Interfacing with Managed Switches

In a more basic world it's fairly easy to separate routers from switches routers
are going to filtered forward traffic based on Layer 3 of the OSI 7 layer model IP
addresses and switches use Layer 2 MAC addresses.

Well the problem we're starting to run into especially you've been keeping up on an
episode of episode bases is that we're beginning to discover that the whole idea
between what switches can do and what routers can do begins to be a little bit
fuzzy.

So one of the things that we need to begin to appreciate is that we have to be able
to go in and configure switches.

Now the challenge here is that if you've been watching previous episodes you can
appreciate that for the most part.

Somehow you know magic IP address and you plug in you type that IP address into
your web browser and you get some kind of magic configuration screen.

And generally that's true.

However for the network.

Plus we need to look at some other alternatives and probably the best place to
start would be with this old Cisco switch right here.

Now if you take a look at the front of the Cisco switch it's not too terribly
exciting.

We've got 24 ethernet ports.

However if you take a look at the back I want you to see that right there.

This is a console port console ports allow you to access with really not just
switches you can do this with Cisco routers you can access these devices without
even knowing an IP address or anything else like that.

Now in order to make this happen you need to have one of these very famous rollover
cables and this cable plugs into the console port in the shape of the ends.

So I've got a regular old school D-B nine serial here on the left and on the right.

At first glance you'd look at that and go Oh that's an RJ 45.

Well it does look like an RJ 45 but it's got a very unique proprietary wiring so
it's not an Ethernet.

It is nothing more.

It's really a serial connection.

So what I want to do is let's go ahead and get this up and running now to make this
work.

You plug one end into your console port and then you plug this and into your serial
port.

Well guess what.

I don't have a serial port on my laptop but I've got one of these handy dandy
adapters.

Now the downside to running things this way is that.

And you'll use something like putty fire putty up in it and you'll get the
connection.

The downside to running things this way is that the serial connection is incredibly
slow it's runs at 9600 baud.

So it's really slow.

The one I'm going to do here is I'm going to cheat a little bit.

I'm going to go ahead and connect via your ready for it, Ethernet port

Most of the switches have some features that allow you to connect in using telnet
over your ethernet connection.

So I'm going to use putty and I'm going to use actually use telnet so I'm going to
cheat a little bit.

The nice part is is the interface is absolutely identical to the one you'd see by
running through the rollover port.

But it'll be fast enough that we won't fall asleep during the presentation.

So give me a second.

I'm going to plug this in and let's take a look at the most raw type of interface
you can see.

And actually it has an operating system called IO's.

Let's take a look.

OK so here I am I've got putty up and running.

Now one of the things I love about 30 is that you can use it for just about any
connection if I wanted to use my rollover I can just go ahead and set it to serial.

I would set the COM port on my particular system's Com 3 and I set the baud rate to
96 hundred which is the default for Cisco stuff.

And if I had a plug in we would just hit open and off we'd go.

But I'm going to cheat and I'm going to use telnet.

I typed in the IP address for my device and I just hit that

when you type in a password Teda you are in Cisco's iOS interface.

IOS is a very very powerful operating system that pretty much all Cisco switches
and routers run on now.

I don't want to turn this into an iOS course but there are a few commands.
For example I want to go into a enable mode which is really where all the fun
begins and you can see that I have the name of the switch plus the pound sign which
tells me I'm in the Enable mode and I can do all kinds of stuff like show so when I
just did there as I said show me the startup file for my particular system and I
can go through and see everything what is currently set for the startup.

Right now there's not much in there because it's pretty much almost exclusively set
up from the factory.

But it's all there.

So there's clearly more than just plugging in and getting to a web browser to
figure out how to configure something so.

So we've used a rollover cable.

We actually even use telnet which you can do for a lot of devices.

Now what I want to do is go back to the idea of running using a web interface now
to do that.

What I'm going to do is I'm going to unplug and I want to plug into this Netgear.

So I'm just going to plug in any connection I want.

It doesn't really matter too much which one I use.

And the reason I like this Netgear box so much is because it has a lot of extra
features that you'll see in switches certainly as VPN.

But there's a few other things in there that we're going to see with advanced types
of switches that is really kind of handy so let's jump back in one more time.

I'm going to fire up my web browser.

And let me connect to this little switch and we can just program just a couple of
more things I'd like to show you.

All right now what I want to do here is just get into this little switch.

Now remember this is not a router it's just a switch.

OK.

So everything we're looking at is going to be a very switchy type thing.

So first of all we'll fired up and we'll see it.

Here's his IP address.

This is the factory default and they're somewhere in there we can make some changes
so let's take a look so we can do just the basic setup if we want to give it a name
if we want to give it IP address as you can see right now.

It's designed to get IP addresses from a DHP server.

But if I wanted to and this is something that's really common I don't want to have
to guess what my switches IP addresses so I can assign it to an IP address that is
part of my network and I could go ahead and give a subnet mask and gateways all but
I could give it this and then I'll document that so it will always have this
anytime I need to configure my switch.

I go to any web browser and type that in and life's good.

So let's take a look at some of the other things we have in here.

We can actually set up access list to.

We can set up a very basic access control list to determine who we can get in here
that type of thing.

We have port configuration in terms of port configuration on switches there's

usually not a ton you can do.

But for example we can force a speed and also force what's known as flow control.

There's not a good reason to do that that I'm aware of.

Another one I will show you here is quality of service QSI is actually a pretty
interesting tool and we can set up priorities for different types of traffic and
these priorities go from zero to seven.

On this particular router and we can apply this type of priorities to say I don't
know if the traffic and we can actually throttle a percentage of our total
bandwidth for things like that.

Here's VPN and it's got a very simplistic VPN compared to if you've been watching
in earlier episodes the kind of cool stuff that we'd see with Cisco.

But I set up a VPN too I just called it wireless and I set aside a few ports for
it.

Now monitoring is actually kind of interesting because when we talk about

monitoring keep in mind that by definition a switch does not allow traffic to go
out on all of the different ports.

So what we do instead is we can actually do something called Port mirin.

But in this case it's just called a sniff report so I'm going to turn it on and I'm
going to say the sniffer mode as I want to see everything is being sent and
received and I can set a particular port.

In this case I'm going to say port number one is going to be the port.

You listen in on and then I can sit here and say anything happening on any of these
ports.

I want you to mirror it to this guy so this is a great way to use monitoring tools
and that type of thing.

Now here's some advanced things that are kind of interesting.

First of all there's spanning tree protocol which is pretty common on better
switches today and you can either enable it or disable it means disabled for right
now.

And that's because I don't have a risk of creating bridge loops by wiring my
switches wrong so I keep it turned off in general.
Now here's something called SNMP or simple network management protocol is a tool
that's used by all kinds of devices but it's primarily used on switches and routers
to have an idea of their status so you can query them and things like this.

And what we're doing here is we're just setting up an IP address.

And then what you can do for this particular device so I can set an IP address of.

All set this address up and then you can create a community.

A community is a just a name and all of the devices that share this common name
will be members of a community.

And then you can say whether the Read-Only and read write and then what they can
actually do with it as an MP for the most part is really just used for monitoring
routers and switches and things like that from a single source.

Just to make a quick mention of it IGMP and what that's used for is that if you're
actually going to be doing multicast traffic you want to make sure this is turned
on.

So if you've got somebody who's doing multicast you know video conferencing or
things like that those are things that you want to have turned on.

Next one is what we call Port rate setting where you can actually set how fast or
either as a percentage of the total bandwidth or in a raw value as you see right
here how fast you can set a port.

So for example I can actually slow certain ports down in case there is a problem
with them or I don't want somebody to eat up all my bandwidth.

Now all I'm trying to do with this episode is give you an idea of some of the
things that you might be able to see within a more powerful manage switch.

So keep in mind that even though it's not a router it's not doing any of the
heavier stuff that you're probably used to seeing.

These little boxes can carry a lot of weight and do a lot of important features for
you.

So don't be afraid to go into your manage switch program a little bit.

Oh and for crying out loud.

Change the default password.

or I'm going to hack it myself.

Managed switches require configuration

Connect to a managed switch via an IP address or a console port

Cisco routers and switches use a proptietary IOS -Internal Operating System I
believe