PACE-IT: Configuring Switches (part 2)

Instructor, PACE-IT Program – Edmonds Community College
Areas of Expertise Industry Certifications
 PC Hardware
 Network Administration
 IT Project Management
 Network Design
 User Training
 IT Troubleshooting
Qualifications Summary
Education
 M.B.A., IT Management, Western Governor’s University
 B.S., IT Security, Western Governor’s University
Entrepreneur, executive leader, and proven manger
with 10+ years of experience turning complex issues
into efficient and effective solutions.
Strengths include developing and mentoring diverse
workforces, improving processes, analyzing
business needs and creating the solutions
required— with a focus on technology.

PACE-IT.
– Installation considerations.
– Configuring the switch port.

Configuring switches II.

The business or enterprise
network is more complex
than the SOHO (small office
home office) network.
A SOHO network may be able to get by with using
one or more unmanaged switches and still operate
adequately. Once beyond the level of a SOHO
though, more thought and planning is required, as
unmanaged switches are no longer up to the job.
There are multiple issues to consider when installing
a managed switch and it is wise to plan for those in
advance to save time and frustration.

– VLAN (Virtual Local Area Network).
» Switches break up collision domains, but not broadcast domains.
• VLANs take a single network environment and create smaller
network segments by subnetting the network address range.
» VLANs are used in a switched network environment for a variety
of reasons:
• Break up broadcast domains into smaller pieces.
• Increase security by limiting access to network resources.
» The administrator configures the VLANs and assigns users,
nodes, or ports to a specific VLAN.
• All managed switches do come with a Native VLAN—which is
determined by the manufacturer—it is used to help manage the
switch.
• VLAN traffic is allowed to cross switch ports—as long as the
VLAN information matches—through the use of trunk ports.
» VTP (Virtual Trunk Protocol) is a Cisco proprietary method of
creating a virtual trunk port, which allows VLAN traffic to pass
between switches and to automatically manage the VLAN
environment.
» In order for different VLANs to communicate with each other, a
router—or some other Layer 3 device—must be installed on the
network.

Switch management.
» Switches may be managed out-of-band—no network
connection required.
• Through the use of the console port on the switch.
» The console port is a specific port on managed switches used
to connect to and configure or manage a switch.
• A rollover cable may be required to make the connection to
the console port.
• Security should be set on console ports.
» Switches may be configured to be managed in-band—a
network connection is used to manage the switch.
• One of the most common methods of allowed in-band
management is through the use of virtual terminals (VTY)
connections.
» The most common VTY connections are telnet or ssh sessions.
• Security should be set if Telnet is an allowed VTY type.
• By default, SSH is a secured connection.

Switched management continued.
» A default gateway address must be placed on an interface that
belongs to the native VLAN (default VLAN) in order to allow for
in-band switch management.
• The default gateway on a switch is different than the default
gateway on a router. On a switch, it is only used to manage
the switch, not to pass other network traffic.
» An administrator should configure which users and passwords
are allowed to connect to the switch and what their level of
access to the configuration is going to be.
• In-band and out-of-band management security settings may
be different (e.g., some users are allowed in-band
management access while others are not).
» If AAA (Authentication, Authorization, and Accounting)
protocols are used in the network, the switch must be
configured to use them.

– Speed and duplexing.
» Most modern switch ports can auto-negotiate both the speed of
the link and the duplexing mode used.
• In some cases, an administrator may be required to manually
set both the speed and the duplex in order for a connection to
occur.
– VLAN assignment.
» All switch ports will belong to a VLAN, either an administrator
configured one or the native VLAN.
• The native VLAN can be administratively changed, which
should be done to increase the security level of the switch.
– Trunking.
» Switch ports that are designed to carry VLAN traffic between
switches.
• The standard protocol used is 802.1q, which strips off the
VLAN tag (actually changes the tag to the native VLAN) and
allows the traffic to cross. Then, the 802.1q port on the other
side reinserts the original VLAN tag.

– Port bonding.
» LACP (Link Aggregation Control Protocol) is the protocol used
to create a single logical channel from redundant connections
between switches (e.g., port bonding). This will increase the
bandwidth between the switches.
– PoE (Power over Ethernet).
» Some switches come equipped with PoE ports.
• These ports can use one of two methods to provide current
over the network cable as well as carry data, allowing the
ports to power small network devices, while at the same time
communicating with them.
• The port itself may provide the current.
• The port may allow the use of a power injector to provide the
power instead of the port.
» There are multiple PoE standards in place, the most common
are:
• PoE (802.3af): can provide 15.40 W of current.
• PoE+ (802.3at): can provide 30.0 W of current.

Port mirroring may be enabled
on a switch port. This allows
the configured port to receive
all network traffic going to and
from a specific port.
By using port mirroring, an administrator can
examine and analyze the traffic going into and
coming from a specific host or port. Port mirroring is
most often used in conjunction with a packet
analyzer (e.g., a network sniffer or packet sniffer).
Port mirroring can create a significant amount of
network overhead, so it should be used sparingly on
an active network.

Planning for a managed switch environment can save on time and
frustration. Some installation considerations include: the creation of VLANs;
in-band and out-of-band switch management, including establishing a
default gateway address; user settings; and AAA settings, if required.
Topic
Installation considerations.
Summary
An administrator also needs to consider the settings for each individual port
on a switch. Some of these considerations are: the speed and duplex used
on the port, the VLAN assignment for the port, which ports will handle
802.1q trunking, if bandwidth could be increased by using LACP, and how
many PoE or PoE+ ports are available to be used to power devices.
Configuring the switch port.

This workforce solution was 100 percent funded by a $3 million grant awarded by the
U.S. Department of Labor's Employment and Training Administration. The solution was
created by the grantee and does not necessarily reflect the official position of the U.S.
Department of Labor. The Department of Labor makes no guarantees, warranties, or
assurances of any kind, express or implied, with respect to such information, including
any information on linked sites and including, but not limited to, accuracy of the
information or its completeness, timeliness, usefulness, adequacy, continued availability
or ownership. Funded by the Department of Labor, Employment and Training
Administration, Grant #TC-23745-12-60-A-53.
PACE-IT is an equal opportunity employer/program and auxiliary aids and services are
available upon request to individuals with disabilities. For those that are hearing
impaired, a video phone is available at the Services for Students with Disabilities (SSD)
office in Mountlake Terrace Hall 159. Check www.edcc.edu/ssd for office hours. Call
425.354.3113 on a video phone for more information about the PACE-IT program. For
any additional special accommodations needed, call the SSD office at 425.640.1814.
Edmonds Community College does not discriminate on the basis of race; color; religion;
national origin; sex; disability; sexual orientation; age; citizenship, marital, or veteran
status; or genetic information in its programs and activities.

PACE-IT: Configuring Switches (part 2)

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (18)

Similar to PACE-IT: Configuring Switches (part 2)

Similar to PACE-IT: Configuring Switches (part 2) (20)

More from Pace IT at Edmonds Community College

More from Pace IT at Edmonds Community College (20)

Recently uploaded

Recently uploaded (20)

PACE-IT: Configuring Switches (part 2)