Upload
httpheiserzcom
View
224
Download
0
Embed Size (px)
Citation preview
8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
1/93
Chapter 3 Switching in an EnterpriseNetwork
CCNA Discovery 4.0
8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
2/93
Intruduction
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
3/93
Intruduction
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
4/93
Intruduction
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
5/93
Intruduction
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
6/93
Intruduction
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
7/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Objectives
Compare the types of switches used in anenterprise network.
Explain how Spanning Tree Protocol
prevents switching loops. Describe and configure VLANs on a Cisco
switch.
Describe and configure trunking and Inter-VLAN routing. Maintain VLANs in an enterprise networks.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
8/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
DescribingEnterprise Level
Switching
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
9/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Switching and Network Segmentation
A switch is a very adaptable Layer 2 device. Each switch maintains a MAC address table in high-
speed memory, called content addressable memory(CAM).
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
10/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Switching and Network Segmentation
The switch deletes entries from the MAC address table ifthey are not used within a certain period of time.
The name given to this period of time is the aging timer; Removal of an entry is called aging out.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
11/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Switching and Network Segmentation
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
12/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Switching and Network Segmentation
When two connected hosts communicate with each other,the switch consults the switching table and establishes avirtual connection, or microsegment, between the ports.
Switches can support either symmetric or asymmetricswitching.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
13/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Multilayer Switching
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
14/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Multilayer Switching
Layer 3 switching, or multilayer switching, combineshardware-based switching and hardware-based routing inthe same device.
A multilayer switch combines the features of a Layer 2switch and a Layer 3 router.
Layer 3 switching occurs in special application-specificintegrated circuit (ASIC) hardware.
Multilayer switches often save, or cache, source anddestination routing information from the first packet of a
conversation. Subsequent packets do not have to execute a routing
lookup, because they find the routing information inmemory.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
15/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Multilayer Switching
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
16/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Types of Switching
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
17/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Types of Switching
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
18/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Types of Switching
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
19/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Types of Switching
There are two variants of cut-through switching:
Fast-forward switching: Fast-forward switching offers the lowest level oflatency. Fast-forward switching immediately forwards a packet after readingthe destination address. Because fast-forward switching starts forwardingbefore the entire packet has been received, there may be times whenpackets are relayed with errors. This occurs infrequently, and the destinationnetwork adapter discards the faulty packet upon receipt. In fast-forward
mode, latency is measured from the first bit received to the first bittransmitted. Fast-forward switching is the typical cut-through method ofswitching.
Fragment-free switching: In fragment-free switching, the switch stores thefirst 64 bytes of the frame before forwarding. Fragment-free switching can beviewed as a compromise between store-and-forward switching and cut-
through switching. The reason fragment-free switching stores only the first 64bytes of the frame is that most network errors and collisions occur during thefirst 64 bytes. Fragment-free switching tries to enhance cut-through switchingby performing a small error check on the first 64 bytes of the frame to ensurethat a collision has not occurred before forwarding the frame. Fragment-freeswitching is a compromise between the high latency and high integrity ofstore-and-forward switching, and the low latency and reduced integrity of cut-throu h switchin .
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
20/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Types of Switching
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
21/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Switch Security
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
22/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Switch Security
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
23/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
PreventingSwitching Loops
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
24/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Redundancy in a Switched Network
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
25/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Redundancy in a Switched Network
Redundant links in a switched network reduce congestionand support high availability and load balancing. however, can cause problems:
The broadcast nature of Ethernet traffic createsswitching loops.
The broadcast frames go around and around in alldirections, causing a broadcast storm.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
26/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Redundancy in a Switched Network
Broadcast storms are not the only problem created byredundant links in a switched network. Unicast frames sometimes produce problems, such as
multiple frame transmissions and MAC databaseinstability.
Multiple Frame Transmissions
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
27/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Redundancy in a Switched Network
MAC Database Instability
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
28/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Spanning Tree Protocol (STP)
Spanning Tree Protocol (STP) provides a mechanism fordisabling redundant links in a switched network. STPprovides the redundancy required for reliability withoutcreating switching loops.
STP is an open standard protocol, used in a switchedenvironment to create a loop-free logical topology.
Switches detecting a potential loop block some of theconnecting ports, while leaving other ports active toforward frames.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
29/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Spanning Tree Protocol (STP)
With STPWithout STP
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
30/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Spanning Tree Protocol (STP)
To prevent switching loops, STP:Forces certain interfaces into a standby or blocked
state
Leaves other interfaces in a forwarding state
Reconfigures the network by activating the appropriatestandby path, if the forwarding path becomesunavailable.
In STP terminology, the term bridge is frequently used torefer to a switch.
The Root Bridge is the primary switch or focal point in theSTP topology.
The root bridge communicates with the other switchesusing Bridge Protocol Data Units (BPDUs).
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
31/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Spanning Tree Protocol (STP)
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
32/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Spanning Tree Protocol (STP)
As a switch powers on, each port cycles through a seriesof four states: blocking, listening, learning, andforwarding.
As the port cycles through these states, the LEDs on theswitch change from flashing orange to steady green
It can take as long as 50 seconds for a port to cyclethrough all of these states and be ready to forwardframes.
When a switch powers on, it first goes into a blocking
state to immediately prevent the formation of a loop. It then changes to listening mode, so that it receives
BPDUs from neighbor switches
After processing this information the switch determineswhich ports can forward frames without creating a loop
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
33/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Spanning Tree Protocol (STP)
Access ports do not create loops in a switched networkand always transition to forwarding if they have a hostattached
Trunking ports potentially create a looped network andtransition to either a forwarding or blocking state.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
34/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Spanning Tree Protocol (STP)
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
35/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Spanning Tree Protocol (STP)
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
36/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Spanning Tree Protocol (STP)
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
37/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Spanning Tree Protocol (STP)
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
38/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Root Bridges
STP uses this focal point, called a root bridge or rootswitch, to determine which ports to block and which portsto put into forwarding state.
The root bridge sends out BPDUs containing networktopology information to all other switches
There is only one root bridge on each network. The root bridge is based on the lowest BID value.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
39/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Root Bridges
STP designates three types of ports: root ports,designated ports, and blocked ports. Root Port:
The port that provides the least cost path back to theroot bridge becomes the root port.
Switches calculate the least cost path using thebandwidth cost of each link required to reach the rootbridge.
Designated Port:
A designated port is a port that forwards traffic towardthe root bridge but does not connect to the least costpath.
Blocked Port: A blocked port is a port that does notforward traffic.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
40/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Root Bridges
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
41/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Root Bridges
To set priority:S3(config)#bridge priority 4096
To restore priority to default:S3(config)#no bridge priority
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
42/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Spanning Tree in a Hierarchical network
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
43/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Spanning Tree in a Hierarchical network
PortFastSTP PortFast causes an access port to enter the
forwarding state immediately, bypassing the listeningand learning states.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
44/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Spanning Tree in a Hierarchical network
Uplink Fast:STP UplinkFast accelerates the choice of a new root
port when a link or switch fails or when STPreconfigures itself.
The root port transitions to the forwarding state
immediately without going through the listening andlearning states, as it would do with normal STPprocedures.
BackboneFast
BackboneFast provides fast convergence after aspanning tree topology change occurs.
It quickly restores backbone connectivity.BackboneFast is used at the Distribution and CoreLayers, where multiple switches connect.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
45/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Spanning Tree in a Hierarchical network
There are several useful commands used to verifyspanning tree operation.show spanning-tree - Displays root ID, bridge ID, and
port states
show spanning-tree summary - Displays a summary of
port states
show spanning-tree root - Displays the status andconfiguration of the root bridge
show spanning-tree detail - Displays detailed port
informationshow spanning-tree interface - Displays STP interface
status and configuration
show spanning-tree blockedports - Displays blockedports
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
46/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Rapid Spanning Tree Protocol (RSPT)
Rapid Spanning Tree Protocol (RSTP), defined in IEEE802.1w, significantly speeds the recalculation of thespanning tree.
RSTP requires a full-duplex, point-to-point connectionbetween switches to achieve the highest reconfiguration
speed. RSTP eliminates the requirements for features such as
PortFast and UplinkFast.
To speed up the recalculation process, RSTP reduces the
number of port states to three: discarding, learning andforwarding.
The discarding state is similar to three of the original STPstates: blocking, listening, and disabled.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
47/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Rapid Spanning Tree Protocol (RSPT)
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
48/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
ConfiguringVLANs
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
49/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Virtual LAN
A VLAN is a logical broadcast domain that can spanmultiple physical LAN segments.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
50/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Virtual LAN
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
51/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Virtual LAN
A VLAN has two major functions:A VLAN contains broadcasts.
A VLAN groups devices. Devices located on one VLANare not visible to devices located on another VLAN.
Traffic requires a Layer 3 device to move betweenVLANs.
Static VLAN
membership
requires an
administrator tomanually assign
each switch port
to a specific
VLAN.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
52/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Virtual LAN
Dynamic VLAN membership requires a VLANmanagement policy server (VMPS). The VMPS contains a database that maps MAC
addresses to VLAN assignments.
When a device plugs into a switch port, the VMPSsearches the database for a match of the MAC addressand temporarily assigns that port to the appropriateVLAN.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
53/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Virtual LAN
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
54/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Configuring a Virtual LAN
Whether VLANs are created statically or dynamically, themaximum number of VLANs depends on the type ofswitch and the IOS.
By default, VLAN1 is the management VLAN. An administrator will use the IP address of the
management VLAN to configure the switch remotely.
When a VLAN is created, it is assigned a number and aname.
The VLAN number is any number from the range
available on the switch, except for VLAN1 Some switches support approximately 1000 VLANs;
others support more than 4000.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
55/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Configuring a Virtual LAN
Switch(config)#vlan vlan_number Switch(config-vlan)#name vlan_name Switch(config-vlan)#exit
Switch(config)#interface fa#/# Switch(config-if)#switchport access vlan vlan_number Switch(config-if)# exit
Switch(config)#interface range fa#/start_of_range -end_of_range Switch(config-if)#switchport access vlan vlan_number Switch(config-if)#exit
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
56/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Configuring a Virtual LAN
The following commands are used to verify and maintainVLANs:show vlan
Displays a detailed list of all of the VLAN numbersand names currently active on the switch, along with
the ports associated with each one
Displays STP statistics if configured on a per VLANbasis
show vlan brief
Displays a summarized list showing only the activeVLANs and the ports associated with each one
show vlan id id_number: Displays informationpertaining to a specific VLAN, based on ID number
show vlan name vlan_name
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
57/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Configuring a Virtual LAN
To delete a VLAN:Switch(config)#no vlan vlan_number
To disassociate a port from a specific VLAN:
Switch(config)#interface fa#/#Switch(config-if)#no switchport access vlan
vlan_number
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
58/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Identifying VLANs
As a frame enters that port, the switch inserts the VLANID (VID) into the Ethernet frame. The addition of the VLAN ID number into the Ethernet
frame is called frame tagging.
The most commonly used frame tagging standard is IEEE802.1Q.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
59/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Identifying VLANs
Frames contain fields such as:
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
60/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Identifying VLANs
An access port belongs to only one VLAN. A trunk port is a point-to-point link between the switch andanother networking device.
Trunks carry the traffic of multiple VLANs over a singlelink and allow VLANs to reach across an entire
network.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
61/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Identifying VLANs
No Trunking
Trunking
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
62/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Identifying VLANs
To configure a switch port as a trunk port, use thefollowing commands:Switch(config)#interface fa(controler # / port #)
Switch(config-if)#switchport mode trunk
Switch(config-if)#switchport trunk encapsulation {dot1q| isl | negotiate}
The negotiate parameter is the default mode on manyCisco switches. This parameter automatically detects theencapsulation type of the neighbor switch.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
63/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Identifying VLANs
Based on the attached device, the link configures itself aseither a trunk port or an access port.Switch(config-if)#switchport mode dynamic {desirable |
auto}
In desirable mode, the port becomes a trunk port if theother end is set to either trunk, desirable, or auto.
In auto mode, the port becomes a trunk port if the otherend is set to either trunk or desirable.
To return a trunk port to an access port, issue either of the
following commands:Switch(config)#interface fa(controler # / port #)
Switch(config-if)#no switchport mode trunk
Or
Switch(config-if)#switchport mode access
http://www.bkacad.com/http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
64/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Trunking and Inter-VLAN Routing
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
65/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Trunk Ports
Switch ports can be configured for two different rolesAccess Port An access port belongs to only one VLAN.
Typically, single devices such as PCs or serversconnect to this type of port.
If a hub connects multiple PCs to the single accessport, each device connected to the hub is a memberof the same VLAN.
Trunk Port
A trunk port is a point-to-point link between theswitch and another networking device.
Trunks carry the traffic of multiple VLANs over asingle link and allow VLANs to reach across anentire network.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
66/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Trunk Ports
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
67/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Trunk Ports
VLAN Tagging is used when a link needs to carry traffic formore than one VLAN.
No VLAN Tagging
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
68/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Trunk Ports
There are two major methods of frame tagging, Cisco proprietary Inter-Switch Link
(ISL) and IEEE 802.1Q.
ISL used to be the most common, but is now being replaced by 802.1Q frametagging.
Cisco recommends using 802.1Q.
VLAN Tagging and Trunking will be discussed in the next chapter.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
69/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Trunk Ports
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
70/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Trunk Ports
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
71/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Extending VLANs across Swithes
Traffic with no VLAN ID is called untagged. Examples of untagged traffic are Cisco DiscoveryProtocol (CDP), VTP, and certain types of voice traffic.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
72/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Extending VLANs across Swithes
To accommodate untagged traffic, a special VLAN calleda native VLAN is available.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
73/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Inter-VLAN Routing
A Layer 3 device provides connectivity between differentVLANs. One method of accomplishing the inter-VLAN routing
requires a separate interface connection to the Layer 3device for each VLAN.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
74/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Inter-VLAN Routing
SwitchConfigure the switch interface as an 802.1Q trunk link. Router
Select a router interface with a minimum of a 100MbpsFastEthernet
Configure
subinterfaces
that support 802.1Q
encapsulation.
Configure one
subinterface
for each VLAN.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
75/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Inter-VLAN Routing
If the destination VLAN is on the same switch as thesource VLAN, the router forwards the traffic back down tothe source switch using the subinterface parameters ofthe destination VLAN ID.
This type of configuration is often referred to as a router-
on-a-stick.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
76/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Inter-VLAN Routing
To configure inter-VLAN routing, use the following steps:1. Configure a trunk port on the switch.Switch(config)#interface fa0/2
Switch(config-if)#switchport mode trunk
2. On the router, configure a FastEthernet interfacewith no IP address or subnet mask.
Router(config)#interface fa0/1
Router(config-if)#no ip address
Router(config-if)#no shutdown
3. On the router, configure one subinterface with an IPaddress and subnet mask for each VLAN. Eachsubinterface has an 802.1Q encapsulation.
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
77/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Inter-VLAN Routing
Router(config)#interface fa0/0.10
Router(config-subif)#encapsulation dot1q 10
Router(config-subif)#ip address 192.168.10.1 255.255.255.0
4. Use the following commands to verify the inter-VLAN routing configuration and functionality.
Switch#show trunk
Router#show ip interfaces
Router#show ip interfaces brief
Router#show ip route
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
78/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Maintaining VLANson an Enterprise
Network
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
79/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
VLAN Trunking Protocol (VTP)
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
80/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
VLAN Trunking Protocol (VTP)
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
81/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
VLAN Trunking Protocol (VTP)
VLAN T ki P l (VTP)
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
82/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
VLAN Trunking Protocol (VTP)
VTP allows a network manager to makes changes on aswitch that is configured as a VTP server.
Basically, the VTP server distributes and synchronizesVLAN information to VTP-enabled switches throughoutthe switched network, which minimizes the problems
caused by incorrect configurations and configurationinconsistencies.
VTP stores VLAN configurations in the VLAN databasecalled vlan.dat.
VTP only learns about normal-range VLANs (VLAN IDs 1to 1005).
Extended-range VLANs (IDs greater than 1005) are notsupported by VTP.
VLAN T ki P l (VTP)
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
83/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
VLAN Trunking Protocol (VTP)
VLAN T ki P t l (VTP)
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
84/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
VLAN Trunking Protocol (VTP)
VTP Domain-Consists of one or moreinterconnected switches. All switches ina domain share VLAN configurationdetails using VTP advertisements. A
router or Layer 3 switch defines theboundary of each domain.
VLAN T ki P t l (VTP)
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
85/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
VLAN Trunking Protocol (VTP)
VLAN T ki P t l (VTP)
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
86/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
VLAN Trunking Protocol (VTP)
The VTP configuration revision number begins at zero.
As changes occur, the configuration revision number increases by one. The revision number continues to increment until it reaches
2,147,483,648
When it reaches that point, the counter resets back to zero. Rebootingthe switch also resets the revision number to zero.
VLAN T ki P t l (VTP)
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
87/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
VLAN Trunking Protocol (VTP)
VTP messages come in three varieties: summary advertisements,subset advertisements, and advertisement requests.
Summary Advertisements Catalyst switches issue summary advertisements every 5 minutes
or whenever a change to the VLAN database occurs.
Summary advertisements contain the current VTP domain nameand the configuration revision number.
Subset Advertisements A subset advertisement follows the summary advertisement.
A subset advertisement contains a list of VLAN information.
Advertisement Requests
VTP clients use advertisement requests to ask for VLANinformation.
Detail in 3.5.1
C fi i VTP
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
88/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Configuring VTP
Step 1: Configure VTP off-line (version 1)
Step 2: Verify the VTP configuration. Step 3: Reboot the switch.
VLAN Support for IP telephony and
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
89/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
pp p yWireless Voice traffic must be given priority over normal data traffic to avoid
jerky or jittery conversations. Providing a dedicated VLAN for voice traffic prevents voice traffic from
having to compete with data for available bandwidth.
An IP phone usually has two ports, one for voice and one for data. Packets traveling to and from the PC and the IP phone share the same
physical link to the switch and the same switch port.
To segment the voice traffic, enable a separate voice VLAN on theswitch.
VLAN Support for IP telephony and
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
90/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
pp p yWireless Wireless is another type of traffic that benefits from VLANs.
Wireless is, by nature, very insecure and prone to attacks by hackers. Most wireless deployments place the user in a VLAN on the outside of
the firewall for added security.
In addition, many organizations provide guest access to their wirelessnetwork.
Guest accounts provide anyone, within a limited range, temporarywireless services such as web access, e-mail, ftp, and SSH.
VLAN best practices
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
91/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
VLAN best practices
Some best practices for configuring VLANs in an enterprise networkare: Organizing server placement
Disabling unused ports
Configuring the management VLAN as a number other than 1
Using VLAN Trunking Protocol
Configuring VTP Domains Reboot any new switch entering an established network
Summary
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
92/93
Hc vin cng ngh thng tin Bach Khoa - Website: www.bkacad.com
Summary
Switch forward traffic. Spanning Tree Protocol STP). Rapid STP.
VLAN. Inter-VLAN. VLAN Trunking Protocol (VTP).
http://www.bkacad.com/http://www.bkacad.com/8/3/2019 CCNA Dis3 - Chapter 3 - Switching in a Enterprise Network_ppt [Compatibility Mode]
93/93