Please enable JavaScript.
Coggle requires JavaScript to display documents.
Networking-08: Switching (Switched Environment (Switch characteristics…
Networking-08: Switching
Introduction
Borderless Switched Network
Modularity
Resiliency
Hierarchical
Fleibility
Hierarchical structure
Distribution Layer
Core Layer
Access Layer
Types of switch
Fixed configuration switch
Modular configuration switch
Stackable configuration switch
High fault tolerance
High bandwidth
Up to 9 switches connected through StackWise ports
One switch call stack master controls operation using single IP address
Master contain saved and running configuration files
Each member has a copy for backup purposes
Switch with highest stack-member priority will become master if master becomes unavailable
Switched Environment
Switching method
Store-and-forward
Cut-through
Rapid frame forwarding
Fragment free
Collision domain
Each switch port represent one collision domain
Collisions may occur when multiple device try to communicate at the same time
Interconnected switches form single broadcast domain
Broadcast domain increase when switches connected together
Content addressable memory (CAM) table
Match MAC address to IP addresses for switching purposes
Steps
If the source MAC address already has entry in table, it rests the aging timer
Switch forwards the frame out all ports except the ingress port
Switch receives incoming frame with destination MAC address not found in MAC address table
Receive respond packet from destination device
Add source MAC address of the frame and port where the frame was received to the table
Characteristics
In networks with multiple interconnected switches, MAC address table contains multiple MAC addresses for a single port connected to other switches
Entry for MAC address typically kept alive for 5 mins
Switch characteristics
Full duplex
High port density
Segmentation of LAN
Large frame buffers
Port speed
Fast internal switching
Low per-port cost
Switch Configuration
Steps
Boot loader initialize flash file system on system board
POST checks CPU subsystem
Boot loader locates and loads default IOS software image into memory
Loads power-on-self-test (POST) program stored in ROM
IOS initialize interface using commands found in startup configuration stored in NVRAM
Switch powered on
Switch loads boot loader software from ROM
Switch Security Management
Remote management
Port security
Attacks
MAC address flooding
Violation
Condtion
Additional attempts to connect by unknown MAC address but maximum number of MAC address is reached
Address learned on one secure interface is seen on another secure interface in same VLAN
Mode
Protect
Restrict
Shutdown
Configuration
Dynamic secure MAC address
Sticky secure MAC address
Static secure MAC address
DHCP security
Attacks
DHCP starvation attack
DHCP spoofing attack
Prevention
Disable unused ports
DHCP snooping
Trusted port
Untrusted port