Notes about switching: basics, memory types, etc
- RAM: Sometimes called DRAM, is used for working storage. The running (active) configuration file is stored here. RAM loses its contents when the switch loses power or is reloaded.
- Flash memory: Either a chip inside the switch or a removable memory card, flash memory stores fully functional Cisco IOS images and is the default location where the switch gets its Cisco IOS at boot time. Flash memory also can be used to store any other files, including backup copies of configuration files.
- ROM: Read-only memory that stores a bootstrap (or boothelper) program that is loaded when the switch first powers on. This bootstrap program then finds the full Cisco IOS image and manages the process of loading Cisco IOS into RAM, at which point IOS takes over operation of the switch.
- NVRAM: Stores the initial or startup-config file that is used when the switch is first powered on and when the switch is reloaded.
LAN switches receive Ethernet frames and then make a switching decision: either forward the frame out some other ports or ignore the frame. To accomplish this primary mission, switches perform three actions:
- Deciding when to forward a frame or when to filter (not forward) a frame, based on the destination MAC (fwd. vs filter).
- Learn MAC addresses by examining the source MAC address of each frame received by the switch.
- Forward only one copy of the frame to the destination by creating a L2 loop-free environment with other switches with STP.
The first action is the switch’s primary job, whereas the other two items are overhead functions.
When using a AAA server for authentication, the switch (or router) simply sends a message to the AAA server asking whether the username and password are allowed, and the AAA server replies. The connection between the user and the switch or router uses Telnet or SSH. The switch and AAA server typically use either the RADIUS or TACACS+ protocol, both of which encrypt the passwords as they traverse the network.
IOS uses the hostname and the domain name to create the SSH encryption keys. The Cisco device SSH server uses the FQDN as input to create that key.
Switches default to accept both Telnet and SSH vty lines. Routers often default to none.
Regarding SVI configuration: Do not use a VLAN interface for which there are no physical ports assigned to the same VLAN. If you do, the VLAN interface will not reach an up/up state, and the switch will not have the physical ability to communicate outside the switch.
IEEE autonegotiation defines some rules (default) that nodes should use as defaults when autonegotiation fails—that is, when a node tries to use autonegotiation but hears nothing from the device:
- Speed: Use your slowest supported speed (often 10 Mbps).
- Duplex: If your speed = 10 or 100, use half duplex; otherwise, use full duplex.
Cisco switches can make a better choice than that base IEEE speed default because Cisco switches can actually sense the speed used by other nodes, even without IEEE autonegotiation:
- Speed: Sense the speed (without using autonegotiation), but if that fails, use the IEEE default.
- Duplex: If your speed = 10 or 100, use half duplex; otherwise, use full duplex
LAN hubs do not react to autonegotiation messages, and they do not forward the messages. As a result, devices connected to a hub must use the IEEE rules for choosing default settings, which often results in the devices using 10 Mbps and half duplex.
Interface status codes and reasons for nonworking states
- Line status: Generally refers to whether L1 is working.
- Protocol status: Generally refers to whether L2 is working.
Some of the root causes of cabling problems include:
- Equipment that uses electricity, even non-IT, can interfere.
- Damaged cable.
- Someone bending a fiber-optic cable too much preventing it from transmitting any bits (macrobending).
Common L1 problems on working interfaces
Whenever the physical transmission has problems, the receiving device might receive a frame whose bits have changed values. These frames do not pass the error detection logic as implemented in the FCS field in the Ethernet trailer. The receiving device discards the frame and counts it as some kind of input error. Cisco switches list this error as a CRC error.
- Runts: Frames less than 64 bytes (including dst. and src. MAC, type and FCS). Can be caused by collisions.
- Giants: Frames bigger than 1518 (including the same as above).
- Input errors: A total of many counters, including runts, giants, no buffer, CRC, frame, overrun, and ignored counts.
- CRC: Received frames that did not pass the FCS math. Can be caused by collisions.
- Frame: Received frames that have an illegal format, for example, ending with a partial byte. Can be caused by collisions.
- Output errors: Frames that the switch port tried to transmit, but for which some problem occurred.
- Collisions: Counter of all collisions that occur when the interface is transmitting a frame.
- Late collisions: Happen after the 64th byte of the frame has been transmitted. Points to a duplex mismatch.
Note that many of these counters occur as part of the CSMA/CD process used when half duplex is enabled. Collisions occur as a normal part of the half-duplex logic imposed by CSMA/CD, so a switch interface with an increasing collisions counter might not even have a problem. However, one problem, called late collisions, points to the classic duplex mismatch problem.
If a LAN design follows cabling guidelines, all collisions should occur by the end of the 64th byte of any frame. Why? The half-duplex interface sends a frame, but the full-duplex neighbor sends at any time, even after the 64th byte of the frame sent by the half-duplex switch. When a switch has already sent 64 bytes of a frame, and the switch receives a frame on that same interface, the switch senses a collision. In this case, the collision is a late collision, and the switch increments the late collision counter in addition to the usual CSMA/CD actions to send a jam signal, wait a random time, and try again.