Switching

By : Dahy Mansour
LinkedIn
slidesdocs.com
 01 02 03

➢ Introduction Switching ➢ Core Switching Techniques ➢ Basic Switch Configuration

▪ Switch and Switching ▪ MAC Address Table ▪ hostname and password

▪ Mac Address ▪ Switching Modes ▪ VLANs and Trunk and Access
▪ Port Security
 01

❑What is Switch ?
▪ A switch is a network device that connects multiple devices (like computers, printers, servers) within a (LAN).
▪ It operates at the Data Link layer (Layer 2) of the OSI model.
▪ using MAC addresses to forward data frames directly between devices within the same network.

❑What is Switching ?
▪ Switching in networking is the process of directing data between devices within the same(LAN).
▪ It involves using switches that operate at the Data Link layer (Layer 2) of the OSI model , using MAC addresses
 01
❑ What is Mac Address ?
▪ MAC (Media Access Control) MAC ID
▪ Using in Data Link Layer (2) 00.1A.3F.F1.4C.C6
▪ Physical address 00 1A 3F F1 4C C6
▪ Write hexadecimal 0-9,A-F
▪ Unique in World .
▪ 6 Octets = 6*8= 46 bits
▪ Burned-in address in NIC (Network Interface Card)
IP Internet Protocol MAC Media Access Control
▪ Logical Address ▪ Physical Address
▪ Using Layer 3 Network ▪ Using Layer 2 Data Link
▪ 4 Octets = 4*8 = 32 bits ▪ 6 Octets = 6*8 = 48 bits
▪ Decimal ▪ Hexadecimal
▪ Using in Router ▪ Using in Switch
▪ EX :- 192.168.1.1 ▪ EX : - 00.F1.3D.4C.23.FF
01
 ‫‪02‬‬

‫طرق إرسال البيانات في داخل الشبكات ‪❑ Methods of Sending Data in the Network‬‬

‫‪❖ Unicast‬‬ ‫‪One To One‬‬ ‫يعني جهاز واحد يبعت لجهاز واحد فقط في الشبكة‬

‫‪❖ Multicast‬‬ ‫‪One To Group‬‬ ‫يعني جهاز واحد يبعت لمجموعة أجهزة في الشبكة‬

‫‪❖ Broadcast‬‬ ‫‪One to All‬‬ ‫يعني جهاز واحد يبعت لجميع األجهزة في الشبكة‬ ‫‪Unicast‬‬

‫‪v‬‬
‫‪Broadcast‬‬
‫‪Multicast‬‬
 ‫‪02‬‬

‫الفرق بين ‪ Broadcast Domain‬و ‪Collision Domain‬‬

‫‪Broadcast Domain‬‬ ‫‪Collision Domain‬‬

‫هو عبارة عن مجموعة اجهزة‬ ‫هو عبارة عن التصادمات التي‬
‫متصلة فى شبكة واحدة تحت‬ ‫تحصل عندما تلتقي البيانات فى‬
‫نطاق واحد وتحت فئة واحدة‬ ‫مسار واحد مما يسبب بطء‬
‫من عناوين ال ‪IP‬‬ ‫واختناق الشبكة‬
 ‫‪02‬‬

‫❑ اوجد عدد نطاق البث ‪ Broadcast Domain‬وعدد مجاالت التصادم ‪ Collision Domain‬في الشكل التالي ؟‬
 03

Basic Switch Configuration

 ‫‪03‬‬

‫‪Cables‬‬
‫‪❑ Console Cable‬‬ ‫يسـتخدم بشـكل أساسـي ف ادارة أجهزة الشبكات‬

‫‪❑ Crossover Cables‬‬ ‫يسـتخدم بشـكل أساسـي لتوصيـل جهازيـن مـن نفـس النـوع مثـل راوتـر مـع راوتـر‬

‫‪❑ Straight Cables‬‬ ‫يسـتخدم بشـكل أساسـي لتوصيـل جهازيـن مختلفين مثل حاسوب وراوتر‬

‫‪❑ Serial Cables‬‬ ‫يُستخدم بشكل أساسي لربط أجهزة الشبكات مثل ال راوترات مع بعضها البعض‬
 01

❑ Ways to connect to the switch:

➢ To connect via (Console Port)
➢ Remote access (Telnet or SSH)
❖ Switch modes:

❑Console mode or User Mode: It is used in some commands including Ping

❑Privileged Mode or Enable mode : In Privileged Mode you can perform many
advanced commands such as: show or restart the device.
❑Global Configuration Mode : You can execute all commands related to
programming the switch
 01
❑ To connect via (Console Port):

1.Connect in PC to RS 232 and in Switch to console

2.Press PC then Desktop then Terminal then OK

Console mode>>
 01
❖ Switch modes:

❑ To switch from Console mode to Privileged Mode type the command: enable

>>>>

❑To switch from Privileged Mode to Global Configuration Mode type the
command: configure terminal
 01

Hostname
❑ To change the switch name type the command: hostname...#the new name
Ex: Change the name from Default to Smart

❑ To go back a step type the command: exit

❑ To return to Privileged Mode once type the command: end
 01

Privileged Mode Password

❑ To give a password for Privileged Mode type the command: enable password...#
new password
EX: Give password 1111 Privileged Mode
 01

Console mode Password

❑ To give a password to the console mode type the command:

1.line console 0
2.password...#new password
3.Login
EX: Give password 0000 console Mode
 01

✓ To view the switch properties type the command: show running-config

✓ To cancel any command type: No
EX:
 01

Remote access using Telnet

❑ To activate remote connection:

1. Give the IP address to VLAN 1 via the following command:
✓ interface VLAN 1
✓ IP address…#IP&Subnetmask
✓ No shutdown
2. Activate VTY via the following command:
✓ line VTY 0 15
✓ Password…# Password to login
✓ Login
3. Give the PC an IP address from the same network
4. Go to PC, then Desktop, then command, then type the command: telnet...#ip
 01

EX: Remote access using Telnet

Step1>>>
Design>>>

Step2>>>

Step3>>>
Step4>>>
 01

Task1

1. Design the following network

2. Connect to the switch via the console port
3. Give a password to set the Privileged Mode 1111 and set the console Mode 0000
4. Activate the remote access method
5. Connect to the switch via the remote access method
6. Change the name of the switch from Default to your name
7. View the switch properties
 01

VLAN

❑ What is VLANs?
1.VLAN :Virtual Local Area Network
2. A VLAN is a virtual network within a local area network (LAN)
used to divide a large network into smaller logical networks.
3.Devices in the same VLAN communicate as if they were in a separate network
even if they are connected to different switches.

.‫ وتسهيل اإلدارة‬،‫ زيادة األمان‬،‫ تحسين األداء‬:‫الهدف‬

 02

Access Port & Trunk Port:

1. Access Port:
▪ It is a port on the switch designated for only one VLAN.
▪ Devices connected to the Access Port follow the VLAN assigned to it.

2. Trunk Port:
▪ It is a port on the switch that passes data from more than one VLAN at the
same time.
▪ The data coming out of the trunk port will be marked with a tag to distinguish
each VLAN from the other.
▪ the Trunk Port is used between switches or between the switch and the router
❑ To activate port access:
1. Specify the port with the command: interface...#port name
2. switchport mode access

❑ To activate Trunk Port:

1. Specify the port with the command: interface...#port name
2. switchport mode Trunk
❖ To create the VLAN, you will type the following command:
✓ VLAN [VLAN number]
❖ Determine the port type is Access Port:
✓ interface...#port name
✓ switchport mode access
❖Determine the port type for any VLAN :
✓ switchport access VLAN [VLAN number]
❖To view VLAN properties:
✓ show VLAN brief

‫ر‬
Switches ‫ علي جميع‬VLANS ‫ يجب انشاء جميع‬Switch ‫ واكتر من‬VLAN ‫ يف حالة وجود اكت من‬:‫ملحوظة‬
Switch(config)#vlan 10 LAB 1
Switch(config-VLAN)#exit
Switch(config)#interface f0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access VLAN 10
Switch(config-if)#exit
Switch(config)#interface f0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access VLAN 10
Switch(config)#vlan 20
Switch(config- VLAN)#exit
Switch(config)#interface f0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access VLAN 20
Switch(config-if)#exit
Switch(config)#interface f0/4
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access VLAN 20
 LAB 2
❑ Configuration Switch1:
Switch1(config)#vlan 10
Switch1(config- VLAN)#vlan 20
Switch1(config)#interface f0/1
Switch1(config-if)#switchport mode access
Switch1(config-if)#switchport access VLAN 10
Switch1(config-if)#interface f0/2
Switch1(config-if)#switchport mode access
Switch1(config-if)#switchport access VLAN 20
Switch1(config-if)#interface f0/3
Switch1(config-if)#switchport mode trunk
❑ Configuration Switch2:
Switch2(config)#vlan 10
Switch2(config- VLAN)#vlan 20
Switch2(config)#interface f0/1
Switch2(config-if)#switchport mode access
Switch2(config-if)#switchport access VLAN 10
Switch2(config-if)#interface f0/2
Switch2(config-if)#switchport mode access
Switch2(config-if)#switchport access VLAN 20
Switch2(config-if)#interface f0/3
Switch2(config-if)#switchport mode trunk
Task 2
 port-security
❑Someone may connect to our network without our knowledge and thus be able to
access and exploit the resources of this network.
‫قد يقوم أحد االشخاص باالتصال بشبكتنا دون علم منا وبذلك يستطيع الوصول لموارد هذه الشبكة واستغاللها‬

❑He can connect his computer to a branch port on one of the switch devices in
our network
‫حيث يمكن ان يقوم بتوصيل جهازه الكمبيوتر الخاص به الي منفذ فارع في احد اجهزة السويتش في شبكتنا‬
❑Or he can remove one of the devices connected to the switch to connect his
device if he does not find an empty port
‫او يمكنه نزع احد االجهزة المتصلة بجهاز السويتش ليقوم بتوصيل جهازه اذا لما يجد منفذ فارغ‬
❑ Action types:
❖ Protection: Blocks data from unauthorized MAC without notifications.
❖ Restriction: Same protection but adds alerts (logs).
❖ Shutdown: Port is locked (Err-disabled)

✓ interface range from f0/... to f0/... >>> ‫لتحديد عدد بورتات مره واحدة‬
✓ Show port-security >>>‫لعرض معلومات عن خيارات االمن‬
❑ Steps to apply Port Security on Switch:

1. Enter the required interface: interface...#port name

2. Determine the type of port: switchport mode access
3. Activate Port Security: Switchport port-security
4. Select the MAC Address type Automatic:
switchport port-security mac-address sticky
5.Choose Violation Mode:
switchport port-security violation Protection or Restriction or shutdown
Switch(config)#interface f0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security mac-address sticky
Switch(config-if)#switchport port-security violation protect
Switch(config-if)#interface f0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security mac-address sticky
Switch(config-if)#switchport port-security violation restrict
Switch(config-if)#interface f0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security mac-address sticky
Switch(config-if)#switchport port-security violation shutdown
Task 3
 INTER VLAN ROUTING
❑ SVI : Switched virtual interface
A multilayer switch device can perform the tasks of a switch device and also
perform the tasks of a router. Because it performs tasks from the second layer
and the third layer it is called multilayer.
➢ We can use this device to create virtual networks (VLANs) and pass data between
them instead of using two devices, a switch and a router.

❑ Activation method SVI

➢ Activating the (routing) process within the multilayer switch device
➢ Create virtual interface inside the device
➢ Assign each virtual port to a specific virtual network VLAN

‫لتفعيل عملية التمرير او التوجيه داخل جهاز متعدد الطبقات لكي يتمكن من تمرير البيانات بين الشبكات‬
:‫المختلفة نكتب امر التفعيل التالي‬
❑ IP Routing
:‫ محددة نستخدم االمر‬VLAN ‫ال نشاء منافذ وهمية داخل جهاز متعدد الطبقات وتخصيص كل منفذ لشبكة‬

❑ Interface VLAN [VLAN ID]

➢ [VLAN ID] >> ‫هو معرف الشبكة الوهمية‬

Configuration SVI:
1. Create VALN
2. Interface VLAN
3. Ip Address and Subnet mask
➢ LAP 1: Use SVI in ​the following form:
➢Configuration on SW 2:
Switch(config)#int f0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access VLAN 10
Switch(config)#int f0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access VLAN 20
Switch(config)#int f0/3
Switch(config-if)#switchport mode trunk
➢ Configuration SVI on SW 1 MULT:
Switch(config)#ip routing
Switch(config)#int f0/1
Switch(config-if)#switchport trunk encapsulation dot1q
Switch(config-if)#switchport mode trunk
Switch(config-if)#exit
Switch(config)# VLAN 10
Switch(config-VLAN)#exit
Switch(config)# VLAN 20
Switch(config- VLAN)#exit
Switch(config)#int VLAN 10
Switch(config-if)#ip address 10.10.10.1 255.255.255.252
Switch(config-if)#exit
Switch(config)#int VLAN 20
Switch(config-if)#ip address 20.20.20.1 255.255.255.252
THANK YOU