Lesson02 6121

TRNG CAO NG NGH CNTT iSPACE Website: http://www.ispace.edu.
vn
MODULE: XY DNG H TNG MNG
Trng Cao ng Ngh iSPACE

Khoa Cng ngh thng tin
B mn Mng Truyn Thng
fit@ispace.edu.vn
http://fit.ispace.edu.vn
1
@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn
TRNG CAO NG NGH CNTT iSPACE Website: http://www.ispace.edu.vn
MODULE: XY DNG H TNG MNG
Bi 1: GII THIU ROUTING V PACKET FORWARDING

Bi 2: LAYER 2 SWITCHING V VIRTUAL LAN
Bi 3: DISTANCE VECTOR ROUTING PROTOCOL
Bi 4: LINK-STATE ROUTING PROTOCOL
Bi 5: QUAN LY TRAFFIC VI ACCESS LIST
Bi 6: CU HINH TINH NNG NNG CAO CUA CISCO IOS
Bi 7: TRIN KHAI HIGH AVAILABILITY CHO H TNG MNG
N TP
BO CO N CUI MN
THI CUI MN

QUY NH HC TP
ng gi Lng nghe
Tt chung in thoi
Hi li nhng g ng gp kin Khng ht thuc

v chia s kinh trong lp hc
cha hiu nghim
3
BI 2: LAYER 2 SWITCHING & VIRTUAL LAN
Cu trc hot ng ca b chuyn mch (Switch layer 2)
Chc nng ca Switch Layer 2

VLAN
VLAN Trunking Protocol
Spanning Tree Protocol (STP)
n tp

MC TIU BI HC
Trnh by c chc nng ca Switch Layer 2.

Trnh by c khi nim, c im v li ch ca Virtual LAN.
Gii thch c c im v li ch ca VLAN Trunking Protocol.
Gii thch thch c c im v cch hot ng ca Spanning
Tree Protocol.
Cu hnh c Spanning Tree Protocol.
Xy dng c VLAN cho doanh nghip.
Cu hnh c VLAN Trunking Protocol.

Chc nng, hot ng v u th ca Cisco Switch so vi cc Switch thng
Address learning
Chuyn cc gi tin da trn bng a ch MAC (Content-
Addressable Memory table).
Xc nh v tr ca my trm da vo a ch MAC ngun.
Gi gi tin ra tt c cc port khi a ch MAC ch l Broadcast,
multicast, hoc khng xc nh trong bng MAC.

Address learning

Forward/Filter
Khi 1 khung d liu nhn vo trn 1 interface, Switch thy c
a ch MAC ch v tm kim trong MAC database.
Khung d liu ch c chuyn ra ngoi ti 1 cng ch ch nh.

Loop Avoidance
Nu c nhiu cc kt ni gia cc thit b chuyn mch c to
ra vi mc ch d phng, vng lp c th xy ra trong h thng
mng.
Spanning Tree Protocol (STP) c s dng ngn chn hin
tng vng lp.

VLAN
Mng LAN o l c ch dng phn chia Broadcast Domain
Khi nim VLAN

Gii thiu VLAN
D phn chia
Linh ng
Bo mt

VLAN
Khi nim VLAN

Broadcast Control
Nhng ng dng chim nhiu bng thng thng l cc ng
dng a phng tin thng s dng Broadcast v Multicast.
H thng mng kiu mi c to ra nhm hn ch tnh
trng thit b b li, phn khc h thng v nng cao bo
mt.

VLAN
Khi nim VLAN

VLAN types
Static VLAN
VLAN tnh l cch ph bin nht to VLAN, v cng l
cch bo mt nht.
Cc port ca VLAN lun lun c duy tr n khi ngi
qun tr thay i.

VLAN
Khi nim VLAN

VLAN types
Dynamic VLAN
Thit lp VLAN da trn MAC address, protocol,
application.
MAC address ca my no c nhp vo 1 ng
dng qun l tp trung VLAN.
Nu 1 node mng c gn vo 1 cng khng c ch
nh trn switch, VLAN c th d tm a ch phn cng
v n nh cu hnh cc cng chuyn i vo ng VLAN.

VLAN
Khi nim VLAN

Li ch ca VLAN
Bo mt.
Gim chi ph.
Hiu sut cao.
Gim thiu tnh trng Broadcast storm.
Nng cao hiu sut lm vic ca IT.

VLAN
Trunking
Khi nim trunking

VLAN
Trunking
Trunking trong VLAN
Kt ni trunk truyn ti lung d liu ca nhiu VLAN trn 1
kt ni duy nht.
Cisco h tr chun 802.1Q lm vic c trn Fast Ethernet
v Gigabit Ethernet.

VLAN
Trunking
Frame Tag: 802.1Q

VLAN
Trunking
Frame Encapsulation: ISL

VLAN
Trunking
Frame Tag/Encapsulation - 802.1Q/ISL
ISL 802.1Q
Proprietary Nonproprietary
Encapsulated Tagged
Protocol independent Protocol dependent

Encapsulates the old Adds a field to
frame in a new frame the frame header

VLAN
Cu hnh VLAN
To VLAN
SwitchX# configure terminal
SwitchX(config)# vlan 2
SwitchX(config-vlan)# name switchlab99
SwitchX# show vlan [brief | id vlan-id || name vlan-name]
SwitchX# show vlan id 2
VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------
2 switchlab99 active Fa0/2, Fa0/12
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
2 enet 100002 1500 - - - - - 0 0
. . .
SwitchX#

VLAN
Cu hnh VLAN
Gn Port vo VLAN
SwitchX(config-if)#
switchport access [vlan vlan# | dynamic]
SwitchX# configure terminal

SwitchX(config)# interface range fastethernet 0/2 - 4
SwitchX(config-if)# switchport access vlan 2
SwitchX# show vlan

---- -------------------------------- --------- ----------------------
1 default active Fa0/1
2 switchlab99 active Fa0/2, Fa0/3, Fa0/4

VLAN
Cu hnh VLAN
Gn Port vo VLAN
Kim tra
SwitchX# show vlan brief
SwitchX# show vlan brief

---- -------------------------------- --------- -------------------------------
1 default active Fa0/1
2 switchlab99 active Fa0/2, Fa0/3, Fa0/4
3 vlan3 active
4 vlan4 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup

---- -------------------------------- --------- -------------------------------
1004 fddinet-default act/unsup
1005 trnet-default act/unsup

VLAN
Cu hnh VLAN
Gn Port vo VLAN
Kim tra
SwitchX#
show interfaces interface switchport
SwitchX# show interfaces fa0/2 switchport

Name: Fa0/2
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 2 (switchlab99)
Trunking Native Mode VLAN: 1 (default)
--- output omitted ----

VLAN
Cu hnh VLAN
Cu hnh Trunking
SwitchX(config-if)#
switchport mode {access | dynamic {auto | desirable} | trunk}
SwitchX(config-if)#
switchport mode trunk

VLAN
Cu hnh VLAN
Kim tra mt kt ni trunk
SwitchX# show interfaces interface [switchport | trunk]
SwitchX# show interfaces fa0/11 switchport
Name: Fa0/11
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: down
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
. . .
SwitchX# show interfaces fa0/11 trunk
Port Mode Encapsulation Status Native vlan
Fa0/11 desirable 802.1q trunking 1
Port Vlans allowed on trunk

Fa0/11 1-4094
Port Vlans allowed and active in management domain

Fa0/11 1-13
VTP l c ch quy hoch VLAN cho ton h thng Switch trong cng mt
Domain, gim ti a thi gian cho vic cu hnh VLAN
VTP
Khi nim
Mc tiu c bn ca VLAN Trunking Protocol (VTP) l qun
l tt c cc cu hnh VLAN trn mt mng chuyn mch, duy
tr tnh nht qun trong c mng li.
VTP cho php mt qun tr vin c th thm, xa, v i tn
VLAN m sau c truyn n tt c cc switch khc
trong VTP domain.

VTP
c im VTP Protocol:
Cu hnh VLAN nht qun trong tt c cc thit b chuyn
mch trong mng tham gia vo VTP Domain.
Thit lp VLAN Trunking trn nhiu loi mng nh: ATM
LANE, FDDI.
Theo di v gim st chnh xc cc VLAN.
Bo co ca VLAN c gi n tt c cc switch trong VTP
Domain.
Gim thi gian cu hnh cho ngi qun tr.

VTP
Revision Number:
L s phin bn ca mt VTP Domain.
S Revision s t ng tng ln mt vi mi s thay i VLAN
(thm, xo, sa) trn Server.
Nu trong cng Domain c trn 1 Server, Server no c s
Revision ln hn, cc Switch khc s hc VLAN t Server .
VTP
VTP Mode
Server.
Client.
Transparent.

VTP
VTP Mode
Tao VLAN
Chinh sa VLAN
Xoa VLAN
Gi va chuyn tip cac goi tin quang ba
ng b cac VLAN cho Client
Chi tao local VLAN

Chi chinh sa local VLAN
Chi xoa local VLAN
Chuyn tip cac goi tin quang ba
Khng ng b vi Server
Khng th tao, sa, xoa VLAN
Gi va chuyn tip cac goi tin quang ba
ng b vi Server
VTP
VTP Prunning
VTP cung cp 1 cch bn c th bo qun bng thng
bng cch cu hnh switch nhm gim lu lng broadcasts,
multicasts, v unicast.
VTP Prunning ch gi cc gi tin broadcast trn kt ni trunk
m thc s phi c thng tin (c s hin din u cui).

VTP
Cu hnh VTP

VTP
Cu hnh VTP
Step Task Command

nh ngha VTP mode vtp mode
Step 0
(server/client/transparent) server|client|transparent
Step 1 nh tn VTP domain vtp domain name
Step 2 t version cho VTP vtp version 1|2
Step 3 t password cho VTP Domain vtp password password
Step 4 Kim tra trang thai VTP show vtp status

Inter-VLAN Routing
Gip cho cc Host trong cc VLAN khc nhau c th lin lc c vi nhau
Inter-VLAN Routing
Kt ni gia cc VLAN

Inter-VLAN Routing
Inter-VLAN Routing
Giao tip vt l v lun l

Inter-VLAN Routing
Inter-VLAN Routing

Inter-VLAN Routing
Inter-VLAN Routing
Cu hnh Inter-VLAN routing

VLAN
Khc phc li VLAN

Tin trnh khc phc li VLAN
LEDs
(or network Switch Physical link
management configuration connection
equivalent) OK? OK?
O.K ?
Fix any problem with switch Fix any problem with configuration Check with CDP, fix any cabling
hardware statements problems
L2 path
VLAN between
configuration switchs
OK? OK?
Fix any VLAN, spanning tree or intermediate Fix any switch trunking or ISL
router problems configuration problems

VLAN
Khc phc li VLAN

Ngn chn Broadcast storm
Thit lp cc gi tr ngng qu cao hoc qu thp loi
b s d tha tn hiu broadcast, multicast, or unicast.
Switch# configure terminal

Switch(config)# interface gigabitethernet0/1
Switch(config-if)# storm-control broadcast level 20
Gim ti thiu qu trnh STP din ra trn thit b

Portfast.
Uplinkfast.
Backbonefast.

VLAN
Khc phc li VLAN

Lnh dng khc phc s c
Show VLAN
Show spanning-tree
Show vlan
Debug vlan packet

VLAN
Khc phc li VLAN

Cc trng hp li thng dng
Kt ni trunk khng c thit lp gia cc Switch hoc
Switch vi Router.
VTP khng c cu hnh ng.
Rt gi tin v vng lp.

Khi nim cc thnh phn, hot ng, thut ton chng Loop ca Spanning
Tree
Redundant Topology

Redundance Topology v STP

Cc thut ng
BPDU
Sau khi Switch khi ng, n s gi
ra gi BPDU cha Switch Bridge ID
v Root ID.
BPDU mang thng tin thit lp STP
ca Switch.
ID ph hp vi Bridge ID cho tt c
cc thit b chuyn mch.
BPDU c gi i mi 2 giy.

Cc thut ng
STP/Root Bridge
Root bridge nh 1 im tham chiu cho tt c cc tnh ton
Spanning-tree to ng i d phng ngn chn.
SW no c Bridge ID nh nht s c chn lm Root
Bridge.

Cc thut ng
Bridge ID
c xc nh bng cch kt hp u tin Bridge v Mac
address.
Bridge vi s Bridge ID thp nht s c chn lm Root
Bridge trn h thng mng.

Cc thut ng
Bridge ID
V d v Extended ID cho 215 4 bits 12 bits 20
VLAN 12: Nu trng Priority VLAN Number
Priority l default (8
Hex), ta i 8 t Hexa
sang Decimal. Priority Values (Hex) Priority Values (Dec)
0 0
Bridge Priority = 32768 1 4096
+ 12 = 32780. 2 8192
. .
. .
8 (default) 32768
. .
. .
F 61440

Cc thut ng
Path cost
nh s cho bng thng cc kt ni.
Dng trong thut ton xy dng STP.
Cost (Revised IEEE Cost (Previous IEEE

Link Speed
Specification) Specification)
10 Gb/s 2 1
1 Gb/s 4 1
100 Mb/s 19 10
10 Mb/s 100 100

Cc thut ng
Root port
Root port l ng kt ni trc tip ti Root bridge, hoc
ng kt ni ngn nht ti Root bridge.
Nu c nhiu kt ni ti Root bridge, gi tr port (Port cost)
c xc nh bng cch kim tra bng thng ca mi ng
kt ni.
Gi tr port thp nht s c chn lm Root port.
Nu c nhiu kt ni c cng gi tr, bridge vi gi tr qung
b bridge ID thp nht c chn.

Cc thut ng
Nonroot Bridge:
y l tt c cc Bridge m khng phi l Root Bridge.
Nonroot Bridge trao i BPDU vi tt c Bridge v cp nht
d liu m hnh STP trn cc thit b chuyn mch.
Cung cp 1 bin php phng v chng li hin tng lin kt
b li (Link Failures).
Forwarding Port:
Chuyn tip cc gi tin.
Designated Port:
Designated Port c xc nh khi n khng phi Root port
v c gi tr Local Path cost thp nht.
Designated Port s c nh du nh l 1 Forwarding Port.

Cc thut ng
Nondesignated Port:
Nondesignated Port c Path Cost cao hn Designated Port.
Nondesignated Port c t ch chn (blocking
mode).
Chng khng phi l Forwarding Port.
Blocked port:
Blocked port s khng chuyn tip khung, ngn chn
vng lp.
Tuy nhin Blocked Port vn lng nghe cc BPDU.

Cc thut ng

Spanning-tree Operation
Nhim v ca STP l tm tt c cc lin kt trong mng v tt
bt k cc kt ni d tha, do n ngn chn hin tng vng
lp xy ra.
STP thc hin iu ny bng cch bu chn mt Root Bridge c
tc dng nh mt im tham chiu cho tt c cc thit b khc
trong vic tnh ton STP.

La chn STP RootBridge

STP Role Vote

Spanning-Tree Port States

Blocking:
Trng thi ban u khi cha tham gia vo qu trnh bu chn
STP.
Khng chuyn khung d liu.
Khng xy dng bng MAC.
Nhn BPDU nhng khng gi ra.
Listening:
Cng nhn truyn v x l BPDU.
Khng xy dng bng MAC.


Learning:
Lng nghe cc gi BPDU v hc tt c cc ng dn trong
mng chuyn mch.
Bt u xy dng bng MAC.
Forwarding:
Cng nhn v gi tt c cc khung d liu.
STP lun gim st cc gi BPDU kp thi ngn Loop khi c
s c.
Disable
1 cng trng thi Disable khng tham gia vo qu trnh gi
khung hoc STP c cu hnh bi ngi qun tr.


V d Spanning Tree
STP Topology

V d Spanning Tree
STP Topology

Cu hnh STP
Cc bc cu hnh
Cu hnh c bn trn Switch.
Cu hnh cc Interfaces trn cc Host PC.
Cu hnh VLAN.
Cu hnh Spanning tree.
Ti u Spanning tree.

Cu hnh STP
Switch(config)#spanning-tree vlan 1 root primary
Cu hnh mt Switch tr thnh Root.
Switch(config)#spanning-tree vlan 1 root secondary

Cu hnh mt Switch tr thnh Secondary Root.
Switch(config)#spanning-tree vlan 1 priority priority

Cu hnh Priority cho 1 Switch (Bi s ca 4096).

Cu hnh STP Portfast
Switch(config-if)# spanning-tree portfast (interface command)
Switch(config)# spanning-tree portfast default (global command)

Cu hnh STP Uplinkfast, Backbonefast
Switch(config)# spanning-tree uplinkfast(Blocked port SW)
Switch(config)# spanning-tree backbonefast(Forwarding SW)

Cu hi n tp
Trnh by khi nim VLAN, cch hot ng ca Switch c chi VLAN.

Trnh by tc dng ca VTP.
Trnh by cch lin lc gia cc VLAN.
Trnh by thut ton chng Loop ca Spanning Tree, cu hnh ty
bin Spanning Tree.

TM LC BI HC

VLAN
Spanning Tree Protocol


Lesson02 6121

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Lesson02 6121

Uploaded by

Copyright:

Available Formats

TRNG CAO NG NGH CNTT iSPACE Website: http://www.ispace.edu.

MODULE: XY DNG H TNG MNG

Trng Cao ng Ngh iSPACE

MODULE: XY DNG H TNG MNG

Bi 1: GII THIU ROUTING V PACKET FORWARDING

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

Hi li nhng g ng gp kin Khng ht thuc

BI 2: LAYER 2 SWITCHING & VIRTUAL LAN

Cu trc hot ng ca b chuyn mch (Switch layer 2)

Chc nng ca Switch Layer 2

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

Trnh by c chc nng ca Switch Layer 2.

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

Chc nng ca Switch Layer 2

Chc nng, hot ng v u th ca Cisco Switch so vi cc Switch thng

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

Chc nng ca Switch Layer 2

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

Chc nng ca Switch Layer 2

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

Chc nng ca Switch Layer 2

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

Mng LAN o l c ch dng phn chia Broadcast Domain

Khi nim VLAN

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

Khi nim VLAN

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

Khi nim VLAN

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

Khi nim VLAN

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

Khi nim VLAN

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

Protocol independent Protocol dependent

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

SwitchX# show vlan [brief | id vlan-id || name vlan-name]

SwitchX# show vlan id 2

VLAN Name Status Ports

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

SwitchX# configure terminal

SwitchX# show vlan

VLAN Name Status Ports

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

SwitchX# show vlan brief

VLAN Name Status Ports

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

SwitchX# show interfaces fa0/2 switchport

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

Port Vlans allowed on trunk

Port Vlans allowed and active in management domain

VLAN Trunking Protocol

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

VLAN Trunking Protocol

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

VLAN Trunking Protocol

VLAN Trunking Protocol

@2008 - 2011 Khoa CNTT Email: fit@ispace.edu.vn

VLAN Trunking Protocol