Presentation is loading. Please wait.

Presentation is loading. Please wait.

VLAN-1 Virtual Local Area Networks (VLANs). VLAN-2 Virtual Local Area Networks Introducing VLANs.

Published byAdrian McDaniel Modified over 8 years ago

Similar presentations

Presentation on theme: "VLAN-1 Virtual Local Area Networks (VLANs). VLAN-2 Virtual Local Area Networks Introducing VLANs."— Presentation transcript:

1 VLAN-1 Virtual Local Area Networks (VLANs)

2 VLAN-2 Virtual Local Area Networks Introducing VLANs

3 VLAN-3 Defining VLANs In traditional switched LANs, the physical topology is closely related to the logical topology. In traditional switched LANs, the physical topology is closely related to the logical topology. Generally, workstations must be grouped by their physical proximity to a switch. Generally, workstations must be grouped by their physical proximity to a switch. To communicate among LANs, each segment must have a separate port on the backbone device or a connection to a common backbone. To communicate among LANs, each segment must have a separate port on the backbone device or a connection to a common backbone. Separate Broadcast Domains

4 VLAN-4 Defining VLANs VLANs provide segmentation based on broadcast domains. VLANs provide segmentation based on broadcast domains. VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless of the physical location or connections to the network. VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless of the physical location or connections to the network. Communication among VLANs still require a router. BUT, only one physical connection will handle all routing. Communication among VLANs still require a router. BUT, only one physical connection will handle all routing. Separate Broadcast Domains

5 VLAN-5 Defining VLANs VLANs are created to provide segmentation services traditionally provided by physical routers in LAN configurations. VLANs are created to provide segmentation services traditionally provided by physical routers in LAN configurations. They address:They address: ScalabilityScalability SecuritySecurity Network ManagementNetwork Management Broadcast FilteringBroadcast Filtering Traffic Flow ManagementTraffic Flow Management Switches may not forward any traffic between VLANs, as this would violate the integrity of the VLAN broadcast domain. Switches may not forward any traffic between VLANs, as this would violate the integrity of the VLAN broadcast domain. Traffic must be routed between VLANs. Traffic must be routed between VLANs.

6 VLAN-6 What Does This Mean? Requirements: - Different department on each floor. - Different department on each floor. - Three different LANs per floor. - Three different LANs per floor. - Separate networks - Separate networksRequirements: - Different department on each floor. - Different department on each floor. - Three different LANs per floor. - Three different LANs per floor. - Separate networks - Separate networks With routers: With routers: Expen$ive! Expen$ive! - 4 Ports each - 3 hubs / floor - 10 Broadcast domains - Inefficient traffic flow With routers: With routers: Expen$ive! Expen$ive! - 4 Ports each - 3 hubs / floor - 10 Broadcast domains - Inefficient traffic flow

7 VLAN-7 What Does This Mean? With switches: With switches: - More scalable - Easier to manage - 1 Router - 3 Broadcast Domains - Efficient traffic flow With switches: With switches: - More scalable - Easier to manage - 1 Router - 3 Broadcast Domains - Efficient traffic flow

8 VLAN-8 Defining VLANs A VLAN, then, is a broadcast domain (IP Subnet) created by one or more switches. A VLAN, then, is a broadcast domain (IP Subnet) created by one or more switches.

9 VLAN-9 Defining VLANs The above design shows 3 separate broadcast domains created using one router with 3 ports and 3 switches. The above design shows 3 separate broadcast domains created using one router with 3 ports and 3 switches. The router filters the broadcasts for each LAN. The router filters the broadcasts for each LAN.

10 VLAN-10 Defining VLANs A better design still creates the 3 separate broadcast domains but only requires 1 switch. A better design still creates the 3 separate broadcast domains but only requires 1 switch. The router provides broadcast filtering over a single link. The router provides broadcast filtering over a single link. One Physical Link

11 VLAN-11 Defining VLANs A VLAN allows: A VLAN allows: Creation of groups of logically networked devices.Creation of groups of logically networked devices. The devices to act as if they are on their own independent network.The devices to act as if they are on their own independent network. The devices can share a common infrastructure.The devices can share a common infrastructure. Each VLAN is a separate broadcast domain.Each VLAN is a separate broadcast domain. Broadcast traffic is controlled.Broadcast traffic is controlled. Each VLAN is a separate IP subnet.Each VLAN is a separate IP subnet. To communicate among VLANs, you must use a router (MUCH more later).To communicate among VLANs, you must use a router (MUCH more later).

12 VLAN-12 Benefits of VLANs Security: Security: Groups with specific security needs are isolated from the rest of the network.Groups with specific security needs are isolated from the rest of the network. Cost Reduction: Cost Reduction: Need for expensive hardware upgrades is reduced.Need for expensive hardware upgrades is reduced. Better use of existing bandwidth and links.Better use of existing bandwidth and links. Higher Performance: Higher Performance: Dividing large, flat Layer 2 networks into separate broadcast domains reduces unnecessary traffic on each new subnet.Dividing large, flat Layer 2 networks into separate broadcast domains reduces unnecessary traffic on each new subnet.

13 VLAN-13 Benefits of VLANs Broadcast Storm Mitigation: Broadcast Storm Mitigation: Dividing a network into VLANs prevents a broadcast storm from propagating to the whole network.Dividing a network into VLANs prevents a broadcast storm from propagating to the whole network. Improved IT Staff Efficiency: Improved IT Staff Efficiency: Easier to manage the network because users with similar network requirements share the same VLAN.Easier to manage the network because users with similar network requirements share the same VLAN. Simpler Project or Application Management: Simpler Project or Application Management: Having separate functions makes working with a specialized application easier. For example, an e-learning development platform for faculty.Having separate functions makes working with a specialized application easier. For example, an e-learning development platform for faculty.

14 VLAN-14 VLAN ID Ranges When configured, the number that is assigned to the VLAN becomes the VLAN ID. When configured, the number that is assigned to the VLAN becomes the VLAN ID. The numbers to be assigned are divided into two different ranges: The numbers to be assigned are divided into two different ranges: Normal Range:1 – 1005Normal Range:1 – 1005 Extended Range:1006 - 4096Extended Range:1006 - 4096 Each range has its own characteristics. Each range has its own characteristics.

15 VLAN-15 VLAN ID Ranges Normal Range:1 – 1005 Normal Range:1 – 1005 Used in small- and medium-sized business and enterprise networks.Used in small- and medium-sized business and enterprise networks. IDs 1002 – 1005: Token Ring and FDDI VLANs.IDs 1002 – 1005: Token Ring and FDDI VLANs. IDs 1 and 1002 to 1005 are automatically created and cannot be removed.IDs 1 and 1002 to 1005 are automatically created and cannot be removed. Configurations are stored within a VLAN database file, called vlan.dat, located in the flash memory of the switch.Configurations are stored within a VLAN database file, called vlan.dat, located in the flash memory of the switch. The VLAN Trunking Protocol (VTP), which helps manage VLAN configurations between switches, can only learn normal range VLANs and stores them in the VLAN database file. (Chapter 4)The VLAN Trunking Protocol (VTP), which helps manage VLAN configurations between switches, can only learn normal range VLANs and stores them in the VLAN database file. (Chapter 4)

16 VLAN-16 VLAN ID Ranges Extended Range:1006 – 4096 Extended Range:1006 – 4096 Enable service providers to extend their infrastructure to a greater number of customers.Enable service providers to extend their infrastructure to a greater number of customers. Some global enterprises could be large enough to need extended range VLAN IDs.Some global enterprises could be large enough to need extended range VLAN IDs. Support fewer VLAN features than normal range VLANs.Support fewer VLAN features than normal range VLANs. Are saved in the running configuration file – not the vlan.dat file.Are saved in the running configuration file – not the vlan.dat file. VTP does not learn extended range VLANs.VTP does not learn extended range VLANs.

17 VLAN-17 Types of VLANs Traditionally, two methods of implementing VLANs: Traditionally, two methods of implementing VLANs: Static or Port-Based:Static or Port-Based: Ports on a switch are assigned to a specific VLAN.Ports on a switch are assigned to a specific VLAN. Dynamic:Dynamic: VLANs created by accessing a Network Management server. The MAC address/VLAN ID mapping is set up by the Network Administrator and the server assigns a VLAN ID when the device contacts it.VLANs created by accessing a Network Management server. The MAC address/VLAN ID mapping is set up by the Network Administrator and the server assigns a VLAN ID when the device contacts it. Today, there is essentially one method of implementing VLANs: Port-Based. Today, there is essentially one method of implementing VLANs: Port-Based.

18 VLAN-18 Types of Port-Based VLANs Defined by the type of traffic they support or by the functions they perform. Defined by the type of traffic they support or by the functions they perform. Data VLAN.Data VLAN. Default VLAN.Default VLAN. Native VLAN.Native VLAN. Management VLAN.Management VLAN. Voice VLAN.Voice VLAN.

19 VLAN-19 Types of Port-Based VLANs Data VLAN: Data VLAN: Configured to carry only user-generated traffic.Configured to carry only user-generated traffic. A switch could carry voice-based traffic or traffic used to manage the switch, but this traffic would not be part of a data VLAN.A switch could carry voice-based traffic or traffic used to manage the switch, but this traffic would not be part of a data VLAN. A Data VLAN is sometimes referred to as a User VLAN.A Data VLAN is sometimes referred to as a User VLAN.

20 VLAN-20 Types of Port-Based VLANs Default VLAN: Default VLAN: The default VLAN for Cisco switches is VLAN 1.The default VLAN for Cisco switches is VLAN 1. VLAN 1 has all the features of any VLAN, except that you cannot rename it and you can not delete it.VLAN 1 has all the features of any VLAN, except that you cannot rename it and you can not delete it. By default, Layer 2 control traffic (CDP and STP) is associated with VLAN 1.By default, Layer 2 control traffic (CDP and STP) is associated with VLAN 1. It is a security best practice to change the default VLAN to a VLAN other than VLAN 1 (e.g. VLAN 99).It is a security best practice to change the default VLAN to a VLAN other than VLAN 1 (e.g. VLAN 99). VLAN Trunk:VLAN Trunk: Carries data or control information (VLAN 1 data) for all VLANs from switch-to-switch or switch-to-router.Carries data or control information (VLAN 1 data) for all VLANs from switch-to-switch or switch-to-router.

21 VLAN-21 Types of Port-Based VLANs Native VLAN: Native VLAN: An 802.1Q trunk port supports traffic coming from VLANs (tagged traffic) as well as traffic that does not come from a VLAN (untagged traffic).An 802.1Q trunk port supports traffic coming from VLANs (tagged traffic) as well as traffic that does not come from a VLAN (untagged traffic). The 802.1Q trunk port places untagged traffic on the native VLAN.The 802.1Q trunk port places untagged traffic on the native VLAN. Native VLANs are set out in the IEEE 802.1Q specification to maintain backward compatibility with untagged traffic common to legacy LAN scenarios.Native VLANs are set out in the IEEE 802.1Q specification to maintain backward compatibility with untagged traffic common to legacy LAN scenarios. It is a best practice to use a VLAN other than VLAN 1 as the native VLAN.It is a best practice to use a VLAN other than VLAN 1 as the native VLAN.

22 VLAN-22 Types of Port-Based VLANs Management VLAN: Management VLAN: A management VLAN is any VLAN you configure to access the management capabilities of a switch.A management VLAN is any VLAN you configure to access the management capabilities of a switch. You assign the management VLAN an IP address and subnet mask.You assign the management VLAN an IP address and subnet mask. A new switch has all ports assigned to VLAN 1.A new switch has all ports assigned to VLAN 1. Using VLAN 1 as the management VLAN means that anyone connecting to the switch will be in the management VLAN.Using VLAN 1 as the management VLAN means that anyone connecting to the switch will be in the management VLAN. That assumes that all ports have not been assigned to another VLAN.That assumes that all ports have not been assigned to another VLAN.

23 VLAN-23 Types of Port-Based VLANs Voice VLANs: Voice VLANs: Voice-over-IP (VoIP) traffic requires:Voice-over-IP (VoIP) traffic requires: Assured bandwidth to ensure voice quality.Assured bandwidth to ensure voice quality. Transmission priority over other types of network traffic.Transmission priority over other types of network traffic. Ability to be routed around congested areas on the network.Ability to be routed around congested areas on the network. Delay of less than 150 milliseconds (ms) across the network.Delay of less than 150 milliseconds (ms) across the network. The details of how to configure a network to support VoIP are beyond the scope of the course, but it is useful to summarize how a voice VLAN works between a switch, a Cisco IP phone, and a computer.The details of how to configure a network to support VoIP are beyond the scope of the course, but it is useful to summarize how a voice VLAN works between a switch, a Cisco IP phone, and a computer.

24 VLAN-24 Types of Port-Based VLANs Voice VLANs: Voice VLANs: VLAN 150 is designed to carry voice traffic. ConnectionsConnections

25 VLAN-25 Types of Port-Based VLANs Voice VLANs: A Cisco IP Phone is a switch. Voice VLANs: A Cisco IP Phone is a switch. Port 1 connects to the switch or VoIP device. Port 2 is an internal 10/100 interface that carries the phone traffic. Port 3 connects to a PC or other device.

26 VLAN-26 Types of Port-Based VLANs Voice VLANs: A Cisco IP Phone is a switch. Voice VLANs: A Cisco IP Phone is a switch. Switch S3 is configured to carry voice traffic on VLAN 150 and data traffic on VLAN 20. Sending: Phone tags voice traffic with VLAN 150 and sends data traffic untagged. The switch will tag the data traffic for VLAN 20. Sending: Receiving: Phone acts on voice traffic and removes the tag for data traffic destined for the PC. Receiving: MORE on the tagging process later…

27 VLAN-27 Types of Port-Based VLANs Voice VLANs: A Cisco IP Phone is a switch. Voice VLANs: A Cisco IP Phone is a switch. Link to the switch acts as a trunk link to carry both voice and data traffic. CDP is used to communicate between the switch and the phone. CDP

28 VLAN-28 Types of Port-Based VLANs Voice VLANs: Voice VLANs: Should make more sense now…..

29 VLAN-29 Network Traffic Types Management Traffic CDPSNMPRmonCDPSNMPRmon

30 VLAN-30 Network Traffic Types IP Telephony Traffic Signaling Data Packets Signaling

31 VLAN-31 Network Traffic Types IP Multicast Traffic Sent from a particular source address to a multicast group that is identified by a single IP and MAC destination-group address pair. IP/TV Broadcasts VLAN Configuration Router Configuration VLAN Configuration Router Configuration

32 VLAN-32 Network Traffic Types Normal Data Traffic File Sharing Printing Database Access Email Shared Applications File Sharing Printing Database Access Email Shared Applications

33 VLAN-33 Network Traffic Types Scavenger Class Traffic Less than best-effort services. Typically entertainment oriented. Peer-to-Peer Media Sharing (KaZaa, Napster), Gaming. Less than best-effort services. Typically entertainment oriented. Peer-to-Peer Media Sharing (KaZaa, Napster), Gaming.

34 VLAN-34 Switch Port Membership Modes Switch Ports: Switch Ports: Layer 2-only interfaces associated with a physical port.Layer 2-only interfaces associated with a physical port. Used for managing the physical interface and associated Layer 2 protocols.Used for managing the physical interface and associated Layer 2 protocols. Do not handle routing or bridging.Do not handle routing or bridging. Can belong to one or more VLANs.Can belong to one or more VLANs. Configuring VLANs: Configuring VLANs: Must assign a VLAN number.Must assign a VLAN number. Can configure a port specifying:Can configure a port specifying: The type of traffic.The type of traffic. The VLANs to which it belongs.The VLANs to which it belongs.

35 VLAN-35 Switch Port Membership Modes Static VLAN: Static VLAN: Ports on a switch are manually assigned to a VLAN.Ports on a switch are manually assigned to a VLAN. Static VLANs are configured using the Cisco CLI or a GUI Management application (e.g. Cisco Network Assistant).Static VLANs are configured using the Cisco CLI or a GUI Management application (e.g. Cisco Network Assistant).

36 VLAN-36 Switch Port Membership Modes Dynamic VLAN: Dynamic VLAN: Configured using a special server called a VLAN Membership Policy Server (VMPS).Configured using a special server called a VLAN Membership Policy Server (VMPS). Assign switch ports to VLANs based on the source MAC address of the device connected to the port.Assign switch ports to VLANs based on the source MAC address of the device connected to the port. Benefit is that moving a user to a different port on a switch or to a new switch, the user is assigned to the proper VLAN dynamically.Benefit is that moving a user to a different port on a switch or to a new switch, the user is assigned to the proper VLAN dynamically. Not widely used.Not widely used.

37 VLAN-37 Switch Port Membership Modes Voice VLAN: Voice VLAN: A port is configured to be in voice mode so that it can support an IP phone.A port is configured to be in voice mode so that it can support an IP phone. Before you configure a voice VLAN on the port, you first configure a VLAN for voice and a VLAN for data.Before you configure a voice VLAN on the port, you first configure a VLAN for voice and a VLAN for data.

38 VLAN-38 Switch Port Membership Modes Voice VLAN: Voice VLAN: Ensures that voice traffic is identified as priority traffic. Voice VLAN Data VLAN Remember that the entire network must be set up to prioritize voice traffic. You cannot just configure the switch port.

39 VLAN-39 Controlling Broadcast Domains with VLANs Network without VLANs: Network without VLANs: Sends a Broadcast

40 VLAN-40 Controlling Broadcast Domains with VLANs Network with VLANs: Network with VLANs: Sends a Broadcast

41 VLAN-41 Controlling Broadcast Domains with VLANs Intra-VLAN Communications: Intra-VLAN Communications:

42 VLAN-42 Controlling Broadcast Domains with VLANs Intra-VLAN Communications: Intra-VLAN Communications:

43 VLAN-43 Controlling Broadcast Domains with VLANs Intra-VLAN Communications: Intra-VLAN Communications:

44 VLAN-44 Controlling Broadcast Domains with VLANs Intra-VLAN Communications: Intra-VLAN Communications:

Download ppt "VLAN-1 Virtual Local Area Networks (VLANs). VLAN-2 Virtual Local Area Networks Introducing VLANs."

Similar presentations

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 VLANs LAN Switching and Wireless – Chapter 3.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 VLANs LAN Switching and Wireless – Chapter 3.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—2-1 Extending Switched Networks with Virtual LANs Introducing VLAN Operations.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—2-1 Extending Switched Networks with Virtual LANs Introducing VLAN Operations.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
Cisco 3 - Switch Perrine. J Page 15/8/2015 Chapter 8 What happens to the member ports of a VLAN when the VLAN is deleted? 1.They become inactive. 2.They.

Cisco 3 - Switch Perrine. J Page 15/8/2015 Chapter 8 What happens to the member ports of a VLAN when the VLAN is deleted? 1.They become inactive. 2.They.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: VLANs Routing & Switching.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.
Ethernet and switches selected topics 1. Agenda Scaling ethernet infrastructure VLANs 2.

Ethernet and switches selected topics 1. Agenda Scaling ethernet infrastructure VLANs 2.
Institute of Technology, Sligo Dept of Computing Semester 3, version 2.1.3 Semester 3 Chapter 3 VLANs.

Institute of Technology, Sligo Dept of Computing Semester 3, version Semester 3 Chapter 3 VLANs.
VLANs- Chapter 3 CCNA Exploration Semester 3 Modified by Profs. Ward

VLANs- Chapter 3 CCNA Exploration Semester 3 Modified by Profs. Ward
© Wiley Inc. 2006. All Rights Reserved. CCNA: Cisco Certified Network Associate Study Guide CHAPTER 8: Virtual LANs (VLANs)

© Wiley Inc All Rights Reserved. CCNA: Cisco Certified Network Associate Study Guide CHAPTER 8: Virtual LANs (VLANs)
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,

(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.

Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.
We will be covering VLANs this week. In addition we will do a practical involving setting up a router and how to create a VLAN.

We will be covering VLANs this week. In addition we will do a practical involving setting up a router and how to create a VLAN.
Sybex CCNA 640-802 Chapter 9: VLAN’s Instructor & Todd Lammle.

Sybex CCNA Chapter 9: VLAN’s Instructor & Todd Lammle.
VLANs.ppt CCNA Exploration Semester 3 Chapter 3

VLANs.ppt CCNA Exploration Semester 3 Chapter 3
Virtual LAN (VLAN) W.lilakiatsakun.

Virtual LAN (VLAN) W.lilakiatsakun.
1 Lecture #6 Switch – VLAN Asst.Prof. Dr.Anan Phonphoem Department of Computer Engineering, Faculty of Engineering, Kasetsart University, Bangkok, Thailand.

1 Lecture #6 Switch – VLAN Asst.Prof. Dr.Anan Phonphoem Department of Computer Engineering, Faculty of Engineering, Kasetsart University, Bangkok, Thailand.
Voice VLANs Lecture 7 VLANs.ppt 21/04/ Apr-17

Voice VLANs Lecture 7 VLANs.ppt 21/04/ Apr-17
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: Implementing VLAN Security Routing And Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: Implementing VLAN Security Routing And Switching.
Virtual LAN Design Switches also have enabled the creation of Virtual LANs (VLANs). VLANs provide greater opportunities to manage the flow of traffic on.

Virtual LAN Design Switches also have enabled the creation of Virtual LANs (VLANs). VLANs provide greater opportunities to manage the flow of traffic on.

Similar presentations

Ads by Google