Course plan

Basics of switching Virtual Local Area Networks (VLAN) Function of reliability and performance increase Quality of service (QoS) Security and network access functions Multicast Switch management functions Review of D-Link switches

PRACTICAL WORKS
1. Basic switch commands 2. Commands of switch firmware updating and switch configuration loading/backup 3. Commands of MAC and IP addresses forwarding tables, ARP tables management 4. Configuration of VLAN on the basis of IEEE 802.1Q 5. GVRP protocol configuration 6. Self-work to create LAN on the basis of IEEE 802.1Q standard 7. Configuration of asymmetric VLAN 8. Configuration of Traffic Segmentation 9. Configuration of Q-in-Q (Double VLAN) function 10. Configuration of STP, RSTP, MSTP protocols 11. Configuration of LoopBack Detection function 12. Link Aggregation 13. Access Control Lists 14. Management of nodes connection to switch ports. Port Security function 15. Switch ports connection management. IP-MAC-Port Binding function 16. QoS configuration. Traffic prioritization. Bandwidth management 17. Port Mirroring

Basics of switching

switch

Switch is
operated on OSI data link layer. could simultaneously establish several connections (microsegmentation). allowed each workstation to transfer and to accept data simultaneously, using the whole bandwidth in both directions (full duplex).

Switch operation in a local network

In local networks, switches process frames on the basis of transparent bridge algorithm, according to the IEEE 802.1D standard. Its operation begins with creation of the forwarding table (Forwarding DataBase, FDB).

When a switch receives a frame sent by computer A to computer B, it reads MAC address of receiver and looks for this MAC address in its forwarding table. As soon as the record associating MAC address of receiver (computer) with one of the switch ports (except for source port) is found, the frame is transferred through appropriate egress port. This process is called frame forwarding. If egress port is appeared to coincide with the source port, a frame will be discarded by a switch. This process is called filtering. If MAC address of a receiver in an arrived frame is unknown (there is no appropriate record in a forwarding table), switch creates multiple copies of this frame and transfers these copies through all ports, except that it arrived to. This process is called flooding.

Switching methods
The first step made by switch before making the decision on frame transmission, is frame receiving and content analysis. One of three operation modes can be implemented in a switch to define its behavior when receiving a frame: Store-and-forward switching; Cut-through switching; Fragment-free switching.

Switch form factor

Desktop switch Rack mounted switch Chassis switch

Switch physical stacking

A ring stack is built as follows: each device is connected to overlying and underlying, thus the lowermost and uppermost switches in a stack are also interconnected. During data transmission a packet is transferred from one device of a stack to another sequentially until it reaches the port of destination. The system automatically defines an optimal way of transmission for traffic that allows gaining full usage of bandwidth. Advantage of ring topology is that if an output of one device is out of operation or there is a communication breakaway, then remaining devices will continue to operate in a normal mode. In chain stack (linear topology) each device is connected with overlying and underlying. The uppermost and lowermost switches are not interconnected.

Switches interfaces

For easy connection possibility many switches are equipped with special slots for compact replaceable:

GBIC (Gigabit Interface Converter); SFP (Small Form Factor Pluggable); SFP+ (Enhanced Small Form Factor Pluggable); XFP (10 Gigabit Small Form Factor Pluggable).

GBIC

SFP

XFP

SFP+

Architecture of switches

One of the main components of all switching equipment is a switch fabric. A switch fabric is a chipset connecting inputs with outputs on the basis of fundamental technologies and principles of switching. A switch fabric has three functions: to switch traffic from one port of a fabric to another, providing their equivalence; to provide quality of service (QoS); to provide fault tolerance.

Shared bus architecture

Shared bus architecture, as appears from its name, uses a bus which provides communication of input/output devices (ports) connected to it as to the shared environment. A bus is used in time sharing mode, and that is at each point in time only a single source is allowed to send traffic on the bus. Bus access management is performed by a centralized arbiter that grants a source to send data on the bus.

Shared memory architecture

Shared memory architecture is based on large capacity fast RAM memory as a general buffer of switching system intended to store incoming packets before their transmission.

Crossbar architecture

Two types of switches with a crossbar switch fabric can be singled out: buffered crossbar; arbitrated crossbar.

In buffered crossbar switches buffers are installed at three main stages: at input, output, and switch fabric directly. Due to the queues appearing at three stages, this architecture allows to avoid the complexities caused by centralized arbiter. Queues management implemented by one of the dispatching algorithms is used at output of each stage. Arbitrated crossbar switches architecture has buffer-less switching elements and an arbiter that controls traffic transmission between fabric inputs and outputs. Absence of buffers in switching elements is compensated by buffers at ingress and egress ports. Usually developers use one of three buffering methods: - output buffers, - input buffers, - combined input and output buffers.

Input-queued switch architecture

Memory of each ingress port is organized as FIFO (First Input First Output) queue which is used for packets buffering before the process of switching begins. One of the problems of such switch fabric is Head-Of-Line blocking (HOL). It happens when switch tries to transfer packets from several input queues to one egress port simultaneously.

Output-queued switch architecture

Packets are buffered only at egress ports after the end of switching process.

Virtual output-queued switch architecture

Memory of each ingress port is organized as N (N quantity of egress ports) FIFO logical queues, one per egress port. These queues are used for buffering of incoming packets which are sent to egress port j (j = 1, .N).

Combined Input and Output Queued (CIOQ) switch architecture

Buffers are connected both to ingress and egress ports. Memory of every ingress port is organized as N virtual FIFO output queues, one per egress port. The switching system is based on a pipeline principle when each stage is called a time slot.

Properties affecting switches performance

Switch performance can be characterized by following parameters: frames filtering rate; frames forwarding rate; throughput; forwarding delay. Besides, there are several switch characteristics which strongly affect specified performance characteristics. They are: switching type; size of frame buffer(s); switching capacity; processor(s) performance; size of forwarding table.

Flow control in half duplex and in full duplex modes

Switching technologies and OSI model

Layer 2 switches analyze incoming frames, make the decision on their further transmission and transfer frames to their destinations using MAC addresses of OSI data link layer. Primary benefit of L2 switches is transparency for top layer protocols. L2 switching is a hardware-based one. Frame transmission can be carried out by specialized ASIC controller. As a rule L2 switches are used for network segmentation and working groups consolidation. Along with advantages of L2 switching there are some restrictions. Presence of switches does not prevent broadcast frames propagation in all segments of a network. L3 switches carry out switching and filtering using addresses of data link (layer 2) and network (layer 3) layers. L3 switches perform switching within working group and fulfill routing between various subnets or virtual local networks (VLAN). L3 switches carry out packet routing like conventional routers. They support RIP (Routing Information Protocol), OSPF (Open Shortest Path First), BGP (Border Gateway Protocol) to communicate with other L3 switches or routers, to create routing tables, to carry out routing using policies strategy, to control multicast traffic.

Three-layer network model

Three-layer network model

Core layer is on the top of hierarchy and provides reliable and fast transmission of big data pieces. Traffic transferred through a core is common for many users. User data are processed at distribution level which sends requests to core if necessary. Core layer should be reliable as any failure at this layer can lead to disconnection between network distribution layers. Distribution/Aggregation layer, also known as layer of working groups, is a link between the access layer and core layer. Depending on implementation, the distribution layer can fulfill the following functions: Routing, quality of service and network security; Link aggregation; Transfer between technologies (for example, between 100Base-TX and 1000Base-T). Access layer regulates the access of users and working groups to resources in incorporated network. Its primary goal is creation of users log-in/log-out points. This layer has following functions: Users access and network policies management; Creation of separate collisions domains (segmentation); Working groups connection to distribution layer; Using switched local networks technology.