KEMBAR78
VLANs: Enhancing Network Efficiency | PDF | Computer Network | Network Switch
0% found this document useful (0 votes)
211 views45 pages

VLANs: Enhancing Network Efficiency

Here are the commands to configure the trunking modes: switchport mode dynamic - Configures the port to dynamically negotiate trunking with the peer port. This is the default mode. switchport mode trunk - Configures the port to unconditionally trunk encapsulate frames. The port will remain in trunking mode even if the peer port does not agree to trunk. switchport nonegotiate - Forces the local port into trunking mode but prevents negotiation with the peer port. The peer port must be configured to trunk unconditionally. switchport mode access - Forces the port into access mode even if the peer port requests to trunk. The port will not trunk encapsulate frames.

Uploaded by

Abdullah Ammar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
211 views45 pages

VLANs: Enhancing Network Efficiency

Here are the commands to configure the trunking modes: switchport mode dynamic - Configures the port to dynamically negotiate trunking with the peer port. This is the default mode. switchport mode trunk - Configures the port to unconditionally trunk encapsulate frames. The port will remain in trunking mode even if the peer port does not agree to trunk. switchport nonegotiate - Forces the local port into trunking mode but prevents negotiation with the peer port. The peer port must be configured to trunk unconditionally. switchport mode access - Forces the port into access mode even if the peer port requests to trunk. The port will not trunk encapsulate frames.

Uploaded by

Abdullah Ammar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 45

LAN Switching & Wireless

Networks
VLAN & its Benefits

•  A VLAN = Subnet (in modern switched LANs).


•  On the Switch (Configure the VLAN, the assign port to
the VLAN).
•  A switch port with a singular VLAN configured on it is
called an access port.
VLAN & its Benefits
VLAN Definition
•  Within a switched internetwork, VLANs provide
segmentation and organizational flexibility.
•  VLANs provide a way to group devices within a
LAN.
•  A group of devices within a VLAN communicate as
if they were attached to the same wire.
•  VLANs are based on logical connections, instead
of physical connections.
Benefits of VLAN
•  Security - Groups that have sensitive data are separated from
the rest of the network, decreasing the chances of confidential
information breaches. As shown in the figure, faculty computers
are on VLAN 10 and completely separated from student and
guest data traffic.
•  Cost reduction - Cost savings result from reduced need for
expensive network upgrades and more efficient use of existing
bandwidth and uplinks.
•  Better performance - Dividing flat Layer 2 networks into
multiple logical workgroups (broadcast domains) reduces
unnecessary traffic on the network and boosts performance.
•  Shrink broadcast domains - Dividing a network into VLANs
reduces the number of devices in the broadcast domain. As
shown in the previous figure, there are six computers on this
network but there are three broadcast domains: Faculty,
Student, and Guest.
Benefits of VLAN
•  Improved IT staff efficiency - VLANs make it easier to
manage the network because users with similar network
requirements share the same VLAN. When a new switch is
provisioned, all the policies and procedures already configured
for the particular VLAN are implemented when the ports are
assigned. It is also easy for the IT staff to identify the function of
a VLAN by giving it an appropriate name. In the figure, for easy
identification VLAN 10 has been named “Faculty”, VLAN 20 is
named “Student”, and VLAN 30 “Guest.”

•  Simpler project and application management - VLANs


aggregate users and network devices to support business or
geographic requirements. Having separate functions makes
managing a project or working with a specialized application
easier; an example of such an application is an e-learning
development platform for faculty.
VLAN ID Ranges
•  Normal Range VLANs
ü  Used in small- and medium-sized business and enterprise networks.
ü  Identified by a VLAN ID between 1 and 1005.
ü  IDs 1002 through 1005 are reserved for Token Ring and FDDI VLANs.
ü  IDs 1 and 1002 to 1005 are automatically created and cannot be removed.
ü  Stored in a VLAN DB file, called vlan.dat, which is stored in the flash.
ü  The VTP only learn normal range VLANs and stores them in VLAN DB file.

•  Extended Range VLANs


ü  Designed for service providers.
Catalyst 2960
ü  Are identified by a VLAN ID between 1006 and 4094. supports up to
ü  Support fewer VLAN features than normal range VLANs. 255 VLAN
ü  Are saved in the running configuration file.
ü  VTP does not learn extended range VLANs.

FDDI: Fiber distributed data interface, VTP: VLAN Trunking Protocol


Types of VLANs

• Data VLAN: is a VLAN that is configured to carry only user-


generated traffic, sometimes referred to as a user VLAN.

• Default VLAN: All switch ports become a member of the
default VLAN after the initial boot up of the switch, one
broadcast domain.
ü The default VLAN for Cisco switches is VLAN 1, can’t be
renamed or deleted.
ü  L2 control traffic, such as CDP and STP, will always be
associated with VLAN 1.
Types of VLANs

• Native VLAN: is assigned to an 802.1Q trunk port. Trunk


ports are the links between switches that support the
transmission of traffic associated with more than one
VLAN
ü 802.1Q trunk port places untagged traffic on the native
VLAN.

• Management VLAN: is any VLAN you configure to access


the management capabilities of a switch. VLAN 1 is the
management VLAN by default

• What is 802.1Q?
Types of VLANs: Voice VLAN
Types of VLANs: Voice VLAN

• The Cisco IP Phone contains an integrated three-port


10/100 switch.
VLAN Port Membership Modes: Static
and Dynamic VLANs
•  Static VLAN: Ports on a switch are manually assigned to a VLAN.
ü If you assign an interface to a VLAN that does not exist, the new
VLAN is created for you.

•  Ports on a switch are manually assigned to a VLAN. Enter


the commands to configure FastEthernet 0/18 as an access
port using VLAN 20:
VLAN Port Membership Modes: Static
and Dynamic VLANs
•  Dynamic VLAN: Configured using a special server
called a VLAN Membership Policy Server (VMPS)
that can assign switch ports to VLANs automatically
based on the source MAC address of the device
connected to the port.
VLAN Switch Port Modes:
Voice VLAN
• Before you configure a voice VLAN on the
port, you need to first configure a VLAN for
voice and a VLAN for data.
•  The configuration command
mls qos trust cos ensures that voice
traffic is identified as priority traffic.
Network Without/With VLANs
VLAN Trunk
A VLAN trunk, or trunk, is a point-to-point link between
two network devices that carries more than one VLAN.
A VLAN trunk extends VLANs across an entire network.

VLANs would not be very useful without VLAN trunks.


VLAN trunks allow all VLAN traffic to propagate
between switches, so that devices which are in the
same VLAN, but connected to different switches, can
communicate without the intervention of a router.

Cisco supports IEEE 802.1Q for coordinating trunks on


Fast Ethernet, Gigabit Ethernet, and 10-Gigabit
Ethernet interfaces.
VLAN Without/With Trunks

Without Trunks

With Trunks
Network Without VLANs
In normal operation, when a switch receives a broadcast frame
on one of its ports, it forwards the frame out all other ports
except the port where the broadcast was received.
In Figure 1, the entire network is configured in the same subnet
(172.17.40.0/24) and no VLANs are configured. As a result,
when the faculty computer (PC1) sends out a broadcast frame,
switch S2 sends that broadcast frame out all of its ports.
Eventually the entire network receives the broadcast because
the network is one broadcast domain.
Network With VLANs
the network has been segmented using two VLANs: Faculty
devices are assigned to VLAN 10 and Student devices are
assigned to VLAN 20. When a broadcast frame is sent from the
faculty computer, PC1, to switch S2, the switch forwards that
broadcast frame only to those switch ports configured to support
VLAN 10.
Intra-VLAN/Inter-VLAN Communication
Intra-VLAN/Inter-VLAN Communication
L3 Switch Virtual Interface
• SVI is a logical interface configured for a specific VLAN.
• SVI technology allows a Layer 3 switch to route
transmissions between VLANs.
802.1Q Frame Tagging
• 802.1Q encapsulation header adds a tag to the original
Ethernet frame specifying the VLAN for which the frame
belongs to. 3-bits 802.1P 1-bita

TPID
802.1Q Frame Tagging

•  The standard Ethernet frame header does not contain


information about the VLAN to which the frame
belongs; thus, when Ethernet frames are placed on a
trunk, information about the VLANs to which they
belong must be added. This process, called tagging,
is accomplished by using the IEEE 802.1Q header,
specified in the IEEE 802.1Q standard.

•  The most important field is the VLAN ID.


Explain what a switch does with a frame received on an
access port assigned to one VLAN before placing the
frame on a trunk link for all VLANs?
When a switch receives a frame on a port configured in
access mode and destined for a remote device via a
trunk link, the switch takes apart the frame and inserts a
VLAN tag, recalculates the FCS, and sends the tagged
frame out the trunk port.
What is EtherType?
The EtherType field is set to the hexadecimal value of
0x8100. This value is called the tag protocol ID (TPID)
value. This is how the switch receiving the frame knows
to look for information in the tag control information field
for VLAN information.
What happens when a Cisco switch trunk port receives
untagged frames?
When a Cisco switch trunk port receives untagged
frames, it forwards those frames to the Native VLAN,
which by default is VLAN number 1. Remember that it is
a security best practice to change the native VLAN to a
different number. Because trunk links will use VLAN 1 by
default, it is necessary to configure trunks with the
administrator-defined Native VLAN.
Enter the command to assign VLAN 99 as the native
VLAN to a trunking port:
S1(config-if)# switchport trunk native vlan 99
Native VLANs and 802.1Q Trunking

show interfaces interface-id switchport


Trunking Operation
Trunking Operation
Trunking Operation
Trunking Operation
Trunking Modes
DTP: Cisco Proprietary protocol, automatically enabled
DTP: Negotiates whether port will be access or trunk

Example
Trunking Modes

•  Dynamic Trunking Protocol (DTP) is a Cisco


proprietary protocol that negotiates both the status of
trunk ports and the trunk encapsulation of trunk ports.

•  A switch port on a Cisco Catalyst switch supports a


number of trunking modes. The trunking mode defines
how the port negotiates using DTP to set up a trunk
link with its peer port. Identify the commands used to
configure the trunking mode:
Trunking Modes
The command switchport mode trunk configures the
local switch port to advertise to the remote port that it is
dynamically changing to a trunking state. The local port
is in unconditional trunking state.

The command switchport mode dynamic auto:


advertise that it is able to trunk but does not request to
go to the trunking state. The local port transitions to the
trunking state only if the remote port trunk mode has
been configured to be on or desirable. If both ports on
the switches are set to auto, they do not negotiate to be
in a trunking state. They negotiate to be in an access
state.
Trunking Modes
The command switchport mode dynamic desirable:it
is able to trunk and asks the remote switch port to go to
the trunking state. If the local port detects that the
remote has been configured in on, desirable, or auto
mode, the local port ends up in a trunking state. If the
remote switch port is in the nonegotiate mode, the local
switch port remains as a nontrunking port.

The command switchport nonegotiate disables DTP.


The local port is then considered to be in an
unconditional trunking state. Used for switch of two
different vendors.
Configure a VLAN
Managing VLANs
Managing VLANs

• S1(config)# no vlan vlan-id


• S1# delete flash:vlan.dat
• Note: Before deleting a VLAN, be sure to first reassign all
member ports to a different VLAN. Any ports that are not
moved to an active VLAN are unable to communicate with
other stations after you delete the VLAN.
Configure a Trunk
Common Problems with Trunks
Common Problems with Trunks:
Native VLAN Mismatches
Common Problems with Trunks:
Trunk Mode Mismatches
Common Problems with Trunks:
Incorrect VLAN List
Common Problems with Trunks:
Incorrect IP Configuration

You might also like