Lecture 2

Switch operating principle

 Switch/Bridge

✓A bridge operates in both the physical and the data link layer.
✓ As a data link layer device, it can check the physical (MAC) addresses (source and
destination) contained in the frame.
✓A switch has a table used in filtering decisions.
✓A MAC address table is where a switch stores the mapping relationship
between MAC addresses and switch ports.

✓ Such a table exists within every switch’s working memory.

✓The MAC address table is empty after a switch is started and is populated
When the switch learns the mapping between MAC addresses and switch
ports during the process of data forwarding.

✓The mappings are lost if the switch is reset or powered off

How do the switch learn the address?
 Types of Forwarding Operations
A switch can perform three types of operations on frames received from
transmission medium.

✓Flooding: kind of point-to-multipoint

forwarding.
✓Forwarding: kind of point-to-point
forwarding.
✓If a frame destined for station 71:2B:13:45:61:42 arrives at port 1, the bridge
consults its table to find the departing port.

✓According to its table, frames for 7l:2B:13:45:61:42 leave through port 1; therefore,
there is no need for forwarding, and the frame is dropped.

✓ On the other hand, if a frame for 71:2B:13:45:61:41 arrives at port 2, the departing
port is port 1 and the frame is forwarded.

✓A bridge does not change the physical (MAC) addresses in a frame.

 Switch operating principle
1. Upon receipt of a unicast frame, the switch queries the MAC address table for
the frame’s destination MAC address.

✓If no mapping exists for the destination MAC address, the switch floods

✓If a mapping exists for the destination MAC address, the switch checks if the port number
mapped to the destination MAC address is the port number of the port on which the frame
is received.

a) If the port numbers are not the same, the switch forwards the frame to the
port mapped to the frame’s destination, and sends the frame out from that port.

b) If the port numbers are the same, the switch discards the frame.
2. Upon receipt of a broadcast frame, the switch floods the frame out of all
ports other than the port on which the frame is received, without querying
the MAC address table.
.

Network Reliability Requirements

✓Network reliability refers to the capability of ensuring nonstop network services when a
single point or multiple points of failure occur on a device or link.

✓Network reliability can be implemented at the card, device, and link levels

✓ As networks rapidly develop and applications become more

and more diversified

✓ Various value-added services (VASs) are widely deployed.

✓ Network interruption may cause many service exceptions

and huge economic losses.

✓ Therefore, the reliability of networks has become a focus.

 Link Reliability
1.To ensure link reliability, deploy multiple physical links between devices.
2.To prevent loops, configure STP to ensure that traffic is forwarded on only one link, and other links
function as backup links.

Reading Assignment: Principle and Configuration of Link Aggregation

 Introduction to STP

✓ When STP is deployed on a network, switches exchange STP BPDUs and calculate a loop-free
topology.
✓ Finally, one or more ports on the network are blocked to eliminate loops.
✓ On an Ethernet network, loops on a Layer 2 network may cause broadcast storms, MAC address
flapping, and duplicate data frames.
✓ STP is used to prevent loops on a switching network.
✓ STP running on a switch continuously monitors the network topology.
✓ When the network topology changes, STP can detect the changes and automatically adjust the
network topology.
✓ Therefore, STP can solve the Layer 2 loop problem and provide a solution for network redundancy.
✓ As shown in the figure, switches run STP and exchange STP BPDUs to monitor the network
topology.
✓ When the link between SW1 and SW3 is faulty, the blocked port is unblocked and enters the
forwarding state.
 Application of STP on a Campus Network

✓ STP is used on Layer 2 networks of campus networks to implement link backup and eliminate loops.
 STP Overview

✓STP is used on a LAN to prevent loops.

✓Devices running STP exchange information with one another to discover loops on the
network, and block certain ports to eliminate loops.

✓After running on a network, STP continuously monitors the network status.

✓When the network topology changes, STP can detect the change and automatically respond
to the change.

✓ In this way, the network status can adapt to the new topology, ensuring network reliability.

✓With the growth in scale of LANs, STP has become an important protocol for a LAN.
STP Basic Concepts
Root Bridge
Cost
Cost Calculation Methods
Root Path Cost (RPC)
Port ID (PID)
Bridge Protocol Data Unit (BPDU)
 Comparison of configuration BPDUs is important
✓STP selects the optimal configuration BPDU in the following sequence:
➢Smallest BID of the root bridge
➢Smallest RPC
➢Smallest BID of the network bridge
➢Smallest PID
✓Among the four rules, the first rule is used to elect the root bridge on the network, and
the following rules are used to elect the root port and designated port.
• STP operations:
• Selects a root bridge.
• Each non-root switch elects a root port.
• Select a designated port for each network segment.
✓Blocks non-root and non-designated ports.
✓STP defines three port roles: designated port, root port, and alternate port.
✓A designated port is used by a switch to forward configuration BPDUs to the
connected network segment.
✓Each network segment has only one designated port.
✓In most cases, each port of the root bridge is a designated port.
✓The root port is the port on the non-root bridge that has the optimal path to the root
bridge.
✓A switch running STP can have only one root port, but the root bridge does not
have any root port.
✓If a port is neither a designated port nor a root port, the port is an alternate port. The
alternate port is blocked.
STP Calculation
STP Calculation
STP Calculation
STP Calculation
STP Port States
STP Port State Transition
 Topology Change
✓Root Bridge Fault ✓ SW1 (root bridge) is faulty and stops sending BPDUs.

✓ SW2 waits for the Max Age timer (20s) to expire.

✓ In this case, the record about the received BPDUs becomes invalid, and SW2
cannot receive new BPDUs from the root bridge.

✓ SW2 learns that the upstream device is faulty.

✓ Non-root bridges send configuration BPDUs to each other to elect a new root
bridge.

✓ After re-election, port A of SW3 transitions to the Forwarding state after two
intervals of the Forward Delay timer (the default interval is 15s).

➢ A non-root bridge starts root bridge re-election after BPDUs age.

➢ Due to the root bridge failure, it takes about 50s to recover from a
root bridge failure.
Virtual LANs (VLAN)
Issues Facing a Traditional Ethernet
VLAN
VLAN Implementation
 VLAN Tag

✓ Read in detail about

 VLAN Applications
1.VLAN Planning
✓ By service: voice, video, and data VLANs.
✓ By department: e.g. VLANs for engineering, marketing, and financing departments.
✓ By application: e.g. VLANs for servers, offices, and classrooms.
Tips for VLAN assignment
•VLAN IDs can be randomly assigned within the supported range.
•To improve VLAN ID continuity, you can associate VLAN IDs with subnets during VLAN
VLAN ID IP Address Segment Description
assignment.
10 X.16.10.0/24 VLAN to which office users belong

20 X.16.20.0/24 VLAN to which the users of the financing department

belong
3- X.16.30.0/24 VLAN to which classroom users belong

100 Y.16.100.0/24 VLAN to which the device management function

belongs
 2. Interface-based VLAN Assignment

➢Applicable scenario:

✓There are multiple enterprises in a building. These enterprises share network

resources to reduce costs.

✓Networks of the enterprises connect to different interfaces of the same

Layer 2 switch and access the Internet through the same egress device.

➢VLAN assignment:

✓To isolate the services of different enterprises and ensure service security,
assign interfaces connected to the enterprises' networks to different VLANs.

✓In this way, each enterprise has an independent network, and each VLAN
works as a virtual work group.
 3. MAC Address-based VLAN Assignment

➢ Applicable scenario:
✓ The network administrator of an enterprise assigns PCs in the same
department to the same VLAN.
✓ To improve information security, the enterprise requires that only
employees in the specified department be allowed to access specific
network resources.
➢ VLAN assignment:
✓ To meet the preceding requirement, configure MAC address-based
VLAN assignment on SW1, preventing new PCs connected to the
network from accessing the network resources.
 Quiz
1: Identify the Root Bridge and Port Roles 2. Identify the Root Bridge and Port Roles in the
Following Topology

3. Identify the Root Bridge and Port Roles in the Following Topology
Virtual LANs (VLAN)
VLAN
VLAN Implementation
 VLAN Tag

✓ Read in detail about

 VLAN Applications
1.VLAN Planning
✓ By service: voice, video, and data VLANs.
✓ By department: e.g. VLANs for engineering, marketing, and financing departments.
✓ By application: e.g. VLANs for servers, offices, and classrooms.
Tips for VLAN assignment
•VLAN IDs can be randomly assigned within the supported range.
•To improve VLAN ID continuity, you can associate VLAN IDs with subnets during VLAN assignment.
VLAN ID IP Address Segment Description
10 X.16.10.0/24 VLAN to which office users belong
20 X.16.20.0/24 VLAN to which the users of the financing department belong
3- X.16.30.0/24 VLAN to which classroom users belong
100 Y.16.100.0/24 VLAN to which the device management function belongs
 2. Interface-based VLAN Assignment

➢Applicable scenario:

✓There are multiple enterprises in a building. These enterprises share network

resources to reduce costs.

✓Networks of the enterprises connect to different interfaces of the same

Layer 2 switch and access the Internet through the same egress device.

➢VLAN assignment:

✓To isolate the services of different enterprises and ensure service security,
assign interfaces connected to the enterprises' networks to different VLANs.

✓In this way, each enterprise has an independent network, and each VLAN
works as a virtual work group.
 3. MAC Address-based VLAN Assignment
➢ Applicable scenario:
✓ The network administrator of an enterprise assigns PCs in the
same department to the same VLAN.
✓ To improve information security, the enterprise requires that
only employees in the specified department be allowed to
access specific network resources.
➢ VLAN assignment:
✓ To meet the preceding requirement, configure MAC address-
based VLAN assignment on SW1, preventing new PCs
connected to the network from accessing the network
resources.
Layer 2 Ethernet Interface Types

Access interface
✓ An access interface often connects to a terminal (such
as a PC or server) that cannot identify VLAN tags, or
is used when VLANs do not need to be differentiated.
✓ An access interface is used to connect a switch to a
terminal, such as a PC or server.
✓ In general, the NICs on such a terminal receive and
send only untagged frames.
✓ An access interface can be added to only one VLAN.
Layer 2 Ethernet Interface Types

Trunk interface
✓A trunk interface often connects to a switch, router, AP,
or voice terminal that can receive and send both tagged
and untagged frames.
✓A trunk interface allows frames that belong to multiple
VLANs to pass through and differentiates the frames
using the 802.1Q tag.
✓This type of interface is used to connect a switch to
another switch or a sub-interface on a device, such as a
router or firewall.
Example for Frame Processing on Access and Trunk Interfaces

Describe how inter-PC access is implemented in this example.

✓ SW1 and SW2 connect to PCs through access interfaces.

✓ PVIDs are configured for the interfaces, as shown in the
figure.
✓ SW1 and SW2 are connected through trunk interfaces
whose PVIDs are all set to 1.
 Quiz
1: Identify the Root Bridge and Port Roles 2. Identify the Root Bridge and Port Roles in the
Following Topology

3. Identify the Root Bridge and Port Roles in the Following Topology
 Thank You

Have a good day!