CCNP: ENCOR Exam 350-401

Create a VLAN, view its name and active status, and use commands to display specific VLAN information.

Explore basic vlan concepts by inspecting interface details with the show interface command and viewing layer 2 settings, including access mode and voice vlan 20, using the switchboard view.

Discover how 802.1Q trunking efficiently carries multiple VLANs over a single link between switches, replacing the brute force approach of wiring separate VLAN cables.

Explore 802.1Q trunking that carries multiple VLANs over a single link by tagging frames with their VLAN and stripping the tag at the destination.

Explore VLAN tagging on trunks, where frames are encapsulated with a VLAN id, and understand how default VLAN 1 and native VLAN affect untagged traffic and security options.

Explain IEEE 802.1Q VLAN tagging, showing how a VLAN header with type 0x8100, priority, MAC address encoding flag, and the VLAN ID is added to frames, altering the frame checksum.

Learn how the native vlan handles untagged ethernet frames across a link, typically vlan 1, and how security settings may change it, with an incredibly easy configuration.

Configure an 802.1q trunk by setting the switchport mode trunk and optionally changing the native vlan to illustrate how the native vlan can be modified.

Configure and verify an 802.1q trunk on the switch interface, run the verification command, and confirm trunk mode is operating.

Explain how a layer 2 switch processes inbound frames by consulting mac address table, floods when unknown, uses ternary content addressable memory for wildcard lookups, and applies quality of service.

Explore how a switch builds and inspects its CAM table, view learned MAC addresses, filter by interfaces, and adjust aging from 300 to 600 seconds.

Process switching uses the CPU to handle every packet with layer 2 and layer 3 lookups, frame rebuild, and CRC, like a traditional bridge, making it the slowest switching method.

Compare switching mechanisms, focusing on sayef as the default, fastest hardware-based forwarding using a forwarding information base, which is faster than fast switching or process switching, with some compatibility limits.

Explore how process switching and fast switching decide packet handling, check the fast switch cache, process the first frame, and populate the cache for subsequent fast switching.

EtherChannel bundles multiple physical ports into a single logical link between two switches, with ports of the same type (up to 16), and spanning-tree prevents loops.

Examine how etherchannel load balancing uses a simple xor hash to select links, enabling third-channel load balancing and balancing traffic across two, four, eight, or sixteen links.

Diagnose EtherChannel by checking physical connectivity and channel settings, verify manual versus aggregation protocol, and ensure both sides match active-active or desirable-desirable configurations.

Troubleshoot layer 2 port aggregation by reviewing the etherchannel summary and lacp status, configure lacp on both switches, and align trunk settings to bring the port channel up.

Examine EIGRP features, including classless routing with variable length subnet masking, fast convergence with backup routes, partial and bounded updates, and equal-cost load balancing across IP and IPv6 paths.

Explore how EIGRP uses RTP, the reliable transport protocol, not tcp or udp, to deliver messages with sequence numbers for multicast, including acknowledgments and a trailer for validation.

Explore how EIGRP forms neighbor relationships with hello packets, exchanges updates, and selects a successor and a feasible successor as backup routes.

Establishes EIGRP neighbor adjacency by agreeing on the autonomous system number and K values for metrics. Sets the required subnet and optional authentication, using passive interfaces to suppress hellos.

Explore how EIGRP metrics use the lowest bandwidth across hops, sum delay, and ignore load and reliability; K-values shape the metric, with MTA in advertisements, not calculations.

Enable wide metrics in EIGRP to support higher bandwidth links, from 100G to 400G and beyond, addressing limitations of the old metric.

Populate the neighbor table from directly connected routers and adjacencies for IPv4 and IPv6. Compute the feasible distance by adding the advertised distance to the cost to reach the neighbor.

Analyze how a diffusing update, driven by a finite state machine, uses feasible distances to select the successor and feasible successor as a loop-free routing backup.

Explain unequal cost load balancing and examine how equal costs yield the same outcome in balancing network traffic.

Explore EIGRP components by establishing neighbor relationships, applying the dual algorithm to determine the best path, and enabling equal-cost and unequal-cost load balancing across IPv4 and IPv6.

Compare eigrp and ospf routing protocols, noting eigrp's quick convergence and easy setup, against ospf's suitability for medium to large networks and open-standard multi-vendor support, with IPv6 in both.

Configure EIGRP load balancing with unequal-cost routing using variance, then implement IP authentication on the link with MD5, using key chains on both green and red routers.

Explore how BGP routing policies empower autonomous systems to control path selection and traffic handling with fine-grained control and scalable internet routing.

Establish BGP neighbors with TCP 179, exchange routes, and populate forwarding and IP routing tables; advertise the best routes to peers for equal-cost load balancing.

BGP establishes a neighbor relationship after a TCP connect by an open message with version, autonomous system, and router IDs, then exchanges keepalives and updates to manage reachability.

Explore how eBGP neighbor relationships establish peering between routers in different autonomous systems, using exact neighbor IP addresses and TCP port 179 to exchange reachability information and route data.

Learn how BGP path attributes shape routing decisions, including origin, AS path, next hop, local preference, atomic aggregate, and the roles of mandatory, discretionary, transitive, and non-transitive attributes.

Explore the weight attribute in Cisco tools to influence path selection by assigning weights, such as preferring a 300 path with weight 200 over a 200 path with weight 100.

Learn how weight and local preference influence route choice across multiple paths. Local preference is an autonomous system wide metric updated across the network.

Master the med attribute and its role in shaping inbound traffic by advertising preferred paths with discriminators. Learn how lower med values influence path selection within vpe path attributes.

Configure eBGP between two routers, using neighbor and network commands to advertise networks. Verify neighbors with show ip bgp summary and show ip bgp neighbors, then test connectivity with ping.

Describe how ospf, a link-state interior gateway protocol, models interfaces with ip addresses, uses lsa to share link state with neighbors, and builds a topological map via spf.

Describe OSPF components by explaining the autonomous system, backbone area zero, and other areas, and how areas group devices within an administration and connect to external networks.

On a router, OSPF runs as a single, locally significant process identified by a process id. You can choose any value, and this keeps OSPF processes isolated from each other.

Configure a single device to run two separate OSPF processes, each connecting to a different OSPF network, and share routes by redistributing between them.

Use the lookback interface to avoid router ID changes, allow the OSPF process to figure out its router ID, and start participating in state advertisements to prepare to discover neighbors.

Explore how routers exchange database descriptions to build a link-state database and establish neighbor relationships. Use link-state requests, updates, and acknowledgments to synchronize topology information.

Explore the five basic OSPF packet types, including type 1 and type 2 (databases), type 3 for data propagation, and type 5 (acknowledgement), with emphasis on flooding.

Explore the OSPF packet header format, including version, type, router ID, and authentication. See how the data breaks into LSA types that feed the link-state database.

Discover how OSPF uses type 1 and type 2 LSAs, with type 3 summaries and type 5 ASBA advertisements to manage external routes inside an area.

Design your OSPF structure by selecting area border routers and an autonomous system boundary router, connect area zero to other areas, plan the SPF design, and configure virtual links.

Demonstrates migrating from legacy OSPF to OSPFv3 using the newer syntax for IPv4 and IPv6. Verifies configuration through show commands, sets passive interfaces, and confirms neighbors and routing tables.

Compute the ospf cost by dividing the reference bandwidth by the interface bandwidth, yielding a numeric cost where lower values indicate better routes.

Design OSPF areas intelligently in networks to minimize inter-area advertising, using the area range command to summarize address ranges and the summary address command on the ABR for external routes.

Route summarization enhances network stability by consolidating many routes into a single summary (type three LSA), reducing advertisements between areas and containing changes, with filtering available later.

Apply a distribute list to filter traffic using a standard access list, denying specific source addresses, inbound or outbound, while noting performance considerations.

Explore how a prefix list enables high-performance filtering by translating prefixes into a tree structure that rapidly tests sequence numbers to permit or deny traffic.

Master route map applications to exercise powerful control, enabling policy-based routing in BGP and flexible use for redistribution and other routing tasks.

Explore how route map operations combine match and set statements with sequence numbers to permit or deny routes in BGP contexts.

Configure route maps by matching criteria and setting metrics to implement policy-based routing, controlling route sharing and redistribution based on source and destination criteria.

Explore how OSPF stub and totally stubby areas reduce routing table size by using default routes and the default-information originate command, with IPv4 and IPv6 configurations.

Cisco defines nat address types such as inside local, inside global, outside local, and outside global, explaining how location and translation affect address visibility.

Explore NAT implementations: static one-to-one mappings, dynamic NAT with address pools, many-to-many, and PAT, enabling multiple devices to share a single public IP.

Understand static NAT as a one-to-one translation between internal and public addresses, translating inbound and outbound traffic, and exposing whole IPs or specific ports for public services.

Explore dynamic nat, mapping many inside addresses to outside addresses with automatic reciprocal entries, enabling return traffic, and note its limited use.

Define fhrp and explain how a primary gateway handles traffic with a standby router taking over on failure, using hrp, brp, and glbp for redundancy and load balancing.

Configure FHRP to create a virtual router with a shared default gateway IP address. Switch traffic to the backup router when the primary fails, keeping the same gateway for hosts.

Configure hsrp interface tracking to adjust priority when a link fails, using the preamp command to determine active and standby roles.

Learn to implement hsrp multigroup for load sharing across vlan 10 and vlan 20, with spanning-tree roots guiding vlan 10 to the top switch and vlan 28 to the bottom.

Explore a multigroup HSRP configuration with primary and secondary gateways for subnets 10.1 and 20.1, using priorities 110 and 90 for load sharing on device one.

Configure two devices to share load with HSRP multigroup, assigning one as primary for one gateway and the other as primary for the second gateway across VLANs.

Explore Cisco switch high availability by examining redundant supervisors and modes such as R, R plus, and SSL, contrasting failover times from partial to boot with stateful set and SSO.

Enable Cisco nonstop forwarding with stateful switchover on Catalyst 9400 to rapidly rebuild the forwarding information base after failover, achieving about 150 ms switchover and under 200 ms traffic interruption.

Explore configuring VRRP to establish a virtual router redundancy group, assign virtual IPs, set interface priorities to elect a master, and verify with show commands.

Explore the bridge protocol data unit (BPDU) used by the spanning tree protocol, including message types, topology change notifications (TCN), and fields like root bridge, cost, and flags.

Explain how the root bridge is elected by the lowest bridge ID, formed from bridge priority and MAC address. Adjust the priority in 4096 increments to influence the election.

Discover how a root bridge election uses the lowest cost and port ID tie-breakers to select the best port, and how equal-cost paths, including port channel behavior, are resolved.

Explore the STP port states, from admin down and shut down to blocking, listening, learning, and forwarding, and observe how links transition through these states as they come up.

Explore spanning tree protocol types and features, from the original STP to PVST+ with per-VLAN instances, and rapid spanning tree variants for faster convergence across VLANs.

Compare stp protocols and decide when to use mstp versus rsvp, noting mstp provides multiple instances while often offering a single, more efficient instance in a Cisco environment.

Identify the default spanning-tree configuration, PVST+ as the default, its trade-offs, and how VLANs can be split 50/50 across two paths for load balancing.

PortFast and BPDU Guard affect how switch ports move through blocking, listening, and learning states, with total startup delays around 50 seconds, impacting user connectivity when plugging in a laptop.

PortFast brings the link up quickly on access ports connected to PCs, bypassing listening states. BPDU Guard prevents misconfiguration by shutting down an access port if a switch is detected.

Configure PortFast and BPDU Guard by choosing per-port settings or applying defaults to all ports to simplify port protection configurations.

Enable PortFast and BPDU Guard on four access ports connecting servers and endpoints, then verify by inspecting the interface which shows it is enabled.

Explore different ways to verify that PortFast and BPDU Guard are enabled for me when I take a look.