Instructor & Todd Lammle Sybex CCNA 640-802 Chapter 8: Layer-2 Switching Instructor & Todd Lammle
Chapter 8 Objectives The CCNA Topics Covered in this chapter include: What is layer-2 switching Switching services Bridges vs. LAN switching Three switch functions MAC table Switching loops Spanning-Tree Protocol (STP) 2
Layer 2 Switching Purposes for using switching Breaks up collision domains Cost-effective, resilient internetwork Purpose for Spanning-Tree Protocol (STP) Stops loops in layer 2 switched networks
Before Layer 2 Switching
Switched LANs
Typical Switched Designs
One link to the server!
Switching Services Layer 2 switching provides: Hardware-based bridging (ASIC) Wire speed Low latency Low cost
Limitations of Layer 2 Switching Must break up the collision domains correctly. Rule of Thumb: Make sure that users spend 80 percent of their time on the local segment. Switches do not break up broadcast domains by default. Or at all , unless they are layer 3 switches.
Bridging vs. LAN switching Bridges are software based, switches are hardware based using ASIC chips to filter decisions. A switch can be viewed as a multiport bridge. Bridges can only have one spanning-tree instance per bridge, and switches can have many. Switches have a higher number of ports than most bridges. Both of them forward layer 2 broadcasts. Both of them learn MAC addresses by examining the source address of each frame received. Both of them make forwarding decisions based on layer 2 addresses.
Three Switch Functions at Layer-2 Address learning Layer 2 switches and bridges remember the source hardware address of each frame received on an interface, and they enter this information into a MAC database called a forward/filter table. Forward/filter decisions When a frame is received on an interface, the switch looks at the destination hardware address and finds the exit interface in the MAC database. The frame is only forwarded out the specified destination port. Loop avoidance If multiple connections between switches are created for redundancy purposes, network loops can occur. Spanning Tree Protocol (STP) is used to stop network loops while still permitting redundancy.
Empty MAC table Nothing here at this point
How Switches Learn Hosts’ Locations (p 501)
Switching Loops
Switching Loop Problems The MAC address filter table could be totally confused about the device’s location because the switch can receive the frame from more than one link.
Spanning-Tree Protocol (STP) Solves Switching loops at layer 2 Root port Designated port Port cost Nondesignated port Forwarding port Block port STP Root Bridge BPDU Bridge ID Nonroot Bridge
Spanning-Tree Terms Root bridge: The root bridge is the bridge with the best bridge ID. With STP, the key is for all the switches in the network to elect a root bridge that becomes the focal point in the network. All other decisions in the network—such as which port is to be blocked and which port is to be put in forwarding mode—are made from the perspective of this root bridge. BPDU: All the switches exchange information to use in the selection of the root switch as well as in subsequent configuration of the network. Each switch compares the parameters in the Bridge Protocol Data Unit (BPDU) that it sends to one neighbor with the one that it receives from another neighbor. Bridge ID: The bridge ID is how STP keeps track of all the switches in the network. It is determined by a combination of the bridge priority (32,768 by default on all Cisco switches) and the base MAC address. The bridge with the lowest bridge ID becomes the root bridge.
Spanning-Tree Terms Nonroot bridges: All bridges that are not the root bridge. Port cost: Port cost determines the best path when multiple links are used between two switches and none of the links is a root port. The cost of a link is determined by the bandwidth of a link. Root port: The root port is always the link directly connected to the root bridge, or the shortest path to the root bridge. If more than one link connects to the root bridge, then a port cost is determined by checking the bandwidth of each link. The lowest-cost port becomes the root port. If multiple links have the same cost, the bridge with the lower advertising bridge ID is used. Since multiple links can be from the same device, the lowest port number will be used.
Spanning-Tree Terms Designated port: A designated port is one that has been determined as having the best (lowest) cost. A designated port will be marked as a forwarding port. Nondesignated port: A nondesignated port is one with a higher cost than the designated port. Nondesignated ports are put in blocking mode—they are not forwarding ports. Forwarding port: A forwarding port forwards frames. Blocked port: A blocked port is the port that, in order to prevent loops, will not forward frames. However, a blocked port will always listen to frames.
Spanning-Tree Operations Selecting the root bridge Selecting the designated port
Spanning-Tree Port States Blocking: A blocked port won’t forward frames; it just listens to BPDUs. The purpose of the blocking state is to prevent the use of looped paths. Listening: The port listens to BPDUs to make sure no loops occur on the network before passing data frames. A port in listening state prepares to forward data frames without populating the MAC address table. Learning: The switch port listens to BPDUs and learns all the paths in the switched network. A port in learning state populates the MAC address table but doesn’t forward data frames. Forwarding: The port sends and receives all data frames on the bridged port. If the port is still a designated or root port at the end of the learning state, it enters the forwarding state. Disabled: port in the disabled state (administratively) does not participate in the frame forwarding or STP.
Spanning-Tree Example
Written Labs and Review Questions Open your books and go through all the written labs and the review questions. Review the answers in class. 23
Post-Class Material: Collapsed Backbone, (pp 494ff) The figure below shows the old model of a network, prior to switches. It was called a collapsed backbone because all hosts would need to go to the corporate backbone to reach any network services—both LAN and mainframe.
Root Bridge Elections: (pp 508ff) Each switch will have a Bridge ID Priority value, more commonly referred to as a BID. This BID is a combination of a default priority value and the switch's MAC address, with the priority value listed first! For example, if a Cisco switch has the default priority value of 32,768 and a MAC address of 11-22-33-44-55-66, the BID would be 32768:11-22-33-44-55-66. This is the KEY! Therefore, if the switch priority is left at the default, the MAC address is the deciding factor. Switches are a lot like people - when they first arrive, they announce that they are the center of the universe! Unlike some people, the switches will soon get over it. BPDUs will be exchanged until one switch is elected Root Bridge, and it's the switch with the lowest BPDU that will end up being the Root Bridge.
Root Bridge Elections VLAN 10 VLAN 20 VLAN 30
BID Election 2 If STP is left totally alone, a single switch is going to be the root bridge for every single VLAN in your network! Worse, that single switch is going to be selected because it has a lower MAC address than every other switch, not the criteria you want to use to select a single root bridge. You will prefer to determine a particular switch to be the root bridge for your VLANs, or you may want to spread the root bridge workload around. [There are 2 ways to change the BID. The first is below:] You can do this with the cmd: spanning-tree vlan root SW1(config)#spanning-tree vlan 1 ? forward-time Set the forward delay for the spanning tree hello-time Set the hello interval for the spanning tree max-age Set the max age interval for the spanning tree priority Set the bridge priority for the spanning tree root Configure switch as root
In this example, we've got two switches SW1 has been elected the root bridge for VLANs 10, 20, & 30. We'll use the spanning-tree vlan root command on SW2 to make it the root bridge for VLANs 20 and 30. SW2(config)#spanning-tree vlan 20 root primary SW2(config)#spanning-tree vlan 30 root primary SW2#show spanning vlan 20 VLAN0020 Spanning tree enabled protocol ieee Root ID Priority 24596 Address 000f.90e2.1300 This bridge is the root SW2#show spanning vlan 30 VLAN0030 Spanning tree enabled protocol ieee Root ID Priority 24606 Address 000f.90e2.1300 This bridge is the root SW 2 is now the root bridge for both VLAN 20 and 30. Notice that the priority value has changed from the default of 32768.
Second way to change the BID Change the priority of the switch that you want to be the root bridge. For example: SW2(config)#spanning-tree vlan 3 priority 8192 Remember, the priority can be anything from 0 to 65535. The priority must be in increments of 4096, starting from 0 Because the BID is read from left to right, the priority is read first! So if the priority of one switch is lower than that of another switch, the switch with the lower BID wins and the MAC address is never considered!
Convergence: Point 3, pg 511 Switches are converged when they are all in either a blocking or forwarding state. Also note: if a switch is blocking and then must become the root bridge because of a topology change, it must end up in the forwarding state … But it must go through the listening and the learning states on the way.
Redundant Link Convergence: pg 512 ff The typical spanning-tree topology’s time to convergence from blocking to forwarding on a switch port is 50 seconds. This could create time-out problems on your servers or hosts—for example, when you reboot them. To address this hitch, you can disable spanning tree on individual ports using PortFast (or similar commands). Portfast – enables fast connectivity to be established on access layer switch ports to workstations UplinkFast --- enables fast uplink failover on an access layer switch when dual uplinks are connected to distribution layer BackboneFast – enables fast convergence in network backbone (core) after STP change