Ch. 4 Switching Concepts

1
Ch. 4 Switching Concepts

• CCNA 3 version 3.0

2
Overview Review of CCNA 1

• The first part of this presentation should be
  mostly a review from CCNA 1
• Describe the history and function of shared,
  half-duplex Ethernet
• Define collision as it relates to Ethernet
  networks
• Define microsegmentation
• Define CSMA/CD
• Describe some of the key elements affecting
  network performance
• Describe the function of repeaters
• Define network latency
• Define transmission time
• Describe the basic function of Fast Ethernet

3
Overview New Concepts

• Define network segmentation using routers,
  switches, and bridges
• Describe the basic operations of a switch
• Define Ethernet switch latency
• Explain the differences between Layer 2 and Layer
  3 switching
• Define symmetric and asymmetric switching
• Define memory buffering
• Compare and contrast store-and-forward and
  cut-through switching
• Understand the differences between hubs, bridges,
  and switches
• Describe the main functions of switches
• List the major switch frame transmission modes
• Describe the process by which switches learn
  addresses
• Identify and define forwarding modes
• Define LAN segmentation
• Define microsegmentation using switching
• Describe the frame-filtering process
• Compare and contrast collision and broadcast
  domains
• Identify the cables needed to connect switches to
  workstations
• Identify the cables needed to connect switches to
  switches

4
Overview
Routers
Switches, Bridges
Hub, Repeaters

• Ethernet networks used to be built using
  repeaters.
• When the performance of these networks began to
  suffer because too many devices shared the same
  segment, network engineers added bridges to
  create multiple collision domains.
• As networks grew in size and complexity, the
  bridge evolved into the modern switch, allowing
  microsegmentation of the network.
• Todays networks typically are built using
  switches and routers, often with the routing and
  switching function in the same device.

5
Ethernet/802.3 LAN development

• Distance limitations
• Ethernet is fundamentally a shared technology
  where all users on a given LAN segment compete
  for the same available bandwidth.
• This situation is analogous to a number of cars
  all trying to access a one-lane road at the same
  time.
• Because the road has only one lane, only one car
  can access it at a time.
• The introduction of hubs into a network resulted
  in more users competing for the same bandwidth.
• Collisions are a by-product of Ethernet networks.

6
Bridges

• A bridge is a Layer 2 device used to divide, or
  segment, a network.
• A bridge is capable of collecting and selectively
  passing data frames between two network segments.
• Bridges do this by learning the MAC address of
  all devices on each connected segment. Using this
  information, the bridge builds a bridging table
  and forwards or blocks traffic based on that
  table.
• This results in smaller collision domains and
  greater network efficiency.
• Bridges do NOT restrict broadcast traffic.

7
Switches

• Switches create a virtual circuit between two
  connected devices, establishing a dedicated
  communication path between two devices.
• Switches on the network provide
  microsegmentation.
• This allows maximum utilization of the available
  bandwidth.
• A switch is also able to facilitate multiple,
  simultaneous virtual circuit connections.
• Broadcast frames to all connected devices on the
  network.

8
Router

• A router is a Layer 3 device.
• Used to route traffic between two or more Layer
  3 networks.
• Routers make decisions based on groups of network
  addresses, or classes, as opposed to individual
  Layer 2 MAC addresses.
• Routers use routing tables to record the Layer 3
  addresses of the networks that are directly
  connected to the local interfaces and network
  paths learned from neighboring routers.
• Routers are not compelled to forward broadcasts.

9
Factors that impact network performance
10
Elements of Ethernet/802.3 networks

• Broadcast data frame delivery of Ethernet/802.3
• The carrier sense multiple access/collision
  detect (CSMA/CD) method allows only one station
  to transmit at a time.
• Multimedia applications with higher bandwidth
  demand such as video and the Internet, coupled
  with the broadcast nature of Ethernet, can create
  network congestion.
• Normal latency as the frames travel across the
  layers
• Extending the distances and increasing latency of
  the Ethernet/802.3 LANs by using Layer 1
  repeaters.

11
Half-Duplex

• Originally Ethernet was a half-duplex technology.
  
• Using half-duplex, a host could either transmit
  or receive at one time, but not both.
• If the network is already in use, the
  transmission is delayed.
• When a collision occurs, the host that first
  detects the collision will send out a jam signal
  to the other hosts.
• Upon receiving the jam signal, each host will
  stop sending data, then wait for a random period
  of time before attempting to retransmit.
• The back-off algorithm generates this random
  delay.
• As more hosts are added to the network and begin
  transmitting, collisions are more likely to occur.

12
Duplex Transmissions

• Simplex Transmission One way and one way only.
• One way street
• Half-duplex Transmission Either way, but only
  one way at a time.
• Two way street, but only one way at a time (land
  slide).
• Full-duplex Transmission Both ways at the same
  time.
• Two way street

13
Network Congestion

• Today's networks are experiencing an increase in
  the transmission of many forms of media
• Large graphics files
• Images
• Full-motion video
• Multimedia applications

14
Network Latency

• Latency, or delay, is the time a frame or a
  packet takes to travel from the source station to
  the final destination.
• It is important to quantify the total latency of
  the path between the source and the destination
  for LANs and WANs.
• Latency has at least three sources
• First, there is the time it takes the source NIC
  to place voltage pulses on the wire and the time
  it takes the receiving NIC to interpret these
  pulses. This is sometimes called NIC delay.
• Second, there is the actual propagation delay as
  the signal takes time to travel along the cable.
• Third, latency is added according to which
  networking devices, whether they are Layer 1,
  Layer 2, or Layer 3, are added to the path
  between the two communicating computers.

15
Ethernet 10 BASE-T transmission time

• Transmission time equals the number of bits being
  sent times the bit time for a given technology.
• Another way to think about transmission time is
  the time it takes a frame to be transmitted.
• Small frames take a shorter amount of time. Large
  frames take a longer amount of time.
• Each 10 Mbps Ethernet bit has a 100 ns
  transmission window.
• Therefore, 1 byte takes a minimum of 800 ns to
  transmit.
• A 64-byte frame, the smallest 10BASE-T frame
  allowing CSMA/CD to function properly, takes
  51,200 ns ( 51.2 microseconds).
• Transmission of an entire 1000-byte frame from
  the source station requires 800 microseconds.

16
The benefits of using repeaters

• The distance that a LAN can cover is limited due
  to attenuation.
• Attenuation means that the signal weakens as it
  travels through the network.
• The resistance in the cable or medium through
  which the signal travels causes the loss of
  signal strength.
• An Ethernet repeater is a physical layer device
  on the network that boosts or regenerates the
  signal on an Ethernet LAN.

17
Full-duplex transmitting

• Full-duplex Ethernet allows the transmission of a
  packet and the reception of a different packet at
  the same time.
• To transmit and receive simultaneously, a
  dedicated switch port is required for each node.
• The full-duplex Ethernet switch takes advantage
  of the two pairs of wires in the cable by
  creating a direct connection between the transmit
  (TX) at one end of the circuit and the receive
  (RX) at the other end.
• Ethernet usually can only use 50-60 of the
  available 10 Mbps of bandwidth because of
  collisions and latency.
• Full-duplex Ethernet offers 100 of the bandwidth
  in both directions.
• This produces a potential 20 Mbps throughput,
  which results from 10 Mbps TX and 10 Mbps RX. 

18
Duplex Transmissions

• Simplex Transmission One way and one way only.
• One way street
• Half-duplex Transmission Either way, but only
  one way at a time.
• Two way street, but only one way at a time (land
  slide).
• Full-duplex Transmission Both ways at the same
  time.
• Two way street

19
LAN segmentation

• Not the best diagram, lets look at some examples

20
Sending and receiving Ethernet frames on a bus
Abbreviated MAC Addresses
1111
2222
3333
nnnn
1111
3333

• When an Ethernet frame is sent out on the bus
  all devices on the bus receive it.
• What do they do with it?

21
Sending and receiving Ethernet frames on a bus
Hey, thats me!
Nope
Nope
Abbreviated MAC Addresses
1111
2222
3333
nnnn
1111
3333

• Each NIC card compares its own MAC address with
  the Destination MAC Address.
• If it matches, it copies in the rest of the
  frame.
• If it does NOT match, it ignores the rest of the
  frame.
• Unless you are running a Sniffer program

22
Sending and receiving Ethernet frames on a bus
Abbreviated MAC Addresses
1111
2222
3333
nnnn

• So, what happens when multiple computers try to
  transmit at the same time?

23
Sending and receiving Ethernet frames on a bus
Abbreviated MAC Addresses
1111
2222
3333
nnnn
X

• Collision!

24
Access Methods

• Two common types of access methods for LANs
  include
• Non-Deterministic Contention methods (Ethernet,
  IEEE 802.3)
• Only one signal can be on a network segment at
  one time.
• Collisions are a normal occurrence on an
  Ethernet/802.3 LAN
• Deterministic Token Passing (Token Ring)

25
CSMA/CD

• CSMA/CD (Carrier Sense Multiple Access with
  Collision Detection)
• Common contention method used with Ethernet and
  IEEE 802.3
• Let everyone have access whenever they want and
  we will work it out somehow.

26
CSMA/CD and Collisions

• CSMA/CD (Carrier Sense Multiple Access with
  Collision Detection)
• Listens to the networks shared media to see if
  any other users on on the line by trying to
  sense a neutral electrical signal or carrier.
• If no transmission is sensed, then multiple
  access allows anyone onto the media without any
  further permission required.
• If two PCs detect a neutral signal and access the
  shared media at the exact same time, a collision
  occurs and is detected.
• The PCs sense the collision by being unable to
  deliver the entire frame (coming soon) onto the
  network. (This is why there are minimum frame
  lengths along with cable distance and speed
  limitations. This includes the 5-4-3 rule.)
• When a collision occurs, a jamming signal is sent
  out by the first PC to detect the collision.
• Using either a priority or random backoff scheme,
  the PCs wait certain amount of time before
  retransmitting.
• If collisions continue to occur, the PCs random
  interval is doubled, lessening the chances of a
  collision.

27
CSMA/CD and Collisions

Hey, thats me!
Nope
Nope
Abbreviated MAC Addresses
1111
2222
3333
nnnn
Notice the location of the DA!
1111
3333

• And as we said,
• When information (frame) is transmitted, every
  PC/NIC on the shared media copies part of the
  transmitted frame to see if the destination
  address matches the address of the NIC.
• If there is a match, the rest of the frame is
  copied
• If there is NOT a match the rest of the frame is
  ignored.

28
Sending and receiving Ethernet frames via a hub

1111
3333

• So, what does a hub do when it receives
  information?
• Remember, a hub is nothing more than a multiport
  repeater.

1111
2222
?
5555
3333
4444
29
Sending and receiving Ethernet frames via a hub

Hub or
30
Sending and receiving Ethernet frames via a hub

1111
3333

• The hub will flood it out all ports except for
  the incoming port.
• Hub is a layer 1 device.
• A hub does NOT look at layer 2 addresses, so it
  is fast in transmitting data.
• Disadvantage with hubs A hub or series of hubs
  is a single collision domain.
• A collision will occur if any two or more devices
  transmit at the same time within the collision
  domain.
• More on this later.

1111
2222
Nope
5555
Nope
3333
4444
Nope
For me!
31
Sending and receiving Ethernet frames via a hub

1111
2222

• Another disadvantage with hubs is that is take up
  unnecessary bandwidth on other links.

1111
2222
For me!
5555
Wasted bandwidth
Nope
3333
4444
Nope
Nope
32
Sending and receiving Ethernet frames via a switch

33
Sending and receiving Ethernet frames via a switch

Source Address Table Port Source MAC Add.
Port Source MAC Add.
1111
3333

• Switches are also known as learning bridges or
  learning switches.
• A switch has a source address table in cache
  (RAM) where it stores source MAC address after it
  learns about them.
• A switch receives an Ethernet frame it searches
  the source address table for the Destination MAC
  address.
• If it finds a match, it filters the frame by only
  sending it out that port.
• If there is not a match if floods it out all
  ports.

switch
1111
3333
Abbreviated MAC addresses
2222
4444
34
No Destination Address in table, Flood

Source Address Table Port Source MAC Add.
Port Source MAC Add. 1 1111
1111
3333

• How does it learn source MAC addresses?
• First, the switch will see if the SA (1111) is in
  its table.
• If it is, it resets the timer (more in a moment).
• If it is NOT in the table it adds it, with the
  port number.
• Next, in our scenario, the switch will flood the
  frame out all other ports, because the DA is not
  in the source address table.

switch
1111
3333
Abbreviated MAC addresses
2222
4444
35
Destination Address in table, Filter

Source Address Table Port Source MAC Add.
Port Source MAC Add. 1 1111
6 3333
3333
1111

• Most communications involve some sort of
  client-server relationship or exchange of
  information. (You will understand this more as
  you learn about TCP/IP.)
• Now 3333 sends data back to 1111.
• The switch sees if it has the SA stored.
• It does NOT so it adds it. (This will help next
  time 1111 sends to 3333.)
• Next, it checks the DA and in our case it can
  filter the frame, by sending it only out port 1.

switch
1111
3333
Abbreviated MAC addresses
2222
4444
36
Destination Address in table, Filter

Source Address Table Port Source MAC Add.
Port Source MAC Add. 1 1111
6 3333
1111
3333
switch
3333
1111

• Now, because both MAC addresses are in the
  switchs table, any information exchanged between
  1111 and 3333 can be sent (filtered) out the
  appropriate port.
• What happens when two devices send to same
  destination?
• What if this was a hub?
• Where is (are) the collision domain(s) in this
  example?

1111
3333
Abbreviated MAC addresses
2222
4444
37
No Collisions in Switch, Buffering

Source Address Table Port Source MAC Add.
Port Source MAC Add. 1 1111
6 3333 9 4444
1111
3333
switch
4444
3333

• Unlike a hub, a collision does NOT occur, which
  would cause the two PCs to have to retransmit the
  frames.
• Instead the switch buffers the frames and sends
  them out port 6 one at a time.
• The sending PCs have no idea that their was
  another PC wanting to send to the same
  destination.

1111
3333
Abbreviated MAC addresses
2222
4444
38
Collision Domains

Source Address Table Port Source MAC Add.
Port Source MAC Add. 1 1111
6 3333 9 4444
1111
3333
Collision Domains
switch
4444
3333

• When there is only one device on a switch port,
  the collision domain is only between the PC and
  the switch. (Cisco curriculum is inaccurate on
  this point.)
• With a full-duplex PC and switch port, there will
  be no collision, since the devices and the medium
  can send and receive at the same time.

1111
3333
Abbreviated MAC addresses
2222
4444
39
Other Information

Source Address Table Port Source MAC Add.
Port Source MAC Add. 1 1111
6 3333 9 4444

• How long are addresses kept in the Source Address
  Table?
• 5 minutes is common on most vendor switches.
• How do computers know the Destination MAC
  address?
• ARP Caches and ARP Requests
• How many addresses can be kept in the table?
• Depends on the size of the cache, but 1,024
  addresses is common.
• What about Layer 2 broadcasts?
• Layer 2 broadcasts (DA all 1s) is flooded out
  all ports.

switch
1111
3333
Abbreviated MAC addresses
2222
4444
40
Side Note - Transparent Bridging

• Transparent bridging (normal switching process)
  is defined in IEEE 802.1d describing the five
  bridging processes of
• learning
• flooding filtering
• forwarding
• aging
• These will be discussed further in STP (Spanning
  Tree Protocol)

41
Transparent Bridge Process - Jeff Doyle
Receive Packet
Learn source address or refresh aging timer
Is the destination a broadcast, multicast or
unknown unicast?
Yes
Flood Packet
No
Are the source and destination on the same
interface?
Filter Packet
Yes
No
Forward unicast to correct port
42
What happens here?

Source Address Table Port Source MAC Add.
Port Source MAC Add. 1 1111
6 3333 1 2222
1 3333
3333
1111

• Notice the Source Address Table has multiple
  entries for port 1.

3333
1111
2222
5555
43
What happens here?

Source Address Table Port Source MAC Add.
Port Source MAC Add. 1 1111
6 3333 1 2222
1 5555
3333
1111

• The switch filters the frame out port 1.
• But the hub is only a layer 1 device, so it
  floods it out all ports.
• Where is the collision domain?

3333
1111
2222
5555
44
What happens here?

Source Address Table Port Source MAC Add.
Port Source MAC Add. 1 1111
6 3333 1 2222
1 5555
3333
1111
Collision Domain
3333
1111
2222
5555
45
LAN segmentation with routers

• Routers provide segmentation of networks, adding
  a latency factor of 20 to 30 over a switched
  network.
• This increased latency is because a router
  operates at the network layer and uses the IP
  address to determine the best path to the
  destination node.
• Bridges and switches provide segmentation within
  a single network or subnetwork.
• Routers provide connectivity between networks and
  subnetworks.
• Routers also do not forward broadcasts while
  switches and bridges must forward broadcast
  frames.

46
Layer 2 and layer 3 switching

(routing)

• A layer 3 switch is typically a layer 2 switch
  that includes a routing process, I.e. does
  routing. (Oh yea, also known as routing. Got to
  love those people in Marketing.)
• Layer 3 switching has many meanings and in many
  cases is just a marketing term.
• Layer 3 switching is a function of the network
  layer.
• The Layer 3 header information is examined and
  the packet is forwarded based on the IP address.

47
Symmetric and asymmetric switching

Note Most switches are now 10/100, which allow
you to use them symmetrically or asymmetrically.
48
Ethernet switch latency

• Latency is the period of time from when the
  beginning of a frame enters to when the end of
  the frame exits the switch.
• Latency is directly related to the configured
  switching process and volume of traffic.

49
Memory buffering

switch

• An Ethernet switch may use a buffering technique
  to store and forward frames.
• Buffering may also be used when the destination
  port is busy.
• The area of memory where the switch stores the
  data is called the memory buffer.
• This memory buffer can use two methods for
  forwarding frame
• port-based memory buffering
• shared memory buffering
• In port-based memory buffering frames are stored
  in queues that are linked to specific incoming
  ports.
• Shared memory buffering deposits all frames into
  a common memory buffer which all the ports on the
  switch share.

1111
3333
Abbreviated MAC addresses
2222
4444
50
Two switching methods

• Store-and-forward  The entire frame is received
  before any forwarding takes place.
• The destination and source addresses are read and
  filters are applied before the frame is
  forwarded.
• CRC Check done
• Cut-through  The frame is forwarded through the
  switch before the entire frame is received.
• This mode decreases the latency of the
  transmission, but also reduces error detection.
• 1900 and 2800 series switches this is
  configurable, otherwise depends on the model of
  the switch.

51
Cut-through

• Cut-through
• Fast-forward  Offers the lowest level of
  latency.
• Fast-forward switching immediately forwards a
  packet after reading the destination address.
• There may be times when packets are relayed with
  errors.
• Although this occurs infrequently and the
  destination network adapter will discard the
  faulty packet upon receipt.

52
Cut-through

• Cut-through
• Fragment-free  Fragment-free switching filters
  out collision fragments before forwarding begins.
  
• Collision fragments are the majority of packet
  errors.
• In a properly functioning network, collision
  fragments must be smaller than 64 bytes.
• Anything greater than 64 bytes is a valid packet
  and is usually received without error.
• Fragment-free switching waits until the packet is
  determined not to be a collision fragment before
  forwarding.

53
Two switching methods

• Adaptive cut-through
• In this mode, the switch uses cut-through until
  it detects a given number of errors.
• Once the error threshold is reached, the switch
  changes to store-and-forward mode.

54
Functions of a switch

• The main features of Ethernet switches are
• Isolate traffic among segments
• Achieve greater amount of bandwidth per user by
  creating smaller collision domains

55
How switches learn addresses
Learning bridges or Learning switches

• Bridges and switches learn in the following ways
  
• Reading the source MAC address of each received
  frame or datagram
• Recording the port on which the MAC address was
  received.
• The bridge or switch learns which addresses
  belong to the devices connected to each port.
• The learned addresses and associated port or
  interface are stored in the addressing table.
• The bridge examines the destination address of
  all received frames.
• The bridge then scans the address table searching
  for the destination address.

56
Filter or Flood (Switch)

• If a switch has the frames destination address
  in its CAM table (or Source Address Table) it
  will only send the frame out the appropriate
  port.
• If a switch does not have the frames destination
  MAC address in its CAM table, it floods (sends)
  it out all ports except for the incoming port
  (the port that the frame came in on) known as an
  Unknown Unicast, or if the destination MAC
  address is a broadcast.
• Note A CAM table may contain multiple entries
  per port, if a hub or a switch is attached to
  that port.
• Most Ethernet bridges can filter broadcast and
  multicast frames.

57
Filter or Flood (Switch)

• Switches flood frames that are
• Unknown unicasts
• Layer 2 broadcasts
• Multicasts (unless running multicast snooping or
  IGMP)
• Multicast are special layer 2 and layer 3
  addresses that are sent to devices that belong to
  that group.

58
Why segment LANs? (Layer 2 segments)
Hub
Switch

• First is to isolate traffic between segments.
• The second reason is to achieve more bandwidth
  per user by creating smaller collision domains.

59
Why segment LANs? (Layer 2 segments)

switch
Collision Domains

• A switch employs microsegmentation to reduce
  the collision domain on a LAN.
• The switch does this by creating dedicated
  network segments, or point-to-point connections.

1111
3333
Abbreviated MAC addresses
2222
4444
60
Broadcast domains

• ARP Request

• Even though the LAN switch reduces the size of
  collision domains, all hosts connected to the
  switch are still in the same broadcast domain.
• Therefore, a broadcast from one node will still
  be seen by all the other nodes connected through
  the LAN switch.

61
Switches and broadcast domains

These are logical not physical representations of
what happens to these frames.

• Switches flood frames that are
• Unknown unicasts
• Layer 2 broadcasts
• Multicasts (unless running multicast snooping or
  IGMP)
• Multicast are special layer 2 and layer 3
  addresses that are sent to devices that belong to
  that group.

62
Switches and broadcast domains

• When a device wants to send out a Layer 2
  broadcast, the destination MAC address in the
  frame is set to all ones.
• A MAC address of all ones is FFFFFFFFFFFF in
  hexadecimal.
• By setting the destination to this value, all the
  devices will accept and process the broadcasted
  frame.

63
Switches and broadcast domains
64
Communication between switches and workstation
65
Hubs to VLANsPart 1

• (Part 2 will be discussed when we cover VLANs.)

66
Using Hubs

• Layer 1 devices
• Inexpensive
• In one port, out the others
• One collision domain
• One broadcast domain

67
Single Hub

• This is fine for small workgroups, but does not
  scale well for larger workgroups or heavy traffic.

68
Single Hub

Note Different color hosts refer to different
subnets.

• What if the computers were on two different
  subnets?
• Could they communicate within their own subnet?
  Yes
• Between subnets? No, need a router. The sending
  host will check the destination IP address with
  its own IP address and subnet mask. The AND
  operation will determine that it is on a
  different subnet and cannot be reached without
  sending the packet to a default gateway (router).
  This is even though they are on the same
  physical network.

69
Multiple Hubs

• Same issues as before, with more of an impact on
  the network.

70
Using Switches

• Layer 2 devices
• Layer 2 filtering based on Destination MAC
  addresses and Source Address Table
• One collision domain per port
• One broadcast domain across all switches

71
Switches create multiple parallel paths

• Two parallel paths (complete SAT tables)
• Data traffic from 172.30.1.24 to 172.30.1.25
• Data traffic from 172.30.1.26 to 172.30.1.2

72
Hubs do not create multiple parallel paths

Collision!

• As opposed to the Hub
• Data traffic from 172.30.1.21 to 172.30.1.22
• Data traffic from 172.30.1.23 to 172.30.1.24

73
Switches create multiple parallel paths

• Collisions and Switches
• What happens when two devices on a switch, send
  data to another device on the switch?
• 172.30.1.24 to 172.30.1.25 and 172.30.1.26 to
  172.30.1.25

74
Switches create multiple parallel paths

Frames buffered

• The switch keeps the frames in buffer memory, and
  queues the traffic for the host 172.30.1.25.
• This means that the sending hosts do not know
  about the collisions and do not have to re-send
  the frames.

75
Other Switching Features

• Review
• Asymmetric ports 10 Mbps and 100 Mbps
• Full-duplex ports
• Cut-through versus Store-and-Forward switching

76

Other Switching Features

• Ports between switches and server ports are good
  candidates for higher bandwidth ports (100 Mbps)
  and full-duplex ports.
• Most switch ports today are full-duplex.

77
Introducing Multiple Subnets/Networks without
Routers

• Switches are Layer 2 devices
• Router are Layer 3 devices
• Data between subnets/networks must pass through a
  router.

78

Switched Network with Multiple Subnets
ARP Request

• What are the issues?
• Can data travel within the subnet? Yes
• Can data travel between subnets? No, need a
  router!
• What is the impact of a layer 2 broadcast, like
  an ARP Request?

79

Switched Network with Multiple Subnets
ARP Request

• All devices see the ARP Request, even those on
  the other subnets that do not need to see it.
• One broadcast domain means the switches flood all
  broadcast out all ports, except the incoming
  port.
• Switches have no idea of the layer 3 information
  contained in the ARP Request.This consumes
  bandwidth on the network and processing cycles on
  the hosts.

80

One Solution Physically separate the subnets

• But still no data can travel between the subnets.
  
• How can we get the data to travel between the two
  subnets?

81

Another Solution Use a Router

• Two separate broadcast domains, because the
  router will not forward the layer 2 broadcasts
  such as ARP Requests.

82
Switches with multiple subnets

• So far this should have been a review.
• Lets see what happens when we have two subnets on
  a single switch and we want to route between the
  two subnets.

83

Router-on-a-stick or One-Arm-Router (OAR)
interface e 0 ip address 172.30.1.1
255.255.255.0 ip address 172.30.2.1 255.255.255.0
secondary
ARP Request
Secondary addresses can be used when the router
does not support sub-interfaces which will be
discussed later.

• When a single interface is used to route between
  subnets or networks, this is know as a
  router-on-a-stick.
• To assign multiple ip addresses to the same
  interface, secondary addresses or subinterfaces
  are used.

84

Router-on-a-stick or One-Arm-Router (OAR)
interface e 0 ip address 172.30.1.1
255.255.255.0 ip address 172.30.2.1 255.255.255.0
secondary

• Advantages
• Useful when there are limited Ethernet interfaces
  on the router.
• Disadvantage
• Because a single link is used to connect multiple
  subnets, one link is having to carry the traffic
  for multiple subnets.
• Be sure this is link can handle the traffic.

85

Router-on-a-stick or One-Arm-Router (OAR)
interface e 0 ip address 172.30.1.1
255.255.255.0 ip address 172.30.2.1 255.255.255.0
secondary
ARP Request

• Still the same problem of the switch forwarding
  broadcast traffic to all devices on all subnets.

86

Router-on-a-stick or One-Arm-Router (OAR)
interface e 0 ip address 172.30.1.1
255.255.255.0 ip address 172.30.2.1 255.255.255.0
secondary

• Remember to have the proper default gateway set
  for each host.
• 172.30.1.0 hosts - default gateway is 172.30.1.1
• 172.30.2.0 hosts - default gateway is 172.30.2.1

87

Interface for each subnet
E0
E1

• An Ethernet router interface per subnet may be
  used instead of one.
• However this may be difficult if you do not have
  enough Ethernet ports on your router.

88

Still one broadcast domain
ARP Request

• Still the same problem of the switch forwarding
  broadcast traffic to all devices on all subnets.

89
Introducing VLANs

• VLAN Subnet
• VLANs create separate broadcast domains within
  the switch.
• Routers are needed to pass information between
  different VLANs
• This is only an introduction, as we will discuss
  VLANs and Inter-VLAN Routing in later chapters.

90

Layer 2 Broadcast Segmentation
Switch Port VLAN ID
ARP Request

• An ARP Request from 172.30.1.21 for 172.30.1.23
  will only be seen by hosts on that VLAN.
• The switch will flood broadcast traffic out only
  those ports belonging to that particular VLAN, in
  this case VLAN 1.

91

Layer 2 Broadcast Segmentation

• Port-centric VLAN Switches
• As the Network Administrator, it is your job to
  assign switch ports to the proper VLAN.
• This assignment is only done at the switch and
  not at the host.
• Note The following diagrams show the VLAN below
  the host, but it is actually assigned on the
  switch.

92

Without VLANs No Broadcast Control
ARP Request

• Without VLANs, the ARP Request would be seen by
  all hosts.
• Again, consuming unnecessary network bandwidth
  and host processing cycles.

93

With VLANs Broadcast Control
Switch Port VLAN ID
ARP Request
94

Inter-VLAN Traffic
Switch Port VLAN ID

• 1. Remember that VLAN IDs (numbers) are assigned
  to the switch port and not to the host.
  (Port-centric VLAN switches)
• 2. Be sure to have all of the hosts on the same
  subnet belong to the same VLAN, or you will have
  problems.
• Hosts on subnet 172.30.1.0/24 - VLAN 1
• Hosts on subnet 172.30.2.0/24 - VLAN 2
• etc.

95

Inter-VLAN Traffic
Switch Port VLAN ID
To 172.30.2.12

• A switch cannot route data between different
  VLANs.
• Note The host will not even send the Packet
  unless it has a default gateway to forward it to.

96

Inter-VLAN Routing needs a Router

• A router is need to route traffic between VLANs
  (VLAN Subnet).
• There are various methods of doing this including
  Router-on-a-stick with trunking (more than one
  VLAN on the link).
• This will be discussed later when we get to the
  chapter on VLANs and Inter-VLAN Routing.

97
Ch. 4 Switching Concepts

• CCNA 3 version 3.0
• Rick Graziani
• Cabrillo College