mirror of
https://gitlab.com/netravnen/NetworkLabNotes.git
synced 2024-11-23 19:17:54 +00:00
Merge branch 'develop'
This commit is contained in:
commit
dfeb6758fb
2
.gitignore
vendored
Normal file
2
.gitignore
vendored
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
|
||||||
|
main\.glsdefs
|
|
@ -12,6 +12,7 @@
|
||||||
- [ ] OSPF
|
- [ ] OSPF
|
||||||
- [ ] RIP
|
- [ ] RIP
|
||||||
- [ ] PREFIX FILTERS
|
- [ ] PREFIX FILTERS
|
||||||
|
- [X] Example code
|
||||||
- [ ] ASN's
|
- [ ] ASN's
|
||||||
|
|
||||||
## _Mostly_ done
|
## _Mostly_ done
|
||||||
|
|
75
acronyms.tex
Normal file
75
acronyms.tex
Normal file
|
@ -0,0 +1,75 @@
|
||||||
|
%\newacronym{}{}{}
|
||||||
|
%\newacronym{}{}{}
|
||||||
|
%\newacronym{}{}{}
|
||||||
|
%\newacronym{}{}{}
|
||||||
|
%\newacronym{}{}{}
|
||||||
|
%\newacronym{}{}{}
|
||||||
|
%\newacronym{}{}{}
|
||||||
|
%\newacronym{}{}{}
|
||||||
|
%\newacronym{}{}{}
|
||||||
|
\newacronym{arp}{ARP}{Address Resolution Protocol}
|
||||||
|
\newacronym{bgp}{BGP}{Border Gateway Protocol}
|
||||||
|
\newacronym{bpdu}{BPDU}{Bridge Protocol Data Unit}
|
||||||
|
\newacronym{cli}{CLI}{Command Line Interface}
|
||||||
|
\newacronym{cst}{CST}{Common Spanning Tree}
|
||||||
|
\newacronym{cwdm}{CWDM}{}
|
||||||
|
\newacronym{db}{DB}{Database}
|
||||||
|
\newacronym{dhcp}{DHCP}{Dynamic Host Control Protocol}
|
||||||
|
\newacronym{dknog}{DKNOG}{Danish Network Operators' Group}
|
||||||
|
\newacronym{dns}{DNS}{Domain Name System}
|
||||||
|
\newacronym{dwdm}{DWDM}{}
|
||||||
|
\newacronym{eigrp}{EIGRP}{Enhanced Interior Gateway Routing Protocol}
|
||||||
|
\newacronym{evpn}{EVPN}{Ethernet Virtual Private Network}
|
||||||
|
\newacronym{ftp}{FTP}{File Transfer Protocol}
|
||||||
|
\newacronym{ftps}{FTPS}{File Transfer Protocol Secure}
|
||||||
|
\newacronym{ieee}{IEEE}{Institute of Electrical and Electronics Engineers}
|
||||||
|
\newacronym{igrp}{IGRP}{Interior Gateway Routing Protocol}
|
||||||
|
\newacronym{imap}{IMAP}{Internet Message Access Protocol}
|
||||||
|
\newacronym{ip}{IP}{Internet Protocol}
|
||||||
|
\newacronym{ipv4}{IPV4}{Internet Protocol v4}
|
||||||
|
\newacronym{ipv6}{IPV6}{Internet Protocol v6}
|
||||||
|
\newacronym{irc}{IRC}{Internet Relay Chat}
|
||||||
|
\newacronym{isis}{ISIS}{Intermediate System to Intermediate System}
|
||||||
|
\newacronym{isp}{ISP}{Internet Service Provider}
|
||||||
|
\newacronym{l2}{L2}{Layer 2}
|
||||||
|
\newacronym{l2vpn}{L2VPN}{Layer 2 Virtual Private Network}
|
||||||
|
\newacronym{l3}{L3}{Layer 3}
|
||||||
|
\newacronym{lacp}{LACP}{Link Aggregation Protocol}
|
||||||
|
\newacronym{lan}{LAN}{Local Area Network}
|
||||||
|
\newacronym{mac}{MAC}{Media Access Control address}
|
||||||
|
\newacronym{mkc}{MKC}{Mikkel Krøll}
|
||||||
|
\newacronym{mpls}{MPLS}{Multiprotocol Label Switching}
|
||||||
|
\newacronym{mst}{MST}{Multiple Spanning Tree}
|
||||||
|
\newacronym{osi}{OSI}{Open Systems Interconnection}
|
||||||
|
\newacronym{ospf}{OSPF}{Open Shortest Path First}
|
||||||
|
\newacronym{ospfv3}{OSPFV3}{Open Shortest Path First v3}
|
||||||
|
\newacronym{pagp}{PAGP}{Port Aggregation Protocol}
|
||||||
|
\newacronym{pop3}{POP3}{Post Office Protocol}
|
||||||
|
\newacronym{pvrst}{PVRST}{Per Vlan Rapid Spanning Tree}
|
||||||
|
\newacronym{pvrst+}{PVRST+}{Per Vlan Rapid Spanning Tree Plus}
|
||||||
|
\newacronym{pvst}{PVST}{Per Vlan Spanning Tree}
|
||||||
|
\newacronym{pvst+}{PVST+}{Per Vlan Spanning Tree Plus}
|
||||||
|
\newacronym{rfc}{RFC}{Request For Comments}
|
||||||
|
\newacronym{rip}{RIP}{Routing Information Protocol}
|
||||||
|
\newacronym{rspt}{RSTP}{Rapid Spanning Tree}
|
||||||
|
\newacronym{rpvst+}{RPVST}{Rapid Per Vlan Spanning Tree}
|
||||||
|
\newacronym{sftp}{SFTP}{Secure Shell File Transfer Protocol}
|
||||||
|
\newacronym{smtp}{SMTP}{Simpe Mail Transfer Protocol}
|
||||||
|
\newacronym{snmp}{SNMP}{Simple Network Management Protocol}
|
||||||
|
\newacronym{sp}{SP}{Service Provider}
|
||||||
|
\newacronym{ssh}{SSH}{Secure Shell}
|
||||||
|
\newacronym{stp}{STP}{Spanning Tree Protocol}
|
||||||
|
\newacronym{tcn}{TCN}{Topology Change Notification}
|
||||||
|
\newacronym{tcp}{TCP}{Transmission Control Protocol}
|
||||||
|
\newacronym{tftp}{TFTP}{Trivial File Transfer Protocol}
|
||||||
|
\newacronym{toc}{TOC}{Table Of Contents}
|
||||||
|
\newacronym{udld}{UDLD}{Unidirectional Link Detection}
|
||||||
|
\newacronym{udp}{UDP}{User Datagram Protocol}
|
||||||
|
\newacronym{vlan}{VLAN}{Virtual Local Area Network}
|
||||||
|
\newacronym{vpn}{VPN}{Virtual Private Network}
|
||||||
|
\newacronym{vtp}{VTP}{Virtual Trunking Protocol}
|
||||||
|
\newacronym{vxlan}{VXLAN}{Virtual eXtensible Local Area Network}
|
||||||
|
\newacronym{wdm}{WDM}{}
|
||||||
|
\newacronym{wlan}{WLAN}{Wireless Local Area Network}
|
||||||
|
\newacronym{zbc}{ZBC}{Zealand Business School}
|
||||||
|
\newacronym{aaa}{AAA}{Authentication, Authorization, Accounting}
|
44
chapter/dhcp.tex
Normal file
44
chapter/dhcp.tex
Normal file
|
@ -0,0 +1,44 @@
|
||||||
|
\chapter{DHCP}
|
||||||
|
|
||||||
|
\section{DHCP Process}
|
||||||
|
|
||||||
|
\fig{dhcp/dhcpdiscoverprocess}{dhcpdiscoverprocess}{DHCP Discover Process}
|
||||||
|
|
||||||
|
\subsection{DHCP Messages}
|
||||||
|
|
||||||
|
\begin{itemize}
|
||||||
|
\item \textbf{DHCPDECLINE:} Message sent from the client to the server that the address is already in use.
|
||||||
|
\item \textbf{DHCPNAK:} The server sends a refusal to the client for request for configuration.
|
||||||
|
\item \textbf{DHCPRELEASE:} Client tells a server that it is giving up a lease.
|
||||||
|
\item \textbf{DHCPINFORM:} A client already has an \gls{ip} address but is requesting other configuration parameters that the \gls{dhcp} server is configured to deliver such as \gls{dns} address.
|
||||||
|
\end{itemize}
|
||||||
|
|
||||||
|
\section{DHCP Options}
|
||||||
|
|
||||||
|
\begin{itemize}
|
||||||
|
\item \textbf{43} Vendor-encapsulated option that enables vendors to have their own list of options on the server.
|
||||||
|
\item \textbf{69} \gls{smtp} server, if you want to specify available \gls{smtp} servers to the client.
|
||||||
|
\item \textbf{70} \gls{pop3} server, if you want to specify available \gls{pop3} servers to the client.
|
||||||
|
\item \textbf{150} \gls{tftp} server that enables your phones to access a list of \gls{tftp} servers.
|
||||||
|
\end{itemize}
|
||||||
|
|
||||||
|
\section{DHCP Example Configuration}
|
||||||
|
|
||||||
|
\subsection{Cisco}
|
||||||
|
|
||||||
|
\begin{txt}
|
||||||
|
ip dhcp excluded-address 192.168.0.254
|
||||||
|
!
|
||||||
|
ip dhcp pool LAN-1-POOL-DHCP
|
||||||
|
network 192.168.0.0 255.255.255.0
|
||||||
|
default-router 192.168.0.254
|
||||||
|
lease 2 ! set in days
|
||||||
|
\end{txt}
|
||||||
|
|
||||||
|
When configuring a Layer 3 interface as a relay port for DHCP request for a subnet. Set the ip helper command on the interface with one \textit{or} more ip addresses.
|
||||||
|
|
||||||
|
\begin{txt}
|
||||||
|
interface GigabitEthernet 0/3
|
||||||
|
ip helper-address 192.168.220.220
|
||||||
|
ip helper-address 192.168.222.222
|
||||||
|
\end{txt}
|
7
chapter/fhrp.tex
Normal file
7
chapter/fhrp.tex
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
\chapter{FHRP}
|
||||||
|
|
||||||
|
\section{VRRP}
|
||||||
|
|
||||||
|
\section{GLBP}
|
||||||
|
|
||||||
|
\section{HSRP}
|
3
chapter/ipaddressing.tex
Normal file
3
chapter/ipaddressing.tex
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
\chapter{IP Addressing}
|
||||||
|
|
||||||
|
\lstinputlisting[language=plaintxt]{code/ipaddressblocks.txt}
|
|
@ -1,3 +1,5 @@
|
||||||
|
\chapter{L2 to L3}
|
||||||
|
|
||||||
\section{Vlan-to-vlan routing}
|
\section{Vlan-to-vlan routing}
|
||||||
|
|
||||||
\myquote{}{Guidance and Understanding of the art of Layer 3 networks. Routing between different slash 24\tsq{s}.\\ \textit{Aka. Inter-vlan routing.}}
|
\myquote{}{Guidance and Understanding of the art of Layer 3 networks. Routing between different slash 24\tsq{s}.\\ \textit{Aka. Inter-vlan routing.}}
|
7
chapter/layer2.tex
Normal file
7
chapter/layer2.tex
Normal file
|
@ -0,0 +1,7 @@
|
||||||
|
\chapter{Layer 2}
|
||||||
|
|
||||||
|
\input{chapter/layer2/switchednetwork}
|
||||||
|
|
||||||
|
\newpage
|
||||||
|
|
||||||
|
\input{chapter/layer2/spanningtree}
|
|
@ -8,21 +8,21 @@
|
||||||
|
|
||||||
Spanning Tree exists for the \textbf{sole} reason to save "your" network and all the broadcast storms an network engineer having a bad day can by mistake create!
|
Spanning Tree exists for the \textbf{sole} reason to save "your" network and all the broadcast storms an network engineer having a bad day can by mistake create!
|
||||||
|
|
||||||
STP comes from the above desire where redundancy was wanted but no protocol existed before STP to help in this regard.
|
STP comes from the above desire where redundancy was wanted but no protocol existed before \gls{stp} to help in this regard.
|
||||||
|
|
||||||
\begin{table}[h]
|
\begin{table}[h]
|
||||||
\centering
|
\centering
|
||||||
\caption{Spanning Tree standrds}
|
\caption{Spanning Tree standards}
|
||||||
\label{stpstandards}
|
\label{stpstandards}
|
||||||
\resizebox{\columnwidth}{!}{%
|
\resizebox{\columnwidth}{!}{%
|
||||||
\begin{tabular}{|l|l|l|l|l|}
|
\begin{tabular}{|l|l|l|l|l|}
|
||||||
\hline
|
\hline
|
||||||
\textbf{} & \textbf{Standard} & \textbf{Ressource Usage} & \multicolumn{2}{l|}{\textbf{Convergence}} \\ \hline
|
\textbf{} & \textbf{Standard} & \textbf{Ressource Usage} & \multicolumn{2}{l|}{\textbf{Convergence}} \\ \hline
|
||||||
CST & 802.1D & Low & Slow & All vlans \\ \hline
|
\gls{cst} & 802.1D & Low & Slow & All vlans \\ \hline
|
||||||
PVST+ & Cisco & High & Slow & Per vlan \\ \hline
|
\gls{pvst+} & Cisco & High & Slow & Per vlan \\ \hline
|
||||||
RSTP & 802.1w & So-so (Med.) & Fast & All vlans \\ \hline
|
\gls{rstp} & 802.1w & So-so (Med.) & Fast & All vlans \\ \hline
|
||||||
RPVST+ & Cisco & On-the-double (V.High) & Fast & Per vlan \\ \hline
|
\gls{rpvst+} & Cisco & On-the-double (V.High) & Fast & Per vlan \\ \hline
|
||||||
MST & 802.1s & Med. - High & Fast & Vlan list \\ \hline
|
\gls{mst} & 802.1s & Med. - High & Fast & Vlan list \\ \hline
|
||||||
\end{tabular}%
|
\end{tabular}%
|
||||||
}
|
}
|
||||||
\end{table}
|
\end{table}
|
||||||
|
@ -64,43 +64,43 @@ Election of ports goes in order of the following values (low is best): 1) root b
|
||||||
\subsection{Standards}
|
\subsection{Standards}
|
||||||
|
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item STP {\scriptsize Spanning Tree Protocol}
|
\item \gls{stp} {\scriptsize Spanning Tree Protocol}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item IEEE 802.1D
|
\item \gls{ieee} 802.1D
|
||||||
\item Was created in a time where bridged networks was the norm.
|
\item Was created in a time where bridged networks was the norm.
|
||||||
\item Supports a single vlan/lan.
|
\item Supports a single vlan/lan.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item CST {\scriptsize Common Spanning Tree}
|
\item \gls{cst} {\scriptsize Common Spanning Tree}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item An evolution of stp
|
\item An evolution of \gls{stp}
|
||||||
\item Cst still only supports one STP instance.
|
\item \gls{cst} still only supports one \gls{stp} instance.
|
||||||
\item But CST do thou in contrast to STP support \textit{multiple} vlans.
|
\item But \gls{cst} do thou in contrast to \gls{stp} support \textit{multiple} vlans.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item PVST {\scriptsize Per Vlan Spanning Tree}
|
\item \gls{pvst} {\scriptsize Per Vlan Spanning Tree}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Now obsolute and succeded by PVST+
|
\item Now obsolute and succeded by \gls{pvst+}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item PVST+ {\scriptsize Per Vlan Spanning Tree Plus}
|
\item \gls{pvst+} {\scriptsize Per Vlan Spanning Tree Plus}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Runs an instance of STP per vlan.
|
\item Runs an instance of \gls{stp} per vlan.
|
||||||
\item Can guarante better utilization of available network bandwidth.
|
\item Can guarante better utilization of available network bandwidth.
|
||||||
\item Root bridge and port priorities can be configured per vlan.
|
\item Root bridge and port priorities can be configured per vlan.
|
||||||
\item Uses the term alternate for nondesignated port.
|
\item Uses the term alternate for nondesignated port.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item RSTP {\scriptsize Rapid Spanning Tree Protocol}
|
\item \gls{rstp} {\scriptsize Rapid Spanning Tree Protocol}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item IEEE 802.1w
|
\item \gls{ieee} 802.1w
|
||||||
\item A future development of the original 802.1D standard meant to provide faster convergance. As the original STP standard wasn't actually that fast.
|
\item A future development of the original 802.1D standard meant to provide faster convergance. As the original \gls{stp} standard wasn't actually that fast.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item RPVST+ {\scriptsize Rapid Per Vlan Spanning Tree Plus}
|
\item \gls{rpvst+} {\scriptsize Rapid Per Vlan Spanning Tree Plus}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item A cisco implementation of RSTP based upon pvst+.
|
\item A cisco implementation of \gls{rstp} based upon \gls{pvst+}.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item MST {\scriptsize Multiple Spanning Tree}
|
\item \gls{mst} {\scriptsize Multiple Spanning Tree}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Originally a cisco developed protocol. MST has since been developed as an IEEE standard.
|
\item Originally a cisco developed protocol. \gls{mst} has since been developed as an \gls{ieee} standard.
|
||||||
\item MST can as CST map multiple vlans to a single STP instance.
|
\item \gls{mst} can as \gls{cst} map multiple vlans to a single \gls{stp} instance.
|
||||||
\item MST \textit{differently} than CST supports multiple STP instances.
|
\item \gls{mst} \textit{differently} than \gls{cst} supports multiple \gls{stp} instances.
|
||||||
\item Fx. Instance 1: Vlan 1-99, Instane 2: Vlan 100-199.
|
\item Fx. Instance 1: Vlan 1-99, Instane 2: Vlan 100-199.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
@ -110,14 +110,14 @@ Election of ports goes in order of the following values (low is best): 1) root b
|
||||||
\subsubsection{BPDU}
|
\subsubsection{BPDU}
|
||||||
\textbf{B}ridge \textbf{P}rotocol \textbf{D}ata \textbf{U}nits is on cisco equipment sent out every 2 seconds and generally catogorizes into 2 categories:
|
\textbf{B}ridge \textbf{P}rotocol \textbf{D}ata \textbf{U}nits is on cisco equipment sent out every 2 seconds and generally catogorizes into 2 categories:
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item \textit{Configuration} BPDU used for STP calculations and
|
\item \textit{Configuration} \gls{bpdu} used for \gls{stp} calculations and
|
||||||
\item \textit{Topology change notifications} BPDUs used to notify other network nodes of a change in the network.
|
\item \textit{Topology change notifications} \gls{bpdu}s used to notify other network nodes of a change in the network.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
Any network node with switchports and STP + BPDU enabled sends out BPDU packets with the ports mac as the src address. The destination mac is is designated STP multicast addr 01:80:C2:00:00:00.
|
Any network node with switchports and \gls{stp} + \gls{bpdu} enabled sends out \gls{bpdu} packets with the ports \gls{mac} as the src address. The destination \gls{mac} is is designated \gls{stp} multicast addr 01:80:C2:00:00:00.
|
||||||
|
|
||||||
\subsubsection{Root Bridge}
|
\subsubsection{Root Bridge}
|
||||||
Using a \textbf{R}oot \textbf{B}rigde as the reference point for the STP instance and calculation of root/designated/non-designated ports.\\This election process uses a pre-configured bridge priority (ranges from $0$ to $2^{16}$) (defaults to $2^{15}$). If a tie in priority is found the switch in possession of the lowest mac address wins the root bridge election.
|
Using a \textbf{R}oot \textbf{B}rigde as the reference point for the \gls{stp} instance and calculation of root/designated/non-designated ports.\\This election process uses a pre-configured bridge priority (ranges from $0$ to $2^{16}$) (defaults to $2^{15}$). If a tie in priority is found the switch in possession of the lowest \gls{mac} address wins the root bridge election.
|
||||||
|
|
||||||
\begin{txt}
|
\begin{txt}
|
||||||
|<-------- bridge id 8 bytes --->|
|
|<-------- bridge id 8 bytes --->|
|
||||||
|
@ -159,11 +159,11 @@ Using a \textbf{R}oot \textbf{B}rigde as the reference point for the STP instanc
|
||||||
|
|
||||||
\fig{rstp/portlinktypes}{rstpportlinktypes}{Port link types}
|
\fig{rstp/portlinktypes}{rstpportlinktypes}{Port link types}
|
||||||
|
|
||||||
Things to be aware of regarding RSTP port roles
|
Things to be aware of regarding \gls{rstp} port roles
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item \textbf{Shared} port state will only ever be present on segments where a hub is present.
|
\item \textbf{Shared} port state will only ever be present on segments where a hub is present.
|
||||||
\item \textbf{Point-2-Point} port is connected to a single switch on the other end.
|
\item \textbf{Point-2-Point} port is connected to a single switch on the other end.
|
||||||
\item \textbf{Edge} port roles is only ever connected to end devices. Status as Edge port is lost if a BPDU is ever recieved.
|
\item \textbf{Edge} port roles is only ever connected to end devices. Status as Edge port is lost if a \gls{bpdu} is ever recieved.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||||
|
@ -175,14 +175,14 @@ Things to be aware of regarding RSTP port roles
|
||||||
\section{Port roles}
|
\section{Port roles}
|
||||||
|
|
||||||
\subsection{Fast port roles}
|
\subsection{Fast port roles}
|
||||||
Cisco did on their part early on enhance the original spanning tree standard with some proprietary portroles that can (on cisco switch equipment) skip steps in the port role election process. And configure a STP switchport to a specific behavior as described below:
|
Cisco did on their part early on enhance the original spanning tree standard with some proprietary portroles that can (on cisco switch equipment) skip steps in the port role election process. And configure a \gls{stp} switchport to a specific behavior as described below:
|
||||||
|
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item PortFast
|
\item PortFast
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Configures access port to transition directly to forwarding state.
|
\item Configures access port to transition directly to forwarding state.
|
||||||
\item Improve convergence times of non-RSTP.
|
\item Improve convergence times of non-\gls{rstp}.
|
||||||
\item Port does no forwan TCN\footnote{\textbf{Needs finding out what TCN is.}} BPDUs either.
|
\item Port does no forwan \gls{tcn} \gls{bpdu}s either.
|
||||||
\item PortFast can be enabled either A) per port \textit{or} B) globally for all ports in access mode.
|
\item PortFast can be enabled either A) per port \textit{or} B) globally for all ports in access mode.
|
||||||
\begin{enumerate}
|
\begin{enumerate}
|
||||||
\item Per port: {\footnotesize Accesss port}\\\cliline{cisco-switch(config-if)# spanning-tree portfast}
|
\item Per port: {\footnotesize Accesss port}\\\cliline{cisco-switch(config-if)# spanning-tree portfast}
|
||||||
|
@ -193,9 +193,9 @@ Cisco did on their part early on enhance the original spanning tree standard wit
|
||||||
\item UplinkFast
|
\item UplinkFast
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Enables fast uplink failover on access switch.
|
\item Enables fast uplink failover on access switch.
|
||||||
\item Improve convergence times of non-RSTP.
|
\item Improve convergence times of non-\gls{rstp}.
|
||||||
\item Enabled only with non-RSTP
|
\item Enabled only with non-\gls{rstp}
|
||||||
\item Integrated into Cisco's RSTP implementaion and enabled by defaut.
|
\item Integrated into Cisco's \gls{rstp} implementaion and enabled by defaut.
|
||||||
\item Cisco proprietary
|
\item Cisco proprietary
|
||||||
\item Only works if switch has blocked ports
|
\item Only works if switch has blocked ports
|
||||||
\item Designed with switches in access layer as deployment target.
|
\item Designed with switches in access layer as deployment target.
|
||||||
|
@ -204,16 +204,16 @@ Cisco did on their part early on enhance the original spanning tree standard wit
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item BackboneFast
|
\item BackboneFast
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Enables fast convergence in distribution or core layer when STP change occurs.
|
\item Enables fast convergence in distribution or core layer when \gls{stp} change occurs.
|
||||||
\item Improve convergence times of non-RSTP.
|
\item Improve convergence times of non-\gls{rstp}.
|
||||||
\item Enabled only with non-RSTP
|
\item Enabled only with non-\gls{rstp}
|
||||||
\item Integrated into Cisco's RSTP implementaion and enabled by default.
|
\item Integrated into Cisco's \gls{rstp} implementaion and enabled by default.
|
||||||
\item Disabled by default
|
\item Disabled by default
|
||||||
\item \cliline{cisco-switch(config)# spanning-tree backbonefast} enables the feature.
|
\item \cliline{cisco-switch(config)# spanning-tree backbonefast} enables the feature.
|
||||||
\item \textit{Scenario:} If switch needs searching new path root bridge. BackboneFast shortens process.
|
\item \textit{Scenario:} If switch needs searching new path root bridge. BackboneFast shortens process.
|
||||||
\begin{enumerate}
|
\begin{enumerate}
|
||||||
\item Switch will search for alternative path to root.
|
\item Switch will search for alternative path to root.
|
||||||
\item If BPDU recieved on blocked port. Port considered alternative path path to root.
|
\item If \gls{bpdu} recieved on blocked port. Port considered alternative path path to root.
|
||||||
\item If alternate path identified. RQL{\footnotesize \textbf{R}equest \textbf{L}ink \textbf{B}locking} packets are out for identify either A) an alternative path to the root bridge \textit{or} B) an up-/downstream switch with a path to the root bridge.
|
\item If alternate path identified. RQL{\footnotesize \textbf{R}equest \textbf{L}ink \textbf{B}locking} packets are out for identify either A) an alternative path to the root bridge \textit{or} B) an up-/downstream switch with a path to the root bridge.
|
||||||
\end{enumerate}
|
\end{enumerate}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
@ -222,49 +222,49 @@ Cisco did on their part early on enhance the original spanning tree standard wit
|
||||||
\subsection{Loop Prevention}
|
\subsection{Loop Prevention}
|
||||||
|
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item BPDU Guard
|
\item \gls{bpdu} Guard
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Disables the PortFast-enabled port if a BPDU is received. The port goes into mode \texttt{err-disable}.
|
\item Disables the PortFast-enabled port if a \gls{bpdu} is received. The port goes into mode \texttt{err-disable}.
|
||||||
\item Enable per port:\\\cliline{cisco-switch(config-if)# spanning-tree bpduguard enable}
|
\item Enable per port:\\\cliline{cisco-switch(config-if)# spanning-tree bpduguard enable}
|
||||||
\item Enable globally for portfast enabled ports:\\\cliline{cisco-switch(config)# spanning-tree portfast bpduguard default}
|
\item Enable globally for portfast enabled ports:\\\cliline{cisco-switch(config)# spanning-tree portfast bpduguard default}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item BPDU Filter
|
\item \gls{bpdu} Filter
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Suppresses BPDUs on ports
|
\item Suppresses \gls{bpdu}s on ports
|
||||||
\item Behaves differently depending if enabled
|
\item Behaves differently depending if enabled
|
||||||
\item A) globally \textit{or}
|
\item A) globally \textit{or}
|
||||||
\begin{enumerate}
|
\begin{enumerate}
|
||||||
\item Affects all active portfast enabled ports, which \underline{don't} have a BPDU port configuration.
|
\item Affects all active portfast enabled ports, which \underline{don't} have a \gls{bpdu} port configuration.
|
||||||
\item If BPDU recieved on port, portfast and BPDU filter is disabled.
|
\item If \gls{bpdu} recieved on port, portfast and \gls{bpdu} filter is disabled.
|
||||||
\item Sends \textbf{10} BPDUs on startup. If BPDU recieved in this timeframe \textit{same consequence as above} happens to the port.
|
\item Sends \textbf{10} \gls{bpdu}s on startup. If \gls{bpdu} recieved in this timeframe \textit{same consequence as above} happens to the port.
|
||||||
\item \cliline{cisco-switch(config-if)# spanning-tree bpdufilter enable}
|
\item \cliline{cisco-switch(config-if)# spanning-tree bpdufilter enable}
|
||||||
\end{enumerate}
|
\end{enumerate}
|
||||||
\item B) per-port:
|
\item B) per-port:
|
||||||
\begin{enumerate}
|
\begin{enumerate}
|
||||||
\item Port ignores all recieved BPDUs.
|
\item Port ignores all recieved \gls{bpdu}s.
|
||||||
\item Port sends no BPDUs.
|
\item Port sends no \gls{bpdu}s.
|
||||||
\item \cliline{cisco-switch(config-if)# spanning-tree bpdufilter enable}
|
\item \cliline{cisco-switch(config-if)# spanning-tree bpdufilter enable}
|
||||||
\end{enumerate}
|
\end{enumerate}
|
||||||
\item Beware to \underline{only} enable BPDU filter on ports connected to end hosts. Consequence if not followed \underline{can} result in creating bridging loops.
|
\item Beware to \underline{only} enable \gls{bpdu} filter on ports connected to end hosts. Consequence if not followed \underline{can} result in creating bridging loops.
|
||||||
\item Beware to \underline{only enable either} BPDU guard \textbf{\textit{or}} filter. \footnote{Cisco recommendation}
|
\item Beware to \underline{only enable either} \gls{bpdu} guard \textbf{\textit{or}} filter. \footnote{Cisco recommendation}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item Root Guard
|
\item Root Guard
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item \st{Prevents external switches from becoming roots}
|
\item \st{Prevents external switches from becoming roots}
|
||||||
\item If enabled, prevents any ports from becoming a root-port. Ports will remain as designated ports \textit{effectivily} preventing the switch becoming the root bridge.
|
\item If enabled, prevents any ports from becoming a root-port. Ports will remain as designated ports \textit{effectivily} preventing the switch becoming the root bridge.
|
||||||
\item This, too, behaves in s similiar manner as BPDU guard, putting the port in \texttt{err-disable} mode when a BPDU packet is recieved on the port.
|
\item This, too, behaves in s similiar manner as \gls{bpdu} guard, putting the port in \texttt{err-disable} mode when a \gls{bpdu} packet is recieved on the port.
|
||||||
\item Enabled per-port with\\\cliline{cisco-switch(config-if)# spanning-tree guard root}
|
\item Enabled per-port with\\\cliline{cisco-switch(config-if)# spanning-tree guard root}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item Loop Guard
|
\item Loop Guard
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Prevents an alternate port from becoming the designated port if no BPDUs are received
|
\item Prevents an alternate port from becoming the designated port if no \gls{bpdu}s are received
|
||||||
\begin{enumerate}
|
\begin{enumerate}
|
||||||
\item Normally when cisco swicthes stop recieving BPDUs ingress in a port. The port will go to listeting, learning, forwarding state equaling a loop.
|
\item Normally when cisco swicthes stop recieving \gls{bpdu}s ingress in a port. The port will go to listeting, learning, forwarding state equaling a loop.
|
||||||
\item With Loop guard enabled the will go to \texttt{loop-inconsistent} blocking state instead.
|
\item With Loop guard enabled the will go to \texttt{loop-inconsistent} blocking state instead.
|
||||||
\end{enumerate}
|
\end{enumerate}
|
||||||
\item Enabled per-port\\\cliline{cisco-switch(config-if)# spanning-tree guard loop}
|
\item Enabled per-port\\\cliline{cisco-switch(config-if)# spanning-tree guard loop}
|
||||||
\item Enabled globally\\\cliline{cisco-switch(config)# spanning-tree loopguard default} {\small only on p2p links}
|
\item Enabled globally\\\cliline{cisco-switch(config)# spanning-tree loopguard default} {\small only on p2p links}
|
||||||
\item Works on per-vlan basis when PVSTP is used.
|
\item Works on per-vlan basis when \gls{pvst} is used.
|
||||||
\item On ether-channel links with uni-directional link failures, loop guard will put put the whole ether-channel into loop-inconsistent state.
|
\item On ether-channel links with uni-directional link failures, loop guard will put put the whole ether-channel into loop-inconsistent state.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item \textbf{Beware} root and loop guard is mutually exclusive
|
\item \textbf{Beware} root and loop guard is mutually exclusive
|
||||||
|
@ -277,7 +277,7 @@ Cisco did on their part early on enhance the original spanning tree standard wit
|
||||||
\subsection{Link}
|
\subsection{Link}
|
||||||
|
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Unidirectional Link Detection (UDLD)
|
\item \gls{udld}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Cisco proprietary feature.
|
\item Cisco proprietary feature.
|
||||||
\item By default only enables on fiber optic links.
|
\item By default only enables on fiber optic links.
|
||||||
|
@ -290,19 +290,19 @@ Cisco did on their part early on enhance the original spanning tree standard wit
|
||||||
\item FlexLinks
|
\item FlexLinks
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Cisco proprietary feature.
|
\item Cisco proprietary feature.
|
||||||
\item An alternate solution to running STP in the environment.
|
\item An alternate solution to running \gls{stp} in the environment.
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item STP is auto-disabled on interfaces running FlexLinks.
|
\item \gls{stp} is auto-disabled on interfaces running FlexLinks.
|
||||||
\item Configured with 2 physical links with and active/backup configuration.
|
\item Configured with 2 physical links with and active/backup configuration.
|
||||||
\item Enables convergence time of less than 50 milliseconds.
|
\item Enables convergence time of less than 50 milliseconds.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item FlexLinks is good alternative to running STP in an environment with customers who you do \textit{not} want to run STP with. Fx. Service Provider/Enterprise/Datacenter environment.
|
\item FlexLinks is good alternative to running \gls{stp} in an environment with customers who you do \textit{not} want to run \gls{stp} with. Fx. Service Provider/Enterprise/Datacenter environment.
|
||||||
\item Preemtion for FlexLinks is \textit{not} enabled-by-default.
|
\item Preemtion for FlexLinks is \textit{not} enabled-by-default.
|
||||||
\begin{enumerate}
|
\begin{enumerate}
|
||||||
\item Detects link failure.
|
\item Detects link failure.
|
||||||
\item Moves any dynamic unicast MAC addresses learned on primary link to standby link.
|
\item Moves any dynamic unicast \gls{mac} addresses learned on primary link to standby link.
|
||||||
\item Moves standby link to forwarding state.
|
\item Moves standby link to forwarding state.
|
||||||
\item Transmits dummy multicast packets over new active interface. {\small Dummy multicast packet format is as follows: \textbf{destination:} 01:00:0c:cd:cd:cd, \textbf{source:} MAC address of the hosts or ports on the newly active FlexLinks port}
|
\item Transmits dummy multicast packets over new active interface. {\small Dummy multicast packet format is as follows: \textbf{destination:} 01:00:0c:cd:cd:cd, \textbf{source:} \gls{mac} address of the hosts or ports on the newly active FlexLinks port}
|
||||||
\end{enumerate}
|
\end{enumerate}
|
||||||
\item {\small \textbf{Note:}} Configuring FlexLinks outside of access layer switches can be very complex!
|
\item {\small \textbf{Note:}} Configuring FlexLinks outside of access layer switches can be very complex!
|
||||||
\item Enabled FlexLinks on an interface: \\
|
\item Enabled FlexLinks on an interface: \\
|
||||||
|
@ -327,8 +327,8 @@ Cisco did on their part early on enhance the original spanning tree standard wit
|
||||||
\hline
|
\hline
|
||||||
\thead{Functionality} & \thead{Loop guard} & \thead{UDLD} \\ \hline
|
\thead{Functionality} & \thead{Loop guard} & \thead{UDLD} \\ \hline
|
||||||
Action granularity & Per vlan & Per port \\ \hline
|
Action granularity & Per vlan & Per port \\ \hline
|
||||||
\makecell{Protection against STP\\failures caused by uni-directional\\ links} & \makecell{Yes, when enabled on all\\potential non-designated ports\\in redundant topology} & \makecell{Yes, when enabled on all\\links in redundant topology} \\ \hline
|
\makecell{Protection against \gls{stp}\\failures caused by uni-directional\\ links} & \makecell{Yes, when enabled on all\\potential non-designated ports\\in redundant topology} & \makecell{Yes, when enabled on all\\links in redundant topology} \\ \hline
|
||||||
\makecell{Protection against STP\\failures caused by problem in\\software resulting in designated\\switch not sending BPDUs} & Yes & No \\ \hline
|
\makecell{Protection against \gls{stp}\\failures caused by problem in\\software resulting in designated\\switch not sending \gls{bpdu}s} & Yes & No \\ \hline
|
||||||
Protection against mis-wiring & No & Yes \\ \hline
|
Protection against mis-wiring & No & Yes \\ \hline
|
||||||
\end{tabular}%
|
\end{tabular}%
|
||||||
}
|
}
|
||||||
|
@ -345,12 +345,12 @@ Cisco did on their part early on enhance the original spanning tree standard wit
|
||||||
\end{enumerate}
|
\end{enumerate}
|
||||||
\item \textbf{Beware} that instance 0 is the \textit{I}nternal \textit{S}panning \textit{T}ree. And therefore cannot be configured for user-mapped Vlans.
|
\item \textbf{Beware} that instance 0 is the \textit{I}nternal \textit{S}panning \textit{T}ree. And therefore cannot be configured for user-mapped Vlans.
|
||||||
\item Aggregates the configured vlans into groups/instances/processes. This in turn provides lower resource utilization on switches. \dWinkey
|
\item Aggregates the configured vlans into groups/instances/processes. This in turn provides lower resource utilization on switches. \dWinkey
|
||||||
\item Backwards compatible with 802.1D STP/802.1w/RSTP and Cisco PVST+.
|
\item Backwards compatible with 802.1D \gls{stp}/802.1w/\gls{rstp} and Cisco \gls{pvst+}.
|
||||||
\item Converges faster than PVRST+.
|
\item Converges faster than \gls{pvrst+}.
|
||||||
\item \itemtitle{Challenges}{Arises because of older hardware and the architecture of the protocol}
|
\item \itemtitle{Challenges}{Arises because of older hardware and the architecture of the protocol}
|
||||||
\begin{enumerate}
|
\begin{enumerate}
|
||||||
\item Operability with older/legacy hardware/equipment is not always possible.
|
\item Operability with older/legacy hardware/equipment is not always possible.
|
||||||
\item \textit{Of course} it is more complex compared to standard STP (older) protocols. {\footnotesize Staff may require teachings of the way of the protocol.}
|
\item \textit{Of course} it is more complex compared to standard \gls{stp} (older) protocols. {\footnotesize Staff may require teachings of the way of the protocol.}
|
||||||
\end{enumerate}
|
\end{enumerate}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
|
@ -371,16 +371,16 @@ Cisco did on their part early on enhance the original spanning tree standard wit
|
||||||
|
|
||||||
\subsection{MST Regions}
|
\subsection{MST Regions}
|
||||||
|
|
||||||
It is the network admins job to propagate an even configuration to all switches in a single region by using CLI or SNMP. Currently IOS does not support any other options to do the job.
|
It is the network admins job to propagate an even configuration to all switches in a single region by using \gls{cli} or \gls{snmp}. Currently IOS does not support any other options to do the job.
|
||||||
|
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item \itemtitle{Boundaries}{MST differs between regions by}
|
\item \itemtitle{Boundaries}{MST differs between regions by}
|
||||||
\begin{enumerate}
|
\begin{enumerate}
|
||||||
\item sending a digest computer from the Vlan-to-instance mapping table of the switch sending the digest.
|
\item sending a digest computer from the Vlan-to-instance mapping table of the switch sending the digest.
|
||||||
\item the characteristics of the MST protocol for that single switch.
|
\item the characteristics of the \gls{mst} protocol for that single switch.
|
||||||
\end{enumerate}
|
\end{enumerate}
|
||||||
\item if computed digest and MST characteristics between switches is \textit{found matching}, the switches considers themselves part of the same MST region.
|
\item if computed digest and \gls{mst} characteristics between switches is \textit{found matching}, the switches considers themselves part of the same \gls{mst} region.
|
||||||
\item \textbf{Beware} that unlike VTP, MST does not automatically increase the configuration revision number. This \textit{has to be done} manually.
|
\item \textbf{Beware} that unlike \gls{vtp}, \gls{mst} does not automatically increase the configuration revision number. This \textit{has to be done} manually.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
\fig{spanningtree/mstregions}{mstregions}{MST Regions all Vlans running mappen to the default instance 0.}
|
\fig{spanningtree/mstregions}{mstregions}{MST Regions all Vlans running mappen to the default instance 0.}
|
||||||
|
@ -399,7 +399,7 @@ It is the network admins job to propagate an even configuration to all switches
|
||||||
|
|
||||||
/\
|
/\
|
||||||
||
|
||
|
||||||
MST inst. no. carried in
|
\gls{mst} inst. no. carried in
|
||||||
Ext. Syst. ID Area
|
Ext. Syst. ID Area
|
||||||
\end{txt}
|
\end{txt}
|
||||||
|
|
|
@ -4,21 +4,21 @@
|
||||||
\fig{vtp/implementing-vtp}{imp-vtp1}{VTP}
|
\fig{vtp/implementing-vtp}{imp-vtp1}{VTP}
|
||||||
|
|
||||||
\subsubsection{VTP Modes}
|
\subsubsection{VTP Modes}
|
||||||
The tree modes a VTP \textit{enabled} device can operate are
|
The tree modes a \gls{vtp} \textit{enabled} device can operate are
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Transparent
|
\item Transparent
|
||||||
\item Server
|
\item Server
|
||||||
\item Client
|
\item Client
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
Of course you can \textit{disable} VTP altogether.
|
Of course you can \textit{disable} \gls{vtp} altogether.
|
||||||
|
|
||||||
Key things to be aware of \textit{before} enabling VTP in your environment is to make double sure of only having 1 VTP domain. \textbf{If} 2 or more VTP domains exists. Be triple sure to separate them! As to avoid having an VTP server DB overridden with data from another VTP domain.
|
Key things to be aware of \textit{before} enabling \gls{vtp} in your environment is to make double sure of only having 1 \gls{vtp} domain. \textbf{If} 2 or more \gls{vtp} domains exists. Be triple sure to separate them! As to avoid having an \gls{vtp} server \gls{db} overridden with data from another \gls{vtp} domain.
|
||||||
|
|
||||||
The three VTP modes \textit{operates} as follow
|
The three \gls{vtp} modes \textit{operates} as follow
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Transparent
|
\item Transparent
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Creates, modifies and deletes \textit{local} vlans only
|
\item Creates, modifies and deletes \textit{local} \gls{vlan} only
|
||||||
\item Forwards advertisements
|
\item Forwards advertisements
|
||||||
\item Does \textit{not} synchronizes vlan configurations.
|
\item Does \textit{not} synchronizes vlan configurations.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
@ -28,6 +28,7 @@ The three VTP modes \textit{operates} as follow
|
||||||
\item Sends and forwards advertisements
|
\item Sends and forwards advertisements
|
||||||
\item Synchronizes vlan configurations
|
\item Synchronizes vlan configurations
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
\item Client
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Cannot create, modify or delete vlans
|
\item Cannot create, modify or delete vlans
|
||||||
\item Send and forwards advertisements
|
\item Send and forwards advertisements
|
||||||
|
@ -36,21 +37,21 @@ The three VTP modes \textit{operates} as follow
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
\subsubsection{VTP Announcement}
|
\subsubsection{VTP Announcement}
|
||||||
VTP operates with announcements sent out in intervals. Summarized it amounts to
|
\gls{vtp} operates with announcements sent out in intervals. Summarized it amounts to
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item 1 \textit{summary} announcement per 5th minute from the server
|
\item 1 \textit{summary} announcement per 5th minute from the server
|
||||||
\item The summary announcement informs clients of the current revision
|
\item The summary announcement informs clients of the current revision
|
||||||
\item An announcement is sent out \textit{on the spot} when a change has been made on the VTP server
|
\item An announcement is sent out \textit{on the spot} when a change has been made on the\gls{vtp}server
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
Do remember it is \textbf{only} the VTP server which has the vlan configuration stored \textbf{on disk}. All device clients and transparent nodes do only store the vlans delegated by VTP in memory.
|
Do remember it is \textbf{only} the \gls{vtp} server which has the \gls{vlan} configuration stored \textbf{on disk}. All device clients and transparent nodes do only store the \gls{vlan} delegated by \gls{vtp} in memory.
|
||||||
|
|
||||||
\subsubsection{Common Issues}
|
\subsubsection{Common Issues}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Different/Incompatible VTP versions
|
\item Different/Incompatible \gls{vtp} versions
|
||||||
\item Wrong password
|
\item Wrong password
|
||||||
\item Incorrect mode name
|
\item Incorrect mode name
|
||||||
\item No server set (all devices configured in transparent/client/vtp disabled mode)
|
\item No server set (all devices configured in transparent/client/\gls{vtp} disabled mode)
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
\subsubsection{VTP Versions}
|
\subsubsection{VTP Versions}
|
||||||
|
@ -65,31 +66,32 @@ Do remember it is \textbf{only} the VTP server which has the vlan configuration
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item Version 3 (not "yet" common)
|
\item Version 3 (not "yet" common)
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Extended VLAN support: Allow ranges are 1-1005,1018-2095. Not mentioned vlans ranges up to 4095 is still reserved.
|
\item Extended \gls{vlan} support: Allow ranges are 1-1005,1018-2095. Not mentioned \gls{vlan} ranges up to 4095 is still reserved.
|
||||||
\item Domain name is not automatically learned.
|
\item Domain name is not automatically learned.
|
||||||
\item Better security.
|
\item Better security.
|
||||||
\item Better database propagation.
|
\item Better database propagation.
|
||||||
\item MST now supported.
|
\item \gls{mst} now supported.
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
\subsubsection{VTP Pruning}
|
\subsubsection{VTP Pruning}
|
||||||
The art of only allowing the vlan traffic to flow on \textit{necessary} links.
|
The art of only allowing the \gls{vlan} traffic to flow on \textit{necessary} links.
|
||||||
|
|
||||||
|
This means if there are no clients in a \gls{vlan} on a device. Then no traffic for the inactive \gls{vlan}s are send down-/upstream on the link in question.
|
||||||
|
|
||||||
This means if there are no clients in a vlan on a device. Then no traffic for the inactive vlans is send down-/upstream on the link in question.
|
|
||||||
\fig{vtp/vtp-pruning}{vtpruning1}{VTP Pruning}
|
\fig{vtp/vtp-pruning}{vtpruning1}{VTP Pruning}
|
||||||
|
|
||||||
\subsubsection{Security}
|
\subsubsection{Security}
|
||||||
It is \textbf{strongly} recommended to enable the security features supported in VTP.
|
It is \textbf{strongly} recommended to enable the security features supported in \gls{vtp}.
|
||||||
|
|
||||||
\textbf{Password:} MD5 hashing, Case-sensitive, Length between 8 and 64 chars.
|
\textbf{Password:} MD5 hashing, Case-sensitive, Length between 8 and 64 chars.
|
||||||
|
|
||||||
\notice{VTP Scaling}{
|
\notice{VTP Scaling}{
|
||||||
As the network grows and grows and grows and grows some more over long/short timespans.
|
As the network grows and grows and grows and grows some more over long/short timespans.
|
||||||
You will \textbf{for certain} come to cross-rode, where you \textbf{must} consider to
|
You will \textbf{for certain} come to cross-rode, where you \textbf{must} consider to
|
||||||
go away from using VTP in the network. The problems of managing an elderly network and
|
go away from using \gls{vtp} in the network. The problems of managing an elderly network and
|
||||||
wiping and re-introducing nodes in the network. You \textbf{will} face the issue of a
|
wiping and re-introducing nodes in the network. You \textbf{will} face the issue of a
|
||||||
wiped vlan database from the VTP domain.
|
wiped vlan database from the \gls{vtp} domain.
|
||||||
}
|
}
|
||||||
|
|
||||||
\subsubsection{Example configuration}
|
\subsubsection{Example configuration}
|
||||||
|
@ -100,8 +102,8 @@ Channel bundling is the "art" of using multiple physical links as one single log
|
||||||
|
|
||||||
Technologies:
|
Technologies:
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item \textbf{PAgP:} The Cisco-only thingy
|
\item \textbf{\gls{pagp}:} The Cisco-only thingy
|
||||||
\item \textbf{LACP:} The IEEE standard
|
\item \textbf{\gls{lacp}:} The \gls{ieee} standard
|
||||||
\item \textbf{Static:} Just forced on
|
\item \textbf{Static:} Just forced on
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
|
@ -112,8 +114,8 @@ Channel bundling of switch ports in the network may or may not be the best idea,
|
||||||
|
|
||||||
Channel bundling spreads out the in and egress flows based upon one of several methods configured on the switch:
|
Channel bundling spreads out the in and egress flows based upon one of several methods configured on the switch:
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Source to Destination MAC
|
\item Source to Destination \gls{mac}
|
||||||
\item Source to Destination IP
|
\item Source to Destination \gls{ip}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
Keep in mind this will by no means archive true load balancing. Where all links are equally used based upon number of flows \textit{or} in terms of used bandwidth.
|
Keep in mind this will by no means archive true load balancing. Where all links are equally used based upon number of flows \textit{or} in terms of used bandwidth.
|
||||||
|
|
||||||
|
@ -125,12 +127,12 @@ Keep in mind this will by no means archive true load balancing. Where all links
|
||||||
\begin{tabular}{|l|l|l|}
|
\begin{tabular}{|l|l|l|}
|
||||||
\hline
|
\hline
|
||||||
Hash Input Code & Hash Input Detecision & Switch Model \\ \hline
|
Hash Input Code & Hash Input Detecision & Switch Model \\ \hline
|
||||||
dst-ip & Dest IP addr & All models \\ \hline
|
dst-ip & Dest \gls{ip} addr & All models \\ \hline
|
||||||
dst-mac & Dest MAC addr & All models \\ \hline
|
dst-mac & Dest \gls{mac} addr & All models \\ \hline
|
||||||
src-dst-ip & Src and dest IP addr & All models \\ \hline
|
src-dst-ip & Src and dest \gls{ip} addr & All models \\ \hline
|
||||||
src-dst-mac & Src and dest MAC addr & All models \\ \hline
|
src-dst-mac & Src and dest \gls{mac} addr & All models \\ \hline
|
||||||
src-ip & Src IP addr & All models \\ \hline
|
src-ip & Src \gls{ip} addr & All models \\ \hline
|
||||||
src-mac & Src MAC addr & All models \\ \hline
|
src-mac & Src \gls{mac} addr & All models \\ \hline
|
||||||
src-port & Src port no & 4500,6500 \\ \hline
|
src-port & Src port no & 4500,6500 \\ \hline
|
||||||
dst-port & Dest port no & 4500,6500 \\ \hline
|
dst-port & Dest port no & 4500,6500 \\ \hline
|
||||||
src-dst-port & Src and dest port no & 4500,6500 \\ \hline
|
src-dst-port & Src and dest port no & 4500,6500 \\ \hline
|
||||||
|
@ -144,15 +146,15 @@ Keep in mind this will by no means archive true load balancing. Where all links
|
||||||
\subsubsection{Protocol Properties}
|
\subsubsection{Protocol Properties}
|
||||||
|
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item LACP
|
\item \gls{lacp}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Active: Enabled
|
\item Active: Enabled
|
||||||
\item Passive: Waits for LACP packets on the wire before enabled
|
\item Passive: Waits for \gls{lacp} packets on the wire before enabled
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\item PAgP
|
\item \gls{pagp}
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item Desirable: Enabled
|
\item Desirable: Enabled
|
||||||
\item Auto: Waits for PAgP packets on the wire before enabled
|
\item Auto: Waits for \gls{pagp} packets on the wire before enabled
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
|
@ -160,7 +162,7 @@ Some other \underline{required} settings to be (equal across all ports) aware of
|
||||||
\begin{enumerate}
|
\begin{enumerate}
|
||||||
\item Port speeds
|
\item Port speeds
|
||||||
\item Duplex mode
|
\item Duplex mode
|
||||||
\item Configured vlan ranges
|
\item Configured \gls{vlan} ranges
|
||||||
\end{enumerate}
|
\end{enumerate}
|
||||||
|
|
||||||
\subsubsection{Example configuration}
|
\subsubsection{Example configuration}
|
3
chapter/layer3.tex
Normal file
3
chapter/layer3.tex
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
\chapter{Layer 3}
|
||||||
|
|
||||||
|
\input{chapter/layer3/routednetwork}
|
14
chapter/mgmt.tex
Normal file
14
chapter/mgmt.tex
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
\chapter{Management}
|
||||||
|
|
||||||
|
\section{Network Mgmt}
|
||||||
|
|
||||||
|
\subsection{Routers}
|
||||||
|
|
||||||
|
\subsection{Switches}
|
||||||
|
|
||||||
|
\subsection{Firewall}
|
||||||
|
|
||||||
|
\section{OOB Mgmt}
|
||||||
|
|
||||||
|
\subsection{Console Server}
|
||||||
|
|
132
chapter/networkmgmt.tex
Normal file
132
chapter/networkmgmt.tex
Normal file
|
@ -0,0 +1,132 @@
|
||||||
|
\chapter{Net Mgmt}
|
||||||
|
|
||||||
|
\section{Triple A\tsq{s}}
|
||||||
|
|
||||||
|
\myquote{}{Remember to log the details, too.}
|
||||||
|
|
||||||
|
\xkcd{latitude}{Remember logging when necessary}
|
||||||
|
|
||||||
|
\newpage
|
||||||
|
|
||||||
|
\begin{itemize}
|
||||||
|
\item \textbf{Authentication:}
|
||||||
|
\begin{enumerate}
|
||||||
|
\item Identify the user,
|
||||||
|
\item Validate the user,
|
||||||
|
\item Allow/Disallow user based upon credentials.
|
||||||
|
\end{enumerate}
|
||||||
|
\item \textbf{Authorization:}
|
||||||
|
\begin{enumerate}
|
||||||
|
\item Have defined levels of allowed operations/tasks divided into groups,
|
||||||
|
\item Validate user-to-groups relations,
|
||||||
|
\item Allow/Disallow user actions.
|
||||||
|
\item On network gear the Allow/Disallowed actions can be stored on either the central \gls{aaa} server or locally\footnote{May not apply to all network gear} in the network node.
|
||||||
|
\end{enumerate}
|
||||||
|
\item \textbf{Accounting:}
|
||||||
|
\begin{enumerate}
|
||||||
|
\item Network nodes collect user and session information from start to end when connecting to a node,
|
||||||
|
\item All information is transferred back to \gls{aaa} server,
|
||||||
|
\item Transferred info can be leveraged for several purposes. Typically logged info is:
|
||||||
|
\begin{itemize}
|
||||||
|
\item session duration,
|
||||||
|
\item user commands,
|
||||||
|
\item disallowed commands
|
||||||
|
\end{itemize}
|
||||||
|
\end{enumerate}
|
||||||
|
\end{itemize}
|
||||||
|
|
||||||
|
\bigskip
|
||||||
|
|
||||||
|
\textbf{Obvious} benefits by using the \gls{aaa} is scalability, increased flexibility and granularity of assigned rights, standardization, having failover by using multiple triple a\tsq{s} server\footnote{Cisco devices uses the descending order in which \gls{aaa} servers are configured on the node}.
|
||||||
|
|
||||||
|
\newpage
|
||||||
|
|
||||||
|
\begin{table}[!ht]
|
||||||
|
\centering
|
||||||
|
\caption{Tacacs+ vs. Radius}
|
||||||
|
\label{radiusversustacacsplus}
|
||||||
|
\resizebox{\columnwidth}{!}{%
|
||||||
|
\begin{tabular}{|l|l|l|l|l|}
|
||||||
|
\hline
|
||||||
|
\multicolumn{1}{|c|}{\textbf{Feature}} & \multicolumn{1}{c|}{\textbf{RADIUS}} & \multicolumn{1}{c|}{\textbf{TACACS+}} \\ \hline
|
||||||
|
Developer & \begin{tabular}[c]{@{}l@{}}Livington Enterprise\\ (now industry standard)\end{tabular} & \begin{tabular}[c]{@{}l@{}}Cisco\\ (proprietary)\end{tabular} \\ \hline
|
||||||
|
Transport protocol & UDP ports 1812-1813 & TCP port 49 \\ \hline
|
||||||
|
\gls{aaa} support & \begin{tabular}[c]{@{}l@{}}Combines authentication\\ and authorization and \\ separate accounting\end{tabular} & \begin{tabular}[c]{@{}l@{}}Uses the \gls{aaa}\\ model and sep-\\ arates all three\\ services\end{tabular} \\ \hline
|
||||||
|
Challange response & \begin{tabular}[c]{@{}l@{}}One-way, unidirectional\\ (single challenge response)\end{tabular} & \begin{tabular}[c]{@{}l@{}}Two-way, bidirec-\\ tional (multiple\\ challenge responses)\end{tabular} \\ \hline
|
||||||
|
Security & \begin{tabular}[c]{@{}l@{}}Encrypts only the password\\ in the packet\end{tabular} & \begin{tabular}[c]{@{}l@{}}Encrypt the entire\\ packet body\end{tabular} \\ \hline
|
||||||
|
\end{tabular}%
|
||||||
|
}
|
||||||
|
\end{table}
|
||||||
|
|
||||||
|
\newpage
|
||||||
|
|
||||||
|
\section{RADIUS}
|
||||||
|
|
||||||
|
\fig{radius/radiuscommunication}{radiuscommunication}{Radius handshake and communication}
|
||||||
|
|
||||||
|
\begin{txt}
|
||||||
|
radius server DK-RADIUS-SERVER
|
||||||
|
address ipv4 radiusserver.example.com auth-port 1812 acct-port 1813
|
||||||
|
key unkn0wn!unic@st.|.
|
||||||
|
!
|
||||||
|
aaa new-model
|
||||||
|
aaa group server RADIUS
|
||||||
|
server name DK-RADIUS-SERVER
|
||||||
|
!
|
||||||
|
aaa authentication login radius_list group RADIUS local
|
||||||
|
!
|
||||||
|
line vty 0-4
|
||||||
|
login authentication radius_list
|
||||||
|
line vty 5-15
|
||||||
|
login authentication radius_list
|
||||||
|
\end{txt}
|
||||||
|
|
||||||
|
\newpage
|
||||||
|
|
||||||
|
\section{TACACS+}
|
||||||
|
|
||||||
|
\fig{tacacsplus/tacacspluscommunication}{tacacspluscommunication}{Tacacs plus handshake and communication}
|
||||||
|
|
||||||
|
\begin{txt}
|
||||||
|
aaa group server tacacs+ TACACS
|
||||||
|
server-private 1.1.1.1 unkn0wn!unicAst
|
||||||
|
ip tacacs source-interface Loopback0
|
||||||
|
!
|
||||||
|
aaa authentication attempts login 1
|
||||||
|
aaa authentication login default group TACACS local-case
|
||||||
|
aaa authentication login console local-case
|
||||||
|
aaa authentication enable default group TACACS enable
|
||||||
|
aaa authorization exec default group TACACS local
|
||||||
|
aaa authorization commands 0 default group TACACS local
|
||||||
|
aaa authorization commands 15 default group TACACS local
|
||||||
|
aaa accounting exec default
|
||||||
|
action-type start-stop
|
||||||
|
group tacacs+
|
||||||
|
!
|
||||||
|
aaa accounting commands 1 default
|
||||||
|
action-type start-stop
|
||||||
|
group tacacs+
|
||||||
|
!
|
||||||
|
aaa accounting commands 2 default
|
||||||
|
action-type start-stop
|
||||||
|
group tacacs+
|
||||||
|
!
|
||||||
|
aaa accounting commands 15 default
|
||||||
|
action-type start-stop
|
||||||
|
group tacacs+
|
||||||
|
!
|
||||||
|
aaa session-id common
|
||||||
|
!
|
||||||
|
tacacs-server host 10.21.0.45
|
||||||
|
tacacs-server unkn0wn!unicAst
|
||||||
|
\end{txt}
|
||||||
|
|
||||||
|
\section{802.1X}
|
||||||
|
|
||||||
|
802.1X deviates from standard \gls{aaa} used in network management by also providing support for:
|
||||||
|
\begin{itemize}
|
||||||
|
\item user mobility and
|
||||||
|
\item user access control by way of governing policies.
|
||||||
|
\end{itemize}
|
||||||
|
|
||||||
|
\fig{8021x/8021x}{8021x}{ID Management}
|
6
chapter/ntp.tex
Normal file
6
chapter/ntp.tex
Normal file
|
@ -0,0 +1,6 @@
|
||||||
|
\chapter{Network Time Protocol}
|
||||||
|
|
||||||
|
\section{The old NTP from \tsq{85}}
|
||||||
|
|
||||||
|
\section{Secure NTP}
|
||||||
|
|
35
code/ipaddressblocks.txt
Normal file
35
code/ipaddressblocks.txt
Normal file
|
@ -0,0 +1,35 @@
|
||||||
|
Address Block Present Use Reference
|
||||||
|
--------------------------------------------------------------------
|
||||||
|
0.0.0.0/8 "This" Network RFC 1122, Section 3.2.1.3
|
||||||
|
10.0.0.0/8 Private-Use Networks RFC 1918
|
||||||
|
14.0.0.0/8 Public-Data Networks RFC 1700, page 181
|
||||||
|
100.64.0.0/10 Shared Address Space RFC 6598
|
||||||
|
127.0.0.0/8 Loopback RFC 1122, Section 3.2.1.3
|
||||||
|
169.254.0.0/16 Link Local RFC 3927
|
||||||
|
172.16.0.0/12 Private-Use Networks RFC 1918
|
||||||
|
192.0.0.0/24 IETF Protocol Assignments RFC 6890, Section 2.1
|
||||||
|
192.0.0.0/29 [1] DS-Lite RFC 6333
|
||||||
|
192.0.2.0/24 TEST-NET-1 RFC 5737
|
||||||
|
192.88.99.0/24 6to4 Relay Anycast RFC 3068
|
||||||
|
192.168.0.0/16 Private-Use Networks RFC 1918
|
||||||
|
198.18.0.0/15 Network Interconnect
|
||||||
|
Device Benchmark Testing RFC 2544
|
||||||
|
198.51.100.0/24 TEST-NET-2 RFC 5737
|
||||||
|
203.0.113.0/24 TEST-NET-3 RFC 5737
|
||||||
|
224.0.0.0/4 Multicast RFC 3171
|
||||||
|
240.0.0.0/4 Reserved for Future Use RFC 1112, Section 4
|
||||||
|
255.255.255.255/32 Limited Broadcast RFC 0919, Section 7
|
||||||
|
RFC 0922, Section 7
|
||||||
|
::1/128 Loopback Address RFC 4291
|
||||||
|
::/128 Unspecified Address RFC 4291
|
||||||
|
64:ff9b::/96 IPv4-IPv6 Translat. RFC 6052
|
||||||
|
::ffff:0:0/96 IPv4-mapped Address RFC 4291
|
||||||
|
100::/64 Discard-Only Address Block RFC 6666
|
||||||
|
2001::/23 IETF Protocol Assignments RFC 2928
|
||||||
|
2001::/32 TEREDO RFC 4380
|
||||||
|
2001:2::/48 Benchmarking RFC 5180
|
||||||
|
2001:db8::/32 Documentation RFC 3849
|
||||||
|
2001:10::/28 ORCHID RFC 4843
|
||||||
|
2002::/16 [2] 6to4 RFC 3056
|
||||||
|
fc00::/7 Unique-Local RFC 4193
|
||||||
|
fe80::/10 Linked-Scoped Unicast RFC 4291
|
21
code/prefixlists.cisco.txt
Normal file
21
code/prefixlists.cisco.txt
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
ip prefix-list permit-lans permit 10.0.0.0/8 ge 24 ! Allow prefixes >=/24
|
||||||
|
ip prefix-list permit-lans permit 172.16.0.0/12 ge 24 ! Allow prefixes >=/24
|
||||||
|
ip prefix-list permit-lans permit 192.168.0.0/16 ge 24 ! Allow prefixes >=/24
|
||||||
|
ip prefix-list permit-lans deny 0.0.0.0/0 le 32 ! Deny everthing else
|
||||||
|
|
||||||
|
ip prefix-list deny-bogons deny 0.0.0.0/8 le 32 ! Block default route
|
||||||
|
ip prefix-list deny-bogons deny 10.0.0.0/8 le 32
|
||||||
|
ip prefix-list deny-bogons deny 100.64.0.0/10 le 32
|
||||||
|
ip prefix-list deny-bogons deny 127.0.0.0/8 le 32
|
||||||
|
ip prefix-list deny-bogons deny 169.254.0.0/16 le 32
|
||||||
|
ip prefix-list deny-bogons deny 172.16.0.0/12 le 32
|
||||||
|
ip prefix-list deny-bogons deny 192.0.0.0/24 le 32
|
||||||
|
ip prefix-list deny-bogons deny 192.0.2.0/24 le 32
|
||||||
|
ip prefix-list deny-bogons deny 192.168.0.0/16 le 32
|
||||||
|
ip prefix-list deny-bogons deny 198.18.0.0/15 le 32
|
||||||
|
ip prefix-list deny-bogons deny 198.51.100.0/24 le 32
|
||||||
|
ip prefix-list deny-bogons deny 203.0.113.0/24 le 32
|
||||||
|
ip prefix-list deny-bogons deny 224.0.0.0/4 le 32
|
||||||
|
ip prefix-list deny-bogons deny 240.0.0.0/4 le 32
|
||||||
|
ip prefix-list deny-bogons deny 0.0.0.0/0 ge 25 ! Block prefixes >/24
|
||||||
|
ip prefix-list deny-bogons permit 0.0.0.0/0 le 24 ! Permit prefixes <=/24
|
BIN
img/8021X/8021x.png
Normal file
BIN
img/8021X/8021x.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 101 KiB |
BIN
img/radius/radiuscommunication.png
Normal file
BIN
img/radius/radiuscommunication.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 166 KiB |
BIN
img/tacacsplus/tacacspluscommunication.png
Normal file
BIN
img/tacacsplus/tacacspluscommunication.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 105 KiB |
BIN
img/xkcd/password_strength.png
Normal file
BIN
img/xkcd/password_strength.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 91 KiB |
30
main.tex
30
main.tex
|
@ -3,6 +3,8 @@
|
||||||
|
|
||||||
\include{structure} % Load structure cfg for document
|
\include{structure} % Load structure cfg for document
|
||||||
|
|
||||||
|
\include{acronyms} % Load acronym list
|
||||||
|
|
||||||
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||||
% %
|
% %
|
||||||
% BEGIN DOCUMENT %
|
% BEGIN DOCUMENT %
|
||||||
|
@ -27,11 +29,23 @@
|
||||||
|
|
||||||
\include{chapter/baseconf}
|
\include{chapter/baseconf}
|
||||||
|
|
||||||
\chapter{Layer 2}
|
\include{chapter/layer2}
|
||||||
|
|
||||||
\input{chapter/section/switchednetwork}
|
\include{chapter/l2tol3}
|
||||||
|
|
||||||
\newpage
|
\include{chapter/layer3}
|
||||||
|
|
||||||
|
\include{chapter/dhcp}
|
||||||
|
|
||||||
|
\include{chapter/fhrp}
|
||||||
|
|
||||||
|
\include{chapter/networkmgmt}
|
||||||
|
|
||||||
|
\include{chapter/ntp}
|
||||||
|
|
||||||
|
\include{chapter/mgmt}
|
||||||
|
|
||||||
|
\include{chapter/internet}
|
||||||
|
|
||||||
\input{chapter/section/spanningtree}
|
\input{chapter/section/spanningtree}
|
||||||
|
|
||||||
|
@ -89,6 +103,16 @@
|
||||||
|
|
||||||
\section{eVPN}
|
\section{eVPN}
|
||||||
|
|
||||||
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||||
|
% %
|
||||||
|
% BEGIN list of acronyms %
|
||||||
|
% %
|
||||||
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||||
|
|
||||||
|
\clearpage
|
||||||
|
|
||||||
|
\printglossary[type=\acronymtype,title=Special Terms,toctitle=List of terms]
|
||||||
|
|
||||||
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|
||||||
% %
|
% %
|
||||||
% BEGIN list of figures %
|
% BEGIN list of figures %
|
||||||
|
|
|
@ -39,6 +39,7 @@
|
||||||
\usepackage{expdlist}
|
\usepackage{expdlist}
|
||||||
\usepackage{epigraph} % used to style quotes
|
\usepackage{epigraph} % used to style quotes
|
||||||
\usepackage{titling} % makes available \thetitle \theauthor \thedate
|
\usepackage{titling} % makes available \thetitle \theauthor \thedate
|
||||||
|
\usepackage[toc,acronym,footnote,nomain]{glossaries} % Load the package with the acronym option
|
||||||
|
|
||||||
|
|
||||||
\bibliographystyle{unsrtnat} %styles list https://www.sharelatex.com/learn/Natbib_bibliography_styles
|
\bibliographystyle{unsrtnat} %styles list https://www.sharelatex.com/learn/Natbib_bibliography_styles
|
||||||
|
@ -213,3 +214,9 @@
|
||||||
\def\tsq#1{\textquotesingle{#1}}
|
\def\tsq#1{\textquotesingle{#1}}
|
||||||
\def\bsq#1{%both single quotes
|
\def\bsq#1{%both single quotes
|
||||||
\lq{#1}\rq}
|
\lq{#1}\rq}
|
||||||
|
|
||||||
|
|
||||||
|
\makeglossaries % Generate the glossary
|
||||||
|
|
||||||
|
|
||||||
|
\renewcommand*{\acronymname}{Abbreviations}
|
||||||
|
|
Loading…
Reference in a new issue