思科网络技术培训之6：Catalyst操作.ppt

《思科网络技术培训之6：Catalyst操作.ppt》由会员分享，可在线阅读，更多相关《思科网络技术培训之6：Catalyst操作.ppt（62页珍藏版）》请在三一办公上搜索。

1、Objectives,Upon completion of this chapter,you will be able to perform the following tasks:Describe Layer 2 switching(bridging)operationsDescribe the Catalyst 1900 switch operationsDescribe the Catalyst 1900 switch default configurationConfigure Catalyst 1900 switchUse show commands to verify Cataly

2、st 1900 switch configuration and operations,Address learningForward/filter decisionLoop avoidance,Three Switch Functions,How Switches Learn Host Locations,Initial MAC address table is empty,MAC address table,0260.8c01.1111,0260.8c01.2222,0260.8c01.3333,0260.8c01.4444,E0,E1,E2,E3,A,B,C,D,How Switches

3、 Learn Hosts Locations,Station A sends a frame to Station CSwitch caches station A MAC address to port E0 by learning the source address of data frames The frame from station A to station C is flooded out to all ports except port E0(unknown unicasts are flooded),MAC address table,0260.8c01.1111,0260

4、.8c01.2222,0260.8c01.3333,0260.8c01.4444,E0:0260.8c01.1111,E0,E1,E2,E3,D,C,B,A,How Switches Learn Host Locations,Station D sends a frame to station CSwitch caches station D MAC address to port E3 by learning the source Address of data framesThe frame from station D to station C is flooded out to all

5、 ports except port E3(unknown unicasts are flooded),MAC address table,0260.8c01.1111,0260.8c01.2222,0260.8c01.3333,0260.8c01.4444,E0:0260.8c01.1111,E3:0260.8c01.4444,E0,E1,E2,E3,D,C,A,B,How Switches Filter Frames,Station A sends a frame to station CDestination is known,frame is not flooded,E0:0260.8

6、c01.1111,E2:0260.8c01.2222,E1:0260.8c01.3333,E3:0260.8c01.4444,0260.8c01.1111,0260.8c01.2222,0260.8c01.3333,0260.8c01.4444,E0,E1,E2,E3,X,X,D,C,A,B,MAC address table,Broadcast and Multicast Frames,Station D sends a broadcast or multicast frameBroadcast and multicast frames are flooded to all ports ot

7、her than the originating port,0260.8c01.1111,0260.8c01.2222,0260.8c01.3333,0260.8c01.4444,E0,E1,E2,E3,D,C,A,B,E0:0260.8c01.1111,E2:0260.8c01.2222,E1:0260.8c01.3333,E3:0260.8c01.4444,MAC address table,Redundant Topology,Redundant topology eliminates single points of failureRedundant topology causes b

8、roadcast storms,multiple frame copies,and MAC address table instability problems,Segment 1,Segment 2,Server/host X,Router Y,Broadcast Storms,Segment 1,Segment 2,Server/host X,Router Y,Broadcast,Switch A,Switch B,Host X sends a Broadcast,Broadcast Storms,Segment 1,Segment 2,Server/host X,Router Y,Bro

9、adcast,Switch A,Switch B,Host X sends a Broadcast,Broadcast Storms,Segment 1,Segment 2,Server/host X,Router Y,Broadcast,Switches continue to propagate broadcast traffic over and over,Switch A,Switch B,Multiple Frame Copies,Segment 1,Segment 2,Server/host X,Router Y,Unicast,Switch A,Switch B,Host X s

10、ends an unicast frame to router YRouter Y MAC address has not been learned by either switch yet,Multiple Frame Copies,Segment 1,Segment 2,Server/host X,Router Y,Switch A,Switch B,Host X sends an unicast frame to Router YRouter Y MAC Address has not been learned by either Switch yetRouter Y will rece

11、ive two copies of the same frame,MAC Database Instability,Segment 1,Segment 2,Server/host X,Router Y,Unicast,Unicast,Switch A,Switch B,Host X sends an unicast frame to Router YRouter Y MAC Address has not been learned by either Switch yetSwitch A and B learn Host X MAC address on port 0,Port 0,Port

12、1,Port 0,Port 1,MAC Database Instability,Segment 1,Segment 2,Server/host X,Router Y,Unicast,Unicast,Switch A,Switch B,Host X sends an unicast frame to Router YRouter Y MAC Address has not been learned by either Switch yetSwitch A and B learn Host X MAC address on port 0Frame to Router Y is floodedSw

13、itch A and B incorrectly learn Host X MAC address on port 1,Port 0,Port 1,Port 0,Port 1,Complex topology can cause multiple loops to occurLayer 2 has no mechanism to stop the loop,Server/host,Workstations,Loop,Loop,Loop,Multiple Loop Problems,Solution:Spanning-Tree Protocol,Provides a loop free redu

14、ndant network topology by placing certain ports in the blocking state,Block,x,Spanning-Tree Operations,One root bridge per networkOne root port per nonroot bridgeOne designated port per segment,x,Designated port(F),Root port(F),Designated port(F),Nondesignated port(B),Root bridge,Nonroot bridge,SW X

15、,SW Y,100baseT,10baseT,Switch YDefault priority 32768(8000 hex)MAC 0c0022222222,Switch XDefault priority 32768(8000 hex)MAC 0c0011111111,Spanning-Tree Protocol Root Bridge Selection,BPDU,BPDU=Bridge protocol data unit(default=sent every 2 seconds)Root bridge=Bridge with the lowest bridge IDBridge ID

16、=Bridge priority+bridge MAC addressIn the example,which switch has the lowest bridge ID?,Switch YDefault priority 32768MAC 0c0022222222,Switch XDefault priority 32768 MAC 0c0011111111,Spanning-Tree Protocol Port States,Root bridge,x,Port 0,Port 1,Port 0,Port 1,100baseT,10baseT,Designated port(F),Roo

17、t port(F),Nondesignated port(B),Designated port(F),Spanning-Tree Protocol Path Cost,Link SpeedCost(reratify IEEE spec)Cost(previous IEEE spec)-10 Gbps 211 Gbps41100 Mbps191010 Mbps100100,Switch YMAC 0c0022222222Default priority 32768,Switch XMAC 0c0011111111Default priority 32768,Port 0,Port 1,Port

18、0,Port 1,Switch ZMac 0c0011110000Default priority 32768,Port 0,Can you figure out:What is the root bridge?What are the designated,nondesignated,and root parts?Which are the forwarding and blocking ports?,100baseT,100baseT,Spanning-Tree:,Switch YMAC 0c0022222222Default priority 32768,Switch XMAC 0c00

19、11111111Default priority 32768,Port 0,Port 1,Port 0,Port 1,Switch ZMac 0c0011110000Default priority 32768,Port 0,Can you figure out:What is the root bridge?What are the designated,nondesignated,and root parts?Which are the forwarding and blocking ports?,100baseT,100baseT,Spanning-Tree:,Designated po

20、rt(F),Root port(F),Nondesignated port(BLK),Designated port(F),Root port(F),Spanning-Tree Port States,Spanning-tree transitions each port through several different state:,Spanning-Tree Recalculation,Spanning-Tree Recalculation,Key Issue:Time to Convergence,Convergence occurs when all the switches and

21、 bridge ports have transitioned to either the forwarding or blocking state,When network topology changes,switches and bridges must recompute the Spanning-Tree Protocol,which disrupts user traffic,Primarily software basedOne spanning-tree instance per bridgeUsually up to 16 ports per bridge,Bridging,

22、Primarily hardware based(ASIC)Many spanning-tree instances per switchMore ports on a switch,LAN Switching,Bridging Compared to LAN Switching,Transmitting Frames through a Switch,Cut-throughSwitch checks destination address and immediately begins forwarding frame,Frame,Fragment free(modified cut-thro

23、ugh)Cat1900 DefaultSwitch checks the first 64 bytes then immediately begins forwarding frame,Frame,Store and forwardComplete frame is received and checked before forwarding,Frame,Frame,Frame,Duplex Overview,Half duplex(CSMA/CD)Unidirectional data flowHigher potential for collisonHubs connectivity,Sw

24、itch,Hub,Full duplex Point-to-point onlyAttached to dedicated switched portRequires full-duplex support on both endsCollision free Collision detect circuit disabled,Configuring the Switch,Catalyst 1900Menu driven interfaceWeb-based VSM(Visual Switch Manager)IOS CLI(command-line interface),Catalyst 1

25、900 Default Configurations,IP address:0.0.0.0CDP:EnabledSwitching mode:fragment free100baseT port:Auto-negotiate duplex mode10baseT port:Half duplexSpanning Tree:EnabledConsole password:none,Ports on the Catalyst 1900,Cat1912,Cat1924,10baseT portsAUI port100baseT uplink ports,e0/1 to e0/12,e0/1 to e

26、0/24,e0/25,e0/25,fa0/26(port A)fa0/27(port B),fa0/26(port A)fa0/27(port B),Ports on the Catalyst 1900,wg_sw_d#sh runBuilding configuration.Current configuration:!interface Ethernet 0/1!interface Ethernet 0/2,wg_sw_d#sh spanPort Ethernet 0/1 of VLAN1 is Forwarding Port path cost 100,Port priority 128

27、 Designated root has priority 32768,address 0090.8673.3340 Designated bridge has priority 32768,address 0090.8673.3340 Designated port is Ethernet 0/1,path cost 0 Timers:message age 20,forward delay 15,hold 1,wg_sw_a#show vlan-membership Port VLAN Membership Type Port VLAN Membership Type-1 5 Static

28、 13 1Static 2 1 Static 14 1 Static 3 1 Static15 1 Static,Configuring the Switch,Configuration ModesGlobal configuration mode wg_sw_a#conf termwg_sw_a(config)#Interface configuration modewg_sw_a(config)#interface e0/1wg_sw_a(config-if)#,Configuring the Switch IP Address,wg_sw_a(config)#ip address ip

29、address mask,wg_sw_a(config)#ip address 10.5.5.11 255.255.255.0,Configuring the Switch IP Address,wg_sw_a(config)#ip address ip address mask,wg_sw_a(config)#ip default-gateway ip address,Configuring the Switch Default Gateway,wg_sw_a(config)#ip default-gateway 10.5.5.3,wg_sw_a(config)#ip default-gat

30、eway ip address,Configuring the Switch Default Gateway,Showing the Switch IP Address,wg_sw_a#show ip IP address:10.5.5.11Subnet mask:255.255.255.0Default gateway:10.5.5.3Management VLAN:1Domain name:Name server 1:0.0.0.0Name server 2:0.0.0.0HTTP server:EnabledHTTP port:80RIP:Enabledwg_sw_a#,Speed an

31、d Duplex Options,wg_sw_a(config)#interface e0/1wg_sw_a(config-if)#duplex auto|full|full-flow-control|half,Setting Duplex Options,wg_sw_a(config-if)#duplex half,wg_sw_a(config)#interface e0/1wg_sw_a(config-if)#duplex auto|full|full-flow-control|half,Showing Duplex Options,Duplex Mismatches,The manual

32、ly set duplex parameter differs between connected portsThe switch port is in autonegotiate and the attached port is set to full duplex with no auto-negotiation capability causing the switch port to be in half-duplex mode,FCS and Late Collision Errors,Managing Mac Address Table,wg_sw_a#show mac-addre

33、ss-table,Managing Mac Address Table,wg_sw_a#sh mac-address-tableNumber of permanent addresses:0Number of restricted static addresses:0Number of dynamic addresses:6Address Dest Interface Type Source Interface List-00E0.1E5D.AE2F Ethernet 0/2 Dynamic All00D0.588F.B604 FastEthernet 0/26 Dynamic All00E0

34、.1E5D.AE2B FastEthernet 0/26 Dynamic All0090.273B.87A4 FastEthernet 0/26 Dynamic All00D0.588F.B600 FastEthernet 0/26 Dynamic All00D0.5892.38C4 FastEthernet 0/27 Dynamic All,wg_sw_a#show mac-address-table,Setting Permanent MAC Address,wg_sw_a#sh mac-address-tableNumber of permanent addresses:1Number

35、of restricted static addresses:0Number of dynamic addresses:4Address Dest Interface Type Source Interface List-00E0.1E5D.AE2FEthernet 0/2DynamicAll2222.2222.2222Ethernet 0/3Permanent All00D0.588F.B604FastEthernet 0/26 Dynamic All00E0.1E5D.AE2BFastEthernet 0/26 Dynamic All00D0.5892.38C4FastEthernet 0

36、/27 Dynamic All,wg_sw_a(config)#,wg_sw_a(config)#mac-address-table permanent 2222.2222.2222 ethernet 0/3,Setting Restricted Static MAC Address,wg_sw_a#sh mac-address-tableNumber of permanent addresses:1Number of restricted static addresses:1Number of dynamic addresses:4Address Dest Interface Type So

37、urce Interface List-1111.1111.1111Ethernet 0/4StaticEt0/100E0.1E5D.AE2FEthernet 0/2 DynamicAll2222.2222.2222Ethernet 0/3Permanent All00D0.588F.B604FastEthernet 0/26 Dynamic All00E0.1E5D.AE2BFastEthernet 0/26 Dynamic All00D0.5892.38C4FastEthernet 0/27 Dynamic All,wg_sw_a(config)#mac-address-table res

38、tricted static 1111.1111.1111 e0/4 e0/1,wg_sw_a(config)#,mac-address-table restricted static mac-address type module/port src-if-list,Configuring Port Security,wg_sw_a(config-if)#,Configures an interface to be a secured port Define a maximum number of mac addresses allowed in the address table for t

39、his portCount can be from 1 to 132Default is 132,port secure max-mac-count count,Configuring Port Security,wg_sw_a(config-if)#,Configures an interface to be a secured port Define a maximum number of mac addresses allowed in the address table for this portCount can be from 1 to 132Default is 132,wg_s

40、w_a(config)#interface e0/4wg_sw_a(config-if)#port secure max-mac-count 1,port secure max-mac-count count,Configuring Port Security,wg_sw_a#show mac-address-table security,wg_sw_a#show mac-address-table securityAction upon address violation:SuspendInterface Addressing Security Address Table Size-Ethe

41、rnet 0/1 Disabled N/AEthernet 0/2 Disabled N/AEthernet 0/3 Disabled N/AEthernet 0/4 Enabled 1Ethernet 0/5 Disabled N/AEthernet 0/6 Disabled N/AEthernet 0/7 Disabled N/AEthernet 0/8 Disabled N/AEthernet 0/9 Disabled N/AEthernet 0/10 Disabled N/AEthernet 0/11 Disabled N/AEthernet 0/12 Disabled N/A,Con

42、figuring Port Security,wg_sw_a#show mac-address-table security,wg_sw_a(config)#address-violation suspend|disable|ignore,wg_sw_a#show mac-address-table securityAction upon address violation:SuspendInterface Addressing Security Address Table Size-Ethernet 0/1 Disabled N/AEthernet 0/2 Disabled N/AEther

43、net 0/3 Disabled N/AEthernet 0/4 Enabled 1Ethernet 0/5 Disabled N/AEthernet 0/6 Disabled N/AEthernet 0/7 Disabled N/AEthernet 0/8 Disabled N/AEthernet 0/9 Disabled N/AEthernet 0/10 Disabled N/AEthernet 0/11 Disabled N/AEthernet 0/12 Disabled N/A,Show Version,Managing Configuration File,copy nvram tf

44、tp:/host/dst_file,wg_sw_a#,To send the configuration to a TFTP server:,Managing Configuration File,copy tftp:/host/src_file nvram,copy nvram tftp:/host/dst_file,wg_sw_a#,To send the configuration to a TFTP server:,wg_sw_a#,To download the configuration from a TFTP server:,copy tftp:/host/src_file nv

45、ram,wg_sw_a#copy nvram tftp:/10.1.1.1/wgswd.cfgConfiguration upload is successfully completedwg_sw_a#copy tftp:/10.1.1.1/wgswd.cfg nvramTFTP successfully downloaded configuration file,copy nvram tftp:/host/dst_file,wg_sw_a#,wg_sw_a#,Managing Configuration File,To send the configuration to a TFTP ser

46、ver:,To download the configuration from a TFTP server:,Clear NVRAM,wg_sw_d#delete nvram,Resets the system configuration to factory defaults.,Summary,After completing this chapter,you should be able to perform the following tasks:Describe Layer 2 switching(bridging)operationsDescribe the Catalyst 190

47、0 switch operationsDescribe the Catalyst 1900 switchs default configurationConfigure Catalyst 1900 switchUse show commands to verify Catalyst 1900 switch configuration and operations,Review Questions,1.What function does Spanning-Tree Protocol provide?2.What are the different spanning-tree port stat

48、es?3.Describe the difference between full-duplex and half-duplex operations.What is the default duplex setting on the Catalyst 1900 10Mbps port and 100Mbps port?4.What is the default switching mode on the Catalyst 1900?,Review Questions,5.What is the Catalyst 1900 CLI command to assign an IP address to the switch?Why does a Layer 2 switch require an IP address?6.Which type of MAC address does not age,permanent or dynamic?7.What is the Dynamic 1900 CLI command to display the contents of the MAC address table?,