07 Operating LAN Switches

By Muhammad Asghar Khan

Reference: CCENT/CCNA ICND1 Official Exam Certification Guide By Wendell Odom

1/2

Agenda

Introduction

Cisco Catalyst Switch Brand Cisco Linksys Switch Brand Switch Status from LEDs CLI Access from the Console CLI Access with Telnet & SSH Setting Password Security for CLI User EXEC Mode Privileged EXEC Mode
www.asghars.blogspot.com

The Cisco Catalyst 2960 Switch

Accessing the Cisco IOS CLI

Cisco IOS Modes of Operation

2

2/2

Agenda

Global Configuration Mode

Switch Configuration Files

Types of Switch Memory

RAM/DRAM ROM Flash Memory NVRAM Initial Configuration (Setup Mode) Startup Configuration Running Configuration

Types of Configurations

Copying Configuration Files Erasing Configuration Files

www.asghars.blogspot.com

1/2

Introduction

Cisco has two major brands of LAN switching products

Cisco Catalyst Switch Brand

Includes a large collection of switches, all of which have been designed with Enterprises in mind The Catalyst switches have a wide range of sizes, functions, and forwarding rates Includes a variety of switches designed for use in the home

Cisco Linksys Switch Brand

The CCNA exams focus on how to implement LANs using Cisco Catalyst switches Both the Catalyst and Linksys brands of Cisco switches provide the same base features
4 www.asghars.blogspot.com

2/2

Introduction

Within the Cisco Catalyst brand, Cisco produces a wide variety of switch series or families Each switch series includes several specic models of switches that have:

Similar Features, Similar Price-Versus-Performance trade-offs, and Similar Internal components

www.asghars.blogspot.com

1/8

The Cisco Catalyst 2960 Switch

Cisco positions the 2960 series/family of switches as full-featured, low cost wiring closet/cabinet switches for enterprises 2960 switches are mostly used as access switches The distribution layer switches are often from a different Cisco switch family, typically a more powerful and more expensive product family Figure on next slide shows the photo of the 2960 switch series from Cisco
6 www.asghars.blogspot.com

2/8

The Cisco Catalyst 2960 Switch

The top switch (WS-2960-24TT-L) has 24 RJ-45 UTP 10 /100 ports, meaning that these ports can negotiate the use of 10BASE-T or 100BASE-TX Ethernet The WS-2960-24TT-L switch has two additional RJ-45 ports on the right that are 10/100/1000 interfaces, intended to connect to the core switches of an Enterprise campus LAN

www.asghars.blogspot.com

3/8

The Cisco Catalyst 2960 Switch

Cisco refers to a switchs physical connectors as either interfaces or ports. Each interface has a number in the style x/y, where x and y are two different numbers In a 2960, the number before the / is always 0. The rst 10/100 interface on a 2960 is numbered starting at 0/1, the second is 0/2, and so on The interfaces also have names; for example, interface FastEthernet 0/1 is the rst of the 10/100 interfaces.

Any Gigabit-capable interfaces would be called GigabitEthernet interfaces

8 www.asghars.blogspot.com

4/8

The Cisco Catalyst 2960 Switch

Cisco supports two major types of switch operating systems:

Internetwork Operating System (IOS) Catalyst Operating System (Cat OS)

Most Cisco Catalyst switch series today run only Cisco IOS But for some historical reasons, some of the high-end Cisco LAN switches support both Cisco IOS and Cat OS

Cisco also uses the term hybrid to refer to 6500 switches that use Cat OS and the term native to refer to 6500 switches that use Cisco IOS
9 www.asghars.blogspot.com

5/8

The Cisco Catalyst 2960 Switch

Switch Status from LEDs

Switch hardware includes several LEDs that provide some status and troubleshooting information Figure shows the front of a 2960 series switch, with five LEDs on the left, one LED over each port, and a mode button
Port

SYST (System) RPS (Redundant Power Supply) STAT (Status) DUPLX (Duplex) SPEED MODE
10 www.asghars.blogspot.com

6/8

The Cisco Catalyst 2960 Switch

To make sense of the LEDs, consider the specific example of SYST LED

SYST LED provides a quick overall status of the switch, with three states on most 2960 switch models:
Off:

switch is not powered on On (green): switch is powered on and operational (Cisco IOS has been loaded) On (amber): switchs Power-On Self Test (POST) process failed, and the Cisco IOS did not load. In this case, the typical response is to power the switch off and back on again. If the same failure occurs, a call to the Cisco Technical Assistance Center (TAC) is typically the next step
11 www.asghars.blogspot.com

7/8

The Cisco Catalyst 2960 Switch

The particular details of how each LED works differ between different Cisco switch families and with different models inside the same switch family The port LEDsthe LEDs sitting above or below each Ethernet portmeans something different depending on which of three port LED modes is currently used on the switch The switches have a mode button (labeled with number 6 in Figure) that, when pressed, cycles the port LEDs through three modes:

STAT DUPLX, and SPEED

www.asghars.blogspot.com

12

8/8

The Cisco Catalyst 2960 Switch

Each of the three port LED modes changes the meaning of the port LEDs associated with each port

In STAT (status) Mode

Off: The link is not working Solid Green: The link is working, but theres no current traffic Flashing Green: The link is working, and traffic is currently passing over the interface Flashing Amber: The interface is administratively disabled or has been dynamically disabled for a variety of reasons

In SPEED Mode
Dark LED; meaning 10 Mbps Solid Green Light; meaning 100 Mbps Flashing Green; meaning 1000 Mbps (1 Gbps)

13

www.asghars.blogspot.com

1/7

Accessing the Cisco IOS CLI

The command-line interface (CLI) is a text-based interface in which the user, typically a network engineer, enters a text command and presses Enter Pressing Enter sends the command to the switch, which tells the device to do something Cisco IOS not also define an interface (CLI) for humans but it also controls the switchs performance and behavior The switch CLI can be accessed through three popular methodsthe console, Telnet, and Secure Shell (SSH)
14 www.asghars.blogspot.com

2/7

Accessing the Cisco IOS CLI

The console is a physical port built specifically to allow access to the CLI Telnet and SSH use the IP network in which the switch resides to reach the switch Figure depicts the options You can also use the Cisco Device Manager (CDM) or Cisco Security Device Manager (SDM) to configure the switch using web browser
15 www.asghars.blogspot.com

3/7

Accessing the Cisco IOS CLI

CLI Access from the Console

Every Cisco switch has a console port, which is physically an RJ-45 port A PC connects to the console port using a UTP rollover cable The UTP rollover cable has RJ-45 connectors on each end, with pin combination as 1 to 8 ,2 to 7, 3 to 6, and 4 to 5 Figure shows the RJ-45 end of the console cable connected to a switch and the DB-9 end connected to a laptop PC
www.asghars.blogspot.com

16

4/7

Accessing the Cisco IOS CLI

Next, a terminal emulator software package (e.g. tera term) must be installed and configured to use the PCs serial port, matching the switchs console port settings The default console port settings on a switch are as follows:

9600 bits/second No hardware flow control 8-bit ASCII No stop bits 1 parity bit

Figure shows the configuration window for the settings just listed
www.asghars.blogspot.com

17

5/7

Accessing the Cisco IOS CLI

CLI Access with Telnet & SSH

18

Most terminal emulator packages also include both Telnet & SSH client functions Telnet or SSH application protocol calls the terminal emulator a Telnet Client or SSH Client and device that listens for commands is called Telnet Server or SSH Server The switch runs Telnet and SSH server software by default, but needs to have an IP address configured Telnet & SHH is TCP based where Telnet uses the port 23 and SHH uses the port 22 The key difference b/w Telnet & SHH is that Telnet sends all data as clear-text data, while the SHH sends data in more secure manner by using the encryption
www.asghars.blogspot.com

6/7

Accessing the Cisco IOS CLI

Setting Password Security for CLI

By default switch allows only console access, but no Telnet or SHH access To add basic password checking for console and Telnet, engineers needs to configure a couple of basic commands Following are the two basic commands to configure password

Console (Console Password)

line console 0l login password mypass

19

www.asghars.blogspot.com

7/7

Accessing the Cisco IOS CLI

Telnet (vty Password)

line vty 0 15 login password mypass

Cisco switches refers to console as console linespecifically, console line 0 Cisco switches also support 16 Telnet sessions, referenced as virtual terminal (vty) lines 0 through 15 SSH requires a little more effort than console & Telnet, as SSH uses public key cryptography to exchange a shared session key Additionally, SSH requires both username and password for login
www.asghars.blogspot.com

20

1/10

Cisco IOS Modes of Operation

Cisco IOS provides access to several different command modes Each command mode provides a different group of related commands Entering a question mark (?) at the system prompt allows you to obtain a list of commands available for each command mode The three basic modes are:

21

User EXEC Mode Privileged EXEC Mode Global Configuration Mode

www.asghars.blogspot.com

2/10

Cisco IOS Modes of Operation

User EXEC Mode

It is the default command mode for the CLI It is also called User Mode The user EXEC commands allow you to connect to remote devices, change terminal settings on a temporary basis, perform basic tests, and list system information EXEC refers to the fact that the user only enter the command, switch executes that command and then display the message The prompt for user EXEC mode is the name of the device followed by an angle bracket:
www.asghars.blogspot.com

22

3/10

Cisco IOS Modes of Operation

Privileged EXEC Mode

Privileged EXEC commands set operating parameters Privileged EXEC mode is password protected It is also called simply privileged or enable mode To enter privileged mode, enter the enable EXEC command from user EXEC mode:

23

To set enable mode password, use either the enable password or enable secret commands It is recommended that you use the enable secret command because it uses an improved encryption algorithm www.asghars.blogspot.com

4/10

Cisco IOS Modes of Operation

Use the enable password command only if you boot an older image of the Cisco IOS software Figure shows the User & Privileged modes

24

www.asghars.blogspot.com

5/10

Cisco IOS Modes of Operation

Global Configuration Mode

Global configuration commands apply to features that affect the system as a whole, rather than just one protocol or interface Commands entered in configuration mode update the active configuration file Configuration mode itself contains submodes Submodes used to configure specific system features Context-setting commands move you from one configuration mode or context to another
www.asghars.blogspot.com

25

6/10

Cisco IOS Modes of Operation

To enter global configuration mode, enter the configure command from privileged EXEC mode:

The system prompt changes to indicate that you are now in global configuration mode Some of the submodes are:

Access-list Configuration Line Configuration

www.asghars.blogspot.com

26

7/10

Cisco IOS Modes of Operation

Interface Configuration

Access-list Configuration

Use access-list configuration mode when you are creating a named IP or IPX access list From global configuration mode, use the ip access-list or ipx access-list command

Line configuration

Line configuration commands modify the operation of an auxiliary, console, physical, or virtual terminal line
www.asghars.blogspot.com

27

8/10

Cisco IOS Modes of Operation

From global configuration mode, enter by specifying a line with a line {aux | con | tty | vty} line-number [ending-line-number] command

Interface Configuration

The commands entered in this mode modify the operation of an interface From global configuration mode, enter by specifying an interface with an interface command
www.asghars.blogspot.com

28

9/10

Cisco IOS Modes of Operation

Figure shows the relationship b/w EXEC modes and configuration mode

29

www.asghars.blogspot.com

10/10

Cisco IOS Modes of Operation

The end or Ctrl+z key sequence exit the user from any part of configuration mode and go back to privileged EXEC mode While the exit command backs you out of configuration mode one sub-configuration mode at a time

30

www.asghars.blogspot.com

1/9

Switch Configuration Files

To work with files, you need some sort of memory Cisco switches uses several types of permanent memory as:

RAM/DRAM

Used by switch as it is used by any other computer Stores bootstrap/boot-helper program, that is loaded when the switch first power on Bootstrap program finds the image of IOS and load it into the RAM Found in the form of chip inside the switch or a removable memory card
www.asghars.blogspot.com

ROM

Flash Memory

31

2/9

Switch Configuration Files

Stores the Cisco IOS images and it is the default location where bootstrap searches for the IOS image It can also be used to store configuration or backup files Stores the initial or startup configuration file

Nonvolatile RAM (NVRAM)

A configuration file saves the switch configuration commands in text format Switch maintains the following types of configuration:

Initial Configuration (Setup Mode)

32

Setup mode leads a switch administrator to a basic switch configuration by using questions that prompt for basic switch configuration parameters Figure on next slide describe the process used by setup mode www.asghars.blogspot.com

3/9

Switch Configuration Files

33

www.asghars.blogspot.com

4/9

Switch Configuration Files

Startup Configuration

Used for initialization when the switch boots If this file does not exist, the system boots using the factory defaults It is stored in NVRAM You can use the show startup-config command to view the startup configuration file The IOS File System (IFS) refers to startup-config as nvram:startup-config

34

www.asghars.blogspot.com

5/9

Switch Configuration Files

Running Configuration

Stores the currently used configuration commands This file changes dynamically when someone enters commands in configuration mode It is stored in RAM If the switch is reloaded (rebooted) and the running configuration is not saved all commands will be lost You can use the show running-config command to view the startup configuration file

35

www.asghars.blogspot.com

6/9

Switch Configuration Files

The IOS File System (IFS) refers to running-config as system:running-config

36

www.asghars.blogspot.com

7/9

Switch Configuration Files

Copying Configuration Files

The copy command can be used to copy files b/w RAM or NVRAM on a switch and a TFTP server The copy command can be summarized as:
copy { tftp | running-config | startup-config } { tftp | running-config | startup-config }

It always replaces the existing configuration file when the file is copied into NVRAM or into a TFTP server, while it merged the configuration file into the running-config file in RAM
www.asghars.blogspot.com

37

8/9

Switch Configuration Files

Figure depicts the locations and results of copy operation

38

www.asghars.blogspot.com

9/9

Switch Configuration Files

Erasing Configuration Files

You can use three different commands to erase the contents of NVRAM

write erase (older) erase startup-config (older) erase nvram (recomened)

39

All the three commands will erase the contents of the NVRAM configuration file Note there is no command to erase the contents of the running-config file; to clear the running-config file, simply erase the startup-config file and then reload the switchwww.asghars.blogspot.com