CN2668Routers and Switches (V2)Kemtis KunanuraksapongMSIS with DistinctionMCTS, MCDST, MCP, A+

Agenda

•Chapter 12: Basic Switching and Switch Configuration

•Exercise•Quiz

Ethernet Operations

•Carrier Sense Multiple Access with Collision Detection (CSMA/CD)▫Ethernet contention method▫Any station connected to a network can

transmit anytime a transmission is not present on the wire

•Interframe gap or interpacket gap (IPG)▫Each station must wait a minimum of 9.6

microseconds before transmitting another packet

Ethernet Operations (Cont.)

•Collisions•Collision Domain•Broadcasts

▫Increase the speed/performance by disable the unnecessary service such as IPX where it is not needed

Latency or propagation delay•The length of time that is required to

forward, send, or otherwise propagate a data frame

•Latency depends on▫the resistance offered by the transmission

medium, the number of nodes ▫The amount of processing that must be done on

the packet•Transmission time

▫The amount of time it takes for a packet to be sent from one device to another

Latency (Cont.)•Bit time

▫The amount of time required to transmit one bit•Slot time (512 bit times)

▫A specification that limits the physical size of each Ethernet collision domain All collisions should be detected from anywhere in

a network in less time than is required to place a 64-byte frame on the network

5-4-3 rule Five segments of wire, four repeaters, 3 populated

hubs between any two stations on 10-Mbps network

Ethernet Errors•Frame size errors

▫Short frame or runt a frame shorter than 64 bytes

▫Long frame or giant a frame greater than 1518 bytes

▫Jabber a frame longer than 1518 bytes and has wrong

FCS•Frame check sequence (FCS) error

▫Indicates that bits of a frame were corrupted during transmission

Ethernet Errors

•Collision errors▫Reducing the number of devices per

collision domain will usually solve the problem

•Late collision▫Occurs when two stations transmit more

than 64 bytes of data frames before detecting a collision

Fast Ethernet (100 Mbps)

•Uses the same CSMA/CD as 10BaseT Ethernet

•Defined under the IEEE 802.3u standard•Implementations

▫100Base-TX▫100Base-T4▫100Base-FX▫See Page 342 for detail implementation

Gigabit Ethernet (1000 Mbps)

•Gigabit Ethernet implementations▫1000Base-TX (802.3ab)▫1000Base-SX (802.3z)▫1000Base-LX (802.3z)▫1000Base-CX (802.3z)

Half- and Full-Duplex Communications

•Half-duplex communications▫Devices can send and receive signals, but

not at the same time•Full-duplex (or duplex) communications

▫Devices can send and receive signals simultaneously

•Ethernet networks can use equipment that supports half- and full-duplex communications

Half- and Full-Duplex Communications

•On a Cisco Catalyst 2950 switch, you can set the duplex capabilities port-by-port

•The four different duplex options are:▫Auto▫Full▫Full-flow control

Use for 100Base-TX ports only▫Half

A Review of LAN Segmentation

•Improve the performance of Ethernet network▫By reducing the number of stations per

collision domain▫Implement bridges, switches, or routers to

segment the network and divide the collision domains

Segmenting with Bridges•Segments a network by filtering traffic at

the Data Link layer•Divides a network into two or more

segments Only forwards a frame from one segment to

another if the frame is a broadcast or has the MAC address of a station on a different segment

•Bridges learn MAC addresses by reading the source MAC addresses from frames▫As the frames are passed across the bridge

Segmenting with Bridges (continued)

•Bridging table▫Maps the MAC addresses on each segment

to the corresponding port on the bridge to which each segment is connected

•Bridges increase latency, but because they effectively divide the collision domain▫This does not affect slot time

Segmenting with Routers

•Operates at layer 3 of the OSI reference model

•Interprets the Network layer protocol and makes forwarding decisions based on the layer 3 address

•Routers typically do not propagate broadcast traffic

•Routers maintain routing tables that include the Network layer addresses of different segments

Segmenting with Routers (continued)

•Decrease collisions by filtering traffic•Reduce broadcast and multicast traffic•Support multiple paths and routes between

them•Provide increased•Provide layer 3 routing, packet

fragmentation and reassembly, and traffic flow control

•Provide communications between different technologies

LAN Switching

•Switches are often called multiport bridges▫Segmenting a LAN into multiple collision

domains•Switches microsegment the network

▫By connecting each port to an individual workstation

•Switched bandwidth▫Bandwidth is not shared as long as each

workstation connects to its own switch port

CCNA Guide to Cisco Networking

Fundamentals, Fourth Edition

19

Switch Operations• A switch learns the hardware address of

devices to which it is attached▫By reading the source address of frames

• The switch then matches the source MAC address with the port from which the frame was sent▫The MAC-to-switch-port mapping is stored in the

switch’s content-addressable memory (CAM)• The switch uses a memory buffer to store

frames as it determines to which port(s) a frame will be forwarded

Switch Operations•Types of memory buffering:

▫Port-based memory buffering Each port has its own buffer memory

▫Shared memory buffering•Asymmetric switching

▫Can interconnect network interfaces of different speeds

•Symmetric switching▫Require all attached network interface devices

to use the same transmit/receive speed

Switching Methods•All switches base frame-forwarding decisions

on a frame’s destination MAC address•The three main methods for processing and

forwarding frames are:▫Cut-through▫Store-and-forward▫Fragment-free▫Adaptive cut-through forwarding

A combination of the cut-through and store-and-forward methods

Cut-Through Forwarding

•Send a frame immediately after reading the destination MAC address into their buffers

•The main benefit is a reduction in latency•The drawback is the potential for errors in

the frame that the switch would be unable to detect▫Because the switch only reads a small

portion of the frame into its buffer•See Figure 12-5 on Page 249 for the

amount of bit read

Store-and-Forward Forwarding

•Read the entire frame, no matter how large, into their buffers before forwarding▫It will not forward frames with errors

•The store-and-forward method has the highest latency

•See Figure 12-6 on Page 350

Fragment-Free Forwarding

•Reads the first 64 bytes of an Ethernet frame▫Then begins forwarding it to the

appropriate port(s)▫An effort to provide more error-reducing

benefits than cut-through switching▫Latency lower than store-and-forward

switching▫See Figure 12-7 on Page 350

Adaptive cut-through Forwarding

•For the most part, the adaptive cut-through switch will act as a cut-through switch

•If a certain level of errors is detected, the switch will▫Change forwarding techniques to act more

as a store-and-forward switch

Switch User Interface•Two types of operating systems are in use on

Cisco switches▫IOS-based

Catalyst 1900, 2820, 2900▫Set-based

Older and uses set commands 1984G, 2926, 4000, 5000, and 6000 series

▫The Cisco switch has a console port to which you can connect your laptop or PC

•Once you power on the switch you will be in the command-line interface

Modes and Passwords

•You CANNOT actually configure a switch until you get to enable mode

•To enter enable mode▫Type enable at the command-line prompt

•The first step in configuring a switch is to set up a password▫To start configuration mode

Type configure terminal or config t at the command prompt

Modes and Passwords (Cont.)• A secret (encrypted) password

▫ Switch(config)# enable secret ccnasafe▫ Cannot be retrieved from the configuration file

• Password on VTY (telnet) or console line▫ Switch(config)# service password-encryption▫ Switch(config)# line vty 0 15

For telnet, from line 0 to 15▫ Switch(config-line)# password vtysafe▫ Switch(config-line)# Exit▫ Switch(config)# line con 0▫ Switch(config-line)# password consolesafe▫ Switch(config-line)# Exit▫ Switch(config)# copy run start

To save your configuration to the startup config

Setting the Host Name

•To configure this name, you would type:▫Switch(config)#hostname name

•Once the host name is set, the prompt will change to reflect the name of the switch

IP on the Switch•By default, Cisco switches are not configured

with IP addresses▫Configure an IP address for your switch so that

you can manage it over the network ▫If you want to implement VLANs on your

network Switch(config)# int vlan 1 Switch(config-if)# ip address 192.168.1.204

255.255.255.0 Switch(config-if)# exit Switch(config)# ip default-gateway 192.168.1.1 Switch(config)# ip domain-name classroom

Configuring Switch Ports

•To enter interface configuration mode for the first port of a switch named Rm410HL, you would use the following commands:▫Rm410HL#configure terminal▫Rm410HL(config)#interface f0/1▫Rm410HL(config-if)#

•To view the configuration of a port, use the show command

Configuring Switch Ports (continued)

•Configuring the duplex mode▫Rm410HL#configure terminal▫Rm410HL(config)#interface f0/24▫Rm410HL(config-if)#duplex full

Securing Switch Ports

•Several option of security on a switch▫Configure a permanent MAC address for a

specific port on your switch▫Define a static MAC address entry into your

switching table Maps a restricted communication path

between two ports▫Configure port security

Setting a limit on the number of MAC addresses

Securing Switch Ports (continued)

• Display options by typing the following command:▫Rm410HL(config-if)#switchport port-security ? Aging Mac-address Maximum Violation

▫Rm410HL(config-if)#switchport mode access▫Rm410HL(config-if)#switchport port-security

Securing Switch Ports (continued)

•Aging•Mac-address

▫Tie a specific MAC address to a specific port Rm410HL(config-if)#switchport port-security

Mac-address 0000.aaaa.bbbb•Maximum

▫Default value is 1; Range is 1 – 132 per interface Rm410HL(config-if)#switchport port-security

Maximum 10

Securing Switch Ports (continued)

•Violation▫What happens when a switch encounters a

violation of the configured switchport security▫Protect

Stop forwarding the traffic of the exceeded MAC address (11th and above; if it was set maximum to 10)

▫Restrict Same as protect. Also sends an alert

▫Shutdown By default to shut the interface down

Securing Switch Ports (continued)

•To turn switchport security off, use:▫Rm410HL(config-if)#no switchport port-security

•To clear the settings to include erasing the static MAC addresses, use the clear command:▫Rm410HL(config-if)#clear port-security

Assignment

•Review Questions▫1 – 25

•Lab 12.1