394 Chapter 10 • Implementing the Cisco Switches the two 100BaseTX ports as fast links to servers within the network that are running 100BaseTX Ethernet cards. On the other hand, if the 1924 switch is one of several in a large network, an administrator might use 100BaseFX ports to hook into a fiber optic backbone for high-speed access to the rest of the network. Table 10.2 lists the port configurations for the 1900 series of switches. In addition to the ports listed in Table 10.2, all 19xx series switches have one Ethernet AUI port in the back and one console port for configura- tion. This can be used for Thinnet, Thicknet, Ethernet, or fiber-optic con- nections. The 19xx series can store up to 1024 MAC addresses in the Cisco Access Manager (CAM) table. The entire architecture of the switch is linked together by a 1-Gbps bus. All the 19xx Catalyst switches also have a 3MB packet buffer for network surges. This reduces the chance that a switch will drop a packet if it gets busy. All 1900 switches have room for a redun- dant power supply for backup. For operational and status information, the front of the 1900 series includes LED readouts for status indicators and diagnostics. www.syngress.com Table 10.2 Port Configurations for the Catalyst 1900 Series Ports 1912 1912C 1924 1924C 1924F 10BaseT 100BaseTX 100BaseFX 12 2 0 12 1 1 24 2 0 24 1 1 24 0 2 Troubleshooting 101: Basic Catalyst Issues A green LED readout on a switch usually means everything is oper- ational, amber means something may be interfering with a procedure, and red means bad news. The idea is to become familiar with whether an amber switch means something like an extra power supply, or if there really is an issue with the switch. Many network problems are discovered by a bright red light that you might notice while walking past your For IT Professionals Continued 71_BCNW2K_10 9/10/00 1:38 PM Page 394 Implementing the Cisco Switches • Chapter 10 395 Hardware Features of the 2820 Series The 2820 series consists of two models: the 2822 and 2828. However, the 2822 series has been discontinued by Cisco, so in the future, only the 2828 will be available. The 2820 series use the same 1-Gbps switching fabric as well as the 3MB shared buffer used by the 1900 series. There are really only two differences between the 2820 and 1900 series switches: modular expansion and address storage. The 2820 series offers a modular solution to small networks. The design of the 2800 series consists of 24 10BaseT ports, one Ethernet AUI port, and two expansion slots for modules. The 2820 expansion slots can support the following modules: ■ The dual attachement station (DAS) fiber distributed data interface (FDDI) Fiber module comes with two ports that use a ST Fiber- Optic Connector. ■ The single attachement station (SAS) FDDI Fiber module has one port that uses the ST Fiber-Optic Connector (these come in medium and long-reach models). ■ The SAS FDDI User Datagram Protocol (UDP) module supports one port with an RJ-45 connector. ■ 100BaseTX modules come with either one switched or eight shared 100Base TX ports. www.syngress.com switches on a day-to-day job. For example, one of my first networking duties involved going to three sites every morning with a checklist (to be signed) and checking the routers, switches, and CSU/DSUs in the wiring closets for red lights! However, when dealing with connectivity issues, a green LED on a 19xx series port (and practically any hub/switch, for that matter) is usually only an indication of Layer 2 (data link) connectivity. Likewise, red lights are a sign of issues or malfunctions. Amber lights can have various meanings, but usually refer to intermittent issues or standby situations, such as a backup power supply or a port that is being blocked by the Spanning Tree Protocol. Remember, when trou- bleshooting connectivity issues, Cisco wants you to start at the physical layer with the cable and switch, and work your way up. There are several LEDs on the front of a 19xx/2820 series switch that can keep you updated on the status of the switch and any issues that might arise. 71_BCNW2K_10 9/10/00 1:38 PM Page 395 396 Chapter 10 • Implementing the Cisco Switches ■ Likewise, 100BaseFX modules have either one switched or four shared 100Base FX ports. ■ The Asynchronous Transfer Mode (ATM) 155 multimode (MM) and single-mode (SM) Fiber Modules support one ATM interface using SC Fiber-Optic Connectors. ■ The ATM 155 UDP module supports one ATM interface using the RJ-45 standard. The other difference between the 1900 series and the 2820 series is the number of MAC addresses that can be stored in the CAM table. Whereas the 1900 series can store only 1024 MAC addresses, the 2822 can store up to 2048 MAC addresses, and the 2828 can store up to 8192 MAC addresses. Software Features of the 1900/2820 Series There are two editions of the Cisco Switching operating system: Standard and Enterprise. Some of the Standard edition IOS features for the 1900/2820 series are the following: Cisco Visual Switch Manager A Web-based management system for basic configuration of Cisco switches. A preconfigured IP address and inline con- nection are required. VLAN support Up to four VLANs can be configured per switch on the 1900/2820 series. Network port A default port for the network (like a default gateway). It serves as a final point of departure for unknown MAC addresses. CGMP Cisco Group Multicast Protocol; a protocol used to manage multi- casts on Catalyst switches. Spanning Tree Protocol For management of redundant paths and switching loops. Three switching modes Cut-Through, Store-and-Forward, and FragmentFree. Fast EtherChannel and Gigabit EtherChannel A means of clustering multiple links together to one source for faster performance than just one link. Remote monitoring (RMON) This switch can store RMON data for collec- tion and analysis. RMON is a Request for Comments (RFC) established protocol for network management and monitoring. www.syngress.com 71_BCNW2K_10 9/10/00 1:38 PM Page 396 Implementing the Cisco Switches • Chapter 10 397 For larger networks, the Enterprise edition software offers advanced control, clustering, configuration, and authentication features required for large-scale networks: Increased VLAN support The Enterprise edition will support 64 VLANs with Inter-Switch Link (ISL) and 802.1Q VLAN tagging. This edition also supports the VLAN Trunking Protocol. Uplink Fast A port feature for Catalyst switches that can reduce the time taken for a port to upgrade from “blocking” to “forwarding” states. TACACS+ (Terminal Access Controller Access Control System Plus) Authorization support for devices on the switch. Instead of simply logging in with a standard name and password on the switch, you can have the switch refer to a TACACS+ server for authentication. This will ensure that outside users won’t simply be logging in and guessing the password; they would need an account on the TACACS+ server. CLI An IOS-type configuration utility that can be used rather than the menu-configuration features of the 1900/2820 series. The CLI is also used for advanced configuration of the Enterprise edition features. Catalyst 2900XL/3500XL The 2900XL/3500XL series represents some of the newer access and dis- tribution switches. These switches, developed by Cisco, take advantage of newer technology and features like clustering and gigabit modules to expand the speed and flexibility of desktop/enterprise switching. NOTE There are major differences between the 2900XL series (the 2912 and 2924) and the 2900G series that is based on the Catalyst 5000 switches (the 2948G and now discontinued 2926G)—make sure you understand the differences between the two models. This section will focus on the 2900XLs, and the 2900G series is covered with the Catalyst 5000s. There is also an older model 3xxx (3000–3200) series that is different from the 3500XL series. In short, you will be hard pressed to find any rhyme or reason for why some switches are named the way they are. One stan- dard that Cisco has been using in creating its new line of gigabit switches is ending them with the “G” designation (3508G/2948G); modular switches usually end in “M,” and fiber-optic switches usually end in “F.” www.syngress.com 71_BCNW2K_10 9/10/00 1:38 PM Page 397 398 Chapter 10 • Implementing the Cisco Switches Gigabit Interface Converters (GBICs) The Gigabit Interface Converter (GBIC) is a new IEEE (Institute of Electrical and Electronics Engineers) technology that is designed to provide a higher speed link between switches. GBICs are installed into slots and work in a modular configuration. There are three types of GBIC modules available for GBIC slots. Depending on variables like range, speed, and usage in a cluster, they can transmit data at a range from 550 m to 100 km. (Performance will vary depending on physical factors like the quality of cable and the wavelength used.) ■ 1000BaseSX (short wavelength) uses the multimode fiber-optic link for data transmission. Depending upon the wavelength and type of cable, data can be transmitted up to 550 meters. ■ 1000BaseLX/LH is a single-mode fiber-optic link that can transmit up to 10 km. ■ 1000BaseZX can transmit in single mode up to 100 km with a high-quality cable. Average quality will only transmit data about 70 km. Cisco is designing new switches that use the GBIC standard for high- speed connections to distribution and core layer switches. The 3500XL and 4000 series Catalyst switches all have switches with integrated GBIC ports, and new modules bring GBIC compatibility to the Catalyst 5000. The new Catalyst 6000 and 8500 series came out with GBIC modules already designed and engineered for them. The older 1900 and 2820 series do not have the capability to use GBIC modules. Switch Clustering Switch clustering is a means of combining Catalyst stacks under one IP address and central control. Switch clustering is available on the 2900XL/3500XL series, and can be combined with 1900 and 2820 switches. Up to 16 switches can be connected under one cluster and man- aged under one IP address. (Only nine GBIC switches can be included in one cluster.) All clusters start with a Command switch. This switch must be running Catalyst software version 12.0(5) or later to serve as a Master switch. Only the 2900XL and 3500XL series can serve as a Command switch. Higher- level switches, including the 4000 series and the 3xxx (non-XL), cannot function as a Command or Member switch. In addition to the IOS require- ments, the switches must be running the Cisco Discovery Protocol (CDP), and the ports that are connected must belong to the same management www.syngress.com 71_BCNW2K_10 9/10/00 1:38 PM Page 398 Implementing the Cisco Switches • Chapter 10 399 VLAN. Up to 16 switches, including 1900 and 2820s connected through EtherChannel, can be managed in this way. NOTE Just because a switch can run as a Member switch doesn’t mean it will work as a Command switch. Pay close attention to the requirements of the Command switch. You can have a 2900XL switch enabled as a Command switch at the top of a Gigastack bus because it’s running 12.0(5), and the switches below it could be running a lower version of the Catalyst software that wouldn’t permit one of them to function as a Command switch, although they will work as Member switches provided they’re running cluster member software. 3500 series switches can also be stacked in a Gigastack. This is a high- speed clustering of Gigabit-compatible switches linked together with GBIC technology, either to each other in a bus topology, or with a Master switch like the 3508G running the cluster in a hub-and-spoke topology. In this case, the GBIC cable can only run a maximum of one meter between each switch, and only nine switches can operate in a Gigastack. The actual speed varies depending on the type of Gigastack built. ■ A bus Gigastack has each switch hooked in a line with the next one. Each GBIC’s receive port is hooked up to the next GBIC’s transmit port. The GBIC switch at the bottom hooks back up to the top. In this configuration, 1 Gbps is distributed in the bus among the entire stack. Because the switches are hooked in a loop, there is a redundant path that can be brought up if a cable or switch goes down. ■ A hub-and-spoke Gigastack has each GBIC switch hooked up to a Master GBIC switch with several ports, such as a 3508G or the 4912G. In this case, the Master switch will deliver up to its max- imum forwarded bandwidth within its internal switching fabric (up to 5 Gbps on a 3508G, for example) with a 2-Gbps full-duplex con- nection between each switch. Each GBIC’s Receive and Transmit ports are cross-connected with the GBIC Receive and Transmit ports on the other switch. This design lacks the redundancy of the bus design, but is faster because each link is running in full- duplex mode. www.syngress.com 71_BCNW2K_10 9/10/00 1:38 PM Page 399 400 Chapter 10 • Implementing the Cisco Switches The entire cluster is managed through the Cluster Manager, a compo- nent of the CVSM. However, you can also use the CLI for many configura- tion details. Devices are discovered and added to the cluster using the Cluster Builder, and managed using the CVSM Cluster Manager. From here, the cluster can be monitored, configured, or even upgraded—all at once if desired. This greatly expands an administrator’s ability to maintain current software IOS images across the network. Note that in some cases, a cluster topology will be established, such as the hub-and-spoke topology, but the switches will not be clustered together internally. This is referred to as aggregation, and is useful for pulling workgroups, stacks, and servers together under one switch. You can also establish multiple links using Gigabit EtherChannel, which uses multiple Gigabit Ethernet links to one destination for increased bandwidth. Additional Network Management Features In addition to the features just described, several other technologies (that are common to all Catalyst products mentioned hereafter) can be used for network analysis. Simple Network Management Protocol (SNMP) support is an early protocol designed for easy management of certain functions and statistics across network platforms. This has been replaced somewhat by remote monitoring (RMON), which can monitor various features using nine different types of statistics. However, most Cisco products only include four, with additional RMON support coming with expansion modules. For duplication of traffic from the LAN to your PC for analysis, switched port analyzer (SPAN) technology is designed to mirror a VLAN or port to another port of your choosing. You can mirror all the traffic, or just a cer- tain port. This can be for analysis of data, statistics, or just general traffic sniffing. TIP If you are going to be sniffing network traffic, you will want to route the traffic you are sniffing to a SPAN port. On a hub or repeater, all traffic is broadcast to all ports, so there would be no need. However, on a Catalyst switch, only broadcast traffic would be hitting your sniffer, as point-to-point traffic goes straight from port to port within the switch without hitting every port. Therefore, to pick up traffic specifically intended for a certain port, you would have to mirror that traffic with a SPAN port and then analyze it with a sniffer or some other analysis tool. www.syngress.com 71_BCNW2K_10 9/10/00 1:38 PM Page 400 Implementing the Cisco Switches • Chapter 10 401 Hardware Features of the 2900XL Series The 2900XL series is the “big brother” of the 1900/2820 series. The 2900XL series offers a 4MB shared buffer for all ports and a 3.2-Gbps switching bus. Currently, there are five different models from which to choose, depending on whether you need 10BaseT, 100BaseTX, or 100BaseFX. The 100BaseTX ports are autosensing (10/100) as well as autonegotiating (half/full duplex) for 10BaseT NICs or Cat. 3 wiring. In general, the Modular 2900XL series (2924M and 2912MF) offers more features than the standard switches. The M switches come with two modular slots for additional options. The M series also stores more MAC addresses; they can hold up to 8192 addresses in its shared buffer, while the other three models (the XL and C) can hold up to 2048 addresses in their CAM tables. Otherwise, each model in the series has its own port configuration. Table 10.3 lists the possible port and module configurations for the 2900XL series. In addition to the ports listed in Table 10.3, the following modules are available for the 2924M and 2912MF: ■ 100BaseFX module with two or four switched ports using SC con- nectors. ■ 10/100BaseTX module with four switched ports using RJ-45 con- nectors. ■ Four different ATM OC-3 modules for Multimode, Single-Mode/ Medium Range, and Single-Mode/Long Range fiber optic connec- tions, as well as a separate UDP model. ■ The 1000BaseX module for Gigabit Interface Converters (GBICs). Note that this is a newer module with a slot for the GBIC. This module is used for Gigastacking, connectivity, and compatibility with the Catalyst switches that are already using newer GBIC technology. This will require Catalyst software version 12.0(5)XU. www.syngress.com Table 10.3 Port Configuration for the Catalyst 2900XL Series Ports/Modules 2912XL 2924XL 2924M 2924C 2912MF 10BaseT 10/100BaseTX 100BaseFX Module slots 12 0 0 0 0 24 0 0 0 24 0 2 0 22 2 0 0 0 12 2 71_BCNW2K_10 9/10/00 1:38 PM Page 401 402 Chapter 10 • Implementing the Cisco Switches Hardware Features of the 3500XL Series The 3500XL series is a recent addition to the Cisco line. With this product, the GBIC port is already integrated into the hardware. This new line of switches is designed to deliver the increased bandwidth down to the work- group and desktop levels. There are four models currently available in the 3500XL series. They all operate with a 10-Gbps switching fabric and a 4MB shared memory buffer for all the ports. Internally, the 3500XL series can forward up to 5.4 Gbps. All the ports on the 3500XL series are capable of full-duplex operation. This can be up to 200 Mbps for the 100BaseTX ports, and 2 Gbps for the GBIC ports. A 3500XL switch is capable of storing up to 8192 MAC addresses in its CAM table. Table 10.4 lists the models and port/slot con- figurations for the 3500XL series. Software Features of the 2900XL/3500XL Series In the past, there was a distinction between the Enterprise and Standard editions of the Catalyst IOS software for the 2900XL/3500XL series. As with the 1900/2820 series, Standard software came with limited VLAN support and the CVSM, and the Enterprise edition came with additional TACACS+, Uplink Fast, and other Enterprise features like those on the 2820 series. There were also various IOS packages for the 2900XL series that would make it capable of being a Member/Command switch for a cluster of switches. However, with release 12.0(5)XU, several new features are introduced, and both Standard and Enterprise editions are combined into one software feature set. Some of the new features included with this IOS release are the Hot Standby Router Protocol (HSRP), Virtual Terminal Protocol (VTP) pruning, SPAN port mirroring, and additional RMON sup- port for the CLI and SNMP operation. From here on out, Cisco combines the Standard and Enterprise editions of Catalyst software on their switches, since no one would buy a 5000/6000/8500 and not intend it for an enterprise anyway. The 2900XL series was recently upgraded to support the new 12.0(5)XU series. These are called the 8MB series, and the older models are referred to by Cisco as the 4MB series. The 4MB series cannot be upgraded to www.syngress.com Table 10.4 Port Configuration for the Catalyst 3500XL Series Port/Slot 3512XL 3524XL 3548XL 3508G 10/100BaseTX GBIC ports 12 2 24 2 48 2 0 8 71_BCNW2K_10 9/10/00 1:38 PM Page 402 Implementing the Cisco Switches • Chapter 10 403 12.0(5)XU. The 29xx M series (with modular support) and the 3500 series support up to 250 VLANs; the 2900XL series (2912XL/2924XL/2924C) supports only 64 VLANs. Cisco Set-based Switching Products The second group of switches we will be looking at are called set-based switching products. In these switches, the CLI is less like a router and takes on a distinctive form of its own. The commands set and clear are used most predominantly. Each series fills a niche in the hierarchical net- work design. From this point on, most of these switches will focus more on modular and flexibility, and less on fixed configurations. This is also the point where multilayer switching really becomes evident. The following switches make up the set-based switching product line. ■ The Catalyst 4000 switches are a new line designed to put the flex- ibility of the 5000 series into a smaller package for wiring closets and clusters. ■ The Catalyst 5000s (and their 2900 counterparts) are meant to serve at the backbone layer. These switches use older technology, but have new modules and Supervisor Engines that have been designed to bring them up to current Cisco technology levels. These switches are best used now in smaller networks that you may not want to upgrade to GBIC speeds, or a wiring closet where you require high port densities and ATM connectivity. ■ The Catalyst 6000/6500 series is a new series for the distribu- tion/core layers. These switches use GBIC, ATM, and 100BaseTX modules to provide enterprise connectivity with multilayer switching. These switches are built on Gigabit technology and are optimized for Gigabit speeds. ■ The Catalyst 8500 series is the answer for campus-wide core routing and switching. In addition to using the newest technology for high-speed routing and switching, the 8500 series also main- tains some backward compatibility with the Catalyst 5xxx switches in their hardware and modules, so that an investment in Catalyst 5000s can still be put to good use in an 8500 environment. Catalyst 4000 The Catalyst 4000 series is designed to be the next-generation access/backbone switch for Gigabit technology. In addition to Layer 2 www.syngress.com 71_BCNW2K_10 9/10/00 1:38 PM Page 403 [...]... MODE FAULT STACK TX RX ATTACH PAR ACT PAR 1 SD PWR MODE FAULT STACK EIA232 RESET ACT PAR 2 TX ACT PAR 3 ACT PAR 4 ACT PAR 5 ACT PAR 6 ACT PAR 7 ACT PAR 8 ACT PAR 9 ACT PAR 10 ACT PAR 11 ACT PAR 12 ACT PAR 13 ACT PAR 14 ACT PAR 15 ACT PAR 16 ACT PAR 17 ACT PAR 18 ACT PAR 19 20 EIA232 RX ATTACH PAR ACT ACT PAR 1 RESET ACT PAR 2 ACT PAR ACT PAR 3 4 ACT PAR 5 ACT PAR 6 ACT PAR ACT PAR 7 8 ACT PAR 9 ACT PAR... www.syngress.com SD PWR MODE FAULT STACK EIA232 RESET ACT PAR RX ATTACH PAR ACT PAR 1 EIA232 RESET ACT PAR 2 ACT PAR 3 ACT PAR 4 ACT PAR 5 ACT PAR 6 ACT PAR 7 ACT PAR 8 ACT PAR 9 ACT PAR 10 ACT PAR 11 ACT PAR 12 ACT PAR 13 ACT PAR 14 ACT PAR 15 ACT PAR 16 ACT PAR 17 ACT PAR 18 ACT PAR 19 ACT 20 West Side - Cisco 3500XL DC Schema Master FSMO Secondary DNS Server 71_BCNW2K_10 9/10/00 1: 38 PM Page 425 Implementing... ETHERNET SERIAL 0 SERIAL 1 CONSOLE SD AUX C IS C O 2 5 0 7 8 DLCI 17 SD CISCOSYSTEMS SD CISCOSYSTEMS SD PWR MODE FAULT STACK TX RX ATTACH PAR ACT PAR 1 2 TX ACT PAR 3 ACT PAR 4 ACT PAR 5 ACT PAR 6 ACT PAR 7 ACT PAR 8 ACT PAR 9 ACT PAR 10 ACT PAR 11 ACT PAR 12 ACT PAR 13 ACT PAR 14 ACT PAR 15 ACT PAR 16 ACT PAR 17 ACT PAR 18 ACT PAR 19 ACT 20 East Side - Cisco 3500XL DC Infrastructure FSMO Secondary DNS... IOS and hardware Available Switch Platforms Multilayer switching technology is available for the Catalyst 5000, 6000, and 85 00 series In some new switches, it is available for the Catalyst 4000 series—specifically, the 4908G-L3 Each switching family has its own hardware requirements to bring the switch up to MLS standards On the Catalyst 4908G and the 85 00 series, the IOS and hardware for multilayer... the hardware As networks become more bandwidth intensive and applications like multicast become more common, the traditional network design of switches that are separated by routers becomes less appealing Instead, the new campus network design would use Layer 3 switches that can pass traffic much faster than before, yet are still capable of reading and writing at Layer 3 Always use switches instead of... 10 ACT PAR 11 ACT PAR 12 ACT PAR 13 ACT PAR 14 ACT PAR 15 ACT PAR 16 ACT PAR 17 ACT PAR 18 ACT PAR 19 ACT 20 West Side - Cisco 3500XL East Side - Cisco 3500XL DC Infrastructure FSMO Secondary DNS Server DC Schema Master FSMO Secondary DNS Server Figure 10.2 West Coast Accounting’s switching and routing infrastructure Clustered DC RID Master PDC Emulator Domain Naming Master Primary DNS Server File and... 85 40 a backplane of 40 Gbps The 85 10 series has an integrated switching fabric that can sustain 10 Gbps That’s why even though it has half the available slots of an 85 40, it requires separate modules with only half the port densities The switching fabric on the 85 10 is only one-quarter that of the 85 40 Software Features of the 85 00 Series Because the Catalyst 85 00 uses hardware to perform many of its... 5505 is also a five-slot chassis, but can support 3.6 Gbps in its backplane (instead of the 1.2 Gbps that the 5000 has) s The Catalyst 5509 supports nine slots on 3.6 Gbps; it’s essentially a bigger 5505 s The Catalyst 5500 is the 13-slot Catalyst chassis with the standard 3.6-Gbps backplane and a separate 5 Gbps that supports ATM switching The last slot is reserved for an ATM engine card and cannot be... necessary between networks and VLANs The problem was that this resulted in slower performance, as it takes much longer to route and rewrite a packet at Layer 3 than it does to switch it As a result, Cisco began working on multilayer switching, which could take control of a packet and switch it at the network layer This results in much faster performance Multilayer switching has two components: a card... hardware and performs the switching functions on the switch It’s also important to remember that routing requires that changes be made to a packet that aren’t made during switching This can include the source and destination address In a flat-switched network, the packet already heads straight from one to the other, but on a router, you have to rewrite the packet as it goes through default gateways and . databases: a Forwarding Information Base (FIB) and an Adjacency table. The FIB is compiled from the Routing table. This maps a Layer 3 IP or IPX address to a port. The Adjacency table then maintains. referred to as a switch/router, since it performs vir- tually all the functions of a router, and almost treats Layer 2 switching as a secondary feature. The Catalyst 85 00 also takes advantage of new. the stan- dard 3.6-Gbps backplane and a separate 5 Gbps that supports ATM switching. The last slot is reserved for an ATM engine card and cannot be used for any other purpose. Hardware Features