configuring cisco switches chapter 13 powered by dj 1
TRANSCRIPT
Configuring Cisco Switches
Chapter 13
powered by DJ 1
Chapter Objectives Understand Cisco switches
Select the appropriate media, cables, ports, and connectors to connect switches to other network devices and hosts
Explain network segmentation and basic traffic management concepts
Explain basic switching concepts and the operation of Cisco switches
Define what is a loop
Describe the Spanning Tree process
Working with switches.
Configuring Switches.
At the end of this Chapter you will be able to:
powered by DJ 2
Bridges and Switches The main function of bridges and switches is to solve bandwidth,
or collision, problems.
Switching Services
Unlike bridges, which use software to create and manage a filter table, switches use application specific integrated circuits (ASICs) to build and maintain their filter tables.
Layer 2 switches and bridges are faster than routers because they don’t take up time looking at the Network layer header information. Instead, they look at the frame’s hardware addresses before deciding to either forward, flood or drop the frame.
powered by DJ 3
Layer 2 switching provides the following:
Hardware-based bridging (ASIC)
Wire speed
Low latency
Low cost
Private Domains Created by switchespowered by DJ 4
Bridging vs. LAN Switching there are some important differences:
Bridges are software based, while switches are hardware based because they use ASIC chips to help make filtering decisions.
A switch can be viewed as a multiport bridge.
There can be only one spanning-tree instance per bridge, while switches can have many.
Switches have a higher number of ports than most bridges.
Bridges and switches learn MAC addresses by examining the source address of each frame received.
Both bridges and switches make forwarding decisions based on layer 2 addresses.
powered by DJ 5
Switch Functioning at Layer 2
There are three distinct functions of layer 2 switching-
Address learning
forward/filter decisions
loop avoidance
Address learning
Layer 2 switches and bridges remember the source hardware address of each frame received on an interface, and they enter this information into a MAC database called a forward/filter table.
powered by DJ 6
Forward/filter decisions
When a frame is received on an interface, the switch looks at the destination hardware address and finds the exit interface in the MAC database. The frame is only forwarded out the specified destination port.
Loop avoidance
If multiple connections between switches are created for redundancy purposes, network loops can occur. Spanning Tree Protocol (STP) is used to stop network loops while still permitting redundancy.
powered by DJ 7
Address Learning – A Detailed Look
When a switch is first powered on, the MAC forward/filter table is empty.
When a device transmits and an interface receives a frame, the switch places the frame’s source address in the MAC forward/filter table
powered by DJ 8
Mac Forward/Filter Table
powered by DJ 9
Forward/Filter Decisions – A Detailed Look When a frame arrives at a switch interface, the destination
hardware address is compared to the forward/filter MAC database. If the destination hardware address is known and listed in the database, the frame is only sent out the correct exit interface. The switch doesn’t transmit the frame out any interface except for the destination interface. This preserves bandwidth on the other network segments and is called frame filtering.
powered by DJ 10
Another Forward/Filter Table
powered by DJ 11
Loop Avoidance and Spanning Tree Protocol
Redundant links between switches are a good idea because they help prevent complete network failures in the event one link stops working.
even though redundant links can be extremely helpful, they often cause more problems than they solve. This is because frames can be flooded down all redundant links simultaneously, creating network loops
powered by DJ 12
Broadcast Storm
powered by DJ 13
A device can receive multiple copies of the same frame since that frame can arrive from different segments at the same time.
Figure below demonstrates how a whole bunch of frames can arrive from multiple segments simultaneously. The server in the figure sends a unicast frame to Router C. Since it’s a unicast frame, Switch A forwards the frame and Switch B provides the same service—it forwards the broadcast. This is bad because it means that Router C receives that unicast frame twice, causing additional overhead on the network.
powered by DJ 14
Multiple Frame Copies
powered by DJ 15
The Spanning Tree Protocol
What is Spanning Tree Protocol?
The main function of the Spanning Tree Protocol (STP) is to remove layer-2 loops from your topology
Spanning Tree Terms
Root bridge: The root bridge is the bridge with the lowest best bridge ID. With STP, the key is for all the switches in the network to elect a root bridge that becomes the focal point in the network.
BPDU: All the switches exchange information to use in the selection of the root switch as well as in subsequent configuration of the network. Each switch compares the parameters in the Bridge Protocol Data Unit (BPDU) that it sends to one neighbor with the one that it receives from another neighbor.
powered by DJ 16
Conti… Bridge ID: The bridge ID is how STP keeps track of all the switches
in the network. It is determined by a combination of the bridge priority (32,768 by default on all Cisco switches) and the base MAC address. The bridge with the lowest bridge ID becomes the root bridge in the network.
Nonroot bridges: These are all bridges that are not the root bridge. Nonroot bridges exchange BPDUs with all bridges and update the STP topology database on all switches, preventing loops and providing a measure of defense against link failures.
powered by DJ 17
Conti.. Port cost: Port cost determines the best path when multiple links
are used between two switches and none of the links is a root port. The cost of a link is determined by the bandwidth of a link.
Root port:
The root port is always the link directly connected to the root bridge, or the shortest path to the root bridge. If more than one link connects to the root bridge, then a port cost is determined by checking the bandwidth of each link. The lowest-cost port becomes the root port.
If multiple links have the same cost, the bridge with the lower advertising bridge ID is used. Since multiple links can be from the same device, the lowest port number will be used.
powered by DJ 18
Conti… Designated port: A designated port is one that has been determined
as having the best (lowest) cost. A designated port will be marked as a forwarding port.
Non designated port: A non designated port is one with a higher cost than the designated port. Non designated ports are put in blocking mode—they are not forwarding ports.
Forwarding port: A forwarding port forwards frames.
Blocked port: A blocked port is the port that, in order to prevent loops, will not forward frames. However, a blocked port will always listen to frames.
powered by DJ 19
Connect Switch to a Computer
Step 1
All network cable connections are secure.
Your PC or terminal is connected to the console port. Your terminal emulator application, such as HyperTerminal is running and configured properly. The figure shows a PC connected to a switch using the console port.
powered by DJ 20
Connect Dialogue Box
powered by DJ 21
Choose appropriate settings for your region and verify, the pre-selected ones.powered by DJ 22
Step 2
Observe the boot sequence as follows:
When the switch is on, the POST begins. During POST, the LEDs blink while a series of tests determine that the switch is functioning properly. When the POST has completed, the SYST LED rapidly blinks green. If the switch fails POST, the SYST LED turns amber. When a switch fails the POST test, it is necessary to repair the switch.
powered by DJ 23
2950 Switch Configuration Commands1) Setting the Passwords
(config)#enable password ?
level Set exec level password
(config)#enable password level ?
<1-15> Level number
(config)#enable password level 15 hcl1
2) Setting the Hostname
#config t
Switch(config)#hostname hcl2950
hcl2950(config)#
powered by DJ 24
3) Setting IP Information
hcl1900#config t
hcl1900(config)#ip address 172.16.10.16 255.255.255.0
hcl1900(config)#ip default-gateway 172.16.10.1
hcl1900(config)#
4) Configuring Interface Descriptions
Hcl1900#config t
Hcl1900(config)#int e0/1
Hcl1900(config-if)#description Finance_VLAN
powered by DJ 25
5) Setting Port Security on a Catalyst Switch
Switch(config-if)#switchport port-security mac-address mac-address
Now only this one MAC address is allowed on this switch port.
6) Erasing the Switch Configuration
Hcl1900#delete nvram
powered by DJ 26
THANK YOU
powered by DJ 27