LAN Switching:

Switch is an intelligent device used to extend network. Switch is layer 2 and full duplex device, used
different path for sending and receiving data. Single broadcast domain and multiple collision
domains. No collision occurs, no need of CSMA/CD. Switch broadcast first time then unicast. Purpose
of assigning an IP address to a switch is to allow remote management of the switch. By default, Cisco
Routers interfaces are shut down, but Cisco Switches interfaces are open by default. Under these
three conditions switches always broadcast. Unknown Unicast frame, Unknown Multicast Frame and
Broadcast Frame.

Unknown Unicast Frame:

When a switch receives a frame with a destination MAC address, but the switch doesn’t have an
entry for that MAC Address in its MAC table, by default, the frame is flooded by the switch. This
condition is called Unknown Unicast Frame.

Unicast:
When a switch receives a frame and the destination MAC address is in MAC table, that frame is
going to be unicast. If the destination MAC address is known, there is no reason to flood the frame.

Machine may have been removed from a port, turned off, or moved to another port on the same
switch or a different switch. This could cause confusion in frame forwarding. The MAC address entry
is automatically discarded of aged out after 300 seconds. Switch MAC address table steps are;

Learning, Filtering, Flooding, Forwarding and aging.

MAC Learning and Aging:

Learning is the process of obtaining the MAC address of connected devices. When a frame reaches
into the port of a switch, the switch reads the MAC address of the source device from Ethernet
frame and compress it to its MAC address table. If the switch cannot find a corresponding entry in
MAC address table, the switch will add the address to the table with the port number via the
Ethernet frame arrived. If the MAC address is already available in the MAC address table. If the port
numbers are different, the switch updates the MAC address table new port number. Whenever
switch updates an entry in the MAC address table, the switches resets the timer for that entry.
Timers are used in aging process of old entries. Aging helps to remove old entries and free memory
of MAC address table to add new entries. The MAC address entry is automatically discarded of aged
out after 300 seconds by default.
MAC Address Table:
A switch maintains a dynamically built address table using the source MAC Address of received
frames. The switch takes the received frame and its incoming MAC address of the sending device
with the LAN port it was received on and puts that in the address table. If the switches receive a
frame and sees that the destination MAC address is not listed in the address table, it will flood that
source MAC address to the table. MAC entries are retained on switch reboot. To maintain a clean
table, an aging timer is used to remove inactive Media Access Control addresses from the table.

Commands Description
S(config)#mac address-table aging-time To change the default aging time settings
<seconds>
S(config)#mac address-table static mac-address To configure static MAC table entry
vlan <vlan-id> interface
S(config)#show mac address-table To display content of the MAC table
S(config)# show mac address-table dynamic To show MAC address dynamic list
S(config)# show mac address-table static To show MAC address static list
S(config)# show mac address-table count To show number of MAC address in table
S(config)# show mac address-table aging-time To show MAC address table time out
S(config)# show mac address-table interface eth To show MAC address of specific interface
0/1
S(config)# clear mac address-table dynamic To clear dynamic MAC addresses from table

Configuring Speed, Duplex, and Description:

Switch interface that supports multiple speeds (10/100 and 10/100/1000 interfaces), by default, will
auto negotiate what speed to use. However, you can configure the speed and duplex settings with
the duplex {auto/full/half} and speed {auto/10/100/1000} interface subcommands. The description
text interface subcommand lets you to add a text description to the interface.

Description Commands
Changing interface duplex mode to auto, full or S1(config)# interface f0/1
half S1(config-if)#duplex auto (auto, full, half)
To Change interface speed to 10/100/1000 S1(config)#interface f0/1
Mbps S1(config-if)#speed 100(10,100,1000)
To write description text to interface for easy S1(config)#interface f0/1
management purpose S1(config-if)#description <text>
Command to check interface status S1# show interface status

Collision Domain:
A collision Domain is any network segments in which collisions can take place (normally in Ethernet
networks). If there is more traffic in on a collision domain, the chance of collision is also more.
Increment in collision will result in low quality network where hosts spending more and more time
for packet retransmission. Usually switches are used to segment a collision domain.

A collision domain is a physical network segment where data packets can “collide” with one another
for being sent on a shared medium, in particular in the Ethernet networking protocol.
 • A hub is an entire collision domain since it forwards every bit it receives from one interface
on every other interface.
• A bridge is a two interface device that create 2 collision domains, since it forwards the traffic
it receives from one interface only to the interface where the destination layer 2 device
based on his MAC address is connected to. A bridge is considered as an “intelligent hub”.
• A switch is a multi-interface Hub, every interface on a switch is a collision domain. A 24
interface switch create 24 collision domains assuming every interface is connected to
something.

Broadcast Domain:
A broadcast domain is all devices that will receive any broadcast packet originating from any device
within the group. In Collision Domain, any type of data packet can encounter a collision, while in
broadcast domain, we refer broadcast packets. Usually routers are used to segment broadcast
domain.

A broadcast domain is a logical division of a computer network, in which all nodes can reach each
other by broadcast at the datalink layer.

• A switch creates an entire broadcast domain only one VLAN.

• Routers don’t forward broadcasts; hence they separate broadcast domains.
• Broadcast storms are layer 2 switching loops , which can cause serious problem to network
devices as well as communication. One of the basic function of a network switch is to
eliminate layer two switching loops.

VLAN:
By default, all ports on a switch are in the same broadcast domain. A virtual Local Area Network,
Virtual LAN, or VLAN, can be used to divide a single broadcast domain to multiple broadcast domains
in a layer 2 switched networks.

Advantages of VLAN
• Broadcast Control
• Security
• Cost

VLAN Membership Types

1. Static VLANs: In a Static VLAN, the network administrator creates a VLAN and then assigns
switch port to the VLAN. Static VLANs are also called port- based VLANs.
2. Dynamic VLANs: In a dynamic VLAN, the switch automatically assigns the port to a VLAN
using information from the user device like MAC address, IP address etc.
Configure, Verify and Troubleshooting VLANs:
The standard VLAN range is from 1 to 1005. The extended VLAN range is from 1006 to 4094. The
reserved VLAN range is from VLAN 1002-1005. A voice VLAN enables the access port to carry IP
Voice traffic from an IP phone. By default, the voice VLAN is disabled.

Types of VLAN Description

DATA Use for normal data
VOICE Use for IP phone/voice over IP(VoIP)
PRIVATE Use for security, it divided primary and
secondary VLAN
MANAGEMENT A VLAN which is used for Telnet, SSH for
configuration
Extended Usable if VTPv3 mode is transparent on
switches
Native VLAN Untagged frame is send over trunk link

Description Commands
Select a single switch port S1(config)# interface f<port number>
Select a range of interfaces S1(config)#interface range f0/2-5, f0/7-9
Add a description to the port S1(config-if)#description <text>
To enable switch port S1(config-if)#no shutdown
To see port information S1# show interface f<port num.>
To create a VLAN S1(config)# vlan <vlan ID>
S1(config)#name <vlan name>
To delete a VLAN S1(config)#no vlan <vlan number>
To see vlan database file S1# show flash:
To configure a VOICE VLAN S1(config)#vlan 2
Provide name S1(config-vlan) # name VOICE
Go to interface settings S1(config)# interface f0/1
Give access to voice vlan number S1(config-if)#switchport voice vlan 5
To see switchport configuration S1# show interface f0/4 switchport
To Determine the physical status S1# show interface f0/4 status

ACCESS PORT:
Access port transports traffic to and from only the specified VLAN allotted to it. Access port will only
have a single VLAN set up on the interface and it carries traffic for just a single VLAN. If the VLAN for
an access port is not configured, the interface can carry traffic using only the default VLAN, which is
usually VLAN1.

Description Commands
Specifically addresses port 1 S1(config)# interface fa<portnumber>
Place the port f0/1 in VLAN 2 S1(config-if)#switchport access vlan <VLANnumber>
To define the port as an access port S1(config-if)#switchport mode access
VLAN DATABASE:
The VLAN Database is used to store VLAN data, such as the VLAN ID, name and MTU. The default
location of the VLAN database is in the local vlan.dat file, this is stored in non-volatile memory.

Normal VLANs:
Normal VLANs range are VLANs 1 – 1005. Normal range VLANs can be configured in both database
configuration mode and global configuration mode and are stored in vlan.dat file in flash memory.
VTP version 1 and 2 can advertise normal range VLANs only.

Extended VLANs:
Extended VLANs are VLANs that fall in the range 1006 to 4094. They are mainly used in service
provider networks to allow for the provisioning of large number of customers. Extended VLANs are
different from normal VLANs because they have higher numbers. Extended VLANs must be
configured in VTP transparent mode. Extended VLANs are saved in the running configuration.

VOICE VLAN:
A voice VLAN enables the access port to carry IP voice traffic from an IP Phone. By default, the voice
VLAN is disabled. When enabled, all untagged traffic is sent according to the default priority of the
port.

Description Commands
To verify VLAN database S1#show flash or dir flash
To see VLAN information S1# show vlan
To configure a Voice VLAN S1(config)#vlan <vlanID>
S1(config-vlan)# name VOICE
S1(config)# interface fa0/1
S1(config)#switchport voice vlan 5
To check VTP modes and their status S1#show vtp status
To see switchport configuration S1# show interface f0/4 switchport

Configure and troubleshooting Interswitch Connectivity:

Trunk Port:
A trunk port is a port that is assigned to carry traffic for all the VLANs that are accessible by a specific
switch, a process known as trunking. Trunk ports mark frames with unique identifying tags – either
802.1Q tag or Interswitch Link(ISL) tags – as they move between switches. Therefore, every single
frame can be directed to its designated VLAN.

Manual Pruning:
By default, all VLANs are allowed on a trunk interface. VLANs can be manually added or removed
using the “switchport trunk allowed” command. Security best practices recommend limiting the
allowed VLANs to only those that need to traverse the trunk.

Description Commands
Selecting interface and marking them trunk port S1(config)# interface fa0/1
S1(config-if)#switchport mode trunk
 Manually prune VLAN 2 from the trunk link S1(config-if)# switchport trunk allowed vlan
remove 2
Allow only VLAN 2, 3 and 5 to 7 S1(config-if)# switchport trunk allowed vlan 2,
3, 5-7
Remove VLAN 3, and 5 S1(config-if)# switchport trunk allowed vlan
remove 3, 5
To see VLAN status S1# show interface trunk

Dynamic Trunking Protocol (DTP):

Dynamic Trunking Protocol is a cisco proprietary trunking protocol, which is used to automatically
negotiate trunk between cisco switches. Dynamic Trunking Protocol can be used negotiate and form
trunk connection between cisco switches Dynamically. DTP is normally used on Cisco IOS switches to
negotiate if the interface should become an access port or trunk. By default, DTP is enabled and
interfaces of your switches will be in “Dynamic Auto” or “Dynamic Desirable” mode. This means that
whenever you receive a DTP packet that requests to form a trunk, your interface will be in trunk
mode.