10BASE-T The 10-Mbps baseband Ethernet specification using two pairs of twisted-pair cabling (Categories 3, 4,

or 5): One pair transmits data and the other receives data. 10BASE-T, which is part of the IEEE 802.3 specification,
has a distance limit of approximately 100 m (328 feet) per segment.

100BASE-TX: A name for the IEEE Fast Ethernet standard that uses two-pair copper cabling, a speed of 100 Mbps,
and a maximum cable length of 100 meters.

1000BASE-T: A name for the IEEE Gigabit Ethernet standard that uses four-pair copper cabling, a speed of 1000
Mbps (1 Gbps), and a maximum cable length of 100 meters.

IEEE Institute of Electrical and Electronics Engineers. A professional organization that develops communications
and network standards, among other activities.

IEEE 802.2 An IEEE LAN protocol that specifies an implementation of the LLC sublayer of the data link layer.

IEEE 802.3 A set of IEEE LAN protocols that specifies the many variations of what is known today as an Ethernet
LAN.

802.1Q: The IEEE standardized protocol for VLAN trunking.

802.11a: The IEEE standard for wireless LANs using the U-NII spectrum, OFDM encoding, at speeds of up to 54
Mbps.

802.11b: The IEEE standard for wireless LANs using the ISM spectrum, DSSS encoding, and speeds of up to 11
Mbps.

802.11g: The IEEE standard for wireless LANs using the ISM spectrum, OFDM or DSSS encoding, and speeds of
up to 54 Mbps.

802.11i: The IEEE standard for wireless LAN security, including authentication and encryption

ARP: Address Resolution Protocol. An Internet protocol used to map an IP address to a MAC address. Defined in
RFC 826.

Broadcast domain A set of all devices that receive broadcast frames originating from any device within the set.
Devices in the same LAN are in the same broadcast domain.

Broadcast frame: An Ethernet frame sent to destination address FFFF.FFFF.FFFF, meaning that the frame should
be delivered to all hosts on that LAN.

Collision domain: A set of network interface cards (NICs) for which a frame sent by one NIC could result in a
collision with a frame sent by any other NIC in the same collision domain.

Crossover cable An Ethernet cable that swaps the pair used for transmission on one device to a pair used for
receiving on the device on the opposite end of the cable. In 10BASE-T and 100BASE-TX networks, this cable
swaps the pair at pins 1,2 to pins 3,6 on the other end of the cable, and the pair at pins 3,6 to pins 1,2 as well.

CSMA/CA: Carrier senses multiple access with collision avoidance. It is a media-access mechanism that defines
how devices decide when they can send, with a goal of avoiding collisions as much as possible. IEEE WLANs use
CSMA/CA.
CSMA/CD Carrier sense multiple access collision detect. It is a media-access mechanism in which devices ready to
transmit data first check the channel for a carrier. If no carrier is sensed for a specific period of time, a device can
transmit. If two devices transmit at once, a collision occurs and is detected by all colliding devices. This collision
subsequently delays retransmissions from those devices for some random length of time.

CSU/DSU: Channel service unit/digital service unit. A device that understands the Layer 1 details of serial links
installed by a telco and how to use a serial cable to communicate with networking equipment such as routers.

Default gateway/default router: On an IP host, the IP address of some router to which the host sends packets when
the packet’s destination address is on a subnet other than the local subnet.

Error detection: The process of discovering whether or not a data-link level frame was changed during
transmission. This process typically uses a Frame Check Sequence (FCS) field in the data-link trailer.

Error disabled: An interface state on LAN switches that is the result of one of many security violations.

Error recovery: The process of noticing when some transmitted data was not successfully received and resending
the data until it is successfully received.

Ethernet: A series of LAN standards defined by the IEEE, originally invented by Xerox Corporation and developed
jointly by Xerox, Intel, and Digital Equipment Corporation.

Filter: Generally, a process or a device that screens network traffic for certain characteristics, such as source
address, destination address, or protocol, and determines whether to forward or discard that traffic based on the
established criteria.

Firewall: A device that forwards packets between the less secure and more secure parts of the network, applying
rules that determine which packets are allowed to pass, and which are not.

Flash: A type of read/write permanent memory that retains its contents even with no power applied to the memory,
and uses no moving parts, making the memory less likely to fail over time.

Flooding: The result of the LAN switch forwarding process for broadcasts and unknown unicast frames. Switches
forward these frames out all interfaces, except the interface in which the frame arrived. Switches also forward
multicasts by default, although this behavior can be changed.

Four-wire circuit: A line from the telco with four wires, composed of two twisted pair wires. Each pair is used to
send in one direction, so a four-wire circuit allows full duplex communication.

Frame: A term referring to a data-link header and trailer, plus the data encapsulated between the header and trailer.

Full duplex: Generically, any communication in which two communicating devices can concurrently send and
receive data. In Ethernet LANs, the allowance for both devices to send and receive at the same time, allowed when
both devices disable their CSMA/CD logic.

Half duplex: Generically, any communication in which only one device at a time can send data. In Ethernet LANs,
the normal result of the CSMA/CD algorithm that enforces the rule that only one device should send at any point in
time.
Hub: A LAN device that provides a centralized connection point for LAN cabling, repeating any received electrical
signal out all other ports, thereby creating a logical bus. Hubs do not interpret the electrical signals as a frame of
bits, so hubs are considered to be Layer 1 devices.
Learning: The process used by switches for discovering MAC addresses, and their relative location, by looking at
the source MAC address of all frames received by a bridge or switch.

MAC: Media Access Control. The lower of the two sublayers of the data link layer defined by the IEEE.
Synonymous with IEEE 802.3 for Ethernet LANs.

MAC address: A standardized data link layer address that is required for every device that connects to a LAN.
Ethernet MAC addresses are 6 bytes long and are controlled by the IEEE. Also known as a hardware address, a
MAC layers address, and a physical address.

Micro segmentation: The process in LAN design by which every switch port connects to a single device, with no
hubs connected to the switch ports, creating a separate collision domain per interface. The term’s origin relates to
the fact that one definition for the word “segment” is “collision domain,” with a switch separating each switch port
into a separate collision domain or segment.

Modem: Modulator-demodulator. A device that converts between digital and analog signals so that a computer may
send data to another computer using analog telephone lines. At the source, a modem converts digital signals to a
form suitable for transmission over analog communication facilities. At the destination, the analog signals are
returned to their digital form.

Multimode: A type of fiber-optic cabling with a larger core than single-mode cabling, allowing light to enter at
multiple angles. Such cabling has lower bandwidth than single-mode fiber but requires a typically cheaper light
source, such as an LED rather than a laser.

Pin out: The documentation and implementation of which wires inside a cable connect to each pin position in any
connector.

RJ-45 A popular type of cabling connector used for Ethernet cabling. It is similar to the RJ-11 connector used for
telephone wiring in homes in the United States. RJ-45 allows the connection of eight wires.

Segmentation: The process of breaking a large piece of data from an application into pieces appropriate in size to
be sent through the network.

Serial cable: A type of cable with many different styles of connectors used to connect a router to an external
CSU/DSU on a leased-line installation.

Shared Ethernet: An Ethernet that uses a hub, or even the original coaxial cabling, which results in the devices
having to take turns sending data, sharing the available bandwidth.

Single-mode: A type of fiber-optic cabling with a narrow core that allows light to enter only at a single angle. Such
cabling has a higher bandwidth than multimode fiber but requires a light source with a narrow spectral width (such
as a laser).

straight-through cable In Ethernet, a cable that connects the wire on pin 1 on one end of the cable to pin 1 on the
other end of the cable, pin 2 on one end to pin 2 on the other end, and so on.

switch A network device that filters, forwards, and floods Ethernet frames based on the destination address of each
frame.

switched Ethernet An Ethernet that uses a switch, and particularly not a hub, so that the devices connected to one
switch port do not have to contend to use the bandwidth available on another port. This term contrasts with shared
Ethernet, in which the devices must share bandwidth, whereas switched Ethernet provides much more capacity, as
the devices do not have to share the available bandwidth.
transparent bridge The name of a networking device that was a precursor to modern LAN switches. Bridges
forward frames between LAN segments based on the destination MAC address. Transparent bridging is so named
because the presence of bridges is transparent to network end nodes.

twisted pair Transmission medium consisting of two insulated wires, with the wires twisted around each other in a
spiral. An electrical circuit flows over the wire pair, with the current in opposite directions on each wire, which
significantly reduces the interference between the two wires.

unknown unicast frame An Ethernet frame whose destination MAC address is not listed in a switch’s MAC
address table, so the switch must flood the frame.

UTP Unshielded twisted pair. A type of cabling, standardized by the Electronics Industry Alliance (EIA) and
Telecommunications Industry Association (TIA), that holds twisted pairs of copper wires (typically four pair), and
does not contain any shielding from outside interference.

1. Core Layer: The core layer is the backbone of the network. It provides a high speed connection between
the different distribution layer devices. Because of the need for high-speed connections, the core consists of
high-speed switches and because switches are used at the core, the core is referred to as a layer-2 core.
Examp: 6500, 4500, 4900M, servers are connected to core switches in small enterprise.

2. Distribution Layer: The distribution layer performs most of the connectivity tasks. In larger networks,
routers are used at the distribution layer to connect the access layers to the core. The main function of
Distribution layer is that it containing broadcasts between the layers, provides securing traffic between the
layers, a hierarchy through layer-3 logical addressing and route summarization

3. Access Layer: The bottom layer of the three-layer hierarchical model is the access layer. The access layer is
at the periphery of our campus network, and it is separated from the core layer by the distribution layer. The
main function of the access layer is to provide the user’s initial connection to your network. Typically, this
connection is provided by a switch, or a hub or router. But in most cases, the connection is
provided by a switch.
CSMA/CD:
Carrier Sense multiple access with collision detection - used
in half duplex Ethernet operation. Three PC's A, B, C. A PC
will first sense the cable to determine if the cable is
carrying any signals or not, and if there is no signal on the
cable, it will send data from its Tx Ring and maintain that
data at L2 level in the buffer, and PC expects that it will
see the same data on it Rx Ring to conclude that data was sent
across the "segment" error free.

Collision Detection:
When a PC receives data which does not match with the data it
sent. Consider there are three PC's, A,B,C and A & B
determines by "CS" algorithm that there is no body sending
data and thus send some data at the same point in time, both
will receive on their Rx ring data which will not match with
the data which they sent. Therefore, A & B determines that
there was collision and therefore following events will
unfold:

PCs which were part of collision will send a jam signal which
has a minimum length of 64bytes so that everybody on the
segment knows that there was a collision and will wait for
random amount of time. PC A & B.

There is another set of PC "C", which wasn't part of

collision, and they will not send jam signal and will not wait
for random period after seeing jam signal. They will start
sensing media once jam signal is over.

A PC which has observed collision will try sending data 16

times before it stops trying and sends a message of failure to
upper layer protocols.

In Ethernet full duplex environment "micro segmentation",

CSMA/CD algorithm is disabled as it is not required.In
wireless, CSMA/CA is used.

Neither CSMA/CD nor CSMA/CA eliminates collision.

 Switch
The main function of switch is to forward the Ethernet frame by using MAC addresses.

Switch LED Indicators

 The front panel of a switch has several lights to help monitor system activity and performance. These lights
are called light-emitting diodes (LEDs). The switch has the following LEDs:

o System LED

o Remote Power Supply (RPS) LED

o Port Mode LED

o Port Status LEDs

 The System LED shows whether the system is receiving power and functioning correctly.

 The RPS LED indicates whether or not the remote power supply is in use.

 The Mode LEDs indicate the current state of the Mode button.

 The Port Status LEDs have different meanings, depending on the current value of the Mode LED.

Switch form factors.

Fixed Configuration Switches

Fixed configuration switches are just as you might expect, fixed in their configuration. What that means is that you
cannot add features or options to the switch beyond those that originally came with the switch. The particular model
you purchase determines the features and options available. For example, if you purchase a 24-port gigabit fixed
switch, you cannot add additional ports when you need them. There are typically different configuration choices that
vary in how many and what types of ports are included.

Modular Switches

Modular switches offer more flexibility in their configuration. Modular switches typically come with different sized
chassis that allow for the installation of different numbers of modular line cards. The line cards actually contain the
ports. The line card fits into the switch chassis like expansion cards fit into a PC. The larger the chassis, the more
modules it can support. As you can see in the figure, there can be many different chassis sizes to choose from. If you
bought a modular switch with a 24-port line card, you could easily add an additional 24 port line card, to bring the
total number of ports up to 48.

Stackable Switches

Stackable switches can be interconnected using a special backplane cable that provides high-bandwidth throughput
between the switches. Cisco introduced StackWise technology in one of its switch product lines. StackWise allows
you to interconnect up to nine switches using fully redundant backplane connections. As you can see in the figure,
switches are stacked one atop of the other, and cables connect the switches in daisy chain fashion. The stacked
switches effectively operate as a single larger switch. Stackable switches are desirable where fault tolerance and
bandwidth availability are critical and a modular switch is too costly to implement. Using cross-connected
connections, the network can recover quickly if a single switch fails. Stackable switches use a special port for
interconnections and do not use line ports for inter-switch connections. The speeds are also typically faster than
using line ports for connection switches.

PoE and Layer 3 Functionality

Two other characteristics you want to consider when selecting a switch are Power over Ethernet (PoE) and Layer 3
functionality.

Power over Ethernet

Power over Ethernet (PoE) allows the switch to deliver power to a device over the existing Ethernet cabling. As you
can see in the figure, this feature can be used by IP phones and some wireless access points. PoE allows you more
flexibility when installing wireless access points and IP phones because you can install them anywhere you can run
an Ethernet cable. You do not need to consider how to run ordinary power to the device. You should only select a
switch that supports PoE if you are actually going to take advantage of the feature, because it adds considerable cost
to the switch.

Layer 3 Functions

Click the Layer 3 functions button in the figure to see some Layer 3 functions that can be provided by switches in a
hierarchical network.

Typically, switches operate at Layer 2 of the OSI reference model where they deal primarily with the MAC
addresses of devices connected to switch ports. Layer 3 switches offer advanced functionality that will be discussed
in greater detail in the later chapters of this course. Layer 3 switches are also known as multilayer switches.

Ethernet Communications

Communications in a switched LAN network occur in three ways: unicast, broadcast, and multicast:

Switching
Switching breaks up large collision domains into smaller ones. Each port on a switch is actually its own collision
domain; you can make a much better Ethernet LAN network just by replacing your hubs with switches.

Layer 2 and Layer 3 Switching

A Layer 2 LAN switch, such as the Catalyst 2960, performs switching and filtering based only on the OSI data link
layer (Layer 2) MAC address.

A Layer 3 switch, such as the Catalyst 3560, functions similarly to a Layer 2 switch, but instead of using only the
Layer 2 MAC address information for forwarding decisions, a Layer 3 switch can also use IP address information.
This allows the Layer 3 switch to direct traffic throughout the network based on IP address information.

Layer 3 switches are also capable of performing Layer 3 routing functions, reducing the need for dedicated routers
on a LAN. Because Layer 3 switches have specialized switching hardware, they can typically route data as quickly
as they can switch.

Switch Functions
Address learning

 For each received frame, Switch examines the source MAC address of the frame and compares it the with
CAM table entries.

 If it is not listed in the CAM table, then switch add MAC address and corresponding Port number of frame
in the CAM table and set the inactivity timer to 0.

 If it is already in the CAM table then switch reset inactivity timer for the entry to 0.

Forward/Filter Decision

 Then for forward/filter, switch examines the destination MAC address and compared it to the forward/
filter CAM table.

 If the destination MAC address is already listed in the CAM table, the frame is sent out only through the
corresponding port.

 If the destination MAC address is not listed in the CAM table, then the frame is flooded out all active ports
to unknown unicast MAC address except the port on which the frame was received on.

Loop Avoidance- Switch uses STP to remove layer 2 loops from our topology.

Switching Methods
1. Store-and-Forward:- In Store and Forward method, switch receive the entire frame and before sending it
to its destination. It is most reliable method of switching because it determines if the frame is had any error
by using FCS (file check sum).

2. Cut-Through:- In cut-through method, switch start forwarding frame to its destination as soon as
destination MAC address (8 byte) is received. Main advantage of cut through is that it reduces latency but it
also propagate errors.
 3. Fragment-Free:- In fragment-free method, switch start forwarding frame to its destination as soon as first
64 byte is received.

Switch terms

Flooding:- is the process of sending frames out all other interface excepts the interface on which the frame
arrived. Switch flood unknown unicast frames as well as broadcast frames.

Unknown Unicast frame:- The frame whose destination MAC address is not yet in the CAM table, this
types of frame flooded out all the interfaces except the port on which it received with the hope that the unknown
device will be on same Ethernet segment and will replay.

Inactive timer:- Switch keeps a timer for each entry in the cam table known as inactivity timer. The switch
sets the timer to 0 for new entries. Each time switch receives another frame with that same source MAC
address, the timer is set to 0. If the switch ever runs out of space for the entry in CAM table the switch can then
remove table entries with the oldest inactivity timers.

Known unicast frame:- The frame whose destination MAC address are in the CAM table then it is known as
known unicast frame. And if the frame whose destination MAC address is not in cam table then it is known as
unknown unicast frame.