Switching in an enterprise network
Download
1 / 96

Switching in an Enterprise Network - PowerPoint PPT Presentation


  • 151 Views
  • Uploaded on

Switching in an Enterprise Network. Introducing Routing and Switching in the Enterprise – Chapter 3. Objectives. Compare the types of switches used in an enterprise network. Explain how Spanning Tree Protocol prevents switching loops. Describe and configure VLANs on a Cisco switch.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Switching in an Enterprise Network' - kendall


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Switching in an enterprise network

Switching in an Enterprise Network

Introducing Routing and Switching in the Enterprise– Chapter 3


Objectives
Objectives

  • Compare the types of switches used in an enterprise network.

  • Explain how Spanning Tree Protocol prevents switching loops.

  • Describe and configure VLANs on a Cisco switch.

  • Describe and configure trunking and Inter-VLAN routing.

  • Maintain VLANs in an enterprise network.


Introducing switching and network segmentation
Introducing switching and network segmentation

•Topics:

  • The reliance on switches in network design

  • The switch as an adaptable Layer 2 device that moves traffic based on MAC addresses

  • Content addressable memory (CAM) as the technology for maintaining the MAC address table

  • The role of switches in micro-segmenting domains to a single port

  • Multilayer switching that combines hardware-based switching and routing in the same device

  • The two major methods for switching: store and forward, and cut-through

  • The need for securing switches


Compare the types of switches used in an enterprise network
Compare the Types of Switches Used in an Enterprise Network

  • Switching and network segmentation

  • Content addressable memory (CAM)

  • Virtual circuits


Discussion 01
Discussion 01

  • You have probably seen the advertisements for Internet service, “with up to a blazing-fast 12 Mbps” and then the fine print “Many factors affect speeds. Actual speeds may vary and are not guaranteed.”2 Advertised network speeds reflect a “best case scenario”.

  • Under some circumstances, wire speed represents the best-case scenario for a switched network. Wire speed represents the hypothetical maximum data transmission rate of a cable or other transmission medium. Wire speed is rarely achieved outside of a network device. CPU limitations, disk read/write overhead, or contention for resources can reduce the speed of transmission over a network.3

2) Comcast. (2007). Comcast High Speed Internet. Retrieved on September 10, 2007 from http://www.comcast.com/highspeedoffer-s/?CMP=KNC 1TO1Q3GOOGLE30&s_kwcid=comcast%20internet|751518367.

3) http://en.wikipedia.org/wiki/Wire_speed


How do you find a mac address
How do you find a MAC address?

  • What other devices in this room also have MAC addresses?

  • How do we discover the MAC addresses of other devices on the network?


What about cam
What about CAM?

  • DEF: A switch moves traffic based on MAC addresses. Each switch maintains a MAC address table in high-speed memory, called content addressable memory

  • What makes CAM different from RAM?

    • In RAM, the user (application) supplies a memory address and the RAM returns the data word stored at that address.

  • CAM functions as the reverse of RAM.

    • In CAM, the user supplies the data word and the CAM searches its memory to see if it has the data word.

  • Thinking about network hardware, what kind of device might have CAM and what data might it contain?”


Investigations into cam
Investigations into CAM

  • Why does it make sense to remove (delete) entries from the MAC address table if they are not used within a certain period of time?

  • How does a switch handle a broadcast frame?

Reflection #1, Investigations into CAM


Forward or flood
Forward or Flood

  • The larger the collision and broadcast domains the more likely that network traffic will be affected.

  • Simply put – the more devices participating in a collision domain the more collisions occur.

  • This is similar to what happens to drivers at a rotary or roundabout


Microsegmentation
Microsegmentation

  • How does a switch process traffic differently than a hub?


Asics
ASICs

  • Application-Specific Integrated Circuit

  • Taking A Look At The Basics Of ASICs

  • Smith, Michael. (June 1997) Application-Specific Integrated Circuits. Retrieved on September 16, 2007 from.

ASICs can consolidate the work of many chips into a single, smaller, faster package, reducing manufacturing and support costs while boosting the speed of the device built with them. ASIC technology is now so advanced that many functions traditionally implemented in software can be migrated to ASICs.


Routing with a level 3 switch
Routing with a Level 3 Switch

  • A Layer 3 switch is a high-performance device for network routing.

  • Layer 3 switches actually differ very little from routers.

  • A Layer 3 switch can support the same routing protocols as network routers do. Both inspect incoming packets and make dynamic routing decisions based on the source and destination addresses inside. Both types of boxes share a similar appearance



Compare the types of switches used in an enterprise network1
Compare the Types of Switches Used in an Enterprise Network

  • Hardware-based Layer 2 switching

  • Software-based Layer-3 (multilayer) switching


Which is faster
Which is faster?

  • Routing has become much faster and often finds a route to an unknown host faster than the techniques used by standard Layer 2 switches.

  • Layer 2 switches have wire speed performance, and Layer 3 routers have higher latency. It would seem that switches should always be faster… hint - unknown host


Compare the types of switches used in an enterprise network2
Compare the Types of Switches Used in an Enterprise Network

  • Store and forward switching

  • Cut-through switching

    • Fast-forward

    • Fragment-free




Compare the types of switches used in an enterprise network3
Compare the Types of Switches Used in an Enterprise Network method for switching.

  • Switch physical security

  • Switch access security

Complete the lab in packet tracer


Redundancy in a switched network
Redundancy in a Switched Network method for switching.

  • Redundancy is crucial in many areas of business and health care.

  • Few people would want to undergo open-heart surgery if there was only one heart/lung machine keeping them alive while their heart was stopped, nor would a multi-national publicly traded company have only one set of financial records.

  • Skydivers have reserve chutes in case the main chute does not open; amusement park rides have manual and automatic seatbelts on the same rides to protect against human error.

  • Think of your favorite sports team. Does every player on the team get to participate on every play? Why is it important for a team to have ‘depth’ at certain positions?


Redundancy in a switched network1
Redundancy in a Switched Network method for switching.

  • Networks require redundancy as well.

  • In the first quarter of 2007, Amazon.com generated a daily profit of $1.22 million per day, which equals $50,833 an hour or nearly a $1,000 a minute.¹

  • If the network goes down for an hour, once a week every week for a year, the total loss of profit is $2,643,316.

  • Do you think that Amazon.com has redundant networks in place?


E bay example
E-Bay example method for switching.

  • One company that did not, but now does, is eBay.

  • “Prior to June 10, 1999, eBay experienced significant network failures and has since suffered additional outages, which together totaled more than 70 hours of outages in the first seven months of the year.¹

  • During the two day June crisis, eBay's stock crashed to $47 from $135, wiping out $5.7 billion of market capitalization, and dipped below $80 in early August before rising again to the $130 range.¹

  • Experts assessing the cause of the disaster cite eBay's failure to build redundant, scalable web architecture.”²


E bay example references
E-Bay example - references method for switching.

  • 1) CNN Money.com. (September 14, 2007). Amazon.com Inc. Retrieved on September 8, 2007 from http://money.cnn.com/quote/financials/financials.html?symb=AMZN.

  • 2) Cuomo, Andrew. (n.d.). Online Brokerage Industry Report. Retrieved on September 8, 2007 from http://www.oag.state.ny.us/investors/1999_online_brokers/points_reference.html.

Reflection #2, Redundancy Failures


Explain how spanning tree protocol prevents switching loops
Explain How Spanning Tree Protocol Prevents Switching Loops method for switching.

  • Redundancy in network equipment

  • Redundant network links

  • Dangers of switching loops

  • Broadcast storms


Lets get paid double checks
Lets get paid double-checks method for switching.

  • The module mentions the problems within the network caused by multiple frame transmissions.

  • Imagine the real world problems caused by multiple frame transmissions – duplicate paychecks, duplicate invoices for the same purchase, online banking with duplicate deposits or withdrawals, stock market transactions, etc. It is not only wasted bandwidth or CPU time we have to be concerned with – it is the very real chance that important transactions may be duplicated if multiple frames are sent.”

  • MAC database instability can also result from a switched loop network. Ask students, "What are the results of the MAC database being incorrect?"


Multiple transmissions
Multiple transmissions method for switching.


Mac database instability
MAC Database Instability method for switching.

If two switches on the same network can cause so many problems is there any way to support redundancy?


Explain how spanning tree protocol prevents switching loops1
Explain How Spanning Tree Protocol Prevents Switching Loops method for switching.

  • Create a loop-free logical topology

  • Potential loop detection and port blocking

  • Redundancy without switching loops


Explain how spanning tree protocol prevents switching loops2
Explain How Spanning Tree Protocol Prevents Switching Loops method for switching.

  • Determining a root bridge

  • Bridge ID (BID)

  • Root ports, designated ports, and blocked ports


Bpdus
BPDUs method for switching.

  • BPDUs are frames that multicast every 2 seconds to all other switches. BPDUs contain information such as:

    • Identity of the source switch

    • Identity of the source port

    • Cumulative cost of path to root bridge

    • Value of aging timers

    • Value of the hello timer


Stp port states 1 blocking
STP port states – 1- Blocking method for switching.


Stp port states 2 listening
STP port states – 2 - Listening method for switching.


Stp port states 3 learning
STP port states – 3 – Learning method for switching.


Stp port states 4 forwarding
STP port states – 4 - Forwarding method for switching.

A fifth state, disabled, indicates that the administrator has shut down the switch port.


Activity
Activity method for switching.


Activity1
Activity method for switching.


Root bridges
Root Bridges method for switching.

  • Determining a root bridge

  • Bridge ID (BID)

  • Root ports, designated ports, and blocked ports


Selection of root bridge
Selection of root bridge method for switching.

  • The root bridge does not need to be the most “powerful”; rather, it needs to be centrally located

  • The root bridge is based on the lowest BID value.

Since switches typically use the same default priority value <32768>, the switch with the lowest MAC address becomes the root bridge. We can force selection by changing the priority value.


Changing the priority to fix the election
Changing the priority to FIX the election method for switching.

  • To set priority:

    • S3(config)#spanning-tree vlan 1 priority 4096

  • To restore priority to default:

    • S3(config)#no spanning-tree vlan 1 priority


Stp recalculations take time
STP Recalculations take time method for switching.

  • If a link failure occurs, STP recalculates by:

    • Changing some blocked ports to forwarding ports

    • Changing some forwarding ports to blocked ports

    • Forming a new STP tree to maintain the loop-free integrity of the network

STP is not instantaneous

This calculation and transition period takes about 30 to 50 seconds on each switch. During this recalculation, no user data passes through the recalculating ports.


How spanning tree protocol prevents switching loops
How Spanning Tree Protocol Prevents Switching Loops method for switching.

  • STP recalculations

  • Minimizing downtime

    • PortFast

    • UplinkFast

    • BackboneFast


Stp enhancements
STP Enhancements method for switching.

  • STP PortFast causes an access port to enter the forwarding state immediately, bypassing the listening and learning states.

    • Using PortFast on access ports that are connected to a single workstation or server allows those devices to connect to the network immediately, instead of waiting for STP to converge.

  • STP UplinkFast accelerates the choice of a new root port when a link or switch fails or when STP reconfigures itself.

    • The root port transitions to the forwarding state immediately without going through the listening and learning states, as it would do with normal STP procedures.


Stp enhancements1
STP Enhancements method for switching.

  • BackboneFast provides fast convergence after a spanning tree topology change occurs.

    • It quickly restores backbone connectivity. BackboneFast is used at the Distribution and Core Layers, where multiple switches connect.

  • Limitation of all three

    • All the enhancements are Cisco proprietary.

    • All the switches in the network must be running Cisco IOS


Discussion
Discussion method for switching.

  • What type of host or server would you connect with PortFast?

  • Could every host on a network be connected using PortFast?

  • Could you connect another switch to a network using PortFast?

  • Understanding and Configuring the Cisco Uplink Fast Feature, http://www.cisco.com/warp/public/473/51.html


How spanning tree protocol prevents switching loops1
How Spanning Tree Protocol Prevents Switching Loops method for switching.

  • Spanning-tree verification commands


Show spanning tree commands
Show spanning-tree commands method for switching.

  • show spanning-tree - Displays root ID, bridge ID, and port states

  • show spanning-tree summary - Displays a summary of port states

  • show spanning-tree root - Displays the status and configuration of the root bridge

  • show spanning-tree detail - Displays detailed port information

  • show spanning-tree interface - Displays STP interface status and configuration

  • show spanning-tree blockedports - Displays blocked ports


Spanning tree poetry
Spanning tree poetry method for switching.

  • AlgorhymeBy Radia Perlman(Adapted from "Trees", by Joyce Kilmer)I think that I shall never seeA graph more lovely than a tree.A tree whose crucial propertyIs loop-free connectivity.A tree which must be sure to spanSo packets can reach every LAN.First the Root must be selectedBy ID it is elected.Least cost paths from Root are tracedIn the tree these paths are placed.A mesh is made by folks like meThen bridges find a spanning tree.


RSTP method for switching.

  • Rapid Spanning Tree Protocol (RSTP), defined in IEEE 802.1w, significantly speeds the recalculation of the spanning tree. Unlike PortFast, UplinkFast, and BackboneFast, RSTP is not proprietary.

  • RSTP requires a full-duplex, point-to-point connection between switches to achieve the highest reconfiguration speed. Reconfiguration of the spanning tree by RSTP occurs in less than 1 second, as compared to 50 seconds in STP.


RSTP method for switching.

  • RSTP eliminates the requirements for features such as PortFast and UplinkFast. RSTP can revert to STP to provide services for legacy equipment.

  • To speed up the recalculation process, RSTP reduces the number of port states to three: discarding, learning and forwarding. The discarding state is similar to three of the original STP states: blocking, listening, and disabled.

  • RSTP also introduces the concept of active topology. All ports that are not discarding are part of the active topology and will immediately transition to the forwarding state.


Explain how spanning tree protocol prevents switching loops3
Explain How Spanning Tree Protocol Prevents Switching Loops method for switching.

  • Rapid Spanning Tree Protocol

  • Discarding

  • Active topology


Introducing vlans
Introducing VLANs method for switching.

  • Many of us belong to clubs in our schools, civic and/or religious organizations in our communities each of which has a need to be able to communicate with only 'their' members.

  • Imagine that you are the Editor-in-Chief of the yearbook. You need to be able to communicate with the other members of the yearbook committee about an upcoming meeting. Would you rather send an email to every student in the school about this meeting, or be able to target just those members of the yearbook committee? The obvious answer, of course, is just those members of the yearbook committee.”


Introducing vlans1
Introducing VLANs method for switching.

  • In schools where email is not used for communication with students, the usual default for notifying students about club meetings is “morning announcements.” Students tend to sit there, half listening, until an organization in which they are involved makes an announcement.

  • This type of broadcast message can consume unnecessary time in the morning, while overloading students with too many broadcast messages, so many in fact that students may miss their own.


Introducing vlans2
Introducing VLANs method for switching.

  • Networks function in much the same way. As networks grow and more devices are connected to a switch, more broadcast traffic is generated and more bandwidth is wasted on messages that are not relevant to all members of the organization.

  • The solution is to create virtual local area networks (VLANs) that contain broadcasts and group hosts together in communities of interest.

  • The result is that traffic is logically grouped, minimizing broadcast traffic and saving bandwidth.


Relection 3
Relection 3 method for switching.

  • Take a look at the way our school is organized.

    • What departments, subjects, groups, or users should be together in a VLAN?

    • Remember, one way to answer this question is to think about 'communities of interest’.

Reflection #3, Communities of Interest


Describe and configure vlans on a cisco switch
Describe and Configure VLANs on a Cisco Switch method for switching.

It allows an administrator to group together stations by logical function, by project teams, or by applications, without regard to physical location of the users.

  • Virtual LANs

  • Logical networks

  • Broadcast control

  • Transparent to end-users


Describe and configure vlans on a cisco switch1
Describe and Configure VLANs on a Cisco Switch method for switching.

  • VLAN functions

  • VLAN membership

    • Static (also called port based - widely deployed)

    • Dynamic ( MAC based )


Vmps vlan management policy server
VMPS (VLAN Management Policy Server) method for switching.

Return to the VLAN network diagram for the four communities of interest, and prepare a table in Word that maps the MAC addresses to the appropriate VLAN. This table would be used if we were to use dynamic VLANs


Configure vlans on a cisco switch
Configure VLANs on a Cisco Switch method for switching.

  • VLAN 1: management VLAN

  • VLAN numbers and names

  • Port assignment


Configure vlans on a cisco switch1
Configure VLANs on a Cisco Switch method for switching.

  • VLAN verification commands

  • Deleting a VLAN

  • Removing a port from a VLAN


This is a good place to take a break
This is a good place to take a break method for switching.

That was a Ton of new information!


Basic switch configuration
Basic Switch Configuration method for switching.


Config the management interface
Config the Management Interface method for switching.


Config the default gateway
Config the default gateway method for switching.


Verify the configuration
Verify the configuration method for switching.


Configure duplex and speed
Configure Duplex and Speed method for switching.

You used to be required to use certain cable types (cross-over, straight-through) when connecting between specific devices, switch-to-switch or switch-to-router. Instead, you can now use the mdix auto interface configuration command in the CLI to enable the automatic medium-dependent interface crossover (auto-MDIX) feature.


Configure sdm and web access
Configure SDM and Web Access method for switching.

Modern Cisco switches have a number of web-based configuration tools that require that the switch is configured as an HTTP server


Review
Review method for switching.


Review1
Review method for switching.


The benefits of vlans
The benefits of Vlans method for switching.


The management vlan
The management VLAN method for switching.

  • What is the default value for the management LAN?

  • What does the administrator use the management VLAN for?”

    • The IP address of the switch

    • VLAN configuration and maintenance

    • Cisco Discovery Protocol (CDP) and VLAN Trunking Protocol (VTP) traffic

  • When creating a VLAN give it a number and a name – other than the reserved number of VLAN 1.


  • Configuring vlans
    Configuring Vlans method for switching.

    • The next three sections of this chapter include the commands to configure, verify, maintain, and troubleshoot VLANs.

    • In this first section, the commands to create and assign ports to a VLAN are introduced.

    • We will stop after each section to review the syntax of the command and the output.

    • You will put all these pieces together in the Hands-On Lab in the final section.”


    Use the following commands to create the vlan
    Use the following commands to create the VLAN method for switching.

    Create the Vlan ID

    Name the VLAN

    Assign at least one switch port to the VLAN to make it active


    Verify interface assignments
    Verify interface assignments method for switching.

    This command shows all VLAN assignments


    Verify interface assignments1
    Verify interface assignments method for switching.

    This command limits information for one specific VLAN


    Deleting a vlan
    Deleting a VLAN method for switching.

    When a port is disassociated from a specific VLAN, it returns to VLAN1


    Identifying vlans on a cisco switch
    Identifying VLANs on a Cisco Switch method for switching.

    • VLAN ID

    • Frame tagging: IEEE 802.1Q


    Describe and configure trunking and inter vlan routing
    Describe and Configure Trunking and Inter-VLAN Routing method for switching.

    802.1q is now default tagging protocol on Cisco switches

    • Trunk port characteristics

      Point-to-point link

      Carry multiple-VLAN traffic over single link

    • Support for frame tagging

    • Trunk modes


    Access ports versus trunk ports
    Access Ports versus Trunk Ports method for switching.


    Configuring trunks
    Configuring Trunks method for switching.


    Untagged traffic
    Untagged traffic method for switching.

    • Some traffic however, needs to cross the 802.1Q configured link without VLAN ID.

    • Traffic with no VLAN ID is called untagged. Examples of untagged traffic are Cisco Discovery Protocol (CDP), VTP, and certain types of voice traffic.

    • Untagged traffic minimizes the delays associated with inspection of the VLAN ID tag.


    Trunks and the native vlan
    Trunks and the native VLAN method for switching.

    • Remember, tagging is used by switches… the tag gets removed.

    • Extending VLANs across switches

    • Configuring a native VLAN


    Inter vlan routing
    Inter-VLAN Routing method for switching.

    • Connectivity between different VLANs

    • Subinterfaces

    • Router-on-a-stick


    To configure inter vlan routing
    To configure inter-VLAN routing method for switching.

    • To configure inter-VLAN routing, use the following steps:

    • 1. Configure a trunk port on the switch.

      • Switch(config)#interface fa0/2

      • Switch(config-if)#switchport mode trunk

    • 2. On the router, configure a FastEthernet interface with no IP address or subnet mask.

      • Router(config)#interface fa0/1

      • Router(config-if)#no ip address

      • Router(config-if)#no shutdown


    To configure inter vlan routing1
    To configure inter-VLAN routing method for switching.

    • 3. On the router, configure one subinterface with an IP address and subnet mask for each VLAN.

    • Each subinterface has an 802.1Q encapsulation.

      • Router(config)#interface fa0/0.10

      • Router(config-subif)#encapsulation dot1q 10

      • Router(config-subif)#ip address 192.168.10.1 255.255.255.0


    Maintain vlan structure on an enterprise network
    Maintain VLAN Structure on an Enterprise Network method for switching.

    • VLAN Trunking Protocol (VTP) purpose and goals

    • Management domain

    • VTP modes: server, client, transparent

    • VLAN database

    • Configuration revision number


    Vtp modes server
    VTP modes - Server method for switching.


    Vtp modes transparent
    VTP modes - Transparent method for switching.


    Vtp modes transparent1
    VTP modes - Transparent method for switching.


    Vtp database
    VTP database method for switching.

    • A problem situation can occur related to the revision number if someone inserts a switch with a higher revision number into the network.

    Since a switch is a server by default, this results in new, but incorrect, information overwriting the legitimate VLAN information on all of the other switches


    Maintain vlan structure on an enterprise network1
    Maintain VLAN Structure on an Enterprise Network method for switching.

    • VTP messages

      • Summary advertisements

      • Subset advertisements

      • Advertisement requests


    Maintain vlan structure on an enterprise network2
    Maintain VLAN Structure on an Enterprise Network method for switching.

    • Configuring VTP

    • Verifying VTP configuration


    Show vtp status
    Show VTP Status method for switching.

    • When adding a new switch to an existing VTP domain, use the following steps:

      • Step 1: Configure VTP off-line (version 1)

      • Step 2: Verify the VTP configuration.

      • Step 3: Reboot the switch


    Maintain vlan structure on an enterprise network3
    Maintain VLAN Structure on an Enterprise Network method for switching.

    • VLANs and IP phones

    • VLANs and wireless security


    Maintain vlan structure on an enterprise network4
    Maintain VLAN Structure on an Enterprise Network method for switching.

    • VLAN best practices

    • VLAN security


    Summary
    Summary method for switching.

    • Switches forward traffic using store and forward or cut-through techniques

    • Basic security features should be applied to switches

    • A VLAN is a way to group hosts on the same logical network even though they may be physically separated

    • Frame tagging allows a switch to identify the source VLAN of an Ethernet frame.

    • A Layer 3 device is needed to move traffic between different VLANs.

    • Subinterfaces allow router interfaces to support multiple VLANs.

    • VLAN Trunking Protocol provides centralized control, distribution and maintenance of VLANs.


    ad