LAN Switching Technologies

1
 Ethernet Basics

o Ethernet is the traditional technology for connecting wired local area

networks (LANs), enabling devices to communicate with each other via a
protocol a set of rules or common network language.

Standards Organizations

2
Broadcast & Collision Domains
o Broadcast domains
• Everyone sees all frames
• All ports on a hub or a switch are by default in the same broadcast domain
• All ports on a router are in the different broadcast domains
• routers don’t forward broadcasts from one broadcast domain to another

3
o Collision domains
• Collection of devices that all access a shared medium
• A collision domain is the part of a network where packet collisions can occur
• collision occurs when two devices send a packet at the same time on the
shared network segment
• Each port on a bridge, a switch or a router is in a separate collision domain

4
o CSMA/CD

• Carrier Sense

• Multiple Access

• Collision Detect

5
Distance, Cables, & Duplex

o The developers of Ethernet had some additional decisions to make:

1. Maximum Speed?
• Originally 2.94Mbps (millions-of-bits-per-second)

2. Maximum distance of transmission?

• They decided on 100 meters.

3. What type of cable?

• They decided on copper (coaxial) cable.

6
Ethernet Frame Structure
 LAB-1:

8
o MAC
• 48-bit addressing system

• Example: aaaa.aaaa.aaaa

• First 24 bits are considered OUI

• Remaining 24 bits are considered vendor assigned

9
Ethernet Cabling Details

o Twisted-pair cabling comes in three varieties:

10
Layer-2 Switching
o Switching History -1

11
o Switching History -2

12
o Switching History -3

13
o Switching History -4

14
Switch
o Switch is a multiport bridge
• More ports than a bridge
• Mixture of port speeds & types

o Forwards frames based on the MAC address

table

o Separates collision domain

o Operates in data link layer

15
 o Switch MAC Learning

• Based on Source MAC Address

• Addresses age out after inactivity-timer

o Switching forwarding

• Based on Destination MAC

• Broadcast/Multicast/Unknown Unicast flooding
• All ports initially in one, large, broadcast domain

16
Cisco IOS

17
Introduction to IOS

o Internetworking Operating System

o Native software for Cisco routers and switches

o Cisco develops different IOSs for different platforms

• Example: Cisco 1841, Cisco 2821, etc.

o Usually operated through CLI

18
 Startup Sequence Of Device

o Cisco routers and switches generally perform the same steps upon initial startup
• Discover device hardware
• Find and load IOS image
• Find and load configuration file.

o Memory Types
• Flash
• NVRAM
• RAM
• ROM

19
Device Access

o Basically, two methods of configuring router/switch

• CLI (command-line interface)

• GUI (graphical user interface)

o Console port is used for initial configuration

o Requirements

• Console cable
• Terminal emulator
 Hyper Terminal
 Putty
 Secure CRT

20
Accessing Device via CLI
o Connect console cable into the “console” port of a Cisco device

o Open terminal emulator software like Putty

o Choose serial option with default baud rate, such as 9600

Copyright © Netmetric-solutions.com
 IOS Command Structure
o IOS has a command hierarchy

• Router> - User (or EXEC) mode

• Router# - Privileged EXEC (or Enable) mode

• Configuration modes
 Router(config)# - Global Configuration Mode
 Router(config-if)# - Interface Configuration Mode
 Router(config-router)# - Router Configuration Mode

• Usage of Exit, End, Ctrl-Z

22
Initial Configuration Commands
o Prevent syslog and event messages from interrupting CLI input

• Router(config-line)# logging synchronous

o Prevent DNS resolution attempt for mis-typed commands

• Router(config)# no ip domain-lookup

o Configure descriptive device name

• Router(config)# hostname Lab-1-Rtr

o Configure informative banner
• Router(config)# banner motd

o Add IPv4 address to an interface

• Router(config-if)#ip address <address><mask>

• Router(config-if)# no shutdown
24
Monitoring Memory and Images
o Display current IOS version running
• Router# show version

o Display all memory locations and file names

• Router# dir all

o Display saved, startup configuration file

• Router# show startup-config

o Display current running configuration

• Router# show running-config

25
Saving and Deleting Configurations

o Save current Running Configuration

• Router# copy running-config startup-config
OR
• Router# write memory

o Setting a router back to factory defaults

• Step-1: Delete startup configuration
Router# erase startup-config
OR
• Router# write erase

• Step-2: Reload the router

• Router# reload
26
Securing Device Access
o Configuring enable password
• Switch(config)# enable password <password>
OR
• Switch(config)# enable secret <password>
o Configuring console password
• Switch(config)# line console 0
• Switch(config-line)# password <password>
o Configuring Telnet password
• Switch(config)# line vty 0 4
• Switch(config-line)# password <password>
• witch(config-line)# login
• OR
• Switch(config)# username <username> privilege 15 password <password>
• Switch(config-line)# login local
27
Basic Switch Configuration

28
Tasks
o Perform initial configuration on Switch
• Hostname
• Enable password
• Console Password
• Banner
• “Convenience” commands
 No ip domain-lookup
 Logging synchronous

o Verify naming convention of ports on your switch

• Show ip interface brief

o Switchports primarily used for switching Layer-2 Ethernet Frames

• Don’t natively support IP addressing

o Switch Management IP address configured on a logical interface

• Switched Virtual Interface (SVI)
• Initially in same broadcast domain as all physical ports
• May be disabled by default
29
Configuring Management Address

o Configuration commands
• Switch(config)# interface vlan 1
• Switch(config-if)# ip address <address> <subnet mask>
• Switch(config-if)# no shutdown
• Switch(config-if)# exit
• Switch(config)# ip default-gateway <default-gateway>

30
Verification
o Verification commands

• PING (Packet Internet Groper)

• Traceroute
o Show commands

• Show ip interface brief

• Show running-configuration
• Show version
• Show mac address-table
31
 Configuration Example (Switch-to-Host)

o Configuration on Sw1
• Switch> enable
• Switch(config)# hostname Sw1
• Sw1(config)# interface GigabitEthernet1/0
• Sw1(config-if)# description **Connection to Javed Laptop**
• Sw1(config-if)# switchport mode access
• Sw1(config-if)# no shutdown

32
 Configuration Example (Switch-to-Switch)

o Configuration on Sw1
• Switch> enable
• Switch# configure terminal
• Switch(config)# hostname Sw1
• Sw1(config)# interface GigabitEthernet1/0
• Sw1(config-if)# description **Connection to Sw2**
• Sw1(config-if)# switchport mode dynamic desirable
• Sw1(config-if)# no shutdown

33
Configuration Example (Switch-to-Switch)
o Configuration on Sw2
• Switch> enable
• Switch# configure terminal
• Switch(config)# hostname Sw2
• Sw2(config)# interface GigabitEthernet1/0
• Sw2(config-if)# description **Connection to Sw1**
• Sw2(config-if)# switchport mode dynamic desirable
• Sw2(config-if)# no shutdown

34
Basic Troubleshooting
o Check for correct cable type
o Ensure no shutdown command in the interface (disabled
by default)
o For interconnected Access Ports, check for same VLAN
o For interconnected Trunk, verify DTP compatibility
modes

35
Cisco Discovery Protocol (CDP)
CDP
o Cisco proprietary

o Layer 2 protocol for neighbor discovery

o Provides information of platform, interface, IP

address, and OS version

o Helps with preparing network diagram

37
Configuration

oEnabling CDP
• Router(config)# cdp run
• Router(config)# cdp timer <seconds>

oDisabling CDP
• Router(config)# no cdp run
• Router(config-if)#no cdp enable

38
Verifying CDP

o Verification commands

• Router# show cdp neighbor

• Router# show cdp neighbor < interface>

• Router# show cdp neighbor <interface> detail

Copyright © Netmetric-solutions.com

39
Netmetric Infosolutions Pvt Ltd #1192, 5th Main, 20th Cross, 7th Sector, HSR Layout, Bangalore - 560102
Link Layer Discovery Protocol (LLDP)

o Open standard protocol, equivalent to CDP

o Defined in IEEE 802.1ab

o Media Endpoint Discovery (MED) is an LLDP enhancement for Voice

over IP (VoIP) applications

o Limited to only 802.1 media types (i.e. Ethernet…but not WAN

interfaces)

o CDP and LLDP can be operational on same interface.

40
 LLDP Configuration

oDevice(config)# lldp run

oDevice(config)# lldp holdtime 150
oDevice(config)# lldp timer 15
oDevice2(config)# interface ethernet 0/0
oDevice2(config-if)# lldp transmit
oDevice2(config-if)# end

41
Verifying LLDP

42
Virtual LANs (VLANs)
Without VLANs…

SALES HR

44
With VLANs…

VLAN 10 VLAN 20

SALES HR

45
VLAN Features

o Separates broadcast domain

o Provides better security
o Controls broadcast like ARP
o Provides hierarchical subnet usage
o VLAN Ranges
• VLAN range is 1-4094
• 1-1001 are usable normal-range VLANs
• 1002-1005 are reserved for token ring
• 1006-4094 are extended-range VLANs

46
VLAN Types
o Data VLAN

o Default VLAN

o Native VLAN

o Management VLAN

o Voice VLANs
Voice VLANs

48
Configuring VLAN

o Legacy method with VLAN database

• Sw1# vlan database
• Sw1(vlan-database)# vlan <vlan-id>
• Sw1(vlan-database)# end

oModern method of configuring VLAN

• Sw1(config)# vlan <vlan id>
• Sw1(config-vlan)# name <vlan name>

49
Inter-VLAN Routing

oTwo ways to configure inter-VLAN routing

• Router-on-a-stick model
• Routing with SVI

oA router is usually configured using sub-

interface
oSingle point of failure

50
Inter-VLAN Routing Configuration
o Trunk interface configuration that is
connected to the router
• Switch(config-if)# switchport mode trunk

o Configuring sub-interface for respective VLANs

• Router(config-sub-if)# encapsulation dot1q
<vlan-id>
• Router(config-sub-if)# ip address <address>
<subnet mask>

51
Inter-VLAN Routing Configuration (SVIs)

o Multilayer Switches can route between

VLANs
o Requires a separate SVI for each VLAN
• Each SVI needs a physical port (Access or Trunk) in
that VLAN

o Hosts point to IP address on SVI as their

default gateway

52
Configuration Example

Switch(config)# interface vlan 2

Switch(config-if)#ip add 2.2.2.2 255.0.0.0
Switch(config-if)#no shutdown

Switch(config)# interface vlan 3

Switch(config-if)#ip add 3.3.3.3 255.0.0.0
Switch(config-if)#no shutdown

53
o Verification commands
• Switch# show mac address-table

• Router# show ip route connected

• Optionally, “ping” is the best way to test

inter-VLAN routing

54
Types of Switch Ports

o Access Ports
• belong to and carry the traffic of only one VLAN

o Trunk Ports
• Carry the traffic of multiple VLANs and by default is a member of all
VLANs in the VLAN database

55
Configuring Access Ports
o Access Port = Switchport config single broadcast domain (VLAN)

o Access port configuration

• Switch(config)# interface <interface>
• Switch(config-if)# switchport mode access
• Switch(config-if)# switchport access vlan <vlan-id>

o Verification commands
• Sw1# show vlan <brief>
• Sw1# show interface <type><number> switchport

56
VLAN Trunks

57
 Trunk Port
o Can have two or more VLANs configured
o Can carry multiple VLAN information
o By default, all the VLAN traffic is allowed
from a trunk port

58
 Trunking Encapsulation

o 802.1Q
• Open standard

• All traffic except native VLAN is inserted with a

802.1q tag

• Support concept of native VLAN

Native VLAN

o IEEE 802.1Q supported feature

o Frame without tag is considered native VLAN traffic
o Must match on both ends of the trunk
o By default, native VLAN is 1
o Can be changed using the switchport trunk native vlan
<vlan-id> command
Configuring Trunking Encapsulation

o Static trunk configuration

• Switch(config)# interface <interface>

• Switch(config-if)#switchport trunk encapsulation dot1q

• Switch(config-if)#switchport mode trunk

• Switch(config-if)#end

61
Verifying Trunk

oVerifying VLAN and trunking

• Switch# show vlan <brief>

• Switch# show interface trunk

• show interface status

• show interface <interface> switchport

62
Dynamic Trunking Protocol (DTP)

63
Dynamic Trunking Protocol
o Cisco proprietary feature that allows Cisco switches to
negotiate trunk dynamically

o Three modes:
• Auto
• On
• Desirable

o Desirable initiates the trunk, whereas Auto responds only

Implementing DTP
o Configuring DTP
• Switch(config-if)# switchport mode dynamic [desirable|
auto]

o Disabling DTP
• Switch(config-if)# switchport nonegotiate
o Verification command
• Switch# show interface trunk
• Switch# show interface <interface> switchport
VTP (VLAN Trunking Protocol)

66
 VTP
o CISCO proprietary protocol

o Use to share the VLAN

configurations with multiple
switches and to maintain
consistency throughout the network

o Addition, Deletion and Renaming of

VLANs across the network

67
Requirements
There are some requirements for VTP to communicate
VLAN information between switches. These are:

• The VTP version must be same on the switches

user wants to configure
• VTP domain name must be same on the
switches
• One of the switches must be a server
• Authentication should match if applied

68
 VTP Modes
o Server
• Default Mode
• Creates, Modifies and Deletes VLANs
• Synchronizes VLAN configurations
• Saves configurations in NVRAM

o Client
• Cannot Add, Modify and Delete VLANs
• Does not saves VLAN information permanently instead learns it from the Server every time it boots up
• Forwards advertisements
• Synchronize VLAN configurations

o Transparent
• Can Add, Modify and Delete VLAN configurations
• Does not synchronize VLAN configurations
• Forward advertisements
• Saves in NVRAM
69
 VTP Configuration

1. Configure TRUNK
SW1(config-if)#switchport trunk encapsulation dot1q
SW1(config-if)#switchport mode trunk

2. Configure VTP Domain Name

SW1(config)#vtp domain < domain name >

3. VTP Mode: Server / Client or Transparent

SW1(config)#vtp mode ?
client Set the device to client mode.
off Set the device to off mode.
server Set the device to server mode.
transparent Set the device to transparent mode.

4. VTP Password (Optional )

SW1(config)#vtp password < password >

70
 Configuration revision number
o VTP Switches use an index called the VTP Configuration
Number to keep track of the most recent information.
o The VTP advertisement process always starts with
configuration revision number 0 (zero)
o When subsequent changes are made on a VTP server, the
revision number is incremented before the advertisements
are sent

71
o Before adding a switch to an existing VTP domain, ensure a
new switch has VTP Configuration Revision number is 0

o Change the switch’s VTP mode to transparent and change the

mode back to server (CRN Reset)

o Change the switch’s VTP domain to a bogus name (a non-

existing VTP domain name) and revert the original domain name
back again

o Delete vlan.dat file and reload

72
VTP Message Types
o Summary Advertisements
• In 5 minute intervals, a VTP server will send a Summary Advertisement
to it’s adjacent switches. Included in this VTP Summary Advertisement is
the VTP domain name and configuration revision number
o Subset Advertisements
• Changes made to VLANs will increment the configuration revision
number and issue a Summary Advertisement followed by one or more
subset advertisements. The Subset Advertisement is what holds the
VLAN information
o Advertisement Requests
• When a switch needs VTP information it sends an Advertisement
Request. This request is sent if the switch has been reset, VTP domain
name has changed, or it received a VTP Summary Advertisement with a
higher configuration revision.
73
VTP Pruning
• THE BROADCAST AND UNICAST PROBLEM IN VLAN NETWORKS
• How these broadcasts can actually create problems by flooding the
VLAN network with unnecessary traffic, and depending on your
network setup, this can prove to be a huge problem. The reason for
this is because the trunk links interconnecting your network switches
will carry these broadcasts to every switch in the network, regardless
of which VLAN the broadcast is intended for.
VTP Pruning
VTP Pruning
• VTP Pruning eliminates the need to statically remove VLANs from the
allowed trunking list of a port by having the switches automatically
communicate to each other which VLANs they have locally assigned or are in
the transit path for.
• VTP Pruning as you might have already guessed solves the above problem
by reducing the unnecessary flooded traffic described previously. This is
done by forwarding broadcasts and unknown unicast frames on a VLAN over
trunk links only if the receiving end of the trunk has ports in that VLAN.
• Note that transparent switches cannot participate in pruning because they
do not read the payload of the VTP updates they are receiving from their
adjacent neighbors.
VTP Pruning
SUPPORT FOR VTP PRUNING
• The VTP Pruning service is supported by both VTP 1 and VTP 2 versions of the VTP
protocol. With VTP 1, VTP pruning is possible with the use of additional VTP message
types.
• When a Cisco Catalyst switch has ports associated with a VLAN, it will send an
advertisement to its neighboring switches informing them about the ports it has
active on that VLAN. This information is then stored by the neighbors and used to
decide if flooded traffic from a VLAN should be forwarded to the switch via the trunk
port or not.
• By default, VLANs 2–1000 are eligible for pruning. VLAN 1 has a special meaning
because it is normally used as a management VLAN and is never eligible for pruning,
while VLANs 1001–1005 are also never eligible for pruning. If the VLANs are
configured as pruning-ineligible, the flooding continues as illustrated in our examples.
Spanning Tree Protocol (STP)

79
 Bridging Loops

E0/2 E0/4

SWITCH-1 E0/3 E0/5 SWITCH-2

E0/1 E0/6

PC1 PC2

80
 Bridging Loops

E0/2 E0/4

SWITCH-1 E0/3 E0/5 SWITCH-2

E0/1 E0/6

PC1

81
IEEE 802.1d

oLegacy protocol to prevent Layer-2 loops

oUsually called CST (Common Spanning Tree)

oNo redundancy in traffic paths for frames

82
IEEE 802.1d Timers

oHello (2 seconds)

oMax Age (20 seconds)

oForwarding Delay

83
STP Port States
o Disabled
• Port that is in the down state, usually not part of STP topology

o Blocking
• Port that is only allowed to receive the BPDU
• Cannot send or receive data or add MAC addresses on its port

o Listening
• Port that is allowed to send and receive BPDU
• Can actively participate in the STP
• Cannot send or receive data

84
o Learning
• Allowed to send and receive BPDU
• Can learn MAC addresses to add its address table
• Cannot send or receive data

o Forwarding Delay Timer = 15-seconds

o Forwarding
• Port that transitions to the forwarding state when the
forwarding delay expires
• Can send and receive BPDU
• Can send and receive user data

85
STP operation steps
o Root Bridge
• Elects root bridge based on
the lowest BID, where BID
consists of priority and MAC
o Bridge priority
• By default, STP bridge has priority of 32768
• Can be configured in increments of 4096

o Designated Ports
• Every Collision Domain requires one Designated Port
• This port is responsible for transmitting BPDUs into the Collision Domain
• DP = Port that has the least-cost path back to the Root Bridge
• All ports on the Root Bridge are designated Ports.
• Designated Ports are always in the FORWARDING “state”.
86
o Once Root Bridge is elected, all other bridges/switches stop generating
BPDUs

o Root Bridge generates BPDUs every Hello interval

o Other Bridges receive, process, and forward BPDUs

• Change “Sending Bridge-ID” to their own value
• Increment Root Cost to reflect their upstream cost to Root Bridge.

o After Root Bridge is elected…every other bridge elects its own, local Root
Port

87
oRoot Port is a Spanning-Tree “Port Role”
• Port on local switch with shortest,
cumulative path-cost upstream to Root
Bridge.
• Receives BPDUs from upstream neighbors
• Always in the Forwarding state.

88
Port Costs
o Every interface assigned an STP Cost value

o Determined from interface bandwidth

o The higher the bandwidth…the lower the Cost

STP Cost Values

• 10Gbps = 2
• 1Gbps = 4
• 100Mbps = 19
• 10Mbps = 100

89
STP Calculation

1.Root Bridge Elected

2.After Root Bridge elected…every other bridge elects its own,

local Root Port

90
Spanning Tree Configurations
o Per-VLAN Spanning Tree
• PVST = Cisco Default
• Number of STP instances depends on number of VLANs
• Effective where load sharing is required
• BPDU is sent for each VLAN

91
o Verification commands

• Switch# show spanning-tree

• Switch# show spanning-tree vlan <vlan-id>

• Switch# show spanning-tree root

• Switch# show spanning-tree blocked ports

92
oConfiguring priority per VLAN

• Switch(config)# spanning-tree vlan <vlan-id> priority

<priority>

• Switch(config)# spanning-tree vlan <vlan-id> root primary

• Switch(config)# spanning-tree vlan <vlan-id> root

secondary

93
BPDU Protection

o Portfast

• Access Ports typically connect to hosts

 Laptops/PCs
 Servers

• End users don’t want to wait up to a minute to gain network connectivity

• Portfast designed to speed up this process

94
 Portfast Operation & Restrictions

oWhen enabled on a port, Portfast places port

immediately into Forwarding state upon initial
connection

oNot to be used on VLAN Trunk ports unless there is

certainty about lack-of-loops

95
Portfast Configuration

o Configuration
• (config-if)#spanning-tree portfast
• OR
• (config)#spanning-tree portfast default

o Verification
• Switch#show spanning-tree interface <type/number>
portfast

96
BPDU Guard

o Usually configured on access ports that lead to hosts

o If any BPDU is seen, port goes into err-disabled state

o Configuration
• (config-if)#spanning-tree bpduguard enable
• (config)#spanning-tree portfast bpduguard default

97
BPDU Filter

o Configured in access ports

o Does not send or receive BPDU
o Does not go into err-disabled when it receives
unauthorized BPDU
o Configured with the spanning-tree bpdufilter enable

98
Verifying BPDU Guard/Filter
o Switch# show spanning-tree interface <interface> detail

Sw1#sho spanning-tree int fast 0/1 detail

Port 3 (FastEthernet0/1) of VLAN0001 is
designated forwarding
Port path cost 19, Port priority 128, Port
Identifier 128.3.
<output omitted>
The port is in the portfast mode
Link type is point-to-point by default
Bpdu guard is enabled
Bpdu filter is enabled
BPDU: sent 0, received 0
Sw1#
99
 RSTP
Rapid Spanning Tree Protocol

100
What is RSTP
o 802.1w
• Was first incorporated into 802.1D-2004
• Cisco’s mode of RSTP
• RPVST/RPVST+

101
RSTP Port States
oDiscarding
• Combines the 802.1d disabled, blocking, and listening states
• No MAC addresses are learned and incoming frames are
dropped
oLearning
• Cannot send or receive data
• MAC addresses are learned
oForwarding
• Can send and receive data

102
Configuring & Verifying RSTP

oConfiguring Rapid Mode

• Sw1(config)# spanning-tree mode rapid-pvst

oVerifying RSTP
• Sw1# show spanning-tree summary

103
EtherChannel

104
 Features

oAggregates redundant links into a bundle

oCan provide aggregated bandwidth, avoiding
congestion
oCan load balance using different algorithms
oCan bundle up to eight ports
oAll the ports should have the same speed and duplex
oProvides loop-free Layer 2 network

105
PAgP
o Cisco proprietary

o Modes
• On
 No negotiation/forces the channel

• Desirable
 Sends PAgP initiation messages

• Auto
 Passively listens to the PAgP messages

106
107
LACP
o IEEE 802.3ad standard

o Modes
• On
 No negotiation/forces the channel
• Active
 Sends LACP initiation message
• Passive
 Passively listens to the LACP
request

108
109
EtherChannel Modes

110
 EtherChannel Configuration & Verification

o Configuration commands
Switch(config-if)# channel-group <group
number> mode <mode>

o Verification commands
Switch# show etherchannel summary

111