Vswitch Principle and Application

I. Basic Ethernet
1. Ethernet standards:
Ethernet means Ethernet. In the past, it used to use the 10-Gigabit standard. Now it is a 10-Gigabit Ethernet to the desktop, and Gigabit Ethernet is used as the trunk line.
Common standards include:
10 base-2 fine-line Ethernet
10base-5 crude ethernet cable
10base-t star Ethernet
100base-t Fast Ethernet
1000base-t Gigabit Ethernet

2. Wiring standards
Star Ethernet is connected by twisted pair wires. The twisted pair wires are 8-core and divided into four groups. The two cores are twisted together. Therefore, the twisted pair wires are called twisted pair wires.
8-core twisted pair wires only use four cores: 1, 2, 3, and 6.

There are two common connection methods:
568b Wiring Specification: White orange white green blue white blue green white Brown
1 2 3 4 5 6 7 8
568a Wiring Specification: white, green, white, orange, blue, white, blue, orange, white, brown
1 2 3 4 5 6 7 8

Adjust the 1 and 3 pairs of 568b, and the 2 and 6 pairs to get 568a.

3. Wiring Method
The two sides adopt the same wiring method called flat connection, and the two sides adopt different wiring methods called twist connection.
Different devices are connected using a flat connection. The same device is connected using a twisted connection.
The computer, router, and hub and switch are connected using a flat line.
This is because there are four lines in the network cable, one is input and the other is output. The input should correspond to the output.
If you connect 1 and 3, and 2 and 4, the output is sent to your input.
In this way, the NIC can enter the working status, and the interface is disabled, which affects the running of some programs.

Ii. Principle and Application of vswitches
1. Conflict domain and broadcast domain
The switch is developed based on the principle of the Bridge. To learn about the switch, first understand two concepts:
(1) Conflict domain:
A conflicting domain is a region where data is inevitably sent.
A hub is a non-intelligent signal drive and must be delivered. The entire network composed of a hub is a conflict domain.
The network under an interface of a vswitch is a conflict domain, so the vswitch can isolate the conflict domain.

(2) broadcast domain:
The region that can be sent to broadcast data is a broadcast domain.
Vswitches and hubs are transparent to broadcast frames. Therefore, a network composed of vswitches and hubs is a broadcast domain.
The network under an interface of a router is a broadcast domain. Therefore, vrouters can isolate broadcast domains.

2. Switch Principle
(1) port address table
The port address table records the MAC addresses of hosts under the port. The port address table is automatically created after the switch is powered on,
Stored in Ram and maintained automatically.
The principle of a vswitch isolating a broadcast domain is determined by its port address table and forwarding decision.
(2) forwarding decision-making
There are three forwarding decisions for a vswitch: discard, forward, and spread.
Discard: This port is discarded when the host on this port accesses the host on this port.
Forward: when a host under a port accesses a host under a known port, it is forwarded.
Spread: when a host under a port accesses a host under an unknown port, it must spread.
Each operation records the MAC address of the package to be sent for access from other hosts.
(3) storage period:
The generation period is the lifetime of the table items in the port address list. Each table item is sent each time after it is created and starts to record
Data must be refreshed. For hosts that do not send data for a long time, the table items of their MAC addresses are deleted when they are generated.
Therefore, the MAC address of the most active host is recorded at the Port location.

3. The ring in the switching network

Ethernet is a bus or star structure and cannot constitute a loop. Otherwise, two serious consequences will occur:
(1) A broadcast storm occurs, resulting in network congestion.
(2) The cloned frame will appear at each port, causing confusion in address learning (recording the source address of the frame.

Solution to loop problems:
(1) artificial loops are avoided during network design.
(2) Use the Spanning Tree STP (Spanning Tree Protocol) function to cut a ring-free network.
STP is standardized as 802.1d by IEEE802.

Spanning Tree Protocol terminology
(1) Bridge Protocol Data Unit: BPDU (Bridge Protocol Data Unit)
A bpdu is a data unit for communications between Spanning Tree Protocol switches. It is used to determine roles.
(2) Bridge No.: bridge ID
The ID of the vswitch, which consists of the priority and MAC address. The priority is 16 bits and the MAC address is 48 bits.
(3) root bridge: root bridge
The root bridge is defined as the switch with the smallest bridge number. All ports of the root bridge are not blocked.
(4) Root port: Root Port
The non-root bridge uses the smallest port in the cumulative path to the root bridge, and is responsible for the interface for communication between the local bridge and the root bridge.
(5) Specify the bridge: Designated Bridge
The cumulative path from the network to the root bridge consumes the minimum switch, which is responsible for sending and receiving data in this segment.
(6) Specify the port: designated port
The cumulative path from the network to the root bridge consumes the smallest switch port. Each port of the root bridge is a specified port.
(7) unspecified port: nondesignated Port
The remaining ports are non-specified ports that do not participate in data forwarding, that is, the Blocked ports.
(The root port is selected from the non-root bridge, and the specified port is selected from the network segment ).

Status of the Spanning Tree Protocol:
When the Spanning Tree Protocol works, all ports must go through a port State Establishment process.
The Spanning Tree Protocol uses the BPDU broadcast to determine the working status and roles of each switch and its ports,
The status of the ports on the vswitch is disabled, blocked, listened, learned, and forwarded.
(1) Disabled: Disabled does not send or receive any messages. It is closed when the interface is empty or manually closed.
(2) blocking status: When the blocking machine is started, the port is blocked (20 seconds), but receives BPDU information.
(3) Listening status: listening does not receive user data (15 seconds), sends and receives BPDU, and determines the role of the bridge and interface.
(4) learning status: learning does not receive user data (15 seconds). It sends and receives BPDU for address learning.
(5) forwarding status: Forwarding starts to send and receive user data, continues to send and receive BPDU and address learning, and maintains STP.

4. About VLAN
A VLAN is a virtual logical network. A vswitch can be divided into multiple logical networks through VLAN settings,
To isolate broadcast domains. A switch with three-tier modules can implement inter-VLAN routing.
(1) Port Mode
The vswitch port has two modes: access and trunk. The access port is used to connect to a computer, while
The connection is trunk.
The default VLAN of the switch port is vlan1, which works in access mode.
The access port does not contain VLAN IDs when sending and receiving data. Ports with the same vlan id are in the same broadcast domain.
The trunk port contains the vlan id when sending and receiving data. The trunk, also known as a trunk line, can be set to allow multiple VLANs to pass through.

(2) VLAN relay protocol:
There are two VLAN relay protocols:
ISL (Inter-switch link): isl is a dedicated VLAN relay protocol for Cisco.
802.1Q (dot1q): 802.1Q is standardized and widely used.

(3) VTP
VTP (VLAN Trunking Protocol) is a VLAN transport protocol.
Send the VLAN information of the central switch to the lower-level switch.
The switch is set to vtp server, and the switch is set to VTP client.
The VTP client must be able to learn the VLAN information of The vtp server. It must be in the same VTP domain and have the same password.

(4) VLAN sharing
If a VLAN is required to access other VLANs, you can configure VLAN sharing or primary VLAN attachment.
A VLAN port in shared mode can be a member of multiple VLANs or belongs to multiple VLANs at the same time.
In the master-attached VLAN structure, the sub-VLAN and the primary VLAN can access each other, and the ports between the sub-VLAN cannot access each other.
Generally, different network addresses are used between VLANs. The primary VLAN and the sub-VLAN in the primary VLAN use the same network address.

5. Password Recovery for vswitches and vrouters:
(1) vswitch password recovery:
The switch password is restored by starting the Super Terminal and holding down the mode key when the switch is powered on.
A few seconds later, go to the romstate, rename or delete the configuration file config.txt in nvram, and restart.
The reference command is:
Switch: Rename FLASH: config. Text FLASH: config. Bak
Switch: erase FLASH: config. Text

(2) vro password recovery:
The vro password recovery operation first starts the Super Terminal. When the vro is powered on, press the CTRL + Break Key of the computer,
Go to the ROM monitoring status rommon>, use the configuration register command confreg to set the parameter value 0x2142, and skip the configuration file
Reset the password to 0x2102.
The reference command is:
Rommon> confreg 0x2142
Machine (config) # config-register 0x2102
If you do not have a privileged password, you cannot enter the privileged status. You can only enter the ROM monitoring status and use the confreg 0x2142 command.
After the password is changed, you can restore it to the configuration file state in privileged mode.

3. Concept of layer-3 Switching
1. A vswitch is a link layer device that uses a MAC address to perform frame operations.
The IP address of the vswitch is used for management. The IP address of the vswitch is actually a valn IP address.
A VLAN is a broadcast domain, and access between hosts in different VLANs is equivalent to access between networks. It must be implemented through routing.
Host access between different VLANs may be:
(1) Two VLANs access two physical interfaces of the router respectively. This is the basic application of vro.
(2) Two VLANs connect to a physical interface of the router through trunk, which is a single-arm route applied to sub-interfaces.
(3) Use a switch with a layer-3 Switch module. Cisco 3550 and Huawei 3526 are basic L3 switches.
1) Implement layer-3 switching by Using vlan ip addresses as gateways, and set vlan ip addresses.
2) set the port to work on Layer 3, require no switchport for the port, and then set the IP address of the port.

2. Switch Channel Technology
The vswitch channel technology binds several ports of a vswitch, that is, port aggregation.
The channel technology improves the bandwidth and the reliability of the line.
However, if improperly configured, a loop may be generated, resulting in a network jam caused by a broadcast storm.
Ports to be aggregated must be divided into the specified VLAN or trunk.
When configuring a layer-3 channel, you must first enter the channel, and then use the no switchport command to close the layer-2 and set the channel IP address.
A channel generally has less than eight interfaces, and the interface parameters should be consistent, such as the working mode, encapsulated protocol, and port type.

3. Port negotiation
There are two methods for port aggregation: manual and automatic negotiation.
The manual mode is simple. Set the mode on both ends of the port member link to "on ". Command Format:
Channel-group <number> mode on

There are two automatic methods:
Pagp (Port aggregation Protocol) and lacp (link aggregation control protocol ).
Pagp: Port aggregation protocol for Cisco devices. It can be set to auto or desirable.
In auto mode, only packets are sent and received during negotiation, while in desirable mode, packets are sent and received through negotiation.
Lacp: Standard Port aggregation protocol 802.3ad, which can be active or passive.
Active is equivalent to auto of pagp, while passive is equivalent to desirable of pagp.

4. Load Balancing between Channel ports
There are two Load Balancing Methods for Channel ports: source MAC-based forwarding and destination MAC-based forwarding.
SCR-Mac: data frames with the same source MAC address are forwarded using the same port.
DST-Mac: data frames with the same destination MAC address are forwarded using the same port.