CCNA

Switching

Advanced
Networking Part 1
 Hubs

The hub is a physical layer device

(layer 1) allowed the use of unshielded twisted-pair
10BASE-T
(UTP)
A cabling.
Device sending a frame could have the frame collide with
a frame sent by any other device attached to that LAN
segment.
Only one device could send a frame at a time, so the
devices shared bandwidth.
Broadcasts sent by one device were heard and
processed by, all other devices on the LAN.
 Ethernet
Bridges

• It have a small number of ports.

• The bridges are a software based.
• They reduced the number of collisions that
occurred in the network.
• They Save the network bandwidth.
 LAN switches

Each Circle Is 1 Collision Domain, 1OO

Mbps Each

• Switches have potentially large numbers of

interfaces.
• Highly optimized hardware, even small Enterprise
switches forward millions of Ethernet frames per
second. (ASIC)
• A switch’s effect of segmenting an Ethernet LAN
into one collision domain per interface is sometimes
called microsegmentation.
 Switching
Basics

• Switches basically perform

three tasks:
1. Address
learning
2. Forwarding or
filtering
3. Loop
Address
learning
Switch Forwarding and
Filtering decision
 Loop
prevention

• Larry send a unicast frame to Bob, who is

powered off, no switch know its MAC address so
it send a unknown unicast to the switches in the
network. (Broadcast storm)
 LAN Switch Logic
Summary
1. A frame is received.

2. If the destination is a broadcast or multicast

3. Forward on all ports except the port on which the frame was

received.

4. If the destination is a unicast, and the address is not in the address

table

5. Forward on all ports except the port on which the frame was

received.

6. If the destination is a unicast, and the address is in the address

THE BASIC NETWORK DOMAINS

• Collision domain, is an Ethernet term used to describe a network

scenario where in one device sends a packet on a network
segment ,forcing every other device on that same segment to pay
attention to it.
• At the same time, a different device tries to transmit, leading to a
collision, after which both devices must retransmit, one at a time

10
THE BASIC NETWORK DOMAINS

11
NETWORK SEGMENTATION

• Breaking the big network into a number of

smaller ones, by using devices like routers,
switches and bridges.
• Each network segment connected to the switch
is now a separate collision domain
• But this network is still one broadcast
domain.
• We replace the main hub with switch, because
hubs don’t segment a network, they just
connect network segments together.
• Routers break up a broadcast domain - the set
of all devices on a network segment that hear
all the broadcast sent on that segment.

12
SWITCH IN AN Hub in a
INTERNETWORK network

Hub is half duplex Switch is full duplex

13
NETWORK SEGMENTATION

• Each host is connected to its own

collision domain
• The router has created two broadcast
domain.
• Also the router provides connections to
WAN services.

14
 Collision domain VS. broadcast domain

• The term collision domain defines the set of devices

whose frames could collide.
• The set of LAN interfaces whose frames could collide
with each other, but not with frames sent by any other
devices.
• All devices connected to the hub in the same collision
domain.

• broadcast domain is a set of devices for which, when

one of the devices sends a broadcast, all the other devices
receive a copy of the broadcast.
• broadcast domain relates to where broadcasts can
 Example
1

Collision Domain : 5
Broadcast Domain : 2
Campus LAN Design
Terminology
 Campus LAN Design
Terminology
• LAN created to support large buildings, or multiple
buildings.
• Engineers must consider the types of Ethernet
available and the cabling length supported by each type.
• Access: Provides a connection point (access) for end-
user devices. Does not forward frames between two other
access switches under normal circumstances.
• Distribution: Provides an aggregation point for access
switches, forwarding frames between switches, but not
connecting directly to end-user devices.
• Core: Aggregates distribution switches in very large
campus LANs, providing very high forwarding rates.
SUBNETTING

The process of dividing a single network into multiple

sub networks is called as subnetting.
The sub networks so created are called as subnets.

Example :
Following diagram shows the subnetting of a big single
network into 4 smaller subnets

19
ADVANTAGES OF SUBNETTING.

• reduce network traffic.

• Optimized network performance.
• Simplified management and troubleshooting.

20
SUBNET MASKS

21
 1-CLASSES(CLASSFUL)
SUBNETTING

In this type we given IP address and need to

determine:
 Type of class: (A or B or C)
 Subnet mask: ( according to type of class)
 Network ID: ( put hosts bit zero’s and get NID)
 1st Host: (network ID +1)
 Last host: ( BID-1)
 Broadcast ID: (put hosts bit one’s and get BID)
 Number of Hosts: (2^ No. of 0’s in subnet mask-2)
 Number of networks: (2^ No. of 1’s in subnet
mask)
EXAMPLE:

• IP= 192.168.0.5 , We need to determine:

Class C

Subnet mask 255.255.255.0 00000000

Network ID 192.168.0.0
+1
1st Host 192.168.0.1

Last host 192.168.0.254

-1
Broadcast ID 192.168.0.255

Number of Hosts 2^(8)-2=265-2=254 host

Number of 2^(0)=1 network

networks
2-CLASSLESS INTER-DOMAIN
ROUTING(CIDR)

Given IP address and we need to break (/number) into various network

:
 Type of class: (A or B or C)
 Subnet mask: ( according to type of class)
 New subnet mask: ( according to / number)
 Number of Hosts: (2^ No. of 0’s in subnet mask-2)
 Number of networks: (2^ No. of 1’s in subnet
mask)
 Hop ( )= 256-(new subnet mask)
• Calculate to each network (1st Host , Last host ,
Broadcast ID)
CIDR
 Each subnet has the same number of hosts.

subnet N hosts

subnet N hosts

Network subnet N hosts

.
.
.
.
.
subnet N hosts
CIDR
Subnet ID :

 Each subnet has its unique network address known as

its Subnet ID.
 The subnet ID is created by borrowing some bits from the
Host ID part of the IP Address.
 The number of bits borrowed depends on the number of
subnets created.
EXAMPLE:
• IP= 192.168.0.0 /26 ,

We need to determine:

Class C

Subnet mask 255.255.255.0

11111111.11111111.11111111.00000000
/24 one’s

New subnet mask 192.168.0.192

11111111.11111111.11111111.11000000
/26 one’s

Number of Hosts 2^6-2=64-2=62 host

Number of 2^2=4 networks

networks
Hop ( ) 256-new subnet mask =256-192=64
EXAMPLE Hop=64 Hop=64

192.168.0.0 192.168.0.64 192.168.0.12

subnet ID
8
1st host ID 192.168.0.1 192.168.0.65
192.168.0.129
Last host ID 192.168.0.62 192.168.0.126
192.168.0.190
Broadcast ID 192.168.0.63 192.168.0.127
192.168.0.191

Hop=64
192.168.0.19
2
192.168.0.193

192.168.0.254

192.168.0.255
 CIDR
VALUES

29
 CIDR
VALUES
/16 through /23 can be used by Class A and B network
addresses.

30
CIDR VALUES

/24 through /30 can be used by Class A, B, and C network

addresses.
 Access Cisco
CLI

• When you buy Cisco switch, take it out of the box,

connect right cables, switch works without no
configuration.
• But you may want to be able to check on the
switch status, enable security features to secure
switch ports.
• Cisco has three brands:
o Cisco Catalyst : @ companies and government
o Cisco Nexus: @ company Datacenter
o Cisco Linksys : @ home
 Access Cisco
CLI
• Cisco uses the same concept of a command-line
interface (CLI) with its router products and most of its
Catalyst LAN switch products.
• The CLI is a text-based interface in which the user,
typically a network engineer, enters a text command and
presses Enter.
• Each interface has a number in the style x/y, where x
and y are two different numbers.
• Cisco supports switch operating systems
Internetwork Operating System (IOS).
Cisco
2960
Switch status from LED
 Accessing the Cisco IOS
CLI

• Two methods (Telnet and SSH) use the IP network in

which the switch resides to reach the switch.
• The console is a physical port built specifically to allow
access to the CLI.
 Accessing the Cisco IOS
CLI

Access From Password Type Sample Configuration

Console line console 0 login

Console
password password faith

line vty 0 15 login

Telnet vty password
password love

• By default, a switch allows only console

access, but no Telnet or SSH access.
• Regardless of the defaults, it makes sense to
password-protect console access, as well as Telnet
and SSH access.
 User and Enable
mode

• User exec mode = user mode.

• Use show commands but not
configure anything.
• Enable mode = privileged mode.
• Use “enable” to enter this
mode.
• You can “reload” the switch
from this mode.
• By default, the Cisco IOS
 User & privilege
mode

NOTE If the command prompt lists the hostname followed by a

>, the user is in user mode; if it is the hostname followed by
the #, the user is in enable mode.
CLI Help
features
 Switch Memory
Type
• RAM: The Running (active)
configuration file is stored here.
• ROM: stores a bootstrap program
that is loaded when the switch first
powers on.
• Flash Memory :chip inside the
switch stores fully functional Cisco IOS
images and is the default location
where the switch gets its Cisco IOS at
boot time.
• NVRAM : stores startup
configuration file that is used when
the switch is first powered on and
Configuration Where It Is
Purpose
Filename Stored

Stores the initial configuration

Startup-
used any time the switch NVRAM
config
reloads Cisco IOS,
Stores the currently used
configuration commands. This
Running-
file changes dynamically when RAM
config
someone enters commands in
configuration mode.
Copying Cisco
configuration files

Switch# Copy from source to

destination
Initial
configuration
 Configuration and Verification

• The hostname on a switch is only locally

significant. This means that it doesn’t have
any function on the network or with name
resolution.
• But it’s still helpful to set a hostname on
a switch so that you can identify the switch
when connecting to it.
• Switch(config)#hostname SW3560
SW356o(config)#
 Setting the
Passwords

• You can set both the user mode and

privileged mode passwords
• The login (user mode) password can be
used to verify authorization on the switch,
including accessing any line and the
console.
• The enable password is used to allow
access to the switch so the configuration
can be viewed or changed.
 Setting the User Mode
Password
Switch>enable Switch# config t
Enter configuration commands, one per line. End
with CNTL/Z. Switch(config)# line vty 015
Switch(config-line)# password wheeler1
Switch(config-line)# login
Switch(config-line)# line con 0
Switch(config-line)# password wh1@24
Switch(config-line)# login
Switch(config-line)# exit
Switch(config)#exit
Note : It is the first step for telnet on the
switch.
 Setting the Privilege Mode
Password

• The secure password is Very Secure,

encrypted password.
• Switch(config)#enable secret
sewedy24
• Unencrypted password is easily be
sniffed and hacked.
• Switch(config)#enable password
sewedy24
VLAN

• What is VLAN?

• A VLAN is a virtual network that allows devices

across different physical locations to join the same
logical network.

• It creates logical subnets (or broadcast domains)

within a physical network, helping organize devices
based on functions or departments rather than
physical location.
HOW VLAN WORKS
You can define one or more virtual bridges within a switch.
Each virtual bridge you create in the switch refers to a new broadcast
domain (VLAN). Traffic cannot pass directly to another VLAN (between
broadcast domains) within the switch or between two switches.
 VLAN CONFIGURATION
• We can simply create VLANs by simply assigning the vlan-id and
Vlan name.
• #switch1(config)#vlan 2
• #switch1(config-vlan)#vlan accounts

• Here, 2 is the Vlan I’d and accounts is

The Vlan name.

• Switch(config)#int fa0/0
• Switch(config-if)#switchport mode access
• Switch(config-if)#switchport access Vlan 2

• Also, switchport range can be assigned to required vlans.

Switch(config)#int range fa0/0-2
Switch(config-if)#switchport mode access
 Setting Static IP
Configuration
Default gateway:
SW356o(config)#ip default-gateway 163.121.25.1
To allow telnet or SSH access for the switch, you can setup
a static IP or dynamic
• Static:
SW3560#config t
Enter configuration commands, one per line. End with
CNTL/Z. SW3560(config )#int vlan1
SW3560(config-if)#ip address 163.121.25.40
255.255.255.0
SW3560(config-if)#no shut
SW3560(config-if)#exit
00:22:01: %LINK-3-UPDOWN: Interface Vlan1, changed
state to up
00:22:02: %LINEPROTO-5-UPDOWN: Line protocol on
Interface Vlan1, changed state to up
 Dynamic IP
Configuration

SW356o# config t
Enter configuration commands, one per line. End
with CNTL/Z.
SW3560(config)# int vlan1
SW3560(config-if)# ip address dhcp
SW3560(config-if)# no shut
SW3560(config-if)# exit
Sw3560# show DHCP lease
 Show IP addressing

• Before configuring IP address

o Switch#sh ip int vlan 1
Vlan 1 is administratively down, line protocol is down
Internet protocol processing disabled
• After configure IP address
o Switch#sh ip int vlan 1
Vlan1 is up, line protocol is up Internet address is
1.1.1.1/8 Broadcast address is 255.255.255.255
 Telnet configuration
steps

Switch>enable Switch#config t
Switch(config)#line vty o 15
Switch(config-line)#password itixiti
Switch(config-line)#login
Switch(config-line)#exit
Switch(config)#enable secret iti123
SW3560(config)#int vlan1
SW3560(config-if)#ip address 163.121.25.40
255.255.255.0
SW3560(config-if)#no shut
SW3560(config-if)#exit
 Duplexing and Speed

•Duplex Overview
■Half Duplex (CSMA/CD) ■Unidirectional
data flow ■Higher potential for collisions ■Hubs
Connectivity
■Full Duplex
■Point-to-point only
■Attached to dedicated switch port
■Requires full duplex support on both ends
■Collision free
■Collision detect circuit disabled
 The Interface Duplex Mode and Speed

Todd295o(config)#int fastEthernet o/i

Todd295o(config-if)#duplex {auto | full |
half} Todd295o(config-if)#speed {10|100|
auto} Todd295o(config-if)#mdix auto

•The duplex parameters are as follow:

• auto: sets auto negotiation of duplex mode
• full: sets full-duplex mode
• half: sets half-duplex mode
Show Interface Status
Configuring Interface Descriptions & Ran
•You can administratively set a name for each interface
on the switches, and as with the hostname, the
descriptions are only locally significant.
• The interface range are being used to include range
of interfaces use only one command to all range of
interfaces. Todd295o(config)#int fastEthernet 0/1
Todd295o(config-if)#description Sales Printer
Todd(config-if)#interface range fastEthernet 0/2 -10
Todd(config-if-range)# description Marketing vlan .
To show the configuration
Todd#show interfaces status
Todd#show interfaces
Todd#show interface fastethernet 0/1
 Mac Address Table
• All learned Mac addresses are saved in the
mac address table or (CAM).
• The mac address table learning based on
manual (static) configuration or the switch
have learned it due to incoming frame
(dynamic)
• To show the mac-address
table Sw1#show mac-
address table
• Learned mac address
remained by default for
300 seconds and this value
 Mac Address Table

• Learned mac address remained by default for 300

seconds and this value can be configured.
Sw1(config)# mac address-table aging-time
To show the mac address aging we use command
Sw1#show mac address-table aging
• To configure mac address static
Sw1(config)#mac-address-table static mac vlan no.
interface fa 0/1
 LAN switch interface status
Line Status Protocol Status Interface Status Typical Root Cause

Administrativel Down disabled

y The interface is configured with
the shutdown command.
Down
Down Down notconnect
No cable; bad cable; wrong cable
pinouts; the speeds are
mismatched on the two connected
devices; the device on the other
end of the cable is powered off or
the other interface is shutdown.

Up Down notconnect An interface up/down state is not

expected on LAN switch
interfaces.
Down err-disabled
down Port security has disabled the
(err-disabled) interface.

Up Up connect The interface is working.

 Switch Commands
Shows the currently active
show running-config
configuration.
show startup-config Shows startup-config, which is used
the next time the switch is reloaded
show version
Lists information about the version of
software in the switch.
show interface Displays the interface status for a physical
fastethernet 0/x 10/100 interface.

show interface vlan 1 Displays the IP address configuration.

Show mac-address- List all dynamic entries in the MAC

table dynamic table
 Switch Commands

Hostname Set the switch’s hostname

name
line con 0 Global command that places the user in console
configuration mode.

line vty 0 15 Global command that places the user in vty

configuration mode.

Login Console or vty configuration mode command

that tells the switch to ask for a password for a
console user or Telnet user, respectively.
 Switch Commands
password
Console or vty configuration mode command
that sets the password required.

enable Global command that sets the switch’s enable

secret password. The password is stored in a hashed
password format, meaning that someone reading the
configuration file will not see the correct text
password.

enable Global command that sets the switch’s enable

password password. The enable secret password is used if
password both are configured.
 Switch Commands

interface vlan 1 interface vlan 1 Global command. Moves the user

to interface configuration mode for a VLAN
interface.

ip address Interface configuration mode command that sets

address the IP address for switch management
subnet-mask
ip Global command that sets the default gateway so
defaultgateway that the management interface can be reached
address from a remote network.

interface Puts the user into interface configuration mode for

fastethernet 0/x
that interface.