In this tutorial we will provide a step by step guide to configure the VLAN in Cisco switches with
example. We will start from creating VLANs. Once VLANs are created we will assign interfaces to it.
Later we will explain intra VLAN communication with Router on Stick example. In the end of this
article we will provide a cheat sheet of commands for VLAN VTP DTP and router on stick
configuration.
This is the last part of our article VLAN, VTP, DTP, STP and Router on Stick Explained with
Examples. You can read other parts of this article here:-
VLAN Basic Concept Explained with Examples
http://www.computernetworkingnotes.com/ccna-study-guide/vlan-basic-concepts-explainedwith-examples.html
This is the first part of this article. In this part we explained basic concepts of VLAN such as What
VLAN is, Advantage of VLAN, VLAN membership Static and Dynamic, VLAN Connections; Access
link and trunk links, trunk tagging and how VLAN add additional layer of security with examples.
VLAN Practice LAB Setup on Packet Tracer
http://www.computernetworkingnotes.com/ccna-study-guide/vlan-practice-lab-setup-on-packettracer.html
This is the second part of this article. In this part we explained how to create a practice lab in
Packet Tracer. You can create practice lab by following the instruction or alternatively download
pre created lab. This lab will we used to demonstrate the configuration part of VLAN, VTP, DTP,
STP and router on stick.
Configure VTP Server and Client in Switch
http://www.computernetworkingnotes.com/ccna-study-guide/configure-vtp-server-and-clientin-switch.html
This the third part of this article. In this part we explained VTP mode with examples including VTP
Server mode, VTP Client mode and VTP transparent mode. Later we configured VTP protocol in
our practice lab.
VLAN Tagging Explained with DTP Protocol
http://www.computernetworkingnotes.com/ccna-study-guide/vlan-tagging-explained-with-dtpprotocol.html
This the fourth part of this article. In this part we explained access link, trunk link, VLAN tagging
process, VLAN tagging protocol ISL and 802.1Q, Dynamic trunking protocol and DTP mode with
examples. Later in this part we configured trunking in our practice lab.
Now in this part we will provide a step by step guide to configure the VLANs. For this tutorial we
assume that you have our practice topology running in packet tracer. You can create this topology by
following the instruction given in second part of this article or alternatively download the pre created
topology from there.
How to create VLAN
In our network Office1 Switch is configured as VTP Server. Office2 and Office3 switches are
configured as VTP clients. We only need to create VLANs in VTP Server. VTP Server will propagate
this information to all VTP clients. vlan vlan number command is used to create the VLAN.
Office 1 Switch
S1(config)#vlan 10
S1(config-vlan)#exit
S1(config)#vlan 20
S1(config-vlan)#exit
S1(config)#
How to assign VLAN Membership
VLAN can be assigned statically or dynamically. CCNA exam only includes static method; therefore
we will also use static method to assign VLAN membership. switchport access vlan [vlan number]
command is used to assign VLAN to the interface. Following commands will assign VLANs to the
interfaces.
Office 1 Switch
S1(config)#interface fastEthernet 0/1
S1(config-if)#switchport access vlan 10
S1(config-if)#interface fastEthernet 0/2
S1(config-if)#switchport access vlan 20
Office 2 Switch
S2(config)#interface fastEthernet 0/1
S2(config-if)#switchport access vlan 10
S2(config-if)#interface fastEthernet 0/2
S2(config-if)#switchport access vlan 20
Office 3 Switch
S3(config)#interface fastEthernet 0/1
S3(config-if)#switchport access vlan 10
S3(config-if)#interface fastEthernet 0/2
S3(config-if)#switchport access vlan 20
We have successfully assigned VLAN membership. Its time to test our configuration. To test this
configuration, we will use ping command. ping command is used to test connectivity between two
devices. As per our configuration, devices from same VLAN can communicate. Devices from different
VLANs must not be able to communicate with each other without router.
Test VLAN configuration
Access PCs command prompt to test VLAN configuration. Double click on PC-PT and click on
Command Prompt
We have two VLAN configurations VLAN 10 and VLAN 20. Lets test VLAN 10 first. In VLAN 10 we
have three PCs with IP addresses 10.0.0.2, 10.0.0.3 and 10.0.0.4. These PCs must be able to
communicate with each others. At this point PCs from VLAN 10 should not be allowed to access PCs
from VLAN 20. VLAN 20 also has three PCs 20.0.0.2, 20.0.0.3 and 20.0.0.4.
We have successfully implemented VLAN 10 now test VLAN 20.
Same as VLAN 10, PCs from VLAN 20 must be able to communicate with other PCs of same VLAN
while they should not be able to access VLAN 10.
Congratulations we have successfully achieved one more mile stones of this article.
Configure Router on Stick
Typically routers are configured to receive data on one physical interface and forward that data from
another physical interface based on its configuration. Each VLAN has a layer 3 address that should
be configured as default gateway address on all its devices.
In our scenario we reserved IP address 10.0.0.1 for VLAN 10 and 20.0.0.1 for VLAN 20. With default
configuration we need two physical interfaces on router to make this intra VLAN communication.
Due to price of router, its not a cost effective solution to use a physical interface of router for each
VLAN. Usually a router has one or two Ethernet interface. For example if we have 50 VLANs, we
would need nearly 25 routers in order to make intra VLANs communications. To deal with situation
we use Router on Stick.
Router on Stick is router that supports trunk connection and has an ability to switch frames between
the VLANs on this trunk connection. On this router, single physical interface is sufficient to make
communication between our both VLANs.
Access command prompt of Router
To configure Router on Stick we have to access CLI prompt of Router. Click Router and Click CLI
from menu items and Press Enter key to access the CLI
Run following commands in same sequence to configure Router on Stick
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface fastEthernet 0/0
Router(config-if)#no ip address
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#interface fastEthernet 0/0.10
Router(config-subif)#encapsulation dot1Q 10
Router(config-subif)#ip address 10.0.0.1 255.0.0.0
Router(config-subif)#exit
Router(config)#interface fastEthernet 0/0.20
Router(config-subif)#encapsulation dot1Q 20
Router(config-subif)#ip address 20.0.0.1 255.0.0.0
Router(config-subif)#exit
In above configuration we broke up single physical interface [FastEthernet 0/0] into two
logical interfaces, known as sub-interfaces. Router supports up to 1000 interfaces including
both physical and logical.
By default interface link works as access link. We need to change it into trunk link.
encapsulation commands specify the trunk type and associate VLAN with sub-interface.
In next step we assigned IP address to our sub-interface.
Thats all configuration we need to switch VLANs. Now we can test different VLAN communications.
To test intra VLANs communication open command prompt of PC and ping the PC of other VLAN.
PC [10.0.0.3] from VLAN 10 can now access PC [20.0.0.2] from VLAN 20.
Spanning Tree Protocol (STP)
STP is a layer 2 protocol, used for removing loops. For backup purpose we typically create backup
links for important resources. In our scenario, all offices have backup links that create loops in
topology. STP automatically removes layer 2 loops. STP multicasts frame that contain information
about switch interfaces. These frames are called BPDU (Bridge Protocol Data Units). Switch use
BPDUs to learn network topology. If it found any loop, it will automatically remove that. To remove
loop, STP disables port or ports that are causing it.
How to configure VLAN VTP DTP cheat sheet
Command
Descriptions
Switch(config)#vtp
mode server
Switch(config)#vtp
mode client
Switch(config)#vtp
mode transparent
Switch(config)#no vtp
mode
Switch(config)#vtp
domain domain-name
Switch(config)#vtp
password password
Switch#show
vtp
status
Switch#show
vtp
counters
Switch(config-if)
#switchport
mode
trunk
Switch(config)#vlan 10
Switch(configvlan)#name Sales
Switch(configvlan)#exit
Switch(config)#interfac
e fastethernet 0/1
Switch(configif)#switchport
mode
access
Switch(configif)#switchport
access
vlan 10
Configure Switch as VTP Server
Configure Switch as VTP Client
Configure Switch as VTP Transparent
Configure Switch to default VTP Server Mode
Set VTP Domain name.
Set VTP password. Password is case sensitive
Display VTP status including general information
Show VTP counters of switch
Change interface mode in Trunk
Create VLAN and associate number ID 10 with it
Assign name to VLAN
Return in Global configuration mode from VLAN
configuration mode
Enter in interface configuration mode
Set interface link type to access link
Assign this interface to VLAN 10
Switch#show vlan
Displays VLAN information
Switch#show vlan brief
Displays VLAN information in short
Switch#show vlan id 10 Displays information VLAN ID 10 only
Switch#show
vlan
name sales
Switch(config)#interfac
e fastethernet 0/8
Switch(config-if)#no
switchport access vlan
10
Displays information about VLAN named sales only
Enter in Interface configuration mode
Removes interface from VLAN 10 and reassigns it to
the default VLAN - VLAN 1
Switch(config-if)#exit
Move back to Global configuration mode
Switch(config)#no vlan
Delete VLAN 10 from VLAN database
10
Switch#copy runningSaves the running configuration in NVRAM
config startup-config
Thats all for this article. I hope you have enjoyed this tutorial. Please visit our site for more articles
ComputerNetworkingNotes.com