Presentation is loading. Please wait.

Presentation is loading. Please wait.

Switch management Chapter 6.

Published byAusten Charles Modified over 5 years ago

Similar presentations

Presentation on theme: "Switch management Chapter 6."— Presentation transcript:

1 Switch management Chapter 6

2 objectives Upon completion of this chapter, you should be able to:
Configure switches Configure VLANs Verify configuration settings Troubleshoot problems

3 Types of switches Unmanaged Managed Plug in and connect devices
Nothing to configure Managed Configure settings, security, switching modes, etc.

4 6.1 Switch access

5 Console Port Out-of-band management Use when nothing is configured yet
Means direct maintenance access only Use when nothing is configured yet Use when next to switch Need a PC w/ terminal emulation software & console cable Configure a password to this port There is a recovery method if you forget password. Serial port to RJ45 USB to Mini-B (newer option)

6 Telnet, ssh, aux In-band management Browser-based config
Telnet remote access (plain-text) One active interface must be configured Secure Shell (SSH) remote access (encrypted) Once you connect, you get in with a terminal emulation program. Current Windows (Vista & up) do not include them Older Windows had HyperTerminal. PuTTY (Figure 1) Tera Term (Figure 2) SecureCRT (Figure 3) HyperTerminal OS X Terminal

7 activity

8 6.1 Using the cli

9 User & privileged modes
USER is what you first see when you boot up.

10 Global config mode

11 Getting between modes Switch> enable (en)
Switch# configure terminal (config t) Switch(config)# interface xxx (int) Switch(config-if)# Switch(config)# line xxx Switch(config-line)# Switch(config-line)#exit (goes back one mode) Ctrl+Z or end= (goes back to privileged mode) Switch# disable (goes back to user mode) Do all of this in PT. Demo all modes, sh?, cl?, clock set ?, clock set 19:22:00 ?, show ?, description of an interface, ping, and traceroute

12 example Complete this in Packet Tracer.

13 Oops…I made a mistake

14 activity Packet Tracer Lab 2.1.4.6- Navigating the IOS

15 What we’ll do… Create a two PC network connected via a switch
Setting a name for the switch Limiting access to the device configuration Configuring banner messages Saving the configuration

16 Hostnames What are the default hostnames?
Hostnames allow devices to be identified by network administrators over a network or the Internet. What could these switches be named? Sw-Floor1, etc. Some guidelines for naming conventions are that names should: Start with a letter (Capitalization counts) Contain no spaces End with a letter or digit Use only letters, digits, and dashes Be less than 64 characters in length

17 Configure hostname Must be in privileged mode
has activity to name a device

18 Limit access to device Put switch in a secure location
Set passwords & encrypt them Enable password Enable secret password Console password Vty password Encrypt all passwords On the board, write the 4 types of passwords students will be learning to configure in the PT Activity. console password – password to limit device access using the console connection enable password – password to limit access to the privileged EXEC mode (after you type enable) enable secret password – encrypted password to limit access to the privileged EXEC mode (after you type enable) VTY password – password to limit device access using telnet Encrypt all passwords- service password-encryption

19 Password tips We’ll use cisco & class
Use passwords that are more than 8 characters Use combination of upper & lowercase letters, numbers, special characters Avoid using the same password for all devices Avoid using common words such as password or administrator Explain it is good practice to require different passwords for each of these levels of access. From a security standpoint, requiring only one password is analogous to locking the doors to a house while leaving the windows open. Additionally, remind students to use strong passwords that are not easily guessed. The use of weak or easily guessed passwords continues to be a security issue in many facets of the business world. Ask the class how many of them have passwords that breach these best practices. There likely will be quite a few, which illustrates how common the errors are. END OF DAY 3

20 Set passwords In Packet Tracer, complete:
Privileged enable password (cisco) Privileged enable secret password (class) Console password (cisco) VTY password (cisco) Banner MOTD Encrypt all passwords Then verify all passwords are encrypted by show run has an activity MOTD often used for legal notification because it is displayed to all connected terminals. Have students come up with a proper MOTD warning.

21 Configuration files- show & save
Startup Config What is saved in NVRAM Switch# copy run start (SAVES CONFIG) Switch# show startup-config (show start) (SHOWS THE CONFIG) Running Config What is running in RAM Make a change= stays in RAM Save the config so it goes to NVRAM for next boot/reboot Switch# show running-config (show run) (SHOWS CONFIG IN RAM) In a switch: The startup configuration is removed by using the erase startup-config command. To erase the startup configuration file use erase NVRAM:startup-config or erase startup-config at the privileged EXEC mode prompt: Switch#erase startup-config On a switch you must also issue the delete vlan.dat command in addition to the erase startup-config command in order to return the device to its default "out-of-the-box" configuration (comparable to a factory reset): Switch#delete vlan.dat Delete filename [vlan.dat]? Delete flash:vlan.dat? [confirm]

22 Erasing the config file
In order to return the device to its default "out-of-the-box" configuration (comparable to a factory reset): Switch#delete vlan.dat Delete filename [vlan.dat]? Delete flash:vlan.dat? [confirm] Switch#erase startup-config

23 lab 2.2.3.4 Configuring a Switch
You will perform basic switch configurations. You will secure access to the command-line interface (CLI) and console ports using encrypted and plain text passwords. You will also learn how to configure messages for users logging into the switch. These banners are also used to warn unauthorized users that access is prohibited.

24 activity TestOut 6.1.7- Modify System Passwords
TestOut Practice Questions (5)

25 Review- 2q What mode do you need to be in to make configuration changes? Privileged If you erase the startup-config, what else will you need to do in order to return the device to factory default? Reload Write the definitions listed in bold below on the board and then ask the students to name the command. show running-config (definition: shows the config file in RAM. This file will be immediately changed if you make any changes to the router). show startup-config (definition: this file is in NVRAM and will become the running-config in the event of a power cycle). copy running-config startup-config (definition: this copies the current configuration in RAM to NVRAM) reload (definition: this will cause the device to reload the startup-config into RAM) copy startup-config running-config (definition: this copies the configuration in NVRAM to RAM) erase startup-config (definition: will cause the startup config to be erased).

26 Switch ip configuration
6.2 Switch ip configuration

27 Configure switch address
Virtual interface Allows remote access Configure switch IP and default gateway Activity on Complete this on PT

28 LAB/activity 2.3.2.5- Basic Switch Configuration
You will implement basic connectivity by configuring IP addressing on switches and PCs. You will use various show commands to verify configurations and use the ping command to verify basic connectivity between devices. TestOut LAB- Configure Management VLAN Settings TestOut LAB- Configure Switch IP Settings TestOut Practice Questions (3)

29 Switch interface configuration
6.3 Switch interface configuration

30 Review of how a switch works
What layer of the OSI model do switches work at? 2 What kind of address do switches read? MAC How do switches learn about MAC addresses? READ INCOMING FRAMES When reading the incoming frame, what address does it learn about? SOURCE MAC What kind of table is kept in a switch & what is it in? MAC ADDRESS TABLE; MAC & PORT NOTE: begin calling the table CAM (Content Addressable Memory) The destination MAC is not in the table, so what happens? FLOODS IT OUT ALL PORTS EXCEPT THE ONE IT CAME IN ON After everyone communicates, the table will be complete.

31 Show version Switch Interfaces
Software version - IOS software version (stored in flash) Bootstrap version - Bootstrap version (stored in Boot ROM) System up-time - Time since last reboot System restart info - Method of restart (e.g., power cycle, crash) Software image name - IOS filename stored in flash Router type and processor type - Model number and processor type Memory type and allocation (shared/main) - Main Processor RAM and Shared Packet I/O buffering Software features - Supported protocols/feature sets Hardware interfaces - Interfaces available on the device Configuration register - Sets bootup specifications, console speed setting, and related parameters

32 Show ip int brief All ports are automatically down until you plug something in. Then they will go up because this Cisco switch is made to work out of the box without configuration. We will do some configuring of the interfaces, including speed and duplex.

33 activity

34 Interface configuration
Speed & duplex settings are auto, by default Full duplex, Half duplex, Auto Must match setting of device Half duplex uses CSMA/CD to avoid collisions Animation 1: autonegotiate 2: mismatch 3: commands for speed and duplex 4: command for range of ports to do speed and duplex

35 Shut down ports If nothing will connect to a port, shut it down
GOOD SECURITY MEASURE

36 activity TestOut 6.3.7- Configure Switch Ports
TestOut Practice Questions (4)

37 6.4 Virtual lans

38 Vlan overview Normally a switch is in one broadcast domain
VLAN splits layer 2 switch into multiple broadcast domains (own networks) Isolates traffic to only their own VLAN By default a layer 2 switch is in one broadcast domain, VLAN 1. Isolate traffic because they are working on private stuff. They can’t even see/talk to each other in this scenario. Picture 1: Single VLAN Animation 1: Multiple VLANS using different subnets

39 Configure vlans 1st: Create the VLANs 2nd: Assign interfaces to VLANs

40 View vlans Switch#show vlan All ports a member of VLAN by default

41 Other vlan commands Show vlan brief Delete a vlan

42 lab Make this lab. Configure the switch.
VLAN 1 addresses: & 3/24 VLAN 2 addresses: & 3/24 Switch IP: Set up passwords Try and ping between the two VLANs. It won’t work.

43 activity TestOut 6.4.5- Create VLAN Lab
TestOut Explore VLANs Lab TestOut Practice Questions (11) Packet Tracer VLAN Lab

44 vlans In order to pass data between VLANs, you need a router or layer 3 switch. (The only way to send data between two different networks) A VLAN ID is added to the frames. Picture 1: Two different networks/VLANs. Animation 2: Inter-VLAN routing.

45 6.5 trunking

46 Access ports By default, all ports are access ports
Usually connect to an end device (PC, printer, server, etc.) Can only be assigned to 1 VLAN

47 Trunk ports Can be assigned to multiple VLANs
Allows same VLANs to talk between switches The Frame is tagged with the VLAN ID to go over that trunk.

48 vtp VLAN Trunking Protocol
Allows VLAN configuration to be shared to the other switches for easier config changes Server Mode Client Mode Transparent Mode IEEE 802.1Q encapsulation Server Mode- config the VLAN & it advertises it to client switches Client Mode- receives config from server mode switch and passes to switches it’s connected to Transparent Mode- you can make changes on this switch; it doesn’t accept or pass the VLAN config info

49 Configure trunking Connection is currently in trunk mode.
All VLAN frames will be sent across. Connection is currently in default VLAN1. VLAN10 frames will NOT be sent across. Animation 1: Configure the port for trunk 2: Change to trunk mode (arrow) 3: show interface trunk

50 review Create the VLANs and name them Assign interfaces to VLANs
Connect switches & change mode to trunk You can now connect (ping) to devices in the same VLAN on the other switch

51 activity TestOut 6.5.5- Configure Trunking Lab
TestOut Practice Questions (5)

52 Spanning tree protocol
6.6 Spanning tree protocol

53 Switching loops Could happen with redundant links between switches
Can take the network down!

54 STP Enabled by default Each switch has a Bridge ID (BID)
Will identify which switch is the BOSS! Bridge ID shared when switches turn on Sends BPDU with the ID They then elect a ROOT BRIDGE (the boss) Lowest # On other switches: They look for shortest path to the Root Bridge They disable all other paths to prevent the loop BID is: 2-byte priority number and the switch’s MAC address All switches have the same priority number by default Switch with the LOWEST MAC address will be the Root Bridge (the boss) Newest version is Rapid Spanning Tree Protocol (RSTP)

55 Stp switchport states A switch port on a redundant link goes through & remains in one of these modes: Blocking Listening Learning Forwarding Disabled

56 Configure stp Switch#show spanning-tree
Notice the Priority #. By default, this is the same on all switches. If you don’t change it, it will then go by the lowest MAC address. The Root ID info should match on all switches as it is showing you who the root is.

57 activity TestOut 6.6.2- Configuring STP Video
TestOut Selecting a Root Bridge Video TestOut Find STP Info LAB

58 Switch troubleshooting
6.7 Switch troubleshooting

59 problems Mismatched duplex settings Mismatched speed settings
Could SLOW DOWN transmissions Mismatched speed settings Can only operate at slowest speed BOTH SHOULD BE SET TO AUTO If it’s still slow, it could be poor wiring (crosstalk) Switching Loops Misconfigured VLAN assignments

60 activity TestOut Practice Questions (13)

61 Review & study Complete the study guide handout Complete TestOut
Practice in Packet Tracer Jeopardy review

62 Switch management Chapter 6

Download ppt "Switch management Chapter 6."

Similar presentations

Managing Cisco IOS Software. Overview The router boot sequence Locating IOS software The configuration register Recovering Passwords Backing Up the Cisco.

Managing Cisco IOS Software. Overview The router boot sequence Locating IOS software The configuration register Recovering Passwords Backing Up the Cisco.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 4: Routing Concepts Routing Protocols.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 4: Routing Concepts Routing Protocols.
Cisco 3 - Switch Perrine. J Page 15/8/2015 Chapter 8 What happens to the member ports of a VLAN when the VLAN is deleted? 1.They become inactive. 2.They.

Cisco 3 - Switch Perrine. J Page 15/8/2015 Chapter 8 What happens to the member ports of a VLAN when the VLAN is deleted? 1.They become inactive. 2.They.
1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.1 Module 6 Switch Configuration.

1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.1 Module 6 Switch Configuration.
Cisco Router. Overview Understanding and configuring the Cisco Internetwork Operating System (IOS) Connecting to a router Bringing up a router Logging.

Cisco Router. Overview Understanding and configuring the Cisco Internetwork Operating System (IOS) Connecting to a router Bringing up a router Logging.
Introduction to the Cisco IOS

Introduction to the Cisco IOS
VLANs- Chapter 3 CCNA Exploration Semester 3 Modified by Profs. Ward

VLANs- Chapter 3 CCNA Exploration Semester 3 Modified by Profs. Ward
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Configuring a Network Operating System Introduction to Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Configuring a Network Operating System Introduction to Networks.
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,

(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
1 Chapter 2 ROUTER FUNDAMENTALS By: Tassos Tassou.

1 Chapter 2 ROUTER FUNDAMENTALS By: Tassos Tassou.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Configuring a Network Operating System Introduction to Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Configuring a Network Operating System Introduction to Networks.
Basic Router Configuration Warren Toomey GCIT. Introduction A Cisco router is simply a computer that receives packets and forwards them on based on what.

Basic Router Configuration Warren Toomey GCIT. Introduction A Cisco router is simply a computer that receives packets and forwards them on based on what.
CISCO ROUTER.  The Cisco router IOS  Enhanced editing  Administrative functions  Hostnames  Banners  Passwords  Interface descriptions  Verifying.

CISCO ROUTER.  The Cisco router IOS  Enhanced editing  Administrative functions  Hostnames  Banners  Passwords  Interface descriptions  Verifying.
Configuring a network os

Configuring a network os
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Configuring a Network Operating System Introduction to Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Configuring a Network Operating System Introduction to Networks.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: Implementing VLAN Security Routing And Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: Implementing VLAN Security Routing And Switching.
Starting the switch Configuring the Switch

Starting the switch Configuring the Switch
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Configuring a Network Operating System Introduction to Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 2: Configuring a Network Operating System Introduction to Networks.
Instructor & Todd Lammle

Instructor & Todd Lammle

Similar presentations

Ads by Google