Ca Ex S3 C3 Vla Ns
-
Upload
neo-kim -
Category
Technology
-
view
3.194 -
download
1
Transcript of Ca Ex S3 C3 Vla Ns
![Page 1: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/1.jpg)
CCNA – Semester 3
Chapter 3: VLANs
CCNA Exploration 4.0
![Page 2: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/2.jpg)
2
Objectives
• Explain the role of VLANs in a network
• Explain the role of trunking VLANs in a network
• Configure VLANs on the switches in a network
topology
• Troubleshoot the common software or hardware
configuration problems associated with VLANs on
switches in a network topology
![Page 3: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/3.jpg)
3
Introducing VLANs
![Page 4: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/4.jpg)
4
Introducing VLANs
![Page 5: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/5.jpg)
5
What is a VLAN?
![Page 6: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/6.jpg)
6
What is a VLAN?
![Page 7: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/7.jpg)
7
Benefits of a VLAN
![Page 8: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/8.jpg)
8
Introducing VLANs
![Page 9: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/9.jpg)
9
Types of VLANs
• Today there is essentially one way of implementing VLANs -
port-based VLANs. A port-based VLAN is associated with a
port called an access VLAN.
• However in the network there are a number of terms for
VLANs. Some terms define the type of network traffic they
carry and others define a specific function a VLAN performs.
VLAN Types:
• Data VLAN:
– Is a VLAN that is configured to carry only user-generated
traffic
– A VLAN could carry voice-based traffic or traffic used to
manage the switch, but this traffic would not be part of a
data VLAN.
– Sometimes referred to as a user VLAN
![Page 10: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/10.jpg)
10
Types of VLANs
• Default VLAN:
– All switch ports become a member of the default VLAN
after the initial boot up of the switch.
– The default VLAN for Cisco switches is VLAN 1, you
cannot rename it and you can not delete it.
– Layer 2 control traffic, such as CDP and spanning tree
protocol traffic, will always be associated with VLAN 1 -
this cannot be changed.
– It is a security best practice to change the default VLAN to
a VLAN other than VLAN 1
• Note: Some network administrators use the term "default VLAN" to mean
a VLAN other than VLAN 1 defined by the network administrator as the
VLAN that all ports are assigned to when they are not in use. In this
case, the only role that VLAN 1 plays is that of handling Layer 2 control
traffic for the network.
![Page 11: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/11.jpg)
11
Types of VLANs
• Native VLAN:
– A native VLAN is assigned to an 802.1Q trunk port. An
802.1Q trunk port supports traffic coming from many
VLANs (tagged traffic) as well as traffic that does not
come from a VLAN (untagged traffic). The 802.1Q trunk
port places untagged traffic on the native VLAN.
– Native VLANs are set out in the IEEE 802.1Q
specification to maintain backward compatibility with
untagged traffic common to legacy LAN scenarios.
– It is a best practice to use a VLAN other than VLAN 1 as
the native VLAN.
![Page 12: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/12.jpg)
12
Types of VLANs
• Management VLAN
– A management VLAN is any VLAN you configure to
access the management capabilities of a switch.
– VLAN 1 would serve as the management VLAN if you did
not proactively define a unique VLAN to serve as the
management VLAN.
– You assign the management VLAN an IP address and
subnet mask. A switch can be managed via HTTP,
Telnet, SSH, or SNMP.
Since the out-of-the-box configuration of a Cisco switch has
VLAN 1 as the default VLAN, you see that VLAN 1 would be
a bad choice as the management VLAN.
![Page 13: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/13.jpg)
13
Types of VLANs
• Voice VLANs
VoIP traffic requires:
– Assured bandwidth to ensure voice quality
– Transmission priority over other types of network traffic
– Ability to be routed around congested areas on the network
– Delay of less than 150 milliseconds (ms) across the network
A Cisco Phone is a Switch: contains an integrated three-port 10/100 switch:
– Port 1 connects to the switch or other voice-over-IP (VoIP) device.
– Port 2 is an internal 10/100 interface that carries the IP phone traffic.
– Port 3 (access port) connects to a PC or other device.
![Page 14: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/14.jpg)
14
Types of VLANs
• Voice VLAN
![Page 15: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/15.jpg)
15
Types of VLANs
• Cisco IP Phone
![Page 16: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/16.jpg)
16
Network Traffic Types
• Network Management and Control Traffic
![Page 17: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/17.jpg)
17
Network Traffic Types
• IP Telephony
![Page 18: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/18.jpg)
18
Network Traffic Types
• IP Multicast
![Page 19: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/19.jpg)
19
Network Traffic Types
• Normal Data
![Page 20: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/20.jpg)
20
Switch Port Membership Modes
• Switch ports are Layer 2-only interfaces associated with a physical port.
A port can be configured to support these VLAN types:
• Static VLAN - Ports on a switch are manually assigned to a VLAN.
• Dynamic VLAN - This mode is not widely used in production networks and is not explored in this course. However, it is useful to know what a dynamic VLAN is. A dynamic port VLAN membership is configured using a special server called a VLAN Membership Policy Server (VMPS), based on the source MAC address of the device connected to the port.
• Voice VLAN - A port is configured to be in voice mode so that it can support an IP phone attached to it. Before you configure a voice VLAN on the port, you need to first configure a VLAN for voice and a VLAN for data.
![Page 21: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/21.jpg)
21
Switch Port Membership Modes
![Page 22: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/22.jpg)
22
Switch Port Membership Modes
• Voice Mode configuration
![Page 23: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/23.jpg)
23
Controlling Broadcast Domains with VLANs
• Without VLANs: In normal operation, when a switch
receives a broadcast frame on one of its ports, it forwards
the frame out all other ports on the switch.
![Page 24: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/24.jpg)
24
Controlling Broadcast Domains with VLANs
• With VLANs: the broadcast frame arrives at the only other
computer in the network configured on the same VLAN
![Page 25: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/25.jpg)
25
Controlling Broadcast Domains with
Switches and Routers
Intra-VLAN Communication
• PC1 want to communicate with PC4.
![Page 26: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/26.jpg)
26
Controlling Broadcast Domains with
Switches and Routers
Inter-VLAN Communication
• PC1 want to communicate with PC5.
![Page 27: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/27.jpg)
27
Controlling Broadcast Domains with VLANs
and Layer 3 Forwarding
SVI: switch virtual interface
• SVI is a logical interface configured for a specific VLAN. You
need to configure an SVI for a VLAN if you want to route
between VLANs or to provide IP host connectivity to the
switch. By default, an SVI is created for the default VLAN
(VLAN 1) to permit remote switch administration.
![Page 28: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/28.jpg)
28
Controlling Broadcast Domains with VLANs
![Page 29: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/29.jpg)
29
VLAN Trunking
![Page 30: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/30.jpg)
30
VLAN Trunks
• It is hard to describe VLANs without mentioning VLAN
trunks.
• A trunk is a point-to-point link between one or more Ethernet
switch interfaces and another networking device, such as a
router or a switch.
• Ethernet trunks carry the traffic of multiple VLANs over a
single link.
• A VLAN trunk allows you to extend the VLANs across an
entire network. Cisco supports IEEE 802.1Q for coordinating
trunks on Fast Ethernet and Gigabit Ethernet interfaces.
• A VLAN trunk does not belong to a specific VLAN, rather it is
a conduit for VLANs between switches and routers.
![Page 31: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/31.jpg)
31
VLAN Trunks
• Without VLAN Trunks
![Page 32: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/32.jpg)
32
VLAN Trunks
• With VLAN Trunks
![Page 33: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/33.jpg)
33
VLAN Trunks
802.1Q Frame Tagging
• Switches are layer 2 devices, use the Ethernet frame header
information to forward packets. The frame header does not
contain information about which VLAN the frame should
belong to.
• When Ethernet frames are placed on a trunk they need
additional information about the VLANs they belong to. This
is accomplished by using the 802.1q encapsulation header.
This header adds a tag to the original Ethernet frame
specifying the VLAN for which the frame belongs to.
![Page 34: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/34.jpg)
34
VLAN Trunks
• VLAN Frame Tagging
![Page 35: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/35.jpg)
35
Native VLANs and 802.1Q Trunking
![Page 36: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/36.jpg)
36
Native VLANs and 802.1Q Trunking
![Page 37: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/37.jpg)
37
Trunking Operation
![Page 38: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/38.jpg)
38
Trunking Modes
• Although a Cisco switch can be configured to support two types of
trunk ports, IEEE 802.1Q and ISL, today only 802.1Q is used.
• 802.1Q: An IEEE 802.1Q trunk port supports simultaneous tagged
and untagged traffic. An 802.1Q trunk port is assigned a default
PVID, and all untagged traffic travels on the port default PVID. All
untagged traffic and tagged traffic with a null VLAN ID are
assumed to belong to the port default PVID. A packet with a VLAN
ID equal to the outgoing port default PVID is sent untagged. All
other traffic is sent with a VLAN tag.
• ISL (Inter-Switch Link): In an ISL trunk port, all received packets
are expected to be encapsulated with an ISL header, and all
transmitted packets are sent with an ISL header. Native (non-
tagged) frames received from an ISL trunk port are dropped.
![Page 39: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/39.jpg)
39
Trunking Modes
DTP (Dynamic Trunking Protocol )
• A Cisco proprietary protocol
• DTP manages trunk negotiation only if the port on the other
switch is configured in a trunk mode that supports DTP. DTP
supports both ISL and 802.1Q trunks.
• Some Cisco switches and routers do not support DTP
![Page 40: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/40.jpg)
40
Configure VLANs and Trunks
![Page 41: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/41.jpg)
41
Configuring VLANs &Trunks Overview
Use the following steps to configure and verify VLANs and
trunks on a switch network:
1. Create the VLANs
2. Assign switch ports to VLANs statically
3. Verify VLAN configuration
4. Enable trunking on the inter-switch connections
5. Verify trunk configuration
![Page 42: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/42.jpg)
42
Configure a VLAN
• Add a VLAN
![Page 43: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/43.jpg)
43
Configure a VLAN
• Assign a Switch Port
![Page 44: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/44.jpg)
44
Configure a VLAN
• Verification
![Page 45: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/45.jpg)
45
Managing VLANs
![Page 46: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/46.jpg)
46
Managing VLANs
![Page 47: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/47.jpg)
47
Managing VLANs
![Page 48: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/48.jpg)
48
Managing VLANs
• Reassign a Port to VLAN 1
![Page 49: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/49.jpg)
49
Managing VLANs
• Delete VLANs:
– No vlan vlan-id
• You can delete vlan database:
– Delete flash:vlan.dat
![Page 50: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/50.jpg)
50
Configure a Trunk
• Note: (config-if)# switchport trunk encapsultation
![Page 51: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/51.jpg)
51
Configure a Trunk
![Page 52: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/52.jpg)
52
Configure a Trunk
• Verify
![Page 53: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/53.jpg)
53
Configure a Trunk
![Page 54: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/54.jpg)
54
Configure a Trunk
![Page 55: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/55.jpg)
55
Troubleshooting VLANs and Trunks
![Page 56: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/56.jpg)
56
Common Problems witch Trunks
• Use: show interfaces trunk command
![Page 57: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/57.jpg)
57
Common Problem with VLAN configurations
VLAN and IP Subnets
• Each VLAN must correspond to a unique IP subnet. If two devices in the
same VLAN have different subnet addresses, they cannot communicate.
This type of incorrect configuration is a common problem, and it is easy
to solve by identifying the offending device and changing the subnet
address to the correct one.
![Page 58: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/58.jpg)
58
Troubleshooting
![Page 59: Ca Ex S3 C3 Vla Ns](https://reader033.fdocuments.in/reader033/viewer/2022052618/554a1e89b4c9058c5d8b5698/html5/thumbnails/59.jpg)
59
Summary
• VLANs separate broadcast domains on switches.
• VLANs improve network performance, management, and security.
• VLAN can be used for data, voice, network protocol and network
management traffic.
• There are 3 different membership modes: Static, Dynamic, and Voice
VLAN mode.
• Routers or Layer 3 switches are required for inter-VLAN communication.
• Trunks allow multiple VLANs to traverse a single link to simplify intra-
VLAN communication across multiple switches.
• IEEE 802.1Q is the standard trunking protocol
• 802.1Q uses a process of frame tagging to keep VLAN traffic separate as
it traverse the trunk link.
• 802.1Q does not tag native VLAN traffic, which can result in problems
when trunking is misconfigured.