Switch

OS
& H/W
platforms
& Basic
Configuration

40 AHMED NABIL
 Switch Operating Systems
1) Catalyst OS (Cat OS or XDI)
• This user interface allow sessions and monitoring commands to
be intermingled with set-based configuration commands (using
set and clear command), that OS was inherited from
―Crescendo-communications‖ the old company that used to
manufacture Cisco switches.
• This operating system supported only for L2 switching on
2948G, catalyst 4000 supervisor I & II, catalyst 5000 and
6000/6500 any supervisor
• These switches now support Cisco IOS (native IOS)
2) Cisco IOS:
• This user interface is identical to Cisco routers, where a
hierarchical configuration modes are used
• This operating system can support both L2 & L3 switching for
all switches (Cisco catalyst 2950,2960, 2960x, 3560,
3650,3750,3850, 4500 supIII & IV and 6000/6500/6800 any
supervisor)
• Used with any Multi-Layer port (port that acts like a router port
(Layer 3) or like a switched port (Layer 2))
3) Nexus OS (NX-OS):
On the new line of products for Cisco data center switches
called Nexus switches

Note: Juniper uses JUNOS as an OS for all its switches

Cisco Catalyst 2950, 2960,

MSFC
3550 & 3560 (Multi-layer Switch
Fabric Card)

41 AHMED NABIL
 Introducing Switch platform
• Switch S/W platform:
-IOS: stored in flash memory
IOS image file name format ―mmmmm-fffff-mm.VVV.bin‖
m=Catalyst model (i.e. c3550, cat4000, c6sup2)
f=features set (i.e. i=ip features, s=ip plus, k=cryptographic, j=enterprise set,
p=service provider set)
m=file format (i.e. m=image runs in RAM, z=image is compressed)
V=version (i.e 121=version 12.1)
bin=binary format (executable non readable format) Hybrid IOS

CatOS image name cat6000-sup.x-xx.bin

MSFC boot image c6msfc-boot-mz.xxx-x.xx
So IOS file can be named: MSFC image cfmsfc-ds-mz.xxx-x.xx
MSFC2 image c6msfc2-jsv-mz.xxx-x.xx
C3560-jk-mz.121.bin

Cisco IOS (Native Mode)

Cisco IOS (Native Mode) image name C6sup

But due to features is too many, Cisco have made the IOS features
Characters in IOS more specific by using words like: Layer2 base, IP Base,
Advanced IP services, Enterprise services.
So new IOS file is now named: C3560-IPBase-mz.121.bin
42 AHMED NABIL
 Here is a simplified chart for how to discover features of some IOS
S/W platform map

Switch IOS

43 Router IOS AHMED NABIL

 Switch H/W Platform
To read properly the switch hardware capabilities you should learn
the below H/W platform map.

44 AHMED NABIL
 1)Identify a switch

• L2 switch: default name is switch

Switch(config)#hostname <name>
• L3 switch: default name is router
router(config)#hostname <name>
• any command in (config) mode is saved to RAM and to move it
to NVRAM use
#copy run start

2)Passwords and user access

• Console:
(config)#line console 0
(config-line)#password <password>
(config-line)#login
• Telnet:
(config)#line vty 0 15
(config-line)#password <password>
(config-line)#login
• Enable mode:
(config)#enable password <password>
(config)#enable secret <password>
• To encrypt passwords when displayed:
(config)#service password-encryption

45 AHMED NABIL
 3)Password recovery
• For any model check manual or check google

4)Remote Access
• Access to switch remotely (ping, telnet, SNMP) require giving switch an
IP, mask & default gateway
(config)#ip default-gateway <gateway ip>
(config)#interface vlan <vlan id>
(config-if)#ip address <ip> <mask>
(config-if)#no shutdown
• the configured VLAN is called management VLAN and it could be any
VLAN, but switch can only have one management VLAN
5) CDP (Cisco Discovery Protocol)
& LLDP (Link Layer Discovery Protocol)
• CDP run by default on Cisco switches & send message every 60
sec on multicast MAC 0100.000c.cccc, Cisco Switches regard
CDP as special address that should no be flooded (received only
by neighbors), LLDP is same to CDP but standard.
• To disable CDP
(config)#[no] cdp run
(config-if)#[no] cdp enable

Sh cdp Neighbor detail

46 AHMED NABIL
Link Layer Discovery Protocol
The Link Layer Discovery Protocol (LLDP) is similar to CDP, but is based on the
IEEE 802.1ab standard. As a result, LLDP works in multivendor networks. It is
also extensible because information is advertised by grouping attributes into
Type-Length-Value (TLV) structures.
LLDP also supports additional TLVs (messages) that are unique to audio-visual
devices such as VoIP phones. The LLDP Media Endpoint Device (LLDP-MED)
TLVs carry useful device information like a network policy with VLAN numbers
and quality of service information needed for voice traffic, power management,
inventory management, and physical location data. LLDP supports the LLDP-
MED TLVs by default, but it cannot send both basic and MED TLVs
simultaneously on a switch port. Instead, LLDP sends only the basic TLVs to
connected devices. If a switch receives LLDP-MED TLVs from a device, it will
begin sending LLDP-MED TLVs back to the device.
By default, LLDP is globally disabled on a Catalyst switch. To see if it is
currently running or not, use the show lldp command. You can enable or
disable LLDP with the lldp run and no lldp run configuration commands,
respectively.

(config)#lldp run
On interface:
(config-if)#[no] lldp {transmit|receive}

AHMED NABIL
Use the following command to display information about LLDP
advertisements that have been received by a switch.
Switch# show lldp neighbors [type member/module/number] [detail]
Use the show lldp neighbors command to see a summary of neighbors
that have been discovered.

AHMED NABIL
 6) Switch file management
-Configuration files:
a)startup-config:(called also config.text) stored in
NVRAM/flash (part in Flash Simulated Non volatile RAM)

b)vlan.dat:stored in flash

c)running-config:Stored in RAM

• -other files:
System-env-vars:
a text file containing system variables such as the MAC address, model
number, serial number & various module information
it is stored in ROM/copy in Flash, & displayed by:
#sh version

49 AHMED NABIL
 Cisco IOS File System and Devices

To check directories in flash:

#dir flash:[directory]
#show flash

To delete all flash files:

#erase flash

To delete a certain file in flash:

#delete flash:<file name>

To delete vla.dat:
#delete flash:vlan.dat
#delete vlan.dat

To erase Start-up configuration:

#erase startup-config
#erase nvram
#delete flash:config.text
#delete config.text

#copy <run/start/tftp/flash> <run/start/tftp/flash>

50 AHMED NABIL
 Managing Cisco IOS Images

Switch#show flash

Directory of flash:/

2 -rwx 401 Jan 01 1970 00:01:06 env_vars

3 -rwx 2664051 Mar 02 1993 21:58:25 c2950-i6q4l2-mz.121-11.EA1.bin
4 -rwx 108 Mar 01 1993 00:01:20 info
6 drwx 640 Mar 01 1993 00:03:16 html
19 -rwx 108 Mar 01 1993 00:03:16 info.ver
20 -rwx 1636 Mar 01 1993 11:20:55 vlan.dat
23 -rwx 2193 Mar 01 1993 00:09:57 config.text

7741440 bytes total (1101312 bytes free)

– Verify that flash memory has room for the Cisco IOS image.

51 AHMED NABIL
 7)Troubleshooting

show debug

Processing Static
Dynamic
characteristics

Low overhead
Processing load High overhead

Gather facts
Primary use Observe processes

Considerations When Using debug Commands

– May generate output in a variety of formats that may not identify the problem
– Require high overhead, possibly disrupting network device operation
– Useful for obtaining information about network traffic and router status

#sh version
#sh run
#sh start
#sh cdp neighbors
#sh cdp interfaces
#sh tech-support ........ Displays many shows in same command
#debug <command>
To cancel debug action:
#no debug <command/all>
#undebug all

52 AHMED NABIL
 LAN switching technologies
(Ethernet Concepts)
• Ethernet is chosen as the most popular LAN technology than
(FDDI, CDDI, Token Ring, ATM), due to its low cost, ease of
installation, market availability & scalability to higher
bandwidths
• Ethernet follows the IEEE 802.3 standards and it is offered in
many flavours
1) Ethernet (10Mbps): IEEE 802.3
10Base-2, 10Base-5, 10Base-T, 10Base-F
2) Long Reach Ethernet (LRE): Cisco proprietary
-in case where buildings do not have cat5 UTP wiring or higher,
10Mbps Ethernet might not be possible
-Cisco has implemented a different form of Ethernet that can be
transported long distances over cat1, 2 or 3, this is LRE
-it is available only on catalyst 2900 LREXL switch series
-LRE can provide
5Mbps full duplex up to 5000 feet distance
10Mbps full duplex up to 4000 feet distanc
15Mbps full duplex up to 3000 feet distance

53 AHMED NABIL
 3) Fast Ethernet (100Mbps): IEEE802.3u
-100Base-TX, 100Base-FX (SMF 10km & MMF 2km)
-Auto negotiation for duplex and speed can take place between Ethernet
devices, the two devices will settle on highest speed and duplex both
can offer
4) FEC (Fast Ether Channels): Cisco proprietary
bundles multiple Fast Ethernet links to provide speeds from 400Mbps to
1600Mbps

• Built on Ethernet principles

• Runs at 100 Mbps
• Uses same frame types, lengths, and
formats
• Still CSMA/CD
• Same MAC layer, new physical layer

54 AHMED NABIL
 5) Gigabit Ethernet (1000Mbps): IEEE 802.3ab (gigabit over copper)& IEEE
802.3z (gigabit over fiber)
1000Base-T, 1000Base-SX (MMF 275m), 1000Base-LX/LH (MMF 550m,
SMF 10km), 1000Base-ZX (SMF 100km)
MMF:62.5/125 or 50/125
SMF:9/125 or 8/125

6) GEC (Giga Ether Channel): Cisco proprietary

bundles multiple Gigabit Ethernet links to support speeds from 4Gbps to
16Gbps

• Enhances client/server performance across the enterprise

• Connects directly to Gbps interfaces on LAN switches that
aggregate traffic from 10- or 100-Mbps segments
• Connects distribution-layer switches in each building with a
central campus core

55 AHMED NABIL
7) 10Gigabit Ethernet (10Gbps): IEEE802.3ae
Using Fiber and using copper for a 100m distances on cat 6E / cat 7 cables,
10GbE can work as both LAN & WAN technologies, so it introduced a PMD
(Physical Media Dependent) fiber optic interfaces, they classified into:
-LAN PHY: Interconnects switches in a campus networks
-WAN PHY: Interfaces with existing SONET or SDH found in MANs
10GBase-SR/SW, 10GBase-LR/LW(10km), 10GBase-ER/EW(70km), 10GBase-
Lx4/Lw4 (WDM)

*Transceiver types are denoted by a two-letter suffix. The first letter specifies the
wavelength used: S = short, L = long, E = extra-long wavelength. The second letter specifies
the PHY type: R = LAN PHY, W = WAN PHY. In the case of LX4 and LW4, L refers to a
long wavelength, X and W refer to the coding used, and 4 refers to the number of
wavelengths transmitted. WWDM is wide-wavelength division multiplexing.

56 AHMED NABIL
 8) Quad Ten Giga Ethernet:
-new technology supporting speed reaching 40 Gbps

9)Hundred Giga Ethernet:

-newest technology supporting 100 Gbps speeds

10) Metro Ethernet: MAN technology

-used to connect enterprise sites that are distributed in several
geographic locations, so high speed connections is desired
-service providers can offer this transport method
-R=LAN, W=WAN, S=Short, L=Long

Gigabit Ethernet ports

• Gigabit Ethernet connection take a flexibility media port for
both copper & fiber using the SFP (Small Form-factor
Pluggable) for 1 Gbps, SFP+ for 10 Gbps & QSPF (Quad SPF)
for 40 Gbps or older GBIC (Giga Bit Interface Card) with RJ-45
(for copper cables), SC or ST or MTRJ (for fiber cables) & Giga
Stack GBIC (used to stack catalyst switches)

SFP
57

AHMED NABIL
 Gigabit Ethernet Port Cables and Connectors
Gigabit Ethernet connections take a different approach by providing modular
connectivity options. Catalyst switches with Gigabit Ethernet ports have
standardized rectangular openings that can accept gigabit interface converter
(GBIC) or small form factor pluggable (SFP) modules. The GBIC and SFP
modules provide the media personality for the port so that various cable media
can connect. In this way, the switch chassis is completely modular
and requires no major change to accept a new media type. Instead, the
appropriate module is hot-swappable and is plugged into the switch to support
the new media. GBIC modules can use SC fiber-optic and RJ-45 UTP connectors.
SFP modules can use LC and MT-RJ fiber-optic and RJ-45 UTP connectors.
GBIC and SFP modules are available for the following Gigabit Ethernet media:
■ 1000BASE-SX—Short-wavelength connectivity using SC fiber connectors
and MMF for distances up to 550 m (1804 feet).
■ 1000BASE-LX/LH—Long-wavelength/long-haul connectivity using SC
fiber connectors and either MMF or single-mode fiber (SMF); MMF can be
used for distances up to 550 m (1804 feet), and SMF can be used for distances up
to 10 km (32,810 feet). MMF requires a special mode-conditioning cable for
fiber distances less than 100 m (328 feet) or greater than 300 m (984 feet). This
keeps the GBIC from overdriving the far-end receiver on a short cable and
lessens the effect of differential mode delay on a long cable.
■ 1000BASE-ZX—Extended-distance connectivity using SC fiber connectors
and SMF; works for distances up to 70 km, and even to 100 km when used with
premium grade SMF.
■ GigaStack—Uses a proprietary connector with a high-data-rate copper
cable with enhanced signal integrity and electromagnetic interference (EMI)
performance; provides a GBIC-to-GBIC connection between stacking Catalyst
switches or between any two Gigabit switch ports over a short distance. The
connection is full duplex if only one of the two stacking connectors is used; if
both connectors are used, they each become half duplex over a shared bus.
■ 1000BASE-T—Sports an RJ-45 connector for four-pair UTP cabling;
works for distances up to 100 m (328 feet).
Caution: The fiber-based modules always have the receive fiber on the left
connector and the transmit fiber on the right connector, as you face the connectors.
These modules could produce invisible laser radiation from the transmit connector.
Therefore, always keep unused connectors covered with the rubber plugs, and don’t
ever look directly into the connectors. AHMED NABIL
 Connecting devices
• Cross over cable is used to connect two switches
• Straight cable is used to connect switch to host
• MDI / MDIX (Media Dependent Interface / Media Dependent Interface
cross) feature that enable connecting a straight cable between two switches
or hubs

Switch Port Configuration

• CatOS..refer to switch ports as..ports

• IOS..refer to switch ports as..interfaces
1)Selecting ports to configure:
(config)#interface {ethernet<mod/no.>/ fastethernet<mod/no.>/gigabit
ethernet<mod/no.>}
ex: (config)#interface fa0/1
-for non-modular switches as 2960 & 3560 they have module
no.(mod)=0

To select multiple ports:

(config)#interface range <type> <mod/no.> [,<type> <mod/no.>,...]
ex: (config)#interface range fa0/1,fa0/5,fa0/12
or
(config)#interface range <type> <mod/first no. - last no.>
ex: (config)#interface range fa0/1 - 12
or
(config)#define interface-range <macro name> {<type> <mod/no.>
[,<type> <mod/no.>,...]/ <type> <mod/first no. - last no.>}
(config)#interface range macro <macro name>

59 AHMED NABIL
 2)Charectrizing an interface
(config-if)#description <description string>
(config-if)#speed {10/100/1000/auto}
(config-if)#duplex {half/full/auto}
(config-if)#[no] mdix auto
• Configuring port as L2:default on catalyst 2960, 3560/3650, 4500
(config-if)#switchport
• Configuring port as L3:default on catalyst 6500
(config-if)#no switchport
(config-if)#ip address <ip> <mask>

3) Managing error condition on a switch port

• feature that enable a port that suffer from certain errors to automatically
go to "errdisable state" as if it is shutdown until it is reactivated
manually or after predetermine time elapsed
(config)#errdisable detect cause [all/<cause name>]
causes:(bpduguard/dtp-flap/link-flap/pagp-flap/rootguard/udld)
• Static recovery
(config-if)#shutdown
then
(config-if)#no shutdown
• dynamic recovery:
(config)#errdisable recovery cause [all/<cause name>]
-default timer =300 sec
(config)#errdisable recovery interval <sec>

60 AHMED NABIL
 Troubleshooting

#sh interface [<type><mod/no.>]

fastethernet 0/1 is up, line protocol is up
BW 100000kbit
keepalive not set, encapsulation ARPA
auto-duplex (half), auto-speed (100)
queuing strategy: fifo
#input errors, #crc, #runts, #giants
#collisions
#lost carrier

Switch#show interfaces fastethernet0/3

FastEthernet0/3 is up, line protocol is down

Hardware is Fast Ethernet, address is 0000.0000.0003 (bia 0000.0000.0003)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Half-duplex, 10Mb/s
input flow-control is off, output flow-control is off
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Queueing strategy: fifo
Output queue 0/40, 0 drops; input queue 0/75, 0 drops
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out

•To check modules (switch slots) status for modular switch

#sh modules
61 AHMED NABIL
 #sh interface
-interface is administratively down line protocol down ......
interface is missing "no shutdown" command
-interface is down line protocol down ......
interface has a fatal error
-interface is up line protocol down ......
cable is cut, cable is not properly pin connected

-interface is up line protocol up ......

interface is operating properly till L2

• Speed or duplex mismatch could cause slow response, large no.

of runt errors, input errors & late collision errors

Problem: Cannot Autonegotiate Port Speed/Duplex

– Make sure autonegotiation is configured on both ends of the link.
– If autonegotiation fails when you connect a client NIC to the switch, check
the NIC and drivers to make sure that autonegotiation is supported.
– If autonegotiation is supported and properly configured, turn off
autonegotiation and set the speed and duplex manually.

Tip
Beware of a duplex mismatch when both ends of a link are not set for
autonegotiation. During a mismatch, one end uses full duplex while the other
end uses half duplex. The result is that the half-duplex station will detect a
collision when both ends transmit; it will back off appropriately.
The full-duplex station, however, will assume that it has the right to transmit at
any time. It will not stop and wait for any reason. This can cause errors on the
link and poor response times between the stations.

62 AHMED NABIL