CN2668 Routers and Switches (V2) Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+ Agenda • Chapter 12: Basic Switching and Switch Configuration • Exercise • Quiz Ethernet Operations • Carrier Sense Multiple Access with Collision Detection (CSMA/CD) ▫ Ethernet contention method ▫ Any station connected to a network can transmit anytime a transmission is not present on the wire • Interframe gap or interpacket gap (IPG) ▫ Each station must wait a minimum of 9.6 microseconds before transmitting another packet Ethernet Operations (Cont.) • Collisions • Collision Domain • Broadcasts ▫ Increase the speed/performance by disable the unnecessary service such as IPX where it is not needed Latency or propagation delay • The length of time that is required to forward, send, or otherwise propagate a data frame • Latency depends on ▫ the resistance offered by the transmission medium, the number of nodes ▫ The amount of processing that must be done on the packet • Transmission time ▫ The amount of time it takes for a packet to be sent from one device to another Latency (Cont.) • Bit time ▫ The amount of time required to transmit one bit • Slot time (512 bit times) ▫ A specification that limits the physical size of each Ethernet collision domain All collisions should be detected from anywhere in a network in less time than is required to place a 64byte frame on the network 5-4-3 rule Five segments of wire, four repeaters, 3 populated hubs between any two stations on 10-Mbps network Ethernet Errors • Frame size errors ▫ Short frame or runt a frame shorter than 64 bytes ▫ Long frame or giant a frame greater than 1518 bytes ▫ Jabber a frame longer than 1518 bytes and has wrong FCS • Frame check sequence (FCS) error ▫ Indicates that bits of a frame were corrupted during transmission Ethernet Errors • Collision errors ▫ Reducing the number of devices per collision domain will usually solve the problem • Late collision ▫ Occurs when two stations transmit more than 64 bytes of data frames before detecting a collision Fast Ethernet (100 Mbps) • Uses the same CSMA/CD as 10BaseT Ethernet • Defined under the IEEE 802.3u standard • Implementations ▫ ▫ ▫ ▫ 100Base-TX 100Base-T4 100Base-FX See Page 342 for detail implementation Gigabit Ethernet (1000 Mbps) • Gigabit Ethernet implementations ▫ ▫ ▫ ▫ 1000Base-TX (802.3ab) 1000Base-SX (802.3z) 1000Base-LX (802.3z) 1000Base-CX (802.3z) Half- and Full-Duplex Communications • Half-duplex communications ▫ Devices can send and receive signals, but not at the same time • Full-duplex (or duplex) communications ▫ Devices can send and receive signals simultaneously • Ethernet networks can use equipment that supports half- and full-duplex communications Half- and Full-Duplex Communications • On a Cisco Catalyst 2950 switch, you can set the duplex capabilities port-by-port • The four different duplex options are: ▫ Auto ▫ Full ▫ Full-flow control Use for 100Base-TX ports only ▫ Half A Review of LAN Segmentation • Improve the performance of Ethernet network ▫ By reducing the number of stations per collision domain ▫ Implement bridges, switches, or routers to segment the network and divide the collision domains Segmenting with Bridges • Segments a network by filtering traffic at the Data Link layer • Divides a network into two or more segments Only forwards a frame from one segment to another if the frame is a broadcast or has the MAC address of a station on a different segment • Bridges learn MAC addresses by reading the source MAC addresses from frames ▫ As the frames are passed across the bridge Segmenting with Bridges (continued) • Bridging table ▫ Maps the MAC addresses on each segment to the corresponding port on the bridge to which each segment is connected • Bridges increase latency, but because they effectively divide the collision domain ▫ This does not affect slot time Segmenting with Routers • Operates at layer 3 of the OSI reference model • Interprets the Network layer protocol and makes forwarding decisions based on the layer 3 address • Routers typically do not propagate broadcast traffic • Routers maintain routing tables that include the Network layer addresses of different segments Segmenting with Routers (continued) • • • • • Decrease collisions by filtering traffic Reduce broadcast and multicast traffic Support multiple paths and routes between them Provide increased Provide layer 3 routing, packet fragmentation and reassembly, and traffic flow control • Provide communications between different technologies LAN Switching • Switches are often called multiport bridges ▫ Segmenting a LAN into multiple collision domains • Switches microsegment the network ▫ By connecting each port to an individual workstation • Switched bandwidth ▫ Bandwidth is not shared as long as each workstation connects to its own switch port 19 CCNA Guide to Cisco Networking Fundamentals, Fourth Edition Switch Operations • A switch learns the hardware address of devices to which it is attached ▫ By reading the source address of frames • The switch then matches the source MAC address with the port from which the frame was sent ▫ The MAC-to-switch-port mapping is stored in the switch’s content-addressable memory (CAM) • The switch uses a memory buffer to store frames as it determines to which port(s) a frame will be forwarded Switch Operations • Types of memory buffering: ▫ Port-based memory buffering Each port has its own buffer memory ▫ Shared memory buffering • Asymmetric switching ▫ Can interconnect network interfaces of different speeds • Symmetric switching ▫ Require all attached network interface devices to use the same transmit/receive speed Switching Methods • All switches base frame-forwarding decisions on a frame’s destination MAC address • The three main methods for processing and forwarding frames are: ▫ ▫ ▫ ▫ Cut-through Store-and-forward Fragment-free Adaptive cut-through forwarding A combination of the cut-through and store-andforward methods Cut-Through Forwarding • Send a frame immediately after reading the destination MAC address into their buffers • The main benefit is a reduction in latency • The drawback is the potential for errors in the frame that the switch would be unable to detect ▫ Because the switch only reads a small portion of the frame into its buffer • See Figure 12-5 on Page 249 for the amount of bit read Store-and-Forward Forwarding • Read the entire frame, no matter how large, into their buffers before forwarding ▫ It will not forward frames with errors • The store-and-forward method has the highest latency • See Figure 12-6 on Page 350 Fragment-Free Forwarding • Reads the first 64 bytes of an Ethernet frame ▫ Then begins forwarding it to the appropriate port(s) ▫ An effort to provide more error-reducing benefits than cut-through switching ▫ Latency lower than store-and-forward switching ▫ See Figure 12-7 on Page 350 Adaptive cut-through Forwarding • For the most part, the adaptive cut-through switch will act as a cut-through switch • If a certain level of errors is detected, the switch will ▫ Change forwarding techniques to act more as a store-and-forward switch Switch User Interface • Two types of operating systems are in use on Cisco switches ▫ IOS-based Catalyst 1900, 2820, 2900 ▫ Set-based Older and uses set commands 1984G, 2926, 4000, 5000, and 6000 series ▫ The Cisco switch has a console port to which you can connect your laptop or PC • Once you power on the switch you will be in the command-line interface Modes and Passwords • You CANNOT actually configure a switch until you get to enable mode • To enter enable mode ▫ Type enable at the command-line prompt • The first step in configuring a switch is to set up a password ▫ To start configuration mode Type configure terminal or config t at the command prompt Modes and Passwords (Cont.) • A secret (encrypted) password ▫ Switch(config)# enable secret ccnasafe ▫ Cannot be retrieved from the configuration file • Password on VTY (telnet) or console line ▫ Switch(config)# service password-encryption ▫ Switch(config)# line vty 0 15 ▫ ▫ ▫ ▫ ▫ ▫ For telnet, from line 0 to 15 Switch(config-line)# password vtysafe Switch(config-line)# Exit Switch(config)# line con 0 Switch(config-line)# password consolesafe Switch(config-line)# Exit Switch(config)# copy run start To save your configuration to the startup config Setting the Host Name • To configure this name, you would type: ▫ Switch(config)#hostname name • Once the host name is set, the prompt will change to reflect the name of the switch IP on the Switch • By default, Cisco switches are not configured with IP addresses ▫ Configure an IP address for your switch so that you can manage it over the network ▫ If you want to implement VLANs on your network Switch(config)# int vlan 1 Switch(config-if)# ip address 192.168.1.204 255.255.255.0 Switch(config-if)# exit Switch(config)# ip default-gateway 192.168.1.1 Switch(config)# ip domain-name classroom Configuring Switch Ports • To enter interface configuration mode for the first port of a switch named Rm410HL, you would use the following commands: ▫ Rm410HL#configure terminal ▫ Rm410HL(config)#interface f0/1 ▫ Rm410HL(config-if)# • To view the configuration of a port, use the show command Configuring Switch Ports (continued) • Configuring the duplex mode ▫ Rm410HL#configure terminal ▫ Rm410HL(config)#interface f0/24 ▫ Rm410HL(config-if)#duplex full Securing Switch Ports • Several option of security on a switch ▫ Configure a permanent MAC address for a specific port on your switch ▫ Define a static MAC address entry into your switching table Maps a restricted communication path between two ports ▫ Configure port security Setting a limit on the number of MAC addresses Securing Switch Ports (continued) • Display options by typing the following command: ▫ Rm410HL(config-if)#switchport portsecurity ? Aging Mac-address Maximum Violation ▫ Rm410HL(config-if)#switchport mode access ▫ Rm410HL(config-if)#switchport portsecurity Securing Switch Ports (continued) • Aging • Mac-address ▫ Tie a specific MAC address to a specific port Rm410HL(config-if)#switchport port-security Macaddress 0000.aaaa.bbbb • Maximum ▫ Default value is 1; Range is 1 – 132 per interface Rm410HL(config-if)#switchport port-security Maximum 10 Securing Switch Ports (continued) • Violation ▫ What happens when a switch encounters a violation of the configured switchport security ▫ Protect Stop forwarding the traffic of the exceeded MAC address (11th and above; if it was set maximum to 10) ▫ Restrict Same as protect. Also sends an alert ▫ Shutdown By default to shut the interface down Securing Switch Ports (continued) • To turn switchport security off, use: ▫ Rm410HL(config-if)#no switchport port-security • To clear the settings to include erasing the static MAC addresses, use the clear command: ▫ Rm410HL(config-if)#clear portsecurity Assignment • Review Questions ▫ 1 – 25 • Lab 12.1