Saturday, 22 September 2012

Cisco Catalyst Switches

So, this is the first post relating to networking.
Hmm-mm, let's see what shall we discuss.

Cisco Catalyst Switches.
Sounds like a good topic to me. Now, i am not going to go into alot of details regarding what is it, how may interfaces and all. I will discuss the forwarding methods used by a switch to determine where it needs to send the data and how it builds its "mac address table".

Cisco Catalyst Switches dynamically build up there tables. For that, they look at the source mac address of the  frame coming in and if not present in the table, makes an entries for it with the interface on which the data was received by the switch.
Below, we have a mac address table. Use the command show mac address-table (yes a hyphen is required there) on your switch and you will get something like this.


          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----          -----------             --------        -----
All    0100.0ccc.cccc      STATIC     CPU
All    0100.0ccc.cccd      STATIC     CPU
All    0180.c200.0000    STATIC     CPU
All    0180.c200.0001    STATIC     CPU
All    0180.c200.0002    STATIC     CPU
All    0180.c200.0003    STATIC     CPU
All    0180.c200.0004    STATIC     CPU
All    0180.c200.0005    STATIC     CPU
All    0180.c200.0006    STATIC     CPU
All    0180.c200.0007    STATIC     CPU
All    0180.c200.0008    STATIC     CPU
All    0180.c200.0009    STATIC     CPU
All    0180.c200.000a    STATIC     CPU
All    0180.c200.000b    STATIC     CPU
All    0180.c200.000c    STATIC     CPU
All    0180.c200.000d    STATIC     CPU
All    0180.c200.000e    STATIC     CPU
All    0180.c200.000f     STATIC     CPU
All    0180.c200.0010    STATIC     CPU


Note that, we have a lot of static entries there. They vary from one a switch at my place to the one at your place. These are for switches own use and we are not really concerned with it.
Do note the columns - VLAN, Mac Address, Type and Port.
This is an example of a switch just out of the box and hasn't learned any addresses from any devices on the network.

Lets have a look at the mac table after i connect a couple of PC's.


          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----          -----------            --------         -----
All    0100.0ccc.cccc      STATIC     CPU
All    0100.0ccc.cccd      STATIC     CPU
All    0180.c200.0000    STATIC     CPU
All    0180.c200.0001    STATIC     CPU
All    0180.c200.0002    STATIC     CPU
All    0180.c200.0003    STATIC     CPU
All    0180.c200.0004    STATIC     CPU
All    0180.c200.0005    STATIC     CPU
All    0180.c200.0006    STATIC     CPU
All    0180.c200.0007    STATIC     CPU
All    0180.c200.0008    STATIC     CPU
All    0180.c200.0009    STATIC     CPU
All    0180.c200.000a    STATIC     CPU
All    0180.c200.000b    STATIC     CPU
All    0180.c200.000c    STATIC     CPU
All    0180.c200.000d    STATIC     CPU
All    0180.c200.000e    STATIC     CPU
All    0180.c200.000f     STATIC     CPU
All    0180.c200.0010    STATIC     CPU
1    001b.d450.970f    DYNAMIC     Fa0/19
1    001b.d450.9710    DYNAMIC     Fa0/20
1    001b.d450.9711    DYNAMIC     Fa0/21


There you see, 3 dynamic entries.

Vlan 1 as it is the default vlan on a switch.
3 unique mac addresses and the type set to dynamic.
Also note that instead of CPU we have port numbers.

How did we get this.
Lets see the first entry.
This means that the Switch received a frame on its Fast Ethernet port 0/19 and had a source address of 001b.d450.970f.
Same principle applies for the other 2 entries as well.
This is how a Switch builds up its Mac Address Table.

So, now what ? How does it forward the frame ?

That is pretty simple as well.
For the forwarding decision, it relies on the destination mac address in the Ethernet header and decides whether its gonna flood, filter or drop the frame.

1. Flood : If a switch gets a frame with a destination mac address that is not present in its mac table, then it floods it i.e. it sends out the frame as if it was a broadcast to all the devices connected to it.
2. Filter : If the destination mac address is present in the mac table, then the switch assumes it as a unicast address and sends it to only that particular device.
3. Drop : A switch drops a packet if the destination device and the source device reside on the same port.

Lets see this in detail.
See the following table. Notice, it contains only the dynamic entries. Well, you can do that too. Just issue the show mac address-table dynamic command on the switch.



          Mac Address Table
-------------------------------------------

Vlan    Mac Address           Type             Ports
----        -----------                  --------            -----


1       001b.d450.970f      DYNAMIC     Fa0/19
1       001b.d450.9710     DYNAMIC     Fa0/20
1       001b.d450.9711     DYNAMIC     Fa0/21







Lets see the flood case first.
Suppose the switch receives data with an Ethernet header having the source mac : 001b.d450.970f and the destination mac : 001b.d450.9721. The switch looks at the source mac and finds an entry in its table. Next, it looks at the destination mac. Its not present in its table so, the switch forwards the data out all the ports i.e. fa0/20 and fa0/21. However, it doesn't send the data out fa0/19 port because this is the port that the data initially came in. That is easy.

Now onto the filter case.
Assume the source mac : 001b.d450.9711 and the destination mac : 001b.d450.970f. Switch looks at its mac table and see that the source mac is present and then looks at the destination mac to find that it is also present in the table. Now the Switch treats this data as a unicast i.e. destined for only one device and forwards it out fa0/19 port only.

Lastly, the drop case.
I will have to make use of a topology diagram here. It will help understand this really well.
Pretty simple topology here. In between Host A and Host B, that is a Hub.
Switch's mac address table is as follows :

VLAN        Mac Address                                  Type                  Port
    1            AA-AA-AA-AA-AA-AA             DYNAMIC           fa0/1
    1            BB-BB-BB-BB-BB-BB             DYNAMIC           fa0/1
    1            CC-CC-CC-CC-CC-CC             DYNAMIC           fa0/2
    1            DD-DD-DD-DD-DD-DD          DYNAMIC           fa0/3

Now, if the switch receives a data having source mac : AA-AA-AA-AA-AA-AA and destination mac : BB-BB-BB-BB-BB-BB. 
If you notice in the mac table above, both the hosts have been learnt through the same fa0/1 port.
Therefore, this data will be dropped because a Switch doesn't forward out the same port on which it initially received.

















That was a pretty long explanation but its easy. Just watchout for whats the case in terms of the Source and Destination Mac addresses and accordingly decide as to what the switch will do.

One last thing here, as we went through all the explanations I bet you noticed that the switches are only concerned with the mac addresses and mac's are a Layer 2 ( OSI model ) thing so the Switches operate only at the Layer 2 of the OSI model and Layer 1 of the TCP/IP model.

The next post i will go over some lab stuf relating to switches.
Configuring VLAN's, port security etc etc.

Thank You.

No comments:

Post a Comment