Vlan Cisco

VLANS
Chapter 7
Extending Switched
Networks with Virtual
LANs
1999, Cisco Systems, Inc.
7-1
Objectives
Upon completion of this chapter, you will be able to
perform the following tasks:
Configure a VLAN
Configure VLAN Trunking Protocol (VTP)
Configure a switch for trunking
Verify VLAN connectivity
Verify spanning-tree operations
www.cisco.com
ICND7-2
VLAN Overview
Segmentation
3rd floor
2nd floor
1st floor
Flexibility
SALES
HR
ENG
Security
A VLAN = A broadcast domain = Logical network (subnet)

www.cisco.com
ICND7-3
VLAN Operations
Switch A
Red
VLAN
Black
VLAN
Green
VLAN
Each logical VLAN is like a separate physical bridge
www.cisco.com
ICND7-4
VLAN Operations
Switch A
Red
VLAN
Black
VLAN
Switch B
Green
VLAN
Red
VLAN
Black
VLAN
Green
VLAN

VLANs can span across multiple switches
www.cisco.com
ICND7-5
VLAN Operations
Switch A
Switch B
Trunk
Fast Ethernet
Red
VLAN
Black
VLAN
Green
VLAN
Red
VLAN
Black
VLAN
Green
VLAN

VLANs can span across multiple switches
Trunks carries traffic for multiple VLANs
www.cisco.com
ICND7-6
VLAN Membership Modes

Static VLAN
Dynamic VLAN
Trunk
Port e0/4
Port e0/9
VLAN5
VLAN10
VMPS
1111.1111.1111 = vlan 10
MAC = 1111.1111.1111
www.cisco.com
ICND7-7
ISL Tagging
ISL trunks enable VLANs across a backbone
Performed with ASIC
VLAN Tag added

by incoming
port
Not intrusive to client

stations, client does not see
the ISL header
Inter-Switch
Link carries
VLAN identifier
Effective between switches,

routers and switches,
switches and servers with
ISL network interface cards
VLAN Tag
stripped by
forwarding port
www.cisco.com
ICND7-8
ISL Encapsulation
ISL Header
26 bytes
DA
Type User
Encapsulated Ethernet frame
CRC
4 bytes
SA LEN AAAA03 HSA VLAN BPDU

BPDU INDEX RES
VLAN
BPDU
Frames encapsulated with ISL header and CRC

Support for many VLANs (1024)
VLAN field
BPDU bit
www.cisco.com
ICND7-9
VLAN Trunking Protocol (VTP)

A messaging system that advertises VLAN configuration information
Maintains VLAN configuration consistency throughout a common
administrative domain
VTP sends advertisements on trunk ports only
Support mixed media trunks (Fast Ethernet, FDDI, ATM)
VTP Domain ICND
3.Sync to the latest vlan information
www.cisco.com
1.new vlan added

ICND7-10
VTP Modes
Create vlans
Modify vlans
Delete vlans
Sends/forwards
advertisements
Synchronize
Saved in NVRAM
Server
Sends/forwards
advertisements
Synchronize
Not saved in
NVRAM
Client
Transparent
www.cisco.com
Create vlans
Modify vlans
Delete vlans
Forwards
advertisements
Does not
synchronize
Saved in NVRAM
ICND7-11
How VTP Works

VTP advertisements are sent as multicast frames
VTP servers and clients synchronized to latest revision number
VTP advertisement are sent every five minutes or when there is a change
www.cisco.com
ICND7-12
How VTP Works

VTP advertisements are sent as multicast frames
VTP servers and clients synchronized to latest revision number
VTP advertisement are sent every five minutes or when there is a change
1.Add new VLAN
2.Rev 3 --> Rev 4
Server
4.Rev 3 --> Rev 4

5.Sync new vlan info
4.Rev 3 --> Rev 4

5.Sync new vlan info
Client
Client
www.cisco.com
ICND7-13
VTP Pruning
Increases available bandwidth by reducing unnecessary flooded traffic
Example: Station A sends broadcast, broadcast is only flooded toward

any switch with ports assigned to the red VLAN
Port 2
Switch 4
Flooded
traffic is
pruned
Switch 2
Red
VLAN
Switch 5
Port 1
Switch 6
Switch 3
www.cisco.com
Switch 1
ICND7-14
VLAN Configuration
Guidelines
Maximum number of VLANs is switch-dependent

Catalyst 1900 supports 64 VLANs with a separate spanning tree per VLAN
VLAN1 is One of the factory default VLANs
CDP and VTP advertisements are sent on VLAN1
Catalyst 1900 IP address is in the VLAN1 broadcast domain
Must be in VTP server or transparent mode to create, add, or delete VLANs
www.cisco.com
ICND7-15
VLAN Configuration Steps

Enable VTP (optional)
Enable trunking
Create VLANs
Assign VLAN to ports
www.cisco.com
ICND7-16
VTP Configuration Guidelines

VTP domain name
VTP mode (server/client/transparent)VTP
server mode is the default
VTP pruning
VTP password
VTP trap
Use caution when adding a new switch into an existing domain.
A new switch should be added in client mode to prevent the new
switch from propagating incorrect VLANs information
Use the delete vtp command to reset the VTP revision number
www.cisco.com
ICND7-17
Creating a VTP Domain

wg_sw_a(config)#
vtp[server|transparent][domaindomainname][trap{enable|disable}]
[passwordpassword][pruning{enable|disable}
www.cisco.com
ICND7-18
Creating a VTP Domain

wg_sw_a(config)#
vtp[server|transparent][domaindomainname][trap{enable|disable}]
[passwordpassword][pruning{enable|disable}
wg_sw_a#conf terminal
Enter configuration commands, one per line. End with CNTL/Z
wg_sw_a(config)#vtp transparent
wg_sw_a(config)#vtp domain switchlab
www.cisco.com
ICND7-19
Verifying VTP Configurations

wg_sw_a#showvtp
www.cisco.com
ICND7-20
Verifying VTP Configurations

wg_sw_a#showvtp
wg_sw_a#show vtp
VTP version: 1
Configuration revision: 4
Maximum VLANs supported locally: 1005
Number of existing VLANs: 6
VTP domain name
: switchlab
VTP password
:
VTP operating mode : Transparent
VTP pruning mode
: Enabled
VTP traps generation : Enabled
Configuration last modified by: 10.1.1.40 at 00-00-0000 00:00:00
www.cisco.com
ICND7-21
Defining a Trunk
wg_sw_a(config-if)#
trunk[on|off|desirable|auto|nonegotiate]
On = Set trunk on and negotiate with other side
Off = Set trunk off and negotiate with other side
Desirable = Negotiate with other side.
Trunk on if other side is on, desirable, or auto
Auto = Will be a trunk only if the other side is on or desirable
Non-negotiate = Set trunk on and will not negotiate
www.cisco.com
ICND7-22
Defining a Trunk
wg_sw_a(config-if)#
trunk[on|off|desirable|auto|nonegotiate]
On = Set trunk on and negotiate with other side
Off = Set trunk off and negotiate with other side
Desirable = Negotiate with other side.
Trunk on if other side is on, desirable, or auto
Auto = Will be a trunk only if the other side is on or desirable
Non-negotiate = Set trunk on and will not negotiate
wg_sw_a(config)#interface f0/26
wg_sw_a(config-if)#trunk on
First trunk port(Port A)

www.cisco.com
ICND7-23
Verifying a Trunk
wg_sw_a#showtrunk[A|B]
www.cisco.com
ICND7-24
Verifying a Trunk
wg_sw_a#showtrunk[A|B]
wg_sw_a#show trunk a
DISL state: On, Trunking: On, Encapsulation type: ISL
www.cisco.com
ICND7-25
Adding a VLAN
wg_sw_a(config)#
vlanvlan#[namevlanname]
www.cisco.com
ICND7-26
Adding a VLAN
wg_sw_a(config)#
vlanvlan#[namevlanname]
wg_sw_a(config)#vlan 9 name switchlab2
www.cisco.com
ICND7-27
Verifying a VLAN
wg_sw_a#showvlan[vlan#]
www.cisco.com
ICND7-28
Verifying a VLAN
wg_sw_a#showvlan[vlan#]
wg_sw_a#sh vlan 9
VLAN Name
Status Ports
------------------------------------------------9 switchlab2
Enabled
------------------------------------------------VLAN Type
SAID MTU Parent RingNo BridgeNo Stp Trans1 Trans2
------------------------------------------------------------------------------------------------------9 Ethernet
100009 1500
0
1
1
Unkn 0
0
--------------------------------------------------------------------------------------------------------
www.cisco.com
ICND7-29
Modifying a VLAN Name

wg_sw_a(config)#
vlanvlan#namevlanname
wg_sw_a(config)#vlan 9 name switchlab90
wg_sw_a#show vlan 9
VLAN Name
Status Ports
-----------------------------------------------9 switchlab90
Enabled
------------------------------------------------
www.cisco.com
ICND7-30
Assigning Switch Ports to a

VLAN
wg_sw_a(config-if)#
vlanmembership{static{vlan#}|dynamic}
www.cisco.com
ICND7-31
Assigning Switch Ports to a

VLAN
wg_sw_a(config-if)#
vlanmembership{static{vlan#}|dynamic}
wg_sw_a(config)#interface ethernet 0/8
wg_sw_a(config-if)#vlan-membership static 9
www.cisco.com
ICND7-32
Verifying VLAN Membership

wg_sw_a#showvlanmembership
www.cisco.com
ICND7-33
Verifying VLAN Membership

wg_sw_a#showvlanmembership
wg_sw_a#show vlan-membership
Port VLAN Membership Type
-------------------------------------------1
5
Static
2
1
Static
3
1
Static
4
1
Static
5
1
Static
6
1
Static
7
1
Static
8
9
Static
Port VLAN Membership Type

----------------------------------------13
1
Static
14
1
Static
15
1
Static
16
1
Static
17
1
Static
18
1
Static
19
1
Static
20
1
Static
Note:port1=e0/1,port2=e0/2.....
www.cisco.com
ICND7-34
Verifying Spanning Tree

wg_sw_a#showspantree{vlannumber}
www.cisco.com
ICND7-35
Verifying Spanning Tree

wg_sw_a#showspantree{vlannumber}
wg_sw_a#showspantree1
VLAN1isexecutingtheIEEEcompatibleSpanningTreeProtocol
BridgeIdentifierhaspriority32768,address0050.F037.DA00
Configuredhellotime2,maxage20,forwarddelay15
Currentroothaspriority0,address00D0.588F.B600
RootportisFastEthernet0/26,costofrootpathis10
Topologychangeflagnotset,detectedflagnotset
Topologychanges53,lasttopologychangeoccured0d00h17m14sago
Times:hold1,topologychange8960
hello2,maxage20,forwarddelay15
Timers:hello2,topologychange35,notification2
PortEthernet0/1ofVLAN1isForwarding
Portpathcost100,Portpriority128
Designatedroothaspriority0,address00D0.588F.B600
Designatedbridgehaspriority32768,address0050.F037.DA00
DesignatedportisEthernet0/1,pathcost10
Timers:messageage20,forwarddelay15,hold1
www.cisco.com
ICND7-36
Visual Objective
SUBNET
10.1.1.0
10.2.2.0
10.3.3.0
10.4.4.0
10.5.5.0
10.6.6.0
10.7.7.0
10.8.8.0
10.9.9.0
10.10.10.0
10.11.11.0
10.12.12.0
10.13.13.0
VLAN
1
2
3
4
5
6
7
8
9
10
11
12
13
POD
wg_ro_x, wg_sw_x, core_sw_a
wg_pc_a, core_server
wg_pc_b, core_server
wg_pc_c, core_server
wg_pc_d, core_server
wg_pc_e, core_server
wg_pc_f, core_server
wg_pc_g, core_server
wg_pc_h, core_server
wg_pc_i, core_server
wg_pc_j, core_server
wg_pc_k, core_server
wg_pc_l, core_server
ISL
VLAN2
wg_pc_a
10.2.2.12
fa0/26 e0/1
(port A)
e0/2
wg_sw_a
10.1.1.10
VLAN13
fa0/26 e0/1
(port A)
...
fa0/1
wg_sw_l
ISL 10.1.1.120
e0
wg_ro_a
10.1.1.11
wg_pc_l
10.13.13.12
e0/2
e0
wg_ro_l
10.1.1.121
fa0/12
fa0/24
core_ server ISL
10.x.x.1
core_sw_a
10.1.1.2
www.cisco.com
ICND7-37
Visual Objective
SUBNET
10.1.1.0
10.2.2.0
10.3.3.0
10.4.4.0
10.5.5.0
10.6.6.0
10.7.7.0
10.8.8.0
10.9.9.0
10.10.10.0
10.11.11.0
10.12.12.0
10.13.13.0
VLAN
1
2
3
4
5
6
7
8
9
10
11
12
13
POD
wg_ro_x, wg_sw_x, core_sw_a, core_sw_b
wg_pc_a, core_server
wg_pc_b, core_server
wg_pc_c, core_server
wg_pc_d, core_server
wg_pc_e, core_server
wg_pc_f, core_server
wg_pc_g, core_server
wg_pc_h, core_server
wg_pc_i, core_server
wg_pc_j, core_server
wg_pc_k, core_server
wg_pc_l, core_server
ISL
fa0/26
e0/1
(port A)
wg_pc_l
10.13.13.12
VLAN13
fa0/26
(port A) e0/1
...
fa0/24
ISL
fa0/27
(port B)
wg_sw_a
10.1.1.10
fa0/1
core_ server
10.x.x.1
wg_pc_a
10.2.2.12
VLAN2
core_sw_a
10.1.1.2
www.cisco.com
fa0/27
(port B)
wg_sw_l
10.1.1.120
ISL
fa0/12
fa0/13
fa0/14
ISL
fa0/12
fa0/13
ISL fa0/14
...
ISL
fa0/1
core_sw_b
10.1.1.4
ICND7-38
Summary
After completing this chapter, you should
be able to perform the following tasks:
Configuring VLAN
Configuring VTP
Configuring a trunk
Verifing Spanning Tree Operations
www.cisco.com
ICND7-39
Review Questions
1. What are the three VTP modes?
2. Over what type of port can VTP
advertisements be sent?
3. VLAN ID is carried in the ________ header.
4. How do we assign a VLAN to a port?
www.cisco.com
ICND7-40

Vlan Cisco

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Vlan Cisco

Încărcat de

Drepturi de autor:

Formate disponibile

VLANS

1999, Cisco Systems, Inc.

A VLAN = A broadcast domain = Logical network (subnet)

Each logical VLAN is like a separate physical bridge

1999, Cisco Systems, Inc.

Each logical VLAN is like a separate physical bridge

1999, Cisco Systems, Inc.

Each logical VLAN is like a separate physical bridge

VLAN Membership Modes

1999, Cisco Systems, Inc.

VLAN Tag added

Not intrusive to client

Effective between switches,

Encapsulated Ethernet frame

SA LEN AAAA03 HSA VLAN BPDU

Frames encapsulated with ISL header and CRC

VLAN Trunking Protocol (VTP)

1999, Cisco Systems, Inc.

1.new vlan added

1999, Cisco Systems, Inc.

How VTP Works

1999, Cisco Systems, Inc.

How VTP Works

4.Rev 3 --> Rev 4

4.Rev 3 --> Rev 4

1999, Cisco Systems, Inc.

Increases available bandwidth by reducing unnecessary flooded traffic

Example: Station A sends broadcast, broadcast is only flooded toward

Maximum number of VLANs is switch-dependent

1999, Cisco Systems, Inc.

VLAN Configuration Steps

1999, Cisco Systems, Inc.

VTP Configuration Guidelines

1999, Cisco Systems, Inc.

Creating a VTP Domain

1999, Cisco Systems, Inc.

Creating a VTP Domain

1999, Cisco Systems, Inc.

Verifying VTP Configurations

1999, Cisco Systems, Inc.

Verifying VTP Configurations

1999, Cisco Systems, Inc.

1999, Cisco Systems, Inc.

First trunk port(Port A)

1999, Cisco Systems, Inc.

1999, Cisco Systems, Inc.

1999, Cisco Systems, Inc.

1999, Cisco Systems, Inc.

1999, Cisco Systems, Inc.

1999, Cisco Systems, Inc.

Modifying a VLAN Name

1999, Cisco Systems, Inc.

Assigning Switch Ports to a

1999, Cisco Systems, Inc.

Assigning Switch Ports to a

1999, Cisco Systems, Inc.

Verifying VLAN Membership

1999, Cisco Systems, Inc.

Verifying VLAN Membership

Port VLAN Membership Type

Verifying Spanning Tree

1999, Cisco Systems, Inc.

Verifying Spanning Tree