Switches

Types of Switches

Features of Switches

  • Management Interface
    • Browser
    • CLI
  • Cable Diagnostics
  • QoS (Quality of Service)
  • EEE (Energy Efficient Ethernet)
  • PoE (Power over Ethernet)
    • 802.3af – Power up to 15.4 Watts/port.
    • 802.3at (PoE+) – Power up to 30 Watts/port.
  • SNMP (Simple Network Management Protocol)
  • RMON (Remote Network Monitoring)
  • VLANs
  • 802.1x (Endpoint Authentication)
  • ACLs (Access Control Lists)
    • Flexible Dropping
    • Rate Limiting
    • Mirroring
    • Logging by various factors (L2, L3, TCP/UDP port nums., etc.)
  • 802.1q/TOS/DSCP
  • L2 Switching
  • L3 IP Routing
  • Network Storm Control
  • DoS (Denial of Service) Protection
    • Dynamic ARP Inspection
    • IPv4 DHCP Snopping
    • IPv6 First Hope Security w/RA Guard
    • ND Inspection
    • Neighbor Binding Integrity
  • Control Plane Policing (CoPP)
  • 802.1x
  • VRRP (Virtual Router Redundancy Protocol)
  • Link Aggregation
  • Spanning Tree Root Guard
  • BPDU Guard
  • IGMP and MLD Snopping
  • Querier functions for optimizing IPv4/v6 multicast traffic
  • TCP Congestion Avoidance
  • 4 or 8 Queues to Treat Traffic Differently by Importance
  • Setting / Tagging Traffic by L2 (802.1p) or L3 (DSCP/TOS)
  • Rate Limiting Traffic
  • Device Discovery
  • Troubleshooting
    • VLAN Monitoring
    • Port Monitoring
    • Traceroute
    • Ping
    • Syslog
    • Cable Diagnostics
    • RMON
  • Unicast
  • Multicast
  • Netflow/SFlow
  • MPLS/VRF Support
  • Speed
    • Fast Ethernet (10/100 Mbps)
    • Gigabit Ethernet (10/100/1000 Mbps)
    • Ten Gigabity (10/1000/1000/10000 Mbps)
  • Uplink Ports
  • Downlink Ports – Connect to end users.
  • Uplink Ports – Connect to switches, other network infrastructure.
  • Number of Ports – Typically 5, 8, 10, 16, 24, 28, 48, 52.
  • Type of Ports
    • Copper / RJ-45: 100 meters.
    • Fiber SFP: 40 kilometers.
  • Static Routing
  • Policy Based Routing
  • ANSI/TIA-1057: LLDP-Media Endpoint Discover (MED)
  • IEEE 802.1AB: Link Layer Discovery Protocol (LLDP)
  • IEEE 802.1Q: Virtual LANs with Port-Based VLANs
  • IEEE 802.1p: Ethernet Priority with User Provisioning and Mapping.
  • IEEE 802.3: 10 BASE-T
  • IEEE 802.3u: 100BASE-T
  • IEEE 802.3ab: 1000BASE-T
  • IEEE 802.1ak: Virtual Bridged Local Areea Networks – Amending 07: Multiple Registration Protocol
  • IEEE 802.3ac:  VLAN Tagging
  • IEEE 802.3ad: Link Aggregation
  • IEEE 802.3x: Flow Control
  • IEEE 802.1D-2004: Generic Attribute Registration Protocol: Clause 12 (GARP)
  • IEEE 802.1D-2004: Dynamicd L2 Multiplecast Registration: Clause 10 (GMRP)
  • IEEE 802.1Q-2003: Dynamic VLAN Registration: Clause 11.2 (GVRP)
  • RFC 4541: Considerations for Internet Group Management Protocol (IGMP) Snooping Switches
  • RFC 5171: Unidirectional Link Detection (UDLD) Protocol
  • Broadcast Storm Recovery
  • Broadcast/Multicast/Unknown Unicast Storm Recovery
  • IGMP Snooping Querier
  • Independent VLAN Learning (IVL) Support
  • Jumbo Ethernet Frame Support
  • Port MAC Locking
  • Port Mirroring
  • Protected Ports
  • Static MAC Filtering
  • Voice VLANs
  • Unathenticated VLAN
  • Internal 802.1X Authentication Server
  • DHCP Server
  • Routing
  • MAC Addresses
  • MSTP Instances
  • LAGS
  • ACLs
  • Traffic Classes (Queues)
  • RFC 2021: Remote Network Monitoring Management Information Base V2
  • RFC 2030: Simple Network Time Protocol (SNTP)
  • RFC 2819: Remote Network Monitoring Management Information Base
  • RFC 2865: RADIUS Client
  • RFC 2866: RADIUS Accounting
  • RFC 2868: RADIUS Attributes for Tunnel Protocol Support
  • RFC 2869: RADIUS Extensions
  • RFC 3579: RADIUS Support for EAP
  • RFC 3580: IEEE 802.1X RADIUS Usage Guidelines
  • RFC 3164: BSD Syslog Protocol
  • SNMP v1, v2, v3
  • SSH 1.5, 2.0
  • SSL 3.0, TLS 1.0
  • Secure Copy (SCP)

Spanning Tree Protocol (STP)

Resources

Virtual LAN (VLAN)

Link Aggregation (LAG)

  • Allows multiple connections to be logically organized as a single connection. This also allows for a network connection to continue operating (at reduced speeds) with the failure of one or more of the physical links.
  • Split Multi-Link Trunking (SMLT) – Allows for ports to be aggregated across multiple physical devices.
  • Routed-SMLT (RSMLT) – Allows for ports to be aggregated across multiple physical devices.

Resources

Quality of Service (QoS)

  • Differentiated Services (DiffServ).
  • Class of Service (CoS).

Access Control Lists

  • Time-Based
  • Source/Destination IP
  • TCP/UDP Source/Destination Port
  • IP Protocol Type
  • Type of Service (ToS)
  • Differentiated Services (DSCP)
  • Source/Destination MAC Address
  • EtherType
  • IEEE 802.1p User Priority
  • VLAN ID
  • RFC 1858: Security Considerations for IP Fragment Filtering.

Authentication

  • TACACS+ / RADIUS
  • PPP (Point-to-Point Protocol) – Offers way to authenticate a user.
  • EAP (Extensible Authentication Protocol) – Extends the methods of authentication available via PPP.
  • IEEE 802.1X – For passing EAP without the use of PPP.
    • Supplicant – Client requesting authentication.
    • Authentication Server – Performs authentication.
    • Authenticator – The device to which the request has been made (e.g., a WAP or switch).

Resources

  • Joel Snyder. What is 802.1X? Network World, 2010. – Solid overview, explains 802.1X as well as PPP and EAP.

Network Switch Companies

Bibliography / Further Reading

  1. [1]Also known as lightly managed switches

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: