Switches




Switches

  • Switch Advantages :

  1. Wire Speed.

  2. Hardware Based.

  3. Bridging (ASIC)

  4. Low Latency.

  5. Low Cost

  • Difference between Bridge & Switch

    1. Bridge is SOFTWARE BASED —- Switch is HARDWARE BASED

      Switch is multi-port bridge

      Bridge has only 1 spanning tree —- Switch has many spanning trees

      Both forward layer 2 broadcast.

      Both learn MAC address from the source address of the frame and store it in the MAC table.

      Both forward based on the Destination MAC address.

  • 3 SW Functions:

  1. Address Learning

  2. Forward/Filter Decision

  3. Loop Avoidance [ STP used to stop network loops while still permitting redundancy ]

  • When the MAC Forward/Filter table are Full, the SW has no choice but to flood the network with the frame.

  • If a host didn’t communicate for a certain amount of time the SW will flush (Remove) it’s entry from the table.

  • To show the MAC table use command #show mac-address-table , this is useful to find which device connected to which port by it’s MAC address

  • PORT-SECURITY COMMANDS AND USE:

  • To access port-security option use these commands

    #interface fast ethernet …

    #switchport port-security …… <—– this will have 4 options

  1. aging

  2. mac-address (secure mac address by entering the mac address manually or by using sticky after it so it will use the mac addresses connect to this port)

  3. maximum (means maximum mac addresses to hold)

  4. violation (security violation mode, means what to do if the security option you choosed was broken, has 3 options, protect , restrict , shutdown )

  • To allow only 1 host per port

    #interface …

    #switchport port-security mac-address sticky

    #switchport port-security maximum 1

    #switchport port-security violation shutdown

    this means if the mac address connected to this port changes then the port will be shutdown and to open the port again the Admin (which is you :D) must use the command #no shutdown on the interface to open the port again πŸ˜€

  • The best way to apply this port security is

    #switchport port-security mac-address sticky

    #switchport port-security maximum 2

    #switchport port-security violation shutdown

the reason why we put maximum 2 is when there is ip phone connected so there will be 2 MAC addresses, 1 for the pc and 1 for the ip phone (If there is no ip phone then make it only 1 :D)

~ by Network Techs. on September 3, 2009.

Posted in CCNA, cisco

2 Responses to “Switches”

  1. thanks ya man πŸ™‚

    MMF said this on September 6, 2009 at 4:39 AM | Reply

Leave a comment