University of Science and Technology Houari Boumediene " U.S.T.H.

B"
Faculty of Electrical Engineering (FGE)
Department of Telecommunications
Academic Year: 2024/2025

LAB N°2: Segmenting Your Network: VLANs and

Trunking

Yacine harket
Zaiter kamelia zahra
222231517412
Sous groupe 1

Introduction :
Modern switches use VLANs to enhance network performance by dividing
Layer 2 broadcast domains into smaller segments. In addition to
optimizing traffic management, VLANs also improve security by
restricting communication between specific hosts.

VLAN trunks are essential for extending VLANs across multiple devices.
They allow traffic from multiple VLANs to travel over a single link while
maintaining VLAN identification and segmentation.

In this lab, we will configure VLANs on two switches, assign ports to

VLANs, and verify their functionality. Then, we will set up a trunk
between the two switches to enable communication between hosts
within the same VLAN, regardless of which switch they are connected to.

Lab Objectives :
By the end of this session, we will be able to:
• Part 1: Set up the network and configure the basic settings of the devices.
• Part 2: Create VLANs and assign switch ports to their respective VLANs.
• Part 3: Modify port assignments to VLANs and manage the VLAN database.
• Part 4: Configure an 802.1Q trunk between switches to enable inter-VLAN
communication.
• Part 5: Delete the VLAN database and reset the VLAN configuration on the
switches.

Required Resources :
• Switches (Cisco 2960 equipped with Cisco IOS version 15.0(2) lanbasek9
image or similar)
• PCs (Windows 10, or 11, equipped with a terminal emulation program such
as Putty)
• Console cables to configure Cisco IOS devices via console ports
• Ethernet cables according to the topology

Pre-Lab Assignment :
First, we will answer the preliminary questions by conducting research to fully
understand the concepts related to VLANs and trunking. The goal is to have a solid
foundation before moving on to the practical work.

Next, we will recreate the lab topology in Packet Tracer. We will configure the devices
according to the instructions and then verify if the VLANs and trunk are functioning
correctly.

Finally, we will prepare a detailed report summarizing our work in Packet Tracer. This
report will include the configurations, the results obtained, and any challenges
encountered, along with the solutions implemented.

A. Pre-Lab Questions :
VLAN Fundamentals:
1. What is a VLAN, and why are they used in modern networks ?
A VLAN (Virtual Local Area Network) is a logical segmentation of a physical
network that groups devices together, even if they are not physically connected
to the same switch. VLANs improve network organization, security, and
performance by isolating broadcast domains at Layer 2.

Benefits of VLANs:
 • Security: Devices in different VLANs cannot communicate unless
explicitly allowed through inter-VLAN routing. This limits
unauthorized access.
• Performance: Reduces network congestion by limiting broadcast
traffic within each VLAN.
• Management: Simplifies network administration by allowing
devices to be logically grouped based on function rather than
physical location.

2. What is the default VLAN on a Cisco switch? What are the potential security
risks associated with using the default VLAN for user traffic?
On Cisco switches, VLAN 1 is the default VLAN. All switch ports are assigned to
VLAN 1 by default.

Security risks of using VLAN 1 for user traffic:

• Broadcast Traffic Exposure: Since VLAN 1 is automatically enabled
on all ports, it can expose the network to unnecessary broadcast
traffic.
• Trunking Risk: VLAN 1 is allowed by default on trunk links, making
it a potential target for VLAN hopping attacks.
• Lack of Segmentation: Keeping user traffic on VLAN 1 prevents
network isolation, increasing vulnerability to attacks and
unauthorized access.
Best practice:
Use VLAN 1 only for switch-to-switch communication or disable it on trunk
ports. Assign user traffic to other VLANs.

3. Describe the difference between a data VLAN and a management VLAN. Why
is it recommended to use a separate VLAN for management traffic?
• Data VLAN: Used to carry end-user traffic (PCs, printers, VoIP
phones, etc.). Each department or function can have a separate
data VLAN.
• Management VLAN: Dedicated VLAN for managing network
devices (switches, routers, access points). It allows administrators
to access devices securely.
Why separate management traffic?
• Security: Prevents unauthorized users from accessing the
management interface.
• Network Stability: Isolates control traffic from user-generated
data, reducing congestion and ensuring stable network
performance.
• Remote Access Control: Allows administrators to securely manage
the network from a specific VLAN without interference from
regular user traffic.
Best practice:
Assign a separate VLAN (e.g., VLAN 99) for management and restrict access
using ACLs or authentication mechanisms.

4. What is the range of VLAN IDs available on Cisco switches, and what are the
reserved VLAN ranges? How do extended range VLANs differ from normal range
VLANs?
Cisco switches support VLAN IDs from 1 to 4094, divided into two ranges:
• Normal range VLANs (1 – 1005):
• VLANs 1 and 1002-1005 are reserved.
• Stored in the vlan.dat file in Flash memory.
• Can be used for standard VLAN configurations.
• Extended range VLANs (1006 – 4094):
• Not saved in vlan.dat (stored in running-config on some switches).
• Used in large-scale networks (e.g., service providers).
• Requires a switch running in VTP transparent mode to be
manually configured.
Key differences:
VLAN IDs 1 - 1005 1006 - 4094
Stored in vlan.dat (Flash) Running-config (RAM)
VTP Support Yes (VTP v1 & v2) No (Requires VTP Transparent)
Use Case Enterprise networks No (Requires VTP Transparent)

Best practice:
Use normal range VLANs for standard enterprise networks and extended VLANs
for service provider environments.
VLAN Configuration:
What are the key commands used to create and name VLANs on a Cisco
switch? Provide examples of how to create VLANs with specific IDs and
descriptive names.
To create and name a VLAN on a Cisco switch, the following commands are used
in global configuration mode:
Switch# configure terminal
Switch(config)# vlan <VLAN-ID>
Switch(config-vlan)# name <VLAN-Name>
Switch(config-vlan)# exit
Switch(config)# end
Switch# write memory
Example: Creating VLAN 10 for “Students” and VLAN 20 for “Faculty”:
Switch(config)# vlan 10
Switch(config-vlan)# name Students
Switch(config-vlan)# vlan 20
Switch(config-vlan)# name Faculty
Switch(config-vlan)# exit
This configuration ensures that VLAN 10 and VLAN 20 are created and named
properly.

2. Explain the process of assigning switchports to VLANs. What is the difference

between access mode and trunk mode on a switchport?
After creating a VLAN, ports must be assigned to it. This is done in interface
configuration mode:

Switch(config)# interface <interface-id>

Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan <VLAN-ID>
Switch(config-if)# exit
Example: Assigning port FastEthernet 0/1 to VLAN 10:
Switch(config)# interface FastEthernet 0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
Switch(config-if)# exit
Difference between Access Mode and Trunk Mode:
Mode Description Use Case
Access Mode Assigns the port to a Used for end-user
single VLAN. Only devices (PCs, printers,
untagged frames are VoIP phones).
sent/received
Trunk Mode Allows multiple VLANs Used for switch-to-
to pass through the switch connections to
port. VLANs are allow VLAN traffic.
identified with 802.1Q
tags

Example: Configuring a trunk port (FastEthernet 0/2) for all VLANs:

Switch(config)# interface FastEthernet 0/2
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk encapsulation dot1q
Switch(config-if)# exit
3. What is the command used to verify VLAN membership and port assignments
on a Cisco switch?
To check VLAN assignments and which ports belong to each VLAN, use:
Switch# show vlan brief
This command displays VLAN IDs, VLAN names, and the interfaces assigned to
each VLAN.
To verify trunk ports and VLANs allowed on the trunk:
Switch# show interfaces trunk
To check VLAN membership of a specific port:
Switch# show interfaces FastEthernet 0/1 switchport
4. How can you remove a VLAN from a switch’s configuration? What happens to
the ports that were assigned to the deleted VLAN?
To remove a VLAN from the configuration, use:
Switch(config)# no vlan <VLAN-ID>
Example: Deleting VLAN 10:
Switch(config)# no vlan 10
What happens to the ports assigned to the deleted VLAN?
• The interfaces that were part of the deleted VLAN remain in
“inactive” state.
• They do not communicate until they are reassigned to a valid
VLAN.
• You need to manually assign them to another VLAN to restore
functionality.
To check their status, use:
Switch# show vlan brief
5. Explain the purpose of the vlan.dat file. How does this file store VLAN
information, and how can it be deleted to reset the VLAN database to its default
settings?
The vlan.dat file stores the VLAN database information in Flash memory. This
means that VLAN configurations remain persistent even after a reboot, unless
explicitly deleted.
To reset the VLAN database:
1. Delete the vlan.dat file:
Switch# delete flash:vlan.dat
Press Enter twice to confirm.
Reload the switch to apply changes:
Switch# reload
Effect of deleting vlan.dat:
• All VLANs (except default ones) are erased.
• VLAN assignments on interfaces become inactive.
• The switch must be reconfigured with new VLANs.

Summary of Key Commands:

 Action Command
Create a VLAN vlan <VLAN-ID>
Name a VLAN name <VLAN-Name>
Assign a port to a VLAN switchport access vlan <VLAN-ID>
Configure a trunk port switchport mode trunk
Verify VLAN assignments show vlan brief
Verify trunk status show interfaces trunk
Delete a VLAN no vlan <VLAN-ID>
Reset VLAN database delete flash:vlan. dat + reload

Trunking:
1. What is trunking, and why is it necessary in a multi-VLAN environment?
Trunking is a method used to allow multiple VLANs to pass through a single
network link between switches. In a multi-VLAN environment, VLANs are
isolated within a switch, meaning devices in different VLANs cannot
communicate unless traffic is routed or trunked between switches.
Why is trunking necessary?
• Allows multiple VLANs to communicate over a single physical
connection.
• Reduces cabling complexity by eliminating the need for separate
links for each VLAN.
• Ensures VLAN consistency across multiple switches in a network.
2.Trunking Protocols: 802.1Q vs. ISL :
Cisco switches support two trunking protocols:

Feature 802.1Q (IEEE Standard) ISL (Cisco Proprietary)

VLAN Tagging Uses an 802.1Q tag Encapsulates entire
inserted into Ethernet frame with an ISL
frames header
Native VLAN Supports a native VLAN No concept of native
(untagged traffic) VLAN (all frames are
encapsulated)
Compatibility Industry standard (used Only works on Cisco
on all switches) devices
Overhead dds 4-byte tag to the Adds 30-byte
frame encapsulation (higher
overhead)
Performance More efficient widely used More
 bandwidth
consumption, less used
today

802.1Q is the standard protocol used today because of its

interoperability with different vendors. ISL is mostly obsolete.

3. How does the 802.1Q trunking protocol work? What is VLAN tagging?
802.1Q adds a VLAN tag inside Ethernet frames to identify VLAN traffic on a
trunk link.
How VLAN tagging works:
1. When a switch sends a frame over a trunk port, it inserts an 802.1Q tag in
the Ethernet frame.
2. The receiving switch checks the VLAN ID in the tag and forwards the frame to
the appropriate VLAN.
3. If the VLAN is the native VLAN, no tag is added, and the frame is sent as is
(untagged).
Structure of an 802.1Q frame:
Field Size (Bytes) Description
Destination MAC 6 Target device’s MAC
address
Source MAC 6 Sender’s MAC address
Tag Protocol Identifier 2 Identifies 802.1Q
(TPID) tagging (value =
0x8100)
Priority Code Point (PCP) 3 bits QoS priority
Drop Eligible Indicator 1 bits Drop priority for
(DEI) congestion
VLAN ID 12 bits VLAN number (1-4094)
EtherType / Length 4 dentifies upper layer
protocol
Data Variable The actual payload
FCS (CRC) 4 Frame Check Sequence
(error detection)
The VLAN tag ensures that VLANs remain separate while sharing the
same trunk link.
4. How to configure a trunk port using switchport mode trunk?
To enable trunking on a switch interface, we use the following commands:
Switch(config)# interface FastEthernet 0/1
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk encapsulation dot1q
Switch(config-if)# exit

Encapsulation options:
• dot1q → Uses the 802.1Q tagging standard.
• isl → Uses ISL (only available on older Cisco switches).
• negotiate → Automatically selects the encapsulation type (default
on some models).
Example:
Switch(config)# interface GigabitEthernet 0/1
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk encapsulation dot1q
Switch(config-if)# switchport trunk allowed vlan 10,20,30
Switch(config-if)# switchport trunk native vlan 99
Switch(config-if)# exit

• Allows VLANs 10, 20, and 30 on the trunk.

• Sets VLAN 99 as the native VLAN (frames from VLAN 99 are not
tagged).

5. What is DTP (Dynamic Trunking Protocol)?

DTP (Dynamic Trunking Protocol) is a Cisco proprietary protocol used to
automatically negotiate trunk links between switches.
DTP Modes:
Mode Description
dynamic auto Passively waits for a trunk request.
(Default on most switches)
 dynamic desirable Actively tries to form a trunk if the
other side is auto or desirable.
trunk Forces the interface into trunk mode.
access Forces the interface into access mode
(no trunking).

Example: Allowing DTP to negotiate a trunk

Switch(config)# interface FastEthernet 0/1
Switch(config-if)# switchport mode dynamic desirable
Switch(config-if)# exit

Security Risks of DTP:

• A malicious device can exploit DTP to force a trunk and gain
access to all VLANs.
• Attackers can perform VLAN hopping attacks using DTP-enabled
ports.

How to mitigate DTP risks?

1. Disable DTP on trunk ports and set mode manually
Switch(config)# interface FastEthernet 0/1
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport nonegotiate
2. Use access mode on end-user ports
Switch(config)# interface FastEthernet 0/2
Switch(config-if)# switchport mode access
6. What command is used to display trunk configuration and status on a Cisco
switch?
To check trunk status and VLANs allowed on a trunk, use:
Switch# show interfaces trunk
Example Output:
Port Mode Encapsulation Status Native VLAN
Fa0/1 on 802.1q trunking 99
Port Vlans allowed on trunk
Fa0/1 10,20,30
To check VLAN membership on a trunk port:
Switch# show interfaces FastEthernet 0/1 switchport
Summary of Key Commands
Action Command
Enable trunking on a port switchport mode trunk
Set encapsulation type switchport trunk encapsulation dot1q
Allow specific VLANs on a trunk switchport trunk allowed vlan <VLANs>
Set a native VLAN switchport trunk native vlan <VLAN-ID>
Disable DTP on a trunk switchport nonegotiate
Verify trunk status show interfaces trunk
Check VLAN tagging on an interface show interfaces <interface> switchport

Inter-VLAN Routing:
1. What is inter-VLAN routing, and why is it needed for communication between
devices in different VLANs?
Inter-VLAN routing is the process that allows communication between devices in
different VLANs. By default, VLANs are isolated at Layer 2 (Data Link Layer),
meaning that devices in separate VLANs cannot communicate unless a Layer 3
device (router or Layer 3 switch) is used to forward traffic between them.
Why is inter-VLAN routing necessary?
• VLAN segmentation improves security and performance, but some
devices (e.g., servers, printers) need to communicate across
VLANs.
• Since VLANs function as separate subnets, they require routing to
exchange data.
• A Layer 3 device (router or Layer 3 switch) enables this
communication while maintaining VLAN isolation where needed.
2. Methods of Performing Inter-VLAN Routing
There are two main methods to implement inter-VLAN routing:
1. Router-on-a-Stick (Using a Router with a Trunk Port)
2. Layer 3 Switch (Using Switch Virtual Interfaces - SVIs)
Feature Router-on-a-Stick Layer 3 Switch (SVI)
 Device Used Router (Layer 3) Layer 3 Switch
Physical Ports Requires one trunk link Uses VLAN interfaces
between the router and (SVIs) within the switch
switch
Performance Slower (bottleneck due Faster (switch processes
to single interface) routing in hardware)
Configuration More complex, requires Easier, VLANs are
Complexity subinterfaces configured directly on
the switch
Scalability Limited, as all traffic Highly scalable, ideal for
passes through one enterprise networks
interface
Router-on-a-Stick is used for small networks, while Layer 3 Switch (SVI)
is preferred in larger networks for better performance.
3. Router-on-a-Stick Configuration (Inter-VLAN Routing with a Router)
A Router-on-a-Stick uses a single physical router interface configured as a trunk
to handle multiple VLANs.
Step 1: Enable trunking on the switch port connected to the router
Switch(config)# interface FastEthernet 0/1
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk encapsulation dot1q
Switch(config-if)# exit
Step 2: Configure subinterfaces on the router
Each VLAN needs a subinterface with an IP address.

Router(config)# interface GigabitEthernet 0/0

Router(config-if)# no shutdown
Router(config-if)# exit

Router(config)# interface GigabitEthernet 0/0.10

Router(config-subif)# encapsulation dot1Q 10
Router(config-subif)# ip address 192.168.10.1 255.255.255.0
Router(config-subif)# exit
Router(config)# interface GigabitEthernet 0/0.20
Router(config-subif)# encapsulation dot1Q 20
Router(config-subif)# ip address 192.168.20.1 255.255.255.0
Router(config-subif)# exit
Explanation:
• GigabitEthernet 0/0.10 → Subinterface for VLAN 10
• encapsulation dot1Q 10 → Enables 802.1Q tagging for VLAN 10
• ip address 192.168.10.1 255.255.255.0 → Assigns an IP to act as the
gateway
Step 3: Configure default gateways on PCs
Each PC should have its default gateway set to the router’s subinterface for its
VLAN.
Example for VLAN 10:
• PC IP: 192.168.10.2
• Subnet mask: 255.255.255.0
• Default gateway: 192.168.10.1
4. Inter-VLAN Routing with a Layer 3 Switch (SVI - Switch Virtual Interface)
A Layer 3 switch can route traffic without needing a router by using Switch
Virtual Interfaces (SVIs).
Advantages of using SVIs:
• No need for an external router.
• Faster routing (hardware-based instead of software-based).
• Easier to configure and scale.
Step 1: Enable Layer 3 capabilities on the switch
Switch(config)# ip routing
Step 2: Create SVIs for each VLAN and assign IP addresses
Switch(config)# interface Vlan10
Switch(config-if)# ip address 192.168.10.1 255.255.255.0
Switch(config-if)# no shutdown
Switch(config-if)# exit

Switch(config)# interface Vlan20

Switch(config-if)# ip address 192.168.20.1 255.255.255.0
Switch(config-if)# no shutdown
Switch(config-if)# exit
Step 3: Assign switch ports to VLANs
Switch(config)# interface FastEthernet 0/2
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
Switch(config-if)# exit
Switch(config)# interface FastEthernet 0/3
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 20
Switch(config-if)# exit
Step 4: Configure default gateways on PCs
Each PC should use the SVI IP address as its default gateway.
Example for VLAN 10:
• PC IP: 192.168.10.2
• Subnet mask: 255.255.255.0
• Default gateway: 192.168.10.1

Summary of Key Commands :

Action Router-on-a-Stick Layer 3 Switch (SVI)
Enable Trunk on Switch switchport mode trunk switchport mode trunk
Enable Routing Not needed (router does ip routing
it)
Configure VLAN interface interface Vlan<VLAN-
Interface interface GigabitEthernet ID>
0/0.<VLAN-ID>
Assign IP Address ip ip address <IP> ip address <IP>
address <Subnet> <Subnet>
Enable Interface No shutdown needed no shutdown
Assign Ports to VLAN switchport access vlan switchport access vlan
<VLAN-ID> <VLAN-ID>
B. Packet Tracer Implementation
We configured a VLAN on the switch to segment the network and optimize
traffic management. To do this, we entered configuration mode using the
configure terminal command, then created VLAN 10 with vlan 10 and
assigned it the name “VLAN10” using the name VLAN10 command. Finally,
we exited VLAN configuration mode with exit.

We configured the FastEthernet0/6 interface in access mode and assigned it

to VLAN 10 to ensure network segmentation. Then, we accessed the
FastEthernet0/1 interface and configured it in trunk mode to allow
communication between VLANs through the switch. After applying the
configurations, we observed protocol messages indicating the status of the
interfaces, confirming that the trunk link was successfully activated

We configured VLAN 1 by assigning it the IP address 192.168.10.11 with a

subnet mask of 255.255.255.0 to enable network management access. Then,
we executed the no shutdown command to activate the VLAN interface,
ensuring its operational state. The system messages confirmed that the
VLAN 1 interface changed to an up state, indicating successful activation.

We configured VLANs on the switch by creating VLAN 10 and VLAN 20,

assigning them the names VLAN10 and VLAN20, respectively. This ensures
logical segmentation of the network, allowing devices within the same VLAN
to communicate efficiently while isolating traffic between different VLANs.
After configuring each VLAN, we exited the VLAN configuration mode to
apply the changes

We configured FastEthernet0/11 as an access port and assigned it to VLAN

10. This ensures that any device connected to this port will be part of VLAN
10 and will only communicate with other devices in the same VLAN. The
switchport mode access command sets the port as a dedicated access port,
preventing it from dynamically negotiating a trunk connection. Once
configured, we exited the interface configuration mode to apply the
changes.

We configured FastEthernet0/18 as an access port and assigned it to VLAN

20. This ensures that any device connected to this port will be part of VLAN
20 and will only communicate with other devices in the same VLAN. The
switchport mode access command designates the port as a static access port,
preventing it from negotiating as a trunk. After configuring the port, we
exited the interface configuration mode to apply the changes.
We configured FastEthernet0/1 as a trunk port using the switchport mode
trunk command. This allows the port to carry traffic from multiple VLANs
between switches, ensuring proper VLAN communication across the network.
After applying the configuration, we exited the interface mode to finalize the
changes.

We assigned an IP address 192.168.20.12/24 to VLAN 1 on the switch using

the ip address command. This configuration allows remote management of
the switch through VLAN 1. The no shutdown command was used to bring
the interface up, enabling connectivity. The status message confirms that
VLAN 1 has been successfully activated.

We configured the PC-C with a static IP address (192.168.20.3/24) and set

the default gateway to 192.168.20.1. This ensures that PC-C is correctly
assigned to VLAN 20 and can communicate with other devices within the
network. The subnet mask (255.255.255.0) defines the network boundary,
allowing proper IP communication.
We configured PC-A with a static IP address (192.168.10.3/24) and set the
default gateway to 192.168.10.1. This configuration ensures that PC-A is
correctly assigned to VLAN 10 and can communicate within its subnet. The
subnet mask (255.255.255.0) defines the network range, enabling proper
communication within VLAN 10.

We configured PC-B with a static IP address (192.168.10.4/24) and set the

default gateway to 192.168.10.1. This setup ensures that PC-B belongs to
VLAN 10 and can communicate within the same subnet. The subnet mask
(255.255.255.0) defines the network range, allowing proper communication
between devices in VLAN 10.

We have successfully built the network topology as per the lab instructions.
The topology consists of two 2960-24TT switches (S1 and S2), three PCs (PC-
A, PC-B, and PC-C), and designated VLANs (VLAN10 and VLAN20).

• PC-A and PC-B are assigned to VLAN10, ensuring they communicate

within the same VLAN.
  PC-C is assigned to VLAN20, creating a separate broadcast domain.
• Fa0/6 and Fa0/11 are configured as access ports for VLAN10, and Fa0/18
is configured as an access port for VLAN20.
• The connection between S1 and S2 (Fa0/1 on both switches) is set as a
trunk port to allow VLAN communication between switches.

This configuration ensures proper segmentation and prepares the network for
inter-VLAN communication using a Layer 3 device.

For this step, we verified the VLAN configurations on the switch using the
command show vlan brief. This allowed us to confirm that VLAN10 and
VLAN20 were successfully created and assigned to their respective ports. The
output displayed the active VLANs along with the interfaces associated with
each VLAN. We ensured that the correct ports were assigned to VLAN10 and
VLAN20 and that the trunk port was configured appropriately. This
verification step was essential to confirm that the VLANs were correctly
implemented before proceeding with further connectivity tests.
we executed the show vlan brief command to verify the VLAN configuration
on the switch. The output confirmed that VLAN10 was successfully created
and assigned to port Fa0/6, while the default VLAN1 remained active with
multiple ports. This step was crucial to ensure that VLAN segmentation was
correctly implemented before proceeding with trunk configuration and
connectivity testing. The presence of VLAN10 in the list indicates that the
configuration was applied successfully

we executed the show interfaces trunk command to verify the trunk

configuration on the switch. The output confirms that FastEthernet0/1 is in
trunking mode with 802.1Q encapsulation. The allowed VLANs on the trunk
include VLAN1, VLAN10, and VLAN20, ensuring that traffic from these VLANs
can traverse the trunk link. This verification is crucial to confirm that inter-
switch communication is correctly established and that VLANs are properly
propagated across the network.
 we performed a ping test to verify connectivity between devices within the
network. The test was conducted from one PC to another using the command
ping 192.168.10.4. The results indicate successful communication, as all four
packets sent were received with 0% packet loss. The response time was
minimal, confirming that the network configuration, including VLAN
assignments, trunking, and inter-switch communication, is functioning
correctly. This validates that devices within the same VLAN can communicate
seamlessly.

Conclusion :
Through the implementation of VLANs and trunking in Packet Tracer, we
successfully segmented the network to improve security, efficiency, and
manageability. We created VLANs, assigned switch ports accordingly, and
configured trunk links to enable VLAN communication across multiple switches.
The configuration was verified using commands like show vlan brief, show
interfaces trunk, and ping, confirming the correct setup of VLANs and trunking.
The successful pings between devices within the same VLAN demonstrated
proper VLAN segmentation, while the failure of inter-VLAN communication
highlighted the need for inter-VLAN routing. Overall, this exercise reinforced the
importance of VLANs in modern networking, demonstrating how they minimize
broadcast domains and enhance network performance. The hands-on
troubleshooting process provided deeper insights into VLAN misconfigurations
and the significance of trunking for inter-switch communication