ICND22S02L02

7/28/2019 ICND22S02L02

1/28

2004 Cisco Systems, Inc. All rights reserved. ICND v2.22-1

Extending Switched Networks withVirtual LANs

Configuring VLANs

7/28/2019 ICND22S02L02

2/28

7/28/2019 ICND22S02L02

3/28


VTP domain name

VTP mode (server, client, or transparent); server modeis default

VTP pruning

VTP password

VTP version

Use caution when adding a new switch to an existing domain.

Add a new switch in client mode to prevent the new switch frompropagating incorrect VLAN information.

Reset the VTP revision number to 0, but change the VTP mode to

transparent.

VTP Configuration Guidelines

7/28/2019 ICND22S02L02

4/28


Creating a VTP Domain

Catalyst 2950 Series

wg_sw_2950#config terminalwg_sw_2950(config)#vtp mode [ server | client | transparent ]

wg_sw_2950(config)#vtp domain domain-namewg_sw_2950(config)#vtp passwordpasswordwg_sw_2950(config)#vtp pruningwg_sw_2950(config)#end

7/28/2019 ICND22S02L02

5/28


VTP Configuration Example

Switch(config)#vtp domain ICNDChanging VTP domain name to ICNDSwitch(config)#vtp mode transparentSetting device to VTP TRANSPARENT mode.Switch(config)#end

Switch#show vtp statusVTP Version : 2Configuration Revision : 0

Maximum VLANs supported locally : 64Number of existing VLANs : 17VTP Operating Mode : TransparentVTP Domain Name : ICNDVTP Pruning Mode : Disabled

VTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0x7D 0x6E 0x5E 0x3D 0xAF 0xA0 0x2F 0xAAConfiguration last modified by 10.1.1.4 at 3-3-93 20:08:05Switch#

7/28/2019 ICND22S02L02

6/28


802.1Q Trunking Limitations

Make sure that the

native VLAN for an

802.1Q trunk is thesame on both ends of

the trunk link.

Make sure that your

network is loop-free

before disabling STP.

7/28/2019 ICND22S02L02

7/28 2004 Cisco Systems, Inc. All rights reserved. ICND v2.22-7

Configuring802.1Q Trunking

wg_sw_a(config-if)#switchport mode trunk

Configures the port as a VLAN trunk

Note: The Catalyst 2950 series switches support only 802.1Qencapsulation.

7/28/2019 ICND22S02L02


Configuring ISL Trunking

wg_sw_4000(config)# interface {fastethernet | gigabitethernet} slot/port

Select the interface to configure.

wg_sw_4000(config-if)# shutdown

(Optional) Shut down the interface to prevent traffic flow

until configuration is complete.

wg_sw_4000(config-if)# switchport trunk encapsulation {isl | dot1q | negotiate}

(Optional) Specify the encapsulation. Note: You must enter thiscommand with either the isl ordot1q keyword to support the

switchport mode trunk command, which is not supported by thedefault mode (negotiate).

wg_sw_4000(config-if)# switchport mode {dynamic {auto | desirable} | trunk}

Configure the interface as a Layer 2 trunk (required only if theinterface is a Layer 2 access port or to specify the trunking mode).

7/28/2019 ICND22S02L02


Configuring ISL Trunking (Cont.)

wg_sw_4000#configure terminalwg_sw_4000(config-if)#interface gigabitEthernet 2/24wg_sw_4000(config-if)#shutdownwg_sw_4000(config-if)#switchport trunk encapsulation islwg_sw_4000(config-if)#switchport mode trunkwg_sw_4000(config-if)#no shutdown

Note: Not all Catalyst series switches support ISL encapsulation.

7/28/2019 ICND22S02L02


VLAN Creation Guidelines

The maximum number of VLANs is switch-dependent.

Most Catalyst desktop switches support 64 VLANs witha separate spanning tree per VLAN.

VLAN 1 is the factory default Ethernet VLAN.

CDP and VTP advertisements are sent on VLAN 1.

The Catalyst switch IP address is in the managementVLAN (VLAN 1 by default).

To add or delete VLANs, the switch must be in VTPserver or transparent mode.

7/28/2019 ICND22S02L02

11/28

7/28/2019 ICND22S02L02


wg_sw_a(config-vlan)#name vlan-name

wg_sw_a#configure terminalwg_sw_a(config)#vlan 2

wg_sw_a(config-vlan)#name switchlab2

Modifying a VLAN Name

7/28/2019 ICND22S02L02


Assigning Switch Ports to a VLAN


wg_sw_2950(config-if)#switchport access [vlan vlan#| dynamic]

wg-sw_2950#configure terminalwg_sw_2950(config)#interface fastethernet 0/2wg_sw_2950(config-if)#switchport access vlan 2

wg_sw_2950#sh vlan

VLAN Name Status Ports---- -------------------------------- --------- ----------------------1 default active Fa0/1, Fa0/3, Fa0/4. . . . .

2 vlan2 active Fa0/2

7/28/2019 ICND22S02L02


Verifying the VTP Configuration

wg_sw_2950#show vtp status

wg_sw_2950#show vtp status

VTP Version : 2

Configuration Revision : 0Maximum VLANs supported locally : 64

Number of existing VLANs : 17

VTP Operating Mode : Server

VTP Domain Name : ICND_lab

VTP Pruning Mode : Disabled

VTP V2 Mode : Disabled

VTP Traps Generation : Disabled

MD5 digest : 0x7D 0x6E 0x5E 0x3D 0xAF 0xA0 0x2F 0xAA

Configuration last modified by 10.10.10.40 at 3-3-93 20:08:05

7/28/2019 ICND22S02L02


Verifying a Trunk

wg_sw_2950#show interfaces interface [switchport | trunk]

wg_sw_2950#show interfaces fa0/11 switchportName: Fa0/11Switchport: Enabled

Administrative Mode: trunkOperational Mode: down

Administrative Trunking Encapsulation: dot1qNegotiation of Trunking: OnAccess Mode VLAN: 1 (default)Trunking Native Mode VLAN: 1 (default). . .

wg_sw_2950#show interfaces fa0/11 trunk

Port Mode Encapsulation Status Native vlanFa0/11 desirable 802.1q trunking 1

Port Vlans allowed on trunkFa0/11 1-4094

Port Vlans allowed and active in management domainFa0/11 1-13

7/28/2019 ICND22S02L02


Verifying a VLAN


wg_sw_2950#sh vlan id 2

VLAN Name Status Ports---- -------------------------------- --------- -------------------------------2 switchlab99 active Fa0/2, Fa0/12

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------2 enet 100002 1500 - - - - - 0 0

. . .wg_sw_2950#

wg_sw_2950#show vlan [brief | idvlan-id|| name vlan-name]

7/28/2019 ICND22S02L02


wg_sw_2950#show vlan briefVLAN Name Status Ports---- -------------------------------- --------- -------------------------------

1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/42 vlan2 active3 vlan3 active4 vlan4 active1002 fddi-default act/unsup1003 token-ring-default act/unsup

VLAN Name Status Ports---- -------------------------------- --------- -------------------------------

1004 fddinet-default act/unsup1005 trnet-default act/unsup

wg_sw_2950#show vlan brief

Verifying VLAN Membership

wg_sw_2950#show interfaces interface switchport

7/28/2019 ICND22S02L02


Verifying STP for a VLAN

wg_sw_2950#show spanning-tree [active | detail |vlanvlan-id| summary]

wg_sw_2950#sh spanning-tree vlan 2

VLAN0002Spanning tree enabled protocol ieeeRoot ID Priority 2

Address 0008.20fc.a840Cost 31Port 12 (FastEthernet0/12)Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32770 (priority 32768 sys-id-ext 2)Address 0008.a445.9b40Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 300

Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- --------------------------------Fa0/2 Desg FWD 100 128.2 ShrFa0/12 Root FWD 19 128.12 P2p

7/28/2019 ICND22S02L02


Executing Adds, Moves, and Changes forVLANs

wg_sw_a(config)#vlan vlan-id

wg_sw_a(config-vlan)#

Enters the privileged EXEC VLAN configuration mode

Writes VLAN adds, moves, and changes to the vlan.dat file

wg_sw_a(config-if)#switchport access vlan vlan#

Statically assigns a VLAN to a specific port

7/28/2019 ICND22S02L02


Troubleshooting Switched LANs

7/28/2019 ICND22S02L02

21/28


Problem: One Device Cannot Communicatewith Another

Make sure that the IP address, subnet mask, and VLANmembership of the switch interface are correct.

If the host is in the same subnet as the switch interface,make sure that the switch interface and the switch port to

which the host is connected are assigned to the sameVLAN.

If the host is in a different subnet, make sure that thedefault gateway on the switch is configured with theaddress of a router that is in the same subnet as the switchinterface.

7/28/2019 ICND22S02L02

22/28


Problem: One Device Cannot Communicatewith Another (Cont.)

If the port is in listening or learning mode, wait until the portis in forwarding mode and try to connect to the host again.

Make sure that the speed and duplex settings on the host andthe appropriate switch ports are correct.

If the connected device is an end station, enable spanning-tree PortFast and disable trunking on the port.

Make sure that the switch is learning the MAC address ofthe host.

7/28/2019 ICND22S02L02

23/28


Problem: A Device Cannot Establish aConnection Across a Trunk Link

Make sure that the trunking mode that is configuredon both ends of the link is valid. The trunking modeshould be on or desirableon one end andon,desirable, or autoon the other end.

Make sure that the trunk encapsulation type that isconfigured on both ends of the link is valid.

On IEEE 802.1Q trunks, make sure that the nativeVLAN is the same on both ends of the trunk.

7/28/2019 ICND22S02L02

24/28


Problem: VTP Not Updating Configurationon Other Switches

Make sure that the switches are connected through trunklinks. VTP updates are exchanged only over trunk links.

Make sure that the VTP domain name is the same on theappropriate switches. VTP updates are exchanged onlybetween switches in the same VTP domain.

Check to see if the switch is in VTP transparent mode. Onlyswitches in VTP server or VTP client mode update theirVLAN configuration based on VTP updates from otherswitches.

If you are using VTP passwords, you must configure thesame password on all switches in the VTP domain.

7/28/2019 ICND22S02L02

25/28


When creating VLANs, you must decide whether to useVTP in your network. With VTP, you can makeconfiguration changes centrally on one or more switchesand have those changes automatically communicated toall the other switches in the same VTP domain.

The IEEE 802.1Q protocol carries traffic for multiple VLANsover a single link on a multivendor network. Use theswitchport mode interface configuration command to set aFast Ethernet or Gigabit Ethernet port to trunk mode.

The ISL protocol operates in a point-to-point environmentto carry traffic for multiple VLANs over a single link. ISL isa Cisco proprietary protocol. On switches that support ISL,such as the Catalyst 4000, use the switchport trunkencapsulation interface configuration command to set aport to encapsulate with ISL.

Summary

7/28/2019 ICND22S02L02

26/28


Summary (Cont.)

Catalyst switches have a factory default configuration inwhich various default VLANs are preconfigured to supportvarious media and protocol types. The vlan globalconfiguration command can be used to create a VLAN.

An existing VLAN name or number can be modified usingthe vlan global configuration command syntax.

After creating a VLAN, a port or a number of ports can bestatically assigned to that VLAN. A port can belong to onlyone VLAN at a time.

VLAN configurations can be verified using the showcommands.

7/28/2019 ICND22S02L02

27/28


Summary (Cont.)

To add, change, or delete VLANs, the switch must be inVTP server or transparent mode. When VLAN changes aremade from a switch that is in VTP server mode, the changeis automatically propagated to other switches in the sameVTP domain. Changes made in VTP transparent mode

affect only the local switch and are not propagated withinthe VTP domain. VLAN changes cannot be made in VTPclient mode.

Misconfiguration of a VLAN is one of the most common

errors in switched networks.

7/28/2019 ICND22S02L02

28/28

ICND22S02L02

Documents

Transcript of ICND22S02L02