Click to edit Master subtitle style Todd Lammle’s CompTIA Network+ Chapter 11: Switching and VLANs Instructor: Click to edit Master subtitle style

Chapter 11 Objectives The Following CompTIA Network+ Exam Objectives Are Covered in This Chapter: 3.3 Explain the advanced features of a switch PoE Spanning tree VLAN Trunking Port mirroring Port authentication 2

Switching and Virtual LANs (VLANs) Switching breaks up large collision domains into smaller ones and that a collision domain is a network segment with two or more devices sharing the same bandwidth. Switched design is properly implemented, it will result in a clean, cost-effective, and resilient internetwork. 3

The first LAN The first LAN had each hub placed into a router port. 4

Switched network design A typical, contemporary, and complete switched network design/implementation would look something like this. There is a router implemented. The router creates and handles logical segmentation. What makes Layer 2 switching so efficient is that no modification to the data packet takes place. 5

Switching Services Layer 2 switching provides the following benefits: Hardware-based bridging (ASIC) Wire speed Low latency Low cost 6

Switch Functions at Layer 2 There are three distinct functions of Layer 2 switching Address learning Forward/filter decisions Loop avoidance 7

Address Learning Layer 2 switches and bridges are capable of address learning; they remember the source hardware address of each frame received on an interface and enter this information into a MAC database known as a forward/filter table. Initially there is no address information in the table. 8

Forwarding/Filter Table When the hosts start communicating, the switch places the source hardware address of each frame in the table along with the corresponding port 1.Host A sends a frame to Host B. Host A’s MAC address is 0000.8c01.000A; Host B’s MAC address is 0000.8c01.000B. 2.The switch receives the frame on the E0/0 interface and places the source address in the MAC address table. 3.Because the destination address is not in the MAC database, the frame is forwarded out all interfaces—except the source port. 4.Host B receives the frame and responds to Host A. The switch receives this frame on interface E0/1 and places the source hardware address in the MAC database. 5.Host A and Host B can now make a point-to-point connection, and only the two devices will receive the frames. Hosts C and D will not see the frames, nor are their MAC addresses found in the database because they haven’t yet sent a frame to the switch. 9

Forwarding/Filter Table Evaluation Host A is sending a data frame to Host D. What will the switch do when it receives the frame from Host A? 10

Broadcast Storm Redundant links between switches can be a wise thing to implement because they help prevent complete network failures in the event that one link stops working. There is a drawback; frames can be flooded down all redundant links simultaneously creating network loops. 11

Multiple Frame Copies The MAC address filter table could be totally confused about the device’s location because the switch can receive the frame from more than one link. The switch could get so caught up in constantly updating the MAC filter table with source hardware-address locations that it may fail to forward a frame. This is called thrashing the MAC table. 12

Spanning Tree Protocol (STP) STP’s main task is to stop network loops from occurring on your Layer 2 network (bridges or switches). It achieves this feat by vigilantly monitoring the network to find all links and making sure that no loops occur by shutting down any redundant ones. STP uses the spanning-tree algorithm (STA) to first create a topology database and then search out and destroy redundant links. With STP running, frames will be forwarded only on the premium, STP-picked links. Switches transmit Bridge Protocol Data Units (BPDUs) out all ports so that all links between switches can be found. 13

Switching Loops Switched network with a redundant topology (switching loops) without some type of Layer 2 mechanism to stop network loops will fail. 14

Spanning-Tree Port States The ports on a bridge or switch running STP can transition through five different states: Blocking A blocked port won’t forward frames; it just listens to BPDUs and will drop all other frames. Listening The port listens to BPDUs to make sure no loops occur on the network before passing data frames without populating the MAC address table. Learning A port in learning state populates the MAC address table but doesn’t forward data frames. Forwarding The port sends and receives all data frames on the bridged port. If the port is still a designated or root port at the end of the learning state, it enters the forwarding state. Disabled A port in the disabled state (administratively) does not participate in the frame forwarding or STP. 15

Switching Design There are ways to design really great ways to implement your switched network so that STP converges efficiently. 16

VLAN Basics Layer 2 switched networks are typically designed as flat networks. Every broadcast packet transmitted is seen by every device on the network regardless of whether the device needs to receive that data or not. VLANs will let us control our broadcast domains. 17

Benefits of a Switched Network Host A is sending a frame with Host D as its destination. The frame is only forwarded out of the port where Host D is located. This is a huge improvement over hubbed networks. 18

Physical LANs Connected to a Router Each network is attached with a hub port to the router (each segment also has its own logical network number. Each department has its own LAN, so if we needed to add new users we would just plug them into the appropriate LAN. 19

Switches Removing the Physical Boundary Switches remove the physical boundary to solve the problem of hubs. Six VLANs (numbered 2 through 7) are used to create a broadcast domain for each department. Each switch port is then administratively assigned a VLAN membership, depending on the host and which broadcast domain it’s placed in. 20

Access and Trunk Links Different link types are used in a switched network. Access Links Trunk Links All hosts connected to the switches can communicate to all ports in their VLAN because of the trunk link between them. If we used an access link between the switches, this would allow only one VLAN to communicate between switches. 21

Advanced Features of Switches Switches really expand our flexibility when designing our networks. There are features which enhance the functionality or the switch networks. Power over Ethernet (PoE) Port Mirroring/Spanning 22

Power over Ethernet (PoE) Switches can provide power to end devices by injecting power into the Ethernet cabling. If PoE switches are not implemented, power can be injected into the cabling outside the switch. 23

Port Mirroring/Spanning Port mirroring, also called Switch Port Analyzer (SPAN), allows you to sniff traffic on a network when using a switch. A problem with this arises when you need to sniff traffic on a switched network. The sniffer cannot see data going from Host A to Host B. To solve this little snag, you could temporarily place a hub between Host A and Host B. 24

Port Mirroring The port-mirroring option allows you to place a port in spanning mode so that every frame from Host A is captured by both Host B and the sniffer. 25

Summary Summary Exam Essentials Section Written Labs Review Questions 26