CCNA Guide to Cisco Networking Fundamentals Fourth Edition - PowerPoint PPT Presentation


PPT – CCNA Guide to Cisco Networking Fundamentals Fourth Edition PowerPoint presentation | free to view - id: 3cf9be-NzkwN


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation

CCNA Guide to Cisco Networking Fundamentals Fourth Edition


CCNA Guide to Cisco Networking Fundamentals Fourth Edition Chapter 13 Advanced Switching Concepts * * * * * * * * * * * * * * * * * * * * CCNA Guide to Cisco ... – PowerPoint PPT presentation

Number of Views:385
Avg rating:3.0/5.0
Slides: 42
Provided by: letuEdupe


Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: CCNA Guide to Cisco Networking Fundamentals Fourth Edition

CCNA Guide to Cisco Networking Fundamentals
Fourth Edition
  • Chapter 13
  • Advanced Switching Concepts

  • Explain how the Spanning Tree Protocol works and
    describe its benefits
  • Describe the benefits of virtual LANs
  • Configure a VLAN
  • Understand the Purpose of the VLAN trunking
    protocol (VTP)
  • Configure VTP

Spanning Tree Protocol
  • Physical path loops
  • A physical connection created when network
    devices are connected to one another by two or
    more physical media links
  • Help improve a networks fault tolerance
  • Drawback
  • Can result in endless packet looping
  • Spanning Tree Protocol (SP)
  • A layer 2 link management protocol designed to
    prevent looping on bridges and switches
  • The specification for STP is IEEE 802.1d

Spanning Tree Protocol (continued)
Spanning Tree Protocol (continued)
  • STP uses the Spanning Tree Algorithm (STA)
  • To interrupt the logical loop created by a
    physical loop in a bridged/switched environment
  • STP does this by ensuring that certain ports on
    some of the bridges and switches do not forward
  • Building a logical path
  • Switches and bridges on a network use an election
    process to configure a single logical path
  • First, a root bridge (root device) is selected
  • Then, the other switches and bridges configure
    their ports, using the root bridge as a point of

Spanning Tree Protocol (continued)
  • Bridges use STP to transfer the information about
    each bridges MAC address and priority number
  • Bridge protocol data units (BPDU) or
    configuration bridge protocol data units (CBPDU)
  • The messages the devices send to one another
  • Each bridge or switch determines which of its own
    ports offers the best path to the root bridge
  • Root ports
  • The BPDU messages are sent between the root
    bridge and the best ports on the other devices

Spanning Tree Protocol (continued)
  • If BPDUs are not received for a certain period of
  • The non-root-bridge devices will assume that the
    root bridge has failed, and a new root bridge
    will be elected
  • Once the root bridge is determined and the
    switches and bridges have calculated their paths
    to the root bridge
  • The logical loop is removed by one of the
    switches or bridges

Spanning Tree Protocol (continued)
  • Port states
  • STP will cause the ports on a switch or bridge to
    settle into a stable state
  • Stable states
  • The normal operating states of ports when the
    root bridge is available and all paths are
    functioning as expected
  • Transitory states
  • Prevent logical loops during a period of
    transition from one root bridge to another

Spanning Tree Protocol (continued)
  • The stable states are as follows
  • Blocking
  • Forwarding
  • Disabled
  • The transitory states are as follows
  • Listening
  • Learning
  • STP devices use the transitory states on ports
    while a new root bridge is being elected

Spanning Tree Protocol (continued)
  • Ports on STP-enabled devices move through the
    different states as indicated in the following
  • From bridge/switch bootup to blocking
  • From blocking to listening (or to disabled)
  • From listening to learning (or to disabled)
  • From learning to forwarding (or to disabled)
  • From forwarding to disabled

Spanning Tree Protocol (continued)
  • Topology changes
  • When the topology is changed, STP-enabled devices
    react automatically
  • If a device in an STP-enabled network stops
    receiving CBPDUs, then that device will claim to
    be the root bridge
  • Will begin sending CBPDUs describing itself as
  • Operates on VLANs and treats all VLANs connected
    as separate physical networks

Spanning Tree Protocol (continued)
  • Spanning Tree PortFast
  • Allows you to configure a switch to bypass some
    of the latency (delay)
  • Associated with the switch ports transitioning
    through all of the STP transitory states before
    they reach the forwarding state
  • Configuring STP
  • See Table 13-1

Spanning Tree Protocol (continued)
Spanning Tree Protocol (continued)
  • Rapid STP (RSTP) 802.1w
  • Takes the basis of 802.1d (STP) and incorporates
    some additional features (such as portfast) that
    overcome some of the flaws of STP

Virtual LANs
  • Virtual LAN (VLAN)
  • A grouping of network devices that is not
    restricted to a physical segment or switch
  • Can be configured on most switches to restructure
    broadcast domains
  • Broadcast domain
  • Group of network devices that will receive LAN
    broadcast traffic from each other
  • Management VLAN (also known as the default VLAN)
  • By default, every port on a switch is in VLAN 1

Virtual LANs (continued)
  • You can create multiple VLANs on a single switch
  • Or even create one VLAN across multiple switches
  • A VLAN is a layer 2 implementation, and does not
    affect layer 3 logical addressing

Virtual LANs (continued)
Virtual LANs (continued)
Benefits of VLANs
  • Benefits
  • Ease of adding and moving stations on the LAN
  • Ease of reconfiguring the LAN
  • Better traffic control
  • Increased security
  • VLANs help to reduce the cost of moving employees
    from one location to another
  • Many changes can be made at the switch
  • Physical moves do not necessitate the changing of
    IP addresses and subnets

Benefits of VLANs (continued)
  • Because the administrator can set the size of the
    broadcast domain
  • The VLAN gives the administrator added control
    over network traffic
  • Dividing the broadcast domains into logical
    groups increases security
  • Requires a hacker to perform the difficult feat
    of tapping a network port and then figuring out
    the configuration of the LAN
  • VLANs can be configured by network administrators
    to allow membership only for certain devices

(No Transcript)
Dynamic vs. Static VLANs
  • Static VLANs
  • Configured port-by-port, with each port being
    associated with a particular VLAN
  • The network administrator manually types in the
    mapping for each port and VLAN
  • Dynamic VLAN
  • Ports can automatically determine their VLAN
  • Uses a software database of MAC address-to-VLAN
    mappings that is created manually

Dynamic vs. Static VLANs (continued)
  • Dynamic VLAN could prove to be more
    time-consuming than the static VLAN
  • Dynamic VLAN allows the network administration
    team to keep the entire administrative database
    in one location
  • On a dynamic VLAN, moving a cable from one switch
    port to another is not a problem
  • Because the VLAN will automatically reconfigure
    its ports on the basis of the attached
    workstations MAC address

VLAN Standardization
  • Before VLAN was an IEEE standard
  • Early implementations depended on the switch
    vendor and on a method known as frame filtering
  • Frame filtering
  • Complex process that involved one table for each
  • Had a master table that was shared by all VLANs
  • The IEEE 802.1q specification that defines VLANs
    recommends frame tagging
  • Also known as frame identification

VLAN Standardization (continued)
  • Frame tagging
  • Involves adding a four-byte field to the actual
    Ethernet frame to identify the VLAN and other
    pertinent information
  • Makes it easier and more efficient to ship VLAN
    frames across network backbones
  • Switches on the other side of the backbone can
    simply read the frame instead of being required
    to refer back to a frame-filtering table
  • The two most common types of frame tagging
    (encapsulation) are 802.1q and Inter-Switch Link
    (ISL) protocol

Creating VLANs
  • You can create VLANs by entering the
    (config-vlan) mode and using the VLAN command
  • Or you can enter the VLAN database and use the
    VLAN configuration mode
  • To use the config-vlan mode, you type the
  • Rm410HL(config)VLAN 2
  • Rm410HL(config-vlan)name production
  • To use the VLAN configuration mode, you start by
    entering the VLAN database

Creating VLANs (continued)
  • The next step is to assign switch ports to the
    new VLANs
  • Ports can be assigned as static or dynamic
  • To remove a VLAN, use the no parameter
  • Rm410HL(config)no vlan 2

Link Types and Configuration
  • Two types of links are on Cisco switches trunk
    links and access links
  • Trunk links
  • Switch-to- switch or switch-to-router links that
    can carry traffic from multiple VLANs
  • Access links
  • Links to non-VLAN-aware devices such as hubs and
    individual workstations

Link Types and Configuration (continued)
  • You choose from five different states for a trunk
  • Auto
  • Desirable
  • Nonegotiate
  • Off
  • On
  • To configure a trunk link on a Catalyst 2950, you
    must be in the appropriate interface
    configuration mode

Link Types and Configuration (continued)
  • Switch interface descriptions
  • You can configure a name for each port on a
  • This is useful when you begin to define roles for
    a switch port on a more global basis

VLAN Trunking Protocol
  • VLAN trunking protocol (VTP)
  • Created by Cisco to manage all of the configured
    VLANs that traverse trunks between switches
  • A layer 2 messaging protocol that manages all the
    changes to the VLANs across networks
  • VTP domains
  • VTP devices are organized into domains
  • Each switch can only be in one VTP domain at a
  • All devices that need to share information must
    be in the same VTP domain

VLAN Trunking Protocol (continued)
  • VTP device modes
  • Server
  • Device can add, rename, and delete VLANs and
    propagate those changes to the rest of the VTP
  • Client
  • Device is not allowed to make changes to the VLAN
    structure, but it can receive, interpret, and
    propagate changes made by a server
  • Transparent
  • A device is not participating in VTP
    communications, other than to forward that
    information through its configured trunk links

VLAN Trunking Protocol (continued)
  • VTP pruning option
  • Reduces the number of VTP updates that traverse a
  • Off by default on all switches
  • If you turn VTP pruning on
  • VTP message broadcasts are only sent through
    trunk links that must have the information
  • VLAN 1 is not eligible to be pruned because it is
    an administrative (and default) VLAN

Nonswitching Hubs and VLANs
  • Important considerations
  • If you insert a hub into a port on the switch and
    then connect several devices to the hub, all the
    systems attached to that hub will be in the same
  • If you must move a single workstation that is
    attached to a hub with several workstations, you
    will have to physically attach the device to
    another hub or switch port to change its VLAN
  • The more hosts that are attached to individual
    switch ports, the greater the microsegmentation
    and flexibility the VLAN can offer

Routers and VLANs
  • Routers can be used with VLANs to increase
  • Must be used to manage traffic between different
  • Routers can implement access lists
  • Which increase inter-VLAN security
  • A router allows restrictions to be placed on
    station addresses, application types, and
    protocol types

(No Transcript)
Routers and VLANs (continued)
  • Router can either be an onboard Route Switch
    Module (RSM) or an external router
  • The router will accept the frame tagged by the
    sending VLAN and determine the best path to the
    destination address
  • The router will then switch the packet to the
    appropriate interface and forward it to the
    destination address

Routers and VLANs (continued)
  • Router-on-a-stick
  • If a single link is used to connect an external
    router with the switch containing multiple VLANs
  • Trunking is required for inter-VLAN routing
  • Trunking is the process of using either ISL or
    802.1q to allow multiple VLAN traffic on the same
  • For instance, an ISL trunk link would encapsulate
    each packet with the associated VLAN information
    and allow the router to route the packet

  • The Spanning Tree Protocol (STP) allows
    administrators to create physical loops between
    bridges and switches
  • Without creating logical loops that would pose a
    problem for packet delivery
  • The Rapid Spanning Tree Protocol (RSTP) has
    enhanced STP to reduce the latency associated
    with convergence
  • Implementing VLANs via switches provides another
    way to increase the performance, flexibility, and
    security of a network

Summary (continued)
  • VLANs are separate broadcast domains that are not
    limited by physical configurations
  • Performance benefits associated with VLANs are
    derived from limiting the amount of broadcast
    traffic that would naturally pass through a
    switch without filtration
  • Because traffic on a VLAN broadcast can be
    limited to a specific group of computers,
    security is also enhanced by making it more
    difficult for eavesdropping systems to learn the
    configuration of a network

Summary (continued)
  • VLAN information is communicated to switches
    using the VLAN trunking protocol (VTP)