© 2015 Mohamed Samir YouTube channel All rights reserved. Samir CCNP-SWITCHING Mohamed Samir YouTube channel Double CCIEs #27042(R/S&SP)

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Part II: Building a Campus Network

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Virtual LANs

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Virtual LANs A flat network is a single broadcast domain flat networks cannot contain redundant paths for load balancing To gain any advantage from additional paths to a destination, Layer 3 routing functions must be introduced. Management Security

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir VLAN Membership Static VLAN configuration Dynamic VLAN assignment Configuring Static VLANs VLAN 1 is the default VLAN for every switch port. VLANs 1002 to 1005 legacy (Token Ring and FDDI switching) Catalyst switches can also support extended-range VLAN numbers 1006 through 4094 vtp mode transparent (VTP Versions 1 and 2 limitation) no problem with VTP mode v3

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Configuring Static VLANs Switch(config)# vlan vlan-num Switch(config-vlan)# name vlan-name Switch(config)# vlan 2 Switch(config-vlan)# name Engineering Switch(config-vlan)# vlan 101 Switch(config-vlan)# name Marketing Switch(config)# interface type member/module/number Switch(config-if)# switchport Switch(config-if)# switchport mode access Switch(config-if)# switchport access vlan vlan-num Dynamic VLANs based on the MAC address of an end-user device A network administrator also must assign the user’s MAC address to aVLAN in the database of a VLAN Membership Policy Server (VMPS)

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Deploying VLANs the number of VLANs depends on traffic patterns, application types, segmentation, and network-management requirements you should not allow VLANs to extend beyond the Layer 2 domain of a distribution switch VLANs can be scaled in the switch block by using two basic methods: End-to-end VLANs Local VLANs

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir End-to-End VLANs following the 80/20 rule End-to-end VLANs are not recommended Local VLANs 20/80 rule L3 functionality in distribution And core

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir VLAN TRUNK

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir SW1 SW4 FA0/2 SW3 SW2 FA0/1 FA0/11 FA0/1 FA0/2

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir VLAN Trunks VLAN Frame Identification ID as the VLAN number or VLAN “unique color” Inter-Switch Link (ISL) protocol IEEE 802.1Q protocol

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Inter-Switch Link Protocol Cisco-proprietary ISL adds a 26-byte header and a 4- byte trailer to the frame. The source VLAN is identified with a 15-bit The trailer contains a cyclic redundancy check (CRC) value to ensure the data integrity

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir IEEE 802.1Q Protocol encapsulating each frame with a VLAN ID header and trailer, 802.1Q embeds its tagging information within the Layer 2 frame 802.1Q also introduces “native VLAN” concept 1- 1 st (2 byte)tag protocol identifier (TPID) ……0x nd (2byte) Tag Control Information (TCI) field for class of service (CoS) The last 12 bits are used as a VLAN identifier (VID) ISL adds a total of 30 bytes to each frame, whereas 802.1Q adds 4 bytes

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Dynamic Trunking Protocol (DTP) that negotiates a common trunking mode between two switches VLAN Trunk Configuration Switch(config)# interface type member/module/number Switch(config-if)# switchport Switch(config-if)# switchport trunk encapsulation {isl | dot1q | negotiate} Switch(config-if)# switchport trunk native vlan vlan-id Switch(config-if)# switchport trunk allowed vlan {vlan-list | all | {add | except | remove} vlan-list} Switch(config-if)# switchport mode {trunk | dynamic {desirable | auto}} Verification Switch# show interface gigabitethernet 2/0/1 trunk show vlan id 2

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Voice VLANs The voice packets must be carried over a unique voice VLAN (known as the voice VLAN ID or VVID) or over the regular data VLAN (known as the native VLAN or the port VLAN ID, PVID)

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Switch(config-if)# switchport voice vlan {| dot1p | untagged | none}

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Wireless VLANs SWITCH exam might not cover wireless AP support Cisco APs can operate in one of the two following modes: Autonomous mode: The AP operates independently and directly connects VLANs to WLANs on a one-to-one basis. Lightweight mode: The AP must join and cooperate with a wireless LAN controller located elsewhere on the network. The AP connects each of its own WLANs with a VLAN connected to the controller. All of the VLAN-WLAN traffic is encapsulated and carried over a special tunnel between the AP and the controller.

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Any questions ?

© 2015 Mohamed Samir YouTube channel All rights reserved. Samir Thank you for your time ! شكرا جزاكم الله خير