H PDF

1/10/2015
h. SWITCHES AND BRIDGES | CCNA Basics
CCNA Basics
Category Archives: h. SWITCHES AND

BRIDGES
August 21, 2012
8.1 SWITCHES
Switches work on LAN.
All interfaces of a switch are ethernet, none is serial.
It knows which device is connected to its interface, hence it is called intelligent device.
While delivering a packet, a switch broadcasts message to all devices attached to it like a hub. By
doing this, it gets to know the MAC address of the devices and for delivering the second packet, it
checks the MAC address of the destination device.
Switches are dedicated, specialized computers, which contain a central processing unit (CPU),
random access memory (RAM), and an operating system.
Switches have several ports that hosts can connect to.
They have specialized ports for the purpose of management.
They can be managed and the configuration can be viewed and changed through the console port.
Switches typically have no power switch to turn them on and off simply connect or disconnect
from a power source.
IP address is not given on interfaces like routers. The IP is given on the VLAN which separates the
broadcast domain.
Switching is hardware based, routing is software based.
Switching is faster than routing.
Functions of switch:
1. Forwarding: a switch forwards the message to the destination.
2. Filtering: when a message comes to a switch, the switch checks its MAC address and the message is
forwarded to the interface where the destination device is attached.
3. Loop avoidance: no loop is formed in delivery of packets as is formed in case of routers.
The configuration through CONSOLE PORT is called IN BAND CONFIGURATION.
http://ccnabasics.com/category/h-switches-and-bridges/
1/18
1/10/2015
COMMAND LINE INTERFACE(CLI) OF A SWITCH:

Command-line interface (CLI) for Cisco switches is very similar to the CLI for Cisco routers.
HELP command (?)
COMMAND MODES:
User EXEC
Privileged EXEC
User EXEC mode
It is the default mode;
It is recognized by its prompt, which ends in a greater-than character (>);
Its available commands are limited:
- to perform basic tests;
- to display system information.
the show commands available in user EXEC mode are:
2/18
1/10/2015
Privileged EXEC mode

to enter this mode, enable command is used from User EXEC mode;
it is recognized by its prompt, which ends in a pound-sign character (#);
it should be password protected to prevent unauthorized use;
The password does not appear on the screen, and is case sensitive.
Default Running Configuration
when powered up for the first time, a switch has default data in the running configuration file;
default hostname is Switch;
no passwords are set on the console or virtual terminal (vty) lines;
the switch has no IP address (IP address for management purposes is configured on the virtual
interface VLAN 1)
HOSTNAME AND PASSWORD CONFIGURATION
3/18
1/10/2015
IP ADDRESS CONFIGURATION
1. interface vlan 1 (in global config mode). VLAN 1 is management VLAN and is present in switch
by default.
2. ip address [address][mask]
3. ip default-gateway [address
All interfaces of switch are members of VLAN 1. Assigning IP to VLAN 1, gives IP to other interfaces
also.
Sh ip interface command is used to view switch interfaces.
4/18
1/10/2015
Uses of giving IP to VLAN 1 are:

1. troubleshooting
2. remote access
To check MAC table of switch use command sh MAC-address-table
MAC address table is initially empty.
Switches
5/18
1/10/2015
examine the source address of frames that are received on the ports;
learn the MAC addresses of PCs or workstations that are connected to their switch ports;
Record learned MAC addresses in a MAC address table.
dynamically learn and maintain thousands of MAC addresses;
Learned entries may be discarded from the MAC address table .
The MAC address entry is automatically discarded or aged out after 300 seconds.
Learning MAC address:
Station A sends a frame to station C.
The switch caches the MAC address of station A to port E0 by learning the source address of data
frames.
The frame from station A to station C is flooded out to all ports except port E0 (unknown unicasts
are flooded).
Station D sends a frame to station C.

The switch caches the MAC address of station D to port E3 by learning the source address of data
frames.
The frame from station D to station C is flooded out to all ports except port E3 (unknown unicasts
are flooded).
Station A sends a frame to station C.

The destination is known; the frame is not flooded.
6/18
1/10/2015
Station A sends a frame to station B.

The switch has the address for station B in the MAC address table.
Station D sends a broadcast or multicast frame.

Broadcast and multicast frames are flooded to all ports other than the originating port.
Clear mac-address-table command Privileged EXEC mode

used to remove dynamically learned MAC addresses;
used to remove static MAC address entries.
7/18
1/10/2015
STATIC MAC ADDRESSES

Static MAC addresses are permanently assigned to an interface.
Reasons for use a Static MAC address:
will not be aged out automatically by the switch;
a specific server or user workstation must be attached to the port and the MAC address is known;
Security is enhanced.
To configure static MAC address:
Switch(config)#mac-address-table static <mac-address of host > interface FastEthernet
<Ethernet number > vlan
<vlan name >
To remove static MAC address:
Switch(config)# no mac-address-table static <mac-address of host > interface FastEthernet
<Ethernet number > vlan <vlan name >
Port Security
It is possible to limit the number of addresses that can be learned on an interface;
the number of MAC addresses per port can be limited to 1;
the first address dynamically learned by the switch becomes the secure address.
To configure port security :
Switch(config-if)#switchport port-security
To reverse port security:
8/18
1/10/2015
Switch(config-if)# no switchport port-security

To verify port security status:
Switch(config)#show port security
Adding New Switch
A new switch Must be configured with:
Switch name;
IP address for the switch in the management VLAN;
a default gateway;
Line passwords.
Managing switch operation:

An administrator should document and maintain the operational configuration files for
networking devices;
The most recent running-configuration file should be backed up on a server or disk;
The Cisco IOS Software should also be backed up to a local server. The Cisco IOS
Software can then be reloaded to Flash memory if needed.
Enable security:
9/18
1/10/2015
Passwords
must be set on the console and vty lines- for security and management purposes;
must be set enable password;
must be set enable secret password.
Password recovery
Passwords
1. Make sure that a PC is connected to the console port and a HyperTerminal window is open.
2. Turn the switch off. Turn it back on while holding down the MODE button on the front of the
switch at the same time that the switch is powered on. Release the MODE button after the STAT
LED goes out.
3. Type flash_init
4. Type load_helper
5. Type dir flash:
6. Rename flash:config.text flash:config.old
7. Type boot
8. N at the following prompt to start the Setup program.
9. Type rename flash:config.old flash:config.text
10. copy flash:config.text system:running-config
Posted in h. SWITCHES AND BRIDGES

Leave a comment
August 21, 2012
8.2 TRUNKING
A trunk is a physical and logical connection between two switches across which network traffic travels.
In a switched network, a trunk is a point-to-point link that supports several VLANs. The purpose of a
trunk is to conserve ports when a link between two devices that implement VLANs is created. Trunking
bundles multiple virtual links over one physical link. This allows the traffic of several VLANs to travel
over a single cable between the switches.
Trunking protocols were developed to effectively manage the transfer of frames from different VLANs
on a single physical line. Frame tagging has been adopted as the standard trunking mechanism by the
IEEE.
10/18
1/10/2015
The unique physical link between the two switches is able to carry traffic for any VLAN. Each frame
sent on the link is tagged so that it carries the VLAN ID to identify which VLAN it belongs to.
The two most common tagging schemes for Ethernet segments are ISL and 802.1Q.
Frame tagging functions at Layer 2 and does not require much network resources or administrative
overhead. It is important to understand that a trunk link does not belong to a specific VLAN. A trunk
link is a conduit for VLANs between switches.
To configure 802.1q trunking on a 2950 switch, first determine which ports on the switches will be used
to connect the two switches together.Then in the Global configuration mode enter the following
commands on both switches:
Switch_A(config)#interface fastethernet interface #
Switch_A(config-if)#switchport mode trunk
To verify that trunking has been configured and verify the settings use the following commands
from Privileged EXEC mode of the switch:
show interfaces Fa0/port_num
show interfaces trunk

Leave a comment
August 21, 2012
8.3 VLAN BASICS

VLAN is virtual LAN and is a concept of dividing a switch logically.
The main features of VLAN are:
1.
2.
3.
4.
5.
Divides broadcast domain such that the number of broadcast domain = number of VLANs.
Users on different VLANs cannot communicate.
Every VLAN has a different network. No two VLANs can have same network.
Every VLAN has a different subnet.
VLAN configuration is saved in flash memory.
11/18
1/10/2015
Management of VLAN:
By default, VLAN 1 is the management VLAN but there are 5 VLANs present by default in a
switch. They are: VLAN 1, VLAN 1002, VLAN 1003, VLAN 1004, VLAN 1005.
all internetworking devices should be in the management VLAN;
Allows a single management workstation to access, configure, and manage all the internetworking
devices.
Configuring VLAN:
1. In global config mode, type in vlan ?. this command will give you a range of VLAN numbers.
Select a VLAN number from the range shown after you enter this command.
2. Vlan <vlan no.>.
3. name <name of vlan>. This command gives a name to the VLAN.
4. Exit.
5. Now choose which interfaces should come under the new VLAN using the command: int range ?.
this command will give you the list of interfaces that you can include in the new vlan.
6. Int range <interface>
In the above figure, we have selected fast ethernet ports 1 to 20 under new VLAN. If you want only
one port (say, 0/1) under abc, then you can type: int range fa0/1.
7. Switchport access <vlan ID>
8. Exit.
There are 2 types of ports in VLAN:
Access port: these are the interfaces to which end devices are attached like PC, printer, laptop etc.
Trunk port: these are the interfaces to which a new network is created like switch, hub, router etc.
Access port can be a member of one VLAN only i.e., they carry traffic of one VLAN only.
Trunk port: It can be a member of multiple VLANs i.e., they can carry traffic of all created VLANs.
Making a port access or trunk:
1. Config t
2. Int <interface name>
12/18
1/10/2015
3. Switchport mode access: if you want to make an access port, or,

Switchport mode trunk: if you want to make a trunk port.
TAGGING: Switch attaches information of VLAN through trunk port while sending data. This
attached information is called tagging.
It is of 2 types:
1. 802.1 Q
2. ISL
802.1 Q : it is an open standard tagging which means that it works on any company or any brands
product.
ISL : inter-switch linking. It is a CISCO propriety i.e., it works on CISCO devices only.
In diagram above, switch 1 attaches information (tag) to data to be sent by VLAN 1. Tag has info of
the VLAN to which device belongs.
Leave a comment
August 21, 2012
8.4 SPANNING TREE PROTOCOL

Spanning tree provides a loop-free redundant network topology by placing certain ports in the
blocking state.
It has:
One root bridge per broadcast domain
One root port per nonroot bridge
One designated port per segment
Nondesignated ports are unused
Spanning tree transmits each port through several different states:

13/18
1/10/2015
Spanning tree path cost:
Spanning tree convergence: Convergence occurs when all the switch and bridge ports have transitioned
to either the forwarding or the blocking state. When the network topology changes, switches and
bridges must recompute STP, which disrupts user traffic.
Summary
STP is a bridge-to-bridge protocol used to maintain a loop-free network.
To maintain a loop-free network topology, STP establishes a root bridge, a root port, and
designated ports.
With STP, the root bridge has the lowest BID, which is made up of the bridge priority and the MAC
address.
When STP is enabled, every bridge in the network goes through the blocking state and the
transitory states of listening and learning at power up. If properly configured, the ports then
stabilize to the forwarding or blocking state.
If the network topology changes, STP maintains connectivity by transitioning some blocked ports
to the forwarding state.
RSTP significantly speeds the recalculation of the spanning tree when the network topology changes.
Leave a comment
August 21, 2012
8.5 INTER-VLAN COMMUNICATION

If a VLAN spans across multiple devices a trunk is used to interconnect the devices. A trunk carries
traffic for multiple VLANs.
a trunk can connect a switch to another switch
a switch to the inter-VLAN router
a switch to a server with a special NIC installed that supports trunking.
Remember that when a host on one VLAN wants to communicate with a host on another, a router
must be involved.
14/18
In a traditional situation, a network with four VLANs would require four physical connections between
1/10/2015
In a traditional situation, a network with four VLANs would require four physical connections between
the switch and the external router. The router only supports one VLAN per interface.This does not scale
very well.
Networks with many VLANs must use VLAN trunking to assign multiple VLANs to a single router
interface. The router can support many logical interfaces on individual physical links through the use of
subinterfaces. The primary advantage of using a trunk link is a reduction in the number of router and
switch ports used.
A subinterface is a logical interface within a physical interface.

Each subinterface supports one VLAN, and is assigned one IP address.
In order to route between VLANs with subinterfaces, a subinterface must be created for each
VLAN.
To define subinterfaces on a physical interface, perform the following tasks:

Identify the interface.
Define the VLAN encapsulation.
Assign an IP address to the interface.
To identify the interface, use the interface command in global configuration mode.
Router(config)#interface fastethernet port-number subinterface-number
Router_A(config-if)#interface fastethernet 0/0.1
The router must be able to talk to the switch using a standardized trunking protocol
(encapsulation).
To define the VLAN encapsulation, enter the encapsulation command in interface configuration
mode.
Router(config-if)#encapsulation dot1q vlan-number
The vlan-number identifies the VLAN for which the subinterface will carry traffic.
To assign the IP address to the subinterface, enter the following command in subinterface
configuration mode.
Router_A(config-subif)# ip address ip-address subnet-mask
Router_A(config)#interface fastethernet 0/0
Router_A(config-if)#no shutdown
Router_A(config-if)#interface fastethernet 0/0.1
15/18
1/10/2015
Router_A(config-subif)#encapsulation dot1q 1
Router_A(config-subif)#ip address 192.168.1.1 255.255.255.0
VLAN MANAGEMENT POLICY SERVER(VLPS): in this, one switch acts as a server.
VLAN management challenges:
1. It is difficult to add new VLAN for a large network.
2. It is not easy to add a new VLAN to all of switches.
TRUNKING PROTOCOLS:
Dynamic trunking protocol: it detects whether the other device attached is a network or an end device. If
it is a network, it automatically makes end part of device 1 trunk.
VLAN trunking protocol: what is a VTP?
The role of VTP is to maintain VLAN configuration consistency across a common network
administration domain. VTP is a messaging protocol that uses Layer 2 trunk frames to add, delete, and
rename VLANs on a single domain. VTP also allows for centralized changes that are communicated to
all other switches in the network. VTP messages are encapsulated in either ISL or IEEE 802.1Q protocol
frames, and passed across trunk links to other devices. A VTP domain is made up of one or more
interconnected devices that share the same VTP domain name. When transmitting VTP messages to
other switches in the network, the VTP message is encapsulated in a trunking protocol frame such as
ISL or IEEE 802.1Q.
VTP switches operate in one of three modes:
Server
Client
Transparent
VTP servers: VTP servers can create, modify, and delete VLAN and VLAN configuration parameters
for the entire domain. VTP servers save VLAN configuration information in the switch NVRAM. VTP
servers send VTP messages out to all trunk ports.
VTP client: VTP clients cannot create, modify, or delete VLAN information. The only role of VTP
clients is to process VLAN changes and send VTP messages out all trunk ports.
VTP transparent mode: Switches in VTP transparent mode forward VTP advertisements but ignore
information contained in the message. A transparent switch will not modify its database when updates
are received, or send out an update that indicates a change in its VLAN status. Except for forwarding
VTP advertisements, VTP is disabled on a transparent switch. Switches in VTP transparent mode can
create and remember VLANs, but only of local significance. VLANs created in the transparent mode
will not be sent to other switches. With VTP, each switch advertises on its trunk ports its management
domain, configuration revision number, the VLANs that it knows about, and certain parameters for
each known VLAN. These advertisement frames are sent to a multicast address so that all neighbor
16/18
1/10/2015
devices can receive the frames. A new VLAN must be created and configured on one device (VTP
server) only in the management domain. All the other devices (VTP clients) in the same management
domain automatically learn the information.
VTP operations:
1. A VTP frame consists of a header field and a message field. The VTP information is inserted into the
data field of an Ethernet frame.
2. The Ethernet frame is then encapsulated as a 802.1Q trunk frame (or ISL frame).
1. Each switch in the domain sends periodic advertisements out each trunk port to a reserved
multicast address.
Destination MAC address -This address is set to 01-00-0C-CC-CC-CC, which is the reserved
multicast address for all VTP messages.
LLC field-Logical link control (LLC) field contains a destination service access point (DSAP) and a
source service access point (SSAP) set to the value of AA.
SNAP field-Subnetwork Access Protocol (SNAP) field has an OUI set to AAAA and type set to
2003.
VTP header field- The contents vary depending on the VTP message type-summary, subset, or
request-but it always contains these VTP fields:
VTP advertising:
Summary Advertisements: The summary advertisement contains the VTP domain name, the current
revision number, and other VTP configuration details.
Summary advertisements are sent: Every 5 minutes by a VTP server or client to inform neighboring
VTP-enabled switches of the current VTP configuration revision number for its VTP domain
immediately after a configuration has been made.
Subset Advertisements A subset advertisement contains VLAN information.
Changes that trigger the subset advertisement include:
Creating or deleting a VLAN
Suspending or activating a VLAN
Changing the name of a VLAN
Changing the MTU of a VLAN
17/18
1/10/2015
It may take multiple subset advertisements to fully update the VLAN information.
Request Advertisements: When a request advertisement is sent to a VTP server in the same VTP
domain, the VTP server responds by sending a summary advertisement and then a subset
advertisement.
Request advertisements are sent if:
The VTP domain name has been changed
The switch receives a summary advertisement with a higher configuration revision number than its
own
A subset advertisement message is missed for some reason
The switch has been reset
Configuring VTP:
1. Configure domain name.
2. Configure VTP version
3. ADD VLAN / Trunk and verify
4. Configure VTP Mode: client
5. Verify VTP Status
Leave a comment
CCNA Basics
Blog at WordPress.com. The Splendio Theme.
Follow
Follow CCNA Basics

Build a website with WordPress.com
18/18

H PDF

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

H PDF

Hochgeladen von

Copyright:

Verfügbare Formate

1/10/2015

h. SWITCHES AND BRIDGES | CCNA Basics

Category Archives: h. SWITCHES AND

h. SWITCHES AND BRIDGES | CCNA Basics

COMMAND LINE INTERFACE(CLI) OF A SWITCH:

h. SWITCHES AND BRIDGES | CCNA Basics

Privileged EXEC mode

h. SWITCHES AND BRIDGES | CCNA Basics

h. SWITCHES AND BRIDGES | CCNA Basics

Uses of giving IP to VLAN 1 are:

MAC address table is initially empty.

h. SWITCHES AND BRIDGES | CCNA Basics

Station D sends a frame to station C.

Station A sends a frame to station C.

h. SWITCHES AND BRIDGES | CCNA Basics

Station A sends a frame to station B.

Station D sends a broadcast or multicast frame.

Clear mac-address-table command Privileged EXEC mode

h. SWITCHES AND BRIDGES | CCNA Basics

STATIC MAC ADDRESSES

h. SWITCHES AND BRIDGES | CCNA Basics

Switch(config-if)# no switchport port-security

Managing switch operation:

h. SWITCHES AND BRIDGES | CCNA Basics

Posted in h. SWITCHES AND BRIDGES

h. SWITCHES AND BRIDGES | CCNA Basics

Posted in h. SWITCHES AND BRIDGES

8.3 VLAN BASICS

h. SWITCHES AND BRIDGES | CCNA Basics

h. SWITCHES AND BRIDGES | CCNA Basics

3. Switchport mode access: if you want to make an access port, or,

8.4 SPANNING TREE PROTOCOL

Spanning tree transmits each port through several different states:

h. SWITCHES AND BRIDGES | CCNA Basics

Spanning tree path cost:

8.5 INTER-VLAN COMMUNICATION

h. SWITCHES AND BRIDGES | CCNA Basics

A subinterface is a logical interface within a physical interface.

To define subinterfaces on a physical interface, perform the following tasks:

h. SWITCHES AND BRIDGES | CCNA Basics

h. SWITCHES AND BRIDGES | CCNA Basics

h. SWITCHES AND BRIDGES | CCNA Basics

Blog at WordPress.com. The Splendio Theme.

Follow CCNA Basics

Das könnte Ihnen auch gefallen