CCNA Semester 3

Chapter 07

VIRTUAL LANs
1
Objectives

• Explain the concept of VLANs.

• Configure static VLANs on 29xx series
Catalyst switchs.
2
Table of Content
1 VLAN concepts
2 Trunking
3 VLAN configuration
3
 VLAN CONCEPTS
4
VLAN introduction
5
Broadcast domains with VLANs and routers
6
VLAN types

• Port-based VLANs
• MAC address based VLANs
• Protocol based VLANs
7
Port-based VLANs

• Most common configuration method.

• Ports assigned individually.
• Often implement when DHCP is used.
8
MAC address base VLANs

• Rarely implemented today.

• Each address must be entered into the switch
and configured individually.
• Difficult to administer, troubleshoot and
manage.
9
Protocol base VLANs

• Configured like MAC addresses, but instead

uses a protocol or IP address.
• No longer comon because of DHCP.
1
Benefits of VLANs

• Easily move workstations on the LAN.

• Easily add workstations to the LAN.
• Easily change the LAN configuration.
• Easily control network traffic.
• Improve security.
1
 TRUNKING
1
History of trunking

• A trunk is a single communications line that

carries multiple channels of signals.
1
Trunking concept

VLAN1 VLAN1 VLAN1

VLAN2 VLAN2 VLAN2

VLAN1 VLAN1
TRUNK

VLAN1 and VLAN2 VLAN2

VLAN2
1
VLANs and trunking

• ISL
• 802.1Q
1
VLAN Operation on the Trunk

• Each logical VLAN is like a separate physical bridge.

• VLANs can span across multiple switches.
• Trunks carry traffic for multiple VLANs.
• Trunks use special encapsulation to distinguish between
different VLANs.
1
802.1Q Trunking Limitations

• Make sure the native

VLAN for an 802.1Q
trunk is the same on
both ends of the trunk
link.
• Make sure your
network is loop-free
before disabling STP.
1
Importance of Native VLANs
1
Per-VLAN Spanning Tree
1
Frames Tagging

• ISL
• 802.1Q
2
802.1Q Frame
2
ISL Tagging

ISL trunks enable VLANs across a backbone.

– Performed with ASIC

– Not intrusive to client
stations; ISL header not
seen by client
– Effective between switches,
and between routers and
switches
2
ISL Encapsulation
2
 VLAN CONFIGURATION
2
VLAN Configuration Guidelines

– Maximum number of VLANs is switch-dependent.

– Catalyst desktop switches support 64 VLANs with
a separate spanning tree per VLAN.
– VLAN1 is the factory default Ethernet VLAN.
– CDP and VTP advertisements are sent on VLAN1.
– The Catalyst switch IP address is in the
management VLAN (VLAN1 by default).
– To add or delete VLANs, the switch must be in
VTP server or transparent mode.
2
End-to-end VLANs and Geographic VLANs

• End-to-end VLANs:
– devices to be grouped based upon resource
usage.
– Allow 80/20 rule.
• Geographic VLANs:
– Devices to be grouped based on geographic.
– Allow 20/80 rule.
2
Configuring static VLANs

• Create VLANs

• Assign ports to VLANs

2
Adding a VLAN

Catalyst 1900

wg_sw_1900(config)# vlan vlan# [name vlan-name]

wg_sw_1900#configure terminal
Enter configuration commands, one per line. End with CNTL/Z
wg_sw_1900(config)#vlan 9 name switchlab2

Catalyst 2950
wg_sw_2950#vlan database
wg_sw_2950(vlan)# vlan vlan# [name vlan-name]

wg_sw_2950#vlan database
wg_sw_ 2950(vlan)#vlan 9 name switchlab2
wg_sw_ 2950(vlan)#exit
2
Modifying a VLAN Name

wg_sw_a(config)#vlan vlan# name vlan-name

wg_sw_a#configure terminal
Enter configuration commands, one per line. End with CNTL/Z
wg_sw_a(config)#vlan 9 name switchlab90

wg_sw_a#show vlan 9

VLAN Name Status Ports

------------------------------------------------
9 switchlab90 Enabled
------------------------------------------------
2
Assigning Switch Ports to a VLAN

Catalyst 1900

wg_sw_1900(config-if)#vlan-membership {static {vlan#} | dynamic}

wg_sw_1900#conf terminal
Enter configuration commands, one per line. End with CNTL/Z
wg_sw_1900(config)#interface ethernet 0/8
wg_sw_1900(config-if)#vlan-membership static 9

Catalyst 2950

wg_sw_2950(config-if)#switchport access vlan vlan#

3
Trunking implementation

• Switch# show port capabilities

• Switch # configure terminal
• Switch(config)# interface f0/1
• Switch (config-if)# Switchport mode trunk
• Switch(config-if)# Switchport trunk
encapsulation dot1q/isl
• Switch# Show trunk
3
Configuring Trunking on Catalyst 1900

wg_sw_1900(config-if)#trunk [on | off | desirable | auto |

nonegotiate]

• on = Set trunk on and negotiate with other side

• off = Set trunk off and negotiate with other side
• desirable = Negotiate with other side;
trunk on if other side is on, desirable, or auto
• auto = Will be a trunk only if the other side is on or desirable
• nonnegotiate = Set trunk on and will not negotiate

wg_sw_1900#conf terminal
Enter configuration commands, one per line. End with CNTL/Z
wg_sw_1900(config)#interface f0/26
wg_sw_1900(config-if)#trunk on

First Trunk Port (Port A)

• Note: The Catalyst 1900 only supports ISL encapsulation.

3
Verifying a Trunk

Catalyst 1900
wg_sw_1900#show trunk [A | B]

wg_sw_1900#show trunk a
DISL state: On, Trunking: On, Encapsulation type: ISL

Catalyst 2950

wg_sw_2950#show interface interface switchport

wg_sw_2950#show interface fa0/2 switchport

Name: Fa0/2
Switchport: Enabled
Administrative mode: trunk
Operational Mode: trunk
. . .
3
Verifying a VLAN

Catalyst 1900
wg_sw_1900#show vlan [vlan#]

wg_sw_1900#show vlan 9

VLAN Name Status Ports

-------------------------------------------------
9 switchlab2 Enabled
-------------------------------------------------

VLAN Type SAID MTU Parent RingNo BridgeNo Stp Trans1 Trans2
---------------------------------------------------------------------------
9 Ethernet 100009 1500 0 1 1 Unkn 0 0
---------------------------------------------------------------------------

Catalyst 2950
wg_sw_2950#show vlan [id vlan#]
3
Verifying VLAN Membership on a Catalyst 1900

wg_sw_1900#show vlan-membership

wg_sw_1900#show vlan-membership

Port VLAN Membership Type Port VLAN Membership Type

--------------------------- ------------------------------
1 5 Static 13 1 Static
2 1 Static 14 1 Static
3 1 Static 15 1 Static
4 1 Static 16 1 Static
5 1 Static 17 1 Static
6 1 Static 18 1 Static
7 1 Static 19 1 Static
8 9 Static 20 1 Static

Note: port 1=e0/1, port 2=e0/2 .....

3
Verifying VLAN Membership on a Catalyst 2950

wg_sw_2950#show vlan brief

wg_sw_2950#show vlan brief

VLAN Name Status Ports
---- ------------------------ --------- -----------------------
1 default active Fa0/4, Fa0/5, Fa0/6, Fa0/7,
Fa0/8, Fa0/9, Fa0/10, Fa0/11,
Fa0/12, Fa0/13, Fa0/14, Fa0/15,
Fa0/16, Fa0/17, Fa0/18, Fa0/19,
Fa0/20, Fa0/21
5 VLAN5 active Fa0/3
9 VLAN9 active Fa0/22, Fa0/23
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active

wg_sw_2950#show interfaces interface switchport

3
Verifying STP for a VLAN

Catalyst 1900 wg_sw_1900#show spantree [vlan#]

wg_sw_1900#show spantree 1

VLAN1 is executing the IEEE compatible Spanning Tree Protocol

Bridge Identifier has priority 32768, address 0050.F037.DA00
Configured hello time 2, max age 20, forward delay 15
Current root has priority 0, address 00D0.588F.B600
Root port is FastEthernet 0/26, cost of root path is 10
Topology change flag not set, detected flag not set
Topology changes 53, last topology change occurred 0d00h17m14s ago
Times: hold 1, topology change 8960
hello 2, max age 20, forward delay 15
Timers: hello 2, topology change 35, notification 2
Port Ethernet 0/1 of VLAN1 is Forwarding
Port path cost 100, Port priority 128
Designated root has priority 0, address 00D0.588F.B600
Designated bridge has priority 32768, address 0050.F037.DA00
Designated port is Ethernet 0/1, path cost 10
Timers: message age 20, forward delay 15, hold 1

Catalyst 2950 wg_sw_2950#show spanning-tree vlan [vlan#]

3
Summary

• Definition of VLANs
• Trunking
• Configuring static VLANs on Catalyst switches
3
Q&A
3