Foreword
The data link layer devices are mainly network cards and switches. Understanding the switch is the basis for understanding the subsequent upper layer protocols. This article will introduce the working principle and related commands of the switch in detail.
Frame data structure
Before knowing the switch, we need to understand the data frame, which is the basis of network communication, and its structure is shown in the figure:
As can be seen from the above figure, a data frame contains the following parts:
target MAC : the target machine's network card address
source MAC : the sending machine's network card address
type : specifies the type of the upper layer protocol. Because there are many upper-layer protocols, this field must be set when processing data to identify which protocol the data is delivered for processing. For example, when the field is 0x0800, it means that the data is delivered to the IP protocol, and 0x0806 is the ARP protocol.
MTU value : also called the maximum transmission unit, which is composed of upper layer protocols and data. When the data to be sent is large, such as 5000kb, because the maximum data frame can only transmit 1500 bytes, it takes 4 frames to send the data
check code : also called the end of the frame, to detect whether there is an error during the transmission of the frame, accounting for 4 words. The receiver's computer will compare with the sender's end-of-frame data. If the two values are not the same, it means that data loss or change occurred during transmission. At this time, you need to retransmit this frame.
问:MAC地址是什么呢?
答:MAC地址也叫物理地址,全球唯一,为6个字节,作用是当网卡接收到一个数据帧时,首先会检查该帧的目的地址,是否与当前网卡的物理地址相同,如果相同,就会进一步处理;如果不同,则直接丢弃。
问:为什么会有MTU值?一次传输不是更好吗?
答:早期数据在网络传输过程中受到很多因素(比如雷电)的干扰,数据传输过程中可能存在丢失或者错误的现象,一但数据传输错误,那么错误的数据需要重新传,设置MTU值是为了减少错误重传的数据量复制代码Switch port
In the past, the network speed was slow, and the transmission speed of the switch port was also designed slowly. As the network speed improved, the transmission speed of the switch port also increased. However, in order to be compatible with the equipment with the slow transmission speed in the past, the exchange has developed a variety of transmission speeds. Common network speeds and representations are as follows:
E letter means 10Mb
F letter means 100Mb
G letter means 1000Mb
Te letter means 10000Mb
Switch port representation : F0 / 1
F indicates speed
0 Module number
1 indicates interface number
问:传输速度不同的交换机和网卡如何通信?
答:交换机接口速率会自适应,不同设备之间会取相互间最大的传输速度进行通信
问:交换机为什么会有模块号的概念
答:有的交换机支持可插拔,用于扩展接口数量,才有了模块的概念复制代码Switch working principle
Let's take a look at the working principle of the switch in conjunction with the above figure:
Now make the following assumptions, three small circles represent three network devices in the LAN, IP addresses are 10.0.0.1, 10.0.0.2, 10.0.0.3; MAC addresses are respectively For AA, BB, CC (abbreviated, the actual length is 6 bytes). The rectangle indicates the data frame to be sent when the AA device communicates with the CC device.
- The AA device sends the data to the switch 1;
- Switch 1 parses the data frame, obtains the source MAC address in the frame, checks whether its own MAC address table has the source MAC address of the AA device, and if so, proceeds to the next step; if not, records the MAC address of the F0 / 1 interface and AA to Address table
- The switch 1 obtains the target MAC and checks whether its own MAC address table has a MAC address of CC. If there is a CC address in the MAC address table, it directly unicasts the data to the address F0 / 3 connected to the CC device. If there is no CC address in the MAC address table, broadcast (that is, each switch port sends a data frame)
- The device with MAC address other than CC will ignore the received data frame, while the CC device with MAC address will accept the data frame and proceed to the next step.
A very important concept MAC address table is mentioned in the switch workflow above . The content format and data in the table are shown in the figure:
Vlan :
Mac Address used to isolate the virtual local area network : MAC address of the network card
Type : Identify how the association between the MAC address and the switch interface is obtained, the DYNAMIC logo is obtained dynamically, the managed switch can directly bind the MAC address and the switch interface the association
Ports : switch or socket interfaces
问:MAC地址表中数据是否一直保存不删除呢?
答:MAC地址表数据有一个老化时间的概念,默认是300秒,即交换机接口300秒没有接受到数据,MAC地址表就会删除该接口的数据复制代码Switch working mode and corresponding commands
Note: The following common commands of the switch are taken from the network:
Working mode:
1)用户模式:
switch>
可以查看交换机的基本简单信息,且不能做任何修改配置!
2)特权模式
switch> enable
switch#>
可以查看所有配置,且不能修改配置,但可以做测试、保存、初始化等操作
3)全局配置模式
switch# congigure terminal
switch(config)#
默认不能查看配置!
可以修改配置,且全局生效!
4)接口配置模式:
switch(config)#interface f0/1
switch(config-if)#
默认不能查看配置!
可以修改配置,且只对该接口生效!
5)console口/线/控制台配置模式:
switch(config)#line console 0
默认不能查看配置!
可以修改配置,且对console口生效!复制代码Remarks:
1. The first time to configure the network device, you need to use the console line.
2. You need to use the "Super Terminal" or other software on the PC.
command:
exit 退出一级
end 直接退到特权模式
使用?可代替一个字符(不记得命令全称)
支持tab补全键
配置主机名:
conf t(命令缩写形式,等价于congigure terminal)
hostname 折设备名
设置用户密码:
line co 0
password 密码
login(重新登录测试)
exit
快捷键:
ctrl+u : 快速删除光标前所有字符
ctrl+a : 快速定位光标到行首
ctrl+e : 快速定位光标到行尾
保存配置步骤:
en
copy running-config startup-config
或
write
交换机开机动作:
先去硬盘中查找startup-config配置文件是否存在:
如果不存在,内存中创建新的running-config配置文件
如果存在,则复制到内存中并改名为running-config
查看running-config配置文件:
en
show running-config
查看startup-config配置文件:
en
show startup-config
重启设备:
en
reload
配置特权密码:
conf t
enable password 密码(明文)
enable secret 密码 (密文)
查看MAC地址表:show mac-address-table
查看接口状态列表:
show ip int brief
show ip int b
手工关闭接口:
int f0/x
shutdown
exit
手工开启接口:
int f0/x
no shutdown
exit
do的用法:
其他模式加do空格可以强制使用特权模式的命令
如:
do sh run
do sh ip int b
do wr
删除配置:
1)在哪配置的,就在哪删!
2)命令前加no 空格
3)原命令中有参数,并且参数具有唯一性,则删除时不需要加参数
如:
conf t
hostname sw1
conf t
no hostname
清空/擦除/初始化配置:
en
erase start-config
为3层端口 配置IP:(用于远程控制交换机)
int f0/0
ip add 10.1.1.254 255.255.255.0
no shutdown
开启远程控制:
conf t
line vty 0 4
transport input telnet/ssh/none/all
password 密码
login
exit
conf t
hostname r1
ip domain-name r1.qf.com
crypto key generate rsa //生产密钥对
line vty 0 4
transport input telnet/ssh/none/all
login local
exit
username xx password 123.com
为交换机配置管理IP:
conf t
int vlan 1
ip add 10.1.1.253 255.255.255.0
no shut
为交换机配置默认网关
目的:可跨网段管理
conf t
ip defaut-gateway 10.1.1.254
关闭自动解析功能:
conf t
no ip domain-lookup复制代码Conclusion
This blog details the working principle and commands of the switch, and network security related to the switch such as ARP attacks, DHCP attacks, etc. Please refer to the separate ARP and DHCP entry and security blog