Cisco 3 - LAN

Chapter 8

The

VLAN

Perrine / Brierley

05/27/15

Page 1

Cisco 3 - LAN

Chapter 8

VLAN
VLAN:
is a logical grouping
grouped by:
function
department
application
VLAN configuration is done by
software.
Perrine / Brierley

05/27/15

Page 2

Cisco 3 - LAN

Chapter 8

Typically in LAN configuration, users are grouped

based on their location in relation to the HUB they are
connected to.
MacintoshSE

HUB

MacintoshSE

Sales
MacintoshSE

MacintoshSE

MacintoshSE

HUB
MacintoshSE

Design

MacintoshSE

Perrine / Brierley

05/27/15

Page 3

Cisco 3 - LAN

Chapter 8

VLAN implementations offered a port-mapping that

establishes a broadcast domain between default
group of devices.
MacintoshSE

Switch
MacintoshSE

MacintoshSE

2nd floor

MacintoshSE

1st floor
Switch

MacintoshSE

MacintoshSE

Admin

Perrine / Brierley

05/27/15

Students

Instructors

Page 4

Cisco 3 - LAN

Chapter 8

Traditionally, the role of a router is to provide

firewall
broadcast management
route processing & distribution
Routers are used to properly communicate between
different VLANs. Use the routers as your backbone to
transmit information at high bandwidth among your VLAN
switches.
Routers in VLAN topologies provide
broadcast filtering
security
traffic flow management

Perrine / Brierley

05/27/15

Page 5

Cisco 3 - LAN

Chapter 8

Properties of VLANs:
VLANs work at layer 2 & 3 of OSI model
Communications between VLANs is by layer 3
routing
VLANs provide a method of controlling network
broadcast
Network administrator assigns users to VLAN
VLANs can increase network security by defining
which network nodes can communicate with each
other
A VLAN is a broadcast domain that one or more
switches
create.
05/27/15
Perrine
/ Brierley

Page 6

Cisco 3 - LAN

Chapter 8

VLAN implementations offered a port-mapping that

establishes a broadcast domain between default
group of devices.
MacintoshSE

Switch
MacintoshSE

MacintoshSE

2nd floor

MacintoshSE

1st floor
Switch

MacintoshSE

MacintoshSE

Broadcast
domain
Admin

Perrine / Brierley

05/27/15

Broadcast
domain
Students

Broadcast
domain
Instructors

Page 7

Cisco 3 - LAN

Chapter 8

VLAN Operation
Ports that are assigned to the same VLAN share broadcasts.
Ports that do not belong to that VLAN do not share these broadcast.
There are two (2) methods in which to create VLANs:
1. Static VLANs
This method is also referred to a port-based membership. As a
device is connected to the network, it automatically assumes
the VLAN of that port
2. Dynamic VLANs
Dynamic VLANs are created through the use of software
packages such as CiscoWorks 2000. With a VLAN
Management Policy Server (VMPS), you can assign switch
ports to VLANs dynamically based on the source MAC address
of the device that is connected to the port.
Perrine / Brierley

05/27/15

Page 8

Cisco 3 - LAN

Chapter 8

Static VLAN

The default VLAN for every port in the switch is

VLAN1, or the management VLAN.
The management VLAN cannot be deleted; however,
additional VLANs can be created and ports can be
reassigned to these alternate VLANs.
A router is used to switch between different VLANs.
Hence, each VLAN should have a unique Layer 3
network or subnet address assigned.

Perrine / Brierley

05/27/15

Page 9

Cisco 3 - LAN

Chapter 8

Advantages of VLANs:
reduce administration costs related to solving problems associated
with moves, additions & changes
20%-40% of the workforce physically moves each year
one can move the node to a new location without changing its
IP / subnet address by plugging the node into port for that VLAN
controls broadcast activity
provide workgroup & network security
save money by keeping their HUBs and connecting them to
switches i.e. dont have to throw away the HUBs.
The goal of the end-to-end VLANs, is to maintain the 80/20 traffic flow
rule 80% of the traffic on the local VLAN, and 20% on a remote VLAN.
Perrine / Brierley

05/27/15

Page 10

Cisco 3 - LAN

Chapter 8

Broadcast:
Switches (not talking about VLANs here) create smaller collision
domains, but they do not create smaller broadcast domains. Hence
use routers which dont propagate broadcasts.
Though by setting up the different VLANs on a switch, one can control
the broadcast messaging from one VLAN to another.
Security:
restrict the number of users in a VLAN group
prevent another user from joining without first receiving approval
from the VLAN network administrator
configure all unused ports to a default low-service VLAN
adding access list in the router

Perrine / Brierley

05/27/15

Page 11

Cisco 3 - LAN

Chapter 8

Using Hubs with VLANs

Each hub segment that is connected to a

switch port can be assigned to only one
VLAN.
All stations that share a hub segment
become members of the same VLAN
group.
Perrine / Brierley

05/27/15

Page 12

Cisco 3 - LAN

Chapter 8

VLAN Types
Port-based VLANs (static):
nodes connected to ports in the same VLAN have same VLAN ID.
users are assigned by port
MAC address-based VLANs (dynamic):
VLAN Management Policy Server (VMPS)
are ports on a switch that can automatically determine their VLAN
assignments
Protocol-based VLANs (dynamic):
are ports on a switch that can automatically determine their VLAN
assignments
functions are based on:
logical addressing
protocol type

Perrine / Brierley

05/27/15

Page 13

Cisco 3 - LAN

Chapter 8

VLAN Frame Identification

With multiswitch VLANs, the frame headers are
encapsulated or modified to reflect a VLAN ID before
the frame is sent onto the link between the switches.
Multiple trunking methodologies include:
IEEE 802.1q
ISL (Inter-Switch Link Protocol)
802.10
LANE (LAN Emulation)
Perrine / Brierley

05/27/15

Page 14

Cisco 3 - LAN

Chapter 8

The most common approach for logically

grouping users into distinct VLAN:
Frame Filtering
filtering table is developed. Can be based
on
MAC
protocol
each frame is examined
depending on the filter table sends the
frame out the designated port
Perrine / Brierley

05/27/15

Page 15

Cisco 3 - LAN

Chapter 8

Frame Identification
unique VLAN ID is assigned to each
VLAN in the switch
the tagged frame travels the backbone
among switches
when the frame exits the switch on nonbackbone, the identifier is removed

Perrine / Brierley

this technique is chosen by IEEE (IEEE

802.1q)gaining as the standard
trunking mechanism function at layer
05/27/15
Page 16
2

Cisco 3 - LAN

Chapter 8

Packet with VLANID, added by the switch

MacintoshSE

VLAN2

Switch
MacintoshSE

MacintoshSE

2nd floor

Backbone
MacintoshSE

1st floor
Switch

MacintoshSE

MacintoshSE

VLAN2
VLAN1

VLAN2

VLAN3

VLANID is removed by the switch

before sending to the target host.

Perrine / Brierley

05/27/15

Page 17

Cisco 3 - LAN

Chapter 8

Inter-Switch Link Protocol

ISL is a Cisco proprietary encapsulation protocol that
interconnects multiple switches.

FDDI 802.10
Is a Cisco proprietary method of transporting VLAN
information inside the standard IEEE 802.10 frame for
Fiber Distributed Data Interface (FDDI).

Perrine / Brierley

05/27/15

Page 18

Cisco 3 - LAN

Chapter 8

LAN Emulation (LANE)

LANE is a standard defined by the ATM Forum that
gives two stations attached via ATM the same
capabilities they normally have if they are LANs such as
Ethernet or Token Ring.
The function of the LANE protocol is to emulate a LAN
on top of ATM network.
That is, the LANE protocols make an ATM network look
and behave like an Ethernet or Token Ring LAN.

Perrine / Brierley

05/27/15

Page 19

Cisco 3 - LAN

Chapter 8

FACTS
VLAN makes up a switched network that is logically segmented
by functions, project teams or applications, without regard to the
physical location of users.
Each switch port can be assigned to a VLAN.
Ports assigned to the same VLAN share broadcasts.
So VLANs are used to create broadcast domains.
VLAN implementation methods used to assign a switch port to a
VLAN:
port-centric
static
dynamic
Perrine / Brierley

05/27/15

Page 20

Cisco 3 - LAN

Chapter 8
MacintoshSE

Switch
MacintoshSE

MacintoshSE

2nd floor

MacintoshSE

1st floor
Switch

MacintoshSE

MacintoshSE

Admin

Students

Instructors

Only the devices on the same VLAN contend with collisions. Hence
broadcast traffic within one VLAN is not transmitted outside the VLAN.
Perrine / Brierley

05/27/15

Page 21

Cisco 3 - LAN

Chapter 8

NOTE:

For configuring static VLANs on Cisco 29xx

switches:
max number of VLANs is switch dependent & is
limited by the number of ports on the switch.
VLAN1 is one of the factory-default VLANs
VLAN1 is the default Ethernet VLAN
Cisco Discovery Protocol (CDP) & VLAN
Trunking Protocol (VTP) advertisements are sent
on VLAN1.
Perrine / Brierley

05/27/15

Page 22

Cisco 3 - LAN

Chapter 8

NOTEs:

Some encapsulation protocol, such as 802.1q

or ISL, must be configured on all switch
trunks that participate in the VLAN.
commands for configuring VLANs vary by
model number.
the catalyst 29xx IP address is in the
VLAN1 broadcast domain.
switch must be in VTP server mode to
create, add, or delete VLANs.
Perrine / Brierley

05/27/15

Page 23

Cisco 3 - LAN

MacintoshSE

Chapter 8

MacintoshSE
MacintoshSE

MacintoshSE

MacintoshSE
MacintoshSE

MacintoshSE
MacintoshSE

For non-VLAN configuration, switches makes smaller

collision domain. However, they do not make smaller
broadcast domains. A broadcast messages is sent to all
the devices connected to the switch.
Perrine / Brierley

05/27/15

Page 24

Cisco 3 - LAN

Chapter 8
Non-VLAN

MacintoshSE

Switch A

MacintoshSE

MacintoshSE

Router

MacintoshSE

MacintoshSE

Switch B
MacintoshSE

MacintoshSE

Use routers to reduce the broadcast of messages. A

broadcast on Switch A is broadcast to all of its users, but is
not broadcasted to Switch B (because the router wont send
it onto Switch B!)
Perrine / Brierley

05/27/15

Page 25

Cisco 3 - LAN

Chapter 8
PSTN

Local Office
Toll Office
Tandem

Class 5
Class 4
Class 3

Local Office
Tandem Office
Toll Office

Toll Office

Trunk

Line

Local Loop
Demarc
Perrine / Brierley

PSTN (Public Switched Telephone Network)

05/27/15

Page 26

Cisco 3 - LAN

Chapter 8

Troubleshooting
Switch#show vlan
Switch#show vlan brief
Switch#show spanning-tree
Switch#Show interface
PSTN (Public Switched Telephone Network)

Perrine / Brierley

05/27/15

Page 27