|
|
Catalyst 1700 Concepts Overview
This chapter defines the following concepts and options that you will need to understand to configure and manage the Catalyst 1700:
The Catalyst 1700 provides three switching modes:
The switching mode determines how quickly the Catalyst 1700 can forward a packet, and therefore, how much latency the packet will experience. Latency is the delay between the time the first bit of a packet is received and the time the first bit of the packet is transmitted.
The first two options reduce bridge latency by starting to forward a packet prior to completely receiving it. This form of switching is often referred to as cut-through.
FastForward switching is optimized for performance. It offers the lowest level of latency (see Table 3-1) by immediately forwarding a packet upon receipt of only the destination address (after the first 6 bytes are received).
Because FastForward does not wait until the entire packet is received before forwarding, this form of switching may sometimes relay a packet that has an error. Although this will be an infrequent occurrence and the destination network adapter will discard the faulty packet upon receipt, this superfluous traffic may be deemed unacceptable in certain environments. Such cut-through overhead can be reduced by using the FragmentFree option.
FragmentFree switching filters out the majority of packet errors before forwarding begins. In a properly functioning network, most packet "errors" are due to collisions which are resolved within the first 64 bytes of the packet. These collisions cause packet fragments. After a packet has successfully passed this fragment threshold, it will continue to be received without error with near-certainty. (The next biggest cause of failure arises from "late" collisions which can occur when the network is physically interrupted.) This is how the FragmentFree option works.
FragmentFree switching waits until the received packet passes the 64-byte fragment threshold and then forwards the packet.
The third switching mode supported by Catalyst 1700 is the traditional Store-and-Forward bridging mode. Complete packets are stored and checked for errors prior to transmission. Latency varies by packet size since the entire packet needs to be received prior to transmission.
Store-and-Forward is the most error-free form of switching; however, the forwarding latency is higher than either of the two cut-through switching modes as can be seen in Table 3-1.
Table 3-1 shows the switching options and associated latencies for data transfer among combinations of 10Mbps and 100Mbps ports.
Table 3-1 : Catalyst 1700 Switching Latencies
| 10 to 10 Mbps | 10 to 100 Mbps | 100 to 100 Mbps | 100 to 10 Mbps | |
|---|---|---|---|---|
| FastForward | 30 ∝S | NA | 7 ∝S | 7 ∝S |
| FragmentFree | 70 ∝S | NA | 9 ∝S | 9 ∝S |
| Store-and-Forward | 70-1228 ∝S | 70-1228 ∝S | 9-125 ∝S | 9-125 ∝S |
One switching mode is designated for the entire hub. The switching modes are applicable for traffic flowing between Personal Ethernet ports and Personal Ethernet and General Ethernet ports (10 Mbps to 10 Mbps) and from Fast Ethernet ports to Personal Ethernet and General Ethernet ports (100 Mbps to 10 Mbps).
Data transfers from the Personal Ethernet or General Ethernet ports to the Fast Ethernet ports (10 Mbps to 100 Mbps) are always forwarded on a Store-and-Forward basis no matter which switching option is chosen for the rest of the hub. This is due to the potential for "under-runs" when forwarding from the slower 10 Mbps ports to the 100 Mbps ports.
In addition, the Store-and-Forward method is always used for forwarding multicast and broadcast packets and when the hub has the Port Monitoring Mode function enabled.
You can specify your choice of switching option using the MIB object sysConfigSwitchingMode as described in the "In-Band Management" chapter or using the Management Console System Configuration menu as described in the "Out-of-Band Management" chapter. The default mode is FastForward.
There are two Learning Mode options for each Catalyst 1700 port: Dynamic and Secure. Each port can be set independently with the default mode set to Dynamic for all ports. The Learning Mode may be modified by in-band (using the swPortMatchAddress MIB object) or (using the out-of-band Ports Configuration menu), management control, as described in the "In-Band Management" and "Out-of-Band Management" chapters, respectively. Description of these two modes follow.
The address status provides information as to the existence and number of addresses on each Catalyst 1700 port. The address status reflects if a port is Unaddressed (no address has been learned or manually entered), Single (a single existing address is known for the port), or Network (multiple addresses are accepted for this port).
Personal Ethernet ports can only have an address status of Unaddressed or Single because these ports support attachment to one node. Only one port on the Catalyst 1700 hub, either the General Ethernet port (G25) or one of the Fast Ethernet ports (F1, F2), can have Network status at a given time.
Upon initial power up or reset, the Catalyst 1700 assigns Network status to the first of these three ports from which it receives packets from multiple source addresses. This assignment can be overridden in-band using the MIB object sysConfigNetPortAdmin as described in "In-Band Management" or out-of-band using the System Configuration menu as detailed in "Out-of-Band Management." The default value for all ports is Unaddressed.
The Dynamic setting allows the Catalyst 1700 to automatically learn a port address by reading the source address of an incoming packet from the attached workstation. Dynamic mode updates the port address as a new address appears, making it easy to accommodate moves and changes of servers and workstations.
For enhanced security, the Catalyst 1700 ports can be set to Secure Learning Mode. Setting a port to Secure Learning Mode allows the port to be used only by a workstation with a specific address. This address can be entered manually in-band using the MIB object swPortMatchAddress as detailed in "In-Band Management" or out-of-band, using the Ports Configuration menu as described in "Out-of-Band Management." Otherwise, the next address received on the port will be secured.
All non-network ports can be set to Secure Learning Mode using a single command on the Management Console's Monitoring and Security menu.
After a secure address is obtained, the Catalyst 1700 will automatically suspend or disable the port if it receives any packets whose source address differs from the secured address. You can set whether to suspend or disable a port upon this type of address violation. You can also instruct the Catalyst 1700 to take no action and simply discard the offending address. This setting ability is described later in this chapter.
In addition, the Catalyst 1700 can be configured to send an alert to the in-band network management station by setting the MIB objects netMgmtTrapClientAddress and netMgmtTrapClientComm as discussed in "In-Band Management" or via the Network Management Configuration menu as described in "Out-of-Band Management."
A non-network port set to Dynamic Learning Mode will transition to an Unaddressed Address Status if no activity is detected over a user-defined time interval. No transition will occur if this time interval is set to none. The time interval can be set in-band using the MIB object sysConfigInactAgeTime as described in "In-Band Management" or by using the out-of-band System Configuration menu as described in "Out-of-Band Management." The default time period is None.
Lost Connection refers to the loss of a Link Beat on a Catalyst 1700 port. Lost Connection Aging is similar to Address Aging, except that the inactivity aging begins only if Link Beat is lost. A non-network port set to Dynamic Learning Mode will transition to an Unaddressed Address Status if Link Beat is lost and no activity is detected over a user-defined time interval. (This will occur even in the event that Link Beat is regained.) No transition will occur if this time interval is set to none. The time interval can be set in-band using the MIB object sysConfigLbLossAgeTime as described in "In-Band Management" or by using the out-of-band System Configuration menu as described in "Out-of-Band Management." The default time period is None.
The General Ethernet port provides three connectors for attachment to a corporate backbone: AUI, BNC and RJ-45. Upon initial power-up, Catalyst 1700 will self-sense which of the three connectors is being used without any user intervention. If the active connector is subsequently changed, it must also be changed in-band using the MIB object sysConfigG25Connector or out-of-band using the Ports Configuration menu. Using these methods, you can either configure the Catalyst 1700 for the new connection type or to self-sense the new connection. These are described in "In-Band Management" and "Out-of-Band Management," respectively.
Each Catalyst 1700 port will be in one of three states: Enabled, Suspended or Disabled. These states are called Port Status. The default setting for each port is Enabled. This is the normal "active" operational mode for a port, and packet reception and forwarding is enabled. The Catalyst 1700 can also place a port in one of two inactive Port Status conditions, Suspended or Disabled. This can occur either automatically, due to a network connection error, secure address violation, or Power On Self Test (POST) failure, or through manual intervention via in-band or out-of-band management.
There is one key difference between Suspended port status and Disabled port status. Suspended ports may be automatically returned to the Enabled status once the condition causing the suspension is fixed, such as the return of Link Beat or the secure address "reappearing" on the port. Disabled ports may be returned to Enabled status only through direct management intervention.
In either case, no packets are forwarded to or from the inactive port. These ports do monitor incoming packets, however, to look for an activating condition. In addition, transmission will be attempted for any packets already in the port's transmit queue when the port was removed from Enabled status.
Automatic suspension of a port will occur upon loss of Link Beat or the occurrence of a "jabbering" port. Automatic disablement of a port will occur upon POST failure.
Automatic suspension or disabling of a port will also occur upon a secure address violation.
There are two types of secure address violations: Duplication (the secure address appears on a different port than where it was secured) and Mismatch (a different address appears on a port which already had an existing secure address).
Control of whether to take no action, or to Suspend or Disable address violation ports is selected through management control in-band using the MIB object sysConfigAddressViolationAction or out-of-band using the System Configuration menu as described in "In-Band Management" and "Out-of-Band Management," respectively. The default setting is Suspend.
Ports can also be manually disabled using the MIB object swPortAdminStatus as described in "In-Band Management" or using the Management Console's Ports Configuration menu as described in "Out-of-Band Management."
Each of the Catalyst 1700's 27-ports are bridged. This 100% bridge design provides an important security benefit in that it precludes "eavesdropping" on or monitoring traffic destined for other ports. At certain times, however, the ability to use a network monitor or "sniffer" for purposes of debugging and analysis is desired. It is for those times, that the Catalyst 1700 offers the Port Monitoring Mode.
Enabling Port Monitoring Mode allows for the monitoring or capturing of frames received from ports that are assigned to a Capture List. The Capture List can include any number of Catalyst 1700 ports from none to all 27. Captured frames are forwarded to one of the 27 ports designated as the Monitor Port.
Port Monitoring Mode can be activated using the MIB object sysConfigMonitor to enable the monitoring of designated ports, swPortMonitoring to add a port to the Capture List, and sysConfigMonitorPort to set the Monitor Port, as described in "In-Band Management," or by using the Monitoring and Security Configuration menu, as described in "Out-of-Band Management."
Enabling the Port Monitoring Mode automatically places the hub in Store-and-Forward switching mode, superseding a FastForward or FragmentFree switching mode setting.
|
Copyright 1988-1996 © Cisco Systems Inc.