About Ether Channel Configuration Commands

interface port-channel channel-group-number channel-group 1 mode mode show interfaces fastethernet 0 1 etherchannel show etherchannel 1 port-channel show etherchannel 1 summary These commands are used to configure and verify EtherChannel. EtherChannel Configuration Commands interface port-channel port-channel-number Creates a port-channel interface and moves to port-channel configuration mode, allowing the configuration of port-channel interface configuration parameters Switch(config-if)...

Adding New Switches to an Existing VTP Domain

This topic describes the procedure to add a new switch to an existing VTP domain. Adding a Switch to an Existing VTP Domain The configuration revision number is used when determining if a switch should keep its existing VLAN database or overwrite it with the VTP update sent by another switch in the same domain with the same password. Therefore, when a switch is added to a network, it is important that it does not inject spurious information into the domain. Caution This overwrite occurs whether...

Associate Switch Ports with the VLAN

Switch ports that are to function at Layer 2 and carry traffic for a single VLAN are configured as access switch ports and are assigned an access VLAN. To configure a Layer 2 switch port as an access port Switch(config-if) switchport mode access This table describes the parameters for the switchport mode access command. Required Configures the interface to function as a Layer 2 port only. On many switches, this is the default. No switchport would reverse this process and, on some switch...

Campus Infrastructure Module

The Campus Infrastructure module connects users within a campus to the Server Farm and Edge Distribution modules. The Campus Infrastructure module comprises Building Access and Building Distribution switches connected through the Campus Backbone to campus resources. A Campus Infrastructure module includes these submodules Building Access submodule (also known as Building Access layer) Contains end-user workstations, IP phones, and Layer 2 access switches that connect devices to the Building...

CEFBased MLS Lookups

Layer 3 packets initiate TCAM lookup. 2. The longest match returns adjacency with rewrite information. 3. The packet is rewritten per adjacency information and forwarded. 1. Layer 3 packets initiate TCAM lookup. 2. The longest match returns adjacency with rewrite information. 3. The packet is rewritten per adjacency information and forwarded. CEF-based tables are initially populated and used as follows The FIB is derived from the IP routing table and is arranged for maximum lookup throughput....

CEFBased MLS Operation

DA SA SIP DIP Data DA SA SIP DIP Data DA SA SIP DIP Data DA SA SIP DIP Data These are the steps that would occur when you use CEF to forward frames between host A and Step 1 Host A sends a packet to host B. The switch recognizes the frame as a Layer 3 packet because the destination MAC (MAC-M) matches the Layer 3 engine MAC. Step 2 The switch performs a CEF lookup based on the destination IP address (IP-B). The packet hits the CEF entry for the connected (VLAN20) network and is redirected to...

CEFBased Multilayer Switches

CEF caches routing information in the FIB table and Layer 2 next-hop addresses in the adjacency table. Control Plane Builds FIB and adjacency tables in software Data Plane Forwards IP unicast traffic in hardware Control Plane Builds FIB and adjacency tables in software Data Plane Forwards IP unicast traffic in hardware Cisco Systems Layer 3 devices can use a variety of methods to switch packets from one port to another. The most basic method of switching packets between interfaces is called...

Cisco IOS Interface

On most Catalyst switches, Cisco IOS interface is standard for Layer 3 configuration on multilayer switch Cisco Catalyst switch platforms have had a number of different operating systems and user interfaces. Over the years, Cisco has made great strides in converting the interface on nearly every Cisco Catalyst platform to the Cisco IOS interface familiar to Cisco users on routing platforms. Unlike the Cisco Catalyst software, various modes are navigated to execute specific commands. Here is an...

Cisco IOS software is standard for most other switches and for Layer 3 configuration on the modular switches

In the era of the early high-end Cisco Catalyst switches, the Cisco Catalyst operating system (CatOS) and the command interface were significantly different from the Cisco IOS mode navigation interfaces available on all newer Cisco Catalyst platforms. The two interfaces have different features and a different prompt and CLI syntax. Note Desktop Express-based switches use a Cisco Network Assist (GUI interface) not a CLI. 2006 Cisco Systems, Inc. Network Requirements 1-25 This subtopic describes...

Client

Cannot create, change, or delete VLANs Synchronizes VLAN configurations Creates, modifies, and deletes local VLANs Does not synchronize VLAN configurations Saves configuration in NVRAM Creates, modifies, and deletes local VLANs Does not synchronize VLAN configurations Saves configuration in NVRAM On each switch, VTP can be configured to operate in one of three modes server, client, or transparent. The default VTP mode is server. The mode will determine if VLANs can be created on the switch and...

Configure Ether Channel

The table shows the steps for configuring and verifying a Layer 3 EtherChannel interface. Configure a Layer 3 EtherChannel Bundle Switch(config) interface port-channel 1 Creates a virtual Layer 2 interface. Changes interface to Layer 3 to enable the use of the IP address command. Assign an IP address to the port-channel interface because this will be a Layer 3 interface. Switch(config-if) ip address 172.32.52.10 255.255.255.0 Assigns an IP address to the port-channel interface. Navigate to the...

Configured by issuing the spanningtree portfast command

An RSTP edge port is a switch port that is never intended to be connected to another switch device. It immediately transitions to the forwarding state when enabled. The edge port concept is well known to Cisco spanning tree users because it corresponds to the PortFast feature. All ports that are directly connected to end stations anticipate that no switch device will be connected to them, and so they immediately transition to the STP forwarding state, thereby skipping the time-consuming...

Configures Ether Channel load balancing

Switch show etherchannel load-balance Source XOR Destination IP address EtherChannel balances traffic load across the links in a channel. The default and the load balancing method varies among the Cisco Catalyst models. Load balancing is applied globally for all EtherChannel bundles in the switch. To configure EtherChannel load balancing, use the port-channel load-balance command. Load balancing can be based on these variables. The load-balancing keywords are as follows src-mac Source MAC...

Configuring a Port for ISL Trunking with No DTP

When configuring the Layer 2 trunk to not use DTP, this syntax is used so that the trunk mode is set to on, and no DTP messages are sent on the interface. First, enter the shutdown command in the interface mode. Enter the switchport trunk encapsulation command. Enter the switchport mode trunk command. Enter the switchport nonegotiate command. Finally, enter the no shutdown command. 2006 Cisco Systems, Inc. Defining VLANs 2-63

Configuring a Routed Port

Step 3 Assign an IP address to the routed port. Switch(config-if) ip address ip-address mask Step 4 Configure the IP routing protocol if needed. Switch(config) router ip_routing_protocol < options> To configure a routed port, perform these steps. Steps for Inter-VLAN Routing Configuration Create the SVI interface or navigate to configuration mode for the interface. Switch(config-if) ip address n.n.n.n subnet-mask Assign an IP address to the SVI for the VLAN. (Optional) Specify an IP routing...

Configuring a VTP Management Domain

Configure each switch in the following order to avoid dynamic learning of the domain name VTP domain name (case sensitive) VTP mode (server mode is the default) Default VTP configuration values depend on the switch model and the software version. The default values for the Cisco Catalyst 2900, 4000, and 6000 Series switches are as follows VTP trap Disabled (Simple Network Management Protocol SNMP traps communicating VTP status) The VTP domain name can be specified or learned from VTP updates...

Configuring InterVLAN Routing Through an SVI

Switch(config) interface vlan vlan-id Step 3 Assign an IP address to the SVI. Switch(config-if) ip address ip-address mask Step 4 Configure the IP routing protocol if needed. Switch(config) router ip_routing_protocol < options> To configure inter-VLAN routing on a Cisco Catalyst SVI, perform these steps. Steps for Inter-VLAN Routing Configuration The table describes the steps needed to configure inter-VLAN routing. The table describes the steps needed to configure inter-VLAN routing....

Configuring Layer 2 Ether Channel

Switch(config) interface range interface slot port - port Specifies the interfaces to configure in the bundle pagp lacp Specifies the channel protocol either PAgP or LACP number mode active on auto desirable passive Creates the port-channel interface and places the interfaces as members Configure a Layer 2 EtherChannel Bundle This table shows the steps for configuring and verifying an EtherChannel interface. This table shows the steps for configuring and verifying an EtherChannel interface....

Configuring Layer 3 Ether Channel

Switch(config) interface port-channel port-channel-number Creates a port-channel interface Switch(config-if) no switchport Switch(config-if) ip address address mask Specifies L3 and assigns an IP address and subnet mask to the EtherChannel Switch(config) interface interface slot port Specifies an interface to configure Switch(config-if) channel-group number mode auto desirable on Configures the interface as L3 and specifies the port channel and the PAgP mode

Configuring Port Fast

spanning-tree portfast (interface command) or spanning-tree portfast default (global command) - enables PortFast on all nontrunking ports show running-config interface fastethernet 1 1 The table lists the commands used to implement and verify PortFast on an interface. The table lists the commands used to implement and verify PortFast on an interface. Switch(config-if) spanning-tree portfast Enables PortFast on a Layer 2 access port and forces it to enter the forwarding state immediately....

Configuring VTP on a Switch

This subtopic lists the steps used to configure VTP. Displays a list of current VLANs Switch(config) vtp password password_string Switch(config) vtp domain domain_name Sets the VTP mode to server, client, or transparent Displays the current settings for VTP The steps for configuring VTP will vary per design and switch mode, but the general steps for configuring a switch are as follows Step 1 Establish a design specifying what switches will be server, client, or transparent, and what the...

Course Flow

Minimizing Service Loss and Data Theft in a Campus Network The schedule reflects the recommended structure for this course. This structure allows enough time for the instructor to present the course information and for you to work through the lab activities. The exact timing of the subject materials and labs depends on the pace of your specific class. 2006 Cisco Systems, Inc. Course Introduction 3

Course Goal and Objectives

This topic describes the course goal and objectives. In this course, learners will find out how to create an efficient and expandable enterprise network by installing, configuring, monitoring, and troubleshooting network infrastructure equipment according to the Campus Infrastructure module in the Enterprise Composite Network Model. Building Cisco Multilayer Switched Networks Upon completing this course, you will be able to meet these objectives Describe the Campus Infrastructure module of the...

Describing 8021Q Trunking

This topic describes 802.1Q trunking. Adds a 4-byte tag to the original frame Additional tag includes a priority field Does not tag frames that belong to the native VLAN Like ISL, 802.1Q is a protocol that allows a single physical link to carry traffic for multiple VLANs. It is the IEEE standard VLAN trunking protocol. Rather than encapsulating the original Layer 2 frame in its entirety, 802.1Q inserts a tag into the original Ethernet header, then recalculates and updates the FCS in the...

Describing CEF Configuration Commands

This topic describes the commands used to configure CEF on Cisco Catalyst multilayer switches. Use these commands to configure CEF when possible and verify its operation. CEF Configuration Commands The table describes CEF configuration commands. The table describes CEF configuration commands. On a Cisco Catalyst 4000 Series switch, enables CEF if it has been previously disabled. CEF is on by default. Disables CEF on a Cisco Catalyst 4000 Series switch. Switch(config-if) ip route-cache cef On a...

Describing InterVLAN Routing Using External Router Configuration Commands

This topic describes the commands used to configure inter-VLAN routing on an external router. Inter-VLAN routing can be configured using an external router over either ISL or 802.1Q trunks. The commands for configuring the trunk interface on the router are shown in the table. 4-6 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 2006 Cisco Systems, Inc. Commands for Inter-VLAN Routing on an External Router The table provides a description of the commands used to perform inter-VLAN...

Describing Issues with 8021Q Native VLANs

This topic describes the security issues with 802.1Q native VLANs. Native VLAN frames are carried over the trunk link untagged. A native VLAN mismatch will merge traffic between VLANs. This is a frequent configuration error. The native VLAN that is configured on each end of an 802.1Q trunk must be the same. Remember that a switch receiving an untagged frame will assign it to the native VLAN of the trunk. If one end is configured for native VLAN1 and the other for native VLAN2, a frame sent in...

Describing Local VLANs

Local VLANs are generally confined to a wiring closet. Local VLANs are generally confined to a wiring closet. In the past, network designers attempted to implement the 80 20 rule when designing networks. The rule was based on the observation that, in general, 80 percent of the traffic on a network segment was passed between local devices, and only 20 percent of the traffic was destined for remote network segments. Therefore, end-to-end VLANs were typically used. Designers now consolidate...

Describing Port Fast

This subtopic identifies the features of PortFast. (J) Configure PortFast. Do not configure PortFast. Spanning tree PortFast causes an interface configured as a Layer 2 access port to transition from blocking to forwarding state immediately, bypassing the listening and learning states. You can use PortFast on Layer 2 access ports that are connected to a single workstation or to a server to allow those devices to connect to the network immediately rather than waiting for spanning tree to...

Describing Pvrst Implementation Commands

This topic describes the commands used to implement Per VLAN Rapid Spanning Tree (PVRST). The table describes the commands that enable PVRST. Switch(config) spanning-tree mode rapid-pvst show spanning-tree vlan vlan-number detail Shows commands that are VLAN-based rather than instance-based 2006 Cisco Systems, Inc. Implementing Spanning Tree 3-47

Describing RSTP Port States

This topic describes the three RSTP port states. This topic describes the three RSTP port states. RSTP provides rapid convergence following the failure or re-establishment of a switch, switch port, or link. An RSTP TC will cause a transition in the appropriate switch ports to the forwarding state through either explicit handshakes or a proposal and agreement process and synchronization. With RSTP, the role of a port is separated from the state of a port. For example, a designated port could be...

Describing the Extended System ID

This topic describes changes to the Bridge Priority field to accommodate the MSTP instance number. Extended System ID in Bridge ID Field MST Instance Number Carried in Extended System ID Area As with PVST, the 12-bit Extended System ID field is used in MSTP. In MSTP, this field carries the MSTP instance number. The 802.1D protocol states that each bridge must have a unique bridge identifier. In PVST, each VLAN is considered to be a different logical bridge. Therefore, each VLAN needs a unique...

Describing VTP Operation

This topic describes how VTP distributes and synchronizes VLAN information. VTP advertisements are sent as multicast frames. VTP servers and clients are synchronized to the latest revision number. VTP advertisements are sent every 5 minutes or when there is a change. Switches within a VTP management domain synchronize their VLAN databases by sending and receiving VTP advertisements over trunk links. VTP advertisements are flooded throughout a management domain by switches that are running in...

Determining Equipment and Cabling Needs

Each link provides adequate bandwidth for traffic aggregating over that link. There are four objectives in the design of any high-performance network security, availability, scalability, and manageability. The ECNM, when implemented properly, provides the framework to meet these objectives. In the migration from a current network infrastructure to the ECNM, a number of infrastructure changes may be needed, including the replacement of current equipment and the existing cable plant. This list...

Display spanning tree mode is set to PVRST

A variety of show commands can be used to display configuration and operation information about spanning tree. The show spanning-tree command takes several arguments to display a variety of information about the STP configuration. Without any arguments, it will display general information about all STP configurations. The complete syntax is as follows Switch show spanning-tree bridge-group active backbonefast bridge id detail inconsistentports interface interface interface-number root summary...

Displaying Hardware Layer 3 Switching Statistics

Switch show interfaces type mod port number include switched Switch show interfaces gigabitethernet 9 5 include switched L2 Switched ucast 8199 pkt, 1362060 bytes - mcast 6980 pkt, 371952 bytes L3 in Switched ucast 3045 pkt, 742761 bytes - mcast 0 pkt, 0 bytes mcast L3 out Switched ucast 2975 pkt, 693411 bytes - mcast 0 pkt, 0 bytes Use the show interfaces command with the include switch argument to show switching statistics at each layer for the interface. Verify that Layer 3 packets are being...

Displays interface information

Switch show run interface gig 0 9 Building configuration interface GigabitEthernet 0 9 switchport mode dynamic desirable channel-group 2 mode desirable channel-protocol pagp end Switch show run interface gig 0 9 Building configuration interface GigabitEthernet 0 9 switchport mode dynamic desirable channel-group 2 mode desirable channel-protocol pagp end Use the show interfaces interface num etherchannel command to display information about the port channel and the specific EtherChannel...

Distributed Hardware Forwarding

Layer 3 switching software employs a distributed architecture in which the control path and data path are relatively independent. The control path code, such as routing protocols, runs on the route processor, whereas most of the data packets are forwarded by the Ethernet interface module and the switching fabric. Each interface module includes a microcoded processor that handles all packet forwarding. These are the main functions of the control layer between the routing protocol and the...

Does not modify the original frame

ISL is a Cisco proprietary protocol option for configuring Layer 2 trunk links. It is the original standard for trunking between switches and predates IEEE trunking standards. ISL takes original Layer 2 frames and encapsulates them with a new ISL header and trailer, cyclic redundancy check (CRC), before placing them on the trunk link. Because an entirely new header is appended to the original frame, the header offers some features not found in 802.1Q, an alternative trunking protocol. These are...

Dynamic Access Port Association

Switch ports can be dynamically associated with a given VLAN based upon the MAC address of the device connecting on that port. This requires that the switch query a VLAN Membership Policy Server (VMPS) to determine what VLAN to associate with a switch port, when a specific source MAC address is seen on the switch port. This might be beneficial with a set of workstations that rove throughout the enterprise. Regardless of what switch or switch port the workstation connected to, that switch port...

Dynamic Trunk Negotiation Protocols

The PAgP aids in the automatic creation of Fast EtherChannel links. PAgP packets are sent between Fast EtherChannel-capable ports to negotiate the forming of a channel. When PAgP identifies matched Ethernet links, it groups the links into an EtherChannel. The EtherChannel is then added to the spanning tree as a single bridge port. The management of the EtherChannel is done by PAgP. PAgP packets are sent every 30 seconds, using multicast group MAC address 01-00-0C-CC-CC-CC with protocol value...

ECNM Functional Areas

The ECNM introduces modularity by dividing the network into functional areas that ease design, implementation, and troubleshooting tasks. An enterprise campus is defined as one or more buildings, with multiple virtual and physical networks, connected across a highperformance, multilayer-switched backbone. The ECNM contains these three major functional areas Enterprise Campus The Enterprise Campus functional area contains the modules required to build a hierarchical, highly robust campus network...

Establishes primary and secondary roots for MST instance

Given the following steps, all switches would be configured with the spanning tree MSTP and extend system-id syntax, and only the distribution switches that terminate the VLANs would have their priority changed. Switch(config) spanning-tree mst configuration You can use the no keyword to clear the MSTP configuration. Display the current MSTP configuration. Set the MSTP configuration revision number. Switch(config-mst) revision revision number The revision number can be any unassigned 16-bit...

Ether Channel

Logical aggregation of similar links Logical aggregation of similar links Companies require greater and cheaper bandwidth to run their networks. Users are becoming more impatient with any sort of latency that occurs in the network. The insatiable appetite of customers for faster networks and higher availability of the networks has made the competition intense between vendors. Some years ago, Cisco Systems came up with a method to not only provide substantially higher bandwidth but to provide it...

Ether Channel Guidelines

Switch show run interface FastEthernet0 9 description DSW121 0 9-10 - DSW122 0 9-10 switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,21-28 switchport mode trunk switchport nonegotiate duplex full speed 100 interface FastEthernet0 10 description DSW121 0 9-10 - DSW122 0 9-10 switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,21-28 switchport mode trunk switchport nonegotiate duplex full speed 100 This example shows how to configure an EtherChannel following...

Ether Channel Load Balancing Characteristics

EtherChannel balances the traffic load across the links in a channel by reducing part of the binary pattern formed from the addresses in the frame to a numerical value that selects one of the links in the channel. EtherChannel load balancing can use either source-MAC or destination-MAC address forwarding. With source-MAC address forwarding, when packets are forwarded to an EtherChannel, they are distributed across the ports in the channel based on the source-MAC address of the incoming packet....

Example Displaying Detailed MSTP Information

This example displays detailed MSTP information for a specific instance. Switch show spanning-tree mst 1 detail MST01 vlans mapped 1-10 Bridge address 00d0.00b8.1400 priority 32769 (32768 sysid 1) FastEthernet4 4 of MST01 is backup blocking Port info port id 240.196 priority 240 cost 1000 Designated root address 00d0.00b8.1400 priority 32769 cost 0 Designated bridge address 00d0.00b8.1400 priority 32769 port id 128.197 Timers message expires in 5 sec, forward delay 0, forward transitions 0...

Example Displaying General MSTP Information

This example shows how to display general MSTP information. Notice that the output is grouped by MSTP instances, starting with the IST. MST00 vlans mapped 11-4094 Bridge address 00d0.00b8.1400 priority 32768 (32768 sysid 0) Root address 00d0.004a.3c1c priority 32768 (32768 sysid 0) Operational hello time 2, forward delay 15, max age 20, max hops 20 Configured hello time 2, forward delay 15, max age 20, max hops 20 Back BLK 1000 Desg FWD 200000 Root FWD 200000 MST01 vlans mapped 1-10 Bridge...

Example Displaying InterVLAN Configuration Information

The following examples of the show commands displays first, a snapshot of inter-VLAN status, and second, the routing table in use Virtual LAN ID 10 (Inter Switch Link Encapsulation) vLAN Trunk Interface FastEthernet0 0.10 Protocols Configured Address Received Virtual LAN ID 20 (Inter Switch Link Encapsulation) vLAN Trunk Interface FastEthernet0 0.20 Protocols Configured 4-12 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 2006 Cisco Systems, Inc.

Example Displaying MSTP Information for a Specific Instance

This example displays MSTP information for a specific instance. MST01 vlans mapped 1-10 Bridge address 00d0.00b8.1400 priority 32769 (32768 sysid 1) Interface Role Sts Cost Prio.Nbr Status 3-64 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 2006 Cisco Systems, Inc.

Example Displaying MSTP Information for a Specific Instance and Interface

This example displays MSTP information for a specific interface and a specific MSTP instance. Switch show spanning-tree mst 1 interface fastethernet 4 4 FastEthernet4 4 of MST01 is backup blocking Edge port no (default) port guard none (default) Link type point-to-point (auto) bpdu filter disable (default) Boundary internal bpdu guard disable (default) Bpdus (MRecords) sent 2, received 3 64 Instance Role Sts Cost Prio.Nbr Vlans mapped 1 Back BLK 1000 240.196 1-10 2006 Cisco Systems, Inc....

Example Displaying MSTP Information for a Specific Interface

This example displays MSTP information for a specific interface. Switch show spanning-tree mst interface fastethernet 4 4 FastEthernet4 4 of MST0 0 is backup blocking Edge port no (default) port guard none (default) Link type point-to-point (auto) bpdu filter disable (default) Boundary internal bpdu guard disable (default) Bpdus sent 2, received 368 Instance Role Sts Cost Prio.Nbr Vlans mapped 0 Back BLK 1000 240.196 11-4094 1 Back BLK 1000 240.196 1-10

Example Displaying Routing Table Information

Codes C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter * - candidate default, U - per-user static route, o - ODR P - periodic downloaded static route Gateway of last resort is not set 10.0.0.0 24 is subnetted, 2 subnets C...

Example Layer 2 Topology Negotiation

Here is a scenario with switches running STP and exchanging information as shown in the figure. From this information, exchange will yield these final results The election of a root bridge as a Layer 2 topology point of reference The determination of the best path to the root bridge from each switch The election of a designated switch and corresponding designated port for every switched segment The removal of loops in the switched network by transitioning some switch links to a blocked state...

Explaining MSTP

Instance 1 maps to VLANs 1-500 Instance 2 maps to VLANs 501-1000 Instance 1 maps to VLANs 1-500 Instance 2 maps to VLANs 501-1000 The main purpose of MSTP is to reduce the total number of spanning tree instances to match the physical topology of the network and thus reduce the CPU loading of a switch. The instances of spanning tree are reduced to the number of links (that is, active paths) that are available. If the example in the diagram were implemented via Per VLAN Spanning Tree+ (PVST+),...

Explaining Multilayer Switching

Traditionally, a switch makes forwarding decisions by looking at the Layer 2 header, whereas a router makes forwarding decisions by looking at the Layer 3 header. A multilayer switch combines the functionality of a switch and a router into one device, thereby enabling the device to switch traffic when the source and destination are in the same VLAN and to route traffic when the source and destination are in different VLANs (that is, different subnets). In the figure, traffic between PC A and PC...

FIB Table Updates

The FIB table is updated when these events occur An ARP entry for the destination next hop changes, ages out, or is removed. The routing table entry for a prefix changes. The routing table entry for the next hop changes. These are the basic steps for initially populating the adjacency table Step 1 The Layer 3 engine queries the switch for a physical MAC address. Step 2 The switch selects a MAC address from the chassis MAC range and assigns it to the Layer 3 engine. This MAC address is assigned...

Forming an Association with the Root Bridge

This subtopic identifies methods by which switch ports determine their role in STP. What is the shortest path to the root bridge Nonroot bridges place various ports in their proper roles by listening to BPDUs as they come in on all ports. Receiving BPDUs on multiple ports indicates a redundant path to the root bridge. The switch looks at these components in the BPDU to determine which switch ports will forward data and which switch ports will block data The switch looks at the path cost first...

Guidelines for Configuring Ether Channel

All Ethernet interfaces must support EtherChannel with no contingencies. All interfaces in an EtherChannel must be configured at the same speed and duplex. EtherChannel will not form if one of the interfaces is a switched port analyzer destination port. IP addresses must be assigned to port-channel logical interfaces in Layer 3 EtherChannels. Interfaces must be assigned to the same VLAN or configured as trunks in Layer 2 EtherChannels. Follow these guidelines and restrictions when configuring...

Guidelines for Configuring Ether Channel Cont

All interfaces must support the same allowed range of VLANs. Interfaces in the same bundle can support varying port costs. Port-channel interface configuration changes Physical interface configuration changes Range of VLANs An EtherChannel supports the same allowed range of VLANs on all the interfaces in a trunking Layer 2 EtherChannel. If the allowed range of VLANs is not the same, the interfaces do not form an EtherChannel, even when set to auto or desirable mode. For Layer 2 EtherChannels,...

High latency over Layer 2 switching

Executives and Administration, IT, Sales and Human Resource Executives and Administration, IT, Sales and Human Resource A major limitation of Layer 2 switches is that they cannot switch traffic between Layer 3 network segments (IP subnets for example). Traditionally, this was done using a router. Unlike switches, a router acts as a broadcast boundary and does not forward broadcasts between its interfaces. Additionally, a router provides for an optimal path determination process. The router...

Highspeed scalability

Multilayer switching is hardware-based switching and routing integrated into a single platform. In some cases, the frame and packet forwarding operation is handled by the same specialized hardware ASIC and other specialized circuitry. A multilayer switch does everything to a frame and packet that a traditional switch or router does, including the following Provides multiple simultaneous switching paths Segments broadcast and failure domains Provides destination-specific frame forwarding based...

Identifying the Rstp Tcn Process

This topic describes the process that RSTP uses to notify all bridges in the network of a TC. In 802.1D, any port state change generates a TCN. When an 802.1D bridge detects TC, it sends TCNs toward the root bridge. The root bridge sets the TC flag on the outbound BPDUs that are relayed to switches down from the root. When a bridge receives a BPDU with the TC flag bit set, the bridge reduces its bridge-table aging time to forward delay seconds. This ensures a relatively quick flushing of the...

Implement VLAN and switch security

To create or configure a VLAN and associate switch ports, follow these steps Step 2 Verify the VLAN configuration. Step 3 Associate switch ports with the VLAN. Step 4 Verify the switch port configuration. Step 6 Implement switch and VLAN security measures. These steps are explained in greater detail in the remainder of this topic. 2-32 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 2006 Cisco Systems, Inc.

Implementing InterVLAN Routing

Describing Routing Between VLANs_4-3 Inter-VLAN Routing Using an External Router 4-4 Describing Inter-VLAN Routing Using External Router Configuration Commands 4-6 Configuring Inter-VLAN Routing Using an External Router 4-8 Configuring an External Router Using ISL 4-10 Verifying the Inter-VLAN Routing Configuration Using ping 4-11 Verifying the Inter-VLAN Routing Configuration 4-12 Example Displaying Inter-VLAN Configuration Information 4-12 Example Displaying Routing Table Information 4-13...

Implementing Pvrst Commands

This topic explains the procedure to implement RSTP in a switched network. The table describes how to configure PVRST. If spanning tree is disabled, enable it for a VLAN. Switch(config) spanning-tree vlan vlan-range Set spanning tree mode to Rapid PVST+. Default is 802.1D (shows as ieee). Switch(config) spanning-tree mode rapid-pvst 3-48 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 2006 Cisco Systems, Inc.

Implementing RSTP

Describing RSTP Port States 3-34 Describing RSTP Port Roles 3-36 Describing RSTP Link Types 3-39 Identifying the RSTP Proposal and Agreement Process 3-43 Downstream RSTP Proposal Process 3-44 Identifying the RSTP TCN Process 3-45 Describing PVRST Implementation Commands 3-47 Implementing PVRST Commands 3-48 Verifying the PVRST Configuration 3-49 Describing the Extended System ID 3-56 Interacting Between MST Regions and 802.1Q 3-57 Describing MSTP Implementation Commands 3-59 Configuring and...

Implementing VTP in the ECNM

Have only one or two VTP servers. Manually configure the VTP domain name on all devices. When setting up a new domain - Configure VTP client switches first so that they participate passively. When cleaning up an existing VTP domain - Configure passwords on servers first because clients may need to maintain current VLAN information until the server is verified as complete. Here is a list of general best practices with regard to configuring VTP in the Enterprise Plan...

Improves flexibility and increases efficiency

With its vision of the IIN, Cisco is helping organizations to address new IT challenges, such as the deployment of service-oriented architectures, Web services, and virtualization. Cisco SONA is an architectural framework that guides the evolution of enterprise networks to an IIN. The Cisco SONA framework provides several advantages to enterprises, such as the following Outlines the path towards the IIN Illustrates how to build integrated systems across a fully converged IIN Improves...

Interacting Between MST Regions and 8021D

One issue that arises from MSTP design is interoperability with the CST implementation in 802.1D. According to the IEEE 802.1s specification, an MSTP switch must be able to handle at least one Internal Spanning Tree (IST). The MST region consists of one IST and an arbitrary number of MSTP instances. These are two functionally equivalent diagrams. Notice the location of the different blocked ports. In a typically bridged network, you expect to see a blocked port between Switch M and Switch B....

Interconnection Technologies

10-Gigabit High-speed I Ethernet switch linkS 2006 Cisco Systems, Inc. All rights reserved. A number of technologies are available to interconnect devices in the campus network. Some of the more common technologies are listed here. The interconnection technology selected will depend on the amount of traffic the link must carry. A mixture of copper and fiber-optic cabling will likely be used, based on distances, noise immunity requirements, security, and other business requirements. Fast...

Interface fa01

- ip address 10.3.3.1 255.255.255.0 Routed switch ports are typically configured by removing the Layer 2 switch port capability of the switch port. On most switches, the ports are Layer 2 ports by default. On some switches, the ports are Layer 3 ports by default. The layer at which the port functions determines the commands that can be configured on the port. Routed ports have these characteristics and functions The port is a physical switch port with Layer 3 capability. The port is not...

Interface Modes

Interfaces can be set in any of several modes to control EtherChannel formation. Comparison of Interface Modes The table shows the different settings for PAgP and LACP. The table shows the different settings for PAgP and LACP. Auto This PAgP mode places an interface in a passive negotiating state in which the interface responds to the PAgP packets that it receives but does not initiate PAgP negotiation (default). Passive This LACP mode places a port in a passive negotiating state. In this...

InterVLAN Routing on External Router 8021Q Trunk Link

A router interface providing inter-VLAN routing on a trunk link must be configured with a subinterface for each VLAN that will be serviced across the link. Each subinterface on the physical link must then be configured with the same trunk encapsulation protocol. That protocol, either 802.1Q or ISL, is typically determined by what was configured on the switch side of the link. Use the encapsulation dotlq subinterface configuration command to enable 802.1Q encapsulation on a router subinterface....

InterVLAN Routing on External Router ISL Trunk Link

Configuring an External Router Using ISL Encapsulation Use the encapsulation isl vlan id subinterface configuration command to enable ISL trunking on a router subinterface. The native keyword is not used on the encapsulation ISL subinterface command because ISL does not have the concept of a native VLAN. ISL Encapsulation Commands for External Routers The table describes the actions needed to perform ISL encapsulation on external routers. Enable ISL trunking on the switch port connecting to the...

ISL Trunk Configuration

Switch(config) interface fastethernet 2 1 Switch(config-if) shutdown Switch(config-if) switchport trunk encapsulation isl Switch(config-if) switchport trunk allowed vlan 1-5,1002-1005 Switch(config-if) switchport mode trunk Switch(config-if) switchport nonegotiate Switch(config-if) no shutdown In the example, interface Fast Ethernet 2 1 has been configured as a trunk link for ISL that is permanently on. DTP negotiation is not allowed. The trunk link will carry VLAN traffic for VLANs 1-5 and...

Large amount of unknown MAC unicast traffic

A poorly designed network has increased support costs, reduced service availability, and limited support for new applications and solutions. Less than optimal performance will affect end users directly and will affect access to central resources. Here are some of the issues that stem from a poorly designed network. Failure domains One of the most important reasons to implement an effective design is to minimize the extent of a network problem when it occurs. When Layer 2 and Layer 3 boundaries...

Layer 2 Switch Forwarding Process

Layer 2 forwarding in hardware is based on the destination MAC address. The Layer 2 switch learns the address, based on the source MAC address. The MAC address table lists MAC and VLAN pairs with associated interfaces. How a Layer 2 Switch Forwards Packets The table describes how a Layer 2 switch forwards packets. The Layer 2 engine receives a frame. The Layer 2 engine performs the input ACL lookup. The Layer 2 lookup engine looks up the destination MAC address and determines if the frame is to...

Layer 3 SVI

An SVI is a virtual Layer 3 interface that can be configured for any VLAN that exists on a Layer 3 switch. It is virtual in that there is no physical interface for the VLAN, and yet it can accept configuration parameters applied to any Layer 3 router interface. The SVI for the VLAN provides Layer 3 processing for packets from all switch ports associated with that VLAN. Only one SVI can be associated with a VLAN. You configure an SVI for a VLAN for these reasons To provide a default gateway for...

Logical Packet Flow for a Multilayer Switch

Layer 3 forwarding is based on the destination IP address. Layer 3 forwarding occurs when a packet is routed from a source in one subnet to a destination in another subnet. When a multilayer switch sees its own MAC address in the Layer 2 header, it recognizes that the packet is either destined for itself or has been sent to the default gateway. If the packet is not destined for the multilayer switch, then the destination IP address is compared against the Layer 3 forwarding table for the...

Masks used to wildcard some content fields

Mask 1 Match All 32 bits of source IP address Mask 2 Match Most significant 24 bits of source IP address In specific high-end switch platforms, the TCAM is a portion of memory designed for rapid, hardware-based table lookups of Layer 3 and Layer 4 information. In the TCAM, a single lookup provides all Layer 2 and Layer 3 forwarding information for frames, including CAM and ACL information. The figure displays the ACL information stored in the TCAM table that would result in a packet being...

Module Summary

This topic summarizes the key points discussed in this module. This topic summarizes the key points discussed in this module. The configuration of multiple Layer 2 VLANs requires that Layer 3 routing occur between those VLANs. This inter-VLAN routing can be provided external to a Layer 2 switch or within a multilayer switch through the configuration of switch virtual interfaces (SVIs) and IP routing. When routing occurs within a Cisco Catalyst multilayer switch, Cisco Express Forwarding (CEF)...

Modules in the Enterprise Campus

The Enterprise Campus functional area includes the Campus Infrastructure, Network Management, Server Farm, and Edge Distribution modules. Each module has a specific Campus Infrastructure module Includes Building Access and Building Distribution submodules. It connects users within the campus to the Server Farm and Edge Distribution modules. The Campus Infrastructure module is composed of one or more floors or buildings connected to the Campus Backbone submodule. Network Management module...

Network Traffic Types

This table lists different types of traffic that may exist on the network and that should be considered before device placement and VLAN configuration. The table describes the different traffic types. Many different types of network management traffic may be present on the network. Examples include bridge protocol data units (BPDUs), Cisco Discovery Protocol (CDP) updates, Simple Network Management Protocol (SNMP) and Remote Monitoring (RMON) traffic. Some designers will assign a separate VLAN...

Nonhierarchical Network Devices

Large collision domain Large broadcast domain High latency Difficult to troubleshoot Large collision domain Large broadcast domain High latency Difficult to troubleshoot The simplest Ethernet network infrastructure is composed of a single collision and broadcast domain. This type of network is referred to as a flat network because any traffic that is transmitted within it is seen by all of the interconnected devices, even if they are not the intended destination of the transmission. The benefit...

Note Table assumes DTP is enabled at both ends show dtp interface to determine current setting

Trunk links should be configured statically whenever possible. However, Cisco Catalyst switch ports run DTP, which can automatically negotiate a trunk link. This Cisco proprietary protocol can determine an operational trunking mode and protocol on a switch port when it is connected to another device that is also capable of dynamic trunk negotiation. DTP mode can be configured to turn the protocol off or to instruct it to negotiate a trunk link under only certain conditions, as described in the...

Objectives

Upon completing this lesson, you will be able to implement and verify inter-VLAN routing. This ability includes being able to meet these objectives Describe how inter-VLAN routing works using an external router Describe the commands used to configure inter-VLAN routing using an external router Explain the procedure to configure inter-VLAN routing using an external router Explain how switching interfaces use the forwarding engine to implement Layer 2 and Layer 3 switching Describe the frame...

Of traffic

Layer 3 switching can occur at two different locations on the switch. Centralized switching Switching decisions are made on the route processor by a central forwarding table, typically controlled by an ASIC. Distributed switching Switching decisions can be made on a port or line-card level rather than on a central route processor. Cached tables are distributed and synchronized to various hardware components so that processing can be distributed throughout the switch chassis. 2006 Cisco Systems,...

On the Cisco Catalyst 3550 switch

Switch(config-if) ip route-cache cef Hardware Layer 3 switching is permanently enabled on Cisco Catalyst 6500 Series Supervisor Engine 720 with Policy Feature Card 2 (PFC2) or PFC3, Multilayer Switch Feature Card 3 (MSFC3), and Distributed Forwarding Card (DFC). No configuration is required, and CEF cannot be disabled. To disable CEF, the no ip cef command can be used on the Cisco Catalyst 4000, or the no ip route-cache cef command can be used on a Cisco Catalyst 3550 interface. If CEF is...

Overview

Rapid Spanning Tree Protocol (RSTP) is an improvement on the original 802.1D Spanning Tree Protocol (STP) standard. RSTP provides much faster convergence when topology changes (TCs) occur in a switched network. Through the use of specific port states, port roles, and link types, RSTP very quickly adapts to network topology transitions. A proposal and agreement process between neighbor switches is unique to RSTP. Also, topology change notifications (TCNs) are transferred in a very different...

Preventing Bridge Loops

Bridge loops can be prevented by disabling the redundant path. 2006 Cisco Systems, Inc. All rights reserved. A loop-free network is one in which no Layer 2 loops exist therefore, the network cannot create Layer 2 broadcast storms or flooded unicast storms. A loop-free network can be achieved manually by shutting down or disconnecting all redundant links between bridges. However, this leaves no redundancy in the network and requires manual intervention in the event of a link failure. STP...

Proposal or agreement takes place between A and B

P1 Root port P3 Designated port P5 New root for B P6 Edge ports After switch A and the root bridge are synchronized, the proposal and agreement process continues on switch A out of all of its downstream-designated, nonedge ports, as shown in the figure. 1. Switch B on P5 will see that switch A is discarding and will also transition to the designated discarding state. Switch A then sends its proposal BPDU down to B with the root ID of the root bridge. 2. Switch B sees a proposal with the...

Q Trunk Configuration

Switch(config) interface fastethernet 5 8 Switch(config-if) shutdown Switch(config-if) switchport trunk encapsulation dotlq Switch(config-if) switchport trunk allowed vlan 1,5,11,1002-1005 Switch(config-if) switchport mode trunk Switch(config-if) switchport trunk native vlan 99 Switch(config-if) switchport nonegotiate Switch(config-if) no shutdown The example shows how to configure interface Fast Ethernet 5 8 as an 802.1Q trunk. Frames from VLANs 1, 5, 11, and 1002 to 1005 will be allowed to...

References

For additional information, refer to these resources Cisco Systems, Inc., Spanning-Tree Protocol Enhancements using Loop Guard and BPDU Skew Detection Features 094640.shtml Cisco Systems, Inc., Understanding Spanning-Tree Protocol Topology Changes 094797.shtml Cisco Systems, Inc., Understanding and Configuring Backbone Fast on Catalyst Switches 0c2548.shtml 2006 Cisco Systems, Inc. Implementing Spanning Tree 3-91

Resolving Trunk Link Problems

This topic identifies best practices for resolving trunk link problems. When using DTP, ensure that both ends of the link are in the same VTP domain. Ensure that the trunk encapsulation type configured on both ends of the link is valid. On links where trunking is not required, DTP should be turned off. Best practice is to configure trunk and nonegotiate where trunks are required. Trunk negotiation is managed by the DTP, which is a point-to-point protocol. When using DTP to configure trunks,...

Rewritten IP Unicast Packet

The figure shows how the frame and packet header would be altered when Cisco Express Forwarding (CEF) is used to forward frames. IP unicast packets are rewritten on the output interface as follows The source MAC address changes from the sender MAC address to the router MAC address. The destination MAC address changes from the router MAC address to the next-hop MAC address. The TTL is decremented by one and, as a result, the IP header checksum is recalculated. The frame checksum must be...

Root Bridge Selection

Which switch has the lowest bridge ID BPDUs are exchanged between switches, and the analysis of the BID and root ID information from those BPDUs determines which bridge is selected as the root bridge. In the example shown, both switches have the same priority for the same VLAN. The switch with the lowest MAC address will, therefore, be elected root bridge. In the example, switch X is the root bridge for VLAN1, with a BID of 0x8001 0c0011111111. These steps show how a root bridge election...

Routed Ports on a Multilayer Switch Cont

A routed switch port is a physical switch port on a multilayer switch that is capable of Layer 3 packet processing. A routed port is not associated with a particular VLAN, as is an access port or SVI. A routed port behaves like a regular router interface, except that it does not support VLAN subinterfaces. Routed switch ports can be configured using most commands applied to a physical router interface, including the assignment of an IP address and the configuration of Layer 3 routing protocols....

RSTP Port Roles

The port role defines the ultimate purpose of a switch port and the way it handles data frames. Port roles and port states are able to transition independently of each other. RSTP uses these definitions for port roles. 3-36 Building Cisco Multilayer Switched Networks (BCMSN) v3.0 2006 Cisco Systems, Inc. The root port is the switch port on every nonroot bridge that is the chosen path to the root bridge. There can be only one root port on every switch. The root port assumes the forwarding state...

Scalable design

Local VLANs are part of the Enterprise Composite Network Model (ECNM) design where VLANs that are used at the access layer should extend no further than their associated distribution switch. Traffic is routed from the local VLAN as it is passed from the distribution layer into the core. This design can mitigate Layer 2 troubleshooting issues that occur when a single VLAN traverses the switches throughout an enterprise campus network. Implementing the ECNM using local VLANs provides these...