LAN Switching

Ethernet switches are used in LAN to create Ethernet n/ws. Switches forward the traffic on the basis of MAC address. Switches maintain a Mac Addresse table in which mac addresses and port no.s are used to perform switching decision. Working of bridge and switch is similar to each other.

Classification of switches
Switches are classified according to the following criteria: Types of switches based on working (1) Store & Forward This switch receives entire frame then perform error checking and start forwarding data to the destination. (2) Cut through This switch starts forwarding frame as soon as first six bytes of the frame are received. (3) Fragment-free This switch receives 64 bytes of the frame, perform error checking and then start forwarding data. (4) Adaptive cut-through It changes its mode according the condition. If it see there are errors in many frames then it changes to Store & Forward mode from Cut through or Fragment-free. Types of switches based on management (1) Manageable switches (2) Non-Manageable switches (3) Semi-Manageable switches Types of switches based on OSI layer (1) Layer 2 switches (only switching) (2) Layer 3 switches (switching & routing) Types of switches based on command mode (only in Cisco) (1) IOS based (2) CLI based Type of switches based on hierarchical model (1) Core layer switches (2) Distribution layer switches (3) Access layer switches

Qualities of switch - No. of ports - Speed of ports - Type of media - Switching or wire speed or throughput

Basic Switch Administration

IOS based switches are similar to the routers. We can perform following function on switches in a similar manner as performed on router. (1) Access switch using console (2) Commands to enter & exit from different mode (3) Commands to configure passwords (4) Manage configuration (5) Backup IOS and configuration (6) Configuring and resolving hostnames (7) Managing telnet (8) Configuring CDP (9) Configuring time clock (10) Configuring Banners (11) Command line shortcuts and editing shortcuts (12) Managing history (13) Configure logging (14) Boot system commands Following function and options are not similar in router and switch. (1) Default hostname is Switch (2) Auxiliary port is not present (3) VTY ports are mostly 0 to 15 (4) By default interfaces are enabled (5) IP address cannot be assign to interfaces (6) Routing configuration mode is not present (7) Interface no. starts from 1 (8) Web access is by default enabled (9) Configuration registry is not present in similar manner (10) Flash memory may contain multiple files and startup-configuration is also saved in flash

Configuring IP and Gateway on switch

We can configure IP address on switch for web access or telnet IP address is required for the administration of the switch. If we have to access switch from remote n/w then we will configure default gateway in addition to IP address. IP address is assigned to the logical interface of switch with following command:Switch(config)#interface vlan 1 Switch(config)#IP address <ip> <mask> Switch(config)#no sh Switch(config)#exit

Old Switches Switch(config)#ip address <ip> <mask> Switch(config)#exit Configuring Gateway Switch(config)#ip default-gateway <ip> Switch(config)#exit Breaking Switch Password (1) Power off switch press mode button present in front of switch then power on the switch. (2) Keep mode button press until Switch: prompt appears on console. (3) In switch monitor mode, type following commands: flash_init load_helper rename flash:config.text flash:<anyname> dir flash: boot (4) After booting switch will prompt to enter in initial configuration dialog. Enter no here and type. Switch>enable Rename flash:<anyname> Flash:config.text Configure memory Change password and save config. Then copy run start_config.

Cisco Hierarchal Model

When we want to create a large sized LAN network then we may face following problems if we are going design the network in flat model. (1) High latency (2) Conjunction between switches (3) Large broadcast domain Cisco hierarchal model recommends three layer design of the network (i) Core layer (ii) Distribution layer (iii) Access layer on each layer there are some rules which we have to follow (1) Highest performance devices are connected on Core layer (2) Resources should be placed on Core layer (3) Polices should not be applied on core layer (4) On distribution layer, we can implement policies (5) Distribution and Core devices should be connected with high-speed links. (6) Access layer devices are basic devices and may be non manageable.

CORE LAYER

DISTRIBUTION LAYER

ACCESS LAYER

(Hierarchal model) After using hierarchal model the most of LAN problem will be solve but one problem still remain same that is all pc s will be in single broadcast domain. We have to implement following solution for this problem. (1) Physical Segmentation (2) Logical Segmentation VLAN Trunking VTP Inter VLAN Pruning Logical Segmentation of Network To perform logical segmentation, we have to create VLAN in the network. With the help of VLAN, we can logically divide the broadcast domain of the network

VLAN (Virtual LAN)

VLAN provides Virtual Segmentation of Broadcast Domain in the network. The devices, which are member of same Vlan, are able to communicate with each other. The devices of different Vlan may communicate with each other with routing. So that different Vlan devices will use different n/w addresses. Vlan provides following advantages: (1) Logical Segmentation of network (2) Enhance network security Creating port based Vlan In port based Vlan, first we have to create a Vlan on manageable switch then we have to add ports to the Vlan. Commands to create Vlan Switch#config ter Switch(config)#vlan <no> [name <word>] Switch(config)#exit optional Or Switch#vlan database Switch(vlan)#vlan <no> [name <word>] Switch(vlan)#exit Commands to configure ports for a Vlan By default, all ports are member of single vlan that is Vlan1. we can change vlan membership according to our requirement. Switch#conf ter Switch(config)#interface <type> <no> Switch(config-if)#switchport access vlan <no> Switch(config-if)#exit Commands to configure multiple ports in a vlan Switch#conf ter Switch(config)#interface range <type> <slot/port no (space)(space) port no> Switch(config-if)#switchport access vlan <no> Switch(config-if)#exit Example: - Suppose we want to add interface fast Ethernet 0/10 to 0/18 in vlan5 Switch#config ter Switch(config)#interface range fastethernet 0/10 18 Switch(config-if)#switchport access vlan 5 Switchconfig-if#exit

In 1900 & Compatible switches Switch#config ter Switch(config)#interface <type> <no> Switch(config-if)#vlan-membership static <vlan no> Switch(config-if)#exit To Disable web access in switch Switch#config ter Switch(config)#no ip http server To display mac address table Switch#sh mac-address-table Vlan 20 Mac address type 00-08-a16-ab-6a-7b dynamic ports fa0/7

To Display Vlan and port membership Switch#sh vlan

Trunking
When there are multiple switches then we have to use trunk links to connect one switch with other. If we are not using trunk links then we have to connect one cable from each vlan to the corresponding vlan of the other switch. Normal: Vlan 1 6 7 3 1 3 7

In Trunking: 1 7 3

Vlan 1,3,7 1 3 7

Trunk

Trunk

Switches will perform trunking with the help of frame tagging. The trunk port will send data frames by adding a Vlan id information to the frame, at the receiving end vlan id

information is removing from the end and according to the tag data is delivered to the corresponding vlan. There are two protocols to perform frame tagging. (1) Inter switch link (cisco prop) (2) IEEE 802.1 q Configuring Trunking In cisco switches all switch ports may be configured in three modes (1) Trunk desirable (default) (2) Trunk on (3) Trunk off Switch#conf ter Switch(config)#interface <type> <no> Switch(config-if)#switchport mode <trunk|access|auto> Switch(config-if)#exit on off desirable To configure Vlans allowed on Trunk By default all Vlans are allowed on Trunk port. We can add/remove a partucular Vlan from trunk port with following command Switch#config ter Switch(config)#interface <type> <no> Switch(config-if)#switchport trunk allowed vlan all Remove <vlan> Add <vlan> Except <vlan> To display trunk interfaces Switch#sh interface trunk Switch#sh interface <type> <no> trunk

Vlan Trunking Protocol (VTP)

With the help of VTP, we can simplify the process of creating Vlan. In multiple switches, we can configure one switch as VTP server and all other switches will be configured as VTP client. We will create Vlans on VTP server switch. The server will send periodic updates to VTP client switches. The clients will create Vlans from the update received from the VTP server. VTP server VTP server is a switch in which we can create, delete or modify Vlans. The server will send periodic updates for VTP clients. VTP client On VTP client, we are not able to create, modify or delete Vlans. The client will receive and forward vtp updates. The client will create same Vlans as defined in vtp update.

VTP Transparent Transparent is a switch, which will receive and forward VTP update. It is able to create, delete and modify Vlans locally. A transparent will not send its own VTP updates and will not learn any information from received vtp update.

Commands Switch#conf ter Switch(config)#vtp domain <name> Switch(config)#vtp password <word> Switch(config)#vtp mode <server|client|transparent> Switch(config)#exit By default in cisco switches the VTP mode is set as VTP server with no domain and no password. To display VTP status Switch#sh vtp status

VTP Pruning
Pruning is the VTP feature through which a trunk link can be automatically disable, for a particular Vlan if neighbor switch does not contain ports in that Vlan. Vlan1 is not prun eligible. Command to configure VTP Pruning We have to use only one command on VTP server for VTP Pruning. Switch#conf ter Switch(config)#vtp pruning Switch(config)#exit

Inter Vlan Communication

After creating Vlans, each Vlan has own broadcast domain. If we want communication from one Vlan to another Vlan then we need to perform routing. There are three methods for inter vlan communication. (1) Inter Vlan using multi-interface router (2) Inter Vlan using router on a stick method (3) Inter Vlan using layer 3 switch 1751, 2621 routers supports Vlan (1) Inter Vlan using multi-interface router In this case, we have to connect one interface of router in each Vlan. This interface will act as gateway for the corresponding vlan. Each Vlan has to use different n/w addresses. Data from one Vlan to another Vlan will travel by router. Router 10.0.0.1 E0 E1 11.0.0.1 E2 12.0.0.1

Vlan1 T 1, 3, 5

Vlan3 T

Vlan5 T

1 3 5 1 3 5 1 3 5 N/w 10.x.x.x 11.x.x.x 12.x.x.x Gateway 10.0.0.1 11.0.0.1 12.0.0.1 (2) Inter Vlan using router on a stick method In this method a special router is used for Inter Vlan. In this router, we can create one interface for each Vlan. The physical interface of router will be connected on trunk port switch. This router will route traffic on the same interface by swapping vlan id information with the help of frame tagging protocol.

Router Fa 0/0

Fa 0/0.1 10.0.0.1 -> Vlan1 Fa 0/0.2 11.0.0.1 -> Vlan3 Fa 0/0.3 12.0.0.1 -> Vlan5

Trunk T

Vlan 1, 3, 5 T

T 1 N/w 10.x.x.x Gateway 10.0.0.1 3 5 1

T 3 11.x.x.x 11.0.0.1 5 1

T 3 5 12.x.x.x 12.0.0.1

Configuration on Router Router#config ter Router(config)#interface fastethernet 0/0 Router(config-if)#no ip address Router(config-if)#no sh Router(config-if)#exit Router(config)#interface fastethernet 0/0.1 Router(config-if)#encapsulation dot1q 1 Router(config-if)#ip address 10.0.0.1 255.0.0.0 Router(config-if)#no sh Router(config-if)#exit Router(config)#interface fastethernet 0/0.2 Router(config-if)#encapsulation dot1q 3 Router(config-if)#ip address 11.0.0.1 255.0.0.0 Router(config-if)#no sh Router(config-if)#exit Router(config)#interface fastethernet 0/0.3 Router(config-if)#encapsulation dot1q 5 Router(config-if)#ip address 12.0.0.1 255.0.0.0 Router(config-if)#no sh Router(config-if)#exit Configuration on Core switch (1) Configure switch as VTP server (2) Create Vlans (3) Configure interface connected to router as Trunk (4) Configure interfaces connected to other switches as trunk (if required)

10

Configuration on Distribution layer switches (1) Configure switch as VTP client (2) Configure required interface as Trunk (optional) (3) Add ports to Vlan Configuration on Pc Configure IP and Gateway

Spanning Tree Protocol

When we connect multiple switches with each other and multiple path exist from one switch to another switch then it may lead to the switching loop in the network. Multiple paths are used to create redundancy in the network. STP is only required when multiple path exist then there is possibility of loop in n/w. Packets
Switch Switch Switch

Problems the occur with redundancy path (1) Multiple copies of the frame will be received by destination. (2) Frequent changes in the mac address table of switch. (3) A mac address may appear at multiple ports in a switch. (4) Packets may enter in the endless loop. Spanning Tree Protocol will solve this problem by blocking the redundancy interface. So that only one path will remain active in the switches. If the primary path goes down then disabled link will become enable and data will be transferred through that path. Working of STP The STP will create a topology database in which one switch will be elected as Route switch. Path cost is calculated on the basis of bandwidth. The lowest path cost link will be enable mode and another path will be disable.

11

Root Switch 1 Gb Switch 100 Mb Switch 100 Mb Lowest cost (Disable) STP terminology (1) Bridge id It is the combination of bridge priority and base mac address. In Cisco switches default priority no. is 32768. (2) Root Bridge The Bridge/Switch with lowest Bridge id will become the Route Bridge. Route Bridge is used as the center point for calculating path cost in topology. (3) BPDU Bridging Protocol Data Units It is the STP information, which is exchange between the switches to create topology and path selection. (4) STP port mode An STP is enabled a port may be in one of the following mode. (i) Listening: - in this mode a port will send/receive BPD. (ii) Learning: - a port will learn mac address table. (iii) Forwarding: - the port will forward data based on mac address table. (iv) Blocking: - the port is block to send/receive data by Spanning Tree Protocol. (v) Disable: - the port is administratively disabled. Path cost calculation The links in switches will be enable or disabled on the basis of path cost. The path cost for each link is calculated according to following table. Old IEEE Speed 10 Mb 100 Mb 1 Gb 10 Gb Cost 100 10 1 1 Cost 100 19 4 2 New IEEE 1 Gb Switch 100 Mb Switch

12

To configure ports for forwarding mode directly Switch#config ter Switch(config)#interface <type> <no> Switch(config-if)#switchport host Configuring port security In manageable switches, we can restrict the no. of mac addresses that a port can learn. Even we can specify the mac address statically with a command. With port security, we can also specify the action to be perform if port security violation is detected. Switch#conf ter Switch(config)#interface <type> <no> Switch(config-if)#switchport port-security Switch(config-if)#switchport port-security maximum <no. of mac> Switch(config-if)#switchport port-security violation <shutdown|restrict|reject> Switch(config-if)#switchport port-security mac-address sticky Switch(config-if)#switchport port-security mac-address sticky <mac address> Switch(config-if)#exit

13