Cisco Switch Catalyst 3550-24 three-layer exchange with VLAN routing
Cool dragon
Catalyst 3550-24 Introduction
Cisco Catalyst 3550-24 switches include two versions of SMI (Standard Edition) and EMI (Enhanced Edition) (see Figure 1). Cisco Catalyst 3550-24 is a stacked, multi-layer enterprise switch that provides high levels of availability, scalability, security, and control capabilities. Because there are a variety of fast Ethernet and Gigabit Ethernet configurations, Catalyst 3550-24 can serve both as a powerful access layer switch for a wiring chamber for medium-sized enterprises; it can also be used as a backbone network switch for medium network . Intelligent services can be deployed in the network, such as service quality (QoS), speed limits, access control list, multicast management, and IP routing make traditional VLAN exchange become simple. Catalyst 3550-24 enters the Cisco Cluster Management Suite (CMS) software in Cisco Cluster, which allows users to simultaneously configure and diagnose multiple Catalyst desktop switches and troubleshoot them using a web browser. Cisco CMS software provides a simple configuration wizard that greatly simplifies the deployment of network management services.
Catalyst 3550-24 SMI quote: 16000 yuan Beijing Siyuan Technology Network Technology Co., Ltd. (010) 82675644 http://www.it168.com/cdealer/files/cdealer_info.asp?cdealeler_code=10783&ctype_code=0412&cbrand_code=0051
Catalyst 3550-24 EMI quotation: 22055 yuan Beijing Siyuan Technology Network Technology Co., Ltd. (010) 82675644 http://www.it168.com/cdealer/files/cdealer_info.asp?cdealeler_code=10783&ctype_code=0412&cbrand_code=0051&ipage=2
Catalyst 3550-24 switches have 24 10/100 ports and two Gigabit Ethernet interface slots based on Gigabit Interface Converter (GBIC), which can support multiple GBIC transceivers. Dual GBIC Gigabit Ethernet interface implementation can provide customers with high degree of deployment flexibility to allow customers to deploy Gigabit stacks and uplink configurations.
Catalyst 3550-24 contains standard multi-layer software mirroring (SMI) or enhanced multi-layer software mirroring (EMI), and the order number is: WS-C3550-24-SMI and WS-C3550-24-EMI. EMI provides a larger enterprise-class feature, including hardware-based IP unicast and multicast routing, virtual LAN (VLAN) routing, routing control lists, and hot spare router protocols. When deploying deployment is started, the enhanced multi-layer software mirror upgrade kit provides users with flexibility to upgrade to EMI. So the user has previously purchased the Catalyst 3550-24 SMI switch, to implement three-layer exchange and more features, it is necessary to upgrade the image to the EMI version, that is, iOS to upgrade to 12.1 (11) EA1 or more.
It is good for enterprise-level networking using Catalyst 3550-24 EMI. It is reflected in: Internet size is not a large enterprise user, you can use it to form a fast Ethernet; three-layer exchange, so easy to implement VLAN route, improve security and network overall communication performance; and you can use GBIC interface to implement Gigabit, this trunk can be a high-speed channel between the switch and the switch, or an access server.
Three-layer exchange
Three-layer exchange technology is: Layer 2 exchange technology three-layer forwarding technology. It solves the partition network segment in the LAN, and communication between network segments must rely on the issue of data forwarding between network segments, and the social algorithm for software algorithms, which causes the inherent low speed to cause network bottlenecks. . The advantages of three-layer exchange can improve the overall performance of the network through IP routing. The traditional switch operates in the second layer of the network seven-layer model, which can only identify the information below the layer, and the three-layer exchange refers to the IP of the network device to discriminate the third layer, and according to this The span segment of the data is forwarded. The three-layer exchange of the switch can realize the routing function that the router can complete, and the delay of the data processing is much lower than the router because the routing function of the switch is hardware implementation, which is completely different from the software implementation of the traditional router, it achieves The second layer switch has high efficiency. In addition, with the gradual increase in data, speech, and video in the network, the limitations of traditional Layer exchange exchange are increasingly exposed, and the broadcasts generated by data exchange throughout the LAN environment of the LLC It is delayed everywhere, affecting the normal communication of user data. The routing function of the three-layer exchange can suppress the spread of network broadcasts. The broadcast within the same network segment is limited to its own broadcast domain, which greatly improves data security. Generally, in network management, the host of the same department will distribute the same broadcast domain (based on VLAN-based implementation), so that broadcasts generated when hosting between the same department will be restricted in the broadcast domain of the department, effectively Ensure the confidentiality and security of the network. When data is to be communicated across the network segment, the route will be forwarded. Three-layer exchange (routing function) is like a gate gate of the network, which makes communication broadcasts in the network segment are limited, and it is to come to work. Therefore, broadcast is limited, the broadcast storm does not produce, the network route is its characteristic, so that the security and security of network communications can improve network overall performance. Today's business networks need to meet new business needs in the edge of the network, such as the need to take up a large number of applications, these new needs will compete with existing critical services, so they need the switch to have three-layer exchange function, blocking Network broadcast across network segments. This Catalyst 3550 EMI switch produced by Cisco is fully suitable for the above application prospects. It uses hardware-based IP routing to provide line-speed routing on all ports, enhanced multi-layer software mirroring, is a web-based program. It can greatly facilitate network administrators management, configuration, and repair networks. Of course, all switches are all Cisco switches. The third floor exchange function combines VLAN capabilities to limit broadcasting and significantly reduced the opportunity to generate network storms, overall improving network security and network performance. In addition to dynamic IP unicast routes, the Catalyst 3550 switch series is ideal for networks that need to support multicast environments (video conference). Multicast Routing Protocol (PIM) and Internet Group Management Protocol (IGMP) for hardware makes the Catalyst 3550 switch ideal for environments that need to make a large multicast service, so that companies can deploy a local area network now or in the future. Broadcast video conference.
VLAN implementation case based on Catalyst 3550-24 switches
An example will be described below. There are 12 Catalyst 3550-24 SMI (standard version) switches in a mobile communication company. There is a server. User requirements: divide the entire office domain network into three VLANs, requiring the server to accept host access to authorized access. As I already know, Catalyst 3550-24 SMI does not have three floors, to make it three-layer exchange, we must upgrade its mirror file to EMI (enhanced version), iOS upgrade is 12.1 (11) EA1 version. In this network we will use a Catalyst 3550-24 SMI to do a central switch, so we hope it has a three-layer exchange function, so upgrade it to EMI, other 11 Catalyst 3550-24 SMIs do not have to upgrade, all To do an access layer switch. We will divide three VLANs, which is to divide three network segments. The VLAN2 - the network number is 192.168.2.0, the designated gateway is 192.168.2.1; the gateway specified by 192.168.3.1; VLAN10 - the network number is 192.168.10.0, the specified gateway To 192.168.10.1, the server is in this VLAN. (Note: Since Cisco's switch does not divide VLAN, all port defaults to VLAN1, so dividing the VLAN will usually start from VLAN2.) Let's first see the topology of the entire LAN: (see Figure 2) from above It can be seen that 12 Catalyst 3550-24 switches are connected by stacking. The uppermost switch has been upgraded to EMI, and the other is still SMI. The stack between the switches is achieved by a 1000BASET GBIC module (see Figure 3). Single port Cisco 1000Base-T GBIC module can provide 1000M high-speed transmission between the stacked switches, or to connect to the server, or a backbone connection between between the wiring. In this scenario, the server is a key protection object, we will disable all host access servers from VLAN3. The server is connected to the 13th port of the center switch, so I set the Access Control List (ACL) on the central switch to control all hosts from the VLAN3 from this 13th port. See the 9th below in detail.
The configuration command line implemented by the VLAN is as follows: (for reference only)
One. Center exchange VLAN configuration
(1) Activate VLAN routing
Switch1 # config t
Switch1 (config) #ip routing
(2) Create three VLANs
Switch1 #
Switch1 # VLAN DATABASE
Switch1 (VLAN) #VLAN 2
Switch1 (VLAN) #VLAN 3
Switch1 (VLAN) #VLAN 10
Switch1 (VLAN) #Exit
(3) Assign IP to VLAN
Switch1 # config t
Switch1 (config) #Config VLAN2
Switch1 (Config-IF) #ip Address 192.168.2.1 255.255.255.0
Switch1 (config-if) #NO Shutdown
Switch1 # config t
Switch1 (config) #Config VLAN3
Switch1 (config-if) #ip address 192.168.3.1 255.255.255.0
Switch1 (config-if) #NO Shutdown
Switch1 # config t
Switch1 (config) #Config Vlan10Switch1 (config-if) #ip address 192.168.10.1 255.255.255.0
Switch1 (config-if) #NO Shutdown
(4) with VTP
Switch1 #
Switch1 # config t
Switch1 (config) #VTP Domain China_Mobile
Switch1 (config) #VTP Mode Server
Switch1 (config) #end
(5) with trunk
Switch1 #
Switch1 # config t
Switch1 (config) #Iinterface GigabitEthernet0 / 1
Switch1 (config-if) #Switchport Trunk Encapsulation ISL
Switch1 (config-if) #Switchport Mode Trunk
Switch1 (config-if) #end
(6) Give the center switch to the router interface with IP
Switch1 #
Switch1 # config t
Switch1 (config) #Iinterface FasteThernet0 / 1
Switch1 (config-if) #NO Switchport
Switch1 (config-if) #ip address 200.1.1.1 255.255.255.0
Switch1 (config-if) #NO Shutdown
(7) Configuring the default route to the center switch
Switch1 #
Switch1 # config t
Switch (config) #ip route 0.0.0.0 0.0.0.0 200.1.1.2
(8) Assign the VLAN number to the IP interface
Switch1 #
Switch1 # config t
Switch1 (config) #Iinterface FasteThernet0 / 2
Switch1 (config-if) #Switchport Mode Access
Switch1 (config-if) #Switchport Access VLAN2
Switch1 (config-if) # spanning-tree portfast
...
Switch1 #
Switch1 # config t
Switch1 (config) #Iinterface FasteThernet0 / 13
Switch1 (config-if) #Switchport Mode Access
Switch1 (config-if) #Switchport Access VLAN3
Switch1 (config-if) # spanning-tree portfast
(Other same)
(9) Assignment Control List ACL Prohibition of VLAN3 Subnet Client Access Server
Switch1 #
Switch1 # config t
Switch1 (config) # access-list 1 deny 192.168.3.0 0.0.0.255
Switch1 (config) # Access-list 1 permit ANY
Switch1 (config) #Iinterface FasteThernet0 / 13 (this interface connection server)
Switch1 (config-if) #ip access-group 1 OUT
(10) Check the above configuration
Switch1 # show VLAN
Switch1 # show ip route
Switch1 # show interface GigabitEthernet0 / 1 Switchport
Switch1 # SHOW RUN
Switch1 # show vtp status
(11) Save configuration
Switch1 # Copy Running-config startup-config two. Configuration of VLAN on the access layer switch SWITH2
(1) with trunk
Switch2 #
SWTICH2 # config t
Switch2 (config) #Iinterface GigabitEthernet0 / 1
Switch2 (config-if) #Switchport Trunk Encapsulation ISL
Switch2 (config-if) #Switchport Mode Trunk
Switch2 (config-if) #end
Switch2 #
SWTICH2 # config t
Switch2 (config) #Iinterface GigabitEthernet0 / 2
Switch2 (config-if) #Switchport Trunk Encapsulation ISL
Switch2 (config-if) #Switchport Mode Trunk
Switch2 (config-if) #end
(2) with VTP
Switch2 #
Switch2 # Config T
Switch2 (config) #VTP Mode Client
Switch2 (config) #VTP Domain China_Mobile
Switch2 (config) #end
(3) Assign the VLAN number to the interface
Switch2 #
Switch2 # Config T
Switch2 (config) #Iinterface FasteThernet0 / 1
Switch2 (config-if) #Switchport Mode Access
Switch2 (config-if) #Switchport Access VLAN2
Switch2 (config-if) # spanning-tree portfast
...
(Other port configurations)
(4) Save configuration
Switch2 # Copy Running-config startup-config
(Other switches)
summary:
For enterprise-class applications, the more business traffic in the LAN has made a momentary requirement for the overall performance of the network. We only have a technically superior network to adapt to this requirement. Cisco Catalyst 3550 -24 EMI performs superior in QoS, classified by business types to make priority services, enabling critical services, bandwidth sensitive services priority. The three-layer exchange function is more perfect for the demand for deploying three-layer exchange in the exchange environment in the exchange environment. This case illustrates that the three-layer exchange function of Catalyst 3550 -24 EMI is well qualitized.
