Switching Concepts and LAN Design

advertisement
Ch. 4 – Switching Concepts
CCNA 3 version 3.0
Overview
Routers
Switches, Bridges
Hub, Repeaters
• Ethernet networks used to be built using repeaters.
• When the performance of these networks began to suffer because too
•
•
many devices shared the same segment, network engineers added
bridges to create multiple collision domains.
As networks grew in size and complexity, the bridge evolved into the
modern switch, allowing microsegmentation of the network.
Today’s networks typically are built using switches and routers, often
with the routing and switching function in the same device.
Ethernet/802.3 LAN development
•
•
•
•
•
•
Distance limitations
Ethernet is fundamentally a shared technology where all users on a given LAN
segment compete for the same available bandwidth.
This situation is analogous to a number of cars all trying to access a one-lane
road at the same time.
Because the road has only one lane, only one car can access it at a time.
The introduction of hubs into a network resulted in more users competing for
the same bandwidth.
Collisions are a by-product of Ethernet networks.
Bridges
• A bridge is a Layer 2 device used to divide, or segment, a network.
• A bridge is capable of collecting and selectively passing data frames
•
•
•
between two network segments.
Bridges do this by learning the MAC address of all devices on each
connected segment. Using this information, the bridge builds a bridging
table and forwards or blocks traffic based on that table.
This results in smaller collision domains and greater network efficiency.
Bridges do NOT restrict broadcast traffic.
Switches
• Switches create a virtual circuit between two connected devices,
•
•
•
•
establishing a dedicated communication path between two devices.
Switches on the network provide microsegmentation.
This allows maximum utilization of the available bandwidth.
A switch is also able to facilitate multiple, simultaneous virtual circuit
connections.
Broadcast frames to all connected devices on the network.
Router
• A router is a Layer 3 device.
• Used to “route” traffic between two or more Layer 3 networks.
• Routers make decisions based on groups of network addresses, or
•
•
classes, as opposed to individual Layer 2 MAC addresses.
Routers use routing tables to record the Layer 3 addresses of the
networks that are directly connected to the local interfaces and network
paths learned from neighboring routers.
Routers are not compelled to forward broadcasts.
Factors that impact network performance
Elements of Ethernet/802.3 networks
• Broadcast data frame delivery of Ethernet/802.3
• The carrier sense multiple access/collision detect (CSMA/CD) method
•
•
•
allows only one station to transmit at a time.
Multimedia applications with higher bandwidth demand such as video
and the Internet, coupled with the broadcast nature of Ethernet, can
create network congestion.
Normal latency as the frames travel across the layers
Extending the distances and increasing latency of the Ethernet/802.3
LANs by using Layer 1 repeaters.
Half-Duplex
• Originally Ethernet was a half-duplex technology.
• Using half-duplex, a host could either transmit or receive at one time,
•
•
•
•
•
but not both.
If the network is already in use, the transmission is delayed.
When a collision occurs, the host that first detects the collision will
send out a jam signal to the other hosts.
Upon receiving the jam signal, each host will stop sending data, then
wait for a random period of time before attempting to retransmit.
The back-off algorithm generates this random delay.
As more hosts are added to the network and begin transmitting,
collisions are more likely to occur.
Duplex Transmissions
•
Simplex Transmission: One way and one way only.
– One way street
•
Half-duplex Transmission: Either way, but only one way at a time.
– Two way street, but only one way at a time (land slide).
•
Full-duplex Transmission: Both ways at the same time.
– Two way street
Network Congestion
• Today's networks are experiencing an increase in the transmission of
many forms of media:
– Large graphics files
– Images
– Full-motion video
– Multimedia applications
Network Latency
• Latency, or delay, is the time a frame or a packet takes to travel from
•
•
the source station to the final destination.
It is important to quantify the total latency of the path between the
source and the destination for LANs and WANs.
Latency has at least three sources:
– First, there is the time it takes the source NIC to place voltage
pulses on the wire and the time it takes the receiving NIC to
interpret these pulses. This is sometimes called NIC delay.
– Second, there is the actual propagation delay as the signal takes
time to travel along the cable.
– Third, latency is added according to which networking devices,
whether they are Layer 1, Layer 2, or Layer 3, are added to the
path between the two communicating computers.
Ethernet 10 BASE-T transmission time
• Transmission time equals the number of bits being sent times the bit
•
•
•
time for a given technology.
Another way to think about transmission time is the time it takes a
frame to be transmitted.
Small frames take a shorter amount of time. Large frames take a
longer amount of time.
Each 10 Mbps Ethernet bit has a 100 ns transmission window.
– Therefore, 1 byte takes a minimum of 800 ns to transmit.
– A 64-byte frame, the smallest 10BASE-T frame allowing CSMA/CD
to function properly, takes 51,200 ns ( 51.2 microseconds).
– Transmission of an entire 1000-byte frame from the source station
requires 800 microseconds.
The benefits of using repeaters
• The distance that a LAN can cover is limited due to attenuation.
• Attenuation means that the signal weakens as it travels through the
•
•
network.
The resistance in the cable or medium through which the signal travels
causes the loss of signal strength.
An Ethernet repeater is a physical layer device on the network that
boosts or regenerates the signal on an Ethernet LAN.
Full-duplex transmitting
• Full-duplex Ethernet allows the transmission of a packet and the
•
•
•
•
•
reception of a different packet at the same time.
To transmit and receive simultaneously, a dedicated switch port is
required for each node.
The full-duplex Ethernet switch takes advantage of the two pairs of
wires in the cable by creating a direct connection between the transmit
(TX) at one end of the circuit and the receive (RX) at the other end.
Ethernet usually can only use 50%-60% of the available 10 Mbps of
bandwidth because of collisions and latency.
Full-duplex Ethernet offers 100% of the bandwidth in both directions.
This produces a potential 20 Mbps throughput, which results from 10
Mbps TX and 10 Mbps RX.
Duplex Transmissions
•
Simplex Transmission: One way and one way only.
– One way street
•
Half-duplex Transmission: Either way, but only one way at a time.
– Two way street, but only one way at a time (land slide).
•
Full-duplex Transmission: Both ways at the same time.
– Two way street
LAN segmentation
•
Not the best diagram, let’s look at some examples…
Sending and receiving Ethernet frames on a bus
1111
2222
3333
nnnn
Abbreviated
MAC
Addresses
3333 1111
•
•
When an Ethernet frame is sent out on the “bus” all
devices on the bus receive it.
What do they do with it?
Sending and receiving Ethernet frames on a bus
Nope
1111
2222
Hey, that’s
me!
3333
Nope
nnnn
Abbreviated
MAC
Addresses
3333 1111
• Each NIC card compares its own MAC address with the Destination
•
•
MAC Address.
If it matches, it copies in the rest of the frame.
If it does NOT match, it ignores the rest of the frame.
– Unless you are running a Sniffer program
Sending and receiving Ethernet frames on a bus
1111
•
2222
3333
nnnn
Abbreviated
MAC
Addresses
So, what happens when multiple computers try to transmit
at the same time?
Sending and receiving Ethernet frames on a bus
1111
2222
3333
nnnn
X
Collision!
Abbreviated
MAC
Addresses
Access Methods
Two common types of access methods for LANs include
• Non-Deterministic: Contention methods (Ethernet, IEEE 802.3)
– Only one signal can be on a network segment at
one time.
– Collisions are a normal occurrence on an
Ethernet/802.3 LAN
• Deterministic: Token Passing (Token Ring)
•
CSMA/CD
CSMA/CD (Carrier Sense Multiple Access with Collision
Detection)
• Common contention method used with Ethernet and IEEE
802.3
• “Let everyone have access whenever they want and we
will work it out somehow.”
•
CSMA/CD and Collisions
CSMA/CD (Carrier Sense Multiple Access with Collision Detection)
• Listens to the network’s shared media to see if any other users on “on
the line” by trying to sense a neutral electrical signal or carrier.
• If no transmission is sensed, then multiple access allows anyone onto
the media without any further permission required.
• If two PCs detect a neutral signal and access the shared media at the
exact same time, a collision occurs and is detected.
• The PCs sense the collision by being unable to deliver the entire
frame (coming soon) onto the network. (This is why there are
minimum frame lengths along with cable distance and speed
limitations. This includes the 5-4-3 rule.)
• When a collision occurs, a jamming signal is sent out by the first PC
to detect the collision.
• Using either a priority or random backoff scheme, the PCs wait
certain amount of time before retransmitting.
• If collisions continue to occur, the PCs random interval is doubled,
lessening the chances of a collision.
•
CSMA/CD and Collisions
Nope
1111
Notice the
location of
the DA!
2222
Hey, that’s
me!
3333
Nope
nnnn
Abbreviated
MAC
Addresses
3333 1111
And as we said,
• When information (frame) is transmitted, every PC/NIC on the shared
media copies part of the transmitted frame to see if the destination
address matches the address of the NIC.
• If there is a match, the rest of the frame is copied
• If there is NOT a match the rest of the frame is ignored.
•
Sending and receiving Ethernet frames via a hub
3333 1111
1111
?
2222
•
•
5555
3333
4444
So, what does a hub do
when it receives
information?
Remember, a hub is
nothing more than a
multiport repeater.
•
Sending and receiving Ethernet frames via a hub
Hub or
•
Sending and receiving Ethernet frames via a hub
3333 1111
• The hub will flood it out all
1111
2222
Nope
•
•
5555
Nope
•
•
3333 For me!
4444 Nope
•
ports except for the incoming
port.
Hub is a layer 1 device.
A hub does NOT look at layer
2 addresses, so it is fast in
transmitting data.
Disadvantage with hubs: A
hub or series of hubs is a
single collision domain.
A collision will occur if any two
or more devices transmit at
the same time within the
collision domain.
More on this later.
•
Sending and receiving Ethernet frames via a hub
2222 1111
• Another disadvantage with
1111
2222
For me!
5555
Nope
3333 Nope
4444 Nope
hubs is that is take up
unnecessary bandwidth on
other links.
Wasted
bandwidth
•
Sending and receiving Ethernet frames via a switch
•
Sending and receiving Ethernet frames via a switch
Source Address Table
Port Source MAC Add. Port Source MAC Add.
3333 1111
• Switches are also known as
switch
•
•
1111
3333
•
Abbreviated
MAC
addresses
2222
4444
•
learning bridges or learning
switches.
A switch has a source address
table in cache (RAM) where it
stores source MAC address
after it learns about them.
A switch receives an Ethernet
frame it searches the source
address table for the
Destination MAC address.
If it finds a match, it filters the
frame by only sending it out
that port.
If there is not a match if floods
it out all ports.
•
No Destination Address in table, Flood
Source Address Table
Port Source MAC Add. Port Source MAC Add.
1
1111
3333 1111
• How does it learn source MAC
switch
•
•
•
1111
3333
• Next, in our scenario, the
Abbreviated
MAC
addresses
2222
addresses?
First, the switch will see if the
SA (1111) is in it’s table.
If it is, it resets the timer (more
in a moment).
If it is NOT in the table it adds
it, with the port number.
4444
switch will flood the frame out
all other ports, because the DA
is not in the source address
table.
•
Destination Address in table, Filter
Source Address Table
Port Source MAC Add. Port Source MAC Add.
1
1111
6
3333
1111 3333
• Most communications involve
switch
•
•
1111
•
3333
Abbreviated
MAC
addresses
•
2222
4444
some sort of client-server
relationship or exchange of
information. (You will
understand this more as you
learn about TCP/IP.)
Now 3333 sends data back to
1111.
The switch sees if it has the SA
stored.
It does NOT so it adds it. (This
will help next time 1111 sends
to 3333.)
Next, it checks the DA and in
our case it can filter the frame,
by sending it only out port 1.
•
Destination Address in table, Filter
Source Address Table
Port Source MAC Add. Port Source MAC Add.
1
1111
6
3333
3333 1111
switch
1111 3333
1111
3333
Abbreviated
MAC
addresses
2222
4444
•
Now, because both MAC
addresses are in the switch’s table,
any information exchanged
between 1111 and 3333 can be
sent (filtered) out the appropriate
port.
•
What happens when two devices
send to same destination?
What if this was a hub?
Where is (are) the collision
domain(s) in this example?
•
•
•
No Collisions in Switch, Buffering
Source Address Table
Port Source MAC Add. Port Source MAC Add.
1
1111
6
3333
9
4444
3333 1111
switch
3333 4444
• Unlike a hub, a collision does
•
1111
3333
•
Abbreviated
MAC
addresses
2222
4444
NOT occur, which would cause
the two PCs to have to
retransmit the frames.
Instead the switch buffers the
frames and sends them out port
#6 one at a time.
The sending PCs have no idea
that their was another PC
wanting to send to the same
destination.
•
Collision Domains
Source Address Table
Port Source MAC Add. Port Source MAC Add.
1
1111
6
3333
9
4444
3333 1111
Collision Domains
switch
3333 4444
• When there is only one device
1111
3333
•
Abbreviated
MAC
addresses
2222
4444
on a switch port, the collision
domain is only between the PC
and the switch. (Cisco
curriculum is inaccurate on this
point.)
With a full-duplex PC and
switch port, there will be no
collision, since the devices and
the medium can send and
receive at the same time.
•
Other Information
Source Address Table
Port Source MAC Add. Port Source MAC Add.
1
1111
6
3333
9
4444
•
switch
•
•
1111
3333
Abbreviated
MAC
addresses
•
2222
4444
How long are addresses kept in the
Source Address Table?
– 5 minutes is common on most
vendor switches.
How do computers know the
Destination MAC address?
• ARP Caches and ARP
Requests
How many addresses can be kept
in the table?
– Depends on the size of the
cache, but 1,024 addresses is
common.
What about Layer 2 broadcasts?
– Layer 2 broadcasts (DA = all
1’s) is flooded out all ports.
Side Note - Transparent Bridging
• Transparent bridging (normal switching process) is defined in IEEE
802.1d describing the five bridging processes of:
– learning
– flooding filtering
– forwarding
– aging
• These will be discussed further in STP (Spanning Tree Protocol)
Transparent Bridge Process - Jeff Doyle
Receive Packet
Learn source address or refresh aging timer
Is the destination a broadcast, multicast or unknown unicast?
No
Yes
Flood Packet
Are the source and destination on the same interface?
No
Yes
Filter Packet
Forward unicast to correct port
•
What happens here?
Source Address Table
Port Source MAC Add. Port Source MAC Add.
1
1111
6
3333
1
2222
1
3333
1111 3333
• Notice the Source
Address Table has
multiple entries for
port #1.
3333
1111 2222 5555
•
What happens here?
Source Address Table
Port Source MAC Add. Port Source MAC Add.
1
1111
6
3333
1
2222
1
5555
1111 3333
• The switch filters the
•
frame out port #1.
But the hub is only a
layer 1 device, so it
floods it out all
ports.
• Where is the
collision domain?
3333
1111 2222 5555
•
What happens here?
Source Address Table
Port Source MAC Add. Port Source MAC Add.
1
1111
6
3333
1
2222
1
5555
1111 3333
Collision Domain
3333
1111 2222 5555
•
LAN segmentation with routers
• Routers provide segmentation of networks, adding a latency factor of
•
•
•
•
20% to 30% over a switched network.
This increased latency is because a router operates at the network
layer and uses the IP address to determine the best path to the
destination node.
Bridges and switches provide segmentation within a single network or
subnetwork.
Routers provide connectivity between networks and subnetworks.
Routers also do not forward broadcasts while switches and
bridges must forward broadcast frames.
•
Layer 2 and layer 3 switching
(routing)
• A layer 3 switch is typically a layer 2 switch that includes a routing
•
•
•
process, I.e. does routing. (Oh yea, also known as routing. Got to love
those people in Marketing.)
Layer 3 switching has many meanings and in many cases is just a
marketing term.
Layer 3 switching is a function of the network layer.
The Layer 3 header information is examined and the packet is
forwarded based on the IP address.
•
Symmetric and asymmetric switching
Note: Most switches are now
10/100, which allow you to use
them symmetrically or
asymmetrically.
Ethernet switch latency
• Latency is the period of time from when the beginning of a frame enters
•
to when the end of the frame exits the switch.
Latency is directly related to the configured switching process and
volume of traffic.
•
Memory buffering
•
switch
•
•
•
1111
3333
Abbreviated
MAC
addresses
•
2222
4444
•
An Ethernet switch may use a buffering
technique to store and forward frames.
Buffering may also be used when the
destination port is busy.
The area of memory where the switch
stores the data is called the memory
buffer.
This memory buffer can use two methods
for forwarding frame:
– port-based memory buffering
– shared memory buffering
In port-based memory buffering frames
are stored in queues that are linked to
specific incoming ports.
Shared memory buffering deposits all
frames into a common memory buffer
which all the ports on the switch share.
•
Two switching methods
• Store-and-forward – The entire frame is received before any
•
•
forwarding takes place.
– The destination and source addresses are read and filters are
applied before the frame is forwarded.
– CRC Check done
Cut-through – The frame is forwarded through the switch before the
entire frame is received.
– This mode decreases the latency of the transmission, but also
reduces error detection.
1900 and 2800 series switches this is configurable, otherwise depends
on the model of the switch.
•
Cut-through
Cut-through
• Fast-forward – Offers the lowest level of latency.
– Fast-forward switching immediately forwards a packet after reading
the destination address.
– There may be times when packets are relayed with errors.
– Although this occurs infrequently and the destination network
adapter will discard the faulty packet upon receipt.
•
Cut-through
Cut-through
• Fragment-free – Fragment-free switching filters out collision fragments before
forwarding begins.
– Collision fragments are the majority of packet errors.
– In a properly functioning network, collision fragments must be smaller than
64 bytes.
– Anything greater than 64 bytes is a valid packet and is usually received
without error.
– Fragment-free switching waits until the packet is determined not to be a
collision fragment before forwarding.
•
Two switching methods
•
Adaptive cut-through
– In this mode, the switch uses cut-through until it detects
a given number of errors.
– Once the error threshold is reached, the switch changes
to store-and-forward mode.
Functions of a switch
• The main features of Ethernet switches are:
– Isolate traffic among segments
– Achieve greater amount of bandwidth per user by creating smaller
collision domains
How switches learn
addresses
“Learning bridges” or
Learning switches”
• Bridges and switches learn in the following ways:
•
•
•
•
– Reading the source MAC address of each received frame or
datagram
– Recording the port on which the MAC address was received.
The bridge or switch learns which addresses belong to the devices
connected to each port.
The learned addresses and associated port or interface are stored in
the addressing table.
The bridge examines the destination address of all received frames.
The bridge then scans the address table searching for the destination
address.
Filter or Flood (Switch)
• If a switch has the frame’s destination address in its CAM table (or
•
•
•
Source Address Table) it will only send the frame out the appropriate
port.
If a switch does not have the frame’s destination MAC address in its
CAM table, it floods (sends) it out all ports except for the incoming port
(the port that the frame came in on) known as an Unknown Unicast, or
if the destination MAC address is a broadcast.
Note: A CAM table may contain multiple entries per port, if a hub or a
switch is attached to that port.
Most Ethernet bridges can filter broadcast and multicast frames.
Filter or Flood (Switch)
•
Switches flood frames that are:
– Unknown unicasts
– Layer 2 broadcasts
– Multicasts (unless running multicast snooping or IGMP)
• Multicast are special layer 2 and layer 3 addresses
that are sent to devices that belong to that “group”.
Why segment LANs? (Layer 2 segments)
Hub
Switch
• First is to isolate traffic between segments.
• The second reason is to achieve more bandwidth per user
by creating smaller collision domains.
•
Why segment LANs? (Layer 2 segments)
switch
Collision Domains
•
1111
3333
Abbreviated
MAC
addresses
2222
4444
•
A switch employs
“microsegmentation” to
reduce the collision
domain on a LAN.
The switch does this by
creating dedicated network
segments, or point-to-point
connections.
•
Broadcast domains
172.30.1.21
255.255.255.0
172.30.2.10
255.255.255.0
Switch 1
172.30.1.23
255.255.255.0
172.30.2.12
255.255.255.0
Switched
Network - Two Networks
•All
ARP
Request
Ÿ Two Subnets
Ÿ
Ÿ
Several Collision Domains
Ÿ One per switch port
One Broadcast Domain
Switch 2
172.30.2.16
255.255.255.0
172.30.1.25
255.255.255.0
172.30.2.14
255.255.255.0
172.30.1.27
255.255.255.0
• Even though the LAN switch reduces the size of collision domains, all
•
hosts connected to the switch are still in the same broadcast domain.
Therefore, a broadcast from one node will still be seen by all the other
nodes connected through the LAN switch.
•
Switches and broadcast domains
These are logical not
physical representations
of what happens to
these frames.
• Switches flood frames that are:
– Unknown unicasts
– Layer 2 broadcasts
– Multicasts (unless running multicast snooping or IGMP)
• Multicast are special layer 2 and layer 3 addresses that are sent
to devices that belong to that “group”.
Switches and broadcast domains
• When a device wants to send out a Layer 2 broadcast, the destination
•
•
MAC address in the frame is set to all ones.
A MAC address of all ones is FF:FF:FF:FF:FF:FF in hexadecimal.
By setting the destination to this value, all the devices will accept and
process the broadcasted frame.
Switches and broadcast domains
Communication between switches and
workstation
•
Hubs to VLANs
Part 1
(Part 2 will be discussed when we cover VLANs.)
•
Using Hubs
•
•
•
•
•
Layer 1 devices
Inexpensive
In one port, out the others
One collision domain
One broadcast domain
•
Single Hub
Hub 1
172.30.1.21
255.255.255.0
172.30.1.24
255.255.255.0
172.30.1.22
255.255.255.0
172.30.1.23
255.255.255.0
Single Hub
Ÿ One Network (IP Network Address - usually)
Ÿ One Collision Domain
Ÿ One Broadcast Domain
This is fine for small workgroups, but does not scale
well for larger workgroups or heavy traffic.
•
Single Hub
Hub 1
172.30.1.21
255.255.255.0
172.30.2.22
255.255.255.0
172.30.1.22
255.255.255.0
172.30.2.21
255.255.255.0
Note: Different color
hosts refer to
different subnets.
Single Hub - Two subnets
Ÿ Two subnets
Ÿ One Collision Domain
Ÿ One Broadcast Domain
•
•
•
What if the computers were on two different subnets?
Could they communicate within their own subnet? Yes
Between subnets? No, need a router. The sending host will check the destination IP
address with its own IP address and subnet mask. The AND operation will determine
that it is on a different subnet and cannot be reached without sending the packet to a
default gateway (router). This is even though they are on the same physical network.
•
Multiple Hubs
Hub 1
172.30.1.21
255.255.255.0
172.30.1.22
255.255.255.0
172.30.1.23
255.255.255.0
All Hubs
Ÿ One Network Address
Ÿ One Collision Domain
Ÿ One Broadcast Domain
Hub 2
172.30.1.27
255.255.255.0
172.30.1.24
255.255.255.0
172.30.1.25
255.255.255.0
172.30.1.26
255.255.255.0
• Same issues as before, with more of an impact on the network.
•
Using Switches
•
•
•
•
Layer 2 devices
Layer 2 filtering based on Destination MAC addresses and
Source Address Table
One collision domain per port
One broadcast domain across all switches
•
Switches create multiple parallel paths
Hub
172.30.1.21
255.255.255.0
172.30.1.22
255.255.255.0
172.30.1.23
255.255.255.0
Switch and Hub Network
Ÿ One Network
Ÿ Several Collision Domains
Ÿ One per switch port
Ÿ One for the entire Hub
Ÿ One Broadcast Domain
Switch
172.30.1.27
255.255.255.0
172.30.1.24
255.255.255.0
172.30.1.25
255.255.255.0
Two parallel paths: (complete SAT tables)
• Data traffic from 172.30.1.24 to 172.30.1.25
• Data traffic from 172.30.1.26 to 172.30.1.2
172.30.1.26
255.255.255.0
•
Hubs do not create multiple parallel paths
Collision!
Hub
172.30.1.21
255.255.255.0
172.30.1.22
255.255.255.0
172.30.1.23
255.255.255.0
Switch and Hub Network
Ÿ One Network
Ÿ Several Collision Domains
Ÿ One per switch port
Ÿ One for the entire Hub
Ÿ One Broadcast Domain
Switch
172.30.1.27
255.255.255.0
172.30.1.24
255.255.255.0
172.30.1.25
255.255.255.0
As opposed to the Hub:
• Data traffic from 172.30.1.21 to 172.30.1.22
• Data traffic from 172.30.1.23 to 172.30.1.24
172.30.1.26
255.255.255.0
•
Switches create multiple parallel paths
Hub
172.30.1.21
255.255.255.0
172.30.1.22
255.255.255.0
172.30.1.23
255.255.255.0
Switch and Hub Network
Ÿ One Network
Ÿ Several Collision Domains
Ÿ One per switch port
Ÿ One for the entire Hub
Ÿ One Broadcast Domain
Switch
172.30.1.27
255.255.255.0
172.30.1.24
255.255.255.0
172.30.1.25
255.255.255.0
172.30.1.26
255.255.255.0
Collisions and Switches:
What happens when two devices on a switch, send data to another device
on the switch?
172.30.1.24 to 172.30.1.25 and 172.30.1.26 to 172.30.1.25
•
Switches create multiple parallel paths
Hub
Frames
buffered
172.30.1.21
255.255.255.0
172.30.1.22
255.255.255.0
172.30.1.23
255.255.255.0
Switch and Hub Network
Ÿ One Network
Ÿ Several Collision Domains
Ÿ One per switch port
Ÿ One for the entire Hub
Ÿ One Broadcast Domain
Switch
172.30.1.27
255.255.255.0
172.30.1.24
255.255.255.0
172.30.1.25
255.255.255.0
172.30.1.26
255.255.255.0
The switch keeps the frames in buffer memory, and queues the traffic for
the host 172.30.1.25.
This means that the sending hosts do not know about the collisions and do
not have to re-send the frames.
•
Other Switching Features
Review
• Asymmetric ports: 10 Mbps and 100 Mbps
• Full-duplex ports
• Cut-through versus Store-and-Forward switching
•
Other Switching Features
172.30.1.21
255.255.255.0
172.30.1.22
255.255.255.0
Switch 1
172.30.1.23
255.255.255.0
172.30.1.24
255.255.255.0
All Switched Network
Ÿ One Network
Ÿ Several Collision Domains
Ÿ One per switch port
Ÿ One Broadcast Domain
Switch 2
172.30.1.28
255.255.255.0
172.30.1.25
255.255.255.0
172.30.1.26
255.255.255.0
172.30.1.27
255.255.255.0
• Ports between switches and server ports are good candidates for higher
•
bandwidth ports (100 Mbps) and full-duplex ports.
Most switch ports today are full-duplex.
•
Introducing Multiple Subnets/Networks
without Routers
• Switches are Layer 2 devices
• Router are Layer 3 devices
• Data between subnets/networks must pass through a
router.
•
Switched Network with Multiple Subnets
ARP Request
172.30.1.21
255.255.255.0
172.30.2.10
255.255.255.0
Switch 1
172.30.1.23
255.255.255.0
172.30.2.12
255.255.255.0
All Switched Network - Two Networks
Ÿ Two Subnets
Ÿ Several Collision Domains
Ÿ One per switch port
Ÿ One Broadcast Domain
•
•
•
•
Switch 2
172.30.2.16
255.255.255.0
172.30.1.25
255.255.255.0
172.30.2.14
255.255.255.0
172.30.1.27
255.255.255.0
What are the issues?
Can data travel within the subnet? Yes
Can data travel between subnets? No, need a router!
What is the impact of a layer 2 broadcast, like an ARP Request?
•
Switched Network with Multiple Subnets
ARP Request
172.30.1.21
255.255.255.0
172.30.2.10
255.255.255.0
Switch 1
172.30.1.23
255.255.255.0
172.30.2.12
255.255.255.0
All Switched Network - Two Networks
Ÿ Two Subnets
Ÿ Several Collision Domains
Ÿ One per switch port
Ÿ One Broadcast Domain
•
•
•
Switch 2
172.30.2.16
255.255.255.0
172.30.1.25
255.255.255.0
172.30.2.14
255.255.255.0
172.30.1.27
255.255.255.0
All devices see the ARP Request, even those on the other subnets that do not need to
see it.
One broadcast domain means the switches flood all broadcast out all ports, except the
incoming port.
Switches have no idea of the layer 3 information contained in the ARP Request.This
consumes bandwidth on the network and processing cycles on the hosts.
•
One Solution: Physically separate the subnets
172.30.1.21
255.255.255.0
172.30.1.23
255.255.255.0
Switch 1
172.30.1.25
255.255.255.0
Two Switched Networks
Ÿ Two Subnets
Ÿ Several Collision Domains
Ÿ One per switch port
Ÿ Two Broadcast Domain
172.30.1.26
255.255.255.0
Switch 2
172.30.2.16
255.255.255.0
172.30.2.10
255.255.255.0
172.30.2.12
255.255.255.0
172.30.2.14
255.255.255.0
• But still no data can travel between the subnets.
• How can we get the data to travel between the two subnets?
•
Another Solution: Use a Router
172.30.1.21
255.255.255.0
172.30.1.23
255.255.255.0
172.30.1.1
255.255.255.0
Switch 1
172.30.2.1
255.255.255.0
Router
172.30.1.25
255.255.255.0
172.30.1.26
255.255.255.0
Routed Networks
Ÿ Two Subnets
Ÿ Several Collision Domains
Ÿ One per switch port
Ÿ Communication between subnets
•
Switch 2
172.30.2.16
255.255.255.0
172.30.2.10
255.255.255.0
172.30.2.12
255.255.255.0
172.30.2.14
255.255.255.0
Two separate broadcast domains, because the router will
not forward the layer 2 broadcasts such as ARP Requests.
•
Switches with multiple subnets
•
•
So far this should have been a review.
Lets see what happens when we have two subnets on a
single switch and we want to route between the two
subnets.
•
Router-on-a-stick or One-Arm-Router (OAR)
interface e 0
ip address 172.30.1.1 255.255.255.0
ip address 172.30.2.1 255.255.255.0 secondary
Router
172.30.1.1
172.30.2.1 sec
255.255.255.0
ARP Request
Secondary addresses
can be used when the
router does not support
sub-interfaces which will
be discussed later.
172.30.1.21
255.255.255.0
Switch 1
172.30.2.12
255.255.255.0
172.30.2.10
255.255.255.0
•
•
172.30.1.23
255.255.255.0
Routed Networks
Ÿ Two Subnets
Ÿ Communication between subnets
When a single interface is used to route between subnets or networks,
this is know as a router-on-a-stick.
To assign multiple ip addresses to the same interface, secondary
addresses or subinterfaces are used.
•
Router-on-a-stick or One-Arm-Router (OAR)
interface e 0
ip address 172.30.1.1 255.255.255.0
ip address 172.30.2.1 255.255.255.0 secondary
172.30.1.21
255.255.255.0
Router
172.30.1.1
172.30.2.1 sec
255.255.255.0
Switch 1
172.30.2.12
255.255.255.0
172.30.2.10
255.255.255.0
172.30.1.23
255.255.255.0
Routed Networks
Advantages Ÿ Two Subnets
Ÿ there
Communication
between
subnets
• Useful when
are limited Ethernet
interfaces
on the router.
Disadvantage
• Because a single link is used to connect multiple subnets, one link is having
to carry the traffic for multiple subnets.
• Be sure this is link can handle the traffic.
•
Router-on-a-stick or One-Arm-Router (OAR)
interface e 0
ip address 172.30.1.1 255.255.255.0
ip address 172.30.2.1 255.255.255.0 secondary
Router
172.30.1.1
172.30.2.1 sec
255.255.255.0
ARP Request
172.30.1.21
255.255.255.0
Switch 1
172.30.2.12
255.255.255.0
172.30.2.10
255.255.255.0
172.30.1.23
255.255.255.0
Routed Networks
Ÿ Two Subnets
Ÿ Communication between subnets
•
Still the same problem of the switch forwarding broadcast
traffic to all devices on all subnets.
•
Router-on-a-stick or One-Arm-Router (OAR)
interface e 0
ip address 172.30.1.1 255.255.255.0
ip address 172.30.2.1 255.255.255.0 secondary
172.30.1.21
255.255.255.0
Router
172.30.1.1
172.30.2.1 sec
255.255.255.0
Switch 1
172.30.2.12
255.255.255.0
172.30.2.10
255.255.255.0
172.30.1.23
255.255.255.0
Routed Networks
Ÿ Two Subnets
Ÿ Communication between subnets
Remember to have the proper default gateway set for each host.
• 172.30.1.0 hosts - default gateway is 172.30.1.1
• 172.30.2.0 hosts - default gateway is 172.30.2.1
•
Interface for each subnet
172.30.1.1 E0
255.255.255.0
172.30.1.21
255.255.255.0
E1 172.30.2.1
Router
255.255.255.0
Switch 1
172.30.2.12
255.255.255.0
172.30.2.10
255.255.255.0
172.30.1.23
255.255.255.0
Routed Networks
Ÿ Two Subnets
Ÿ Communication between subnets
• An Ethernet router interface per subnet may be used instead of one.
• However this may be difficult if you do not have enough Ethernet ports
on your router.
•
Still one broadcast domain
172.30.1.1
255.255.255.0
Router
172.30.2.1
255.255.255.0
ARP Request
172.30.1.21
255.255.255.0
Switch 1
172.30.2.12
255.255.255.0
172.30.2.10
255.255.255.0
172.30.1.23
255.255.255.0
Routed Networks
Ÿ Two Subnets
Ÿ Communication between subnets
•
Still the same problem of the switch forwarding broadcast
traffic to all devices on all subnets.
•
Introducing VLANs
•
•
•
•
VLAN = Subnet
VLANs create separate broadcast domains within the
switch.
Routers are needed to pass information between different
VLANs
This is only an introduction, as we will discuss VLANs
and Inter-VLAN Routing in later chapters.
•
Layer 2 Broadcast Segmentation
Switch Port: VLAN ID
ARP Request
172.30.1.21
255.255.255.0
VLAN 1
Switch 1
172.30.2.12
255.255.255.0
VLAN 2
172.30.2.10
255.255.255.0
VLAN 2
172.30.1.23
255.255.255.0
VLAN 1
1 2 3 4 5 6 . Port
1 2 1 2 2 1 . VLAN
Two VLANs
Ÿ Two Subnets
• An ARP Request from 172.30.1.21 for 172.30.1.23 will only be seen by
•
hosts on that VLAN.
The switch will flood broadcast traffic out only those ports belonging to
that particular VLAN, in this case VLAN 1.
•
Layer 2 Broadcast Segmentation
1 2 3 4 5 6 . Port
1 2 1 2 2 1 . VLAN
Port-centric VLAN Switches
• As the Network Administrator, it is your job to assign switch
ports to the proper VLAN.
• This assignment is only done at the switch and not at the
host.
• Note: The following diagrams show the VLAN below the
host, but it is actually assigned on the switch.
•
Without VLANs – No Broadcast Control
ARP Request
172.30.1.21
255.255.255.0
Switch 1
172.30.2.12
255.255.255.0
172.30.2.10
255.255.255.0
172.30.1.23
255.255.255.0
No VLANs
Ÿ Same as a single VLAN
Ÿ Two Subnets
• Without VLANs, the ARP Request would be seen by all hosts.
• Again, consuming unnecessary network bandwidth and host processing
cycles.
•
With VLANs – Broadcast Control
Switch Port: VLAN ID
ARP Request
172.30.1.21
255.255.255.0
VLAN 1
Switch 1
172.30.2.12
255.255.255.0
VLAN 2
172.30.2.10
255.255.255.0
VLAN 2
172.30.1.23
255.255.255.0
VLAN 1
Two VLANs
Ÿ Two Subnets
1 2 3 4 5 6 . Port
1 2 1 2 2 1 . VLAN
•
Inter-VLAN Traffic
Switch Port: VLAN ID
172.30.1.21
255.255.255.0
VLAN 1
Switch 1
172.30.2.12
255.255.255.0
VLAN 2
172.30.2.10
255.255.255.0
VLAN 2
172.30.1.23
255.255.255.0
VLAN 1
1 2 3 4 5 6 . Port
1 2 1 2 2 1 . VLAN
Two
VLANs
1. Remember that
VLAN
IDs (numbers) are assigned to the switch port
and not to theŸ host.
Two(Port-centric
Subnets VLAN switches)
2. Be sure to have all of the hosts on the same subnet belong to the same
VLAN, or you will have problems.
• Hosts on subnet 172.30.1.0/24 - VLAN 1
• Hosts on subnet 172.30.2.0/24 - VLAN 2
• etc.
•
Inter-VLAN Traffic
Switch Port: VLAN ID
To 172.30.2.12
172.30.1.21
255.255.255.0
VLAN 1
Switch 1
172.30.2.12
255.255.255.0
VLAN 2
172.30.2.10
255.255.255.0
VLAN 2
172.30.1.23
255.255.255.0
VLAN 1
1 2 3 4 5 6 . Port
1 2 1 2 2 1 . VLAN
Two VLANs
Ÿ Two Subnets
•
•
A switch cannot route data between different VLANs.
Note: The host will not even send the Packet unless it has a
default gateway to forward it to.
•
Inter-VLAN Routing needs a Router
172.30.1.1
255.255.255.0
(VLAN 1)
Router
172.30.2.1
255.255.255.0
(VLAN 2)
1 2 3 4 5 6 . Port
1 2 1 2 2 1 . VLAN
• A router is need to route traffic between VLANs (VLAN = Subnet).
• There are various methods of doing this including Router-on-a-stick with
•
trunking (more than one VLAN on the link).
This will be discussed later when we get to the chapter on VLANs and
Inter-VLAN Routing.
Ch. 4 – Switching Concepts
CCNA 3 version 3.0
Download