CCNP Network Part-ISWITCH

Switch is a piece of hardware which joins multiple devices such as computers to make a Network.Switch operates at layer 2 which is a Network layer.In this Course we will focus on Cisco Switches.Cisco Switches have a IOS or Internetwork Operating System.Now a days Cisco Switches Run same IOS as Routers do.

By Default Switches send broadcast traffic everywhere.

VLANS

• Vlan:• In Vlan Broadcasts traffic is Limited to the Vlans it is received in.• As an Example, traffic of computer connected with vlan 10 is

received in vlan 10 only and a computer connected with vlan 20 is received in vlan 20 only.

• So the Switch is divided into separate Broadcast Domains.• Vlans are used for QoS (Quality of Service), Separating Traffic and

users etc etc.• Trunks:• The ports which send all Vlan Traffics between two Switches are

Called Trunk ports. • Trunk is a Cisco Term other Vendors call it Tags or Tagged ports.

VLANS

• Every Vlan needs its own subnet.• Vlan1 is a default Vlan in Cisco Switch.• Diagram:

• Configuration:• Switch# show vlan

VLANS

• CREATING VLANS• Old Method:• Switch# vlan database • Switch(vlan)# vlan 10 name itpings • Switch(vlan)# vlan 20 name Accounts • Exit• Now • Switch# show vlans • We can see itpings and Accounts vlans are being created.• New Method:• Switch# conf t • Switch(config)# vlan 10 • Switch(config-vlan)# name itpings

VLANS

• CREATING VLANS• Switch(config-vlan)# exit • Switch(config)# vlan 20 • Switch(config-vlan)# name Accounts • Switch(config-vlan)#exit • Now if we show vlans it will show us vlans as active , 10 & 20.• Now Lets Assign first 5 ports to the Vlan 10.• Switch# conf t • Switch(config)# interface range fastEthernet 0/1 – 5 • Switch (config-if-range)# switchport mode access • Note: By Default they will be in dynamic which is not a good security

practice therefore always change the ports to access ports. However if a port is an uplink to another Switch make it as a trunk port.

VLANS

• CREATING VLANS

Switch (config-if-range)# switchport access vlan 10 Now if we type show vlan we would be able to see all 5 ports in vlan 10e.g 10 Itpings active Fa0/1, Fa0/2, Fa0/3, Fa0/4, Fa0/5Now the same way we can setup multiple vlans and thus we can segment the switch. These multiple vlans would be separated and could not be reached by other vlans and the broadcast remains within the vlan.We can how ever route within Vlans.Please note that Vlans are stored in vlan.dat it is in flash and can be seen by Switch# show flash:It can be deleted asSwitch#delete flash:vlan.dat