You are on page 1of 41

CCNA Guide to Cisco

Networking Fundamentals
Fourth Edition

Chapter 13
Advanced Switching Concepts

Objectives
Explain how the Spanning Tree Protocol works and
describe its benefits
Describe the benefits of virtual LANs
Configure a VLAN
Understand the Purpose of the VLAN trunking
protocol (VTP)
Configure VTP

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

Spanning Tree Protocol


Physical path loops
A physical connection created when network devices
are connected to one another by two or more physical
media links
Help improve a networks fault tolerance

Drawback
Can result in endless packet looping

Spanning Tree Protocol (SP)


A layer 2 link management protocol designed to
prevent looping on bridges and switches
The specification for STP is IEEE 802.1d
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

Spanning Tree Protocol (continued)

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

Spanning Tree Protocol (continued)


STP uses the Spanning Tree Algorithm (STA)
To interrupt the logical loop created by a physical loop
in a bridged/switched environment
STP does this by ensuring that certain ports on some
of the bridges and switches do not forward frames

Building a logical path


Switches and bridges on a network use an election
process to configure a single logical path
First, a root bridge (root device) is selected
Then, the other switches and bridges configure their
ports, using the root bridge as a point of reference
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

Spanning Tree Protocol (continued)


Bridges use STP to transfer the information about
each bridges MAC address and priority number
Bridge protocol data units (BPDU) or
configuration bridge protocol data units (CBPDU)
The messages the devices send to one another

Each bridge or switch determines which of its own


ports offers the best path to the root bridge
Root ports
The BPDU messages are sent between the root
bridge and the best ports on the other devices
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

Spanning Tree Protocol (continued)


If BPDUs are not received for a certain period of time
The non-root-bridge devices will assume that the root
bridge has failed, and a new root bridge will be elected

Once the root bridge is determined and the switches


and bridges have calculated their paths to the root
bridge
The logical loop is removed by one of the switches or
bridges

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

Spanning Tree Protocol (continued)


Port states
STP will cause the ports on a switch or bridge to
settle into a stable state

Stable states
The normal operating states of ports when the root
bridge is available and all paths are functioning as
expected

Transitory states
Prevent logical loops during a period of transition from
one root bridge to another
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

Spanning Tree Protocol (continued)


The stable states are as follows:
Blocking
Forwarding
Disabled

The transitory states are as follows:


Listening
Learning

STP devices use the transitory states on ports while


a new root bridge is being elected
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

Spanning Tree Protocol (continued)


Ports on STP-enabled devices move through the
different states as indicated in the following list:

From bridge/switch bootup to blocking


From blocking to listening (or to disabled)
From listening to learning (or to disabled)
From learning to forwarding (or to disabled)
From forwarding to disabled

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

10

Spanning Tree Protocol (continued)


Topology changes
When the topology is changed, STP-enabled devices
react automatically
If a device in an STP-enabled network stops receiving
CBPDUs, then that device will claim to be the root
bridge
Will begin sending CBPDUs describing itself as such

Per-VLAN STP (PVSTP)


Operates on VLANs and treats all VLANs connected
as separate physical networks
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

11

Spanning Tree Protocol (continued)


Spanning Tree PortFast
Allows you to configure a switch to bypass some of
the latency (delay)
Associated with the switch ports transitioning through
all of the STP transitory states before they reach the
forwarding state

Configuring STP
See Table 13-1

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

12

Spanning Tree Protocol (continued)

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

13

Spanning Tree Protocol (continued)


Rapid STP (RSTP) 802.1w
Takes the basis of 802.1d (STP) and incorporates
some additional features (such as portfast) that
overcome some of the flaws of STP

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

14

Virtual LANs
Virtual LAN (VLAN)
A grouping of network devices that is not restricted to
a physical segment or switch
Can be configured on most switches to restructure
broadcast domains

Broadcast domain
Group of network devices that will receive LAN
broadcast traffic from each other

Management VLAN (also known as the default


VLAN)
By default, every port on a switch is in VLAN 1
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

15

Virtual LANs (continued)


You can create multiple VLANs on a single switch
Or even create one VLAN across multiple switches

A VLAN is a layer 2 implementation, and does not


affect layer 3 logical addressing

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

16

Virtual LANs (continued)

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

17

Virtual LANs (continued)

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

18

Benefits of VLANs
Benefits:

Ease of adding and moving stations on the LAN


Ease of reconfiguring the LAN
Better traffic control
Increased security

VLANs help to reduce the cost of moving employees


from one location to another
Many changes can be made at the switch
Physical moves do not necessitate the changing of IP
addresses and subnets
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

19

Benefits of VLANs (continued)


Because the administrator can set the size of the
broadcast domain
The VLAN gives the administrator added control over
network traffic

Dividing the broadcast domains into logical groups


increases security
Requires a hacker to perform the difficult feat of
tapping a network port and then figuring out the
configuration of the LAN

VLANs can be configured by network administrators


to allow membership only for certain devices
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

20

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

21

Dynamic vs. Static VLANs


Static VLANs
Configured port-by-port, with each port being
associated with a particular VLAN
The network administrator manually types in the
mapping for each port and VLAN

Dynamic VLAN
Ports can automatically determine their VLAN
configuration
Uses a software database of MAC address-to-VLAN
mappings that is created manually
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

22

Dynamic vs. Static VLANs (continued)


Dynamic VLAN could prove to be more timeconsuming than the static VLAN
Dynamic VLAN allows the network administration
team to keep the entire administrative database in
one location
On a dynamic VLAN, moving a cable from one
switch port to another is not a problem
Because the VLAN will automatically reconfigure its
ports on the basis of the attached workstations MAC
address
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

23

VLAN Standardization
Before VLAN was an IEEE standard
Early implementations depended on the switch vendor
and on a method known as frame filtering

Frame filtering
Complex process that involved one table for each
VLAN
Had a master table that was shared by all VLANs

The IEEE 802.1q specification that defines VLANs


recommends frame tagging
Also known as frame identification
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

24

VLAN Standardization (continued)


Frame tagging
Involves adding a four-byte field to the actual Ethernet
frame to identify the VLAN and other pertinent
information
Makes it easier and more efficient to ship VLAN
frames across network backbones
Switches on the other side of the backbone can simply
read the frame instead of being required to refer back to
a frame-filtering table

The two most common types of frame tagging


(encapsulation) are 802.1q and Inter-Switch Link
(ISL) protocol
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

25

Creating VLANs
You can create VLANs by entering the (configvlan)# mode and using the VLAN command
Or you can enter the VLAN database and use the
VLAN configuration mode

To use the config-vlan mode, you type the following:


Rm410HL(config)#VLAN 2
Rm410HL(config-vlan)name production

To use the VLAN configuration mode, you start by


entering the VLAN database

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

26

Creating VLANs (continued)


The next step is to assign switch ports to the new
VLANs
Ports can be assigned as static or dynamic

To remove a VLAN, use the no parameter:


Rm410HL(config)#no vlan 2

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

27

Link Types and Configuration


Two types of links are on Cisco switches: trunk links
and access links
Trunk links
Switch-to- switch or switch-to-router links that can
carry traffic from multiple VLANs

Access links
Links to non-VLAN-aware devices such as hubs and
individual workstations

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

28

Link Types and Configuration


(continued)
You choose from five different states for a trunk link:

Auto
Desirable
Nonegotiate
Off
On

To configure a trunk link on a Catalyst 2950, you


must be in the appropriate interface configuration
mode

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

29

Link Types and Configuration


(continued)
Switch interface descriptions
You can configure a name for each port on a switch
This is useful when you begin to define roles for a
switch port on a more global basis

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

30

VLAN Trunking Protocol


VLAN trunking protocol (VTP)
Created by Cisco to manage all of the configured
VLANs that traverse trunks between switches
A layer 2 messaging protocol that manages all the
changes to the VLANs across networks

VTP domains
VTP devices are organized into domains
Each switch can only be in one VTP domain at a time
All devices that need to share information must be in the
same VTP domain
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

31

VLAN Trunking Protocol (continued)


VTP device modes
Server
Device can add, rename, and delete VLANs and
propagate those changes to the rest of the VTP devices

Client
Device is not allowed to make changes to the VLAN
structure, but it can receive, interpret, and propagate
changes made by a server

Transparent
A device is not participating in VTP communications,
other than to forward that information through its
configured trunk links
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

32

VLAN Trunking Protocol (continued)


VTP pruning option
Reduces the number of VTP updates that traverse a
link
Off by default on all switches

If you turn VTP pruning on


VTP message broadcasts are only sent through trunk
links that must have the information

VLAN 1 is not eligible to be pruned because it is an


administrative (and default) VLAN

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

33

Nonswitching Hubs and VLANs


Important considerations:
If you insert a hub into a port on the switch and then
connect several devices to the hub, all the systems
attached to that hub will be in the same VLAN
If you must move a single workstation that is attached
to a hub with several workstations, you will have to
physically attach the device to another hub or switch
port to change its VLAN assignment
The more hosts that are attached to individual switch
ports, the greater the microsegmentation and flexibility
the VLAN can offer
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

34

Routers and VLANs


Routers can be used with VLANs to increase
security
Must be used to manage traffic between different
VLANs

Routers can implement access lists


Which increase inter-VLAN security

A router allows restrictions to be placed on station


addresses, application types, and protocol types

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

35

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

36

Routers and VLANs (continued)


Router can either be an onboard Route Switch
Module (RSM) or an external router
The router will accept the frame tagged by the
sending VLAN and determine the best path to the
destination address
The router will then switch the packet to the
appropriate interface and forward it to the destination
address

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

37

Routers and VLANs (continued)


Router-on-a-stick
If a single link is used to connect an external router
with the switch containing multiple VLANs
Trunking is required for inter-VLAN routing

Trunking is the process of using either ISL or 802.1q


to allow multiple VLAN traffic on the same link
For instance, an ISL trunk link would encapsulate
each packet with the associated VLAN information
and allow the router to route the packet accordingly

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

38

Summary
The Spanning Tree Protocol (STP) allows
administrators to create physical loops between
bridges and switches
Without creating logical loops that would pose a
problem for packet delivery

The Rapid Spanning Tree Protocol (RSTP) has


enhanced STP to reduce the latency associated
with convergence
Implementing VLANs via switches provides another
way to increase the performance, flexibility, and
security of a network
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

39

Summary (continued)
VLANs are separate broadcast domains that are
not limited by physical configurations
Performance benefits associated with VLANs are
derived from limiting the amount of broadcast traffic
that would naturally pass through a switch without
filtration
Because traffic on a VLAN broadcast can be
limited to a specific group of computers, security is
also enhanced by making it more difficult for
eavesdropping systems to learn the configuration
of a network
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

40

Summary (continued)
VLAN information is communicated to switches
using the VLAN trunking protocol (VTP)

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition

41

You might also like