CISCO SWITCHES | Cisco: A Beginners Guide, Fourth Edition

It's no exaggeration to say that switched network technology is revolutionizing how internetworks are designed and what they can do for users. Over the past decade, switches have begun pushing internetworks to size scales and service levels many considered infeasible not long ago.

But what exactly are switched networks? How do they work? As Cisco likes to put it, "Switches deliver shared bandwidth." How can the switch do this? The answer is in the electronics:

They run at very high speeds because they operate at the data-link layer (layer 2) instead of at the network layer (layer 3), where routers operate. This enables switches to process traffic without creating bottlenecks.
They have many of the capabilities of a router, but sit between the host and the backbone, instead of between backbones as routers do. Switches can take control of traffic at or near its source, whereas the router usually doesn't take over until the message is ready to begin its trek to a remote LAN. Taking control at the source takes much of the randomness out of network operations.

How an Individual Switch Works

Almost all computer advances in one way or another come down to miniaturization and speed, and the network switch is no different. They are smart and fast enough to read both the source port and the destination port of each frame and "switch" messages between the two (thus the name). This is shown in Figure 5-7.

image from book
Figure 5-7: Switches deliver signals to a specific port

Much like routers, switches examine destination and source addresses as messages pass through. Switches differ from routers in that they're looking at layer-2 MAC addresses instead of layer-3 IP addresses.

The switch provides a shared media LAN into which hosts can connect. But the switch is at the same time able to assume packet-sorting duties, for two reasons:

Switches have more powerful electronics than their predecessors, the hubs.
They operate at the data-link layer (layer 2), which means they don't have to dig as deep into messages as layer-3 routers.

Beefed-up electronics give the switch the ability of a speed reader, but while switches are smart, they're not nearly as smart as routers. The switch is, in effect, assigned a lighter reading assignment than routers because it handles traffic at layer 2.

To illustrate this, Figure 5-8 traces a message through a hypothetical switched network. The first step takes place between the host sending the message and its switch port. To do this, the switch reads the incoming message's destination MAC address and instantly moves it to the outbound port it associates with that destination MAC.

image from book
Figure 5-8: How a message moves through a switched network

Because the message is switched to a targeted outbound port instead of being replicated to all ports, it encounters no collisions. This makes more bandwidth available and moves messages at faster throughput speeds.

The same process holds for the message's second step. As the message pours out of the outbound port on Switch 1, it has dedicated bandwidth (no collisions) over the cable connecting it to the port in Switch 2. The switching process again repeats itself through the third step all the way out to the destination host.

When a switch receives a message seeking an address it doesn't know, instead of dropping the message, the switch transmits the message to all its ports. This process is called flooding, which is necessary for discovery-type messages. For example, Dynamic Host Configuration Protocol (DHCP) is used by a host when it boots up to locate nearby services, such as network printers. Without flooding, switches could not support broadcast messages sent by DHCP and other utilities.

Switched Networking Basics

How is it possible to have dedicated bandwidth all the way through a multiple-device network connecting hundreds of hosts? The answer is that switched networks balance intelligence with raw power.

In simplified terms, routers move messages through an internetwork to their destinations by working from left to right across the destination's IP address, as depicted in the following illustration:

In a general sense, as the message hops between routers, it checks the routing table maintained in each new router, trying to match the next part of the destination IP address. When it finds a match, the message moves through the internetwork to the router whose location is represented by that matched IP address information. Sooner or later, the message arrives at the router serving as the gateway to the destination host.

In sharp contrast, a message must find its way through a switched network without the luxury of hierarchical IP addresses. Switched networks operate using MAC addresses, which are considered to be flat in topology. A MAC address-also called a physical address-is a sort of network serial number assigned to a host's NIC. The first half of every MAC address is a vendor code (also known as an Organizationally Unique Identifier-OUI) signifying the manufacturer of the NIC; the second half is the serial number of the actual device. If you move a device to the other side of the world, its MAC address remains unchanged. Switched networks are completely flat in that, because they rely solely on MAC addresses, they essentially think all devices and hosts are attached to the same cable. Beyond the friendly confines of the home LAN, a MAC address is a small clue. How, then, do switched networks manage to deliver messages?

When a switch is turned on, it begins building a dynamic address table. It does so by examining the source MAC address of each incoming frame and associating it with the port through which it came. In this way, the switch figures out what hosts are attached to each of its ports. Figure 5-9 shows a dynamic address table.

image from book
Figure 5-9: The content of a switch's dynamic address table is topologically flat

The switch also discovers and maps the surrounding neighborhood using Cisco Discovery Protocol (CDP), which was covered in Chapter 4. The switch uses CDP to discover nearby switches. CDP only talks to those switches it is directly connected with, but, as Figure 5-10 shows, that doesn't matter. MAC addresses are passed back through a chain of cooperating switches until they reach the switch building its dynamic address table.

image from book
Figure 5-10: The switches share physical address information to determine paths through networks

Switches drop unused MACs after a default period of five minutes. The dynamic address table isn't as smart as routing tables, which use all types of costing algorithms to choose optimal paths. A switch simply places the most frequently used MACs toward the top of its dynamic address table. Together, these two procedures guarantee that the switch's network path-finding intelligence is at least fresh, and more likely to be reliable.

Designing Switched Internetworks

Even if a switch's dynamic address table could identify a path through a large switched internetwork, if that path required hundreds or even just dozens of hops, it would be too slow. Two technologies have been developed to solve this problem: switched backbones and multilayer switching.

Switched Backbones

Switched backbones are high-end switches used to aggregate bandwidth from other switches. The idea of a switched backbone is for it to have the biggest dynamic address table of all. Switched backbones are frequently configured with multiple high-end switches, both for purposes of redundancy and in order to attain blazingly fast throughput rates. The point here is to illustrate how the backbones can be enhanced.

It'd be neat to tell you that switched backbones are fat, high-tech cables strung atop towering pylons in electrical utility power grids, or that they're meshed networks of very fast and expensive T3 high-speed data circuits. But they're not. Even the biggest of the big switched backbones is an unglamorous collection of refrigerator-like boxes cabled together, quietly humming away in a computer room somewhere.

A switched backbone's job is to concentrate what would otherwise be many hops into a single hop through a single backbone LAN. Switched backbones pack large amounts of memory and throughput into a single configuration. Not all switched backbones are behemoths. A switched backbone might be a device about the size of a pizza box sitting in a rack in a data closet. Remember, a backbone by definition is a relatively fast LAN interconnecting other LANs.

While switched backbones aren't absolutely necessary in smaller networks, they probably are in very large ones. You might remember when AOL's network collapsed. After the headlines faded, gurus lambasted AOL for having stuck with its mostly routerbased topology for too long.

Switched backbones are implemented using any of three technologies:

ATM (Asynchronous Transfer Mode)
Fast Ethernet or Gigabit Ethernet
10 Gigabit Ethernet

Many large internetworks inevitably have subnets implementing a variety of technologies. For this reason, Cisco's Catalyst 6500 family of switches features any-to-any switching between ATM, Gigabit, Fast Ethernet, and 10 Gigabit Ethernet.

Aggregating bandwidth, of course, means rolling up traffic from a number of access switches into another larger and faster switch (or group of switches). Because switched networks deal only in MAC addresses, this cannot be done by hierarchical routing. The workaround is to create levels of switches through uplink ports. Figure 5-11 depicts how this configuration funnels the traffic from many hosts through the host switch out to the backbone switch.

image from book
Figure 5-11: Uplink ports aggregate traffic into the switched backbone

This configuration technique enables designers to create a power hierarchy in lieu of a logical hierarchy. Switched networks aggregate traffic into the bandwidth of a single switch to help keep traffic flowing. Described in basic terms, this is accomplished by a switched backbone machine having more switches connected directly to it and thus building a much larger dynamic address table.

Each Cisco switch's ability to aggregate bandwidth into a high-speed intelligent backbone relies on most or all of the advanced switching technologies introduced in Table 5-4.

Table 5-4: Key Switching Technologies
Technology	Description
Address Cache	Also called MAC cache-the maximum number of MAC addresses a switch can maintain in its dynamic address table, which is a function of a combination of factors, including DRAM and CPU capacity.
Wirespeed	Also called forwarding rate-the rate at which a switch can pick up a stream of packets from an incoming cable, usually expressed in packets per second (pps).
Backplane (Switch Fabric)	The data rate of the switch's bus, which services CPU, memory, and I/O controllers, expressed in megabits per second (Mbps) or gigabits per second (Gbps).
IP Multicast	Certain message types tend to be multicast, where, for example, one copy of a message is sent to 1,000 hosts instead of 1,000 copies being sent. Doing this through a switched network requires a switch with sufficient processing power, memory capacity, bus speed, and software to handle such large MAC addressing transactions. IP Multicast is becoming an important switch technology as the world moves to the type of traffic that lends itself to multicast messaging, such as video on demand.

The technology central to Cisco's switched backbone strategy is something called EtherChannel, which is a bus technology. Strictly speaking, a bus is a cable (or a printed circuit board functioning like a cable). What makes EtherChannel a full-blown technology is that it's an integrated package of high-speed cabling, connectors, controllers, software, and management tools designed to sustain high switching throughput rates. EtherChannel provides bandwidth scalability in increments from 200 Mbps to 80 Gbps.

EtherChannel works by allowing logical groups of ports to serve as high-speed connections between switches sitting in the same location. An EtherChannel group can have up to 12 member ports. Ports are usually grouped to service a specific VLAN, which is why EtherChannel is central to Cisco's switched network strategy: Aggregating bandwidth means interconnecting switches to switch servers that hold ever larger dynamic MAC address tables. Large-volume streams of switched messages flow within VLANs. EtherChannel is where the logical meets the physical. It funnels a VLAN's traffic through a dedicated high-speed bus into a collapsed switched backbone running at about the same speed. Balanced bus-to-switch throughput speed is increasingly referred to as a switch fabric, in which ports, and even stack units, share a common dynamic address table. For example, EtherChannel combines the bandwidth of separate ports into a single port. That is, a 600-Mbps EtherChannel is really six 100-Mbps interfaces.

An added benefit is that EtherChannel groups provide load balancing and redundancy. If one port is overloaded or fails, traffic loads are transparently shifted to other ports in the group. EtherChannel is a design architecture Cisco is now using to deliver multigigabit capacity. The technology implements IEEE 802.3 100BaseX and 1000BaseX standards as Fast EtherChannel, Gigabit EtherChannel, and 10 Gigabit EtherChannel products, respectively.

Multilayer Switching

Multilayer switching is a hybrid of routing and switching technologies. Even the bestdesigned switched networks must still use routers at some level. The hierarchical topology of layer-3 IP addressing has a much better "aim" than switched network schemes, given that routers use hierarchical addresses instead of flat MAC addresses. This is why network designers are using multilayer switches to augment switched networks with the capabilities of a router to identify and utilize optimal paths to destinations. To top it off, it makes sense to integrate the functions into a single hardware platform wherever possible. Fewer hops and less "moving parts" help keep things speedy and available. Depending on the manufacturer, multilayer switching is also called IP switching, layer-3 switching, shortcut routing, and high-speed routing.

Operators of very large internetworks-mainly corporations running big intranets-are offering services in which users can click a hyperlink in one place and suddenly create a message demanding information or services from a faraway server. As users increasingly move about an internetwork to use its remote services, strain is put on the capacity of its routers. Properly implemented, multilayer switching can deliver tenfold throughput improvements at heavily traveled connection points. This is because the switch can make a routing decision and transmit the data much faster than a router.

Multilayer switching works by first determining the best route or routes through an internetwork using layer-3 protocols and then storing what it finds for later reference. Users who come along later wanting to travel that route do so through switches, bypassing the router (and the bottleneck it would cause).

Even if multilayer switching technology is not integrated into a switched network, some routing should still be used to provide some form of hierarchical topology to the network. This is necessary, not only to maintain networkwide performance, but also to enhance security. Switches will not displace routers from internetworks in the foreseeable future. However, multilayer switching could be the industry's first step toward melding what are now two technologies into one-much like how the bridge was subsumed by the router five to ten years ago.

VLANs

In a switched network, a host can participate in a VLAN (virtual local area network). Much as a group of hosts becomes a member of a physical LAN by plugging into a shared switch, it becomes part of a virtual LAN by being configured into it using switched network management software. In switched networks built using Cisco equipment, VLANs are created and maintained using the embedded configuration software or IOS.

Note

Another way to think about a VLAN is to think of it as an IP subnet. The two are synonymous.

Within a VLAN, member hosts can communicate as if they were attached to the same wire, when, in fact, they can be located on any number of physical LANs. Because VLANs form broadcast domains, members enjoy the connectivity, shared services, and security associated with physical LANs.

Basing LANs on logical parameters instead of on physical topology gives network administrators the option to align domains to parallel, geographically dispersed workgroups. Even temporary exigencies can be accommodated using VLANs. For example, if two computer programmers needed to run a week's worth of tests involving heavy upload and download activity, they could be temporarily configured into a VLAN so as not to drag down the network's performance for other members of the normal VLAN.

Domains are usually arranged by department or workgroup. However, the trend toward dynamic organizational structures in the business world has made planning and maintaining modern networks somewhat tougher than it would otherwise be. Contemporary business phenomena, such as virtual offices, distributed teams, reorganizations, mergers, acquisitions, and downsizing, cause near-constant migration of personnel and services within networks. Figure 5-12 outlines what a VLAN topology might look like.

image from book
Figure 5-12: VLAN offers unlimited flexibility in functional network design

But VLANs are more than just an organizational convenience. They are a necessity in switched networks in order to logically extend broadcast domains beyond the physical topology. Don't forget that using only MAC addresses causes flat network topology. VLANs ameliorate most flat topology problems by creating virtual hierarchies.

Largely, VLANs are created using Cisco switches. However, if a device on one VLAN needs to communicate with a device on a second VLAN, it is necessary to get a router (or layer 3 switch) involved. This is because two or more VLANs can't communicate with each other (that sort of defeats the purpose of the VLAN) without a little help from a layer-3 device.

Consider the network shown in Figure 5-13. In this example, there are two switches connecting four VLANs. Switch 1 has been configured with VLAN A and VLAN B. Switch 2 has been configured with VLAN C and VLAN D.

image from book
Figure 5-13: Routers are used to allow VLANs to communicate

VLANs A and B are sent through a single port (this is called VLAN trunking ) to the router and through another port to Switch 2. VLANs C and D are trunked from Switch 2 to Switch 1, then through Switch 1 to the router. This trunk is able to carry the traffic from all four VLANs. That single connection to the router allows it to appear on all four VLANs.

Since the VLANs are connected to the router, they can communicate with each other through the trunking connection between the two switches, using the router. For instance, if a file is located on a computer on VLAN D and a computer on VLAN A needs access to it, the data must travel from Switch 1 to the router, then back to the Switch 1, then on to Switch 2. In simple terms, because of the trunking, both computers and the router think they are on the same physical segment.

Cisco's Switched Network Products

Cisco's main line of switched network solutions is its Catalyst Switches, delivered in over a dozen different series of products. With the vast options available, you can "have it your way," at least when it comes to high-performance switching. The Catalyst line is similar to Cisco routers in that it includes fixed-configuration desktop models and configurable Plug-and-Play modular chassis models, all the way up to "dormitory refrigerator" packages with high-speed buses into which many cards can be inserted-each card packing as much as other fully configured Catalyst models.

In keeping with well-established trends in the networking marketplace, most Cisco LAN switches are Ethernet products. The lineup of Catalyst-switched backbone products incorporates the diversity of technologies competing at that level, with support for Fast Ethernet, Gigabit Ethernet, and ATM.

Most Cisco switches run a full-blown image of the IOS software, different only in that it's tuned for switching rather than routing. Most Catalyst switches offer the regular command-line interface, but some have a menu-driven interface.

Cisco switched network products are packaged to:

Deliver seamless migration from legacy technologies, with tools such as 10/100/1000 autosensing and high-speed uplink ports
Enable interoperation between diverse technologies, such as ATM and Ethernet
Facilitate bandwidth aggregation through scalable configurations and powerful switch fabric technologies
Be manageable using remote monitoring, configuration, and security tools

The following sections describe the line of Cisco switches, which were current as of the time this was written. Refer to http://www.cisco.com for current catalogs of information on Cisco switches and other products.

Cisco Catalyst LAN Switches

A LAN switch is a high-speed layer-2 device that forwards traffic between LAN segments. It is not to be confused with access switches, such as the MicroSwitch or a low-end Catalyst switch, which are devices that connect hosts to internetworks much like hubs. Put another way, access switches form LAN segments; LAN switches switch between them.

The Cisco Catalyst Series family of LAN switches is the broadest in the industry. Catalyst models range from a four-port model all the way up to the carrier-class Catalyst 8500. The first tier of the Catalyst LAN switch line contains the 2900s, outlined in Table 5-5.

Table 5-5: Midrange Catalyst Switches With High Port Densities
Product Series	Description
Catalyst 2900 Series	Four models with 12 to 48 ports for Ethernet/Fast Ethernet 10/100 auto sensing. Not stackable.
Catalyst 2940 Series	Two models with eight 10/100 Ethernet ports. The 2940-8TF model offers Gigabit Ethernet.
Catalyst 2950 Series	Eleven models with between 12 and 48 ports of 10/100 Ethernet and (on most models) two ports of Gigabit Ethernet uplinks. Offers intelligent functionality, including security services and quality of service (QoS).
Catalyst 2955 Series	Three models, each with 12 ports. Offers speeds up to Gigabit Ethernet. This industrial-grade switch is meant for use in harsh environments and offers both copper and fiber options. This switch is suitable for military and utility market applications.
Catalyst 2960 Series	Five models with 24 to 48 ports. Offers speeds up to Gigabit Ethernet, has a fixed configuration, and is a stand-alone device for entry level enterprises and branch offices.
Catalyst 2970 Series	Two models of 24-port Gigabit Ethernet switches. These switches are designed for workgroups and small branch offices, offering speeds up to Gigabit Ethernet. The 2970G-24TS model also offers four small form-pluggable (SFP) ports.

Multilayer switching (also called layer-3 switching) first appears in the middle range of the Catalyst switch line, as you can see in Table 5-6. To reiterate, multilayer switches are devices with IP routing capability built into the switch hardware, thereby combining some of the logical capabilities of IP routing with the raw speed of switching.

Table 5-6: Mid-Range Catalyst Switches With Multilayer Switching
Product Series	Description
Catalyst Express 500 Series	Four models with 8 to 24 ports. Optimal for businesses with up to 250 employees. Offers speeds up to Gigabit Ethernet and offers Power over Ethernet (PoE) for simplified installation and use.
Catalyst 3550 Series	Nine models of stackable, multilayer Ethernet switches. Models offer 24 or 49 10/100 Ethernet ports and two Gigabit Ethernet uplinks.
Catalyst 3560 Series	Eight models with 24 to 48 ports. These switches offer speeds up to Gigabit Ethernet and are fixed-configuration, enterprise-class devices.
Catalyst 3750 Series	Four models of stackable switches offering 24 or 48 10/100 Ethernet ports. One model offers 12 Gigabit Ethernet ports. The switches utilize StackWise technology, which allows stacking with nine other 3750 units.
Catalyst 4500 Series	Four models of switches with 3, 6, 7, or 10 slots. Each slot is capable of accepting various switching modules offering 10/100 or Gigabit Ethernet with up to 240 ports.
Catalyst 4900 Series	Two models with up to 48 ports, this series is based on the Catalyst 4500 series. These switches offer Gigabit Ethernet speeds and also feature two 10 Gigabit Ethernet ports.

Cisco offers two high-end backbone switches, one for Gigabit Ethernet and the other for ATM. Table 5-7 outlines them.

Table 5-7: Cisco's Two High-End Catalyst Switches With Gigabit, 10 Gigabit, and ATM Backbones
Product Series	Description
Catalyst 6500 Series	Five models with three to thirteen slots. The switches can be customized by adding various modules, including Gigabit Ethernet, 10 Gigabit Ethernet, voice, ATM, and other modules.
Catalyst 8500 Series	Four models with five to thirteen slots supporting multiservice ATM switching optimized for aggregating multiprotocol traffic. Not stackable. Cisco's choice for ATM backbone switches.

The Catalyst 6500 and 8500 are carrier-class switch devices. They have very high port density to interconnect hundreds of LAN segments. The 6500 has a special blade that handles multilayer switching functionality. The 8500 line is tuned for multimedia traffic types, such as VoIP, videocasting, and other specialized types.

Configuring and Managing Cisco Switches

Cisco Catalyst switches can be configured using either the IOS command-line interface or a Web interface, like the Visual Switch Manager (VSM), or Cluster Management Suite (CMS). Which to use is a matter of user preference; neither configures anything the other doesn't. If you use the command-line interface, the normal rules apply as far as using Telnet to log in through the Console port. For simplicity's sake, we'll use Cluster Management Suite to explain Cisco switch configuration and management.