Presentation is loading. Please wait.

Presentation is loading. Please wait.

Unit 9 LANs Chapters NT2640.U9.PS1

Published bySharleen Spencer Modified over 9 years ago

Similar presentations

Presentation on theme: "Unit 9 LANs Chapters NT2640.U9.PS1"— Presentation transcript:

1 Unit 9 LANs Chapters 24-26 NT2640.U9.PS1
IP Networking: Unit 9: Slide 1

2 Class Agenda 11/14/15 Learning Objectives Unit 8: Discussions and Video Lab Activities will be done in class. Assignments will be given in class. Break Times. 10 Minutes break in every 1 Hour. Note: Submit all Assignment and labs due today.

3 Objectives In this unit, students will demonstrate an:
Understanding of Bridge and Switching Forwarding Process including Filtering and Flooding Understanding Spanning Tree Protocol including Processes Phases Understanding of Switch Frame Processing Methods Understanding of Cisco Switch Configuration including Interfaces, VLANs, and Security Features Understanding of VLANs including Trunking IP Networking: Unit 9: Slide 3

4 Ethernet LAN Switching and Concepts Chapter 24 NT2640.U9.PS1
IP Networking: Unit 9: Slide 4 4 4

5 Historical Progression: Hubs, Bridges, and Switches
Ethernet started out with standards that used a physical electrical bus created with coaxial cabling. 10BASE-T Ethernet came next. It offered improved LAN availability, because a problem on a single cable did not affect the rest of the LAN—a common problem with 10BASE2 and 10BASE5 networks. 10BASE-T allowed the use of unshielded twisted-pair (UTP) cabling, which is much cheaper than coaxial cable. Also, many buildings already had UTP cabling installed for phone service, so 10BASE-T quickly became a popular alternative to 10BASE2 and 10BASE5 Ethernet networks. IP Networking: Unit 9: Slide 5

6 Ethernet Bus Compared to Ethernet Hub
IP Networking: Unit 9: Slide 6

7 10BASE-T with a hub Although using 10BASE-T with a hub improved Ethernet as compared to the older standards, several drawbacks continued to exist, even with 10BASE-T using hubs: Any device sending a frame could have the frame collide with a frame sent by any other device attached to that LAN segment. Only one device could send a frame at a time, so the devices shared the (10-Mbps) bandwidth. Broadcasts sent by one device were heard by, and processed by, all other devices on the LAN. IP Networking: Unit 9: Slide 7

8 Bridge Creates Two Collision Domains and Two Shared Ethernets
Adding a bridge between two hubs really creates two separate 10BASE-T networks—one on the left and one on the right. The 10BASE-T network on the left has its own 10 Mbps to share, as does the network on the right. IP Networking: Unit 9: Slide 8

9 Switch Creates Four Collision Domains and Four Ethernet Segments
Now connected to a switch, each interface also uses full duplex. This is possible because only one device is connected to each port, essentially eliminating collisions for the network shown. IP Networking: Unit 9: Slide 9

10 Switching Logic Ultimately, the role of a LAN switch is to forward Ethernet frames. To achieve that goal, switches use logic—logic based on the source and destination MAC address in each frame’s Ethernet header. To help you appreciate how switches work, first a review of Ethernet addresses is in order. The IEEE defines three general categories of Ethernet MAC addresses: Unicast addresses: MAC addresses that identify a single LAN interface card. Broadcast addresses: A frame sent with a destination address of the broadcast address (FFFF.FFFF.FFFF) implies that all devices on the LAN should receive and process the frame. Multicast addresses: Multicast MAC addresses are used to allow a dynamic subset of devices on a LAN to communicate. IP Networking: Unit 9: Slide 10

11 Switch Decision Making
The primary job of a LAN switch is to receive Ethernet frames and then make a decision: either forward the frame out some other port(s), or ignore the frame. To accomplish this primary mission, transparent bridges perform three actions: 1. Deciding when to forward a frame or when to filter (not forward) a frame, based on the destination MAC address 2. Learning MAC addresses by examining the source MAC address of each frame received by the bridge 3. Creating a (Layer 2) loop-free environment with other bridges by using Spanning Tree Protocol (STP) IP Networking: Unit 9: Slide 11

12 Sample Switch Forwarding and Filtering Decision
IP Networking: Unit 9: Slide 12

13 LAN Switching Summary Switches provide many additional features not offered by older LAN devices such as hubs and bridges. In particular, LAN switches provide the following benefits: Switch ports connected to a single device microsegment the LAN, providing dedicated bandwidth to that single device. Switches allow multiple simultaneous conversations between devices on different ports. Switch ports connected to a single device support full duplex, in effect doubling the amount of bandwidth available to the device. Switches support rate adaptation, which means that devices that use different Ethernet speeds can communicate through the switch (hubs cannot). IP Networking: Unit 9: Slide 13

14 Collision Domains A collision domain is a set of network interface cards (NIC) for which a frame sent by one NIC could result in a collision with a frame sent by any other NIC in the same collision domain. IP Networking: Unit 9: Slide 14

15 Broadcast Domains A broadcast domain is a set of NICs for which a broadcast frame sent by one NIC is received by all other NICs in the same broadcast domain. IP Networking: Unit 9: Slide 15

16 Benefits of Segmenting Ethernet Devices Using Hubs, Switches, and Routers
Feature Hub Switch Router Greater cabling distances are allowed Yes Creates multiple collision domains No Increases bandwidth Creates multiple broadcast domains IP Networking: Unit 9: Slide 16

17 Virtual LANs (VLAN) Most every Enterprise network today uses the concept of virtual LANs (VLAN). Before understanding VLANs, you must have a very specific understanding of the definition of a LAN. Although you can think about and define the term “LAN” from many perspectives, one perspective in particular will help you understand VLANs: A LAN consists of all devices in the same broadcast domain. Without VLANs, a switch considers all interfaces on the switch to be in the same broadcast domain. In other words, all connected devices are in the same LAN. (Cisco switches accomplish this by putting all interfaces in VLAN 1 by default.) So, instead of all ports on a switch forming a single broadcast domain, the switch separates them into many, based on configuration. IP Networking: Unit 9: Slide 17

18 Sample Network with Two VLANs Using One Switch
Or you can create multiple VLANs on a single switch. IP Networking: Unit 9: Slide 18

19 Motivations for using VLANs
There are many motivations for using VLANs, including the following: To create more flexible designs that group users by department, or by groups that work together, instead of by physical location To segment devices into smaller LANs (broadcast domains) to reduce overhead caused to each host in the VLAN To reduce the workload for STP by limiting a VLAN to a single access switch To enforce better security by keeping hosts that work with sensitive data on a separate VLAN To separate traffic sent by an IP phone from traffic sent by PCs connected to the phones IP Networking: Unit 9: Slide 19

20 Ethernet Types, Media, and Segment Lengths (Per IEEE)
Maximum Segment Length 10BASE-T TIA/EIA CAT3 or better, two pair 100 m (328 feet) 100BASE-TX TIA/EIA CAT5 UTP or better, two pair 100BASE-FX 62.5/125-micron multimode fiber 400 m ( feet) 1000BASE-CX STP 25 m (82 feet) 1000BASE-T TIA/EIA CAT5e UTP or better, four pair 1000BASE-SX Multimode fiber 275 m (853 feet) for 62.5-micron fiber 550 m ( feet) for 50-micron fiber 1000BASE-LX 550 m ( feet) for 50- and micron fiber 9-micron single-mode fiber 5 km (3.1 miles) IP Networking: Unit 9: Slide 20

21 Ethernet Switch Configuration Chapter 25
© 2011 ITT Educational Services Inc. NT-2640 Advanced Networking: Unit 9: Slide 21 21 21

22 Comparing Cisco Router and Switch Configuration
Cisco switches use the same switch IOS CLI for routers. However, because routers and switches perform different functions, the actual commands differ in some cases. IP Networking: Unit 9: Slide 22

23 Commands Used on both Routers and Switches
User and Enable (privileged) mode Entering and exiting configuration mode, using the configure terminal, end, and exit commands, and the Ctrl-Z key sequence Configuration of console, Telnet, and enable secret passwords Configuration of SSH encryption keys and username/password login credentials Configuration of the host name and interface description Configuration of Ethernet interfaces that can negotiate speed, using the speed and duplex commands Configuring an interface to be administratively disabled (shutdown) and administratively enabled (no shutdown) Navigation through different configuration mode contexts using commands like line console 0 and interface CLI help, command editing, and command recall features The meaning and use of the startup-config (in NVRAM), running-config (in RAM), and external servers (like TFTP), along with how to use the copy command to copy the configuration files and IOS images The process of reaching setup mode either by reloading the router with an empty startup-config or by using the setup command IP Networking: Unit 9: Slide 23

24 LAN Switch Configuration and Operation
Switches work without any configuration. Cisco switches ship from the factory with all interfaces enabled (a default configuration of no shutdown) and with autonegotiation enabled for ports that run at multiple speeds and duplex settings (a default configuration of duplex auto and speed auto). All you have to do is connect the Ethernet cables and plug in the power cord to a power outlet, and the switch is ready to work—learning MAC addresses, making forwarding/filtering decisions, and even using STP by default. IP Networking: Unit 9: Slide 24

25 Port Security If the network engineer knows what devices should be cabled and connected to particular interfaces on a switch, the engineer can use port security to restrict that interface so that only the expected devices can use it. This reduces exposure to some types of attacks in which the attacker connects a laptop to the wall socket that connects to a switch port that has been configured to use port security. When that inappropriate device attempts to send frames to the switch interface, the switch can issue informational messages, discard frames from that device, or even discard frames from all devices by effectively shutting down the interface. IP Networking: Unit 9: Slide 25

26 Securing Unused Switch Interfaces
Cisco originally chose the default interface configuration settings on Cisco switches so that the interfaces would work without any overt configuration. The interfaces automatically negotiate the speed and duplex, and each interface begins in an enabled (no shutdown) state, with all interfaces assigned to VLAN 1. Additionally, every interface defaults to negotiate to use VLAN features called VLAN trunking and VLAN Trunking Protocol (VTP). IP Networking: Unit 9: Slide 26

27 Unused Interfaces The recommendations for unused interfaces are as follows: Administratively disable the interface using the shutdown interface subcommand. Prevent VLAN trunking and VTP by making the port a nontrunking interface using the switchport mode access interface subcommand. Assign the port to an unused VLAN using the switchport access vlan number interface subcommand. Frankly, if you just shut down the interface, the security exposure goes away, but the other two tasks prevent any immediate problems if someone else comes around and enables the interface by configuring a no shutdown command. IP Networking: Unit 9: Slide 27

28 Break 10 Min. © 2011 ITT Educational Services Inc.
NT-2640 Advanced Networking: : Unit 1: Slide 28

29 Virtual LANs Chapter 26 NT2640-U9-PS2
© 2011 ITT Educational Services Inc. NT-2640 Advanced Networking: Unit 9: Slide 29 29 29

30 Virtual LAN Concepts A LAN includes all devices in the same broadcast domain. A broadcast domain includes the set of all LAN-connected devices that when any of the devices sends a broadcast frame, all the other devices get a copy of the frame. You can think of a LAN and a broadcast domain as being basically the same thing. Without VLANs, a switch considers all its interfaces to be in the same broadcast domain; in others words, all connected devices are in the same LAN. With VLANs, a switch can put some interfaces into one broadcast domain and some into another, creating multiple broadcast domains. These individual broadcast domains created by the switch are called virtual LANs. IP Networking: Unit 9: Slide 30

31 Sample Network with Two VLANs Using One Switch
IP Networking: Unit 9: Slide 31

32 Reasons for Different VLANs
To create more flexible designs that group users by department, or by groups that work together, instead of by physical location To segment devices into smaller LANs (broadcast domains) to reduce overhead caused to each host in the VLAN To reduce the workload for the Spanning Tree Protocol (STP) by limiting a VLAN to a single access switch To enforce better security by keeping hosts that work with sensitive data on a separate VLAN To separate traffic sent by an IP phone from traffic sent by PCs connected to the phones IP Networking: Unit 9: Slide 32

33 Trunking to Cisco IP Phones
Cisco IP phones use Ethernet to connect to the IP network for the purpose of sending Voice over IP (VoIP) packets. Cisco IP phones can send VoIP packets to other IP phones to support voice calls, as well as send VoIP packets to voice gateways, which in turn connect to the existing traditional telephone network, supporting the ability to call most any phone in the world. Cisco anticipated that each desk in an enterprise might have both a Cisco IP phone and a PC on it. To reduce cabling clutter, Cisco includes a small LAN switch in the bottom of each Cisco IP phone. The small switch allows one cable to run from the wiring closet to the desk and connect to the IP phone, and then the PC can connect to the switch by connecting a short Ethernet (straight-through) cable from the PC to the bottom of the IP phone. IP Networking: Unit 9: Slide 33

34 Typical Connection of a Cisco IP Phone and PC to a Cisco Switch
IP Networking: Unit 9: Slide 34

35 Protecting Unused Switch Ports
Cisco makes some recommendations for how to protect unused switch ports. Instead of using default settings, Cisco recommends configuring these interfaces as follows: Administratively disable the unused interface, using the shutdown interface subcommand. Prevent trunking from being negotiated when the port is enabled by using the switchport nonegotiate interface subcommand to disable negotiation, or the switchport mode access interface subcommand to statically configure the interface as an access interface. Assign the port to an unused VLAN, sometimes called a parking lot VLAN, using the switchport access vlan number interface subcommand. IP Networking: Unit 9: Slide 35

36 VTP Planning Steps Step 1: Configure the VTP mode using the vtp mode {server | client} global configuration command. Step 2: Configure the VTP (case-sensitive) domain name using the vtp domain domain-name global configuration command. Step 3: (Optional) On both clients and servers, configure the same case- sensitive password using the vtp password password-value global configuration command. Step 4: (Optional) Configure VTP pruning on the VTP servers using the vtp pruning global configuration command. Step 5: (Optional) Enable VTP version 2 with the vtp version 2 global configuration command. Step 6: Bring up trunks between the switches. IP Networking: Unit 9: Slide 36

37 Summary In this unit, students In this unit, we discussed:
Bridge and Switching Forwarding Process including Filtering and Flooding Spanning Tree Protocol including Processes Phases Switch Frame Processing Methods Cisco Switch Configuration including Interfaces, VLANs, and Security Features VLANs including Trunking IP Networking: Unit 9: Slide 37

38 Break 10 Min. IP Networking: Unit 1: Slide 38

39 All answers to overdue labs should be submitted in the next class.
Lab Activities. Complete 9 Lab in class. All answers to overdue labs should be submitted in the next class. © 2011 ITT Educational Services Inc. NT-2640 Wan Technologies: Unit 4: Slide 39

40 Unit 9 assignment will be given in class.
© 2011 ITT Educational Services Inc. NT-2640 Wan Technologies: Unit 4: Slide 40

Download ppt "Unit 9 LANs Chapters NT2640.U9.PS1"

Similar presentations

Virtual Trunk Protocol

Virtual Trunk Protocol
LAN Segmentation Virtual LAN (VLAN).

LAN Segmentation Virtual LAN (VLAN).
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implement VTP LAN Switching and Wireless – Chapter 4.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implement VTP LAN Switching and Wireless – Chapter 4.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—2-1 Extending Switched Networks with Virtual LANs Introducing VLAN Operations.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—2-1 Extending Switched Networks with Virtual LANs Introducing VLAN Operations.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
Switching & Operations. Address learning Forward/filter decision Loop avoidance Three Switch Functions.

Switching & Operations. Address learning Forward/filter decision Loop avoidance Three Switch Functions.
Cisco 3 - Switch Perrine. J Page 15/8/2015 Chapter 8 What happens to the member ports of a VLAN when the VLAN is deleted? 1.They become inactive. 2.They.

Cisco 3 - Switch Perrine. J Page 15/8/2015 Chapter 8 What happens to the member ports of a VLAN when the VLAN is deleted? 1.They become inactive. 2.They.
VLANs Virtual LANs CIS 278.

VLANs Virtual LANs CIS 278.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
Institute of Technology, Sligo Dept of Computing Semester 3, version 2.1.3 Semester 3 Chapter 3 VLANs.

Institute of Technology, Sligo Dept of Computing Semester 3, version Semester 3 Chapter 3 VLANs.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—2-1 Module Summary  Ethernet cables and segments can span only a limited physical distance,

© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—2-1 Module Summary  Ethernet cables and segments can span only a limited physical distance,
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,

(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
LOGO Local Area Network (LAN) Layer 2 Switching and Virtual LANs (VLANs) Local Area Network (LAN) Layer 2 Switching and Virtual LANs (VLANs) Chapter 6.

LOGO Local Area Network (LAN) Layer 2 Switching and Virtual LANs (VLANs) Local Area Network (LAN) Layer 2 Switching and Virtual LANs (VLANs) Chapter 6.
Connecting LANs, Backbone Networks, and Virtual LANs

Connecting LANs, Backbone Networks, and Virtual LANs
VLAN Trunking Protocol (VTP) W.lilakiatsakun. VLAN Management Challenge (1) It is not difficult to add new VLAN for a small network.

VLAN Trunking Protocol (VTP) W.lilakiatsakun. VLAN Management Challenge (1) It is not difficult to add new VLAN for a small network.
Ethernet Errors and Problems

Ethernet Errors and Problems
Connecting LANs, (network devices) Backbone Networks, and Virtual LANs Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

Connecting LANs, (network devices) Backbone Networks, and Virtual LANs Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Voice VLANs Lecture 7 VLANs.ppt 21/04/ Apr-17

Voice VLANs Lecture 7 VLANs.ppt 21/04/ Apr-17
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: Implementing VLAN Security Routing And Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: Implementing VLAN Security Routing And Switching.
CIT 384: Network AdministrationSlide #1 CIT 384: Network Administration VLANs.

CIT 384: Network AdministrationSlide #1 CIT 384: Network Administration VLANs.

Similar presentations

Ads by Google