VLANs- Chapter 3 CCNA Exploration Semester 3 Modified by Profs. Ward VLANs.ppt 17/04/2017 VLANs- Chapter 3 CCNA Exploration Semester 3 Modified by Profs. Ward and Cappellino S Ward Abingdon and Witney College
Topics The role of VLANs in a network Trunking VLANs Configure VLANs on switches Troubleshoot common VLAN problems
LAN Switching and Wireless LAN Design Basic Switch Concepts Wireless STP VLANs- Ch 3 Inter-VLAN routing VTP
Some requirements of LANs Need to ___________________________ to make good use of bandwidth People in the ______________ may need to be ________________ for access to servers __________: ______________ by certain users to some areas of the LAN Provide a way for different areas of the LAN to communicate with each other
Solution using Routers Divide the LAN into subnets Use routers to link the subnets BUT Routers are ________ Routers are ________ than switches Subnets are restricted to limited physical areas Subnets are ________
VLANs.ppt 17/04/2017 Solution using VLANs VLAN allows a network administrator to create groups of _______________________ that act as if they are on their own independent network ______________ may be contained in ________________________ VLAN membership can be segmented by function or departments and not necessarily by location VLANs managed by _________ _________ needed for ___________________________ S Ward Abingdon and Witney College
VLANs.ppt 17/04/2017 VLANs All __________ in a VLAN have addresses in the _____________________ A VLAN is a subnet. Broadcasts are kept within the VLAN. A VLAN is a _______________________ The switch has a ________________________ for each VLAN. Traffic for each VLAN is kept separate from other VLANs. Layer 2 switches ______________ between VLANs. S Ward Abingdon and Witney College
Benefits of using VLANs VLANs.ppt 17/04/2017 Benefits of using VLANs _________________ Cost ______________ ___________ performance Broadcast storm ___________ Improved IT staff efficiency Simpler project or application management S Ward Abingdon and Witney College
VLAN ID Ranges Normal Range VLANs Extended Range VLANs VLANs.ppt 17/04/2017 VLAN ID Ranges Normal Range VLANs VLAN 1: _____________ automatically created Ethernet LAN _________ ports start in this VLAN. VLANs 1002 – 1005: automatically created for Token Ring and FDDI Numbers 2 to 1001 can be used for _________________ VLAN trunking protocol (VTP), can only learn _______________ VLANs. Extended Range VLANs VLANs ___________ possible but fewer features S Ward Abingdon and Witney College
VLANs.ppt 17/04/2017 VLAN information VLAN information is stored in the VLAN ____________________. _________________ vlan.dat is saved in the _________ memory of the switch. Note: Catalyst 2960 switch supports up to 255 VLANs S Ward Abingdon and Witney College
VLANs.ppt 17/04/2017 Port based Each switch port intended for an __________ is configured to belong to a VLAN. Any device connecting to that port belongs to the port’s VLAN. Ports that _____________ can be configured to ________________________ (trunking) S Ward Abingdon and Witney College
Types of VLAN Default VLAN Data or user VLAN Management VLAN Native VLAN Voice VLAN
VLANs.ppt 17/04/2017 Default VLAN A VLAN to which __________________________ __________________________________ Security best practice is to change the default VLAN to a VLAN other than VLAN 1 by configuring ports to be associated with another VLAN VLAN 1 is ___________ on Cisco switches All ports a member of VLAN 1 after initial boot up Control traffic such as CDP and STP (spanning tree protocol) associated with (_____________) VLAN 1 ______________ it for data, voice or management traffic for security reasons. S Ward Abingdon and Witney College
VLANs.ppt 17/04/2017 Data or User VLAN ____________________ such as files, e-mails, shared application traffic Excludes voice and management traffic Separate VLAN for each group of users. S Ward Abingdon and Witney College
VLANs.ppt 17/04/2017 Management VLAN Any VLAN configured to ________ ___________________________________________ of a switch Contains the _________________ Used for __________ or web access for management purposes. Default management VLAN is VLAN 1 For security reasons better _____ to use VLAN 1 as the management VLAN S Ward Abingdon and Witney College
Native VLAN A Native VLAN is ____________________________ VLANs.ppt 17/04/2017 Native VLAN A Native VLAN is ____________________________ An 802.1Q trunk port supports both tagged and untagged traffic from multiple VLANs 802.1Q trunk port places untagged traffic on the native VLAN VLAN is identified by a “tag” in the frame For ________________________ with older systems. Relevant to ________________ S Ward Abingdon and Witney College
VLANs.ppt 17/04/2017 Voice VLAN ________ traffic requires ________________ with ________________ and very ________ Used with IP phone Phone acts as a switch too Voice traffic is tagged Given priority __________ traffic not tagged _______________________ In a scenario where the PC is connected to the phone which is connected to the switch as seen below… S Ward Abingdon and Witney College
Static VLAN Port __________________ to be on a VLAN VLANs.ppt 17/04/2017 Static VLAN Port __________________ to be on a VLAN Connected device is on this VLAN VLAN can be created using _____ command Given ____________________________ VLAN can be ________________________. If a port is put on a VLAN and the VLAN does not exist, then the VLAN ________________ S Ward Abingdon and Witney College
Static VLAN (Port-centric) VLANs.ppt 17/04/2017 Static VLAN (Port-centric) If VLAN 20 did not exist before… it does now And port 18 is now in VLAN 20 S Ward Abingdon and Witney College
VLANs.ppt 17/04/2017 Voice VLAN A port can be configured to be in voice mode so that it can support an IP phone attached to it In the above example, port 18 is configured for a voice VLAN and a data VLAN. S Ward Abingdon and Witney College
Dynamic VLAN ________________________________ VLANs.ppt 17/04/2017 Dynamic VLAN ________________________________ Uses a VLAN Membership Policy Server (________________) Dynamically assign a device to a VLAN based on __________________________ Once device is connected, server assigns proper VLAN Useful if you want to move devices around. S Ward Abingdon and Witney College
Traffic between VLANs Question: How are broadcast domains separated? VLANs.ppt 17/04/2017 Traffic between VLANs Question: How are broadcast domains separated? Multiple VLANs on one switch can not communicate with each other without the _____________________________ Router can route between VLANs. It needs to provide a default gateway for each VLAN as VLANs are separate subnets. Layer 3 switch has a _________________ (SVI) configured for each VLAN ____________________ to route between VLANs. S Ward Abingdon and Witney College
Intra-VLAN and Inter-VLAN Communication VLANs.ppt 17/04/2017 Intra-VLAN and Inter-VLAN Communication _______________ communication Communicating with a device in the ___________ May be in the same switch or a different switch ______________ communication Communicating with a device in ______________ Know the step by step process for each of these! S Ward Abingdon and Witney College
VLANs.ppt 17/04/2017 Trunking A _____________ between one Ethernet switch interfaces and another networking device, such as a router or a switch Traffic from _______________ travel between the switches on a shared trunk or _________________ __________________ is the protocol that deals with trunking Stay tuned- more to come… S Ward Abingdon and Witney College
Frame Tagging used to identify VLANs VLANs.ppt 17/04/2017 Frame Tagging used to identify VLANs A _________________________________ when it goes on to the trunk The tag is _____________________________ S Ward Abingdon and Witney College
Frame tagging IEEE 802.1Q Normal frame: VLANs.ppt 17/04/2017 Frame tagging IEEE 802.1Q Normal frame: Dest Add Source Add Type/Len Data FCS IEEE 802.1Q frame with tag added: Dest Add Source Add Type/Len Data FCS Tag Add 4-byte tag then recalculate FCS Tag protocol ID 0x8100 Priority CFI for token ring VLAN ID 1 - 4096 S Ward Abingdon and Witney College
VLANs.ppt 17/04/2017 Native VLAN _______________ received on a trunk port are forwarded on to the _________________ Control traffic sent on the native VLAN should be untagged Frame received from the native VLAN should be untagged Cisco switches will _______________ tagged frames received from the native VLAN. This can happen if non-Cisco devices are connected. S Ward Abingdon and Witney College
Configuring a Trunk Port VLANs.ppt 17/04/2017 Configuring a Trunk Port Make a port into a trunk port and __________ tell it which VLAN is native. SW1(config)#int fa0/1 SW1(config-if)switchport mode trunk SW1(config-if)switchport trunk native vlan 99 By default native VLAN is _____________ S Ward Abingdon and Witney College
A Closer look at VLAN Tagging VLANs.ppt 17/04/2017 A Closer look at VLAN Tagging ISL IEEE 802.1Q 802.1Q is recommended by Cisco and is used with ______________________ switches. Caution: Some older Cisco switches will only do ISL while some new Cisco switches will only do 802.1Q. Many of Cisco switches do not support ISL any more. 29 S Ward Abingdon and Witney College
Dynamic trunking protocol VLANs.ppt 17/04/2017 Dynamic trunking protocol Dynamic Trunking Protocol (_________) is a _____ _________________ for ___________________ on a link between two devices. DTP is ____________________ on a switch port when certain trunking modes are configured on the switch port. DTP manages trunk negotiation only if the port on the other switch is configured in a trunk mode that supports DTP. Available trunking modes: ________________ switchport mode trunk command _____________ switchport mode dynamic auto command _______________ switchport mode dynamic desirable command S Ward Abingdon and Witney College
Dynamic trunking protocol Summary of rules… VLANs.ppt 17/04/2017 Dynamic trunking protocol Summary of rules… Local switch port Remote switch port Dynamic auto or des. trunk Mode: trunk access Mode: access Dynamic auto or des. access Dynamic auto Dynamic auto trunk Dynamic desirable Dynamic desirable trunk Dynamic desirable Dynamic auto S Ward Abingdon and Witney College
VLANs.ppt 17/04/2017 DTP Summary S Ward Abingdon and Witney College
Create a VLAN SW1(config)#vlan 20 - in ________________ mode VLANs.ppt 17/04/2017 Create a VLAN SW1(config)#vlan 20 - in ________________ mode SW1(config-vlan)#name Finance SW1(config-vlan)#end VLAN will be saved in VLAN database -vlan.dat -rather than running config. If you do not give it a name then it will be called ____________________ ____________________ command used to display the contents of the vlan.dat file S Ward Abingdon and Witney College
Assign a port to a VLAN Manually assign a switch port to a VLAN VLANs.ppt 17/04/2017 Assign a port to a VLAN Manually assign a switch port to a VLAN known as a static access port SW1(config)#int fa 0/18 SW1(config-if)#switchport mode access SW1(config-if)#switchport access vlan 20 SW1(config-if)#end S Ward Abingdon and Witney College
show vlan brief List of VLANs with ports
Show commands show vlan brief (list of VLANs and ports) show vlan summary show interfaces vlan (a lot of detail- up/down, traffic etc) show interfaces fa0/14 switchport (access mode, trunking)
Remove port from VLAN SW1(config)#int fa 0/14 SW1(config-if)#no switchport access vlan SW1(config-if)#end The port goes back to VLAN 1. If you ____________________, it is __________________________ from its existing VLAN.
Delete a VLAN SW1(config)#no vlan 20 SW1(config)#end VLAN 20 is deleted. Any ports still on VLAN 20 will be inactive – ____________________. They need to be reassigned.
VLANs.ppt 17/04/2017 Delete VLAN database Erasing the startup configuration __________ ____________________________ because they are saved in a ____________________ Erase VLANs with the following command SW1#delete flash:vlan.dat Switch goes back to the default with all ports in VLAN 1. Recall: You cannot delete VLAN 1 S Ward Abingdon and Witney College
Configure trunk SW1(config)#int fa0/1 VLANs.ppt 17/04/2017 Configure trunk SW1(config)#int fa0/1 SW1(config-if)#switchport mode trunk SW1(config-if)#switchport trunk native vlan 99 SW1(config-if)#switchport trunk allowed vlan add 10, 20, 30 Above command used to allow a list of VLANs (10, 20, 30) on the trunk SW1(config-if)#end S Ward Abingdon and Witney College
VLANs and Trunk problems Both ends must have the ______________ Both ends must be _________________ on or off so that trunking is negotiated with the other end and comes on. Subnetting and addressing must be right. The right VLANs must be allowed on the trunk.
Summary of VLAN and Trunk problems VLANs.ppt 17/04/2017 Summary of VLAN and Trunk problems S Ward Abingdon and Witney College