networking , security

Our Cisco Switching Notes

September 12, 2014
  • Switching is ASIC (hardware) –based, as opposed to bridges (software).
    • Otherwise, a switch is like a bridge with many more ports.
  • A L3 “intelligent” switch is faster than a router and can sort by L3 addresses.
  • Switches perform address learning by reading frames’ source addresses.
  • They make forward-or-filter decisions whereby broadcasts (all 1s), multicasts (host address = all 1s), and frames for unknown destinations go out all ports.
  • This breaks up collision domains by sending only needed frames out each port.
  • BUT it does not break up broadcast domains because broadcasts go out all ports.
  • Switches practice loop avoidance to stop broadcast storms, duplicate frames, and confusion in their filter tables caused by multiple paths.
  • The key method for loop avoidance is Spanning Tree Protocol (STP) using Bridge Protocol Data Unit (BPDU) multicasts exchanged every 2 seconds.
  • STP (IEEE 802.1d) is a messy protocol that causes lots of delays and recalculates the entire tree every time the network configuration changes.
  • STP elects a root bridge based on its 8-Byte bridge ID (derived from its device priority and its MAC ID).  Priorities are compared (32,768 is the default) and the lowest value wins.  If tied, the lowest MAC address wins.
  • Root bridge decides ports settings on remaining devices:  open (designated) or blocked (non-designated).  Lowest cost ports leading back to the root bridge are called “root ports” and become the path for communications with the root.
  • Designated ports are chosen by lowest cost path, using links’ accumulated BWs.
  • When network topology changes, all data stops for 50 seconds (“convergence time”) while STP re-configures all ports.  Port transitions go as follows:
    • Blocking
    • Listening (exchanging BPDUs and checking for loops) – “forwarding delay”
    • Learning all MAC addresses – a period also called a “forwarding delay”
    • Forwarding

Three Frame Handling Modes

  • Cut-through:  fastest possible; only destination header is checked (1st 13 Bytes)
  • Fragment Free:  (default mode for Catalyst 1900 switches) reads 1st 64B checking for collision damage before forwarding
  • Store-and-forward:  entire frame checked; rejected if too short (<64B) or long (>1518B) or if it has a CRC failure; method with greatest “latency” (delay).