Beruflich Dokumente
Kultur Dokumente
Objectives
Explain the role of VLANs in a network. Explain the role of trunking VLANs in a network. Troubleshoot the common software or hardware configuration problems associated with VLANs on switches in a network topology.
Role of VLANS
Before VLANS
1 building
no problem !
H c vi n m ng Bach Khoa - Website: www.bkacad.com 4
Before VLANS
Many building
H c vi n m ng Bach Khoa - Website: www.bkacad.com 5
Before VLANS
Many building: Problem ? IT department wants to ensure that student computers all share the same security features and bandwidth controls. How can the network accommodate the shared needs of the geographically separated departments? Do you create a large LAN and wire each department together? It would be great to group the people with the resources they use regardless of their geographic location, and it would make it easier to manage their specific security and bandwidth needs.
VLAN overview
VLAN overview
VLANS details
A VLAN is a broadcast domain created by one or more switches. The network design above creates three separate broadcast domains.
H c vi n m ng Bach Khoa - Website: www.bkacad.com 9
Benefit of VLANS
10
VLAN ID
11
Configuring Extended-Range VLANs When the switch is in VTP transparent mode (VTP disabled), you can create extended-range VLANs (in the range 1006 to 4094 for any switch port commands that allow VLAN IDs). Enter the vlan vlan-id global configuration command to access config-vlan mode and to configure extended-range VLANs. The VLAN database configuration mode (that you access by entering the vlan database privileged EXEC command) does not support the extended range. Extended-range VLAN configurations are not stored in the VLAN database. Because VTP mode is transparent, they are stored in the switch running configuration file. You can save the configuration in the startup configuration file by using the copy running-config startup-config privileged EXEC command. Example: Switch(config)# vtp mode transparent Switch(config)# vlan 2000 Switch(config-vlan)# end Switch# copy running-config startup config
12
13
VLAN Tagging
No VLAN Tagging
VLAN Tagging
14
VLAN Tagging
802.10
There are two major methods of frame tagging, Cisco proprietary Inter
Switch Link (ISL) and IEEE 802.1Q. ISL used to be the most common, but is now being replaced by 802.1Q frame tagging. Cisco recommends using 802.1Q. VLAN Tagging and Trunking will be discussed in the next chapter.
H c vi n m ng Bach Khoa - Website: www.bkacad.com 15
Types of VLAN
Data VLAN: A data VLAN is a VLAN that is configured to carry only user-generated traffic.
16
Types of VLAN
Default VLAN:
All switch ports become a member of the default VLAN after the initial boot up of the switch. Having all the switch ports participate in the default VLAN makes them all part of the same broadcast domain. This allows any device connected to any switch port to communicate with other devices on other switch ports. The default VLAN for Cisco switches is VLAN 1. VLAN 1 has all the features of any VLAN, except that you cannot rename it and you can not delete it.
H c vi n m ng Bach Khoa - Website: www.bkacad.com 17
Types of VLAN
Management VLAN:
A management VLAN is any VLAN you configure to access the management capabilities of a switch. VLAN 1 would serve as the management VLAN if you did not proactively define a unique VLAN to serve as the management VLAN. You assign the management VLAN an IP address and subnet mask. A switch can be managed via HTTP, Telnet, SSH, or SNMP.
H c vi n m ng Bach Khoa - Website: www.bkacad.com 18
Types of VLAN
Native VLAN: A native VLAN is assigned to an 802.1Q trunk port. An 802.1Q trunk port supports traffic coming from many VLANs (tagged traffic) as well as traffic that does not come from a VLAN (untagged traffic). The 802.1Q trunk port places untagged traffic on the native VLAN. In the figure, the native VLAN is VLAN 99.
H c vi n m ng Bach Khoa - Website: www.bkacad.com 19
Native VLAN
20
Types of VLAN
Voice VLAN:
It is easy to appreciate why a separate VLAN is needed to support Voice over IP (VoIP) VoIP traffic requires: Assured bandwidth to ensure voice quality Transmission priority over other types of network traffic Ability to be routed around congested areas on the network Delay of less than 150 milliseconds (ms) across the network
21
Voice VLAN
22
Types of traffic
23
Types of traffic
24
Types of traffic
25
Types of traffic
26
27
28
172.30.1.21 255.255.255.0
Switch 1
172.30.2.12 255.255.255.0
172.30.2.10 255.255.255.0
172.30.1.23 255.255.255.0
Without VLANs, the ARP Request would be seen by all hosts. Again, consuming unnecessary network bandwidth and host processing
cycles.
H c vi n m ng Bach Khoa - Website: www.bkacad.com 29
Switch 1
172.30.2.12 255.255.255.0 VLAN 2
1 2 3 4 5 6 . Port 1 2 1 2 2 1 . VLAN
30
Intra-VLAN Communication
31
Inter-VLAN Communication
32
SVI (switch virtual interface ) SVI is a logical interface configured for a specific VLAN. You need to configure an SVI for a VLAN if you want to route between VLANs or to provide IP host connectivity to the switch. An SVI is a virtual Layer 3 interface that can be configured for any VLAN that exists on a Layer 3 switch.
H c vi n m ng Bach Khoa - Website: www.bkacad.com 33
VLAN Trunking
34
VLAN Trunk
A trunk is a point-to-point link between one or more Ethernet switch interfaces and another networking device, such as a router or a switch. A VLAN trunk does not belong to a specific VLAN, rather it is a conduit for VLANs between switches and routers.
H c vi n m ng Bach Khoa - Website: www.bkacad.com 35
VLAN Trunk
36
802.1Q tagging
37
802.1Q tagging
EtherType field Set to the hexadecimal value of 0x8100. This value is called the tag protocol ID (TPID) value. With the EtherType field set to the TPID value, the switch receiving the frame knows to look for information in the tag control information field.
Tag control information field 3 bits of user priority - Used by the 802.1p standard, which specifies how to provide expedited transmission of Layer 2 frames. A description of the IEEE 802.1p is beyond the scope of this course; however, you learned a little about it earlier in the discussion on voice VLANs. 1 bit of Canonical Format Identifier (CFI) - Enables Token Ring frames to be carried across Ethernet links easily. 12 bits of VLAN ID (VID) - VLAN identification numbers; supports up to 4096 VLAN IDs. FCS field After the switch inserts the EtherType and tag control information fields, it recalculates the FCS values and inserts it into the frame.
H c vi n m ng Bach Khoa - Website: www.bkacad.com
38
39
40
Ethernet trunk interfaces support several different trunking modes. Access Dynamic desirable (default mode on Catalyst 2950 and 3550) Dynamic auto Trunk Non-negotiate dotq-tunnel (Not an option on the Catalyst 2950.)
H c vi n m ng Bach Khoa - Website: www.bkacad.com 42
Trunking mode
switchport nonegotiate
H c vi n m ng Bach Khoa - Website: www.bkacad.com 43
44
Trunking mode
45
Trunking mode
46
47
Creating VLANs
Add a VLAN
48
switch# vlan database % Warning: It is recommended to configure VLAN from config mode, as VLAN database mode is being deprecated. Please consult user documentation for configuring VTP/VLAN in config mode.
49
50
vlan 3
SydneySwitch(config)#interface range fastethernet0/8 ? , comma - hyphen (config)#interface range fastethernet0/8 -12 (config-if-range)#switchport access vlan 3 (config-if-range)#exit (config)#interface range fastethernet0/8 , fastethernet0/12 (config-if-range)#switchport access vlan 3 (config-if-range)#exit
H c vi n m ng Bach Khoa - Website: www.bkacad.com 51
Verify VLAN
show vlan show vlan brief show interface vlan 2 show interface fa0/18 switchport
H c vi n m ng Bach Khoa - Website: www.bkacad.com 52
Delete Vlan
53
54
Remove VLANs from the current list of the trunking line: (config-if)# switchport trunk allowed vlan remove vlan-id If a VLAN other than VLAN 1 is to be the Native VLAN, it needs to be identified on the trunk ports: (config-if)# switchport trunk native vlan vlan-id
H c vi n m ng Bach Khoa - Website: www.bkacad.com 55
56
58
59
60
61
Solution:
S1 f0/3: (config-if)# switchport trunk allowed vlan 10, 20, 99
62
63
Lab
64
Summary
65