Friday, 29 November 2013

Controlling ARP table entries on Windows

1. Displaying all ARP entries

arp -a

2. Adding a new ARP entry 

arp -s 99.99.99.99 11-22-33-44-55-66

To do this, make sure you run the Command Prompt as Administrator. Otherwise, this will show up:


Run as administrator as per below:


3. Deleting an ARP entry

arp -d 99.99.99.99


4. Deleting all ARP entries

arp -d -a 


Monday, 20 May 2013

How to enable telnet on Cisco Catalyst Switches?



Dear friends, we will discuss on how to enable telnet to Cisco Catalyst Switches and all other applicable devices.

1. First, we must configure the terminal lines, and we must set a password.

Switch#conf t
Switch(config)#line vty 0 15
Switch(config-line)#password cisco
Switch(config-line)#login
Switch(config-line)#end

2. If you haven't configured the enable password for your switch, then you will need to do so. Otherwise, telnet will fail as well.

Switch#conf t
Switch(config)#enable password cisco
Switch(config)#end

3. Test the telnet connection using third party client such as PuTTY. Display should be as below.



I hope this post will benefit you guys. Thank you for dropping by.

- Soulpower

How to configure a VLAN Trunking Protocol (VTP) ?


Hi. Let's discuss on how to setup a basic VTP configuration.

Network setup

2 units of Cisco Catalyst 2950 are connected to each other via trunk port. SwitchA will be chosen as the VTP Server, SwitchB will be the VTP client.

Steps

1. This step is not compulsory. But to make it easier, I have reset my VLAN and VTP database to default settings. You can learn how to do it here.

SwitchA#sh vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 128
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 :
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 10.0.0.110 on interface Vl1 (lowest numbered VLAN interface found)
SwitchB#sh vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 128
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 :
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x57 0xCD 0x40 0x65 0x63 0x59 0x47 0xBD
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 10.0.0.111 on interface Vl1 (lowest numbered VLAN interface found)

2. Configure at least one trunk port on both switches, because VTP packets will use trunk port to communicate. In this case, I'm using port Fa0/8 on both switches as trunk port. ISL is not available on this switch, therefore, dot1q is used by default.

SwitchA(config)#int fa0/8
SwitchA(config-if)#switchport mode trunk
SwitchA(config-if)#end
SwitchB(config)#int fa0/8
SwitchB(config-if)#switchport mode trunk
SwitchB(config-if)#end

3. Verify your configuration. Make sure it's being set as trunk port. Catalyst 2950 is using dot1q as default trunking encapsulation, therefore, I don't need to configure it manually.

SwitchA#sh int f0/8 switchport
Name: Fa0/8
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: up
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none
SwitchB#sh int f0/8 switchport
Name: Fa0/8
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: up
Administrative Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Appliance trust: none

4. Now, let's configure VTP. Please make sure that the VTP domain name and VTP password is identical on both switches.

SwitchA(config)#vtp mode server
Device mode already VTP SERVER.
SwitchA(config)#vtp domain cisco
Changing VTP domain name from NULL to cisco
SwitchA(config)#vtp password cisco
Setting device VLAN database password to cisco
SwitchA(config)#end
SwitchB(config)#vtp mode client
Setting device to VTP CLIENT mode.
SwitchB(config)#vtp domain cisco
Changing VTP domain name from NULL to cisco
SwitchB(config)#vtp password cisco
Setting device VLAN database password to cisco
SwitchB(config)#end

5. Now we have configured VTP on both switches. Let's confirm that by turning on VTP debug events. I noticed that, as soon as a VLAN is added, VTP Server will send a summary packet to its VTP client, less than a second.

a) A VTP summary packet is being transmitted by SwitchA (VTP Server) via its trunk port Fa0/8 to all switches within its domain (cisco).
b) A VTP summary packet is being received by SwitchB via its trunk port Fa0/8 from SwitchA.

SwitchA#debug sw-vlan vtp events
vtp events debugging is on
SwitchA#
SwitchA(config)#vlan 100
SwitchA(config-vlan)#name ciscovlan
SwitchA(config-vlan)#end
SwitchA#
00:28:56: VTP LOG RUNTIME: Transmit vtp summary, domain cisco, rev 1, followers 1, tlv blk size 5 (inc #tlv field),
   MD5 digest calculated = 8D 6C F5 D2 A8 3D B0 F5 29 38 B0 A0 A7 01 6F EB

00:28:56: VTP LOG RUNTIME: Summary packet received, domain = cisco, rev = 1, followers = 1, length 77, trunk Fa0/8

00:28:56: VTP LOG RUNTIME: Summary packet rev 1 equal to domain cisco rev 1

00:28:56: VTP LOG RUNTIME: Subset packet received, domain = cisco, rev = 1, seq = 1, length = 228
SwitchB#debug sw-vlan vtp events
vtp events debugging is on
SwitchB#
00:50:42: VTP LOG RUNTIME: Summary packet received, domain = cisco, rev = 1, followers = 1, length 77, trunk Fa0/8

00:50:42: VTP LOG RUNTIME: Summary packet rev 1 greater than domain cisco rev 0

00:50:42: VTP LOG RUNTIME: Domain cisco currently not in updating state

00:50:42: VTP LOG RUNTIME: pdu len 77, #tlvs 1

00:50:42: VTP LOG RUNTIME: Subset packet received, domain = cisco, rev = 1, seq = 1, length = 228

00:50:42: VTP LOG RUNTIME: Transmit vtp summary, domain cisco, rev 1, followers 1, tlv blk size 5 (inc #tlv field),
   MD5 digest calculated = 8D 6C F5 D2 A8 3D B0 F5 29 38 B0 A0 A7 01 6F EB

6. VTP Revision number is now increased by 1 value (from 0 to 1), and we can see VLAN 100 is also added on SwitchB which was being added on SwitchA.

SwitchA#sh vtp status
VTP Version                     : 2
Configuration Revision          : 1
Maximum VLANs supported locally : 128
Number of existing VLANs        : 6
VTP Operating Mode              : Server
VTP Domain Name                 : cisco
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x8D 0x6C 0xF5 0xD2 0xA8 0x3D 0xB0 0xF5
Configuration last modified by 10.0.0.110 at 3-1-93 00:28:56
Local updater ID is 10.0.0.110 on interface Vl1 (lowest numbered VLAN interface found)

SwitchA#sh vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/5, Fa0/6, Fa0/7, Fa0/9, Fa0/10, Fa0/11, Fa0/12
100  ciscovlan                        active
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        0      0
100  enet  100100     1500  -      -      -        -    -        0      0
1002 fddi  101002     1500  -      -      -        -    -        0      0
1003 tr    101003     1500  -      -      -        -    -        0      0
1004 fdnet 101004     1500  -      -      -        ieee -        0      0
1005 trnet 101005     1500  -      -      -        ibm  -        0      0

Remote SPAN VLANs
------------------------------------------------------------------------------


Primary Secondary Type              Ports
------- --------- ----------------- ------------------------------------------
SwitchB#sh vtp status
VTP Version                     : 2
Configuration Revision          : 1
Maximum VLANs supported locally : 128
Number of existing VLANs        : 6
VTP Operating Mode              : Client
VTP Domain Name                 : cisco
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x8D 0x6C 0xF5 0xD2 0xA8 0x3D 0xB0 0xF5

SwitchB#sh vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4, Fa0/5, Fa0/6, Fa0/7, Fa0/9, Fa0/10, Fa0/11, Fa0/12
100  ciscovlan                        active
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        0      0
100  enet  100100     1500  -      -      -        -    -        0      0
1002 fddi  101002     1500  -      -      -        -    -        0      0
1003 tr    101003     1500  -      -      -        -    srb      0      0
1004 fdnet 101004     1500  -      -      -        ieee -        0      0
1005 trnet 101005     1500  -      -      -        ibm  -        0      0

Remote SPAN VLANs
------------------------------------------------------------------------------


Primary Secondary Type              Ports
------- --------- ----------------- ------------------------------------------

Conclusion

  • We can see that our VTP has been configured correctly, and we have verified that it's working fine as it should.
  • Please be advised that VTP is a layer 2 Cisco Proprietary Protocol, please do not attempt to implement this on other switches. :)

I hope this post will benefit you guys. Thank you for dropping by.

- Soulpower

How to reset passwords on a Cisco Catalyst Switch ?

Hi, today we'll discuss on how to reset all passwords on a Cisco Catalyst switches.

Steps

1. Make sure you are connected to the switch via console connection.

2. Power down the switch.

3. While the switch is turned off, press and hold "Mode" button that is located in front, on the left side of the switch. Please refer below image.



4. Next, power on the switch. Remember, you still need to hold the "Mode" button.

5. Release the "Mode" button after approximately 5 seconds when the Status (STAT) LED goes out. When you release the Mode button, the SYST LED blinks amber.

6. The console message will be displayed like this:

C2950 Boot Loader (C2950-HBOOT-M) Version 12.1(11r)EA1, RELEASE SOFTWARE (fc1)
Compiled Mon 22-Jul-02 17:18 by antonino
WS-C2950-12 starting...
Base ethernet MAC Address: 00:0d:bc:01:a0:40
Xmodem file system is available.

The system has been interrupted prior to initializing the
flash filesystem.  The following commands will initialize
the flash filesystem, and finish loading the operating
system software:

    flash_init
    load_helper
    boot

switch:

7. Enter command "flash_init".

switch: flash_init
Initializing Flash...
flashfs[0]: 7 files, 1 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 7741440
flashfs[0]: Bytes used: 3139072
flashfs[0]: Bytes available: 4602368
flashfs[0]: flashfs fsck took 5 seconds.
...done initializing flash.
Boot Sector Filesystem (bs:) installed, fsid: 3
Parameter Block Filesystem (pb:) installed, fsid: 4
switch:

8. Then, enter command "load_helper", nothing will happen next.

switch: load_helper

9. Enter "dir flash:" command. The switch file system will be displayed as below.

switch: dir flash:

Directory of flash:/

2    -rwx  660       <date>               vlan.dat
7    -rwx  2412      <date>               config.text
3    -rwx  3132319   <date>               c2950-i6q4l2-mz.121-22.EA14.bin
5    -rwx  316       <date>               env_vars
6    -rwx  5         <date>               private-config.text
21   -rwx  109       <date>               info
22   -rwx  109       <date>               info.ver

4602368 bytes available (3139072 bytes used)
switch:

10. Type in rename flash:config.text flash:config.old. config.text is where the password (that you have forgotten) is stored.

switch: rename flash:config.text flash:config.old

11. Enter "boot" command. This command will reboot the switch (obviously). 

switch: boot

Loading "flash:/c2950-i6q4l2-mz.121-22.EA14.bin"...##############################################################

12. When you see "Press RETURN to get started!" , type rename flash:config.old flash:config.text to rename the configuration file to its original file.

SwitchB#rename flash:config.old flash:config.text
Destination filename [config.text]

13. Then, type copy flash:config.text system:running-config to copy the configuration file into the memory.

SwitchB#copy flash:config.text system:running-config
Destination filename [running-config]?
840 bytes copied in 0.772 secs (1088 bytes/sec)
SwitchB#

14. Finally, please configure a new password to your Switch, and please remember it. Otherwise, you'll need to repeat these steps again. :D

SwitchB(config)#enable secret xxx
SwitchB(config)#enable password xxx

SwitchB(config)#line vty 0 15
SwitchB(config-line)#password xxx
SwitchB(config-line)#login

SwitchB(config)#line con 0
SwitchB(config-line)#password xxx

15. Write the running configuration to the configuration file with the write memory command.

SwitchB# write memory

I hope this post will benefit you guys. Thank you for dropping by.

- Soulpower

How to reset VLAN and VTP to factory default settings ?


Hi guys, let's discuss on how to reset VLAN and VTP database to factory default settings. This example is made by using Cisco Catalyst 2950.

Steps

1. VLAN and VTP information are stored in vlan.dat file which is located in flash.
2. To display files in flash, enter the command dir flash: or show flash. You will see the file vlan.dat.

SwitchB#dir flash:
Directory of flash:/

    2  -rwx         660  Mar 01 1993 02:13:00 +00:00  vlan.dat
    7  -rwx        2412  Mar 01 1993 05:11:18 +00:00  config.old
    3  -rwx     3132319  Mar 01 1993 00:09:35 +00:00  c2950-i6q4l2-mz.121-22.EA14.bin
    4  -rwx         840  Mar 01 1993 02:40:48 +00:00  config.text
    5  -rwx         316  Mar 01 1993 00:12:13 +00:00  env_vars
   21  -rwx         109  Mar 01 1993 00:05:00 +00:00  info
   22  -rwx         109  Mar 01 1993 00:07:55 +00:00  info.ver
    8  -rwx           5  Mar 01 1993 02:40:48 +00:00  private-config.text

7741440 bytes total (4600832 bytes free)

SwitchB#show flash
Directory of flash:/

    2  -rwx         660  Mar 01 1993 02:13:00 +00:00  vlan.dat
    7  -rwx        2412  Mar 01 1993 05:11:18 +00:00  config.old
    3  -rwx     3132319  Mar 01 1993 00:09:35 +00:00  c2950-i6q4l2-mz.121-22.EA14.bin
    4  -rwx         840  Mar 01 1993 02:40:48 +00:00  config.text
    5  -rwx         316  Mar 01 1993 00:12:13 +00:00  env_vars
   21  -rwx         109  Mar 01 1993 00:05:00 +00:00  info
   22  -rwx         109  Mar 01 1993 00:07:55 +00:00  info.ver
    8  -rwx           5  Mar 01 1993 02:40:48 +00:00  private-config.text

7741440 bytes total (4600832 bytes free)

4. Delete the file by following below command.

SwitchB#delete flash:/vlan.dat
Delete filename [vlan.dat]?
Delete flash:/vlan.dat? [confirm]

5. Reload the switch by entering below command.

SwitchB#reload
Proceed with reload? [confirm]

6. After reload, the VLAN and VTP data will be set to default settings.

SwitchB#sh vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/7, Fa0/9
                                                Fa0/10, Fa0/11, Fa0/12
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup

VLAN Type  SAID       MTU   Parent RingNo BridgeNo Stp  BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1    enet  100001     1500  -      -      -        -    -        0      0
1002 fddi  101002     1500  -      -      -        -    -        0      0
1003 tr    101003     1500  -      -      -        -    -        0      0
1004 fdnet 101004     1500  -      -      -        ieee -        0      0
1005 trnet 101005     1500  -      -      -        ibm  -        0      0

Remote SPAN VLANs
------------------------------------------------------------------------------


Primary Secondary Type              Ports
------- --------- ----------------- ------------------------------------------

SwitchB#sh vtp status
VTP Version                     : 2
Configuration Revision          : 0
Maximum VLANs supported locally : 128
Number of existing VLANs        : 5
VTP Operating Mode              : Server
VTP Domain Name                 :
VTP Pruning Mode                : Disabled
VTP V2 Mode                     : Disabled
VTP Traps Generation            : Disabled
MD5 digest                      : 0x3F 0x17 0xC8 0xB8 0x5A 0xE3 0x01 0x66
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00

I hope this post will benefit you guys. Thank you for dropping by.

- Soulpower

Saturday, 18 May 2013

How to configure Switched Port Analyzer (SPAN) ?


Dear friends. Today, let's discuss on how to configure a SPAN port on a Cisco Switch.

Network Setup

MacBook 10.0.0.152/24 -->f0/9 L2 switch --> f0/1 L2 switch --> Unifi Router 10.0.0.99/24 --> Internet
Dell 10.0.0.151/24 --> f0/5 L2 switch --> f0/1 L2 switch --> Unifi Router 10.0.0.99/24 --> Internet

Plan

Macbook will generate traffic to the internet. Dell laptop will capture all it's live traffic using WireShark.

Terms

Source interface: The interface where the traffic will be captured.
Destination interface: The interface where all the captured traffic will be mirrored to.

Steps

1. At the L2 switch, configure the span source interface. In this case, I want to capture all of the traffic generated from MacBook to Internet. Therefore, port f0/1 will be used as span source interface because all traffic will go through this port to go to the internet.

Switch(config)#monitor session 1 source interface fastEthernet 0/1

2. Configure the destination interface. All traffic that is being captured at span source interface will be mirrored to this port.

Switch(config)#monitor session 1 destination interface fastEthernet 0/5

3. Please take note that the destination span port's protocol status will be changed to down once you've configured it as destination interface.

Switch#sh int f0/5 status

Port      Name               Status       Vlan       Duplex  Speed Type
Fa0/5                        monitoring   1          a-full  a-100 10/100BaseTX

Switch#sh int f0/5
FastEthernet0/5 is up, line protocol is down (monitoring)

4. To check on current SPAN port setup on that switch.

Switch#show monitor session 1
Session 1
---------
Type              : Local Session
Source Ports      :
    Both          : Fa0/1
Destination Ports : Fa0/5
    Encapsulation : Native
          Ingress: Disabled

5. Live traffic that is being captured at port f0/1 of the L2 switch can be seen as per below. You're only seeing ICMP traffic because I'm generating continuous ping to 4.2.2.2 from the MacBook (10.0.0.152).


I hope that this post will benefit us all. Thank you for your time.

- Soulpower

Wednesday, 27 March 2013

2. VLANs and VLAN Trunking


VLAN


VLAN means Virtual Local Area Network, as you guessed it. Its function is to virtually separate ethernet devices or interfaces to a different segment or broadcast domain. We need VLANs because by separating broadcast domain to a smaller group, it will reduce broadcast traffic to the entire broadcast domain (entire broadcast domain means all devices that are connected to a single switch or hub in the same segment without any layer 3 device). How VLANs reduce broadcast traffic? It's simple. Broadcast sent by a device in one VLAN will only be forwarded to the other devices in the same VLAN. Therefore, devices in other VLANs will not be receiving the broadcast traffic, at the same time reducing switch's resources and loads.


In general, there are 2 types of VLANs. L2 VLAN and L3 VLAN. L means Layer in case you don't know. :P I know you must be wondering what's the differences of both VLANs, yes? Let's start with this. L2 VLAN does not have any IP address, but L3 VLAN owns an IP address and is represented as a subnet. Yes you are right. When it is Layer 3, then of course it can be routed in an IP network using routing protocols, as well as communicating with other VLANs. Please take note that unlike L3 VLAN, L2 VLAN devices cannot talk to each other unless there's a layer 3 device such as router configured as their default gateway.

Private VLANs
Will be updated soon.

VLAN Trunking Protocol (VTP)


Why do we need VTP and what is the benefit of using VTP to our network? Imagine if we have 100 switches and all of the switches needs to have the same VLAN configuration. Isn't that a lot of work for us to configure each 100 switches again and again with the same VLAN configuration? That's when VTP come to save us. If we use VTP, it advertises VLAN configuration information to the neighbouring switches so that VLAN configuration information needs to be made to only one switch, with all other switches in the network learning the VLAN information dynamically. So, we don't need to configure all 100 switches with the same VLAN configurations. Thanks to VTP!

VTP Modes
  1. Server Mode - Originates VTP adv., processes and update its VLAN configs, Forward received VTP adv., Saves VLAN in NVRAM or VLAN.dat, can create, modify or delete VLANs.
  2. Client Mode - Same as Server Mode but cannot create, modify or delete VLANs.
  3. Transparent Mode - Same as Server Mode but cannot originate VTP adv., and do not process adv. to update its VLAN configs.
To be continued.

-Soulpower

Saturday, 9 March 2013

1. Ethernet Basics


Wiring

As we all know, to form a network connection between two or more devices, first we must ensure the physical connectivity (OSI Layer 1) is working. For Ethernet LANs, there 2 common types of Category 5 (Cat 5 or Cat 5e) cabling, which are Straight-through cable and Cross-over cable. Straight-through cable uses the same T568A pinouts on both ends or T568B pinouts on both ends while Cross-over cable uses T568A and T568B pinouts on each ends. Please refer below figure for pinouts details. This figure is a 4-pair UTP Cabling with RJ-45 pinouts.


When should we use Cross-over?
If the same type of devices are being connected to each other directly using a UTP cable, Cross-over cable must be used. The reason is, one pair of cable shouldn't be transmitting and receiving bits on both ends. Either one end must transmit while the other end receives on the same cable, or vice versa in order to form a successful physical connection.

For instance, Switch A is connected to Switch B. Both switches are transmitting using pair at pins 3,6 and receive on pins 1,2. Therefore, pair at pins 3,6 (transmit) on switch A needs to connect to pins 1,2 (receive) on switch B.

But nowadays, ethernet switches are much more intelligent. Switches are equipped with Auto-MDIX - Auto Medium-dependent Interface Crossover) sensor. With this sensor, they can figure out when there's a wrong cable installed. Switches automatically swap the transmit/receive pins to solve the cabling problem.

Auto-negotiation

What is an auto-negotiation? Auto-negotiation is a capability of a switch to determine the speed and duplex setting either half or full on its port. By default, it is enabled on most of Cisco switches.

Speed

Switches can sense the speed of Ethernet segments by using a few methods. Cisco switches sense the speed by using the Fast Link Pulses (FLP) of the auto-negotiation process. However, if auto-negotiation is disabled on either end of the cable, the switch detects the cable anyway based on the incoming electrical signal. If the speed mismatched on both end, it will bring the interface physically down (down/down).

Duplex

Switches detect duplex setting using auto-negotiation only. But if auto-negotiation is disabled on either end, the switch without duplex configured will assume the default. By default, 10Mbps and 100Mbps interfaces use HDX (half-duplex), while 1000Mbps/1Gbps interface uses FDX (full-duplex). 

How to disable auto-negotiation? You can disable auto-negotiation by statically entering speed and duplex setting on the switch interface.

HDX: Provides communications in both directions, but only one direction at a time.
FDX: Provides communications in both directions simultaneously


CSMA/CD

Carrier Sense Multiple Access with Collision Detection - CSMA/CD functions to minimise collisions on ethernet segments. When collisions detected, CSMA/CD will define how the frame sender to recognise the collision and how or when to retransmit the frames again without causing any collision.

CSMA/CD steps:
1. A device with frame to send listens until Ethernet segment is not busy.
2. When the Ethernet is not busy, the sender begins sending the frame.
3. After the sender sent the frame, it listens to make sure no collision occurs.
4. If there's a collision, all stations that sent a frame send a jamming signal to ensure that all stations recognise the collision.
5. After the jamming signal is complete, each sender of the original collided frames randomises timer and wait for that long to retransmit its frame.
6. After all timers expire, the original sender will begin with step 1.

Collision domain: is a set of devices that can send frames that collide with frames sent by other devices in the same set of devices.

An example of a collision domain is a network hub, because hubs:
1. Operates solely at layer 1.
2. Repeats all signals to improve cable distance.
3. Forward signals received on a port out to all other ports. Therefore, causing collisions. 


Figure above demonstrates collision domain(s) of a hub and a switch.

However, unlike hubs, switches does not operate in a single collision domains. When switches receives multiple frames on different switch ports, they store the frames in memory buffer to prevent collision. Switches generally operates at layer 2 of OSI layer.

Ethernet Frames

Actually, there's nothing interesting about ethernet frames. But, here they are?

Ethernet Addresses 

MAC Addresses are 6 bytes long, with hexadecimal format. There are 3 types of Ethernet Addresses:
  • Unicast Address: Represents a single LAN interface address.
  • Broadcast Address: Represents all devices that resides in the same LAN.
  • Multicast Address: Represent some subset of all devices inside the same LAN.
Unicast Address
When an Ethernet NIC needs to send a frame, it puts its own globally unique Unicast Address in the Source Address field of the header. If it wants to send a frame to a single device on the LAN, the sender will also put the receiver's unicast MAC Address in the Ethernet header's Destination Address field. 

Broadcast Address
If the sender wants to send the frame to every device on the LAN, it sends the frame to the FFFF.FFFF.FFFF Broadcast Address as the destination.

Multicast Address
Multicast Address is used to communicate with some of devices in a LAN, not all like broadcast. For instance, if 10 out of 100 devices in a LAN want to watch the same video streaming application using an IP multicast-based application, the application can send a single multicast frame to a particular multicast address. The 10 interested devices will prepare themselves by listening for frames sent to that particular multicast address.

00-40-96-01-A0-45

Above is the MAC address format, and example of Cisco device' MAC address. The first 3 bytes of a MAC address is known as Organizationally Unique Identifier - OUI. OUI is assigned to each vendor, therefore making each vendor has its own or its own sets of unique OUI.

LAN Switch Forwarding Behaviour

Switches forward frames when necessary, and do not forward when there is no need to do so, thus reducing resources. To accomplish this, switches perform 3 actions:


  1. Learn MAC addresses by examining the source MAC address of each received frame.
  2. Decide when to forward a frame.
  3. Create a loop-free environment with other switches using Spanning Tree Protocol.


Switch Internal Processing

Switches internal processing algorithms vary among vendors and models. 
  • Store-and-forward : Switch fully receives all bits in the frame (store) before forwarding the frame (forward). This allows the switch to check the FCS before forwarding, ensuring the frame is error free.
  • Cut-through : First bit can be sent out before the final bits in the incoming frames are received. This does not allow switch to discard frames that fail the FCS, but reduce latency.
  • Fragment-free : Same as cut-through, but the switch waits for 64 bytes to be received before forwarding the first bytes of the outgoing frame.
To be continued..

-Soulpower

Introduction

Dear readers,

This blog - "Networking.Reborn" is solely created to reborn my computer networking knowledge. Therefore, I will blog what ever topics that I've just learned or refreshed. Let's hope that this blog will benefit me and you to polish our networking knowledge and skills. 

In the name of God, The Most Gracious, The Most Merciful.

-Soulpower