Campus at



Switch Operations

        Cam table contains known values of mac address, egress port and vlan, if mac address is not there, then incoming frame will be flooded out all ports which belongs to same broadcast domain (unknown unicast).


    Multilayer Switching (MLS) classification types:

  • Route caching  (the first generation) - involves a switch engine (SE) and a route processor (RP). The RP use a first packet of a flow to determine destination. The SE install shortcut of the first packet's destination inside MLS cache. A following packets in the same flow forwards by SE on the trength of MLS cashe. That called flow-based switching. The catalyst swiches generate  flow statistics in this manner.
  • Topology-based (the second generation) - the routing information fill up a database of the network topology. By checking the longest match inside the database a hardware use that information as layer three destination of incoming packet. No any performance punishment if any changes in routing database occur, those db can be updated dynamically. it's called Cisco Express Forwarding (CEF). The current routing table database downloads info FIB area of hardware.


    But no every packet can be sent by CEF, if following exceptions met then packets processed by CPU:   

  • ARP requests and replies
  • IP packets requiring a response from a router (TTL has expired, MTU is exceeded, fragmentation is needed, and so on)
  • IP broadcasts that will be relayed as unicast (DHCP requests, IP helper-address functions)
  • Routing protocol updates
  • Cisco Discovery Protocol packets
  • IPX routing protocol and service advertisements
  • Packets needing encryption
  • An access list with the log option is triggered
  • Packets triggering Network Address Translation (NAT)
  • Other non-IP and non-IPX protocol packets (AppleTalk, DECnet, and so on)

Switch Ports

    The half-duplex means that network device must wait his turn to transmit data if any incoming traffic exists. If any collision occurs network device waiting a random period of time (the carrier sense multiple access collision detect (CSMA/CD)).  If duplex autonegotiation fails, a switch port always falls back to half-duplex.

    Cabling specifications for Fast Ethernet:

Tecnology Writing tipe Pais Lenght
100BASE-TX EIA/TIA Category 5 UTP 2 100m
100BASE-T2 EIA/TIA Category 3,4,5 UTP 2 100m
100BASE-T4 EIA/TIA Category 3,4,5 UTP 4 100m
100BASE-FX MMF 62,5/125

1 400m half duplex 2000m full duplex


    Cabling specifications for IEEE 802.3z Gigabit Etherne:

Tecnology Writing tipe Pais Lenght
1000BASE-CX Shielded twisted pair (STP) 1 25m
1000BASE-T EIA/TIA Category 5 UTP 4 100m
1000BASE-SX MMF 62,5 core, 850nm laser 1 275m
MMF 50 core, 850nm laser 1 550m
1000BASE-LX/LH MMF 62,5 core, 1300nm laser 1 550m
MMF 50 core, 1300nm laser 1 550m
SMF 9 core, 1300nm laser 1 10km

        10GbE works at full duplex mode only. Classification of transevers that used s Physical Media Dependent (PMD) interfaces:

  • LAN PHY—Interconnects switches in a campus network, predominantly in the core layer
  • WAN PHY—Interfaces with existing synchronous optical network (SONET) or synchronous digital hierarchy (SDH) networks typically found in metropolitan-area networks (MAN)

     Cabling specifications for 10-Gigabit Etherne:

Tecnology Writing tipe Pais Lenght
MMF 50 1 60m
MMF 50 2GHz 1 330m
MMF 62.5 1 33m
10GBASE-LR/LW SMF 9 1 10km
MMF 50 1 300m
MMF 62.5 1 300m
SMF 9 1 10km
10GBASE-CX4 Copper 1 15m

    Selecting Ports to Configure:

define interface-range MyGroup gig 2/0/1 , gig 2/0/3 – 2/0/5 , gig 3/0/1
interface range macro MyGroup

    A switch ports error conditions:

All possible errors conditions is enabled by default. Interface will be disabled if any errors are met.

[no] errdisable detect cause [all | cause-name]
  • all—Detects every possible cause
  • arp-inspection—Detects errors with dynamic ARP inspection
  • bpduguard—Detects when a spanning-tree bridge protocol data unit (BPDU) is received on a port configured for STP PortFast
  • channel-misconfig—Detects an error with an EtherChannel bundle
  • dhcp-rate-limit—Detects an error with DHCP snooping
  • dtp-flap—Detects when trunking encapsulation is changing from one type to another
  • gbic-invalid—Detects the presence of an invalid GBIC or SFP module
  • ilpower—Detects an error with offering inline power
  • l2ptguard—Detects an error with Layer 2 Protocol Tunneling
  • link-flap—Detects when the port link state is “flapping” between the up and down states
  • loopback—Detects when an interface has been looped back
  • pagp-flap—Detects when an EtherChannel bundle’s ports no longer have consistent configurations
  • psecure-violation—Detects conditions that trigger port security configured on a port
  • rootguard—Detects when an STP BPDU is received from the root bridge on an unexpected port
  • security-violation—Detects errors related to port security
  • storm-control—Detects when a storm control threshold has been exceeded on a port
  • udld—Detects when a link is seen to be unidirectional (data passing in only one direction)
  • unicast-flood—Detects conditions that trigger unicast flood blocking on a port
  • vmps—Detects errors when assigning a port to a dynamic VLAN through VLAN membership policy server (VMPS)

    Automatically Recover from Error Conditions. If any errdisable causes are configured for automatic recovery, the errdisabled port stays down for 300 seconds (5 minutes), by default.

errdisable recovery cause [all | cause-name]
errdisable recovery interval seconds

VLANs and Trunks

    Dynamic VLANs provide membership based on the MAC address of an end-user device. When a device is connected to a switch port, the switch must, in effect, query a database to establish VLAN membership. A network administrator also must assign the user’s MAC address to a VLAN in the database of a VLAN Membership Policy Server (VMPS).

    The Inter-Switch Link (ISL) protocol is a Cisco-proprietary method for preserving the source VLAN identification of frames passing over a trunk link.


    IEEE 802.1Q Protocol:


    The first two bytes are used as a Tag Protocol Identifier (TPID) and always have a value of 0x8100 to signify an 802.1Q tag. The remaining two bytes are used as a Tag Control Information (TCI) field. The TCI information contains a three-bit Priority field, which is used to implement class-of-service (CoS) functions in the accompanying 802.1Q/802.1p prioritization standard. One bit of the TCI is a Canonical Format Indicator (CFI).

    VLAN Trunk Configuration:

    In the switchport mode command, you can set the trunking mode to any of the following:

  • trunk—This setting places the port in permanent trunking mode. DTP is still operational, so if the far-end switch port is configured to trunk, dynamic desirable, or dynamic auto mode, trunking will be negotiated successfully. The trunk mode is usually used to establish an unconditional trunk. Therefore, the corresponding switch port at the other end of the trunk should be configured similarly. In this way, both switches always expect the trunk link to be operational without any negotiation. You also should manually configure the encapsulation mode to eliminate its negotiation.
  • dynamic desirable (the default)—The port actively attempts to convert the link into trunking mode. In other words, it “asks” the far-end switch to bring up a trunk. If the far-end switch port is configured to trunk, dynamic desirable, or dynamic auto mode, trunking is negotiated successfully.
  • dynamic auto—The port can be converted into a trunk link, but only if the far-end switch actively requests it. Therefore, if the far-end switch port is configured to trunk or dynamic desirable mode, trunking is negotiated. Because of the passive negotiation behavior, the link never becomes a trunk if both ends of the link are left to the dynamic auto default.

Voice VLANs

    The default condition for every switch port is none, where a trunk is not used. All modes except for none use the special-case 802.1Q trunk. The only difference between the dot1p and untagged modes is the encapsulation of voice traffic. The dot1p mode puts the voice packets on VLAN 0, which requires a VLAN ID (not the native VLAN) but does not require a unique voice VLAN to be created. The untagged mode puts voice packets in the native VLAN, requiring neither a VLAN ID nor a unique voice VLAN.

Switch(config-if)# switchport voice vlan { vlan-id | dot1p | untagged | none }

VLAN Trunking Protocol

    VTP switches use an index called the VTP configuration revision number to keep track of the most recent information. Every switch in a VTP domain stores the configuration revision number that it last heard from a VTP advertisement. The VTP advertisement process always starts with configuration revision number 0.

    VTP advertisements usually originate from server mode switches as VLAN configuration changes occur and are announced. Advertisements can also originate as requests from client mode switches that want to learn about the VTP database as they boot.

    VTP advertisements can occur in three forms:

  •  Summary advertisements : VTP domain servers send summary advertisements every 300 seconds and every time a VLAN database change occurs. The summary advertisement lists information about the management domain, including VTP version, domain name, configuration revision number, time stamp, MD5 encryption hash code, and the number of subset advertisements to follow. For VLAN configuration changes, summary advertisements are followed by one or more subset advertisements with more specific VLAN configuration data.
Version 1 byte Type 1 byte Number of subnet advertisements follow 1 byte Domain name lenght 1 byte
Management Domain Name to 32 bytes
Configuration revision number 4 bytes
Updater identity 4 bytes (origitating ip address)
Update time stamp 12 bytes
MD5 Digest hash code 16 bytes
  • Subset advertisements : VTP domain servers send subset advertisements after a VLAN configuration change occurs. These advertisements list the specific changes that have been performed, such as creating or deleting a VLAN, suspending or activating a VLAN, changing the name of a VLAN, and changing a VLAN’s maximum transmission unit (MTU). Subset advertisements can list the following VLAN parameters: status of the VLAN, VLAN type (such as Ethernet or Token Ring), MTU, length of the VLAN name, VLAN number, security association identifier (SAID) value, and VLAN name. VLANs are listed individually in sequential subset advertisements.
Version 1 byte Type 1 byte Subnet sequense number 1 byte Domain name lenght 1 byte
Management Domain Name to 32 bytes
Configuration revision number 4 bytes
VLAN info field 1 (table below)
VLAN info field N


info neght 1 byte VLAN status 1 byte VLAN type 1 byte VLAN name lenght 1 byte
VLAN ID 2 byts MTU size 2 byts
802.10 SAID 4 byts
VLAN name 0-4 bytes
  • Advertisement requests from clients : A VTP client can request any VLAN information it lacks. For example, a client switch might be reset and have its VLAN database cleared, and its VTP domain membership might be changed, or it might hear a VTP summary advertisement with a higher revision number than it currently has. After a client advertisement request, the VTP domain servers respond with summary and subset advertisements to bring it up to date.
Version 1 byte Type 1 byte Reserved 1 byte Domain name lenght 1 byte
Management Domain Name to 32 bytes
Starting advertisement to request

    Catalyst switches in server mode store VTP information separately from the switch configuration in NVRAM. VLAN and VTP data are saved in the vlan.dat file on the switch’s flash memory file system. All VTP information, including the VTP configuration revision number, is retained even when the switch power is off. In this manner, a switch can recover the last known VLAN configuration from its VTP database after it reboots.

    Reset revision number to 0:

  • Change mode to transparent and then change back to server.
  • Change domain to a fake name and then change back to the original name.

    The default configuration for every switch:
VTP Operating Mode : Server
VTP Domain Name : (Null)
no password or secure mode

 VTP Modes:

  • Server - default mode, it allows create and delete VLANs
  • Client - the switch is compelled to learn any existing VTP information from a reliable existing server
  • Transparent - not share information with any other switch in the network. VLANs still can be created, deleted, and modified.
  • Off - No advertisements processed or relayed.    

    VTP Versions (version 1 by default):

 VTP version 2 features.

Version-dependent transparent mode. No check version just transmit  in teransperent mode.
Consistency checks. Check CLI or SNMP configuration errors.
Token Ring support. Token Ring switching and VLANs.
Unrecognized Type-Length-Value
Transmit messages with unknown types inside.

    VTP version 3 features.

Extended VLAN range 1 - 4094
Enhanced authentication key authentication (can be hidden from the configuration)
Database propagation Databases other than VTP can be advertised
Primary and secondary servers By default, all VTPv3 switches operate as secondary servers and can send updates throughout the domain. A primary server is only needed to take control of a domain
Per-port VTP VTPv3 can be enabled on a per-trunk port basis, rather than a switch as a whole
PVLAN Can transfer information regarding Private VLAN (PVLAN) structures

   The password (1 to 32 characters) can be configured on servers or clients. The MD5  authentication or hash code is calculated and sent in advertisement messages from server. the password can be hidden (only a hash of the password is saved in the running configuration) or secret (the password is saved in the running configuration).  

    VTP pruning:

    Broadcast, multicast, and unknown unicast frames on a VLAN are forwarded over a trunk link only if the switch on the receiving end of the trunk has ports in that VLAN. If enable pruning on server, all other switches will also enable pruning.

    VTP configuration:

Switch(config)# vtp version {1 | 2 | 3}
Switch(config)# vtp domain domain-name
Switch(config)# vtp mode { server | client | transparent | off }
Switch(config)# vtp password password [ hidden | secret ]
Switch(config)# vtp pruning
Switch(config)# interface type member/module/number
Switch(config-if)# switchport trunk pruning vlan {{{ add | except | vlan-list } | none }

Discovering Connected Devices 

Cisco Discovery Protocol

    CDP advertisements are sent at the data link layer (Layer 2) so that neighboring devices can receive and understand them regardless of what upper layer protocol is in use on an interface. It use the well-known multicast address 01:00:0C:CC:CC:CC

    CDP Version-2 (CDPv2) is the most recent release of the protocol and provides more intelligent device tracking features. These features include a reporting mechanism that allows for more rapid error tracking, thereby reducing costly downtime. Reported error messages can be sent to the console or to a logging server, and cover instances of unmatching native VLAN IDs (IEEE 802.1Q) on connecting ports, and unmatching port duplex states between connecting devices.

Type-Length-Value (TLV) Definition
Device-ID Identifies the device name in the form of a character string.
Address Contains a list of network addresses of both receiving and sending devices.
Port-ID Identifies the port on which the CDP packet is sent.
Capabilities Describes the functional capability for the device in the form of a device type, for example, a switch.
Version Contains information about the software release version on which the device is running.
Platform Describes the hardware platform name of the device, for example, Cisco 4500.
IP Network Prefix Contains a list of network prefixes to which the sending device can forward IP packets. This information is in the form of the interface protocol and port number, for example, Eth 1/0.
VTP Management Domain Advertises the system's configured VTP management domain name-string. Used by network operators to verify VTP domain configuration in adjacent network nodes.
Native VLAN Indicates, per interface, the assumed VLAN for untagged packets on the interface. CDP learns the native VLAN for an interface. This feature is implemented only for interfaces that support the IEEE 802.1Q protocol.
Full/Half Duplex Indicates status (duplex configuration) of CDP broadcast interface. Used by network operators to diagnose connectivity problems between adjacent network elements.

    Timer and Hold Time

Router(config)# cdp timer seconds
Router(config)# cdp holdtime seconds


Router(config)# cdp run
Router(config)# cdp advertise-v2

    CDP is enabled by default on all supported interfaces (except for Frame Relay multipoint subinterfaces) to send and receive CDP information. However, some interfaces, such as ATM interfaces, do not support CDP. You can disable CDP on an interface that supports CDP by using the no cdp enable command.

Router(config-if)# cdp enable

Link Layer Discovery Protocol (IEEE 802.1ab)

    Media Endpoint Discovery (MED) is an LLDP enhancement that was formalized by the Telecommunications Industry Association (TIA) for voice over IP (VoIP) applications. LLDP is unidirectional, operating only in an advertising mode. LLDP does not solicit information or monitor state changes between LLDP nodes. LLDP periodically sends advertisements to a constrained multicast address (01:80:C2:00:00:0E).

    By default, a network connectivity device sends out only LLDP packets until it receives LLDP-MED packets from an endpoint device. The network device then sends out LLDP-MED packets until the remote device to which it is connected ceases to be LLDP-MED capable.

    LLDP-MED provides support to discover the following types of information:

  • capabilities - endpoints determine the types of capabilities that a connected device supports and which ones are enabled

  • inventory - LLDP-MED support exchange of hardware, software, and firmware versions, among other inventory details

  • LAN speed and duplex - devices discover mismatches in speed and duplex settings

  • location identification - an endpoint, particularly a telephone, learns its location from a network device. This location information may be used for location-based applications on the telephone and is important when emergency calls are placed

  • network policy - network connectivity devices notify telephones about the VLANs they should use

  • power - network connectivity devices and endpoints exchange power information. LLDP-MED provides information about how much power a device needs and how a device is powered. LLDP-MED also determines the priority of the device for receiving power.

    TLV structure

Type Length Value
7 bits     9 bits 0-511 octets

    TLV type values

Type Name Usage in LLDPPDU
0 End of LLDPDU Mandatory
1 Chassis ID Mandatory
2 Port ID Mandatory
3 Time To Live Mandatory
4 Port description Optional
5 System name Optional
6 System description Optional
7 System capabilities Optional
8 Management address Optional
9–126 Reserved -
127 Custom TLVs Optional

    Timer and Hold Time

Router(config)# lldp holdtime seconds
Router(config)# lldp timer seconds


Router(config)# lldp run
Router(config-if)# no lldp {med-tlv-select tlv | receive | transmit}

    Specific TLVs can be enabled and suppressed

Router(config-if)# lldp tlv-select tlv

    LLDP-MED TLV support is enabled by default if LLDP is enabled globally and locally on a supported interface

Router(config-if)# lldp med-tlv-select tlv

    Configuring Location TLV. When you configure location information from various modules, such as CDP, LLDP, and LLDP-MED, you can use the location prefer command to configure the priority.

Router(config)# location {admin-tag string | civic-location identifier id | elin-location string identifier id}
Router(config-if)# location {additional-location-information word | civic-location-id id [port-location]| elin-location-id id}


Leave a Comment: