Chapter #5: Volume #1

www.youtube.
com/shahinazelkasrawy
Chapter #5
Volume #1
www.facebook.com/eng.shahinaz
www.youtube.com/shahinazelkasrawy
Analyzing Ethernet LAN Switching
In This Chapter
▪ 1.0 Network Fundamentals

▪ 1.1 Explain the role and function of network components
▪ 1.1.b L2 and L3 Switches
▪ 1.13 Describe switching concepts
▪ 1.13.a MAC learning and aging
▪ 1.13.b Frame switching
▪ 1.13.c Frame flooding
▪ 1.13.d MAC address table
▪ 2.0 Network Access
3
▪2.5 Describe the need for and basic operations of Rapid PVST+ Spanning Tree Protocol
and identify basic operations
LAN Switching Concepts
• Part of the LAN, called a campus LAN, supports the end-user population
• End-user devices connect to LAN switches, which in turn connect to other
switches so that a path exists to the rest of the network.
• The campus LAN switches sit in wiring closets close to the end users.
• the servers used to provide information to the users also connect to the LAN.
• Those servers and switches often sit in a closed room called a data center, with
connections to the campus LAN to support traffic to/from the users.
Campus LAN and Data Center LAN, Conceptual Drawing
Overview of Switching Logic
• LAN switches receive Ethernet frames and then make a switching decision: either
forward the frame out some other ports or ignore the frame. To accomplish this
primary mission, switches perform three actions:
• 1. Deciding when to forward a frame or when to filter (not forward) a frame,
based on the destination MAC address
• 2. Preparing to forward frames by learning MAC addresses by examining the
source MAC address of each frame received by the switch
• 3. Preparing to forward only one copy of the frame to the destination by creating a
(Layer 2) loop-free environment with other switches by using Spanning Tree
Protocol (STP)
6
Switch Forwarding and Filtering Decision
Forwarding Decision with Two Switches: First Switch
Forwarding Decision with Two Switches: Second Switch
Learning MAC Addresses

Switch Learning: Empty Table and Adding Two Entries
10
Flooding Unknown Unicast and Broadcast Frames
11
Avoiding Loops Using Spanning Tree Protocol

Network with Redundant Links but Without STP: The Frame Loops Forever
12
Avoiding Loops Using Spanning Tree Protocol
• Without STP, any flooded frames would loop for an indefinite

period of time
• To prevent looping frames, STP blocks some ports from
forwarding frames so that only one active path exists between
any pair of LAN segments.
• redundant links, is good, but we need to prevent the bad effect of
those looping frames
• STP causes each interface on a switch to settle into either a
blocking state or a forwarding state 13
Verifying and Analyzing Ethernet Switching
Cisco Catalyst switches come ready to get busy switching frames because
of settings like these:
• ■ The interfaces are enabled by default, ready to start working once a
cable is connected.
• ■ All interfaces are assigned to VLAN 1.
• ■ 10/100 and 10/100/1000 interfaces use autonegotiation by default.
• ■ The MAC learning, forwarding, flooding logic all works by default.
• ■ STP is enabled by default.
14
Demonstrating MAC Learning
15
Switch Interfaces
16
show interfaces f0/1 counters
17
Finding Entries in the MAC Address Table
18
Managing the MAC Address Table (Aging, Clearing)
19
MAC Address Tables with Multiple Switches
20
Chapter #6
Volume #1
Configuring Basic Switch Management
In This Chapter
▪ 1.0 Network Fundamentals

▪ 1.6 Configure and verify IPv4 addressing and subnetting
▪ 4.0 IP Services
▪ 4.6 Configure and verify DHCP client and relay
▪ 4.8 Configure network devices for remote access using SSH
▪ 5.0 Security Fundamentals
▪ 5.3 Configure device access control using local passwords
23
Securing the Switch CLI
• By default, a Cisco Catalyst switch allows anyone to connect to the console port,
access user mode, and then move on to enable and configuration modes with out
any kind of security.
• Securing the CLI includes protecting access to enable mode, because from enable
mode, an attacker could reload the switch or change the configuration
• Protecting user mode is also important, because attackers can see the status of the
switch, learn about the network, and find new ways to attack the network.
• A switch’s IPv4 configuration has nothing to do with how a Layer 2 switch
forwards Ethernet frames
24
Console Login and Movement to Enable Mode
25
Securing User Mode and Privileged Mode with Simple Passwords
26
Simple Password Security Configuration
27
Securing User Mode Access with Local Usernames and Passwords
28
Securing User Mode Access with External Authentication Servers
29
Securing Remote Access with Secure Shell
30
Displaying SSH Status
31
Enabling IPv4 for Remote Access
32
Switch Static IP Address Configuration
33
Configuring a Switch to Learn Its IP Address with DHCP
34
Verifying IPv4 on a Switch
35
Miscellaneous Settings Useful in the Lab
36
History Buffer Commands
The logging synchronous, exec-timeout, and no ip domain-lookup Commands
38
Good Luck ☺
Eng. Shahinaz Elkasrawy

Chapter #5: Volume #1

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Chapter #5: Volume #1

Uploaded by

Copyright:

Available Formats

www.youtube.

Analyzing Ethernet LAN Switching

▪ 1.0 Network Fundamentals

LAN Switching Concepts

Campus LAN and Data Center LAN, Conceptual Drawing

Overview of Switching Logic

Switch Forwarding and Filtering Decision

Forwarding Decision with Two Switches: First Switch

Forwarding Decision with Two Switches: Second Switch

Learning MAC Addresses

Flooding Unknown Unicast and Broadcast Frames

Avoiding Loops Using Spanning Tree Protocol

Avoiding Loops Using Spanning Tree Protocol

• Without STP, any flooded frames would loop for an indefinite

Verifying and Analyzing Ethernet Switching

Demonstrating MAC Learning

show interfaces f0/1 counters

Finding Entries in the MAC Address Table

Managing the MAC Address Table (Aging, Clearing)

MAC Address Tables with Multiple Switches

Configuring Basic Switch Management

▪ 1.0 Network Fundamentals

Securing the Switch CLI

Console Login and Movement to Enable Mode

Securing User Mode and Privileged Mode with Simple Passwords

Simple Password Security Configuration

Securing User Mode Access with Local Usernames and Passwords

Securing User Mode Access with External Authentication Servers

Securing Remote Access with Secure Shell

Displaying SSH Status

Enabling IPv4 for Remote Access

Switch Static IP Address Configuration

Configuring a Switch to Learn Its IP Address with DHCP

Verifying IPv4 on a Switch

Miscellaneous Settings Useful in the Lab

History Buffer Commands

The logging synchronous, exec-timeout, and no ip domain-lookup Commands

You might also like