Switching Technologies M2L2 - Network+ [N10-009]
![Switching Technologies M2L2 - Network+ [N10-009]](/pic/switching_technologies_m2l2_-_network_n10-009_/TVJ0cmJXZ09VOTQ_.jpeg "Switching Technologies M2L2 - Network+ [N10-009]")
Hi, welcome to our com, TIA network plus course. In this lesson we're gonna talk about switching technologies, and here we will discuss what VLAN is, our virtual local air network. We have, um, interface configuration. What is Spanning Tree and MTU? So switches are the backbone of modern networks operating at layer two of the OSI model. They intelligently forward traffic between devices within the same network segment and improving efficiency and security. Modern switches offer advanced features like VLANs.
You have LACP, you know, link aggregation. You also have QoS or quality of service. And this feature allows for more granular control over network traffic and resource allocation. Now, proper switch configuration is very important for network performance, security and scalability. Misconfigurations can lead to network loops, broadcast storms, and security vulnerability. So I remember maybe that was 2016 or 2015 when we have a, we were asked to support a specific client because they have a huge broadcast storm in their own, you know, in, in their two data centers.
So basically it brought down the whole network because of misconfigurations on the, um, switching environment of the client. So what happened is that all of their services hosted in their data centers are not accessible. So, nope. So no payments, no transactions are, uh, coming true because of, you know, not following the best practices in the switching environment. So, going back to the topic, let's talk about what VAN is, right? So VLANs are logical divisions of a physical network allowing multiple virtual networks to exist on a single physical infrastructure.
vlan enhanced network security, improve performance and simplify network management, biologically grouping devices regardless of their physical location. Now, network segmentation through VLANs reduces broadcast domains, improve security through isolation, and allows for more flexible network designs. Now, VLANs are typically configured on switches and can span multiple switches using trunking protocols like 8 0 2 0.1 Q. So how do we configure a VLAN from the old days, the old Cisco switches? We normally, or we should go to the VLAN N database first, like show as shown here to be able to configure the vlan. So once you go to the terminal, you go to configuration, uh, mode, right? Then type VLAN database. After that, you're gonna go through this prompt. Then you can just put the VLAN id,
so that's vlan, then 200. You can also put a name of that vlan right? On another line, um, like here. Then you, then you can just exit, right? Um, when you exit, then you can do a show VLAN or maybe end, right then show vlan. Then you'll see that the new VLAN has been applied. Applied, okay? Another concept is, uh, SVI or switch virtual interface. So an SVI is a virtual interface within a switch that provides layer three processing for a vlan, it acts as the gateway for intervi routing.
When layer three switching is enabled, um, s SBIs allow switches to perform routing between VLANs without the need for an external router, improving network efficiency and reducing latency. So configuring it to configure an SBI just create a VLAN interface using the interface VLAN and VLAN ID command. Then you can assign an IP address, enable layer three, um, functionality. So in this illustration,
as you will see, this is what you call as the VLAN N interface or the SPI the switch virtual interface. So all of the hosts that is associated to VLAN 10 will use this IP address as its gateway. Okay? So if you have other VLANs and other S vs, you can, um, directly communicate to the other VLANs because the gateways are sitting on the same switch. You don't have to go to the router to be able to communicate. Okay? Interface configuration basics. Um, here you can configure ports in access mode for end device connections. You can, you need to use the switch port mode access command on Cisco devices and switchboard access vlan. Then you put the build an ID command.
Um, here, this is a switch. This is a switch. If you have a port here connected to a laptop and machine, this will be configured as an access port or in access mode, which means only one VLAN will be, or data vlan will be allowed. Okay? Now for trunk mode, you can set up trunks for switch, to switch connections carrying multiple VLANs. So you can use the switch port mode, trunk command and specify the allowed VLANs if needed. There's another concept called port security. Uh, it is used to limit the, well,
there's a lot of functionality now, right? For port security. One of them is to limit the number of Mac addresses per port, right? So why do we have to do that? So let's say this is a port. Let's say all of these ports you put port security limit the MAC address to just two, because some, sometimes you can connect a machine, a laptop and an IP phone, right? So this will receive to, um, Mac addresses. Right? Now if somebody brings a hub switch, right? So this means if this hub switch site has let's say 12 ports, then you can connect. Um, we should be able to connect 10 devices, 10 to 12 devices, right? But only two Mac addresses will be allowed, okay? So we're actually putting more control on our switching environment.
And you know, connecting a hub switch is very, uh, problematic because each, um, this is actually very noisy device, right? Because it doesn't have the intelligence of a switch. So if there's a broadcast, then it's just gonna forward it to all of the ports, right? If, if, if somebody wants to communicate to the other device, then it has to broadcast it to the other device every time a traffic is being sent. So it's really not good. It's bad. And our concept is native VLAN configuration. It is, um, the VLAN assigned to untag frames on a trunk port by default, it usually is VLAN one. You need to use the switch port trunk native vlan,
let's say here, 88 to set a different native vlan. Because as a best practice, you have to change the native VLAN from the default VLAN n wand to enhance security, need to ensure that native VAN matches on both sides of the trunk link. Another one is voice VLAN configuration. So voice vlan, separate voice traffic from data traffic, ensuring quality of service for VIP communications.
Here you need to enable voice vlan and interface using the switch port voice vlan. Then you put the VLAN id, you can configure QoS trust settings with MLS QS trust costs, that's, this actually applies for the old, um, for the old devices. Um, the MLS config that like, like legacy 6,500 maybe for, for the other one, the 38 50 I forgotten about those Cisco devices. There's just a lot of QoS options that you can put. Um, other detection, use the CDP or Cisco discovery protocol or LDP Med for automatic voice view and assignment and device detection.
To confirm the settings you need to use the show interface. Then you put the id, let's say ethernet one slash one switch port or show interface gig zero slash one, switch port and verify the connected devices, which show the CDP neighbors, right? So if you're familiar with Cisco, you know all of the commands, all of these commands that I'm telling you very well. So what is 8 0 2 0.1 Q? Tagging? 8 0 2 0.1 Q adds a four by tag, um, to the ethernet frame, including the 12 bit VLAN ID enabling up to 4,096 VLANs. Um, in terms of the tagging process, switches,
add tags to outgoing frames on trunk ports and remove tags on access ports, facilitating VLAN traffic across the network. So configure 8 0 2 1 double Q tagging on trunk interfaces using the switch port trunk encapsulation.one Q. Do one Q switch port trunk encapsulation one q, then followed by the switch port mode trunk. Another concept is, uh, link aggregation, also known as sport channeling or bonding, and combines the physical links into single logical link. Um,
and this technology increases bandwidth, it provides redundancy and improves network product, uh, network resilience. So the two main protocols are used for link aggregation, which is LACP and, uh, PHGP. So L-A-C-P-S-D-I triple E standard. That allows dynamic negotiation of aggregated links while PEG P is a Cisco proprietor tire protocol that provides similar functionality to LACP. Okay?
So as you will see here, you have two HP devices. They have a lot of links, let's say four. So you can actually configure all of them in one port channel, but in this case, there are two link aggregation, one and two, okay? Depends on how you use it. This could be an L two port channel. This could be an L three because a port L two port channel, then because of STP one be blocked, right? Because it's just gonna create loop. So if you have this scenario, then maybe one is L two, the other one is a layered three per channel.
My concept is speed and duplex settings. The modern switches support wire speeds like 10, 100, 1 gb, 10 gb. Now there's, there are devices in the data center, which can run to 40 G-V-P-S-G-V-P-S or a hundred GVPS. So this is for the data centers spine leaf architecture. Um, auto negotiation is typically the default setting, depending on the model, the platform model of the device, like for Cisco, some, you know, some has other negotiation enabled by default, some doesn't. Okay? You have to consult the documentation. Next is duplex mode. Have duplex allows communications in one direction at a time.
While full duplex enables simultaneous bidirectional communication as a best practice. You have to match the speed and duplex settings on both ends of the link. Use all the negotiation unless specific requirements dictate otherwise. So this means don't, um, always rely on all the negotiation, just manually configure the speed and duplex settings because we don't want any, uh, half duplex settings running on the network because this will slow down the traffic. Okay? So how you configure it, it's simple. Go to the interface,
you put duplex full and speed depending on the, the supported speed of the device or of the interface, right? So yeah, this, so the other one is, uh, speed and the other. And here you have the duplex, uh, the duplex settings. Okay, So just a reminder, right? Duplex mismatches. So let's say you have a switch here, have eat one slash one, one slash one. If this is full and this is half, then that will severely impact the performance. So if you sp suspect issues related to duplex, you need to check both ends of the link and consider reverting to other negotiation if manual settings are causing problems. But yeah,
as, uh, much as we can ensure we hard code, let's say this will be full and the other one should be full. Okay? Next topic is about STP. So, STP prevents network loops and redundant apologies by selectively blocking redundant paths while maintaining a loof read logical topology.
And this is very important for network stability in preventing broadcast storm. So if you have a switch here, you have another switch. So this is switch one, switch two, pardon my drawing, sorry guys. So switch one is switch two, you have two links, right? So, um, if you're allowing VLAN 10 here and you also allow VLAN 10 on the other side, this will cause a loop, right? And that's a problem because if you have a loop, then that will cause broadcast storms.
The CPU will go up and the traffic, you know, the switches will no longer be able to function properly. So if, so we have STP to police this or manage this because what STP will do is it'll remove the loop logically by blocking one of the interface. So let's say this will be forwarding both interface, but here it'll be block, right? So the traffic will only go here, it may, it may look like it's inefficient, but this will stop at the, the loop. So one approach to minimize, you know, you, let's say you have a one gig here, one gig, but because of STP, only one gig is being used. If there's a requirement to use two GBPS in between switches, you can just aggregate it, right? Or channel it. If you port channel it logically it's from the eyes of STP, it's just going to be one interface, um, on each switch.
So there's no, no way for STP to block any, any interface because it's bundled as one. Okay? Some key concepts. You have the root bridge, the central central point of a spanning tree. You have the bridge id, and there's a lot more like the root bridge election.
You need to understand the port roles, like the root designated alternate backup. Understand the port stays like blocking, listening, learning, and forwarding. The SDP variants are here, right? Um, the latest ones, uh, best practice for rapid P-V-S-D-P-V-S-D can also use multiple spanning tree protocol. Okay? So the finger spanning tree is not very complex. Just use this. Um,
you need to define the spanning tree, the VLANs, um, that will participate in spanning tree. You need to put the mode PVST, rapid PVST, and MST. You need to configure the primary secondary route. So primary spanning tree vlan, let's say vlan, and you put the, uh, ruth primary or the secondary, then you need to adjust the timers. So yeah, there's a lot of conflicts available. You can visit the documentation, but be so please be aware that, uh, this is a very important configuration, otherwise it'll use the default STP and all of the VLANs will be there with the span.
So how do you validate it? You show spanning tree show, spanning tree interface show spanning tree vlan. You can also look for auto topology changes in the network. Another topic is MTU maximum transmission unit. So MTU is the largest packet or frame size that can be transmitted over the network. It's typically measured in bytes and virus, depending on a network type and, um, configuration. So what happens is that if you have, let's say you have a pipe, right? And this pipe, you can only, how do we describe it, right? If you have a pipe and you have a packet, and this pipe can only allow, let's say 1500 bytes, okay? So if you have a packet that is 1400 in size, then that will go, you know, go past the pipe or the link without any problems, 1 4 50, that's fine, as long as the Heathers are, if you add the heather, right, it's still less than 1500.
But if the packet, let's say is 1700 bytes, right? So depending on the setting of the, of the device, if, so what's gonna happen is that this will allow this packet, but it'll fragment it or it'll divide the packet. Let's say it'll allow the 1500, but the 200 bytes will be delayed and it has to be reconstructed at the end of the pipe. So what's the repercussion? So because of that processing, this will increase the CPU of the, of the switches involved in the fragmentation process. So there's a way for us to test it with the, by setting the df, the do not fragment bit. If you do that, then this is not gonna pass. If you send a ping using this size, then the ping will not push through because it, it's set with do not fragment bit. It's not gonna be fragmented, okay? It's a, it's one of the best ways to understand if, uh, what's the, the allowed MTU on a specific link. Okay? So
what's the impact on performance? Larger MTU sizes can improve network efficiency by reducing overhead, but they must be supported end to win. Mismatched MTU sizes can lead to fragmentation and reduced performance. So, so how they configure it, um, verify first using show interface. Go to the interface and you can put MTU then what's the, the pie slide, right? And you can verify using the show interface. Okay, so this a quick illustration of that. So what happened here is that the MTU size allowed is 1800.
You send an empty of 1800, but on the other side is just 1500. So it means it's going to be dropped. Okay? So jum frames are ethernet frames with MT use larger than the standard 1500, typically up to 9,000 bytes. 9,000 bytes.
So typically this being used in data centers from my experience, right? So you all of the interfaces there, you have a spinal and leaf architecture, just set it to, you know, ensure that it's set to ju to allow jambo frames so it can reduce overhead, improve network efficiency and better performance for large data transfers, especially in sans or storage area, network and data centers. So all devices in the pack must support jumbo frames not suitable for all network types, particularly those with older equipment or stringent latency requirement. It's ideal for high performance computing, backup operations, and large file transfers in enterprise networks and data centers. So audio configure it.
There are two ways you can enable jumper frame system wide using this command, but this will require a reboot. So be, just be aware of this for Cisco switches, uh, for configure interface, you can just use interface ID followed by the MTU and the analog bytes that you want and you can verify with the show interface. Okay, so how do we integrate switching technologies? So unified network design. So integrating VLANs, STP link aggregation and MT U settings creates a robust, efficient network infrastructure VLAN segment traffic, um, STP enters loop free topology link aggregation provides bandwidth and redundancy while optimize MTU enhanced performance. Proper integration of these technologies can significantly improve network performance. Like, for example, using jumbo frames over aggregated links within specific VLANs can dramatically increase throughput for data intensive applications while maintaining segmentation and redundancy configuration changes.
Um, or challenges integrating these, uh, technologies require careful planning and configuration. Gotta ensure consistent VLAN configurations across trunks. Align STP bridges res with VLAN arrangements and configure compatible MTU sites across aggregated links and ED devices.
Some case studies data center optimization. We have a large enterprise data center implemented VLANs for traffic segregation using, um, MSTP for redundancy and configured link aggregation with jumbo frames for high performance storage access. And this integration resulted in a 40% increase in network throughput and sign significantly reduced latency or critical applications. Campus network redesigned saw university campus designed its network using VLANs to separate student faculty and administrative traffic. They used rapid PVS D plus, um, for fast convergence and link aggregation was used between buildings. The result, um, was improved.
Better resource allocation and enhanced network reliability. Third case study manufacturing facility, integrated IO OT devices into its network using VLANs to isolate industrial control systems. STP was crucial for in providing redundant pads.
While QOS settings ensured priority for the critical, um, control traffic, this integration improve plant efficiency and the network uptime, right? That's the end of the lesson here. We spoke about switching technologies about, and we talk about VLANs interface configurations, spanning to its configuration, MCU and some case studies about the, uh, switching technologies. Okay, I hope you enjoyed the lesson. Thank you very much for watching the video.
2024-09-08 01:04
