LAN Switching
Purpose: Filtering, flooding and sending frames. It also allows connections to be established as needed
and terminated if no longer necessary.
Three switch functions at layer 2
Address learning - Layer-2 switches and bridges remember the source hardware address of each frame
received on an interface and enter this information into a MAC database
Forward/filter decisions - When a frame is received on an interface, the switch looks at the destination
hardware address and finds the exit interface in the MAC database
Loop avoidance - If multiple connections between switches are created for redundancy, network loops
can occur. The Spanning-Tree Protocol (STP) is used to stop network loops and allow redundancy.
As the frame enters the switch fabric, the switch assigns a unique ID and places the frame for forwarding
to other switches.
Bridges
Bridges operate at Layer 2 and usually do not reduce broadcasts because it forwards broadcast
packets to all of its ports except the port on which the broadcast packet arrived. On the other hand, a
router usually blocks broadcast packets.
Bridges expand the distance of an Ethernet network because each segment can be built to the
maximum distance.
Bridges filter some traffic based upon MAC addresses.
Bandwidth is used more efficiently.
Local traffic is kept local.
Bridging versus Switches
Layer-2 switches are really just bridges with more ports. However, there are some important differences
you should be aware of:
Bridges are software based, while switches are hardware based because they use ASICs chip to help
make filtering decisions.
Bridges can only have one spanning-tree instance per bridge, while switches can have many.
Bridges can only have up to 16 ports, whereas a switch can have hundreds.
Switches take less time to process frames than hubs take
Nodes attached to hubs, or nodes sharing their connections to a switch port, must operate in half-
duplex because end stations must be able to detect collisions.
Bridges, switches and routers SEGMENT a Lan.
Benefits of LAN Segmentation Causes of LAN traffic congestion
Increased BW per user Too many hosts in a broadcast domain
Keeping local traffic local Broadcast storm
Reduced broadcasts Multicasting
Decreased collisions Low BW
Adding hubs
ARP traffic
Routers
Routers are used to connect networks together and route packets of data from one network to another.
- Routers by default break up a broadcast domain.
- Will not forward any broadcast or multicast packets.
- They also break up collision domains.
- Use access lists to control security.
Pros:- They don’t forward broadcasts by default
- They can filter the network based on layer 3 information (IP address).
Functions: - Packet switching and filtering (access lists)
- Internetwork communication
- Path selection
When a collision occurs on an Ethernet LAN:
1. A jam signal informs all devices that a collision occurred.
2. The collision invokes a random backoff algorithm.
3. Each device on the Ethernet segment stops transmitting for a short time until the timers expire.
Switches aren’t used to create internetworks (they don’t break up broadcast domains by default);
they’re employed to add functionality to a network LAN. The main purpose of a switch is to make a LAN
work better, providing more BW for the LAN’s users.
What are the advantages of LAN Segmentation?
When separate networks are needed or if a network has reached its physical limitations, segmentation
is used. Segmenting a LAN can extend the network, reduce congestion, isolate network problems, and
improve security.
Because routers use Layer 3 addresses, which typically have structure, routers can use techniques (such
as address summarization) to build networks that maintain performance and responsiveness as they
grow in size. Segments are interconnected by routers to enable communication between LANs while
blocking other types of traffic. Routers also allow for the interconnection of disparate LAN and WAN
technologies while also implementing broadcast filters and logical firewalls. In general, if you need
advanced internetworking services, such as broadcast firewalling and communication between
dissimilar LANs, routers are necessary.
Layer 2 switches offer some or all of the following benefits:
Unlike hubs and repeaters, switches allow multiple data streams to pass simultaneously.
LAN switches are used to interconnect multiple LAN segments. LAN switching provides dedicated,
collision-free communication between network devices, with support for multiple simultaneous
conversations.
Collisions--Switches reduce collisions on network segments because they provide dedicated
bandwidth to each network segment and each connected segment is in a separate collision domain.
Bandwidth---LAN switches provide excellent performance for individual users by allocating dedicated
bandwidth to each switch port (for example, each network segment). This technique is known as
microsegmenting. An Ethernet LAN switch improves bandwidth by separating collision domains and
selectively forwarding traffic to the appropriate segments.
Dedicated Bandwidth---Switches deliver dedicated bandwidth to users through high-density group
switched and switched 10BaseT or 100BaseT Ethernet.
VLANs---LAN switches can group individual ports into logical switched workgroups called VLANs,
thereby restricting the broadcast domain to designated VLAN member ports. VLANs are also known
as switched domains and autonomous switching domains. Communication between VLANs requires a
router.
What are the characteristics of Ethernet and Fast Ethernet? What are their limitations?
Fast Ethernet = 100Mbits/sec (100baseTX, T = twisted pair copper is the most used)
Fast Ethernet signal delay = 5.12 us
Ethernet = 10Mbits/sec
Ethernet signal delay = 51.2 us
Full Duplex fast Ethernet = 200Mbits/sec
What are the types of Ethernet cabling and when do you use them?
Straight through
Used for connecting unlike devices (router/hub, computer/switch)
Computers and routers are considered like devices
Crossover cables
Used to connect like devices since it allows 2 devices to communicate at the same time.
(Computer/router, computer/computer, router/router, switch/switch)
Rollover cables
Used to connect a computer terminal to a router’s console port.
Know the 4 different Ethernet Frame types
When two systems need to communicate on an Ethernet network, they must be using a common frame
format. In all cases, the minimum Ethernet frame size is 64 bytes, while the maximum size is 1518 bytes.
Ethernet II: TCP/IP
- Includes a 2-byte type field that specifies the network layer protocol encapsulated within.
Ethernet 802.3: originally created by Novell for use with the IPX protocol, and was later standardized by
the IEEE. Because these frames don’t contain any LLC information, they are sometimes referred to as
Ethernet RAW. These frames contain a 2-byte Length field instead of a Type field. The field identifies the
number of bytes of data contained within the data field of the frame – they automatically assume that
the upper-layer protocol is IPX, and do not work with other upper layer protocols.
Ethernet 802.2 (SAP): In order to provide a greater deal of flexibility with Ethernet framing, the IEEE
defined what is known as the 802.2 Logical Link Control (LLC), the upper sub-layer of the Data Link Layer.
At first glance an 802.2 frame may look like an 802.3 frame, since it has a length field. However, the first
part of the data portion of an 802.2 Ethernet frame actually contains LLC information in the form of
Source Service Access Point (SSAP), Destination Service Access Point (DSAP), and Control information.
Ethernet SNAP: The final Ethernet frame type, Ethernet SNAP (which stands for Sub Network Access
Protocol) was developed as a result of compatibility issues. Given that many vendors had been using the
Ethernet II frame types for their upper layer protocols before 802.2 was standardized, they were left
with a 1-byte SAP field where they had previously used a 2-byte Type field. This made moving to the
new standard difficult, so the IEEE came up with the Ethernet SNAP frame type. Ethernet SNAP allows a
higher degree of flexibility for proprietary protocols. The Ethernet SNAP frame type is commonly used
with AppleTalk.
In all Ethernet frame types you’ll find five main elements – a preamble, start of frame delimiter, header,
data, and trailer.
Preamble. The purpose of the 7-byte preamble is to mark the beginning of a frame and to enable
synchronization between a sender and receiver.
Start of Frame Delimiter. The 1-byte SOF field always ends in binary 11 to notify that the next bits
represent the beginning of the destination MAC address.
Header. At a minimum, the header will contain the source and destination MAC addresses (6 bytes
each), as well as an extra 2-byte field. Various frame types use this extra field differently, as we’ll
discuss shortly.
Data. The data portion houses everything that was encapsulated by the upper-layer protocols prior to
being passed down for framing.
Trailer. An Ethernet trailer consists of a Frame Check Sequence (FCS). This is where the Cyclic
Redundancy Check (CRC) value is held that will be used to confirm that the frame has not been
corrupted when it reaches its destination.
Specifications
- IEEE 802.3u was created in order to define a media-independent interface capable of supporting
100Mbps Ethernet operation.
- Ethernet is based on CSMA/CD
- 802.2 is used to define the logical link access used by all IEEE MAC protocols.
- 802.x: The IEEE standard for data communication over a LAN.
Inter/Intranetwork connections
- If a computer is connected to a router using a straight-through cable, both the router and the
computer will receive transmissions on their transmit pins, which means they cannot communicate.
However, a crossover cable crosses the transmit and receive pins so that the transmit pins on each end
of the cable are aligned with the receive pins on the other end.
- You use a rolled Ethernet cable to connect a host to a router consol serial communication port.
- 4 wires are used in straight-through cable to connect Ethernet devices.
- Coaxial consists of a center wire surrounded by insulation and then a grounded shield of braided wire.
The shield minimizes electrical and radio frequency interference (used for cable TV and Ethernet).
-10base2 and 10base5 are coaxial, which cannot support full duplex.
-UTP consists of 2 unshielded wires that twist around each other (used often for LANs and telephone
systems).
-100baseTx only goes to 100meters
- Base indicates baseband (digital) signaling
- Inexpensive cable but it doesn’t offer good protection against interference.
- Straight-through: host to switch/hub, router to switch or hub.
- Crossover: Switch to switch, router to router, router to host, host to host.
WLAN
- 802.11b provides 11Mbps over 2.4Ghz.
- 802.11b has fallback rates of 1, 2 and 5.5Mbps and uses DSSS
- 802.11 transfers 1 to 54Mbps and provides 1 or 2 Mbps in 2.4 Ghz by using FHSS and DSSS.
- 802.11a provides up to 54Mbps in 5Ghz by using OFDM (orthogonal frequency division multiplexing)
- 802.11g provides up to 54Mbps in 2.4Ghz and uses OFDM for higher than 2Mbps and DSSS for less.
- Fiber optics use glass threads to transmit data, each of which is capable of transmitting messages
modulated onto light waves.
- Expensive to install and fragile.
- 100BaseFX can be up to 412 meters.
- But thinner and lighter than metal wires and less susceptible than metal cables to interference.
- Data can be transmitted digitally rather than analog format.
STP (eliminates loops)
- STP uses the spanning-tree algorithm (STA) to first create a topology database, then search out and
destroy redundant links.
Switch#show spanning-tree
show spantree vlan_id
show spantree summary
- The bridge ID is how STP keeps track of all the switches in the network.
- The root bridge is the bridge with the best (lowest) bridge ID. A root bridge always has every port in
forwarding mode (designated ports). To choose the root bridge, you combine the priority with its MAC
address. If priorities are equal, then lowest MAC address gets it:
Switch(config)# spanning-tree vlan priority ?
- The key is for all the switches in the network to elect a root bridge that becomes the focal point in the
network.
- BPDUs are multicast frames that contain the bridge id of the source device which is used in spanning-
tree alg calculations.
- The Designated port is one that has been determined as having the best (lowest) cost.
- Distance to the root bridge becomes the factor used to determine which port will be the root port for
that device.
- Enabling EtherChannel feature on all switches in the diagram bundles the physical links into a single
logical bundle.
States:
- Blocking: a blocked port won’t forward frames. It just listens to BPDUs.
- Listening (15 sec): the port listens to BPDUs to make sure no loops occur on the network before
passing data frames. It doesn’t record any info. It remains in this state for the time defined by the
forward delay setting.
- Learning (15sec): the switch port listens to BPDUs and learns all the paths in the switched network. It
can populate its mac table of the connected ports. It remains in this state until the forward delay
expires.
- Forwarding: The port sends and receives all data frames o the bridged port. This is the lowest cost
path to the root bridge. This actively forwards frames and records macs.
- Disabled: port does not participate in the frame forwarding or STP.
RSTP
- The goal of RSTP is to disable any redundant links in the network to prevent switch loops.
- RSTP does not shut down any switches and does not load balance. These things are usually done by
EtherChannel.
- The root port is based on the following: => Lowest cost to the root bridge (number of edges to the RB).
=> If tied, lowest neighbor Bridge ID (lowest priority, then lowed MAC).
=> If tied, lower port number.
- When blocking a port, same procedure is used.
LAN switches types
- Cut-through: waits for the destination hardware address to be received before it looks up the
destination address.
- Fragment Free: switch checks the first 64 bytes of a frame before forwarding to make sure
fragmentation did not occur.
- Store-and-Forward: wait until the complete data frame is received on the switch’s buffer and performs
a CRC. If packet is error free, switch then looks up the destination address in its filer table, determines
the appropriate exit port and sends the packets.
Switches
- Forward/filter: Switch# show mac address-table
- If the destination MAC address is not found in the forward/filter table, it will forward the frame out all
ports of the switch looking for the destination device.
1900 and 2950
- When the 1900 switch is first powered on, it runs through a POST (power-on self test). If POST
determines that all ports are in good shape, all the LEDs blink and then turn off. Otherwise, both the
System LED and the port’s LED turn amber.
- 1900 -> M: configure CLI, I: configure IP config.
- User password: Use level number 1.
- Enable password: Use level mode 1.5: enable password level 1 todd
- Use ip address to set ip address on 1900 switch.
- 2950 -> like a router, once it is powered, it goes into setup mode.
- Configure under VLAN interface.
Switch2950(config)#int vlan1
Switch2950(config-if)#ip address172.16.10.17 255.255.255.0
Switch2950(config-if)#no shutdown
- Both 1900’s and 2950’s configurations are stored in NVRAM.
- When you make a change to switch’s run config, it will automatically copy itself to NVRAM.
- 1900: you can only look at the run config.
- 2950: has run config and start config.
Lab 7.10: Connecting to the 2950 Switch and Setting Passwords
User and enable password
Switch(config)#enable password todd (user password)
Switch(config)#enable secret cisco (enable password)
Remember, if you set your enable secret, the enable password is superceded and not used, just like
in a router.
Console and telnet password
Switch(config)#line console 0
Switch(config-line)#password console
Switch(config-line)#login
Remember that just like in a router, you cannot get help for a line command from within line
configuration mode. Type exit to go back one step.
Switch(config-line)#exit
Switch(config)#line vty 0 15
Switch(config-line)#password telnet
Switch(config-line)#login
use show running-config (show run for short) to see the current configuration on the switch.
Lab 7.12: Configuring IP Address Information on a 2950 Switch
You do not have to set any IP configuration on the switch to make it work. You can just plug in devices
and they should start working, just like they would on a hub. The reason you would set the IP address
information on the switch is so you can either manage the switch via Telnet or other management
software, or you wanted to configure the switch with different VLANs and other network functions.
By default, no IP address or default-gateway information is set. You would set both the IP address and
the default-gateway on a layer-two switch, just like any host. By typing the command show running-
config you can see the default IP configuration of the switch.
To set the IP configuration on a 2950 switch, use the ip address command. Remember that by default all
interfaces are members of VLAN1, which is why the VLAN1 interface is configured by default.
Todd2950A(config)#interface vlan1
Todd2950A(config-if)#ip address 172.16.40.17 255.255.255.0
Todd2950A(config-if)#exit
Todd2950A(config)#ip default-gateway 172.16.40.1
Todd2950A(config)#exit
Lab 7.13: Configuring 2950 Switch Interfaces
To access switch ports, use the type slot/port command.
Todd2950A(config)#int fa0/1
Todd2950A(config-if)#duplex ?
auto Enable AUTO duplex configuration
full Force full duplex operation
half Force half-duplex operation
Todd2950A(config-if)#
Since the switch ports are set to “auto” by default, you can change each of the switch ports to always be
in full-duplex mode for better performance. This is recommended.
Todd2950A(config-if)#duplex full
Duplex will not be set until speed is set to non-auto value
Todd2950A(config-if)#speed 100
Portfast enables a switch port to come up quickly and not to wait the typical 50 seconds for spanning-
tree to go through its “I gotta make sure there are no loops!” cycle. However, if you turn portfast on,
then you better be sure you do not create a physical loop on the switch network or it will bring your
network down.
Todd2950A(config-if)#spanning-tree portfast
Lab 7.17: Saving and Erasing the 2950 Switch Configuration
The switch configuration is stored in NVRAM, just as any router and placed in RAM when the switch
boots. The file in ram is called the running-config and the file in NVRAM is called the startup-config. You
can view the startup-config, also called the backup configuration, with the show startup-config
command.
- Save switch configuration
Todd2950A#copy run start
Destination filename [startup-config]?press enter
Building configuration...
[OK]
- Delete NVRAM contents
Todd2950A#erase startup-config
Erasing the nvram filesystem will remove all files! Continue? [confirm] press enter
[OK]
Erase of nvram: complete
Todd2950A#sh start
%% Non-volatile configuration memory is not present
- Again, just because you have erased the contents of NVRAM with the erase startup-config command,
you need to remember that the running-config is still in RAM. To erase the running-config you have to
reload the switch.