CCNA Guide to Cisco

Networking Fundamentals

Chapter 13
Advanced Switching Concepts

Objectives
Explain how the Spanning Tree Protocol works and
describe its benefits
Describe the benefits of virtual LANs
Configure a VLAN
Understand the Purpose of the VLAN trunking
protocol (VTP)
Configure VTP

CCNA Guide to Cisco Networking Fundamentals

Spanning Tree Protocol

Physical path loops
A physical connection created when network devices are
connected to one another by two or more physical media
links
Help improve a networks fault tolerance

Drawback
Can result in endless packet looping

Spanning Tree Protocol (SP)

A layer 2 link management protocol designed to prevent
looping on bridges and switches
The specification for STP is IEEE 802.1d
CCNA Guide to Cisco Networking Fundamentals

Spanning Tree Protocol (continued)

CCNA Guide to Cisco Networking Fundamentals

Spanning Tree Protocol (continued)

STP uses the Spanning Tree Algorithm (STA)
To interrupt the logical loop created by a physical loop
in a bridged/switched environment
STP does this by ensuring that certain ports on some
of the bridges and switches do not forward frames

Building a logical path

Switches and bridges on a network use an election
process to configure a single logical path
First, a root bridge (root device) is selected
Then, the other switches and bridges configure their
ports, using the root bridge as a point of reference
CCNA Guide to Cisco Networking Fundamentals

Spanning Tree Protocol (continued)

Bridges use STP to transfer the information about
each bridges MAC address and priority number
Bridge protocol data units (BPDU) or
configuration bridge protocol data units (CBPDU)
The messages the devices send to one another

Each bridge or switch determines which of its own

ports offers the best path to the root bridge
Root ports
The BPDU messages are sent between the root
bridge and the best ports on the other devices
CCNA Guide to Cisco Networking Fundamentals

Spanning Tree Protocol (continued)

If BPDUs are not received for a certain period of time
The non-root-bridge devices will assume that the root
bridge has failed, and a new root bridge will be elected

Once the root bridge is determined and the switches

and bridges have calculated their paths to the root
bridge
The logical loop is removed by one of the switches or
bridges

CCNA Guide to Cisco Networking Fundamentals

Spanning Tree Protocol (continued)

Port states
STP will cause the ports on a switch or bridge to
settle into a stable state

Stable states
The normal operating states of ports when the root
bridge is available and all paths are functioning as
expected

Transitory states
Prevent logical loops during a period of transition from
one root bridge to another
CCNA Guide to Cisco Networking Fundamentals

Spanning Tree Protocol (continued)

The stable states are as follows:
Blocking
Forwarding
Disabled

The transitory states are as follows:

Listening
Learning

STP devices use the transitory states on ports while

a new root bridge is being elected
CCNA Guide to Cisco Networking Fundamentals

Spanning Tree Protocol (continued)

Ports on STP-enabled devices move through the
different states as indicated in the following list:

From bridge/switch bootup to blocking

From blocking to listening (or to disabled)
From listening to learning (or to disabled)
From learning to forwarding (or to disabled)
From forwarding to disabled

CCNA Guide to Cisco Networking Fundamentals

10

Spanning Tree Protocol (continued)

Topology changes
When the topology is changed, STP-enabled devices
react automatically
If a device in an STP-enabled network stops receiving
CBPDUs, then that device will claim to be the root
bridge
Will begin sending CBPDUs describing itself as such

Per-VLAN STP (PVSTP)

Operates on VLANs and treats all VLANs connected
as separate physical networks
CCNA Guide to Cisco Networking Fundamentals

11

Spanning Tree Protocol (continued)

Spanning Tree PortFast
Allows you to configure a switch to bypass some of
the latency (delay)
Associated with the switch ports transitioning through
all of the STP transitory states before they reach the
forwarding state

Configuring STP
See Table 13-1

CCNA Guide to Cisco Networking Fundamentals

12

Spanning Tree Protocol (continued)

CCNA Guide to Cisco Networking Fundamentals

13

Spanning Tree Protocol (continued)

Rapid STP (RSTP) 802.1w
Takes the basis of 802.1d (STP) and incorporates
some additional features (such as portfast) that
overcome some of the flaws of STP

CCNA Guide to Cisco Networking Fundamentals

14

Virtual LANs
Virtual LAN (VLAN)
A grouping of network devices that is not restricted to a
physical segment or switch
Can be configured on most switches to restructure
broadcast domains

Broadcast domain
Group of network devices that will receive LAN
broadcast traffic from each other

Management VLAN (also known as the default

VLAN)
By default, every port on a switch is in VLAN 1
CCNA Guide to Cisco Networking Fundamentals

15

Virtual LANs (continued)

You can create multiple VLANs on a single switch
Or even create one VLAN across multiple switches

A VLAN is a layer 2 implementation, and does not

affect layer 3 logical addressing

CCNA Guide to Cisco Networking Fundamentals

16

Virtual LANs (continued)

CCNA Guide to Cisco Networking Fundamentals

17

Virtual LANs (continued)

CCNA Guide to Cisco Networking Fundamentals

18

Benefits of VLANs
Benefits:

Ease of adding and moving stations on the LAN

Ease of reconfiguring the LAN
Better traffic control
Increased security

VLANs help to reduce the cost of moving employees

from one location to another
Many changes can be made at the switch
Physical moves do not necessitate the changing of IP
addresses and subnets
CCNA Guide to Cisco Networking Fundamentals

19

Benefits of VLANs (continued)

Because the administrator can set the size of the
broadcast domain
The VLAN gives the administrator added control over
network traffic

Dividing the broadcast domains into logical groups

increases security
Requires a hacker to perform the difficult feat of
tapping a network port and then figuring out the
configuration of the LAN

VLANs can be configured by network administrators

to allow membership only for certain devices
CCNA Guide to Cisco Networking Fundamentals

20

CCNA Guide to Cisco Networking Fundamentals

21

Dynamic vs. Static VLANs

Static VLANs
Configured port-by-port, with each port being
associated with a particular VLAN
The network administrator manually types in the
mapping for each port and VLAN

Dynamic VLAN
Ports can automatically determine their VLAN
configuration
Uses a software database of MAC address-to-VLAN
mappings that is created manually
CCNA Guide to Cisco Networking Fundamentals

22

Dynamic vs. Static VLANs (continued)

Dynamic VLAN could prove to be more timeconsuming than the static VLAN
Dynamic VLAN allows the network administration
team to keep the entire administrative database in
one location
On a dynamic VLAN, moving a cable from one
switch port to another is not a problem
Because the VLAN will automatically reconfigure its
ports on the basis of the attached workstations MAC
address
CCNA Guide to Cisco Networking Fundamentals

23

VLAN Standardization
Before VLAN was an IEEE standard
Early implementations depended on the switch vendor
and on a method known as frame filtering

Frame filtering
Complex process that involved one table for each
VLAN
Had a master table that was shared by all VLANs

The IEEE 802.1q specification that defines VLANs

recommends frame tagging
Also known as frame identification
CCNA Guide to Cisco Networking Fundamentals

24

VLAN Standardization (continued)

Frame tagging
Involves adding a four-byte field to the actual Ethernet
frame to identify the VLAN and other pertinent information
Makes it easier and more efficient to ship VLAN frames
across network backbones
Switches on the other side of the backbone can simply read
the frame instead of being required to refer back to a framefiltering table

The two most common types of frame tagging

(encapsulation) are 802.1q and Inter-Switch Link (ISL)
protocol
CCNA Guide to Cisco Networking Fundamentals

25

Creating VLANs
You can create VLANs by entering the (configvlan)# mode and using the VLAN command
Or you can enter the VLAN database and use the
VLAN configuration mode

To use the config-vlan mode, you type the following:

Rm410HL(config)#VLAN 2
Rm410HL(config-vlan)name production

To use the VLAN configuration mode, you start by

entering the VLAN database

CCNA Guide to Cisco Networking Fundamentals

26

Creating VLANs (continued)

The next step is to assign switch ports to the new
VLANs
Ports can be assigned as static or dynamic

To remove a VLAN, use the no parameter:

Rm410HL(config)#no vlan 2

CCNA Guide to Cisco Networking Fundamentals

27

Link Types and Configuration

Two types of links are on Cisco switches: trunk links
and access links
Trunk links
Switch-to- switch or switch-to-router links that can
carry traffic from multiple VLANs

Access links
Links to non-VLAN-aware devices such as hubs and
individual workstations

CCNA Guide to Cisco Networking Fundamentals

28

Link Types and Configuration

(continued)
You choose from five different states for a trunk link:

Auto
Desirable
Nonegotiate
Off
On

To configure a trunk link on a Catalyst 2950, you

must be in the appropriate interface configuration
mode
CCNA Guide to Cisco Networking Fundamentals

29

Link Types and Configuration

(continued)
Switch interface descriptions
You can configure a name for each port on a switch
This is useful when you begin to define roles for a
switch port on a more global basis

CCNA Guide to Cisco Networking Fundamentals

30

VLAN Trunking Protocol

VLAN trunking protocol (VTP)
Created by Cisco to manage all of the configured
VLANs that traverse trunks between switches
A layer 2 messaging protocol that manages all the
changes to the VLANs across networks

VTP domains
VTP devices are organized into domains
Each switch can only be in one VTP domain at a time
All devices that need to share information must be in the
same VTP domain
CCNA Guide to Cisco Networking Fundamentals

31

VLAN Trunking Protocol (continued)

VTP device modes
Server
Device can add, rename, and delete VLANs and
propagate those changes to the rest of the VTP devices

Client
Device is not allowed to make changes to the VLAN
structure, but it can receive, interpret, and propagate
changes made by a server

Transparent
A device is not participating in VTP communications, other
than to forward that information through its configured
trunk links
CCNA Guide to Cisco Networking Fundamentals

32

VLAN Trunking Protocol (continued)

VTP pruning option
Reduces the number of VTP updates that traverse a
link
Off by default on all switches

If you turn VTP pruning on

VTP message broadcasts are only sent through trunk
links that must have the information

VLAN 1 is not eligible to be pruned because it is an

administrative (and default) VLAN

CCNA Guide to Cisco Networking Fundamentals

33

Nonswitching Hubs and VLANs

Important considerations:
If you insert a hub into a port on the switch and then
connect several devices to the hub, all the systems
attached to that hub will be in the same VLAN
If you must move a single workstation that is attached
to a hub with several workstations, you will have to
physically attach the device to another hub or switch
port to change its VLAN assignment
The more hosts that are attached to individual switch
ports, the greater the microsegmentation and flexibility
the VLAN can offer
CCNA Guide to Cisco Networking Fundamentals

34

Routers and VLANs

Routers can be used with VLANs to increase
security
Must be used to manage traffic between different
VLANs

Routers can implement access lists

Which increase inter-VLAN security

A router allows restrictions to be placed on station

addresses, application types, and protocol types

CCNA Guide to Cisco Networking Fundamentals

35

CCNA Guide to Cisco Networking Fundamentals

36

Routers and VLANs (continued)

Router can either be an onboard Route Switch
Module (RSM) or an external router
The router will accept the frame tagged by the
sending VLAN and determine the best path to the
destination address
The router will then switch the packet to the
appropriate interface and forward it to the destination
address

CCNA Guide to Cisco Networking Fundamentals

37

Routers and VLANs (continued)

Router-on-a-stick
If a single link is used to connect an external router
with the switch containing multiple VLANs
Trunking is required for inter-VLAN routing

Trunking is the process of using either ISL or 802.1q

to allow multiple VLAN traffic on the same link
For instance, an ISL trunk link would encapsulate each
packet with the associated VLAN information and
allow the router to route the packet accordingly

CCNA Guide to Cisco Networking Fundamentals

38

Summary
The Spanning Tree Protocol (STP) allows
administrators to create physical loops between
bridges and switches
Without creating logical loops that would pose a
problem for packet delivery

The Rapid Spanning Tree Protocol (RSTP) has

enhanced STP to reduce the latency associated
with convergence
Implementing VLANs via switches provides another
way to increase the performance, flexibility, and
security of a network
CCNA Guide to Cisco Networking Fundamentals

39

Summary (continued)
VLANs are separate broadcast domains that are not
limited by physical configurations
Performance benefits associated with VLANs are
derived from limiting the amount of broadcast traffic
that would naturally pass through a switch without
filtration
Because traffic on a VLAN broadcast can be limited
to a specific group of computers, security is also
enhanced by making it more difficult for
eavesdropping systems to learn the configuration of
a network
CCNA Guide to Cisco Networking Fundamentals

40

Summary (continued)
VLAN information is communicated to switches
using the VLAN trunking protocol (VTP)

CCNA Guide to Cisco Networking Fundamentals

41