Download presentation
Presentation is loading. Please wait.
Published byCody Lawrence Modified over 8 years ago
1
Basic Edge Core switch Training for Summit Communication
2
What is a network switch A network switch is a small hardware device that joins multiple computers together within one local area network (LAN). Ethernet switch devices were commonly used on home networks before home routers became popular; broadband routers integrate Ethernet switches directly into the unit as one of their many functions. High- performance network switches are still widely used in corporate networks and data centers.local area network (LAN)Ethernetbroadband routers
3
How LAN switch works A switch is a multi-port network bridge that processes and forwards data at the data link layer (layer 2) of the OSI model. Some switches have additional features, including the ability to route packets. These switches are commonly known as layer-3 or multilayer switchesnetwork bridgedata link layerOSI modelroute packetsmultilayer switches A switch is a device used on a computer network to physically connect devices together. Multiple cables can be connected to a switch to enable networked devices to communicate with each other. Switches manage the flow of data across a network by only transmitting a received message to the device for which the message was intended. Each networked device connected to a switch can be identified using a MAC address, allowing the switch to regulate the flow of traffic. This maximises security and efficiency of the network. Because of these features, a switch is often considered more "intelligent" than a network hub. Hubs neither provide security, or identification of connected devices. This means that messages have to be transmitted out of every port of the hub, greatly degrading the efficiency of the network.computer networkMAC addressnetwork hub
4
System Information
7
Firmware Upgrade
8
Logs
9
Download Configuration File
10
Setting Current Time Zone
11
NTP Setting
12
Configuring VLAN Step 1 :Create a name and id for the VLAN Step 2:Assign the port to the vlan
13
Configuring VLAN
15
#vlan database #vlan 1 media ethernet state active #interface ethernet 1/1 # switchport allowed vlan add 1 untagged
16
Configuring trunk Console(config)#interface ethernet 1/10 Console(config-if)#switchport mode trunk Console(config-if)#switchport allowed vlan add 1,10,11, tagged
17
Ether channel Link aggregation is a computer networking term to describe various methods of combining (aggregating) multiple network connections in parallel to increase throughput beyond what a single connection could sustaincomputer networkingaggregatingthroughput
18
Ether channel
19
Console(config)#interface port-channel 2 Console(config-if)#exit Console(config)#interface ethernet 1/1 Console(config-if)#channel-group 2 Console(config-if)#exit Console(config)#interface ethernet 1/2 Console(config-if)#channel-group 2 Console(config-if)#end
20
Ether channel
21
Console(config)#interface ethernet 1/1 4-166 Console(config-if)#lacp 4-182 Console(config-if)#exit... Console(config)#interface ethernet 1/6 Console(config-if)#lacp Console(config-if)#end
22
Ether channel Console(config)#interface ethernet 1/1 Console(config-if)#lacp Console(config-if)#exit... Console(config)#interface ethernet 1/6 Console(config-if)#lacp Console(config-if)#end
23
Rate Limit This function allows the network manager to control the maximum rate for traffic received on a port or transmitted from a port. Rate limiting is configured on ports at the edge of a network to limit traffic coming in and out of the network. Packets that exceed the acceptable amount of traffic are dropped.
24
Rate Limit (input)
25
Rate Limit (output)
26
Rate Limit (Trunk-group-input)
27
Rate Limit (Trunk-group-output)
28
Port Security Port security is a feature that allows you to configure a switch port with one or more device MAC addresses that are authorized to access the network through that port. When port security is enabled on a port, the switch stops learning new MAC addresses on the specified port when it has reached a configured maximum number. Only incoming traffic with source addresses already stored in the static address table will be accepted as authorized to access the network through that port. If a device with an unauthorized MAC address attempts to use the switch port, the intrusion will be detected and the switch can automatically take action by disabling the port and sending a trap message.
29
Port Security Adding Static address to Port
30
Port Security
32
Radius Server Remote Authentication Dial-in User Service (RADIUS) and Terminal Access Controller Access Control System Plus (TACACS+) are logon authentication protocols that use software running on a central server to control access to RADIUS-aware or TACACS-aware devices on the network. An authentication server contains a database of multiple user name/password pairs with associated privilege levels for each user that requires management access to the switch. RADIUS uses UDP while TACACS+ uses TCP. UDP only offers best effort delivery, while TCP offers a connection- oriented transport. Also, note that RADIUS encrypts only the password in the access-request packet from the client to the server, while TACACS+ encrypts the entire body of the packet.
33
Radius Server
35
SNMP The switch can be configured to accept management commands from Simple Network Management Protocol (SNMP) applications such as HP OpenView. You can configure the switch to (1) respond to SNMP requests or (2) generate SNMP traps. When SNMP management stations send requests to the switch (either to return information or to set a parameter), the switch provides the requested data or sets the specified parameter Community strings are used to control management access to SNMP version 1 and 2c stations, as well as to authorize SNMP stations to receive trap messages from the switch. The default strings are: public - with read-only access. Authorized management stations are only able to Retrieve data. private - with read-write access. Authorized management stations are able to both retrieve and modify data.
36
SNMP
38
QoS Differentiated Services (DiffServ) provides policy-based management mechanisms used for prioritizing network resources to meet the requirements of specific traffic types on a per hop basis. Each packet is classified upon entry into the network based on access lists, IP Precedence, DSCP values, or VLAN lists. Using access lists allows you select traffic based on Layer 2, Layer 3, or Layer 4 information contained in each packet. Based on configured network policies, different kinds of traffic can be marked for different kinds of forwarding
39
QoS To create a service policy for a specific category or ingress traffic, follow these steps: 1.Use the “Class Map” to designate a class name for a specific category of traffic. 2. Edit the rules for each class to specify a type of traffic based on an access list, a DSCP or IP Precedence value, or a VLAN. 3. Use the “Policy Map” to designate a policy name for a specific manner in which ingress traffic will be handled. 4. Add one or more classes to the Policy Map. Assign policy rules to each class by “setting” the QoS value to be assigned to the matching traffic class. The policy rule can also be configured to monitor the average flow and burst rate, and drop any traffic that exceeds the specified rate, or just reduce the DSCP service level for traffic exceeding the specified rate. 5. Use the “Service Policy” to assign a policy map to a specific interface
40
QoS To create a service policy for a specific category or ingress traffic, follow these steps: 1.Use the “Class Map” to designate a class name for a specific category of traffic. 2. Edit the rules for each class to specify a type of traffic based on an access list, a DSCP or IP Precedence value, or a VLAN. 3. Use the “Policy Map” to designate a policy name for a specific manner in which ingress traffic will be handled. 4. Add one or more classes to the Policy Map. Assign policy rules to each class by “setting” the QoS value to be assigned to the matching traffic class. The policy rule can also be configured to monitor the average flow and burst rate, and drop any traffic that exceeds the specified rate, or just reduce the DSCP service level for traffic exceeding the specified rate. 5. Use the “Service Policy” to assign a policy map to a specific interface
41
QoS cos is used at layer 2 ip precedence is the old way for type of service(ToS) DSCP is the new way for type of service(ToS) DSCP is backward compatible with ip precedence
42
QoS
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.