Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

NetLab 4

advertisement 
CECS 474 COMPUTER NETWORKING INTEROPERABILITY
Netlab 4: Managed Switches
Purpose: Since we began exploring basic functionality of switches in the last exercise, we will discuss
more advance topics now. This exercise covers creating VLAN port tagging, and Spanning Tree
Protocol. We will briefly discuss some pros and cons with using switches. We will introduce terminal
configuration via Putty as well.
Background: Switches are plug and play devices, which make them very easy to setup with minimum
configuration. They also have very high filtering and forwarding rates since they only process requests
up to Layer 2, compared to a router that processes datagrams at Layer 3. This is why they tend to be
significantly faster than routers. However, to prevent the cycling of broadcast frames, the topology
of a switched network is limited to a spanning tree. Additionally, a large switch with an enormous
number of ports requires a large ARP table, which would generate significant ARP traffic. A large ARP
table would consume valuable network bandwidth and resources.
Managed switches are powerful enough to handle special features as well that enhance and provide
granular control of the LAN including the following:
Power over Ethernet (PoE): IEEE 802.3af, IEEE 802.3at. This technology enables Ethernet network
cables to provide both data and power to a device. It was designed for use with portable and
wireless electronic equipment like Access Points (APs).
Quality of Service (QoS): QoS has the ability to characterize the network traffic in order to prioritize
certain types. This is accomplished with a collection of networking technologies that work together to
calculate a predictable flow of the network traffic through the switch. The different components
considered include uptime (i.e., link reliability), bandwidth (i.e., the potential throughput), latency
(i.e., network delay), and error rate. Certain applications like Voice over IP (VoIP), and video
streaming, require higher guaranteed performance levels to ensure reliable functionality. NOTE:
These QoS settings can help with—but not guarantee—a maximum delay or minimum bandwidth for
a particular application.
Spanning Tree Protocol (STP): The continual transmission (cycling) of broadcast frames may become
a problem in Layer 2 components if cycles exist in the topology. Therefore, a spanning tree is created
to ensure that the topology is free of loops for any “bridged” Ethernet LAN.
The managed HP switches are capable of using RSTP (IEEE 802.1D-2004) Rapid Spanning Tree
Protocol (RSTP), which is an enhancement of the traditional STP protocol. Using STP/RSTP a spanning
tree is created within a LAN for transmission without cycles. STP/RSTP ensures that only one active
path exists between any two network nodes. The parameters that are used to form the spanning tree
are:
Switch (bridge) based Priority: This is used to identify the priority of switch with respect to other
switches for forwarding traffic with no configured VLANs. HP refers to this as “Global”
configuration since it affects all ports on the device. The switch with the lowest numerical value is
considered the highest priority, indicating that it is the root bridge in the network. Possible
values: 0-65535. Default value: 32768
Dr. Tracy Bradley Maples (Fall 2013)
Lab Design: Rogelio Cruz (mod. 10/15/13)
CECS 474 COMPUTER NETWORKING INTEROPERABILITY
Port based Priority: This is used to identify the root bridge of a specific VLAN when a switch has
multiple VLANs configured. A higher numerical value means a lower priority. Possible values: 065535. Default value: 128
Port Path Cost: The cost of using a specific port as a path to reach the root bridge. The default
cost depends on the port type (i.e., 10 Mbps = 100, 100 Mbps = 19, and Gigabit = 4).
Parameters:
 Root ID: The ID assigned by the STP to the root bridge for this spanning tree.
 Root Cost: The cumulative cost from the current bridge to the root bridge. If the device is
the root bridge then the value is “Root” instead of a number.
 Root Port: The port on the current bridge that connects to the root bridge.
 Priority Hex: This device’s STP priority. The value is shown in HEX but needs to be entered
in decimal form. In our case with the Big Apple Topology, the core server is considered the
Root Bridge. This is indicated by using the lowest bridge ID to identify it.
State:
 Blocking: STP has blocked Layer 2 traffic on this port to prevent a loop. The device will still
be able to reach the root bridge but only using another port with a forwarding state.
 Disabled: This port is not participating in STP.
 Forwarding: STP is allowing the port to send and receive frames.
 Listening: STP is responding to a topology change and this port is listening for updates
from its neighbor bridges. No forwarding is allowed during this state.
 Learning: The port is in learning state (after the listening state) and will change to blocking
or forwarding depending on the STP re-convergence.
Network Isolation using Virtual LANs
Most modern high-end switches support the creation multiple “virtual” LANs across one physical
network. Hosts within a VLAN see only the other hosts in the VLAN as “local” (i.e., as if they were
physically connected to the same LAN). For managed switches in Netlab, the switch ports are used to
indicate which group a VLAN will communicate with. Each group resides within a broadcast domain.
In most switches, VLANs require that three settings be configured:



The VLAN ID: This is a unique identifier, thus each VLAN must have a different VLAN ID. The
default VLAN ID for the primary LAN is typically 1.
The VLAN name: This is the name you give the VLAN to help identify it without the VLAN ID.
The ports that are associated with the VLAN.
Ports can be associated in 2 ways:
o They can belong exclusively to the VLAN (untagged).
o They can “pass through” but not belong to the primary VLAN of the port (tagged). This
tagging is used by ports in the switch, which are backbone connections so that all
VLANs across one switch can communicate with one another.
NOTE: Many people in industry confuse the term “trunking” and “tagging” when describing VLANs.
When you have multiple VLANs that need to span from one switch to another you need to tag all of
the VLANs (except for that port’s primary network) so that they can pass through the uplink. Trunking
Dr. Tracy Bradley Maples (Fall 2013)
Lab Design: Rogelio Cruz (mod. 10/15/13)
CECS 474 COMPUTER NETWORKING INTEROPERABILITY
refers to configuring an uplink that is comprised of multiple physical ports that are configured to act
as one logical connection. Trunking is done to share the traffic load between two or more ports in
each switch. With two trunked ports the uplink’s bandwidth can be doubled. The minimum
requirement for a switch to be able to trunk is two ports. Thus, a VLAN can be tagged in a trunked
port. [If this is not complicated enough, there is also a dynamic Link Aggregation protocol called LACP
(802.3ad) that dynamically creates and manages trunk groups. But that discussion goes beyond the
scope of this lab.]
Exercises: Spanning Tree Protocol
To get an idea of how to use STP in a switched network, you will work with your Netlab Team
members to configure a spanning tree on a managed switch using the command prompt. This will
also help you become familiar with navigation through the switches’ CLI (Command Line Interface).
Table 1 below, indicates which switch corresponds to each Netlab Team, as well as, the STP settings
you will need to configure. To avoid serious synchronization issues, it is important that only one CLI
connection for configuration be opened per switch; therefore, Team members must work together.
Also, it is important that you only connect to the ports specified under the “Default LAN ports to use”
column during this exercise.
Team
Group Switch
IP address
Default LAN
ports to use
Ethernet Port
(vlan #/port#)
Path
Cost
Priority
Team 1
Group A Switch
172.16.16.31
1,2,3
1/10
4
64
Team 2
Group B Switch
172.16.16.32
1,2,3
1/10
4
63
Team 3
Group C Switch
172.16.16.33
1,2,3
1/10
4
62
Team 4
Group D Switch
172.16.16.34
1,2,3
1/24
19
61
Team 5
Group E Switch
172.16.16.35
1,2,3
1/24
19
60
TABLE 1: STP settings for each Netlab Team.
Procedure:
1. Open Putty and follow the Putty Guide provided to connect to the switch assigned to your
Netlab Team using telnet.
2. Perform the “show config” command to ensure that there are no VLANs currently configured
on the switch. If there are, talk to the instructor.
3. Enter configuration mode to set up STP in the switch using the specified parameters. Follow
the syntax below:
Syntax: spanning-tree Ethernet <portnumber> path-cost <value> priority <value>
Example: spanning-tree Ethernet 1/5 path-cost 15 priority 108
The values you will use are found in table above.
4. Finally, display the STP information using the “show span” command. Use this information to
answer the following questions.
Dr. Tracy Bradley Maples (Fall 2013)
Lab Design: Rogelio Cruz (mod. 10/15/13)
CECS 474 COMPUTER NETWORKING INTEROPERABILITY
Answer the following questions about STP one of the ports you configured:
 What is the priority Hex value for the configured port? Verify the decimal value.
 What is the Root ID?
 What is the Root Cost?
 What is the state of the port that you configured?
 Based on this information, what observations can you make about the Spanning Tree?
Exercises: Virtual LANs
Now we will configure virtual LANs. Remember that the purpose of creating VLANs is to segment (or
create isolation in) the network. Table 2 below specifies several parameters required for this part of
the lab. Please analyze the table and change settings in the switch with care to minimize the risk of
locking yourself out of the switch.
Team
Switch
VLAN IP Range
VLAN
ID
VLAN
Name
VLAN
Untagged Ports
VLAN
Uplink
Team 1
Group A
172.16.100.1172.16.100.10
10
GroupA
4,5,6
8
Team 2
Group B
172.16.120.20172.16.120.30
20
GroupB
4,5,6
8
Team 3
Group C
172.16.130.40172.16.130.50
30
GroupC
4,5,6
8
Team 4
Group D
172.16.140.60172.16.140.70
40
GroupD
13,14,15
12
Team 5
Group E
172.16.150.80172.16.150.90
50
GroupE
13,14,15
12
TABLE 2: VLAN settings for each Netlab Team.
Procedure:
1. Connect to the same port in the switch you were connected to for the previous exercise. If
you have just finished the STP exercise, then you can leave your connection to the managed
switch as is.
2. Open a command prompt window on your workstation as Administrator (by right clicking and
choosing option). Run an arp –a command. Make a note of how many computers are present
in the arp table. Now clear the table’s cache using the command arp –d.
3. Log in to the switch assigned to your group using telnet.
4. Enter menu mode on the CLI.
Dr. Tracy Bradley Maples (Fall 2013)
Lab Design: Rogelio Cruz (mod. 10/15/13)
CECS 474 COMPUTER NETWORKING INTEROPERABILITY
5. In the menu screen, choose option 2, Switch Configuration. Then select option 8, VLAN Menu.
Next, in the VLAN menu choose option 2, VLAN Names. This screen is the VLAN configuration
screen. It should look similar to the figure below:
6. Select Add and use Table 2 provided above to obtain the name and ID assigned to your Team.
Below is an example of what you will need to enter. After you have input the required
information, press enter and under Actions select save. This will return you to the previous
menu.
7. You should now see your VLAN listed under the default VLAN in the VLAN Names menu. Verify
that your VALN is there and select back. This will return you to the VLAN menu. Next choose
“Port assignment” (option 3).
8. A Port Assignment table will appear listing all the ports and the VLANS. Be particularly careful
in this section. Refer to Table 2 provided in this exercise and find the column labeled VLAN
“untagged ports”. You will now be working with the three ports that are indicated. First,
choose the edit action to be able to modify the Port Assignment table. Using the up/down
arrows you can move to the various ports indicated in the table. Now, go to your newly
created VLAN’s column and complete two actions for each of your three ports:
a. In the default VLAN field, change the value to “NO” (indicating that it does not belong to
the default VLAN anymore). Use the spacebar to toggle between the choices.
b. In the field of the VLAN you created, change the value to “untagged” indicating that this
port now belongs to the VLAN you created.
c. Repeat (a) and (b) for all three of the ports assigned to your Team.
d. Next, refer back to Table 2 again and check the port number indicated for the VLAN
uplink. Go to the corresponding port and leave the default VLAN column as it is, but for
the VLAN you created change the value from “NO” to “Tagged”. This indicates that this
Dr. Tracy Bradley Maples (Fall 2013)
Lab Design: Rogelio Cruz (mod. 10/15/13)
CECS 474 COMPUTER NETWORKING INTEROPERABILITY
port will be used as an uplink for your VLAN (but it does not belong to your VLAN). This
will be used for future work. The figure below shows what the table would look like if
your assigned VLAN untagged ports were 4,5 and 6 and your VLAN uplink was 12.
9. The last step has two parts. All three workstations in the team will need to do this:
a. Walk across Netlab to your assigned VLAN switch and change your patch cable from your
current port to one of the three you just configured for your VLAN.
b. Now, you will configure your VLAN port’s IP address statically on the switch. Select an
address from the pool of addresses indicated in Table 2. (Be sure that each of your Team
computers selects a different address.) Use a subnet of /24 or 255.255.255.0. In the
Configuration Menu only, configure the static IP address and the subnet. Nothing else.
10. Quickly ping the other two computers. Now, try to ping the server in the Big Apple.
11. Now run an arp –a command once again.
Answer the follow questions about Virtual LANs
 What is the purpose of using VLANs?
 What is the difference between Trunking and VLAN tagging?
 Why to you think network isolation (or segmenting) is important? Justify your answer.
 Were you successful in setting up your VLAN? How did you test that your VLAN was
functioning properly?
 What problems did you encounter in this exercise?
 Given the configuration that you just completed, what do you think the next steps would be
to create an uplink so that your VLAN traffic can travel to another switch?
 In your opinion, which method of configuring a switch is best: CLI or a web based GUI? Why?
 Price the options for purchasing a switch for a company. For approximately the same speed
and number of ports, how much does a switch cost with VLAN capability? Without VLAN
capability? If you are having trouble with this talk to the instructor.
Dr. Tracy Bradley Maples (Fall 2013)
Lab Design: Rogelio Cruz (mod. 10/15/13)
Related documents
CCNA3 Skills Exam 2
CCNA3 Skills Exam 2
Northampton Community College CISC271a – CCNA 3
Northampton Community College CISC271a – CCNA 3
CIS Learning Guide 703
CIS Learning Guide 703
Creating VLANs and Assigning Ports to VLANs on CAT 1900 and
Creating VLANs and Assigning Ports to VLANs on CAT 1900 and
Wireless Hacking Made Easy - Ernest Staats Network Security
Wireless Hacking Made Easy - Ernest Staats Network Security
CCNA3 Skills Test
CCNA3 Skills Test
Packet Tracer 4.0 Activity: VLAN Trunking Objective Connect hosts
Packet Tracer 4.0 Activity: VLAN Trunking Objective Connect hosts
Procedural Lab Template, Student Version, Required Components
Procedural Lab Template, Student Version, Required Components
Download
advertisement