3. LAN Switching

8/13/2019 3. LAN Switching

1/75

2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1

Cisco Confidential 2011 Cisco and/or its affiliates. All rights reserved. 1

Module 3:LAN Switching


2/75


Distribution

Layer

Core Layer

AccessLayer


3/75



4/75



5/75



6/75


Cut-ThroughSwitch checks destinationaddress and immediatelybegins forwarding frame.

Fragment-Free Switch checks the first 64

bytes, then immediatelybegins forwarding frame.

Store and ForwardComplete frame isreceived and checkedbefore forwarding.


7/75 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7

Initial MAC address table is empty.



Station A sends a frame to station C. Switch caches the MAC address of station A to port E0 by

learning the source address of data frames. The frame from station A to station C is flooded out to all

ports except port E0 (unknown unicasts are flooded).



Station D sends a frame to station C. Switch caches the MAC address of station D to port E3 by

learning the source address of data frames. The frame from station D to station C is flooded out to all ports

except port E3 (unknown unicasts are flooded).



Station A sends a frame to station C. Destination is known; frame is not flooded.



Station D sends a broadcast or multicast frame. Broadcast and multicast frames are flooded to all ports

other than the originating port.



Unbounded failure domains

Large broadcast domains

Large amount of unknownMAC unicast traffic

Unbounded multicast traffic

Management andsupport challenges

Possible securityvulnerabilities


14/75


VLAN = Broadcast Domain = Logical Network (Subnet)

Segmentation

Flexibility

Security


15/75



16/75


Each logical VLAN is like a separate physical bridge.

VLANs can span across multiple switches. Trunks carry traffic for multiple VLANs. Trunks use special encapsulation to distinguish between

different VLANs.


17/75



18/75



19/75



20/75



21/75


22/75


Cannot create,change, or deleteVLANs

Sends andforwardsadvertisementsSynchronizes

Create VLANs

Modify VLANs

Delete VLANs

Sends and forwardsadvertisements

Synchronizes

Create local VLANs only

Modify local VLANs only

Delete local VLANs only

Forwards advertisements

Does notsynchronize


23/75


VTP advertisements are sent as multicast frames.VTP servers and clients are synchronized to thelatest revision number.

VTP advertisements are sent every 5 minutes orwhen there is a change.


24/75



25/75


1. Configure and verify VTP.2. Configure and verify 802.1Q trunks.

3. Create or modify a VLAN on the VTP server switch.

4. Assign switch ports to a VLAN and verify.

5. Execute adds, moves, and changes.

6. Save the VLAN configuration.


26/75


VTP defaults for the Cisco Catalyst switch:VTP domain name: None

VTP mode: Server mode

VTP pruning: Enabled or disabled (model specific)

VTP password: NullVTP version: Version 1

A new switch can automatically become part of a domain oncereceives an advertisement from a server.

A VTP client can overwrite a VTP server database if the client has a

higher revision number. A domain name cannot be removed after it is assigned; it can only bereassigned.


27/75


SwitchX# configure terminalSwitchX(config)# vtp mode [ server | client | transparent ]SwitchX(config)# vtp domain domain-name SwitchX(config)# vtp password passwordSwitchX(config)# vtp pruningSwitchX(config)# end


28/75


SwitchX(config)# vtp domain ICNDChanging VTP domain name to ICNDSwitchX(config)# vtp mode transparentSetting device to VTP TRANSPARENT mode.SwitchX(config)# end

SwitchX# show vtp status VTP Version : 2

Configuration Revision : 0 Maximum VLANs supported locally : 64 Number of existing VLANs : 17 VTP Operating Mode : Transparent VTP Domain Name : ICND VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x7D 0x6E 0x5E 0x3D 0xAF 0xA0 0x2F 0xAA

Configuration last modified by 10.1.1.4 at 3-3-93 20:08:05SwitchX#


29/75


Configures the port as a VLAN trunk

SwitchX(config-if)#switchport mode trunk

switchport mode {access | dynamic {auto | desirable} | trunk}SwitchX(config-if)#

Configures the trunking characteristics of the port


30/75


SwitchX# show interfaces fa0/11 trunk

Port Mode Encapsulation Status Native vlan

Fa0/11 desirable 802.1q trunking 1

Port Vlans allowed on trunkFa0/11 1-4094

Port Vlans allowed and active in management domainFa0/11 1-13

SwitchX# show interfaces fa0/11 switchport Name: Fa0/11

Switchport: Enabled Administrative Mode: trunk

Operational Mode: down Administrative Trunking Encapsulation: dot1q

Negotiation of Trunking: On Access Mode VLAN: 1 (default)Trunking Native Mode VLAN: 1 (default)

. . .

SwitchX# show interfaces interface [switchport | trunk]


31/75


The maximum number of VLANs is switch-dependent.

Most Cisco Catalyst desktop switches support 128 separate spanning-tree instances, one per VLAN.

VLAN 1 is the factory default Ethernet VLAN.

Cisco Discovery Protocol and VTP advertisements are sent on VLAN 1.The Cisco Catalyst switch IP address is in the management VLAN (VLAN1 by default).

If using VTP, the switch must be in VTP server or transparent mode toadd or delete VLANs.


32/75


SwitchX# configure terminalSwitchX(config)# vlan 2SwitchX(config-vlan)# name switchlab99


33/75


SwitchX# show vlan id 2

VLAN Name Status Ports---- -------------------------------- --------- -------------------------------2 switchlab99 active Fa0/2, Fa0/12

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------2 enet 100002 1500 - - - - - 0 0

. . .SwitchX#

SwitchX# show vlan [brief | id vlan-id || name vlan-name ]


34/75


SwitchX# configure terminalSwitchX(config)# interface range fastethernet 0/2 - 4SwitchX(config-if)# switchport access vlan 2

SwitchX# show vlan

VLAN Name Status Ports---- -------------------------------- --------- ----------------------1 default active Fa0/12 switchlab99 active Fa0/2, Fa0/3, Fa0/4

switchport access [vlan vlan# | dynamic]

SwitchX(config-if)#


35/75


SwitchX# show vlan brief VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/12 switchlab99 active Fa0/2, Fa0/3, Fa0/4 3 vlan3 active4 vlan4 active1002 fddi-default act/unsup1003 token-ring-default act/unsup

VLAN Name Status Ports---- -------------------------------- --------- -------------------------------1004 fddinet-default act/unsup1005 trnet-default act/unsup

SwitchX# show vlan brief


36/75


SwitchX# show interfaces fa0/2 switchport Name: Fa0/2

Switchport: Enabled Administrative Mode: dynamic auto

Operational Mode: static access Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: native Negotiation of Trunking: On Access Mode VLAN: 2 (switchlab99)

Trunking Native Mode VLAN: 1 (default)--- output omitted ----

show interfaces interface switchport

SwitchX(config-if)#


37/75


When using VTP, the switch must be in VTP server or transparent modeto add, change, or delete VLANs.

When you make VLAN changes from a switch in VTP server mode, thechange is propagated to other switches in the VTP domain.

Changing VLANs typically implies changing IP networks. After a port is reassigned to a new VLAN, that port is automaticallyremoved from its previous VLAN.

When you delete a VLAN, any ports in that VLAN that are not moved toan active VLAN will be unable to communicate with other stations.


38/75

2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38Cisco Confidential 2011 Cisco and/or its affiliates. All rights reserved. 38


39/75


When using VTP, the switch must be in VTP server or transparent modeto add, change, or delete VLANs.

When you make VLAN changes from a switch in VTP server mode, thechange is propagated to other switches in the VTP domain.

Changing VLANs typically implies changing IP networks. After a port is reassigned to a new VLAN, that port is automaticallyremoved from its previous VLAN.

When you delete a VLAN, any ports in that VLAN that are not moved toan active VLAN will be unable to communicate with other stations.


40/75


Technology Use

Fast Ethernet Connects end-user devices tothe access layer switch

Gigabit Ethernet Connects access switch to

distribution switch and highuse servers to switches

10-GigabitEthernet

Provides high-speed switch toswitch links, backbones

EtherChannel Provides high-speed switch toswitch links, backbones with

redundancy


41/75


Each link provides adequatebandwidth for the totalaggregatetraffic over that link.


42/75


Logical aggregation of similarlinks between switches

Load-shares across links

Viewed as one logical portto STP

Redundancy


43/75


Redundant topology eliminates single points of failure.

Redundant topology causes broadcast storms, multipleframe copies, and MAC address table instability problems.


44/75


Station D sends a broadcast frame.

Broadcast frames are flooded to all portsexcept the originating port.


45/75


Host X sends a broadcast.

Switches continue to propagatebroadcast traffic over and over.


46/75


47/75


Provides a loop-free redundant network topologyby placing certain ports in the blocking state

Published in the IEEE 802.1D specification

Enhanced with the Cisco PVST+ implementation


48/75


One root bridge per broadcast domain.One root port per nonroot bridge.

One designated port per segment.

Nondesignated ports are unused.


49/75


BPDU (default = sent every 2 seconds)

Root bridge = bridge with the lowest bridge ID

Bridge ID = BridgePriority

MAC Address


50/75


Spanning tree transits each port through several different states:


51/75


PortFast is configured on access ports, not trunk ports.


52/75


spanning-tree portfast

SwitchX(config-if)#

Configures PortFast on an interface

spanning-tree portfast default

SwitchX(config)#

Enables PortFast on all non-trunking interfaces

show running-config interface interface

SwitchX#

Verifies that PortFast has been configured on an interface

OR


53/75



54/75


Link Speed Cost (New IEEESpecification)Cost (Old IEEESpecification)

10 Gb/s 2 1

1 Gb/s 4 1

100 Mb/s 19 10

10 Mb/s 100 100


55/75



56/75



57/75


Bridge ID without theextended system ID

Extended bridge IDwith system ID

System ID = VLAN


58/75



59/75


Cisco Catalyst switches support three types of STPs:PVST+

PVRST+

MSTP

The default STP for Cisco Catalyst switches is PVST+ : A separate STP instance for each VLAN

One root bridge for all VLANs

No load sharing


60/75



61/75


spanning-tree vlan 1 root primary

This command forces this switch to be the root for VLAN 1.

spanning-tree vlan 2 root secondary

This command configures this switch to be the secondary rootfor VLAN 2.

OR

spanning-tree vlan # priority priority

This command statically configures the priority (increments of 4096).

SwitchA(config)#

SwitchA(config)#

SwitchA(config)#


62/75


spanning-tree vlan 2 root primary

This command forces the switch to be the root for VLAN 2.

spanning-tree vlan 1 root secondary

This command configures the switch to be the secondary root VLAN 1.

OR

spanning-tree vlan # priority priority

This command statically configures the priority (increments of 4096).

SwitchB(config)#

SwitchB(config)#

SwitchB(config)#


64/75



65/75



66/75



67/75



68/75



69/75



70/75


71/75



72/75



73/75



74/75



75/75

Thank you.

3. LAN Switching

Documents

Transcript of 3. LAN Switching