CCNA Guide to Cisco Networking Fundamentals Chapter 13 Advanced Switching Concepts
Download
Report
Transcript CCNA Guide to Cisco Networking Fundamentals Chapter 13 Advanced Switching Concepts
CCNA Guide to Cisco
Networking Fundamentals
Fourth Edition
Chapter 13
Advanced Switching Concepts
Objectives
• Explain how the Spanning Tree Protocol works and
describe its benefits
• Describe the benefits of virtual LANs
• Configure a VLAN
• Understand the Purpose of the VLAN trunking
protocol (VTP)
• Configure VTP
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
2
Spanning Tree Protocol
• Physical path loops
– A physical connection created when network devices
are connected to one another by two or more physical
media links
– Help improve a network’s fault tolerance
• Drawback
– Can result in endless packet looping
• Spanning Tree Protocol (SP)
– A layer 2 link management protocol designed to
prevent looping on bridges and switches
– The specification for STP is IEEE 802.1d
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
3
Spanning Tree Protocol (continued)
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
4
Spanning Tree Protocol (continued)
• STP uses the Spanning Tree Algorithm (STA)
– To interrupt the logical loop created by a physical loop
in a bridged/switched environment
– STP does this by ensuring that certain ports on some
of the bridges and switches do not forward frames
• Building a logical path
– Switches and bridges on a network use an election
process to configure a single logical path
– First, a root bridge (root device) is selected
– Then, the other switches and bridges configure their
ports, using the root bridge as a point of reference
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
5
Spanning Tree Protocol (continued)
• Bridges use STP to transfer the information about
each bridge’s MAC address and priority number
• Bridge protocol data units (BPDU) or
configuration bridge protocol data units (CBPDU)
– The messages the devices send to one another
• Each bridge or switch determines which of its own
ports offers the best path to the root bridge
• Root ports
– The BPDU messages are sent between the root
bridge and the best ports on the other devices
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
6
Spanning Tree Protocol (continued)
• If BPDUs are not received for a certain period of time
– The non-root-bridge devices will assume that the root
bridge has failed, and a new root bridge will be elected
• Once the root bridge is determined and the switches
and bridges have calculated their paths to the root
bridge
– The logical loop is removed by one of the switches or
bridges
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
7
Spanning Tree Protocol (continued)
• Port states
– STP will cause the ports on a switch or bridge to
settle into a stable state
• Stable states
– The normal operating states of ports when the root
bridge is available and all paths are functioning as
expected
• Transitory states
– Prevent logical loops during a period of transition from
one root bridge to another
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
8
Spanning Tree Protocol (continued)
• The stable states are as follows:
– Blocking
– Forwarding
– Disabled
• The transitory states are as follows:
– Listening
– Learning
• STP devices use the transitory states on ports while
a new root bridge is being elected
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
9
Spanning Tree Protocol (continued)
• Ports on STP-enabled devices move through the
different states as indicated in the following list:
–
–
–
–
–
From bridge/switch bootup to blocking
From blocking to listening (or to disabled)
From listening to learning (or to disabled)
From learning to forwarding (or to disabled)
From forwarding to disabled
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
10
Spanning Tree Protocol (continued)
• Topology changes
– When the topology is changed, STP-enabled devices
react automatically
– If a device in an STP-enabled network stops receiving
CBPDUs, then that device will claim to be the root
bridge
• Will begin sending CBPDUs describing itself as such
• Per-VLAN STP (PVSTP)
– Operates on VLANs and treats all VLANs connected
as separate physical networks
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
11
Spanning Tree Protocol (continued)
• Spanning Tree PortFast
– Allows you to configure a switch to bypass some of
the latency (delay)
• Associated with the switch ports transitioning through
all of the STP transitory states before they reach the
forwarding state
• Configuring STP
– See Table 13-1
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
12
Spanning Tree Protocol (continued)
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
13
Spanning Tree Protocol (continued)
• Rapid STP (RSTP) 802.1w
– Takes the basis of 802.1d (STP) and incorporates
some additional features (such as portfast) that
overcome some of the flaws of STP
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
14
Virtual LANs
• Virtual LAN (VLAN)
– A grouping of network devices that is not restricted to
a physical segment or switch
– Can be configured on most switches to restructure
broadcast domains
• Broadcast domain
– Group of network devices that will receive LAN
broadcast traffic from each other
• Management VLAN (also known as the default
VLAN)
– By default, every port on a switch is in VLAN 1
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
15
Virtual LANs (continued)
• You can create multiple VLANs on a single switch
– Or even create one VLAN across multiple switches
• A VLAN is a layer 2 implementation, and does not
affect layer 3 logical addressing
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
16
Virtual LANs (continued)
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
17
Virtual LANs (continued)
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
18
Benefits of VLANs
• Benefits:
–
–
–
–
Ease of adding and moving stations on the LAN
Ease of reconfiguring the LAN
Better traffic control
Increased security
• VLANs help to reduce the cost of moving employees
from one location to another
– Many changes can be made at the switch
– Physical moves do not necessitate the changing of IP
addresses and subnets
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
19
Benefits of VLANs (continued)
• Because the administrator can set the size of the
broadcast domain
– The VLAN gives the administrator added control over
network traffic
• Dividing the broadcast domains into logical groups
increases security
– Requires a hacker to perform the difficult feat of
tapping a network port and then figuring out the
configuration of the LAN
• VLANs can be configured by network administrators
to allow membership only for certain devices
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
20
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
21
Dynamic vs. Static VLANs
• Static VLANs
– Configured port-by-port, with each port being
associated with a particular VLAN
– The network administrator manually types in the
mapping for each port and VLAN
• Dynamic VLAN
– Ports can automatically determine their VLAN
configuration
– Uses a software database of MAC address-to-VLAN
mappings that is created manually
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
22
Dynamic vs. Static VLANs (continued)
• Dynamic VLAN could prove to be more timeconsuming than the static VLAN
• Dynamic VLAN allows the network administration
team to keep the entire administrative database in
one location
• On a dynamic VLAN, moving a cable from one
switch port to another is not a problem
– Because the VLAN will automatically reconfigure its
ports on the basis of the attached workstation’s MAC
address
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
23
VLAN Standardization
• Before VLAN was an IEEE standard
– Early implementations depended on the switch vendor
and on a method known as frame filtering
• Frame filtering
– Complex process that involved one table for each
VLAN
– Had a master table that was shared by all VLANs
• The IEEE 802.1q specification that defines VLANs
recommends frame tagging
– Also known as frame identification
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
24
VLAN Standardization (continued)
• Frame tagging
– Involves adding a four-byte field to the actual Ethernet
frame to identify the VLAN and other pertinent
information
– Makes it easier and more efficient to ship VLAN
frames across network backbones
• Switches on the other side of the backbone can simply
read the frame instead of being required to refer back to
a frame-filtering table
• The two most common types of frame tagging
(encapsulation) are 802.1q and Inter-Switch Link
(ISL) protocol
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
25
Creating VLANs
• You can create VLANs by entering the (configvlan)# mode and using the VLAN command
– Or you can enter the VLAN database and use the
VLAN configuration mode
• To use the config-vlan mode, you type the following:
– Rm410HL(config)#VLAN 2
– Rm410HL(config-vlan)name production
• To use the VLAN configuration mode, you start by
entering the VLAN database
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
26
Creating VLANs (continued)
• The next step is to assign switch ports to the new
VLANs
– Ports can be assigned as static or dynamic
• To remove a VLAN, use the no parameter:
– Rm410HL(config)#no vlan 2
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
27
Link Types and Configuration
• Two types of links are on Cisco switches: trunk links
and access links
• Trunk links
– Switch-to- switch or switch-to-router links that can
carry traffic from multiple VLANs
• Access links
– Links to non-VLAN-aware devices such as hubs and
individual workstations
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
28
Link Types and Configuration
(continued)
• You choose from five different states for a trunk link:
–
–
–
–
–
Auto
Desirable
Nonegotiate
Off
On
• To configure a trunk link on a Catalyst 2950, you
must be in the appropriate interface configuration
mode
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
29
Link Types and Configuration
(continued)
• Switch interface descriptions
– You can configure a name for each port on a switch
– This is useful when you begin to define roles for a
switch port on a more global basis
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
30
VLAN Trunking Protocol
• VLAN trunking protocol (VTP)
– Created by Cisco to manage all of the configured
VLANs that traverse trunks between switches
– A layer 2 messaging protocol that manages all the
changes to the VLANs across networks
• VTP domains
– VTP devices are organized into domains
– Each switch can only be in one VTP domain at a time
• All devices that need to share information must be in the
same VTP domain
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
31
VLAN Trunking Protocol (continued)
• VTP device modes
– Server
• Device can add, rename, and delete VLANs and
propagate those changes to the rest of the VTP devices
– Client
• Device is not allowed to make changes to the VLAN
structure, but it can receive, interpret, and propagate
changes made by a server
– Transparent
• A device is not participating in VTP communications,
other than to forward that information through its
configured trunk links
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
32
VLAN Trunking Protocol (continued)
• VTP pruning option
– Reduces the number of VTP updates that traverse a
link
– Off by default on all switches
• If you turn VTP pruning on
– VTP message broadcasts are only sent through trunk
links that must have the information
• VLAN 1 is not eligible to be pruned because it is an
administrative (and default) VLAN
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
33
Nonswitching Hubs and VLANs
• Important considerations:
– If you insert a hub into a port on the switch and then
connect several devices to the hub, all the systems
attached to that hub will be in the same VLAN
– If you must move a single workstation that is attached
to a hub with several workstations, you will have to
physically attach the device to another hub or switch
port to change its VLAN assignment
– The more hosts that are attached to individual switch
ports, the greater the microsegmentation and flexibility
the VLAN can offer
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
34
Routers and VLANs
• Routers can be used with VLANs to increase
security
– Must be used to manage traffic between different
VLANs
• Routers can implement access lists
– Which increase inter-VLAN security
• A router allows restrictions to be placed on station
addresses, application types, and protocol types
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
35
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
36
Routers and VLANs (continued)
• Router can either be an onboard Route Switch
Module (RSM) or an external router
• The router will accept the frame tagged by the
sending VLAN and determine the best path to the
destination address
– The router will then switch the packet to the
appropriate interface and forward it to the destination
address
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
37
Routers and VLANs (continued)
• Router-on-a-stick
– If a single link is used to connect an external router
with the switch containing multiple VLANs
• Trunking is required for inter-VLAN routing
• Trunking is the process of using either ISL or 802.1q
to allow multiple VLAN traffic on the same link
– For instance, an ISL trunk link would encapsulate
each packet with the associated VLAN information
and allow the router to route the packet accordingly
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
38
Summary
• The Spanning Tree Protocol (STP) allows
administrators to create physical loops between
bridges and switches
– Without creating logical loops that would pose a
problem for packet delivery
• The Rapid Spanning Tree Protocol (RSTP) has
enhanced STP to reduce the latency associated
with convergence
• Implementing VLANs via switches provides another
way to increase the performance, flexibility, and
security of a network
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
39
Summary (continued)
• VLANs are separate broadcast domains that are
not limited by physical configurations
• Performance benefits associated with VLANs are
derived from limiting the amount of broadcast traffic
that would naturally pass through a switch without
filtration
• Because traffic on a VLAN broadcast can be
limited to a specific group of computers, security is
also enhanced by making it more difficult for
eavesdropping systems to learn the configuration
of a network
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
40
Summary (continued)
• VLAN information is communicated to switches
using the VLAN trunking protocol (VTP)
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition
41