Why we are using VLANS

 To reduce scope of broadcast domain

 Security

VLAN (Virtual Local Area Network)

 It is used to break one broadcast at layer 2.
 Logically divide one broadcast domain into multiple broadcast domains.
 It means one vlan define one broadcast domain.
 Vlans are used for switch virtualization. By configuring Vlans, you can create multiple
virtual switches out of a physical switch.
 Represent in decimal form
 Vlan id = 12 bits = 2^12= 4096 (0-4095)
 0 and 4095 reserved
 VLAN 0 is reserved for 802.1P traffic and cannot be modified or deleted

Normal Vlans / Standard Vlans

 Use in Enterprise Network

 Range (1-1005)
 Usable Vlans = in which user can be assigned.
o 1-1001
 Unused Vlans = Parents Vlans
o 1002FDDI
o 1003Token Ring
o 1004FDDI-Net
o 1005Token Ring-Net
o For backward Compatibity
 Default Vlan = Vlan 1
o By default, all ports are members of vlan 1
o This vlan cannot be deleted , modified(rename)
 One vlan = One broadcast Domain.
 All Vlans database are stored in flash memory in the name of “Vlan.dat” in flash
memory.
  Vlanmtu by default =1500 bytes

Vlan states

 Active (Default)
o Data forwarding can be done for that vlan.
 Shutdown
o Will stop data forwarding for a vlan on a local switch.
 Suspend
o Will stop forwarding for a vlan in entire VTP domain.
o Switch(config-vlan)#state suspend
 Inactive
o Any ports assigned into a vlan but that vlan is not available in vlan database.
o Switch#show interfaces fa1/0/1 switchport ( to check inactive )

How to create Vlan

 Switch(Config)#Vlan 10
 Switch(Config-vlan)#name sales
 Switch# Show vlan brief
 Switch(Config)#no Vlan 10( delete vlan )

How to assign port to any vlan

 Static vlan assignment:

 Switch(Config-if)Switchport access vlan 10
 Switch #Show vlan brief
 Switch #Show vlan id 10
 Switch#show interface fastethernet 1/0/1 switchport
Vlan design Implementation

1) Local Vlans
a. Ports of a vlan which are available on one switch only.
2) End to End Vlans
a. Ports of a vlan which are available on two or more switches.

Extended Vlans
o Use In ISP Networks
o Range ( 1006-4094)
 No Switchport
o To make Layer 2 port into Layer 3 port on switch

Vlan allocation Policy

o In order to make any Port on Layer 3, the switch automatically assigns that port
into one extended range of vlan
o If any extended vlan is available in local vlan database then next available
extended vlan will be assigned to the port to separate it from other broadcast
domain.
o Ascending (Default)  Start from 1006
o Descending start from 4094

Switchport
 Ports which transmit data on the basis of layer 2 address are called
Switchport.
 By default all interfaces of a switch are operating in layer 2 mode known
as Switchport.
 There are 2 types of Switchport.
o Access Port
  Access Port is a member of one vlan.
 It is transmit only one vlan traffic.
o Trunk Port
 Trunk Ports are members of all Vlans.
 It can transmit multiple vlan traffic at the same time.
 Tag can be transmitted only a single collision domain and that too
over trunk link only.
 Retagging
o In order to perform retagging on transitory switches (switch which receives
tag on one port and needs to forward on another trunk port), that switch
must have that vlan in vlan database.
 All transitory switches should have Vlans available for retagging no matter that
switch has any access port for that vlan or not.

Tag / Frame encapsulation

ISL (Inter Switch Link) Dot1q (802.1q)

1) Cisco Proprietary
2) External Tagging
3) ISL tag
 Header 26 bytes
 Trailer 4 bytes
Total 30 byte data
4) By default on every cisco
switches(L3) ISL is
supported
5) Max frame size= 1522
Packet size = 1500 bytes
+18 bytes
+30 bytes
=1548 bytes (Giants)
Max frame size = 1522
- 30 bytes
Open Standard(IEEE)
Internal Tagging
Dot tag 4 byte
Always support on open vendor
devices as well as cisco
Max packet size =1500 bytes
+ 18 bytes (ethernet
Header)
+ 4 bytes Dot1q
1522 bytes
Dot1q header 4 bytes
 2 bytesTPID (tag Protocols
ID)
 - 18 bytes o Always dot1q (0x8100)
- 1474 bytes  2 bytesTCI(Tag Control
(Mtu) Information)16 bits
 12 bits(vlan id)
6)It does not Support o 4 bits
native vlan  3bits(Priority)COS
o For native Vlan tag  Class of service
will be attached  To provide QOS at
layer 2
 1 bit (CFI)( Canonical
Format Indicator )
 It support native vlan

Native Vlan

 It is used to send frames over the trunk link on untagged.

 To send untagged traffic for that vlan this has max number of users.
 To reduce CPU/BW utilization.
 One trunk port can have only one native vlan configured.
 One trunk link should same native vlan.
o CDP is used to carry NV Vlan information; if NV is mismatched then it will only
give you a log but will not block the traffic.
o STP (BPDU) also carries NV information; if NV is mismatched then it will block the
traffic completely.(Inconsistent )
 Vlan which you configured should be present in vlan table.
 If CDP is disabled, native vlan mismatch cannot be detected.
 Physical Interface of router does not support tag.
 How to create native vlan on trunk
 Switch(config-if)switchport trunk native vlan 2