收藏 分销(赏)
立即下载 开通VIP

以太网交换培训PPT课件.ppt

上传人:胜**** 文档编号:685279 上传时间:2024-02-01 格式:PPT 页数:48 大小:1,000.50KB
下载 相关 举报
以太网交换培训PPT课件.ppt_第1页
第1页 / 共48页
以太网交换培训PPT课件.ppt_第2页
第2页 / 共48页
以太网交换培训PPT课件.ppt_第3页
第3页 / 共48页
以太网交换培训PPT课件.ppt_第4页
第4页 / 共48页
以太网交换培训PPT课件.ppt_第5页
第5页 / 共48页
点击查看更多>>
资源描述

1、HUAWEI TECHNOLOGIES CO.,LTDHuawei Confidential Security Level:Slide title:40-47pt Slide subtitle:26-30ptColor:white Corporate Font:FrutigerNext LT MediumFont to be used by customers and partners:Arial核心网IP技能培训(二)以太网交换2024/1/31 周三HUAWEI TECHNOLOGIES CO.,LTD.Huawei Confidential lSlide title:32-35pt lC

2、olor:R153 G0 B0lCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallSlide text:20-22ptlBullets level 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallThe following nine groups of colors are an exampl

3、e of how our design colors can be used,please take note that you should only use one design color group per slide.l For specific usage details,refer to the“Typesetting Standard”.lTop right corner for field-mark,customer or partner logotypes.l-学习完此课程,您将会:p掌握MAC、帧和VLAN的基本概念p二层交换和三层交换的基本原理pVLAN的扩展特性p链路

4、聚合的概念和配置Page 2HUAWEI TECHNOLOGIES CO.,LTD.Huawei Confidential lSlide title:32-35pt lColor:R153 G0 B0lCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallSlide text:20-22ptlBullets level 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be use

5、d by customers and lpartners:lAriallThe following nine groups of colors are an example of how our design colors can be used,please take note that you should only use one design color group per slide.l For specific usage details,refer to the“Typesetting Standard”.lTop right corner for field-mark,cust

6、omer or partner logotypes.l-第第1 1章章 帧、帧、MACMAC的概念和二层转发的概念和二层转发第2章 VLAN的基本概念和原理第3章 三层交换机架构和转发结构和VLAN间路由第4章 VLAN的扩展特性第5章 链路聚合Page 3HUAWEI TECHNOLOGIES CO.,LTD.Huawei Confidential lSlide title:32-35pt lColor:R153 G0 B0lCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lA

7、riallSlide text:20-22ptlBullets level 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallThe following nine groups of colors are an example of how our design colors can be used,please take note that you should only use one design color gr

8、oup per slide.l For specific usage details,refer to the“Typesetting Standard”.lTop right corner for field-mark,customer or partner logotypes.l-OSI 二层-数据链路层ApplicationPresentationSessionTransportIPDate link PhysicalApplicationPresentationSessionTransportIPDate link PhysicalPage 4HUAWEI TECHNOLOGIES C

9、O.,LTD.Huawei Confidential lSlide title:32-35pt lColor:R153 G0 B0lCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallSlide text:20-22ptlBullets level 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lArial

10、lThe following nine groups of colors are an example of how our design colors can be used,please take note that you should only use one design color group per slide.l For specific usage details,refer to the“Typesetting Standard”.lTop right corner for field-mark,customer or partner logotypes.l-常见的以太网F

11、rame格式l最早的以太网格式的定义规范,由Digital equipment Corp,Intel,Xerox发展,后来被发展成IEEE标准,叫ethernet(DIX),也叫ethernet V2(ARPA).(交换机和路由器的常用格式)Ethernet V2(ARPA)MAC DE(6 byte)MAC SA(6byte)Type(2byte)Data(461500 byte)FCS(4byte)l802.3标准,IEEE标准组织在1980s年代发展802.3MAC DE(6 byte)MAC SA(6byte)Length(2byte)Data(461500byte)FCS(4byte

12、)l其它的以太网Frame格式包括:802.3+802.2(LLC),802.3+802.2+SNAP802.3MAC DE(6 byte)MAC SA(6byte)Length(2byte)DSAP(1byte)SSAP(1byte)CONTROL(1-2byte)OUI(3byte)TYPE(2byte)DataFCS(4byte)802.2SNAPPage 5HUAWEI TECHNOLOGIES CO.,LTD.Huawei Confidential lSlide title:32-35pt lColor:R153 G0 B0lCorporate Font:lFrutigerNext

13、LT MediumlFont to be used by customers and lpartners:lAriallSlide text:20-22ptlBullets level 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallThe following nine groups of colors are an example of how our design colors can be used,please

14、 take note that you should only use one design color group per slide.l For specific usage details,refer to the“Typesetting Standard”.lTop right corner for field-mark,customer or partner logotypes.l-Frame参数-MAC 地址MACMAC地址Media access control,也叫硬件地址。为了控制在共享的介质的设备的访问,必须定义一个规则。MAC地址作用主要有1.在共享介质中唯一标识某台设备

15、。2.控制设备的访问,当设备接受到一个Frame时,需要检查DE MAC,如果是自己的MAC地址,就接受该Frame。MACMAC地址表示方法MAC地址是由48bit(6byte)组成,前3byte表示组织的唯一标识,后三位由该组织分配给每台设备。00E0-FC79-405FHUAWEI设备标识Frame的种类:根据目的MAC的不同,可以分为三种帧,1.Unicast Frame 2.Broadcast(全F,或者全0)3.multicastCisco设备的MAC地址(前3byte),常见的有:00000C,Page 6HUAWEI TECHNOLOGIES CO.,LTD.Huawei Co

16、nfidential lSlide title:32-35pt lColor:R153 G0 B0lCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallSlide text:20-22ptlBullets level 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallThe following n

17、ine groups of colors are an example of how our design colors can be used,please take note that you should only use one design color group per slide.l For specific usage details,refer to the“Typesetting Standard”.lTop right corner for field-mark,customer or partner logotypes.l-Frame参数-TypelType Type表

18、示DATA里面封装的报文类型,常见的类型有:Protocol16进制位IP0800ARP0806802.30000-05DC为了识别是Ethernet II和802.3的帧,Ethernet II的type域从1536(16进制位为600)开始,在802.3中,数据的长度小于或者等于1500(05DC)。Page 7HUAWEI TECHNOLOGIES CO.,LTD.Huawei Confidential lSlide title:32-35pt lColor:R153 G0 B0lCorporate Font:lFrutigerNext LT MediumlFont to be used

19、 by customers and lpartners:lAriallSlide text:20-22ptlBullets level 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallThe following nine groups of colors are an example of how our design colors can be used,please take note that you shoul

20、d only use one design color group per slide.l For specific usage details,refer to the“Typesetting Standard”.lTop right corner for field-mark,customer or partner logotypes.l-桥和以太网交换机l桥和HUB的区别 随着网络的快速发展,特别是本地局域网络的发展,越来越多的设备需要互相访问,同时需要连接到更长的距离。而传统的以太网采用HUB进行连接,整个HUB就是一个冲突域,采用CSMA/CD机制来检测和侦听,所有的设备共享带宽,网

21、络的带宽利用率低,效率低;并且有距离的限制。而桥建立桥接表(MAC),不象HUB总是将帧发送到所有的端口,桥根据MAC表来决定向那个端口进行转发。这样桥的每个端口为一个冲突域,每台设备将享用一个端口的带宽。HUBframeBridgeframe查看MAC表所有的设备共享整台HUB,共享带宽!独占一个端口的带宽!Page 8HUAWEI TECHNOLOGIES CO.,LTD.Huawei Confidential lSlide title:32-35pt lColor:R153 G0 B0lCorporate Font:lFrutigerNext LT MediumlFont to be u

22、sed by customers and lpartners:lAriallSlide text:20-22ptlBullets level 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallThe following nine groups of colors are an example of how our design colors can be used,please take note that you sh

23、ould only use one design color group per slide.l For specific usage details,refer to the“Typesetting Standard”.lTop right corner for field-mark,customer or partner logotypes.l-桥和交换机的区别桥和交换机都是一个广播域,每个端口都是一个collision域,并都形成MAC表来指导帧转发,不同点是:1、交换机端口的数量多。2、交换机上可以划分VLAN来将整个广播域分割为多个广播域。Page 9HUAWEI TECHNOLOG

24、IES CO.,LTD.Huawei Confidential lSlide title:32-35pt lColor:R153 G0 B0lCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallSlide text:20-22ptlBullets level 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:l

25、AriallThe following nine groups of colors are an example of how our design colors can be used,please take note that you should only use one design color group per slide.l For specific usage details,refer to the“Typesetting Standard”.lTop right corner for field-mark,customer or partner logotypes.l-MA

26、C表的建立每台交换机都需要建立MAC表,MAC表的建立过程是被动学习的过程:1、每台交换机都有cache来保存MAC表,指导帧的转发,当交换机刚上电时,MAC表是空的。2、交换机从端口接受一个帧的时候,将帧的原MAC和该端口记录在MAC表中。通过不停的学习到所有连接到交换机端口的设备的MAC和相应的端口,来建立一张完整的MAC表。3、当交换机转发一个帧的时候,需要查看MAC表,如果MAC表没有该帧的目的MAC,交换机将广播该帧到所有的端口(除了接受该帧的端口)。PC1PC2PC30/10/2 0/3MAC1MAC2MAC3MAC 表:MAC 地址 PORTMAC1 0/1MAC2 0/2MAC

27、3 0/3Page 10HUAWEI TECHNOLOGIES CO.,LTD.Huawei Confidential lSlide title:32-35pt lColor:R153 G0 B0lCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallSlide text:20-22ptlBullets level 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be used

28、by customers and lpartners:lAriallThe following nine groups of colors are an example of how our design colors can be used,please take note that you should only use one design color group per slide.l For specific usage details,refer to the“Typesetting Standard”.lTop right corner for field-mark,custom

29、er or partner logotypes.l-两种MAC表随着VLAN的应用,MAC表项有两种定义:SVL(SHARE VLAN)这种定义意味着在MAC表中每个MAC地址只能对应一个VLAN.这样会导致MAC地址学习错误。PC10/1PC20/20/30/4VLAN2VLAN30/10/2 如图:PC1访问PC2必须经过一台路由器进行转发,假设路由器在它的0/1端口将PC1的报文透传到0/2端口,这样交换机的0/4端口学习到PC1的MAC地址,由于交换机是SVL,此时交换机将替换掉(0/1,VLAN2)学习的表项为从(0/4,VLAN3)的表项。导致MAC表项出错,PC2响应时,rout

30、er接受到PC2的响应报文,从0/1转发出去,此时交换机不能转发帧到0/1,PC1不能接受到PC2的响应报文。IVL(independent VLAN)这种定义意味着在MAC表中,每个MAC可以对应多个不同的VLAN。如图:当ROUTER 从0/2接受到PC2的响应报文之后,从0/1转发出去,交换机接受到这个帧之后,发现有(0/1,VLAN2)的表项,从0/1转发出去。现在所有的交换机都采用IVL建立MAC表。Page 11HUAWEI TECHNOLOGIES CO.,LTD.Huawei Confidential lSlide title:32-35pt lColor:R153 G0 B0

31、lCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallSlide text:20-22ptlBullets level 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallThe following nine groups of colors are an example of how our de

32、sign colors can be used,please take note that you should only use one design color group per slide.l For specific usage details,refer to the“Typesetting Standard”.lTop right corner for field-mark,customer or partner logotypes.l-MAC表结构1、动态MAC表交换机的MAC表通过被动学习VLAN端口的帧来动态建立,并为每个MAC地址设定一个计时器,如果在一定的时间内没有学习

33、到MAC地址,该MAC将老化,重新学习。缺省的情况下,老化时间为300s。2、静态MAC表 通过手工配置静态的MAC表项,静态MAC表项默认是永久存在交换机中,也可以设置老化的时间3、MAC表的结构MAC ADDVLAN IDSTATEPORT INDEXAGE TIMEMAC ADD:表示帧的source MAC。VLAN ID:端口所属的VLAN。STATE:有两个值:dynamic or static。PORT INDEX:接受帧的端口。AGE TIME:表示MAC存活的时间。NOAGE:表示不老化。Page 12HUAWEI TECHNOLOGIES CO.,LTD.Huawei Co

34、nfidential lSlide title:32-35pt lColor:R153 G0 B0lCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallSlide text:20-22ptlBullets level 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallThe following n

35、ine groups of colors are an example of how our design colors can be used,please take note that you should only use one design color group per slide.l For specific usage details,refer to the“Typesetting Standard”.lTop right corner for field-mark,customer or partner logotypes.l-帧的封装过程PC1:MAC1 AND IP1P

36、C2:MAC2 AND IP20/10/2Pc1访问PC2的帧的封装过程,交换机上的两个接口在同一个VLAN:1PC1发送ARP的请求报文,目的MAC是广播地址,目的地址为IP2。FF-FF-FF-FF-FF-FF(DE MAC)MAC10806DATA2交换机接受到该帧,将端口、MAC1、VLAN放到MAC表项中,并向所有的接口0/2广播。FF-FF-FF-FF-FF-FF(DE MAC)MAC10806DATA3PC2接受到这个ARP请求报文,发送ARP响应报文,目的MAC为MAC1,原MAC为MAC2。MAC1MAC20806DATA4交换机从0/2接受到ARP响应报文之后,将MAC2、

37、0/2、VLAN添加到MAC表项中。并向端口0/1转发该帧。5PC1知道了PC2的MAC地址,下一个帧的目的地址为MAC2。MAC2MAC10800DATAMAC1MAC20806DATAPage 13HUAWEI TECHNOLOGIES CO.,LTD.Huawei Confidential lSlide title:32-35pt lColor:R153 G0 B0lCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallSlide text:20-22ptlBull

38、ets level 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallThe following nine groups of colors are an example of how our design colors can be used,please take note that you should only use one design color group per slide.l For specific

39、 usage details,refer to the“Typesetting Standard”.lTop right corner for field-mark,customer or partner logotypes.l-交换机性能指标之一:MAC表容量交换机存储的MAC地址不是无限,它跟交换机的cache有密切的关系,不同类型的交换机有不同的MAC表项大小。MAC表项容量的大小也反映了该交换机的能力,是一个重要的性能指标。常见的交换机的MAC表的容量为:交换机类型MAC数量/VLAN/整机30264KS3026E8KS3026F16KS3526系列8KS3528G/P,S3552G/

40、P/F12KS551516KS6503/S6506/S6506R32K/64K/64KS8505/S8508/S851264KNE40/NE8064KNE40E/NE80E64KPage 14HUAWEI TECHNOLOGIES CO.,LTD.Huawei Confidential lSlide title:32-35pt lColor:R153 G0 B0lCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallSlide text:20-22ptlBullets l

41、evel 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallThe following nine groups of colors are an example of how our design colors can be used,please take note that you should only use one design color group per slide.l For specific usag

42、e details,refer to the“Typesetting Standard”.lTop right corner for field-mark,customer or partner logotypes.l-交换机的安全:MAC表的安全1、MAC表项溢出 由于交换机只是被动的学习原MAC,并且动态MAC地址老化时间为5分钟,如果一个交换机的MAC表满了,又不能达到老化的时间,交换机将不能学习到原MAC,导致交换机不能正常转发。接在交换机端口下的一台PC,通过发送原MAC不停变化的帧,当交换机接受到这些变化的帧之后,将添加到自己的MAC表中;一旦MAC表满,交换机将不能处理正常的帧,

43、导致不能转发。同时产生大量广播报文,导致交换机CPU繁忙。解决办法:如果发现MAC表中的一个端口下学习到大量MAC地址,表明交换机正在遭受攻击,可以配置该端口下学习到MAC地址的数量,超过配置的数量的MAC将停止转发。mac-address max-mac-count disalbe-forwarding 端口模式下配置。2、原MAC欺骗 黑客通过发送另外一台攻击的计算机的MAC地址为原地址的报文,路由器收到这个报文之后,将流量转发给黑客,黑客将获取到流向被攻击的计算机流量,进一步分析之后,可以获取到其它的重要信息(比如密码、帐号。)解决办法:在路由器上作原MAC和IP的绑定,如果MAC和IP

44、不一致,将丢弃该报文。Page 15HUAWEI TECHNOLOGIES CO.,LTD.Huawei Confidential lSlide title:32-35pt lColor:R153 G0 B0lCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallSlide text:20-22ptlBullets level 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be

45、 used by customers and lpartners:lAriallThe following nine groups of colors are an example of how our design colors can be used,please take note that you should only use one design color group per slide.l For specific usage details,refer to the“Typesetting Standard”.lTop right corner for field-mark,

46、customer or partner logotypes.l-交换机对帧的处理方式交换机对接受的帧有不同的处理方式:1、store and forwarding 这种模式在开始交换之前,检查整个帧,如果帧出现错误,将丢弃该帧。2、cut-through 当交换机检查到接受到该帧的目的MAC地址,进行转发。即使帧出现了错误,交换机也会转发,这样当达到目的地时,被目的设备丢弃,浪费了带宽。3、Fragmentfree 当交换机检查帧的64位帧时,开始转发。(64位帧即最小的帧)。Page 16HUAWEI TECHNOLOGIES CO.,LTD.Huawei Confidential lSli

47、de title:32-35pt lColor:R153 G0 B0lCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallSlide text:20-22ptlBullets level 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallThe following nine groups of c

48、olors are an example of how our design colors can be used,please take note that you should only use one design color group per slide.l For specific usage details,refer to the“Typesetting Standard”.lTop right corner for field-mark,customer or partner logotypes.l-问题l帧的最小长度为多少?lHub、Bridge、交换机分别位于OSI中的哪

49、层?l在同一个VLAN中,如果MAC1学习到port1上,后来由于某种原因该MAC1学习到了PORT2,这时之前的mac表项还存在吗?如果是在不同的VLAN下,MAC表项是什么样的?Page 17HUAWEI TECHNOLOGIES CO.,LTD.Huawei Confidential lSlide title:32-35pt lColor:R153 G0 B0lCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallSlide text:20-22ptlBullets

50、 level 2-5:l 18pt lColor:BlacklCorporate Font:lFrutigerNext LT MediumlFont to be used by customers and lpartners:lAriallThe following nine groups of colors are an example of how our design colors can be used,please take note that you should only use one design color group per slide.l For specific us

展开阅读全文
部分上传会员的收益排行 01、路***(¥15400+),02、曲****(¥15300+),
03、wei****016(¥13200+),04、大***流(¥12600+),
05、Fis****915(¥4200+),06、h****i(¥4100+),
07、Q**(¥3400+),08、自******点(¥2400+),
09、h*****x(¥1400+),10、c****e(¥1100+),
11、be*****ha(¥800+),12、13********8(¥800+)。
相似文档                                   自信AI助手自信AI助手
搜索标签

当前位置:首页 > 教育专区 > 职业教育

移动网页_全站_页脚广告1

关于我们      便捷服务       自信AI       AI导航        获赠5币

©2010-2024 宁波自信网络信息技术有限公司  版权所有

客服电话:4008-655-100  投诉/维权电话:4009-655-100

gongan.png浙公网安备33021202000488号   

icp.png浙ICP备2021020529号-1  |  浙B2-20240490  

关注我们 :gzh.png    weibo.png    LOFTER.png 

客服