21 Switching

Catalyst Switch Operations
How Switches Learn Host Locations

MAC address table
0260.8c01.1111
0260.8c01.2222
E0
E1
E2
E3
0260.8c01.3333
0260.8c01.4444
Initial MAC address table is empty
How Switches Learn Hosts Locations

MAC address table
E0: 0260.8c01.1111
A
0260.8c01.1111
E0
E1
E2
E3
0260.8c01.2222
0260.8c01.3333
0260.8c01.4444
Station A sends a frame to Station C

Switch caches station A MAC address to port E0 by learning the
source address of data frames
The frame from station A to station C is flooded out to all ports
E0 (unknown unicasts are flooded)
except port
How Switches Learn Host Locations

MAC address table
E0: 0260.8c01.1111
E3: 0260.8c01.4444
A
0260.8c01.1111
E0
E2
0260.8c01.2222
E1
E3
0260.8c01.3333
0260.8c01.4444
Station D sends a frame to station C

Switch caches station D MAC address to port E3 by learning the
source Address of data frames
The frame from station D to station C is flooded
out to all ports except
port E3 (unknown unicasts are flooded)
How Switches Filter Frames

MAC address table
0260.8c01.1111
E0:
E2:
E1:
E3:
E0
E2
0260.8c01.1111
0260.8c01.2222
0260.8c01.3333
0260.8c01.4444
0260.8c01.3333
E1
X
XE3
0260.8c01.2222
0260.8c01.4444
StationAsendsaframetostationC
Destinationisknown,frameisnotflooded
BroadcastandMulticastFrames
MAC address table
A
0260.8c01.1111
0260.8c01.2222
E0:
E2:
E1:
E3:
0260.8c01.1111
0260.8c01.2222
0260.8c01.3333
0260.8c01.4444
E0
E1
E2
E3
0260.8c01.3333
0260.8c01.4444
Station D sends a broadcast or multicast frame

Broadcast and multicast frames are flooded to all
ports
other than the originating port
Three Switch Functions
Address learning
Forward/filter decision
Loop avoidance
Redundant Topology
Server/host X
Router Y
Segment 1
Segment 2
Redundant topology eliminates single points of failure

Redundant topology causes broadcast storms, multiple frame copies, and MAC
address table instability problems
Broadcast Storms
Server/host X
Router Y
Segment 1
Broadcast
Switch A
Switch B
Segment 2
Host X sends a Broadcast
Broadcast Storms
Server/host X
Router Y
Segment 1
Broadcast
Switch A
Switch B
Segment 2
Host X sends a Broadcast
Broadcast Storms
Server/host X
Router Y
Segment 1
Switch A
Switch B
Broadcast
Segment 2
Switches continue to propagate broadcast traffic over

and over
Multiple Frame Copies

Server/host X
Unicast
Router Y
Segment 1
Switch A
Switch B
Segment 2
Host X sends an unicast frame to router Y

Router Y MAC address has not been learned by either
switch yet
MultipleFrameCopies
Server/host X
Unicast
Router Y
Segment 1
Unicast
Switch A
Unicast
Switch B
Segment 2
Host X sends an unicast frame to Router Y

Router Y MAC Address has not been learned by either
Switch yet
Router
Y will receive two copies of the same frame
MAC Database Instability

Router Y
Server/host X
Segment 1
Unicast
Unicast
Port 0
Switch A
Port 1
Port 0
Switch B
Port 1
Segment 2

Router Y MAC Address has not been learned by either
Switch yet
Switch A and B learn Host X MAC address on port 0
MAC Database Instability

Router Y
Server/host X
Segment 1
Unicast
Unicast
Port 0
Port 0
Switch B
Port 1
Port 1
Switch A
Segment 2

Router Y MAC Address has not been learned by either Switch yet
Switch A and B learn Host X MAC address on port 0
Frame to Router Y is flooded
Switch A and B incorrectly learn Host X MAC address on port 1
Multiple Loop Problems

Broadcast
Server/host
Loop
Loop
Loop
Workstations
Complex topology can cause multiple loops to occur

Layer 2 has no mechanism to stop the loop
Solution: Spanning-Tree Protocol
Block
Provides a loop free redundant network topology by

placing certain ports in the blocking state
Spanning-Tree Operations
One root bridge per network
One root port per nonroot bridge
One designated port per segment
100baseT
Designated port (F)
Root bridge
Root port (F)
Nonroot bridge
SW X
SW Y
Designated port (F)
Nondesignated port (B)
10baseT
Spanning-Tree Protocol
Root Bridge Selection
Switch X
Default priority 32768
(8000 hex)
MAC 0c0011111111
Switch Y
(8000 hex)
MAC 0c0022222222
BPDU
BPDU = Bridge protocol data unit

(default = sent every 2 seconds)
Root bridge = Bridge with the lowest bridge ID
Bridge ID = Bridge priority + bridge MAC address
In the example, which switch has the lowest bridge ID?
Port States
100baseT
Port 0
Switch X
MAC 0c0011111111
Designated port (F)
Root bridge
Port 1
Designated port (F)
Root port (F)
Port 0
Port 1
10baseT
Switch Y
MAC 0c0022222222
Nondesignated port (B)
Path Cost
Link Speed
Cost (reratify IEEE spec) Cost (previous IEEE spec)
---------------------------------------------------------------------------------------------------10 Gbps
2
1
1 Gbps
4
1
100 Mbps
19
10
10 Mbps
100
100
Spanning-Tree:
Port 0
Switch Z
Mac 0c0011110000
100baseT
Port 0
Switch X
MAC 0c0011111111
Port 0
Port 1
Port 1
Switch Y
MAC 0c0022222222
100baseT
Can you figure out:
What is the root bridge?
What are the designated, nondesignated, and root ports?
Which are the forwarding and blocking ports?
Spanning-Tree:
Port 0
Switch Z
Mac 0c0011110000
Designated port (F)
100baseT
Port 0
Switch X
MAC 0c0011111111
Port 1
Root port (F)
Root port (F)
Port 0
Switch Y
MAC 0c0022222222
Designated port (F) Port 1
Nondesignated port (BLK)
100baseT
Can you figure out:

What is the root bridge?
What are the designated, nondesignated, and root parts?
Which are the forwarding and blocking ports?
Spanning-Tree Recalculation
100baseT
Port 0
Designated port
Switch X
MAC 0c0011111111
Default priority 32768 Root Bridge
Port 1
Designated port
Root port (F)
Port 0
Port 1
10baseT
Switch Y
MAC 0c0022222222
Spanning-Tree Recalculation
100baseT
Designated port
Port 0
Switch X
MAC 0c0011111111
Default priority 32768 Root Bridge
Port 1
x
BPDU
MAXAGE
Designated port
Root port (F)
Port 0
Port 1
10baseT
Switch Y
MAC 0c0022222222
Key Issue: Time to Convergence

Convergence occurs when all the switch
and bridge ports have transitioned to
either the forwarding or blocking state
When network topology changes,
switches and bridges must recompute
the Spanning-Tree Protocol, which
disrupts user traffic
Bridging Compared to LAN Switching

Bridging
Primarily software based

One spanning-tree instance per bridge
Usually up to 16 ports per bridge
LAN Switching
Primarily hardware based (ASIC)

Many spanning-tree instances per switch
More ports on a switch
Transmitting Frames Through a Switch

Cutthrough
Switchchecksdestinationaddress
andimmediatelybeginsforwarding
frame
Frame
Transmitting Frames Through a Switch

Cutthrough
frame
Frame
Store and forward
Frame
Complete frame is received and

checked before forwarding
Frame
Frame
TransmittingFramesthroughaSwitch
Cutthrough
frame
Frame
Storeandforward
Completeframeisreceivedand
checkedbeforeforwarding
Frame
Frame
Frame
Fragmentfree
(modifiedcutthrough)Cat1900Default
Switchchecksthefirst64bytesthenimmediately
beginsforwardingframe
Frame
Duplex Overview
Switch
Half duplex (CSMA/CD)

Unidirectional data flow
Higher potential for collison
Hubs connectivity
Hub
Duplex Overview
Switch
Half duplex (CSMA/CD)

Unidirectional data flow
Higher potential for collison
Hubs connectivity
Hub
Full duplex
Point-to-point only
Attached to dedicated switched port
Requires full-duplex support on both ends
Collision free
Collision detect circuit disabled
Configuring the Switch
Catalyst 1900
Menu driven interface
Web-based VSM
(Visual Switch Manager)
IOS CLI
(command-line interface)
Catalyst1900DefaultConfigurations
IPaddress:0.0.0.0
CDP:Enabled
Switchingmode:fragmentfree
100baseTport:Autonegotiateduplexmode
10baseTport:Halfduplex
SpanningTree:Enabled
Consolepassword:none
Ports on the Catalyst 1900
10baseT ports
AUI port
100baseT uplink ports
Cat1912
Cat1924
e0/1 to e0/12
e0/1 to e0/24
e0/25
e0/25
fa0/26 (port A)
fa0/27 (port B)
fa0/26 (port A)
fa0/27 (port B)
Ports on the Catalyst 1900

wg_sw_d#shrun
wg_sw_d#shspan
Buildingconfiguration...
Currentconfiguration:
!
!
interfaceEthernet0/1
!
interfaceEthernet0/2
PortEthernet0/1ofVLAN1isForwarding
Portpathcost100,Portpriority128
Designatedroothaspriority32768,address0090.8673.3340
Designatedbridgehaspriority32768,address0090.8673.3340
DesignatedportisEthernet0/1,pathcost0
Timers:messageage20,forwarddelay15,hold1
wg_sw_a#showvlanmembership
PortVLANMembershipType
PortVLANMembershipType
15Static
131
Static
21Static 141
Static
31Static
151 Static
ConfiguringtheSwitch
ConfigurationModes
Globalconfigurationmode
wg_sw_a#confterm
wg_sw_a(config)#
Interfaceconfigurationmode
wg_sw_a(config)#interfacee0/1
wg_sw_a(configif)#
Configuring the Switch IP Address

wg_sw_a(config)#
ipaddress{ipaddress}{mask}
ConfiguringtheSwitchIPAddress
wg_sw_a(config)#
ipaddress{ipaddress}{mask}
wg_sw_a(config)#ip address 10.5.5.11 255.255.255.0
ConfiguringtheSwitchDefaultGateway
wg_sw_a(config)#
ipdefaultgateway{ipaddress}
ConfiguringtheSwitchDefaultGateway
wg_sw_a(config)#
ipdefaultgateway{ipaddress}
wg_sw_a(config)#ip default-gateway 10.5.5.3
ShowingtheSwitchIPAddress
wg_sw_a#showip
IPaddress:10.5.5.11
Subnetmask:255.255.255.0
Defaultgateway:10.5.5.3
ManagementVLAN:1
Domainname:
Nameserver1:0.0.0.0
Nameserver2:0.0.0.0
HTTPserver:Enabled
HTTPport:80
RIP:Enabled
wg_sw_a#
Speed and Duplex Options

wg_sw_a(config)# interface e0/1
wg_sw_a(config-if)#
duplex{auto|full|fullflowcontrol|half}
SettingDuplexOptions
wg_sw_a(config)#interface e0/1
wg_sw_a(config-if)#
duplex{auto|full|fullflowcontrol|half}
wg_sw_a(config-if)#duplex half
Showing Duplex Options

wg_sw_a#shinterfaces
Ethernet0/1isEnabled
HardwareisBuiltin10BaseT
Addressis0090.8673.3341
MTU1500bytes,BW10000Kbits
802.1dSTPState:ForwardingForwardTransitions:1
Portmonitoring:Disabled
Unknownunicastflooding:Enabled
Unregisteredmulticastflooding:Enabled
Description:
Duplexsetting:Halfduplex
Backpressure:Disabled
ReceiveStatisticsTransmitStatistics
Totalgoodframes44841Totalframes404502
Totaloctets4944550Totaloctets29591574
Broadcast/multicastframes31011Broadcast/multicastframes390913
Broadcast/multicastoctets3865029Broadcast/multicastoctets28478154
Goodframesforwarded44832Deferrals0
Framesfiltered9Singlecollisions0
Runtframes0Multiplecollisions0
Nobufferdiscards0Excessivecollisions0
Queuefulldiscards0
Errors:Errors:
FCSerrors0Latecollisions0
Alignmenterrors0Excessivedeferrals0
Giantframes0Jabbererrors0
Addressviolations0Othertransmiterrors 0
Duplex Mismatches
The manually set duplex parameter differs

between connected ports
The switch port is in autonegotiate and the

attached port is set to full duplex with no
auto-negotiation capability causing the switch
port to be in half-duplex mode
FCS and Late Collision

Errors
wg_sw_a#showinterfaces
Ethernet0/1isEnabled
HardwareisBuiltin10BaseT
Addressis0090.8673.3341
MTU1500bytes,BW10000Kbits
802.1dSTPState:ForwardingForwardTransitions:1
Portmonitoring:Disabled
Unknownunicastflooding:Enabled
Unregisteredmulticastflooding:Enabled
Description:
Duplexsetting:Halfduplex
Backpressure:Disabled
ReceiveStatisticsTransmitStatistics
Totalgoodframes44841Totalframes404502
Totaloctets4944550Totaloctets29591574
Broadcast/multicastframes31011Broadcast/multicastframes390913
Broadcast/multicastoctets3865029Broadcast/multicastoctets28478154
Goodframesforwarded44832Deferrals0
Framesfiltered9Singlecollisions0
Runtframes0Multiplecollisions0
Nobufferdiscards0Excessivecollisions0
Queuefulldiscards0
Errors:Errors:
FCSerrors0Latecollisions0
Alignmenterrors0Excessivedeferrals0
Giantframes0Jabbererrors0
Addressviolations0Othertransmiterrors
0
Managing Mac Address Table

wg_sw_a#shwmacaddresstable
ManagingMacAddressTable
wg_sw_a#showmacaddresstable
wg_sw_a#sh mac-address-table
Number of permanent addresses : 0
Number of restricted static addresses : 0
Number of dynamic addresses : 6
Address
Dest Interface
Type
Source Interface List
------------------------------------------------------------------------------------------------00E0.1E5D.AE2F Ethernet 0/2
Dynamic
All
00D0.588F.B604 FastEthernet 0/26 Dynamic
All
00E0.1E5D.AE2B FastEthernet 0/26 Dynamic
All
0090.273B.87A4 FastEthernet 0/26 Dynamic
All
All
00D0.5892.38C4 FastEthernet 0/27 Dynamic
All
SettingPermanentMACAddress
wg_sw_a(config)#
macaddresstablepermanent{macaddresstypemodule/port}
wg_sw_a(config)#
wg_sw_a(config)#mac-address-table permanent 2222.2222.2222 ethernet 0/3
wg_sw_a(config)#
wg_sw_a(config)#mac-address-table permanent 2222.2222.2222 ethernet 0/3
Address
Dest Interface
Type
-------------------------------------------------------------------------------------------------------------00E0.1E5D.AE2F Ethernet 0/2
Dynamic
All
2222.2222.2222
Ethernet 0/3
Permanent
All
All
All
All
SettingRestrictedStaticMACAddress
wg_sw_a(config)#
macaddresstablerestrictedstatic{macaddresstypemodule/portsrciflist}
wg_sw_a(config)#
wg_sw_a(config)#mac-address-table restricted static 1111.1111.1111 e0/4 e0/1
wg_sw_a(config)#
wg_sw_a(config)#mac-address-table restricted static 1111.1111.1111 e0/4 e0/1

Address
Dest Interface
Type
----------------------------------------------------------------------------------------------1111.1111.1111
Ethernet 0/4
Static
Et0/1
00E0.1E5D.AE2F Ethernet 0/2
Dynamic
All
2222.2222.2222
Ethernet 0/3
Permanent
All
All
All
All
Configuring Port Security

wg_sw_a(config-if)#
portsecure[maxmaccountcount]
Configures an interface to be a secured port
Define a maximum number of mac addresses allowed in the
address table for this port
Count can be from 1 to 132
Default is 132
ConfiguringPortSecurity
wg_sw_a(config-if)#
portsecure[maxmaccountcount]
Configures an interface to be a secured port
Define a maximum number of mac addresses allowed in the
address table for this port
Count can be from 1 to 132
Default is 132
wg_sw_a(config)#interfacee0/4
wg_sw_a(configif)#portsecure
wg_sw_a(configif)#portsecuremaxmaccount1
Configuring Port Security

wg_sw_a#showmacaddresstablesecurity
wg_sw_a#show mac-address-table security
Action upon address violation : Suspend
Interface
Addressing Security
Address Table Size
-----------------------------------------------------------------------------------Ethernet 0/1
Disabled
N/A
Ethernet 0/2
Disabled
N/A
Ethernet 0/3
Disabled
N/A
Ethernet 0/4
Enabled
1
Ethernet 0/5
Disabled
N/A
Ethernet 0/6
Disabled
N/A
Ethernet 0/7
Disabled
N/A
Ethernet 0/8
Disabled
N/A
Ethernet 0/9
Disabled
N/A
Ethernet 0/10 Disabled
N/A
N/A
N/A
ConfiguringPortSecurity
wg_sw_a#showmacaddresstablesecurity
wg_sw_a#show mac-address-table security
Action upon address violation : Suspend
Interface
Addressing Security
Address Table Size
-----------------------------------------------------------------------------------Ethernet 0/1
Disabled
N/A
Ethernet 0/2
Disabled
N/A
Ethernet 0/3
Disabled
N/A
Ethernet 0/4
Enabled
1
Ethernet 0/5
Disabled
N/A
Ethernet 0/6
Disabled
N/A
Ethernet 0/7
Disabled
N/A
Ethernet 0/8
Disabled
N/A
Ethernet 0/9
Disabled
N/A
N/A
N/A
N/A
wg_sw_a(config)#addressviolation{suspend|disable|ignore}
ShowVersion
wg_sw_a#showversion
CiscoCatalyst1900/2820EnterpriseEditionSoftware
VersionV8.01.01
Copyright(c)CiscoSystems,Inc.19931998
ROM:SystemBootstrap,Version3.03
wg_sw_duptimeis8day(s)17hour(s)53minute(s)25second(s)
ciscoCatalyst1900(486sxl)processorwith2048K/1024Kbytesofmemory
Hardwareboardrevisionis1
UpgradeStatus:Noupgradecurrentlyinprogress.
ConfigFileStatus:Filewgswd.cfgdownloadedfrom10.1.1.1
27FixedEthernet/IEEE802.3interface(s)
BaseEthernetAddress:009086733340
wg_sw_a#
ManagingConfigurationFile
To send the configuration to a TFTP server:
wg_sw_a#
copynvramtftp://host/dst_file
wg_sw_a#
To download the configuration from a TFTP server:
wg_sw_a#
copytftp://host/src_filenvram
wg_sw_a#
To download the configuration from a TFTP server:
wg_sw_a#
copytftp://host/src_filenvram
wg_sw_a#copynvramtftp://10.1.1.1/wgswd.cfg
Configurationuploadissuccessfullycompleted
wg_sw_a#copytftp://10.1.1.1/wgswd.cfgnvram
TFTPsuccessfullydownloadedconfigurationfile
ClearNVRAM
wg_sw_d#deletenvram
Resets the system configuration to factory defaults.

21 Switching

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

21 Switching

Încărcat de

Drepturi de autor:

Formate disponibile

Catalyst Switch Operations

How Switches Learn Host Locations

Initial MAC address table is empty

How Switches Learn Hosts Locations

Station A sends a frame to Station C

How Switches Learn Host Locations

Station D sends a frame to station C

How Switches Filter Frames

Station D sends a broadcast or multicast frame

Three Switch Functions

Redundant topology eliminates single points of failure

Host X sends a Broadcast

Host X sends a Broadcast

Switches continue to propagate broadcast traffic over

Multiple Frame Copies

Host X sends an unicast frame to router Y

Host X sends an unicast frame to Router Y

MAC Database Instability

Host X sends an unicast frame to Router Y

MAC Database Instability

Host X sends an unicast frame to Router Y

Multiple Loop Problems

Complex topology can cause multiple loops to occur

Solution: Spanning-Tree Protocol

Provides a loop free redundant network topology by

Root port (F)

BPDU = Bridge protocol data unit

Designated port (F)

Designated port (F)

Root port (F)

Nondesignated port (B)

Designated port (F)

Root port (F)

Root port (F)

Designated port (F) Port 1

Nondesignated port (BLK)

Can you figure out:

Root port (F)

Nondesignated port (BLK)

Root port (F)

Nondesignated port (BLK)

Key Issue: Time to Convergence

Bridging Compared to LAN Switching

Primarily software based

Primarily hardware based (ASIC)

Transmitting Frames Through a Switch

Transmitting Frames Through a Switch

Store and forward

Complete frame is received and

Half duplex (CSMA/CD)

Half duplex (CSMA/CD)

Configuring the Switch

Menu driven interface

Ports on the Catalyst 1900

Ports on the Catalyst 1900

Configuring the Switch IP Address

wg_sw_a(config)#ip address 10.5.5.11 255.255.255.0

wg_sw_a(config)#ip default-gateway 10.5.5.3

Speed and Duplex Options

Showing Duplex Options

The manually set duplex parameter differs

The switch port is in autonegotiate and the

FCS and Late Collision

Managing Mac Address Table