Troubleshooting Layer 2 Switching: Answers
Can you think abstractly about how layer 2 switching works, and how VLANs and trunks impact their forwarding decisions? Or do you need to see the specific configurations to make sense of it?
This latest practice question pulls in a lot of concepts that impact layer 2 switching (forwarding), mostly related to VLANs, but with more of a conceptual approach. In some ways, it requires a little more mastery of the topic than if the question was more detailed and showed all the configuration. As usual, check out the question first, then come here to consider my version of the answer. (And check out video 7.2 of the CCENT Exam Prep LiveLessons product for some related background.)
The Answers:
A
Analyzing the Question Stem
To do well on the exam, you need to be thoughtful and well-practiced at analyzing the question stem along with the answers. (To learning theorists, the question itself is called the stem.) When preparing, it helps to think about how to read the question stem, and practice your approach to figuring out what the stem is really asking. So for this post, I’ll spend a little space on some of that analysis for this question.
(Note that the CCENT Exam Prep LiveLessons product include a series of practice question videos which include analysis of the wording of each question stem.)
The Analysis
For this latest question, the first two sentences of the stem restrict the scope of the question a bit. The question really doesn’t start until the third sentence. Repeating and numbering those first two sentences:
- In this network, all hosts use the IP address/mask configurations as shown.
- All links physically work and all switches act as layer 2 switches.
Sentence 1 focuses on the layer 3 (IP/address) details, a tells us that it is implemented correctly. Sentence 2 moves on to the physical links, again working. Sentence two also helps interpret the icons in the figure: the switch icons are all icons for a layer 2 switch, but the question overtly states that the switches are acting as layer 2 switches.
What conclusions could you draw from these two set-up sentences? That whatever the problem is, it’s not based on IP details on the hosts, and it’s not an issue with any of the physical links.
If you add a quick glance at the answers to your analysis, you will see that the answers all must do with VLANs and VLAN trunking. VLANs and trunks of course impact how switches perform layer 2 switching. So from the stem’s first two sentences, plus the answers, it’s clear that the question focuses on issues related to VLANs.
Aside on Question Stem Style
Note that it would have been reasonable for an equivalent real question on the exam to just have left out those first two sentences in the stem, expecting you to infer the meaning of those first two sentences. That would have made the entire stem read like this:
Host 1 can successfully ping server A, but host 2’s ping of server A fails. Which answers list issue that could result these failure symptoms?
With the above shorter stem, you would need to rely on the answers a little more. For instance, if host 2’s link connected to SW3 was physically down, these same symptoms would exist. However, none of the answers give an option related to layer 1 or layer 3 issues, so the answers would have to give you more of the context.
Now back to the answers, and which ones are correct and incorrect!
Answer A – VLAN Answer – Correct
This first answer focuses on a simple concept that is sometimes overlooked: Layer 2 switches forward frames based on not only the destination MAC address of the frame, but also the VLAN of the frame.
In this case, the figure shows all the hosts (clients and servers) in VLAN 2. If SW3’s post connected to host 2 was configured to be in a different access VLAN other than VLAN 2, then when host 2 sent a frame, SW3 would forward the frame in that other VLAN. Assuming server A was assigned to VLAN 2, the layer 2 switches would never forward the frame to server A, causing host 2’s ping to fail.
Figure 1: The Network for the ARP Question, with Subnets Marked
Answers B and D – Trunking Answers – Incorrect
Both answers suggest an issue with the trunk between SW1 (the switch connected to server A) and SW3 (the switch connected to both hosts 1 and 2). In short, both problems would cause host 2’s ping to fail… but would also cause host 1’s ping to fail. Both answers describe a condition that would prevent VLAN 2 traffic from passing over the trunk, so both answers are incorrect, because they would not cause the symptoms described in the stem.
For answer B, by disallowed VLAN 2 on the trunk, the switches effectively choose to not forward VLAN 2 traffic on the trunk. Simple enough.
Answer D means that SW3 would not forward VLAN 2 traffic to SW1. Answer D’s implied configuration of switchport mode dynamic auto on both switches means that neither would begin the trunking negotiation process, so the link would not trunk.
Answers C and E – VLAN Answers – Incorrect
Likewise, both answers C and E cause an entire switch to no longer forward frames in VLAN 2. As a result, host 2’s ping would fail, but host 1’s ping would fail as well.
Specifically, Answer C (on switch SW1) states that SW1 has shutdown VLAN 2. That means that any frames received by SW1 for which SW1 considers the frame to be in VLAN 2 will not be forwarded. Simple enough.
For answer E, the same result occurs. With VLAN 2 deleted from switch SW3’s configuration, SW3 will not forward frames that it considers to be a part of VLAN 2 – even with two switch ports configured to be in access VLAN 2. Again, as a result, the pings from both host 1 and host 2 would fail.
Love the explanation about how the question is built…sometimes we fall on those slippery bananas due to lack of strong foundations, but we can also get distracted on other “non-relevant” information.
Thank you!
Thanks! I really enjoyed doing that part of the CCENT Exam Prep videos (and I’m recording the CCNA/ICND2 product in a few weeks). I’ll try to put more of that in these blog posts. Thanks for the input!
where can i find the question please
Look just below the post, just above the comments section where you see these comments. That area will generally list the previous and next post based on date. Because I try to post the answer post as the next post after posting the question, on this answer post, the question will be the previous post – and therefore linked at the bottom of the page. So look on the bottom right of the post area, just above the comments, and you’ll see “Troubleshooting Layer 2 Switching” and that’s the link.
Hello, I am going to take the CCENT , just wanted to know if i have to study the entire 36 chapters and then focus on the exam topics. Or can I just read the exam topics chapters and leave the rest. I need some clarity about if the CCNET study guide , which I bought , is enough study material or do I need to go somewhere else to review key information.
Hi Haadk,
Somewhere in the Intro to the book, I state that the book covers all exam topics. Indeed it does, and I think at around 900 pages, it does that to some depth.
For the exam, Cisco tells us at the top of the exam topics pages that they can ask about topics outside the exam topics. So it is literally impossible to know everything Cisco might ask on one of their exams, since they tell us they can ask anything. That said, I don’t think Cisco sets about to ask about topics outside the scope of the exam topics, but it can happen. Here’s a quote that is frequently listed in their web copy:
“The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam.”
To summarize, the book is comprehensive to the exam topics, and I even include topics outside the exam topic list if I think it might be on the actual exam. However, logic dictates that no one study resource could cover every topic in the actual exam with an exam policy that allows Cisco to ask questions outside the exam topics.
Hope this helps,
Wendell
Wendell you should post a time frame of 1 minute to answer the questions in your blog.
On the CCNA exam you would only have about 1 minute to answer this question and that pressure is not felt in practice exams unless you use exam mode. I have not yet taken the CCNA, but time has got to be a huge issue no one talks about. When you have to analyze both diagrams and exhibits of physical/logical topologies and command input you find that time limit will too much pressure to reason out the correct response and move on to the next question before the exam clock ticks down to 0:00.
Howdy,
Thanks for the input – appreciated.
I agree time pressure is meaningful on CCNA. I talk about it. I just haven’t attempted it here in these informal questions in the blog. I’m wondering, do you have my two-book CCNA Official Cert Guide set? With those you get about 600 practice questions. There’s an app for those, and you can choose a number of questions and time yourself. Also, Volume 2’s Final Preparation chapter discusses timing and strategies for dealing with it. So I agree, time pressure and being ready to deal with it is a big deal.
Wendell
Hello, I have a question about the diagram.
The diagram shows the connect between host 2 and SW3 as belonging to VLAN2. Does this label only portray the fact that host 2 belongs to the same subnet that VLAN2 is configured be in control of? What is the label VLAN2 actually saying if it’s not referring to the configuration of the switch port?
I ask because while I was able to eliminate the answers B,C,D,E, I also eliminated the answer A because the diagram explicitly states VLAN2 on the connection between SW3 and host 2.
Thank you in advance.
Hi Jaques,
I think I see your point. I think what I meant was that the figure shows the intended design. The answers give examples that fail to meet the design, because if the design were implemented correctly, all the pings within the subnet should work. But the question stem didn’t state all that. I just edited the question to state something to that effect – hope that helps.
Wendell
Hello Wendell,
I am new to networking and am currently working my way through your CCNA study guide. My question does not relate to this question but has to do with troubleshooting trunk problems and I will appreciate if you can clarify this for me.
In Vol 1 Chapter 8 under mismatched native VLAN on a trunk, you stated and I quote
“Unfortunately, it is possible to set the native VLAN ID to different VLANs on either end of the trunk, using the switchport trunk native vlan vlan-id command. If the native VLANs differ according to the two neighboring switches, the switches will accidentally cause frames to leave one VLAN and enter another.
For example, if switch SW1 sends a frame using native VLAN 1 on an 802.1Q trunk, SW1 does not add a VLAN header, as is normal for the native VLAN. When switch SW2 receives the frame, noticing that no 802.1Q header exists, SW2 assumes that the frame is part of SW2’s configured native VLAN. If SW2 has been configured to think VLAN 2 is the native VLAN on that trunk, SW2 will try to forward the received frame into VLAN 2. (This effect of a frame being sent in one VLAN but then being believed to be in a different VLAN is called VLAN hopping.)”
My confusion is this – why is this an issue if the VLAN the frame was delivered to is the intended VLAN? From the scenario, I believe SW2 applied the correct logic which is that the received frame should go to the native VLAN and it attempts to forward it to the native VLAN that exists on the switch.
Hi Sandy,
Thanks for the note. Let me take a shot at answering your question.
On “Why is this an issue if the VLAN the frame was delivered to is the intended VLAN?”
It’s a long answer.
First, you will understand best if you think hard and even make notes about the Ethernet and IP addresses in the frames/packets sent between two hosts that reside in two sample VLANs.
Second, you can’t really understand the answer until you better understand IP and how routers de-encapsulate and re-encapsulate, so it may be best to get through at least chapter 15 in Volume 1 first.
For now, you ask, why is it an issue if the frame arrives in the intended VLAN? The answer is: that a frame sent in one VLAN is only intended to exist in that VLAN. So your question is invalid because it presumes the frame is delivered to a second VLAN and that delivery is intended. It is never intended. The point of VLANs is that the Ethernet frames stay within the VLAN.
For instance, say PC1 is MAC1 and IP address 10.1.1.1, PC2 is MAC2 and 10.2.2.2, in VLANs 1 and 2, respectively. Given how IP works, PC1 would never send an Ethernet frame to PC2’s MAC address (MAC2) or send an Ethernet broadcast it expected PC2 to receive. Instead, say PC1 wants to send a packet to IP address 10.2.2.2 (PC2’s address). Its IP logic is to send the IP packet to a router in its VLAN (VLAN 1) in the subnet that exists in VLAN 1. So that frame is sent in VLAN 1 to the router attached to that VLAN.
That router removes (de-encapsulates) the IP packet from the incoming Ethernet frame.The frame no longer exists at that point.
The router re-encapsulates the packet in a new frame, with PC2’s MAC as the destination MAC address, and sends it into the second subnet, which exists in VLAN 2. At that point a new different Ethernet frame, with different source and destination addresses, exists in VLAN 2.
Now, back to VLAN hopping. If PC1’s original frame were to VLAN hop due to a trunking misconfig and enter PC2’s VLAN, PC2 would ignore it. The frame sent by PC1 has a router’s MAC address as the destination MAC. PC2 might even receive the frame if the frame were flooded… but then ignore it because it is not addressed to PC2’s MAC address. So, back to your question (repeated above)… that frame sent by PC1 in VLAN 1 isn’t intended to arrive in VLAN 2. The destination address in the frame does not exist in VLAN 2, and it’s useless for the frame to arrive in VLAN 2. That frame is intended (as all frames) to exist in just one VLAN. But understanding IP better helps with the why/wherefore.
Hope this helps… But truly, it will make more sense once you know more details about IP routing and encapsulation, particularly the more detailed info in Chapter 15 of Volume 1.