Questions on VLANs/Switches

Discussion in 'General Cisco Certifications' started by Brasco2007, Feb 22, 2007.

  1. Brasco2007

    Brasco2007 Bit Poster

    12
    0
    14
    Hi All,

    Have been studying up on switches and VLANs, but still have issues with a few of the topics regarding switch IOS operation.

    I have listed the problems below, any help appreciated:

    1. How to determine which ports recieves VLAN information on a switch.
    2. How to determine which interface a switch associates with a certain source MAC address.
    3. How to determine which port will forward an IP packet if the destination address is not on the local LAN.
    4. Determining if a switch is a root bridge for a VLAN.

    Thanks in advance for any posts.
     
    Certifications: CompTIA A+, Network+
    WIP: CCNA
  2. Headache

    Headache Gigabyte Poster

    1,092
    9
    85
    As a fellow CCNA candidate myself, I probably know as much as you do. But I thought I'd give it shot.

    1.

    3550/1(config)#int fa0/5
    3550/1(config-if)#switchport mode access
    3550/1(config-if)#switchport access vlan 5
    3550/1(config-if)#^Z

    (show vlan)

    2.

    3550/1(config)#mac-address-table static 00-13-a9-5a-7e-fa vlan 3 int fa0/5

    (show mac-address-table)

    3.

    3550/1(config)#int gi0/2
    3550/1(config-if)#switchport mode trunk
    3550/1(config-if)#switchport encapsulation dot1q
    3550/1(config-if)#^Z

    (show interfaces trunk)

    4. Show spanning-tree

    (One of your switches will say "This switch is the root bridge")


    I must mention that I'm just experimenting, so some of my answers are probably wrong. But there are lots of knowledgeable people on the forum who can set me straight.
     
    Certifications: CCNA
    WIP: CCNP
  3. NetEyeBall

    NetEyeBall Kilobyte Poster

    279
    10
    45
    #3

    I need to study more on layer 2 versus layer 3 switching.

    Layer 2 switching:

    Packet comes into the switch.
    Switch checks the destination mac address to see if it is in its MAC Address Table.
    If it is in the table then it forwards the packet on to the port that the mac address lives on.
    If the mac address is not in the table then it floods all the ports (except the port it received the packet in the 1st place) with the packet. This is known as Unknown Unicast Flooding.

    Layer 3 switching:

    I am not 100% on layer 3 switching so I will have to read up on it. But I believe in conjunction to the layer 2 processes, if the switch decides the packet is not local to the switch then it also checks if it can process it at layer 3. If so instead of the unknown unicast flooding it sends it on to the layer 3 next hop.

    Like I said I am not 100% on layer 3 yet. Maybe someone will chime in.
     
    Certifications: CCNA, A+, N+, MCSE 4.0, CCA
    WIP: CCDA, CCNP, Cisco Firewall
  4. Headache

    Headache Gigabyte Poster

    1,092
    9
    85
    I'm just wondering whether this isn't a router-on-a-stick type of question where you first of all configure the vlan and trunking on your switch and then configure your router to match the settings on that switch ?

    i.e

    SWITCH

    3550/1(config)#int vlan 1
    3550/1(config-if)#ip address 192.168.1.10 255.255.255.0
    3550/1(config-if)#no shut
    3550/1(config-if)#int fa0/1
    3550/1(config-if)#switchport mode access
    3550/1(config-if)#switchport access vlan 1
    3550/1(config-if)#switchport mode trunk
    3550/1(config-if)#switchport trunk encapsulation dot1q
    3550/1(config-if)#speed 100
    3550/1(config-if)#duplex full

    ROUTER

    R1(config)#int fa1/0
    R1(config-if)#duplex full
    R1(config-if)#speed 100
    R1(config-if)#no shut
    R1(config-if)#int fa1/0.1
    R1(config-subif)#encapsulation dot1q 1
    R1(config-subif)#ip address 192.168.1.11 255.255.255.0


    Not sure though.

    Still waiting for somebody knowledgeable in switching to help shed some light on the issue.
     
    Certifications: CCNA
    WIP: CCNP
  5. NetEyeBall

    NetEyeBall Kilobyte Poster

    279
    10
    45
    Headache,

    You are progressing really well! You need to start thinking about taking the exam!

    One thing in your config you forgot the second vlan config on both the switch and router. Router on the stick is nessasary to ensure inter-vlan communication.

    I think you are right. I think the question is about a router on a stick.
     
    Certifications: CCNA, A+, N+, MCSE 4.0, CCA
    WIP: CCDA, CCNP, Cisco Firewall
  6. Headache

    Headache Gigabyte Poster

    1,092
    9
    85
    Thanx for the boost NetEyeBall.

    Yeah, I am thinking about the exam. I just haven't set a date yet. Too chicken, I guess. Problem is, I keep forgeting stuff. It goes in and leaks straight back out again. I wish somebody would hurry up and invent a memory stick you can plug into your brain.

    *shrug*
     
    Certifications: CCNA
    WIP: CCNP
  7. NetEyeBall

    NetEyeBall Kilobyte Poster

    279
    10
    45
    Trust me...I know about forgetting. I find myself forgetting stuff I knew for my CCNA, but don't use everyday.. It is hell trying to study new stuff. But then the more you work with everything better you get. It hurts that my current job doesn't challenge me very often anymore....but what can you do...

    I am going to try some stuff in my lab later today playing around with router on a stick.

    I will post my results later tonight! :D Assuming I can remember how to login. ;)
     
    Certifications: CCNA, A+, N+, MCSE 4.0, CCA
    WIP: CCDA, CCNP, Cisco Firewall
  8. Headache

    Headache Gigabyte Poster

    1,092
    9
    85
    Looking forward to it.
     
    Certifications: CCNA
    WIP: CCNP
  9. NetEyeBall

    NetEyeBall Kilobyte Poster

    279
    10
    45
    Ok. Interesting results. I couldn't ever assign an encap of dot1q to my 2950 switch. For whatever reason.

    Also to my frustration I forgot about the built in XP Firewall which is configured by my company through a GPO with ICMP Echo requests turned off. GRRRRRRRR...took some hair pulling until it hit me.

    So here are my results. I could speek to each vlan using the router to bridge the different vlans. As you can see from the trace the traffic goes to the router and down to the switch and to the device on the switch port. In this setup I had 1 router ROUTER1 and 1 switch SWITCH1 and 2 PCs.



    C:\Documents and Settings\ROOT>tracert 192.168.1.100
    Tracing route to 192.168.1.100 over a maximum of 30 hops
    1 1 ms 1 ms <1 ms 193.168.1.1
    2 1 ms <1 ms <1 ms 192.168.1.100
    Trace complete.


    Switch1#sh arp
    Protocol Address Age (min) Hardware Addr Type Interface
    Internet 192.168.1.1 0 0008.e3b4.9280 ARPA Vlan1
    Internet 192.168.1.2 - 0013.6083.9300 ARPA Vlan1



    interface FastEthernet0/1
    switchport mode trunk
    speed 100
    duplex full
    !
    interface FastEthernet0/2
    switchport mode access
    spanning-tree portfast
    !
    interface FastEthernet0/3
    switchport access vlan 2
    switchport mode access
    spanning-tree portfast

    interface Vlan1
    ip address 192.168.1.2 255.255.255.0
    no ip route-cache
    !
    interface Vlan2
    ip address 193.168.1.2 255.255.255.0
    no ip route-cache
    shutdown
    !
    ip default-gateway 192.168.1.1


    interface FastEthernet0/0
    no ip address
    speed 100
    full-duplex

    interface FastEthernet0/0.1
    encapsulation dot1Q 1 native
    ip address 192.168.1.1 255.255.255.0

    interface FastEthernet0/0.2
    encapsulation dot1Q 2
    ip address 193.168.1.1 255.255.255.0
     
    Certifications: CCNA, A+, N+, MCSE 4.0, CCA
    WIP: CCDA, CCNP, Cisco Firewall
  10. Headache

    Headache Gigabyte Poster

    1,092
    9
    85
    Lots of good stuff you got going there.

    Spanning-tree portfast. I haven't tried that yet. What's it do ?

    #sh arp is something else I'm gonna have to try the next time I get my switches up and running.

    Strange about the 2950. I thought they all supported dot1q tagging. Infact I didn't think they supported anything but. How did you get past it. Did you use a different switch ?

    At some point, you might consider investing in a 3550. They are great machines. They support not just dot1q and ISL, but are also able to negotiate trunking encapsulation with a peer on their own.

    Anyway, great stuff, pal. Keep up the good work.
     
    Certifications: CCNA
    WIP: CCNP
  11. NetEyeBall

    NetEyeBall Kilobyte Poster

    279
    10
    45
    I have a 3550. It was pricey I just haven't played with it much.

    Spanning-tree portfast is a command that takes the port out of the spanning tree equation. Designed for host to host communication ie...that port goes to a host where no possible switching loop can occur. Spanning-tree was developed to prevent switching loops in redundent switch configurations, however it converges slowly every time a port transitions to a different state it has to go through its process of

    blocking
    listening
    learning
    forwarding

    with spanning-tree portfast enabled on a port, I can shut that port down or on and not impact all my other hosts or connections.
     
    Certifications: CCNA, A+, N+, MCSE 4.0, CCA
    WIP: CCDA, CCNP, Cisco Firewall
  12. Headache

    Headache Gigabyte Poster

    1,092
    9
    85
    Okay.

    Does the switch have to be the root bridge or can you use any switch you like (for the spanning-tree portfast, I mean) ?
     
    Certifications: CCNA
    WIP: CCNP
  13. NetEyeBall

    NetEyeBall Kilobyte Poster

    279
    10
    45
    any switchport thatr isn't a trunk. You can put it on a trunk port but it will tell you it won't work while it is trunking. Not sure about etherchannel but I assume it wouldn't matter since my understanding of etherchannel is you are bonding 2 or more ports together in a trunk or access mode.
     
    Certifications: CCNA, A+, N+, MCSE 4.0, CCA
    WIP: CCDA, CCNP, Cisco Firewall
  14. NetEyeBall

    NetEyeBall Kilobyte Poster

    279
    10
    45
    Here is a link. I forgot about disabled state which comes after forwarding. I remember reading only about 4 states, but this document has 5 so...I must not remember the 5th.
     
    Certifications: CCNA, A+, N+, MCSE 4.0, CCA
    WIP: CCDA, CCNP, Cisco Firewall
  15. Headache

    Headache Gigabyte Poster

    1,092
    9
    85
    Thanx for the reply.

    The reason I asked is that I read somewhere that the root bridge disables blocking on all of it's ports.

    So I was sort of wondering whether if I configured spanning-tree portfast on another switch in the network, whether that wouldn't result in some sort of runaway loop-de-loop situation. But now you've mentioned that it doesn't work on a trunked port, that seems to have answered my question. Thanx.

    (EDIT)
     
    Certifications: CCNA
    WIP: CCNP
  16. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,205
    136
    199
    Keep it up guy's. It looks to me that you are both helping each other through your CCNA's.

    Thats what this place is all about. Keep it up! :thumbleft
     
  17. Headache

    Headache Gigabyte Poster

    1,092
    9
    85
    Nah, I'm the guy still struggling.

    NetEyeBall is about ready for his CCIE, I think.
     
    Certifications: CCNA
    WIP: CCNP
  18. NetEyeBall

    NetEyeBall Kilobyte Poster

    279
    10
    45
    Ha! I wish...I am having a rough time studying for one of the CCNP tests. A large part has to do with my horrible work schedule. They really messed it up for the night guys about 2 months back. But I agree!!! It is good to have questions to think about and work through! I learn more each time I go over something or try to configure something in my lab.
     
    Certifications: CCNA, A+, N+, MCSE 4.0, CCA
    WIP: CCDA, CCNP, Cisco Firewall

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.