDWhich of the following is the most scalable physical architecture for East-West traffic patterns?
Two-tier collapsed coreLeaf-and-spine architectureRoutedThree-tierWhat are two reasons to choose a routed topology over a switched topology?
Better scalabilityBetter use of IP address spaceThe ability to stretch subnetsFaster convergenceWhich protocol does not use multicast?
LACPEtherChannelVRRPHSRPAn access point running in lightweight mode has clients connected to two SSIDs. The total number of connected clients is 25. How many CAPWAP tunnels are there between the AP and its WLAN controller (WLC)?
1225Lightweight mode doesn't use a WLC.A client performs an intra-controller roam, keeping its IP address. Which of the following is true of this roam?
The SSID changes.The VLAN changes.It's a layer 2 roam.It's a layer 3 roam.What are two disadvantages of 5 GHz Wi-Fi versus 2.4 GHz Wi-Fi?
Incompatibility with 802.11gIncompatibility with 802.11nIncreased free space path lossLower throughputThere are three OSPF routers connected to the same subnet. Which is the designated router?
The one with the lowest router IDThe first one that became activeThe one with the highest router IDThe one with the highest priorityTwo OSPF routers are connected to each other. One router's interface is configured as a broadcast network type, whereas the other router's interface is configured as a point-to-point network type. Which of the following is true of this configuration? (Choose two.)
They won't form an adjacency.They will form an adjacency.They won't exchange routes.They will exchange routes.You have a router with an interface that's connected to a subnet dedicated to servers. You want to advertise this subnet into OSPF but don't want any servers running OSPF software to form an adjacency with the router. How can you accomplish this?
Configure null authentication.Use a distribute list.Advertise a default route.Configure the interface as a passive interface.An OSPF autonomous system boundary router (ASBR) is redistributing the prefix 192.168.0.0/16 into EIGRP AS 1. What is the administrative distance of the route?
20110170200Which of the following are considered in calculating an EIGRP metric? (Choose all that apply.)
BandwidthDelayMTUReliabilityLatencyWeightConsider the following EIGRP output.
P 10.0.36.0/29, 1 successors, FD is 3328via 10.0.45.4 (3328/3072), GigabitEthernet0/3.via 10.0.56.6 (5632/2816), GigabitEthernet0/0.Which of the following is the feasible successor?10.0.36.110.0.56.610.0.45.410.0.36.2What occurs when an eBGP router receives a route that already has its own AS number in the path?
Removes the AS and advertises the routeAdvertises the route as isDiscards the routeInstalls the route in its BGP RIBDiscards all routes from the router it received the route fromR1 has the prefix 172.16.0.0/16 in its IP routing table, learned from EIGRP AS 16. There are no other BGP, IGP, or static routes in the routing table. You execute the following BGP router configuration commands on R1:
network 172.16.0.0 mask 255.255.255.0redistribute eigrp 16Which of the following will be true regarding the route R1 advertises for the 172.16.0.0/16 prefix?172.16.0.0/16 will have an incomplete origin type.172.16.0.0/24 will have an incomplete origin type.R1 will not advertise the 172.16.0.0/16 prefix.172.16.0.0/16 will have an IGP origin type.Consider the following prefix list and route map on router R1:
ip prefix-list all-private: 3 entriesseq 5 permit 10.0.0.0/8 le 32seq 10 deny 0.0.0.0/0 le 32route-map allow-public, deny, sequence 10Match clauses:ip address prefix-lists: all-privateSet clauses:Policy routing matches: 0 packets, 0 bytesroute-map R4, permit, sequence 20Match clauses:Set clauses:Policy routing matches: 0 packets, 0 bytesWhich prefix will this route map allow?10.255.255.0/2410.0.0.0/3210.0.0.0/80.0.0.0/0Consider the following output from a NAT router:
R2#debug ip natIP NAT debugging is onR2#NAT*: s=7.0.0.12->2.0.0.2, d=10.0.12.1 [155]Which of the following is the inside global address?2.0.0.210.0.12.17.0.0.1210.0.12.155A router running PIM has a single multicast RIB entry marked (223.3.2.1, 239.8.7.6). What does this indicate?
The router has received an IGMP Membership Report from 223.3.2.1.239.8.7.6 has sent unicast traffic to 223.3.2.1.223.3.2.1 has sent multicast traffic to 239.8.7.6.The router has received a PIM Join/Graft from 223.3.2.1.Which of the following commands individually configures port address translation?
ip nat inside source list 1 pool natpoolip nat inside destination list 1 pool natpool overloadip nat outside source list 1 pool natpool overloadip nat inside source list 1 interface gi0/2 overloadWhich QoS Class Selector has the lowest priority?
CS0CS1CS7EFWhich of the following prevent TCP global synchronization? (Choose two.)
Explicit congestion notificationPolicingWeighted random early detectionFair queuingWhich of the following queues can never exceed its bandwidth allocation during times of congestion?
Low-latency queueClass-based weighted fair queuePolicing queuePriority queueWhat is another term for reflective relay?
Virtual network functionVirtual Ethernet bridgeVirtual switchingExternal edge virtual bridgingWhich of the following might you need to allow in order to use IPsec in transport mode? (Choose two.)
TCP port 50IP protocol 50UDP port 500IP protocol 51IP protocol 41By default, what does VXLAN use for MAC address learning? (Choose two.)
MulticastEVPNData plane learningControl plane learningWhat type of encapsulation does SD-Access use?
LISPIPsecVXLANGREWhich of the following is not a component of SD-WAN?
DTLSBGPOMPIPsecWhich of the following HTTP response codes indicates successful authentication using a GET or PUT request?
200201204401500You want to control which commands administrators can run on a router. Which of the following should you configure?
TACACS+ authorizationRADIUS authorizationLocal authenticationTACACS+ accountingWhich of the following can authenticate only a machine but not a user?
PEAP802.1XMAC authentication bypassWebAuthWhich of the following can't be used to block ARP packets or Spanning Tree BPDUs? (Choose two.)
Port ACLVLAN access mapMAC ACLExtended IP ACLAnswers to Assessment Test
B. The Data Link layer facilitates data transfer between two nodes. IP addresses are logical addresses based on an abstraction of the Data Link layer. See Chapter 1 for more information.
C. A bridge maintains a Media Access Control (MAC) address table that it uses to perform a crude form of routing. This reduces the need for flooding but doesn't reduce the size of the broadcast domain. Bridges forward received frames, thus simulating some of the properties of a shared physical Ethernet cable. Bridges discard frames that fail frame check sequence validation. See Chapter 1 for more information.
B, D. Transmission Control Protocol (TCP) uses sequence numbers for ordering and ensuring reliable delivery by detecting lost packets. See Chapter 1 for more information.
A, B. You can block VLAN 25 from reaching the switches in two ways. First, you can prune the virtual LAN (VLAN) from the trunk. Second, instead of running a trunk between switches, you can use routed links. See Chapter 2 for more information.
D. Because SW1 and SW2 are connected via routed interfaces, they are in separate broadcast domains and hence form separate Spanning Trees. See Chapter 2 for more information.
C. Loop Guard will block a VLAN on a port if it doesn't receive Bridge Protocol Data Units (BPDUs) for that VLAN. Unidirectional Link Detection (UDLD) and BPDU Guard can shut down an entire port. BPDU Filter doesn't block traffic. See Chapter 2 for more information.
B. Leaf-and-spine architecture is the most scalable choice for networks with predominantly East-West traffic patterns such as data center networks. Routed is not a physical architecture, but rather a layer 2 architecture. See Chapter 3 for more information.
A, D. Routed topologies scale better and converge faster than switched topologies, but they require consuming more IP address space. See Chapter 3 for more information.
B. EtherChannel doesn't use multicast. Link Aggregation Control Protocol (LACP), which negotiates EtherChannels, and Virtual Router Redundancy Protocol (VRRP) and Hot Standby Router Protocol (HSRP), which are first-hop redundancy protocols (FHRPs), do use multicast. See Chapter 3 for more information.
A. An access point (AP) forms a single Control and Provisioning of Wireless Access Points (CAPWAP) tunnel with a wireless LAN controller (WLC). See Chapter 4 for more information.
C. In an intracontroller roam, the client associates with a different AP that's connected to the same WLAN controller. Neither the VLAN nor the Service Set Identifier (SSID) changes. Because the client's IP address didn't change, you can conclude this is a layer 2 roam. See Chapter 4 for more information.
A, C. 5.4 GHz Wi-Fi standards include 802.11n and 802.11ac, but not 802.11g. 5.4 GHz offers higher throughput, but at the price of increased free space path loss. See Chapter 4 for more information.
B. The first Open Shortest Path First (OSPF) router to become active on a subnet becomes the designated router (DR) for the subnet. It's commonly taught that the DR is chosen based on the highest router ID, but the first OSPF router to become active always becomes the DR. A DR election occurs only when the existing DR and backup DR fail. See Chapter 5 for more information.
B, C. Network types don't have to match in order to form an adjacency, but they do need to match in order for the routers to exchange routes. See Chapter 5 for more information.
D. When an interface is configured as a passive interface, OSPF will advertise the prefix for that interface, but will not form an adjacency with other routers on the subnet. See Chapter 5 for more information.
C. The route is an external Enhanced Interior Gateway Routing Protocol (EIGRP) route, so it has an administrative distance of 170. See Chapter 6 for more information.
A, B. By default, only bandwidth and delay are used in calculating the metric. See Chapter 6 for more information.
B. 10.0.56.6 is the feasible successor. See Chapter 6 for more information.
C. Border Gateway Protocol (BGP) uses the autonomous system (AS) path for loop prevention. Upon receiving a route with its own AS in the AS path, an exterior Border Gateway Protocol (eBGP) router will discard the route, meaning it won't install it in its BGP Routing Information Base (RIB) or IP routing table, nor will it advertise the route. See Chapter 7 for more information.
A. 172.16.0.0/24 doesn't exist in R1's routing table, so the network command will have no effect. Instead, the redistribute eigrp 16 command will redistribute the 172.16.0.0/16 prefix into BGP with an incomplete origin type. See Chapter 7 for more information.
C. The prefix list matches any prefix with a subnet falling into the 10.0.0.0/8 range with a prefix length from 8 to 32. This includes 10.0.0.0/8, 10.0.0.0/32, and 10.255.255.0/24. The first sequence in the route map is a deny sequence that matches the IP prefix list. Hence, these prefixes will match the sequence and will be denied. The second sequence in the route map is a permit sequence that matches all prefixes that don't match the first sequence. See Chapter 7 for more information.
A. R2 is translating the source address 7.0.0.12 to 2.0.0.2; therefore 7.0.0.12 is the inside local address and 2.0.0.2 is the inside global address. See Chapter 8 for more information.
C. Multicast RIB entries take the form (source, group). The entry indicates that the source—223.3.2.1—has sent multicast traffic to the multicast group address 239.8.7.6. See Chapter 8 for more information.
D. Port address translation—also known as network address translation (NAT) overload—translates multiple inside local source addresses to a single global address. The global address can come from an outside interface or from a pool. See Chapter 8 for more information.
B. CS1 gets a lower priority than CS0. CS0 is the default class and is for best-effort traffic. CS1 is the bottom-of-the-barrel traffic that you may not even want on your network, such as torrents, gaming, or cat videos. See Chapter 9 for more information.
A, C. TCP global synchronization occurs when multiple TCP flows back off, then ramp up simultaneously. This can happen when a queue fills and excess packets are tail-dropped. Weighted random early detection (WRED) randomly drops packets as the queue fills. Explicit congestion notification (ECN) works by getting a TCP sender to slow down the rate at which it sends by reducing its congestion window. See Chapter 9 for more information.
A. The low-latency queuing (LLQ) is serviced before any other queues, so packets in the LLQ won't wait any longer than necessary. The LLQ has a limited bandwidth. See Chapter 9 for more information.
D. The term edge virtual bridging (EVB) describes using a physical switch to pass layer 2 traffic between VMs running on the same host. The IEEE 802.1Qbg standard calls this reflective relay. See Chapter 10 for more information.
B, C. Internet Key Exchange (IKE) uses User Datagram Protocol (UDP) port 500, whereas Encapsulating Security Payload (ESP) uses IP protocol 50. See Chapter 10 for more information.
A, C. By default, Virtual Extensible LAN (VXLAN) uses multicast to flood unknown unicasts, allowing it to perform data plane learning. See Chapter 10 for more information.
C. SD-Access uses VXLAN encapsulation because it can carry Ethernet frames. The others can't. See Chapter 11 for more information.
B. Software-defined networking in a wide area network (SD-WAN) doesn't use BGP. See Chapter 11 for more information.
A. When authenticating using a GET or PUT request, you should get a 200 response code if authentication succeeds. See Chapter 11 for more information.
A. Terminal Access Controller Access-Control System Plus (TACACS+) supports authorization, authentication, and accounting. Remote Authentication Dial-In User Service (RADIUS) doesn't support command authorization. See Chapter 12 for more information.
C. MAC authentication bypass is the only option that can authenticate a machine but not a user. See Chapter 12 for more information.
A, D. You can't use a port access control list (ACL) to block certain control plane traffic, including ARP and Spanning Tree BPDUs. You also can't use an extended IP ACL because ARP and Spanning Tree Protocol (STP) don't use IP. See Chapter 12 for more information.
Chapter 1Networking Fundamentals
THE CCNP ENCOR EXAM OBJECTIVES COVERED IN THIS CHAPTER INCLUDE THE FOLLOWING:
Domain 1.0: Architecture
✓
1.1 Explain the different design principles used in an enterprise network
✓
1.7 Differentiate hardware and software switching mechanisms
Domain 3.0: Infrastructure
✓
3.1 Layer 2
✓
3.2 Layer 3
Forgetting the fundamentals is by far the biggest cause of failures—both network failures and failing Cisco exams. Just visit any networking forum and look at the posts from people who failed an exam by a narrow margin. Almost without exception, they can trace back their failure to misunderstanding or simply failing to learn fundamental networking concepts.
Networking fundamentals can at times seem abstract and even impractical. It's important to remember that networks are both logical and physical, so you need to keep a tight grip on both. If you neglect theory and just focus on typing in commands, you'll end up with a jalopy network. It might work, but not very well, and probably not for long. On the other hand, learning theory that you fail to put into practice leads to being educated but unemployed.
This chapter will give you a solid theoretical foundation on which to build practical skills. Much of the theory should already be familiar to you, and you'll likely have some “I already know this stuff” moments. But more often than not you'll gain new insights on something you already understood.
There's a lot of networking information out there, much of which is poorly explained, if not just plain wrong. Networking myths abound on forums, blogs, and even Wikipedia. Even official Cisco documentation has been known to contain the occasional errata. It's not intentional, of course. Learning networking is no different than learning any other complex topic. Some concepts are easy, whereas others just never quite click. Those harder concepts are fertile breeding ground for misconceptions that eventually get passed around until they become common knowledge, or worse, “best practices.” Almost every network professional I've encountered holds at least one glaring misconception about networking that eventually ends up stumping them (sometimes on an exam!). Chances are you, too, have been the unfortunate recipient of such information. The sooner we identify and dispel those myths, the better. That's what this chapter is all about.
The OSI Model
The origin of many networking myths can be traced back to the Open Systems Interconnection (OSI) reference model developed by Charles Bachman of Honeywell and formalized by the International Organization for Standardization (ISO). The ISO intended the OSI model to be a standard framework for data networks. It describes a set of “activities necessary for systems to interwork using communication media” (ISO/IEC 7498-4). The model organizes these activities or functions into the following seven layers:
7.
Application
6.
Presentation
5.
Session
4.
Transport
3.
Network
2.
Data Link
1.
Physical
The seven layers are taught zealously in most introductory networking courses. You may have had them permanently drilled into your head with the help of one or two fun little mnemonics! (My favorite is “All people seem to need data processing.”) As we discuss the functions of the different layers, keep in mind that the layers of the OSI model are arbitrary. They're not written on stone tablets, nor are they the result of a rigorous scientific process that conclusively proved that the perfect network has these seven layers. The ISO arrived at each layer by attempting to group similar network functions together in a layer and then organizing the layers in a hierarchical fashion so that each layer of functions is dependent on the one below it. This led to impressive results in layers 1–4 (the lower layers) and utter confusion in layers 5–7 (the upper layers).
Table 1.1 shows what common protocols fall into each of the lower layers.
Table 1.1The lower layers and their associated protocols
Layer
Name
Example protocols
1
Physical
Thicknet (10BASE5)
Thinnet (10BASE2)
1000BASE-T
T1/E1
2
Data Link
IEEE 802.3/Ethernet II (DIX)
Point-to-Point Protocol (PPP)
High-Level Data Link Control (HDLC)
3
Network
IPv4
IPv6
4
Transport
TCP
UDP
The Upper Layers: Application, Presentation, and Session
One thing that has always been clear about the OSI model is that the Application layer includes application data and application protocols. The Hypertext Transfer Protocol (HTTP) is an application protocol that a web browser uses for communicating with web servers. Application data would be an HTTP GET request that the browser sends to a web server. Likewise, the web page that the server sends in response would also be application data. In short, application data is whatever the application sends or receives over the network.
Incidentally, an application can use more than one protocol. For example, when a web browser uses the Hypertext Transfer Protocol Secure (HTTPS) protocol to send a request to a web server, it's making use of two protocols: HTTP and Transport Layer Security (TLS). Despite the latter's confusing name, both are application protocols.
For all practical purposes, the upper layers (Session, Presentation, and Application) are one layer: the Application layer. The actual functions of the Session and Presentation layers—things like authentication and negotiating an application protocol—occur in the application anyway. They don't include any network functions and are concerned only with application data and application protocols.
Making Sense of Layers
The ISO never clearly defined what a layer is. The closest they came was a circular definition. But we can infer from the OSI reference model what they had in mind.
For the curious, the ISO defined a layer as a “subdivision of the OSI architecture, constituted by subsystems of the same rank” (ISO/IEC 7498-1). While it's tautological that “subsystems of the same rank” are conceptually in the same layer, it still doesn't tell us what a layer is.
The concept of layering comes straight from software development (many of the OSI folks were operating system developers). The idea was that applications would treat the network as a software abstraction, somewhat like a filesystem. A filesystem acts as a layer that sits between the application and physical storage (e.g., disks). When the application needs to store some data, it just sends that data to the filesystem layer, which in turn takes care of the specifics of writing it to disk.
The OSI folks thought that in the same way that an application can store data on a filesystem without having to know anything about the underlying disks, so could it also send data over a network without requiring any network-specific coding or knowing anything about the network's infrastructure. Each layer would consist of a set of network-related functions implemented by the operating system or some middleware that would sit between the application and the host's physical network interface. Collectively, these layers would handle all the mechanisms of getting the application data onto the network and giving the network enough information to make sure the data got to its destination.
With the exception of the Physical layer, the layers of the OSI model are purely imaginary. Just as a filesystem is a software abstraction that hides the details of physical storage, the layers of the OSI model are just collections of software functions that hide the details of the network from applications and users. You can't see a filesystem with your eyes in the same way that you can see a hard drive, and you can't see the Data Link layer in the same way that you can see a switch. Layers are software abstractions and nothing more.
Figure 1.1 illustrates the concept of how layering might work using the Transmission Control Protocol (TCP) and Internet Protocol (IP), which are both included in the kernels of modern operating systems (Linux, Unix, and Windows). Keep in mind that the only real objects in this figure are the host and the physical network interface.
Figure 1.1 How layers abstract the network from an application
You may see some striking similarities between the layers in Figure 1.1 and the so-called TCP/IP or Internet protocol suite model. It and the OSI model are often juxtaposed as competing models. The fact is that the TCP/IP model is just a specific implementation of the OSI model based on the TCP/IP protocol suite.
In this high-level example, when an application needs to send data it places the data in what the OSI model generically calls an application protocol data unit (PDU). The specifics of the application PDU aren't important and, with the exception of firewalls that do deep packet inspection, are opaque to the network. The application passes its PDU to a protocol in the layer directly below, as shown in Figure 1.2. The protocol generates a new PDU and tacks the application PDU onto the end of it—a process called encapsulation. It then passes this new PDU down to a protocol at the next lower layer, and so on. What ends up on the wire is a giant PDU that contains several smaller PDUs from the protocols operating at the higher layers. Later in the chapter we'll walk through a detailed example of how encapsulation works, but first, we need to talk about what happens at each of these lower layers.
Figure 1.2 At each layer, data is encapsulated in a PDU and passed down to the next lower layer.
The Lower Layers: Physical, Data Link, Network, and Transport
The purpose of a network is to allow applications running on different hosts to communicate with one another. Robert Metcalfe, one of the inventors of the original Ethernet, said it succinctly in 1972: “Networking is interprocess communication.” Thus, at a minimum, a network needs to perform three basic functions:
Layer 1: Physical Connectivity between Nodes A node can be a workstation, server, router, switch, firewall, or any network-connected device that has a processor and memory.
Layer 2: Node-to-Node Data Transfer Data transfer between two nodes physically connected to a shared medium.
Layer 3: Forwarding/Routing Data transfer between any two nodes, regardless of whether they're physically connected to the same medium.
The OSI model sorts these three functions along with many others into the first four layers of the OSI model, as shown in Table 1.2. Not all protocols that operate in a given layer implement all the functions listed for that layer.
Table 1.2Networking functions provided by each layer
Function
1 Physical
2 Data Link
3 Network
4 Transport
Transmission of bitstreams over physical media
X
Enabling/disabling physical network interface
X
Node-to-node data transfer over a shared medium
X
Forwarding/routing
X
X
Error control
X
X
X
Flow control
X
X
X
Multiplexing/splitting
X
X
X
Ordering
X
X
X
Fragmentation/reassembly
X
X
The OSI replicates some functions in most layers, blurring the distinction among them. It becomes apparent that what distinguishes the layers isn't what they do but what they don't do. Higher layers lack functionality provided by lower layers, something you'd expect given the hierarchical structure of layers. One layer whose functions differ starkly from the others is the Physical layer.
Layer 1: The Physical Layer
The main function of the Physical layer is to convert bits to electromagnetic energy such as light, electrical current, or radio waves, and transmit them over some medium such as fiber-optic or copper cables or the airwaves. Whereas the functions of the other layers are performed in software, this particular function is performed by a node's physical network interface.
A challenge of using electromagnetic energy to send bits is that the physical media can carry only one bitstream at a time. In the early days of networking, two nodes would be connected via a pair of wires. If both simultaneously sent a signal, their signals would interfere with each other and create a collision. Hence, both nodes were in the same collision domain. To avoid this, the nodes had to use half-duplex communication wherein only one node could transmit at a time. Half-duplex wired communication may seem an irrelevant relic from the past, but as you'll learn in a moment, during its heyday half-duplex communication had an unfortunate impact on the Ethernet standards that still haunts us to this day. Broadcast storms and the infamous Spanning Tree Protocols (STPs) can be traced back to the early use of half-duplex communication.
