Scribd
Upload
49 views107 pages

Vlan

This document provides information on networking concepts such as VLANs, trunking, and inter-VLAN routing. It defines VLANs as logical groupings of network users and resources that create separate broadcast domains. Trunking is described as carrying traffic from multiple VLANs over a single link using tagging. The document also discusses how layer 3 switches or multilayer switches can perform inter-VLAN routing using switch virtual interfaces (SVIs).

Uploaded by

Guy Claudio Ananfack
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
49 views107 pages

Vlan

This document provides information on networking concepts such as VLANs, trunking, and inter-VLAN routing. It defines VLANs as logical groupings of network users and resources that create separate broadcast domains. Trunking is described as carrying traffic from multiple VLANs over a single link using tagging. The document also discusses how layer 3 switches or multilayer switches can perform inter-VLAN routing using switch virtual interfaces (SVIs).

Uploaded by

Guy Claudio Ananfack
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 107

+

VLAN
+
NOTIONS
+
NOTIONS
# show ip interface brief
+

# Show interfaces status


+
configuration
+
configuration

 > enable

 #conf t

 (config)# inter fa0/1

 (config-if)# description …………..

 (config-if)# speed ……………..

 (config-if)#duplex ……………….
+
configuration

 > enable

 #conf t

 (config)# interface range fa0/1-9 ou fa0/1,fa0/5,fa0/10

 (config-if-range)#
+
Full / Half Duplex

 Half duplex means the device can not send and receive data at the same time. If it is
receiving a frame, it must wait before sending a frame.

 Full duplex means the device can send and receive data at the same time.
+
+
+
+
+
+
+
+
CSMA/CD

 CSMA/CD stand for Carrier Sense Multiple Access with Collision Detection.

 Describe how devices avoid collision in the half duplex situation.

 Before sending frames, devices listen to the collision domain until they detect that
other devices are not sending.

 If a collision does occur, the device sends a jamming signal to inform the other
devices that a collision happened

 Each device will wait a random period of time before sending frames again.

 The process repeats.


+
+
+

 Devices attached to the Hub must operate in Half duplex.

 Devices attached to the Switch can operate in Full duplex


+
Speed / Duplex Autonegotiation

 Interfaces that can run at different speed (10/100 or 10/100/1000) have default setting
of speed auto and duplex auto.

 Interfaces advertise their capabilities to the neighboring device, and they negotiate
the best speed and duplex settings they are both capable of.
+
+
+

 What if autonegotiation is disabled on the device connected to the switch ?

 Speed: the switch will try to sense the speed that the other device is operating at.
 If if fails to sense the speed, it will use the slowest supported speed (ie. 10 Mbps on a
10/100/1000 interface).

 Duplex: if the speed is 10 or 100 Mbps, the switch will use Half duplex.

 if the speed is 1000 Mbps or greater, use Full duplex.


+
+
+
VLAN
+

 LAN (Local Area Network): is a group of devices (PCs, severs, routers, switchs…) in
a single location(home, office, etc…).

 A more specific definition: a LAN is a single broadcast domain, including all devices in
that broadcast domain.

 Broadcast domain: is the group of devices which will receive a broadcast frame
(destination MAC FFFF.FFFF.FFFF) sent by any one of the members.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
VLAN

 VLAN means Virtual Local Area Network.

 We break up broadcast domain by creating a VLAN.

 VLAN is a logical grouping of network users and resources connected to


administratively defined ports on a switch.

 VLAN is treated like its own subnet or broadcast domain, meaning that frames
broacast onto the network are only switched between the ports logically grouped
within the same VLAN.
+

 By default, hosts in a specific VLAN cannot communicate with hosts that are
members of another VLAN, so if you want inter-VLAN communication, the answer is
that you still need a router.

 You can solve many of the problems associated with a layer 2 switching with VLANs.
Here is a short list of ways VLANs simplify network management.
 Network adds, moves, and changes are achieved with easy by just configuring a port into the
appropriate VLAN.
+

 A group of users that need an unusually high level of security can be put into its
own VLAN so that users outside of the VLAN can’t communicate with them.
 VLANs increase the number of broadcast domain while descreasing their size.
+
+
+
+
+
CONFIGURATION

 > enable

 # show vlan brief

 # conf t

 (config)# vlan 10

 (config-vlan)# name ……..


+

 (config)# interface Fa0/1

 (config-if)# switchport mode access

 (config-if)# switchport access vlan 10

 An access port is a switchport which belongs to a single VLAN, and usually connects
to end hosts like PCs.
+
TRUNK
+
TRUNK
+
Inter-VLAN Routing
+
+
+
+
+
+
+

 In a small network with a few VLANs, it is possible to use separate


interface for each VLAN when connecting switches to switches and
switches to routers.

 However, when the number of VLANs increases, this is not viable. It will
result in wasted interfaces, and often routers won’t have enough
interfaces for each VLAN.

 You can use Trunk Ports to carry from multiple VLANs over a single
interface.
+
+
+
+
+

How SW1 does to know which VLAN traffic


belogs to.
+

Trunk ports = tagged ports

Access ports = untagged ports


+
VLAN Tagging

 There are two main Trunking protocols : ISL (Inter-Switch Link) and IEEE 802.1Q.

 ISL it is an old Cisco proprietary protocol created before the industry standard IEEE
802.1Q.

 IEEE Institute of Electrical and Electonics Engineers.


+
+
+
+
+
+
TPID

 TPID tag protocol indentifier

 16 bits (2bytes) in length.

 Always set to a value of 0X8100 (hexadecimal). This indicates that the


frame is 802.1Q-tagged.
+
TCI

 PCP Priority Code Point

 3 bits in length.

 Used for class of service (CoS), which prioritizes important traffic in congested
networks.
+

 DEI Drop Eligible Indicator

1 bit in lenght

 Used to indicate frames that can be dropped if the network is


congested.
+

 VID Vlan ID

 12 bits in length.

 Identifies the VLAN the frame belongs to.

 12 bits in length = 4096 total VLANs (212 ), range of 0 – 4095.

 VLANs 0 and 4095 are reserved and can be used.

 Therefore, the actual range of VLANs is 1 – 4094.


+
VLAN ranges

 The range of VLANs (1 – 4094) is divided into two sections:


 Nomal VLANs 1 – 1005
 Extended VLANs 1006 – 4094.

 Some older devices cannot use the extended VLAN range, however it’s
safe to expect that modern switches will support the extended VLAN
range.
+
+
+
+
Native VLAN

 802.1Q has a feature called the native VLAN. ISL does not have this feature.

 The native VLAN is VLAN 1 by default on all trunk ports, however this is can be
manually configurated on each trunk port.

 The swith does not add an 802.1Q tag to frames in the native VLAN.

 When a switch receives an untagged frame on a trunk port, it assumes the frame
belongs to the native VLAN.

 It’s very important that the native VLAN matches


+
+
+
+
+
+
+
+
+
Trunk configuration
+

> enable

# conf t

 (config) # interface g0/1

 (config-if) # switchport mode trunk

 (config-if) # switchport trunk encapsulation « dot1q or ISL »

 (config-if) # switchport trunk native vlan …….


+

 # show interfaces trunk


+

 (config-if)#switchport trunk allowed vlan …..


+
Router On A Stick (ROAS)
+
+

 (config)# interface G0/0

 (config-if)# no shutdown

 (config-if)#interface G0/0.10

 (config-subif)# encapsulation dot1q « number of vlan »

 (config-subif)# ip address
+

 ROAS is used to route between multiple VLANs using a single interface on a router and switch.

 A switch interface is configured as a regular trunk.

 The router interface is configured using subinterfaces. You configure the VLAN tag and IP address on
each subinterface.

 The router will behave as if frames arriving with a certain VLAN tag have arrived on the subinterface
configured with that VLAN tag.

 The router will tag frames sent out of each subinterface with the VLAN tag configured on the
subinterface.
+
+
Native VLAN on a router (ROAS)
 There are 2 methods of configuring the native VLAN on a router:
 Use the command encapsulation dot1q vlan-id native on the router
subinterface.
 (config-if)#interface G0/0.10
 (config-subif)# encapsulation dot1q « number of vlan » native

 Configure the ip address for the native VLAN on the router’s physical interface
(the encapsulation dot1q vlan-id native command is not necessary).
 (config)#interface G0/1
 (config-if)# ip address ……….
+ LAYER 3 SWITCHES OR
MULTILAYER SWITCHES
+

 Layer 3 switch is capable of both switching and routing.

 You can assign IP addresses on its interfaces, like a router.

 You can create virtual interfaces for each VLAN, and assign IP addresses on
those interfaces.

 You can configure routes.

 It can be used for inter-VLAN routing.


+
Inter-VLAN routing via SVI
+
Inter-VLAN routing via SVI
+
Inter-VLAN routing via SVI

 SVI (switch virtual interface) is a virtual interface you can assign IP address to in a
multilayer switch.

 Configure each PC to use the SVI as their default gateway.

 To send traffic to different subnets/VLANs, the PCs will send traffic to the switch, and
the switch will route the traffic.
+
+
Configuration

> enable
# conf t
# IP routing

 (config)#interface G0/1

 (config-if)# no switchport

 (config-if)# ip address ……….


+

 SVI configuration

 (config)# interface vlan10

 (config-if)#ip address ………..

 (config-if)# no shutdown
+

MERCI !!!!!!

You might also like