Configuring VLAN

Chapter 14

powered by DJ 1

Chapter ObjectivesAt the end of this Chapter you will be

able to:Understand basic concept of VLANConfigure VLAN

powered by DJ 2

VLAN Basics

Layer 2 switched networks are typically designed—as flat networks. With this configuration, every broadcast packet transmitted is seen by every device on the net- work regardless of whether the device needs to receive that data or not.

By default, routers allow broadcasts to occur only within the originating network, while switches forward broadcasts to all segments. it’s called a flat network is because it’s one broadcast domain

Flat Network Structurepowered by DJ 3

You can solve many of the problems associated with layer 2 switching with VLAN i.e.

VLANs greatly enhance network security.

VLANs increase the number of broadcast domains

VLAN 1 Host A

VLAN 2Host B

powered by DJ 4

VLAN MembershipsStatic VLANs

In Static Membership each switch port is configured manually with a VLAN Membership based upon which VLAN the host needed to be a member of.

Dynamic VLANs

On the other hand, a dynamic VLAN determines a node’s VLAN assignment automatically. Using intelligent management software, you can base VLAN assignments on hardware (MAC) addresses

powered by DJ 5

Identifying VLANsThere are two different types of links in a switched environment.

Access Ports

An access port belongs to and carries the traffic of only one VLAN. Traffic is both received and sent in native formats with no VLAN tagging whatsoever

Trunk Ports

A trunk link is a 100- or 1000Mbps point-to-point link between two switches, between a switch and router, or even between a switch and server, and it carries the traffic of multiple VLANs—from 1 to 4,094 at a time

powered by DJ 6

Access and Trunk Links in a switched network

powered by DJ 7

Frame Tagging

This frame identification method uniquely assigns a user-defined ID to each frame. Sometimes people refer to it as a “VLAN ID” or even “color.”

Once the frame reaches an exit that’s determined by the forward/filter table to be an access link matching the frame’s VLAN ID, the switch will remove the VLAN identifier. This is so the destination device can receive the frames without being required to understand their VLAN identification.

powered by DJ 8

VLAN Identification Methods

It’s how switches identify which frames belong to which VLANs, and there’s more than one trunking method.41.0

Inter-Switch Link (ISL)

Inter-Switch Link (ISL) is a way of explicitly tagging VLAN information onto an Ethernet frame. This tagging information allows VLANs to be multiplexed over a trunk link through an external encapsulation method (ISL), which allows the switch to identify the VLAN membership of a frame over the trunked link.

powered by DJ 9

IEEE 802.1Q

Created by the IEEE as a standard method of frame tagging, IEEE 802.1Q actually inserts a field into the frame to identify the VLAN. If you’re trunking between a Cisco switched link and a different brand of switch, you’ve got to use 802.1Q for the trunk to work.

powered by DJ 10

VLAN Trunking Protocol (VTP)

Cisco created this one too. The basic goals of VLAN Trunking Protocol (VTP) are to manage all configured VLANs across a switched internetwork and to maintain consistency throughout that network VTP allows you to add, delete, and rename VLANs—information that is then propagated to all other switches in the VTP domain.

powered by DJ 11

VTP Modes of Operation

powered by DJ 12

Server

This is the default mode for all switches. The switch must be in server mode to be able to create, add, and delete VLANs in a VTP domain.

Client

In client mode, switches receive information from VTP servers.

Transparent Switches

In transparent mode don’t participate in the VTP domain or share its VLAN database, but they’ll still forward VTP advertisements through any configured trunk links. They can create, modify, and delete VLANs because they keep their own database.

powered by DJ 13

Configuring VLANs

S1#config t

S1(config)#vlan ?

WORD ISL VLAN IDs 1-4094

internal internal VLAN

S1(config)#vlan 2

S1(config-vlan)#name Sales

S1(config-vlan)#vlan 3

S1(config-vlan)#name Marketing

S1(config-vlan)#vlan 4

S1(config-vlan)#name Accounting

powered by DJ 14

Routing between VLANs

powered by DJ 15

Configuring Inter-VLAN Routing

By default, only hosts that are members of the same VLAN can communicate. To change this and allow inter-VLAN communication, you need a router or a layer 3 switch.

To support ISL or 802.1Q routing on a Fast Ethernet interface, the router’s interface is divided into logical interfaces—one for each VLAN. These are called sub interfaces. From a Fast Ethernet or Gigabit interface, you can set the interface to trunk with the encapsulation command:

powered by DJ 16

ISR#config t

ISR(config)#int f0/0.1

ISR(config-subif)#encapsulation ?

dot1Q IEEE 802.1Q Virtual LAN

ISR(config-subif)#encapsulation dot1Q ?

<1-4094> IEEE 802.1Q VLAN ID

powered by DJ 17

Configuring VTP

All Cisco switches are configured to be VTP servers by default. To configure VTP, first you have to configure the domain name you want to use.

S1#config t

S1#(config)#vtp mode server

Device mode already VTP SERVER.

S1(config)#vtp domain Lammle

Changing VTP domain name from null to Lammle

S1(config)#vtp password hcl

Setting device VLAN database password to hcl

powered by DJ 18

THANK YOU

powered by DJ 19