Simplified Cisco Switch Configuration for Network Administrators
Configuration of a Cisco managed Switch.
Switch Model: Cisco Catalyst 2960.
Overview
A switch operates at the Data Link layer (Layer 2) of the ISO/OSI model and serves the purpose of connecting multiple hosts using Ethernet technology, effectively creating a Local Area Network (LAN). It consists of an internal processor and several Ethernet ports, enabling it to both receive and forward packets across all its ports.
The proper routing is achieved through the use of an ARP (Address Resolution Protocol) table. When a packet enters through one of the ports, the switch analyzes its MAC address and forwards the packet to all the output ports to identify the port to which the machine with that MAC address is connected. Once the correct port is identified, the switch updates its ARP table to ensure that all packets with the same MAC address are forwarded to the same port. This mechanism allows the switch to maintain maximum transfer speed across all its ports.
Switches can be categorized into two types: non-configurable and configurable. A configurable switch distinguishes itself by offering the ability to create VLANs (Virtual Local Area Networks), which enable the creation of separate LANs on different subsets of ports defined by the administrator. These VLANs cannot communicate with each other. VLANs can also be extended across multiple switches, thereby expanding their size.
The process of creating distinct VLANs is achieved using the VLAN TAG of an Ethernet packet. If a packet belongs to a specific VLAN, the VLAN TAG is set to the ID value of that VLAN. This means that the packet can only be forwarded to machines belonging to that VLAN, and no other VLAN can interact with it.
Creating different VLANs also reduces collision domains, decreasing the likelihood of packet collisions within the switch.
To connect two VLANs that belong to separate switches, a TRUNK port is used. This is a port within the switch specifically designated to transmit data from one switch to another. For a TRUNK port, one or more VLANs must be associated with it, especially if the switch is configured to use VLANs. This ensures that the packets traveling to or from that port have the correct VLAN TAGs.
Section 1: Configuration
The configuration of a switch should be done by connecting the switch's console port to a USB serial port on your machine and using the minicom program:
- Install minicom with the following command:
sudo apt install minicom
- After installing minicom, launch the configuration tool with the following command:
sudo apt install minicom
- Then, update the minicom configuration as follows:
A - Serial Device | /dev/ttyUSB0 |
B - Lockfile Location | /var/lock |
C - Callin Program | |
D - Callout Program | |
E - Bps/Par/Bits | 9600 8N1 |
F - Hardware Flow Control | Yes |
G - Software Flow Control | No |
H - RS485 Enable | No |
I - RS485 Rts On Send | No |
J - RS485 Rts After Send | No |
K - RS485 Rx During Tx | No |
L - RS485 Terminate Bus | No |
M - RS485 Delay Rts Before | 0 |
N - RS485 Delay Rts After | 0 |
Change which setting? |
Once these preliminary steps have been completed, you can proceed with the actual configuration of the switch by launching minicom from the terminal.
A Cisco switch typically has two configuration files, namely startup_config and running_config. The running_config file is stored in RAM, and all configuration changes take place within this file. To ensure that changes persist after a machine reboot, the running_config file must overwrite the startup_config file before the reboot. The command to save changes is as follows:
copy running-config startup-config
The specific configuration of the Cisco Catalyst 2960 switch includes:
- Assigning a name to the switch (e.g., SWITCH9).
- Configuring the system date to the current date.
- Setting a password for the EXEC mode.
- Configuring the Telnet password.
- Configuring two or more VLANs (including VLAN9).
- Assigning an IP address to VLAN9.
The EXEC mode is similar to the root user in Unix and enables the execution of commands with elevated privileges. To make changes within the switch, you must be in EXEC mode. You can enter this mode by executing the following command:
enable
Similarly, the command:
configure terminal
is used to enter the configuration mode.
To change the machine's name, follow these steps:
SWITCH9# configure terminal
SWITCH9(config)# hostname SWITCH9
SWITCH9(config)# end
To modify the system date:
SWITCH9# clock set 12:00:00 7 May 2021
To change the enable password:
SWITCH9# configure terminal
SWITCH9(config)# enable secret cisco
SWITCH9(config)# end
To update the Telnet password:
SWITCH9# configure terminal
SWITCH9(config)# line vty 0 4
SWITCH9(config-line)# login
SWITCH9(config-line)# password cisco
SWITCH9(config-line)# login
SWITCH9(config-line)# end
To configure a VLAN, you must first create a unique record with a name and an ID (this ID will become the VLAN TAG of Ethernet packets). This record should be associated with a set of ports:
SWITCH9# configure terminal
SWITCH9(config)# vlan 9
SWITCH9(config)# name VLAN9
SWITCH9(config)# end
To assign a set of ports to this VLAN:
SWITCH9# configure terminal
SWITCH9(config)# interface range gigabitethernet 1/0/1-4
SWITCH9(config)# switchport mode access
SWITCH9(config)# switchport access vlan 9
SWITCH9(config)# end
To assign an IPv4 address to the VLAN interface:
SWITCH9# configure terminal
SWITCH9(config)# interface vlan 9
SWITCH9(config)# ip address 192.168.9.10 255.255.255.0
SWITCH9(config)# end
Finally, to enable a port as a TRUNK and assign it to VLAN with ID 9:
SWITCH9# configure terminal
SWITCH9(config)# interface gigabitethernet 1/0/24
SWITCH9(config)# switchport mode trunk
SWITCH9(config)# switchport trunk allowed vlan add 9
SWITCH9(config)# end
With this configuration, you can use ports 1 to 4 exclusively within VLAN with ID 9 and connect multiple switches via port 24. You can also connect to the address 192.168.9.10 using Telnet.
Section 2: Conclusion
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.