CST3607 Class Notes 2018-11-13

News & Tools

Exam 2 Debriefing

  • Make sure to bring in your hard-copy of the Quiz, with your answers to review in class.

Lab-05 Debriefing

  • Make sure to bring your completed Lab-05 simulation file to class.

Chapter 10: Layer 2 Switching

The three functions of a switch.

  • Address learning
  • forward/filter decisions
  • loop avoidance.

Configuring an IP address on a switch

  • The Management VLAN Interface, is a routed interface on every Cisco switch and is called interface VLAN 1.

Port Security on a Switch

(Chapter 10, pg. 417)

  • Protect: When the number of secure MAC addresses reaches the maximum limit allowed on the port, packets with unknown source addresses are dropped until you remove a sufficient number of secure MAC addresses to drop below the maximum value or increase the number of maximum allowable addresses. 
    You are not notified that a security violation has occurred.
  • Restrict: When the number of secure MAC addresses reaches the maximum limit allowed on the port, packets with unknown source addresses are dropped until you remove a sufficient number of secure MAC addresses to drop below the maximum value or increase the number of maximum allowable addresses. 
    In this mode, you are notified that a security violation has occurred. An SNMP trap is sent, a syslog message is logged, and the violation counter increments.
  • Shutdown: A port security violation causes the interface to become error-disabled and to shut down immediately, and the port LED turns off. When a secure port is in the error-disabled state, you can bring it out of this state by entering the errdisable recovery cause psecure-violation global configuration command, or you can manually re-enable it by entering the shutdown and no shut down interface configuration commands. This is the default mode.

Restrict and shutdown violation modes alert you via SNMP that a violation has occurred on a port.

  • Note: There’s an error in Appendix B, pg. 1005: Answer to Chapter 10 Review Question 11: The correct answer should be A, C and the explanation should read: “Shutdown and restrict mode will alert you…”

Summary of the different port states

State Forward Frames Learn MAC Addresses Duration
Blocking No No 20 seconds  
Listening No No 15 seconds  
Learning No Yes 15 seconds  
Forwarding Yes Yes  

Spanning Tree Protocol (STP)

Chapter 15 (Enhanced Switching Technologies, R&S 2nd Ed.), pages 602 – 618

  • The function of Spanning Tree Protocol (STP) is to prevent Layer 2 switching loops and broadcast storms in a Local Area Network (LAN).
  • The Spanning Tree Protocol (STP) allows redundant links in a network to prevent complete network failure if an active link fails, without the danger of Layer 2 Switching loops.

Bridge Protocol Data Unit (BPDU)

  • Bridge Protocol Data Units (BPDUs) are messages exchanged between the switches inside an interconnected redundant Local Area Network (LAN).
  • Bridge Protocol Data Units (BPDUs) frames contain information regarding the Switch ID, originating switch port, MAC address, switch port priority, switch port cost etc.
  • Bridge Protocol Data Units (BPDUs) frames are sent out as multicast messages regularly at multicast destination MAC address 01:80:c2:00:00:00. When Bridge Protocol Data Units (BPDUs) are received, the Switch uses a mathematical formula called the Spanning Tree Algorithm (STA) to know when there is a Layer 2 Switch loop in network and determines which of the redundant ports needs to be shut down.
  • The basic purpose of the Bridge Protocol Data Units (BPDUs) and the Spanning Tree Algorithm (STA) is to avoid Layer 2 Switching loops and Broadcast storms.

Spanning Tree Protocol (STP): Port States

The ports on a switch with enabled Spanning Tree Protocol (STP) are in one of the following four port states.

Blocking

  • A port in the blocking state does not participate in frame forwarding and also discards frames received from the attached network segment.
  • During blocking state, the port is only listening to and processing BPDUs on its interfaces.

Listening

  • During the listening state the port discards frames received from the attached network segment and it also discards frames switched from another port for forwarding.
  • At this state, the port receives BPDUs from the network segment and directs them to the switch system module for processing.

Learning

  • During the learning state, the port is listening for and processing BPDUs.
  • In the listening state, the port begins to process user frames and starts to update the MAC address table.
  • But the user frames are not forwarded to the destination.

Forwarding

  • A port in the forwarding state forwards frames across the attached network segment.
  • In a forwarding state, the port will process BPDUs, update its MAC Address table with frames that it receives, and forward user traffic through the port.
  • Forwarding State is the normal state.

Note: “Disabled” is not one of the four STP states. Disabled (technically, is not a transition state). A port in the administratively disabled state doesn’t participate in frame forwarding or STP. A port in the disabled state is virtually nonoperational.

Read / Do / Watch

Chapter 15 Spanning Tree Protocol (STP) pages 602 – 618 (Enhanced Switching Technologies, R&S 2nd Ed.)

Chapter 11: VLANs and InterVLAN Routing (CCNA Routing and Switching Study Guide 2nd Edition)

  • Read Chapter 11: VLANs and InterVLAN Routing
  • Do the: Written Lab
  • Do the: Review Questions
  • Do the: Hands-on Labs

Additional Resources:

Leave a Comment