C11 Switching and Virtual LANs (WLab & Review ?s)
PoE (Power over Ethernet)
A method of delivering current, usually 15.4 watts, to devices using Ethernet connection cables.
Rapid Spanning Tree Protocol (RSTP) 802.1w
A protocol that allows the switches within a local area network to virtually remove redundant paths between devices; a faster (about 5 seconds) operating protocol than spanning tree protocol.
Which of the following is the trunking protocol used in today's VLANs? A. 802.1Q B. 802.1X C. 802.1t D. 802.1z
A. The 802.1Q standard is almost universal for VLAN trunking which enables you to connect switches from different manufacturers.
What are the three switch functions at layer 2?
Address learning, filtering, and loop avoidance
801.2Q port tagging
An 802.1Q tag is a field tacked on to a frame's Ethernet header enabling the next switch to associate it with the correct VLAN. You'll only find tags on frames as they transit trunk lines between switches—not on lines between switches and regular hosts.
802.3at standard
An IEEE standard used to describe PoE+ technology. 802.3af-2003 is the old version.
Wireshark
Application that captures and analyzes network packets
Which IEEE protocol enables port bonding? A. 802.1Q B. LACP C. PAgP D. ZACP
B. The IEEE Link Aggregation Control Protocol (LACP) enables port bonding. (The Cisco-proprietary Port Aggregation Protocol—PAgP—accomplishes this as well.)
VLANs break up ___ domains in a layer 2 switched network.
Broadcast
8. Which of the following statements best applies to an IDS? A. An IDS inspects a copy of all traffic in a network and can respond to detected intrusions with actions. B. An IDS inspects all traffic as it enters a network and can respond to detected intrusions with actions. C. An IDS inspects a copy of all traffic in a network and reports intrusions. D. An IDS inspects all traffic as it enters a network and reports intrusions.
C. An IDS (intrusion detection system) inspects a copy of all traffic in a network and reports intrusions.
Which switching technology reduces the size of a broadcast domain? A. ISL B. 802.1Q C. VLANs D. STP
C. Virtual LANs break up broadcast domains in layer 2 switched internetworks.
What does a switch do when a frame is received on an interface and the destination hardware address is unknown or not in the filter table? A. Forwards the switch to the first available link B. Drops the frame C. With the exception of the source port, floods the network with the frame looking for the device D. Sends back a message to the originating station asking for a name resolution
C. With the exception of the source port, switches flood all frames that have an unknown destination address. If a device answers the frame, the switch will update the MAC address table to reflect the location of the device.
Switches, by default, only break up ____ domains.
Collision
Content Switch
Content switches always work at Layer 7 (Application layer). Content switches designed to work with Web servers, for example, can read incoming HTTP and HTTPS requests. With this feature, you can perform very advanced actions, such as handling TLS certificates and cookies, on the content switch, removing the workload from the Web servers
You need to implement a separate network for contractors and guests working at your office. Which technology should you implement?
Create a VLAN for contractors and another VLAN for guests.
If a destination MAC address is not in the forward/filter table, what will the switch do with the frame?
Flood the frame out all ports except the port on which it was received.
Forwarding Port State
Forwards frames and will be either a root port or a designated port.
DNS load balancing
In this type of load balancing, one domain name is assigned to many servers, using different IP addresses. In this case, each Web server gets its own (usually) public IP address. Each DNS server for the domain has multiple "A" DNS records, each with the same fully qualified domain name (FQDN). The DNS server then cycles around these records, so the same domain name resolves to different IP addresses.
If a frame is received on a switch port and the source MAC address is not in the forward/filter table, what will the switch do?
It will add the source MAC address to the forward/filter table.
You plug a host into a switch port and the host receives an IP address but the user can't get to the services it needs. What is probably the problem?
The VLAN port membership is set wrong.
PoE+ devices are defined by what IEEE standard?
802.3at
IPS (Intrusion Prevention System)
An active, inline security device that monitors suspicious network and/ or system traffic and reacts in real time to block it. Also called a Network Intrusion Prevention System (NIPS).
802.1X is a great example of _______________. A. encryption B. content switching C. port-based authentication D. VLAN trunking
C. 802.1X is port-based authentication. 802.1X is a network authentication protocol that opens ports for network access when an organization authenticates a user's identity and authorizes them for access to the network. The user's identity is determined based on their credentials or certificate, which is confirmed by the RADIUS server. The RADIUS server is able to do this by communicating with the organization's directory, typically over the LDAP or SAML protocol.
When would you configure VTP on a switch? A. When you have hubs connected in your network B. When you have redundant links between switches C. When you have multiple hosts in multiple VLANs and you want to share all the data between hosts without a router D. When you have multiple switches with multiple VLANs and you want to share the VLAN database from one switch to all the others
D. Virtual Trunk Protocol (VTP) is a Cisco proprietary method of having a single VLAN database advertised to all other switches in your network. This allows for ease of VLAN management in a larger network.
Spanning Tree Protocol (STP)
Defined by the IEEE 802.1D standard, it allows a network to have redundant Layer 2 connections, while logical preventing a loop, which could lead to symptoms such as broadcast storms and MAC address table corruption. RSTP (803.2w)
Firewall
Firewalls are hardware or software tools that filter traffic based on various criteria, such as port number, IP address, or protocol. A firewall works at the border of your network, between the outside and the inside
PoE standard
IEEE 802.3af-2003 - 15.4 watts DC power, max current 350 mA
Dropped Packets
Networking packets that do not make it to the distant end.
Port bonding (LACP)
Port bonding goes by a pile of different names, including link aggregation, NIC bonding, NIC teaming, port aggregation—the last two terms you'll see on the CompTIA Network+ exam—and a bunch of others. The Cisco protocol for accomplishing aggregation is called Port Aggregation Protocol (PAgP). You may also run across it in a very common implementation called Link Aggregation Control Protocol (LACP), which is defined in IEEE 802.1AX-2020. LACP specifies a number of features and options to automate the negotiation, management, load balancing, and failure modes of aggregated ports.
Listening Port State
Port listens to BPDUs to make sure no loops occur on the network before passing data frames. A port in listening prepares to forward data frames without populating the MAC address table.
You need to power a device such as an access point or IP phone. What protocol can provide power to these devices over an ethernet cable?
Power over Ethernet (PoE)
IEEE 802.1Q Trunking
Take a normal Ethernet frame, add a VLAN header in the frame VLAN IDs-12 bits long, 4,094 VLANs normal range (1-1005) extended range (1006-4094) first and last values are reserved (0 and 4095) We can send multiple VLANS across that trunk then break them up into the appropriate VLAN on the other side.
Port Mirroring (SPAN), network tap
The practice of duplicating all traffic on one port in a switch to a second port. One or more switch ports are configured to forward all of their packets to another port on the switch
10Mbps-100Mbps crossover cable (only uses 4 pins / two pairs)
To make a Crossover cable, simply use one standard on one side, and the other standard on the opposite side: Note that wire pair 1 and pair 4 are not used (the blue and brown wires). You could, theoretically not include the wires in the cable at all, but this would make keeping the remaining wires in the proper order rather difficult. https://www.practicalnetworking.net/stand-alone/ethernet-wiring/
Dynamic Trunking Protocol (DTP)
a Cisco proprietary protocol that provides trunk negotiation between two directly connected network devices By default, all switch ports are access ports therefore to make a port trunk, the user should manually make it trunk by using DTP.
VLAN Trunking Protocol (VTP)
A Cisco-proprietary messaging protocol used between Cisco switches to communicate configuration information about the existence of VLANs, including the VLAN ID and VLAN name.
Inter-Switch Link (ISL)
A Cisco-proprietary trunking protocol, which has been replaced by the industry-standard 802.1Q.
What are the benefits of caching on a Web proxy? (Select two.) A. Response time B. Virus detection C. Tracking D. Authentication
A and B. Cached Web pages can be sent to clients quickly. The contents can also be checked for viruses.
Blocking Port State
A blocked port won't forward frames, it just listens to BPDUs and will drop all other frames. All ports are in blocking state by default when the switch it powered up. redundant ports end up in blocking mode , however, they can still receive BPDUs. They just don´t sent out frames.
ARP (Address Resolution Protocol)
A core protocol in the TCP/IP suite that belongs in the Network layer of the OSI model. ARP obtains the MAC (physical) address of a host, or node, and then creates a local database that maps the MAC address to the host's IPv4 (logical) address. ARP process uses broadcasts We do not have broadcasts in IPv6. Instead we use NDP
Load Balancer
A device that can direct requests to different servers based on a variety of factors, such as the number of server connections, the server's processor utilization, and overall performance of the server.
Neighbor Solicitation (NS)
A message defined by the IPv6 Neighbor Discovery Protocol (NDP), used to ask a neighbor to reply with a Neighbor Advertisement, which lists the neighbor's MAC address. NS is sent on a multicast address. https://blog.apnic.net/2019/10/18/how-to-ipv6-neighbor-discovery/
Neighbor Advertisement (NA)
A message defined by the IPv6 Neighbor Discovery Protocol (NDP), used to declare to other neighbors a host's MAC address. Sometimes sent in response to a previously received NDP Neighbor Solicitation (NS) message. https://blog.apnic.net/2019/10/18/how-to-ipv6-neighbor-discovery/
Flow Control
A method of gauging the appropriate rate of data transmission based on how fast the recipient can accept data.. It is a technique that generally observes the proper flow of data from sender to receiver. It is very essential because it is possible for sender to transmit data or information at very fast rate and hence receiver can receive this information and process it.
Flat Network
A network where the LANs share the same broadcast domain
VLAN ID
A number which ranges from 1 to 1005 or to 4094. Each one is assigned to an IP subnet so each computer receives an IP address.
Disabled Port State
A port in the disabled state is powered on but does not participate in forwarding or listening to network messages. A bridge must be manually placed in the disabled state. Nonoperational. Does not participate in STP.
Trunk Port
A port on a switch configured to carry all data, regardless of VLAN number, between all switches in a LAN. The port which connects two different switches and the switches have more than one VLAN configured then that port should be made trunk. 802.1q
proxy server (proxy)
A proxy server sits in between clients and external servers, essentially pocketing the requests from the clients for server resources and making those requests itself. The client computers never touch the outside servers and thus stay protected from any unwanted activity. A proxy server usually does something to those requests as well.
Voice access Ports
A second VLAN to an access port on a switch for voice traffic. It's overlaid on top of the data VLAN, enabling both types of traffic through the same port. Allowing us to connect both a phone and a PC device to one switch but still have each device in a separate VLAN. When configuring voice VLAN it is important to configure Quality of Service (QoS) on such ports to provide precedence to voice traffic over data traffic to improve sound quality.
IDS (Intrusion Detection System)
A software and/ or hardware system that scans, audits, and monitors the security infrastructure for signs of attacks in progress. An IDS functions inside the network. A good IDS knows how to find attacks that a firewall might miss, such as viruses, illegal logon attempts, and other well-known attacks. Plus, because it inspects traffic inside the network, a good IDS can discover internal threats, like the activity of a vulnerability scanner smuggled in on a flash drive by a disgruntled worker planning an attack on an internal database server.
Trunking Between Switches
A trunk is a point-to-point link between one or more Ethernet switch interfaces and another networking device such as a router or a switch. Ethernet trunks carry the traffic of multiple VLANs over a single link, and you can extend the VLANs across an entire network.
When is STP said to be converged on the root bridge? (Choose two.) A. When all ports are in the forwarding state B. When all ports are in the blocking state C. When all ports are in the listening state D. When all ports are in the learning state
A, B. The sequence of steps for STP convergence is, by default, blocking, listening, learning, forwarding, disabled. When all ports are in either the blocking or forwarding state, STP is converged.
What are the distinct functions of layer 2 switching that increase available bandwidth on the network? (Choose three.) A. Address learning B. Routing C. Forwarding and filtering D. Creating network loops E. Loop avoidance F. IP addressing
A, C, E. Layer 2 features include address learning, forwarding, and filtering of the network, and loop avoidance.
What is the result of segmenting a network with a bridge (switch)? (Choose two.) A. It increases the number of collision domains B. It decreases the number of collision domains C. It increases the number of broadcast domains D. It decreases the number of broadcast domains E. It makes smaller collision domains F. It makes larger collision domains
A, E. Bridges split up / break up collision domains, which would increase the number of collision domains in a network and also make smaller collision domains.
Allison wants to add a layer of protection to her network. She wants to actively monitor all network traffic and act immediately to stop any attacks. What should she install? A. Firewall B. IDS C. IPS D. NIDS
A. Firewall
Eduardo accesses a managed switch from his desktop computer on the far side of the campus. What type of access management enables this connection? A. In-band management B. LAN-band management C. Out-of-band management D. WAN-band management
A. In-band management enables access over a LAN to a managed switch. Without using a console or a rollover cable (out-of-band)
Rashan's company has multiple servers from which remote users download files. What should Rashan implement on his servers to make them appear as a single server so that they receive similar amounts of requests? A. Load balancing B. Port authentication C. Port mirroring D. Trunking
A. Load balancing spreads client requests evenly across all the servers. When you bundle several physical aggregated Ethernet Interfaces to form a single logical interface, it is called link aggregation. Link aggregation increases bandwidth, provides graceful degradation as failure occurs, increases availability and provides load-balancing capabilities. Load balancing enables the device to divide incoming and outgoing traffic along multiple interfaces to reduce congestion in the network.
Double tagging attack
Attack in which an attacking host connected on a 802.1q (VLAN) interface prepends two VLAN tags to packets that it transmits. Native VLANs exist to provide compatibility with older or simpler non-802.1Q switches, but there is a catch. The native VLAN opens your network to a nasty vulnerability called a double-tagging attack that lets the attacker access VLANs they should not be able to access. For this reason, in modern networks the native VLAN is set to an unused VLAN and the trunk port is configured to tag its native VLAN traffic as well.
Which of the following are benefits of VLAN? (Choose three.) A. They increase the size of collision domains B. They allow logical grouping of users by function C. They can enhance network security D. They increase the size of broadcast domains while decreasing the number of collision domains E. They simplify switch administration F. They increase the number of broadcast domains while decreasing the size of the broadcast domains
B, C, F. VLANs break up broadcast domains in a switched layer 2 network, which means smaller broadcast domains. They allow configuration by logical function instead of physical location and can create some security if configured correctly.
The types of ports that can be found on a switch are ___ and ___. (Choose two.) A. VLAN trunk protocol B. Access C. 802.1Q D. Trunk
B, D. Hosts are connected to a switch and are members of one VLAN. This is called an access port. Trunk links connect between switches and pass information about all VLANs. Trunk ports are generally used in the switch to switch communication or switch to Router (Router on a stick). Trunks carry multiple Vlans across devices and maintain VLAN tags in Ethernet frames for receiving directly connected device differentiates between different Vlans. Access ports are part of only one VLAN and normally used for terminating end devices likes PC, Laptop and printer.
What is a disadvantage of using port spanning? A. It breaks up broadcast domains on all ports. B. It can create overhead on the switch. C. It makes the switch one large collision domain. D. It makes the switch fast between only two ports instead of all ports
B. Be careful when using port mirroring/spanning on a switch because it can cause a lot of overhead on the switch and possibly crash your network. It's therefore a good idea to use this feature at strategic times and only for short periods, if possible.
You have multiple departments all connected to switches, with crossover cables connecting the switches together. However, response time on the network is still very slow even though you have upgraded from hubs to switches. What technology should you implement to improve response time on the networks? A. STP B. VLANs C. Convergence D. OSPF
B. Switches break up collision domains by default, but the network is still one large broadcast domain. In order to break up broadcast domains in a Layer 2 switched network, you need to create virtual LANs.
Which of the following statements is true? A. A switch creates a single collision domain and a single broadcast domain. A router creates a single collision domain B. A switch creates separate collision domains but one broadcast domain. A router provides a separate broadcast domain C. A switch creates a single collision domain and separate broadcast domains. A router provides a separate broadcast domain as well D. A switch creates separate collision domains and separate broadcast domains. A router provides separate collision domains
B. Switches break up collision domains, and routers break up broadcast domains.
Which of the following is a layer 2 protocol used to maintain a loop-free network? A. VTP B. STP C. RIP D. CDP
B. The Spanning Tree Protocol is used to stop switching loops in a switched network with redundant paths.
When the network is very busy, VoIP calls start to sound badly clipped. What solution might improve the quality of the VoIP calls? A. 802.1z B. Traffic shaping C. DNS D. Content switching
B. Traffic shaping will provide extra bandwidth to the VoIP applications, improving sound quality.
In which two states is the MAC address table populated with addresses? (Choose two.) A. Blocking B. Listening C. Learning D. Forwarding
C, D. In the blocking and listening states, the MAC address table is not learning. Only in the learning and forwarding states is the MAC address table learning MAC addresses and populating the MAC address table.
Which of the following are IEEE versions of STP (Spanning Tree Protocol) ? (Choose two.) A. 802.1X B. VLANs C. 802.1D D. 802.11 E. 802.1W
C, E. Both 802.1D and 802.1w are IEEE STP versions, with 802.1w being the latest and greatest version. The 802.1W feature provides rapid traffic reconvergence for point-to-point links within a few milliseconds (0 - 500 milliseconds), following the failure of a bridge or bridge port. This reconvergence occurs more rapidly than the reconvergence provided by the 802.1D 802.1w is not enabled by default. Digital Equipment Corporation (now Compaq) developed STP. IEEE created its own version 802.1d.
If a switch receives a frame and the source MAC address is not in the MAC address table but the destination address is, what will the switch do with the frame? A. Discard it and send an error message back to the originating host B. Flood the network with the frame C. Add the source address and port to the MAC address table and forward the frame out the destination port D. Add the destination to the MAC address table and then forward the frame
C. Because the source MAC address is not in the MAC address table, the switch will add the source address and the port it is connected to into the MAC address table and then forward the frame to the outgoing port.
If you are configuring voice VLANs, which of the following should you configure on the switch ports to provide a higher precedence to voice traffic over data traffic to improve sound quality? A. Access VLANs B. VTP C. QoS D. STP
C. If you are configuring voice VLANs, you'll want to configure Quality of Service (QoS) on the switch ports to provide a higher precedence to voice traffic over data traffic to improve quality of the line.
You connect your host to a switch that is running network analysis software. However, you are not seeing any packets from the server. What do you need to implement on the switch to see all the packet information? A. VLANs B. STP C. Port mirroring D. Authentication
C. In order to see all frames that pass through the switch and read the packets with a network analyzer, you need to enable port mirroring on the port your diagnostic host is plugged into.
Which of the following features of a switch will allow two switches to pass VLAN network information? A. PoE B. VLANs C. Trunking IEEE 802.1Q D. STP
C. Trunking allows switches to pass information about many or all VLANs configured on the switches. To do this, configure a port on each switch as a trunk port, a port on a switch configured to carry all traffic, regardless of VLAN number, between all switches in a LAN.
You connect a host to a switch port, but the new host cannot log into the server that is plugged into the same switch .What could the problem be? (Choose two.) A. The router is not configured for the new host B. The STP configuration on the switch is not updated for the new host C. The host has an invalid MAC address D. The switch port the host is connected to is not configured to the correct VLAN membership E. STP shut down the port
D, E. The best answers are that the VLAN membership for the port is configured incorrectly and that STP shut down the port.
You want to improve network performance by increasing the bandwidth available to hosts and limiting the size of the broadcast domains. Which of the following options will achieve this goal? A. Managed hubs B. Bridges C. Switches D. Switches configured with VLANs
D. By creating and implementing VLANs in your switched network, you can break up broadcast domain at layer 2. For hosts on different VLANs to communicate, you must have a router or layer 3 switch.
load balancing
Distributing a computing or networking workload across multiple systems to avoid congestion and slow performance. (similar to CISCO'S LACP - link aggregation control protocol ) Load balancing means making a bunch of servers look like a single server, creating a server cluster. Not only do you need to make them look like one server, you need to make sure that requests to these servers are distributed evenly so no one server is bogged down while another is idle.
802.3x (flow control)
Full-Duplex Flow Control The first flow control mechanism, the pause frame, was defined by the IEEE 802.3x standard. A sending station (computer or network switch) may be transmitting data faster than the other end of the link can accept it. Using flow control, the receiving station can signal the sender requesting suspension of transmissions until the receiver catches up. Flow control on Ethernet can be implemented at the data link layer.
LACP (Link Aggregation Control Protocol)
IEEE 802.3ad is an open standard of Ethernet link aggregation. It allows Cisco switches such as Cisco Catalyst 9200 to manage Ethernet channels between switches that conform to the 802.3ad protocol.
BPDU (Bridge Protocol Data Unit)
Identifies the status of ports and bridges across the network. BPDUs are simple data messages exchanged between switches. They contain information on ports and provide the status of those ports to other switches. Bridge Protocol Data Units (BPDUs) are frames that contain information about the spanning tree protocol (STP).
Learning Port State
Learns all the paths in the switched network. Populates the MAC address table but doesn't forward data frames. Forward delay is the time it takes to transition a port from listening to learning mode. It's set to 15 seconds by default.
Multilayer Switch
Like a router, a multilayer switch can make traffic forwarding decisions based on Layer 3 information. Although multilayer switches more closely approach wire-speed throughput that most routers, routers tend to have a greater feature set and are capable of supporting more interface types than a multilayer switch. multilayer switches are very helpful: load balancing, quality of service, port bonding, and network protection.
trunk link
Link used between switches and from some servers to the switches. Trunk links carry traffic for many VLANs. Access links are used to connect host devices to a switch and carry only VLAN information that the device is a member of. 100Mbps to 1000Mbps point-to-point link btw two switches, switch and router, or even btw a switch and a server, and it carries the traffic of multiple VLANs - from 1 to 4,094 VLANs at a time.
Quality of Service (QoS)
Refers to the capability of a network to provide better service to selected network traffic over various technologies, including Frame Relay, Asynchronous Transfer Mode (ATM), Ethernet and 802.1 networks, SONET, and IP-routed networks that may use any or all of these underlying technologies
What is used at layer 2 to prevent switching loops?
Spanning Tree Protocol (STP)
Access ports
Standard switch ports that associate untagged traffic (any VLAN information is removed before the frame is forwarded out to an access-link device) with their assigned VLAN as frames enter the switch. Can have only one data VLAN assigned to them, along with a voice VLAN. Member of VLAN 1 by default.
access ports (sometimes called untagged ports)
Standard switch ports that do the work of associating untagged traffic with their assigned VLAN as frames enter the switch. Access ports connect to hosts; trunk ports connect to other trunk ports on other switches
Subnet
Subnet is a small network composed by a group of IP addresses. It is part of a larger network. Any IP address within the same Subnet can communicate with each other without using routing devices. To be clear, we can think Subnet as the department of a company, people in the same department can talk freely without going out of their department. If you want to reach a address outside of your Subnet, you will have to go through a router or modern Gigabit Ethernet switch with router functionality. Since Subnet is related to IP address, it often works at layer 3. https://medium.com/@fiberoptics/vlan-vs-subnet-what-are-their-differences-613d7915e4b6
port bonding
The logical joining of multiple redundant ports and links between two network devices such as a switch and storage array.
Packet Capture (PCAP)
The methods and files associated with the capture of network traffic in the form of text files.
STP convergence
The process by which the switches collectively realize that something has changed in the LAN topology and determine whether they need to change which ports block and which ports forward. Convergence is what happens when all ports in the switch are either in forwarding or blocking mode. During this phase no data will be forwarded until the convergence event is complete. When STP is converging , all host data stops being transmitted. As soon as the switched network converges data can be forwarded once more.
VLAN setup
To set up a VLAN on a switch, create one or more VLANs, then assign ports to those VLANs. Any traffic sent from a host plugged into a port for VLAN1, therefore, becomes part of the broadcast domain of VLAN1. Serious networks usually have more than one switch. Let's say you added a switch to a simple network. You'd like to keep VLAN1 and VLAN2 but use both switches. You can configure the new switch to use VLAN1 and VLAN2, but you've got to enable data to flow between the two switches, regardless of VLAN. That's where trunking comes into play.
Voice VLAN
Transports digitized voice calls and signaling information, usually given a higher priority than data VLANs due to time-sensitivity of voice data. (VoIP - Voice over IP)
What does trunking provide?
Trunking allows you to send information about many or all VLANs through the same link. Access ports (untagged ports) allow information about only one VLAN transmitted.
IEEE 8021Q Header
Unlike Inter-Switch Link (ISL), which encapsulates the frame with control information, 802.1Q inserts an 802.1Q field along with tag control information. A 12-bit VLAN ID header is added to the frame. In both ISL and 802.1Q the VLAN ID tag is removed once the frame is forwarded out through an access link.
VLAN
VLAN, also known as virtual LAN, is a group of devices on one or more LANs in regardless of physical location. That's to say, it allows devices to be grouped together even though they are not connected on the same fiber switch. However, it often requires the network hardware/software to support VLAN functionality, for example, VLAN switch is essential for setting up a VLAN network. In VLAN, configuration of the network can be done via software extensively. Basically, VLANs are used at layer 2 to break up broadcast domains. https://medium.com/@fiberoptics/vlan-vs-subnet-what-are-their-differences-613d7915e4b6
IP Helper/DHCP Relay
When a relay agent (CompTIA calls this a DHCP relay—you might remember this from the discussion of DHCP in Chapter 6) is enabled and configured within a router, the router passes DHCP messages across the router interfaces. So now we can use a single DHCP server to serve addresses to multiple networks or subnetworks. Cisco implements DHCP relay through a configuration command called IP helper (the command is technically ip helper-address). IP helper enables DHCP relay support (port 67). It also enables relaying for TFTP (port 69), NTP (port 123), TACACS+ (port 49), DNS (port 53), NetBIOS (port 137), and NetBIOS Datagram (port 138).
Untagged Traffic (Untagged frames - native VLAN frames )
When frames that are not tagged as belonging to a member of a VLAN. The rest of the frames will traverse the trunk by having a tag added
Assigning VLANs and Tagging
When the data enters the access port, the switch associates the frames with the appropriate VLAN ID. If the destination host is connected to the same switch, the frames flow to that host's access port and out over the wire without a VLAN tag. If the destination host connects to a different switch, the initial switch sends the frames out its trunk port (sometimes called a tagged port). What happens next is determined by how the trunk port is configured. If the trunk port's native VLAN—the VLAN ID it associates untagged traffic with—is the same as the VLAN the frame was associated with as it entered the access port, the switch sends the frame along to the next switch without adding a tag. If the frame is part of any other VLAN, then the trunk port adds the 802.1Q tag to the frame and sends it on its way.
round-robin load balancing
Where each server takes a turn responding to requests, or it might involve a front-end gateway router that disperses requests to servers based on their current load. A scheduling method used with load balancers. it redirects each client request to servers in a predetermined order. When a computer comes to the DNS server for resolution, the server responds with all A records. Then next time DNS is queried, all A records are returned but in a different order. This is known as round robin.
Switch Port Analyzer (SPAN) or port mirror
sends a copy of all the traffic sent to one switch port to another switch port for monitoring https://www.geeksforgeeks.org/switch-port-analyzer-span/
NDP (Neighbor Discovery Protocol)
• No broadcasts! • Operates using multicast over ICMPv6 • Neighbor MAC Discovery • Replaces the IPv4 ARP • SLAAC (Stateless Address Autoconfiguration) • Automatically configure an IP address without a DHCP server • DAD (Duplicate Address Detection) • No duplicate IPs! • Discover routers • Router Solicitation (RS) and Router Advertisement (RA)
