CATALYST SWITCH OPERATION

Objectives

Describe Layer 2 switching (bridging) operations Describe the switch operations

Configure switch
Loop Avoidance through STP Use show commands to verify switch configuration and operations

What is Switching ?

It breaks the Collision Domain

It takes the packet and forwards to destined port without any modification.
Network still remains in one large Broadcast Domain. It increases bandwidth of the network.

Multiple devices can be connected to each interface.

Switches versus Bridges

Switches are nothing but bridges with more ports, with certain important differences:

Bridges are software based while Switches are hardware based. Using ASIC (Application Specific Integrated Circuit) chip to make filtering decision. Bridges can only have one Spanning-Tree Instance per bridge, while switches can have many. Bridges can have only 16 ports, while switches can have hundreds Bridges are self managed while switches are manageable.

Switching Technology

To understand Switching Technology we need to understand the following :

Layer 2 Switching Address Learning Forward/Filtering Decisions Loop Avoidance Spanning-Tree Protocol LAN Switch Types

Layer 2 Switching

This is hardware based switching It uses MAC address to filter the network. To build Filter Table, it uses ASICs (Application-specific Integrated Circuits) It is like Multiport bridge. Layer 2 switches do not look at the Network layer header and hence faster. Based on hardware address it decides whether to forward the packet or drop it.

Layer 2 Switching provides the following:

Hardware-based bridging (MAC) Wire speed

Layer 2 switch is considered faster because no modification in the packet.

Low Latency

Because the switching is faster

Low cost

Three Main Functions of a Switch

Address learning Forward/filter decision Loop avoidance

How Switches Learn Host Locations

MAC address table

0260.8c01.1111

E0 E2

E1 E3

0260.8c01.3333

0260.8c01.2222

0260.8c01.4444

Initial MAC address table is empty

How Switches Learn Hosts Locations

MAC address table E0: 0260.8c01.1111
A B

0260.8c01.1111

E0

E1

0260.8c01.3333

E2

E3

0260.8c01.2222

0260.8c01.4444

Station A sends a frame to Station C Switch caches station A MAC address to port E0 by learning the source address of data frames The frame from station A to station C is flooded out to all ports except port E0 (unknown unicasts are flooded)

How Switches Learn Host Locations

MAC address table E0: 0260.8c01.1111 E3: 0260.8c01.4444
A

0260.8c01.1111

E0 E2

E1 E3

0260.8c01.3333

0260.8c01.2222

0260.8c01.4444

Station D sends a frame to station C

Switch caches station D MAC address to port E3 by learning the source Address of data frames
The frame from station D to station C is flooded out to all ports except port E3 (unknown unicasts are flooded)

Address Learning

Switches and Bridges remember the source address of each frame received on an interface and enter this information into MAC database.

Whenever switch receives a packet it makes an entry of the source address and sends a broadcast for destination. The destination machine then responds to broadcast and switch receives a packet from destination. Switch again makes entry for the destination machines hardware address. Using this method Switch maintains a table stating that which hardware address is available at which port.

How Switches Filter Frames

MAC address table E0: E2: E1: E3: 0260.8c01.1111 0260.8c01.2222 0260.8c01.3333 0260.8c01.4444
A B

0260.8c01.1111

E0

E2

X X

E1

0260.8c01.3333

E3
0260.8c01.4444

0260.8c01.2222

Station A sends a frame to station C Destination is known, frame is not flooded

Forward / Filter Decisions

When a frame is received on an interface, the switch looks at the destination hardware address and finds the exit interface in the MAC database.

If found the packet will be forwarded to the mentioned port If not found the Broadcast / Multicast is sent on all the ports and the exit port for this particular address is determined.

Broadcast and Multicast Frames

MAC address table E0: E2: E1: E3: 0260.8c01.1111 0260.8c01.2222 0260.8c01.3333 0260.8c01.4444
A B

0260.8c01.1111

E0 E2

E1 E3

0260.8c01.3333

0260.8c01.2222

0260.8c01.4444

Station D sends a broadcast or multicast frame

Broadcast and multicast frames are flooded to all ports other than the originating port

Broadcast /Multicast

When packets are sent to a specific machine that is called Unicast.

It always knows the destination address

When packets are sent to few selected or a group of machines that is called Multicast.

This does not know the destination no. but it knows the network no. (few 1s &0s and rest all 1s)

When packets are sent to all that is called Broadcast.

It the destination address will be all 1s.

Redundant Topology
Server/host X Router Y Segment 1

Segment 2

Redundant topology eliminates single points of failure Redundant topology causes broadcast storms, multiple frame copies, and MAC address table instability problems

Broadcast Storms
Server/host X Router Y Segment 1 Broadcast

Switch A

Switch B

Segment 2

Host X sends a Broadcast

Broadcast Storms
Server/host X Router Y Segment 1 Broadcast

Switch A

Switch B

Segment 2

Host X sends a Broadcast

Broadcast Storms
Server/host X Router Y Segment 1

Switch A

Broadcast

Switch B

Segment 2

Switches continue to propagate broadcast traffic over and over

Multiple Frame Copies

Server/host X Unicast Router Y Segment 1 Switch A Switch B

Segment 2

Host X sends an unicast frame to router Y Router Y MAC address has not been learned by either switch yet

Multiple Frame Copies

Server/host X Unicast Router Y

Segment 1
Unicast Unicast

Switch A

Switch B

Segment 2

Host X sends an unicast frame to Router Y Router Y MAC Address has not been learned by either Switch yet Router Y will receive two copies of the same frame

MAC Database Instability

Server/host X Unicast Port 0 Switch A Port 1 Router Y Segment 1 Unicast Port 0 Switch B Port 1 Segment 2

Host X sends an unicast frame to Router Y Router Y MAC Address has not been learned by either Switch yet Switch A and B learn Host X MAC address on port 0

MAC Database Instability

Server/host X Unicast Port 0 Switch A Port 1 Router Y Segment 1 Unicast Port 0 Switch B Port 1 Segment 2 Host X sends an unicast frame to Router Y Router Y MAC Address has not been learned by either Switch yet Switch A and B learn Host X MAC address on port 0 Frame to Router Y is flooded Switch A and B incorrectly learn Host X MAC address on port 1

Multiple Loop Problems

Broadcast Server/host

Loop Loop

Loop

Workstations

Complex topology can cause multiple loops to occur Layer 2 has no mechanism to stop the loop

Loop Avoidance

If multiple connections between switches are created for redundancy, network loops can occur.

Most commonly networks are implemented with redundant links for fault tolerance purpose. These multiple links may cause loops and broadcast storm In a switched network some scheme should be implemented to avoid these loops. The Spanning-Tree Protocol (STP) is used to stop network loops and allow redundancy.

Loop Occuring

In this scenario if no loop avoidance scheme is implemented the switch will generate a broadcast storm. A device can receive multiple copy of same frames. The MAC address table will be continuously updated and the table itself will be confused, because frames will be received from more than one link. This is called thrashing MAC Table. This is how loops within other loop will be generated and no switching will be performed in the network.

Note : Spanning Tree Protocol is designed to solve this problem.

Solution: Spanning-Tree Protocol

Block

Provides a loop free redundant network topology by placing certain ports in the blocking state

Spanning-Tree Protocol

The main function of STP is to maintain a loop free network.

Originally STP was created by DEC (Now Compaq) It was modified by IEEE and was published in 802.1d specification. DEC and IEEE 802.1d are not compatible

All CISCO switches run on IEEE802.1d version of STP

Spanning-Tree Operations
One root bridge per network One root port per non-root bridge One designated port per segment 100baseT
Designated port (F) Root port (F)

Root bridge

SW X SW Y Designated port (F) Non-designated port (B)

Non-root bridge

10baseT

Bridge Protocol Data Units

Switches and Bridges running STP exchange information with something called BPDUs. BPDUs send Broadcast messages using multicast frames. Bridge ID of each device is sent to other device using BPDUs.

Spanning-Tree Protocol Root Bridge Selection

Switch X Default priority 32768 (8000 hex) MAC 0c0011111111 Switch Y Default priority 32768 (8000 hex) MAC 0c0022222222

BPDU

BPDU = Bridge protocol data unit (default = sent every 2 seconds) Root bridge = Bridge with the lowest bridge ID Bridge ID = Bridge priority + bridge MAC address In the example, which switch has the lowest bridge ID?

Spanning-Tree Protocol Port States

100baseT

Port 0 Switch X Default priority 32768 MAC 0c0011111111

Designated port (F)

Port 0

Root port (F)

Switch Y Default priority 32768 MAC 0c0022222222

Root bridge Port 1

Port 1

Designated port (F)

10baseT

Nondesignated port (B)

Spanning-Tree Protocol Path Cost

Link Speed Cost (reratify IEEE spec) Cost (previous IEEE spec) ---------------------------------------------------------------------------------------------------10 Gbps 2 1 1 Gbps 4 1 100 Mbps 19 10 10 Mbps 100 100

How STP Works

STP continuously monitors the network for a failure or addition of a link, switch or bridge. Whenever there is a change in topology, it reconfigures switch or bridge to avoid a total loss of connectivity or creation of new loops. STP is by-default enabled in Catalyst switches. STP provides a loop-free network by following:

Electing a Root Bridge Root Port for a Non-root Bridge Designated port for Each Segment

Spanning-Tree:
Switch Z Mac 0c0011110000 Default priority 32768 Port 0

100baseT
Port 0 Switch X MAC 0c0011111111 Default priority 32768 Port 1 Port 0 Switch Y MAC 0c0022222222 Default priority 32768

Port 1

100baseT
Can you figure out: What is the root bridge? What are the designated, non-designated, and root ports? Which are the forwarding and blocking ports?

Spanning-Tree:
Switch Z Mac 0c0011110000 Default priority 32768 Port 0

Designated port (F)

100baseT
Port 0 Switch X MAC 0c0011111111 Default priority 32768 Port 1

Root port (F)

Port 0

Root port (F)

Switch Y MAC 0c0022222222 Default priority 32768

Designated port (F)

Port 1

Nondesignated port (BLK)

100baseT
Can you figure out: What is the root bridge? What are the designated, non-designated, and root ports? Which are the forwarding and blocking ports?

Electing Root Bridge

In one Broadcast Domain only one Bridge is designated as Root Bridge. All Ports on the Root Bridge are in Forwarding State and are called Designated Port All ports in forwarding state can send and receive traffic. Bridge ID is used to determine the Root Bridge and Root Port. Bridge ID includes the priority and the MAC Address of the device.

Root Port for a Non-root Bridge

The Root Port is the lowest cost path from a Non-Root Bridge to the Root Bridge.

Spanning Tree Path Cost is an accumulated cost based on bandwidth.

More Bandwidth - Less Cost In the event that the cost is the same then the deciding factor would be the lowest port no.

Root Ports are in forwarding state.

Designated Port

There will be only one Designated Port in one Segment. Designated Port is selected on the bridge that has the lowest cost path to Root Bridge. Designated Port is in the forwarding state. Responsible for forwarding traffic for the segmentation

Nondesignated Ports are normally in the blocking state to break the loop topology. That means the Spanning Tree is preventing it from forwarding traffic.

Spanning-Tree Port States

Spanning-tree transitions each port through several different state:
Blocking Listening Learning Forwarding

Spanning Tree Port State

Blocking : Wont forward frames; listens to BPDUs. All ports are in blocking state by default when the switch is powered up. Listening : Listens to BPDUs to make sure no loops occur on the network before passing data frames. Learning : Learns MAC addresses and builds a filter table but does not forward frames. Forwarding : Sends and receives all data on the bridged port.

Spanning-Tree Recalculation

100baseT
Designated port Root port (F)
Switch Y MAC 0c0022222222 Default priority 32768

Switch X MAC 0c0011111111 Default priority 32768 Root Bridge Port 1

Port 0

Port 0

Designated port

Port 1

Nondesignated port (BLK)

10baseT

Spanning-Tree Recalculation

100baseT
Designated port
MAXAGE

Switch X MAC 0c0011111111 Default priority 32768 Root Bridge Port 1

Port 0

Port 0

Root port (F)

Switch Y MAC 0c0022222222 Default priority 32768

Designated port

BPDU

Port 1

Nondesignated port (BLK)

10baseT

Key Issue: Time to Convergence

Convergence occurs when all the switches and bridge ports have transitioned to either the forwarding or blocking state. When network topology changes, switches and bridges must recomputed the Spanning-Tree Protocol, which disrupts user traffic.

Bridging Compared to LAN Switching

Bridging

Primarily software based One spanning-tree instance per bridge Usually up to 16 ports per bridge

LAN Switching

Primarily hardware based (ASIC) Many spanning-tree instances per switch More ports on a switch

Transmitting Frames Through a Switch

Cut-through Switch checks destination address and immediately begins forwarding frame

Frame

Transmitting Frames through a Switch

Cut-through Switch checks destination address and immediately begins forwarding frame

Store and forward Complete frame is received and checked before forwarding

Frame Frame

Frame Frame

Transmitting Frames through a Switch

Cut-through Switch checks destination address and immediately begins forwarding frame

Store and forward Complete frame is received and checked before forwarding

Frame

Frame Frame Frame

Fragment free (modified cut-through) Switch checks the first 64 bytes then immediately begins forwarding frame

Frame

Duplex Overview
Half duplex (CSMA/CD) Unidirectional data flow Higher potential for collison Hubs connectivity
Switch Hub

Duplex Overview
Half duplex (CSMA/CD) Unidirectional data flow Higher potential for collison Hubs connectivity
Switch Hub

Full duplex Point-to-point only Attached to dedicated switched port Requires full-duplex support on both ends Collision free Collision detect circuit disabled

Configuring the Switch

Ports on the Catalyst Switch

Ports on the Catalyst Switch

wg_sw_d#sh run Building configuration... Current configuration: ! ! interface Ethernet 0/1 ! interface Ethernet 0/2 wg_sw_d#sh spanning-tree Port Ethernet 0/1 of VLAN1 is Forwarding Port path cost 100, Port priority 128 Designated root has priority 32768, address 0090.8673.3340 Designated bridge has priority 32768, address 0090.8673.3340 Designated port is Ethernet 0/1, path cost 0 Timers: message age 20, forward delay 15, hold 1

wg_sw_a#show vlan Port VLAN Membership Type Port VLAN Membership Type -----------------------------------------------------------------1 5 Static 13 1 Static 2 1 Static 14 1 Static 3 1 Static 15 1 Static

Configuring the Switch

Configuration Modes
Global configuration mode
wg_sw_a# conf term wg_sw_a(config)#

Interface configuration mode

wg_sw_a(config)# interface fa0/1

wg_sw_a(config-if)#

Configuring the Switch IP Address

wg_sw_a(config)# ip address {ip address} {mask}

Configuring the Switch IP Address

wg_sw_a(config)# ip address {ip address} {mask}

wg_sw_a(config)#int vlan 1 wg_sw_a(config-if)#ip address 10.5.5.11 255.255.255.0

Managing Mac Address Table

wg_sw_a#show mac-address-table

Managing Mac Address Table

wg_sw_a#show mac-address-table
wg_sw_a#sh mac-address-table Number of permanent addresses : 0 Number of restricted static addresses : 0 Number of dynamic addresses : 6
Address Dest Interface Type Source Interface List ------------------------------------------------------------------------------------------------00E0.1E5D.AE2F Ethernet 0/2 Dynamic All 00D0.588F.B604 FastEthernet 0/26 Dynamic All 00E0.1E5D.AE2B FastEthernet 0/26 Dynamic All 0090.273B.87A4 FastEthernet 0/26 Dynamic All 00D0.588F.B600 FastEthernet 0/26 Dynamic All 00D0.5892.38C4 FastEthernet 0/27 Dynamic All

Clear NVRAM

wg_sw_d#erase startup

Resets the system configuration to factory defaults.

Summary

After completing this chapter, you should be able to perform the following tasks:

Describe Layer 2 switching (bridging) operations

Describe the switch operations

Configure switch Control of Loops Use show commands to verify switch configuration and operations