* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Configuring Cisco Switches
Airborne Networking wikipedia , lookup
IEEE 802.1aq wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Network tap wikipedia , lookup
Parallel port wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Chapter 13 Configuring Cisco Switches powered by DJ 1 Chapter Objectives At the end of this Chapter you will be able to: Understand Cisco switches Select the appropriate media, cables, ports, and connectors to connect switches to other network devices and hosts Explain network segmentation and basic traffic management concepts Explain basic switching concepts and the operation of Cisco switches Define what is a loop Describe the Spanning Tree process Working with switches. Configuring Switches. powered by DJ 2 Bridges and Switches The main function of bridges and switches is to solve bandwidth, or collision, problems. Switching Services Unlike bridges, which use software to create and manage a filter table, switches use application specific integrated circuits (ASICs) to build and maintain their filter tables. Layer 2 switches and bridges are faster than routers because they don’t take up time looking at the Network layer header information. Instead, they look at the frame’s hardware addresses before deciding to either forward, flood or drop the frame. powered by DJ 3 Layer 2 switching provides the following: Hardware-based bridging (ASIC) Wire speed Low latency Low cost powered by DJ Private Domains Created by switches 4 Bridging vs. LAN Switching there are some important differences: Bridges are software based, while switches are hardware based because they use ASIC chips to help make filtering decisions. A switch can be viewed as a multiport bridge. There can be only one spanning-tree instance per bridge, while switches can have many. Switches have a higher number of ports than most bridges. Bridges and switches learn MAC addresses by examining the source address of each frame received. Both bridges and switches make forwarding decisions based on layer 2 addresses. powered by DJ 5 Switch Functioning at Layer 2 There are three distinct functions of layer 2 switching- Address learning forward/filter decisions loop avoidance Address learning Layer 2 switches and bridges remember the source hardware address of each frame received on an interface, and they enter this information into a MAC database called a forward/filter table. powered by DJ 6 Forward/filter decisions When a frame is received on an interface, the switch looks at the destination hardware address and finds the exit interface in the MAC database. The frame is only forwarded out the specified destination port. Loop avoidance If multiple connections between switches are created for redundancy purposes, network loops can occur. Spanning Tree Protocol (STP) is used to stop network loops while still permitting redundancy. powered by DJ 7 Address Learning – A Detailed Look When a switch is first powered on, the MAC forward/filter table is empty. When a device transmits and an interface receives a frame, the switch places the frame’s source address in the MAC forward/filter table powered by DJ 8 Mac Forward/Filter Table powered by DJ 9 Forward/Filter Decisions – A Detailed Look When a frame arrives at a switch interface, the destination hardware address is compared to the forward/filter MAC database. If the destination hardware address is known and listed in the database, the frame is only sent out the correct exit interface. The switch doesn’t transmit the frame out any interface except for the destination interface. This preserves bandwidth on the other network segments and is called frame filtering. powered by DJ 10 Another Forward/Filter Table powered by DJ 11 Loop Avoidance and Spanning Tree Protocol Redundant links between switches are a good idea because they help prevent complete network failures in the event one link stops working. even though redundant links can be extremely helpful, they often cause more problems than they solve. This is because frames can be flooded down all redundant links simultaneously, creating network loops powered by DJ 12 Broadcast Storm powered by DJ 13 A device can receive multiple copies of the same frame since that frame can arrive from different segments at the same time. Figure below demonstrates how a whole bunch of frames can arrive from multiple segments simultaneously. The server in the figure sends a unicast frame to Router C. Since it’s a unicast frame, Switch A forwards the frame and Switch B provides the same service—it forwards the broadcast. This is bad because it means that Router C receives that unicast frame twice, causing additional overhead on the network. powered by DJ 14 Multiple Frame Copies powered by DJ 15 The Spanning Tree Protocol What is Spanning Tree Protocol? The main function of the Spanning Tree Protocol (STP) is to remove layer-2 loops from your topology Spanning Tree Terms Root bridge: The root bridge is the bridge with the lowest best bridge ID. With STP, the key is for all the switches in the network to elect a root bridge that becomes the focal point in the network. BPDU: All the switches exchange information to use in the selection of the root switch as well as in subsequent configuration of the network. Each switch compares the parameters in the Bridge Protocol Data Unit (BPDU) that it sends to one neighbor with the one that it receives from another neighbor. powered by DJ 16 Conti… Bridge ID: The bridge ID is how STP keeps track of all the switches in the network. It is determined by a combination of the bridge priority (32,768 by default on all Cisco switches) and the base MAC address. The bridge with the lowest bridge ID becomes the root bridge in the network. Nonroot bridges: These are all bridges that are not the root bridge. Nonroot bridges exchange BPDUs with all bridges and update the STP topology database on all switches, preventing loops and providing a measure of defense against link failures. powered by DJ 17 Conti.. Port cost: Port cost determines the best path when multiple links are used between two switches and none of the links is a root port. The cost of a link is determined by the bandwidth of a link. Root port: The root port is always the link directly connected to the root bridge, or the shortest path to the root bridge. If more than one link connects to the root bridge, then a port cost is determined by checking the bandwidth of each link. The lowest-cost port becomes the root port. If multiple links have the same cost, the bridge with the lower advertising bridge ID is used. Since multiple links can be from the same device, the lowest port number will be used. powered by DJ 18 Conti… Designated port: A designated port is one that has been determined as having the best (lowest) cost. A designated port will be marked as a forwarding port. Non designated port: A non designated port is one with a higher cost than the designated port. Non designated ports are put in blocking mode—they are not forwarding ports. Forwarding port: A forwarding port forwards frames. Blocked port: A blocked port is the port that, in order to prevent loops, will not forward frames. However, a blocked port will always listen to frames. powered by DJ 19 Connect Switch to a Step 1 Computer All network cable connections are secure. Your PC or terminal is connected to the console port. Your terminal emulator application, such as HyperTerminal is running and configured properly. The figure shows a PC connected to a switch using the console port. powered by DJ 20 Connect Dialogue Box powered by DJ 21 Choose appropriate settings for your region and verify, the pre-selected ones. powered by DJ 22 Step 2 Observe the boot sequence as follows: When the switch is on, the POST begins. During POST, the LEDs blink while a series of tests determine that the switch is functioning properly. When the POST has completed, the SYST LED rapidly blinks green. If the switch fails POST, the SYST LED turns amber. When a switch fails the POST test, it is necessary to repair the switch. powered by DJ 23 2950 Switch Configuration 1) Setting the Passwords Commands (config)#enable password ? level Set exec level password (config)#enable password level ? <1-15> (config)#enable password level 15 hcl1 Level number 2) Setting the Hostname #config t Switch(config)#hostname hcl2950 hcl2950(config)# powered by DJ 24 3) Setting IP Information hcl1900#config t hcl1900(config)#ip address 172.16.10.16 255.255.255.0 hcl1900(config)#ip default-gateway 172.16.10.1 hcl1900(config)# 4) Configuring Interface Descriptions Hcl1900#config t Hcl1900(config)#int e0/1 Hcl1900(config-if)#description Finance_VLAN powered by DJ 25 5) Setting Port Security on a Catalyst Switch Switch(config-if)#switchport port-security mac-address mac-address Now only this one MAC address is allowed on this switch port. 6) Erasing the Switch Configuration Hcl1900#delete nvram powered by DJ 26 THANK YOU powered by DJ 27