Switching and VLANs
Switching Tasks Switching operation Configure a VLAN Configure VLAN Trunking Protocol (VTP) Configure a switch for trunking Verify VLAN connectivity Verify spanning-tree operations Slide 1 of 1 Purpose: Emphasize:
Switching operation Switches forward frames based on destination MAC address Switches store MAC addresses in the MAC address table Switches populate the table from the source MAC address from frames that enter the switch If the destination MAC address is not in the table the switch forwards the frame out all ports in the same VLAN except the receiving port By default all ports are in VLAN 1 Slide 1 of 1 Purpose: Emphasize:
A VLAN = A broadcast domain = Logical network (subnet) VLAN Overview Segmentation Flexibility Security 3rd floor 2nd floor Slide 1 of 1 Purpose: Emphasize: A VLAN is a broadcast domain. Note: In order to have inter-vlan communications, a router is required. 1st floor SALES HR ENG A VLAN = A broadcast domain = Logical network (subnet)
VLAN Operations Each logical VLAN is like a separate physical bridge Switch A Green VLAN Black Red Slide 1 of 3 Purpose: Emphasize: Each port on the switch can be assigned to a VLAN. By default, all ports are in VLAN 1, a factory default VLAN. Each logical VLAN is like a separate physical bridge
VLAN Operations Each logical VLAN is like a separate physical bridge Switch A Green VLAN Black Red Switch B Slide 2 of 3 Purpose: Emphasize: To allow VLANs to span across multiple switches, the connection between the switches must belong to mulitple VLANs. Red VLAN Black VLAN Green VLAN Each logical VLAN is like a separate physical bridge VLANs can span across multiple switches
VLAN Operations Each logical VLAN is like a separate physical bridge Switch A Green VLAN Black Red Switch B Trunk Fast Ethernet Slide 3 of 3 Purpose: Emphasize: A trunk is used to connect two switches together. A trunk carries traffic for multiple VLANs. Only the fastethernet ports on the 1900 can be configured as trunk port. Trunking is off by default on the 1900 fastethernet ports (fa 0/26 and fa 0/27). Note: The 1900 supports DISL. At the time of the beta, the core switch (2900xl) doesn’t support DISL. Red VLAN Black VLAN Green VLAN Each logical VLAN is like a separate physical bridge VLANs can span across multiple switches Trunks carries traffic for multiple VLANs
VLAN Membership Modes Static VLAN Dynamic VLAN Port e0/4 Port e0/9 Trunk Port e0/4 Port e0/9 VLAN5 Slide 1 of 1 Purpose: Emphasize: Note: Once a port has been assigned to a VLAN, it can not send or receive traffic from devices in another VLAN without the intervention of a layer 3 device like a router. The 1900 can’t be configure as the VMPS. A CiscoWorks 2000 or CWSI management station or a Cat 5000 switch can be configured as the VMPS. In the future, dynamic VLANs may also offer membership based on other criteria such as protocol or application. Dynamic VLANs are covered in the Managing Cisco Switched Internetworks class. VLAN10 VMPS 1111.1111.1111 = vlan 10 MAC = 1111.1111.1111
802.1q Tagging Not intrusive to client stations, client does not see the 8-2.q header Effective between switches, routers and switches, switches and servers with 802.1q network interface cards VLAN Tag added by outgoing port 802.1q carries VLAN identifier Slide 1 of 1 Purpose: Emphasize: Note: The 1900 only supports ISL trunking. ISL is Cisco Proprietary. 802.1Q is an IEEE standard. Other trunk types: LANE (VLANSs over ATM) 802.10 (FDDI trunk) VLAN Tag stripped by forwarding port
802.1Q Frame
VTP Pruning Reduces unnecessary flooded (broadcast/unknown address) traffic Example: Station A sends broadcast. Broadcast is only flooded toward any switch with ports assigned to the green VLAN Port 2 B Switch 4 Flooded traffic is pruned Switch 2 Slide 1 of 1 Purpose: Emphasize: VTP prunning provides optimized flooding. Without VTP prunning, station A’s broadcast will be flooded to all switches whether they have any port in the red vlan or not. Note: VLAN 1 can’t be prunned. STP, CDP, VTP updates are sent on VLAN1. All switches in the switched network must support prunning or prunning will be disabled. Each trunk port maintains a state variable per vlan indicating if the switch has any port assigned to a particular vlan or not. Green VLAN Switch 5 Port 1 A Switch 6 Switch 3 Switch 1
VLAN Configuration Guidelines Maximum number of VLANs is switch-dependent VLAN1 is One of the factory default VLANs CDP and VTP advertisements are sent on VLAN1 Must be in VTP server or transparent mode to create, add, or delete VLANs Slide 1 of 1 Purpose: Emphasize: Note: In the ICND lab, All the switches and routers are in VLAN1. The core server and the core router are in multiple VLANs. Each workgroup PC is on an unique VLAN.
VLAN Configuration Steps Enable VTP (optional) Enable trunking Create VLANs Assign VLAN to ports Slide 1 of 1 Purpose: Show the four basic steps for configuring VLANs. Emphasize:
Defining a Trunk Many Options… On = Set trunk on and negotiate with other side Result - Trunk on if other side is on, desirable, or auto Desirable = Negotiate with other side. Result - Trunk on if other side is on, desirable, or auto Auto = Will be a trunk only if the other side is on or desirable Non-negotiate = Set trunk on and will not negotiate Slide 2 of 2 Purpose: Emphasize: Note:
Defining a Trunk On = Set trunk on and negotiate with other side Result =Trunk on if other side is on, desirable, or auto Slide 1 of 2 Purpose: Emphasize: The 1900 supports DISL. Note: At the time of the beta, the core switch (2900xl) does not support DISL. If trunking is on at one end, and off at the other end, the link will be down. Switch1(config-if)# switchport mode trunk
switchport mode dynamic desirable Defining a Trunk Desirable = Negotiate with other side Result =Trunk on if other side is on, desirable, or auto Slide 1 of 2 Purpose: Emphasize: The 1900 supports DISL. Note: At the time of the beta, the core switch (2900xl) does not support DISL. If trunking is on at one end, and off at the other end, the link will be down. Switch1(config-if)# switchport mode dynamic desirable
switchport mode dynamic auto Defining a Trunk Auto = Default setting Result =Trunk on if other side is on or desirable Slide 1 of 2 Purpose: Emphasize: The 1900 supports DISL. Note: At the time of the beta, the core switch (2900xl) does not support DISL. If trunking is on at one end, and off at the other end, the link will be down. Switch1(config-if)# switchport mode dynamic auto
switchport nonegotiate Defining a Trunk Non-negotiate = Do not send DTP frames to negotiate with other side Result =Trunk on if other side set on or non-negotiate Slide 1 of 2 Purpose: Emphasize: The 1900 supports DISL. Note: At the time of the beta, the core switch (2900xl) does not support DISL. If trunking is on at one end, and off at the other end, the link will be down. Switch1(config-if)# switchport nonegotiate
Verifying a Trunk Switch#sh int trunk wg_sw_a#show interface trunk Switch#sh int trunk Port Mode Encapsulation Status Native vlan Fa0/1 on 802.1q trunking 1 Port Vlans allowed on trunk Fa0/1 1-1005 Port Vlans allowed and active in management domain Fa0/1 1,1002,1003,1004,1005 Port Vlans in spanning tree forwarding state and not pruned Slide 1 of 2 Purpose: Emphasize: Trunk A = fasthethernet 0/26 Trunk B = fastetherent 0/27
Adding a VLAN Switch1(config)# vlan vlan# Switch1#conf terminal Enter configuration commands, one per line. End with CNTL/Z Switch1(config)#vlan 9 Switch1(config-vlan)# name Accounting VLAN Slide 1 of 2 Purpose: Emphasize: Each VLAN has a unique, four-digit number that can be from 1 to 1001. To add a VLAN to the VLAN database, the minimum parameter required is the VLAN number.
wg_sw_a#show vlan [vlan#] Verifying a VLAN wg_sw_a#show vlan [vlan#] Slide 1 of 2 Purpose: Emphasize:
Assigning Switch Ports to a VLAN Switch1(config-if)# switchport access vlan 2 Slide 1 of 2 Purpose: Emphasize: By default, all ports are in VLAN 1.
Review Questions 1. What is a VLAN? 2. How do switches learn MAC addresses? 3. Across a trunk the VLAN ID is carried in the ________ header. 4. How do we assign a VLAN to a port? Slide 1 of 1 Purpose: Emphasize: Notes: Refer to the appendix for answer to the review questions.
Lab Lab file Lab scenario Module 17 – Switch Configuration Lab-1.doc Module 17 – Switch Configuration Lab-1.pkt Module 17 – Switch Configuration Lab-2.pkt