Class 10 Switching

Download as pdf or txt
Download as pdf or txt
You are on page 1of 28

Cisco’s Internetworking Operating System (IOS)

1) LAN Switching Technologies


2) Troubleshoot interface and cable issues (collisions, errors, duplex,
3) speed)
4) Infrastructure Management
5) Configure and verify initial device configuration
6) Configure, verify, and troubleshoot basic device hardening
7) .a Local authentication
8) .b Secure password
9) .c Access to device
10) .c.(i) Voice
11) .c.(ii) Video
12) .c. (iii) Data
13) .e Login banner
14) .a Ping and traceroute with extended option
15) .b Terminal monitor
16) .c Log events
Types of LAN There are two types of LANs as
shown in the following illustration: SOHO LAN
and Enterprise LAN.

➢SOHO LANs Small Office/Home Office:-


• (SOHO) LAN is a type of Local Area Network suited for small businesses having
close to 10 employees. SOHO LAN connects multiple devices such as computers,
laptops, printers, switches, and routers for internet access. The option of working
from home is popular due to the lesser deployment cost of a SOHO LAN. This
allows the user to access the web, email, or VoIP from home.

➢Enterprise LANs:-
• An Enterprise LAN is usually deployed in organizations where data traffic will be
high. It is a multilayered network that consists of routers, switches, firewalls,
wireless APs, servers, storage etc.
• Cisco uses a three-layer cost-effective hierarchical model to simplify the Enterprise network:-

➢Access layer:- It controls user and workgroup access to the resources of an


internetwork. This also includes switches that are connected to end devices such
as PCs, Laptops, Servers, etc.
• Function: Access layer switches provide better scalability to end devices.
➢Distribution Layer:- This layer provides routing, data filtering, and access
control.
• Function: In the distribution layer, Routers and layer 3 switches identify all
possible errors. Routers and switches also correct errors to provide reliable
delivery, high performance, and better redundancy.
➢Core Layer: The Core layer is the backbone of an Enterprise network. Failure in
this layer will affect every user.
• Function: The Core layer provides high speed data transmission and connects
different geographical locations.

Components of a Network Connected through Enterprise LAN


➢Collision Domain:-
• A collision occurs in a ‘Hub’ environment when two or
more hosts try to send or receive data simultaneously.
If a collision occurs in one port, it will affect the entire
hub because the same media (bandwidth) is shared
across the hub.

➢Broadcast Domain:-
In a hub network, when a host tries to communicate
with another host, the hub will broadcast to all the ports
that lead to the broadcast domain. Irrespective of the
number of connected hosts, all hosts, and devices
including switches and bridges will come under one
single broadcast.
Switching
❖What is switching?
▪ The mechanism for the exchange of information between different computer
networks and network segments is called switching in Networking.
▪ Switching – this is the process of moving a frame from one device to another
within the local area network this is done at layer 2 (data link layer)

➢Layer 2 switching provides the following benefits:


1. Hardware-based bridging (ASIC)
2. Wire speed
3. Low latency
4. Low cost
❖The basics of a switch:-
• Work on full duplex

• By default all switch port is up/up’

• 1 broadcast domain

• Switch does not have port 0/0

• Switch perform forwarding based on the table – CAM table (content


addressable memory)

• MAC table – media access control address


• Three Switch Functions at Layer 2:-

1. Address learning - Layer 2 switches and bridges remember the source hardware
address of each frame received on an interface, and they enter this information into a
MAC database called a forward/filter table.

2. Forward/filter decisions - When a frame is received on an interface, the switch looks


at the destination hardware address and finds the exit interface in the MAC database.
The frame is only forwarded out the specified destination port.

3. Loop avoidance - If multiple connections between switches are created for


redundancy purposes, network loops can occur. Spanning Tree Protocol (STP) is
used to stop network loops while still permitting redundancy.

switch avoids loop by default STP protocol is enabled on the switch to avoid loop.
STP keeps 1 link in the forwarding state and put all other link-blocking states to
avoid the loop.
➢Types of port
• two types of port
• 1- Switch port - we can not assign an IP address (layer 2)
• 2- Routed port - we can assign IP address (layer 3)

❖Types of the switch port


• 1- Trunk
• 2- Access
• 1- access - Carry single Vlan traffic - all switch ports must be accessed where end
devices are connected
• 2- Trunk - carry Multiple Vlan traffic (all Vlan traffic that is present )
❖The IOS User Interface
• Cisco IOS
The Cisco IOS is a proprietary kernel that provides routing, switching, internetworking, and
telecommunications features. The first IOS was written by William Yeager in 1986 and enabled
networked applications. It runs on most Cisco routers as well as a growing number of Cisco
Catalyst switches.

some important things that the Cisco router IOS software is responsible for:
➢ Carrying network protocols and functions
➢ Connecting high-speed traffic between devices
➢ Adding security to control access and stopping unauthorized network use
➢ Providing scalability for ease of network growth and redundancy
➢ Supplying network reliability for connecting to network resources
❖Connecting to a Cisco IOS Device
• You can also connect to a Cisco router through an auxiliary port, which is really the same thing
as a console port, so it follows that you can use it as one.
• The main difference with an auxiliary port is that it also allows you to configure modem
commands so that a modem can be connected to the router.
• One of the differences between Cisco routers and switches is that switches do not have an
auxiliary port.
• The third way to connect to a Cisco device is in-band, through the program Telnet or Secure
Shell (SSH). In-band means configuring the device via the network, the opposite of out-of-
band.

ROUTER

SWITCH
➢Internal and External Connections of Router:-
• There are internal and external connections to a router. The external ports
of a router are as follows:
Bringing Up a Switch
➢When you first bring up a Cisco IOS device, it will run a power-on self-test—a POST.
➢the machine will look for and then load the Cisco IOS from flash memory if an IOS file is
present, then expand it into RAM.
➢flash memory is electronically erasable programmable read-only memory—an
EEPROM.
➢The next step is for the IOS to locate and load a valid configuration known as the
startup-config that will be stored in nonvolatile RAM (NVRAM).
➢Once the IOS is loaded and up and running, the startup-config will be copied from
NVRAM into RAM and from then on referred to as the running-config.
➢But if a valid startup-config isn’t found in NVRAM, your switch will enter setup mode,
giving you a step-by-step dialog to help configure some basic parameters on it.
➢You can also enter setup mode at any time from the command line by typing the
command setup from privileged mode, which I’ll get to in a minute.
Types of Memory:-
• Managed switches typically have several types of memory for storing different
types of data and configurations. The exact types of memory available can vary
depending on the switch model and manufacturer. Here are some common types
of memory found in manageable switches:
• RAM (Random Access Memory): RAM is used for temporary storage of data and
is essential for the switch's operation. It holds the running configuration, routing
tables, ARP tables, and other dynamic data used during switch operation. RAM is
volatile memory, meaning its contents are lost when the switch loses power.
• Flash Memory: Flash memory is non-volatile memory that stores the switch's
operating system (firmware or software image), boot configuration, and other
system files. It retains its contents even when the switch is powered off. Flash
memory is commonly used for storing the switch's firmware and allows for easy
upgrades or downgrades of the switch's software.
• NVRAM (Non-Volatile RAM): NVRAM is a small amount of non-volatile memory
that stores the switch's startup configuration. The startup configuration is loaded
into RAM when the switch is powered on. NVRAM retains its contents even when
the switch loses power. It allows the switch to maintain a consistent configuration
across reboots.
• EEPROM (Electrically Erasable Programmable Read-Only Memory): EEPROM is a
type of non-volatile memory used for storing critical hardware-specific
information, such as the switch's serial number, MAC addresses, and other
unique identifiers. It retains its contents even when the switch loses power and
can be updated or modified electronically.
These are the primary types of memory typically found in manageable switches.
The specific amount and configuration of memory can vary depending on the
switch model, as well as the desired features and capabilities of the switch.
❖Command-Line Interface (CLI)
the interface status messages appear and you press Enter, the Switch> prompt will pop up. This is called
user exec mode or user mode.
you have access to a limited set of commands for basic monitoring and configuration. The specific
commands available may vary depending on the router's model and operating system (e.g., Cisco IOS).
However, here are some common commands typically available in user mode:-
➢enable: Enters privileged EXEC mode, which provides access to more advanced configuration and
troubleshooting commands.
➢disable: Exits privileged EXEC mode and returns to user mode.
➢show: Displays information about the router's status, configurations, and interfaces. For example,
"show interfaces" displays information about the router's interfaces, while "show ip route" shows the
routing table.
➢ping: Sends an ICMP Echo Request message to a specified IP address to check connectivity.
➢traceroute: Traces the route packets take from the router to a destination IP address, showing the
intermediate hops.
➢telnet: Establishes a Telnet session with another device.
➢logout or exit: Terminates the current CLI session and logs out of the router.
➢help or ?: Provides a list of available commands or help information for a specific command.
privileged exec mode
In privileged EXEC mode, also known as enable mode or privileged mode, you have
access to all the commands available on the router's Command Line Interface (CLI),
including both monitoring and configuration commands. Privileged EXEC mode provides
more advanced capabilities and allows you to make changes to the router's configuration.
You can view and change the configuration of a Cisco router only while in privileged
mode, and you enter it via the enable command like this:
Switch>enable
Switch# privileged exec mode
In privileged EXEC mode, you can execute commands such as:
➢configure terminal: Enters global configuration mode, where you can make changes to
the router's configuration.
➢show running-config: Displays the currently running configuration of the router.
➢copy running-config startup-config: Saves the running configuration to the startup
configuration, which will be loaded upon the router's next boot.
➢debug: Enables debugging options for troubleshooting purposes.
➢clear: Clears specific counters, sessions, or configurations.
➢reload: Restarts or reloads the router.
global configuration mode
In configuration mode on a switch's Command Line Interface (CLI), you have the ability to make changes
to the switch's configuration. This mode allows you to modify various settings and parameters to
customize the behavior of the switch.
To enter configuration mode on a switch, you typically start from privileged EXEC mode (also known as
enable mode) and use the following command:
Switch#config or configure terminal or conf t
Configuring from terminal, memory, or network [terminal]? [press enter]
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#
In configuration mode, you can use various commands to configure different aspects of the
switch. Some common commands used in configuration mode on a switch include:
➢interface: This command allows you to select a specific interface (e.g., Ethernet, FastEthernet,
GigabitEthernet) and configure its settings.
➢vlan: Use this command to create or modify VLANs (Virtual Local Area Networks) on the switch.
➢spanning-tree: This command enables you to configure Spanning Tree Protocol (STP) parameters to
prevent loops in the network.
➢hostname: Use this command to set the hostname of the switch.
➢snmp-server: This command enables SNMP (Simple Network Management Protocol) functionality and
configures SNMP settings on the switch.
➢access-list: This command allows you to create and manage access control lists to control network
traffic.
Administrative Configurations

You can configure the following administrative functions on a router and switch:
➢Hostnames
witch#config t
Switch(config)#hostname Todd
Todd(config)#hostname Chicago
Chicago(config)#hostname Todd
Todd(config)#

➢Banners
Here are the three types of banners you need to be sure you’re familiar with:
▪ Exec process creation banner
▪ Login banner
➢Exec banner:- You can configure a line-activation (exec) banner to be displayed
when EXEC processes such as a line activation or an incoming connection to a VTY
line have been created. Simply initiating a user exec session through a console
port will activate the exec banner.
➢Login banner:- You can configure a login banner for display on all connected
terminals. It will show up after the MOTD banner but before the login prompts.
This login banner can’t be disabled on a per-line basis, so to globally disable it
you’ve got to delete it with the no banner login
➢Message of the day banner
Message of the day (MOTD) banners are the most widely used banners because
they give a
message to anyone connecting to the router via Telnet or an auxiliary port or even
through a
console port as seen here:
Todd(config)#banner motd ?
LINE c banner-text c, where 'c' is a delimiting character
Todd(config)#banner motd #
Enter TEXT message. End with the character '#’.

You can set a banner on one line like this:


➢Todd(config)#banner motd * Unauthorized access prohibited! *
➢Passwords
The following list describes the enable password parameters:
last-resort - This allows you to still enter the device if you set up authentication through a
TACACS server and it’s not available. It won’t be used if the TACACS server is working.

password - This sets the enable password on older, pre-10.3 systems and isn’t ever used if an enable
secret is set.

Secret - The newer, encrypted password that overrides the enable password if it has been set.

use-tacacs - This tells the router or switch to authenticate through a TACACS server. It comes in
really handy when you have lots of routers because changing the password on a multitude of
them can be insanely tedious. It’s much easier to simply go through the TACACS server and
change the password only once!

an example that shows how to set the enable passwords:


Todd(config)#enable secret todd
Todd(config)#enable password todd
➢ Console:-
If we have no password set on the router’s console, by default, we can access the user
mode (i.e. Router >), the console port is where we would initially start to configure a new
router.

Steps to set the password:


• Since there is only one console port per router, use the command line console
• 0 in global configuration mode.
• Use the login and password commands to finish the configuration.
• The login command will initiate the router to look for the password.
• The command, password, sets the actual password.

Configuration Steps:
• Router# config t
• Router (config) # line console 0
• Router (config-line) # password CRAW@123
• Router (config-line) # login
Aux:-
• This is the short form for the auxiliary port. This is also a physical access
port on the
• router. Not all routers have this port. As the aux port is a backup
configuration port
• for the console, it is equally important to configure a password on it.

➢Configuration Steps:-
• Router# config t
• Router (config) # line aux 0
• Router (config-line) #password craw@123
• Router (config-line) # login
• VLAN - virtual local area network
• this is used to divide large broadcast
domains into small broadcast domains
• called VLAN
• In other words, we say VLAN is a logical
broadcast domain
• by default VLAN 1 is created
• by default all ports in VLAN 1
• by default VLAN 1 is the native VLAN
• Range of VLAN
• Standard range 1 to 1005
• 1 and 1002-1005 are reserved
• extended range 1006 to 4095
• 4095 is reserved
Create a VLAN:-
Switch(config)# vlan 10

Configure Access:-
Switch(config)# interface FastEthernet 0/1

or(if we have multiple port in sequence)


Switch(config)#interface range fastEhernet0/1-4

Switch(config-if)# switchport mode access


Switch(config-if)# switchport access vlan 10
2. Access and VLANs:-
• Switch1 S1(config)#interface FastEthernet 0/1
• S1(config-if)#switchport mode access
• S1(config-if)#switchport access vlan 10
• S1(config-if)#exit
• S1(config)#interface FastEthernet 0/2
• S1(config-if)#switchport mode access
• S1(config-if)#switchport access vlan 20
• S1(config-if)#exit

You might also like