CCNA v3 Sem3 English

Chapter 1 Introduction to Classless Routing 1

Chapter 1 Introduction to Classless

Routing

Overview

A network administrator must anticipate and manage thephysical growth of a network, perhaps by buying or leasinganother floor of the building to house new networkingequipment such as racks, patch panels, switches, and routers.The network designer must choose an addressing scheme thatallows for growth. Variable-Length Subnet Masking (VLSM) is atechnique that allows for the creation of efficient, scalableaddressing schemes.

With the phenomenal growth of the Internet and TCP/IP,virtually every enterprise must now implement an IP addressingscheme. Many organizations select TCP/IP as the only routedprotocol to run on their network. Unfortunately, thearchitects of TCP/IP could not have predicted that theirprotocol would eventually sustain a global network ofinformation, commerce, and entertainment.

Twenty years ago, IP version 4 (IPv4) offered an addressingstrategy that, although scalable for a time, resulted in aninefficient allocation of addresses. IP version 6 (IPv6), withvirtually unlimited address space, is slowly being implementedin select networks and may replace IPv4 as the dominantprotocol of the Internet. Over the past two decades, engineershave successfully modified IPv4 so that it can survive theexponential growth of the Internet. VLSM is one of themodifications that has helped to bridge the gap between IPv4and IPv6.

2 Cisco Academy – CCNA 3.0 Semester 3

Networks must be scalable in order to meet the changingneeds of users. When a network is scalable it is able to growin a logical, efficient, and cost-effective way. The routingprotocol used in a network does much to determine thescalability of the network. Therefore, it is important thatthe routing protocol be chosen wisely. Routing InformationProtocol (RIP) is still considered suitable for smallnetworks, but is not scalable to large networks because ofinherent limitations. To overcome these limitations yetmaintain the simplicity of RIP version 1 (RIP v1), RIP version2 (RIP v2) was developed.

Students completing this module should be able to: Define VLSM and briefly describe the reasons for its

use Divide a major network into subnets of different sizes

using VLSM Define route aggregation and summarization as they

relate to VLSM Configure a router using VLSM Identify the key features of RIP v1 and RIP v2 Identify the important differences between RIP v1 and

RIP v2 Configure RIP v2 Verify and troubleshoot RIP v2 operation Configure default routes using the ip route and ip

default-network commands

1.1 VLSM

1.1.1 What is VLSM and why is it used?

As IP subnets have grown, administrators have looked forways to use their address space more efficiently. Onetechnique is called Variable-Length Subnet Masks (VLSM). WithVLSM, a network administrator can use a long mask on networkswith few hosts, and a short mask on subnets with many hosts.


In order to use VLSM, a network administrator must use arouting protocol that supports it. Cisco routers support VLSMwith Open Shortest Path First (OSPF), Integrated IntermediateSystem to Intermediate System (Integrated IS-IS), EnhancedInterior Gateway Routing Protocol (EIGRP), RIP v2, and staticrouting.

VLSM allows an organization to use more than one subnetmask within the same network address space. Implementing VLSMis often referred to as "subnetting a subnet", and can be usedto maximize addressing efficiency.

Classful routing protocols require that a single networkuse the same subnet mask. Therefore, network 192.168.187.0must use just one subnet mask such as 255.255.255.0.

VLSM is simply a feature that allows a single autonomoussystem to have networks with different subnet masks. If arouting protocol allows VLSM, use a 30-bit subnet mask onnetwork connections, 255.255.255.252, a 24-bit mask for usernetworks, 255.255.255.0, or even a 22-bit mask, 255.255.252.0,for networks with up to 1000 users.

1.1.2 A waste of space

In the past, it has been recommended that the first andlast subnet not be used. Use of the first subnet, known assubnet zero, for host addressing was discouraged because ofthe confusion that can occur when a network and a subnet havethe same addresses. The same was true with the use of the lastsubnet, known as the all-ones subnet. It has always been truethat these subnets could be used. However, it was not arecommended practice. As networking technologies have evolved,and IP address depletion has become of real concern, it hasbecome acceptable practice to use the first and last subnetsin a subnetted network in conjunction with VLSM.

In this network, the network management team has decided toborrow three bits from the host portion of the Class C addressthat has been selected for this addressing scheme.


If management decides to use subnet zero, it has eightuseable subnets. Each may support 30 hosts. If the managementdecides to use the no ip subnet-zero command, it has sevenusable subnets with 30 hosts in each subnet. From Cisco IOSversion 12.0, remember that Cisco routers use subnet zero bydefault. Therefore Sydney, Brisbane, Perth, and Melbourneremote offices may each have 30 hosts. The team realizes thatit has to address the three point-to-point WAN links betweenSydney, Brisbane, Perth, and Melbourne. If the team uses thethree remaining subnets for the WAN links, it will have usedall of the available addresses and have no room for growth.The team will also have wasted the 28 host addresses from eachsubnet to simply address three point-to-point networks. Usingthis addressing scheme one third of the potential addressspace will have been wasted.

Such an addressing scheme is fine for a small LAN. However,this addressing scheme is extremely wasteful if using point-to-point connections.

1.1.3 When to use VLSM?

It is important to design an addressing scheme that allowsfor growth and does not involve wasting addresses. Thissection examines how VLSM can be used to prevent waste ofaddresses on point-to-point links.

This time the networking team decided to avoid theirwasteful use of the /27 mask on the point-to-point links. Theteam decided to apply VLSM to the addressing problem.

To apply VLSM to the addressing problem, the team willbreak the Class C address into subnets of variable sizes.Large subnets are created for addressing LANs. Very smallsubnets are created for WAN links and other special cases. A30-bit mask is used to create subnets with only two valid hostaddresses. In this case this is the best solution for thepoint-to-point connections. The team will take one of thethree subnets they had previously decided to assign to the WAN


links, and subnet it again with a 30-bit mask.

In the example, the team has taken one of the last threesubnets, subnet 6, and subnetted it again. This time the teamuses a 30-bit mask. Figures and illustrate that after usingVLSM, the team has eight ranges of addresses to be used forthe point-to-point links.

1.1.4 Calculating subnets with VLSM

VLSM helps to manage IP addresses. VLSM allows for thesetting of a subnet mask that suits the link or the segmentrequirements. A subnet mask should satisfy the requirements ofa LAN with one subnet mask and the requirements of a point-to-point WAN with another.

Look at the example in Figure which illustrates how tocalculate subnets with VLSM.

The example contains a Class B address of 172.16.0.0 andtwo LANs that require at least 250 hosts each. If the routersare using a classful routing protocol the WAN link would needto be a subnet of the same Class B network, assuming that theadministrator is not using IP unnumbered. Classful routingprotocols such as RIP v1, IGRP, and EGP are not capable ofsupporting VLSM. Without VLSM, the WAN link would have to havethe same subnet mask as the LAN segments. A 24-bit mask(255.255.255.0) would support 250 hosts.

The WAN link only needs two addresses, one for each router.Therefore there would be 252 addresses wasted.

If VLSM were used in this example, a 24-bit mask wouldstill work on the LAN segments for the 250 hosts. A 30-bitmask could be used for the WAN link because only two hostaddresses are needed.

In Figure the subnet addresses used are those generatedfrom subdividing the 172.16.32.0/20 subnet into multiple /26subnets. The figure illustrates where the subnet addresses can


be applied, depending on the number of host requirements. Forexample, the WAN links use subnet addresses with a prefixof /30. This prefix allows for only two hosts, just enoughhosts for a point-to-point connection between a pair ofrouters.

To calculate the subnet addresses used on the WAN links,further subnet one of the unused /26 subnets. In this example,172.16.33.0/26 is further subnetted with a prefix of /30. Thisprovides four more subnet bits and therefore 16 (24) subnetsfor the WANs. Figure illustrates how to work through a VLSMmasking system.

VLSM allows the subnetting of an already subnetted address.For example, consider the subnet address 172.16.32.0/20 and anetwork needing ten host addresses. With this subnet address,there are over 4000 (212 – 2 = 4094) host addresses, most ofwhich will be wasted. With VLSM it is possible to furthersubnet the address 172.16.32.0/20 to give more networkaddresses and fewer hosts per network. For example, bysubnetting 172.16.32.0/20 to 172.16.32.0/26, there is a gainof 64 (26) subnets, each of which could support 62 (26 – 2)hosts.

Use this procedure to further subnet 172.16.32.0/20 to172.16.32.0/26:

Step 1 Write 172.16.32.0 in binary form. Step 2 Draw a vertical line between the 20th and 21st

bits, as shown in Figure . /20 was the original subnetboundary.

Step 3 Draw a vertical line between the 26th and 27thbits, as shown in Figure . The original /20 subnetboundary is extended six bits to the right, becoming/26.

Step 4 Calculate the 64 subnet addresses using the bitsbetween the two vertical lines, from lowest to highestin value. The figure shows the first five subnetsavailable.


It is important to remember that only unused subnets can befurther subnetted. If any address from a subnet is used, thatsubnet cannot be further subnetted. In the example, foursubnet numbers are used on the LANs. Another unused subnet,172.16.33.0/26, is further subnetted for use on the WANs.

Lab Activity

Lab Exercise: Calculating VLSM Subnets

In this lab, students will use variable-length subnet mask(VLSM) to support more efficient use of the assigned IPaddresses and to reduce the amount of routing information atthe top level.

1.1.5 Route aggregation with VLSM

When using VLSM, try to keep the subnetwork numbers groupedtogether in the network to allow for aggregation. This meanskeeping networks like 172.16.14.0 and 172.16.15.0 near oneanother so that the routers need only carry a route for172.16.14.0/23.

The use of Classless InterDomain Routing (CIDR) and VLSMnot only prevents address waste, but also promotes routeaggregation, or summarization. Without route summarization,Internet backbone routing would likely have collapsed sometimebefore 1997.

Figure illustrates how route summarization reduces theburden on upstream routers. This complex hierarchy ofvariable-sized networks and subnetworks is summarized atvarious points, using a prefix address, until the entirenetwork is advertised as a single aggregate route,200.199.48.0/22. Route summarization, or supernetting, is onlypossible if the routers of a network run a classless routingprotocol, such as OSPF or EIGRP. Classless routing protocolscarry a prefix that consists of 32-bit IP address and bit maskin the routing updates. In Figure , the summary route thateventually reaches the provider contains a 20-bit prefix


common to all of the addresses in the organization,200.199.48.0/22 or 11001000.11000111.0011. For summarizationto work properly, carefully assign addresses in a hierarchicalfashion so that summarized addresses will share the same high-order bits.

Remember the following rules: A router must know in detail the subnet numbers

attached to it. A router does not need to tell other routers about each

individual subnet if the router can send one aggregateroute for a set of routers.

A router using aggregate routes would have fewerentries in its routing table.

VLSM allows for the summarization of routes and increasesflexibly by basing the summarization entirely on the higher-order bits shared on the left, even if the networks are notcontiguous.

The graphic shows that the addresses, or routes, share eachbit up to and including the 20th bit. These bits are coloredred. The 21st bit is not the same for all the routes.Therefore the prefix for the summary route will be 20 bitslong. This is used to calculate the network number of thesummary route.

Figure shows that the addresses, or routes, share each bitup to and including the 21st bit. These bits are colored red.The 22nd bit is not the same for all the routes. Therefore theprefix for the summary route will be 21 bits long. This isused to calculate the network number of the summary route.

1.1.6 Configuring VLSM

If VLSM is the scheme chosen, it must then be calculatedand configured correctly.

In this example allow for the following:


Network address: 192.168.10.0

The Perth router has to support 60 hosts. In this case, aminimum of six bits are needed in the host portion of theaddress. Six bits will yield 62 possible host addresses, 26 =64 – 2 = 62, so the division was 192.168.10.0/26.

The Sydney and Singapore routers have to support 12 hostseach. In these cases, a minimum of four bits are needed in thehost portion of the address. Four bits will yield 14 possiblehost addresses, 24 = 16 – 2 = 14, so the division is192.168.10.96/28 for Sydney and 192.168.10.112/28 forSingapore.

The Kuala Lumpur router requires 28 hosts. In this case, aminimum of five bits are needed in the host portion of theaddress. Five bits will yield 30 possible host addresses, 25 =32 – 2 = 30, so the division here is 192.168.10.64/27.

The following are the point-to-point connections: Perth to Kuala Lumpur 192.168.10.128/30 – Since only

two addresses are required, a minimum of two bits areneeded in the host portion of the address. Two bitswill yield two possible host addresses (22 = 4 – 2 = 2)so the division here is 192.168.10.128/30.

Sydney to Kuala Lumpur 192.168.10.132/30 – Since onlytwo addresses are required, a minimum of two bits areneeded in the host portion of the address. Two bitswill yield two possible host addresses (22 = 4 – 2 = 2)so the division here is 192.168.10.132/30.

Singapore to Kuala Lumpur 192.168.10.136/30 – Sinceonly two addresses are required, a minimum of two bitsare needed in the host portion of the address. Two bitswill yield two possible host addresses (22 = 4 – 2 = 2)so the division here is 192.168.10.136/30.

There is sufficient host address space for two hostendpoints on a point-to-point serial link. The example forSingapore to Kuala Lumpur is configured as follows:


Singapore(config)#interface serial 0Singapore(config-if)#ip address 192.168.10.137

255.255.255.252KualaLumpur(config)#interface serial 1KualaLumpur(config-if)#ip address 192.168.10.138

255.255.255.252

1.2 RIP Version 2

1.2.1 RIP history

The Internet is a collection of autonomous systems (AS).Each AS is generally administered by a single entity. Each ASwill have its own routing technology, which may differ fromother autonomous systems. The routing protocol used within anAS is referred to as an Interior Gateway Protocol (IGP). Aseparate protocol, called an Exterior Gateway Protocol (EGP),is used to transfer routing information between autonomoussystems. RIP was designed to work as an IGP in a moderate-sized AS. It is not intended for use in more complexenvironments.

RIP v1 is considered an interior gateway protocol that isclassful. RIP v1 is a distance vector protocol thatbroadcasts its entire routing table to each neighbor router atpredetermined intervals. The default interval is 30 seconds.RIP uses hop count as a metric, with 15 as the maximum numberof hops.

If the router receives information about a network, and thereceiving interface belongs to the same network but is on adifferent subnet, the router applies the one subnet mask thatis configured on the receiving interface:

For Class A addresses, the default classful mask is255.0.0.0.

For Class B addresses, the default classful mask is255.255.0.0.

For Class C addresses, the default classful mask is


255.255.255.0.

RIP v1 is a popular routing protocol because virtually allIP routers support it. The popularity of RIP v1 is based onthe simplicity and the universal compatibility itdemonstrates. RIP v1 is capable of load balancing over as manyas six equal-cost paths, with four paths as the default.

RIP v1 has the following limitations: It does not send subnet mask information in its

updates. It sends updates as broadcasts on 255.255.255.255. It does not support authentication. It is not able to support VLSM or classless interdomain

routing (CIDR).

RIP v1 is simple to configure, as shown in Figure .

1.2.2 RIP v2 features

RIP v2 is an improved version of RIP v1 and shares thefollowing features:

It is a distance vector protocol that uses a hop countmetric.

It uses holddown timers to prevent routing loops –default is 180 seconds.

It uses split horizon to prevent routing loops. It uses 16 hops as a metric for infinite distance.

RIP v2 provides prefix routing, which allows it to send outsubnet mask information with the route update. Therefore, RIPv2 supports the use of classless routing in which differentsubnets within the same network can use different subnetmasks, as in VLSM.

RIP v2 provides for authentication in its updates. A set ofkeys can be used on an interface as an authentication check.RIP v2 allows for a choice of the type of authentication to beused in RIP v2 packets. The choice can be either clear text orMessage-Digest 5 (MD5) encryption. Clear text is the default.


MD5 can be used to authenticate the source of a routingupdate. MD5 is typically used to encrypt enable secretpasswords and it has no known reversal.

RIP v2 multicasts routing updates using the Class D address224.0.0.9, which provides for better efficiency.

1.2.3 Comparing RIP v1 and v2

RIP uses distance vector algorithms to determine thedirection and distance to any link in the internetwork. Ifthere are multiple paths to a destination, RIP selects thepath with the least number of hops. However, because hop countis the only routing metric used by RIP, it does notnecessarily select the fastest path to a destination.

RIP v1 allows routers to update their routing tables atprogrammable intervals. The default interval is 30 seconds.The continual sending of routing updates by RIP v1 means thatnetwork traffic builds up quickly. To prevent a packet fromlooping infinitely, RIP allows a maximum hop count of 15. Ifthe destination network is more than 15 routers away, thenetwork is considered unreachable and the packet is dropped.This situation creates a scalability issue when routing inlarge heterogeneous networks. RIP v1 uses split horizon toprevent loops. This means that RIP v1 advertises routes out aninterface only if the routes were not learned from updatesentering that interface. It uses holddown timers to preventrouting loops. Holddowns ignore any new information about asubnet indicating a poorer metric for a time equal to theholddown timer.

Figure summarizes the behavior of RIP v1 when used by arouter.

RIP v2 is an improved version of RIP v1. It has many of thesame features of RIP v1. RIP v2 is also a distance vectorprotocol that uses hop count, holddown timers, and splithorizon. Figure compares and contrasts RIP v1 and RIP v2.


Lab Activity

Lab Exercise: Review of Basic Router Configuration with RIP

In this lab, the students will setup an IP addressingscheme using Class B networks and configure RoutingInformation Protocol (RIP) on routers.

Lab Activity

e-Lab Activity: Review of Basic Router Configurationincluding RIP

In this lab, the students will review the basicconfiguration of routers.

Interactive Media Activity

Checkbox: RIP v1 and RIP v2 Comparison

When the student has completed this activity, the studentwill be able to identify the difference between RIP v1 and RIPv2.

1.2.4 Configuring RIP v2

RIP v2 is a dynamic routing protocol that is configured bynaming the routing protocol RIP Version 2, and then assigningIP network numbers without specifying subnet values. Thissection describes the basic commands used to configure RIP v2on a Cisco router.

To enable a dynamic routing protocol, the following tasksmust be completed:

Select a routing protocol, such as RIP v2. Assign the IP network numbers without specifying the

subnet values. Assign the network or subnet addresses and the

appropriate subnet mask to the interfaces.

RIP v2 uses multicasts to communicate with other routers.The routing metric helps the routers find the best path to


each network or subnet.

The router command starts the routing process. The networkcommand causes the implementation of the following threefunctions:

The routing updates are multicast out an interface. The routing updates are processed if they enter that

same interface. The subnet that is directly connected to that interface

is advertised.

The network command is required because it allows therouting process to determine which interfaces will participatein the sending and receiving of routing updates. The networkcommand starts up the routing protocol on all interfaces thatthe router has in the specified network. The network commandalso allows the router to advertise that network.

The router rip version 2 command specifies RIP v2 as therouting protocol, while the network command identifies aparticipating attached network.

In this example, the configuration of Router A includes thefollowing:

router rip version 2 – Selects RIP v2 as the routingprotocol.

network 172.16.0.0 – Specifies a directly connectednetwork.

network 10.0.0.0 – Specifies a directly connectednetwork.

The interfaces on Router A connected to networks 172.16.0.0and 10.0.0.0, or their subnets, will send and receive RIP v2updates. These routing updates allow the router to learn thenetwork topology. Routers B and C have similar RIPconfigurations but with different network numbers specified.

Figure shows another example of a RIP v2 configuration.

Lab Activity


Lab Exercise: Converting RIP v1 to RIP v2

In this lab, the students will configure RIP v1 on therouters and then convert to RIP v2.

Lab Activity

e-Lab Activity: Converting RIP v1 to RIP v2

In this lab, the student will configure RIP v1 and thenconvert to RIP v2.

1.2.5 Verifying RIP v2

The show ip protocols and show ip route commands displayinformation about routing protocols and the routing table.This section describes how to use show commands to verify theRIP configuration.

The show ip protocols command displays values about routingprotocols and routing protocol timer information associatedwith the router. In the example, the router is configured withRIP and sends updated routing table information every 30seconds. This interval is configurable. If a router runningRIP does not receive an update from another router for 180seconds or more, the first router marks the routes served bythe non-updating router as being invalid. In Figure , theholddown timer is set to 180 seconds. Therefore, an update toa route that was down and is now up could stay in the holddownstate until the full 180 seconds have passed.

If there is still no update after 240 seconds the routerremoves the routing table entries. In the figure, it has been18 seconds since Router A received an update from Router B.The router is injecting routes for the networks listedfollowing the Routing for Networks line. The router isreceiving routes from the neighboring RIP routers listedfollowing the Routing Information Sources line. The distancedefault of 120 refers to the administrative distance for a RIProute.


The show ip interface brief command can also be used tolist a summary of the information and status of an interface.

The show ip route command displays the contents of the IProuting table. The routing table contains entries for allknown networks and subnetworks, and contains a code thatindicates how that information was learned. The output of keyfields from this command and their function is explained inthe table.

Examine the output to see if the routing table is populatedwith routing information. If entries are missing, routinginformation is not being exchanged. Use the show running-config or show ip protocols privileged EXEC commands on therouter to check for a possible misconfigured routing protocol.

Lab Activity

Lab Exercise: Verifying RIP v2 Configuration

In this lab, the students will configure RIP v1 and v2 onrouters and use show commands to verify RIP v2 operation.

1.2.6 Troubleshooting RIP v2

This section explains the use of the debug ip rip command.

Use the debug ip rip command to display RIP routing updatesas they are sent and received. The no debug all or undebugall commands will turn off all debugging.

The example shows that the router being debugged hasreceived updates from one router at source address 10.1.1.2.The router at source address 10.1.1.2 sent information abouttwo destinations in the routing table update. The router beingdebugged also sent updates, in both cases to broadcast address255.255.255.255 as the destination. The number in parenthesesis the source address encapsulated into the IP header.

Other outputs sometimes seen from the debug ip rip commandincludes entries such as the following:


RIP: broadcasting general request on Ethernet0RIP: broadcasting general request on Ethernet1

These outputs appear at startup or when an event occurssuch as an interface transition or a user manually clears therouting table.

An entry, such as the following, is most likely caused by amalformed packet from the transmitter:

RIP: bad version 128 from 160.89.80.43

Examples of debug ip rip outputs and meanings are shown inFigure .

Lab Activity

Lab Exercise: Troubleshooting RIP v2 using Debug

In this lab, the students will use debug commands to verifyproper RIP operation and analyze data transmitted betweenrouters.

Lab Activity

e-Lab Activity: RIP v2 using Debug

In this lab, the students will enable routing on therouter, save the configuration, and ping interfaces onrouters.

1.2.7 Default routes

By default, routers learn paths to destinations threedifferent ways:

Static routes – The system administrator manuallydefines the static routes as the next hop to adestination. Static routes are useful for security andtraffic reduction, as no other route is known.

Default routes – The system administrator also manuallydefines default routes as the path to take when thereis no known route to the destination. Default routes


keep routing tables shorter. When an entry for adestination network does not exist in a routing table,the packet is sent to the default network.

Dynamic routes – Dynamic routing means that the routerlearns of paths to destinations by receiving periodicupdates from other routers.

In Figure , the default route is indicated by the followingcommand:

Router(config)#ip route 172.16.1.0 255.255.255.0172.16.2.1

The ip default-network command establishes a default routein networks using dynamic routing protocols:

Router(config)#ip default-network 192.168.20.0

Generally after the routing table has been set to handleall the networks that must be configured, it is often usefulto ensure that all other packets go to a specific location.One example is a router that connects to the Internet. This iscalled the default route for the router. All the packets thatare not defined in the routing table will go to the nominatedinterface of the default router.

The ip default-network command is usually configured on therouters that connect to a router with a static default route.

In Figure , Hong Kong 2 and Hong Kong 3 would use Hong Kong4 as the default gateway. Hong Kong 4 would use interface192.168.19.2 as its default gateway. Hong Kong 1 would routepackets to the Internet for all internal hosts. To allow HongKong 1 to route these packets it is necessary to configure adefault route as:

HongKong1(config)#ip route 0.0.0.0 0.0.0.0 192.168.20.1

The zeros represent any destination network with any mask.Default routes are referred to as quad zero routes. In thediagram, the only way Hong Kong 1 can go to the Internet is


through the interface 192.168.20.1.

Summary

An understanding of the following key points should havebeen achieved:

VLSM and the reasons for its use Subnetting networks of different sizes using VLSM Route aggregation and summarization as they relate to

VLSM Router configuration using VLSM Key features of RIP v1 and RIP v2 Important differences between RIP v1 and RIP v2 Configuration of RIP v2 Verifying and troubleshooting RIP v2 operation Configuring default routes using the ip route and ip

default-network commands


Chapter 2 Single Area OSPF

Overview

The two main classes of interior gateway routing protocols(IGP) are distance vector and link-state. Both types ofrouting protocols are concerned with finding routes throughautonomous systems. Distance vector and link-state routingprotocols use different methods to accomplish the same tasks.

Link-state routing algorithms, also known as shortest pathfirst (SPF) algorithms, maintain a complex database oftopology information. A link-state routing algorithm maintainsfull knowledge of distant routers and how they interconnect.In contrast, distance vector algorithms provide nonspecificinformation about distant networks and no knowledge of distantrouters.

Understanding the operation of link-state routing protocolsis critical in understanding how to enable, verify, andtroubleshoot their operation. This module explains how link-state routing protocols work, outlines their features,describes the algorithm they use, and points out theadvantages and disadvantages of link-state routing.

Early routing protocols like RIP were all distance vectorprotocols. Many of the important protocols in use today arealso distance vector protocols, including RIP v2, IGRP, andEIGRP. However, as networks grew in size and complexity, someof the limitations of distance vector routing protocols becameapparent. Routers in a network using a distance vector schemecould only guess at the network topology based on the fullrouting tables received from neighboring routers. Bandwidthusage is high because of periodic exchange of routing updates,and network convergence is slow resulting in poor routing

Chapter 2 Single Area OSPF 21

decisions.

Link-state routing protocols differ from distance vectorprotocols. Link-state protocols flood routing informationallowing every router to have a complete view of the networktopology. Triggered updates allow efficient use of bandwidthand faster convergence. Changes in the state of a link aresent to all routers in the network as soon as the changeoccurs.

One of the most important link-state protocols is OpenShortest Path First (OSPF). OSPF is based on open standards,which means it can be developed and improved by multiplevendors. It is a complex protocol that is a challenge toimplement in a large network. The basics of OSPF are coveredin this module.

OSPF configuration on a Cisco router is similar to theconfiguration of other routing protocols. As with otherrouting protocols, the OSPF routing process must be enabledand networks must be identified that will be announced byOSPF. However, OSPF has a number of features and configurationprocedures that are unique. These features make OSPF apowerful choice for a routing protocol and make OSPFconfiguration a very challenging process.

In complex large networks, OSPF can be configured to spanmany areas and several different area types. The ability todesign and implement large OSPF networks begins with theability to configure OSPF in a single area. This module alsodiscusses the configuration of single area OSPF.

Students completing this module should be able to: Identify the key features of link-state routing Explain how link-state routing information is

maintained Discuss the link-state routing algorithm Examine the advantages and disadvantages of link-state

routing


Compare and contrast link-state routing with distancevector routing

Enable OSPF on a router Configure a loopback address to set router priority Change OSPF route preference by modifying the cost

metric Configure OSPF authentication Change OSPF timers Describe the steps to create and propagate a default

route Use show commands to verify OSPF operation Configure the OSPF routing process Define key OSPF terms Describe the OSPF network types Describe the OSPF Hello protocol Identify the basics steps in the operation of OSPF

2.1 Link-State Routing Protocol

2.1.1 Overview of link-state routing

Link-state routing protocols perform in a very differentway from distance vector protocols. Understanding thedifference between distance vector and link-state protocols isvital for network administrators. One essential difference isthat distance vector protocols use a simpler method ofexchanging routing information. Figure outlines thecharacteristics of both distance vector and link-state routingprotocols.

Link-state routing algorithms maintain a complex databaseof topology information. While the distance vector algorithmhas nonspecific information about distant networks and noknowledge of distant routers, a link-state routing algorithmmaintains full knowledge of distant routers and how theyinterconnect.



Drag and Drop: Link-State Routing Overview

When the student has completed this activity, the studentwill be able to identify the differences between distancevector and link-state routing protocols.

2.1.2 Link-state routing protocol features

Link-state routing protocols collect routing informationfrom all other routers in the network or within a defined areaof the network. Once all of the information is collected, eachrouter, independently of the other routers, calculates itsbest paths to all destinations in the network. Because eachrouter maintains its own view of the network, it is lesslikely to propagate incorrect information provided by any ofits neighboring routers.

Link-state routing protocols perform the followingfunctions:

Respond quickly to network changes Send triggered updates only when a network change has

occurred Send periodic updates known as link-state refreshes Use a hello mechanism to determine the reachability of

neighbors

Each router keeps track of the state or condition of itsdirectly connected neighbors by multicasting hello packets.Each router also keeps track of all the routers in its networkor area of the network by using link-state advertisements(LSAs). The hello packets contain information about thenetworks that are attached to the router. In Figure , P4 knowsabout its neighbors, P1 and P3, on Perth3 network. The LSAsprovide updates on the state of links that are interfaces onother routers in the network.

A router running a link-state protocol has the followingfeatures:

Uses the hello information and LSAs it receives fromother routers to build a database about the network


Uses the shortest path first (SPF) algorithm tocalculate the shortest route to each network

Stores this route information in its routing table

2.1.3 How routing information is maintained

Link-state routing uses the following features: Link-state advertisements (LSAs) A topological database The shortest path first (SPF) algorithm The resulting SPF tree A routing table of paths and ports to each network to

determine the best paths for packets

Link-state routing protocols were designed to overcome thelimitations of distance vector routing protocols. For example,distance vector protocols only exchange routing updates withimmediate neighbors while link-state routing protocolsexchange routing information across a much larger area.

When a failure occurs in the network, such as a neighborbecomes unreachable, link-state protocols flood LSAs using aspecial multicast address throughout an area. Each link-staterouter takes a copy of the LSA and updates its link-state, ortopological database. The link-state router will then forwardthe LSA to all neighboring devices. LSAs cause every routerwithin the area to recalculate routes. Because LSAs need to beflooded throughout an area, and all routers within that areaneed to recalculate their routing tables, the number of link-state routers that can be in an area should be limited.

A link is the same as an interface on a router. The stateof the link is a description of an interface and therelationship to its neighboring routers. For example, adescription of the interface would include the IP address ofthe interface, the subnet mask, the type of network to whichit is connected, the routers connected to that network, and soon. The collection of link-states forms a link-state database,sometimes called a topological database. The link-state


database is used to calculate the best paths through thenetwork. Link-state routers find the best paths todestinations. Link-state routers do this by applying theDijkstra shortest path first (SPF) algorithm against the link-state database to build the shortest path first tree, with thelocal router as the root. The best paths are then selectedfrom the SPF tree and placed in the routing table.

2.1.4 Link-state routing algorithms

Link-state routing algorithms maintain a complex databaseof the network topology by exchanging link-stateadvertisements (LSAs) with other routers in a network. Thissection describes the link-state routing algorithm.

Link-state routing algorithms have the followingcharacteristics:

They are known collectively as shortest path first(SPF) protocols.

They maintain a complex database of the networktopology.

They are based on the Dijkstra algorithm.

Unlike distance vector protocols, link-state protocolsdevelop and maintain full knowledge of the network routers aswell as how they interconnect. This is achieved through theexchange of link-state advertisements (LSAs) with otherrouters in a network.

Each router that exchanges LSAs constructs a topologicaldatabase using all received LSAs. An SPF algorithm is thenused to compute reachability to networked destinations. Thisinformation is used to update the routing table. This processcan discover changes in the network topology caused bycomponent failure or network growth.

LSA exchange is triggered by an event in the networkinstead of periodic updates. This can greatly speed up theconvergence process because there is no need to wait for aseries of timers to expire before the networked routers can


begin to converge.

If the network shown in Figure uses a link-state routingprotocol, there would be no concern about connectivity betweenrouters A and B. Depending on the actual protocol employed andthe metrics selected, it is highly likely that the routingprotocol could discriminate between the two paths to the samedestination and try to use the best one.

Shown in Figure are the routing entries in the table forRouter A, to Router D. In this example, a link-state protocolwould remember both routes. Some link-state protocols providea way to assess the performance capabilities of the two routesand choose the best one. If the route through Router C was themore preferred path and experienced operational difficulties,such as congestion or component failure, the link-staterouting protocol would detect this change and and beginforwarding packets through Router B.

2.1.5 Advantages and disadvantages of link-state routing

The following list contains many of the advantages thatlink-state routing protocols have over the traditionaldistance vector algorithms, such as Routing InformationProtocol (RIP v1) or Interior Gateway Routing Protocol (IGRP):

Link-state protocols use cost metrics to choose pathsthrough the network. The cost metric reflects thecapacity of the links on those paths.

Link-state protocols use triggered, flooded updates andcan immediately report changes in the network topologyto all routers in the network. This immediate reportinggenerally leads to fast convergence times.

Each router has a complete and synchronized picture ofthe network. Therefore, it is very difficult forrouting loops to occur.

Routers always use the latest set of information onwhich to base their routing decisions because LSAs aresequenced and aged.

The link-state database sizes can be minimized with


careful network design. This leads to smaller Dijkstracalculations and faster convergence.

Every router is capable of mapping a copy of the entirenetwork architecture, at least of its own area of thenetwork. This attribute can greatly assisttroubleshooting.

Classless interdomain routing (CIDR) and variable-length subnet masking (VLSM) are supported.

The following are some disadvantages of link-state routingprotocols:

They require more memory and processing power thandistance vector routers, which can make link-staterouting cost-prohibitive for organizations with smallbudgets and legacy hardware.

They require strict hierarchical network design, sothat a network can be broken into smaller areas toreduce the size of the topology tables.

They require an administrator with a good understandingof link-state routing.

They flood the network with LSAs during the initialdiscovery process, which can significantly decrease thecapability of the network to transport data. Thisflooding process can noticeably degrade the networkperformance depending on the available bandwidth andthe number of routers exchanging information.

2.1.6 Compare and contrast distance vector and link-state routing

All distance vector protocols learn routes and then sendthese routes to directly connected neighbors. However, link-state routers advertise the states of their links to all otherrouters in the area so that each router can build a completelink-state database. These advertisements are called link-state advertisements (LSAs). Unlike distance vector routers,link-state routers can form special relationships with theirneighbors and other link-state routers. This is to ensure thatthe LSA information is properly and efficiently exchanged.


The initial flood of LSAs provides routers with theinformation that they need to build a link-state database.Routing updates occur only when the network changes. If thereis no changes, the routing updates occur after a specificinterval. If the network changes, a partial update is sentimmediately. The partial update only contains containsinformation about links that have changed, not a completerouting table. An administrator concerned about WAN linkutilization will find these partial and infrequent updates anefficient alternative to distance vector routing, which sendsout a complete routing table every 30 seconds. When a changeoccurs, link-state routers are all notified simultaneously bythe partial update. Distance vector routers wait for neighborsto note the change, implement the change, and then pass it tothe neighboring routers.

The benefits of link-state routing over distance vectorprotocols include faster convergence and improved bandwidthutilization. Link-state protocols support classlessinterdomain routing (CIDR) and variable-length subnet mask(VLSM). This makes them a good choice for complex, scalablenetworks. In fact, link-state protocols generally outperformdistance vector protocols on any size network. Link-stateprotocols are not implemented on every network because theyrequire more memory and processing power than distance vectorprotocols and can overwhelm slower equipment. Another reasonthey are not more widely implemented is the fact that link-state protocols are quite complex. This would require well-trained administrators to correctly configure and maintainthem.

2.2 Single Area OSPF Concepts

2.2.1 OSPF overview

Open Shortest Path First (OSPF) is a link-state routingprotocol based on open standards. It is described in several


standards of the Internet Engineering Task Force (IETF). Themost recent description is RFC 2328. The Open in OSPF meansthat it is open to the public and is non-proprietary.

OSPF is becoming the preferred IGP protocol when comparedwith RIP v1 and RIP v2 because it is scalable. RIP is limitedto 15 hops, it converges slowly, and it sometimes chooses slowroutes because it ignores critical factors such as bandwidthin route determination. OSPF overcomes these limitations andproves to be a robust and scalable routing protocol suitablefor the networks of today. OSPF can be used and configured asa single area for small networks. It can also be used forlarge networks. OSPF routing scales to large networks ifhierarchical network design principles are used.

Large OSPF networks use a hierarchical design. Multipleareas connect to a distribution area, area 0, also called thebackbone. This design approach allows for extensive control ofrouting updates. Defining areas reduces routing overhead,speeds up convergence, confines network instability to an areaand improves performance.

2.2.2 OSPF terminology

As a link-state protocol, OSPF operates differently fromdistance vector routing protocols. Link-state routers identifyneighboring routers and then communicate with the identifiedneighbors. OSPF has its own terminology. The new terms areshown in Figure .

Information is gathered from OSPF neighbors about thestatus, or links, of each OSPF router. This information isflooded to all its neighbors. Flooding is a process that sendsinformation out all ports, with the exception of the port onwhich the information was received. An OSPF router advertisesits own link states and passes on received link states.

The routers process the information about link-states andbuild a link-state database. Every router in the OSPF areawill have the same link-state database. Every router has the


same information about the state of the links and theneighbors of every other router.

Then each router runs the SPF algorithm on its own copy ofthe database. This calculation determines the best route to adestination. The SPF algorithm adds up the cost, which is avalue that is usually based on bandwidth. The lowest costpath is added to the routing table, which is also known as theforwarding database.

OSPF routers record information about their neighbors inthe adjacency database.

To reduce the number of exchanges of routing informationamong several neighbors on the same network, OSPF routerselect a Designated Router (DR) and a Backup Designated Router(BDR) that serve as focal points for routing informationexchange.


Crossword Puzzle: OSPF Terminology

When the student has completed this activity, the studentwill understand the different OSPF terminology.

2.2.3 Comparing OSPF with distance vector routingprotocols

OSPF uses link-state technology, compared with distancevector technology such as RIP. Link-state routers maintain acommon picture of the network and exchange link informationupon initial discovery or network changes. Link-state routersdo not broadcast their routing tables periodically as distancevector protocols do. Therefore, link-state routers use lessbandwidth for routing table maintenance.

RIP is appropriate for small networks, and the best path isbased on the lowest number of hops. OSPF is appropriate forthe needs of large scalable internetworks, and the best pathis determined by speed. RIP and other distance vector


protocols use simple algorithms to compute best paths. The SPFalgorithm is complex. Routers implementing distance vectorrouting may need less memory and less powerful processors thanthose running OSPF.

OSPF selects routes based on cost, which is related tospeed. The higher the speed, the lower the OSPF cost of thelink.

OSPF selects the fastest loop-free path from the shortest-path first tree as the best path in the network.

OSPF guarantees loop-free routing. Distance vectorprotocols may cause routing loops.

If links are unstable, flooding of link-state informationcan lead to unsynchronized link-state advertisements andinconsistent decisions among routers.

OSPF addresses the following issues: Speed of convergence Support for Variable Length Subnet Mask (VLSM) Network size Path selection Grouping of members

In large networks RIP convergence can take several minutessince the routing table of each router is copied and sharedwith directly connected routers. After initial OSPFconvergence, maintaining a converged state is faster becauseonly the changes in the network are flooded to other routersin an area.

OSPF supports VLSMs and therefore is referred to as aclassless protocol. RIP v1 does not support VLSMs, however,RIP v2 does support VLSMs.

RIP considers a network that is more than 15 routers awayto be unreachable because the number of hops is limited to 15.This limits RIP to small topologies. OSPF has no size limits


and is suitable for intermediate to large networks.

RIP selects a path to a network by adding one to the hopcount reported by a neighbor. It compares the hop counts to adestination and selects the path with the smallest distance orhops. This algorithm is simple and does not require a powerfulrouter or a lot of memory. RIP does not take into account theavailable bandwidth in best path determination.

OSPF selects a path using cost, a metric based onbandwidth. All OSPF routers must obtain complete informationabout the networks of every router to calculate the shortestpath. This is a complex algorithm. Therefore, OSPF requiresmore powerful routers and more memory than RIP.

RIP uses a flat topology. Routers in a RIP region exchangeinformation with all routers. OSPF uses the concept of areas.A network can be subdivided into groups of routers. In thisway OSPF can limit traffic to these areas. Changes in one areado not affect performance in other areas. This hierarchicalapproach allows a network to scale efficiently.


Checkbox: Link-State and Distance Vector Comparison

When the student has completed this activity, the studentwill be able to identify the difference between link-state anddistance vector routing protocols.

2.2.4 Shortest path algorithm

The shortest path algorithm is used by OSPF to determinethe best path to a destination.

In this algorithm, the best path is the lowest cost path.The algorithm was discovered by Dijkstra, a Dutch computerscientist, and was explained in 1959. The algorithm considersa network to be a set of nodes connected by point-to-pointlinks. Each link has a cost. Each node has a name. Each nodehas a complete database of all the links and so complete


information about the physical topology is known. All routerlink-state databases are identical. The table in Figure showsthe information that node D has received. For example, Dreceived information that it was connected to node C with alink cost of 4 and to node E with a link cost of 1.

The shortest path algorithm then calculates a loop-freetopology using the node as the starting point and examining inturn information it has about adjacent nodes. In Figure , nodeB has calculated the best path to D. The best path to D is byway of node E, which has a cost of 4. This information isconverted to a route entry in B which will forward traffic toC. Packets to D from B will flow B to C to E, then to D inthis OSPF network.

In the example, node B determined that to get to node F theshortest path has a cost of 5, via node C. All other possibletopologies will either have loops or a higher cost paths.

2.2.5 OSPF network types

A neighbor relationship is required for OSPF routers toshare routing information. A router will try to becomeadjacent, or neighbor, to at least one other router on each IPnetwork to which it is connected. Some routers may try tobecome adjacent to all their neighbor routers. Other routersmay try to become adjacent to only one or two neighborrouters. OSPF routers determine which routers to becomeadjacent to based on the type of network they are connectedto. Once an adjacency is formed between neighbors, link-stateinformation is exchanged.

OSPF interfaces recognize three types of networks: Broadcast multi-access, such as Ethernet Point-to-point networks Nonbroadcast multi-access (NBMA), such as Frame Relay

A fourth type, point-to-multipoint, can be configured on aninterface by an administrator.


In a multiaccess network, the number of routers that willbe connected in advance is unknown. In point-to-pointnetworks, only two routers can be connected.

In a broadcast multi-access network segment, many routersmay be connected. If every router had to establish fulladjacency with every other router and exchange link-stateinformation with every neighbor, there would be too muchoverhead. If there are 5 routers, 10 adjacency relationshipswould be needed and 10 link states sent. If there are 10routers then 45 adjacencies would be needed. In general, for nrouters, n*(n-1)/2 adjacencies would need to be formed.

The solution to this overhead is to hold an election for adesignated router (DR). This router becomes adjacent to allother routers in the broadcast segment. All other routers onthe segment send their link-state information to the DR. TheDR in turn acts as the spokesperson for the segment. Using theexample numbers above, only 5 and 10 sets of link states needbe sent respectively. The DR sends link-state information toall other routers on the segment using the multicast addressof 224.0.0.5 for all OSPF routers.

Despite the gain in efficiency that electing a DR provides,there is a disadvantage. The DR represents a single point offailure. A second router is elected as a backup designatedrouter (BDR) to take over the duties of the DR if it shouldfail. To ensure that both the DR and the BDR see the linkstates all routers send on the segment, the multicast addressfor all designated routers, 224.0.0.6, is used.

On point-to-point networks only two nodes exist and no DRor BDR is elected. Both routers become fully adjacent witheach other.


Drag and Drop: OSPF Network Types

When the student has completed this activity, the student


will be able to identify the different OSPF network types.

2.2.6 OSPF Hello protocol

When a router starts an OSPF routing process on aninterface, it sends a hello packet and continues to sendhellos at regular intervals. The rules that govern theexchange of OSPF hello packets are called the Hello protocol.

At Layer 3 of the OSI model, the hello packets areaddressed to the multicast address 224.0.0.5. This address is“all OSPF routers”. OSPF routers use hello packets to initiatenew adjacencies and to ensure that neighbor routers are stillfunctioning. Hellos are sent every 10 seconds by default onbroadcast multi-access and point-to-point networks. Oninterfaces that connect to NBMA networks, such as Frame Relay,the default time is 30 seconds.

On multi-access networks the Hello protocol elects adesignated router (DR) and a backup designated router (BDR).

Although the hello packet is small, it consists of the OSPFpacket header. For the hello packet the type field is set to1.

The hello packet carries information that all neighborsmust agree upon before an adjacency is formed, and link-stateinformation is exchanged.


Drag and Drop: OSPF Packet Header

When the student has completed this activity, the studentwill be able to identify the different fields in an OSPFpacket header.

2.2.7 Steps in the operation of OSPF

OSPF routers send Hello packets on OSPF enabled interfaces.If all parameters in the OSPF Hello packets are agreed upon,


the routers become neighbors. On multi-access networks, therouters elect a DR and BDR. On these networks other routersbecome adjacent to the DR.

Adjacent routers go through a sequence of states. Adjacentrouters must be in the full state before routing tables arecreated and traffic routed. Each router sends link-stateadvertisements (LSA) in link-state update (LSU) packets. TheseLSAs describe all of the routers links. Each router thatreceives an LSA from its neighbor records the LSA in the link-state database. This process is repeated for all routers inthe OSPF network.

When the databases are complete, each router uses the SPFalgorithm to calculate a loop free logical topology to everyknown network. The shortest path with the lowest cost is usedin building this topology, therefore the best route isselected.

Routing information is now maintained. When there is achange in a link state, routers use a flooding process tonotify other routers on the network about the change. TheHello protocol dead interval provides a simple mechanism fordetermining that an adjacent neighbor is down. -


Drag and Drop: OSPF State Flowchart

When the student has completed this activity, the studentwill be able to identify the different OSPF neighbor states.

2.3 Single Area OSPF Configuration

2.3.1 Configuring OSPF routing process

OSPF routing uses the concept of areas. Each routercontains a complete database of link-states in a specificarea. An area in the OSPF network, it may be assigned any


number from 0 to 65,535. However a single area is assigned thenumber 0 and is known as area 0. In multi-area OSPF networks,all areas are required to connect to area 0. Area 0 is alsocalled the backbone area.

OSPF configuration requires that the configuration beenabled on the router with network addresses and areainformation. Network addresses are configured with a wildcardmask and not a subnet mask. The wildcard mask represents thelinks or host addresses that can be present in this segment.Area IDs can be written as a whole number or dotted decimalnotation.

To enable OSPF routing, use the global configurationcommand syntax:

Router(config)#router ospf process-id

The process ID is a number that is used to identify an OSPFrouting process on the router. Multiple OSPF processes can bestarted on the same router. The number can be any valuebetween 1 and 65,535. Most network administrators keep thesame process ID throughout an autonomous system, but this isnot a requirement. It is rarely necessary to run more than oneOSPF process on a router. IP networks are advertised asfollows in OSPF:

Router(config-router)#network address wildcard-mask areaarea-id

Each network must be identified with the area to which itbelongs. The network address can be a whole network, a subnet,or the address of the interface. The wildcard mask representsthe set of host addresses that the segment supports. This isdifferent than a subnet mask, which is used when configuringIP addresses on interfaces.

Lab Activity

Lab Exercise: Configuring the OSPF Routing Process


This lab is to setup an IP addressing scheme for OSPF area0 and configure and verify OSPF routing.

Lab Activity

e-Lab Activity: Configuring OSPF

In this lab, the students will configure and verify OSPFrouting.

2.3.2 Configuring OSPF loopback address and routerpriority

When the OSPF process starts, the Cisco IOS uses thehighest local active IP address as its OSPF router ID. Ifthere is no active interface, the OSPF process will not start.If the active interface goes down, the OSPF process has norouter ID and therefore ceases to function until the interfacecomes up again.

To ensure OSPF stability there should be an activeinterface for the OSPF process at all times. A loopbackinterface, which is a logical interface, can be configured forthis purpose. When a loopback interface is configured, OSPFuses this address as the router ID, regardless of the value.On a router that has more than one loopback interface, OSPFtakes the highest loopback IP address as its router ID.

To create and assign an IP address to a loopback interfaceuse the following commands:

Router(config)#interface loopback numberRouter(config-if)#ip address ip-address subnet-mask

It is considered good practice to use loopback interfacesfor all routers running OSPF. This loopback interface shouldbe configured with an address using a 32-bit subnet mask of255.255.255.255. A 32-bit subnet mask is called a host maskbecause the subnet mask specifies a network of one host. WhenOSPF is requested to advertise a loopback network, OSPF alwaysadvertises the loopback as a host route with a 32-bit mask.


In broadcast multi-access networks there may be more thantwo routers. OSPF elects a designated router (DR) to be thefocal point of all link-state updates and link-stateadvertisements. Because the DR role is critical, a backupdesignated router (BDR) is elected to take over if the DRfails.

If the network type of an interface is broadcast, thedefault OSPF priority is 1. When OSPF priorities are the same,the OSPF election for DR is decided on the router ID. Thehighest router ID is selected.

The election result can be determined by ensuring that theballots, the hello packets, contain a priority for that routerinterface. The interface reporting the highest priority for arouter will ensure that it becomes the DR.

The priorities can be set to any value from 0 to 255. Avalue of 0 prevents that router from being elected. A routerwith the highest OSPF priority will be selected as the DR. Arouter with the second highest priority will be the BDR. Afterthe election process, the DR and BDR retain their roles evenif routers are added to the network with higher OSPF priorityvalues.

Modify the OSPF priority by entering global interfaceconfiguration ip ospf priority command on an interface that isparticipating in OSPF. The command show ip ospf interfacewill display the interface priority value as well as other keyinformation.

Router(config-if)#ip ospf priority numberRouter#show ip ospf interface type number

Lab Activity

Lab Exercise: Configuring OSPF with Loopback Addresses

This lab is to configure routers with a Class C IPaddressing scheme.


Lab Activity

e-Lab Activity: Configuring OSPF with Loopback Addresses

In this lab, the student will observe the election processfor designated routers, DR, and BDR.

2.3.3 Modifying OSPF cost metric

OSPF uses cost as the metric for determining the bestroute. Cost is calculated using the formula 108/bandwidth,where bandwidth is expressed in bps. The Cisco IOSautomatically determines cost based on the bandwidth of theinterface. It is essential for proper OSPF operation that thecorrect interface bandwidth is set.

Router(config)#interface serial 0/0Router(config-if)#bandwidth 64

The default bandwidth for Cisco serial interfaces is 1.544Mbps, or 1544 kbps.

Cost can be changed to influence the outcome of the OSPFcost calculation. A common situation requiring a cost changeis in a multi-vendor routing environment. A cost change wouldensure that one vendor’s cost value would match anothervendor’s cost value. Another situation is when GigabitEthernet is being used. The default cost assigns the lowestcost value of 1 to a 100 Mbps link. In a 100-Mbps and GigabitEthernet situation, the default cost values could causerouting to take a less desirable path unless they areadjusted. The cost number can be between 1 and 65,535.

Use the following interface configuration command to setthe link cost:

Router(config-if)#ip ospf cost number

Lab Activity

Lab Exercise: Modifying OSPF Cost Metric


This lab is to setup an Open Shortest Path First (OSPF)area.

Lab Activity

e-Lab Activity: Modifying OSPF Cost Metric

In this lab, the student will modify the OSPF cost metric.

2.3.4 Configuring OSPF authentication

By default, a router trusts that routing information iscoming from a router that should be sending the information. Arouter also trusts that the information has not been tamperedwith along the route.

To guarantee this trust, routers in a specific area can beconfigured to authenticate each other.

Each OSPF interface can present an authentication key foruse by routers sending OSPF information to other routers onthe segment. The authentication key, known as a password, is ashared secret between the routers. This key is used togenerate the authentication data in the OSPF packet header.The password can be up to eight characters. Use the followingcommand syntax to configure OSPF authentication:

Router(config-if)#ip ospf authentication-key password

After the password is configured, authentication must beenabled:

Router(config-router)#area area-number authentication

With simple authentication, the password is sent as plaintext. This means that it can be easily decoded if a packetsniffer captures an OSPF packet.

It is recommended that authentication information beencrypted. To send encrypted authentication information and toensure greater security, the message-digest keyword is used.The MD5 keyword specifies the type of message-digest hashing


algorithm to use, and the encryption type field refers to thetype of encryption, where 0 means none and 7 meansproprietary.

Use the interface configuration command mode syntax:

Router(config-if)#ip ospf message-digest-key key-id md5encryption-type key

The key-id is an identifier and takes the value in therange of 1 through 255. The key is an alphanumeric password upto sixteen characters. Neighbor routers must use the same keyidentifier with the same key value.

The following is configured in router configuration mode:

Router(config-router)#area area-id authenticationmessage-digest

MD5 authentication creates a message digest. A messagedigest is scrambled data that is based on the password and thepacket contents. The receiving router uses the shared passwordand the packet to re-calculate the digest. If the digestsmatch, the router believes that the source and contents of thepacket have not been tampered with. The authentication typeidentifies which authentication, if any, is being used. In thecase of message-digest authentication, the authentication datafield contains the key-id and the length of the message digestthat is appended to the packet. The message digest is like awatermark that cannot be counterfeited.

Lab Activity

Lab Exercise: Configuring OSPF Authentication

This lab is to setup an IP addressing scheme for OpenShortest Path First (OSPF) area.

Lab Activity

e-Lab Activity: Configuring OSPF Authentication


In this lab, the student will setup an IP addressing schemefor OSPF area, configure and verify OSPF routing, andintroduce OSPF authentication in to the area.

2.3.5 Configuring OSPF timers

OSPF routers must have the same hello intervals and thesame dead intervals to exchange information. By default, thedead interval is four times the value of the hello interval.This means that a router has four chances to send a hellopacket before being declared dead.

On broadcast OSPF networks, the default hello interval is10 seconds and the default dead interval is 40 seconds. Onnonbroadcast networks, the default hello interval is 30seconds and the default dead interval is 120 seconds. Thesedefault values result in efficient OSPF operation and seldomneed to be modified.

A network administrator is allowed to choose these timervalues. A justification that OSPF network performance will beimproved is needed prior to changing the timers. These timersmust be configured to match those of any neighboring router.

To configure the hello and dead intervals on an interface,use the following commands:

Router(config-if)#ip ospf hello-interval secondsRouter(config-if)#ip ospf dead-interval seconds

Lab Activity

Lab Exercise: Configuring OSPF Timers

This lab is to setup OSPF timers.

Lab Activity

e-Lab Activity: Configuring OSPF Timers

In this lab, the student will adjust OSPF timers tomaximize efficiency of the network.


2.3.6 OSPF, propagating a default route

OSPF routing ensures loop-free paths to every network inthe domain. To reach networks outside the domain, either OSPFmust know about the network or OSPF must have a default route.To have an entry for every network in the world would requireenormous resources for each router.

A practical alternative is to add a default route to theOSPF router connected to the outside network. This route canbe redistributed to each router in the AS through normal OSPFupdates.

A configured default route is used by a router to generatea gateway of last resort. The static default routeconfiguration syntax uses the network 0.0.0.0 address and asubnet mask 0.0.0.0:

Router(config)#ip route 0.0.0.0 0.0.0.0 [interface |next-hop address]

This is referred to as the quad-zero route, and any networkaddress is matched using the following rule. The networkgateway is determined by ANDing the packet destination withthe subnet mask.

The following configuration statement will propagate thisroute to all the routers in a normal OSPF area:

Router(config-router)#default-information originate

All routers in the OSPF area will learn a default routeprovided that the interface of the border router to thedefault gateway is active.

Lab Activity

Lab Exercise: Propagating Default Routes in an OSPF Domain

This lab is to setup an IP addressing scheme for OSPF area.

Lab Activity


e-Lab Activity: Propagate Default Route Information in anOSPF Domain

In this lab, the student will configure the OSPF network sothat all hosts in the OSPF area can connect to outsidenetworks.

2.3.7 Common OSPF configuration issues

An OSPF router must establish a neighbor or adjacencyrelationship with another OSPF router to exchange routinginformation. Failure to establish a neighbor relationship iscaused by any of the following reasons:

Hellos are not sent from both neighbors. Hello and dead interval timers are not the same. Interfaces are on different network types. Authentication passwords or keys are different.

In OSPF routing it is also important to ensure thefollowing:

All interfaces have the correct addresses and subnetmask.

network area statements have the correct wildcardmasks.

network area statements put interfaces into the correctarea.

2.3.8 Verifying the OSPF configuration

To verify the OSPF configuration a number of show commandsare available. Figure lists these commands. Figure showscommands useful for troubleshooting OSPF.

Summary


The features of link-state routing How link-state routing information is maintained


The link-state routing algorithm The advantages and disadvantages of link-state routing Link-state routing compared with distance vector

routing OSPF terminology The differences between distance vector and link-state

routing protocols OSPF network types The operation of the shortest path first (SPF)

algorithm The OSPF Hello protocol The basics steps in the operation of OSPF Enabling OSPF on a router Configuring a loopback address to set router priority Changing OSPF route preference by modifying the cost

metric Configuring OSPF authentication Changing OSPF timers Creating and propagating a default route Using show commands to verify OSPF operation

Chapter 3 EIGRP 47

Chapter 3 EIGRP

Overview

Enhanced Interior Gateway Routing Protocol (EIGRP) is aCisco-proprietary routing protocol based on Interior GatewayRouting Protocol (IGRP).

Unlike IGRP, which is a classful routing protocol, EIGRPsupports classless interdomain routing (CIDR), allowingnetwork designers to maximize address space by using CIDR andvariable-length subnet mask (VLSM). Compared to IGRP, EIGRPboasts faster convergence times, improved scalability, andsuperior handling of routing loops.

Furthermore, EIGRP can replace Novell Routing InformationProtocol (RIP) and AppleTalk Routing Table MaintenanceProtocol (RTMP), serving both IPX and AppleTalk networks withpowerful efficiency.

EIGRP is often described as a hybrid routing protocol,offering the best of distance vector and link-statealgorithms.

EIGRP is an advanced routing protocol that relies onfeatures commonly associated with link-state protocols. Someof the best features of OSPF, such as partial updates andneighbor discovery, are similarly put to use by EIGRP.However, EIGRP is easier to configure than OSPF.

EIGRP is an ideal choice for large, multi-protocol networksbuilt primarily on Cisco routers.

This module covers common EIGRP configuration tasks.Particular attention is paid to the ways in which EIGRPestablishes relationships with adjacent routers, calculates


primary and backup routes, and when necessary, responds tofailures in known routes to a particular destination.

A network is made up of many devices, protocols, and mediathat allow data communication to happen. When one piece of thenetwork does not work properly, one or two users may be unableto communicate, or the entire network may fail. In eithercase, the network administrator must quickly identify andtroubleshoot problems when they arise. Network problemscommonly result from the following:

Mistyped commands Incorrectly constructed or incorrectly placed access

lists Misconfigured routers, switches, or other network

devices Bad physical connections

A network administrator should approach troubleshooting ina methodical manner, using a general problem-solving model. Itis often useful to check for physical layer problems first andthen move up the layers in an organized manner. Although thismodule will focus on troubleshooting the operation of routingprotocols, which work at Layer 3, it is important to eliminateany problems that may exist at lower layers.

Students completing this module should be able to: Describe the differences between EIGRP and IGRP Describe the key concepts, technologies, and data

structures of EIGRP Understand EIGRP convergence and the basic operation of

the Diffusing Update Algorithm (DUAL) Perform a basic EIGRP configuration Configure EIGRP route summarization Describe the processes used by EIGRP to build and

maintain routing tables Verify EIGRP operations Describe the eight-step process for general

troubleshooting Apply a logical process to routing troubleshooting

Chapter 3 EIGRP 49

Troubleshoot a RIP routing process using show and debugcommands

Troubleshoot an IGRP routing process using show anddebug commands

Troubleshoot an EIGRP routing process using show anddebug commands

Troubleshoot an OSPF routing process using show anddebug commands

3.1 EIGRP Concepts

3.1.1 Comparing EIGRP with IGRP

Cisco released EIGRP in 1994 as a scalable, improvedversion of its proprietary distance vector routing protocol,IGRP. The same distance vector technology found in IGRP isused in EIGRP, and the underlying distance information remainsthe same.

EIGRP improves the convergence properties and the operatingefficiency significantly over IGRP. This allows for animproved architecture while retaining the existing investmentin IGRP.

Comparisons between EIGRP and IGRP fall into the followingmajor categories:

Compatibility mode Metric calculation Hop count Automatic protocol redistribution Route tagging

IGRP and EIGRP are compatible with each other. Thiscompatibility provides seamless interoperability with IGRProuters. This is important so users can take advantage of thebenefits of both protocols. EIGRP offers multiprotocolsupport, but IGRP does not.


EIGRP and IGRP use different metric calculations. EIGRPscales the metric of IGRP by a factor of 256. That is becauseEIGRP uses a metric that is 32 bits long, and IGRP uses a 24-bit metric. By multiplying or dividing by 256, EIGRP caneasily exchange information with IGRP.

IGRP has a maximum hop count of 255. EIGRP has a maximumhop count limit of 224. This is more than adequate to supportthe largest, properly designed internetworks.

Enabling dissimilar routing protocols such as OSPF and RIPto share information requires advanced configuration.Redistribution, the sharing of routes, is automatic betweenIGRP and EIGRP as long as both processes use the sameautonomous system (AS) number. In Figure , RTB automaticallyredistributes EIGRP-learned routes to the IGRP AS, and viceversa.

EIGRP will tag routes learned from IGRP or any outsidesource as external because they did not originate from EIGRProuters. IGRP cannot differentiate between internal andexternal routes.

Notice that in the show ip route command output for therouters in Figure , EIGRP routes are flagged with D, andexternal routes are denoted by EX. RTA identifies thedifference between the network learned via EIGRP (172.16.0.0)and the network that was redistributed from IGRP(192.168.1.0). In the RTC table, the IGRP protocol makes nosuch distinction. RTC, which is running IGRP only, just seesIGRP routes, despite the fact that both 10.1.1.0 and172.16.0.0 were redistributed from EIGRP.


Checkbox: IGRP and EIGRP Comparison

When the student has completed this activity, the studentwill be able to identify the difference between IGRP andEIGRP.

Chapter 3 EIGRP 51

3.1.2 EIGRP concepts and terminology

EIGRP routers keep route and topology information readilyavailable in RAM, so they can react quickly to changes. LikeOSPF, EIGRP saves this information in several tables anddatabases.

EIGRP saves routes that are learned in specific ways.Routes are given a particular status and can be tagged toprovide additional useful information.

EIGRP maintains three tables: Neighbor table Topology table Routing table

The neighbor table is the most important table in EIGRP.Each EIGRP router maintains a neighbor table that listsadjacent routers. This table is comparable to the adjacencydatabase used by OSPF. There is a neighbor table for eachprotocol that EIGRP supports.

When newly discovered neighbors are learned, the addressand interface of the neighbor is recorded. This information isstored in the neighbor data structure. When a neighbor sends ahello packet, it advertises a hold time. The hold time is theamount of time a router treats a neighbor as reachable andoperational. In other words, if a hello packet is not heardwithin the hold time, then the hold time expires. When thehold time expires, the Diffusing Update Algorithm (DUAL),which is the EIGRP distance vector algorithm, is informed ofthe topology change and must recalculate the new topology.

The topology table is made up of all the EIGRP routingtables in the autonomous system. DUAL takes the informationsupplied in the neighbor table and the topology table andcalculates the lowest cost routes to each destination. Bytracking this information, EIGRP routers can identify andswitch to alternate routes quickly. The information that therouter learns from the DUAL is used to determine the successor


route, which is the term used to identify the primary or bestroute. A copy is also placed in the topology table.

Every EIGRP router maintains a topology table for eachconfigured network protocol. All learned routes to adestination are maintained in the topology table.

The topology table includes the following fields: Feasible distance (FD is 2195456) 200.10.10.10 – The

feasible distance (FD) is the lowest calculated metricto each destination. For example, the feasible distanceto 32.0.0.0 is 90 as indicated by FD is equal 90.

Route source (via 200.10.10.10) – The source of theroute is the identification number of the router thatoriginally advertised that route. This field ispopulated only for routes learned externally from theEIGRP network. Route tagging can be particularly usefulwith policy-based routing. For example, the routesource to 32.0.0.0 is 200.10.10.10 via 200.10.10.10.

Reported distance (FD/RD) – The reported distance (RD)of the path is the distance reported by an adjacentneighbor to a specific destination. For example, thereported distance to 32.0.0.0 is 2195456 as indicatedby (90/2195456).

Interface information – The interface through which thedestination is reachable

Route status – Routes are identified as being eitherpassive (P), which means that the route is stable andready for use, or active (A), which means that theroute is in the process of being recomputed by DUAL.

The EIGRP routing table holds the best routes to adestination. This information is retrieved from the topologytable. Each EIGRP router maintains a routing table for eachnetwork protocol.

A successor is a route selected as the primary route to useto reach a destination. DUAL identifies this route from theinformation contained in the neighbor and topology tables and

Chapter 3 EIGRP 53

places it in the routing table. There can be up to foursuccessor routes for any particular route. These can be ofequal or unequal cost and are identified as the best loop-freepaths to a given destination. A copy of the successor routesis also placed in the topology table.

A feasible successor (FS) is a backup route. These routesare identified at the same time the successors are identified,but they are only kept in the topology table. Multiplefeasible successors for a destination can be retained in thetopology table although it is not mandatory.

A router views its feasible successors as neighborsdownstream, or closer to the destination than it is. Feasiblesuccessor cost is computed by the advertised cost of theneighbor router to the destination. If a successor route goesdown, the router will look for an identified feasiblesuccessor. This route will be promoted to successor status. Afeasible successor must have a lower advertised cost than theexisting successor cost to the destination. If a feasiblesuccessor is not identified from the existing information, therouter places an Active status on a route and sends out querypackets to all neighbors in order to recompute the currenttopology. The router can identify any new successor orfeasible successor routes from the new data that is receivedfrom the reply packets that answer the query requests. Therouter will then place a Passive status on the route.

The topology table can record additional information abouteach route. EIGRP classifies routes as either internal orexternal. EIGRP adds a route tag to each route to identifythis classification. Internal routes originate from within theEIGRP autonomous system (AS).

External routes originate outside the EIGRP AS. Routeslearned or redistributed from other routing protocols, such asRouting Information Protocol (RIP), OSPF, and IGRP, areexternal. Static routes originating outside the EIGRP AS areexternal. The tag can be configured to a number between 0-255


to customize the tag.

3.1.3 EIGRP design features

EIGRP operates quite differently from IGRP. EIGRP is anadvanced distance vector routing protocol and acts as a link-state protocol when updating neighbors and maintaining routinginformation. The advantages of EIGRP over simple distancevector protocols include the following:

Rapid convergence Efficient use of bandwidth Support for variable-length subnet mask (VLSM) and

classless interdomain routing (CIDR). Unlike IGRP,EIGRP offers full support for classless IP byexchanging subnet masks in routing updates.

Multiple network-layer support Independence from routed protocols. Protocol-dependent

modules (PDMs) protect EIGRP from lengthy revision.Evolving routed protocols, such as IP, may require anew protocol module but not necessarily a reworking ofEIGRP itself.

EIGRP routers converge quickly because they rely on DUAL.DUAL guarantees loop-free operation at every instantthroughout a route computation allowing all routers involvedin a topology change to synchronize at the same time.

EIGRP makes efficient use of bandwidth by sending partial,bounded updates and its minimal consumption of bandwidth whenthe network is stable. EIGRP routers make partial, incrementalupdates rather than sending their complete tables. This issimilar to OSPF operation, but unlike OSPF routers, EIGRProuters send these partial updates only to the routers thatneed the information, not to all routers in an area. For thisreason, they are called bounded updates. Instead of usingtimed routing updates, EIGRP routers keep in touch with eachother using small hello packets. Though exchanged regularly,hello packets do not use up a significant amount of bandwidth.

Chapter 3 EIGRP 55

EIGRP supports IP, IPX, and AppleTalk through protocol-dependent modules (PDMs). EIGRP can redistribute IPX RIP andSAP information to improve overall performance. In effect,EIGRP can take over for these two protocols. An EIGRP routerwill receive routing and service updates, updating otherrouters only when changes in the SAP or routing tables occur.Routing updates occur as they would in any EIGRP network,using partial updates.

EIGRP can also take over for the AppleTalk Routing TableMaintenance Protocol (RTMP). As a distance vector routingprotocol, RTMP relies on periodic and complete exchanges ofrouting information. To reduce overhead, EIGRP redistributesAppleTalk routing information using event-driven updates.EIGRP also uses a configurable composite metric to determinethe best route to an AppleTalk network. RTMP uses hop count,which can result in suboptimal routing. AppleTalk clientsexpect RTMP information from local routers, so EIGRP forAppleTalk should be run only on a clientless network, such asa wide-area network (WAN) link.

3.1.4 EIGRP technologies

EIGRP includes many new technologies, each of whichrepresents an improvement in operating efficiency, speed ofconvergence, or functionality relative to IGRP and otherrouting protocols. These technologies fall into one of thefollowing four categories:

Neighbor discovery and recovery Reliable Transport Protocol DUAL finite-state machine algorithm Protocol-dependent modules

Simple distance vector routers do not establish anyrelationship with their neighbors. RIP and IGRP routers merelybroadcast or multicast updates on configured interfaces. Incontrast, EIGRP routers actively establish relationships withtheir neighbors, much the same way that OSPF routers do.


EIGRP routers establish adjacencies as described inFigure . EIGRP routers establish adjacencies with neighborrouters by using small hello packets. Hellos are sent bydefault every five seconds. An EIGRP router assumes that aslong as it is receiving hello packets from known neighbors,those neighbors and their routes remain viable or passive. Byforming adjacencies, EIGRP routers do the following:

Dynamically learn of new routes that join their network Identify routers that become either unreachable or

inoperable Rediscover routers that had previously been unreachable

Reliable Transport Protocol (RTP) is a transport-layerprotocol that can guarantee ordered delivery of EIGRP packetsto all neighbors. On an IP network, hosts use TCP to sequencepackets and ensure their timely delivery. However, EIGRP isprotocol-independent. This means it does not rely on TCP/IP toexchange routing information the way that RIP, IGRP, and OSPFdo. To stay independent of IP, EIGRP uses RTP as its ownproprietary transport-layer protocol to guarantee delivery ofrouting information.

EIGRP can call on RTP to provide reliable or unreliableservice as the situation warrants. For example, hello packetsdo not require the overhead of reliable delivery because theyare frequent and should be kept small. Nevertheless, thereliable delivery of other routing information can actuallyspeed convergence, because EIGRP routers are not waiting for atimer to expire before they retransmit.

With RTP, EIGRP can multicast and unicast to differentpeers simultaneously, which allows for maximum efficiency.

The centerpiece of EIGRP is the Diffusing Update Algorithm(DUAL), which is the EIGRP route-calculation engine. The fullname of this technology is DUAL finite-state machine (FSM). AnFSM is an algorithm machine, not a mechanical device withmoving parts. FSMs define a set of possible states thatsomething can go through, what events cause those states, and

Chapter 3 EIGRP 57

what events result from those states. Designers use FSMs todescribe how a device, computer program, or routing algorithmwill react to a set of input events. The DUAL FSM contains allthe logic used to calculate and compare routes in an EIGRPnetwork.

DUAL tracks all the routes advertised by neighbors.Composite metrics of each route are used to compare them.DUAL also guarantees that each path is loop free. DUAL insertslowest cost paths into the routing table. These primary routesare known as successor routes. A copy of the successor routesis also placed in the topology table.

EIGRP keeps important route and topology informationreadily available in a neighbor table and a topology table.These tables supply DUAL with comprehensive route informationin case of network disruption. DUAL selects alternate routesquickly by using the information in these tables. If a linkgoes down, DUAL looks for an alternative route path, orfeasible successor, in the topology table.

One of the best features of EIGRP is its modular design.Modular, layered designs prove to be the most scalable andadaptable. Support for routed protocols, such as IP, IPX, andAppleTalk, is included in EIGRP through PDMs. In theory, EIGRPcan easily adapt to new or revised routed protocols, such asIPv6, by adding protocol-dependent modules.

Each PDM is responsible for all functions related to itsspecific routed protocol. The IP-EIGRP module is responsiblefor the following:

Sending and receiving EIGRP packets that bear IP data Notifying DUAL of new IP routing information that is

received Maintaining the results of DUAL routing decisions in

the IP routing table Redistributing routing information that was learned by

other IP-capable routing protocols


3.1.5 EIGRP data structure

Like OSPF, EIGRP relies on different types of packets tomaintain its various tables and establish complexrelationships with neighbor routers.

The five EIGRP packet types are: Hello Acknowledgment Update Query Reply

EIGRP relies on hello packets to discover, verify, andrediscover neighbor routers. Rediscovery occurs if EIGRProuters do not receive hellos from each other for a hold timeinterval but then re-establish communication.

EIGRP routers send hellos at a fixed but configurableinterval, called the hello interval. The default hellointerval depends on the bandwidth of the interface. On IPnetworks, EIGRP routers send hellos to the multicast IPaddress 224.0.0.10.

An EIGRP router stores information about neighbors in theneighbor table. The neighbor table includes the SequenceNumber (Seq No) field to record the number of the lastreceived EIGRP packet that each neighbor sent. The neighbortable also includes a Hold Time field which records the timethe last packet was received. Packets should be receivedwithin the Hold Time interval period to maintain a Passivestate. The Passive state is a reachable and operationalstatus.

If a neighbor is not heard from for the duration of thehold time, EIGRP considers that neighbor down, and DUAL muststep in to re-evaluate the routing table. By default, the holdtime is three times the hello interval, but an administratorcan configure both timers as desired.

Chapter 3 EIGRP 59

OSPF requires neighbor routers to have the same hello anddead intervals to communicate. EIGRP has no such restriction.Neighbor routers learn about each of the other respectivetimers via the exchange of hello packets. Then they use thatinformation to forge a stable relationship regardless ofunlike timers.

Hello packets are always sent unreliably. This means thatno acknowledgment is transmitted.

An EIGRP router uses acknowledgment packets to indicatereceipt of any EIGRP packet during a reliable exchange.Reliable Transport Protocol (RTP) can provide reliablecommunication between EIGRP hosts. To be reliable, a sender'smessage must be acknowledged by the recipient. Acknowledgmentpackets, which are hello packets without data, are used forthis purpose. Unlike multicast hellos, acknowledgment packetsare unicast. Acknowledgments can be made by attaching them toother kinds of EIGRP packets, such as reply packets.

Update packets are used when a router discovers a newneighbor. An EIGRP router sends unicast update packets to thatnew neighbor so that it can add to its topology table. Morethan one update packet may be needed to convey all thetopology information to the newly discovered neighbor.

Update packets are also used when a router detects atopology change. In this case, the EIGRP router sends amulticast update packet to all neighbors, which alerts them tothe change. All update packets are sent reliably.

An EIGRP router uses query packets whenever it needsspecific information from one or all of its neighbors. A replypacket is used to respond to a query.

If an EIGRP router loses its successor and cannot find afeasible successor for a route, DUAL places the route in theActive state. A query is then multicasted to all neighbors inan attempt to locate a successor to the destination network.Neighbors must send replies that either provide information on


successors or indicate that no information is available.Queries can be multicast or unicast, while replies are alwaysunicast. Both packet types are sent reliably.

3.1.6 EIGRP algorithm

The sophisticated DUAL algorithm results in theexceptionally fast convergence of EIGRP. To better understandconvergence with DUAL, consider the example in Figure . Eachrouter has constructed a topology table that containsinformation about how to route to destination Network A.

Each topology table identifies the following: The routing protocol or EIGRP The lowest cost of the route, which is called Feasible

Distance (FD) The cost of the route as advertised by the neighboring

router, which is called Reported Distance (RD)

The Topology heading identifies the preferred primaryroute, called the successor route (Successor), and, whereidentified, the backup route, called the feasible successor(FS). Note that it is not necessary to have an identifiedfeasible successor.

The EIGRP network will follow a sequence of actions tobring about convergence between the routers, which currentlyhave the following topology information:

Router C has one successor route by way of Router B.Router C has one feasible successor route by way of

Router D.Router D has one successor route by way of Router B.Router D has no feasible successor route.Router E has one successor route by way of Router D.Router E has no feasible successor.

The feasible successor route selection rules are specifiedin Figure .

Chapter 3 EIGRP 61

The following example demonstrates how each router in thetopology will carry out the feasible successor selection ruleswhen the route from Router D to Router B goes down:

In Router D:

Route by way of Router B is removed from the topologytable.

This is the successor route. Router D has no feasiblesuccessor identified.

Router D must complete a new route computation.

In Router C:

Route to Network A by way of Router D is down.

Route by way of Router D is removed from the table.

This is the feasible successor route for Router C.

In Router D:

Router D has no feasible successor. It cannot switch to anidentified alternative backup route.

Router D must recompute the topology of the network. Thepath to destination Network A is set to Active.

Router D sends a query packet to all connected neighbors,Router C and Router E, requesting topology information.

Router C does have a previous entry for Router D.

Router D does not have a previous entry for Router E.

In Router E:

Route to Network A through Router D is down.

The route by way of Router D is taken down.

This is the successor route for Router E.


Router E does not have a feasible route identified.

Note that the Reported Distance cost of routing by way ofRouter C is 3, the same cost as the successor route by way ofRouter D.

In Router C:

Router E sends a query packet to Router C.

Router C removes Router E from the table.

Router C replies to Router D with new route to Network A.

In Router D:

Route status to destination Network A is still marked asActive. Computing has not been completed yet.

Router C has replied to Router D to confirm that a route todestination Network A is available with a cost of 5.

Router D is still waiting for a reply from Router E.

In Router E:

Router E has no feasible successor to reach destinationNetwork A.

Router E, therefore, tags the status of the route todestination network as Active.

Router E will have to recompute the network topology.

Router E removes the route by way of Router D from thetable.

Router E sends a query to Router C, requesting topologyinformation.

Router E already has an entry by way of Router C. It is ata cost of 3, the same as the successor route.

Chapter 3 EIGRP 63

In Router E:

Router C replies with an RD of 3.

Router E can now set the route by way of Router C as thenew successor with an FD of 4 and an RD of 3.

Router E replaces the “Active” status of the route todestination Network A with a “Passive Status”. Note that aroute will have a “Passive Status” by default, as long ashello packets are being received. In this example, only“Active Status” routes are flagged.

In Router E:

Router E sends a reply to Router D informing of Router Etopology information.

In Router D:

Router D receives the reply packed from Router E, informingof Router E topology information.

Router D enters this data for the route to destinationNetwork A by way of Router E.

This route becomes an additional successor route as thecost is the same as routing by way of Router C and the RD isless than the FD cost of 5.

Convergence has occurred among all EIGRP routers using theDUAL algorithm.

3.2 EIGRP Configuration

3.2.1 Configuring EIGRP

Despite the complexity of DUAL, configuring EIGRP can berelatively simple. EIGRP configuration commands vary dependingon the protocol that is to be routed. Some examples of these


protocols are IP, IPX, and AppleTalk. This section coversEIGRP configuration for the IP protocol.

Perform the following steps to configure EIGRP for IP: Use the following to enable EIGRP and define the

autonomous system:router(config)#router eigrp autonomous-system-number

The autonomous system number is used to identify allrouters that belong within the internetwork. This valuemust match all routers within the internetwork.

Indicate which networks belong to the EIGRP autonomoussystem on the local router by using the followingcommand:

router(config-router)#network network-numberThe network-number is the network number thatdetermines which interfaces of the router areparticipating in EIGRP and which networks areadvertised by the router.The network command configures only connected networks.For example, network 3.1.0.0, which is on the far leftof the main Figure, is not directly connected to RouterA. Consequently, that network is not part of theconfiguration of Router A.

When configuring serial links using EIGRP, it isimportant to configure the bandwidth setting on theinterface. If the bandwidth for these interfaces is notchanged, EIGRP assumes the default bandwidth on thelink instead of the true bandwidth. If the link isslower, the router may not be able to converge, routingupdates might become lost, or suboptimal path selectionmay result. To set the interface bandwidth, use thefollowing syntax:

router(config-if)#bandwidth kilobitsThe bandwidth command is only used by the routingprocess and should be set to match the line speed ofthe interface.

Cisco also recommends adding the following command toall EIGRP configurations:

Chapter 3 EIGRP 65

router(config-if)#eigrp log-neighbor-changesThis command enables the logging of neighbor adjacencychanges to monitor the stability of the routing systemand to help detect problems.

Lab Activity

Lab Exercise: Configuring EIGRP Routing

This lab is to setup an IP addressing scheme for thenetwork.

Lab Activity

e-Lab Activity: Configuring EIGRP

In this lab, the student will configure EIGRP routing.

3.2.2 Configuring EIGRP summarization

EIGRP automatically summarizes routes at the classfulboundary. This is the boundary where the network address ends,as defined by class-based addressing. This means that eventhough RTC is connected only to the subnet 2.1.1.0, it willadvertise that it is connected to the entire Class A network,2.0.0.0. In most cases auto summarization is beneficialbecause it keeps routing tables as compact as possible.

However, automatic summarization may not be the preferredoption in certain instances. For example, if there arediscontiguous subnetworks auto-summarization must be disabledfor routing to work properly. To turn off auto-summarization,use the following command:

router(config-router)#no auto-summary

With EIGRP, a summary address can be manually configured byconfiguring a prefix network. Manual summary routes areconfigured on a per-interface basis, so the interface thatwill propagate the route summary must be selected first. Thenthe summary address can be defined with the ip summary-address


eigrp command:

router(config-if)#ip summary-address eigrp autonomous-system-number ip-address mask administrative-distance

EIGRP summary routes have an administrative distance of 5by default. Optionally, they can be configured for a valuebetween 1 and 255.

In Figure , RTC can be configured using the commands shown:

RTC(config)#router eigrp 2446RTC(config-router)#no auto-summaryRTC(config-router)#exitRTC(config)#interface serial 0/0RTC(config-if)#ip summary-address eigrp 2446 2.1.0.0

255.255.0.0

Therefore, RTC will add a route to its table as follows:

D 2.1.0.0/16 is a summary, 00:00:22, Null0

Notice that the summary route is sourced from Null0 and notfrom an actual interface. This is because this route is usedfor advertisement purposes and does not represent a path thatRTC can take to reach that network. On RTC, this route has anadministrative distance of 5.

RTD is not aware of the summarization but accepts theroute. The route is assigned the administrative distance of anormal EIGRP route, which is 90 by default.

In the configuration for RTC, auto-summarization is turnedoff with the no auto-summary command. If auto-summarizationwas not turned off, RTD would receive two routes, the manualsummary address, which is 2.1.0.0 /16, and the automatic,classful summary address, which is 2.0.0.0 /8.

In most cases when manually summarizing, the no auto-summary command should be issued.

Chapter 3 EIGRP 67

3.2.3 Verifying basic EIGRP

Verifying EIGRP operation is performed by the use ofvarious show commands. Figure lists the key EIGRP showcommands and briefly discusses their functions.

The Cisco IOS debug feature also provides useful EIGRPmonitoring commands.

Lab Activity

Lab Exercise: Verifying Basic EIGRP Configuration

This lab is to setup an IP addressing scheme for thenetwork and to verify EIGRP configuration.

Lab Activity

e-Lab Activity: Verifying Basic EIGRP

In this lab, the student will configure and verify EIGRPRouting.

3.2.4 Building neighbor tables

Simple distance vector routers do not establish anyrelationship with their neighbors. RIP and IGRP routers merelybroadcast or multicast updates on configured interfaces. Incontrast, EIGRP routers actively establish relationships withtheir neighbors as do OSPF routers.

The neighbor table is the most important table in EIGRP.Each EIGRP router maintains a neighbor table that listsadjacent routers. This table is comparable to the adjacencydatabase used by OSPF. There is a neighbor table for eachprotocol that EIGRP supports.

EIGRP routers establish adjacencies with neighbor routersby using small hello packets. Hellos are sent by default everyfive seconds. An EIGRP router assumes that, as long as it isreceiving hello packets from known neighbors, those neighborsand their routes remain viable or passive. By forming


adjacencies, EIGRP routers do the following: Dynamically learn of new routes that join their network Identify routers that become either unreachable or

inoperable Rediscover routers that had previously been unreachable

The following fields are found in a neighbor table: Neighbor address – This is the network layer address of

the neighbor router. Hold time – This is the interval to wait without

receiving anything from a neighbor before consideringthe link unavailable. Originally, the expected packetwas a hello packet, but in current Cisco IOS softwarereleases, any EIGRP packets received after the firsthello will reset the timer.

Smooth Round-Trip Timer (SRTT) – This is the averagetime that it takes to send and receive packets from aneighbor. This timer is used to determine theretransmit interval (RTO).

Queue count (Q Cnt) – This is the number of packetswaiting in a queue to be sent. If this value isconstantly higher than zero, there may be a congestionproblem at the router. A zero means that there are noEIGRP packets in the queue.

Sequence Number (Seq No) – This is the number of thelast packet received from that neighbor. EIGRP usesthis field to acknowledge a transmission of a neighborand to identify packets that are out of sequence. Theneighbor table is used to support reliable, sequenceddelivery of packets and can be regarded as analogous tothe TCP protocol used in the reliable delivery of IPpackets.


Crossword Puzzle: EIGRP Concepts and Terminology

When the student has completed this activity, the studentwill understand the different EIGRP concepts and terminology.

Chapter 3 EIGRP 69

3.2.5 Discover routes

EIGRP routers keep route and topology information availablein RAM, so changes can be reacted to quickly. Like OSPF, EIGRPkeeps this information in several tables or databases.

The EIGRP distance vector algorithm, DUAL, uses theinformation gathered in the neighbor and topology tables andcalculates the lowest cost route to the destination. Theprimary route is called the successor route. When calculated,DUAL places the successor route in the routing table and acopy in the topology table.

DUAL also attempts to calculate a backup route in case thesuccessor route fails. This is called the feasible successorroute. When calculated, DUAL places the feasible route in thetopology table. This route can be called upon if the successorroute to a destination becomes unreachable or unreliable.

3.2.6 Select routes

If a link goes down, DUAL looks for an alternative routepath, or feasible successor, in the topology table. If afeasible successor is not found, the route is flagged asActive, or unusable at present. Query packets are sent toneighboring routers requesting topology information. DUAL usesthis information to recalculate successor and feasiblesuccessor routes to the destination.

Once DUAL has completed these calculations, the successorroute is placed in the routing table. Then both the successorroute and feasible successor route are placed in the topologytable. The route to the final destination will now pass froman Active status to a Passive status. This means that theroute is now operational and reliable.

The sophisticated algorithm of DUAL results in EIGRP havingexceptionally fast convergence. To better understandconvergence using DUAL, consider the example in Figure . Allrouters have built a topology table that contains information


about how to route to destination network Z.

Each table identifies the following: The routing protocol or EIGRP The lowest cost of the route or Feasible Distance (FD) The cost of the route as advertised by the neighboring

router or Reported Distance (RD)

The Topology heading identifies the preferred primaryroute, which is called the successor route (Successor). If itis identified, the Topology heading will also identify thebackup route, which is called the feasible successor (FS).Note that it is not necessary to have an identified feasiblesuccessor.

3.2.7 Maintaining routing tables

DUAL tracks all routes advertised by neighbors using thecomposite metric of each route to compare them. DUAL alsoguarantees that each path is loop-free.

Lowest-cost paths are then inserted by the DUAL algorithminto the routing table. These primary routes are known assuccessor routes. A copy of the successor paths is placed inthe topology table.

EIGRP keeps important route and topology informationreadily available in a neighbor table and a topology table.These tables supply DUAL with comprehensive route informationin case of network disruption. DUAL selects alternate routesquickly by using the information in these tables.

If a link goes down, DUAL looks for an alternative routepath, or feasible successor, in the topology table. If afeasible successor is not found, the route is flagged asactive, or unusable at present. Query packets are sent toneighboring routers requesting topology information. DUAL usesthis information to recalculate successor and feasiblesuccessor routes to the destination.

Chapter 3 EIGRP 71

Once DUAL has completed these calculations, the successorroute is placed in the routing table. Then both the successorroute and feasible successor route are placed in the topologytable. The route to the final destination will now pass froman active status to a passive status. This means that theroute is now operational and reliable.

EIGRP routers establish and maintain adjacencies withneighbor routers by using small hello packets. Hellos are sentby default every five seconds. An EIGRP router assumes that,as long as it is receiving hello packets from known neighbors,those neighbors and their routes remain viable, or passive.

When newly discovered neighbors are learned, the addressand interface of the neighbor is recorded. This information isstored in the neighbor data structure. When a neighbor sends ahello packet, it advertises a hold time. The hold time is theamount of time a router treats a neighbor as reachable andoperational.In other words, if a hello packet is not heardfrom within the hold time, the hold time expires. When thehold time expires, DUAL is informed of the topology change,and must recalculate the new topology.

In the example in Figures - , DUAL must reconstruct thetopology following the discovery of a broken link betweenrouter D and router B.

The new successor routes will be placed in the updatedrouting table.

3.3 Troubleshooting Routing Protocols

3.3.1 Routing protocol troubleshooting process

All routing protocol troubleshooting should begin with alogical sequence, or process flow. This process flow is not arigid outline for troubleshooting an internetwork. However, itis a foundation from which a network administrator can build a


problem-solving process to suit a particular environment.

When analyzing a network failure, make a clear problemstatement.

Gather the facts needed to help isolate possiblecauses.

Consider possible problems based on the facts that havebeen gathered.

Create an action plan based on the remaining potentialproblems.

Implement the action plan, performing each stepcarefully while testing to see whether the symptomdisappears.

Analyze the results to determine whether the problemhas been resolved. If it has, then the process iscomplete.

If the problem has not been resolved, create an actionplan based on the next most likely problem in the list.Return to Step 4, change one variable at a time, andrepeat the process until the problem is solved.

Once the actual cause of the problem is identified, tryto solve it.

Cisco routers provide numerous integrated commands toassist in monitoring and troubleshooting an internetwork:

show commands help monitor installation behavior andnormal network behavior, as well as isolate problemareas

debug commands assist in the isolation of protocol andconfiguration problems

TCP/IP network tools such as ping, traceroute, andtelnet

Cisco IOS show commands are among the most important toolsfor understanding the status of a router, detectingneighboring routers, monitoring the network in general, andisolating problems in the network.

EXEC debug commands can provide a wealth of information

Chapter 3 EIGRP 73

about interface traffic, internal error messages, protocol-specific diagnostic packets, and other useful troubleshootingdata. Use debug commands to isolate problems, not to monitornormal network operation. Only use debug commands to look forspecific types of traffic or problems. Before using the debugcommand, narrow the problems to a likely subset of causes. Usethe show debugging command to view which debugging featuresare enabled.

3.3.2 Troubleshooting RIP configuration

The most common problem found in Routing InformationProtocol (RIP) that prevents RIP routes from being advertisedis the variable-length subnet mask (VLSM). This is because RIPVersion 1 does not support VLSM. If the RIP routes are notbeing advertised, check the following:

Layer 1 or Layer 2 connectivity issues exist. VLSM subnetting is configured. VLSM subnetting cannot

be used with RIP v1. Mismatched RIP v1 and RIP v2 routing configurations

exist. Network statements are missing or incorrectly assigned. The outgoing interface is down. The advertised network interface is down.

The show ip protocols command provides information aboutthe parameters and current state of the active routingprotocol process. RIP sends updates to the interfaces in thespecified networks. If interface FastEthernet 0/1 wasconfigured but the network was not added to RIP routing, noupdates would be sent out or received from the interface.

Use the debug ip rip EXEC command to display information onRIP routing transactions. The no debug ip rip, no debug all,or undebug all commands will turn off all debugging.

Figure shows that the router being debugged has receivedan update from another router at source address 192.168.3.1.That router sent information about two destinations in the


routing table update. The router being debugged also sentupdates. Both routers broadcasted address 255.255.255.255 asthe destination. The number in parentheses is the sourceaddress encapsulated into the IP header.

An entry most likely caused by a malformed packet from thetransmitter is shown in the following output:

RIP: bad version 128 from 160.89.80.43

3.3.3 Troubleshooting IGRP configuration

Interior Gateway Routing Protocol (IGRP) is an advanceddistance vector routing protocol developed by Cisco in themiddle 1980s. IGRP has several features that differentiate itfrom other distance vector routing protocols such as RIP.

Use the router igrp autonomous-system command to enable theIGRP routing process:

R1(config)#router igrp 100

Use the router configuration network network-number commandto enable interfaces to participate in the IGRP updateprocess:

R1(config-router)#network 172.30.0.0R1(config-router)#network 192.168.3.0

Verify IGRP configuration with the show running-configuration and show ip protocols commands:

R1#show ip protocols

Verify IGRP operation with the show ip route command:

R1#show ip route

If IGRP does not appear to be working correctly, check thefollowing:

Layer 1 or Layer 2 connectivity issues exist. Autonomous system numbers on IGRP routers are

Chapter 3 EIGRP 75

mismatched. Network statements are missing or incorrectly assigned. The outgoing interface is down. The advertised network interface is down.

To view IGRP debugging information, use the followingcommands:

debug ip igrp transactions [host ip address] to viewIGRP transaction information

debug ip igrp events [host ip address] to view routingupdate information

To turn off debugging, use the no debug ip igrp command.

If a network becomes inaccessible, routers running IGRPsend triggered updates to neighbors to inform them. A neighborrouter will then respond with poison reverse updates and keepthe suspect network in a holddown state for 280 seconds.

3.3.4 Troubleshooting EIGRP configuration

Normal EIGRP operation is stable, efficient in bandwidthutilization, and relatively simple to monitor andtroubleshoot.

Use the router eigrp autonomous-system command to enable theEIGRP routing process:

R1(config)#router eigrp 100

To exchange routing updates, each router in the EIGRPnetwork must be configured with the same autonomous systemnumber.

Use the router configuration network network-number commandto enable interfaces to participate in the EIGRP updateprocess:

R1(config-router)#network 172.30.0.0R1(config-router)#network 192.168.3.0


Verify EIGRP configuration with the show running-configuration and show ip protocols commands:

R1#show ip protocols

Some possible reasons why EIGRP may not be workingcorrectly are:

Layer 1 or Layer 2 connectivity issues exist. Autonomous system numbers on EIGRP routers are

mismatched. The link may be congested or down. The outgoing interface is down. The advertised network interface is down. Auto-summarization is enabled on routers with

discontiguous subnets. Use no auto-summary to disable automatic network

summarization.

One of the most common reasons for a missing neighbor is afailure on the actual link. Another possible cause of missingneighbors is an expired holddown timer. Since hellos are sentevery 5 seconds on most networks, the hold-time value in ashow ip eigrp neighbors command output should normally be avalue between 10 and 15.

To effectively monitor and troubleshoot an EIGRP network,use the commands described in Figures - .

3.3.5 Troubleshooting OSPF configuration

Open Shortest Path First (OSPF) is a link-state protocol. Alink is an interface on a router. The state of the link is adescription of that interface and of its relationship to itsneighboring routers. For example, a description of theinterface would include the IP address, the mask, the type ofnetwork to which it is connected, the routers connected tothat network, and so on. This information forms a link-statedatabase.

The majority of problems encountered with OSPF relate to

Chapter 3 EIGRP 77

the formation of adjacencies and the synchronization of thelink-state databases. The show ip ospf neighbor command isuseful for troubleshooting adjacency formation. OSPFconfiguration commands are shown in Figure .

Use the debug ip ospf events privileged EXEC command todisplay the following information about OSPF-related events:

Adjacencies Flooding information Designated router selection Shortest path first (SPF) calculation

If a router configured for OSPF routing is not seeing anOSPF neighbor on an attached network, perform the followingtasks:

Verify that both routers have been configured with thesame IP mask, OSPF hello interval, and OSPF deadinterval.

Verify that both neighbors are part of the same area.

To display information about each Open Shortest Path First(OSPF) packet received, use the debug ip ospf packetprivileged EXEC command. The no form of this command disablesdebugging output.

The debug ip ospf packet command produces one set ofinformation for each packet received. The output variesslightly, depending on which authentication is used.

Summary


Differences between EIGRP and IGRP Key concepts, technologies, and data structures of

EIGRP EIGRP convergence and the basic operation of the

Diffusing Update Algorithm, or DUAL


Basic EIGRP configuration Configuring EIGRP route summarization The processes used by EIGRP to build and maintain

routing tables Verifying EIGRP operations The eight-step process for general troubleshooting Applying a logical process to routing troubleshooting Troubleshooting a RIP routing process using show and

debug commands Troubleshooting an IGRP routing process using show and

debug commands Troubleshooting an EIGRP routing process using show and

debug commands Troubleshooting an OSPF routing process using show and

debug commands

Chapter 4 Switching Concepts 79

Chapter 4 Switching Concepts

Overview

Local-area network (LAN) design has developed and changedover time. Network designers until very recently used hubs andbridges to build networks. Now switches and routers are thekey components in LAN design, and the capabilities andperformance of these devices are continually improving.

This module returns to some of the roots of modern EthernetLANs with a discussion of the evolution of Ethernet/802.3, themost commonly deployed LAN architecture. A look at thehistorical context of LAN development and various networkingdevices that can be utilized at Layer 1, Layer 2, and Layer 3of the OSI model will help provide a solid understanding ofthe reasons why network devices have evolved as they have.

Until recently, most Ethernet networks were built usingrepeaters. When the performance of these networks began tosuffer because too many devices shared the same segment,network engineers added bridges to create multiple collisiondomains. As networks grew in size and complexity, the bridgeevolved into the modern switch, allowing microsegmentation ofthe network. Today’s networks typically are built usingswitches and routers, often with the routing and switchingfunction in the same device.

Many modern switches are capable of performing varied andcomplex tasks in the network. This module will provide anintroduction to network segmentation and will describe thebasics of switch operation.

Switches and bridges perform much of the heavy work in aLAN, making nearly instantaneous decisions when frames are


received. This module describes in detail how frames aretransmitted by switches, how frames are filtered, and howswitches learn the physical addresses of all network nodes. Asan introduction to the use of bridges and switches in LANdesign, the principles of LAN segmentation and collisiondomains are also covered.

Switches are Layer 2 devices that are used to increaseavailable bandwidth and reduce network congestion. A switchcan segment a LAN into microsegments, which are segments withonly a single host. Microsegmentation creates multiplecollision-free domains from one larger domain. As a Layer 2device, the LAN switch increases the number of collisiondomains, but all hosts connected to the switch are still partof the same broadcast domain.

Students completing this module should be able to: Describe the history and function of shared, half-

duplex Ethernet Define collision as it relates to Ethernet networks Define microsegmentation Define CSMA/CD Describe some of the key elements affecting network

performance Describe the function of repeaters Define network latency Define transmission time Describe the basic function of Fast Ethernet Define network segmentation using routers, switches,

and bridges Describe the basic operations of a switch Define Ethernet switch latency Explain the differences between Layer 2 and Layer 3

switching Define symmetric and asymmetric switching Define memory buffering Compare and contrast store-and-forward and cut-through

switching


Understand the differences between hubs, bridges, andswitches

Describe the main functions of switches List the major switch frame transmission modes Describe the process by which switches learn addresses Identify and define forwarding modes Define LAN segmentation Define microsegmentation using switching Describe the frame-filtering process Compare and contrast collision and broadcast domains Identify the cables needed to connect switches to

workstations Identify the cables needed to connect switches to

switches

4.1 Introduction to Ethernet/802.3 LANs

4.1.1 Ethernet/802.3 LAN development

The earliest LAN technologies commonly used either thickEthernet or thin Ethernet infrastructures. It is important tounderstand some of the limitations of these infrastructures inorder to see where LAN switching stands today.

Adding hubs or concentrators into the network offered animprovement on thick and thin Ethernet technology. A hub is aLayer 1 device and is sometimes referred to as an Ethernetconcentrator or a multi-port repeater. Introducing hubs intothe network allowed greater access to the network for moreusers. Active hubs also allowed for the extension of networksto greater distances. A hub does this by regenerating the datasignal. A hub does not make any decisions when receiving datasignals. It simply regenerates and amplifies the data signalsthat it receives to all connected devices.

Ethernet is fundamentally a shared technology where allusers on a given LAN segment compete for the same availablebandwidth. This situation is analogous to a number of cars all


trying to access a one-lane road at the same time. Because theroad has only one lane, only one car can access it at a time.The introduction of hubs into a network resulted in more userscompeting for the same bandwidth.

Collisions are a by-product of Ethernet networks. If two ormore devices try to transmit at the same time a collisionoccurs. This situation is analogous to two cars merging into asingle lane and the resulting collision. Traffic is backed upuntil the collision can be cleared. When the number ofcollisions in a network is excessive, sluggish networkresponse times result. This indicates that the network hasbecome too congested or too many users are trying to accessthe network at the same time.

Layer 2 devices are more intelligent than Layer 1 devices.Layer 2 devices make forwarding decisions based on MediaAccess Control (MAC) addresses contained within the headers oftransmitted data frames.

A bridge is a Layer 2 device used to divide, or segment, anetwork. A bridge is capable of collecting and selectivelypassing data frames between two network segments. Bridges dothis by learning the MAC address of all devices on eachconnected segment. Using this information, the bridge builds abridging table and forwards or blocks traffic based on thattable. This results in smaller collision domains and greaternetwork efficiency. Bridges do not restrict broadcasttraffic. However, they do provide greater traffic controlwithin a network.

A switch is also a Layer 2 device and may be referred to asa multi-port bridge. A switch has the intelligence to makeforwarding decisions based on MAC addresses contained withintransmitted data frames. The switch learns the MAC addressesof devices connected to each port and this information isentered into a switching table.

Switches create a virtual circuit between two connected


devices that want to communicate. When the virtual circuit iscreated, a dedicated communication path is established betweenthe two devices. The implementation of a switch on the networkprovides microsegmentation. In theory this creates a collisionfree environment between the source and destination, whichallows maximum utilization of the available bandwidth. Aswitch is also able to facilitate multiple, simultaneousvirtual circuit connections. This is analogous to a highwaybeing divided into multiple lanes with each car having its owndedicated lane.

The disadvantage of Layer 2 devices is that they forwardbroadcast frames to all connected devices on the network. Whenthe number of broadcasts in a network is excessive, sluggishnetwork response times result.

A router is a Layer 3 device. The router makes decisionsbased on groups of network addresses, or classes, as opposedto individual Layer 2 MAC addresses. Routers use routingtables to record the Layer 3 addresses of the networks thatare directly connected to the local interfaces and networkpaths learned from neighboring routers.

The purpose of a router is to do all of the following: Examine incoming packets of Layer 3 data Choose the best path for them through the network Switch them to the proper outgoing port

Routers are not compelled to forward broadcasts. Therefore,routers reduce the size of both the collision domains and thebroadcast domains in a network. Routers are the most importanttraffic regulating devices on large networks. They enablevirtually any type of computer to communicate with any othercomputer anywhere in the world.

LANs typically employ a combination of Layer 1, Layer 2,and Layer 3 devices. Implementation of these devices dependson factors that are specific to the particular needs of theorganization.



Drag and Drop: Devices Function at Layers

After completing this activity, students will be able toidentify the different OSI layers where networking devicesfunction.

4.1.2 Factors that impact network performance

Today's LANs are becoming increasingly congested andoverburdened. In addition to an ever-growing population ofnetwork users, several other factors have combined to test thelimits of the capabilities of traditional LANs:

The multitasking environment present in current desktopoperating systems such as Windows, Unix/Linux and Macallows for simultaneous network transactions. Thisincreased capability has lead to an increased demandfor network resources.

The use of network intensive applications such as theWorld Wide Web is increasing. Client/serverapplications allow administrators to centralizeinformation, thus making it easier to maintain andprotect information.

Client/server applications free local workstations fromthe burden of maintaining information and the cost ofproviding enough hard disk space to store it. Given thecost benefit of client/server applications, suchapplications are likely to become even more widely usedin the future.

4.1.3 Elements of Ethernet/802.3 networks

The most common LAN architecture is Ethernet. Ethernet isused to transport data between devices on a network. Thesedevices include computers, printers, and file servers. Allnodes on a shared Ethernet media transmit and receive datausing a data frame broadcast method. The performance of ashared medium Ethernet/802.3 LAN can be negatively affected byseveral factors:


The data frame delivery of Ethernet/802.3 LANs is of abroadcast nature.

The carrier sense multiple access/collision detect(CSMA/CD) method allows only one station to transmit ata time.

Multimedia applications with higher bandwidth demandsuch as video and the Internet, coupled with thebroadcast nature of Ethernet, can create networkcongestion.

Normal latency occurs as the frames travel across theLayer 1 medium and through Layer 1, Layer 2, and Layer3 networking devices.

Extending the distances and increasing latency of theEthernet/802.3 LANs by using Layer 1 repeaters.

Ethernet using CSMA/CD and a shared medium can support datatransmission rates of up to 100 Mbps. CSMA/CD is an accessmethod that allows only one station to transmit at a time. Thegoal of Ethernet is to provide a best-effort delivery serviceand allow all devices on the shared medium to transmit on anequal basis. A certain number of collisions are expected inthe design of Ethernet and CSMA/CD. Therefore, collisions canbecome a major problem in a CSMA/CD network.

4.1.4 Half-duplex networks

Originally Ethernet was a half-duplex technology. Usinghalf-duplex, a host could either transmit or receive at onetime, but not both. Each Ethernet host checks the network tosee whether data is being transmitted before it transmitsadditional data. If the network is already in use, thetransmission is delayed. Despite transmission deferral, two ormore Ethernet hosts could transmit at the same time. Thisresults in a collision. When a collision occurs, the host thatfirst detects the collision will send out a jam signal to theother hosts. Upon receiving the jam signal, each host willstop sending data, then wait for a random period of timebefore attempting to retransmit. The back-off algorithmgenerates this random delay. As more hosts are added to the


network and begin transmitting, collisions are more likely tooccur.

Ethernet LANs become saturated because users run networkintensive software, such as client/server applications, whichcause hosts to transmit more often and for longer periods oftime. The network interface card (NIC), used by LAN devices,provides several circuits so that communication among devicescan occur.

4.1.5 Network congestion

Advances in technology are producing faster and moreintelligent desktop computers and workstations. Thecombination of more powerful workstations and networkintensive applications has created a need for greater networkcapacity, or bandwidth. The requirements have exceeded the 10Mbps available on shared Ethernet/802.3 LANs.

Today's networks are experiencing an increase in thetransmission of many forms of media:

Large graphics files Images Full-motion video Multimedia applications

There is also an increase in the number of users on anetwork. All these factors place an even greater strain on the10-Mbps of available bandwidth. As more people utilize anetwork to share larger files, access file servers, andconnect to the Internet, network congestion occurs. This canresult in slower response times, longer file transfers, andnetwork users becoming less productive. To relieve networkcongestion, more bandwidth is needed or the availablebandwidth must be used more efficiently.


Drag and Drop: Bandwidth Requirements


When the student has completed this activity, the studentwill be able to identify the bandwidth requirements fordifferent multimedia applications on a network.

4.1.6 Network latency

Latency, or delay, is the time a frame or a packet takes totravel from the source station to the final destination. It isimportant to quantify the total latency of the path betweenthe source and the destination for LANs and WANs. In thespecific case of an Ethernet LAN, understanding latency andits effect on network timing is crucial to determining whetherCSMA/CD for detecting collisions and negotiating transmissionswill work properly.

Latency has at least three sources: First, there is the time it takes the source NIC to

place voltage pulses on the wire and the time it takesthe receiving NIC to interpret these pulses. This issometimes called NIC delay, typically around 1microsecond for a 10BASE-T NIC.

Second, there is the actual propagation delay as thesignal takes time to travel along the cable. Typically,this is about 0.556 microseconds per 100 m for Cat 5UTP. Longer cable and slower nominal velocity ofpropagation (NVP) results in more propagation delay.

Third, latency is added according to which networkingdevices, whether they are Layer 1, Layer 2, or Layer 3,are added to the path between the two communicatingcomputers.

Latency does not depend solely on distance and number ofdevices. For example, if three properly configured switchesseparate two workstations, the workstations may experienceless latency than if two properly configured routers separatedthem. This is because routers conduct more complex and time-consuming functions. A router must analyze Layer 3 data.

4.1.7 Ethernet 10 BASE-T transmission time


All networks have what is called bit time or slot time.Many LAN technologies, such as Ethernet, define bit time asthe basic unit of time in which ONE bit can be sent. In orderfor the electronic or optical devices to recognize a binaryone or zero, there must be some minimum duration during whichthe bit is on or off.

Transmission time equals the number of bits being senttimes the bit time for a given technology. Another way tothink about transmission time is the time it takes a frame tobe transmitted. Small frames take a shorter amount of time.Large frames take a longer amount of time.

Each 10 Mbps Ethernet bit has a 100 ns transmission window.This is the bit time. A byte equals 8 bits. Therefore, 1 bytetakes a minimum of 800 ns to transmit. A 64-byte frame, thesmallest 10BASE-T frame allowing CSMA/CD to function properly,takes 51,200 ns ( 51.2 microseconds). Transmission of anentire 1000-byte frame from the source station requires 800microseconds just to complete the frame. The time at which theframe actually arrives at the destination station depends onthe additional latency introduced by the network. This latencycan be due to a variety of delays including all of thefollowing:

NIC delays Propagation delays Layer 1, Layer 2, or Layer 3 device delays


Drag and Drop: 10BASE-T Transmission Times

After completing this activity, students will be able toidentify the transmission times of 10BASE-T.

4.1.8 The benefits of using repeaters

The distance that a LAN can cover is limited due toattenuation. Attenuation means that the signal weakens as ittravels through the network. The resistance in the cable or


medium through which the signal travels causes the loss ofsignal strength. An Ethernet repeater is a physical layerdevice on the network that boosts or regenerates the signal onan Ethernet LAN. When a repeater is used to extend thedistance of a LAN, a single network can cover a greaterdistance and more users can share that same network. However,the use of repeaters and hubs compounds problems associatedwith broadcasts and collisions. It also has a negative effecton the overall performance of the shared media LAN.


PhotoZoom: Cisco 1503 Micro Hub

In this PhotoZoom, the student will view the Cisco 1503Micro Hub.

4.1.9 Full-duplex transmitting

Full-duplex Ethernet allows the transmission of a packetand the reception of a different packet at the same time. Thissimultaneous transmission and reception requires the use oftwo pairs of wires in the cable and a switched connectionbetween each node. This connection is considered point-to-point and is collision free. Because both nodes can transmitand receive at the same time, there are no negotiations forbandwidth. Full-duplex Ethernet can use an existing cableinfrastructure as long as the medium meets the minimumEthernet standards.

To transmit and receive simultaneously, a dedicated switchport is required for each node. Full-duplex connections canuse 10BASE-T, 100BASE-TX, or 100BASE-FX media to create point-to-point connections. The NICs on all connected devices musthave full-duplex capabilities.

The full-duplex Ethernet switch takes advantage of the twopairs of wires in the cable by creating a direct connectionbetween the transmit (TX) at one end of the circuit and thereceive (RX) at the other end. With the two stations connected


in this manner a collision free environment is created as thetransmission and receipt of data occurs on separate non-competitive circuits.

Ethernet usually can only use 50%-60% of the available 10Mbps of bandwidth because of collisions and latency. Full-duplex Ethernet offers 100% of the bandwidth in bothdirections. This produces a potential 20 Mbps throughput,which results from 10 Mbps TX and 10 Mbps RX.


Drag and Drop: Full Duplex Ethernet

After completing this activity, students will be able toidentify the requirements for full duplex Ethernet.

4.2 Introduction to LAN Switching

4.2.1 LAN segmentation

A network can be divided into smaller units calledsegments. Figure shows an example of a segmented Ethernetnetwork. The entire network has fifteen computers. Of thesefifteen computers, six are servers and nine are workstations.Each segment uses the CSMA/CD access method and maintainstraffic between users on the segment. Each segment is its owncollision domain.

Segmentation allows network congestion to be significantlyreduced within each segment. When transmitting data within asegment, the devices within that segment share the totalavailable bandwidth. Data passed between segments istransmitted over the backbone of the network using a bridge,router, or switch.

4.2.2 LAN segmentation with bridges

Bridges are Layer 2 devices that forward data frames


according to the MAC address. Bridges read the sender's MACaddress of the data packets that are received on the incomingports to discover which devices are on each segment. The MACaddresses are then used to build a bridging table. This willallow the bridge to block packets that do not need to beforwarded from the local segment.

Although the operation of a bridge is transparent to othernetwork devices, the latency on a network is increased by tento thirty percent when a bridge is used. This latency is aresult of the decision making process prior to the forwardingof a packet. A bridge is considered a store-and-forwarddevice. The bridge must examine the destination address fieldand calculate the cyclic redundancy check (CRC) in the framecheck sequence field before forwarding the frame. If thedestination port is busy, the bridge can temporarily store theframe until that port is available.

4.2.3 LAN segmentation with routers

Routers provide segmentation of networks, adding a latencyfactor of 20% to 30% over a switched network. This increasedlatency is because a router operates at the network layer anduses the IP address to determine the best path to thedestination node. Figure shows a Cisco router.

Bridges and switches provide segmentation within a singlenetwork or subnetwork. Routers provide connectivity betweennetworks and subnetworks.

Routers also do not forward broadcasts while switches andbridges must forward broadcast frames.


PhotoZoom: Cisco 2621 Router

In this PhotoZoom, the student will view a Cisco 2621router.



PhotoZoom: Cisco 3640 Router

In this PhotoZoom, the student will view a Cisco 3640router.

4.2.4 LAN segmentation with switches

LAN switching decreases bandwidth shortages and networkbottlenecks, such as those between several workstations and aremote file server. Figure shows a Cisco switch. A switchwill segment a LAN into microsegments which decreases the sizeof collision domains. However all hosts connected to theswitch are still in the same broadcast domain.

In a pure switched Ethernet LAN, the sending and receivingnodes function as if they are the only nodes on the network.When these two nodes establish a link, or virtual circuit,they have access to the maximum available bandwidth. Theselinks provide significantly more throughput than Ethernet LANsconnected by bridges or hubs. This virtual network circuit isestablished within the switch and exists only when the nodesneed to communicate.

4.2.5 Basic operations of a switch

Switching is a technology that decreases congestion inEthernet, Token Ring, and Fiber Distributed Data Interface(FDDI) LANs. Switching accomplishes this by reducing trafficand increasing bandwidth. LAN switches are often used toreplace shared hubs and are designed to work with existingcable infrastructures.

Switching equipment performs the following two basicoperations:

Switching data frames Maintaining switching operations

Figures - show the basic operations of a switch.

4.2.6 Ethernet switch latency


Latency is the period of time from when the beginning of aframe enters to when the end of the frame exits the switch.Latency is directly related to the configured switchingprocess and volume of traffic.

Latency is measured in fractions of a second. Withnetworking devices operating at incredibly high speeds, everyadditional nanosecond of latency adversely affects networkperformance.

4.2.7 Layer 2 and layer 3 switching

Switching is the process of receiving an incoming frame onone interface and delivering that frame out another interface.Routers use Layer 3 switching to route a packet. Switches useLayer 2 switching to forward frames.

The difference between Layer 2 and Layer 3 switching is thetype of information inside the frame that is used to determinethe correct output interface. Layer 2 switching is based onMAC address information. Layer 3 switching is based on networklayer addresses or IP addresses.

Layer 2 switching looks at a destination MAC address in theframe header and forwards the frame to the appropriateinterface or port based on the MAC address in the switchingtable. The switching table is contained in ContentAddressable Memory (CAM). If the Layer 2 switch does not knowwhere to send the frame, it broadcasts the frame out all portsto the network. When a reply is returned, the switch recordsthe new address in the CAM.

Layer 3 switching is a function of the network layer. TheLayer 3 header information is examined and the packet isforwarded based on the IP address.

Traffic flow in a switched or flat network is inherentlydifferent from the traffic flow in a routed or hierarchicalnetwork. Hierarchical networks offer more flexible trafficflow than flat networks.


4.2.8 Symmetric and asymmetric switching

LAN switching may be classified as symmetric or asymmetricbased on the way in which bandwidth is allocated to the switchports. A symmetric switch provides switched connectionsbetween ports with the same bandwidth. An asymmetric LANswitch provides switched connections between ports of unlikebandwidth, such as a combination of 10 Mbps and 100 Mbpsports.

Asymmetric switching enables more bandwidth to be dedicatedto the server switch port in order to prevent a bottleneck.This allows smoother traffic flows where multiple clients arecommunicating with a server at the same time. Memory bufferingis required on an asymmetric switch. The use of buffers keepsthe frames contiguous between different data rate ports.

4.2.9 Memory buffering

An Ethernet switch may use a buffering technique to storeand forward frames. Buffering may also be used when thedestination port is busy. The area of memory where the switchstores the data is called the memory buffer. This memorybuffer can use two methods for forwarding frames, port-basedmemory buffering and shared memory buffering.

In port-based memory buffering frames are stored in queuesthat are linked to specific incoming ports. A frame istransmitted to the outgoing port only when all the framesahead of it in the queue have been successfully transmitted.It is possible for a single frame to delay the transmission ofall the frames in memory because of a busy destination port.This delay occurs even if the other frames could betransmitted to open destination ports.

Shared memory buffering deposits all frames into a commonmemory buffer which all the ports on the switch share. Theamount of buffer memory required by a port is dynamicallyallocated. The frames in the buffer are linked dynamically tothe transmit port. This allows the packet to be received on


one port and then transmitted on another port, without movingit to a different queue.

The switch keeps a map of frame to port links showing wherea packet needs to be transmitted. The map link is clearedafter the frame has been successfully transmitted. The memorybuffer is shared. The number of frames stored in the buffer isrestricted by the size of the entire memory buffer, and notlimited to a single port buffer. This permits larger frames tobe transmitted with fewer dropped frames. This is important toasynchronous switching, where frames are being exchangedbetween different rate ports.

4.2.10 Two switching methods

The following two switching modes are available to forwardframes:

Store-and-forward – The entire frame is received beforeany forwarding takes place. The destination and sourceaddresses are read and filters are applied before theframe is forwarded. Latency occurs while the frame isbeing received. Latency is greater with larger framesbecause the entire frame must be received before theswitching process begins. The switch is able to checkthe entire frame for errors, which allows more errordetection.

Cut-through – The frame is forwarded through the switchbefore the entire frame is received. At a minimum theframe destination address must be read before the framecan be forwarded. This mode decreases the latency ofthe transmission, but also reduces error detection.

The following are two forms of cut-through switching: Fast-forward – Fast-forward switching offers the lowest

level of latency. Fast-forward switching immediatelyforwards a packet after reading the destinationaddress. Because fast-forward switching startsforwarding before the entire packet is received, theremay be times when packets are relayed with errors.


Although this occurs infrequently and the destinationnetwork adapter will discard the faulty packet uponreceipt. In fast-forward mode, latency is measured fromthe first bit received to the first bit transmitted.

Fragment-free – Fragment-free switching filters outcollision fragments before forwarding begins. Collisionfragments are the majority of packet errors. In aproperly functioning network, collision fragments mustbe smaller than 64 bytes. Anything greater than 64bytes is a valid packet and is usually received withouterror. Fragment-free switching waits until the packetis determined not to be a collision fragment beforeforwarding. In fragment-free mode, latency is alsomeasured from the first bit received to the first bittransmitted.

The latency of each switching mode depends on how theswitch forwards the frames. To accomplish faster frameforwarding, the switch reduces the time for error checking.However, reducing the error checking time can lead to a highernumber of retransmissions.

4.3 Switch Operation

4.3.1 Functions of Ethernet switches

A switch is a network device that selects a path or circuitfor sending a frame to its destination. Both switches andbridges operate at Layer 2 of the OSI model.

Switches are sometimes called multiport bridges orswitching hubs. Switches make decisions based on MAC addressesand therefore, are Layer 2 devices. In contrast, hubsregenerate the Layer 1 signals out of all ports without makingany decisions. Since a switch has the capacity to make pathselection decisions, the LAN becomes much more efficient.Usually, in an Ethernet network the workstations are connecteddirectly to the switch. Switches learn which hosts are


connected to a port by reading the source MAC address inframes. The switch opens a virtual circuit between the sourceand destination nodes only. This confines communication tothose two ports without affecting traffic on other ports. Incontrast, a hub forwards data out all of its ports so that allhosts see the data and must process it, even if that data isnot intended for it. High-performance LANs are usually fullyswitched.

A switch concentrates connectivity, making datatransmission more efficient. Frames are switched fromincoming ports to outgoing ports. Each port orinterface can provide the full bandwidth of theconnection to the host.

On a typical Ethernet hub, all ports connect to acommon backplane or physical connection within the hub,and all devices attached to the hub share the bandwidthof the network. If two stations establish a sessionthat uses a significant level of bandwidth, the networkperformance of all other stations attached to the hubis degraded.

To reduce degradation, the switch treats each interfaceas an individual segment. When stations on differentinterfaces need to communicate, the switch forwardsframes at wire speed from one interface to the other,to ensure that each session receives full bandwidth.

To efficiently switch frames between interfaces, the switchmaintains an address table. When a frame enters the switch, itassociates the MAC address of the sending station with theinterface on which it was received.

The main features of Ethernet switches are: Isolate traffic among segments Achieve greater amount of bandwidth per user by

creating smaller collision domains

The first feature, isolate traffic among segments, is knownas microsegmentation. Microsegmentation is the name given tothe smaller units into which the networks are divided by use


of Ethernet switches. Each segment uses the CSMA/CD accessmethod to maintain data traffic flow among the users on thatsegment. Such segmentation allows multiple users to sendinformation at the same time on the different segments withoutslowing down the network.

By using the segments in the network fewer users and/ordevices are sharing the same bandwidth when communicating withone another. Each segment has its own collision domain.Ethernet switches filter the traffic by redirecting thedatagrams to the correct port or ports, which are based onLayer 2 MAC addresses.

The second function of an Ethernet switch is to ensure eachuser has more bandwidth by creating smaller collision domains.Both Ethernet and Fast Ethernet switches allow thesegmentation of a LAN, thus creating smaller collisiondomains. Each segment becomes a dedicated network link, like ahighway lane functioning at up to 100 Mbps. Popular serverscan then be placed on individual 100-Mbps links. Often innetworks of today, a Fast Ethernet switch will act as thebackbone of the LAN, with Ethernet hubs, Ethernet switches, orFast Ethernet hubs providing the desktop connections inworkgroups. As demanding new applications such as desktopmultimedia or videoconferencing become more popular, certainindividual desktop computers will have dedicated 100-Mbpslinks to the network.

4.3.2 Frame transmission modes

There are three main frame transmission modes: Fast-forward – With this transmission mode, the switch

reads the destination address before receiving theentire frame. The frame is then forwarded before theentire frame arrives. This mode decreases the latencyof the transmission but has poor LAN switching errordetection. Fast-forward is the term used to indicate aswitch is in cut-through mode.

Store-and-forward – The entire frame is received before


any forwarding takes place. The destination and sourceaddresses are read and filters are applied before theframe is forwarded. Latency occurs while the frame isbeing received. Latency is greater with larger framesbecause the entire frame must be received before theswitching process begins. The switch has time availableto check for errors, which allows more error detection.

Fragment-free – This mode of switching reads the first64 bytes of an Ethernet frame and then beginsforwarding it to the appropriate port or ports.Fragment-free is a term used to indicate the switch isusing modified cut-through switching.

Another transmission mode is a combination of cut-throughand store-and-forward. This hybrid mode is called adaptivecut-through. In this mode, the switch uses cut-through untilit detects a given number of errors. Once the error thresholdis reached, the switch changes to store-and-forward mode.


Drag and Drop: Switching Method Trigger Points

When the student has completed this activity, the studentwill be able to understand the different methods of switching.

4.3.3 How switches and bridges learn addresses

Bridges and switches only forward frames, which need totravel from one LAN segment to another. To accomplish thistask, they must learn which devices are connected to which LANsegment.

A bridge is considered an intelligent device because it canmake decisions based on MAC addresses. To do this, a bridgerefers to an address table. When a bridge is turned on,broadcast messages are transmitted asking all the stations onthe local segment of the network to respond. As the stationsreturn the broadcast message, the bridge builds a table oflocal addresses. This process is called learning.


Bridges and switches learn in the following ways: Reading the source MAC address of each received frame

or datagram Recording the port on which the MAC address was

received.

In this way, the bridge or switch learns which addressesbelong to the devices connected to each port.

The learned addresses and associated port or interface arestored in the addressing table. The bridge examines thedestination address of all received frames. The bridge thenscans the address table searching for the destination address.

CAM is used in switch applications: To take out and process the address information from

incoming data packets To compare the destination address with a table of

addresses stored within it

The CAM stores host MAC addresses and associated portnumbers. The CAM compares the received destination MAC addressagainst the CAM table contents. If the comparison yields amatch, the port is provided, and routing control forwards thepacket to the correct port and address.

An Ethernet switch can learn the address of each device onthe network by reading the source address of each frametransmitted and noting the port where the frame entered theswitch. The switch then adds this information to itsforwarding database. Addresses are learned dynamically. Thismeans that as new addresses are read, they are learned andstored in CAM. When a source address is not found in CAM, itis learned and stored for future use.

Each time an address is stored, it is time stamped. Thisallows for addresses to be stored for a set period of time.Each time an address is referenced or found in CAM, itreceives a new time stamp. Addresses that are not referencedduring a set period of time are removed from the list. By


removing aged or old addresses, CAM maintains an accurate andfunctional forwarding database.

The processes followed by the CAM are as follows: If the address is not found, the bridge forwards the

frame out all ports except the port on which it wasreceived. This process is called flooding.The address may also have been deleted by the bridgebecause the bridge software was recently restarted, ranshort of address entries in the address table, ordeleted the address because it was too old. Since thebridge does not know which port to use to forward theframe, it will send it to out all ports, except the onefrom which it was received. It is clearly unnecessaryto send it back to the same cable segment from which itwas received, since any other computer or bridges onthis cable must already have received the packet.

If the address is found in an address table and theaddress is associated with the port on which it wasreceived, the frame is discarded. It must already havebeen received by the destination.

If the address is found in an address table and theaddress is not associated with the port on which it wasreceived, the bridge forwards the frame to the portassociated with the address.

4.3.4 How switches and bridges filter frames

Bridges are capable of filtering frames based on any Layer2 fields. For example, a bridge can be programmed to reject,not forward, all frames sourced from a particular network.Because link layer information often includes a reference toan upper-layer protocol, bridges can usually filter on thisparameter. Furthermore, filters can be helpful in dealing withunnecessary broadcast and multicast packets.

Once the bridge has built the local address table, it isready to operate. When it receives a frame, it examines thedestination address. If the frame address is local, the bridge


ignores it. If the frame is addressed for another LAN segment,the bridge copies the frame onto the second segment.

Ignoring a frame is called filtering. Copying the frame is called forwarding.

Basic filtering keeps local frames local and sends remoteframes to another LAN segment.

Filtering on specific source and destination addressesperforms the following actions:

Stopping one station from sending frames outside of itslocal LAN segment

Stopping all "outside" frames destined for a particularstation, thereby restricting the other stations withwhich it can communicate

Both types of filtering provide some control overinternetwork traffic and can offer improved security.

Most Ethernet bridges can filter broadcast and multicastframes. Occasionally, a device will malfunction andcontinually send out broadcast frames, which are continuouslycopied around the network. A broadcast storm, as it is called,can bring network performance to zero. If a bridge can filterbroadcast frames, a broadcast storm has less opportunity toact.

Today, bridges are also able to filter according to thenetwork-layer protocol. This blurs the demarcation betweenbridges and routers. A router operates on the network layerusing a routing protocol to direct traffic around the network.A bridge that implements advanced filtering techniques isusually called a brouter. Brouters filter by looking atnetwork layer information but they do not use a routingprotocol.

4.3.5 LAN segmentation using bridging

Ethernet LANs that use a bridge to segment the LAN providemore bandwidth per user because there are fewer users on each


segment. In contrast, LANs that do not use bridges forsegmentation provide less bandwidth per user because there aremore users on a non-segmented LAN.

Bridges segment a network by building address tables thatcontain the address of each network device and which segmentto use to reach that device. Bridges are Layer 2 devices thatforward data frames based on MAC addresses of the frame. Inaddition, bridges are transparent to the other devices on thenetwork.

Bridges increase the latency in a network by 10 to 30percent. This latency is due to the decision-making requiredof the bridge or bridges in transmitting data. A bridge isconsidered a store-and-forward device because it must examinethe destination address field and calculate the CRC in theframe check sequence field, before forwarding the frame. Ifthe destination port is busy, the bridge can temporarily storethe frame until the port is available. The time it takes toperform these tasks slows the network transmissions causingincreased latency.

4.3.6 Why segment LANs?

There are two primary reasons for segmenting a LAN. Thefirst is to isolate traffic between segments. The secondreason is to achieve more bandwidth per user by creatingsmaller collision domains.

Without LAN segmentation, LANs larger than a smallworkgroup could quickly become clogged with traffic andcollisions.

LAN segmentation can be implemented through the utilizationof bridges, switches, and routers. Each of these devices hasparticular pros and cons.

With the addition of devices like bridges, switches, androuters the LAN is segmented into a number of smallercollision domains. In the example shown, four collision


domains have been created.

By dividing large networks into self-contained units,bridges and switches provide several advantages. Bridges andswitches will diminish the traffic experienced by devices onall connected segments, because only a certain percentage oftraffic is forwarded. Bridges and switches reduce thecollision domain but not the broadcast domain.

Each interface on the router connects to a separatenetwork. Therefore the insertion of the router into a LAN willcreate smaller collision domains and smaller broadcastdomains. This occurs because routers do not forward broadcastsunless programmed to do so.

A switch employs “microsegmentation” to reduce thecollision domain on a LAN. The switch does this by creatingdedicated network segments, or point-to-point connections. Theswitch connects these segments in a virtual network within theswitch.

This virtual network circuit exists only when two nodesneed to communicate. This is called a virtual circuit as itexists only when needed, and is established within the switch.

4.3.7 Microsegmentation implementation

LAN switches are considered multi-port bridges with nocollision domain, because of microsegmentation. Data isexchanged at high speeds by switching the frame to itsdestination. By reading the destination MAC address Layer 2information, switches can achieve high-speed data transfers,much like a bridge does. The frame is sent to the port of thereceiving station prior to the entire frame entering theswitch. This process leads to low latency levels and a highrate of speed for frame forwarding.

Ethernet switching increases the bandwidth available on anetwork. It does this by creating dedicated network segments,or point-to-point connections, and connecting these segments


in a virtual network within the switch. This virtual networkcircuit exists only when two nodes need to communicate. Thisis called a virtual circuit because it exists only whenneeded, and is established within the switch.

Even though the LAN switch reduces the size of collisiondomains, all hosts connected to the switch are still in thesame broadcast domain. Therefore, a broadcast from one nodewill still be seen by all the other nodes connected throughthe LAN switch.

Switches are data link layer devices that, like bridges,enable multiple physical LAN segments to be interconnectedinto a single larger network. Similar to bridges, switchesforward and flood traffic based on MAC addresses. Becauseswitching is performed in hardware instead of in software, itis significantly faster. Each switch port can be considered amicro-bridge acting as a separate bridge and gives the fullbandwidth of the medium to each host.

4.3.8 Switches and collision domains

A major disadvantage of Ethernet 802.3 networks iscollisions. Collisions occur when two hosts transmit framessimultaneously. When a collision occurs, the transmittedframes are corrupted or destroyed in the collision. Thesending hosts stop sending further transmissions for a randomperiod of time, based on the Ethernet 802.3 rules of CSMA/CD.Excessive collisions cause networks to be unproductive.

The network area where frames originate and collide iscalled the collision domain. All shared media environments arecollision domains. When a host is connected to a switch port,the switch creates a dedicated 10 Mbps bandwidth connection.This connection is considered to be an individual collisiondomain. For example, if a twelve-port switch has a deviceconnected to each port then twelve collision domains arecreated.

A switch builds a switching table by learning the MAC


addresses of the hosts that are connected to each switch port.When two connected hosts want to communicate with each other,the switch looks up the switching table and establishes avirtual connection between the ports. The virtual circuit ismaintained until the session is terminated.

In Figure , Host B and Host C want to communicate with eachother. The switch creates the virtual connection which isreferred to as a microsegment. The microsegment behaves as ifthe network has only two hosts, one host sending and onereceiving providing maximum utilization of the availablebandwidth.

Switches reduce collisions and increase bandwidth onnetwork segments because they provide dedicated bandwidth toeach network segment.

4.3.9 Switches and broadcast domains

Communication in a network occurs in three ways. The mostcommon way of communication is by unicast transmissions. In aunicast transmission, one transmitter tries to reach onereceiver.

Another way to communicate is known as a multicasttransmission. Multicast transmission occurs when onetransmitter tries to reach only a subset, or a group, of theentire segment.

The final way to communicate is by broadcasting.Broadcasting is when one transmitter tries to reach all thereceivers in the network. The server station sends out onemessage and everyone on that segment receives the message.

When a device wants to send out a Layer 2 broadcast, thedestination MAC address in the frame is set to all ones. A MACaddress of all ones is FF:FF:FF:FF:FF:FF in hexadecimal. Bysetting the destination to this value, all the devices willaccept and process the broadcasted frame.


The broadcast domain at Layer 2 in referred to as the MACbroadcast domain. The MAC broadcast domain consists of alldevices on the LAN that receive frame broadcasts by a host toall other machines on the LAN.

A switch is a Layer 2 device. When a switch receives abroadcast, it forwards it to each port on the switch exceptthe incoming port. Each attached device must process thebroadcast frame. This leads to reduced network efficiency,because available bandwidth is used for broadcasting purposes.

When two switches are connected, the broadcast domain isincreased. In this example a broadcast frame is forwarded toall connected ports on Switch 1. Switch 1 is connected toSwitch 2. The frame is propagated to all devices connected toSwitch 2.

The overall result is a reduction in available bandwidth.This happens because all devices in the broadcast domain mustreceive and process the broadcast frame.

Routers are Layer 3 devices. Routers do not propagatebroadcasts. Routers are used to segment both collision andbroadcast domains.

4.3.10 Communication between switches and workstation

When a workstation connects to a LAN, it is unconcernedabout the other devices that are connected to the LAN media.The workstation simply transmits data frames using a NIC tothe network medium.

The workstation could be attached directly to anotherworkstation, using a crossover cable or attached to a networkdevice, such as a hub, switch, or router, using a straight-through cable.

Switches are Layer 2 devices that use intelligence to learnthe MAC addresses of the devices that are attached to theports of the switch. This data is entered into a switching


table. Once the table is complete, the switch can read thedestination MAC address of an incoming data frame on a portand immediately forward it. Until a device transmits, theswitch does not know its MAC address.

Switches provide significant scalability on a network andmay be directly connected. Figure illustrates one scenario offrame transmission utilizing a multi-switch network.

Summary


The history and function of shared, half-duplexEthernet

Collisions in an Ethernet network Microsegmentation CSMA/CD Elements affecting network performance The function of repeaters Network latency Transmission time The basic function of Fast Ethernet Network segmentation using routers, switches, and

bridges The basic operations of a switch Ethernet switch latency The differences between Layer 2 and Layer 3 switching Symmetric and asymmetric switching Memory buffering Store-and-forward and cut-through switchings The differences between hubs, bridges, and switches The main functions of switches Major switch frame transmission modes The process by which switches learn addresses The frame-filtering process LAN segmentation


Microsegmentation using switching Forwarding modes Collision and broadcast domains


Chapter 5 Switches

Overview

Designing a network can be a challenging task that involvesmore than just connecting computers together. A networkrequires many features in order to be reliable, manageable,and scalable. To design reliable, manageable, and scalablenetworks, a network designer must realize that each of themajor components of a network has distinct designrequirements.

Network design is becoming more difficult despiteimprovements in equipment performance and media capabilities.Using multiple media types and interconnecting LANs with otherexternal networks makes the networking environment complex.Good network design will improve performance and also reducethe difficulties associated with network growth and evolution.

A LAN spans a single room, a building, or a set ofbuildings that are close together. A group of buildings thatare on a site and belong to a single organization are referredto as a campus. The design of larger LANs includes identifyingthe following:

An access layer that connects end users into the LAN A distribution layer that provides policy-based

connectivity between end-user LANs A core layer that provides the fastest connection

between the distribution points

Each of these LAN design layers requires switches that arebest suited for specific tasks. The features, functions, andtechnical specifications for each switch vary depending on theLAN design layer for which the switch is intended.Understanding the role of each layer and then choosing the

Chapter 5 Switches 111

switches best suited for that layer ensures the best networkperformance for LAN users.

Students completing this module should be able to: Describe the four major goals of LAN design List the key considerations in LAN design Understand the steps in systematic LAN design Understand the design issues associated with the Layer

1, 2, and 3 LAN structure, or topology Describe the three-layer design model Identify the functions of each layer of the three-layer

model List Cisco access layer switches and their features List Cisco distribution layer switches and their

features List Cisco core layer switches and their features

5.1 LAN Design

5.1.1 LAN design goals

The first step in designing a LAN is to establish anddocument the goals of the design. These goals are unique toeach organization or situation. The following requirements areusually seen in most network designs:

Functionality – The network must work. The network mustallow users to meet their job requirements. The networkmust provide user-to-user and user-to-applicationconnectivity with reasonable speed and reliability.

Scalability – The network must be able to grow. Theinitial design should grow without any major changes tothe overall design.

Adaptability – The network must be designed with avision toward future technologies. The network shouldinclude no element that would limit implementation ofnew technologies as they become available.

Manageability – The network should be designed to


facilitate network monitoring and management to ensureongoing stability of operation.


Matching: LAN Design Goals Matching

When the student has completed this activity, the studentwill be able to understand the terms, definitions, and goalsin network LAN design.

5.1.2 LAN design considerations

Many organizations have been upgrading existing LANs orplanning, designing, and implementing new LANs. This expansionin LAN design is due to the development of high-speedtechnologies such as Asynchronous Transfer Mode (ATM). Thisexpansion is also due to complex LAN architectures that useLAN switching and virtual LANs (VLANs).

To maximize available LAN bandwidth and performance, thefollowing LAN design considerations must be addressed:

The function and placement of servers Collision detection issues Segmentation issues Broadcast domain issues

Servers provide file sharing, printing, communication, andapplication services. Servers typically do not function asworkstations. Servers run specialized operating systems, suchas NetWare, Windows NT, UNIX, and Linux. Each server isusually dedicated to one function, such as e-mail or filesharing.

Servers can be categorized into two distinct classes:enterprise servers and workgroup servers. An enterprise serversupports all the users on the network by offering services,such as e-mail or Domain Name System (DNS). E-mail or DNS is aservice that everyone in an organization would need because itis a centralized function. However, a workgroup server


supports a specific set of users, offering services such asword processing and file sharing.

Enterprise servers should be placed in the maindistribution facility (MDF). Traffic to the enterpriseservers travels only to the MDF and is not transmitted acrossother networks. The reviewer's rewrite leaves out theimportant point about the traffic to the enterprise serverstraveling only to the MDF. Ideally, workgroup servers shouldbe placed in the intermediate distribution facilities (IDFs)closest to the users accessing the applications on theseservers. By placing workgroup servers close to the users,traffic only has to travel the network infrastructure to anIDF, and does not affect other users on that network segment.Layer 2 LAN switches located in the MDF and IDFs should have100 Mbps or more allocated to these servers.

Ethernet nodes use CSMA/CD. Each node must contend with allother nodes to access the shared medium, or collision domain.If two nodes transmit at the same time, a collision occurs.When this occurs, the transmitted frame is destroyed, and ajam signal is sent to all nodes on the segment. Thetransmitting nodes wait a random period of time, and thenresend the data. Excessive collisions can reduce the availablebandwidth of a network segment to 35% or 40% of the bandwidthavailable.

Segmentation is the process of splitting a single collisiondomain into smaller collision domains. Creating smallercollision domains reduces the number of collisions on a LANsegment, and allows for greater utilization of bandwidth.Layer 2 devices such as bridges and switches can be used tosegment a LAN into smaller collision domains. Routers canachieve this at Layer 3.

A broadcast occurs when the destination media accesscontrol (MAC) data frame address is set to FF-FF-FF-FF-FF-FF.A broadcast domain refers to the set of devices that receive abroadcast data frame originating from any device within that


set. All hosts that receive a broadcast data frame mustprocess it. Processing the broadcast data will consume theresources and available bandwidth of the host. Layer 2 devicessuch as bridges and switches reduce the size of a collisiondomain. These devices do not reduce the size of the broadcastdomain. Routers reduce the size of the collision domain andthe size of the broadcast domain at Layer 3.

5.1.3 LAN design methodology

For a LAN to be effective and serve the needs of its users,it should be designed and implemented according to a plannedseries of systematic steps. These steps include the following:

Gather requirements and expectations Analyze requirements and data Design the Layer 1, 2, and 3 LAN structure, or topology Document the logical and physical network

implementation

The information gathering process helps clarify andidentify any current network problems. This informationincludes the organization's history and current status, theirprojected growth, operating policies and managementprocedures, office systems and procedures, and the viewpointsof the people who will be using the LAN.

The following questions should be asked when gatheringinformation:

Who are the people who will be using the network? What is the skill level of these people? What are their attitudes toward computers and computer

applications? How developed are the organizational documented

policies? Has some data been declared mission critical? Have some operations been declared mission critical? What protocols are allowed on the network? Are only certain desktop hosts supported? Who is responsible for LAN addressing, naming, topology


design, and configuration? What are the organizational human, hardware, and

software resources? How are these resources currently linked and shared? What financial resources does the organization have

available?

Documenting the following requirements allows for aninformed estimate of costs and timelines for projected LANdesign implementation. It is important to understandperformance issues of any existing network.

Availability measures the usefulness of the network. Manythings affect availability, including the following:

Throughput Response time Access to resources

Every customer has a different definition of availability.For example, there may be a need to transport voice and videoover the network. These services may require more bandwidththan is available on the network or backbone. To increaseavailability, more resources can be added, but adding moreresources will increase the cost of the network. Networkdesign tries to provide the greatest availability for theleast cost.

The next step in designing a network is to analyze therequirements of the network and its users. Network user needsconstantly change. As more voice and video-based networkapplications become available, the necessity to increasenetwork bandwidth grows too.

Another component of the analysis phase is assessing theuser requirements. A LAN that is incapable of supplying promptand accurate information to its users is useless. Steps mustbe taken to ensure that the information requirements of theorganization and its workers are met.

The next step is to decide on an overall LAN topology that


will satisfy the user requirements. In this curriculum,concentration will be on the star topology and extended startopology. The star topology and extended star topology usesEthernet 802.3 CSMA/CD technology. CSMA/CD star topology isthe dominant configuration in the industry.

LAN topology design can be broken into the following threeunique categories of the OSI reference model:

Network layer Data link layer Physical layer

The final step in LAN design methodology is to document thephysical and logical topology of the network. The physicaltopology of the network refers to the way in which various LANcomponents are connected together. The logical design of thenetwork refers to the flow of data in a network. It alsorefers to the naming and addressing schemes used in theimplementation of the LAN design solution.

Important LAN design documentation includes the following: OSI layer topology map LAN logical map LAN physical map Cut sheets VLAN logical map Layer 3 logical map Addressing maps

5.1.4 Layer 1 design

One of the most important components to consider whendesigning a network is the physical cabling. Today, most LANcabling is based on Fast Ethernet technology. Fast Ethernet isEthernet that has been upgraded from 10 Mbps to 100 Mbps, andhas the ability to utilize full-duplex functionality. FastEthernet uses the standard Ethernet broadcast-oriented logicalbus topology of 10BASE-T, and the CSMA/CD method for MACaddressing.


Design issues at Layer 1 include the type of cabling to beused, typically copper or fiber-optic, and the overallstructure of the cabling. Layer 1 cabling media includestypes such as 10/100BASE-TX Category 5, 5e, or 6 unshieldedtwisted-pair (UTP), or shielded twisted-pair (STP), 100BaseFXfiber-optic cable, and the TIA/EIA-568-A standard for layoutand connection of wiring schemes.

Careful evaluation of the strengths and weaknesses of thetopologies should be performed. A network is only as effectiveas its underlying cable. Layer 1 issues cause most networkproblems. A complete cable audit should be conducted, whenplanning any significant changes for a network, to identifyareas that require upgrades and rewiring.

Fiber-optic cable should be used in the backbone and risersin all cable design settings. Category 5e UTP cable should beused in the horizontal runs. The cable upgrade should takepriority over any other necessary changes. Enterprises shouldalso make certain that these systems conform to well-definedindustry standards, such as the TIA/EIA-568-A specifications.

The TIA/EIA-568-A standard specifies that every deviceconnected to the network should be linked to a centrallocation with horizontal cabling. This applies if all thehosts that need to access the network are within the 100-meterdistance limitation for Category 5e UTP Ethernet.

In a simple star topology with only one wiring closet, theMDF includes one or more horizontal cross-connect (HCC) patchpanels. HCC patch cables are used to connect the Layer 1horizontal cabling with the Layer 2 LAN switch ports. Theuplink port of the LAN switch, depending on the model, isconnected to the Ethernet port of the Layer 3 router using apatch cable. At this point, the end host has a completephysical connection to the router port.

When hosts in larger networks are outside the 100-meterlimitation for Category 5e UTP, more than one wiring closet is


required. By creating multiple wiring closets, multiplecatchment areas are created. The secondary wiring closets arereferred to as intermediate distribution facilities (IDFs).TIA/EIA-568-A standards specify that IDFs should be connectedto the MDF by using vertical cabling, also called backbonecabling. A vertical cross-connect (VCC) is used tointerconnect the various IDFs to the central MDF. Fiber-opticcabling is normally used because the vertical cable lengthsare typically longer than the 100-meter limit for Category 5eUTP cable.

The logical diagram is the network topology model withoutall the detail of the exact installation paths of the cabling.The logical diagram is the basic road map of the LAN includingthe following elements:

Specify the locations and identification of the MDF andIDF wiring closets.

Document the type and quantity of cabling used tointerconnect the IDFs with the MDF.

Document how many spare cables are available forincreasing the bandwidth between the wiring closets.For example, if the vertical cabling between IDF 1 andthe MDF is running at 80% utilization, two additionalpairs could be used to double the capacity.

Provide detailed documentation of all cable runs, theidentification numbers, and the port the run isterminated on at the HCC or VCC.

The logical diagram is essential when troubleshootingnetwork connectivity problems. If Room 203 loses connectivityto the network, by examining the cut sheet it can be seen thatthis room is running off cable run 203-1, which is terminatedon HCC 1 port 13. Using a cable tester it can be determinedwhether the problem is a Layer 1 failure. If it is, one of theother two runs can be used to reestablish connectivity andprovide time to troubleshoot run 203-1.



The purpose of Layer 2 devices in the network is to provideflow control, error detection, error correction, and to reducecongestion in the network. The two most common Layer 2networking devices are bridges and LAN switches. Devices atLayer 2 determine the size of the collision domains.

Collisions and collision domain size are two factors thatnegatively affect the performance of a network.Microsegmentation of the network reduces the size of collisiondomains and reduces collisions. Microsegmentation isimplemented through the use of bridges and switches. The goalis to boost performance for a workgroup or a backbone.Switches can be used with hubs to provide the appropriatelevel of performance for different users and servers.

Another important characteristic of a LAN switch is how itcan allocate bandwidth on a per-port basis. This will providemore bandwidth to vertical cabling, uplinks, and servers.This type of switching is referred to as asymmetric switching.Asymmetric switching provides switched connections betweenports of unlike bandwidth, such as a combination of 10-Mbpsand 100-Mbps ports.

The desired capacity of a vertical cable run is greaterthan that of a horizontal cable run. By installing a LANswitch at the MDF and IDF, the vertical cable run can managethe data traffic from the MDF to the IDF. The horizontal runsbetween the IDF and the workstations uses Category 5e UTP. Nohorizontal cable drop should be longer than 100 meters. In anormal environment, 10 Mbps is adequate for the horizontaldrop. Use asymmetric LAN switches to allow for mixing 10-Mbpsand 100-Mbps ports on a single switch.

The next task is to determine the number of 10 Mbps and 100Mbps ports needed in the MDF and every IDF. This can bedetermined by reviewing the user requirements for the numberof horizontal cable drops per room and the number of totaldrops in any catchment area. This includes the number ofvertical cable runs. For example, suppose that user


requirements dictate four horizontal cable runs to beinstalled to each room. The IDF services a catchment area of18 rooms. Therefore, four drops in each of the 18 rooms willequal 72 LAN switch ports. (4x18=72)

The size of a collision domain is determined by how manyhosts are physically connected to any single port on theswitch. This also affects how much network bandwidth isavailable to any host. In an ideal situation, there is onlyone host connected on a LAN switch port. The collision domainwould consist only of the source host and destination host.The size of the collision domain would be two. Because of thesmall size of this collision domain, there should be virtuallyno collisions when any two hosts are communicating with eachother. Another way to implement LAN switching is to installshared LAN hubs on the switch ports, and connect multiplehosts to a single switch port. All hosts connected to theshared LAN hub share the same collision domain and bandwidth.Collisions would occur more frequently.

Some older switches, such as the Catalyst 1700, do notproperly support sharing the same collision domain andbandwidth. The older switches do not maintain multiple MACaddresses mapped to each port. As a result, there are manybroadcasts and ARP requests.

Shared media hubs are generally used in a LAN switchenvironment to create more connection points at the end of thehorizontal cable runs. This is an acceptable solution, butcare must be taken. Collision domains should be kept small andbandwidth requirements to the host must be provided accordingto the specifications gathered in the requirements phase ofthe network design process.


A router is a Layer 3 device and is considered one of themost powerful devices in the network topology.

Layer 3 devices can be used to create unique LAN segments.


Layer 3 devices allow communication between segments based onLayer 3 addressing, such as IP addressing. Implementation ofLayer 3 devices allows for segmentation of the LAN into uniquephysical and logical networks. Routers also allow forconnectivity to wide-area networks (WANs), such as theInternet.

Layer 3 routing determines traffic flow between uniquephysical network segments based on Layer 3 addressing. Arouter forwards data packets based on destination addresses. Arouter does not forward LAN-based broadcasts such as ARPrequests. Therefore, the router interface is considered theentry and exit point of a broadcast domain and stopsbroadcasts from reaching other LAN segments.

Routers provide scalability because they serve as firewallsfor broadcasts. They can also provide scalability by dividingnetworks into subnetworks, or subnets, based on Layer 3addresses.

When deciding whether to use routers or switches, rememberto ask, "What is the problem that is to be solved?" If theproblem is related to protocol rather than issues ofcontention, then routers are the appropriate solution. Routerssolve problems with excessive broadcasts, protocols that donot scale well, security issues, and network layer addressing.Routers are more expensive and more difficult to configurethan switches.

Figure shows an example of an implementation that hasmultiple physical networks. All data traffic from Network 1destined for Network 2 has to go through the router. In thisimplementation, there are two broadcast domains. The twonetworks have unique Layer 3 network addressing schemes. In astructured Layer 1 wiring scheme, multiple physical networksare easy to create by patching the horizontal cabling andvertical cabling into the appropriate Layer 2 switch. This canbe done using patch cables. This implementation also providesrobust security, because all traffic in and out of the LAN


must pass through the router.

Once an IP addressing scheme has been developed for aclient, it should be clearly documented. A standard conventionshould be set for addressing important hosts on the network.This addressing scheme should be kept consistent throughoutthe entire network. Addressing maps provide a snapshot of thenetwork. Creating physical maps of the network helps totroubleshoot the network.

VLAN implementation combines Layer 2 switching and Layer 3routing technologies to limit both collision domains andbroadcast domains. VLANs can also be used to provide securityby creating the VLAN groups according to function and by usingrouters to communicate between VLANs.

A physical port association is used to implement VLANassignment. Ports P1, P4, and P6 have been assigned to VLAN 1.VLAN 2 has ports P2, P3, and P5. Communication between VLAN 1and VLAN 2 can occur only through the router. This limits thesize of the broadcast domains and uses the router to determinewhether VLAN 1 can talk to VLAN 2.

5.2 LAN Switches

5.2.1 Switched LANs, access layer overview

The construction of a LAN that satisfies the needs of bothmedium and large-sized organizations is more likely to besuccessful if a hierarchical design model is used. The use ofa hierarchical design model will make it easier to makechanges to the network as the organization grows. Thehierarchical design model includes the following three layers:

The access layer provides users in workgroups access tothe network.

The distribution layer provides policy-basedconnectivity.

The core layer provides optimal transport between


sites. The core layer is often referred to as thebackbone.

This hierarchical model applies to any network design. Itis important to realize that these three layers may exist inclear and distinct physical entities. However, this is not arequirement. These layers are defined to aid in successfulnetwork design and to represent functionality that must existin a network.

The access layer is the entry point for user workstationsand servers to the network. In a campus LAN the device used atthe access layer can be a switch or a hub.

If a hub is used, bandwidth is shared. If a switch is used,then bandwidth is dedicated. If a workstation or server isdirectly connected to a switch port, then the full bandwidthof the connection to the switch is available to the connectedcomputer. If a hub is connected to a switch port, bandwidth isshared between all devices connected to the hub.

Access layer functions also include MAC layer filtering andmicrosegmentation. MAC layer filtering allows switches todirect frames only to the switch port that is connected to thedestination device. The switch creates small Layer 2 segmentscalled microsegments. The collision domain can be as small astwo devices. Layer 2 switches are used in the access layer.

5.2.2 Access layer switches

Access layer switches operate at Layer 2 of the OSI modeland provide services such as VLAN membership. The main purposeof an access layer switch is to allow end users into thenetwork. An access layer switch should provide thisfunctionality with low cost and high port density.

The following Cisco switches are commonly used at theaccess layer:

Catalyst 1900 series Catalyst 2820 series


Catalyst 2950 series Catalyst 4000 series Catalyst 5000 series

The Catalyst 1900 or 2820 series switch is an effectiveaccess device for small or medium campus networks. TheCatalyst 2950 series switch effectively provides access forservers and users that require higher bandwidth. This isachieved by providing Fast Ethernet capable switch ports. TheCatalyst 4000 and 5000 series switches include GigabitEthernet ports and are effective access devices for a largernumber of users in large campus networks.


PhotoZoom: Cisco Catalyst 1912

In this PhotoZoom, the student will view a Cisco Catalyst1912.

5.2.3 Distribution layer overview

The distribution layer of the network is between the accessand core layers. It helps to define and separate the core. Thepurpose of this layer is to provide a boundary definition inwhich packet manipulation can take place. Networks aresegmented into broadcast domains by this layer. Policies canbe applied and access control lists can filter packets. Thedistribution layer isolates network problems to the workgroupsin which they occur. The distribution layer also preventsthese problems from affecting the core layer. Switches in thislayer operate at Layer 2 and Layer 3. In a switched network,the distribution layer includes several functions such as thefollowing:

Aggregation of the wiring closet connections Broadcast/multicast domain definition Virtual LAN (VLAN) routing Any media transitions that need to occur Security


5.2.4 Distribution layer switches

Distribution layer switches are the aggregation points formultiple access layer switches. The switch must be able toaccommodate the total amount of traffic from the access layerdevices.

The distribution layer switch must have high performance.The distribution layer switch is a point at which a broadcastdomain is delineated. The distribution layer combines VLANtraffic and is a focal point for policy decisions abouttraffic flow. For these reasons distribution layer switchesoperate at both Layer 2 and Layer 3 of the OSI model. Switchesin this layer are referred to as multilayer switches. Thesemultilayer switches combine the functions of a router and aswitch in one device. They are designed to switch traffic togain higher performance than a standard router. If they do nothave an associated router module, then an external router isused for the Layer 3 function.

The following Cisco switches are suitable for thedistribution layer:

Catalyst 2926G Catalyst 5000 family Catalyst 6000 family




5.2.5 Core layer overview

The core layer is a high-speed switching backbone. If theydo not have an associated router module, an external router isused for the Layer 3 function. This layer of the networkdesign should not perform any packet manipulation. Packetmanipulation, such as access list filtering, would slow down


the switching of packets. Providing a core infrastructure withredundant alternate paths gives stability to the network inthe event of a single device failure.

The core can be designed to use Layer 2 or Layer 3switching. Asynchronous Transfer Mode (ATM) or Ethernetswitches can be used.


Point and Click: Core Layer

Students completing this activity will be able to identifythe key function of the core layer in the three layer designmodel.

5.2.6 Core layer switches

The core layer is the backbone of the campus switchednetwork. The switches in this layer can make use of a numberof Layer 2 technologies. Provided that the distance betweenthe core layer switches is not too great, the switches can useEthernet technology. Other Layer 2 technologies, such asAsynchronous Transfer Mode (ATM) cell switching, can also beused. In a network design, the core layer can be a routed, orLayer 3, core. Core layer switches are designed to provideefficient Layer 3 functionality when needed. Factors such asneed, cost, and performance should be considered before achoice is made.

The following Cisco switches are suitable for the corelayer:

Catalyst 6500 series Catalyst 8500 series IGX 8400 series Lightstream 1010





Summary


The four major goals of LAN design Key considerations in LAN design The steps in systematic LAN design Design issues associated with Layers 1, 2, and 3 The three-layer design model The functions of each layer in the three-layer model Cisco access layer switches and their features Cisco distribution layer switches and their features Cisco core layer switches and their features


Chapter 6 Switch Configuration

Overview

A switch is a Layer 2 network device that acts as theconcentration point for the connection of workstations,servers, routers, hubs, and other switches.

A hub is an older type of concentration device which alsoprovides multiple ports. However, hubs are inferior toswitches because all devices connected to a hub reside in thesame bandwidth domain that produces collisions. Anotherdrawback to using hubs is that they only operate in half-duplex mode. In half-duplex mode, the hubs can send or receivedata at any given time, but not both at the same time.Switches can operate in full-duplex mode, which means they cansend and receive data simultaneously.

Switches are multi-port bridges. Switches are the currentstandard technology for Ethernet LANs that utilize a startopology. A switch provides many dedicated, point-to-pointvirtual circuits between connected networking devices, socollisions are virtually impossible.

Because of their dominant role in modern networks, theability to understand and configure switches is essential fornetwork support.

A new switch will have a preset configuration with factorydefaults. This configuration will rarely meet the needs of anetwork administator. Switches can be configured and managedfrom a command-line interface (CLI). Increasingly, networkingdevices can also be configured and managed using a web basedinterface and a browser.

A network administrator must be familiar with many tasks to

Chapter 6 Switch Configuration 129

be effective in managing a network with switches. Some ofthese tasks are associated with maintaining the switch and itsInternetworking Operating System (IOS). Others are associatedwith managing interfaces and tables for optimal, reliable, andsecure operation. Basic switch configuration, upgrading theIOS, and performing password recovery are essential networkadministrator skills.

Students completing this module should be able to: Identify the major components of a Catalyst switch Monitor switch activity and status using LED indicators Examine the switch bootup output using HyperTerminal Use the help features of the command line interface List the major switch command modes Verify the default settings of a Catalyst switch Set an IP address and default gateway for the switch to

allow connection and management over a network View the switch settings with a Web browser Set interfaces for speed and duplex operation Examine and manage the switch MAC address table Configure port security Manage configuration files and IOS images Perform password recovery on a switch Upgrade the IOS of a switch

6.1 Starting the Switch

6.1.1 Physical startup of the Catalyst switch

Switches are dedicated, specialized computers, whichcontain a central processing unit (CPU), random access memory(RAM), and an operating system. As shown in Figure , switchesusually have several ports for the purpose of connectinghosts, as well as specialized ports for the purpose ofmanagement. A switch can be managed by connecting to theconsole port to view and make changes to the configuration.

Switches typically have no power switch to turn them on and


off. They simply connect or disconnect from a power source.

Several switches from the Cisco Catalyst 2950 series areshown in Figure .

6.1.2 Switch LED indicators

The front panel of a switch has several lights to helpmonitor system activity and performance. These lights arecalled light-emitting diodes (LEDs). The front of the switchhas the following LEDs:

System LED Remote Power Supply (RPS) LED Port Mode LED Port Status LEDs

The System LED shows whether the system is receiving powerand functioning correctly.

The RPS LED indicates whether or not the remote powersupply is in use.

The Mode LEDs indicate the current state of the Modebutton. The modes are used to determine how the Port StatusLEDs are interpreted. To select or change the port mode, pressthe Mode button repeatedly until the Mode LEDs indicate thedesired mode.

The Port Status LEDs have different meanings, depending onthe current value of the Mode LED.

6.1.3 Verifying port LEDs during switch POST

Once the power cable is connected, the switch initiates aseries of tests called the power-on self test (POST). POSTruns automatically to verify that the switch functionscorrectly. The System LED indicates the success or failure ofPOST. If the System LED is off but the switch is plugged in,then POST is running. If the System LED is green, then POSTwas successful. If the System LED is amber, then POST failed.POST failure is considered to be a fatal error. Reliable


operation of the switch should not be expected if POST fails.

The Port Status LEDs also change during switch POST. ThePort Status LEDs turn amber for about 30 seconds as the switchdiscovers the network topology and searches for loops. If thePort Status LEDs turn green, the switch has established a linkbetween the port and a target, such as a computer. If the PortStatus LEDs turn off, the switch has determined that nothingis plugged into the port.

6.1.4 Viewing initial bootup output from the switch

In order to configure or check the status of a switch,connect a computer to the switch in order to establish acommunication session. Use a rollover cable to connect theconsole port on the back of the switch to a COM port on theback of the computer.

Start HyperTerminal on the computer. A dialog window willbe displayed. The connection must first be named wheninitially configuring the HyperTerminal communication with theswitch. Select the COM port to which the switch is connectedusing the pull-down menu, and click the OK button. A seconddialog window will be displayed. Set up the parameters asshown, and click the OK button.

Plug the switch into a wall outlet. The initial bootupoutput from the switch should be displayed on theHyperTerminal screen. This output shows information about theswitch, details about POST status, and data about the switchhardware.

After the switch has booted and completed POST, prompts forthe System Configuration dialog are presented. The switch maybe configured manually with or without the assistance of theSystem Configuration dialog. The System Configuration dialogon the switch is simpler than that on a router.

6.1.5 Examining help in the switch CLI


The command-line interface (CLI) for Cisco switches is verysimilar to the CLI for Cisco routers.

The help command is issued by entering a question mark (?).When this command is entered at the system prompt, a list ofcommands available for the current command mode is displayed.

The help command is very flexible. To obtain a list ofcommands that begin with a particular character sequence,enter those characters followed immediately by the questionmark (?). Do not enter a space before the question mark. Thisform of help is called word help, because it completes a word.

To list keywords or arguments that are associated with aparticular command, enter one or more words associated withthe command, followed by a space and then a question mark (?).This form of help is called command syntax help, because itprovides applicable keywords or arguments based on a partialcommand.


Fill in the Blanks: Switches and Collision Domain

After completing this activity, the student will be able toidentify the role of a switch in preventing collisions andreducing collision domains.

6.1.6 Switch command modes

Switches have several command modes. The default mode isUser EXEC mode. The User EXEC mode is recognized by itsprompt, which ends in a greater-than character (>). Thecommands available in User EXEC mode are limited to those thatchange terminal settings, perform basic tests, and displaysystem information. Figure describes the show commands thatare available in User EXEC mode.

The enable command is used to change from User EXEC mode toPrivileged EXEC mode. Privileged EXEC mode is also recognizedby its prompt, which ends in a pound-sign character (#). The


Privileged EXEC mode command set includes those commandsallowed in User EXEC mode, as well as the configure command.The configure command allows other command modes to beaccessed. Because these modes are used to configure theswitch, access to Privileged EXEC mode should be passwordprotected to prevent unauthorized use. If the systemadministrator has set a password, then users are prompted toenter the password before being granted access to PrivilegedEXEC mode. The password does not appear on the screen, and iscase sensitive.

6.2 Configuring the Switch

6.2.1 Verifying the Catalyst switch defaultconfiguration

When powered up for the first time, a switch has defaultdata in the running configuration file. The default hostnameis Switch. No passwords are set on the console or virtualterminal (vty) lines.

A switch may be given an IP address for managementpurposes. This is configured on the virtual interface, VLAN 1.By default, the switch has no IP address.

The switch ports or interfaces are set to auto mode , andall switch ports are in VLAN 1. VLAN 1 is known as thedefault management VLAN.

The flash directory by default, has a file that containsthe IOS image, a file called env_vars, and a sub-directorycalled html. After configuring the switch, it may contain aconfig.text file, and a VLAN database. The flash directory hasno VLAN database file, vlan.dat, and shows no savedconfiguration file, config.text.

The IOS version and the configuration register settings canbe verified with the show version command.


In this default state, the switch has one broadcast domainand can be managed or configured through the console portusing the CLI. The Spanning-Tree Protocol is also enabled, andallows the bridge to construct a loop-free topology across anextended LAN.

For small networks, the default configuration may besufficient. The benefits of better performance withmicrosegmentation are obtained immediately.

Lab Activity

Lab Exercise: Verifying Default Switch Configuration

In this lab, the student will investigate the defaultconfiguration of a 2900 series switch.

Lab Activity

e-Lab Activity: Basic Switch Operation

In this lab, the student will look at the configuration ofa 2950 switch.

6.2.2 Configuring the catalyst switch

A switch may already be preconfigured and only passwordsmay need to be entered for the user EXEC, enable, orprivileged EXEC modes. Switch configuration mode is enteredfrom privileged EXEC mode.

In the CLI, the default privileged EXEC mode is Switch#. InUser EXEC mode the prompt will be Switch>.

The following steps will ensure that a new configurationwill completely overwrite any existing configuration:

Remove any existing VLAN information by deleting theVLAN database file vlan.dat from the flash directory

Erase the back up configuration file startup-config Reload the switch


Security, documentation, and management are important forevery internetworking device.

A switch should be given a hostname, and passwords shouldbe set on the console and vty lines.

To allow the switch to be accessible by Telnet and otherTCP/IP applications, IP addresses and a default gateway shouldbe set. By default, VLAN 1 is the management VLAN. In aswitch-based network, all internetworking devices should be inthe management VLAN. This will allow a single managementworkstation to access, configure, and manage all theinternetworking devices.

The Fast Ethernet switch ports default to auto-speed andauto-duplex. This allows the interfaces to negotiate thesesettings. When a network administrator needs to ensure aninterface has particular speed and duplex values, the valuescan be set manually.

Intelligent networking devices can provide a web-basedinterface for configuration and management purposes. Once aswitch is configured with an IP address and gateway, it can beaccessed in this way. A web browser can access this serviceusing the IP address and port 80, the default port for http.The HTTP service can be turned on or off, and the port addressfor the service can be chosen.

Any additional software such as an applet, can bedownloaded to the browser from the switch. Also, the networkdevices can be managed by a browser based graphical userinterface (GUI).

Lab Activity

Lab Exercise: Basic Switch Configuration

In this lab, the student will configure a switch with aname and an IP address.

Lab Activity


e-Lab Activity: Basic Switch Configuration

In this lab, the student will configure a 2950 switch.

6.2.3 Managing the MAC address table

Switches learn the MAC addresses of PCs or workstationsthat are connected to their switch ports by examining thesource address of frames that are received on that port. Theselearned MAC addresses are then recorded in a MAC addresstable. Frames having a destination MAC address that has beenrecorded in the table can be switched out to the correctinterface.

To examine the addresses that a switch has learned, enterthe privileged EXEC command show mac-address–table.

A switch dynamically learns and maintains thousands of MACaddresses. To preserve memory and for optimal operation of theswitch, learned entries may be discarded from the MAC addresstable. Machines may have been removed from a port, turned off,or moved to another port on the same switch or a differentswitch. This could cause confusion in frame forwarding. Forall these reasons, if no frames are seen with a previouslylearned address, the MAC address entry is automaticallydiscarded or aged out after 300 seconds.

Rather than wait for a dynamic entry to age out, theadministrator has the option to use the privileged EXECcommand clear mac-address-table. MAC address entries that anadministrator has configured can also be removed using thiscommand. Using this method to clear table entries ensures thatinvalid addresses are removed immediately.

Lab Activity

Lab Exercise: Managing the MAC Address Table

In this lab, the student will create a basic switchconfiguration and manage the MAC table.


Lab Activity

e-Lab Activity: Managing the MAC Address Tables

In this lab, the student will observe and clear the MACaddress table.

6.2.4 Configuring static MAC addresses

It may be decided that it is desirable for a MAC address tobe permanently assigned to an interface. The reasons forassigning a permanent MAC address to an interface include:

The MAC address will not be aged out automatically bythe switch.

A specific server or user workstation must be attachedto the port and the MAC address is known.

Security is enhanced.

To set a static MAC address entry for a switch:

Switch(config)#mac-address-table static <mac-address ofhost> interface FastEthernet <Ethernet numer> vlan

To remove this entry use the no form of the command:

Switch(config)#no mac-address-table static <mac-addressof host> interface FastEthernet <Ethernet number> vlan<vlan name>

Lab Activity

Lab Exercise: Configuring Static MAC Addresses

In this lab, the student will create a static address entryin the switch MAC table.

Lab Activity

e-Lab Activity: Configuring Static MAC Addresses

In this lab, the student will configure static MACaddresses.


6.2.5 Configuring port security

Securing an internetwork is an important responsibility fora network administrator. Access layer switchports areaccessible through the structured cabling at wall outlets inoffices and rooms. Anyone can plug in a PC or laptop into oneof these outlets. This is a potential entry point to thenetwork by unauthorized users. Switches provide a featurecalled port security. It is possible to limit the number ofaddresses that can be learned on an interface. The switch canbe configured to take an action if this is exceeded. SecureMAC addresses can be set statically. However, securing MACaddresses statically can be a complex task and prone to error.

An alternative approach is to set port security on a switchinterface. The number of MAC address per port can be limitedto 1. The first address dynamically learned by the switchbecomes the secure address.

To reverse port security on an interface use the no form ofthe command.

To verify port security status the command show portsecurity is entered.

Lab Activity

Lab Exercise: Configuring Port Security

In this lab, the student will create and verify a basicswitch configuration.

Lab Activity

e-Lab Activity: Configuring Port Security

In this lab, the student will set port security for portson the switch.

6.2.6 Executing adds, moves, and changes

When a new switch is added to a network, configure the


following: Switch name IP address for the switch in the management VLAN A default gateway Line passwords

When a host is moved from one port or switch to another,configurations that can cause unexpected behavior should beremoved. Configuration that is required can then be added.

Lab Activity

Lab Exercise: Add, Move, and Change MAC Addresses


Lab Activity

e-Lab Activity: Add, Move, and Change MAC Addresses on theSwitch

In this lab, the student will add a MAC address to theswitch, then move the address, and change it.

6.2.7 Managing switch operating system file

An administrator should document and maintain theoperational configuration files for networking devices. Themost recent running-configuration file should be backed up ona server or disk. This is not only essential documentation,but is very useful if a configuration needs to be restored.

The IOS should also be backed up to a local server. The IOScan then be reloaded to flash memory if needed.

Lab Activity

Lab Exercise: Managing Switch Operating System Files

In this lab, the student will create and verify a basicswitch configuration, backup the switch IOS to a TFTP server,


and then restore it.

Lab Activity

Lab Exercise: Managing Switch Startup Configuration Files

In this lab, the student will create and verify a basicswitch configuration, backup the switch startup configurationfile to a TFTP server, and then restore it.

Lab Activity

e-Lab Activity: Managing the Switch Operating System Files

In this lab, the student will move files to and from theswitch using a TFTP server.

Lab Activity

e-Lab Activity: Managing the Startup Configuration Files

In this lab, the student will move files to and from theswitch using a TFTP server.

6.2.8 1900/2950 password recovery

For security and management purposes, passwords must be seton the console and vty lines. An enable password and an enablesecret password must also be set. These practices help ensurethat only authorized users have access to the user andprivileged EXEC modes of the switch.

There will be circumstances where physical access to theswitch can be achieved, but access to the user or privilegedEXEC mode cannot be gained because the passwords are not knownor have been forgotten.

In these circumstances, a password recovery procedure mustbe followed.

Lab Activity

Lab Exercise: Password Recovery Procedure on a Catalyst


2900 Series Switch


Lab Activity

e-Lab Activity: Password Recovery Procedure on a 2900Series Switch

In this lab, the student will go through the procedure forpassword recovery.

6.2.9 1900/2900 firmware upgrade

IOS and firmware images are periodically released with bugsfixed, new features introduced, and performance improved. Ifthe network can be made more secure, or can operate moreefficiently with a new version of the IOS, then the IOS shouldbe upgraded.

To upgrade the IOS, obtain a copy of the new image to alocal server from the Cisco Connection Online (CCO) SoftwareCenter.

Lab Activity

Lab Exercise: Firmware Upgrade of a Catalyst 2900 SeriesSwitch

In this lab, the student will create and verify a basicswitch configuration, then upgrade the IOS and HTML files froma file supplied by the instructor.

Lab Activity

e-Lab Activity: Firmware Upgrade of a Catalyst 2900 SeriesSwitch

In this lab, the student will upgrade the firmware of the


switch.

Summary


The major components of a Catalyst switch Monitoring switch activity and status using LED

indicators Examining the switch bootup output using HyperTerminal Using the help features of the command line interface The major switch command modes The default settings of a Catalyst switch Setting an IP address and default gateway for the

switch to allow connection and management over anetwork

Viewing the switch settings with a Web browser Setting interfaces for speed and duplex operation Examining and managing the switch MAC address table Configuring port security Managing configuration files and IOS images Performing password recovery on a switch Upgrading the IOS of a switch

Chapter 7 Spanning-Tree Protocol 143

Chapter 7 Spanning-Tree Protocol

Overview

Redundancy in a network is extremely important becauseredundancy allows networks to be fault tolerant. Redundanttopologies protect against network downtime due to a failureof a single link, port, or networking device. Networkengineers are often required to make difficult decisions,balancing the cost of redundancy with the need for networkavailability.

Redundant topologies based on switches and bridges aresusceptible to broadcast storms, multiple frame transmissions,and MAC address database instability. Therefore networkredundancy requires careful planning and monitoring tofunction properly.

Switched networks provide the benefits of smaller collisiondomains, microsegmentation, and full duplex operation.Switched networks provide better performance.

Redundancy in a network is required to protect against lossof connectivity due to the failure of an individual component.Providing this redundancy, however, often results in physicaltopologies with loops. Physical layer loops can cause seriousproblems in switched networks. Broadcast storms, multipleframe transmissions, and media access control databaseinstability can make such networks unusable.

The Spanning-Tree Protocol is used in switched networks tocreate a loop free logical topology from a physical topologythat has loops. Links, ports, and switches that are not partof the active loop free topology do not participate in theforwarding of data frames. The Spanning-Tree Protocol is a


powerful tool that gives network administrators the securityof a redundant topology without the risk of problems caused byswitching loops.

Students completing this module should be able to: Define redundancy and its importance in networking Describe the key elements of a redundant networking

topology Define broadcast storms and describe their impact on

switched networks Define multiple frame transmissions and describe their

impact on switched networks Identify causes and results of MAC address database

instability Identify the benefits and risks of a redundant topology Describe the role of spanning tree in a redundant-path

switched network Identify the key elements of spanning tree operation Describe the process for root bridge election List the spanning-tree states in order Compare Spanning-Tree Protocol and Rapid Spanning-Tree

Protocol

7.1 Redundant Topologies

7.1.1 Redundancy

Many companies and organizations increasingly rely oncomputer networks for their operations. Access to fileservers, databases, the Internet, intranets, and extranets iscritical for successful businesses. If the network is down,productivity is lost and customers are dissatisfied.

Companies are increasingly looking for 24 hour, seven day aweek uptime for their computer networks. Achieving 100% uptimeis perhaps impossible but securing a 99.999% or five ninesuptime is a goal that organizations set. This is interpretedto mean one day of downtime, on average, for every 30 years,


or one hour of downtime, on average, for every 4000 days, or5.25 minutes of downtime per year.

Achieving such a goal requires extremely reliable networks.Reliability in networks is achieved by reliable equipment andby designing networks that are tolerant to failures andfaults. The network is designed to reconverge rapidly so thatthe fault is bypassed.

Fault tolerance is achieved by redundancy. Redundancy meansto be in excess or exceeding what is usual and natural. Howdoes redundancy help achieve reliability?

Assume that the only way to get to work is by a car. If thecar develops a fault that makes it unusable, going to workwill be impossible until it is repaired and returned.

If the car fails and is unavailable, on average one day inten then there is 90% usage. Going to work is possible ninedays in every ten. Reliability is therefore 90%.

Buying another car will improve matters. There is no needfor two cars just to get to work. However, it does provideredundancy (backup) in case the primary vehicle fails. Theability to get to work is no longer dependent on a single car.

Both cars may become unusable simultaneously, one day inevery 100. Purchasing a second redundant car has improvedreliability to 99%.

7.1.2 Redundant topologies

A goal of redundant topologies is to eliminate networkoutages caused by a single point of failure. All networks needredundancy for enhanced reliability.

A network of roads is a global example of a redundanttopology. If one road is closed for repair there is likely analternate route to the destination.

Consider an outlying community separated by a river from


the town center. If there is only one bridge across the riverthere is only one way into town. The topology has noredundancy.

If the bridge is flooded or damaged by an accident, travelto the town center across the bridge is impossible.

Building a second bridge across the river creates aredundant topology. The suburb is not cut off from the towncenter if one bridge is impassable.

7.1.3 Redundant switched topologies

Networks with redundant paths and devices allow for morenetwork uptime. Redundant topologies eliminate single pointsof failure. If a path or device fails, the redundant path ordevice can take over the tasks of the failed path or device.

If Switch A fails, traffic can still flow from Segment 2 toSegment 1 and to the router through Switch B.

If port 1 fails on Switch A then traffic can still flowthrough port 1 on Switch B.

Switches learn the MAC addresses of devices on their portsso that data can be properly forwarded to the destination.Switches will flood frames for unknown destinations until theylearn the MAC addresses of the devices. Broadcasts andmulticasts are also flooded.

A redundant switched topology may cause broadcast storms,multiple frame copies, and MAC address table instabilityproblems.

7.1.4 Broadcast storms

Broadcasts and multicasts can cause problems in a switchednetwork.

Multicasts are treated as broadcasts by the switches.Broadcasts and multicasts frames are flooded out all ports,


except the one on which the frame was received.

If Host X sends a broadcast, like an ARP request for theLayer 2 address of the router, then Switch A will forward thebroadcast out all ports. Switch B, being on the same segment,also forwards all broadcasts. Switch B sees all the broadcaststhat Switch A forwarded and Switch A sees all the broadcaststhat Switch B forwarded. Switch A sees the broadcasts andforwards them. Switch B sees the broadcasts and forwards them.

The switches continue to propagate broadcast traffic overand over. This is called a broadcast storm. This broadcaststorm will continue until one of the switches is disconnected.The switches and end devices will be so busy processing thebroadcasts that user traffic is unlikely to flow. The networkwill appear to be down or extremely slow.

7.1.5 Multiple frame transmissions

In a redundant switched network it is possible for an enddevice to receive multiple frames.

Assume that the MAC address of Router Y has been timed outby both switches. Also assume that Host X still has the MACaddress of Router Y in its ARP cache and sends a unicast frameto Router Y. The router receives the frame because it is onthe same segment as Host X.

Switch A does not have the MAC address of the Router Y andwill therefore flood the frame out its ports. Switch B alsodoes not know which port Router Y is on. Switch B then floodsthe frame it received causing Router Y to receive multiplecopies of the same frame. This is a cause of unnecessaryprocessing in all devices.

7.1.6 Media access control database instability

In a redundant switched network it is possible for switchesto learn the wrong information. A switch can incorrectly learnthat a MAC address is on one port, when it is actually on a


different port.

In this example the MAC address of Router Y is not in theMAC address table of either switch.

Host X sends a frame directed to Router Y. Switches A and Blearn the MAC address of Host X on port 0.

The frame to Router Y is flooded on port 1 of bothswitches. Switches A and B see this information on port 1 andincorrectly learn the MAC address of Host X on port 1. WhenRouter Y sends a frame to Host X, Switch A and Switch B willalso receive the frame and will send it out port 1. This isunnecessary, but the switches have incorrectly learned thatHost X is on port 1.

In this example the unicast frame from Router Y to Host Xwill be caught in a loop.

7.2 Spanning-Tree Protocol

7.2.1 Redundant topology and spanning tree

Redundant networking topologies are designed to ensure thatnetworks continue to function in the presence of single pointsof failure. Users have less chance of interruption to theirwork, because the network continues to function. Anyinterruptions that are caused by a failure should be as shortas possible.

Reliability is increased by redundancy. A network that isbased on switches or bridges will introduce redundant linksbetween those switches or bridges to overcome the failure of asingle link. These connections introduce physical loops intothe network. These bridging loops are created so if one linkfails another can take over the function of forwardingtraffic.

Switches operate at Layer 2 of the OSI model and forwarding


decisions are made at this layer. As a result of this process,switched networks must not have loops.

Switches flood traffic out all ports when the traffic issent to a destination that is not yet known. Broadcast andmulticast traffic is forwarded out every port, except the porton which the traffic arrived. This traffic can be caught in aloop.

In the Layer 2 header there is no Time To Live (TTL). If aframe is sent into a Layer 2 looped topology of switches, itcan loop forever. This wastes bandwidth and makes the networkunusable.

At Layer 3 the TTL is decremented and the packet isdiscarded when the TTL reaches 0. This creates a dilemma. Aphysical topology that contains switching or bridging loops isnecessary for reliability, yet a switched network cannot haveloops.

The solution is to allow physical loops, but create a loopfree logical topology. For this logical topology, trafficdestined for the server farm attached to Cat-5 from any userworkstation attached to Cat-4 will travel through Cat-1 andCat-2. This will happen even though there is a direct physicalconnection between Cat-5 and Cat-4.

The loop free logical topology created is called a tree.This topology is a star or extended star logical topology, thespanning tree of the network. It is a spanning tree becauseall devices in the network are reachable or spanned.

The algorithm used to create this loop free logicaltopology is the spanning-tree algorithm. This algorithm cantake a relatively long time to converge. A new algorithmcalled the rapid spanning-tree algorithm is being introducedto reduce the time for a network to compute a loop freelogical topology.

7.2.2 Spanning-Tree Protocol


Ethernet bridges and switches can implement the IEEE 802.1DSpanning-Tree Protocol and use the spanning-tree algorithm toconstruct a loop free shortest path network.

Shortest path is based on cumulative link costs. Link costsare based on the speed of the link.

The Spanning-Tree Protocol establishes a root node, calledthe root bridge. The Spanning-Tree Protocol constructs atopology that has one path for reaching every network node.The resulting tree originates from the root bridge. Redundantlinks that are not part of the shortest path tree are blocked.

It is because certain paths are blocked that a loop freetopology is possible. Data frames received on blocked linksare dropped.

The Spanning-Tree Protocol requires network devices toexchange messages to detect bridging loops. Links that willcause a loop are put into a blocking state.

The message that a switch sends, allowing the formation ofa loop free logical topology, is called a Bridge Protocol DataUnit (BPDU). BPDUs continue to be received on blocked ports.This ensures that if an active path or device fails, a newspanning tree can be calculated.

BPDUs contain enough information so that all switches cando the following:

Select a single switch that will act as the root of thespanning tree

Calculate the shortest path from itself to the rootswitch

Designate one of the switches as the closest one to theroot, for each LAN segment. This bridge is called the“designated switch”. The designated switch handles allcommunication from that LAN towards the root bridge.

Choose one of its ports as its root port, for each non-root switch. This is the interface that gives the bestpath to the root switch.


Select ports that are part of the spanning tree, thedesignated ports. Non-designated ports are blocked.


Crossword Puzzle: Spanning-Tree States

When the student has completed this activity, the studentwill be able to identify the function of spanning-tree states.


Point and Click: Spanning-Tree Protocol

After completing this activity, the student will learnabout the concept of Spanning-Tree Protocol.

7.2.3 Spanning-tree operation

When the network has stabilized, it has converged and thereis one spanning tree per network.

As a result, for every switched network the followingelements exist:

One root bridge per network One root port per non root bridge One designated port per segment Unused, non-designated ports

Root ports and designated ports are used for forwarding (F)data traffic.

Non-designated ports discard data traffic. These ports arecalled blocking (B) or discarding ports.

7.2.4 Selecting the root bridge

The first decision that all switches in the network make,is to identify the root bridge. The position of the rootbridge in a network will affect the traffic flow.

When a switch is turned on, the spanning-tree algorithm is


used to identify the root bridge. BPDUs are sent out with theBridge ID (BID). The BID consists of a bridge priority thatdefaults to 32768 and the switch base MAC address. By defaultBPDUs are sent every two seconds.

When a switch first starts up, it assumes it is the rootswitch and sends “inferior” BPDUs. These BPDUs contain theswitch MAC address in both the root and sender BID. Allswitches see the BIDs sent. As a switch receives a BPDU with alower root BID it replaces that in the BPDUs that are sentout. All bridges see these and decide that the bridge with thesmallest BID value will be the root bridge.

A network administrator may want to influence the decisionby setting the switch priority to a smaller value than thedefault, which will make the BID smaller. This should only beimplemented when the traffic flow on the network is wellunderstood.

Lab Activity

Lab Exercise: Selecting the Root Bridge

In this lab, the student will create a basic switchconfiguration and verify it and determine which switch isselected as root switch with factory default settings.

Lab Activity

e-Lab Activity: Selecting the Root Bridge

In this lab, the following functions will be performed.Verify configuration of hosts and switch by testingconnectivity.

7.2.5 Stages of spanning-tree port states

Time is required for protocol information to propagatethroughout a switched network. Topology changes in one part ofa network are not instantly known in other parts of thenetwork. There is propagation delay. A switch should not


change a port state from inactive to active immediately, asthis may cause data loops.

Each port on a switch that is using the Spanning-TreeProtocol has one of five states, as shown in Figure .

In the blocking state, ports can only receive BPDUs. Dataframes are discarded and no addresses can be learned. It maytake up to 20 seconds to change from this state.

Ports go from the blocked state to the listening state. Inthis state, switches determine if there are any other paths tothe root bridge. The path that is not the least cost path tothe root bridge goes back to the blocked state. The listeningperiod is called the forward delay and lasts for 15 seconds.In the listening state, user data is not being forwarded andMAC addresses are not being learned. BPDUs are stillprocessed.

Ports transition from the listening to the learning state.In this state user data is not forwarded, but MAC addressesare learned from any traffic that is seen. The learning statelasts for 15 seconds and is also called the forward delay.BPDUs are still processed.

A port goes from the learning state to the forwardingstate. In this state user data is forwarded and MAC addressescontinue to be learned. BPDUs are still processed.

A port can be in a disabled state. This disabled state canoccur when an administrator shuts down the port or the portfails.

The time values given for each state are the defaultvalues. These values have been calculated on an assumptionthat there will be a maximum of seven switches in any branchof the spanning tree from the root bridge.


Point and Click: Spanning-Tree States


When the student has completed this activity, the studentwill be able to identify the function of spanning-tree states.

7.2.6 Spanning-tree recalculation

A switched internetwork has converged when all the switchand bridge ports are in either the forwarding or blockedstate. Forwarding ports send and receive data traffic andBPDUs. Blocked ports will only receive BPDUs.

When the network topology changes, switches and bridgesrecompute the Spanning Tree and cause a disruption of usertraffic.

Convergence on a new spanning-tree topology using the IEEE802.1D standard can take up to 50 seconds. This convergence ismade up of the max-age of 20 seconds, plus the listeningforward delay of 15 seconds, and the learning forward delay of15 seconds.

Lab Activity

Lab Exercise: Spanning-Tree Recalculation

In this lab, the student will create a basic switchconfiguration and verify it and observe the behavior ofspanning tree algorithm in presence of switched networktopology changes.

Lab Activity

e-Lab Activity: Spanning-Tree Recalculation

In this lab, the students will create a basic switchconfiguration and verify it.

7.2.7 Rapid Spanning-Tree Protocol

The Rapid Spanning-Tree Protocol is defined in the IEEE802.1w LAN standard. The standard and protocol introduce thefollowing:

Clarification of port states and roles


Definition of a set of link types that can go toforwarding state rapidly

Concept of allowing switches, in a converged network,to generate their own BPDUs rather than relaying rootbridge BPDUs

The “blocked” state of a port has been renamed as the“discarding” state. A role of a discarding port is an“alternate port”. The discarding port can become the“designated port” in the event of the failure of thedesignated port for the segment.

Link types have been defined as point-to-point, edge-type,and shared. These changes allow failure of links in switchednetwork to be learned rapidly.

Point-to-point links and edge-type links can go to theforwarding state immediately.

Network convergence does not need to be any longer than 15seconds with these changes.

The Rapid Spanning-Tree Protocol, IEEE 802.1w, willeventually replace the Spanning-Tree Protocol, IEEE 802.1D.

Summary


Redundancy and its importance in networking The key elements of a redundant networking topology Broadcast storms and their impact on switched networks Multiple frame transmissions and their impact on

switched networks Causes and results of MAC address database instability The benefits and risks of a redundant topology The role of spanning tree in a redundant-path switched

network


The key elements of spanning-tree operation The process for root bridge election Spanning-tree states Spanning-Tree Protocol compared to Rapid Spanning-Tree

Protocol

Chapter 8 Virtual LANS 157

Chapter 8 Virtual LANS

Overview

An important feature of Ethernet switching is the virtuallocal-area network (VLAN). A VLAN is a logical grouping ofdevices or users. These devices or users can be grouped byfunction, department, or application despite the physical LANsegment location. Devices on a VLAN are restricted to onlycommunicating with devices that are on their own VLAN. Just asrouters provide connectivity between different LAN segments,routers provide connectivity between different VLAN segments.Cisco is taking a positive approach toward vendorinteroperability, but each vendor has developed its ownproprietary VLAN product and it may not be entirelycompatible.

VLANs increase overall network performance by logicallygrouping users and resources together. Businesses often useVLANs as a way of ensuring that a particular set of users arelogically grouped regardless of the physical location.Therefore, users in the Marketing department are placed in theMarketing VLAN, while users in the Engineering Department areplaced in the Engineering VLAN.

VLANs can enhance scalability, security, and networkmanagement. Routers in VLAN topologies provide broadcastfiltering, security, and traffic flow management.

VLANs are powerful tools for network administrators whenproperly designed and configured. VLANs simplify tasks whenadditions, moves, and changes to a network are necessary.VLANs improve network security and help control Layer 3broadcasts. However, improperly configured VLANs can make anetwork function poorly or not function at all. Understanding


how to implement VLANs on different switches is important whendesigning a network.

Students completing this module should be able to: Define VLANs List the benefits of VLANs Explain how VLANs are used to create broadcast domains Explain how routers are used for communication between

VLANs List the common VLAN types Define ISL and 802.1Q Explain the concept of geographic VLANs Configure static VLANs on 29xx series Catalyst switches Verify and save VLAN configurations Delete VLANs from a switch configuration

8.1 VLAN Concepts

8.1.1 VLAN introduction

A VLAN is a group of network services not restricted to aphysical segment or LAN switch.

VLANs logically segment switched networks based on thefunctions, project teams, or applications of the organizationregardless of the physical location or connections to thenetwork. All workstations and servers used by a particularworkgroup share the same VLAN, regardless of the physicalconnection or location.

Configuration or reconfiguration of VLANs is done throughsoftware. Physically connecting or moving cables and equipmentis unnecessary when configuring VLANs.

A workstation in a VLAN group is restricted tocommunicating with file servers in the same VLAN group. VLANsfunction by logically segmenting the network into differentbroadcast domains so that packets are only switched between


ports that are designated for the same VLAN. VLANs consist ofhosts or networking equipment connected by a single bridgingdomain. The bridging domain is supported on differentnetworking equipment. LAN switches operate bridging protocolswith a separate bridge group for each VLAN.

VLANs are created to provide segmentation servicestraditionally provided by physical routers in LANconfigurations. VLANs address scalability, security, andnetwork management. Routers in VLAN topologies providebroadcast filtering, security, and traffic flow management.Switches may not bridge any traffic between VLANs, as thiswould violate the integrity of the VLAN broadcast domain.Traffic should only be routed between VLANs.

8.1.2 Broadcast domains with VLANs and routers

A VLAN is a broadcast domain created by one or moreswitches. The network design in Figures and requires threeseparate broadcast domains.

Figure shows how three separate broadcast domains arecreated using three separate switches. Layer 3 routing allowsthe router to send packets to the three different broadcastdomains.

In Figure , a VLAN is created using one router and oneswitch. However, there are three separate broadcast domains.In this scenario there is one router and one switch, but thereare still three separate broadcast domains.

In Figure , three separate broadcast domains are created.The router routes traffic between the VLANs using Layer 3routing.

The switch in Figure forwards frames to the routerinterfaces:

If it is a broadcast frame. If it is in route to one of the MAC addresses on the

router.


If Workstation 1 on the Engineering VLAN wants to sendframes to Workstation 2 on the Sales VLAN, the frames are sentto the Fa0/0 MAC address of the router. Routing occurs throughthe IP address on the Fa0/0 router interface for theEngineering VLAN.

If Workstation 1 on the Engineering VLAN wants to send aframe to Workstation 2 on the same VLAN, the destination MACaddress of the frame is the MAC address for Workstation 2.

Implementing VLANs on a switch causes the following tooccur:

The switch maintains a separate bridging table for eachVLAN.

If the frame comes in on a port in VLAN 1, the switchsearches the bridging table for VLAN 1.

When the frame is received, the switch adds the sourceaddress to the bridging table if it is currentlyunknown.

The destination is checked so a forwarding decision canbe made.

For learning and forwarding the search is made againstthe address table for that VLAN only.

8.1.3 VLAN operation

Each switch port could be assigned to a different VLAN.Ports assigned to the same VLAN share broadcasts. Ports thatdo not belong to that VLAN do not share these broadcasts. Thisimproves the overall performance of the network.

Static membership VLANs are called port-based and port-centric membership VLANs. As a device enters the network, itautomatically assumes the VLAN membership of the port to whichit is attached.

Users attached to the same shared segment, share thebandwidth of that segment. Each additional user attached tothe shared medium means less bandwidth and deterioration ofnetwork performance. VLANs offer more bandwidth to users than


a shared network. The default VLAN for every port in theswitch is the management VLAN. The management VLAN is alwaysVLAN 1 and may not be deleted. All other ports on the switchmay be reassigned to alternate VLANs.

Dynamic membership VLANs are created through networkmanagement software. CiscoWorks 2000 or CiscoWorks forSwitched Internetworks is used to create Dynamic VLANs.Dynamic VLANs allow for membership based on the MAC address ofthe device connected to the switch port. As a device entersthe network, it queries a database within the switch for aVLAN membership.

In port-based or port-centric VLAN membership, the port isassigned to a specific VLAN membership independent of the useror system attached to the port. When using this membershipmethod, all users of the same port must be in the same VLAN. Asingle user, or multiple users, can be attached to a port andnever realize that a VLAN exists. This approach is easy tomanage because no complex lookup tables are required for VLANsegmentation.

Network administrators are responsible for configuringVLANs both manually and statically.

Each interface on a switch behaves like a port on a bridge.Bridges filter traffic that does not need to go to segmentsother than the source segment. If a frame needs to cross thebridge, the bridge forwards the frame to the correct interfaceand to no others. If the bridge or switch does not know thedestination, it floods the frame to all ports in the broadcastdomain or VLAN, except the source port.


Drag and Drop: VLAN Operation

When the student has completed this activity, the studentwill learn the path packets take in a network with vlans. Thestudent will predict the path a packet will take given the


source host and the destination host.

8.1.4 Benefits of VLANs

The key benefit of VLANs is that they permit the networkadministrator to organize the LAN logically instead ofphysically. This means that an administrator is able to do allof the following:

Easily move workstations on the LAN. Easily add workstations to the LAN. Easily change the LAN configuration. Easily control network traffic. Improve security.

8.1.5 VLAN types

There are three basic VLAN memberships for determining andcontrolling how a packet gets assigned: -

Port-based VLANs MAC address based VLANs Protocol based VLANs

The frame headers are encapsulated or modified to reflect aVLAN ID before the frame is sent over the link betweenswitches. Before forwarding to the destination device, theframe header is changed back to the original format.

The number of VLANs in a switch vary depending on severalfactors:

Traffic patterns Types of applications Network management needs Group commonality

In addition, an important consideration in defining thesize of the switch and the number of VLANs is the IPaddressing scheme.

For example, a network using a 24-bit mask to define asubnet has a total of 254 host addresses allowed on one


subnet. Given this criterion, a total of 254 host addressesare allowed in one subnet. Because a one-to-one correspondencebetween VLANs and IP subnets is strongly recommended, therecan be no more than 254 devices in any one VLAN. It is furtherrecommended that VLANs should not extend outside of the Layer2 domain of the distribution switch.

There are two major methods of frame tagging, Inter-SwitchLink (ISL) and 802.1Q. ISL used to be the most common, but isnow being replaced by 802.1Q frame tagging.

LAN emulation (LANE) is a way to make an AsynchronousTransfer Mode (ATM) network simulate an Ethernet network.There is no tagging in LANE, but the virtual connection usedimplies a VLAN ID. As packets are received by the switch fromany attached end-station device, a unique packet identifier isadded within each header. This header information designatesthe VLAN membership of each packet. The packet is thenforwarded to the appropriate switches or routers based on theVLAN identifier and MAC address. Upon reaching the destinationnode the VLAN ID is removed from the packet by the adjacentswitch and forwarded to the attached device. Packet taggingprovides a mechanism for controlling the flow of broadcastsand applications while not interfering with the network andapplications.

8.2 VLAN Configuration

8.2.1 VLAN basics

In a switched environment, a station will see only trafficdestined for it. The switch filters traffic in the networkallowing the workstation to have full, dedicated bandwidth forsending or receiving traffic. Unlike a shared-hub system whereonly one station can transmit at a time, the switched networkallows many concurrent transmissions within a broadcastdomain. The switched network does this without directlyaffecting other stations inside or outside of the broadcast


domain. Station pairs A/B, C/D, and E/F can all communicatewithout affecting the other station pairs.

Each VLAN must have a unique Layer 3 network addressassigned. This enables routers to switch packets betweenVLANs.

VLANs can exist either as end-to-end networks or they canexist inside of geographic boundaries.

An end-to-end VLAN network comprises the followingcharacteristics:

Users are grouped into VLANs independent of physicallocation, but dependent on group or job function.

All users in a VLAN should have the same 80/20 trafficflow patterns.

As a user moves around the campus, VLAN membership forthat user should not change.

Each VLAN has a common set of security requirements forall members.

Starting at the access layer, switch ports are provisionedfor each user. Each color represents a subnet. Because peoplehave moved around over time, each switch eventually becomes amember of all VLANs. Frame tagging is used to carry multipleVLAN information between the access layer wiring closets andthe distribution layer switches.

ISL is a Cisco proprietary protocol that maintains VLANinformation as traffic flows between switches and routers.IEEE 802.1Q is an open-standard (IEEE) VLAN tagging mechanismin switching installations. Catalyst 2950 switches do notsupport ISL trunking.

Workgroup servers operate in a client/server model. Forthis reason, attempts have been made to keep users in the sameVLAN as their server to maximize the performance of Layer 2switching and keep traffic localized.

In Figure , a core layer router is being used to route


between subnets. The network is engineered, based on trafficflow patterns, to have 80 percent of the traffic containedwithin a VLAN. The remaining 20 percent crosses the router tothe enterprise servers and to the Internet and WAN.

8.2.2 Geographic VLANs

End-to-end VLANs allow devices to be grouped based uponresource usage. This includes such parameters as server usage,project teams, and departments. The goal of end-to-end VLANsis to maintain 80 percent of the traffic on the local VLAN.

As many corporate networks have moved to centralize theirresources, end-to-end VLANs have become more difficult tomaintain. Users are required to use many different resources,many of which are no longer in their VLAN. Because of thisshift in placement and usage of resources, VLANs are now morefrequently being created around geographic boundaries ratherthan commonality boundaries.

This geographic location can be as large as an entirebuilding or as small as a single switch inside a wiringcloset. In a VLAN structure, it is typical to find the new20/80 rule in effect. 80 percent of the traffic is remote tothe user and 20 percent of the traffic is local to the user.Although this topology means that the user must cross a Layer3 device in order to reach 80 percent of the resources, thisdesign allows the network to provide for a deterministic,consistent method of accessing resources.

8.2.3 Configuring static VLANs

Static VLANs are ports on a switch that are manuallyassigned to a VLAN by using a VLAN management application orby working directly within the switch. These ports maintaintheir assigned VLAN configuration until they are changedmanually. This topology means that the user must cross a Layer3 device in order to reach 80 percent of the resources. Thisdesign also allows the network to provide for a deterministic,consistent method of accessing resources. This type of VLAN


works well in networks where the following is true: Moves are controlled and managed. There is robust VLAN management software to configure

the ports. It is not desirable to assume the additional overhead

required when maintaining end-station MAC addresses andcustom filtering tables.

Dynamic VLANs do not rely on ports assigned to a specificVLAN.

The following guidelines must be followed when configuringVLANs on Cisco 29xx switches:

The maximum number of VLANs is switch dependent. VLAN 1 is one of the factory-default VLANs. VLAN 1 is the default Ethernet VLAN. Cisco Discovery Protocol (CDP) and VLAN Trunking

Protocol (VTP) advertisements are sent on VLAN 1. The Catalyst 29xx IP address is in the VLAN 1 broadcast

domain by default. The switch must be in VTP server mode to create, add,

or delete VLANs.

The creation of a VLAN on a switch is a verystraightforward and simple task. If using a Cisco IOS commandbased switch, enter the VLAN configuration mode with theprivileged EXEC level vlan database command. The stepsnecessary to create the VLAN are shown below. A VLAN name mayalso be configured, if necessary.

Switch#vlan databaseSwitch(vlan)#vlan vlan_numberSwitch(vlan)#exit

Upon exiting, the VLAN is applied to the switch. The nextstep is to assign the VLAN to one or more interfaces:

Switch(config)#interface fastethernet 0/9Switch(config-if)#switchport access vlan vlan_number


Lab Activity

Lab Exercise: Configuring Static VLANs

This lab is to create a basic switch configuration andverify it and determine the switch firmware version.

Lab Activity

e-Lab Activity: Configuring Static VLANs

In this lab, the students will create a basic switchconfiguration and verify it.

8.2.4 Verifying VLAN configuration

A good practice is to verify VLAN configuration by usingthe show vlan, show vlan brief, or show vlan id id_numbercommands.

The following facts apply to VLANs: A created VLAN remains unused until it is mapped to

switch ports. All Ethernet ports are on VLAN 1 by default.

Refer to Figure for a list of applicable commands.

Figure shows the steps necessary to assign a new VLAN to aport on the Sydney switch.

Figures and list the output of the show vlan and showvlan brief commands.

Lab Activity

Lab Exercise: Verifying VLAN Configurations

This lab is to create a basic switch configuration andverify it and determine the switch firmware version.

Lab Activity

e-Lab Activity: Verifying VLAN Configurations


In this lab, the students will create two separate VLANs onthe switch.

8.2.5 Saving VLAN configuration

It is often useful to keep a copy of the VLAN configurationas a text file for backup or auditing purposes.

The switch configuration settings may be backed up in theusual way using the copy running-config tftp command.Alternatively, the HyperTerminal capture text feature can beused to store the configuration settings.

8.2.6 Deleting VLANs

Removing a VLAN from a Cisco IOS command based switchinterface is just like removing a command from a router. InFigure , VLAN 300 was created on Fastethernet 0/9 using theinterface configuration switchport access vlan 300 command. Toremove this VLAN from the interface, simply use the no form ofthe command.

When a VLAN is deleted any ports assigned to that VLANbecome inactive. The ports will, however, remain associatedwith the deleted VLAN until assigned to a new VLAN.

Lab Activity

Lab Exercise: Deleting VLAN Configurations

The purpose of this exercise is to delete VLAN settings.

Lab Activity

e-Lab Activity: Deleting VLAN Configurations

In this lab, the students will create two separate VLANs onthe switch.

8.3 Troubleshooting VLANs


8.3.1 Overview

VLANs are now commonplace in campus networks. VLANs givenetwork engineers flexibility in designing and implementingnetworks. VLANs also enable broadcast containment, security,and geographically disparate communities of interest. However,as with basic LAN switching, problems can occur when VLANs areimplemented. This lesson will show some of the more commonproblems that can occur with VLANs, and it will provideseveral tools and techniques for troubleshooting.

Students completing this lesson should be able to: Utilize a systematic approach to VLAN troubleshooting Demonstrate the steps for general troubleshooting in

switched networks Describe how spanning-tree problems can lead to

broadcast storms Use show and debug commands to troubleshoot VLANs

8.3.2 VLAN troubleshooting process

It is important to develop a systematic approach fortroubleshooting switch related problems. The following stepscan assist in isolating a problem on a switched network:

Check the physical indications, such as LED status. Start with a single configuration on a switch and work

outward. Check the Layer 1 link. Check the Layer 2 link. Troubleshoot VLANs that span several switches.

When troubleshooting, check to see if the problem is arecurring one rather than an isolated fault. Some recurringproblems are due to growth in demand for services byworkstation ports outpacing the configuration, trunking, orcapacity to access server resources. For example, the use ofWeb technologies and traditional applications, such as filetransfer and e-mail, is causing network traffic growth thatenterprise networks must handle.


Many campus LANs face unpredictable network trafficpatterns that result from the combination of intranet traffic,fewer centralized campus server locations, and the increasinguse of multicast applications. The old 80/20 rule, whichstated that only 20 percent of network traffic went over thebackbone, is obsolete. Internal Web browsing now enables usersto locate and access information anywhere on the corporateintranet. Traffic patterns are dictated by where the serversare located and not by the physical workgroup configurationswith which they happen to be grouped.

If a network frequently experiences bottleneck symptoms,like excessive overflows, dropped frames, and retransmissions,there may be too many ports riding on a single trunk or toomany requests for global resources and access to intranetservers.

Bottleneck symptoms may also occur because a majority ofthe traffic is being forced to traverse the backbone. Anothercause may be that any-to-any access is common, as users drawupon corporate Web-based resources and multimediaapplications. In this case, it may be necessary to considerincreasing the network resources to meet the growing demand.

8.3.3 Preventing broadcast storms

A broadcast storm occurs when a large number of broadcastpackets are received on a port. Forwarding these packets cancause the network to slow down or to time out. Storm controlis configured for the switch as a whole, but operates on aper-port basis. Storm control is disabled by default.

Prevention of broadcast storms by setting threshold valuesto high or low discards excessive broadcast, multicast, orunicast MAC traffic. In addition, configuration of values forrising thresholds on a switch will shut the port down.

STP problems include broadcast storms, loops, dropped BPDUsand packets. The function of STP is to ensure that no logicloops occur in a network by designating a root bridge. The


root bridge is the central point of a spanning-treeconfiguration that controls how the protocol operates.

The location of the root bridge in the extended router andswitch is necessary for effective troubleshooting. The showcommands on both the router and the switch can display root-bridge information. Configuration of root bridge timers setparameters for forwarding delay or maximum age for STPinformation. Manually configuring a device as a root bridgeis another configuration option.

If the extended router and switch network encounters aperiod of instability, it helps to minimize the STP processesoccurring between devices.

If it becomes necessary to reduce BPDU traffic, put thetimers on the root bridge at their maximum values.Specifically, set the forward delay parameter to the maximumof 30 seconds, and set the max_age parameter to the maximum of40 seconds.

A physical port on a router or switch may be part of morethan one spanning tree if it is a trunk.

Note: VTP runs on Catalyst switches not routers.

It is advisable to configure a Catalyst switch neighboringa router to operate in VTP transparent mode until Ciscosupports VTP on its routers.

The Spanning-Tree Protocol (STP) is considered one of themost important Layer 2 protocols on the Catalyst switches. Bypreventing logical loops in a bridged network, STP allowsLayer 2 redundancy without generating broadcast storms.

Minimize spanning-tree problems by actively developing abaseline study of the network.

8.3.4 Troubleshooting VLANs

The show and debug commands can be extremely useful when


troubleshooting VLANs. Figure illustrates the most commonproblems found when troubleshooting VLANs.

To troubleshoot the operation of Fast Ethernet routerconnections to switches, it is necessary to make sure that therouter interface configuration is complete and correct. Verifythat an IP address is not configured on the Fast Ethernetinterface. IP addresses are configured on each subinterface ofa VLAN connection. Verify that the duplex configuration on therouter matches that on the appropriate port/interface on theswitch.

The show vlan command displays the VLAN information on theswitch. Figure , displays the output from the show vlancommand. The display shows the VLAN ID, name, status, andassigned ports.

The CatOS show vlan keyword options and keyword syntaxdescriptions of each field are also shown.

The show vlan displays information about that VLAN on therouter. The show vlan command followed by the VLAN numberdisplays specific information about that VLAN on the router.Output from the command includes the VLAN ID, routersubinterface, and protocol information.

The show spanning-tree command displays the spanning-treetopology known to the router. This command will show the STPsettings used by the router for a spanning-tree bridge in therouter and switch network.

The first part of the show spanning-tree output listsglobal spanning tree configuration parameters, followed bythose that are specific to given interfaces.

Bridge Group 1 is executing the IEEE compatibleSpanning-Tree Protocol.

The following lines of output show the current operatingparameters of the spanning tree:


Bridge Identifier has priority 32768, address0008.e32e.e600

Configured hello time 2, Max age 20, forward delay 15

The following line of output shows that the router is theroot of the spanning tree:

We are the root of the spanning tree.

Key information from the show spanning-tree command createsa map of the STP network.

The debug sw-vlan packets command displays generalinformation about VLAN packets received but not configured tosupport the router. VLAN packets that the router isconfigured to route or switch are counted and indicated whenusing the show sw-vlan command.

8.3.5 VLAN troubleshooting scenarios

Proficiency at troubleshooting switched networks will beachieved after the techniques are learned and are adapted tothe company needs. Experience is the best way of improvingtroubleshooting skills.

Three practical VLAN troubleshooting scenarios referring tothe most common problems will be described. Each of thesescenarios contains an analysis of the problem to then solvingthe problem. Using appropriate specific commands and gatheringmeaningful information from the outputs, the progression ofthe troubleshooting process can be completed.

Scenario 1:

A trunk link cannot be established between a switch and arouter.

When having difficulty with a trunk connection between aswitch and a router, be sure to consider the followingpossible causes:

Make sure that the port is connected and not receiving


any physical-layer, alignment or frame-check-sequence(FCS) errors. This can be done with the show interfacecommand on the switch.

Verify that the duplex and speed are set properlybetween the switch and the router. This can be donewith the show int status command on the switch or theshow interface command on the router.

Configure the physical router interface with onesubinterface for each VLAN that will route traffic.Verify this with the show interface IOS command. Also,make sure that each subinterface on the router has theproper encapsulation type, VLAN number, IP address, andsubnet mask configured. This can be done with the showinterface or show running-config IOS commands.

Confirm that the router is running an IOS release thatsupports trunking. This can be verified with the showversion command.

Scenario 2:

VTP is not correctly propagating VLAN configurationchanges.

When VTP is not correctly affecting configuration updateson other switches in the VTP domain, check the followingpossible causes:

Make sure the switches are connected through trunklinks. VTP updates are exchanged only over trunk links.This can be verified with the show int status command.

Make sure the VTP domain name is the same on allswitches that need to communicate with each other. VTPupdates are exchanged only between switches in the sameVTP domain. This scenario is one of the most common VTPproblems. It can be verified with the show vtp statuscommand on the participating switches.

Check the VTP mode of the switch. If the switch is inVTP transparent mode, it will not update its VLANconfiguration dynamically. Only switches in VTP serveror VTP client mode update their VLAN configuration


based on VTP updates from other switches. Again, usethe show vtp status command to verify this.

If using VTP passwords, the same password must beconfigured on all switches in the VTP domain. To clearan existing VTP password, use the no vtp passwordpassword command on the VLAN mode.

Scenario 3:

Dropped packets and loops.

Spanning-tree bridges use topology change notificationBridge Protocol Data Unit packets (BPDUs) to notify otherbridges of a change in the spanning-tree topology of thenetwork. The bridge with the lowest identifier in the networkbecomes the root. Bridges send these BPDUs any time a portmakes a transition to or from a forwarding state, as long asthere are other ports in the same bridge group. These BPDUsmigrate toward the root bridge.

There can be only one root bridge per bridged network. Anelection process determines the root bridge. The rootdetermines values for configuration messages, in the BPDUs,and then sets the timers for the other bridges. Otherdesignated bridges determine the shortest path to the rootbridge and are responsible for advertising BPDUs to otherbridges through designated ports. A bridge should have portsin the blocking state if there is a physical loop.

Problems can arise for internetworks in which both IEEE andDEC spanning-tree algorithms are used by bridging nodes. Theseproblems are caused by differences in the way the bridgingnodes handle spanning tree BPDU packets, or hello packets, andin the way they handle data.

In this scenario, Switch A, Switch B, and Switch C arerunning the IEEE spanning-tree algorithm. Switch D isinadvertently configured to use the DEC spanning-treealgorithm.


Switch A claims to be the IEEE root and Switch D claims tobe the DEC root. Switch B and Switch C propagate rootinformation on all interfaces for IEEE spanning tree. However,Switch D drops IEEE spanning-tree information. Similarly, theother routers ignore Router D's claim to be root.

The result is that in none of the bridges believing thereis a loop and when a broadcast packet is sent on the network,a broadcast storm results over the entire internetwork. Thisbroadcast storm will include Switches X and Y, and beyond.

To resolve this problem, reconfigure Switch D for IEEE.Although a configuration change is necessary, it might not besufficient to reestablish connectivity. There will be areconvergence delay as devices exchange BPDUs and recompute aspanning tree for the network.

Summary


ISL and 802.1Q trunking Geographic VLANs Configuring static VLANs on 29xx series Catalyst

switches Verifying and saving VLAN configurations Deleting VLANs from a switch Definition of VLANs The benefits of VLANs How VLANs are used to create broadcast domains How routers are used for communication between VLANs The common VLAN types A systematic approach to VLAN troubleshooting The steps for general troubleshooting in switched

networks How spanning-tree problems can lead to broadcast storms Using show and debug commands to troubleshoot VLANs

Chapter 9 VLAN Trunking Protocol 177

Chapter 9 VLAN Trunking Protocol

Overview

Early VLANs were difficult to implement across networks.Most VLANs were defined on each switch, which meant thatdefining VLANs over an extended network was a complicatedtask. Every switch manufacturer had a different idea of thebest ways to make their switches VLAN capable, which furthercomplicated matters. VLAN trunking was developed to solvethese problems.

VLAN trunking allows many VLANs to be defined throughout anorganization by adding special tags to frames to identify theVLAN to which they belong. This tagging allows many VLANs tobe carried across a common backbone, or trunk. VLAN trunkingis standards-based, with the IEEE 802.1Q trunking protocol nowwidely implemented. Cisco’s Inter-Switch Link (ISL) is aproprietary trunking protocol that can be implemented in allCisco networks.

VLAN trunking uses tagged frames to allow multiple VLANs tobe carried throughout a large switched network over sharedbackbones. Manually configuring and maintaining VLAN TrunkingProtocol (VTP) on numerous switches can be challenging. Thebenefit of VTP is that, once a network is configured with VTP,many of the VLAN configuration tasks are automatic.

This module explains VTP implementation in a VLAN switchedLAN environment.

VLAN technology provides network administrators with manyadvantages. Among other things, VLANs help control Layer 3broadcasts, they improve network security, and they can helplogically group network users. However, VLANs have an


important limitation. They operate at Layer 2, which meansthat devices on one VLAN cannot communicate with users onanother VLAN without the use of routers and network layeraddresses.

Students completing this module should be able to: Explain the origins and functions of VLAN trunking Describe how trunking enables the implementation of

VLANs in a large network Define IEEE 802.1Q Define Cisco ISL Configure and verify a VLAN trunk Define VTP Explain why VTP was developed Describe the contents of VTP messages List and define the three VTP modes Configure and verify VTP on an IOS-based switch Explain why routing is necessary for inter-VLAN

communication Explain the difference between physical and logical

interfaces Define subinterfaces Configure inter-VLAN routing using subinterfaces on a

router port

9.1 Trunking

9.1.1 History of trunking

The history of trunking goes back to the origins of radioand telephony technologies. In radio technologies, a trunk isa single communications line that carries multiple channels ofradio signals.

In the telephony industry, the trunking concept isassociated with the telephone communication path or channelbetween two points. One of these two points is usually theCentral Office (CO). Shared trunks may also be created for


redundancy between COs.

The concept that had been used by the telephone and radioindustries was then adopted for data communications. Anexample of this in a communications network is a backbone linkbetween an MDF and an IDF. A backbone is composed of a numberof trunks.

At present, the same principle of trunking is applied tonetwork switching technologies. A trunk is a physical andlogical connection between two switches across which networktraffic travels.

9.1.2 Trunking concepts

As mentioned before, a trunk is a physical and logicalconnection between two switches across which network traffictravels. It is a single transmission channel between twopoints. Those points are usually switching centers.

In the context of a VLAN switching environment, a trunk isa point-to-point link that supports several VLANs. The purposeof a trunk is to conserve ports when creating a link betweentwo devices implementing VLANs. Figure illustrates two VLANsshared across two switches, (Sa and Sb). Each switch is usingtwo physical links so that each port carries traffic for asingle VLAN. This is the simplest way of implementing inter-switch VLAN communication, but it does not scale well.

Adding a third VLAN would require using two additionalports, one on each connected switch. This design is alsoinefficient in terms of load sharing. In addition, the trafficon some VLANs may not justify a dedicated link. Trunking willbundle multiple virtual links over one physical link byallowing the traffic for several VLANs to travel over a singlecable between the switches.

A comparison for trunking is like a Highway Distributor.The roads with different starting and ending points share amain national highway for a few kilometers then will divide


again to reach their particular destinations. This method ismore cost effective than building an entire road from start toend for every existing or new destination.

9.1.3 Trunking operation

The switching tables at both ends of the trunk can be usedto make port forwarding decisions based on frame destinationMAC addresses. As the number of VLANs traveling across thetrunk increases, the forwarding decisions become slower andmore difficult to manage . The decision process becomes slowerbecause the larger switching tables take longer to process.

Trunking protocols were developed to effectively manage thetransfer of frames from different VLANs on a single physicalline. The trunking protocols establish agreement for thedistribution of frames to the associated ports at both ends ofthe trunk.

Currently two types of trunking mechanisms exist, framefiltering and frame tagging. Frame tagging has been adopted asthe standard trunking mechanism by IEEE.

Trunking protocols that use a frame tagging mechanismassign an identifier to the frames to make their managementeasier and to achieve a faster delivery of the frames.

The unique physical link between the two switches is ableto carry traffic for any VLAN. In order to achieve this, eachframe sent on the link is tagged to identify which VLAN itbelongs to. Different tagging schemes exist. The most commontagging schemes for Ethernet segments are listed below:

ISL – Cisco proprietary Inter-Switch Link protocol. 802.1Q – IEEE standard that will be focused on in this

section.


Fill in the Blanks: Trunking Operation

When the student has completed this activity, the student


will how using trunk links can the number of physicalinterfaces needed on a switch.

9.1.4 VLANs and trunking

Specific protocols, or rules, are used to implementtrunking. Trunking provides an effective method to distributeVLAN ID information to other switches.

Using frame tagging as the standard trunking mechanism, asopposed to frame filtering, provides a more scalable solutionto VLAN deployment. Frame tagging is the way to implementVLANs according to IEEE 802.1Q.

VLAN frame tagging is an approach that has beenspecifically developed for switched communications. Frametagging places a unique identifier in the header of each frameas it is forwarded throughout the network backbone. Theidentifier is understood and examined by each switch beforeany broadcasts or transmissions are made to other switches,routers, or end-station devices. When the frame exits thenetwork backbone, the switch removes the identifier before theframe is transmitted to the target end station. Frame taggingfunctions at Layer 2 and requires little processing oradministrative overhead.

It is important to understand that a trunk link does notbelong to a specific VLAN. The responsibility of a trunk linkis to act as a conduit for VLANs between switches and routers.

ISL is a protocol that maintains VLAN information astraffic flows between the switches. With ISL, an Ethernetframe is encapsulated with a header that contains a VLAN ID.

9.1.5 Trunking implementation

To create or configure a VLAN trunk on a Cisco IOS command-based switch, configure the port first as a trunk and thenspecify the trunk encapsulation with the following commands:

Before attempting to configure a VLAN trunk on a port,


determine what encapsulation the port can support. This can bedone using the show port capabilities command. In theexample, notice in the highlighted text that Port 2/1 willsupport only the IEEE 802.1Q encapsulation.

Verify that trunking has been configured and verify thesettings by using the show trunk [mod_num/port_num] commandfrom privileged mode on the switch.

Figure shows the trunking modes available in Fast Ethernetand Gigabit Ethernet.

Lab Activity

Lab Exercise: Trunking with ISL

This lab is to create an ISL trunk line between the twoswitches to allow communication between paired VLANs.

Lab Activity

Lab Exercise: Trunking with 802.1q

This lab is to create an 802.1q trunk line between the twoswitches to allow communication between paired VLANs.

Lab Activity

e-Lab Activity: Trunking with ISL

In this lab, the student will create multiple VLANs on twoseparate switches, name the switches, and assign multiplemember ports to the switches.

Lab Activity

e-Lab Activity: Trunking with 802.1q

In this lab, the student will create multiple VLANs on twoseparate switches, name the switches, and assign multiplemember ports to the switches.


9.2 VTP

9.2.1 History of VTP

VLAN Trunking Protocol (VTP) was created to solveoperational problems in a switched network with VLANs.

Consider the example of a domain with severalinterconnected switches that support several VLANs. Tomaintain connectivity within VLANs, each VLAN must be manuallyconfigured on each switch. As the organization grows andadditional switches are added to the network, each new switchmust be manually configured with VLAN information. A singleincorrect VLAN assignment could cause two potential problems:

Cross-connected VLANs due to VLAN configurationinconsistencies

VLAN misconfiguration across mixed media environmentssuch as Ethernet and Fiber Distributed Data Interface(FDDI)

With VTP, VLAN configuration is consistently maintainedacross a common administrative domain. Additionally, VTPreduces the complexity of managing and monitoring VLANnetworks.

9.2.2 VTP concepts

The role of VTP is to maintain VLAN configurationconsistency across a common network administration domain. VTPis a messaging protocol that uses Layer 2 trunk frames tomanage the addition, deletion, and renaming of VLANs on asingle domain. Further, VTP allows for centralized changesthat are communicated to all other switches in the network.

VTP messages are encapsulated in either Cisco proprietaryInter-Switch Link (ISL) or IEEE 802.1Q protocol frames, andpassed across trunk links to other devices. In IEEE 802.1Qframes a 4 byte field is added that tags the frame. Bothformats carry the VLAN ID.


While switch ports are normally assigned to only a singleVLAN, trunk ports by default carry frames from all VLANs.

9.2.3 VTP operation

A VTP domain is made up of one or more interconnecteddevices that share the same VTP domain name. A switch can bein one VTP domain only.

When transmitting VTP messages to other switches in thenetwork, the VTP message is encapsulated in a trunkingprotocol frame such as ISL or IEEE 802.1Q. Figure shows thegeneric encapsulation for VTP within an ISL frame. The VTPheader varies, depending upon the type of VTP message, butgenerally, four items are found in all VTP messages:

VTP protocol version: Either Version 1 or 2 VTP message type: Indicates one of four types Management domain name length: Indicates size of the

name that follows Management domain name: The name configured for the

management domain

VTP switches operate in one of three modes: Server Client Transparent

VTP servers can create, modify, and delete VLAN and VLANconfiguration parameters for the entire domain. VTP serverssave VLAN configuration information in the switch NVRAM. VTPservers send VTP messages out to all trunk ports.

VTP clients cannot create, modify, or delete VLANinformation. This mode is useful for switches lacking memoryto store large tables of VLAN information. The only role ofVTP clients is to process VLAN changes and send VTP messagesout all trunk ports.

Switches in VTP transparent mode forward VTP advertisementsbut ignore information contained in the message. A transparent


switch will not modify its database when updates are received,nor will the switch send out an update indicating a change inits VLAN status. Except for forwarding VTP advertisements, VTPis disabled on a transparent switch.

VLANs detected within the advertisements serve asnotification to the switch that traffic with the newly definedVLAN IDs may be expected.

In Figure , Switch C transmits a VTP database entry withadditions or deletions to Switch A and Switch B. Theconfiguration database has a revision number that isincremented by one. A higher configuration revision numberindicates that the VLAN information that is being sent is morecurrent then the stored copy. Any time a switch receives anupdate that has a higher configuration revision number theswitch will overwrite the stored information with the newinformation being sent in the VTP update. Switch F will notprocess the update because it is in a different domain. Thisoverwrite process means that if the VLAN does not exist in thenew database, it is deleted from the switch. In addition, VTPmaintains its own NVRAM. An erase startup-configuration clearsthe NVRAM of configuration commands, but not the VTP databaserevision number. To set the configuration revision number backto zero, the switch must be rebooted.

By default, management domains are set to a nonsecure mode,meaning that the switches interact without using a password.Adding a password automatically sets the management domain tosecure mode. The same password must be configured on everyswitch in the management domain to use secure mode.

9.2.4 VTP implementation

With VTP, each switch advertises on its trunk ports, itsmanagement domain, configuration revision number, the VLANsthat it knows about, and certain parameters for each knownVLAN. These advertisement frames are sent to a multicastaddress so that all neighboring devices can receive the


frames. However, the frames are not forwarded by normalbridging procedures. All devices in the same management domainlearn about any new VLANs configured in the transmittingdevice. A new VLAN must be created and configured on onedevice only in the management domain. All the other devices inthe same management domain automatically learn theinformation.

Advertisements on factory-default VLANs are based on mediatypes. User ports should not be configured as VTP trunks.

Each advertisement starts as configuration revision number0. As changes are made the configuration revision number isincreased incrementally by one, (n + 1). The revision numbercontinues to increment until it reaches 2,147,483,648. When itreaches that point, the counter will reset back to zero.

There are two types of VTP advertisements: Requests from clients that want information at bootup Response from servers

There are three types of VTP messages: Advertisement requests Summary advertisements Subset advertisements

With advertisement requests, clients request VLANinformation and the server responds with summary and subsetadvertisements.

By default, server and client Catalyst switches issuesummary advertisements every five minutes. Servers informneighbor switches what they believe to be the current VTPrevision number. Assuming the domain names match, thereceiving server or client compares the configuration revisionnumber. If the revision number in the advertisement is higherthan the current revision number in the receiving switch, thereceiving switch then issues an advertisement request for newVLAN information.


Subset advertisements contain detailed information aboutVLANs such as VTP version type, domain name and relatedfields, and the configuration revision number. The followingcan trigger these advertisements:

Creating or deleting a VLAN Suspending or activating a VLAN Changing the name of a VLAN Changing the maximum transmission unit (MTU) of a VLAN

Advertisements may contain some or all of the followinginformation:

Management domain name. Advertisements with differentnames are ignored.

Configuration revision number. The higher numberindicates a more recent configuration.

Message Digest 5 (MD5). MD5 is the key that is sentwith the VTP when a password has been assigned. If thekey does not match, the update is ignored.

Updater identity. The updater identity is the identityof the switch that is sending the VTP summaryadvertisement.

9.2.5 VTP configuration

The following basic tasks must be considered beforeconfiguring VTP and VLANs on the network.

Determine the version number of VTP that will beutilized.

Decide if this switch is to be a member of an existingmanagement domain or if a new domain should be created.If a management domain exists, determine the name andpassword of the domain.

Choose a VTP mode for the switch.

Two different versions of VTP are available, Version 1 andVersion 2. The two versions are not interoperable. If a switchis configured in a domain for VTP Version 2, all switches inthe management domain must be configured for VTP Version 2.VTP Version 1 is the default. VTP Version 2 may be implemented


if some of the specific features that VTP Version 2 offers arenot offered in VTP Version 1. The most common feature that isneeded is Token Ring VLAN support.

To configure the VTP version on a Cisco IOS command-basedswitch, first enter VLAN database mode.

Use the following command to change the VTP version numberon a set command-based switch.

Switch#vlan databaseSwitch(vlan)#vtp v2-mode

If the switch being installed is the first switch in thenetwork, create the management domain. If the managementdomain has been secured, configure a password for the domain.

To create a management domain use the following command:

Switch(vlan)#vtp domain cisco

The domain name can be between 1 and 32 characters. Thepassword must be between 8 and 64 characters long.

To add a VTP client to an existing VTP domain, alwaysverify that its VTP configuration revision number is lowerthan the configuration revision number of the other switchesin the VTP domain. Use the show vtp status command. Switchesin a VTP domain always use the VLAN configuration of theswitch with the highest VTP configuration revision number. Ifa switch is added that has a revision number higher than therevision number in the VTP domain, it can erase all VLANinformation from the VTP server and VTP domain.

Choose one of the three available VTP modes for the switch.If this is the first switch in the management domain andadditional switches will be added, set the mode to server. Theadditional switches will be able to learn VLAN informationfrom this switch. There should be at least one server.

VLANs can be created, deleted, and renamed at will without


the switch propagating changes to other switches. If a largenumber of people are configuring devices within the network,there is a risk of overlapping VLANs with two differentmeanings in the network but with the same VLAN identification.

To set the correct mode of the Cisco IOS command-basedswitch, use the following command:

Switch(vlan)#vtp {client | server | transparent}

Figure shows the output of the show vtp status command.This command is used to verify VTP configuration settings on aCisco IOS command-based switch.

Figure shows an example of the show vtp counters command.This command is used to display statistics aboutadvertisements sent and received on the switch.

Lab Activity

Lab Exercise: VTP Client and Server Configurations

This lab is to configure the VTP protocol to establishserver and client switches .

Lab Activity

e-Lab Activity: VTP Client and Server Configurations

In this lab, the student will configure the VTP protocol toestablish server and client switches .

9.3 Inter-VLAN Routing Overview

9.3.1 VLAN basics

A VLAN is a logical grouping of devices or users that canbe grouped by function, department, or application regardlessof their physical location.

VLANs are configured at the switch through software. The


number of competing VLAN implementations can require the useof proprietary software from the switch vendor. Grouping portsand users into communities of interest, referred to as VLANorganizations, may be accomplished by the use of a singleswitch or more powerfully among connected switches within theenterprise. By grouping the ports and users together acrossmultiple switches, VLANs can span single buildinginfrastructures or interconnected buildings. VLANs assist inthe effective use of bandwidth as they share the samebroadcast domain or Layer 3 network. VLANs optimize thecollection and use of bandwidth. VLANs contend for the samebandwidth although the bandwidth requirements may vary greatlyby workgroup or department. The following are some VLANconfiguration issues:

A switch creates a broadcast domain VLANs help manage broadcast domains VLANs can be defined on port groups, users or protocols LAN switches and network management software provide a

mechanism to create VLANs

VLANs help control the size of broadcast domains andlocalize traffic. VLANs are associated with individualnetworks. Therefore, network devices in different VLANs cannotdirectly communicate without the intervention of a Layer 3routing device.

When a node in one VLAN needs to communicate with a node inanother VLAN, a router is necessary to route the trafficbetween VLANs. Without the routing device, inter-VLAN trafficwould not be possible.

9.3.2 Introducing inter-VLAN routing

When a host in one broadcast domain wishes to communicatewith a host in another broadcast domain, a router must beinvolved.

Port 1 on a switch is part of VLAN 1, and port 2 is part ofVLAN 200. If all of the switch ports were part of VLAN 1, the


hosts connected to these ports could communicate. In this casehowever, the ports are part of different VLANs, VLAN 1 andVLAN 200. A router must be involved if hosts from thedifferent VLANs need to communicate.

The most important benefit of routing is its proven historyof facilitating networks, particularly large networks.Although the Internet serves as the obvious example, thispoint is true for any type of network, such as a large campusbackbone. Because routers prevent broadcast propagation anduse more intelligent forwarding algorithms than bridges andswitches, routers provide more efficient use of bandwidth.This simultaneously results in flexible and optimal pathselection. For example, it is very easy to implement loadbalancing across multiple paths in most networks when routing.On the other hand, Layer 2 load balancing can be verydifficult to design, implement, and maintain.

If a VLAN spans across multiple devices a trunk is used tointerconnect the devices. A trunk carries traffic for multipleVLANs. For example, a trunk can connect a switch to anotherswitch, a switch to the inter-VLAN router, or a switch to aserver with a special NIC installed that supports trunking.

Remember that when a host on one VLAN wants to communicatewith a host on another, a router must be involved.


Drag and Drop: Inter-VLAN Routing

When the student has completed this activity, the studentwill learn the path packets take in a network with inter-VLANrouting. The student will predict the path a packet will takegiven the source host and the destination host.

9.3.3 Inter-VLAN issues and solutions

When VLANs are connected together, several technical issueswill arise. Two of the most common issues that arise in a


multiple-VLAN environment are: The need for end user devices to reach non-local hosts The need for hosts on different VLANs to communicate

When a device needs to make a connection to a remote host,it checks its routing table to determine if a known pathexists. If the remote host falls into a subnet that it knowshow to reach, then the system checks to see if it can connectalong that interface. If all known paths fail, the system hasone last option, the default route. This route is a specialtype of gateway route, and it is usually the only one presentin the system. On a router, an asterisk (*) indicates adefault route in the output of the show ip route command. Forhosts on a local area network, this gateway is set to whatevermachine has a direct connection to the outside world, and itis the Default Gateway listed in the workstation TCP/IPsettings. If the default route is being configured for arouter which itself is functioning as the gateway to thepublic Internet, then the default route will point to thegateway machine at an Internet service provider (ISP) site.Default routes are implemented using the ip route command.

Router(Config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1

In this example, 192.168.1.1 is the gateway. Inter-VLANconnectivity can be achieved through either logical orphysical connectivity.

Logical connectivity involves a single connection, ortrunk, from the switch to the router. That trunk can supportmultiple VLANs. This topology is called a router on a stickbecause there is a single connection to the router. However,there are multiple logical connections between the router andthe switch.

Physical connectivity involves a separate physicalconnection for each VLAN. This means a separate physicalinterface for each VLAN.

Early VLAN designs relied on external routers connected to


VLAN-capable switches. In this approach, traditional routersare connected via one or more links to a switched network. Therouter-on-a-stick designs employ a single trunk link thatconnects the router to the rest of the campus network. Inter-VLAN traffic must cross the Layer 2 backbone to reach therouter where it can move between VLANs. Traffic then travelsback to the desired end station using normal Layer 2forwarding. This out-to-the-router-and-back flow ischaracteristic of router-on-a-stick designs.


Drag and Drop: Inter-VLAN Routing Issues and Solutions

When the student has completed this activity, the studentwill learn about some of the problems when using VLAN. Theywill also learn some of the solutions.

9.3.4 Physical and logical interfaces

In a traditional situation, a network with four VLANs wouldrequire four physical connections between the switch and theexternal router.

As technologies such as Inter-Switch Link (ISL) became morecommon, network designers began to use trunk links to connectrouters to switches. Although any trunking technology such asISL, 802.1Q, 802.10, or LAN emulation (LANE) can be used,Ethernet-based approaches such as ISL and 802.1Q are mostcommon.

The Cisco Proprietary protocol ISL as well as the IEEEmultivendor standard 802.1q are used to trunk VLANs over FastEthernet links.

The solid line in the example refers to the single physicallink between the Catalyst Switch and the router. This is thephysical interface that connects the router to the switch.

As the number of VLANs increases on a network, the physicalapproach of having one router interface per VLAN quickly


becomes unscalable. Networks with many VLANs must use VLANtrunking to assign multiple VLANs to a single routerinterface.

The dashed lines in the example refer to the multiplelogical links running over this physical link usingsubinterfaces. The router can support many logical interfaceson individual physical links. For example, the Fast Ethernetinterface FastEthernet 0/0 might support three virtualinterfaces numbered FastEthernet 1/0.1, 1/0.2 and 1/0.3.

The primary advantage of using a trunk link is a reductionin the number of router and switch ports used. Not only canthis save money, it can also reduce configuration complexity.Consequently, the trunk-connected router approach can scale toa much larger number of VLANs than a one-link-per-VLAN design.

9.3.5 Dividing physical interfaces into subinterfaces

A subinterface is a logical interface within a physicalinterface, such as the Fast Ethernet interface on a router.

Multiple subinterfaces can exist on a single physicalinterface.

Each subinterface supports one VLAN, and is assigned one IPaddress. In order for multiple devices on the same VLAN tocommunicate, the IP addresses of all meshed subinterfaces mustbe on the same network or subnetwork. For example, ifsubinterface 2 has an IP address of 192.168.1.1 then192.168.1.2, 192.168.1.3, and 192.1.1.4 are the IP addressesof devices attached to subinterface 2.

In order to route between VLANs with subinterfaces, asubinterface must be created for each VLAN.

The next section discusses the commands necessary to createsubinterfaces and apply a trunking protocol and an IP addressto each subinterface.

9.3.6 Configuring inter-VLAN routing


This section demonstrates the commands necessary toconfigure inter-VLAN routing between a router and a switch.Before any of these commands are implemented, each router andswitch should be checked to see which VLAN encapsulations theysupport. Catalyst 2950 switches have supported 802.1q trunkingsince the release of Cisco IOS release 12.0(5.2)WC(1), butthey do not support Inter-Switch Link (ISL) trunking. In orderfor inter-VLAN routing to work properly, all of the routersand switches involved must support the same encapsulation.

On a router, an interface can be logically divided intomultiple, virtual subinterfaces. Subinterfaces provide aflexible solution for routing multiple data streams through asingle physical interface. To define subinterfaces on aphysical interface, perform the following tasks:

Identify the interface. Define the VLAN encapsulation. Assign an IP address to the interface.

To identify the interface, use the interface command inglobal configuration mode.

Router(config)#interface fastethernet port-number.subinterface-number

The port-number identifies the physical interface, and thesubinterface-number identifies the virtual interface.

The router must be able to talk to the switch using astandardized trunking protocol. This means that both devicesthat are connected together must understand each other. In theexample, 802.1q is used. To define the VLAN encapsulation,enter the encapsulation command in interface configurationmode.

Router(config-if)#encapsulation dot1q vlan-number

The vlan-number identifies the VLAN for which thesubinterface will carry traffic. A VLAN ID is added to theframe only when the frame is destined for a nonlocal network.


Each VLAN packet carries the VLAN ID within the packet header.

To assign the IP address to the interface, enter thefollowing command in interface configuration mode.

Router(config-if)#ip address ip-address subnet-mask

The ip-address and subnet-mask are the 32-bit networkaddress and mask of the specific interface.

In the example, the router has three subinterfacesconfigured on Fast Ethernet interface 0/0. These threeinterfaces are identified as 0/0.1, 0/0.2, and 0/0.3. Allinterfaces are encapsulated for ISL. Interface 0/0.1 isrouting packets for VLAN 1, whereas interface 0/0.2 is routingpackets for VLAN 20 and 0/0.3 is routing packets for VLAN 30.

Lab Activity

Lab Exercise: Configuring Inter-VLAN Routing

This lab is to create a basic configuration on a router andtest the routing functionality.

Lab Activity

e-Lab Activity: Configuring Inter-VLAN Routing

In this lab, the student will create a basic configurationon a router and test the routing functionality.

Summary


The origins and functions of VLAN trunking How trunking enables the implementation of VLANs in a

large network IEEE 802.1Q Cisco ISL


Configuring and verifying a VLAN trunk Definition of VLAN Trunking Protocol (VTP) Why VTP was developed The contents of VTP messages The three VTP modes Configuring and verifying VTP on an IOS-based switch Why routing is necessary for inter-VLAN communication The difference between physical and logical interfaces Subinterfaces Configuring inter-VLAN routing using subinterfaces on a

router port


Appendix URL

http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/products_configuration_guide_chapter09186a00800ca569.html

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca765.html#xtocid2

http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/ospf.htm

http://www.cisco.com/warp/public/104/2.html#1.1 http://www.cisco.com/warp/public/104/2.html#2.0 http://www.cisco.com/warp/public/104/2.html#3.0 http://www.cisco.com/warp/public/104/2.html#9.0 http://www.juniper.net/techpubs/software/junos50/

swconfig50-routing/html/ospf-overview6.html http://www.cisco.com/warp/public/104/2.html#5.0 http://www.cisco.com/en/US/products/sw/iosswrel/

ps1835/products_configuration_guide_chapter09186a0080087093.html#1012547

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_command_reference_chapter09186a00800917e6.html#1018073



http://www.cisco.com/en/US/products/sw/iosswrel/

Appendix URL 199

ps1835/products_command_reference_chapter09186a00800917e6.html#1025099

http://www.cisco.com/en/US/tech/tk826/tk365/technologies_tech_note09186a00800949f7.shtml

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca74c.html#1001661

http://www.cisco.com/en/US/tech/tk826/tk365/technologies_tech_note09186a0080094613.shtml

http://www.cisco.com/en/US/about/ac123/ac114/ac173/ac169/about_cisco_packet_enterprise_solution09186a00800a3453.html

http://www.cisco.com/en/US/tech/tk365/tk352/technologies_tech_note09186a0080093f0b.shtml

http://www.cisco.com/en/US/tech/tk826/tk365/technologies_tech_note09186a0080094613.shtml

http://www.cisco.com/en/US/tech/tk826/tk365/technologies_tech_note09186a00800949f7.shtml

http://www.maznets.com/tech/switched.htm http://www.cisco.com/univercd/cc/td/doc/cisintwk/

ito_doc/lanswtch.htm http://www.cisco.com/univercd/cc/td/doc/cisintwk/



ito_doc/lanswtch.htm http://www.2000trainers.com/article.aspx?

articleID=56&page=1 http://www.cisco.com/en/US/products/hw/switches/ps628/

index.html http://www.cisco.com/en/US/products/hw/switches/

ps4324/index.html http://www.cisco.com/en/US/products/hw/switches/ps708/

index.html


http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/2950_wc/scg/scg_mgmt.htm#xtocid111203

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12111ea1/scg/swcli.htm

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12111ea1/scg/swadmin.htm#xtocid65

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12111ea1/scg/swadmin.htm#xtocid72

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/2950_wc/scg/scg_mgmt.htm#xtocid1112059

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/1219ea1/ol236202.htm#xtocid10

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12111ea1/scg/swtrbl.htm#xtocid3

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/1219ea1/ol236202.htm#xtocid10

http://www.howstuffworks.com/lan-switch5.htm http://www.oreillynet.com/pub/a/network/2001/03/30/

net_2nd_lang.html http://www.oreillynet.com/pub/a/network/2001/03/30/

net_2nd_lang.html http://www.networkuptime.com/tips/lights/ http://www.zyxel.com/support/supportnote/ves1012/app/

stp.htm http://www.cisco.com/univercd/cc/td/doc/product/

rtrmgmt/sw_ntman/cwsimain/cwsi2/cwsiug2/vlan2/stpapp.htm

http://www.cisco.com/warp/public/473/146.html http://www.zyxel.com/support/supportnote/ves1012/app/

vlan.htm http://www.cisco.com/univercd/cc/td/doc/product/

software/ios113ed/113ed_cr/switch_c/xcvlan.htm http://www.zyxel.com/support/supportnote/ves1012/app/

vlan.htm http://www.intel.com/network/connectivity/resources/

doc_library/tech_brief/virtual_lans.htm http://www.cisco.com/warp/public/538/7.html http://www.cisco.com/en/US/tech/tk389/tk689/

Appendix URL 201

tech_tech_notes_list.html http://www.cisco.com/en/US/tech/tk389/tk689/




technologies_tech_note09186a0080094c52.shtml http://www.cisco.com/en/US/tech/tk389/tk689/



technologies_tech_note09186a0080094c52.shtml http://infocenter.cramsession.com/techlibrary/

gethtml.asp?ID=1676 http://infocenter.cramsession.com/techlibrary/

gethtml.asp?ID=1676 http://www.cisco.com/en/US/tech/tk389/tk689/

technologies_tech_note09186a0080094c52.shtml http://www.cisco.com/univercd/cc/td/doc/product/

software/ios120/12cgcr/switch_r/xrmls.htm http://www.cisco.com/univercd/cc/td/doc/product/lan/

cat5000/rel_5_2/layer3/routing.htm

Documents

CCNA v3 Sem3 English