CCNA Guide to Cisco Networking Fundamentals Fourth Edition - PowerPoint PPT Presentation

1 / 41
About This Presentation
Title:

CCNA Guide to Cisco Networking Fundamentals Fourth Edition

Description:

Title: Chapter 1 Created Date: 9/27/2002 11:29:22 PM Document presentation format: On-screen Show (4:3) Other titles: Times New Roman Arial Courier New Default Design ... – PowerPoint PPT presentation

Number of Views:561
Avg rating:3.0/5.0
Slides: 42
Provided by: cmsu2Ucmo2
Category:

less

Transcript and Presenter's Notes

Title: CCNA Guide to Cisco Networking Fundamentals Fourth Edition


1
CCNA Guide to Cisco Networking Fundamentals
Fourth Edition
  • Chapter 13
  • Advanced Switching Concepts

2
Objectives
  • Explain how the Spanning Tree Protocol works and
    describe its benefits
  • Describe the benefits of virtual LANs
  • Configure a VLAN
  • Understand the Purpose of the VLAN trunking
    protocol (VTP)
  • Configure VTP

3
Spanning Tree Protocol
  • Physical path loops
  • A physical connection created when network
    devices are connected to one another by two or
    more physical media links
  • Help improve a networks fault tolerance
  • Drawback
  • Can result in endless packet looping
  • Spanning Tree Protocol (SP)
  • A layer 2 link management protocol designed to
    prevent looping on bridges and switches
  • The specification for STP is IEEE 802.1d

4
Spanning Tree Protocol (continued)
5
Spanning Tree Protocol (continued)
  • STP uses the Spanning Tree Algorithm (STA)
  • To interrupt the logical loop created by a
    physical loop in a bridged/switched environment
  • STP does this by ensuring that certain ports on
    some of the bridges and switches do not forward
    frames
  • Building a logical path
  • Switches and bridges on a network use an election
    process to configure a single logical path
  • First, a root bridge (root device) is selected
  • Then, the other switches and bridges configure
    their ports, using the root bridge as a point of
    reference

6
Spanning Tree Protocol (continued)
  • Bridges use STP to transfer the information about
    each bridges MAC address and priority number
  • Bridge protocol data units (BPDU) or
    configuration bridge protocol data units (CBPDU)
  • The messages the devices send to one another
  • Each bridge or switch determines which of its own
    ports offers the best path to the root bridge
  • Root ports
  • The BPDU messages are sent between the root
    bridge and the best ports on the other devices

7
Spanning Tree Protocol (continued)
  • If BPDUs are not received for a certain period of
    time
  • The non-root-bridge devices will assume that the
    root bridge has failed, and a new root bridge
    will be elected
  • Once the root bridge is determined and the
    switches and bridges have calculated their paths
    to the root bridge
  • The logical loop is removed by one of the
    switches or bridges

8
Spanning Tree Protocol (continued)
  • Port states
  • STP will cause the ports on a switch or bridge to
    settle into a stable state
  • Stable states
  • The normal operating states of ports when the
    root bridge is available and all paths are
    functioning as expected
  • Transitory states
  • Prevent logical loops during a period of
    transition from one root bridge to another

9
Spanning Tree Protocol (continued)
  • The stable states are as follows
  • Blocking
  • Forwarding
  • Disabled
  • The transitory states are as follows
  • Listening
  • Learning
  • STP devices use the transitory states on ports
    while a new root bridge is being elected

10
Spanning Tree Protocol (continued)
  • Ports on STP-enabled devices move through the
    different states as indicated in the following
    list
  • From bridge/switch bootup to blocking
  • From blocking to listening (or to disabled)
  • From listening to learning (or to disabled)
  • From learning to forwarding (or to disabled)
  • From forwarding to disabled

11
Spanning Tree Protocol (continued)
  • Topology changes
  • When the topology is changed, STP-enabled devices
    react automatically
  • If a device in an STP-enabled network stops
    receiving CBPDUs, then that device will claim to
    be the root bridge
  • Will begin sending CBPDUs describing itself as
    such
  • Per-VLAN STP (PVSTP)
  • Operates on VLANs and treats all VLANs connected
    as separate physical networks

12
Spanning Tree Protocol (continued)
  • Spanning Tree PortFast
  • Allows you to configure a switch to bypass some
    of the latency (delay)
  • Associated with the switch ports transitioning
    through all of the STP transitory states before
    they reach the forwarding state
  • Configuring STP
  • See Table 13-1

13
Spanning Tree Protocol (continued)
14
Spanning Tree Protocol (continued)
  • Rapid STP (RSTP) 802.1w
  • Takes the basis of 802.1d (STP) and incorporates
    some additional features (such as portfast) that
    overcome some of the flaws of STP

15
Virtual LANs
  • Virtual LAN (VLAN)
  • A grouping of network devices that is not
    restricted to a physical segment or switch
  • Can be configured on most switches to restructure
    broadcast domains
  • Broadcast domain
  • Group of network devices that will receive LAN
    broadcast traffic from each other
  • Management VLAN (also known as the default VLAN)
  • By default, every port on a switch is in VLAN 1

16
Virtual LANs (continued)
  • You can create multiple VLANs on a single switch
  • Or even create one VLAN across multiple switches
  • A VLAN is a layer 2 implementation, and does not
    affect layer 3 logical addressing

17
Virtual LANs (continued)
18
Virtual LANs (continued)
19
Benefits of VLANs
  • Benefits
  • Ease of adding and moving stations on the LAN
  • Ease of reconfiguring the LAN
  • Better traffic control
  • Increased security
  • VLANs help to reduce the cost of moving employees
    from one location to another
  • Many changes can be made at the switch
  • Physical moves do not necessitate the changing of
    IP addresses and subnets

20
Benefits of VLANs (continued)
  • Because the administrator can set the size of the
    broadcast domain
  • The VLAN gives the administrator added control
    over network traffic
  • Dividing the broadcast domains into logical
    groups increases security
  • Requires a hacker to perform the difficult feat
    of tapping a network port and then figuring out
    the configuration of the LAN
  • VLANs can be configured by network administrators
    to allow membership only for certain devices

21
(No Transcript)
22
Dynamic vs. Static VLANs
  • Static VLANs
  • Configured port-by-port, with each port being
    associated with a particular VLAN
  • The network administrator manually types in the
    mapping for each port and VLAN
  • Dynamic VLAN
  • Ports can automatically determine their VLAN
    configuration
  • Uses a software database of MAC address-to-VLAN
    mappings that is created manually

23
Dynamic vs. Static VLANs (continued)
  • Dynamic VLAN could prove to be more
    time-consuming than the static VLAN
  • Dynamic VLAN allows the network administration
    team to keep the entire administrative database
    in one location
  • On a dynamic VLAN, moving a cable from one switch
    port to another is not a problem
  • Because the VLAN will automatically reconfigure
    its ports on the basis of the attached
    workstations MAC address

24
VLAN Standardization
  • Before VLAN was an IEEE standard
  • Early implementations depended on the switch
    vendor and on a method known as frame filtering
  • Frame filtering
  • Complex process that involved one table for each
    VLAN
  • Had a master table that was shared by all VLANs
  • The IEEE 802.1q specification that defines VLANs
    recommends frame tagging
  • Also known as frame identification

25
VLAN Standardization (continued)
  • Frame tagging
  • Involves adding a four-byte field to the actual
    Ethernet frame to identify the VLAN and other
    pertinent information
  • Makes it easier and more efficient to ship VLAN
    frames across network backbones
  • Switches on the other side of the backbone can
    simply read the frame instead of being required
    to refer back to a frame-filtering table
  • The two most common types of frame tagging
    (encapsulation) are 802.1q and Inter-Switch Link
    (ISL) protocol

26
Creating VLANs
  • You can create VLANs by entering the
    (config-vlan) mode and using the VLAN command
  • Or you can enter the VLAN database and use the
    VLAN configuration mode
  • To use the config-vlan mode, you type the
    following
  • Rm410HL(config)VLAN 2
  • Rm410HL(config-vlan)name production
  • To use the VLAN configuration mode, you start by
    entering the VLAN database

27
Creating VLANs (continued)
  • The next step is to assign switch ports to the
    new VLANs
  • Ports can be assigned as static or dynamic
  • To remove a VLAN, use the no parameter
  • Rm410HL(config)no vlan 2

28
Link Types and Configuration
  • Two types of links are on Cisco switches trunk
    links and access links
  • Trunk links
  • Switch-to- switch or switch-to-router links that
    can carry traffic from multiple VLANs
  • Access links
  • Links to non-VLAN-aware devices such as hubs and
    individual workstations

29
Link Types and Configuration (continued)
  • You choose from five different states for a trunk
    link
  • Auto
  • Desirable
  • Nonegotiate
  • Off
  • On
  • To configure a trunk link on a Catalyst 2950, you
    must be in the appropriate interface
    configuration mode

30
Link Types and Configuration (continued)
  • Switch interface descriptions
  • You can configure a name for each port on a
    switch
  • This is useful when you begin to define roles for
    a switch port on a more global basis

31
VLAN Trunking Protocol
  • VLAN trunking protocol (VTP)
  • Created by Cisco to manage all of the configured
    VLANs that traverse trunks between switches
  • A layer 2 messaging protocol that manages all the
    changes to the VLANs across networks
  • VTP domains
  • VTP devices are organized into domains
  • Each switch can only be in one VTP domain at a
    time
  • All devices that need to share information must
    be in the same VTP domain

32
VLAN Trunking Protocol (continued)
  • VTP device modes
  • Server
  • Device can add, rename, and delete VLANs and
    propagate those changes to the rest of the VTP
    devices
  • Client
  • Device is not allowed to make changes to the VLAN
    structure, but it can receive, interpret, and
    propagate changes made by a server
  • Transparent
  • A device is not participating in VTP
    communications, other than to forward that
    information through its configured trunk links

33
VLAN Trunking Protocol (continued)
  • VTP pruning option
  • Reduces the number of VTP updates that traverse a
    link
  • Off by default on all switches
  • If you turn VTP pruning on
  • VTP message broadcasts are only sent through
    trunk links that must have the information
  • VLAN 1 is not eligible to be pruned because it is
    an administrative (and default) VLAN

34
Nonswitching Hubs and VLANs
  • Important considerations
  • If you insert a hub into a port on the switch and
    then connect several devices to the hub, all the
    systems attached to that hub will be in the same
    VLAN
  • If you must move a single workstation that is
    attached to a hub with several workstations, you
    will have to physically attach the device to
    another hub or switch port to change its VLAN
    assignment
  • The more hosts that are attached to individual
    switch ports, the greater the microsegmentation
    and flexibility the VLAN can offer

35
Routers and VLANs
  • Routers can be used with VLANs to increase
    security
  • Must be used to manage traffic between different
    VLANs
  • Routers can implement access lists
  • Which increase inter-VLAN security
  • A router allows restrictions to be placed on
    station addresses, application types, and
    protocol types

36
(No Transcript)
37
Routers and VLANs (continued)
  • Router can either be an onboard Route Switch
    Module (RSM) or an external router
  • The router will accept the frame tagged by the
    sending VLAN and determine the best path to the
    destination address
  • The router will then switch the packet to the
    appropriate interface and forward it to the
    destination address

38
Routers and VLANs (continued)
  • Router-on-a-stick
  • If a single link is used to connect an external
    router with the switch containing multiple VLANs
  • Trunking is required for inter-VLAN routing
  • Trunking is the process of using either ISL or
    802.1q to allow multiple VLAN traffic on the same
    link
  • For instance, an ISL trunk link would encapsulate
    each packet with the associated VLAN information
    and allow the router to route the packet
    accordingly

39
Summary
  • The Spanning Tree Protocol (STP) allows
    administrators to create physical loops between
    bridges and switches
  • Without creating logical loops that would pose a
    problem for packet delivery
  • The Rapid Spanning Tree Protocol (RSTP) has
    enhanced STP to reduce the latency associated
    with convergence
  • Implementing VLANs via switches provides another
    way to increase the performance, flexibility, and
    security of a network

40
Summary (continued)
  • VLANs are separate broadcast domains that are not
    limited by physical configurations
  • Performance benefits associated with VLANs are
    derived from limiting the amount of broadcast
    traffic that would naturally pass through a
    switch without filtration
  • Because traffic on a VLAN broadcast can be
    limited to a specific group of computers,
    security is also enhanced by making it more
    difficult for eavesdropping systems to learn the
    configuration of a network

41
Summary (continued)
  • VLAN information is communicated to switches
    using the VLAN trunking protocol (VTP)
Write a Comment
User Comments (0)
About PowerShow.com