S4 C1 REVIEW. Review Topics Switching, VLANs, LAN Design, Routing Protocols (especially IGRP), ACLs, and IPX Why use LAN switching and VLANs Must gather.

S4 C1

REVIEW

Review Topics

• Switching, VLANs, LAN Design, Routing Protocols (especially IGRP), ACLs, and IPX

• Why use LAN switching and VLANs• Must gather and assess user requirements• Select best routing protocol• Device a method to control data packet flow based

on access control lists (ACLs)• Design for multiple protocols – IPX and IP

Network Demands

• Increase in large graphic files, images, and full-motion video – place strain on 10 Mbps

• Network utilization sharing large files, accessing database servers, etc. results in network congestion which is evidenced by slower response times, longer file transfers, and decreased productivity

• SOLUTION – MORE BANDWIDTH

Why Segmentation?

• Decrease network congestion

• Data passed between segments is transmitted on backbone which is its own collision domain

LAN Switch Segmentation

• Switch eliminates impact of collisions through microsegmentation

• Switch results in low latency and high frame-forwarding rate

• LAN segmentation works with 802.3 (CSMA/CD) compliant interfaces and cabling

How a LAN Switch Operates

• Enables dedicated access, eliminates collisions, increases capacity, and supports multiple conversations

• Acts as multiport bridge creating smaller collisions domains; transparent to upper layers and uses layer 2 MAC address

• Forwards frames based on forwarding table and MAC addresses

How the LAN Switch Learns Addresses

• Examines source address of frames coming in to switch

• Sends frame out all ports expect the port the frame entered when the address is broadcast, multicast, or unknown

• Forwards frame when the destination is on a different segment (interface)

• Filters when the destination is on the same interface

Symmetric/Asymmetric

• Symmetric– Provides switching between like bandwidths– Multiple simultaneous conversations increase

network throughput

• Asymmetric– Provides switching between unlike bandwidths– Requires the switch to use memory buffering

Switching Types

• Cut Through– Lowest latency; only reads 6 bytes– No error checking – sends as soon as outgoing interface is

determined• Fragment Free

– Low latency– Checks for collisions (filters most errors) – reads 64 bytes

• Store and Forward– Highest latency– All errors filtered

• Does CRC before looking up destination tables and forwarding the frame

VLANS

• Group of ports or users in same broadcast domain

• Based on port ID, MAC address, protocol, or application

• Created with switches and network management software

• Frame tagged with VLAN ID

LVAN & Broadcast Transmission

• Logical network independent of members’ physical locations

• Administratively defined broadcast domain• Users reassigned to different VLAN using

software• Broadcast Transmission

– Single data packet sent into network and copies and set to every network node

Frame Filtering

• A filtering table is developed for each switch

• Switches share address table information

• Table entries are compared to frames

• Switch takes appropriate action

Frame Tagging

• Developed for multi-VLAN interswitched communication

• Places unique identifier in header of each frame as it travels across vertical cabling

• Identifier removed before frame exits switch on non-backbone links

• Layer 2 Protocol• Requires little processing and administrative

overhead

VLAN Broadcast Demands

• VLANS and routers restrict broadcasts to domain of origin

• Adjacent ports do not receive broadcast traffic generated from other VLANs

• Control the size of broadcast domain by limiting the size of the VLAN

Port-Centric VLANS

• All nodes attached to the same router port must be in the same broadcast domain– Users are assigned by port – VLANs are easily administered – Security between VLANs is maximized – Packets do not "leak" into other domains – VLANs and VLAN membership are easily

controlled across network

Static VLANs

• Statically assigned ports (port-centric is one type of static VLAN)

• Secure – only ports identified with VLAN receive broadcast

• Easy to configure and monitor

• Easy to reassign port to another VLAN

Dynamic VLANs

• Assigned using centralized VLAN management application

• Based on MAC address, logical address, or protocol type

• Less administration in wiring closet• Notification when unrecognized user is added to

network• More administration required up front to set up

database within VLAN management software and to maintain accurate database of users

LAN Design Goals

• Functionality

• Scalability

• Adaptability

• Manageability

Design Methodology

• Know Client – Determine Client goals

• Analyze requirements

• Develop LAN structure (physical and logical topology)

• Set up addressing and routing

Problems LAN Design Solves

• Media contention

• Excessive broadcasts

• Need to transport new payloads

• Need for more bandwidth

• Overloaded backbone

• Network layer addressing issues

Topology Issues

• Where are routers placed?

• Where are switches placed?

• What type of network media is used?

• Do you use hubs, repeaters?

• Design Goals– MDF (concentration point) with IDFs– LAN switching and microsegmentation

Design Goals Continued

• Create LAN segments that will filter flow of data packets

• Isolate ARP broadcasts

• Isolate collisions between segments

• Filter Layer 4 services between segments

• Router is the central point in the LAN for traffic destined for the WAN port.

More Design Goals

• Within the MDF and IDFs, the Layer 2 LAN switches must have high speed (100Mbps) ports allocated for servers.

Routing Metrics

• A number used to represent distance and costs

• Bandwidth, delay, load reliability, hops, ticks, Costs– Information used to select best path for routing

Routing Protocols

• Distance vector – adds metrics

• Link State (SPF) re-creates the exact topology of entire internetwork

• Balanced hybrid – combines aspects of link-state and distance vector

Distance VectorBellman-Ford

• Pass periodic copies of routing table from router to router

• Routers do not know exact topology of network

Exterior / Interior Routing Protocols

• Exterior – communicate between autonomous systems– BGP and EGP

• Interior – communicate within autonomous system– IGRP, EIGRP, OSPF, RIP

IGRP

• Cisco Proprietary• Uses bandwidth, delay, load, reliability,

and MTU (Maximum transmission Unit)• Versatile, complex topologies, flexible for

segments with different bandwidths, scalable

• Router igrp autonomous-system• Network network-number

Access Lists

• Standard– Simpler address specifications– Generally permits or denies entire protocol

suite

• Extended– More complex address specifications– Generally permits or denies specific protocols– Permits or denies with more granularity M

How Access Lists Work

• For logical completeness, an access list must have conditions that test true for all packets using the access list. A final implied statement covers all packets for which conditions did not test true. This final test condition matches all other packets. It results in a deny. Instead of proceeding in or out an interface, all these remaining packets are dropped.

Access List Numbers

• IP standard 1-99

• IP Extended 100-199 * Named (Cisco IOS 11.2 and higher)

• IPX standard 800-899

• IPX extended 900-999

• SAP Filters 1000-1099

• AppleTalk 600-699

Access Lists Check For

• Source IP address

• Destination IP address

• Specific protocols

• Upper-level TCP or UDP port

Wildcard Masks

• 0 bit means check the corresponding bit value

• 1 bit means do not check the corresponding bit value

• ANY can replace 0.0.0.0 255.255.255.255– 0.0.0.0 means any network– 255.255.255.255 means do not check any– Host ip address means check all bits

Placing IP Access Lists

• Place standard access lists close to destination

• Place extended access lists close to the source

Cisco/Novell Compatibility

• Uses Access lists and filters for IPX, RIP, SAP, and NetBIOS

• Scalable routing protocols, including Enhanced IGRP and NLSP

• Configurable RIP and SAP updates and packet sizes

• Server-less LAN support • Rich diagnostics, management, and

troubleshooting features

Novell

• Network protocol stack supports all common media access protocols. Data link and physical layers accessed through ODI (Open Data Link Interface)– RIP routing information– SAP advertise network services– NCP provides client-to-server connections and

applications– SPX connection oriented services

Novell Addressing

• 80 bits– 32 network– 48 host – MAC address

• No subnets

• No need for ARP

Cisco Encapsulation

• Ethernet– Ethernet_802.3 novell-ethernet– Ethernet_802.2 sap– Ethernet_II arpa– Ethernet_Snap snap

• Token Ring– Token-ring sap– Token-ring_snap snap

• FDDI FDDI_SNAP snap» FDDI=802.2 sap» FDDI_Raw novell-fddi

Novell Routing

• Uses ticks and top counts

• Broadcasts every 60 seconds

• Uses simple split horizon– Does not advertise routes that were learned

from the same port

• Load shares based on IPX maximum-paths

SAPs

• SAP packets advertise all NetWare services• Can add excessive broadcast traffic• Routers listen to SAPS and build tables for

known services and broadcast table every 60 seconds

• Router responds to queries by providing network address – client contacts device directly

GNS

• Broadcast from client needing a server

• Server and router get SAP packet

• Servers provide GNS response

IPX Routing Configuration

• Global– IPX Routing– Load Sharing

• Interface Configuration– Network numbers– Encapsulation Type

Show Commands and Troubleshooting

• Show ipx interface

• Show ipx route

• Show ipx servers

• Show ipx traffic

• Debug ipx routing activity

• Debug ipx sap