Configuring Cisco Switches
Download
Report
Transcript Configuring Cisco Switches
Chapter 13
Configuring Cisco Switches
powered by DJ
1
Chapter Objectives
At the end of this Chapter you will be able to:
Understand Cisco switches
Select the appropriate media, cables, ports, and connectors to connect
switches to other network devices and hosts
Explain network segmentation and basic traffic management concepts
Explain basic switching concepts and the operation of Cisco switches
Define what is a loop
Describe the Spanning Tree process
Working with switches.
Configuring Switches.
powered by DJ
2
Bridges and Switches
The main function of bridges and switches is to solve bandwidth, or
collision, problems.
Switching Services
Unlike bridges, which use software to create and manage a filter table,
switches use application specific integrated circuits (ASICs) to build and
maintain their filter tables.
Layer 2 switches and bridges are faster than routers because they don’t
take up time looking at the Network layer header information. Instead,
they look at the frame’s hardware addresses before deciding to either
forward, flood or drop the frame.
powered by DJ
3
Layer 2 switching provides the following:
Hardware-based bridging (ASIC)
Wire speed
Low latency
Low cost
powered by DJ
Private Domains Created by switches
4
Bridging vs. LAN Switching
there are some important differences:
Bridges are software based, while switches are hardware based because
they use ASIC chips to help make filtering decisions.
A switch can be viewed as a multiport bridge.
There can be only one spanning-tree instance per bridge, while switches
can have many.
Switches have a higher number of ports than most bridges.
Bridges and switches learn MAC addresses by examining the source address
of each frame received.
Both bridges and switches make forwarding decisions based on layer 2
addresses.
powered by DJ
5
Switch Functioning at Layer 2
There are three distinct functions of layer 2 switching-
Address learning
forward/filter decisions
loop avoidance
Address learning
Layer 2 switches and bridges remember the source hardware address of
each frame received on an interface, and they enter this information into
a MAC database called a forward/filter table.
powered by DJ
6
Forward/filter decisions
When a frame is received on an interface, the switch looks at the
destination hardware address and finds the exit interface in the MAC
database. The frame is only forwarded out the specified destination port.
Loop avoidance
If multiple connections between switches are created for redundancy
purposes, network loops can occur. Spanning Tree Protocol (STP) is used to
stop network loops while still permitting redundancy.
powered by DJ
7
Address Learning – A Detailed Look
When a switch is first powered on, the MAC forward/filter table is empty.
When a device transmits and an interface receives a frame, the switch
places the frame’s source address in the MAC forward/filter table
powered by DJ
8
Mac Forward/Filter Table
powered by DJ
9
Forward/Filter Decisions – A Detailed Look
When a frame arrives at a switch interface, the destination hardware
address is compared to the forward/filter MAC database. If the
destination hardware address is known and listed in the database, the
frame is only sent out the correct exit interface. The switch doesn’t
transmit the frame out any interface except for the destination interface.
This preserves bandwidth on the other network segments and is called
frame filtering.
powered by DJ
10
Another Forward/Filter Table
powered by DJ
11
Loop Avoidance and Spanning Tree Protocol
Redundant links between switches are a good idea because they help
prevent complete network failures in the event one link stops working.
even though redundant links can be extremely helpful, they often cause
more problems than they solve. This is because frames can be flooded
down all redundant links simultaneously, creating network loops
powered by DJ
12
Broadcast Storm
powered by DJ
13
A device can receive multiple copies of the same frame since that frame
can arrive from different segments at the same time.
Figure below demonstrates how a whole bunch of frames can arrive from
multiple segments simultaneously. The server in the figure sends a unicast
frame to Router C. Since it’s a unicast frame, Switch A forwards the frame
and Switch B provides the same service—it forwards the broadcast. This is
bad because it means that Router C receives that unicast frame twice,
causing additional overhead on the network.
powered by DJ
14
Multiple Frame Copies
powered by DJ
15
The Spanning Tree Protocol
What is Spanning Tree Protocol?
The main function of the Spanning Tree Protocol (STP) is to remove layer-2
loops from your topology
Spanning Tree Terms
Root bridge: The root bridge is the bridge with the lowest best bridge ID.
With STP, the key is for all the switches in the network to elect a root
bridge that becomes the focal point in the network.
BPDU: All the switches exchange information to use in the selection of the
root switch as well as in subsequent configuration of the network. Each
switch compares the parameters in the Bridge Protocol Data Unit (BPDU)
that it sends to one neighbor with the one that it receives from another
neighbor.
powered by DJ
16
Conti…
Bridge ID: The bridge ID is how STP keeps track of all the switches in the
network. It is determined by a combination of the bridge priority (32,768
by default on all Cisco switches) and the base MAC address. The bridge
with the lowest bridge ID becomes the root bridge in the network.
Nonroot bridges: These are all bridges that are not the root bridge.
Nonroot bridges exchange BPDUs with all bridges and update the STP
topology database on all switches, preventing loops and providing a
measure of defense against link failures.
powered by DJ
17
Conti..
Port cost: Port cost determines the best path when multiple links are used
between two switches and none of the links is a root port. The cost of a
link is determined by the bandwidth of a link.
Root port:
The root port is always the link directly connected to the root bridge, or
the shortest path to the root bridge. If more than one link connects to the
root bridge, then a port cost is determined by checking the bandwidth of
each link. The lowest-cost port becomes the root port.
If multiple links have the same cost, the bridge with the lower advertising
bridge ID is used. Since multiple links can be from the same device, the
lowest port number will be used.
powered by DJ
18
Conti…
Designated port: A designated port is one that has been determined as
having the best (lowest) cost. A designated port will be marked as a
forwarding port.
Non designated port: A non designated port is one with a higher cost than
the designated port. Non designated ports are put in blocking mode—they
are not forwarding ports.
Forwarding port: A forwarding port forwards frames.
Blocked port: A blocked port is the port that, in order to prevent loops, will
not forward frames. However, a blocked port will always listen to frames.
powered by DJ
19
Connect Switch to a
Step 1
Computer
All network cable connections are secure.
Your PC or terminal is connected to the console port. Your terminal
emulator application, such as HyperTerminal is running and configured
properly. The figure shows a PC connected to a switch using the console
port.
powered by DJ
20
Connect Dialogue Box
powered by DJ
21
Choose appropriate settings for your region and verify, the pre-selected ones.
powered by DJ
22
Step 2
Observe the boot sequence as follows:
When the switch is on, the POST begins. During POST, the LEDs blink while
a series of tests determine that the switch is functioning properly. When
the POST has completed, the SYST LED rapidly blinks green. If the switch
fails POST, the SYST LED turns amber. When a switch fails the POST test, it
is necessary to repair the switch.
powered by DJ
23
2950 Switch Configuration
1) Setting the Passwords
Commands
(config)#enable password ?
level
Set exec level password
(config)#enable password level ?
<1-15>
(config)#enable password level 15 hcl1
Level number
2) Setting the Hostname
#config t
Switch(config)#hostname hcl2950
hcl2950(config)#
powered by DJ
24
3) Setting IP Information
hcl1900#config t
hcl1900(config)#ip address 172.16.10.16 255.255.255.0
hcl1900(config)#ip default-gateway 172.16.10.1
hcl1900(config)#
4) Configuring Interface Descriptions
Hcl1900#config t
Hcl1900(config)#int e0/1
Hcl1900(config-if)#description Finance_VLAN
powered by DJ
25
5) Setting Port Security on a Catalyst Switch
Switch(config-if)#switchport port-security mac-address mac-address
Now only this one MAC address is allowed on this switch port.
6) Erasing the Switch Configuration
Hcl1900#delete nvram
powered by DJ
26
THANK YOU
powered by DJ
27