2.1.a Implement and troubleshoot switch administration

i/g u/l

i/g means individual/group, u/l means universal/local. examine the mac diagram below:


msb is to the far left (1st byte), while lsb is far right (6th byte). the first three bytes comprise the organizationally unique identifier and the last three bytes comprise the vendor assigned unique value to round out the complete address. this is mandated by the ieee.

we know the mac is 48 bits or 6 bytes.

the 1st bit of the 1st byte (left to right) is considered the most significant bit. the last bit of the 1st byte likewise is the least significant bit. when the frame is transmitted the expected order is 1st byte 1st and so on, however the bits of the individual byte are transmitted in reverse order. this is often referred to as canonical (authorized; recognized; accepted as standard).

if the i/g bit is set to 0 it is a unicast address; if it is set to 1 it is either a multicast or broadcast.

if the u/l bit is zero the mac has been assigned by the vendor; if it is 1 it has been locally assigned (administered), which overrides the original assignment by the vendor.

now consider this address: (from pearson it certification test, ccie v5)


An Ethernet MAC address is always written out in the big endian order, most significant byte first, and is also transmitted on the wire in this order of bytes. However, individual bits of each byte are transmitted in the reverse order, starting with the least significant bit (as stated above). The first byte of the MAC address to be put on wire is 0×03, or 00000011 in binary. In this byte, the least significant bit, or the rightmost bit, is the Individual/Group (I/G) bit, currently set to 1, thereby indicating this is a group MAC address (multicast). The second least significant bit is the Universal/Local (U/L) bit, also set to 1, indicating that this MAC address is locally administered and has not been allocated by IEEE. The bits of the first byte will be transmitted as 1-1-0-0-0-0-0-0 (note reversal). In this sequence, the first transmitted bit is clearly set to 1. (it would be unicast if zero)

2.1.f Implement and troubleshoot spanning-tree

2.1.f [ii] Switch priority, port priority, path cost, STP timers

there are four ways to identify the root switch:

dls1#sh spann

Spanning tree enabled protocol ieee
Root ID    Priority    32769
Address     0016.479e.4500
This bridge is the root 
Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
Address     0016.479e.4500
Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
——————- —- — ——— ——– ——————————–
Fa0/1               Desg FWD 19        128.3    P2p
Fa0/7               Desg FWD 19        128.9    P2p
Fa0/8               Desg FWD 19        128.10   P2p
Fa0/9               Desg FWD 19        128.11   P2p
Fa0/10              Desg FWD 19        128.12   P2p
Fa0/11              Desg FWD 19        128.13   P2p
Fa0/12              Desg FWD 19        128.14   P2p
1.  the first entry lists the mac of the root. the second entry lists the mac of the local switch. if they are the same… bingo

2. this bridge is the root (patently obvious)

3. there is no root port on a root switch; also no alt or blk, hence all roles are designated.

4. the status line reads all fwd

here is a command i should use more often; nice and simple:

dls1 sh span root

dls2 sh span root

note root cost on root port is 0. note root cost on dls2. note timers. no root port on dls1 (naturally) but root port on dls2 is identified.

2.1.d [i] VTPv1, VTPv2, VTPv3, VTP pruning

2.1.d [i] VTPv1, VTPv2, VTPv3, VTP pruning

You can limit the VLAN traffic passed between switches using VTP pruning.

Pruning increases available bandwidth by restricting flooded traffic to those trunk links that the traffic must use to access the destination devices. You can enable VTP pruning on a switch in VTP server mode using the vtp pruning command.
above from net acad ccnp switch lab manual
see also:
vlans-pruning-4 firewall.cx

3.5 eigrp bw and dly table

dly and bw eigrp


the above is an excellent explanation of this tricky subject.


METRIC=256∗[( k1∗bandwidth) + (k3∗delay)]

or better yet


FastEthernet0/0 is up, line protocol is up
Hardware is AmdFE, address is cc01.0bb4.0000 (bia cc01.0bb4.0000)
Internet address is
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

R1#sh int lo0
Loopback0 is up, line protocol is up
Hardware is Loopback
Internet address is
MTU 1514 bytes, BW 8000000 Kbit, DLY 5000 usec,

R1#sh int s3/0
Serial3/0 is up, line protocol is up
Hardware is M4T
Internet address is
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,

and this excellent article from:




metric = 10^7 (10000000) divided by least bandwidth along the given path + cumulative delay along the path times 256

3.3.n Implement and troubleshoot routing protocol authentication

eigrp uses only md5 authentication, config below:

R1(config)#key chain CHAIN (go into key chain mod and define the key)
R1(config-keychain)#key 1 (give the key a numerical value)
R1(config-keychain-key)#key-string CHAINED (define key-string)
R1(config-keychain-key)#int f0/0 (go into interface)
R1(config-if)#ip authentication mode eigrp 100 md5 (set authentication mode to md5)
R1(config-if)#ip authentication key-chain eigrp 100 CHAIN (specify the key chain made in config mode, and repeat for neighbor)
R1#debug eigrp packet
EIGRP Packets debugging is on
*Mar  1 00:52:27.279: EIGRP: Sending HELLO on FastEthernet1/0
*Mar  1 00:52:27.279:   AS 100, Flags 0×0, Seq 0/0 idbQ 0/0 iidbQ un/rely 0/0
*Mar  1 00:52:27.363: EIGRP: received packet with MD5 authentication, key id = 1

this does not show up specifically in the blueprint but i’m adding it for completeness

3.5a eigrp neighbor table

eigrp neighbor table

the H column records the order in which the neighbors were learned

address and interface columns record the ip address of the neighbor and the interface on which the neighbor’s Hello’s are received

the Hold time is the amount of time that a router will consider a neighbor alive without receiving  hello packets. The hold time is typically three times the hello interval. You can adjust the hold time with the ip hold-time eigrp command.

uptime the time since the neighbor was added to the table

SRTT (Smoothed Round-Trip Time) With EIGRP, a purposefully slowly changing measurement
of round-trip time between neighbors, from which the EIGRP RTO is calculated.

RTO (Retransmission Timeout) With EIGRP, a timer starts when a reliable (to be
acknowledged) message is transmitted. For any neighbor(s) failing to respond in its RTO, the
RTP protocol causes retransmission. RTO is calculated based on SRTT.

Q cnt(count) indicates the number of enqueued packets

Seq Num is the sequence number of the last update, query, or reply packet received from the neighbor


3.1.a ARP

from doyle, vol 1 routing tcpip

A device needing to discover the data-link identifier of another device will create an ARP Request packet. This request will contain the IPv4 address of the device in question (the target) and the source IPv4 address and data-link identifier (MAC address) of the device making the request (the
sender). The ARP Request packet is then encapsulated in a frame with the sender’s MAC
address as the source and a broadcast address for the destination.