1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.1 Module 6 Switch Configuration.
-
Upload
clementine-underwood -
Category
Documents
-
view
238 -
download
3
Transcript of 1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.1 Module 6 Switch Configuration.
1© 2004, Cisco Systems, Inc. All rights reserved.
CCNA 3 v3.1 Module 6 Switch Configuration
222© 2004, Cisco Systems, Inc. All rights reserved.
Objectives
333© 2004, Cisco Systems, Inc. All rights reserved.
LAN Design Goals
• Functionality
• Scalability
• Adaptability
• Manageability
444© 2004, Cisco Systems, Inc. All rights reserved.
Physical Startup of Catalyst Switches
• Switches typically have no power switch to turn them on and off.
• They simply connect or disconnect from a power source.
555© 2004, Cisco Systems, Inc. All rights reserved.
LEDs on the front of a switch
• System LED
whether the system is receiving power and functioning correctly.
• Remote Power Supply (RPS) LED
whether or not the remote power supply is in use
• Port Mode LEDs
the state of the Mode button
determine how the Port Status LEDs are interpreted
• Port Status LEDs
666© 2004, Cisco Systems, Inc. All rights reserved.
Port LED Definitions Based on Mode LED State
Catalyst 1900
Catalyst 2950
777© 2004, Cisco Systems, Inc. All rights reserved.
Verifying Port LEDs During Switch POST
The Port Status LEDs turn amber (琥珀色 ) for about 30 seconds as the switch discovers the network topology and searches for loops.
If the Port Status LEDs turn green, the switch has established a link between the port and a target, such as a computer.
The Port Status LEDs also change during POST.
If the Port Status LEDs turn off, the switch has determined that nothing is plugged into the port.
888© 2004, Cisco Systems, Inc. All rights reserved.
Connecting a Switch to a PC
999© 2004, Cisco Systems, Inc. All rights reserved.
Examining Help in the Switch CLI
101010© 2004, Cisco Systems, Inc. All rights reserved.
Show Commands in User EXEC Mode
111111© 2004, Cisco Systems, Inc. All rights reserved.
Changing Modes
User EXECmode
Privileged EXECmode
enable
(password)
configure terminal
Switch#Switch>
121212© 2004, Cisco Systems, Inc. All rights reserved.
Verifying the Catalyst Switch Default Configuration
• show running-config
Displays the current active configuration file of the switch
• show interface
Displays the statistics for all interfaces configured on the switch
• show ip
Displays the IP address, subnet mask, and default gateway
• show version
Displays the configuration of the system hardware, software version, names, and sources of configuration files and boot images
Do e-Lab 6.2.1
131313© 2004, Cisco Systems, Inc. All rights reserved.
Configuring the Catalyst Switch
• To overwrite any existing configuration, follow these steps:
Remove any existing VLAN information by deleting the VLAN database file, vlan.dat from the Flash memory directory.
Erase the backup configuration file startup-config.
Reload the switch.
delete flash:vlan.dat (Catalyst 2950)delete nvram (Catalyst 1900)
erase startup-configreload
141414© 2004, Cisco Systems, Inc. All rights reserved.
Set Switch Hostname, Set Password on Lines
or 15
151515© 2004, Cisco Systems, Inc. All rights reserved.
Set IP Address and Default Gateway
161616© 2004, Cisco Systems, Inc. All rights reserved.
Management VLAN
• management VLAN is used to manage all of the network devices on a network
• In a switch-based network, all network devices should be in the management VLAN
• By default, VLAN 1 is the management VLAN
• All ports belong to VLAN 1 by default.
• To allow for management of network devices while keeping traffic from network hosts off of the management VLAN, remove all of the access ports from VLAN 1 and place them in another VLAN
171717© 2004, Cisco Systems, Inc. All rights reserved.
Set Port Speed and Duplex Setting (If Necessary)
default is auto-duplex
default is auto-speed
181818© 2004, Cisco Systems, Inc. All rights reserved.
HTTP Service and Port
Any additional software such as an applet can be downloaded to the browser from the switch.
The switch can be managed by a browser based GUI. Do e-Lab 6.2.2
191919© 2004, Cisco Systems, Inc. All rights reserved.
Managing the MAC Address Table
Switches learn the MAC addresses of PCs or workstations that are connected to their switch ports by examining the source address of frames that are received on that port.
entered in the Privileged EXEC mode
MAC address entry is automatically discarded or aged out after 300 seconds
Do e-Lab 6.2.3
202020© 2004, Cisco Systems, Inc. All rights reserved.
Configuring Static MAC Addresses
• Reasons to assign a permanent MAC address to an interface:
The MAC address will not be aged out automatically by the switch.
A specific server or user workstation must be attached to the port and the MAC address is known.
Security is enhanced.
212121© 2004, Cisco Systems, Inc. All rights reserved.
Configuring Static MAC Addresses
222222© 2004, Cisco Systems, Inc. All rights reserved.
Removing a Static MAC Address
Do e-Lab 6.2.4
232323© 2004, Cisco Systems, Inc. All rights reserved.
Port Security
• Secure MAC addresses can be configured statically. However, it is a complex task and is usually prone to error.
• It is possible to limit the number of addresses that can be learned on an interface.
• Set the limit to 1 and the first address dynamically learned by the switch becomes the secure address.
242424© 2004, Cisco Systems, Inc. All rights reserved.
Configuring Port Security
Do e-Lab 6.2.5
The command show port security can be used to verify port security status.
252525© 2004, Cisco Systems, Inc. All rights reserved.
Adding a New Switch: The Procedure
• Configure the switch name
• Determine and configure the IP address for management purposes
• Configure a default gateway
• Configure administrative access for the console, auxiliary, and virtual terminal (VTY) interfaces
• Configure security for the device
• Configure the access switch ports as necessary
262626© 2004, Cisco Systems, Inc. All rights reserved.
Add, Move, and Change MAC Addresses
Adding a MAC Address1. Configure port security2. Configure the MAC address
Changing a MAC Address1. Remove MAC address restrictions
Moving a MAC Address1. Add the address to a new port2. Configure port security on the new switch3. Configure the MAC address to the port allocated for the new user4. Remove the old port configuration Do e-Lab 6.2.6
272727© 2004, Cisco Systems, Inc. All rights reserved.
Managing Switch Operation
• An administrator should document and maintain the operational configuration files for networking devices.
• The most recent running-configuration file should be backed up on a server or disk.
• The Cisco IOS Software should also be backed up to a local server. The Cisco IOS Software can then be reloaded to Flash memory if needed.
282828© 2004, Cisco Systems, Inc. All rights reserved.
Passwords
• For security and management purposes, passwords must be set on the console and vty lines.
• An enable password and an enable secret password must also be set.
292929© 2004, Cisco Systems, Inc. All rights reserved.
Firmware and IOS Images
Do e-Lab 6.2.9
303030© 2004, Cisco Systems, Inc. All rights reserved.
Summary