chapter 13
DESCRIPTION
TRANSCRIPT
1313 1313
CHAPTERCHAPTERTHIRTEENTHIRTEEN
Switching and VLANsSwitching and VLANs
ObjectivesObjectives
• Explain the features and benefits of Fast Ethernet• Describe guidelines and distance limitations of Fast
Ethernet• Define full- and half-duplex Ethernet operations• Distinguish between cut-through, fragment-free, and
store-and-forward LAN switching• Define the operation of the Spanning Tree Protocol and
its benefits• Describe the benefits of virtual LANs• Understand purpose of VLAN trunking protocol (VTP)
Ethernet OperationsEthernet Operations
• Ethernet– A network access method (or media access
method)
– The most pervasive network access method in use– Continues to be the most commonly implemented
media access method in new LANs
CSMA/CDCSMA/CD
• Carrier Sense Multiple Access with Collision Detection (CSMA/CD)– The contention method used by Ethernet
• Interframe gap– Also called interpacket gap (IPG)– Time required between the transmission of data
frames on the network
CollisionsCollisions
• Carrier signal– Transmitted electromagnetic pulse or wave on network
wire indicating transmission is in progress
• Jam signal– 32-bit signal sent by the first station to detect a collision
on an Ethernet network
• Backoff period– Random interval used by devices that have caused a
collision on an Ethernet network during which the devices cannot send
Collision DomainCollision Domain
• Collision domain– The physical area in which a packet collision might
occur
• Repeaters and hubs do not segment the network and therefore do not divide collision domains
• Routers, switches, bridges, and gateways do not segment network and thus create collision domain
LatencyLatency
• Latency– Also called propagation delay– Length of time required to forward, send, or
otherwise or propagate a data frame
• Transmission time– Amount of time it takes for a packet to be sent
from one device and received at another device
LatencyLatency
Table 13-1: Propagation delay for Ethernet media and devices
LatencyLatency
• Slot time– 512 bit times
• 5-4-3 rule– Networking rules that stipulates that between stations on a
10-Mbps half-duplex LAN:• There can be no more than 5 wire segments connected
• Maximum number of repeaters or hubs between the segments is 4
• Maximum number of populated hubs is 3
Ethernet Errors:Ethernet Errors:Frame Size ErrorsFrame Size Errors
• Frame size errors that occur on Ethernet networks:– Short frame
• Also known as runt– Long frame
• Also known as a giant– Jabber
• Longer than Ethernet standards allow and has an incorrect frame check sequence (FCS)
Ethernet Errors:Ethernet Errors:Frame Size ErrorsFrame Size Errors
• Frame check sequence (FCS) error– Indicates that bits of a frame were corrupted during
transmission
– Detected when the calculation at the end of a packet doesn’t conform correctly to the number and sequence of bits in the frame
• If a frame with an FCS error also has an octet missing, it is also called an alignment error
Ethernet Errors:Ethernet Errors:Collision ErrorsCollision Errors
• A large number of devices on a collision domain means a higher chance that there will be a significant number of collisions
• A transmitting station will attempt to send its packet 16 times before discarding it as a NIC error
• Late collision– Occurs when two stations transmit more than 64-bytes
of their data frame before detecting a collision
Ethernet Errors:Ethernet Errors:BroadcastsBroadcasts
• Broadcast– Frame addressed to all stations on broadcast domain
• Broadcast storm– Logical or physical group devices that will receive
broadcast traffic from each other on a LAN
• Protocol analyzer– Can be used to locate the device causing the broadcast
storm
Fast EthernetFast Ethernet
• Defined under the IEEE 802.3u standard
• Has three defined implementations:– 100Base-TX
– 100Base-T4
– 100Base-FX
• Uses multimode fiber-optic (MMF) cable with one TX and one RX strand per link
Half- and Full-Duplex Half- and Full-Duplex CommunicationsCommunications
• Half-duplex– Connection that allows communication in two
directions, but not simultaneously
• Full-duplex– Connection that allows communication in two
directions at once
Half- and Full-Duplex Half- and Full-Duplex CommunicationsCommunications
Figure 13-1: Half-duplex Ethernet communications
Half- and Full-Duplex Half- and Full-Duplex CommunicationsCommunications
• Benefits of using full duplex:– Time is not wasted retransmitting frames because
there are no collisions
– Full bandwidth is available in both directions because the send and receive functions are separate
– Stations do not have to wait to until other stations complete their transmission because there is only one transmitter for each twisted pair
Half- and Full-Duplex Half- and Full-Duplex CommunicationsCommunications
• The four different duplex options:– Auto– Full– Full-flow-control– Half
LAN Segmentation:LAN Segmentation:Segmenting with BridgesSegmenting with Bridges
• Bridge– Segments a network by filtering traffic at the Data
Link layer
• Bridging table– Maintained on the bridge– Maps MAC addresses to the bridge port through
which they can be accessed
When Segmenting a LAN with One or When Segmenting a LAN with One or More Bridges, Note the FollowingMore Bridges, Note the Following
• Bridges reduce collisions by segmenting LAN and filtering traffic based on MAC addresses
• A bridge does not reduce broadcast or multicast traffic
• A bridge can extend the useful distance of the Ethernet LAN
• The bandwidth for individual segment is increased• Bridges can be used to limit traffic for security
purposes by keeping traffic segregated
LAN Segmentation:LAN Segmentation:Segmenting with RoutersSegmenting with Routers
• Router– Operates at layer 3 of the OSI reference model– Interprets the Network layer protocol and makes
forwarding decisions based on the layer 3 address– Typically do not propagate broadcast traffic– Maintain routing tables that include Network layer
addresses of different segments
When Segmenting a LAN with When Segmenting a LAN with Routers, Routers Do the FollowingRouters, Routers Do the Following
• Decrease collisions by filtering traffic• Reduce broadcast and multicast traffic by blocking
or selectively filtering packets• Support multiple paths and routes between them• Provide increased bandwidth for the newly created
segments• Increase security by preventing packets between
hosts on one side of the router from propagating to the other side of the router
When Segmenting a LAN with When Segmenting a LAN with Routers, Routers Do the FollowingRouters, Routers Do the Following
• Increase the effective distance of the network by creating new collision domains
• Provide layer 3 routing, packet fragmentation and reassembly, and traffic flow control
• Provide communications between different technologies such as Ethernet and Token Ring
• Have a higher latency than bridges because routers have more to process
LAN SwitchingLAN Switching
• Switches– Device that connects devices on a LAN– Segments collision domain by port– Similar to bridges in several ways
• Using a switch on a LAN has a different effect on the way network traffic is propagated
Segmentation with SwitchesSegmentation with Switches
• Switches are so similar to bridges, they are often called multiport bridges
• Switches are hardware-controlled• By connecting each port to an individual
workstation, switches microsegment the network
• The bandwidth is not shred as long as each workstation connects to its own port– This is called switched bandwidth
Segmentation with SwitchesSegmentation with Switches
Figure 13-2: Switch packet forwarding actions
Segmentation with SwitchesSegmentation with Switches
Figure 13-3: Packet forwarding decisions made by a switch
Segmentation with SwitchesSegmentation with Switches
• Benefits provided by switches:– Reduction in network traffic and collisions– Increase in available bandwidth per station– Increase in effective distance of a LAN by
dividing it into multiple collision domains– Increased security because unicast traffic is sent
directly to its destination
Switch OperationsSwitch Operations
• Content-addressable memory (CAM)– Memory location on a switch that contains MAC
address-to-switch port mapping information
• A switch uses one of two memory buffers to store frames as it determines to which port a frame will be forwarded– Port-based memory buffering
– Shared memory buffering
Switch OperationsSwitch Operations
• Asymmetric switching– Type of LAN switching that allows for multiple
speeds of network communication
• Symmetric switching– Type of LAN switching that requires all devices to
be operating at the same speed
Securing Switch PortsSecuring Switch Ports
• There are several different degrees of security that can be employed on a switch:– Configure a permanent MAC address for a
specific port on your switch– Define a static a MAC address entry into the
switching table– You can configure port security
Switching MethodsSwitching Methods
Figure 13-4: Catalyst 2820 switching menu
Cut-ThroughCut-Through
• Switching technique in which Ethernet frame is forwarded immediately after destination address is deciphered
• Cisco routers us the term fast forward to indicate that a switch is in cut-through mode
• Any errors occurring in the following fields will not be propagated by the switch:– The preamble– The start frame delimiter (SFD)– The destination address
Cut-ThroughCut-Through
Figure 13-5: Portion of packet read into buffer by a cut-through switch
Store-and-Forward SwitchesStore-and-Forward Switches
• Read the entire into their buffers before forwarding them
Figure 13-6: Entire packet read into buffer by a store-and-forward switch
Fragment-Free SwitchingFragment-Free Switching
• Tries to provide more error-reducing benefits than cut-through switching, while keeping latency lower than store-and-forward switching
• Fragment-free switches are also called modified cut-through switches
13-7: Amount of packet read into buffer by fragment-free switch
Adaptive Cut-Through andAdaptive Cut-Through andChanging the Switch ModeChanging the Switch Mode
• Adaptive cut-through– Also known as error sensing
– Mostly, these switches act like cut-through switches
– If a certain level of errors is detected, switch will change forwarding techniques and act more as store-and-forward switch
• Changing the Switching mode– When you change the switching type, you change it
for all ports on the switch
Spanning Tree ProtocolSpanning Tree Protocol
• Physical path loops– Occur when network devices are connected to one
another by two or more physical media links
• Logical loop– Occurs when a packet can be routed in an endless
loop around a network because bridging tables and/or routing tables reference each other as the destination for a given address
Spanning Tree ProtocolSpanning Tree Protocol
Figure 13-8: Physical loop created on LAN by switches and bridges
Spanning Tree Protocol (STP)Spanning Tree Protocol (STP)
• Invented by Radia Perlman while she was Digital Equipment Corporation (now Compaq) in the 1980s
• Layer 2 link management protocol designed to prevent looping on bridges and switches
• Specification for STP is IEEE802.1d
• Uses the Spanning Tree Algorithm to interrupt the logical loop created by a physical loop in a bridged/switched environment
Building a Logical PathBuilding a Logical Path
• With STP enabled, switches and bridges on a network use an election process to configure a single logical path
• Root bridge– Also called root device– Bridge or switch that is designated the point of
reference in STP operations
Building a Logical PathBuilding a Logical Path
• Bridges use STP to transfer information about each bridge’s MAC address and priority number– The messages the devices send to one another are
called:• Bridge protocol data units (BPDU)
– BPDU messages are sent between root bridge and best ports on other devices, which are called root ports
• Configuration bridge protocol data units (CBPDU)
Port StatesPort States
• The stable states are as follows:– Blocking
– Forwarding
– Disabled
• The transitory states are as follows:– Listening
– Learning
Port StatesPort States
• Ports on STP-enabled devices move through the different states as indicated below:– From bridge/switch bootup or blocking– From blocking to listening (or to disabled)– From listening to learning (or to disabled)– From learning to forwarding (or to disabled)– From forwarding to disabled
Virtual LANVirtual LAN
• Virtual LAN (VLAN)– Grouping of network devices that is not restricted to a
physical segment or switch
• Broadcast domain– Group of network devices that will receive LAN
broadcast traffic from each other
• By default, every port on a switch is in VLAN1– This is the management (or default) VLAN
Virtual LANVirtual LAN
Figure 13-9: Broadcast domains on a LAN
Virtual LANVirtual LAN
Figure 13-10: Broadcast domains using VLANs
Benefit of VLANsBenefit of VLANs
• Administrators can divide LANs logically without changing actual physical configuration– This provides administrator with several benefits:
• It is easier to add and move stations on the LAN
• It is easier to reconfigure the LAN
• There is better traffic control
• There is increased security
Benefit of VLANsBenefit of VLANs
Figure 13-11: Securing servers with VLANs
Dynamic Versus Static VLANsDynamic Versus Static VLANs
• Static VLANs are configured port-by-port• In static VLANs, the administrator manually
types in mapping for each port and VLAN• Dynamic VLAN ports can automatically
determine their VLAN configuration• Dynamic VLAN uses a software database of
MAC address-to-VLAN mappings that is created manually
VLAN StandardizationVLAN Standardization
• Frame filtering– Technique used on early VLAN implementations that
employed the use of multiple switching tables
• When creating its VLAN standards, the IEEE did not choose the frame filtering method
• Frame tagging– Also known as frame identification– Method of VLAN identification endorsed by IEEE
802.1q specification
VLAN StandardizationVLAN Standardization
• Two most common types of frame tagging:– 802.1q– Inter-Switch Link (ISL) protocol
• Other types of frame tagging include:– LAN emulation (LANE)– IEEE 802.10 (FDDI)
Creating VLANsCreating VLANs
• Creating VLANs on the Cisco Catalyst 1900 switch using the command line interface is straightforward
• You name the VLANs individually via global configuration mode
• Assigning dynamic VLANs is more complicated than assigning static VLANs, and is not a requirement of CCNA candidates
Link Types and ConfigurationLink Types and Configuration
• There are two types of links on Cisco switches:– Trunk
• Switch-to-switch or switch-to-router links that can carry traffic from multiple VLANs
– Access lists• Links going to non-VLAN-aware devices such as hubs
and individual workstations
Link Types and ConfigurationLink Types and Configuration
• Five different states you can set for a trunk link:– Auto– Desirable– Nonegotiate– Off– On
Trunking ProtocolTrunking Protocol
• VLAN trunking protocol (VTP)– Layer 2 messaging protocol– Manages all changes to the VLANs across
networks
• Any changes made to a VLAN by an administrator are automatically propagated by VTP to all VTP-enabled devices
VTP DomainsVTP Domains
• VTP domain– Group of VTP-enabled devices configured under one
name to share VLAN information
• When you make changes to the VTP configuration, you should verify them with the show vtp command from enable mode
• If all switches are in the same VLAN, there is no need to configure a VTP domain
VTP Device ModesVTP Device Modes
• There are three different modes for VTP-enabled devices:– Server– Client– Transparent
VTP PruningVTP Pruning
• Reduces the number of VTP updates that traverse a link
• Off by default on all switches– If turned on, VTP message broadcasts are only
sent through trunk links that must have the information
• When enabled on a server, it is enabled on every device in the entire domain
Switch Interface DescriptionsSwitch Interface Descriptions
• You can configure a name for each port on a switch
• This is useful when defining roles for a switch port on a global basis– Such as when you configure VLANs
Nonswitching Hubs and VLANsNonswitching Hubs and VLANs
• Considerations to keep in mind when implementing hubs on a network that employs VLANs:– If you insert a hub into a port on a switch and then connect
several devices to the hub, all the system attached to that hub will be in the same VLAN
– If you must move a single workstation that is attached to a hub with several workstations, you will have to physically attach the device to another hub or switch ports in order to change its VLAN assignment
– The more hosts attached at individual switch ports, the greater the microsegmentation and flexibility the VLAN can offer
Routers and VLANsRouters and VLANs
Figure 13-12: Router implemented in a VLAN configuration
Chapter SummaryChapter Summary
• Ethernet (CSMA/CD) is a media access method developed in the 1960s
• Stations on an Ethernet LAN must listen to the network media before transmitting to ensure that no other station is currently transmitting
• If two stations transmit simultaneously on the same collision domain, there will be a collision
• You can segment a network with bridges, switches, or routers to reduce the number of collisions occurring on a network
• Switches do the most to divide collision domains and reduce traffic without dividing broadcast domains
Chapter SummaryChapter Summary
• Switches do the most to divide collision domains and reduce traffic without dividing broadcast domains
• Another way to increase the speed at which a LAN operates is to upgrade from Ethernet to Fast Ethernet
• Full duplex can also improve Ethernet performance over half-duplex operations
• STP allows administrators to create physical loops between bridges and switches without creating logical loops that would create a problem for packet delivery
Chapter SummaryChapter Summary
• Another way to increase performance, flexibility, and security of a network is to implement VLANs via switches
• VLANs are separate broadcast domains that are not limited by physical configurations
• VLAN information is communicated to switches using the VLAN trunking