Chapter 2: Switching Basics
In This Chapter
Viewing the switch’s location in the OSI model
Seeing how a switch forwards traffic
Booting your switch into operation
Connecting client devices to your switch
Previous chapters in this book explain where switches fit into the overall structure of the enterprise environment. In this chapter and the remainder of this minibook, you are introduced to advanced configuration of the switch.
In particular, this chapter covers how the switch functions in the OSI network model, as well as the methods the switch uses to forward traffic. You also look at the following:
• The benefits of the full duplex operation
• How a switch can speed up traffic over the operation of a hub
• The power-up process of the switch and what all of the status lights on the front of the unit mean
• The process of connecting client devices to the switch
The next chapter in Book III walks you through the configuration process, and the rest of the chapters in this minibook take you through the configuration process, both the basic configuration and some of the advanced configuration topics, such as VLANs, Spanning Tree Protocol, and EtherChannel.
Switching and the OSI Model
As you may now be aware, switching fits into the OSI model at Layer 2. If this surprises you, read Book I, Chapters 1 and 4. With switching and bridging happening at Layer 2, they deal with the MAC address information found in the Ethernet frames. If you go down to Layer 1, a device such as a repeater or hub simply takes the electrical impulse on the wire and amplifies the signal. A switch, on the other hand, reads the Ethernet frame into memory, reconstructs it, and retransmits it out of the destination port (or all ports, in the case of a broadcast frame).
Switches support the following three basic types of forwarding mechanisms:
• Store-and-forward switching: A process by which the switch reads the entire Ethernet frame into memory before examining it, at which time the switch will identify the destination address and make a forwarding decision. This type of switching provides two benefits: The switch is assured of a complete frame and no collision will occur on the network before sending the data. The drawback is a slight delay on forwarding of the data.
• Cut-through switching: With this process, a forwarding decision is made as soon as enough of the frame is read, which can be as little as 17 bytes of data past the preamble. From that much data, the switch can identify the difference among Ethernet II, IEEE 802.3, IEEE 802.2, and Ethernet_SNAP frame types. After this difference is identified, the process of forwarding the frame to its destination can begin. Depending on the type of frame and the use of Access Control Lists (ACLs), a total of 54 bytes of data can be read. This condition can significantly reduce the delay in forwarding data to its destination, because without the store-and-forward delay, you can approach true wire speed. The problem occurs when you experience a collision on your network for a data frame that is partially forwarded, making the work done forwarding the frame useless. This issue is mitigated on networks that are entirely switched because collisions will occur only when you have two or more devices connected with a hub (covered in Book I, Chapter I) that is then connected to a port on a switch. By eliminating hubs on your network, you eliminate collisions.
• Fragment-free switching: This process is similar to cut-through, with the exception that the forwarding decision is not made until the first 64 bytes of the data frame are read and are collision free. After 64 bytes are read, the switch has enough data to forward a legal frame because Ethernet requires frames to be at least 64 bytes. On a fully switched network, this process does not provide a benefit over cut-through switching. However, if the chance for collisions is high, this process is preferable to cut-through switching because it prevents forwarding frames that are less than the minimum Ethernet size. (These illegally sized frames are called runts.)
Both switching methods that forward data before the entire frame is read into the switch have a critical flaw when dealing with the integrity of the Ethernet frame. The last piece of data is the FCS, or Frame CheckSum, which is used to verify that the Ethernet frame that has arrived at the switch has not been altered or changed through a network error. Because the switch has not read the entire frame, the switch is not able to calculate a checksum or compare it to the FCS found at the end of the frame. Frames with a failed checksum should not be forwarded; but in this case, most of the switch has already been forwarded by the time the switch knows the checksum is wrong.
Because of the speed of the current switches, you will likely find that most switches on the market, like Cisco’s switches, use the store-and-forward method of passing data because the new speeds of moving data internally in the switch outweigh the cost of forwarding bad data.
Communicating with Duplex/Simplex
The terms duplex and full duplex are synonyms, as are simplex and half duplex. A simplex device is not capable of sending and receiving data at the same time. Think of the old CB radios or most of the FRS radios on the market. These devices can transmit your voice, or they can listen to the other people on the channel, but they are not able to do both at the same time, ever. The same is true for half duplex or simplex devices. These devices are only capable of sending or receiving data at any given time, so they are constantly changing from sending to receiving. This prevents them from sending data as fast as they possibly can, because after sending data, they need to wait for responses from the target systems.
The other option, full duplex, or duplex, enables network devices to send and receive data at the same time and to send it continuously, because they can receive responses to the sent packets as they are returned. When dealing with inter-switch links, or connections between switches, full duplex is the way the links need to be configured.
Using half duplex links between switches will have a grave impact on your data throughput. For example, if your network is composed of two switches with your clients’ computers on one switch, your servers on the other, and the ports linking the two switches are set to half duplex, you have a recipe for disaster. Similar to a repaving project where traffic in both directions shares one lane on the road, as traffic queues up to pass over the one-way-at-a-time link between the switches, the clients’ devices on one switch will constantly be delayed trying to “talk” to the servers on the opposite switch. I have seen networks where this has been the case, and simply changing the switches to full duplex on that inter-switch link dramatically changes the performance of the network.
Colliding and Broadcasting
Book I, Chapter 4 examines the concept of collisions on a network. However, permit me to reiterate. A collision occurs on your network when something happens to the data sent from the physical network medium that prevents it from reaching its destination. Mainly, it encounters another signal from another host on the network that yields a resulting useless signal on the network when the signals combine. The collision occurs when the sending device does not receive a clear response back within the allotted time. This causes an issue for both network devices because they both need to wait for an ever-increasing period until they are able to transmit the data clearly. If the network is busy enough, the network devices can spend an inordinate amount of time retransmitting data.
A collision can only occur at the physical layer in the OSI model (see Book I, Chapter 4). When multiple devices share a common media at the physical layer, which happens when you have multiple devices connected with a hub, there is a possibility that you will have a collision. The network area where a collision may occur is called a collision domain.
So, what benefit do you get from the switch? The switch acts like a multiport bridge that, yes, bridges two collision domains. What happens with the introduction of the bridge? The bridge breaks the network into two or more pieces, with each piece being a separate collision domain. Fewer network devices in a collision domain reduce the chance of a collision, just like fewer cars on a street reduce the chance of an accident. Figure 2-1 shows a network before and after a bridge is added. The addition of the bridge reduces the collisions on the network by reducing the number of devices sharing either portion of the shared media. No special configuration is required to implement a switch or bridge onto your network, and since it is so easy to implement this product, I will introduce you to the flow of traffic in this scenario.
Figure 2-1: Bridges break a network into multiple collision domains.
1. A network host sends an Ethernet frame destined for another host.
2. Regardless of where the destination host is, the bridge looks at the source address of the frame, and if the bridge does not recognize the MAC address of the source host, the bridge records the MAC address in the bridge’s Address Database, which includes the port on which the address is found.
3. The bridge looks at the destination MAC address in the Ethernet frame and does one of the following.
• If the bridge does not know where the destination host is, it will flood the frame out to all ports on the bridge.
• If the bridge does know where the destination host is, it will send the frame out on the port on which the destination host is located, unless it is the port on which the frame originally came from, as the destination host will already have received the frame.
4. The data should arrive at the host to which it was targeted, and the destination host will send data back to the original source host. At this point, if the bridge did not know where this host was, Step 2 will place the original destination host’s MAC address in the Address Database.
The great thing about switches and bridges is that they require almost no configuration to function. If you have a heavily congested network, adding a switch to the middle of the network reduces the collision rate on the network (refer to Figure 2-1) and you achieve an increase in network performance and throughput. This process has no impact on your network layer protocols because it takes place at Layer 2, and your network-level devices (Layer 3) will not see any difference in the traffic that they see. If you replace your network hubs with switches, each network device will be in a collision domain by itself, and your rate of collisions should reduce to zero.
Powering Up Your Switch
The first step on getting a switch integrated into a network is to get it powered up. There are several options for getting power to your switch, but the most common is the universal power cords used on enterprise products — the same power cord you find on your IT equipment and computers.
Some switches have power switches, whereas many switches are fixed to power up as soon as the power plug is attached to the system.
Viewing status lights
When you power up your switch, several things happen, and the status lights on the front of the unit tell you what is going on. (They are similar to the lights that show up briefly on your dashboard when you start your car to let you know what is working.) Every LED lights temporarily and then goes out. The system (SYST) LED turns to amber, as do all the switch ports that have devices connected. Then the Power On Self Test (POST) process takes place, which may require some time if you are dealing with a large switch. You may see LEDs flash during the POST process, but this is normal.
When the switch successfully completes the POST process, the SYST and status (STAT) LEDs become green. Switch ports that have devices remain amber for a period because Spanning Tree Protocol (STP), which is enabled by default, is in Learning mode (a feature of STP covered in Book III, Chap-ter 6) on those ports before they transition to green and allow forwarding of traffic. After these lights transition to green, your switch will be fully up and running.
Typically, a group of LEDs with a Mode selector button is on the left side of the Cisco switch, as shown in Figure 2-2. Press the button, and you see that the mode LEDs cycle through STAT, UTIL, DUPLX, and SPEED. With the change in the mode LED, you may see a change in the switch port LEDs.
• SYST: If SYST is off, the switch is off; if green, the switch is operating normally; if amber, the switch is not functioning properly, which is the case during the boot process.
• RPS: If RPS is off, a Redundant Power Supply (RPS) has not been installed or is turned off. If solid green, an RPS is connected and ready to provide power in the event of a failure of the main power supply. If flashing green, the RPS is connected but currently unavailable because of powering another device. If solid amber, the RPS has a fault or is in standby mode. If flashing amber, the RPS is functioning, and the main power supply in the switch has failed.
Figure 2-2: The Mode button will tell you more about your switch status.
• STAT: When STAT is selected, you see the status of the actual switch ports. If the switch port is off, there is no link. If the switch port is solid green, a link is present. If the switch port is flashing green, there is activity on the port. If the switch port is alternating green and amber, there is a link problem, such as excessive errors. If the switch port is solid amber, the port has been disabled. A port may be disabled automatically by a policy, manually by the administrator, or because of Spanning Tree Protocol (STP).
After you bring a port up, it could be amber for up to 30 seconds because of Spanning Tree Protocol (STP).
• UTIL: When UTIL is selected, you see the status of the actual switch ports. This one is a little complicated. When using this mode, all of the switch ports on the front of your switch are used like a big bar graph using a logarithmic scale. The green lights represent current backplane utilization. If the lights are amber, you are looking at the maximum backplane utilization since the switch was powered on. So, typically, a few amber LEDs might follow the green LEDs. If the LEDs are green and amber, the current utilization is greater than the maximum, and the maximum is being updated as you watch the LEDs.
• DUPLX: When DUPLX is selected, you see the status of the actual switch ports. If the switch port is off, the port is running in Half Duplex mode; if the switch port is green, the port is running in Full Duplex mode. You want as many ports as possible running in Full Duplex mode, especially if they are inter-switch links or trunk ports between switches.
• SPEED: When SPEED is selected, you see the status of the actual switch ports. If the switch port is off, the port is running at 10 Mbps; if the switch port is green, the port is running at 100 Mbps; if the switch port is flashing green, the port is running at 1000 Mbps.
If you press the Mode button on a switch for three seconds and all the mode LEDs start to blink in unison, the switch has already completed Express Setup mode.
If you have attached a rollover cable (Book I, Chapter 5 covers rollover cables and managing your switch) to the console port, as discussed in the next chapter, you will see that the boot process is as follows:
C2950 Boot Loader (C2950-HBOOT-M) Version 12.1(11r)EA1, RELEASE SOFTWARE (fc1)
Compiled Mon 22-Jul-02 18:57 by antonino
WS-C2950-12 starting...
Base ethernet MAC Address: 00:06:d6:ab:a0:40
Xmodem file system is available.
Initializing Flash...
flashfs[0]: 328 files, 5 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 7741440
flashfs[0]: Bytes used: 6682624
flashfs[0]: Bytes available: 1058816
flashfs[0]: flashfs fsck took 8 seconds.
...done initializing flash.
Boot Sector Filesystem (bs:) installed, fsid: 3
Parameter Block Filesystem (pb:) installed, fsid: 4
Loading “flash:c2950-i6q4l2-mz.121-22.EA13.bin”...###########################################################################################################################################################################################################
File “flash:c2950-i6q4l2-mz.121-22.EA13.bin” uncompressed and installed, entry point: 0x80010000
executing...
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA13, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by cisco Systems, Inc.
Compiled Fri 27-Feb-09 22:20 by amvarma
Image text-base: 0x80010000, data-base: 0x80570000
Initializing flashfs...
flashfs[1]: 328 files, 5 directories
flashfs[1]: 0 orphaned files, 0 orphaned directories
flashfs[1]: Total bytes: 7741440
flashfs[1]: Bytes used: 6682624
flashfs[1]: Bytes available: 1058816
flashfs[1]: flashfs fsck took 8 seconds.
flashfs[1]: Initialization complete.
Done initializing flashfs.
POST: System Board Test : Passed
POST: Ethernet Controller Test : Passed
ASIC Initialization Passed
POST: FRONT-END LOOPBACK TEST : Passedcisco WS-C2950-12 (RC32300) processor (revision B0) with 20957K bytes of memory.
Processor board ID FAB0535Q22L
Last reset from system-reset
Running Standard Image
12 FastEthernet/IEEE 802.3 interface(s)
32K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address: 00:06:D6:AB:A0:40
Motherboard assembly number: 73-5782-08
Motherboard serial number: FAB0535BC1K
Model revision number: B0
Model number: WS-C2950-12
System serial number: FAB0535Q22L
Press RETURN to get started!
00:00:15: %SPANTREE-5-EXTENDED_SYSID: Extended SysId enabled for type vlan
00:00:17: %SYS-5-CONFIG_I: Configured from memory by console
00:00:17: %SYS-5-RESTART: System restarted --
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA13, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by cisco Systems, Inc.
Compiled Fri 27-Feb-09 22:20 by amvarma
00:00:17: %SNMP-5-COLDSTART: SNMP agent on host Switch1 is undergoing a cold start
00:00:21: %LINK-3-UPDOWN: Interface FastEthernet0/3, changed state to up
00:00:21: %LINK-3-UPDOWN: Interface FastEthernet0/8, changed state to up
00:00:21: %LINK-3-UPDOWN: Interface FastEthernet0/10, changed state to up00:00:21: %LINK-3-UPDOWN: Interface FastEthernet0/11, changed state to up
00:00:21: %LINK-3-UPDOWN: Interface FastEthernet0/12, changed state to up
00:00:21: %LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
00:00:21: %LINK-3-UPDOWN: Interface FastEthernet0/2, changed state to up
00:00:21: %LINK-3-UPDOWN: Interface FastEthernet0/9, changed state to up
00:00:23: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3, changed state to up
00:00:23: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/8, changed state to up
00:00:23: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/10, changed state to up
00:00:23: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/11, changed state to up
00:00:23: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/12, changed state to up
00:00:23: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up
00:00:23: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/2, changed state to up
00:00:23: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/9, changed state to up
00:00:53: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up
Refer to the preceding boot process code, and notice these sections:
• Hardware initialization
• Boot loader and the selection of an IOS image
• System POST
After you see the Press ENTER message, the system has finished loading the IOS and completed the post. At this point, the switch loads its configuration into memory and enables all switch ports. Because the switch ports have just come up, they must be treated as any newly connected switch port and adhere to Spanning Tree Protocol (STP) or any other feature that applies to a switch port. You will see that the link state on all connected ports is changed to up, and after the required wait time, the line protocol is brought to an up state as well.
Connecting the client cables
You will find two main types of cables in any bundle of cables lying around your office. The majority of the cables will be straight-through cables, but some may be crossover cables. In straight-through cables, the eight pins or wires that make up the cable match directly from one side of the cable to the other. With crossover cables, the send and receive wires are exchanged with each other or are crossed. In most cases, you will want to use the standard cable because these cables are designed for connecting devices or hosts to a switch. Crossover cables are designed for switch-to-switch connections.
Many of the switches in Cisco’s product line support Auto-MDIX, which allows you to use a straight-through cable to connect two switches. If your switch does not support Auto-MDIX (or has it disabled), using a straight-through cable will not work to connect the switches, and the LED on that port will not illuminate. If you forget this, remember to check the cable when interconnecting the switch.
These cables will have either fiber connectors or some type of RJ45 connectors. Typically, you will use RJ45 connectors in ports, as shown in Figure 2-3. In this figure, notice that each switch port is numbered and illuminates when a running device is connected to the switch. Also, ensure that your cables still have their retaining clips on them and that the connectors are fully seated in the switch port socket. On several occasions, I have been troubleshooting connectivity issues, only to find a cable was not pushed all the way into the switch port socket.
Figure 2-3: The most common port on a switch is the RJ45 port.
Just as straight-through cables will not connect switches with auto-MDIX disabled, crossover cables will not connect devices to switches with auto-MDIX disabled.
After you have connected your client device to the switch, do not expect to be able to communicate with your new network neighbors right away.
By default, Spanning Tree Protocol (STP) is enabled on all of your ports, which means that new devices are not allowed to communicate until the switch is sure that the connected device is not another switch. STP does this by implementing a listening phase during which the switch is not allowed to send traffic to main data network. If the switch passes the test, then the port transitions into a forwarding state. You will see the light for that port change from amber (blocking) to green (forwarding).
If you are powering up a switch from your shelf, do not connect it to the main network until you read the rest of this minibook about switching, especially Chapter 5 on VLANs and the VLAN Trunking Protocol (VTP). If the switch you are powering up has a VLAN database with a higher reversion number than your production switches, it will overwrite your production configuration, possibly deleting all of your production VLANs.