VLANs : VLANs LAN Switching and Wireless – Chapter 3
Objectives : Objectives Explain the role of VLANs in a converged network.
Explain the role of trunking VLANs in a converged network.
Configure VLANs on the switches in a converged network topology.
Troubleshoot the common software or hardware misconfigurations associated with VLANs on switches in a converged network topology.
VLAN Basics : VLAN Basics VLAN’s are physical networks created logically
Alternative – purchase a switch for every logical network function
VLAN = unique subnet
VLAN’s provide what only routers could do in Exploration 1 and 2: segment broadcast domains
Routers (or Layer 3 switches) are required for communication between VLANs
Benefits of VLANs in a Converged Network : Benefits of VLANs in a Converged Network Security
Cost reduction
Higher performance
Broadcast storm control
Improved IT staff efficiency
Simpler management andproject implementation
VLANs Defined by ID Ranges : VLANs Defined by ID Ranges VLAN ID ranges include normal and extended
Normal: 1 – 1005
Extended: 1006 – 4094
Normal VLANs used for small-medium enterprise
Certain VLANs are created automatically: VLAN 1, and Token Ring/FDDI VLANs
ID’s stored in VLAN.DAT (flash file)
Extended VLANs used byservice providers on higherend switches
Saved in running config
VLANs Defined by Purpose & Function : VLANs Defined by Purpose & Function Assigning VLANs – port-based assignment (more later)
Data VLAN
Default VLAN
Black hole VLAN
Native VLAN
Management VLAN
Voice VLAN
More on Voice VLANs : More on Voice VLANs Voice VLANs need to assure bandwidth
Transmission priority (QOS) over data VLANs
Routed over less congested network areas
Delay required of < 150 ms across network
Carries voice and setup (call) traffic
Cisco IP Phones contain a switching module
PC and phone can share the same data port
Allows phone to “tag” traffic sent to access layer switch
Voice versus data frames are separated onto different VLANs by tag
Switch Port Membership Modes : Each physical port has to be associated witha VLAN
Various options for assigning membership:
Static VLAN which is assigned manually
Use CLI or network device management software
Most ports are assigned to static VLANs
Dynamic VLAN is assigned based on MAC address
Requires a specialized server that informs switch of proper VLAN based on connected MAC
Voice VLAN is an added command to a data port
Example: switch#(config-if)switchport voice vlan {number}
Example QOS: mls qos trust cos Switch Port Membership Modes
Inter-VLAN Traffic - Router : Inter-VLAN Traffic - Router Option 1
VLAN traffic is forwarded between interfaces
Requires multiple physical interfaces Option 2
VLAN traffic is trunked to router
Requires single physical interfaces
Known as Router-on-a-Stick
Inter-VLAN Traffic - Layer 3 Switch : Inter-VLAN Traffic - Layer 3 Switch L3 switches provide forwarding between VLANs
Switched Virtual Interfaces (SVI) provide forwarding between VLANs on same device
IP ROUTING command provides L3 forwarding using static or dynamic routes
Role of Trunking in VLANs : Role of Trunking in VLANs If a switch has three VLANs, how would you connect to another switch or router?
Option 1: use a physical port for each VLAN
Option 2: use a single physical port that carries logical VLANs
Port that is assigned to carry VLANs is called a “trunk”
Switch Trunk Links : Switch Trunk Links Ports configured as trunk links carry traffic for multiple VLANs
Note: port does not “belong” to any VLAN
Two trunking protocols have been used:
ISL – Inter-Switch Link – discontinued Cisco proprietary
IEEE 802.1q – current trunk standard
Trunking protocol “tags” frame with VLAN number
Tag is stripped when frame is sent to end device
802.1q inserts additional fields
- User Priority
- CFI (for Token Ring frames)
- VLAN ID (up to 4096)
Dynamic Trunking Protocol : Dynamic Trunking Protocol DTP negotiates trunk links between two device ports
Cisco proprietary protocol (support varies on Catalyst platform)
Commands:
Switchport mode trunk (on)
Switchport mode dynamic auto
Switchport mode dynamic desirable Switchport nonegotiate – always on trunking for connecting to non-Cisco switches
The Native VLAN : The Native VLAN Certain frames have to be carried “untagged” for management purposes
Examples: CDP, DTP, VTP
VLAN1 is both the default and native VLAN on “out-of-the-box” Cisco switches
Cisco recommends changing the native VLAN
EXAMPLE: switchport trunk native vlan 100
Native VLAN mismatches will cause trunks to fail
Basic VLAN Configuration : Basic VLAN Configuration “vlan database” command is older VLAN creation method
Instead, use global configuration mode
Command: vlan {number}
Configuration prompt changes
VLAN can also be given a descriptive name
VLAN’s 1-1001 are stored in flash:vlan.dat
Static VLAN Memberships : Static VLAN Memberships Default membership for all ports is VLAN1
Ports are manually (statically) assigned to other VLANs
RANGE command can assign multiple ports to a VLAN
Note: VLAN automatically created if not in vlan.dat file
Example: switchport mode access vlan 100
Confirming VLAN Configuration : Confirming VLAN Configuration Use the commands below to show VLANs and port memberships
Changing VLAN Configuration : Changing VLAN Configuration Changing port membership
Use the “no” version of switchport mode access vlan
Port defaults back to VLAN1
Or, simply assign the port to another VLAN
Deleting VLANs
In global configuration, enter “no” version of vlan {number}
Important: assign ports to another VLAN after deleting
Ports will fall into “black hole” and not carry traffic
Creating Trunk Ports : Creating Trunk Ports Ports are in access mode by default
Use the command: Switchport Mode Trunk
Additional commands
Show interfaces {interface number} switchport
Show interfaces trunk
Misconfigurations Associated with VLANs : Misconfigurations Associated with VLANs VLANs can be allowed or disallowed on a trunk
Switchport trunk allowed vlan add {vlan #’s}
Troubleshoot Common Software or Hardware Misconfigurations Associated with VLANs : Describe how to use the troubleshooting procedure to fix a common problem with VLAN configurations Troubleshoot Common Software or Hardware Misconfigurations Associated with VLANs
Overview of VLAN and Trunk Configuration : Overview of VLAN and Trunk Configuration d
Chapter 3 Labs : Chapter 3 Labs Lab 3.5.1 – Basic VLAN Configuration
Lab 3.5.2 – Challenge VLAN Configuration
Slide 24 :