WTT 10M link down. Checked due to FW sw f0/6 err-disabled and the interface is configured with bpdu guard. This triggers me the interests on what is the the actual difference between bpdu guard and bpdu filter on a switch interface.
bpdu guard
the port cannot receive any bpdu, if received, the port will be err-disable.
bpdu filter
the filter means more like from switch inside point of view, the bpdu is "filtered" (by the switch itself) from sending out of the switch port so it doesn't expect to receive any also. But it allow to receive, though not expect.
Reference
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_55_se/configuration/guide/3560_scg/swstpopt.html#wp1033638
===================================================================
https://supportforums.cisco.com/document/45136/importance-bpdu-guard-and-bpdu-filter
Blog from Ganesh Hariharan in supportforums.cisco.com
Introduction
In Networking World we know that to avoid any loops or any problem related to switching arcihtecure the stability of the Root Bridge is of paramount importance in the operation and continual uninterrupted service of spanning-tree. A change in the position of the Root Bridge will cause service disruption on the network with data and voice session timing out.
It is important to consider what events could cause a change in the position of the Root Bridge, events such as links failing between the existing Root Bridge and the rest of the network would cause a change, or possibly a duplex mismatch between the Root Bridge and downstream switches causing the spanning-tree messages from the Root Bridge from reaching the other parts of the network. These events are easily fixed and resolved none of which would require the use of the BPDU Guard feature.
Always a better practice to enforce the Spanning-tree domain borders and keep our active topology and the position of our Root Bridge predictable.
Best Practices to enable BPDU Guard only on access ports (access ports lead to end user devices) so that any end user devices on these ports that have BPDU Guard enabled are not able to influence the Spanning-tree topology.
Configuring BPDU Guard
Following are the modes in which we can configure BPDU Guard in switches
Interface mode
spanning-tree bpduguard enable (Puts port in errdisable upon receiving any bpdu).
Global mode
spanning-tree portfast bpduguard default (It enables bpduguard on ports that have port-fast configuration, puts port in errdisable upon receiving a bpdu).
Once BPDU Guard is enabled it will keep an eye open for any BPDU's entering the access ports. The only devices which can reliably create and transmit BPDU's are switches.Our main aim to have a predictable topology and not allow other switches outside our control onto our network. If a rogue switch is introduced into our topology it will in most cases transmit a BPDU, if the rogue switch has "better" values than the existing Root Bridge it will cause a topology change in the switched network. Any topology change is bad news for the users.
By configuring the "BPDU Guard" feature on the access-ports enables the spanning-tree protocol to shut the port down in the event that is receives a BPDU. As a rule of thumb, BPDU's are really only expected across trunk links.If a rogue switch is plugged into a port configured for BPDU Guard, the port will disable as soon as the first BPDU is received, by shutting the port down we prevent the rogue switch from affecting our spanning-tree topology.
To re-enable a port disabled by BDPU Guard you will need to remove the offending device and then bounce the port by issuing the shut/no shut command
BPDUfilter on the other hand just filters BPDUs in both directions, which effectively disables STP on the port.Bpdu filter will prevent inbound and outbound bpdu but will remove portfast state on a port if a bpdu is received.Enabling BPDU filtering on an interface is the same as disabling spanning tree on it and can result in spanning-tree loops.
Configuring BPDU Filter
Following are the method to configure BPDU Filter in switches
Interface mode
spanning-tree bpdufilter enable (Results port to not participate in STP, loops may occur).
Global mode
spanning-tree portfast bpdufilter default (It enables bpdufiltering on ports that have port-fast configuration, so it sends a few bpdu while enabling port then it filters bdpu unless receives a bpdu, after that it changes from port-fast mode and disables filtering for port to operate like a normal port because it has received bpdu).
You always should allow STP to run on a switch to prevent loops. However, in special cases when you need to prevent BPDUs from being sent or processed on one or more switch ports, you can use BPDU filtering to effectively disable STP on those ports.you would use bpdufilter when you want a switch plugged into your network but you don't want it participating in spanning tree.
An example: In an office environment where someone needs another network drop under their desk but you don't have time/budget to run a new line for now. you are been given a small switch but don't want it to break spanning tree.The switch you have lying around for this task is a simple unmanaged switch and will only have one uplink into your network. so you put bpdufilter on your switch port.
Ganesh.H
Monday, November 30, 2015
Wednesday, November 25, 2015
Single Mode vs Multi Mode Fiber
cost
Cable itself, single mode is cheaper than multi mode fiber. But for overall cost, including the cost of the transceiver, the cost of single mode "system" is much expensive.
e.g
From Amazon
Fiber cost
Multi mode 500 ft 50/125 is $ 229.95 (page archived at https://archive.is/M69VR)
Single mode 500 ft 9/125 is $99.99 only (page archived at https://archive.is/BDSOe)
The youtube video provide a clear explanation.
https://youtu.be/OFcvpaQThA8?t=132
Step index multimode was the first fiber design but is too slow for most uses, due to the dispersion caused by the different path lengths of the various modes. Step index fiber is rare - only POF uses a step index design today.
Graded index multimode fiber uses variations in the composition of the glass in the core to compensate for the different path lengths of the modes. It offers hundreds of times more bandwidth than step index fiber - up to about 2 gigahertz.
Singlemode fiber shrinks the core down so small that the light can only travel in one ray. This increases the bandwidth to almost infinity - but it's practically limited to about 100,000 gigahertz - that's still a lot!
Multimode fibers originally came in several sizes, optimized for various networks and sources, but the data industry standardized on 62.5 core fiber in the mid-80s (62.5/125 fiber has a 62.5 micron core and a 125 micron cladding.) Recently, as gigabit and 10 gigabit networks have become widely used, an old fiber has been revived. The 50/125 fiber was used from the late 70s with lasers for telecom applications before singlemode fiber became available. It offers higher bandwidth with the laser sources used in the gigabit LANs and can go longer distances. While it still represents a smaller volume than 62.5/125, it is growing.
CAUTION: You cannot mix and match fibers! Trying to connect Singlemode to Multimode fiber can cause 20 dB loss - that's 99% of the power. Even connections between 62.5/125 and 50/125 can cause loss of 3 dB or more - over half the power.
=============================================================================
http://www.multicominc.com/training/technical-resources/single-mode-vs-multi-mode-fiber-optic-cable/
Multimode vs. single-mode. Multimode cable has a large-diameter core and multiple pathways of light. It can be used for most general data and voice applications, such as adding segments to an existing network.
Multimode comes in two core sizes and four varieties: 62.5-micron OM1, 50-micron OM2, 50-micron OM3, and 50-micron OM4. (OM stands for optical mode.) All have the same cladding diameter of 125 microns, but 50-micron fiber cable has a smaller core (the light-carrying portion of the fiber). Although all can be used in the same way, 50-micron cable, particularly laser-optimized OM3 and OM4 50-micron cable, provides longer link lengths and/or higher speeds and is recommended for premise applications (backbone, horizontal, and intrabuilding links) and should be considered for new installations. OM3 and OM4 can also be used with LED and laser light sources.
Single-mode cable (OS1, OS2) has a small (8–10-micron) glass core and only one pathway of light. (OS stands for optical single-mode.) With only a single wavelength of light passing through its core, single-mode realigns the light toward the core center instead of simply bouncing it off the edge of the core as multimode does. OS1 is applied to inside-plant tight-buffered cable. OS2 is applied to loose-tube cables.
Single-mode provides far greater distances than multimode cable and can go as far as 40 km so it’s typically used in long-haul network links spread out over extended areas, including CATV and campus backbone applications. Single-mode cable also provides higher bandwidth than multimode fiber.
Specification comparison
OM1 62.5-/125-Miron Multimode Fiber
850-nm Wavelength:
Bandwidth: 160 MHz/km;
Attenuation: 3.5 dB/km;
Distance: 220 m;
1300-nm Wavelength:
Bandwidth: 500 MHz/km;
Attenuation: 1.5 dB/km;
Distance: 500 m
OM2 50-/125-Micron Multimode Fiber
850-nm Wavelength:
Bandwidth: 500 MHz/km;
Attenuation: 3.5 dB/km;
Distance: 550 m;
1300-nm Wavelength:
Bandwidth: 500 MHz/km;
Attenuation: 1.5 dB/km;
Distance: 550 m
OM3 50-/125-Micron Multimode Fiber
850-nm Wavelength:
Bandwidth: 1500 MHz/km;
Attenuation: 3.5 dB/km;
Distance: 550 m;
1300-nm Wavelength:
Bandwidth: 500 MHz/km;
Attenuation: 1.5 dB/km;
Distance: 550 m
OM4 50-/125-Micron Multimode Fiber
850-nm Wavelength:
Bandwidth: 3500 MHz/km;
Attenuation: 3.5 dB/km;
Distance: 550 m;
1300-nm Wavelength:
Bandwidth: 500 MHz/km;
Attenuation: 1.5 dB/km;
Distance: 550 m
OS2 8–10-Micron Single-Mode Fiber
Premise Application:
Wavelength: 1310 nm and 1550 nm;
Attenuation: 1.0 dB/km;
Outside Plant Application:
Wavelength: 1310 nm and 1550 nm;
Attenuation: 0.1 dB/km
Cable itself, single mode is cheaper than multi mode fiber. But for overall cost, including the cost of the transceiver, the cost of single mode "system" is much expensive.
e.g
From Amazon
Fiber cost
Multi mode 500 ft 50/125 is $ 229.95 (page archived at https://archive.is/M69VR)
Single mode 500 ft 9/125 is $99.99 only (page archived at https://archive.is/BDSOe)
The youtube video provide a clear explanation.
https://youtu.be/OFcvpaQThA8?t=132
What is multi mode optical fiber video
https://www.youtube.com/watch?v=6xYOzY4zj0o
Fiber Optic Connector Types Explained in Details
https://www.youtube.com/watch?v=4Ovqe3XjRqM
A discussion forum about if single mode can work with multi mode, normally no, depends on a lot of factor, such as the characteristics of the transceiver and the fiber itself etc. (archived here)
==========================================================================
Optical Fiber Tutorial (from lansharck.com)
Fiber Specifications
The usual fiber specifications you will see are size, attenuation and bandwidth. While manufacturers have other specs that concern them, like numerical aperture (the acceptance angle of light into the fiber), ovality (how round the fiber is), concentricity of the core and cladding, etc., these specs do not affect you.
Fiber Itself
Fiber Optics, as we said, is sending signals down hair-thin strands of glass or plastic fiber. The light is "guided" down the center of the fiber called the "core". The core is surrounded by a optical material called the "cladding" that traps the light in the core using an optical technique called "total internal reflection." The core and cladding are usually made of ultra-pure glass, although some fibers are all plastic or a glass core and plastic cladding. The fiber is coated with a protective plastic covering called the "primary buffer coating" that protects it from moisture and other damage. More protection is provided by the "cable" which has the fibers and strength members inside an outer covering called a "jacket".
Multimode & Singlemode Fibers
Multimode & Singlemode fiber are the two types of fiber in common use. Both fibers are 125 microns in outside diameter - a micron is one one-millionth of a meter and 125 microns is 0.005 inches- a bit larger than the typical human hair. Multimode fiber has light traveling in the core in many rays, called modes. It has a bigger core (almost always 62.5 microns, but sometimes 50 microns ) and is used with LED sources at wavelengths of 850 and 1300 nm (see below!) for slower local area networks (LANs) and lasers at 850 and 1310 nm for networks running at gigabits per second or more. Singlemode fiber has a much smaller core, only about 9 microns, so that the light travels in only one ray. It is used for telephony and CATV with laser sources at 1300 and 1550 nm. Plastic Optical Fiber (POF) is large core ( about 1mm) fiber that can only be used for short, low speed networks.
Step index multimode was the first fiber design but is too slow for most uses, due to the dispersion caused by the different path lengths of the various modes. Step index fiber is rare - only POF uses a step index design today.
Graded index multimode fiber uses variations in the composition of the glass in the core to compensate for the different path lengths of the modes. It offers hundreds of times more bandwidth than step index fiber - up to about 2 gigahertz.
Singlemode fiber shrinks the core down so small that the light can only travel in one ray. This increases the bandwidth to almost infinity - but it's practically limited to about 100,000 gigahertz - that's still a lot!
Size Matters
Fiber, as we said, comes in two types, singlemode and multimode. Except for fibers used in specialty applications, singlemode fiber can be considered as one size and type. If you deal with long haul telecom or submarine cables, you may have to work with specialty singlemode fibers.
Multimode fibers originally came in several sizes, optimized for various networks and sources, but the data industry standardized on 62.5 core fiber in the mid-80s (62.5/125 fiber has a 62.5 micron core and a 125 micron cladding.) Recently, as gigabit and 10 gigabit networks have become widely used, an old fiber has been revived. The 50/125 fiber was used from the late 70s with lasers for telecom applications before singlemode fiber became available. It offers higher bandwidth with the laser sources used in the gigabit LANs and can go longer distances. While it still represents a smaller volume than 62.5/125, it is growing.
Fiber Types and Typical Specifications
Core/Cladding | Attenuation | Bandwidth | Applications/Notes |
Multimode Graded-Index | |||
@850/1300 nm | @850/1300 nm | ||
50/125 microns | 3/1 dB/km | 500/500 MHz-km | Laser-rated for GbE LANs |
50/125 microns | 3/1 dB/km | 2000/500 MHz-km | Optimized for 850 nm VCSELs |
62.5/125 microns | 3/1 dB/km | 160/500 MHz-km | Most common LAN fiber |
100/140 microns | 3/1 dB/km | 150/300 MHz-km | Obsolete |
Singlemode | |||
@1310/1550 nm | |||
8-9/125 microns | 0.4/0.25 dB/km | HIGH! ~100 Terahertz | Telco/CATV/long high speed LANs |
Multimode Step-Index | |||
@850 nm | @850 nm | ||
200/240 microns | 4-6 dB/km | 50 MHz-km | Slow LANs & links |
POF (plastic optical fiber) | |||
@ 650 nm | @ 650 nm | ||
1 mm | ~ 1 dB/m | ~5 MHz-km | Short Links & Cars |
CAUTION: You cannot mix and match fibers! Trying to connect Singlemode to Multimode fiber can cause 20 dB loss - that's 99% of the power. Even connections between 62.5/125 and 50/125 can cause loss of 3 dB or more - over half the power.
=============================================================================
http://www.multicominc.com/training/technical-resources/single-mode-vs-multi-mode-fiber-optic-cable/
Single Mode vs. Multi-Mode Fiber Optic Cable (from Multicom)
Fiber Optics is sending signals down hair-thin strands of glass or plastic fiber. The light is “guided” down the center of the fiber called the “core”. The core is surrounded by a optical material called the “cladding” that traps the light in the core using an optical technique called “total internal reflection.”
The core and cladding are usually made of ultra-pure glass. The fiber is coated with a protective plastic covering called the “primary buffer coating” that protects it from moisture and other damage. More protection is provided by the “cable” which has the fibers and strength members inside an outer covering called a “jacket”.
Single Mode Fiber Optic Cable
Single Mode fiber optic cable has a small diametral core that allows only one mode of light to propagate. Because of this, the number of light reflections created as the light passes through the core decreases, lowering attenuation and creating the ability for the signal to travel faster, further. This application is typically used in long distance, higher bandwidth runs by Telcos, CATV companies, and Colleges and Universities.
Left: Single Mode fiber is usually 9/125 in construction. This means that the core to cladding diameter ratio is 9 microns to 125 microns.
Multimode Fiber Optic Cable
Multimode fiber optic cable has a large diametral core that allows multiple modes of light to propagate. Because of this, the number of light reflections created as the light passes through the core increases, creating the ability for more data to pass through at a given time. Because of the high dispersion and attenuation rate with this type of fiber, the quality of the signal is reduced over long distances. This application is typically used for short distance, data and audio/video applications in LANs. RF broadband signals, such as what cable companies commonly use, cannot be transmitted over multimode fiber.
Above: Multimode fiber is usually 50/125 and 62.5/125 in construction. This means that the core to cladding diameter ratio is 50 microns to 125 microns and 62.5 microns to 125 microns.
What’s Happening Inside The Multimode Fiber
Step-Index Multimode Fiber
Due to its large core, some of the light rays that make up the digital pulse may travel a direct route, whereas others zigzag as they bounce off the cladding. These alternate paths cause the different groups of light rays, referred to as modes, to arrive separately at the receiving point. The pulse, an aggregate of different modes, begins to spread out, losing its well-defined shape. The need to leave spacing between pulses to prevent overlapping limits the amount of information that can be sent. This type of fiber is best suited for transmission over short distances.
Graded-Index Multimode Fiber
Contains a core in which the refractive index diminishes gradually from the center axis out toward the cladding. The higher refractive index at the center makes the light rays moving down the axis advance more slowly than those near the cladding. Due to the graded index, light in the core curves helically rather than zigzag off the cladding, reducing its travel distance. The shortened path and the higher speed allow light at the periphery to arrive at a receiver at about the same time as the slow but straight rays in the core axis. The result: digital pulse suffers less dispersion. This type of fiber is best suited for local-area networks.
======================================================================================
http://www.blackbox.com/resources/blackboxexplains.aspx?id=bbe_2124
Black Box Explains...Multimode vs. single-mode Fiber.. (from Blackbox)
Multimode vs. single-mode. Multimode cable has a large-diameter core and multiple pathways of light. It can be used for most general data and voice applications, such as adding segments to an existing network.
Multimode comes in two core sizes and four varieties: 62.5-micron OM1, 50-micron OM2, 50-micron OM3, and 50-micron OM4. (OM stands for optical mode.) All have the same cladding diameter of 125 microns, but 50-micron fiber cable has a smaller core (the light-carrying portion of the fiber). Although all can be used in the same way, 50-micron cable, particularly laser-optimized OM3 and OM4 50-micron cable, provides longer link lengths and/or higher speeds and is recommended for premise applications (backbone, horizontal, and intrabuilding links) and should be considered for new installations. OM3 and OM4 can also be used with LED and laser light sources.
Single-mode cable (OS1, OS2) has a small (8–10-micron) glass core and only one pathway of light. (OS stands for optical single-mode.) With only a single wavelength of light passing through its core, single-mode realigns the light toward the core center instead of simply bouncing it off the edge of the core as multimode does. OS1 is applied to inside-plant tight-buffered cable. OS2 is applied to loose-tube cables.
Single-mode provides far greater distances than multimode cable and can go as far as 40 km so it’s typically used in long-haul network links spread out over extended areas, including CATV and campus backbone applications. Single-mode cable also provides higher bandwidth than multimode fiber.
Specification comparison
OM1 62.5-/125-Miron Multimode Fiber
850-nm Wavelength:
Bandwidth: 160 MHz/km;
Attenuation: 3.5 dB/km;
Distance: 220 m;
1300-nm Wavelength:
Bandwidth: 500 MHz/km;
Attenuation: 1.5 dB/km;
Distance: 500 m
OM2 50-/125-Micron Multimode Fiber
850-nm Wavelength:
Bandwidth: 500 MHz/km;
Attenuation: 3.5 dB/km;
Distance: 550 m;
1300-nm Wavelength:
Bandwidth: 500 MHz/km;
Attenuation: 1.5 dB/km;
Distance: 550 m
OM3 50-/125-Micron Multimode Fiber
850-nm Wavelength:
Bandwidth: 1500 MHz/km;
Attenuation: 3.5 dB/km;
Distance: 550 m;
1300-nm Wavelength:
Bandwidth: 500 MHz/km;
Attenuation: 1.5 dB/km;
Distance: 550 m
OM4 50-/125-Micron Multimode Fiber
850-nm Wavelength:
Bandwidth: 3500 MHz/km;
Attenuation: 3.5 dB/km;
Distance: 550 m;
1300-nm Wavelength:
Bandwidth: 500 MHz/km;
Attenuation: 1.5 dB/km;
Distance: 550 m
OS2 8–10-Micron Single-Mode Fiber
Premise Application:
Wavelength: 1310 nm and 1550 nm;
Attenuation: 1.0 dB/km;
Outside Plant Application:
Wavelength: 1310 nm and 1550 nm;
Attenuation: 0.1 dB/km
Wednesday, April 29, 2015
DNS Forwarders vs. Root Hints in Windows Server
http://www.dell.com/support/article/us/en/19/SLN156952/EN
DNS Forwarders vs. Root Hints in Windows Server
Article Summary: This article provides information on the function of forwarders and root hints in Windows DNS.
A Windows DNS server, like any DNS server, provides authoritative answers to queries for records in the zones stored in the server's DNS database. It often must answer queries for records not in any of its zones, though. A DNS server in a network connected to the internet must provide a way for other machines on the network to resolve internet hostnames to IP addresses, for example. Responses to queries of this sort are non-authoritative responses, because the server must obtain the requested data from a source other than its own DNS database. The nslookup tool indicates when a response is non-authoritative, as shown below:
There are two ways to configure a Windows DNS server to provide non-authoritative responses: forwarders and root hints. These are both lists of servers that are used to resolve queries that the local DNS server can't resolve on its own, and both provide the same functionality from the perspective of a client. They do so in different ways, however:
There are two ways to configure a Windows DNS server to provide non-authoritative responses: forwarders and root hints. These are both lists of servers that are used to resolve queries that the local DNS server can't resolve on its own, and both provide the same functionality from the perspective of a client. They do so in different ways, however:
- Root hints use iterative queries. When the local DNS server can't resolve a query using its cache or database, it sends a query to one of the root DNS servers on the internet. The root server will respond with a referral, which contains the addresses of the DNS servers authoritative for the top-level domain (such as .com or .net) in the original query. The local server then queries one of the servers in the referral, which will respond with another referral, this time to the servers authoritative for the second-level domain (dell.com, for example) in the original query. This query/referral process continues until a server is reached that is authoritative for the fully qualified domain name (FQDN) in the original query. It will return an authoritative positive or negative response - a response which either contains the record sought by the original query or indicates that it doesn't exist - and the local server will send that response to the querying client.
- Forwarders, on the other hand, use recursive queries. If forwarders are configured, when the local DNS server can't resolve a query, it sends a recursive query to one of the forwarders in its list. This type of query tells the forwarder that the local server will accept either a positive or negative response, but not a referral. Essentially, the forwarder does the work of tracking down the record in the query, which may involve the referral process above, and the local server simply waits for the response, which it then sends to the querying client.
To configure forwarders or root hints on a Windows DNS server, follow this procedure:
- Open the DNS Management console.
- Right-click the DNS server in the left pane and select Properties.
- To configure forwarders, select the Forwarders tab of the properties window:
To configure root hints, select the Root Hints tab of the properties window:
Note: Forwarders must be manually configured, but root hints are present by default on a Windows DNS server. The root hints list can be manually modified, however.
The decision to use root hints or forwarders for external resolution is often a matter of preference, but there are a few things to keep in mind:
- When configuring forwarders, be sure to add at least two servers to the list. If only a single forwarder is present in the list and that forwarder becomes unreachable, the local server will not be able to resolve external names at all.
- Properly configured forwarders often provide quicker responses than root hints, but the difference is usually only a matter of milliseconds.
- Although the root hints list will typically contain only thirteen entries (a.root-servers.net throughm.root-servers.net), each of those entries is highly redundant. There are 376 geographically distributed root DNS servers as of this writing.
- Forwarders are not stored in Active Directory. This is important, since DNS servers in an AD domain are typically domain controllers (DCs). Forwarders configured on one DC will not replicate to other DCs; they must be manually configured on each DC which is also a DNS server.
Subscribe to:
Posts (Atom)