:: C I S C O ::
MODULE 1
A network administrator must anticipate and manage the physical growth of a network, perhaps by buying or leasing another floor of the building to house new networking equipment such as racks, patch panels, switches, and routers. The network designer must choose an addressing scheme that allows for growth. Variable-Length Subnet Masking (VLSM) is a technique that allows for the creation of efficient, scalable addressing schemes.
With the phenomenal growth of the Internet and TCP/IP, virtually every enterprise must now implement an IP addressing scheme. Many organizations select TCP/IP as the only routed protocol to run on their network. Unfortunately, the architects of TCP/IP could not have predicted that their protocol would eventually sustain a global network of information, commerce, and entertainment.
Twenty years ago, IP version 4 (IPv4) offered an addressing strategy that, although scalable for a time, resulted in an inefficient allocation of addresses. IP version 6 (IPv6), with virtually unlimited address space, is slowly being implemented in select networks and may replace IPv4 as the dominant protocol of the Internet. Over the past two decades, engineers have successfully modified IPv4 so that it can survive the exponential growth of the Internet. VLSM is one of the modifications that has helped to bridge the gap between IPv4 and IPv6.
Networks must be scalable in order to meet the changing needs of users. When a network is scalable it is able to grow in a logical, efficient, and cost-effective way. The routing protocol used in a network does much to determine the scalability of the network. Therefore, it is important that the routing protocol be chosen wisely. Routing Information Protocol (RIP) is still considered suitable for small networks, but is not scalable to large networks because of inherent limitations. To overcome these limitations yet maintain the simplicity of RIP version 1 (RIP v1), RIP version 2 (RIP v2) was developed.
1.1
VLSM
1.1.1
What is VLSM and why is it used?
As IP subnets have grown, administrators have looked for ways to use their address
space more efficiently. One technique is called Variable-Length Subnet Masks
(VLSM). With VLSM, a network administrator can use a long mask on networks with
few hosts, and a short mask on subnets with many hosts.
In order to use VLSM, a network administrator must use a routing protocol that supports it. Cisco routers support VLSM with Open Shortest Path First (OSPF), Integrated Intermediate System to Intermediate System (Integrated IS-IS), Enhanced Interior Gateway Routing Protocol (EIGRP), RIP v2, and static routing.
VLSM allows an organization to use more than one subnet mask within the same network address space. Implementing VLSM is often referred to as "subnetting a subnet", and can be used to maximize addressing efficiency.
Classful routing protocols require that a single network use the same subnet mask. Therefore, network 192.168.187.0 must use just one subnet mask such as 255.255.255.0.
VLSM is simply a feature that allows a single autonomous system to have networks with different subnet masks. If a routing protocol allows VLSM, use a 30-bit subnet mask on network connections, 255.255.255.252, a 24-bit mask for user networks, 255.255.255.0, or even a 22-bit mask, 255.255.252.0, for networks with up to 1000 users.
1.1.2
A waste of space
In the past, it has been recommended that the first and last subnet not be used.
Use of the first subnet, known as subnet zero, for host addressing was discouraged
because of the confusion that can occur when a network and a subnet have the
same addresses. The same was true with the use of the last subnet, known as
the all-ones subnet. It has always been true that these subnets could be used.
However, it was not a recommended practice. As networking technologies have
evolved, and IP address depletion has become of real concern, it has become
acceptable practice to use the first and last subnets in a subnetted network
in conjunction with VLSM.
In this network, the network management team has decided to borrow three bits from the host portion of the Class C address that has been selected for this addressing scheme.
If management decides to use subnet zero, it has eight useable subnets. Each may support 30 hosts. If the management decides to use the no ip subnet-zero command, it has seven usable subnets with 30 hosts in each subnet. From Cisco IOS version 12.0, remember that Cisco routers use subnet zero by default. Therefore Sydney, Brisbane, Perth, and Melbourne remote offices may each have 30 hosts. The team realizes that it has to address the three point-to-point WAN links between Sydney, Brisbane, Perth, and Melbourne. If the team uses the three remaining subnets for the WAN links, it will have used all of the available addresses and have no room for growth. The team will also have wasted the 28 host addresses from each subnet to simply address three point-to-point networks. Using this addressing scheme one third of the potential address space will have been wasted.
Such an addressing scheme is fine for a small LAN. However, this addressing scheme is extremely wasteful if using point-to-point connections.
1.1.3
When to use VLSM?
It is important to design an addressing scheme that allows for growth and does
not involve wasting addresses. This section examines how VLSM can be used to
prevent waste of addresses on point-to-point links.
This time the networking team decided to avoid their wasteful use of the /27 mask on the point-to-point links. The team decided to apply VLSM to the addressing problem.
To apply VLSM to the addressing problem, the team will break the Class C address into subnets of variable sizes. Large subnets are created for addressing LANs. Very small subnets are created for WAN links and other special cases. A 30-bit mask is used to create subnets with only two valid host addresses. In this case this is the best solution for the point-to-point connections. The team will take one of the three subnets they had previously decided to assign to the WAN links, and subnet it again with a 30-bit mask.
In the example, the team has taken one of the last three subnets, subnet 6, and subnetted it again. This time the team uses a 30-bit mask. Figures and illustrate that after using VLSM, the team has eight ranges of addresses to be used for the point-to-point links.
1.1.4
Calculating subnets with VLSM
VLSM helps to manage IP addresses. VLSM allows for the setting of a subnet mask
that suits the link or the segment requirements. A subnet mask should satisfy
the requirements of a LAN with one subnet mask and the requirements of a point-to-point
WAN with another.
Look at the example in Figure which illustrates how to calculate subnets with VLSM.
The example contains a Class B address of 172.16.0.0 and two LANs that require at least 250 hosts each. If the routers are using a classful routing protocol the WAN link would need to be a subnet of the same Class B network, assuming that the administrator is not using IP unnumbered. Classful routing protocols such as RIP v1, IGRP, and EGP are not capable of supporting VLSM. Without VLSM, the WAN link would have to have the same subnet mask as the LAN segments. A 24-bit mask (255.255.255.0) would support 250 hosts.
The WAN link only needs two addresses, one for each router. Therefore there would be 252 addresses wasted.
If VLSM were used in this example, a 24-bit mask would still work on the LAN segments for the 250 hosts. A 30-bit mask could be used for the WAN link because only two host addresses are needed.
In Figure the subnet addresses used are those generated from subdividing the 172.16.32.0/20 subnet into multiple /26 subnets. The figure illustrates where the subnet addresses can be applied, depending on the number of host requirements. For example, the WAN links use subnet addresses with a prefix of /30. This prefix allows for only two hosts, just enough hosts for a point-to-point connection between a pair of routers.
To calculate the subnet addresses used on the WAN links, further subnet one of the unused /26 subnets. In this example, 172.16.33.0/26 is further subnetted with a prefix of /30. This provides four more subnet bits and therefore 16 (24) subnets for the WANs. Figure illustrates how to work through a VLSM masking system.
VLSM allows the subnetting of an already subnetted address. For example, consider the subnet address 172.16.32.0/20 and a network needing ten host addresses. With this subnet address, there are over 4000 (212 – 2 = 4094) host addresses, most of which will be wasted. With VLSM it is possible to further subnet the address 172.16.32.0/20 to give more network addresses and fewer hosts per network. For example, by subnetting 172.16.32.0/20 to 172.16.32.0/26, there is a gain of 64 (26) subnets, each of which could support 62 (26 – 2) hosts.
Use this procedure to further subnet 172.16.32.0/20 to 172.16.32.0/26:
Step 1
Write 172.16.32.0 in binary form.
Step 2
Draw a vertical line between the 20th and 21st bits, as shown in Figure . /20
was the original subnet boundary.
Step 3
Draw a vertical line between the 26th and 27th bits, as shown in Figure . The
original /20 subnet boundary is extended six bits to the right, becoming /26.
Step 4
Calculate the 64 subnet addresses using the bits between the two vertical lines,
from lowest to highest in value. The figure shows the first five subnets available.
It is important to remember that only unused subnets can be further subnetted. If any address from a subnet is used, that subnet cannot be further subnetted. In the example, four subnet numbers are used on the LANs. Another unused subnet, 172.16.33.0/26, is further subnetted for use on the WANs.
1.1.5
Route aggregation with VLSM
When using VLSM, try to keep the subnetwork numbers grouped together in the
network to allow for aggregation. This means keeping networks like 172.16.14.0
and 172.16.15.0 near one another so that the routers need only carry a route
for 172.16.14.0/23.
The use of Classless InterDomain Routing (CIDR) and VLSM not only prevents address waste, but also promotes route aggregation, or summarization. Without route summarization, Internet backbone routing would likely have collapsed sometime before 1997.
Figure illustrates how route summarization reduces the burden on upstream routers. This complex hierarchy of variable-sized networks and subnetworks is summarized at various points, using a prefix address, until the entire network is advertised as a single aggregate route, 200.199.48.0/22. Route summarization, or supernetting, is only possible if the routers of a network run a classless routing protocol, such as OSPF or EIGRP. Classless routing protocols carry a prefix that consists of 32-bit IP address and bit mask in the routing updates. In Figure , the summary route that eventually reaches the provider contains a 20-bit prefix common to all of the addresses in the organization, 200.199.48.0/22 or 11001000.11000111.0011. For summarization to work properly, carefully assign addresses in a hierarchical fashion so that summarized addresses will share the same high-order bits.
Remember the following rules:
A router must know in detail the subnet numbers attached to it.
A router does not need to tell other routers about each individual subnet if
the router can send one aggregate route for a set of routers.
A router using aggregate routes would have fewer entries in its routing table.
VLSM allows for the summarization of routes and increases flexibly by basing the summarization entirely on the higher-order bits shared on the left, even if the networks are not contiguous.
The graphic shows that the addresses, or routes, share each bit up to and including the 20th bit. These bits are colored red. The 21st bit is not the same for all the routes. Therefore the prefix for the summary route will be 20 bits long. This is used to calculate the network number of the summary route.
Figure shows that the addresses, or routes, share each bit up to and including the 21st bit. These bits are colored red. The 22nd bit is not the same for all the routes. Therefore the prefix for the summary route will be 21 bits long. This is used to calculate the network number of the summary route.
1.1.6
Configuring VLSM
If VLSM is the scheme chosen, it must then be calculated and configured correctly.
In this example allow for the following:
Network address: 192.168.10.0
The Perth router has to support 60 hosts. In this case, a minimum of six bits are needed in the host portion of the address. Six bits will yield 62 possible host addresses, 26 = 64 – 2 = 62, so the division was 192.168.10.0/26.
The Sydney and Singapore routers have to support 12 hosts each. In these cases, a minimum of four bits are needed in the host portion of the address. Four bits will yield 14 possible host addresses, 24 = 16 – 2 = 14, so the division is 192.168.10.96/28 for Sydney and 192.168.10.112/28 for Singapore.
The Kuala Lumpur router requires 28 hosts. In this case, a minimum of five bits are needed in the host portion of the address. Five bits will yield 30 possible host addresses, 25 = 32 – 2 = 30, so the division here is 192.168.10.64/27.
The following are the point-to-point connections:
Perth to Kuala Lumpur 192.168.10.128/30 – Since only two addresses are
required, a minimum of two bits are needed in the host portion of the address.
Two bits will yield two possible host addresses (22 = 4 – 2 = 2) so the
division here is 192.168.10.128/30.
Sydney to Kuala Lumpur 192.168.10.132/30 – Since only two addresses are
required, a minimum of two bits are needed in the host portion of the address.
Two bits will yield two possible host addresses (22 = 4 – 2 = 2) so the
division here is 192.168.10.132/30.
Singapore to Kuala Lumpur 192.168.10.136/30 – Since only two addresses
are required, a minimum of two bits are needed in the host portion of the address.
Two bits will yield two possible host addresses (22 = 4 – 2 = 2) so the
division here is 192.168.10.136/30.
There is sufficient host address space for two host endpoints on a point-to-point serial link. The example for Singapore to Kuala Lumpur is configured as follows:
Singapore(config)#interface serial 0
Singapore(config-if)#ip address 192.168.10.137 255.255.255.252
KualaLumpur(config)#interface serial 1
KualaLumpur(config-if)#ip address 192.168.10.138 255.255.255.252
1.2.1
RIP history
The Internet is a collection of autonomous systems (AS). Each AS is generally
administered by a single entity. Each AS will have its own routing technology,
which may differ from other autonomous systems. The routing protocol used within
an AS is referred to as an Interior Gateway Protocol (IGP). A separate protocol,
called an Exterior Gateway Protocol (EGP), is used to transfer routing information
between autonomous systems. RIP was designed to work as an IGP in a moderate-sized
AS. It is not intended for use in more complex environments.
RIP v1 is considered an interior gateway protocol that is classful. RIP v1 is a distance vector protocol that broadcasts its entire routing table to each neighbor router at predetermined intervals. The default interval is 30 seconds. RIP uses hop count as a metric, with 15 as the maximum number of hops.
If the router receives information about a network, and the receiving interface
belongs to the same network but is on a different subnet, the router applies
the one subnet mask that is configured on the receiving interface:
For Class A addresses, the default classful mask is 255.0.0.0.
For Class B addresses, the default classful mask is 255.255.0.0.
For Class C addresses, the default classful mask is 255.255.255.0.
RIP v1 is a popular routing protocol because virtually all IP routers support it. The popularity of RIP v1 is based on the simplicity and the universal compatibility it demonstrates. RIP v1 is capable of load balancing over as many as six equal-cost paths, with four paths as the default.
RIP v1 has the following limitations:
It does not send subnet mask information in its updates.
It sends updates as broadcasts on 255.255.255.255.
It does not support authentication.
It is not able to support VLSM or classless interdomain routing (CIDR).
1.2.2
RIP v2 features
RIP v2 is an improved version of RIP v1 and shares the following features:
It is a distance vector protocol that uses a hop count metric.
It uses holddown timers to prevent routing loops – default is 180 seconds.
It uses split horizon to prevent routing loops.
It uses 16 hops as a metric for infinite distance.
RIP v2 provides prefix routing, which allows it to send out subnet mask information with the route update. Therefore, RIP v2 supports the use of classless routing in which different subnets within the same network can use different subnet masks, as in VLSM.
RIP v2 provides for authentication in its updates. A set of keys can be used on an interface as an authentication check. RIP v2 allows for a choice of the type of authentication to be used in RIP v2 packets. The choice can be either clear text or Message-Digest 5 (MD5) encryption. Clear text is the default. MD5 can be used to authenticate the source of a routing update. MD5 is typically used to encrypt enable secret passwords and it has no known reversal.
RIP v2 multicasts routing updates using the Class D address 224.0.0.9, which provides for better efficiency.
1.2.3
Comparing RIP v1 and v2
RIP uses distance vector algorithms to determine the direction and distance
to any link in the internetwork. If there are multiple paths to a destination,
RIP selects the path with the least number of hops. However, because hop count
is the only routing metric used by RIP, it does not necessarily select the fastest
path to a destination.
RIP v1 allows routers to update their routing tables at programmable intervals. The default interval is 30 seconds. The continual sending of routing updates by RIP v1 means that network traffic builds up quickly. To prevent a packet from looping infinitely, RIP allows a maximum hop count of 15. If the destination network is more than 15 routers away, the network is considered unreachable and the packet is dropped. This situation creates a scalability issue when routing in large heterogeneous networks. RIP v1 uses split horizon to prevent loops. This means that RIP v1 advertises routes out an interface only if the routes were not learned from updates entering that interface. It uses holddown timers to prevent routing loops. Holddowns ignore any new information about a subnet indicating a poorer metric for a time equal to the holddown timer.
Figure summarizes the behavior of RIP v1 when used by a router.
RIP v2 is an improved version of RIP v1. It has many of the same features of RIP v1. RIP v2 is also a distance vector protocol that uses hop count, holddown timers, and split horizon. Figure compares and contrasts RIP v1 and RIP v2.
1.2.4
Configuring RIP v2
RIP v2 is a dynamic routing protocol that is configured by naming the routing
protocol RIP Version 2, and then assigning IP network numbers without specifying
subnet values. This section describes the basic commands used to configure RIP
v2 on a Cisco router.
To enable a dynamic routing protocol, the following tasks must be completed:
Select a routing protocol, such as RIP v2.
Assign the IP network numbers without specifying the subnet values.
Assign the network or subnet addresses and the appropriate subnet mask to the
interfaces.
RIP v2 uses multicasts to communicate with other routers. The routing metric helps the routers find the best path to each network or subnet.
The router command starts the routing process. The network command causes the
implementation of the following three functions:
The routing updates are multicast out an interface.
The routing updates are processed if they enter that same interface.
The subnet that is directly connected to that interface is advertised.
The network command is required because it allows the routing process to determine which interfaces will participate in the sending and receiving of routing updates. The network command starts up the routing protocol on all interfaces that the router has in the specified network. The network command also allows the router to advertise that network.
The router rip version 2 command specifies RIP v2 as the routing protocol, while the network command identifies a participating attached network.
In this example, the configuration of Router A includes the following:
router rip version 2 – Selects RIP v2 as the routing protocol.
network 172.16.0.0 – Specifies a directly connected network.
network 10.0.0.0 – Specifies a directly connected network.
The interfaces on Router A connected to networks 172.16.0.0 and 10.0.0.0, or their subnets, will send and receive RIP v2 updates. These routing updates allow the router to learn the network topology. Routers B and C have similar RIP configurations but with different network numbers specified.
1.2.5
Verifying RIP v2
The show ip protocols and show ip route commands display information about routing
protocols and the routing table. This section describes how to use show commands
to verify the RIP configuration.
The show ip protocols command displays values about routing protocols and routing protocol timer information associated with the router. In the example, the router is configured with RIP and sends updated routing table information every 30 seconds. This interval is configurable. If a router running RIP does not receive an update from another router for 180 seconds or more, the first router marks the routes served by the non-updating router as being invalid. In Figure , the holddown timer is set to 180 seconds. Therefore, an update to a route that was down and is now up could stay in the holddown state until the full 180 seconds have passed.
If there is still no update after 240 seconds the router removes the routing table entries. In the figure, it has been 18 seconds since Router A received an update from Router B. The router is injecting routes for the networks listed following the Routing for Networks line. The router is receiving routes from the neighboring RIP routers listed following the Routing Information Sources line. The distance default of 120 refers to the administrative distance for a RIP route.
The show ip interface brief command can also be used to list a summary of the information and status of an interface.
The show ip route command displays the contents of the IP routing table. The routing table contains entries for all known networks and subnetworks, and contains a code that indicates how that information was learned. The output of key fields from this command and their function is explained in the table.
Examine the output to see if the routing table is populated with routing information. If entries are missing, routing information is not being exchanged. Use the show running-config or show ip protocols privileged EXEC commands on the router to check for a possible misconfigured routing protocol.
1.2.6
Troubleshooting RIP v2
This section explains the use of the debug ip rip command.
Use the debug ip rip command to display RIP routing updates as they are sent and received. The no debug all or undebug all commands will turn off all debugging.
The example shows that the router being debugged has received updates from one router at source address 10.1.1.2. The router at source address 10.1.1.2 sent information about two destinations in the routing table update. The router being debugged also sent updates, in both cases to broadcast address 255.255.255.255 as the destination. The number in parentheses is the source address encapsulated into the IP header.
Other outputs sometimes seen from the debug ip rip command includes entries such as the following:
RIP: broadcasting general request on Ethernet0
RIP: broadcasting general request on Ethernet1
These outputs appear at startup or when an event occurs such as an interface transition or a user manually clears the routing table.
An entry, such as the following, is most likely caused by a malformed packet from the transmitter:
RIP: bad version 128 from 160.89.80.43
1.2.7
Default routes
By default, routers learn paths to destinations three different ways:
Static routes – The system administrator manually defines the static routes
as the next hop to a destination. Static routes are useful for security and
traffic reduction, as no other route is known.
Default routes – The system administrator also manually defines default
routes as the path to take when there is no known route to the destination.
Default routes keep routing tables shorter. When an entry for a destination
network does not exist in a routing table, the packet is sent to the default
network.
Dynamic routes – Dynamic routing means that the router learns of paths
to destinations by receiving periodic updates from other routers.
In Figure , the default route is indicated by the following command:
Router(config)#ip route 172.16.1.0 255.255.255.0 172.16.2.1
The ip default-network command establishes a default route in networks using dynamic routing protocols:
Router(config)#ip default-network 192.168.20.0
Generally after the routing table has been set to handle all the networks that must be configured, it is often useful to ensure that all other packets go to a specific location. One example is a router that connects to the Internet. This is called the default route for the router. All the packets that are not defined in the routing table will go to the nominated interface of the default router.
The ip default-network command is usually configured on the routers that connect to a router with a static default route.
In Figure , Hong Kong 2 and Hong Kong 3 would use Hong Kong 4 as the default gateway. Hong Kong 4 would use interface 192.168.19.2 as its default gateway. Hong Kong 1 would route packets to the Internet for all internal hosts. To allow Hong Kong 1 to route these packets it is necessary to configure a default route as:
HongKong1(config)#ip route 0.0.0.0 0.0.0.0 192.168.20.1
The zeros represent any destination network with any mask. Default routes are referred to as quad zero routes. In the diagram, the only way Hong Kong 1 can go to the Internet is through the interface 192.168.20.1.
MODULE 2
The two main classes of interior gateway routing protocols (IGP) are distance vector and link-state. Both types of routing protocols are concerned with finding routes through autonomous systems. Distance vector and link-state routing protocols use different methods to accomplish the same tasks.
Link-state routing algorithms, also known as shortest path first (SPF) algorithms, maintain a complex database of topology information. A link-state routing algorithm maintains full knowledge of distant routers and how they interconnect. In contrast, distance vector algorithms provide nonspecific information about distant networks and no knowledge of distant routers.
Understanding the operation of link-state routing protocols is critical in understanding how to enable, verify, and troubleshoot their operation. This module explains how link-state routing protocols work, outlines their features, describes the algorithm they use, and points out the advantages and disadvantages of link-state routing.
Early routing protocols like RIP were all distance vector protocols. Many of the important protocols in use today are also distance vector protocols, including RIP v2, IGRP, and EIGRP. However, as networks grew in size and complexity, some of the limitations of distance vector routing protocols became apparent. Routers in a network using a distance vector scheme could only guess at the network topology based on the full routing tables received from neighboring routers. Bandwidth usage is high because of periodic exchange of routing updates, and network convergence is slow resulting in poor routing decisions.
Link-state routing protocols differ from distance vector protocols. Link-state protocols flood routing information allowing every router to have a complete view of the network topology. Triggered updates allow efficient use of bandwidth and faster convergence. Changes in the state of a link are sent to all routers in the network as soon as the change occurs.
One of the most important link-state protocols is Open Shortest Path First (OSPF). OSPF is based on open standards, which means it can be developed and improved by multiple vendors. It is a complex protocol that is a challenge to implement in a large network. The basics of OSPF are covered in this module.
OSPF configuration on a Cisco router is similar to the configuration of other routing protocols. As with other routing protocols, the OSPF routing process must be enabled and networks must be identified that will be announced by OSPF. However, OSPF has a number of features and configuration procedures that are unique. These features make OSPF a powerful choice for a routing protocol and make OSPF configuration a very challenging process.
In complex large networks, OSPF can be configured to span many areas and several different area types. The ability to design and implement large OSPF networks begins with the ability to configure OSPF in a single area. This module also discusses the configuration of single area OSPF.
2.1
Link-State Routing Protocol
2.1.1
Overview of link-state routing
Link-state routing protocols perform in a very different way from distance vector
protocols. Understanding the difference between distance vector and link-state
protocols is vital for network administrators. One essential difference is that
distance vector protocols use a simpler method of exchanging routing information.
Figure outlines the characteristics of both distance vector and link-state routing
protocols.
Link-state routing algorithms maintain a complex database of topology information. While the distance vector algorithm has nonspecific information about distant networks and no knowledge of distant routers, a link-state routing algorithm maintains full knowledge of distant routers and how they interconnect.
2.1.2
Link-state routing protocol features
Link-state routing protocols collect routing information from all other routers
in the network or within a defined area of the network. Once all of the information
is collected, each router, independently of the other routers, calculates its
best paths to all destinations in the network. Because each router maintains
its own view of the network, it is less likely to propagate incorrect information
provided by any of its neighboring routers.
Link-state routing protocols perform the following functions:
Respond quickly to network changes
Send triggered updates only when a network change has occurred
Send periodic updates known as link-state refreshes
Use a hello mechanism to determine the reachability of neighbors
Each router keeps track of the state or condition of its directly connected neighbors by multicasting hello packets. Each router also keeps track of all the routers in its network or area of the network by using link-state advertisements (LSAs). The hello packets contain information about the networks that are attached to the router. In Figure , P4 knows about its neighbors, P1 and P3, on Perth3 network. The LSAs provide updates on the state of links that are interfaces on other routers in the network.
A router running a link-state protocol has the following features:
Uses the hello information and LSAs it receives from other routers to build
a database about the network
Uses the shortest path first (SPF) algorithm to calculate the shortest route
to each network
Stores this route information in its routing table
2.1.3
How routing information is maintained
Link-state routing uses the following features:
Link-state advertisements (LSAs)
A topological database
The shortest path first (SPF) algorithm
The resulting SPF tree
A routing table of paths and ports to each network to determine the best paths
for packets
Link-state routing protocols were designed to overcome the limitations of distance vector routing protocols. For example, distance vector protocols only exchange routing updates with immediate neighbors while link-state routing protocols exchange routing information across a much larger area.
When a failure occurs in the network, such as a neighbor becomes unreachable, link-state protocols flood LSAs using a special multicast address throughout an area. Each link-state router takes a copy of the LSA and updates its link-state, or topological database. The link-state router will then forward the LSA to all neighboring devices. LSAs cause every router within the area to recalculate routes. Because LSAs need to be flooded throughout an area, and all routers within that area need to recalculate their routing tables, the number of link-state routers that can be in an area should be limited.
A link is the same as an interface on a router. The state of the link is a description of an interface and the relationship to its neighboring routers. For example, a description of the interface would include the IP address of the interface, the subnet mask, the type of network to which it is connected, the routers connected to that network, and so on. The collection of link-states forms a link-state database, sometimes called a topological database. The link-state database is used to calculate the best paths through the network. Link-state routers find the best paths to destinations. Link-state routers do this by applying the Dijkstra shortest path first (SPF) algorithm against the link-state database to build the shortest path first tree, with the local router as the root. The best paths are then selected from the SPF tree and placed in the routing table.
2.1.4
Link-state routing algorithms
Link-state routing algorithms maintain a complex database of the network topology
by exchanging link-state advertisements (LSAs) with other routers in a network.
This section describes the link-state routing algorithm.
Link-state routing algorithms have the following characteristics:
They are known collectively as shortest path first (SPF) protocols.
They maintain a complex database of the network topology.
They are based on the Dijkstra algorithm.
Unlike distance vector protocols, link-state protocols develop and maintain full knowledge of the network routers as well as how they interconnect. This is achieved through the exchange of link-state advertisements (LSAs) with other routers in a network.
Each router that exchanges LSAs constructs a topological database using all received LSAs. An SPF algorithm is then used to compute reachability to networked destinations. This information is used to update the routing table. This process can discover changes in the network topology caused by component failure or network growth.
LSA exchange is triggered by an event in the network instead of periodic updates. This can greatly speed up the convergence process because there is no need to wait for a series of timers to expire before the networked routers can begin to converge.
If the network shown in Figure uses a link-state routing protocol, there would be no concern about connectivity between routers A and B. Depending on the actual protocol employed and the metrics selected, it is highly likely that the routing protocol could discriminate between the two paths to the same destination and try to use the best one.
Shown in Figure are the routing entries in the table for Router A, to Router D. In this example, a link-state protocol would remember both routes. Some link-state protocols provide a way to assess the performance capabilities of the two routes and choose the best one. If the route through Router C was the more preferred path and experienced operational difficulties, such as congestion or component failure, the link-state routing protocol would detect this change and and begin forwarding packets through Router B.
2.1.5
Advantages and disadvantages of link-state routing
The following list contains many of the advantages that link-state routing protocols
have over the traditional distance vector algorithms, such as Routing Information
Protocol (RIP v1) or Interior Gateway Routing Protocol (IGRP):
Link-state protocols use cost metrics to choose paths through the network. The
cost metric reflects the capacity of the links on those paths.
Link-state protocols use triggered, flooded updates and can immediately report
changes in the network topology to all routers in the network. This immediate
reporting generally leads to fast convergence times.
Each router has a complete and synchronized picture of the network. Therefore,
it is very difficult for routing loops to occur.
Routers always use the latest set of information on which to base their routing
decisions because LSAs are sequenced and aged.
The link-state database sizes can be minimized with careful network design.
This leads to smaller Dijkstra calculations and faster convergence.
Every router is capable of mapping a copy of the entire network architecture,
at least of its own area of the network. This attribute can greatly assist troubleshooting.
Classless interdomain routing (CIDR) and variable-length subnet masking (VLSM)
are supported.
The following are some disadvantages of link-state routing protocols:
They require more memory and processing power than distance vector routers,
which can make link-state routing cost-prohibitive for organizations with small
budgets and legacy hardware.
They require strict hierarchical network design, so that a network can be broken
into smaller areas to reduce the size of the topology tables.
They require an administrator with a good understanding of link-state routing.
They flood the network with LSAs during the initial discovery process, which
can significantly decrease the capability of the network to transport data.
This flooding process can noticeably degrade the network performance depending
on the available bandwidth and the number of routers exchanging information.
2.1.6
Compare and contrast distance vector and link-state routing
All distance vector protocols learn routes and then send these routes to directly
connected neighbors. However, link-state routers advertise the states of their
links to all other routers in the area so that each router can build a complete
link-state database. These advertisements are called link-state advertisements
(LSAs). Unlike distance vector routers, link-state routers can form special
relationships with their neighbors and other link-state routers. This is to
ensure that the LSA information is properly and efficiently exchanged.
The initial flood of LSAs provides routers with the information that they need to build a link-state database. Routing updates occur only when the network changes. If there is no changes, the routing updates occur after a specific interval. If the network changes, a partial update is sent immediately. The partial update only contains contains information about links that have changed, not a complete routing table. An administrator concerned about WAN link utilization will find these partial and infrequent updates an efficient alternative to distance vector routing, which sends out a complete routing table every 30 seconds. When a change occurs, link-state routers are all notified simultaneously by the partial update. Distance vector routers wait for neighbors to note the change, implement the change, and then pass it to the neighboring routers.
The benefits of link-state routing over distance vector protocols include faster convergence and improved bandwidth utilization. Link-state protocols support classless interdomain routing (CIDR) and variable-length subnet mask (VLSM). This makes them a good choice for complex, scalable networks. In fact, link-state protocols generally outperform distance vector protocols on any size network. Link-state protocols are not implemented on every network because they require more memory and processing power than distance vector protocols and can overwhelm slower equipment. Another reason they are not more widely implemented is the fact that link-state protocols are quite complex. This would require well-trained administrators to correctly configure and maintain them.
2.2.1
OSPF overview
Open Shortest Path First (OSPF) is a link-state routing protocol based on open
standards. It is described in several standards of the Internet Engineering
Task Force (IETF). The most recent description is RFC 2328. The Open in OSPF
means that it is open to the public and is non-proprietary.
OSPF is becoming the preferred IGP protocol when compared with RIP v1 and RIP v2 because it is scalable. RIP is limited to 15 hops, it converges slowly, and it sometimes chooses slow routes because it ignores critical factors such as bandwidth in route determination. OSPF overcomes these limitations and proves to be a robust and scalable routing protocol suitable for the networks of today. OSPF can be used and configured as a single area for small networks. It can also be used for large networks. OSPF routing scales to large networks if hierarchical network design principles are used.
Large OSPF networks use a hierarchical design. Multiple areas connect to a distribution area, area 0, also called the backbone. This design approach allows for extensive control of routing updates. Defining areas reduces routing overhead, speeds up convergence, confines network instability to an area and improves performance.
2.2.2
OSPF terminology
As a link-state protocol, OSPF operates differently from distance vector routing
protocols. Link-state routers identify neighboring routers and then communicate
with the identified neighbors. OSPF has its own terminology. The new terms are
shown in Figure .
Information is gathered from OSPF neighbors about the status, or links, of each OSPF router. This information is flooded to all its neighbors. Flooding is a process that sends information out all ports, with the exception of the port on which the information was received. An OSPF router advertises its own link states and passes on received link states.
The routers process the information about link-states and build a link-state database. Every router in the OSPF area will have the same link-state database. Every router has the same information about the state of the links and the neighbors of every other router.
Then each router runs the SPF algorithm on its own copy of the database. This calculation determines the best route to a destination. The SPF algorithm adds up the cost, which is a value that is usually based on bandwidth. The lowest cost path is added to the routing table, which is also known as the forwarding database.
OSPF routers record information about their neighbors in the adjacency database.
To reduce the number of exchanges of routing information among several neighbors on the same network, OSPF routers elect a Designated Router (DR) and a Backup Designated Router (BDR) that serve as focal points for routing information exchange.
2.2.3
Comparing OSPF with distance vector routing protocols
OSPF uses link-state technology, compared with distance vector technology such
as RIP. Link-state routers maintain a common picture of the network and exchange
link information upon initial discovery or network changes. Link-state routers
do not broadcast their routing tables periodically as distance vector protocols
do. Therefore, link-state routers use less bandwidth for routing table maintenance.
RIP is appropriate for small networks, and the best path is based on the lowest number of hops. OSPF is appropriate for the needs of large scalable internetworks, and the best path is determined by speed. RIP and other distance vector protocols use simple algorithms to compute best paths. The SPF algorithm is complex. Routers implementing distance vector routing may need less memory and less powerful processors than those running OSPF.
OSPF selects routes based on cost, which is related to speed. The higher the speed, the lower the OSPF cost of the link.
OSPF selects the fastest loop-free path from the shortest-path first tree as the best path in the network.
OSPF guarantees loop-free routing. Distance vector protocols may cause routing loops.
If links are unstable, flooding of link-state information can lead to unsynchronized link-state advertisements and inconsistent decisions among routers.
OSPF addresses the following issues:
Speed of convergence
Support for Variable Length Subnet Mask (VLSM)
Network size
Path selection
Grouping of members
In large networks RIP convergence can take several minutes since the routing table of each router is copied and shared with directly connected routers. After initial OSPF convergence, maintaining a converged state is faster because only the changes in the network are flooded to other routers in an area.
OSPF supports VLSMs and therefore is referred to as a classless protocol. RIP v1 does not support VLSMs, however, RIP v2 does support VLSMs.
RIP considers a network that is more than 15 routers away to be unreachable because the number of hops is limited to 15. This limits RIP to small topologies. OSPF has no size limits and is suitable for intermediate to large networks.
RIP selects a path to a network by adding one to the hop count reported by a neighbor. It compares the hop counts to a destination and selects the path with the smallest distance or hops. This algorithm is simple and does not require a powerful router or a lot of memory. RIP does not take into account the available bandwidth in best path determination.
OSPF selects a path using cost, a metric based on bandwidth. All OSPF routers must obtain complete information about the networks of every router to calculate the shortest path. This is a complex algorithm. Therefore, OSPF requires more powerful routers and more memory than RIP.
RIP uses a flat topology. Routers in a RIP region exchange information with all routers. OSPF uses the concept of areas. A network can be subdivided into groups of routers. In this way OSPF can limit traffic to these areas. Changes in one area do not affect performance in other areas. This hierarchical approach allows a network to scale efficiently.
2.2.4
Shortest path algorithm
The shortest path algorithm is used by OSPF to determine the best path to a
destination.
In this algorithm, the best path is the lowest cost path. The algorithm was discovered by Dijkstra, a Dutch computer scientist, and was explained in 1959. The algorithm considers a network to be a set of nodes connected by point-to-point links. Each link has a cost. Each node has a name. Each node has a complete database of all the links and so complete information about the physical topology is known. All router link-state databases are identical. The table in Figure shows the information that node D has received. For example, D received information that it was connected to node C with a link cost of 4 and to node E with a link cost of 1.
The shortest path algorithm then calculates a loop-free topology using the node as the starting point and examining in turn information it has about adjacent nodes. In Figure , node B has calculated the best path to D. The best path to D is by way of node E, which has a cost of 4. This information is converted to a route entry in B which will forward traffic to C. Packets to D from B will flow B to C to E, then to D in this OSPF network.
In the example, node B determined that to get to node F the shortest path has a cost of 5, via node C. All other possible topologies will either have loops or a higher cost paths.
2.2.5
OSPF network types
A neighbor relationship is required for OSPF routers to share routing information.
A router will try to become adjacent, or neighbor, to at least one other router
on each IP network to which it is connected. Some routers may try to become
adjacent to all their neighbor routers. Other routers may try to become adjacent
to only one or two neighbor routers. OSPF routers determine which routers to
become adjacent to based on the type of network they are connected to. Once
an adjacency is formed between neighbors, link-state information is exchanged.
OSPF interfaces recognize three types of networks:
Broadcast multi-access, such as Ethernet
Point-to-point networks
Nonbroadcast multi-access (NBMA), such as Frame Relay
A fourth type, point-to-multipoint, can be configured on an interface by an administrator.
In a multiaccess network, the number of routers that will be connected in advance is unknown. In point-to-point networks, only two routers can be connected.
In a broadcast multi-access network segment, many routers may be connected. If every router had to establish full adjacency with every other router and exchange link-state information with every neighbor, there would be too much overhead. If there are 5 routers, 10 adjacency relationships would be needed and 10 link states sent. If there are 10 routers then 45 adjacencies would be needed. In general, for n routers, n*(n-1)/2 adjacencies would need to be formed.
The solution to this overhead is to hold an election for a designated router (DR). This router becomes adjacent to all other routers in the broadcast segment. All other routers on the segment send their link-state information to the DR. The DR in turn acts as the spokesperson for the segment. Using the example numbers above, only 5 and 10 sets of link states need be sent respectively. The DR sends link-state information to all other routers on the segment using the multicast address of 224.0.0.5 for all OSPF routers.
Despite the gain in efficiency that electing a DR provides, there is a disadvantage. The DR represents a single point of failure. A second router is elected as a backup designated router (BDR) to take over the duties of the DR if it should fail. To ensure that both the DR and the BDR see the link states all routers send on the segment, the multicast address for all designated routers, 224.0.0.6, is used.
On point-to-point networks only two nodes exist and no DR or BDR is elected. Both routers become fully adjacent with each other.
2.2.6
OSPF Hello protocol
When a router starts an OSPF routing process on an interface, it sends a hello
packet and continues to send hellos at regular intervals. The rules that govern
the exchange of OSPF hello packets are called the Hello protocol.
At Layer 3 of the OSI model, the hello packets are addressed to the multicast address 224.0.0.5. This address is “all OSPF routers”. OSPF routers use hello packets to initiate new adjacencies and to ensure that neighbor routers are still functioning. Hellos are sent every 10 seconds by default on broadcast multi-access and point-to-point networks. On interfaces that connect to NBMA networks, such as Frame Relay, the default time is 30 seconds.
On multi-access networks the Hello protocol elects a designated router (DR) and a backup designated router (BDR).
Although the hello packet is small, it consists of the OSPF packet header. For the hello packet the type field is set to 1.
The hello packet carries information that all neighbors must agree upon before an adjacency is formed, and link-state information is exchanged.
2.2.7
Steps in the operation of OSPF
OSPF routers send Hello packets on OSPF enabled interfaces. If all parameters
in the OSPF Hello packets are agreed upon, the routers become neighbors. On
multi-access networks, the routers elect a DR and BDR. On these networks other
routers become adjacent to the DR.
Adjacent routers go through a sequence of states. Adjacent routers must be in the full state before routing tables are created and traffic routed. Each router sends link-state advertisements (LSA) in link-state update (LSU) packets. These LSAs describe all of the routers links. Each router that receives an LSA from its neighbor records the LSA in the link-state database. This process is repeated for all routers in the OSPF network.
When the databases are complete, each router uses the SPF algorithm to calculate a loop free logical topology to every known network. The shortest path with the lowest cost is used in building this topology, therefore the best route is selected.
Routing information is now maintained. When there is a change in a link state, routers use a flooding process to notify other routers on the network about the change. The Hello protocol dead interval provides a simple mechanism for determining that an adjacent neighbor is down.
2.3.1
Configuring OSPF routing process
OSPF routing uses the concept of areas. Each router contains a complete database
of link-states in a specific area. An area in the OSPF network, it may be assigned
any number from 0 to 65,535. However a single area is assigned the number 0
and is known as area 0. In multi-area OSPF networks, all areas are required
to connect to area 0. Area 0 is also called the backbone area.
OSPF configuration requires that the configuration be enabled on the router with network addresses and area information. Network addresses are configured with a wildcard mask and not a subnet mask. The wildcard mask represents the links or host addresses that can be present in this segment. Area IDs can be written as a whole number or dotted decimal notation.
To enable OSPF routing, use the global configuration command syntax:
Router(config)#router ospf process-id
The process ID is a number that is used to identify an OSPF routing process on the router. Multiple OSPF processes can be started on the same router. The number can be any value between 1 and 65,535. Most network administrators keep the same process ID throughout an autonomous system, but this is not a requirement. It is rarely necessary to run more than one OSPF process on a router. IP networks are advertised as follows in OSPF:
Router(config-router)#network address wildcard-mask area area-id
Each network must be identified with the area to which it belongs. The network address can be a whole network, a subnet, or the address of the interface. The wildcard mask represents the set of host addresses that the segment supports. This is different than a subnet mask, which is used when configuring IP addresses on interfaces.
2.3.2
Configuring OSPF loopback address and router priority
When the OSPF process starts, the Cisco IOS uses the highest local active IP address as its OSPF router ID. If there is no active interface, the OSPF process will not start. If the active interface goes down, the OSPF process has no router ID and therefore ceases to function until the interface comes up again.
To ensure OSPF stability there should be an active interface for the OSPF process at all times. A loopback interface, which is a logical interface, can be configured for this purpose. When a loopback interface is configured, OSPF uses this address as the router ID, regardless of the value. On a router that has more than one loopback interface, OSPF takes the highest loopback IP address as its router ID.
To create and assign an IP address to a loopback interface use the following commands:
Router(config)#interface loopback number
Router(config-if)#ip address ip-address subnet-mask
It is considered good practice to use loopback interfaces for all routers running OSPF. This loopback interface should be configured with an address using a 32-bit subnet mask of 255.255.255.255. A 32-bit subnet mask is called a host mask because the subnet mask specifies a network of one host. When OSPF is requested to advertise a loopback network, OSPF always advertises the loopback as a host route with a 32-bit mask.
In broadcast multi-access networks there may be more than two routers. OSPF elects a designated router (DR) to be the focal point of all link-state updates and link-state advertisements. Because the DR role is critical, a backup designated router (BDR) is elected to take over if the DR fails.
If the network type of an interface is broadcast, the default OSPF priority is 1. When OSPF priorities are the same, the OSPF election for DR is decided on the router ID. The highest router ID is selected.
The election result can be determined by ensuring that the ballots, the hello packets, contain a priority for that router interface. The interface reporting the highest priority for a router will ensure that it becomes the DR.
The priorities can be set to any value from 0 to 255. A value of 0 prevents that router from being elected. A router with the highest OSPF priority will be selected as the DR. A router with the second highest priority will be the BDR. After the election process, the DR and BDR retain their roles even if routers are added to the network with higher OSPF priority values.
Modify the OSPF priority by entering global interface configuration ip ospf priority command on an interface that is participating in OSPF. The command show ip ospf interface will display the interface priority value as well as other key information.
Router(config-if)#ip ospf priority number
Router#show ip ospf interface type number
2.3.3
Modifying OSPF cost metric
OSPF uses cost as the metric for determining the best route. Cost is calculated
using the formula 108/bandwidth, where bandwidth is expressed in bps. The Cisco
IOS automatically determines cost based on the bandwidth of the interface. It
is essential for proper OSPF operation that the correct interface bandwidth
is set.
Router(config)#interface serial 0/0
Router(config-if)#bandwidth 64
The default bandwidth for Cisco serial interfaces is 1.544 Mbps, or 1544 kbps.
Cost can be changed to influence the outcome of the OSPF cost calculation. A common situation requiring a cost change is in a multi-vendor routing environment. A cost change would ensure that one vendor’s cost value would match another vendor’s cost value. Another situation is when Gigabit Ethernet is being used. The default cost assigns the lowest cost value of 1 to a 100 Mbps link. In a 100-Mbps and Gigabit Ethernet situation, the default cost values could cause routing to take a less desirable path unless they are adjusted. The cost number can be between 1 and 65,535.
Use the following interface configuration command to set the link cost:
Router(config-if)#ip ospf cost number
2.3.4
Configuring OSPF authentication
By default, a router trusts that routing information is coming from a router
that should be sending the information. A router also trusts that the information
has not been tampered with along the route.
To guarantee this trust, routers in a specific area can be configured to authenticate each other.
Each OSPF interface can present an authentication key for use by routers sending OSPF information to other routers on the segment. The authentication key, known as a password, is a shared secret between the routers. This key is used to generate the authentication data in the OSPF packet header. The password can be up to eight characters. Use the following command syntax to configure OSPF authentication:
Router(config-if)#ip ospf authentication-key password
After the password is configured, authentication must be enabled:
Router(config-router)#area area-number authentication
With simple authentication, the password is sent as plain text. This means that it can be easily decoded if a packet sniffer captures an OSPF packet.
It is recommended that authentication information be encrypted. To send encrypted authentication information and to ensure greater security, the message-digest keyword is used. The MD5 keyword specifies the type of message-digest hashing algorithm to use, and the encryption type field refers to the type of encryption, where 0 means none and 7 means proprietary.
Use the interface configuration command mode syntax:
Router(config-if)#ip ospf message-digest-key key-id md5 encryption-type key
The key-id is an identifier and takes the value in the range of 1 through 255. The key is an alphanumeric password up to sixteen characters. Neighbor routers must use the same key identifier with the same key value.
The following is configured in router configuration mode:
Router(config-router)#area area-id authentication message-digest
MD5 authentication creates a message digest. A message digest is scrambled data that is based on the password and the packet contents. The receiving router uses the shared password and the packet to re-calculate the digest. If the digests match, the router believes that the source and contents of the packet have not been tampered with. The authentication type identifies which authentication, if any, is being used. In the case of message-digest authentication, the authentication data field contains the key-id and the length of the message digest that is appended to the packet. The message digest is like a watermark that cannot be counterfeited.
2.3.5
Configuring OSPF timers
OSPF routers must have the same hello intervals and the same dead intervals
to exchange information. By default, the dead interval is four times the value
of the hello interval. This means that a router has four chances to send a hello
packet before being declared dead.
On broadcast OSPF networks, the default hello interval is 10 seconds and the default dead interval is 40 seconds. On nonbroadcast networks, the default hello interval is 30 seconds and the default dead interval is 120 seconds. These default values result in efficient OSPF operation and seldom need to be modified.
A network administrator is allowed to choose these timer values. A justification that OSPF network performance will be improved is needed prior to changing the timers. These timers must be configured to match those of any neighboring router.
To configure the hello and dead intervals on an interface, use the following commands:
Router(config-if)#ip ospf hello-interval seconds
Router(config-if)#ip ospf dead-interval seconds
2.3.6
OSPF, propagating a default route
OSPF routing ensures loop-free paths to every network in the domain. To reach
networks outside the domain, either OSPF must know about the network or OSPF
must have a default route. To have an entry for every network in the world would
require enormous resources for each router.
A practical alternative is to add a default route to the OSPF router connected to the outside network. This route can be redistributed to each router in the AS through normal OSPF updates.
A configured default route is used by a router to generate a gateway of last resort. The static default route configuration syntax uses the network 0.0.0.0 address and a subnet mask 0.0.0.0:
Router(config)#ip route 0.0.0.0 0.0.0.0 [interface | next-hop address]
This is referred to as the quad-zero route, and any network address is matched using the following rule. The network gateway is determined by ANDing the packet destination with the subnet mask.
The following configuration statement will propagate this route to all the routers in a normal OSPF area:
Router(config-router)#
default-information originate
All routers in the OSPF area will learn a default route provided that the interface of the border router to the default gateway is active.
2.3.7
Common OSPF configuration issues
An OSPF router must establish a neighbor or adjacency relationship with another
OSPF router to exchange routing information. Failure to establish a neighbor
relationship is caused by any of the following reasons:
Hellos are not sent from both neighbors.
Hello and dead interval timers are not the same.
Interfaces are on different network types.
Authentication passwords or keys are different.
In OSPF routing it is also important to ensure the following:
All interfaces have the correct addresses and subnet mask.
network area statements have the correct wildcard masks.
network area statements put interfaces into the correct area.
MODULE 3
3.1
EIGRP Concepts
3.1.1
Comparing EIGRP with IGRP
Cisco released EIGRP in 1994 as a scalable, improved version of its proprietary
distance vector routing protocol, IGRP. The same distance vector technology
found in IGRP is used in EIGRP, and the underlying distance information remains
the same.
EIGRP improves the convergence properties and the operating efficiency significantly over IGRP. This allows for an improved architecture while retaining the existing investment in IGRP.
Comparisons between EIGRP and IGRP fall into the following major categories:
Compatibility mode
Metric calculation
Hop count
Automatic protocol redistribution
Route tagging
IGRP and EIGRP are compatible with each other. This compatibility provides seamless interoperability with IGRP routers. This is important so users can take advantage of the benefits of both protocols. EIGRP offers multiprotocol support, but IGRP does not.
EIGRP and IGRP use different metric calculations. EIGRP scales the metric of IGRP by a factor of 256. That is because EIGRP uses a metric that is 32 bits long, and IGRP uses a 24-bit metric. By multiplying or dividing by 256, EIGRP can easily exchange information with IGRP.
IGRP has a maximum hop count of 255. EIGRP has a maximum hop count limit of 224. This is more than adequate to support the largest, properly designed internetworks.
Enabling dissimilar routing protocols such as OSPF and RIP to share information requires advanced configuration. Redistribution, the sharing of routes, is automatic between IGRP and EIGRP as long as both processes use the same autonomous system (AS) number. In Figure , RTB automatically redistributes EIGRP-learned routes to the IGRP AS, and vice versa.
EIGRP will tag routes learned from IGRP or any outside source as external because they did not originate from EIGRP routers. IGRP cannot differentiate between internal and external routes.
Notice that in the show ip route command output for the routers in Figure , EIGRP routes are flagged with D, and external routes are denoted by EX. RTA identifies the difference between the network learned via EIGRP (172.16.0.0) and the network that was redistributed from IGRP (192.168.1.0). In the RTC table, the IGRP protocol makes no such distinction. RTC, which is running IGRP only, just sees IGRP routes, despite the fact that both 10.1.1.0 and 172.16.0.0 were redistributed from EIGRP.
3.1.2
EIGRP concepts and terminology
EIGRP routers keep route and topology information readily available in RAM,
so they can react quickly to changes. Like OSPF, EIGRP saves this information
in several tables and databases.
EIGRP saves routes that are learned in specific ways. Routes are given a particular status and can be tagged to provide additional useful information.
EIGRP maintains three tables:
Neighbor table
Topology table
Routing table
The neighbor table is the most important table in EIGRP. Each EIGRP router maintains a neighbor table that lists adjacent routers. This table is comparable to the adjacency database used by OSPF. There is a neighbor table for each protocol that EIGRP supports.
When newly discovered neighbors are learned, the address and interface of the neighbor is recorded. This information is stored in the neighbor data structure. When a neighbor sends a hello packet, it advertises a hold time. The hold time is the amount of time a router treats a neighbor as reachable and operational. In other words, if a hello packet is not heard within the hold time, then the hold time expires. When the hold time expires, the Diffusing Update Algorithm (DUAL), which is the EIGRP distance vector algorithm, is informed of the topology change and must recalculate the new topology.
The topology table is made up of all the EIGRP routing tables in the autonomous system. DUAL takes the information supplied in the neighbor table and the topology table and calculates the lowest cost routes to each destination. By tracking this information, EIGRP routers can identify and switch to alternate routes quickly. The information that the router learns from the DUAL is used to determine the successor route, which is the term used to identify the primary or best route. A copy is also placed in the topology table.
Every EIGRP router maintains a topology table for each configured network protocol. All learned routes to a destination are maintained in the topology table.
The topology table includes the following fields:
Feasible distance (FD is 2195456) 200.10.10.10 – The feasible distance
(FD) is the lowest calculated metric to each destination. For example, the feasible
distance to 32.0.0.0 is 90 as indicated by FD is equal 90.
Route source (via 200.10.10.10) – The source of the route is the identification
number of the router that originally advertised that route. This field is populated
only for routes learned externally from the EIGRP network. Route tagging can
be particularly useful with policy-based routing. For example, the route source
to 32.0.0.0 is 200.10.10.10 via 200.10.10.10.
Reported distance (FD/RD) – The reported distance (RD) of the path is
the distance reported by an adjacent neighbor to a specific destination. For
example, the reported distance to 32.0.0.0 is 2195456 as indicated by (90/2195456).
Interface information – The interface through which the destination is
reachable
Route status – Routes are identified as being either passive (P), which
means that the route is stable and ready for use, or active (A), which means
that the route is in the process of being recomputed by DUAL.
The EIGRP routing table holds the best routes to a destination. This information is retrieved from the topology table. Each EIGRP router maintains a routing table for each network protocol.
A successor is a route selected as the primary route to use to reach a destination. DUAL identifies this route from the information contained in the neighbor and topology tables and places it in the routing table. There can be up to four successor routes for any particular route. These can be of equal or unequal cost and are identified as the best loop-free paths to a given destination. A copy of the successor routes is also placed in the topology table.
A feasible successor (FS) is a backup route. These routes are identified at the same time the successors are identified, but they are only kept in the topology table. Multiple feasible successors for a destination can be retained in the topology table although it is not mandatory.
A router views its feasible successors as neighbors downstream, or closer to the destination than it is. Feasible successor cost is computed by the advertised cost of the neighbor router to the destination. If a successor route goes down, the router will look for an identified feasible successor. This route will be promoted to successor status. A feasible successor must have a lower advertised cost than the existing successor cost to the destination. If a feasible successor is not identified from the existing information, the router places an Active status on a route and sends out query packets to all neighbors in order to recompute the current topology. The router can identify any new successor or feasible successor routes from the new data that is received from the reply packets that answer the query requests. The router will then place a Passive status on the route.
The topology table can record additional information about each route. EIGRP classifies routes as either internal or external. EIGRP adds a route tag to each route to identify this classification. Internal routes originate from within the EIGRP autonomous system (AS).
External routes originate outside the EIGRP AS. Routes learned or redistributed from other routing protocols, such as Routing Information Protocol (RIP), OSPF, and IGRP, are external. Static routes originating outside the EIGRP AS are external. The tag can be configured to a number between 0-255 to customize the tag.
3.1.3
EIGRP design features
EIGRP operates quite differently from IGRP. EIGRP is an advanced distance vector
routing protocol and acts as a link-state protocol when updating neighbors and
maintaining routing information. The advantages of EIGRP over simple distance
vector protocols include the following:
Rapid convergence
Efficient use of bandwidth
Support for variable-length subnet mask (VLSM) and classless interdomain routing
(CIDR). Unlike IGRP, EIGRP offers full support for classless IP by exchanging
subnet masks in routing updates.
Multiple network-layer support
Independence from routed protocols. Protocol-dependent modules (PDMs) protect
EIGRP from lengthy revision. Evolving routed protocols, such as IP, may require
a new protocol module but not necessarily a reworking of EIGRP itself.
EIGRP routers converge quickly because they rely on DUAL. DUAL guarantees loop-free operation at every instant throughout a route computation allowing all routers involved in a topology change to synchronize at the same time.
EIGRP makes efficient use of bandwidth by sending partial, bounded updates and its minimal consumption of bandwidth when the network is stable. EIGRP routers make partial, incremental updates rather than sending their complete tables. This is similar to OSPF operation, but unlike OSPF routers, EIGRP routers send these partial updates only to the routers that need the information, not to all routers in an area. For this reason, they are called bounded updates. Instead of using timed routing updates, EIGRP routers keep in touch with each other using small hello packets. Though exchanged regularly, hello packets do not use up a significant amount of bandwidth.
EIGRP supports IP, IPX, and AppleTalk through protocol-dependent modules (PDMs). EIGRP can redistribute IPX RIP and SAP information to improve overall performance. In effect, EIGRP can take over for these two protocols. An EIGRP router will receive routing and service updates, updating other routers only when changes in the SAP or routing tables occur. Routing updates occur as they would in any EIGRP network, using partial updates.
EIGRP can also take over for the AppleTalk Routing Table Maintenance Protocol (RTMP). As a distance vector routing protocol, RTMP relies on periodic and complete exchanges of routing information. To reduce overhead, EIGRP redistributes AppleTalk routing information using event-driven updates. EIGRP also uses a configurable composite metric to determine the best route to an AppleTalk network. RTMP uses hop count, which can result in suboptimal routing. AppleTalk clients expect RTMP information from local routers, so EIGRP for AppleTalk should be run only on a clientless network, such as a wide-area network (WAN) link.
3.1.4
EIGRP technologies
EIGRP includes many new technologies, each of which represents an improvement
in operating efficiency, speed of convergence, or functionality relative to
IGRP and other routing protocols. These technologies fall into one of the following
four categories:
Neighbor discovery and recovery
Reliable Transport Protocol
DUAL finite-state machine algorithm
Protocol-dependent modules
Simple distance vector routers do not establish any relationship with their neighbors. RIP and IGRP routers merely broadcast or multicast updates on configured interfaces. In contrast, EIGRP routers actively establish relationships with their neighbors, much the same way that OSPF routers do.
EIGRP routers establish adjacencies as described in Figure . EIGRP routers
establish adjacencies with neighbor routers by using small hello packets. Hellos
are sent by default every five seconds. An EIGRP router assumes that as long
as it is receiving hello packets from known neighbors, those neighbors and their
routes remain viable or passive. By forming adjacencies, EIGRP routers do the
following:
Dynamically learn of new routes that join their network
Identify routers that become either unreachable or inoperable
Rediscover routers that had previously been unreachable
Reliable Transport Protocol (RTP) is a transport-layer protocol that can guarantee ordered delivery of EIGRP packets to all neighbors. On an IP network, hosts use TCP to sequence packets and ensure their timely delivery. However, EIGRP is protocol-independent. This means it does not rely on TCP/IP to exchange routing information the way that RIP, IGRP, and OSPF do. To stay independent of IP, EIGRP uses RTP as its own proprietary transport-layer protocol to guarantee delivery of routing information.
EIGRP can call on RTP to provide reliable or unreliable service as the situation warrants. For example, hello packets do not require the overhead of reliable delivery because they are frequent and should be kept small. Nevertheless, the reliable delivery of other routing information can actually speed convergence, because EIGRP routers are not waiting for a timer to expire before they retransmit.
With RTP, EIGRP can multicast and unicast to different peers simultaneously, which allows for maximum efficiency.
The centerpiece of EIGRP is the Diffusing Update Algorithm (DUAL), which is the EIGRP route-calculation engine. The full name of this technology is DUAL finite-state machine (FSM). An FSM is an algorithm machine, not a mechanical device with moving parts. FSMs define a set of possible states that something can go through, what events cause those states, and what events result from those states. Designers use FSMs to describe how a device, computer program, or routing algorithm will react to a set of input events. The DUAL FSM contains all the logic used to calculate and compare routes in an EIGRP network.
DUAL tracks all the routes advertised by neighbors. Composite metrics of each route are used to compare them. DUAL also guarantees that each path is loop free. DUAL inserts lowest cost paths into the routing table. These primary routes are known as successor routes. A copy of the successor routes is also placed in the topology table.
EIGRP keeps important route and topology information readily available in a neighbor table and a topology table. These tables supply DUAL with comprehensive route information in case of network disruption. DUAL selects alternate routes quickly by using the information in these tables. If a link goes down, DUAL looks for an alternative route path, or feasible successor, in the topology table.
One of the best features of EIGRP is its modular design. Modular, layered designs prove to be the most scalable and adaptable. Support for routed protocols, such as IP, IPX, and AppleTalk, is included in EIGRP through PDMs. In theory, EIGRP can easily adapt to new or revised routed protocols, such as IPv6, by adding protocol-dependent modules.
Each PDM is responsible for all functions related to its specific routed protocol.
The IP-EIGRP module is responsible for the following:
Sending and receiving EIGRP packets that bear IP data
Notifying DUAL of new IP routing information that is received
Maintaining the results of DUAL routing decisions in the IP routing table
Redistributing routing information that was learned by other IP-capable routing
protocols
3.1.5
EIGRP data structure
Like OSPF, EIGRP relies on different types of packets to maintain its various
tables and establish complex relationships with neighbor routers.
The five EIGRP packet types are:
Hello
Acknowledgment
Update
Query
Reply
EIGRP relies on hello packets to discover, verify, and rediscover neighbor routers. Rediscovery occurs if EIGRP routers do not receive hellos from each other for a hold time interval but then re-establish communication.
EIGRP routers send hellos at a fixed but configurable interval, called the hello interval. The default hello interval depends on the bandwidth of the interface. On IP networks, EIGRP routers send hellos to the multicast IP address 224.0.0.10.
An EIGRP router stores information about neighbors in the neighbor table. The neighbor table includes the Sequence Number (Seq No) field to record the number of the last received EIGRP packet that each neighbor sent. The neighbor table also includes a Hold Time field which records the time the last packet was received. Packets should be received within the Hold Time interval period to maintain a Passive state. The Passive state is a reachable and operational status.
If a neighbor is not heard from for the duration of the hold time, EIGRP considers that neighbor down, and DUAL must step in to re-evaluate the routing table. By default, the hold time is three times the hello interval, but an administrator can configure both timers as desired.
OSPF requires neighbor routers to have the same hello and dead intervals to communicate. EIGRP has no such restriction. Neighbor routers learn about each of the other respective timers via the exchange of hello packets. Then they use that information to forge a stable relationship regardless of unlike timers.
Hello packets are always sent unreliably. This means that no acknowledgment is transmitted.
An EIGRP router uses acknowledgment packets to indicate receipt of any EIGRP packet during a reliable exchange. Reliable Transport Protocol (RTP) can provide reliable communication between EIGRP hosts. To be reliable, a sender's message must be acknowledged by the recipient. Acknowledgment packets, which are hello packets without data, are used for this purpose. Unlike multicast hellos, acknowledgment packets are unicast. Acknowledgments can be made by attaching them to other kinds of EIGRP packets, such as reply packets.
Update packets are used when a router discovers a new neighbor. An EIGRP router sends unicast update packets to that new neighbor so that it can add to its topology table. More than one update packet may be needed to convey all the topology information to the newly discovered neighbor.
Update packets are also used when a router detects a topology change. In this case, the EIGRP router sends a multicast update packet to all neighbors, which alerts them to the change. All update packets are sent reliably.
An EIGRP router uses query packets whenever it needs specific information from one or all of its neighbors. A reply packet is used to respond to a query.
If an EIGRP router loses its successor and cannot find a feasible successor for a route, DUAL places the route in the Active state. A query is then multicasted to all neighbors in an attempt to locate a successor to the destination network. Neighbors must send replies that either provide information on successors or indicate that no information is available. Queries can be multicast or unicast, while replies are always unicast. Both packet types are sent reliably.
3.1.6
EIGRP algorithm
The sophisticated DUAL algorithm results in the exceptionally fast convergence
of EIGRP. To better understand convergence with DUAL, consider the example in
Figure . Each router has constructed a topology table that contains information
about how to route to destination Network A.
Each topology table identifies the following:
The routing protocol or EIGRP
The lowest cost of the route, which is called Feasible Distance (FD)
The cost of the route as advertised by the neighboring router, which is called
Reported Distance (RD)
The Topology heading identifies the preferred primary route, called the successor route (Successor), and, where identified, the backup route, called the feasible successor (FS). Note that it is not necessary to have an identified feasible successor.
The EIGRP network will follow a sequence of actions to bring about convergence
between the routers, which currently have the following topology information:
Convergence has occurred among all EIGRP routers using the DUAL algorithm.
3.2.1
Configuring EIGRP
Despite the complexity of DUAL, configuring EIGRP can be relatively simple.
EIGRP configuration commands vary depending on the protocol that is to be routed.
Some examples of these protocols are IP, IPX, and AppleTalk. This section covers
EIGRP configuration for the IP protocol.
Perform the following steps to configure EIGRP for IP:
Use the following to enable EIGRP and define the autonomous system:
router(config)#router eigrp autonomous-system-number
The autonomous system number is used to identify all routers that belong within
the internetwork. This value must match all routers within the internetwork.
Indicate which networks belong to the EIGRP autonomous system on the local router
by using the following command:
router(config-router)#network network-number
The network-number is the network number that determines which interfaces of the router are participating in EIGRP and which networks are advertised by the router.
The network command configures only connected networks. For example, network
3.1.0.0, which is on the far left of the main Figure, is not directly connected
to Router A. Consequently, that network is not part of the configuration of
Router A.
When configuring serial links using EIGRP, it is important to configure the
bandwidth setting on the interface. If the bandwidth for these interfaces is
not changed, EIGRP assumes the default bandwidth on the link instead of the
true bandwidth. If the link is slower, the router may not be able to converge,
routing updates might become lost, or suboptimal path selection may result.
To set the interface bandwidth, use the following syntax:
router(config-if)#bandwidth kilobits
The bandwidth command is only used by the routing process and should be set
to match the line speed of the interface.
Cisco also recommends adding the following command to all EIGRP configurations:
router(config-if)#eigrp log-neighbor-changes
This command enables the logging of neighbor adjacency changes to monitor the stability of the routing system and to help detect problems.
3.2.2
Configuring EIGRP summarization
EIGRP automatically summarizes routes at the classful boundary. This is the
boundary where the network address ends, as defined by class-based addressing.
This means that even though RTC is connected only to the subnet 2.1.1.0, it
will advertise that it is connected to the entire Class A network, 2.0.0.0.
In most cases auto summarization is beneficial because it keeps routing tables
as compact as possible.
However, automatic summarization may not be the preferred option in certain instances. For example, if there are discontiguous subnetworks auto-summarization must be disabled for routing to work properly. To turn off auto-summarization, use the following command:
router(config-router)#no auto-summary
With EIGRP, a summary address can be manually configured by configuring a prefix network. Manual summary routes are configured on a per-interface basis, so the interface that will propagate the route summary must be selected first. Then the summary address can be defined with the ip summary-address eigrp command:
router(config-if)#ip summary-address eigrp autonomous-system-number ip-address mask administrative-distance
EIGRP summary routes have an administrative distance of 5 by default. Optionally, they can be configured for a value between 1 and 255.
In Figure , RTC can be configured using the commands shown:
RTC(config)#router eigrp 2446
RTC(config-router)#no auto-summary
RTC(config-router)#exit
RTC(config)#interface serial 0/0
RTC(config-if)#ip summary-address eigrp 2446 2.1.0.0 255.255.0.0
Therefore, RTC will add a route to its table as follows:
D 2.1.0.0/16 is a summary, 00:00:22, Null0
Notice that the summary route is sourced from Null0 and not from an actual interface. This is because this route is used for advertisement purposes and does not represent a path that RTC can take to reach that network. On RTC, this route has an administrative distance of 5.
RTD is not aware of the summarization but accepts the route. The route is assigned the administrative distance of a normal EIGRP route, which is 90 by default.
In the configuration for RTC, auto-summarization is turned off with the no auto-summary command. If auto-summarization was not turned off, RTD would receive two routes, the manual summary address, which is 2.1.0.0 /16, and the automatic, classful summary address, which is 2.0.0.0 /8.
In most cases when manually summarizing, the no auto-summary command should be issued.
3.2.4
Building neighbor tables
Simple distance vector routers do not establish any relationship with their
neighbors. RIP and IGRP routers merely broadcast or multicast updates on configured
interfaces. In contrast, EIGRP routers actively establish relationships with
their neighbors as do OSPF routers.
The neighbor table is the most important table in EIGRP. Each EIGRP router maintains a neighbor table that lists adjacent routers. This table is comparable to the adjacency database used by OSPF. There is a neighbor table for each protocol that EIGRP supports.
EIGRP routers establish adjacencies with neighbor routers by using small hello
packets. Hellos are sent by default every five seconds. An EIGRP router assumes
that, as long as it is receiving hello packets from known neighbors, those neighbors
and their routes remain viable or passive. By forming adjacencies, EIGRP routers
do the following:
Dynamically learn of new routes that join their network
Identify routers that become either unreachable or inoperable
Rediscover routers that had previously been unreachable
The following fields are found in a neighbor table:
Neighbor address – This is the network layer address of the neighbor router.
Hold time – This is the interval to wait without receiving anything from
a neighbor before considering the link unavailable. Originally, the expected
packet was a hello packet, but in current Cisco IOS software releases, any EIGRP
packets received after the first hello will reset the timer.
Smooth Round-Trip Timer (SRTT) – This is the average time that it takes
to send and receive packets from a neighbor. This timer is used to determine
the retransmit interval (RTO).
Queue count (Q Cnt) – This is the number of packets waiting in a queue
to be sent. If this value is constantly higher than zero, there may be a congestion
problem at the router. A zero means that there are no EIGRP packets in the queue.
Sequence Number (Seq No) – This is the number of the last packet received
from that neighbor. EIGRP uses this field to acknowledge a transmission of a
neighbor and to identify packets that are out of sequence. The neighbor table
is used to support reliable, sequenced delivery of packets and can be regarded
as analogous to the TCP protocol used in the reliable delivery of IP packets.
3.2.6
Select routes
If a link goes down, DUAL looks for an alternative route path, or feasible successor,
in the topology table. If a feasible successor is not found, the route is flagged
as Active, or unusable at present. Query packets are sent to neighboring routers
requesting topology information. DUAL uses this information to recalculate successor
and feasible successor routes to the destination.
Once DUAL has completed these calculations, the successor route is placed in the routing table. Then both the successor route and feasible successor route are placed in the topology table. The route to the final destination will now pass from an Active status to a Passive status. This means that the route is now operational and reliable.
The sophisticated algorithm of DUAL results in EIGRP having exceptionally fast convergence. To better understand convergence using DUAL, consider the example in Figure . All routers have built a topology table that contains information about how to route to destination network Z.
Each table identifies the following:
The routing protocol or EIGRP
The lowest cost of the route or Feasible Distance (FD)
The cost of the route as advertised by the neighboring router or Reported Distance
(RD)
The Topology heading identifies the preferred primary route, which is called the successor route (Successor). If it is identified, the Topology heading will also identify the backup route, which is called the feasible successor (FS). Note that it is not necessary to have an identified feasible successor.
3.2.7
Maintaining routing tables
DUAL tracks all routes advertised by neighbors using the composite metric of
each route to compare them. DUAL also guarantees that each path is loop-free.
Lowest-cost paths are then inserted by the DUAL algorithm into the routing table. These primary routes are known as successor routes. A copy of the successor paths is placed in the topology table.
EIGRP keeps important route and topology information readily available in a neighbor table and a topology table. These tables supply DUAL with comprehensive route information in case of network disruption. DUAL selects alternate routes quickly by using the information in these tables.
If a link goes down, DUAL looks for an alternative route path, or feasible successor, in the topology table. If a feasible successor is not found, the route is flagged as active, or unusable at present. Query packets are sent to neighboring routers requesting topology information. DUAL uses this information to recalculate successor and feasible successor routes to the destination.
Once DUAL has completed these calculations, the successor route is placed in the routing table. Then both the successor route and feasible successor route are placed in the topology table. The route to the final destination will now pass from an active status to a passive status. This means that the route is now operational and reliable.
EIGRP routers establish and maintain adjacencies with neighbor routers by using small hello packets. Hellos are sent by default every five seconds. An EIGRP router assumes that, as long as it is receiving hello packets from known neighbors, those neighbors and their routes remain viable, or passive.
When newly discovered neighbors are learned, the address and interface of the neighbor is recorded. This information is stored in the neighbor data structure. When a neighbor sends a hello packet, it advertises a hold time. The hold time is the amount of time a router treats a neighbor as reachable and operational.In other words, if a hello packet is not heard from within the hold time, the hold time expires. When the hold time expires, DUAL is informed of the topology change, and must recalculate the new topology.
In the example in Figures - , DUAL must reconstruct the topology following the discovery of a broken link between router D and router B.
The new successor routes will be placed in the updated routing table.
3.3.1
Routing protocol troubleshooting process
All routing protocol troubleshooting should begin with a logical sequence,
or process flow. This process flow is not a rigid outline for troubleshooting
an internetwork. However, it is a foundation from which a network administrator
can build a problem-solving process to suit a particular environment.
When analyzing a network failure, make a clear problem statement.
Gather the facts needed to help isolate possible causes.
Consider possible problems based on the facts that have been gathered.
Create an action plan based on the remaining potential problems.
Implement the action plan, performing each step carefully while testing to see
whether the symptom disappears.
Analyze the results to determine whether the problem has been resolved. If it
has, then the process is complete.
If the problem has not been resolved, create an action plan based on the next
most likely problem in the list. Return to Step 4, change one variable at a
time, and repeat the process until the problem is solved.
Once the actual cause of the problem is identified, try to solve it.
Cisco routers provide numerous integrated commands to assist in monitoring
and troubleshooting an internetwork:
show commands help monitor installation behavior and normal network behavior,
as well as isolate problem areas
debug commands assist in the isolation of protocol and configuration problems
TCP/IP network tools such as ping, traceroute, and telnet
Cisco IOS show commands are among the most important tools for understanding the status of a router, detecting neighboring routers, monitoring the network in general, and isolating problems in the network.
EXEC debug commands can provide a wealth of information about interface traffic, internal error messages, protocol-specific diagnostic packets, and other useful troubleshooting data. Use debug commands to isolate problems, not to monitor normal network operation. Only use debug commands to look for specific types of traffic or problems. Before using the debug command, narrow the problems to a likely subset of causes. Use the show debugging command to view which debugging features are enabled.
3.3.2
Troubleshooting RIP configuration
The most common problem found in Routing Information Protocol (RIP) that prevents
RIP routes from being advertised is the variable-length subnet mask (VLSM).
This is because RIP Version 1 does not support VLSM. If the RIP routes are not
being advertised, check the following:
Layer 1 or Layer 2 connectivity issues exist.
VLSM subnetting is configured. VLSM subnetting cannot be used with RIP v1.
Mismatched RIP v1 and RIP v2 routing configurations exist.
Network statements are missing or incorrectly assigned.
The outgoing interface is down.
The advertised network interface is down.
The show ip protocols command provides information about the parameters and current state of the active routing protocol process. RIP sends updates to the interfaces in the specified networks. If interface FastEthernet 0/1 was configured but the network was not added to RIP routing, no updates would be sent out or received from the interface.
Use the debug ip rip EXEC command to display information on RIP routing transactions. The no debug ip rip, no debug all, or undebug all commands will turn off all debugging.
Figure shows that the router being debugged has received an update from another router at source address 192.168.3.1. That router sent information about two destinations in the routing table update. The router being debugged also sent updates. Both routers broadcasted address 255.255.255.255 as the destination. The number in parentheses is the source address encapsulated into the IP header.
An entry most likely caused by a malformed packet from the transmitter is shown in the following output:
RIP: bad version 128 from 160.89.80.43
3.3.3
Troubleshooting IGRP configuration
Interior Gateway Routing Protocol (IGRP) is an advanced distance vector routing
protocol developed by Cisco in the middle 1980s. IGRP has several features that
differentiate it from other distance vector routing protocols such as RIP.
Use the router igrp autonomous-system command to enable the IGRP routing process:
R1(config)#router igrp 100
Use the router configuration network network-number command to enable interfaces to participate in the IGRP update process:
R1(config-router)#network 172.30.0.0
R1(config-router)#network 192.168.3.0
Verify IGRP configuration with the show running-configuration and show ip protocols commands:
R1#show ip protocols
Verify IGRP operation with the show ip route command:
R1#show ip route
If IGRP does not appear to be working correctly, check the following:
Layer 1 or Layer 2 connectivity issues exist.
Autonomous system numbers on IGRP routers are mismatched.
Network statements are missing or incorrectly assigned.
The outgoing interface is down.
The advertised network interface is down.
To view IGRP debugging information, use the following commands:
debug ip igrp transactions [host ip address] to view IGRP transaction information
debug ip igrp events [host ip address] to view routing update information
To turn off debugging, use the no debug ip igrp command.
If a network becomes inaccessible, routers running IGRP send triggered updates to neighbors to inform them. A neighbor router will then respond with poison reverse updates and keep the suspect network in a holddown state for 280 seconds.
3.3.4
Troubleshooting EIGRP configuration
Normal EIGRP operation is stable, efficient in bandwidth utilization, and relatively
simple to monitor and troubleshoot.
Use the router eigrp autonomous-system command to enable the EIGRP routing process:
R1(config)#router eigrp 100
To exchange routing updates, each router in the EIGRP network must be configured with the same autonomous system number.
Use the router configuration network network-number command to enable interfaces to participate in the EIGRP update process:
R1(config-router)#network 172.30.0.0
R1(config-router)#network 192.168.3.0
Verify EIGRP configuration with the show running-configuration and show ip protocols commands:
R1#show ip protocols
Some possible reasons why EIGRP may not be working correctly are:
Layer 1 or Layer 2 connectivity issues exist.
Autonomous system numbers on EIGRP routers are mismatched.
The link may be congested or down.
The outgoing interface is down.
The advertised network interface is down.
Auto-summarization is enabled on routers with discontiguous subnets.
Use no auto-summary to disable automatic network summarization.
One of the most common reasons for a missing neighbor is a failure on the actual link. Another possible cause of missing neighbors is an expired holddown timer. Since hellos are sent every 5 seconds on most networks, the hold-time value in a show ip eigrp neighbors command output should normally be a value between 10 and 15.
3.3.5
Troubleshooting OSPF configuration
Open Shortest Path First (OSPF) is a link-state protocol. A link is an interface
on a router. The state of the link is a description of that interface and of
its relationship to its neighboring routers. For example, a description of the
interface would include the IP address, the mask, the type of network to which
it is connected, the routers connected to that network, and so on. This information
forms a link-state database.
The majority of problems encountered with OSPF relate to the formation of adjacencies and the synchronization of the link-state databases. The show ip ospf neighbor command is useful for troubleshooting adjacency formation. OSPF configuration commands are shown in Figure .
Use the debug ip ospf events privileged EXEC command to display the following
information about OSPF-related events:
Adjacencies
Flooding information
Designated router selection
Shortest path first (SPF) calculation
If a router configured for OSPF routing is not seeing an OSPF neighbor on an
attached network, perform the following tasks:
Verify that both routers have been configured with the same IP mask, OSPF hello
interval, and OSPF dead interval.
Verify that both neighbors are part of the same area.
To display information about each Open Shortest Path First (OSPF) packet received, use the debug ip ospf packet privileged EXEC command. The no form of this command disables debugging output.
The debug ip ospf packet command produces one set of information for each packet received. The output varies slightly, depending on which authentication is used.
MODULE 4
Local-area network (LAN) design has developed and changed over time. Network designers until very recently used hubs and bridges to build networks. Now switches and routers are the key components in LAN design, and the capabilities and performance of these devices are continually improving.
This module returns to some of the roots of modern Ethernet LANs with a discussion of the evolution of Ethernet/802.3, the most commonly deployed LAN architecture. A look at the historical context of LAN development and various networking devices that can be utilized at Layer 1, Layer 2, and Layer 3 of the OSI model will help provide a solid understanding of the reasons why network devices have evolved as they have.
Until recently, most Ethernet networks were built using repeaters. When the performance of these networks began to suffer because too many devices shared the same segment, network engineers added bridges to create multiple collision domains. As networks grew in size and complexity, the bridge evolved into the modern switch, allowing microsegmentation of the network. Today’s networks typically are built using switches and routers, often with the routing and switching function in the same device.
Many modern switches are capable of performing varied and complex tasks in the network. This module will provide an introduction to network segmentation and will describe the basics of switch operation.
Switches and bridges perform much of the heavy work in a LAN, making nearly instantaneous decisions when frames are received. This module describes in detail how frames are transmitted by switches, how frames are filtered, and how switches learn the physical addresses of all network nodes. As an introduction to the use of bridges and switches in LAN design, the principles of LAN segmentation and collision domains are also covered.
Switches are Layer 2 devices that are used to increase available bandwidth and reduce network congestion. A switch can segment a LAN into microsegments, which are segments with only a single host. Microsegmentation creates multiple collision-free domains from one larger domain. As a Layer 2 device, the LAN switch increases the number of collision domains, but all hosts connected to the switch are still part of the same broadcast domain.
4.1
Introduction to Ethernet/802.3 LANs
4.1.1
Ethernet/802.3 LAN development
The earliest LAN technologies commonly used either thick Ethernet or thin Ethernet
infrastructures. It is important to understand some of the limitations of these
infrastructures in order to see where LAN switching stands today.
Adding hubs or concentrators into the network offered an improvement on thick and thin Ethernet technology. A hub is a Layer 1 device and is sometimes referred to as an Ethernet concentrator or a multi-port repeater. Introducing hubs into the network allowed greater access to the network for more users. Active hubs also allowed for the extension of networks to greater distances. A hub does this by regenerating the data signal. A hub does not make any decisions when receiving data signals. It simply regenerates and amplifies the data signals that it receives to all connected devices.
Ethernet is fundamentally a shared technology where all users on a given LAN segment compete for the same available bandwidth. This situation is analogous to a number of cars all trying to access a one-lane road at the same time. Because the road has only one lane, only one car can access it at a time. The introduction of hubs into a network resulted in more users competing for the same bandwidth.
Collisions are a by-product of Ethernet networks. If two or more devices try to transmit at the same time a collision occurs. This situation is analogous to two cars merging into a single lane and the resulting collision. Traffic is backed up until the collision can be cleared. When the number of collisions in a network is excessive, sluggish network response times result. This indicates that the network has become too congested or too many users are trying to access the network at the same time.
Layer 2 devices are more intelligent than Layer 1 devices. Layer 2 devices make forwarding decisions based on Media Access Control (MAC) addresses contained within the headers of transmitted data frames.
A bridge is a Layer 2 device used to divide, or segment, a network. A bridge is capable of collecting and selectively passing data frames between two network segments. Bridges do this by learning the MAC address of all devices on each connected segment. Using this information, the bridge builds a bridging table and forwards or blocks traffic based on that table. This results in smaller collision domains and greater network efficiency. Bridges do not restrict broadcast traffic. However, they do provide greater traffic control within a network.
A switch is also a Layer 2 device and may be referred to as a multi-port bridge. A switch has the intelligence to make forwarding decisions based on MAC addresses contained within transmitted data frames. The switch learns the MAC addresses of devices connected to each port and this information is entered into a switching table.
Switches create a virtual circuit between two connected devices that want to communicate. When the virtual circuit is created, a dedicated communication path is established between the two devices. The implementation of a switch on the network provides microsegmentation. In theory this creates a collision free environment between the source and destination, which allows maximum utilization of the available bandwidth. A switch is also able to facilitate multiple, simultaneous virtual circuit connections. This is analogous to a highway being divided into multiple lanes with each car having its own dedicated lane.
The disadvantage of Layer 2 devices is that they forward broadcast frames to all connected devices on the network. When the number of broadcasts in a network is excessive, sluggish network response times result.
A router is a Layer 3 device. The router makes decisions based on groups of network addresses, or classes, as opposed to individual Layer 2 MAC addresses. Routers use routing tables to record the Layer 3 addresses of the networks that are directly connected to the local interfaces and network paths learned from neighboring routers.
The purpose of a router is to do all of the following:
Examine incoming packets of Layer 3 data
Choose the best path for them through the network
Switch them to the proper outgoing port
Routers are not compelled to forward broadcasts. Therefore, routers reduce the size of both the collision domains and the broadcast domains in a network. Routers are the most important traffic regulating devices on large networks. They enable virtually any type of computer to communicate with any other computer anywhere in the world.
LANs typically employ a combination of Layer 1, Layer 2, and Layer 3 devices. Implementation of these devices depends on factors that are specific to the particular needs of the organization.
4.1.2
Factors that impact network performance
Today's LANs are becoming increasingly congested and overburdened. In addition
to an ever-growing population of network users, several other factors have combined
to test the limits of the capabilities of traditional LANs:
The multitasking environment present in current desktop operating systems such
as Windows, Unix/Linux and Mac allows for simultaneous network transactions.
This increased capability has lead to an increased demand for network resources.
The use of network intensive applications such as the World Wide Web is increasing.
Client/server applications allow administrators to centralize information, thus
making it easier to maintain and protect information.
Client/server applications free local workstations from the burden of maintaining
information and the cost of providing enough hard disk space to store it. Given
the cost benefit of client/server applications, such applications are likely
to become even more widely used in the future.
4.1.3
Elements of Ethernet/802.3 networks
The most common LAN architecture is Ethernet. Ethernet is used to transport
data between devices on a network. These devices include computers, printers,
and file servers. All nodes on a shared Ethernet media transmit and receive
data using a data frame broadcast method. The performance of a shared medium
Ethernet/802.3 LAN can be negatively affected by several factors:
The data frame delivery of Ethernet/802.3 LANs is of a broadcast nature.
The carrier sense multiple access/collision detect (CSMA/CD) method allows only
one station to transmit at a time.
Multimedia applications with higher bandwidth demand such as video and the Internet,
coupled with the broadcast nature of Ethernet, can create network congestion.
Normal latency occurs as the frames travel across the Layer 1 medium and through
Layer 1, Layer 2, and Layer 3 networking devices.
Extending the distances and increasing latency of the Ethernet/802.3 LANs by
using Layer 1 repeaters.
Ethernet using CSMA/CD and a shared medium can support data transmission rates of up to 100 Mbps. CSMA/CD is an access method that allows only one station to transmit at a time. The goal of Ethernet is to provide a best-effort delivery service and allow all devices on the shared medium to transmit on an equal basis. A certain number of collisions are expected in the design of Ethernet and CSMA/CD. Therefore, collisions can become a major problem in a CSMA/CD network.
4.1.4
Half-duplex networks
Originally Ethernet was a half-duplex technology. Using half-duplex, a host could either transmit or receive at one time, but not both. Each Ethernet host checks the network to see whether data is being transmitted before it transmits additional data. If the network is already in use, the transmission is delayed. Despite transmission deferral, two or more Ethernet hosts could transmit at the same time. This results in a collision. When a collision occurs, the host that first detects the collision will send out a jam signal to the other hosts. Upon receiving the jam signal, each host will stop sending data, then wait for a random period of time before attempting to retransmit. The back-off algorithm generates this random delay. As more hosts are added to the network and begin transmitting, collisions are more likely to occur.
Ethernet LANs become saturated because users run network intensive software, such as client/server applications, which cause hosts to transmit more often and for longer periods of time. The network interface card (NIC), used by LAN devices, provides several circuits so that communication among devices can occur.
4.1.5
Network congestion
Advances in technology are producing faster and more intelligent desktop computers
and workstations. The combination of more powerful workstations and network
intensive applications has created a need for greater network capacity, or bandwidth.
The requirements have exceeded the 10 Mbps available on shared Ethernet/802.3
LANs.
Today's networks are experiencing an increase in the transmission of many forms
of media:
Large graphics files
Images
Full-motion video
Multimedia applications
There is also an increase in the number of users on a network. All these factors place an even greater strain on the 10-Mbps of available bandwidth. As more people utilize a network to share larger files, access file servers, and connect to the Internet, network congestion occurs. This can result in slower response times, longer file transfers, and network users becoming less productive. To relieve network congestion, more bandwidth is needed or the available bandwidth must be used more efficiently.
4.1.6
Network latency
Latency, or delay, is the time a frame or a packet takes to travel from the
source station to the final destination. It is important to quantify the total
latency of the path between the source and the destination for LANs and WANs.
In the specific case of an Ethernet LAN, understanding latency and its effect
on network timing is crucial to determining whether CSMA/CD for detecting collisions
and negotiating transmissions will work properly.
Latency has at least three sources:
First, there is the time it takes the source NIC to place voltage pulses on
the wire and the time it takes the receiving NIC to interpret these pulses.
This is sometimes called NIC delay, typically around 1 microsecond for a 10BASE-T
NIC.
Second, there is the actual propagation delay as the signal takes time to travel
along the cable. Typically, this is about 0.556 microseconds per 100 m for Cat
5 UTP. Longer cable and slower nominal velocity of propagation (NVP) results
in more propagation delay.
Third, latency is added according to which networking devices, whether they
are Layer 1, Layer 2, or Layer 3, are added to the path between the two communicating
computers.
Latency does not depend solely on distance and number of devices. For example, if three properly configured switches separate two workstations, the workstations may experience less latency than if two properly configured routers separated them. This is because routers conduct more complex and time-consuming functions. A router must analyze Layer 3 data.
4.1.7
Ethernet 10 BASE-T transmission time
All networks have what is called bit time or slot time. Many LAN technologies,
such as Ethernet, define bit time as the basic unit of time in which ONE bit
can be sent. In order for the electronic or optical devices to recognize a binary
one or zero, there must be some minimum duration during which the bit is on
or off.
Transmission time equals the number of bits being sent times the bit time for a given technology. Another way to think about transmission time is the time it takes a frame to be transmitted. Small frames take a shorter amount of time. Large frames take a longer amount of time.
Each 10 Mbps Ethernet bit has a 100 ns transmission window. This is the bit
time. A byte equals 8 bits. Therefore, 1 byte takes a minimum of 800 ns to transmit.
A 64-byte frame, the smallest 10BASE-T frame allowing CSMA/CD to function properly,
takes 51,200 ns ( 51.2 microseconds). Transmission of an entire 1000-byte frame
from the source station requires 800 microseconds just to complete the frame.
The time at which the frame actually arrives at the destination station depends
on the additional latency introduced by the network. This latency can be due
to a variety of delays including all of the following:
NIC delays
Propagation delays
Layer 1, Layer 2, or Layer 3 device delays
4.1.8
The benefits of using repeaters
The distance that a LAN can cover is limited due to attenuation. Attenuation
means that the signal weakens as it travels through the network. The resistance
in the cable or medium through which the signal travels causes the loss of signal
strength. An Ethernet repeater is a physical layer device on the network that
boosts or regenerates the signal on an Ethernet LAN. When a repeater is used
to extend the distance of a LAN, a single network can cover a greater distance
and more users can share that same network. However, the use of repeaters and
hubs compounds problems associated with broadcasts and collisions. It also has
a negative effect on the overall performance of the shared media LAN.
4.1.9
Full-duplex transmitting
Full-duplex Ethernet allows the transmission of a packet and the reception of
a different packet at the same time. This simultaneous transmission and reception
requires the use of two pairs of wires in the cable and a switched connection
between each node. This connection is considered point-to-point and is collision
free. Because both nodes can transmit and receive at the same time, there are
no negotiations for bandwidth. Full-duplex Ethernet can use an existing cable
infrastructure as long as the medium meets the minimum Ethernet standards.
To transmit and receive simultaneously, a dedicated switch port is required for each node. Full-duplex connections can use 10BASE-T, 100BASE-TX, or 100BASE-FX media to create point-to-point connections. The NICs on all connected devices must have full-duplex capabilities.
The full-duplex Ethernet switch takes advantage of the two pairs of wires in the cable by creating a direct connection between the transmit (TX) at one end of the circuit and the receive (RX) at the other end. With the two stations connected in this manner a collision free environment is created as the transmission and receipt of data occurs on separate non-competitive circuits.
Ethernet usually can only use 50%-60% of the available 10 Mbps of bandwidth because of collisions and latency. Full-duplex Ethernet offers 100% of the bandwidth in both directions. This produces a potential 20 Mbps throughput, which results from 10 Mbps TX and 10 Mbps RX.
4.2.1
LAN segmentation
A network can be divided into smaller units called segments. Figure shows an
example of a segmented Ethernet network. The entire network has fifteen computers.
Of these fifteen computers, six are servers and nine are workstations. Each
segment uses the CSMA/CD access method and maintains traffic between users on
the segment. Each segment is its own collision domain.
Segmentation allows network congestion to be significantly reduced within each segment. When transmitting data within a segment, the devices within that segment share the total available bandwidth. Data passed between segments is transmitted over the backbone of the network using a bridge, router, or switch.
4.2.2
LAN segmentation with bridges
Bridges are Layer 2 devices that forward data frames according to the MAC address. Bridges read the sender's MAC address of the data packets that are received on the incoming ports to discover which devices are on each segment. The MAC addresses are then used to build a bridging table. This will allow the bridge to block packets that do not need to be forwarded from the local segment.
Although the operation of a bridge is transparent to other network devices, the latency on a network is increased by ten to thirty percent when a bridge is used. This latency is a result of the decision making process prior to the forwarding of a packet. A bridge is considered a store-and-forward device. The bridge must examine the destination address field and calculate the cyclic redundancy check (CRC) in the frame check sequence field before forwarding the frame. If the destination port is busy, the bridge can temporarily store the frame until that port is available.
4.2.3
LAN segmentation with routers
Routers provide segmentation of networks, adding a latency factor of 20% to
30% over a switched network. This increased latency is because a router operates
at the network layer and uses the IP address to determine the best path to the
destination node. Figure shows a Cisco router.
Bridges and switches provide segmentation within a single network or subnetwork. Routers provide connectivity between networks and subnetworks.
Routers also do not forward broadcasts while switches and bridges must forward broadcast frames
4.2.4
LAN segmentation with switches
LAN switching decreases bandwidth shortages and network bottlenecks, such as
those between several workstations and a remote file server. Figure shows a
Cisco switch. A switch will segment a LAN into microsegments which decreases
the size of collision domains. However all hosts connected to the switch are
still in the same broadcast domain.
In a pure switched Ethernet LAN, the sending and receiving nodes function as if they are the only nodes on the network. When these two nodes establish a link, or virtual circuit, they have access to the maximum available bandwidth. These links provide significantly more throughput than Ethernet LANs connected by bridges or hubs. This virtual network circuit is established within the switch and exists only when the nodes need to communicate.
4.2.5
Basic operations of a switch
Switching is a technology that decreases congestion in Ethernet, Token Ring,
and Fiber Distributed Data Interface (FDDI) LANs. Switching accomplishes this
by reducing traffic and increasing bandwidth. LAN switches are often used to
replace shared hubs and are designed to work with existing cable infrastructures.
Switching equipment performs the following two basic operations:
Switching data frames
Maintaining switching operations
4.2.6
Ethernet switch latency
Latency is the period of time from when the beginning of a frame enters to when
the end of the frame exits the switch. Latency is directly related to the configured
switching process and volume of traffic.
Latency is measured in fractions of a second. With networking devices operating at incredibly high speeds, every additional nanosecond of latency adversely affects network performance.
4.2.7
Layer 2 and layer 3 switching
Switching is the process of receiving an incoming frame on one interface and
delivering that frame out another interface. Routers use Layer 3 switching to
route a packet. Switches use Layer 2 switching to forward frames.
The difference between Layer 2 and Layer 3 switching is the type of information inside the frame that is used to determine the correct output interface. Layer 2 switching is based on MAC address information. Layer 3 switching is based on network layer addresses or IP addresses.
Layer 2 switching looks at a destination MAC address in the frame header and forwards the frame to the appropriate interface or port based on the MAC address in the switching table. The switching table is contained in Content Addressable Memory (CAM). If the Layer 2 switch does not know where to send the frame, it broadcasts the frame out all ports to the network. When a reply is returned, the switch records the new address in the CAM.
Layer 3 switching is a function of the network layer. The Layer 3 header information is examined and the packet is forwarded based on the IP address.
Traffic flow in a switched or flat network is inherently different from the traffic flow in a routed or hierarchical network. Hierarchical networks offer more flexible traffic flow than flat networks.
4.2.8
Symmetric and asymmetric switching
LAN switching may be classified as symmetric or asymmetric based on the way
in which bandwidth is allocated to the switch ports. A symmetric switch provides
switched connections between ports with the same bandwidth. An asymmetric LAN
switch provides switched connections between ports of unlike bandwidth, such
as a combination of 10 Mbps and 100 Mbps ports.
Asymmetric switching enables more bandwidth to be dedicated to the server switch port in order to prevent a bottleneck. This allows smoother traffic flows where multiple clients are communicating with a server at the same time. Memory buffering is required on an asymmetric switch. The use of buffers keeps the frames contiguous between different data rate ports.
4.2.9
Memory buffering
An Ethernet switch may use a buffering technique to store and forward frames.
Buffering may also be used when the destination port is busy. The area of memory
where the switch stores the data is called the memory buffer. This memory buffer
can use two methods for forwarding frames, port-based memory buffering and shared
memory buffering.
In port-based memory buffering frames are stored in queues that are linked to specific incoming ports. A frame is transmitted to the outgoing port only when all the frames ahead of it in the queue have been successfully transmitted. It is possible for a single frame to delay the transmission of all the frames in memory because of a busy destination port. This delay occurs even if the other frames could be transmitted to open destination ports.
Shared memory buffering deposits all frames into a common memory buffer which all the ports on the switch share. The amount of buffer memory required by a port is dynamically allocated. The frames in the buffer are linked dynamically to the transmit port. This allows the packet to be received on one port and then transmitted on another port, without moving it to a different queue.
The switch keeps a map of frame to port links showing where a packet needs to be transmitted. The map link is cleared after the frame has been successfully transmitted. The memory buffer is shared. The number of frames stored in the buffer is restricted by the size of the entire memory buffer, and not limited to a single port buffer. This permits larger frames to be transmitted with fewer dropped frames. This is important to asynchronous switching, where frames are being exchanged between different rate ports.
4.2.10
Two switching methods
The following two switching modes are available to forward frames:
Store-and-forward – The entire frame is received before any forwarding
takes place. The destination and source addresses are read and filters are applied
before the frame is forwarded. Latency occurs while the frame is being received.
Latency is greater with larger frames because the entire frame must be received
before the switching process begins. The switch is able to check the entire
frame for errors, which allows more error detection.
Cut-through – The frame is forwarded through the switch before the entire
frame is received. At a minimum the frame destination address must be read before
the frame can be forwarded. This mode decreases the latency of the transmission,
but also reduces error detection.
The following are two forms of cut-through switching:
Fast-forward – Fast-forward switching offers the lowest level of latency.
Fast-forward switching immediately forwards a packet after reading the destination
address. Because fast-forward switching starts forwarding before the entire
packet is received, there may be times when packets are relayed with errors.
Although this occurs infrequently and the destination network adapter will discard
the faulty packet upon receipt. In fast-forward mode, latency is measured from
the first bit received to the first bit transmitted.
Fragment-free – Fragment-free switching filters out collision fragments
before forwarding begins. Collision fragments are the majority of packet errors.
In a properly functioning network, collision fragments must be smaller than
64 bytes. Anything greater than 64 bytes is a valid packet and is usually received
without error. Fragment-free switching waits until the packet is determined
not to be a collision fragment before forwarding. In fragment-free mode, latency
is also measured from the first bit received to the first bit transmitted.
The latency of each switching mode depends on how the switch forwards the frames. To accomplish faster frame forwarding, the switch reduces the time for error checking. However, reducing the error checking time can lead to a higher number of retransmissions.
4.3.1
Functions of Ethernet switches
A switch is a network device that selects a path or circuit for sending a frame
to its destination. Both switches and bridges operate at Layer 2 of the OSI
model.
Switches are sometimes called multiport bridges or switching hubs. Switches
make decisions based on MAC addresses and therefore, are Layer 2 devices. In
contrast, hubs regenerate the Layer 1 signals out of all ports without making
any decisions. Since a switch has the capacity to make path selection decisions,
the LAN becomes much more efficient. Usually, in an Ethernet network the workstations
are connected directly to the switch. Switches learn which hosts are connected
to a port by reading the source MAC address in frames. The switch opens a virtual
circuit between the source and destination nodes only. This confines communication
to those two ports without affecting traffic on other ports. In contrast, a
hub forwards data out all of its ports so that all hosts see the data and must
process it, even if that data is not intended for it. High-performance LANs
are usually fully switched.
A switch concentrates connectivity, making data transmission more efficient.
Frames are switched from incoming ports to outgoing ports. Each port or interface
can provide the full bandwidth of the connection to the host.
On a typical Ethernet hub, all ports connect to a common backplane or physical
connection within the hub, and all devices attached to the hub share the bandwidth
of the network. If two stations establish a session that uses a significant
level of bandwidth, the network performance of all other stations attached to
the hub is degraded.
To reduce degradation, the switch treats each interface as an individual segment.
When stations on different interfaces need to communicate, the switch forwards
frames at wire speed from one interface to the other, to ensure that each session
receives full bandwidth.
To efficiently switch frames between interfaces, the switch maintains an address table. When a frame enters the switch, it associates the MAC address of the sending station with the interface on which it was received.
The main features of Ethernet switches are:
Isolate traffic among segments
Achieve greater amount of bandwidth per user by creating smaller collision domains
The first feature, isolate traffic among segments, is known as microsegmentation. Microsegmentation is the name given to the smaller units into which the networks are divided by use of Ethernet switches. Each segment uses the CSMA/CD access method to maintain data traffic flow among the users on that segment. Such segmentation allows multiple users to send information at the same time on the different segments without slowing down the network.
By using the segments in the network fewer users and/or devices are sharing the same bandwidth when communicating with one another. Each segment has its own collision domain. Ethernet switches filter the traffic by redirecting the datagrams to the correct port or ports, which are based on Layer 2 MAC addresses.
The second function of an Ethernet switch is to ensure each user has more bandwidth by creating smaller collision domains. Both Ethernet and Fast Ethernet switches allow the segmentation of a LAN, thus creating smaller collision domains. Each segment becomes a dedicated network link, like a highway lane functioning at up to 100 Mbps. Popular servers can then be placed on individual 100-Mbps links. Often in networks of today, a Fast Ethernet switch will act as the backbone of the LAN, with Ethernet hubs, Ethernet switches, or Fast Ethernet hubs providing the desktop connections in workgroups. As demanding new applications such as desktop multimedia or videoconferencing become more popular, certain individual desktop computers will have dedicated 100-Mbps links to the network.
4.3.2
Frame transmission modes
There are three main frame transmission modes:
Fast-forward – With this transmission mode, the switch reads the destination
address before receiving the entire frame. The frame is then forwarded before
the entire frame arrives. This mode decreases the latency of the transmission
but has poor LAN switching error detection. Fast-forward is the term used to
indicate a switch is in cut-through mode.
Store-and-forward – The entire frame is received before any forwarding
takes place. The destination and source addresses are read and filters are applied
before the frame is forwarded. Latency occurs while the frame is being received.
Latency is greater with larger frames because the entire frame must be received
before the switching process begins. The switch has time available to check
for errors, which allows more error detection.
Fragment-free – This mode of switching reads the first 64 bytes of an
Ethernet frame and then begins forwarding it to the appropriate port or ports.
Fragment-free is a term used to indicate the switch is using modified cut-through
switching.
Another transmission mode is a combination of cut-through and store-and-forward. This hybrid mode is called adaptive cut-through. In this mode, the switch uses cut-through until it detects a given number of errors. Once the error threshold is reached, the switch changes to store-and-forward mode.
4.3.3
How switches and bridges learn addresses
Bridges and switches only forward frames, which need to travel from one LAN segment to another. To accomplish this task, they must learn which devices are connected to which LAN segment.
A bridge is considered an intelligent device because it can make decisions based on MAC addresses. To do this, a bridge refers to an address table. When a bridge is turned on, broadcast messages are transmitted asking all the stations on the local segment of the network to respond. As the stations return the broadcast message, the bridge builds a table of local addresses. This process is called learning.
Bridges and switches learn in the following ways:
Reading the source MAC address of each received frame or datagram
Recording the port on which the MAC address was received.
In this way, the bridge or switch learns which addresses belong to the devices connected to each port.
The learned addresses and associated port or interface are stored in the addressing table. The bridge examines the destination address of all received frames. The bridge then scans the address table searching for the destination address.
CAM is used in switch applications:
To take out and process the address information from incoming data packets
To compare the destination address with a table of addresses stored within it
The CAM stores host MAC addresses and associated port numbers. The CAM compares the received destination MAC address against the CAM table contents. If the comparison yields a match, the port is provided, and routing control forwards the packet to the correct port and address.
An Ethernet switch can learn the address of each device on the network by reading the source address of each frame transmitted and noting the port where the frame entered the switch. The switch then adds this information to its forwarding database. Addresses are learned dynamically. This means that as new addresses are read, they are learned and stored in CAM. When a source address is not found in CAM, it is learned and stored for future use.
Each time an address is stored, it is time stamped. This allows for addresses to be stored for a set period of time. Each time an address is referenced or found in CAM, it receives a new time stamp. Addresses that are not referenced during a set period of time are removed from the list. By removing aged or old addresses, CAM maintains an accurate and functional forwarding database.
The processes followed by the CAM are as follows:
If the address is not found, the bridge forwards the frame out all ports except
the port on which it was received. This process is called flooding.
The address may also have been deleted by the bridge because the bridge software
was recently restarted, ran short of address entries in the address table, or
deleted the address because it was too old. Since the bridge does not know which
port to use to forward the frame, it will send it to out all ports, except the
one from which it was received. It is clearly unnecessary to send it back to
the same cable segment from which it was received, since any other computer
or bridges on this cable must already have received the packet.
If the address is found in an address table and the address is associated with
the port on which it was received, the frame is discarded. It must already have
been received by the destination.
If the address is found in an address table and the address is not associated
with the port on which it was received, the bridge forwards the frame to the
port associated with the address.
4.3.4
How switches and bridges filter frames
Bridges are capable of filtering frames based on any Layer 2 fields. For example, a bridge can be programmed to reject, not forward, all frames sourced from a particular network. Because link layer information often includes a reference to an upper-layer protocol, bridges can usually filter on this parameter. Furthermore, filters can be helpful in dealing with unnecessary broadcast and multicast packets.
Once the bridge has built the local address table, it is ready to operate.
When it receives a frame, it examines the destination address. If the frame
address is local, the bridge ignores it. If the frame is addressed for another
LAN segment, the bridge copies the frame onto the second segment.
Ignoring a frame is called filtering.
Copying the frame is called forwarding.
Basic filtering keeps local frames local and sends remote frames to another LAN segment.
Filtering on specific source and destination addresses performs the following
actions:
Stopping one station from sending frames outside of its local LAN segment
Stopping all "outside" frames destined for a particular station, thereby
restricting the other stations with which it can communicate
Both types of filtering provide some control over internetwork traffic and can offer improved security.
Most Ethernet bridges can filter broadcast and multicast frames. Occasionally, a device will malfunction and continually send out broadcast frames, which are continuously copied around the network. A broadcast storm, as it is called, can bring network performance to zero. If a bridge can filter broadcast frames, a broadcast storm has less opportunity to act.
Today, bridges are also able to filter according to the network-layer protocol. This blurs the demarcation between bridges and routers. A router operates on the network layer using a routing protocol to direct traffic around the network. A bridge that implements advanced filtering techniques is usually called a brouter. Brouters filter by looking at network layer information but they do not use a routing protocol.
4.3.5
LAN segmentation using bridging
Ethernet LANs that use a bridge to segment the LAN provide more bandwidth per
user because there are fewer users on each segment. In contrast, LANs that do
not use bridges for segmentation provide less bandwidth per user because there
are more users on a non-segmented LAN.
Bridges segment a network by building address tables that contain the address of each network device and which segment to use to reach that device. Bridges are Layer 2 devices that forward data frames based on MAC addresses of the frame. In addition, bridges are transparent to the other devices on the network.
Bridges increase the latency in a network by 10 to 30 percent. This latency is due to the decision-making required of the bridge or bridges in transmitting data. A bridge is considered a store-and-forward device because it must examine the destination address field and calculate the CRC in the frame check sequence field, before forwarding the frame. If the destination port is busy, the bridge can temporarily store the frame until the port is available. The time it takes to perform these tasks slows the network transmissions causing increased latency
4.3.6
Why segment LANs?
There are two primary reasons for segmenting a LAN. The first is to isolate
traffic between segments. The second reason is to achieve more bandwidth per
user by creating smaller collision domains.
Without LAN segmentation, LANs larger than a small workgroup could quickly become clogged with traffic and collisions.
LAN segmentation can be implemented through the utilization of bridges, switches, and routers. Each of these devices has particular pros and cons.
With the addition of devices like bridges, switches, and routers the LAN is segmented into a number of smaller collision domains. In the example shown, four collision domains have been created.
By dividing large networks into self-contained units, bridges and switches provide several advantages. Bridges and switches will diminish the traffic experienced by devices on all connected segments, because only a certain percentage of traffic is forwarded. Bridges and switches reduce the collision domain but not the broadcast domain.
Each interface on the router connects to a separate network. Therefore the insertion of the router into a LAN will create smaller collision domains and smaller broadcast domains. This occurs because routers do not forward broadcasts unless programmed to do so.
A switch employs “microsegmentation” to reduce the collision domain on a LAN. The switch does this by creating dedicated network segments, or point-to-point connections. The switch connects these segments in a virtual network within the switch.
This virtual network circuit exists only when two nodes need to communicate. This is called a virtual circuit as it exists only when needed, and is established within the switch.
4.3.7
Microsegmentation implementation
LAN switches are considered multi-port bridges with no collision domain, because
of microsegmentation. Data is exchanged at high speeds by switching the frame
to its destination. By reading the destination MAC address Layer 2 information,
switches can achieve high-speed data transfers, much like a bridge does. The
frame is sent to the port of the receiving station prior to the entire frame
entering the switch. This process leads to low latency levels and a high rate
of speed for frame forwarding.
Ethernet switching increases the bandwidth available on a network. It does this by creating dedicated network segments, or point-to-point connections, and connecting these segments in a virtual network within the switch. This virtual network circuit exists only when two nodes need to communicate. This is called a virtual circuit because it exists only when needed, and is established within the switch.
Even though the LAN switch reduces the size of collision domains, all hosts connected to the switch are still in the same broadcast domain. Therefore, a broadcast from one node will still be seen by all the other nodes connected through the LAN switch.
Switches are data link layer devices that, like bridges, enable multiple physical LAN segments to be interconnected into a single larger network. Similar to bridges, switches forward and flood traffic based on MAC addresses. Because switching is performed in hardware instead of in software, it is significantly faster. Each switch port can be considered a micro-bridge acting as a separate bridge and gives the full bandwidth of the medium to each host.
4.3.8
Switches and collision domains
A major disadvantage of Ethernet 802.3 networks is collisions. Collisions occur
when two hosts transmit frames simultaneously. When a collision occurs, the
transmitted frames are corrupted or destroyed in the collision. The sending
hosts stop sending further transmissions for a random period of time, based
on the Ethernet 802.3 rules of CSMA/CD. Excessive collisions cause networks
to be unproductive.
The network area where frames originate and collide is called the collision domain. All shared media environments are collision domains. When a host is connected to a switch port, the switch creates a dedicated 10 Mbps bandwidth connection. This connection is considered to be an individual collision domain. For example, if a twelve-port switch has a device connected to each port then twelve collision domains are created.
A switch builds a switching table by learning the MAC addresses of the hosts that are connected to each switch port. When two connected hosts want to communicate with each other, the switch looks up the switching table and establishes a virtual connection between the ports. The virtual circuit is maintained until the session is terminated.
In Figure , Host B and Host C want to communicate with each other. The switch creates the virtual connection which is referred to as a microsegment. The microsegment behaves as if the network has only two hosts, one host sending and one receiving providing maximum utilization of the available bandwidth.
Switches reduce collisions and increase bandwidth on network segments because they provide dedicated bandwidth to each network segment.
4.3.9
Switches and broadcast domains
Communication in a network occurs in three ways. The most common way of communication
is by unicast transmissions. In a unicast transmission, one transmitter tries
to reach one receiver.
Another way to communicate is known as a multicast transmission. Multicast transmission occurs when one transmitter tries to reach only a subset, or a group, of the entire segment.
The final way to communicate is by broadcasting. Broadcasting is when one transmitter tries to reach all the receivers in the network. The server station sends out one message and everyone on that segment receives the message.
When a device wants to send out a Layer 2 broadcast, the destination MAC address in the frame is set to all ones. A MAC address of all ones is FF:FF:FF:FF:FF:FF in hexadecimal. By setting the destination to this value, all the devices will accept and process the broadcasted frame.
The broadcast domain at Layer 2 in referred to as the MAC broadcast domain. The MAC broadcast domain consists of all devices on the LAN that receive frame broadcasts by a host to all other machines on the LAN.
A switch is a Layer 2 device. When a switch receives a broadcast, it forwards it to each port on the switch except the incoming port. Each attached device must process the broadcast frame. This leads to reduced network efficiency, because available bandwidth is used for broadcasting purposes.
When two switches are connected, the broadcast domain is increased. In this example a broadcast frame is forwarded to all connected ports on Switch 1. Switch 1 is connected to Switch 2. The frame is propagated to all devices connected to Switch 2.
The overall result is a reduction in available bandwidth. This happens because all devices in the broadcast domain must receive and process the broadcast frame.
Routers are Layer 3 devices. Routers do not propagate broadcasts. Routers are used to segment both collision and broadcast domains.
4.3.10
Communication between switches and workstation
When a workstation connects to a LAN, it is unconcerned about the other devices
that are connected to the LAN media. The workstation simply transmits data frames
using a NIC to the network medium.
The workstation could be attached directly to another workstation, using a crossover cable or attached to a network device, such as a hub, switch, or router, using a straight-through cable.
Switches are Layer 2 devices that use intelligence to learn the MAC addresses of the devices that are attached to the ports of the switch. This data is entered into a switching table. Once the table is complete, the switch can read the destination MAC address of an incoming data frame on a port and immediately forward it. Until a device transmits, the switch does not know its MAC address.
Switches provide significant scalability on a network and may be directly connected. Figure illustrates one scenario of frame transmission utilizing a multi-switch network.
MODULE 5
Designing a network can be a challenging task that involves more than just connecting computers together. A network requires many features in order to be reliable, manageable, and scalable. To design reliable, manageable, and scalable networks, a network designer must realize that each of the major components of a network has distinct design requirements.
Network design is becoming more difficult despite improvements in equipment performance and media capabilities. Using multiple media types and interconnecting LANs with other external networks makes the networking environment complex. Good network design will improve performance and also reduce the difficulties associated with network growth and evolution.
A LAN spans a single room, a building, or a set of buildings that are close
together. A group of buildings that are on a site and belong to a single organization
are referred to as a campus. The design of larger LANs includes identifying
the following:
An access layer that connects end users into the LAN
A distribution layer that provides policy-based connectivity between end-user
LANs
A core layer that provides the fastest connection between the distribution points
Each of these LAN design layers requires switches that are best suited for
specific tasks. The features, functions, and technical specifications for each
switch vary depending on the LAN design layer for which the switch is intended.
Understanding the role of each layer and then choosing the switches best suited
for that layer ensures the best network performance for LAN users.
5.1
LAN Design
5.1.1
LAN design goals
The first step in designing a LAN is to establish and document the goals of
the design. These goals are unique to each organization or situation. The following
requirements are usually seen in most network designs:
Functionality – The network must work. The network must allow users to
meet their job requirements. The network must provide user-to-user and user-to-application
connectivity with reasonable speed and reliability.
Scalability – The network must be able to grow. The initial design should
grow without any major changes to the overall design.
Adaptability – The network must be designed with a vision toward future
technologies. The network should include no element that would limit implementation
of new technologies as they become available.
Manageability – The network should be designed to facilitate network monitoring
and management to ensure ongoing stability of operation.
5.1.1
LAN design goals
The first step in designing a LAN is to establish and document the goals of
the design. These goals are unique to each organization or situation. The following
requirements are usually seen in most network designs:
Functionality – The network must work. The network must allow users to
meet their job requirements. The network must provide user-to-user and user-to-application
connectivity with reasonable speed and reliability.
Scalability – The network must be able to grow. The initial design should
grow without any major changes to the overall design.
Adaptability – The network must be designed with a vision toward future
technologies. The network should include no element that would limit implementation
of new technologies as they become available.
Manageability – The network should be designed to facilitate network monitoring
and management to ensure ongoing stability of operation.
5.1.2
LAN design considerations
Many organizations have been upgrading existing LANs or planning, designing,
and implementing new LANs. This expansion in LAN design is due to the development
of high-speed technologies such as Asynchronous Transfer Mode (ATM). This expansion
is also due to complex LAN architectures that use LAN switching and virtual
LANs (VLANs).
To maximize available LAN bandwidth and performance, the following LAN design
considerations must be addressed:
The function and placement of servers
Collision detection issues
Segmentation issues
Broadcast domain issues
Servers provide file sharing, printing, communication, and application services. Servers typically do not function as workstations. Servers run specialized operating systems, such as NetWare, Windows NT, UNIX, and Linux. Each server is usually dedicated to one function, such as e-mail or file sharing.
Servers can be categorized into two distinct classes: enterprise servers and workgroup servers. An enterprise server supports all the users on the network by offering services, such as e-mail or Domain Name System (DNS). E-mail or DNS is a service that everyone in an organization would need because it is a centralized function. However, a workgroup server supports a specific set of users, offering services such as word processing and file sharing.
Enterprise servers should be placed in the main distribution facility (MDF). Traffic to the enterprise servers travels only to the MDF and is not transmitted across other networks. The reviewer's rewrite leaves out the important point about the traffic to the enterprise servers traveling only to the MDF. Ideally, workgroup servers should be placed in the intermediate distribution facilities (IDFs) closest to the users accessing the applications on these servers. By placing workgroup servers close to the users, traffic only has to travel the network infrastructure to an IDF, and does not affect other users on that network segment. Layer 2 LAN switches located in the MDF and IDFs should have 100 Mbps or more allocated to these servers.
Ethernet nodes use CSMA/CD. Each node must contend with all other nodes to access the shared medium, or collision domain. If two nodes transmit at the same time, a collision occurs. When this occurs, the transmitted frame is destroyed, and a jam signal is sent to all nodes on the segment. The transmitting nodes wait a random period of time, and then resend the data. Excessive collisions can reduce the available bandwidth of a network segment to 35% or 40% of the bandwidth available.
Segmentation is the process of splitting a single collision domain into smaller collision domains. Creating smaller collision domains reduces the number of collisions on a LAN segment, and allows for greater utilization of bandwidth. Layer 2 devices such as bridges and switches can be used to segment a LAN into smaller collision domains. Routers can achieve this at Layer 3.
A broadcast occurs when the destination media access control (MAC) data frame address is set to FF-FF-FF-FF-FF-FF. A broadcast domain refers to the set of devices that receive a broadcast data frame originating from any device within that set. All hosts that receive a broadcast data frame must process it. Processing the broadcast data will consume the resources and available bandwidth of the host. Layer 2 devices such as bridges and switches reduce the size of a collision domain. These devices do not reduce the size of the broadcast domain. Routers reduce the size of the collision domain and the size of the broadcast domain at Layer 3.
5.1.3
LAN design methodology
For a LAN to be effective and serve the needs of its users, it should be designed
and implemented according to a planned series of systematic steps. These steps
include the following:
Gather requirements and expectations
Analyze requirements and data
Design the Layer 1, 2, and 3 LAN structure, or topology
Document the logical and physical network implementation
The information gathering process helps clarify and identify any current network problems. This information includes the organization's history and current status, their projected growth, operating policies and management procedures, office systems and procedures, and the viewpoints of the people who will be using the LAN.
The following questions should be asked when gathering information:
Who are the people who will be using the network?
What is the skill level of these people?
What are their attitudes toward computers and computer applications?
How developed are the organizational documented policies?
Has some data been declared mission critical?
Have some operations been declared mission critical?
What protocols are allowed on the network?
Are only certain desktop hosts supported?
Who is responsible for LAN addressing, naming, topology design, and configuration?
What are the organizational human, hardware, and software resources?
How are these resources currently linked and shared?
What financial resources does the organization have available?
Documenting the following requirements allows for an informed estimate of costs and timelines for projected LAN design implementation. It is important to understand performance issues of any existing network.
Availability measures the usefulness of the network. Many things affect availability,
including the following:
Throughput
Response time
Access to resources
Every customer has a different definition of availability. For example, there may be a need to transport voice and video over the network. These services may require more bandwidth than is available on the network or backbone. To increase availability, more resources can be added, but adding more resources will increase the cost of the network. Network design tries to provide the greatest availability for the least cost.
The next step in designing a network is to analyze the requirements of the network and its users. Network user needs constantly change. As more voice and video-based network applications become available, the necessity to increase network bandwidth grows too.
Another component of the analysis phase is assessing the user requirements. A LAN that is incapable of supplying prompt and accurate information to its users is useless. Steps must be taken to ensure that the information requirements of the organization and its workers are met.
The next step is to decide on an overall LAN topology that will satisfy the user requirements. In this curriculum, concentration will be on the star topology and extended star topology. The star topology and extended star topology uses Ethernet 802.3 CSMA/CD technology. CSMA/CD star topology is the dominant configuration in the industry.
LAN topology design can be broken into the following three unique categories
of the OSI reference model:
Network layer
Data link layer
Physical layer
The final step in LAN design methodology is to document the physical and logical topology of the network. The physical topology of the network refers to the way in which various LAN components are connected together. The logical design of the network refers to the flow of data in a network. It also refers to the naming and addressing schemes used in the implementation of the LAN design solution.
Important LAN design documentation includes the following:
OSI layer topology map
LAN logical map
LAN physical map
Cut sheets
VLAN logical map
Layer 3 logical map
Addressing maps
5.1.4
Layer 1 design
One of the most important components to consider when designing a network is
the physical cabling. Today, most LAN cabling is based on Fast Ethernet technology.
Fast Ethernet is Ethernet that has been upgraded from 10 Mbps to 100 Mbps, and
has the ability to utilize full-duplex functionality. Fast Ethernet uses the
standard Ethernet broadcast-oriented logical bus topology of 10BASE-T, and the
CSMA/CD method for MAC addressing.
Design issues at Layer 1 include the type of cabling to be used, typically copper or fiber-optic, and the overall structure of the cabling. Layer 1 cabling media includes types such as 10/100BASE-TX Category 5, 5e, or 6 unshielded twisted-pair (UTP), or shielded twisted-pair (STP), 100BaseFX fiber-optic cable, and the TIA/EIA-568-A standard for layout and connection of wiring schemes.
Careful evaluation of the strengths and weaknesses of the topologies should be performed. A network is only as effective as its underlying cable. Layer 1 issues cause most network problems. A complete cable audit should be conducted, when planning any significant changes for a network, to identify areas that require upgrades and rewiring.
Fiber-optic cable should be used in the backbone and risers in all cable design settings. Category 5e UTP cable should be used in the horizontal runs. The cable upgrade should take priority over any other necessary changes. Enterprises should also make certain that these systems conform to well-defined industry standards, such as the TIA/EIA-568-A specifications.
The TIA/EIA-568-A standard specifies that every device connected to the network should be linked to a central location with horizontal cabling. This applies if all the hosts that need to access the network are within the 100-meter distance limitation for Category 5e UTP Ethernet.
In a simple star topology with only one wiring closet, the MDF includes one or more horizontal cross-connect (HCC) patch panels. HCC patch cables are used to connect the Layer 1 horizontal cabling with the Layer 2 LAN switch ports. The uplink port of the LAN switch, depending on the model, is connected to the Ethernet port of the Layer 3 router using a patch cable. At this point, the end host has a complete physical connection to the router port.
When hosts in larger networks are outside the 100-meter limitation for Category 5e UTP, more than one wiring closet is required. By creating multiple wiring closets, multiple catchment areas are created. The secondary wiring closets are referred to as intermediate distribution facilities (IDFs). TIA/EIA-568-A standards specify that IDFs should be connected to the MDF by using vertical cabling, also called backbone cabling. A vertical cross-connect (VCC) is used to interconnect the various IDFs to the central MDF. Fiber-optic cabling is normally used because the vertical cable lengths are typically longer than the 100-meter limit for Category 5e UTP cable.
The logical diagram is the network topology model without all the detail of
the exact installation paths of the cabling. The logical diagram is the basic
road map of the LAN including the following elements:
Specify the locations and identification of the MDF and IDF wiring closets.
Document the type and quantity of cabling used to interconnect the IDFs with
the MDF.
Document how many spare cables are available for increasing the bandwidth between
the wiring closets. For example, if the vertical cabling between IDF 1 and the
MDF is running at 80% utilization, two additional pairs could be used to double
the capacity.
Provide detailed documentation of all cable runs, the identification numbers,
and the port the run is terminated on at the HCC or VCC.
The logical diagram is essential when troubleshooting network connectivity problems. If Room 203 loses connectivity to the network, by examining the cut sheet it can be seen that this room is running off cable run 203-1, which is terminated on HCC 1 port 13. Using a cable tester it can be determined whether the problem is a Layer 1 failure. If it is, one of the other two runs can be used to reestablish connectivity and provide time to troubleshoot run 203-1.
5.1.5
Layer 2 design
The purpose of Layer 2 devices in the network is to provide flow control, error
detection, error correction, and to reduce congestion in the network. The two
most common Layer 2 networking devices are bridges and LAN switches. Devices
at Layer 2 determine the size of the collision domains.
Collisions and collision domain size are two factors that negatively affect the performance of a network. Microsegmentation of the network reduces the size of collision domains and reduces collisions. Microsegmentation is implemented through the use of bridges and switches. The goal is to boost performance for a workgroup or a backbone. Switches can be used with hubs to provide the appropriate level of performance for different users and servers.
Another important characteristic of a LAN switch is how it can allocate bandwidth on a per-port basis. This will provide more bandwidth to vertical cabling, uplinks, and servers. This type of switching is referred to as asymmetric switching. Asymmetric switching provides switched connections between ports of unlike bandwidth, such as a combination of 10-Mbps and 100-Mbps ports.
The desired capacity of a vertical cable run is greater than that of a horizontal cable run. By installing a LAN switch at the MDF and IDF, the vertical cable run can manage the data traffic from the MDF to the IDF. The horizontal runs between the IDF and the workstations uses Category 5e UTP. No horizontal cable drop should be longer than 100 meters. In a normal environment, 10 Mbps is adequate for the horizontal drop. Use asymmetric LAN switches to allow for mixing 10-Mbps and 100-Mbps ports on a single switch.
The next task is to determine the number of 10 Mbps and 100 Mbps ports needed in the MDF and every IDF. This can be determined by reviewing the user requirements for the number of horizontal cable drops per room and the number of total drops in any catchment area. This includes the number of vertical cable runs. For example, suppose that user requirements dictate four horizontal cable runs to be installed to each room. The IDF services a catchment area of 18 rooms. Therefore, four drops in each of the 18 rooms will equal 72 LAN switch ports. (4x18=72)
The size of a collision domain is determined by how many hosts are physically connected to any single port on the switch. This also affects how much network bandwidth is available to any host. In an ideal situation, there is only one host connected on a LAN switch port. The collision domain would consist only of the source host and destination host. The size of the collision domain would be two. Because of the small size of this collision domain, there should be virtually no collisions when any two hosts are communicating with each other. Another way to implement LAN switching is to install shared LAN hubs on the switch ports, and connect multiple hosts to a single switch port. All hosts connected to the shared LAN hub share the same collision domain and bandwidth. Collisions would occur more frequently.
Some older switches, such as the Catalyst 1700, do not properly support sharing the same collision domain and bandwidth. The older switches do not maintain multiple MAC addresses mapped to each port. As a result, there are many broadcasts and ARP requests.
Shared media hubs are generally used in a LAN switch environment to create more connection points at the end of the horizontal cable runs. This is an acceptable solution, but care must be taken. Collision domains should be kept small and bandwidth requirements to the host must be provided according to the specifications gathered in the requirements phase of the network design process.
5.1.6
Layer 3 design
A router is a Layer 3 device and is considered one of the most powerful devices
in the network topology.
Layer 3 devices can be used to create unique LAN segments. Layer 3 devices allow communication between segments based on Layer 3 addressing, such as IP addressing. Implementation of Layer 3 devices allows for segmentation of the LAN into unique physical and logical networks. Routers also allow for connectivity to wide-area networks (WANs), such as the Internet.
Layer 3 routing determines traffic flow between unique physical network segments based on Layer 3 addressing. A router forwards data packets based on destination addresses. A router does not forward LAN-based broadcasts such as ARP requests. Therefore, the router interface is considered the entry and exit point of a broadcast domain and stops broadcasts from reaching other LAN segments.
Routers provide scalability because they serve as firewalls for broadcasts. They can also provide scalability by dividing networks into subnetworks, or subnets, based on Layer 3 addresses.
When deciding whether to use routers or switches, remember to ask, "What is the problem that is to be solved?" If the problem is related to protocol rather than issues of contention, then routers are the appropriate solution. Routers solve problems with excessive broadcasts, protocols that do not scale well, security issues, and network layer addressing. Routers are more expensive and more difficult to configure than switches.
Figure shows an example of an implementation that has multiple physical networks. All data traffic from Network 1 destined for Network 2 has to go through the router. In this implementation, there are two broadcast domains. The two networks have unique Layer 3 network addressing schemes. In a structured Layer 1 wiring scheme, multiple physical networks are easy to create by patching the horizontal cabling and vertical cabling into the appropriate Layer 2 switch. This can be done using patch cables. This implementation also provides robust security, because all traffic in and out of the LAN must pass through the router.
Once an IP addressing scheme has been developed for a client, it should be clearly documented. A standard convention should be set for addressing important hosts on the network. This addressing scheme should be kept consistent throughout the entire network. Addressing maps provide a snapshot of the network. Creating physical maps of the network helps to troubleshoot the network.
VLAN implementation combines Layer 2 switching and Layer 3 routing technologies to limit both collision domains and broadcast domains. VLANs can also be used to provide security by creating the VLAN groups according to function and by using routers to communicate between VLANs.
A physical port association is used to implement VLAN assignment. Ports P1, P4, and P6 have been assigned to VLAN 1. VLAN 2 has ports P2, P3, and P5. Communication between VLAN 1 and VLAN 2 can occur only through the router. This limits the size of the broadcast domains and uses the router to determine whether VLAN 1 can talk to VLAN 2
5.2.1
Switched LANs, access layer overview
The construction of a LAN that satisfies the needs of both medium and large-sized
organizations is more likely to be successful if a hierarchical design model
is used. The use of a hierarchical design model will make it easier to make
changes to the network as the organization grows. The hierarchical design model
includes the following three layers:
The access layer provides users in workgroups access to the network.
The distribution layer provides policy-based connectivity.
The core layer provides optimal transport between sites. The core layer is often
referred to as the backbone.
This hierarchical model applies to any network design. It is important to realize that these three layers may exist in clear and distinct physical entities. However, this is not a requirement. These layers are defined to aid in successful network design and to represent functionality that must exist in a network.
The access layer is the entry point for user workstations and servers to the network. In a campus LAN the device used at the access layer can be a switch or a hub.
If a hub is used, bandwidth is shared. If a switch is used, then bandwidth is dedicated. If a workstation or server is directly connected to a switch port, then the full bandwidth of the connection to the switch is available to the connected computer. If a hub is connected to a switch port, bandwidth is shared between all devices connected to the hub.
Access layer functions also include MAC layer filtering and microsegmentation. MAC layer filtering allows switches to direct frames only to the switch port that is connected to the destination device. The switch creates small Layer 2 segments called microsegments. The collision domain can be as small as two devices. Layer 2 switches are used in the access layer.
5.2.2
Access layer switches
Access layer switches operate at Layer 2 of the OSI model and provide services
such as VLAN membership. The main purpose of an access layer switch is to allow
end users into the network. An access layer switch should provide this functionality
with low cost and high port density.
The following Cisco switches are commonly used at the access layer:
Catalyst 1900 series
Catalyst 2820 series
Catalyst 2950 series
Catalyst 4000 series
Catalyst 5000 series
The Catalyst 1900 or 2820 series switch is an effective access device for small or medium campus networks. The Catalyst 2950 series switch effectively provides access for servers and users that require higher bandwidth. This is achieved by providing Fast Ethernet capable switch ports. The Catalyst 4000 and 5000 series switches include Gigabit Ethernet ports and are effective access devices for a larger number of users in large campus networks.
5.2.3
Distribution layer overview
The distribution layer of the network is between the access and core layers.
It helps to define and separate the core. The purpose of this layer is to provide
a boundary definition in which packet manipulation can take place. Networks
are segmented into broadcast domains by this layer. Policies can be applied
and access control lists can filter packets. The distribution layer isolates
network problems to the workgroups in which they occur. The distribution layer
also prevents these problems from affecting the core layer. Switches in this
layer operate at Layer 2 and Layer 3. In a switched network, the distribution
layer includes several functions such as the following:
Aggregation of the wiring closet connections
Broadcast/multicast domain definition
Virtual LAN (VLAN) routing
Any media transitions that need to occur
Security
5.2.4
Distribution layer switches
Distribution layer switches are the aggregation points for multiple access layer switches. The switch must be able to accommodate the total amount of traffic from the access layer devices.
The distribution layer switch must have high performance. The distribution layer switch is a point at which a broadcast domain is delineated. The distribution layer combines VLAN traffic and is a focal point for policy decisions about traffic flow. For these reasons distribution layer switches operate at both Layer 2 and Layer 3 of the OSI model. Switches in this layer are referred to as multilayer switches. These multilayer switches combine the functions of a router and a switch in one device. They are designed to switch traffic to gain higher performance than a standard router. If they do not have an associated router module, then an external router is used for the Layer 3 function.
The following Cisco switches are suitable for the distribution layer:
Catalyst 2926G
Catalyst 5000 family
Catalyst 6000 family
5.2.5
Core layer overview
The core layer is a high-speed switching backbone. If they do not have an associated router module, an external router is used for the Layer 3 function. This layer of the network design should not perform any packet manipulation. Packet manipulation, such as access list filtering, would slow down the switching of packets. Providing a core infrastructure with redundant alternate paths gives stability to the network in the event of a single device failure.
The core can be designed to use Layer 2 or Layer 3 switching. Asynchronous Transfer Mode (ATM) or Ethernet switches can be used.
5.2.6
Core layer switches
The core layer is the backbone of the campus switched network. The switches in this layer can make use of a number of Layer 2 technologies. Provided that the distance between the core layer switches is not too great, the switches can use Ethernet technology. Other Layer 2 technologies, such as Asynchronous Transfer Mode (ATM) cell switching, can also be used. In a network design, the core layer can be a routed, or Layer 3, core. Core layer switches are designed to provide efficient Layer 3 functionality when needed. Factors such as need, cost, and performance should be considered before a choice is made.
The following Cisco switches are suitable for the core layer:
Catalyst 6500 series
Catalyst 8500 series
IGX 8400 series
Lightstream 1010
MODULE SIX
A switch is a Layer 2 network device that acts as the concentration point for the connection of workstations, servers, routers, hubs, and other switches.
A hub is an older type of concentration device which also provides multiple ports. However, hubs are inferior to switches because all devices connected to a hub reside in the same bandwidth domain that produces collisions. Another drawback to using hubs is that they only operate in half-duplex mode. In half-duplex mode, the hubs can send or receive data at any given time, but not both at the same time. Switches can operate in full-duplex mode, which means they can send and receive data simultaneously.
Switches are multi-port bridges. Switches are the current standard technology for Ethernet LANs that utilize a star topology. A switch provides many dedicated, point-to-point virtual circuits between connected networking devices, so collisions are virtually impossible.
Because of their dominant role in modern networks, the ability to understand and configure switches is essential for network support.
A new switch will have a preset configuration with factory defaults. This configuration will rarely meet the needs of a network administator. Switches can be configured and managed from a command-line interface (CLI). Increasingly, networking devices can also be configured and managed using a web based interface and a browser.
A network administrator must be familiar with many tasks to be effective in managing a network with switches. Some of these tasks are associated with maintaining the switch and its Internetworking Operating System (IOS). Others are associated with managing interfaces and tables for optimal, reliable, and secure operation. Basic switch configuration, upgrading the IOS, and performing password recovery are essential network administrator skills
6.1.1
Physical startup of the Catalyst switch
Switches are dedicated, specialized computers, which contain a central processing
unit (CPU), random access memory (RAM), and an operating system. As shown in
Figure , switches usually have several ports for the purpose of connecting hosts,
as well as specialized ports for the purpose of management. A switch can be
managed by connecting to the console port to view and make changes to the configuration.
Switches typically have no power switch to turn them on and off. They simply connect or disconnect from a power source.
Several switches from the Cisco Catalyst 2950 series are shown in Figure .
6.1.2
Switch LED indicators
The front panel of a switch has several lights to help monitor system activity
and performance. These lights are called light-emitting diodes (LEDs). The front
of the switch has the following LEDs:
System LED
Remote Power Supply (RPS) LED
Port Mode LED
Port Status LEDs
The System LED shows whether the system is receiving power and functioning correctly.
The RPS LED indicates whether or not the remote power supply is in use.
The Mode LEDs indicate the current state of the Mode button. The modes are used to determine how the Port Status LEDs are interpreted. To select or change the port mode, press the Mode button repeatedly until the Mode LEDs indicate the desired mode.
The Port Status LEDs have different meanings, depending on the current value of the Mode LED.
6.1.3
Verifying port LEDs during switch POST
Once the power cable is connected, the switch initiates a series of tests called
the power-on self test (POST). POST runs automatically to verify that the switch
functions correctly. The System LED indicates the success or failure of POST.
If the System LED is off but the switch is plugged in, then POST is running.
If the System LED is green, then POST was successful. If the System LED is amber,
then POST failed. POST failure is considered to be a fatal error. Reliable operation
of the switch should not be expected if POST fails.
The Port Status LEDs also change during switch POST. The Port Status LEDs turn amber for about 30 seconds as the switch discovers the network topology and searches for loops. If the Port Status LEDs turn green, the switch has established a link between the port and a target, such as a computer. If the Port Status LEDs turn off, the switch has determined that nothing is plugged into the port.
6.1.4
Viewing initial bootup output from the switch
In order to configure or check the status of a switch, connect a computer to the switch in order to establish a communication session. Use a rollover cable to connect the console port on the back of the switch to a COM port on the back of the computer.
Start HyperTerminal on the computer. A dialog window will be displayed. The connection must first be named when initially configuring the HyperTerminal communication with the switch. Select the COM port to which the switch is connected using the pull-down menu, and click the OK button. A second dialog window will be displayed. Set up the parameters as shown, and click the OK button.
Plug the switch into a wall outlet. The initial bootup output from the switch should be displayed on the HyperTerminal screen. This output shows information about the switch, details about POST status, and data about the switch hardware.
After the switch has booted and completed POST, prompts for the System Configuration dialog are presented. The switch may be configured manually with or without the assistance of the System Configuration dialog. The System Configuration dialog on the switch is simpler than that on a router.
6.1.5
Examining help in the switch CLI
The command-line interface (CLI) for Cisco switches is very similar to the CLI for Cisco routers.
The help command is issued by entering a question mark (?). When this command is entered at the system prompt, a list of commands available for the current command mode is displayed.
The help command is very flexible. To obtain a list of commands that begin with a particular character sequence, enter those characters followed immediately by the question mark (?). Do not enter a space before the question mark. This form of help is called word help, because it completes a word.
To list keywords or arguments that are associated with a particular command, enter one or more words associated with the command, followed by a space and then a question mark (?). This form of help is called command syntax help, because it provides applicable keywords or arguments based on a partial command.
6.1.6
Switch command modes
Switches have several command modes. The default mode is User EXEC mode. The User EXEC mode is recognized by its prompt, which ends in a greater-than character (>). The commands available in User EXEC mode are limited to those that change terminal settings, perform basic tests, and display system information. Figure describes the show commands that are available in User EXEC mode.
The enable command is used to change from User EXEC mode to Privileged EXEC mode. Privileged EXEC mode is also recognized by its prompt, which ends in a pound-sign character (#). The Privileged EXEC mode command set includes those commands allowed in User EXEC mode, as well as the configure command. The configure command allows other command modes to be accessed. Because these modes are used to configure the switch, access to Privileged EXEC mode should be password protected to prevent unauthorized use. If the system administrator has set a password, then users are prompted to enter the password before being granted access to Privileged EXEC mode. The password does not appear on the screen, and is case sensitive.
6.2.1
Verifying the Catalyst switch default configuration
When powered up for the first time, a switch has default data in the running
configuration file. The default hostname is Switch. No passwords are set on
the console or virtual terminal (vty) lines.
A switch may be given an IP address for management purposes. This is configured on the virtual interface, VLAN 1. By default, the switch has no IP address.
The switch ports or interfaces are set to auto mode , and all switch ports are in VLAN 1. VLAN 1 is known as the default management VLAN.
The flash directory by default, has a file that contains the IOS image, a file called env_vars, and a sub-directory called html. After configuring the switch, it may contain a config.text file, and a VLAN database. The flash directory has no VLAN database file, vlan.dat, and shows no saved configuration file, config.text.
The IOS version and the configuration register settings can be verified with the show version command.
In this default state, the switch has one broadcast domain and can be managed or configured through the console port using the CLI. The Spanning-Tree Protocol is also enabled, and allows the bridge to construct a loop-free topology across an extended LAN.
For small networks, the default configuration may be sufficient. The benefits of better performance with microsegmentation are obtained immediately.
6.2.2
Configuring the catalyst switch
A switch may already be preconfigured and only passwords may need to be entered for the user EXEC, enable, or privileged EXEC modes. Switch configuration mode is entered from privileged EXEC mode.
In the CLI, the default privileged EXEC mode is Switch#. In User EXEC mode the prompt will be Switch>.
The following steps will ensure that a new configuration will completely overwrite
any existing configuration:
Remove any existing VLAN information by deleting the VLAN database file vlan.dat
from the flash directory
Erase the back up configuration file startup-config
Reload the switch
Security, documentation, and management are important for every internetworking device.
A switch should be given a hostname, and passwords should be set on the console and vty lines.
To allow the switch to be accessible by Telnet and other TCP/IP applications, IP addresses and a default gateway should be set. By default, VLAN 1 is the management VLAN. In a switch-based network, all internetworking devices should be in the management VLAN. This will allow a single management workstation to access, configure, and manage all the internetworking devices.
The Fast Ethernet switch ports default to auto-speed and auto-duplex. This allows the interfaces to negotiate these settings. When a network administrator needs to ensure an interface has particular speed and duplex values, the values can be set manually.
Intelligent networking devices can provide a web-based interface for configuration and management purposes. Once a switch is configured with an IP address and gateway, it can be accessed in this way. A web browser can access this service using the IP address and port 80, the default port for http. The HTTP service can be turned on or off, and the port address for the service can be chosen.
Any additional software such as an applet, can be downloaded to the browser from the switch. Also, the network devices can be managed by a browser based graphical user interface (GUI).
6.2.3
Managing the MAC address table
Switches learn the MAC addresses of PCs or workstations that are connected to
their switch ports by examining the source address of frames that are received
on that port. These learned MAC addresses are then recorded in a MAC address
table. Frames having a destination MAC address that has been recorded in the
table can be switched out to the correct interface.
To examine the addresses that a switch has learned, enter the privileged EXEC command show mac-address–table.
A switch dynamically learns and maintains thousands of MAC addresses. To preserve memory and for optimal operation of the switch, learned entries may be discarded from the MAC address table. Machines may have been removed from a port, turned off, or moved to another port on the same switch or a different switch. This could cause confusion in frame forwarding. For all these reasons, if no frames are seen with a previously learned address, the MAC address entry is automatically discarded or aged out after 300 seconds.
Rather than wait for a dynamic entry to age out, the administrator has the option to use the privileged EXEC command clear mac-address-table. MAC address entries that an administrator has configured can also be removed using this command. Using this method to clear table entries ensures that invalid addresses are removed immediately.
6.2.4
Configuring static MAC addresses
It may be decided that it is desirable for a MAC address to be permanently assigned
to an interface. The reasons for assigning a permanent MAC address to an interface
include:
The MAC address will not be aged out automatically by the switch.
A specific server or user workstation must be attached to the port and the MAC
address is known.
Security is enhanced.
To set a static MAC address entry for a switch:
Switch(config)#mac-address-table static <mac-address of host> interface FastEthernet <Ethernet numer> vlan
To remove this entry use the no form of the command:
Switch(config)#no mac-address-table static <mac-address of host> interface FastEthernet <Ethernet number> vlan <vlan name>
6.2.5
Configuring port security
Securing an internetwork is an important responsibility for a network administrator.
Access layer switchports are accessible through the structured cabling at wall
outlets in offices and rooms. Anyone can plug in a PC or laptop into one of
these outlets. This is a potential entry point to the network by unauthorized
users. Switches provide a feature called port security. It is possible to limit
the number of addresses that can be learned on an interface. The switch can
be configured to take an action if this is exceeded. Secure MAC addresses can
be set statically. However, securing MAC addresses statically can be a complex
task and prone to error.
An alternative approach is to set port security on a switch interface. The number of MAC address per port can be limited to 1. The first address dynamically learned by the switch becomes the secure address.
To reverse port security on an interface use the no form of the command.
To verify port security status the command show port security is entered.
6.2.6
Executing adds, moves, and changes
When a new switch is added to a network, configure the following:
Switch name
IP address for the switch in the management VLAN
A default gateway
Line passwords
When a host is moved from one port or switch to another, configurations that can cause unexpected behavior should be removed. Configuration that is required can then be added.
6.2.7
Managing switch operating system file
An administrator should document and maintain the operational configuration
files for networking devices. The most recent running-configuration file should
be backed up on a server or disk. This is not only essential documentation,
but is very useful if a configuration needs to be restored.
The IOS should also be backed up to a local server. The IOS can then be reloaded to flash memory if needed.
6.2.8
1900/2950 password recovery
For security and management purposes, passwords must be set on the console and
vty lines. An enable password and an enable secret password must also be set.
These practices help ensure that only authorized users have access to the user
and privileged EXEC modes of the switch.
There will be circumstances where physical access to the switch can be achieved, but access to the user or privileged EXEC mode cannot be gained because the passwords are not known or have been forgotten.
In these circumstances, a password recovery procedure must be followed.
6.2.9
1900/2900 firmware upgrade
IOS and firmware images are periodically released with bugs fixed, new features
introduced, and performance improved. If the network can be made more secure,
or can operate more efficiently with a new version of the IOS, then the IOS
should be upgraded.
To upgrade the IOS, obtain a copy of the new image to a local server from the Cisco Connection Online (CCO) Software Center.
MODULE SEVEN
7.1
Redundant Topologies
7.1.1
Redundancy
Many companies and organizations increasingly rely on computer networks for
their operations. Access to file servers, databases, the Internet, intranets,
and extranets is critical for successful businesses. If the network is down,
productivity is lost and customers are dissatisfied.
Companies are increasingly looking for 24 hour, seven day a week uptime for their computer networks. Achieving 100% uptime is perhaps impossible but securing a 99.999% or five nines uptime is a goal that organizations set. This is interpreted to mean one day of downtime, on average, for every 30 years, or one hour of downtime, on average, for every 4000 days, or 5.25 minutes of downtime per year.
Achieving such a goal requires extremely reliable networks. Reliability in networks is achieved by reliable equipment and by designing networks that are tolerant to failures and faults. The network is designed to reconverge rapidly so that the fault is bypassed.
Fault tolerance is achieved by redundancy. Redundancy means to be in excess or exceeding what is usual and natural. How does redundancy help achieve reliability?
Assume that the only way to get to work is by a car. If the car develops a fault that makes it unusable, going to work will be impossible until it is repaired and returned.
If the car fails and is unavailable, on average one day in ten then there is 90% usage. Going to work is possible nine days in every ten. Reliability is therefore 90%.
Buying another car will improve matters. There is no need for two cars just to get to work. However, it does provide redundancy (backup) in case the primary vehicle fails. The ability to get to work is no longer dependent on a single car.
Both cars may become unusable simultaneously, one day in every 100. Purchasing a second redundant car has improved reliability to 99%.
7.1.2
Redundant topologies
A goal of redundant topologies is to eliminate network outages caused by a single point of failure. All networks need redundancy for enhanced reliability.
A network of roads is a global example of a redundant topology. If one road is closed for repair there is likely an alternate route to the destination.
Consider an outlying community separated by a river from the town center. If there is only one bridge across the river there is only one way into town. The topology has no redundancy.
If the bridge is flooded or damaged by an accident, travel to the town center across the bridge is impossible.
Building a second bridge across the river creates a redundant topology. The suburb is not cut off from the town center if one bridge is impassable.
7.1.3
Redundant switched topologies
Networks with redundant paths and devices allow for more network uptime. Redundant topologies eliminate single points of failure. If a path or device fails, the redundant path or device can take over the tasks of the failed path or device.
If Switch A fails, traffic can still flow from Segment 2 to Segment 1 and to the router through Switch B.
If port 1 fails on Switch A then traffic can still flow through port 1 on Switch B.
Switches learn the MAC addresses of devices on their ports so that data can be properly forwarded to the destination. Switches will flood frames for unknown destinations until they learn the MAC addresses of the devices. Broadcasts and multicasts are also flooded.
A redundant switched topology may cause broadcast storms, multiple frame copies, and MAC address table instability problems.
7.1.4
Broadcast storms
Broadcasts and multicasts can cause problems in a switched network.
Multicasts are treated as broadcasts by the switches. Broadcasts and multicasts frames are flooded out all ports, except the one on which the frame was received.
If Host X sends a broadcast, like an ARP request for the Layer 2 address of the router, then Switch A will forward the broadcast out all ports. Switch B, being on the same segment, also forwards all broadcasts. Switch B sees all the broadcasts that Switch A forwarded and Switch A sees all the broadcasts that Switch B forwarded. Switch A sees the broadcasts and forwards them. Switch B sees the broadcasts and forwards them.
The switches continue to propagate broadcast traffic over and over. This is called a broadcast storm. This broadcast storm will continue until one of the switches is disconnected. The switches and end devices will be so busy processing the broadcasts that user traffic is unlikely to flow. The network will appear to be down or extremely slow.
7.1.5
Multiple frame transmissions
In a redundant switched network it is possible for an end device to receive
multiple frames.
Assume that the MAC address of Router Y has been timed out by both switches. Also assume that Host X still has the MAC address of Router Y in its ARP cache and sends a unicast frame to Router Y. The router receives the frame because it is on the same segment as Host X.
Switch A does not have the MAC address of the Router Y and will therefore flood the frame out its ports. Switch B also does not know which port Router Y is on. Switch B then floods the frame it received causing Router Y to receive multiple copies of the same frame. This is a cause of unnecessary processing in all devices.
7.1.6
Media access control database instability
In a redundant switched network it is possible for switches to learn the wrong
information. A switch can incorrectly learn that a MAC address is on one port,
when it is actually on a different port.
In this example the MAC address of Router Y is not in the MAC address table of either switch.
Host X sends a frame directed to Router Y. Switches A and B learn the MAC address of Host X on port 0.
The frame to Router Y is flooded on port 1 of both switches. Switches A and B see this information on port 1 and incorrectly learn the MAC address of Host X on port 1. When Router Y sends a frame to Host X, Switch A and Switch B will also receive the frame and will send it out port 1. This is unnecessary, but the switches have incorrectly learned that Host X is on port 1.
In this example the unicast frame from Router Y to Host X will be caught in a loop.
7.2 Spanning Tree Protocol
7.2.1
Redundant topology and spanning tree
Redundant networking topologies are designed to ensure that networks continue
to function in the presence of single points of failure. Users have less chance
of interruption to their work, because the network continues to function. Any
interruptions that are caused by a failure should be as short as possible.
Reliability is increased by redundancy. A network that is based on switches or bridges will introduce redundant links between those switches or bridges to overcome the failure of a single link. These connections introduce physical loops into the network. These bridging loops are created so if one link fails another can take over the function of forwarding traffic.
Switches operate at Layer 2 of the OSI model and forwarding decisions are made at this layer. As a result of this process, switched networks must not have loops.
Switches flood traffic out all ports when the traffic is sent to a destination that is not yet known. Broadcast and multicast traffic is forwarded out every port, except the port on which the traffic arrived. This traffic can be caught in a loop.
In the Layer 2 header there is no Time To Live (TTL). If a frame is sent into a Layer 2 looped topology of switches, it can loop forever. This wastes bandwidth and makes the network unusable.
At Layer 3 the TTL is decremented and the packet is discarded when the TTL reaches 0. This creates a dilemma. A physical topology that contains switching or bridging loops is necessary for reliability, yet a switched network cannot have loops.
The solution is to allow physical loops, but create a loop free logical topology. For this logical topology, traffic destined for the server farm attached to Cat-5 from any user workstation attached to Cat-4 will travel through Cat-1 and Cat-2. This will happen even though there is a direct physical connection between Cat-5 and Cat-4.
The loop free logical topology created is called a tree. This topology is a star or extended star logical topology, the spanning tree of the network. It is a spanning tree because all devices in the network are reachable or spanned.
The algorithm used to create this loop free logical topology is the spanning-tree algorithm. This algorithm can take a relatively long time to converge. A new algorithm called the rapid spanning-tree algorithm is being introduced to reduce the time for a network to compute a loop free logical topology.
7.2.2
Spanning-Tree Protocol
Ethernet bridges and switches can implement the IEEE 802.1D Spanning-Tree Protocol
and use the spanning-tree algorithm to construct a loop free shortest path network.
Shortest path is based on cumulative link costs. Link costs are based on the speed of the link.
The Spanning-Tree Protocol establishes a root node, called the root bridge. The Spanning-Tree Protocol constructs a topology that has one path for reaching every network node. The resulting tree originates from the root bridge. Redundant links that are not part of the shortest path tree are blocked.
It is because certain paths are blocked that a loop free topology is possible. Data frames received on blocked links are dropped.
The Spanning-Tree Protocol requires network devices to exchange messages to detect bridging loops. Links that will cause a loop are put into a blocking state.
The message that a switch sends, allowing the formation of a loop free logical topology, is called a Bridge Protocol Data Unit (BPDU). BPDUs continue to be received on blocked ports. This ensures that if an active path or device fails, a new spanning tree can be calculated.
BPDUs contain enough information so that all switches can do the following:
Select a single switch that will act as the root of the spanning tree
Calculate the shortest path from itself to the root switch
Designate one of the switches as the closest one to the root, for each LAN segment.
This bridge is called the “designated switch”. The designated switch
handles all communication from that LAN towards the root bridge.
Choose one of its ports as its root port, for each non-root switch. This is
the interface that gives the best path to the root switch.
Select ports that are part of the spanning tree, the designated ports. Non-designated
ports are blocked.
7.2.3
Spanning-tree operation
When the network has stabilized, it has converged and there is one spanning
tree per network.
As a result, for every switched network the following elements exist:
One root bridge per network
One root port per non root bridge
One designated port per segment
Unused, non-designated ports
Root ports and designated ports are used for forwarding (F) data traffic.
Non-designated ports discard data traffic. These ports are called blocking (B) or discarding ports.
7.2.4
Selecting the root bridge
The first decision that all switches in the network make, is to identify the
root bridge. The position of the root bridge in a network will affect the traffic
flow.
When a switch is turned on, the spanning-tree algorithm is used to identify the root bridge. BPDUs are sent out with the Bridge ID (BID). The BID consists of a bridge priority that defaults to 32768 and the switch base MAC address. By default BPDUs are sent every two seconds.
When a switch first starts up, it assumes it is the root switch and sends “inferior” BPDUs. These BPDUs contain the switch MAC address in both the root and sender BID. All switches see the BIDs sent. As a switch receives a BPDU with a lower root BID it replaces that in the BPDUs that are sent out. All bridges see these and decide that the bridge with the smallest BID value will be the root bridge.
A network administrator may want to influence the decision by setting the switch priority to a smaller value than the default, which will make the BID smaller. This should only be implemented when the traffic flow on the network is well understood.
7.2.5
Stages of spanning-tree port states
Time is required for protocol information to propagate throughout a switched
network. Topology changes in one part of a network are not instantly known in
other parts of the network. There is propagation delay. A switch should not
change a port state from inactive to active immediately, as this may cause data
loops.
Each port on a switch that is using the Spanning-Tree Protocol has one of five states, as shown in Figure .
7.2.6
Spanning-tree recalculation
A switched internetwork has converged when all the switch and bridge ports are
in either the forwarding or blocked state. Forwarding ports send and receive
data traffic and BPDUs. Blocked ports will only receive BPDUs.
When the network topology changes, switches and bridges recompute the Spanning Tree and cause a disruption of user traffic.
Convergence on a new spanning-tree topology using the IEEE 802.1D standard can take up to 50 seconds. This convergence is made up of the max-age of 20 seconds, plus the listening forward delay of 15 seconds, and the learning forward delay of 15 seconds.
In the blocking state, ports can only receive BPDUs. Data frames are discarded and no addresses can be learned. It may take up to 20 seconds to change from this state.
Ports go from the blocked state to the listening state. In this state, switches determine if there are any other paths to the root bridge. The path that is not the least cost path to the root bridge goes back to the blocked state. The listening period is called the forward delay and lasts for 15 seconds. In the listening state, user data is not being forwarded and MAC addresses are not being learned. BPDUs are still processed.
Ports transition from the listening to the learning state. In this state user data is not forwarded, but MAC addresses are learned from any traffic that is seen. The learning state lasts for 15 seconds and is also called the forward delay. BPDUs are still processed.
A port goes from the learning state to the forwarding state. In this state user data is forwarded and MAC addresses continue to be learned. BPDUs are still processed.
A port can be in a disabled state. This disabled state can occur when an administrator shuts down the port or the port fails.
The time values given for each state are the default values. These values have been calculated on an assumption that there will be a maximum of seven switches in any branch of the spanning tree from the root bridge.
7.2.7
Rapid Spanning-Tree Protocol
The Rapid Spanning-Tree Protocol is defined in the IEEE 802.1w LAN standard.
The standard and protocol introduce the following:
Clarification of port states and roles
Definition of a set of link types that can go to forwarding state rapidly
Concept of allowing switches, in a converged network, to generate their own
BPDUs rather than relaying root bridge BPDUs
The “blocked” state of a port has been renamed as the “discarding” state. A role of a discarding port is an “alternate port”. The discarding port can become the “designated port” in the event of the failure of the designated port for the segment.
Link types have been defined as point-to-point, edge-type, and shared. These changes allow failure of links in switched network to be learned rapidly.
Point-to-point links and edge-type links can go to the forwarding state immediately.
Network convergence does not need to be any longer than 15 seconds with these changes.
The Rapid Spanning-Tree Protocol, IEEE 802.1w, will eventually replace the Spanning-Tree Protocol, IEEE 802.1D.
MODULE 8
8.1.1
VLAN introduction
A VLAN is a group of network services not restricted to a physical segment or
LAN switch.
VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless of the physical location or connections to the network. All workstations and servers used by a particular workgroup share the same VLAN, regardless of the physical connection or location.
Configuration or reconfiguration of VLANs is done through software. Physically connecting or moving cables and equipment is unnecessary when configuring VLANs.
A workstation in a VLAN group is restricted to communicating with file servers in the same VLAN group. VLANs function by logically segmenting the network into different broadcast domains so that packets are only switched between ports that are designated for the same VLAN. VLANs consist of hosts or networking equipment connected by a single bridging domain. The bridging domain is supported on different networking equipment. LAN switches operate bridging protocols with a separate bridge group for each VLAN.
VLANs are created to provide segmentation services traditionally provided by physical routers in LAN configurations. VLANs address scalability, security, and network management. Routers in VLAN topologies provide broadcast filtering, security, and traffic flow management. Switches may not bridge any traffic between VLANs, as this would violate the integrity of the VLAN broadcast domain. Traffic should only be routed between VLANs.
8.1.2
Broadcast domains with VLANs and routers
A VLAN is a broadcast domain created by one or more switches. The network design
in Figures and requires three separate broadcast domains.
Figure shows how three separate broadcast domains are created using three separate switches. Layer 3 routing allows the router to send packets to the three different broadcast domains.
In Figure , a VLAN is created using one router and one switch. However, there are three separate broadcast domains. In this scenario there is one router and one switch, but there are still three separate broadcast domains.
In Figure , three separate broadcast domains are created. The router routes traffic between the VLANs using Layer 3 routing.
The switch in Figure forwards frames to the router interfaces:
If it is a broadcast frame.
If it is in route to one of the MAC addresses on the router.
If Workstation 1 on the Engineering VLAN wants to send frames to Workstation 2 on the Sales VLAN, the frames are sent to the Fa0/0 MAC address of the router. Routing occurs through the IP address on the Fa0/0 router interface for the Engineering VLAN.
If Workstation 1 on the Engineering VLAN wants to send a frame to Workstation 2 on the same VLAN, the destination MAC address of the frame is the MAC address for Workstation 2.
Implementing VLANs on a switch causes the following to occur:
The switch maintains a separate bridging table for each VLAN.
If the frame comes in on a port in VLAN 1, the switch searches the bridging
table for VLAN 1.
When the frame is received, the switch adds the source address to the bridging
table if it is currently unknown.
The destination is checked so a forwarding decision can be made.
For learning and forwarding the search is made against the address table for
that VLAN only.
8.1.3
VLAN operation
Each switch port could be assigned to a different VLAN. Ports assigned to the
same VLAN share broadcasts. Ports that do not belong to that VLAN do not share
these broadcasts. This improves the overall performance of the network.
Static membership VLANs are called port-based and port-centric membership VLANs. As a device enters the network, it automatically assumes the VLAN membership of the port to which it is attached.
Users attached to the same shared segment, share the bandwidth of that segment. Each additional user attached to the shared medium means less bandwidth and deterioration of network performance. VLANs offer more bandwidth to users than a shared network. The default VLAN for every port in the switch is the management VLAN. The management VLAN is always VLAN 1 and may not be deleted. All other ports on the switch may be reassigned to alternate VLANs.
Dynamic membership VLANs are created through network management software. CiscoWorks 2000 or CiscoWorks for Switched Internetworks is used to create Dynamic VLANs. Dynamic VLANs allow for membership based on the MAC address of the device connected to the switch port. As a device enters the network, it queries a database within the switch for a VLAN membership.
In port-based or port-centric VLAN membership, the port is assigned to a specific VLAN membership independent of the user or system attached to the port. When using this membership method, all users of the same port must be in the same VLAN. A single user, or multiple users, can be attached to a port and never realize that a VLAN exists. This approach is easy to manage because no complex lookup tables are required for VLAN segmentation.
Network administrators are responsible for configuring VLANs both manually and statically.
Each interface on a switch behaves like a port on a bridge. Bridges filter traffic that does not need to go to segments other than the source segment. If a frame needs to cross the bridge, the bridge forwards the frame to the correct interface and to no others. If the bridge or switch does not know the destination, it floods the frame to all ports in the broadcast domain or VLAN, except the source port.
8.1.4
Benefits of VLANs
The key benefit of VLANs is that they permit the network administrator to organize
the LAN logically instead of physically. This means that an administrator is
able to do all of the following:
Easily move workstations on the LAN.
Easily add workstations to the LAN.
Easily change the LAN configuration.
Easily control network traffic.
Improve security.
8.1.5
VLAN types
There are three basic VLAN memberships for determining and controlling how a
packet gets assigned: -
Port-based VLANs
MAC address based VLANs
Protocol based VLANs
The frame headers are encapsulated or modified to reflect a VLAN ID before the frame is sent over the link between switches. Before forwarding to the destination device, the frame header is changed back to the original format.
The number of VLANs in a switch vary depending on several factors:
Traffic patterns
Types of applications
Network management needs
Group commonality
In addition, an important consideration in defining the size of the switch and the number of VLANs is the IP addressing scheme.
For example, a network using a 24-bit mask to define a subnet has a total of 254 host addresses allowed on one subnet. Given this criterion, a total of 254 host addresses are allowed in one subnet. Because a one-to-one correspondence between VLANs and IP subnets is strongly recommended, there can be no more than 254 devices in any one VLAN. It is further recommended that VLANs should not extend outside of the Layer 2 domain of the distribution switch.
There are two major methods of frame tagging, Inter-Switch Link (ISL) and 802.1Q. ISL used to be the most common, but is now being replaced by 802.1Q frame tagging.
LAN emulation (LANE) is a way to make an Asynchronous Transfer Mode (ATM) network simulate an Ethernet network. There is no tagging in LANE, but the virtual connection used implies a VLAN ID. As packets are received by the switch from any attached end-station device, a unique packet identifier is added within each header. This header information designates the VLAN membership of each packet. The packet is then forwarded to the appropriate switches or routers based on the VLAN identifier and MAC address. Upon reaching the destination node the VLAN ID is removed from the packet by the adjacent switch and forwarded to the attached device. Packet tagging provides a mechanism for controlling the flow of broadcasts and applications while not interfering with the network and applications.
8.2
VLAN Configuration
8.2.1
VLAN basics
In a switched environment, a station will see only traffic destined for it. The switch filters traffic in the network allowing the workstation to have full, dedicated bandwidth for sending or receiving traffic. Unlike a shared-hub system where only one station can transmit at a time, the switched network allows many concurrent transmissions within a broadcast domain. The switched network does this without directly affecting other stations inside or outside of the broadcast domain. Station pairs A/B, C/D, and E/F can all communicate without affecting the other station pairs.
Each VLAN must have a unique Layer 3 network address assigned. This enables routers to switch packets between VLANs.
VLANs can exist either as end-to-end networks or they can exist inside of geographic boundaries.
An end-to-end VLAN network comprises the following characteristics:
Users are grouped into VLANs independent of physical location, but dependent
on group or job function.
All users in a VLAN should have the same 80/20 traffic flow patterns.
As a user moves around the campus, VLAN membership for that user should not
change.
Each VLAN has a common set of security requirements for all members.
Starting at the access layer, switch ports are provisioned for each user. Each color represents a subnet. Because people have moved around over time, each switch eventually becomes a member of all VLANs. Frame tagging is used to carry multiple VLAN information between the access layer wiring closets and the distribution layer switches.
ISL is a Cisco proprietary protocol that maintains VLAN information as traffic flows between switches and routers. IEEE 802.1Q is an open-standard (IEEE) VLAN tagging mechanism in switching installations. Catalyst 2950 switches do not support ISL trunking.
Workgroup servers operate in a client/server model. For this reason, attempts have been made to keep users in the same VLAN as their server to maximize the performance of Layer 2 switching and keep traffic localized.
In Figure , a core layer router is being used to route between subnets. The network is engineered, based on traffic flow patterns, to have 80 percent of the traffic contained within a VLAN. The remaining 20 percent crosses the router to the enterprise servers and to the Internet and WAN.
8.2.2
Geographic VLANs
End-to-end VLANs allow devices to be grouped based upon resource usage. This
includes such parameters as server usage, project teams, and departments. The
goal of end-to-end VLANs is to maintain 80 percent of the traffic on the local
VLAN.
As many corporate networks have moved to centralize their resources, end-to-end VLANs have become more difficult to maintain. Users are required to use many different resources, many of which are no longer in their VLAN. Because of this shift in placement and usage of resources, VLANs are now more frequently being created around geographic boundaries rather than commonality boundaries.
This geographic location can be as large as an entire building or as small as a single switch inside a wiring closet. In a VLAN structure, it is typical to find the new 20/80 rule in effect. 80 percent of the traffic is remote to the user and 20 percent of the traffic is local to the user. Although this topology means that the user must cross a Layer 3 device in order to reach 80 percent of the resources, this design allows the network to provide for a deterministic, consistent method of accessing resources.
8.2.3
Configuring static VLANs
Static VLANs are ports on a switch that are manually assigned to a VLAN by using
a VLAN management application or by working directly within the switch. These
ports maintain their assigned VLAN configuration until they are changed manually.
This topology means that the user must cross a Layer 3 device in order to reach
80 percent of the resources. This design also allows the network to provide
for a deterministic, consistent method of accessing resources. This type of
VLAN works well in networks where the following is true:
Moves are controlled and managed.
There is robust VLAN management software to configure the ports.
It is not desirable to assume the additional overhead required when maintaining
end-station MAC addresses and custom filtering tables.
Dynamic VLANs do not rely on ports assigned to a specific VLAN.
The following guidelines must be followed when configuring VLANs on Cisco 29xx
switches:
The maximum number of VLANs is switch dependent.
VLAN 1 is one of the factory-default VLANs.
VLAN 1 is the default Ethernet VLAN.
Cisco Discovery Protocol (CDP) and VLAN Trunking Protocol (VTP) advertisements
are sent on VLAN 1.
The Catalyst 29xx IP address is in the VLAN 1 broadcast domain by default.
The switch must be in VTP server mode to create, add, or delete VLANs.
The creation of a VLAN on a switch is a very straightforward and simple task. If using a Cisco IOS command based switch, enter the VLAN configuration mode with the privileged EXEC level vlan database command. The steps necessary to create the VLAN are shown below. A VLAN name may also be configured, if necessary.
Switch#vlan database
Switch(vlan)#vlan vlan_number
Switch(vlan)#exit
Upon exiting, the VLAN is applied to the switch. The next step is to assign the VLAN to one or more interfaces:
Switch(config)#interface fastethernet 0/9
Switch(config-if)#switchport access vlan vlan_number
8.2.4
Verifying VLAN configuration
A good practice is to verify VLAN configuration by using the show vlan, show
vlan brief, or show vlan id id_number commands.
The following facts apply to VLANs:
A created VLAN remains unused until it is mapped to switch ports.
All Ethernet ports are on VLAN 1 by default.
Refer to Figure for a list of applicable commands.
Figure shows the steps necessary to assign a new VLAN to a port on the Sydney switch.
Figures and list the output of the show vlan and show vlan brief commands.
8.2.5
Saving VLAN configuration
It is often useful to keep a copy of the VLAN configuration as a text file for
backup or auditing purposes.
The switch configuration settings may be backed up in the usual way using the copy running-config tftp command. Alternatively, the HyperTerminal capture text feature can be used to store the configuration settings.
Removing a VLAN from a Cisco IOS command based switch interface is just like removing a command from a router. In Figure , VLAN 300 was created on Fastethernet 0/9 using the interface configuration switchport access vlan 300 command. To remove this VLAN from the interface, simply use the no form of the command.
When a VLAN is deleted any ports assigned to that VLAN become inactive. The ports will, however, remain associated with the deleted VLAN until assigned to a new VLAN.
8.3
Troubleshooting VLANs
8.3.1
Overview
VLANs are now commonplace in campus networks. VLANs give network engineers flexibility
in designing and implementing networks. VLANs also enable broadcast containment,
security, and geographically disparate communities of interest. However, as
with basic LAN switching, problems can occur when VLANs are implemented. This
lesson will show some of the more common problems that can occur with VLANs,
and it will provide several tools and techniques for troubleshooting.
Students completing this lesson should be able to:
Utilize a systematic approach to VLAN troubleshooting
Demonstrate the steps for general troubleshooting in switched networks
Describe how spanning-tree problems can lead to broadcast storms
Use show and debug commands to troubleshoot VLANs
8.3.2
VLAN troubleshooting process
It is important to develop a systematic approach for troubleshooting switch
related problems. The following steps can assist in isolating a problem on a
switched network:
Check the physical indications, such as LED status.
Start with a single configuration on a switch and work outward.
Check the Layer 1 link.
Check the Layer 2 link.
Troubleshoot VLANs that span several switches.
When troubleshooting, check to see if the problem is a recurring one rather than an isolated fault. Some recurring problems are due to growth in demand for services by workstation ports outpacing the configuration, trunking, or capacity to access server resources. For example, the use of Web technologies and traditional applications, such as file transfer and e-mail, is causing network traffic growth that enterprise networks must handle.
Many campus LANs face unpredictable network traffic patterns that result from the combination of intranet traffic, fewer centralized campus server locations, and the increasing use of multicast applications. The old 80/20 rule, which stated that only 20 percent of network traffic went over the backbone, is obsolete. Internal Web browsing now enables users to locate and access information anywhere on the corporate intranet. Traffic patterns are dictated by where the servers are located and not by the physical workgroup configurations with which they happen to be grouped.
If a network frequently experiences bottleneck symptoms, like excessive overflows, dropped frames, and retransmissions, there may be too many ports riding on a single trunk or too many requests for global resources and access to intranet servers.
Bottleneck symptoms may also occur because a majority of the traffic is being forced to traverse the backbone. Another cause may be that any-to-any access is common, as users draw upon corporate Web-based resources and multimedia applications. In this case, it may be necessary to consider increasing the network resources to meet the growing demand.
8.3.3
Preventing broadcast storms
A broadcast storm occurs when a large number of broadcast packets are received
on a port. Forwarding these packets can cause the network to slow down or to
time out. Storm control is configured for the switch as a whole, but operates
on a per-port basis. Storm control is disabled by default.
Prevention of broadcast storms by setting threshold values to high or low discards excessive broadcast, multicast, or unicast MAC traffic. In addition, configuration of values for rising thresholds on a switch will shut the port down.
STP problems include broadcast storms, loops, dropped BPDUs and packets. The function of STP is to ensure that no logic loops occur in a network by designating a root bridge. The root bridge is the central point of a spanning-tree configuration that controls how the protocol operates.
The location of the root bridge in the extended router and switch is necessary for effective troubleshooting. The show commands on both the router and the switch can display root-bridge information. Configuration of root bridge timers set parameters for forwarding delay or maximum age for STP information. Manually configuring a device as a root bridge is another configuration option.
If the extended router and switch network encounters a period of instability, it helps to minimize the STP processes occurring between devices.
If it becomes necessary to reduce BPDU traffic, put the timers on the root bridge at their maximum values. Specifically, set the forward delay parameter to the maximum of 30 seconds, and set the max_age parameter to the maximum of 40 seconds.
A physical port on a router or switch may be part of more than one spanning tree if it is a trunk.
Note: VTP runs on Catalyst switches not routers.
It is advisable to configure a Catalyst switch neighboring a router to operate in VTP transparent mode until Cisco supports VTP on its routers.
The Spanning-Tree Protocol (STP) is considered one of the most important Layer 2 protocols on the Catalyst switches. By preventing logical loops in a bridged network, STP allows Layer 2 redundancy without generating broadcast storms.
Minimize spanning-tree problems by actively developing a baseline study of the network.
8.3.4
Troubleshooting VLANs
The show and debug commands can be extremely useful when troubleshooting VLANs.
Figure illustrates the most common problems found when troubleshooting VLANs.
To troubleshoot the operation of Fast Ethernet router connections to switches, it is necessary to make sure that the router interface configuration is complete and correct. Verify that an IP address is not configured on the Fast Ethernet interface. IP addresses are configured on each subinterface of a VLAN connection. Verify that the duplex configuration on the router matches that on the appropriate port/interface on the switch.
The show vlan command displays the VLAN information on the switch. Figure , displays the output from the show vlan command. The display shows the VLAN ID, name, status, and assigned ports.
The CatOS show vlan keyword options and keyword syntax descriptions of each field are also shown.
The show vlan displays information about that VLAN on the router. The show vlan command followed by the VLAN number displays specific information about that VLAN on the router. Output from the command includes the VLAN ID, router subinterface, and protocol information.
The show spanning-tree command displays the spanning-tree topology known to the router. This command will show the STP settings used by the router for a spanning-tree bridge in the router and switch network.
The first part of the show spanning-tree output lists global spanning tree configuration parameters, followed by those that are specific to given interfaces.
Bridge Group 1 is executing the IEEE compatible Spanning-Tree Protocol.
The following lines of output show the current operating parameters of the spanning tree:
Bridge Identifier has priority 32768, address 0008.e32e.e600
Configured hello time 2, Max age 20, forward delay 15
The following line of output shows that the router is the root of the spanning tree:
We are the root of the spanning tree.
Key information from the show spanning-tree command creates a map of the STP network.
The debug sw-vlan packets command displays general information about VLAN packets received but not configured to support the router. VLAN packets that the router is configured to route or switch are counted and indicated when using the show sw-vlan command.
8.3.5
VLAN troubleshooting scenarios
Proficiency at troubleshooting switched networks will be achieved after the
techniques are learned and are adapted to the company needs. Experience is the
best way of improving troubleshooting skills.
Three practical VLAN troubleshooting scenarios referring to the most common problems will be described. Each of these scenarios contains an analysis of the problem to then solving the problem. Using appropriate specific commands and gathering meaningful information from the outputs, the progression of the troubleshooting process can be completed.
Scenario 1: A trunk link cannot be established between a switch and a router.
When having difficulty with a trunk connection between a switch and a router,
be sure to consider the following possible causes:
Make sure that the port is connected and not receiving any physical-layer, alignment
or frame-check-sequence (FCS) errors. This can be done with the show interface
command on the switch.
Verify that the duplex and speed are set properly between the switch and the
router. This can be done with the show int status command on the switch or the
show interface command on the router.
Configure the physical router interface with one subinterface for each VLAN
that will route traffic. Verify this with the show interface IOS command. Also,
make sure that each subinterface on the router has the proper encapsulation
type, VLAN number, IP address, and subnet mask configured. This can be done
with the show interface or show running-config IOS commands.
Confirm that the router is running an IOS release that supports trunking. This
can be verified with the show version command.
Scenario 2: VTP is not correctly propagating VLAN configuration changes.
When VTP is not correctly affecting configuration updates on other switches
in the VTP domain, check the following possible causes:
Make sure the switches are connected through trunk links. VTP updates are exchanged
only over trunk links. This can be verified with the show int status command.
Make sure the VTP domain name is the same on all switches that need to communicate
with each other. VTP updates are exchanged only between switches in the same
VTP domain. This scenario is one of the most common VTP problems. It can be
verified with the show vtp status command on the participating switches.
Check the VTP mode of the switch. If the switch is in VTP transparent mode,
it will not update its VLAN configuration dynamically. Only switches in VTP
server or VTP client mode update their VLAN configuration based on VTP updates
from other switches. Again, use the show vtp status command to verify this.
If using VTP passwords, the same password must be configured on all switches
in the VTP domain. To clear an existing VTP password, use the no vtp password
password command on the VLAN mode.
Scenario 3: Dropped packets and loops.
Spanning-tree bridges use topology change notification Bridge Protocol Data Unit packets (BPDUs) to notify other bridges of a change in the spanning-tree topology of the network. The bridge with the lowest identifier in the network becomes the root. Bridges send these BPDUs any time a port makes a transition to or from a forwarding state, as long as there are other ports in the same bridge group. These BPDUs migrate toward the root bridge.
There can be only one root bridge per bridged network. An election process determines the root bridge. The root determines values for configuration messages, in the BPDUs, and then sets the timers for the other bridges. Other designated bridges determine the shortest path to the root bridge and are responsible for advertising BPDUs to other bridges through designated ports. A bridge should have ports in the blocking state if there is a physical loop.
Problems can arise for internetworks in which both IEEE and DEC spanning-tree algorithms are used by bridging nodes. These problems are caused by differences in the way the bridging nodes handle spanning tree BPDU packets, or hello packets, and in the way they handle data.
In this scenario, Switch A, Switch B, and Switch C are running the IEEE spanning-tree algorithm. Switch D is inadvertently configured to use the DEC spanning-tree algorithm.
Switch A claims to be the IEEE root and Switch D claims to be the DEC root. Switch B and Switch C propagate root information on all interfaces for IEEE spanning tree. However, Switch D drops IEEE spanning-tree information. Similarly, the other routers ignore Router D's claim to be root.
The result is that in none of the bridges believing there is a loop and when a broadcast packet is sent on the network, a broadcast storm results over the entire internetwork. This broadcast storm will include Switches X and Y, and beyond.
To resolve this problem, reconfigure Switch D for IEEE. Although a configuration change is necessary, it might not be sufficient to reestablish connectivity. There will be a reconvergence delay as devices exchange BPDUs and recompute a spanning tree for the network.
MODULE 9
Early VLANs were difficult to implement across networks. Most VLANs were defined on each switch, which meant that defining VLANs over an extended network was a complicated task. Every switch manufacturer had a different idea of the best ways to make their switches VLAN capable, which further complicated matters. VLAN trunking was developed to solve these problems.
VLAN trunking allows many VLANs to be defined throughout an organization by adding special tags to frames to identify the VLAN to which they belong. This tagging allows many VLANs to be carried across a common backbone, or trunk. VLAN trunking is standards-based, with the IEEE 802.1Q trunking protocol now widely implemented. Cisco’s Inter-Switch Link (ISL) is a proprietary trunking protocol that can be implemented in all Cisco networks.
VLAN trunking uses tagged frames to allow multiple VLANs to be carried throughout a large switched network over shared backbones. Manually configuring and maintaining VLAN Trunking Protocol (VTP) on numerous switches can be challenging. The benefit of VTP is that, once a network is configured with VTP, many of the VLAN configuration tasks are automatic.
This module explains VTP implementation in a VLAN switched LAN environment.
VLAN technology provides network administrators with many advantages. Among other things, VLANs help control Layer 3 broadcasts, they improve network security, and they can help logically group network users. However, VLANs have an important limitation. They operate at Layer 2, which means that devices on one VLAN cannot communicate with users on another VLAN without the use of routers and network layer addresses.
9.1
Trunking
9.1.1
History of trunking
The history of trunking goes back to the origins of radio and telephony technologies.
In radio technologies, a trunk is a single communications line that carries
multiple channels of radio signals.
In the telephony industry, the trunking concept is associated with the telephone communication path or channel between two points. One of these two points is usually the Central Office (CO). Shared trunks may also be created for redundancy between COs.
The concept that had been used by the telephone and radio industries was then adopted for data communications. An example of this in a communications network is a backbone link between an MDF and an IDF. A backbone is composed of a number of trunks.
At present, the same principle of trunking is applied to network switching technologies. A trunk is a physical and logical connection between two switches across which network traffic travels.
9.1
Trunking
9.1.2
Trunking concepts
As mentioned before, a trunk is a physical and logical connection between two
switches across which network traffic travels. It is a single transmission channel
between two points. Those points are usually switching centers.
In the context of a VLAN switching environment, a trunk is a point-to-point link that supports several VLANs. The purpose of a trunk is to conserve ports when creating a link between two devices implementing VLANs. Figure illustrates two VLANs shared across two switches, (Sa and Sb). Each switch is using two physical links so that each port carries traffic for a single VLAN. This is the simplest way of implementing inter-switch VLAN communication, but it does not scale well.
Adding a third VLAN would require using two additional ports, one on each connected switch. This design is also inefficient in terms of load sharing. In addition, the traffic on some VLANs may not justify a dedicated link. Trunking will bundle multiple virtual links over one physical link by allowing the traffic for several VLANs to travel over a single cable between the switches.
A comparison for trunking is like a Highway Distributor. The roads with different starting and ending points share a main national highway for a few kilometers then will divide again to reach their particular destinations. This method is more cost effective than building an entire road from start to end for every existing or new destination.
9.1
Trunking
9.1.3
Trunking operation
The switching tables at both ends of the trunk can be used to make port forwarding
decisions based on frame destination MAC addresses. As the number of VLANs traveling
across the trunk increases, the forwarding decisions become slower and more
difficult to manage . The decision process becomes slower because the larger
switching tables take longer to process.
Trunking protocols were developed to effectively manage the transfer of frames from different VLANs on a single physical line. The trunking protocols establish agreement for the distribution of frames to the associated ports at both ends of the trunk.
Currently two types of trunking mechanisms exist, frame filtering and frame tagging. Frame tagging has been adopted as the standard trunking mechanism by IEEE.
Trunking protocols that use a frame tagging mechanism assign an identifier to the frames to make their management easier and to achieve a faster delivery of the frames.
The unique physical link between the two switches is able to carry traffic
for any VLAN. In order to achieve this, each frame sent on the link is tagged
to identify which VLAN it belongs to. Different tagging schemes exist. The most
common tagging schemes for Ethernet segments are listed below:
ISL – Cisco proprietary Inter-Switch Link protocol.
802.1Q – IEEE standard that will be focused on in this section.
9.1.4
VLANs and trunking
Specific protocols, or rules, are used to implement trunking. Trunking provides
an effective method to distribute VLAN ID information to other switches.
Using frame tagging as the standard trunking mechanism, as opposed to frame filtering, provides a more scalable solution to VLAN deployment. Frame tagging is the way to implement VLANs according to IEEE 802.1Q.
VLAN frame tagging is an approach that has been specifically developed for switched communications. Frame tagging places a unique identifier in the header of each frame as it is forwarded throughout the network backbone. The identifier is understood and examined by each switch before any broadcasts or transmissions are made to other switches, routers, or end-station devices. When the frame exits the network backbone, the switch removes the identifier before the frame is transmitted to the target end station. Frame tagging functions at Layer 2 and requires little processing or administrative overhead.
It is important to understand that a trunk link does not belong to a specific VLAN. The responsibility of a trunk link is to act as a conduit for VLANs between switches and routers.
ISL is a protocol that maintains VLAN information as traffic flows between the switches. With ISL, an Ethernet frame is encapsulated with a header that contains a VLAN ID.
9.1.5
Trunking implementation
To create or configure a VLAN trunk on a Cisco IOS command-based switch, configure
the port first as a trunk and then specify the trunk encapsulation with the
following commands:
Before attempting to configure a VLAN trunk on a port, determine what encapsulation the port can support. This can be done using the show port capabilities command. In the example, notice in the highlighted text that Port 2/1 will support only the IEEE 802.1Q encapsulation.
Verify that trunking has been configured and verify the settings by using the show trunk [mod_num/port_num] command from privileged mode on the switch.
Figure shows the trunking modes available in Fast Ethernet and Gigabit Ethernet.
9.2.1
History of VTP
VLAN Trunking Protocol (VTP) was created to solve operational problems in a
switched network with VLANs.
Consider the example of a domain with several interconnected switches that
support several VLANs. To maintain connectivity within VLANs, each VLAN must
be manually configured on each switch. As the organization grows and additional
switches are added to the network, each new switch must be manually configured
with VLAN information. A single incorrect VLAN assignment could cause two potential
problems:
Cross-connected VLANs due to VLAN configuration inconsistencies
VLAN misconfiguration across mixed media environments such as Ethernet and Fiber
Distributed Data Interface (FDDI)
With VTP, VLAN configuration is consistently maintained across a common administrative domain. Additionally, VTP reduces the complexity of managing and monitoring VLAN networks.
9.2.2
VTP concepts
The role of VTP is to maintain VLAN configuration consistency across a common
network administration domain. VTP is a messaging protocol that uses Layer 2
trunk frames to manage the addition, deletion, and renaming of VLANs on a single
domain. Further, VTP allows for centralized changes that are communicated to
all other switches in the network.
VTP messages are encapsulated in either Cisco proprietary Inter-Switch Link (ISL) or IEEE 802.1Q protocol frames, and passed across trunk links to other devices. In IEEE 802.1Q frames a 4 byte field is added that tags the frame. Both formats carry the VLAN ID.
While switch ports are normally assigned to only a single VLAN, trunk ports by default carry frames from all VLANs.
9.2.3
VTP operation
A VTP domain is made up of one or more interconnected devices that share the
same VTP domain name. A switch can be in one VTP domain only.
When transmitting VTP messages to other switches in the network, the VTP message
is encapsulated in a trunking protocol frame such as ISL or IEEE 802.1Q. Figure
shows the generic encapsulation for VTP within an ISL frame. The VTP header
varies, depending upon the type of VTP message, but generally, four items are
found in all VTP messages:
VTP protocol version: Either Version 1 or 2
VTP message type: Indicates one of four types
Management domain name length: Indicates size of the name that follows
Management domain name: The name configured for the management domain
VTP switches operate in one of three modes:
Server
Client
Transparent
VTP servers can create, modify, and delete VLAN and VLAN configuration parameters for the entire domain. VTP servers save VLAN configuration information in the switch NVRAM. VTP servers send VTP messages out to all trunk ports.
VTP clients cannot create, modify, or delete VLAN information. This mode is useful for switches lacking memory to store large tables of VLAN information. The only role of VTP clients is to process VLAN changes and send VTP messages out all trunk ports.
Switches in VTP transparent mode forward VTP advertisements but ignore information contained in the message. A transparent switch will not modify its database when updates are received, nor will the switch send out an update indicating a change in its VLAN status. Except for forwarding VTP advertisements, VTP is disabled on a transparent switch.
VLANs detected within the advertisements serve as notification to the switch that traffic with the newly defined VLAN IDs may be expected.
In Figure , Switch C transmits a VTP database entry with additions or deletions to Switch A and Switch B. The configuration database has a revision number that is incremented by one. A higher configuration revision number indicates that the VLAN information that is being sent is more current then the stored copy. Any time a switch receives an update that has a higher configuration revision number the switch will overwrite the stored information with the new information being sent in the VTP update. Switch F will not process the update because it is in a different domain. This overwrite process means that if the VLAN does not exist in the new database, it is deleted from the switch. In addition, VTP maintains its own NVRAM. An erase startup-configuration clears the NVRAM of configuration commands, but not the VTP database revision number. To set the configuration revision number back to zero, the switch must be rebooted.
By default, management domains are set to a nonsecure mode, meaning that the switches interact without using a password. Adding a password automatically sets the management domain to secure mode. The same password must be configured on every switch in the management domain to use secure mode.
9.2.4
VTP implementation
With VTP, each switch advertises on its trunk ports, its management domain,
configuration revision number, the VLANs that it knows about, and certain parameters
for each known VLAN. These advertisement frames are sent to a multicast address
so that all neighboring devices can receive the frames. However, the frames
are not forwarded by normal bridging procedures. All devices in the same management
domain learn about any new VLANs configured in the transmitting device. A new
VLAN must be created and configured on one device only in the management domain.
All the other devices in the same management domain automatically learn the
information.
Advertisements on factory-default VLANs are based on media types. User ports should not be configured as VTP trunks.
Each advertisement starts as configuration revision number 0. As changes are made the configuration revision number is increased incrementally by one, (n + 1). The revision number continues to increment until it reaches 2,147,483,648. When it reaches that point, the counter will reset back to zero.
There are two types of VTP advertisements:
Requests from clients that want information at bootup
Response from servers
There are three types of VTP messages:
Advertisement requests
Summary advertisements
Subset advertisements
With advertisement requests, clients request VLAN information and the server responds with summary and subset advertisements.
By default, server and client Catalyst switches issue summary advertisements every five minutes. Servers inform neighbor switches what they believe to be the current VTP revision number. Assuming the domain names match, the receiving server or client compares the configuration revision number. If the revision number in the advertisement is higher than the current revision number in the receiving switch, the receiving switch then issues an advertisement request for new VLAN information.
Subset advertisements contain detailed information about VLANs such as VTP
version type, domain name and related fields, and the configuration revision
number. The following can trigger these advertisements:
Creating or deleting a VLAN
Suspending or activating a VLAN
Changing the name of a VLAN
Changing the maximum transmission unit (MTU) of a VLAN
Advertisements may contain some or all of the following information:
Management domain name. Advertisements with different names are ignored.
Configuration revision number. The higher number indicates a more recent configuration.
Message Digest 5 (MD5). MD5 is the key that is sent with the VTP when a password
has been assigned. If the key does not match, the update is ignored.
Updater identity. The updater identity is the identity of the switch that is
sending the VTP summary advertisement.
9.2.5
VTP configuration
The following basic tasks must be considered before configuring VTP and VLANs
on the network.
Determine the version number of VTP that will be utilized.
Decide if this switch is to be a member of an existing management domain or
if a new domain should be created. If a management domain exists, determine
the name and password of the domain.
Choose a VTP mode for the switch.
Two different versions of VTP are available, Version 1 and Version 2. The two versions are not interoperable. If a switch is configured in a domain for VTP Version 2, all switches in the management domain must be configured for VTP Version 2. VTP Version 1 is the default. VTP Version 2 may be implemented if some of the specific features that VTP Version 2 offers are not offered in VTP Version 1. The most common feature that is needed is Token Ring VLAN support.
To configure the VTP version on a Cisco IOS command-based switch, first enter VLAN database mode.
Use the following command to change the VTP version number on a set command-based switch.
Switch#vlan database
Switch(vlan)#vtp v2-mode
If the switch being installed is the first switch in the network, create the management domain. If the management domain has been secured, configure a password for the domain.
To create a management domain use the following command:
Switch(vlan)#vtp domain cisco
The domain name can be between 1 and 32 characters. The password must be between 8 and 64 characters long.
To add a VTP client to an existing VTP domain, always verify that its VTP configuration revision number is lower than the configuration revision number of the other switches in the VTP domain. Use the show vtp status command. Switches in a VTP domain always use the VLAN configuration of the switch with the highest VTP configuration revision number. If a switch is added that has a revision number higher than the revision number in the VTP domain, it can erase all VLAN information from the VTP server and VTP domain.
Choose one of the three available VTP modes for the switch. If this is the first switch in the management domain and additional switches will be added, set the mode to server. The additional switches will be able to learn VLAN information from this switch. There should be at least one server.
VLANs can be created, deleted, and renamed at will without the switch propagating changes to other switches. If a large number of people are configuring devices within the network, there is a risk of overlapping VLANs with two different meanings in the network but with the same VLAN identification.
To set the correct mode of the Cisco IOS command-based switch, use the following command:
Switch(vlan)#vtp {client | server | transparent}
Figure shows the output of the show vtp status command. This command is used to verify VTP configuration settings on a Cisco IOS command-based switch.
Figure shows an example of the show vtp counters command. This command is used to display statistics about advertisements sent and received on the switch.
9.3.1
VLAN basics
A VLAN is a logical grouping of devices or users that can be grouped by function,
department, or application regardless of their physical location.
VLANs are configured at the switch through software. The number of competing
VLAN implementations can require the use of proprietary software from the switch
vendor. Grouping ports and users into communities of interest, referred to as
VLAN organizations, may be accomplished by the use of a single switch or more
powerfully among connected switches within the enterprise. By grouping the ports
and users together across multiple switches, VLANs can span single building
infrastructures or interconnected buildings. VLANs assist in the effective use
of bandwidth as they share the same broadcast domain or Layer 3 network. VLANs
optimize the collection and use of bandwidth. VLANs contend for the same bandwidth
although the bandwidth requirements may vary greatly by workgroup or department.
The following are some VLAN configuration issues:
A switch creates a broadcast domain
VLANs help manage broadcast domains
VLANs can be defined on port groups, users or protocols
LAN switches and network management software provide a mechanism to create VLANs
VLANs help control the size of broadcast domains and localize traffic. VLANs are associated with individual networks. Therefore, network devices in different VLANs cannot directly communicate without the intervention of a Layer 3 routing device.
When a node in one VLAN needs to communicate with a node in another VLAN, a router is necessary to route the traffic between VLANs. Without the routing device, inter-VLAN traffic would not be possible.
9.3.2
Introducing inter-VLAN routing
When a host in one broadcast domain wishes to communicate with a host in another
broadcast domain, a router must be involved.
Port 1 on a switch is part of VLAN 1, and port 2 is part of VLAN 200. If all of the switch ports were part of VLAN 1, the hosts connected to these ports could communicate. In this case however, the ports are part of different VLANs, VLAN 1 and VLAN 200. A router must be involved if hosts from the different VLANs need to communicate.
The most important benefit of routing is its proven history of facilitating networks, particularly large networks. Although the Internet serves as the obvious example, this point is true for any type of network, such as a large campus backbone. Because routers prevent broadcast propagation and use more intelligent forwarding algorithms than bridges and switches, routers provide more efficient use of bandwidth. This simultaneously results in flexible and optimal path selection. For example, it is very easy to implement load balancing across multiple paths in most networks when routing. On the other hand, Layer 2 load balancing can be very difficult to design, implement, and maintain.
If a VLAN spans across multiple devices a trunk is used to interconnect the devices. A trunk carries traffic for multiple VLANs. For example, a trunk can connect a switch to another switch, a switch to the inter-VLAN router, or a switch to a server with a special NIC installed that supports trunking.
Remember that when a host on one VLAN wants to communicate with a host on another, a router must be involved.
9.3.3
Inter-VLAN issues and solutions
When VLANs are connected together, several technical issues will arise. Two
of the most common issues that arise in a multiple-VLAN environment are:
The need for end user devices to reach non-local hosts
The need for hosts on different VLANs to communicate
When a device needs to make a connection to a remote host, it checks its routing table to determine if a known path exists. If the remote host falls into a subnet that it knows how to reach, then the system checks to see if it can connect along that interface. If all known paths fail, the system has one last option, the default route. This route is a special type of gateway route, and it is usually the only one present in the system. On a router, an asterisk (*) indicates a default route in the output of the show ip route command. For hosts on a local area network, this gateway is set to whatever machine has a direct connection to the outside world, and it is the Default Gateway listed in the workstation TCP/IP settings. If the default route is being configured for a router which itself is functioning as the gateway to the public Internet, then the default route will point to the gateway machine at an Internet service provider (ISP) site. Default routes are implemented using the ip route command.
Router(Config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1
In this example, 192.168.1.1 is the gateway. Inter-VLAN connectivity can be achieved through either logical or physical connectivity.
Logical connectivity involves a single connection, or trunk, from the switch to the router. That trunk can support multiple VLANs. This topology is called a router on a stick because there is a single connection to the router. However, there are multiple logical connections between the router and the switch.
Physical connectivity involves a separate physical connection for each VLAN. This means a separate physical interface for each VLAN.
Early VLAN designs relied on external routers connected to VLAN-capable switches. In this approach, traditional routers are connected via one or more links to a switched network. The router-on-a-stick designs employ a single trunk link that connects the router to the rest of the campus network. Inter-VLAN traffic must cross the Layer 2 backbone to reach the router where it can move between VLANs. Traffic then travels back to the desired end station using normal Layer 2 forwarding. This out-to-the-router-and-back flow is characteristic of router-on-a-stick designs.
9.3.4
Physical and logical interfaces
In a traditional situation, a network with four VLANs would require four physical
connections between the switch and the external router.
As technologies such as Inter-Switch Link (ISL) became more common, network designers began to use trunk links to connect routers to switches. Although any trunking technology such as ISL, 802.1Q, 802.10, or LAN emulation (LANE) can be used, Ethernet-based approaches such as ISL and 802.1Q are most common.
The Cisco Proprietary protocol ISL as well as the IEEE multivendor standard 802.1q are used to trunk VLANs over Fast Ethernet links.
The solid line in the example refers to the single physical link between the Catalyst Switch and the router. This is the physical interface that connects the router to the switch.
As the number of VLANs increases on a network, the physical approach of having one router interface per VLAN quickly becomes unscalable. Networks with many VLANs must use VLAN trunking to assign multiple VLANs to a single router interface.
The dashed lines in the example refer to the multiple logical links running over this physical link using subinterfaces. The router can support many logical interfaces on individual physical links. For example, the Fast Ethernet interface FastEthernet 0/0 might support three virtual interfaces numbered FastEthernet 1/0.1, 1/0.2 and 1/0.3.
The primary advantage of using a trunk link is a reduction in the number of router and switch ports used. Not only can this save money, it can also reduce configuration complexity. Consequently, the trunk-connected router approach can scale to a much larger number of VLANs than a one-link-per-VLAN design.
9.3.5
Dividing physical interfaces into subinterfaces
A subinterface is a logical interface within a physical interface, such as the
Fast Ethernet interface on a router.
Multiple subinterfaces can exist on a single physical interface.
Each subinterface supports one VLAN, and is assigned one IP address. In order for multiple devices on the same VLAN to communicate, the IP addresses of all meshed subinterfaces must be on the same network or subnetwork. For example, if subinterface 2 has an IP address of 192.168.1.1 then 192.168.1.2, 192.168.1.3, and 192.1.1.4 are the IP addresses of devices attached to subinterface 2.
In order to route between VLANs with subinterfaces, a subinterface must be created for each VLAN.
The next section discusses the commands necessary to create subinterfaces and apply a trunking protocol and an IP address to each subinterface.
9.3.6
Configuring inter-VLAN routing
This section demonstrates the commands necessary to configure inter-VLAN routing
between a router and a switch. Before any of these commands are implemented,
each router and switch should be checked to see which VLAN encapsulations they
support. Catalyst 2950 switches have supported 802.1q trunking since the release
of Cisco IOS release 12.0(5.2)WC(1), but they do not support Inter-Switch Link
(ISL) trunking. In order for inter-VLAN routing to work properly, all of the
routers and switches involved must support the same encapsulation.
On a router, an interface can be logically divided into multiple, virtual subinterfaces.
Subinterfaces provide a flexible solution for routing multiple data streams
through a single physical interface. To define subinterfaces on a physical interface,
perform the following tasks:
Identify the interface.
Define the VLAN encapsulation.
Assign an IP address to the interface.
To identify the interface, use the interface command in global configuration mode.
Router(config)#interface fastethernet port-number. subinterface-number
The port-number identifies the physical interface, and the subinterface-number identifies the virtual interface.
The router must be able to talk to the switch using a standardized trunking protocol. This means that both devices that are connected together must understand each other. In the example, 802.1q is used. To define the VLAN encapsulation, enter the encapsulation command in interface configuration mode.
Router(config-if)#encapsulation dot1q vlan-number
The vlan-number identifies the VLAN for which the subinterface will carry traffic. A VLAN ID is added to the frame only when the frame is destined for a nonlocal network. Each VLAN packet carries the VLAN ID within the packet header.
To assign the IP address to the interface, enter the following command in interface configuration mode.
Router(config-if)#ip address ip-address subnet-mask
The ip-address and subnet-mask are the 32-bit network address and mask of the specific interface.
In the example, the router has three subinterfaces configured on Fast Ethernet interface 0/0. These three interfaces are identified as 0/0.1, 0/0.2, and 0/0.3. All interfaces are encapsulated for ISL. Interface 0/0.1 is routing packets for VLAN 1, whereas interface 0/0.2 is routing packets for VLAN 20 and 0/0.3 is routing packets for VLAN 30.