Chapter 3: VLANs doc

VLAN Types: • Data VLAN: – Is a VLAN that is configured to carry only user-generated traffic – A VLAN could carry voice-based traffic or traffic used to manage the switch, but this tra

CCNA – Semester 3

Chapter 3: VLANs

CCNA Exploration 4.0

2

Objectives

• Explain the role of VLANs in a network

• Explain the role of trunking VLANs in a network

• Configure VLANs on the switches in a network

topology

• Troubleshoot the common software or hardware

configuration problems associated with VLANs on switches in a network topology

3

Introducing VLANs

4

Introducing VLANs

5

What is a VLAN?

6

What is a VLAN?

7

Benefits of a VLAN

8

Introducing VLANs

9

Types of VLANs

• Today there is essentially one way of implementing VLANs - port-based VLANs A port-based VLAN is associated with a port called an access VLAN

• However in the network there are a number of terms for

VLANs Some terms define the type of network traffic they

carry and others define a specific function a VLAN performs

VLAN Types:

• Data VLAN:

– Is a VLAN that is configured to carry only user-generated traffic

– A VLAN could carry voice-based traffic or traffic used to

manage the switch, but this traffic would not be part of a data VLAN

– Sometimes referred to as a user VLAN

– Layer 2 control traffic, such as CDP and spanning tree

protocol (STP) traffic, will always be associated with VLAN 1

- this cannot be changed

– It is a security best practice to change the default VLAN to a VLAN other than VLAN 1

• Note: Some network administrators use the term "default VLAN" to mean a VLAN other than VLAN 1 defined by the network administrator as the VLAN that all ports are assigned to when they are not in use In this case, the only role that VLAN 1 plays is that of handling Layer 2 control traffic for the

network

11

Types of VLANs

• Native VLAN:

– A native VLAN is assigned to an 802.1Q trunk port An

802.1Q trunk port supports traffic coming from many

VLANs (tagged traffic) as well as traffic that does not

come from a VLAN (untagged traffic) The 802.1Q trunk

port places untagged traffic on the native VLAN

– Native VLANs are set out in the IEEE 802.1Q

specification to maintain backward compatibility with

untagged traffic common to legacy LAN scenarios

– It is a best practice to use a VLAN other than VLAN 1 as the native VLAN

12

Types of VLANs

– A management VLAN is any VLAN you configure to

access the management capabilities of a switch

– VLAN 1 would serve as the management VLAN if you did not proactively define a unique VLAN to serve as the

management VLAN

– You assign the management VLAN an IP address and

subnet mask A switch can be managed via HTTP,

13

Types of VLANs

• Voice VLANs

VoIP traffic requires:

– Assured bandwidth to ensure voice quality

– Transmission priority over other types of network traffic

– Ability to be routed around congested areas on the

14

Types of VLANs

• Voice VLAN

15

Types of VLANs

• Cisco IP Phone

16

Network Traffic Types

• Network Management and Control Traffic

17

Network Traffic Types

• IP Telephony

18

Network Traffic Types

• IP Multicast

19

Network Traffic Types

• Normal Data

20

Switch Port Membership Modes

• Switch ports are Layer 2-only interfaces associated with a physical port

A port can be configured to support these VLAN types:

• Static VLAN - Ports on a switch are manually assigned to a

VLAN

• Dynamic VLAN - This mode is not widely used in production

networks and is not explored in this course However, it is

useful to know what a dynamic VLAN is A dynamic port

VLAN membership is configured using a special server

called a VLAN Membership Policy Server (VMPS), based on the source MAC address of the device connected to the port

• Voice VLAN - A port is configured to be in voice mode so

that it can support an IP phone attached to it Before you

configure a voice VLAN on the port, you need to first

configure a VLAN for voice and a VLAN for data

21

Switch Port Membership Modes

22

Switch Port Membership Modes

• Voice Mode configuration

23

Controlling Broadcast Domains with VLANs

• Without VLANs: In normal operation, when a switch

receives a broadcast frame on one of its ports, it forwards

the frame out all other ports on the switch

24

Controlling Broadcast Domains with VLANs

• With VLANs: the broadcast frame arrives at the only other

computer in the network configured on the same VLAN

25

Controlling Broadcast Domains with

Switches and Routers

Intra-VLAN Communication

• PC1 want to communicate with PC4

26

Controlling Broadcast Domains with

Switches and Routers

Inter-VLAN Communication

• PC1 want to communicate with PC5

27

Controlling Broadcast Domains with VLANs

and Layer 3 Forwarding

SVI: switch virtual interface

• SVI is a logical interface configured for a specific VLAN You need to configure an SVI for a VLAN if you want to route

between VLANs or to provide IP host connectivity to the

switch By default, an SVI is created for the default VLAN

(VLAN 1) to permit remote switch administration

28

Controlling Broadcast Domains with VLANs

29

VLAN Trunking

• Ethernet trunks carry the traffic of multiple VLANs over a

single link

• A VLAN trunk allows you to extend the VLANs across an

entire network Cisco supports IEEE 802.1Q for coordinating trunks on Fast Ethernet and Gigabit Ethernet interfaces

• A VLAN trunk does not belong to a specific VLAN, rather it is

a conduit for VLANs between switches and routers

31

VLAN Trunks

• Without VLAN Trunks

32

VLAN Trunks

• With VLAN Trunks

belong to

• When Ethernet frames are placed on a trunk they need

additional information about the VLANs they belong to This

is accomplished by using the 802.1q encapsulation header This header adds a tag to the original Ethernet frame

specifying the VLAN for which the frame belongs to

34

VLAN Trunks

• VLAN Frame Tagging

EtherType : Tag Protocol ID (TPID)

35

Native VLANs and 802.1Q Trunking

36

Native VLANs and 802.1Q Trunking

37

Trunking Operation

38

Trunking Modes

• Although a Cisco switch can be configured to support two types of trunk ports, IEEE 802.1Q and ISL, today only 802.1Q is used

• 802.1Q: An IEEE 802.1Q trunk port supports simultaneous tagged

and untagged traffic An 802.1Q trunk port is assigned a default

PVID, and all untagged traffic travels on the port default PVID All untagged traffic and tagged traffic with a null VLAN ID are

assumed to belong to the port default PVID A packet with a VLAN

ID equal to the outgoing port default PVID is sent untagged All

other traffic is sent with a VLAN tag

• ISL (Inter-Switch Link): In an ISL trunk port, all received packets

are expected to be encapsulated with an ISL header, and all

transmitted packets are sent with an ISL header Native

(non-tagged) frames received from an ISL trunk port are dropped

39

Trunking Modes

DTP (Dynamic Trunking Protocol )

• A Cisco proprietary protocol

• DTP manages trunk negotiation only if the port on the other switch is configured in a trunk mode that supports DTP DTP supports both ISL and 802.1Q trunks

• Some Cisco switches and routers do not support DTP

40

Configure VLANs and Trunks

41

Configuring VLANs &Trunks Overview

Use the following steps to configure and verify VLANs and trunks on a switch network:

1 Create the VLANs

2 Assign switch ports to VLANs statically

3 Verify VLAN configuration

4 Enable trunking on the inter-switch connections

5 Verify trunk configuration

42

Configure a VLAN

• Add a VLAN

43

Configure a VLAN

• Assign a Switch Port

44

Configure a VLAN

• Verification

45

Managing VLANs

46

Managing VLANs

47

Managing VLANs

48

Managing VLANs

• Reassign a Port to VLAN 1

50

Configure a Trunk

• Note: (config-if)# switchport trunk encapsultation

51

Configure a Trunk

52

Configure a Trunk

• Verify

53

Configure a Trunk

54

Configure a Trunk

55

Troubleshooting VLANs and Trunks

56

Common Problems witch Trunks

• Use: show interfaces trunk command

57

Common Problem with VLAN configurations

VLAN and IP Subnets

same VLAN have different subnet addresses, they cannot communicate This type of incorrect configuration is a common problem, and it is easy

to solve by identifying the offending device and changing the subnet

address to the correct one

58

Troubleshooting

59

Summary

management traffic

VLAN mode

intra-VLAN communication across multiple switches

it traverse the trunk link

when trunking is misconfigured