Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Switch Configuration Pertemuan 9 1

advertisement 
Pertemuan 9
Switch Configuration
1
Discussion Topics
• Starting the Switch
• Configuring the Switch
2
Starting the Switch
Switches:
• are dedicated, specialized computers, which contain
a central processing unit (CPU), random access
memory (RAM), and an operating system;
• have several ports that hosts can connect to;
• have specialized ports for the purpose of
management;
• can be managed and the configuration can be viewed
and changed through the console port ;
• typically have no power switch to turn them on and off
- simply connect or disconnect from a power source;
Catalyst 2950 series Switches
Features
• Fixed configuration
symmetrical switches with all
ports being FastEthernet or
10/100;
• Asymmetrical switches with
two fixed fiber or copper
Gigabit Ethernet ports;
• Asymmetrical switches with
modular Gigabit Interface
Converter (GBIC) slots
LEDs
Light-emitting diodes (LEDs)
• help monitor system activity and performance;
• on the front of a switch:
- System LED
- Remote Power Supply (RPS) LED
- Port Mode LEDs
- Port Status LEDs
LEDs
System LED
• shows whether the system is receiving power and functioning correctly;
RPS LED
• indicates whether or not the remote power supply is in use;
Mode LEDs
• indicate the current state of the Mode button;
• are used to determine how the Port Status LEDs are interpreted;
• to select or change the port mode, press the Mode button repeatedly until
the Mode LEDs indicate the desired mode.
Port Status LEDs
•
have different meanings, depending on the current value of the Mode
LED.
Switch Mode LED Indicators
Mode LED
Mode LED
Mode LED
Verifying Port LEDs During
Switch POST
Power-On Self Test (POST)
• runs automatically to verify that the switch functions
correctly;
• POST failure is considered to be a fatal error;
• should not expect a reliable operation of the switch if
POST fails.
Verifying Port LEDs During
Switch POST
Port Status LEDs during POST:
turn amber - for about 30 seconds
• the switch discovers the network topology and
searches for loops;
turn green
• the switch has established a link between the port
and a target, such as a computer;
turn off
• the switch has determined that nothing is plugged
into the port.
Console Connection
Console Connection
Console Connection
Shows information about the switch:
• details about POST status;
• data about the switch hardware.
Command-Line Interface (CLI)
Command-line interface (CLI) for Cisco
switches:
• is very similar to the CLI for Cisco routers.
“Help” command
“help” command
“Help” command
Word help
• to obtain a list of commands that begin with a particular
character sequence, enter those characters followed
immediately by the question mark (?);
• do not enter a space before the question mark;
• it completes a word.
Command syntax help
• to list keywords or arguments that are associated with a
particular command, enter one or more words associated with
the command, followed by a space and then a question mark
(?);
• provides applicable keywords or arguments based on a partial
command.
Command Modes
• User EXEC
• Privileged EXEC
User EXEC mode
User EXEC mode
• default mode;
• is recognized by its prompt, which ends in
a greater-than character (>);
• available commands are limited:
- to change terminal settings;
- to perform basic tests;
- to display system information.
“show” command
Show commands that are available in User EXEC mode
Privileged EXEC mode
Privileged EXEC mode
• to enter enable command is used from User EXEC
mode;
• is recognized by its prompt, which ends in a pound-sign
character (#);
• the command set includes the configure command:
- allows other command modes to be accessed;
• should be password protected to prevent unauthorized
use;
• the password does not appear on the screen, and is case
sensitive.
Default Running Configuration
Default Running Configuration
• when powered up for the first time, a switch has
default data in the running configuration file;
• default hostname - Switch;
• no passwords are set on the console or virtual
terminal (vty) lines;
• the switch has no IP address (IP address for
management purposes is configured on the virtual interface
VLAN 1)
Verifying the Catalyst Switch
Default Configuration
• show
• show
• show
• show
• show
running-config
interface
vlan
flash
version
Default Running Configuration
Default Port Settings
Default Running Configuration
• the switch ports or interfaces are set to
auto mode;
• all switch ports are in VLAN 1;
• VLAN 1 is known as the default
management VLAN.
Default Port Settings
Default Port Settings
Default Flash Directory
Content
IOS image
file env_vars
sub-directory
html
Default Flash Directory
Content
Default Running Configuration
• by default flash directory contains:
- IOS image;
- file env_vars;
- sub-directory html.
• flash directory does not contain:
- config.text – switch configuration file;
- vlan.dat - VLAN database file.
IOS Version and Config. Register
show version command – used to verify:
• IOS version;
• configuration register settings.
Reset Switch
Configuration
Reset Switch Configuration
Steps to overwrite any existing configuration:
• Remove the current VLAN information:
- delete the VLAN database file vlan.dat
from the flash directory
• Erase the back up configuration file:
- delete file startup-config
• Restart the switch:
- use reload command.
Reset Switch Configuration
Hostname and Passwords
Configuration
IP address and Default Gateway
Configuration
IP address Configuration:
• allows the switch to be accessible by Telnet and other
TCP/IP applications
VLAN1
Management VLAN:
• by default, VLAN 1 is the management
VLAN;
• all internetworking devices should be in the
management VLAN;
• allows a single management workstation to
access, configure, and manage all the
internetworking devices.
Port Speed and Duplex Settings
Configuration
Port Speed and Duplex Settings
Configuration
Fast Ethernet switch ports:
•by default set to auto-speed and autoduplex (allows the interfaces to negotiate
these settings);
•Network administrators can manually
configure the interface speed and duplex
values
HTTP Service and Port
Configuration
• Intelligent network devices can provide a web-based
interface for configuration and management purposes;
• Once a switch is configured with an IP address and
gateway, it can be accessed by a web-based interface;
HTTP services:
• can be access by a web browser using:
- IP address;
- port 80 - the default port for http.
• can be turned on or off, and the port address for the
service can be chosen.
HTTP Service and Port
Configuration
Configuring the Catalyst
Switch
Web Management Interface
Web Management Interface
MAC Address Table
Switches
• examine the source address of frames
that are received on the ports;
• learn the MAC addresses of PCs or
workstations that are connected to their
switch ports;
• record learned MAC addresses in a MAC
address table.
Check Learned MAC
Addresses
show mac-address-table command - Privileged EXEC mode
• examines the addresses that a switch has learned
MAC Address Table
Switches:
• dynamically learn and maintain thousands
of MAC addresses;
• learned entries may be discarded from the
MAC address table (to preserve memory and
for optimal operation) ;
• the MAC address entry is automatically
discarded or aged out after 300 seconds (if
no frames are seen with a previously learned
address).
Check Learned MAC
Addresses
Clear mac-address-table command - Privileged EXEC mode
• used to remove dynamically learned MAC addresses;
• used to remove static MAC address entries.
Managing the MAC Address
Table
Static MAC Addresses
Static MAC address:
• permanently assigned to an interface;
Reasons for use a Static MAC address:
• will not be aged out automatically by the switch;
• a specific server or user workstation must be
attached to the port and the MAC address is known;
• Security is enhanced.
Configuring Static MAC
Addresses
Configuring Static MAC
Addresses
Static MAC Addresses
To configure:
Switch(config)#mac-address-table static <mac-address
of host > interface FastEthernet <Ethernet number >
vlan <vlan name >
To remove:
Switch(config)# no mac-address-table static <macaddress of host > interface FastEthernet <Ethernet
number > vlan <vlan name >
Port Security
Port Security
• It is possible to limit the number of
addresses that can be learned on an
interface;
• the number of MAC addresses per port
can be limited to 1;
• the first address dynamically learned by
the switch becomes the secure address.
Port Security Configuration
Port Security
To configure port security :
Switch(config-if)#switchport port-security
To reverse port security:
Switch(config-if)# no switchport port-security
To verify port security status:
Switch(config)#show port security
Adding New Switch
Adding New Switch
Must be configured:
• Switch name;
• IP address for the switch in the
management VLAN;
• a default gateway;
• Line passwords.
Adding New Switch
Moving a Switch
Host is moved:
• from one port or switch to another;
• configurations that can cause unexpected
behavior should be removed;
• configuration that is required can then be
added.
Add, Remove and Change
MAC Addresses
Managing Switch Operation
• An administrator should document and
maintain the operational configuration files
for networking devices;
• The most recent running-configuration file
should be backed up on a server or disk;
• The Cisco IOS Software should also be
backed up to a local server. The Cisco
IOS Software can then be reloaded to
Flash memory if needed.
Managing Switch Operation
Enable Security
Passwords
Passwords
• must be set on the console and vty linesfor security and management purposes;
• must be set enable password;
• must be set enable secret password.
Password Recovery (2950)
1. Make sure that a PC is connected to the
console port and a HyperTerminal
window is open.
2. Turn the switch off. Turn it back on while
holding down the “MODE” button on the
front of the switch at the same time that
the switch is powered on. Release the
“MODE” button after the STAT LED goes
out.
Password Recovery (2950)
3.
4.
5.
6.
7.
8.
Type flash_init
Type load_helper
Type dir flash:
rename flash:config.text flash:config.old
Type boot
N at the following prompt to start the
Setup program.
Password Recovery (2950)
9. Type rename flash:config.old
flash:config.text
10. copy flash:config.text system:runningconfig
Password Recovery (2950)
11.
Firmware and IOS Images
To upgrade the IOS, download a copy of the new image to a local server from the
Cisco Connection Online (CCO) Software Center
Summary
Related documents
Chapter 5: Networking Components Overview
Chapter 5: Networking Components Overview
SLM2005 / SLM2008 Firmware Release Notes Software Version 1.0.1 05/22/07
SLM2005 / SLM2008 Firmware Release Notes Software Version 1.0.1 05/22/07
Download
advertisement