1

VLANs- Chapter 3

CCNA Exploration Semester 3

Modified by Profs. Ward

and Cappellino

2

Topics

The role of VLANs in a network Trunking VLANs Configure VLANs on switches Troubleshoot common VLAN problems

3

LAN Switching and Wireless

LAN Design

Basic Switch Concepts

VLANs- Ch 3

VTP

STP

Inter-VLAN routing

Wireless

4

Some requirements of LANs

Need to ___________________________ to make good use of bandwidth

People in the ______________ may need to be ________________ for access to servers

__________: ______________ by certain users to some areas of the LAN

Provide a way for different areas of the LAN to communicate with each other

5

Solution using Routers Divide the LAN into

subnets Use routers to link the

subnetsBUT Routers are ________ Routers are ________

than switches Subnets are restricted

to limited physical areas

Subnets are ________

6

Solution using VLANs VLAN allows a network

administrator to create groups of _______________________ that act as if they are on their own independent network ______________ may be contained

in ________________________ VLAN membership can be

segmented by function or departments and not necessarily by location

VLANs managed by _________ _________ needed for

___________________________

7

VLANs

All __________ in a VLAN have addresses in the _____________________ A VLAN is a subnet.

Broadcasts are kept within the VLAN. A VLAN is a _______________________

The switch has a ________________________ for each VLAN. Traffic for each VLAN is kept separate from other VLANs.

Layer 2 switches ______________ between VLANs.

8

Benefits of using VLANs

_________________ Cost ______________ ___________ performance Broadcast storm ___________ Improved IT staff efficiency Simpler project or application management

9

VLAN ID Ranges

Normal Range VLANs VLAN 1: _____________ automatically created Ethernet LAN

_________ ports start in this VLAN. VLANs 1002 – 1005: automatically created for Token Ring and

FDDI Numbers 2 to 1001 can be used for _________________ VLAN trunking protocol (VTP), can only learn

_______________ VLANs.

Extended Range VLANs VLANs ___________ possible but fewer features

10

VLAN information

VLAN information is stored in the VLAN ____________________. _________________ vlan.dat is saved in the _________ memory of the

switch.

Note:

Catalyst 2960 switch supports up to 255 VLANs

11

Port based

Each switch port intended for an __________ is configured to belong to a VLAN.

Any device connecting to that port belongs to the port’s VLAN.

Ports that _____________ can be configured to ________________________ (trunking)

12

Types of VLAN

Default VLAN Data or user VLAN Management VLAN Native VLAN Voice VLAN

13

Default VLAN

A VLAN to which __________________________ __________________________________ Security best practice is to change the default VLAN to a

VLAN other than VLAN 1 by configuring ports to be associated with another VLAN

VLAN 1 is ___________ on Cisco switches All ports a member of VLAN 1 after initial boot up

Control traffic such as CDP and STP (spanning tree protocol) associated with (_____________) VLAN 1

______________ it for data, voice or management traffic for security reasons.

14

Data or User VLAN

____________________ such as files, e-mails, shared application traffic Excludes voice and management traffic

Separate VLAN for each group of users.

15

Management VLAN

Any VLAN configured to ________ ___________________________________________ of a switch Contains the _________________

Used for __________ or web access for management purposes.

Default management VLAN is VLAN 1 For security reasons better _____ to

use VLAN 1 as the management VLAN

16

Native VLAN A Native VLAN is ____________________________

An 802.1Q trunk port supports both tagged and untagged traffic from multiple VLANs 802.1Q trunk port places untagged traffic on the native VLAN VLAN is identified by a “tag” in the frame

For ________________________ with older systems. Relevant to ________________

17

Voice VLAN ________ traffic requires ________________

with ________________ and very ________ Used with IP phone Phone acts as a switch too

Voice traffic is tagged Given priority

__________ traffic not tagged _______________________

In a scenario where the PC is connected to the phone which is connected to the switch as seen below…

18

Static VLAN

Port __________________ to be on a VLAN Connected device is on this VLAN

VLAN can be created using _____ command Given ____________________________

VLAN can be ________________________. If a port is put on a VLAN and the VLAN does

not exist, then the VLAN ________________

19

Static VLAN (Port-centric)

If VLAN 20 did not exist before… it does now And port 18 is now in VLAN 20

20

Voice VLAN

A port can be configured to be in voice mode so that it can support an IP phone attached to it

In the above example, port 18 is configured for a voice VLAN and a data VLAN.

21

Dynamic VLAN

________________________________ Uses a VLAN Membership Policy Server

(________________) Dynamically assign a device to a VLAN based on

__________________________ Once device is connected, server assigns proper

VLAN Useful if you want to move devices around.

22

Traffic between VLANs Question: How are broadcast domains

separated? Multiple VLANs on one switch can not

communicate with each other without the _____________________________

Router can route between VLANs. It needs to provide a default gateway for each

VLAN as VLANs are separate subnets. Layer 3 switch has a _________________

(SVI) configured for each VLAN ____________________ to route between VLANs.

23

Intra-VLAN and Inter-VLAN Communication

_______________ communication Communicating with a device in the ___________ May be in the same switch or a different switch

______________ communication Communicating with a device in ______________ May be in the same switch or a different switch

Know the step by step process for each of these!

24

Trunking A _____________ between one Ethernet switch interfaces

and another networking device, such as a router or a switch Traffic from _______________ travel between the switches

on a shared trunk or _________________ __________________ is the protocol that deals with trunking

Stay tuned- more to come…

25

Frame Tagging used to identify VLANs

A _________________________________ when it goes on to the trunk

The tag is _____________________________

26

Frame tagging IEEE 802.1Q

Dest Add Source Add Type/Len Data FCS

Dest Add Source Add Type/Len Data FCSTag

Normal frame:

Add 4-byte tag then recalculate FCS

Tag protocol ID 0x8100

Priority CFI for token ring

VLAN ID1 - 4096

IEEE 802.1Q frame with tag added:

27

Native VLAN

_______________ received on a trunk port are forwarded on to the _________________ Control traffic sent on the native VLAN should be

untagged Frame received from the native VLAN should

be untagged Cisco switches will _______________ tagged

frames received from the native VLAN. This can happen if non-Cisco devices are

connected.

28

Configuring a Trunk Port

Make a port into a trunk port and __________ tell it which VLAN is native.

SW1(config)#int fa0/1 SW1(config-if)switchport mode trunk SW1(config-if)switchport trunk native vlan 99 By default native VLAN is _____________

29

A Closer look at VLAN Tagging

802.1Q is recommended by Cisco and is used with ______________________ switches.

Caution: Some older Cisco switches will only do ISL while some new Cisco switches will only do 802.1Q.

Many of Cisco switches do not support ISL any more.

ISL

IEEE 802.1Q

30

Dynamic trunking protocol

Dynamic Trunking Protocol (_________) is a _____ _________________ for ___________________ on a link between two devices.

DTP is ____________________ on a switch port when certain trunking modes are configured on the switch port. DTP manages trunk negotiation only if the port on the other

switch is configured in a trunk mode that supports DTP. Available trunking modes:

________________ switchport mode trunk command _____________ switchport mode dynamic auto command _______________ switchport mode dynamic desirable

command

31

Dynamic trunking protocolSummary of rules…

Mode: trunk

Dynamic auto or des.

Mode: access

access

trunk

accessDynamic auto

Dynamic auto

trunk Dynamic desirable

Dynamic desirable

Dynamic

auto or des.

Dynamic desirable

Dynamic auto

trunk

Local switch port Remote switch port

32

DTP Summary

33

Create a VLAN

SW1(config)#vlan 20 - in ________________ mode

SW1(config-vlan)#name Finance SW1(config-vlan)#end VLAN will be saved in VLAN database -

vlan.dat -rather than running config. If you do not give it a name then it will be

called ____________________ ____________________ command used to

display the contents of the vlan.dat file

34

Assign a port to a VLAN

Manually assign a switch port to a VLAN known as a static access port

SW1(config)#int fa 0/18 SW1(config-if)#switchport mode access SW1(config-if)#switchport access vlan 20 SW1(config-if)#end

35

show vlan brief

List of VLANs with ports

36

Show commands

show vlan brief (list of VLANs and ports) show vlan summary show interfaces vlan (a lot of detail- up/down,

traffic etc) show interfaces fa0/14 switchport (access

mode, trunking)

37

Remove port from VLAN

SW1(config)#int fa 0/14 SW1(config-if)#no switchport access vlan SW1(config-if)#end

The port goes back to VLAN 1. If you ____________________, it is

__________________________ from its existing VLAN.

38

Delete a VLAN

SW1(config)#no vlan 20 SW1(config)#end VLAN 20 is deleted. Any ports still on VLAN 20 will be inactive –

____________________. They need to be reassigned.

39

Delete VLAN database

Erasing the startup configuration __________ ____________________________ because they are saved in a ____________________

Erase VLANs with the following command SW1#delete flash:vlan.dat Switch goes back to the default with all ports in

VLAN 1. Recall: You cannot delete VLAN 1

40

Configure trunk

SW1(config)#int fa0/1 SW1(config-if)#switchport mode trunk SW1(config-if)#switchport trunk native vlan

99 SW1(config-if)#switchport trunk allowed

vlan add 10, 20, 30 Above command used to allow a list of VLANs

(10, 20, 30) on the trunk SW1(config-if)#end

41

VLANs and Trunk problems

Both ends must have the ______________ Both ends must be _________________ on

or off so that trunking is negotiated with the other end and comes on.

Subnetting and addressing must be right. The right VLANs must be allowed on the

trunk.

42

Summary of VLAN and Trunk problems