LAN Switching first-step By Matthew J Castelli Publisher : Cisco Press Pub Date : July 08, 2004 ISBN : 1-58720-100-3 Pages : 408 Your first step into the world of LAN switching No LAN switching experience required Includes clear and easily understood explanations Makes learning easy Table of • Contents • Index Your first step to LAN switching begins here! Learn local-area network (LAN) key concepts and terminology Identify key issues involved with designing and managing a switched LAN Answer the question: do I need a hub, a bridge, or a switch? Welcome to the world of LAN switching! Network switches work by connecting network paths together and making intelligent decisions about moving traffic in a network By keeping track of changes in the network, switches reduce congestion and improve speed No LAN switching experience needed! >LAN Switching First-Step> explains the basics of LAN switching in easy-to-grasp language that all of us can understand This book takes you on a guided tour of the key concepts behind how bridges and switches work Whether you are looking to take your first step into a career in networking or are interested in just gaining a conversational knowledge of the technology, this book is for you! LAN Switching first-step By Matthew J Castelli Publisher : Cisco Press Pub Date : July 08, 2004 Table of ISBN : 1-58720-100-3 • Contents Pages : 408 • Index Copyright About the Author About the Technical Reviewers Acknowledgments Icons Used in This Book Command Syntax Conventions Introduction Audience How the Book Is Organized How the Book Can Be Used Feedback The Twelve Networking Truths Chapter 1 Networking Basics What Is a Network? Logical Networks Types of Networks Chapter Summary Data Transmission Modes Network Standards and Models Chapter Review Questions Chapter 2 Network Models and Standards OSI Model Moving Through the OSI Model Hierarchical Design Model Chapter Summary Network Standards Chapter Review Questions Chapter 3 Local-Area Networking Introduction Comparing LANs to WANs OSI Model (As It Applies to LANs and the Interrelation Between Layers) Chapter Summary Chapter Review Questions Chapter 4 Traditional LAN Architecture Components of a LAN LAN Topologies Chapter Summary Local-Area Networks (LANs) Chapter Review Questions Chapter 5 Ethernet LANs Media Access Control (MAC) Addressing Carrier Sense Multiple Access with Collision Detect (CSMA/CD) Ethernet LAN Equipment Chapter Summary Chapter Review Questions Chapter 6 How a Switch Works Frames Revisited Transmission Methods Layer 2 Switching Methods Frame Size Chapter Summary Chapter Review Questions Chapter 7 Spanning Tree Protocol (STP) Root Bridge or Switch Port Spanning Tree Protocol Configuration Chapter Summary Chapter Review Questions Chapter 8 Virtual LANs (VLANs) VLAN Overview VLAN Topology VLAN Trunking Protocol (VTP) VLAN Operation Chapter Summary Chapter Review Questions Chapter 9 Switching Security Network Security Basic Rules Port Security Virtual LANs VLAN-Based Network Attacks Chapter Summary Chapter Review Questions Chapter 10 LAN Switched Network Design Local-Area Network (LAN) Segments Switched Network Components Hierarchical Topology Benefits of a Layer 2 Switch in a Network VLAN Design Considerations Switched LAN Network Design Principles Flat Network Topology Switched LAN Network Designs Benefits of a Layer 3 Router in a Network General Network Design Principles Chapter Summary Chapter Review Questions Chapter 11 Switch Network Management Network Management Model Protocols Chapter Summary Switch Port Analyzer (SPAN) Chapter Review Questions Chapter 12 Switching Case Studies Hub-Based Networks Bridge-Based Networks Small Switch-Based Networks VLANs Medium and Large Switch-Based Networks Chapter Summary Chapter Review Questions Appendix A Answers to Chapter Review Questions Chapter 1 Chapter 2 Chapter 4 Chapter 6 Chapter 3 Chapter 5 Chapter 7 Chapter 8 Chapter 9 Chapter 11 Chapter 10 Chapter 12 Glossary Index Copyright Copyright© 2005 Cisco Systems, Inc Cisco Press logo is a trademark of Cisco Systems, Inc Published by: Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA All rights reserved No part of this book may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the publisher, except for the inclusion of brief quotations in a review Printed in the United States of America 1 2 3 4 5 6 7 8 9 0 First Printing June 2004 Library of Congress Cataloging-in-Publication Number: 2003107983 Warning and Disclaimer This book is designed to provide information about local-area network (LAN) switching Every effort has been made to make this book as complete and as accurate as possible, but no warranty or fitness is implied The information is provided on an "as is" basis The authors, Cisco Press, and Cisco Systems, Inc shall have neither liability nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this book or from the use of the discs or programs that may accompany it The opinions expressed in this book belong to the author and are not necessarily those of Cisco Systems, Inc Credits Publisher John Wait Editor-in-Chief John Kane Executive Editor Brett Bartow Cisco Representative Anthony Wolfenden Cisco Press Program Manager Nannette M Noble Production Manager Patrick Kanouse Development Editor Dayna Isley Project Editor San Dee Phillips Copy Editor Karen A Gill Technical Editors Blair Buchanan, Ron Kovac, Scott Van de Houten, Paul Negron Team Coordinator Tammi Barnett Book and Cover Designer Louisa Adair Compositor Mark Shirar Indexer Tim Wright Trademark Acknowledgments All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized Cisco Press or Cisco Systems, Inc cannot attest to the accuracy of this information Use of a term in this book should not be regarded as affecting the validity of any trademark or service mark Corporate and Government Sales Cisco Press offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales For more information please contact: U.S Corporate and Government Sales 1-800-382-3419 corpsales@pearsontechgroup.com For sales outside the U.S please contact: International Sales international@pearsoned.com Feedback Information At Cisco Press, our goal is to create in-depth technical books of the highest quality and value Each book is crafted with care and precision, undergoing rigorous development that involves the unique expertise of members from the professional technical community Readers' feedback is a natural continuation of this process If you have any comments regarding how we could improve the quality of this book, or otherwise alter it to better suit your needs, you can contact us through email at feedback@ciscopress.com Please make sure to include the book title and ISBN in your message We greatly appreciate your assistance Corporate Headquarters Cisco Systems, Inc 170 West Tasman Drive San Jose, CA 95134-1706 USA www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 526-4100 European Headquarters Cisco Systems International BV Haarlerbergpark Haarlerbergweg 13-19 1101 CH Amsterdam The Netherlands www-europe.cisco.com Tel: 31 0 20 357 1000 Fax: 31 0 20 357 1100 Americas Headquarters Cisco Systems, Inc 170 West Tasman Drive San Jose, CA 95134-1706 USA www.cisco.com Tel: 408 526-7660 Fax: 408 527-0883 Asia Pacific Headquarters Cisco Systems, Inc Capital Tower 168 Robinson Road #22-01 to #29-01 Singapore 068912 www.cisco.com Tel: +65 6317 7777 Fax: +65 6317 7799 Cisco Systems has more than 200 offices in the following countries and regions Addresses, phone numbers, and fax LAN traffic benefits Layer 3 switches loops MAC addresses total supply MAC flooding attack MAC tables MAUs (versus) media dependence 2nd multilayer switching multiswitch LANs network contention network latency network layer identifying host locations versus routers network segmentation nonblocking service operation 2nd 3rd port costs 2nd port numbers (multiples of two) port security enabled on port states potential vulnerability (to attack) preferable for high bndwidth rqrmnts protocols QoS QoS capability reading addresses Layer 2 vs Layer 3 recomputing network topology removing loops replacing in a large network RMON groups Cisco supported root ports root switch routers (versus) scalability scaling network growth security 2nd Layer 3 interfaces segmenting segmenting networks shared-media networks single-switch LANs star topology store-and-forward method store-and-forward switches 2nd STP bridge priority values subnetting 2nd table lookups vendors favoring over hubs VLAN communication VLAN interoperability VLANs management ports VTP management domains VTP modes wire-speed switches working like transparent bridges switching campus LAN benefits 2nd case studies bridge-based networks 2nd 3rd hub-based networks 2nd 3rd 4th 5th med/lrg swtch-bsed ntwrks 2nd small switch-based networks 2nd 3rd VLANs 2nd CRC data link layer 2nd data-link addresses distrbtd routing/switching routing distribution layer considrtns flat ntwrk tplgy Layer 2 2nd forwarding decisions 2nd fragmenting frames/packets hierarchcl tplgy Layer 3 2nd Layer 2 methods 2nd 3rd 4th 5th 6th cut-through 2nd 3rd fragment-free 2nd str-n-frwd 2nd 3rd Layer 3 methods 2nd 3rd 4th Layer 3 switching/routing lrg swtchd/minimal routing 2nd mixed-media LANs multilayer switching multiport bridges network layer 2nd packet switching 2nd ARP mapping 2nd 3rd routing table lookup 2nd 3rd 4th scalable switching 2nd security store-and-forward multilayer translation functions transparent switching trunk links versus routing Synchronous Optical Network [See SONET] [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] T1 lines RJ connectors TACACS+ () Telecomm In Ass [See TIA] throughput performance mgt TIA () Token Ring Ethernet (versus) 2nd interfaces inventor 2nd logical topology nodes packet switching physical topology reading Layer 2 addresses ring topology RJ connectors RMON groups transfer rates UTP valid frame sizes Token Ring group (RMON) tokens 2nd 3rd topologies [See network topologies] topology (defined) traffic filtering traffic flow [See data flow] trailers (frames) 2nd 3rd functions transceiver (defined) transfer rates Ethernet 2nd 3rd FDDI Token Ring transmission media transmission methods 2nd broadcast 2nd multicast 2nd unicast 2nd transmission modes full-duplex 2nd half-duplex simplex transmitters transparent bridges switches transparent mode (VTP) transparent switching transport layer (OSI) segments TRAP messages (SNMP) traps fault management tree topology 2nd 3rd bridg n switc intrconectin Trmnl Accss Cntrllr Accss Cntrl Pls [See TACACS+] troubleshooting network analyzers network management trunk links versus access links VLAN tagging trunk ports port security twisted-pair cable 2nd 3rd STP UDP [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] unicast (transmission method) 2nd unshielded twisted-pair 2nd [See UTP] [See UTP] user segments (Ethernet) user sets security utilization [See network utilization] UTP () 2nd EMI RFI transmission rates [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] vendor-assigned addresses MAC address component virtual circuits virtual LANs [See VLANs] VLAN 1 VTP pruning VLAN identification numbers VLAN tagging 2nd 3rd IEEE 802.1q ISL VLAN trunking security VLAN Trunking Protocol 2nd [See VTP] VLANs broadcast control campus networks case study 2nd 3rd communicating with other VLANs differentiating between VLANs logical hierarchy network management performance port-based VLANs protocol-based VLANs routing inter-VLAN traffic security private VLANs segment-based VLANs segmenting segmenting user communities server farms switches management ports virtual-subnet VLANs VLANs () 2nd 80/20 rule address-based VLANs 2nd 3rd advantages of using advantages of VTP assigning end nodes assigning network devices benefits broadcast domains design considerations 2nd designated switches Ethernet extending 2nd identification numbers IEEE 802.1q implementing 2nd infrastructure inter-VLAN communication 2nd Layer 3-based VLANs limiting node numbers membership 2nd 3rd 4th network attacks 2nd ARP attacks 2nd MAC flooding 2nd ntwrk attcks multcst b-f attcks prvt VLAN attcks 2nd rndm frame-stress atcks spnng-tr attcks operation 2nd 3rd 4th 5th 6th 7th 8th overview 2nd port-based VLANs 2nd replacing hubs with switches routers routers required routing mechanisms scalability security 2nd 3rd 4th 5th 6th 7th 8th 9th 10th management ports supporting STP switches tagging 2nd 3rd topology 2nd trunk links types of 2nd 3rd well-behaved VLANs VLANs (virtual LANs) Voice over IP [See VoIP] VoIP () voluntary standardization ANSI VTP () 2nd advantages of using advertisements exchanging VLAN information modes 2nd pruning 2nd security VTP management domains switches VTP pruning [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] wall plates/boxes 2nd WAN (wide-area network) (defined) WANs dark fiber versus LANs WANs () bridges versus routers connecting LANs requiring serial interfaces routers versus LANs 2nd WAPs () wave-division multiplexing [See WDM] wbp07Chapter4P111 wbp07Chapter4P113 wbp07Chapter4P98 WDM () ring topology websites ANSI IEEE ITU-T wide-area network [See WAN] wireless access point [See WAPs] wireless local-area networks [See WLANs] wireless networks 2nd 3rd media WLANs () 2nd security WAPs wp1020389 wp1020390 wp1020391 wp1029894 wp1029971 wp1029972 wp1041743 wp38987 wp38992 wp38994 wp38995 wp38998 wp39013 wp39024 wp39032 wp39045 wp39057 wp39060 wp39254 wp39270 wp39274 wp39291 wp39292 wp39298 wp39301 wp39302 wp39304 wp39707 wp39886 [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] Xerox xtocid242092 ... LAN Switching first- step By Matthew J Castelli Publisher : Cisco Press Pub Date : July 08, 2004 Table of ISBN : 1-58720-100-3 • Contents Pages : 408... ASIST, BPX, Catalyst, CCDA, CCDP, CCIE, CCNA, CCNP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, the Cisco IOS logo, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Empowering the Internet... Chapter Review Questions Chapter 8 Virtual LANs (VLANs) VLAN Overview VLAN Topology VLAN Trunking Protocol (VTP) VLAN Operation Chapter Summary Chapter Review Questions Chapter 9 Switching Security Network Security Basic Rules