© 1999, Cisco Systems, Inc. 6-1 Chapter 6 Catalyst Switch Operations.
-
Upload
juliana-gray -
Category
Documents
-
view
220 -
download
0
Transcript of © 1999, Cisco Systems, Inc. 6-1 Chapter 6 Catalyst Switch Operations.
© 1999, Cisco Systems, Inc. 6-1
Chapter 6
Catalyst Switch Operations
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-2
ObjectivesObjectives
Upon completion of this chapter, you will be able to perform the following tasks:
• Describe Layer 2 switching (bridging) operations
• Describe the Catalyst 1900 switch operations
• Describe the Catalyst 1900 switch default configuration
• Configure Catalyst 1900 switch
• Use show commands to verify Catalyst 1900 switch configuration and operations
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-3
• Address learning
• Forward/filter decision
• Loop avoidance
Three Switch Functions Three Switch Functions
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-4
How Switches Learn Host Locations
How Switches Learn Host Locations
• Initial MAC address table is empty
MAC address table
0260.8c01.1111
0260.8c01.2222
0260.8c01.3333
0260.8c01.4444
E0 E1
E2 E3
A B
C D
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-5
How Switches Learn Hosts Locations
How Switches Learn Hosts Locations
• Station A sends a frame to Station C
• Switch caches station A MAC address to port E0 by learning the source address of data frames
• The frame from station A to station C is flooded out to all ports except port E0 (unknown unicasts are flooded)
MAC address table
0260.8c01.1111
0260.8c01.2222
0260.8c01.3333
0260.8c01.4444
E0: 0260.8c01.1111
E0 E1
E2 E3DC
BA
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-6
How Switches Learn Host Locations
How Switches Learn Host Locations
• Station D sends a frame to station C
• Switch caches station D MAC address to port E3 by learning the source Address of data frames
• The frame from station D to station C is flooded out to all ports except port E3 (unknown unicasts are flooded)
MAC address table
0260.8c01.1111
0260.8c01.2222
0260.8c01.3333
0260.8c01.4444
E0: 0260.8c01.1111E3: 0260.8c01.4444
E0 E1
E2 E3 DC
A B
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-7
How Switches Filter FramesHow Switches Filter Frames
• Station A sends a frame to station C
• Destination is known, frame is not flooded
E0: 0260.8c01.1111
E2: 0260.8c01.2222E1: 0260.8c01.3333E3: 0260.8c01.4444
0260.8c01.1111
0260.8c01.2222
0260.8c01.3333
0260.8c01.4444
E0 E1
E2 E3
XXXX DC
A B
MAC address table
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-8
Broadcast and Multicast Frames
Broadcast and Multicast Frames
• Station D sends a broadcast or multicast frame
• Broadcast and multicast frames are flooded to all ports other than the originating port
0260.8c01.1111
0260.8c01.2222
0260.8c01.3333
0260.8c01.4444
E0 E1
E2 E3 DC
A B
E0: 0260.8c01.1111
E2: 0260.8c01.2222E1: 0260.8c01.3333E3: 0260.8c01.4444
MAC address table
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-9
Redundant Topology Redundant Topology
• Redundant topology eliminates single points of failure
• Redundant topology causes broadcast storms, multiple frame copies, and MAC address table instability problems
Segment 1
Segment 2
Server/host X Router Y
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-10
Broadcast StormsBroadcast Storms
Segment 1
Segment 2
Server/host X Router Y
Broadcast
Switch A Switch B
Host X sends a Broadcast
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-11
Broadcast StormsBroadcast Storms
Segment 1
Segment 2
Server/host X Router Y
Broadcast
Switch A Switch B
Host X sends a Broadcast
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-12
Broadcast StormsBroadcast Storms
Segment 1
Segment 2
Server/host X Router Y
Broadcast
Switches continue to propagate broadcast traffic over and over
Switch A Switch B
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-13
Multiple Frame CopiesMultiple Frame Copies
Segment 1
Segment 2
Server/host X Router Y Unicast
Switch A Switch B
• Host X sends an unicast frame to router Y• Router Y MAC address has not been learned by either
switch yet
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-14
Multiple Frame CopiesMultiple Frame Copies
Segment 1
Segment 2
Server/host X Router Y
Unicast
Switch A Switch B
• Host X sends an unicast frame to Router Y• Router Y MAC Address has not been learned by
either Switch yet• Router Y will receive two copies of the same frame
Unicast
Unicast
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-15
MAC Database InstabilityMAC Database Instability
Segment 1
Segment 2
Server/host X Router Y
Unicast Unicast
Switch A Switch B
• Host X sends an unicast frame to Router Y• Router Y MAC Address has not been learned by either
Switch yet• Switch A and B learn Host X MAC address on port 0
Port 0
Port 1
Port 0
Port 1
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-16
MAC Database InstabilityMAC Database Instability
Segment 1
Segment 2
Server/host X Router Y
Unicast Unicast
Switch A Switch B
• Host X sends an unicast frame to Router Y• Router Y MAC Address has not been learned by either Switch yet• Switch A and B learn Host X MAC address on port 0• Frame to Router Y is flooded• Switch A and B incorrectly learn Host X MAC address on port 1
Port 0
Port 1
Port 0
Port 1
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-17
• Complex topology can cause multiple loops to occur
• Layer 2 has no mechanism to stop the loop
Server/host
Workstations
Loop
Loop
Loop
Multiple Loop ProblemsMultiple Loop Problems
Broadcast
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-18
Solution: Spanning-Tree ProtocolSolution: Spanning-Tree Protocol
Provides a loop free redundant network topology by placing certain ports in the blocking state
Blockx
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-19
Spanning-Tree OperationsSpanning-Tree Operations
• One root bridge per network• One root port per nonroot bridge• One designated port per segment
x
Designated port (F) Root port (F)
Designated port (F) Nondesignated port (B)
Root bridge Nonroot bridgeSW X SW Y
100baseT
10baseT
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-20
Switch YDefault priority 32768 (8000 hex)MAC 0c0022222222
Switch XDefault priority 32768 (8000 hex) MAC 0c0011111111
Spanning-Tree Protocol Root Bridge Selection
Spanning-Tree Protocol Root Bridge Selection
BPDU
BPDU = Bridge protocol data unit (default = sent every 2 seconds)
Root bridge = Bridge with the lowest bridge IDBridge ID = Bridge priority + bridge MAC addressIn the example, which switch has the lowest bridge ID?
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-21
Switch YDefault priority 32768MAC 0c0022222222
Switch XDefault priority 32768 MAC 0c0011111111
Spanning-Tree Protocol Port States
Spanning-Tree Protocol Port States
Root bridge
x
Port 0
Port 1
Port 0
Port 1
100baseT
10baseT
Designated port (F) Root port (F)
Nondesignated port (B)Designated port (F)
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-22
Spanning-Tree Protocol Path Cost
Spanning-Tree Protocol Path Cost
Link Speed Cost (reratify IEEE spec) Cost (previous IEEE spec)----------------------------------------------------------------------------------------------------10 Gbps 2 11 Gbps 4 1100 Mbps 19 1010 Mbps 100 100
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-23
Switch YMAC 0c0022222222Default priority 32768
Switch XMAC 0c0011111111Default priority 32768
Port 0
Port 1
Port 0
Port 1
Switch ZMac 0c0011110000Default priority 32768
Port 0
Can you figure out:• What is the root bridge?• What are the designated, nondesignated, and root parts?• Which are the forwarding and blocking ports?
100baseT
100baseT
Spanning-Tree:Spanning-Tree:
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-24
Switch YMAC 0c0022222222Default priority 32768
Switch XMAC 0c0011111111Default priority 32768
Port 0
Port 1
Port 0
Port 1
Switch ZMac 0c0011110000Default priority 32768
Port 0
Can you figure out:• What is the root bridge?• What are the designated, nondesignated, and root parts?• Which are the forwarding and blocking ports?
100baseT
100baseT
Spanning-Tree:Spanning-Tree:
Designated port (F)
Root port (F)
Nondesignated port (BLK)Designated port (F)
Root port (F)
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-25
Blocking
Listening
Learning
Forwarding
Spanning-Tree Port StatesSpanning-Tree Port States
Spanning-tree transitions each port through several different state:
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-26
Spanning-Tree Recalculation Spanning-Tree Recalculation
Switch YMAC 0c0022222222Default priority 32768
Switch XMAC 0c0011111111Default priority 32768
Port 0
Port 1
Port 0
Port 1
10baseT
xx
100baseT
Root Bridge
Designated port Root port (F)
Nondesignated port (BLK)Designated port
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-27
Switch YMAC 0c0022222222Default priority 32768
Switch XMAC 0c0011111111Default priority 32768
Port 0
Port 1
Port 0
Port 1
10baseT
xx
100baseT
Root Bridge
Designated port Root port (F)
Nondesignated port (BLK)Designated portBPDUxx
MAXAGE
xx
Spanning-Tree Recalculation Spanning-Tree Recalculation
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-28
Key Issue: Time to Convergence
Key Issue: Time to Convergence
• Convergence occurs when all the switches and bridge ports have transitioned to either the forwarding or blocking state
• When network topology changes, switches and bridges must recompute the Spanning-Tree Protocol, which disrupts user traffic
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-29
Primarily software based
One spanning-tree instance per bridge
Usually up to 16 ports per bridge
Bridging
Primarily hardware based (ASIC)
Many spanning-tree instances per switch
More ports on a switch
LAN Switching
Bridging Compared to LAN Switching
Bridging Compared to LAN Switching
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-30
Transmitting Frames Through a Switch
Transmitting Frames Through a Switch
Cut-through
• Switch checks destination address and immediately begins forwarding frame
Frame
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-31
Transmitting Frames through a Switch
Transmitting Frames through a Switch
Store and forward
• Complete frame is received and checked before forwarding
Cut-through
• Switch checks destination address and immediately begins forwarding frame
Frame FrameFrame F
rame
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-32
Transmitting Frames through a Switch
Transmitting Frames through a Switch
Cut-through
• Switch checks destination address and immediately begins forwarding frame
Frame
Fragment free (modified cut-through)—Cat1900 Default
• Switch checks the first 64 bytes then immediately begins forwarding frame
Frame
Store and forward
• Complete frame is received and checked before forwarding
Frame
Fram
e
Frame
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-33
Duplex OverviewDuplex Overview
Half duplex (CSMA/CD)• Unidirectional data flow• Higher potential for collison• Hubs connectivity
Switch
Hub
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-34
Duplex OverviewDuplex Overview
Half duplex (CSMA/CD)• Unidirectional data flow• Higher potential for collison• Hubs connectivity
Switch
Hub
Full duplex • Point-to-point only• Attached to dedicated switched port• Requires full-duplex support on both ends• Collision free • Collision detect circuit disabled
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-35
Configuring the SwitchConfiguring the Switch
•Catalyst 1900–Menu driven interface
–Web-based VSM (Visual Switch Manager)
– IOS CLI (command-line interface)
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-36
Catalyst 1900 Default Configurations
Catalyst 1900 Default Configurations
• IP address: 0.0.0.0
• CDP: Enabled
• Switching mode: fragment free
• 100baseT port: Auto-negotiate duplex mode
• 10baseT port: Half duplex
• Spanning Tree: Enabled
• Console password: none
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-37
Ports on the Catalyst 1900Ports on the Catalyst 1900
Cat1912 Cat1924
10baseT ports
AUI port
100baseT uplink ports
e0/1 to e0/12 e0/1 to e0/24
e0/25 e0/25
fa0/26 (port A)fa0/27 (port B)
fa0/26 (port A)fa0/27 (port B)
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-38
Ports on the Catalyst 1900Ports on the Catalyst 1900
wg_sw_d#sh run
Building configuration...Current configuration:!!interface Ethernet 0/1!interface Ethernet 0/2
wg_sw_d#sh span
Port Ethernet 0/1 of VLAN1 is Forwarding Port path cost 100, Port priority 128 Designated root has priority 32768, address 0090.8673.3340 Designated bridge has priority 32768, address 0090.8673.3340 Designated port is Ethernet 0/1, path cost 0 Timers: message age 20, forward delay 15, hold 1
wg_sw_a#show vlan-membership
Port VLAN Membership Type Port VLAN Membership Type ------------------------------------------------------------------ 1 5 Static 13 1 Static 2 1 Static 14 1 Static 3 1 Static 15 1 Static
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-39
Configuring the SwitchConfiguring the Switch
• Configuration ModesGlobal configuration mode
wg_sw_a# conf term
wg_sw_a(config)#
Interface configuration mode
wg_sw_a(config)# interface e0/1
wg_sw_a(config-if)#
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-40
Configuring the Switch IP Address
Configuring the Switch IP Address
wg_sw_a(config)#
ip address {ip address} {mask}
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-41
wg_sw_a(config)#ip address 10.5.5.11 255.255.255.0
Configuring the Switch IP Address
Configuring the Switch IP Address
wg_sw_a(config)#
ip address {ip address} {mask}
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-42
wg_sw_a(config)#
ip default-gateway {ip address}
Configuring the Switch Default Gateway
Configuring the Switch Default Gateway
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-43
wg_sw_a(config)#ip default-gateway 10.5.5.3
wg_sw_a(config)#
ip default-gateway {ip address}
Configuring the Switch Default Gateway
Configuring the Switch Default Gateway
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-44
Showing the Switch IP AddressShowing the Switch IP Address
wg_sw_a#show ip IP address: 10.5.5.11Subnet mask: 255.255.255.0Default gateway: 10.5.5.3Management VLAN: 1Domain name: Name server 1: 0.0.0.0Name server 2: 0.0.0.0HTTP server: EnabledHTTP port: 80RIP: Enabledwg_sw_a#
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-45
Speed and Duplex OptionsSpeed and Duplex Options
wg_sw_a(config)#interface e0/1wg_sw_a(config-if)#
duplex {auto | full | full-flow-control | half}
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-46
Setting Duplex OptionsSetting Duplex Options
wg_sw_a(config-if)#duplex half
wg_sw_a(config)#interface e0/1wg_sw_a(config-if)#
duplex {auto | full | full-flow-control | half}
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-47
Showing Duplex OptionsShowing Duplex Options
wg_sw_a#sh interfaces
Ethernet 0/1 is EnabledHardware is Built-in 10Base-TAddress is 0090.8673.3341MTU 1500 bytes, BW 10000 Kbits802.1d STP State: Forwarding Forward Transitions: 1Port monitoring: DisabledUnknown unicast flooding: EnabledUnregistered multicast flooding: EnabledDescription:Duplex setting: Half duplexBack pressure: Disabled
Receive Statistics Transmit Statistics------------------------------------- -------------------------------------Total good frames 44841 Total frames 404502Total octets 4944550 Total octets 29591574Broadcast/multicast frames 31011 Broadcast/multicast frames 390913Broadcast/multicast octets 3865029 Broadcast/multicast octets 28478154Good frames forwarded 44832 Deferrals 0Frames filtered 9 Single collisions 0Runt frames 0 Multiple collisions 0No buffer discards 0 Excessive collisions 0 Queue full discards 0Errors: Errors: FCS errors 0 Late collisions 0 Alignment errors 0 Excessive deferrals 0 Giant frames 0 Jabber errors 0 Address violations 0 Other transmit errors 0
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-48
Duplex MismatchesDuplex Mismatches
• The manually set duplex parameter differs between connected ports
• The switch port is in autonegotiate and the attached port is set to full duplex with no auto-negotiation capability causing the switch port to be in half-duplex mode
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-49
wg_sw_a#show interfaces
Ethernet 0/1 is EnabledHardware is Built-in 10Base-TAddress is 0090.8673.3341MTU 1500 bytes, BW 10000 Kbits802.1d STP State: Forwarding Forward Transitions: 1Port monitoring: DisabledUnknown unicast flooding: EnabledUnregistered multicast flooding: EnabledDescription:Duplex setting: Half duplexBack pressure: Disabled
Receive Statistics Transmit Statistics------------------------------------- -------------------------------------Total good frames 44841 Total frames 404502Total octets 4944550 Total octets 29591574Broadcast/multicast frames 31011 Broadcast/multicast frames 390913Broadcast/multicast octets 3865029 Broadcast/multicast octets 28478154Good frames forwarded 44832 Deferrals 0Frames filtered 9 Single collisions 0Runt frames 0 Multiple collisions 0No buffer discards 0 Excessive collisions 0 Queue full discards 0Errors: Errors: FCS errors 0 Late collisions 0 Alignment errors 0 Excessive deferrals 0 Giant frames 0 Jabber errors 0 Address violations 0 Other transmit errors 0
FCS and Late Collision Errors
FCS and Late Collision Errors
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-50
Managing Mac Address TableManaging Mac Address Table
wg_sw_a#show mac-address-table
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-51
Managing Mac Address TableManaging Mac Address Table
wg_sw_a#sh mac-address-tableNumber of permanent addresses : 0Number of restricted static addresses : 0Number of dynamic addresses : 6
Address Dest Interface Type Source Interface List-------------------------------------------------------------------------------------------------00E0.1E5D.AE2F Ethernet 0/2 Dynamic All00D0.588F.B604 FastEthernet 0/26 Dynamic All00E0.1E5D.AE2B FastEthernet 0/26 Dynamic All0090.273B.87A4 FastEthernet 0/26 Dynamic All00D0.588F.B600 FastEthernet 0/26 Dynamic All00D0.5892.38C4 FastEthernet 0/27 Dynamic All
wg_sw_a#show mac-address-table
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-52
Setting Permanent MAC AddressSetting Permanent MAC Address
wg_sw_a(config)#
mac-address-table permanent {mac-address type module/port}
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-53
Setting Permanent MAC AddressSetting Permanent MAC Address
wg_sw_a(config)#
wg_sw_a(config)#mac-address-table permanent 2222.2222.2222 ethernet 0/3
mac-address-table permanent {mac-address type module/port}
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-54
Setting Permanent MAC AddressSetting Permanent MAC Address
wg_sw_a#sh mac-address-tableNumber of permanent addresses : 1Number of restricted static addresses : 0Number of dynamic addresses : 4
Address Dest Interface Type Source Interface List--------------------------------------------------------------------------------------------------------------00E0.1E5D.AE2F Ethernet 0/2 Dynamic All2222.2222.2222 Ethernet 0/3 Permanent All00D0.588F.B604 FastEthernet 0/26 Dynamic All00E0.1E5D.AE2B FastEthernet 0/26 Dynamic All00D0.5892.38C4 FastEthernet 0/27 Dynamic All
wg_sw_a(config)#
wg_sw_a(config)#mac-address-table permanent 2222.2222.2222 ethernet 0/3
mac-address-table permanent {mac-address type module/port}
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-55
Setting Restricted Static MAC Address
Setting Restricted Static MAC Address
wg_sw_a(config)#
mac-address-table restricted static {mac-address type module/port src-if-list}
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-56
Setting Restricted Static MAC Address
Setting Restricted Static MAC Address
wg_sw_a(config)#mac-address-table restricted static 1111.1111.1111 e0/4 e0/1
wg_sw_a(config)#
mac-address-table restricted static {mac-address type module/port src-if-list}
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-57
Setting Restricted Static MAC Address
Setting Restricted Static MAC Address
wg_sw_a#sh mac-address-tableNumber of permanent addresses : 1Number of restricted static addresses : 1Number of dynamic addresses : 4
Address Dest Interface Type Source Interface List-----------------------------------------------------------------------------------------------1111.1111.1111 Ethernet 0/4 Static Et0/100E0.1E5D.AE2F Ethernet 0/2 Dynamic All2222.2222.2222 Ethernet 0/3 Permanent All00D0.588F.B604 FastEthernet 0/26 Dynamic All00E0.1E5D.AE2B FastEthernet 0/26 Dynamic All00D0.5892.38C4 FastEthernet 0/27 Dynamic All
wg_sw_a(config)#mac-address-table restricted static 1111.1111.1111 e0/4 e0/1
wg_sw_a(config)#
mac-address-table restricted static {mac-address type module/port src-if-list}
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-58
Configuring Port SecurityConfiguring Port Security
wg_sw_a(config-if)#
• Configures an interface to be a secured port • Define a maximum number of mac addresses allowed in the
address table for this port• Count can be from 1 to 132• Default is 132
port secure [max-mac-count count]
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-59
Configuring Port SecurityConfiguring Port Security
wg_sw_a(config-if)#
• Configures an interface to be a secured port • Define a maximum number of mac addresses allowed in the
address table for this port• Count can be from 1 to 132• Default is 132
wg_sw_a(config)#interface e0/4wg_sw_a(config-if)#port secure max-mac-count 1
port secure [max-mac-count count]
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-60
Configuring Port SecurityConfiguring Port Security
wg_sw_a#show mac-address-table security
wg_sw_a#show mac-address-table securityAction upon address violation : Suspend
Interface Addressing Security Address Table Size------------------------------------------------------------------------------------Ethernet 0/1 Disabled N/AEthernet 0/2 Disabled N/AEthernet 0/3 Disabled N/AEthernet 0/4 Enabled 1Ethernet 0/5 Disabled N/AEthernet 0/6 Disabled N/AEthernet 0/7 Disabled N/AEthernet 0/8 Disabled N/AEthernet 0/9 Disabled N/AEthernet 0/10 Disabled N/AEthernet 0/11 Disabled N/AEthernet 0/12 Disabled N/A
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-61
Configuring Port SecurityConfiguring Port Security
wg_sw_a#show mac-address-table security
wg_sw_a(config)#address-violation {suspend | disable | ignore}
wg_sw_a#show mac-address-table securityAction upon address violation : Suspend
Interface Addressing Security Address Table Size------------------------------------------------------------------------------------Ethernet 0/1 Disabled N/AEthernet 0/2 Disabled N/AEthernet 0/3 Disabled N/AEthernet 0/4 Enabled 1Ethernet 0/5 Disabled N/AEthernet 0/6 Disabled N/AEthernet 0/7 Disabled N/AEthernet 0/8 Disabled N/AEthernet 0/9 Disabled N/AEthernet 0/10 Disabled N/AEthernet 0/11 Disabled N/AEthernet 0/12 Disabled N/A
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-62
wg_sw_a#show version
Cisco Catalyst 1900/2820 Enterprise Edition SoftwareVersion V8.01.01Copyright (c) Cisco Systems, Inc. 1993-1998ROM: System Bootstrap, Version 3.03wg_sw_d uptime is 8day(s) 17hour(s) 53minute(s) 25second(s)cisco Catalyst 1900 (486sxl) processor with 2048K/1024K bytes of memoryHardware board revision is 1Upgrade Status: No upgrade currently in progress.Config File Status: File wgswd.cfg downloaded from 10.1.1.127 Fixed Ethernet/IEEE 802.3 interface(s)Base Ethernet Address: 00-90-86-73-33-40wg_sw_a#
Show VersionShow Version
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-63
Managing Configuration FileManaging Configuration File
copy nvram tftp://host/dst_filewg_sw_a#
To send the configuration to a TFTP server:
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-64
Managing Configuration FileManaging Configuration File
copy tftp://host/src_file nvram
copy nvram tftp://host/dst_filewg_sw_a#
To send the configuration to a TFTP server:
wg_sw_a#
To download the configuration from a TFTP server:
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-65
copy tftp://host/src_file nvram
wg_sw_a#copy nvram tftp://10.1.1.1/wgswd.cfgConfiguration upload is successfully completed
wg_sw_a#copy tftp://10.1.1.1/wgswd.cfg nvramTFTP successfully downloaded configuration file
copy nvram tftp://host/dst_filewg_sw_a#
wg_sw_a#
Managing Configuration FileManaging Configuration File
To send the configuration to a TFTP server:
To download the configuration from a TFTP server:
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-66
Clear NVRAM Clear NVRAM
wg_sw_d#delete nvram
Resets the system configuration to factory defaults.
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-67
Visual ObjectiveVisual Objective
core_ server(tftp server)
10.1.1.1
wg_sw_a10.1.1.10
wg_sw_l10.1.1.120
wg_pc_a
wg_pc_l
...
e0/1
e0/1fa0/26(port A)
fa0/1 fa0/12
fa0/24
core_sw_a10.1.1.2
pod sw ro’s e0A 10.1.1.10 10.1.1.11B 10.1.1.20 10.1.1.21 C 10.1.1.30 10.1.1.31D 10.1.1.40 10.1.1.41E 10.1.1.50 10.1.1.51F 10.1.1.60 10.1.1.61G 10.1.1.70 10.1.1.71H 10.1.1.80 10.1.1.81I 10.1.1.90 10.1.1.91J 10.1.1.100 10.1.1.101K 10.1.1.110 10.1.1.111L 10.1.1.120 10.1.1.121
wg_ro_a10.1.1.11
wg_ro_l10.1.1.121
fa0/26(port A) e0/2
e0/2
e0
e0
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-68
SummarySummary
After completing this chapter, you should be able to perform the following tasks:• Describe Layer 2 switching (bridging) operations
• Describe the Catalyst 1900 switch operations
• Describe the Catalyst 1900 switch’s default configuration
• Configure Catalyst 1900 switch
• Use show commands to verify Catalyst 1900 switch configuration and operations
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-69
Review QuestionsReview Questions
1. What function does Spanning-Tree Protocol provide?
2. What are the different spanning-tree port states?
3. Describe the difference between full-duplex and half-duplex operations. What is the default duplex setting on the Catalyst 1900 10Mbps port and 100Mbps port?
4. What is the default switching mode on the Catalyst 1900?
© 1999, Cisco Systems, Inc. www.cisco.com ICND—6-70
Review QuestionsReview Questions
5. What is the Catalyst 1900 CLI command to assign an IP address to the switch? Why does a Layer 2 switch require an IP address?
6. Which type of MAC address does not age, permanent or dynamic?
7. What is the Dynamic 1900 CLI command to display the contents of the MAC address table?