cit 384: network administration
DESCRIPTION
CIT 384: Network Administration. VLANs. Topics. What is a VLAN? VLAN Tagging Subnets VTP IOS VLAN Commands. What is a VLAN?. A LAN consists of all the hosts in a single broadcast domain. A VLAN is the same. Without VLANs, all ports on a switch belong to the same LAN. - PowerPoint PPT PresentationTRANSCRIPT
CIT 384: Network Administration Slide #1
CIT 384: Network Administration
VLANs
CIT 384: Network Administration Slide #2
Topics
1. What is a VLAN?
2. VLAN Tagging
3. Subnets
4. VTP
5. IOS VLAN Commands
CIT 384: Network Administration Slide #3
What is a VLAN?
• A LAN consists of all the hosts in a single broadcast domain.
• A VLAN is the same.
• Without VLANs, all ports on a switch belong to the same LAN.
• With VLANs, a switch can support one broadcast domain per VLAN.
CIT 384: Network Administration Slide #4
Why use VLANs?
1. Organize the network logically instead of by which hosts are plugged into which switch.
2. Reduce size of broadcast domains to reduce broadcast overhead.
3. To enforce security by restricting sensitive hosts to specific VLANs.
4. To reduce workload of STP.5. Separate VoIP from data traffic.
CIT 384: Network Administration Slide #5
VLANs can span switches
• A LAN spans multiple connected switches unless there is a router between switches.
• A VLAN needs extra data to span switches– VLAN ID identifies the VLAN.– Packets are tagged with a header containing
VLAN ID so that recipient switch knows which VLAN packet is for.
CIT 384: Network Administration Slide #6
VLAN Trunking
CIT 384: Network Administration Slide #7
VLAN Trunking Protocols
ISL: Cisco proprietary VLAN protocol– Ethernet frame encapsulated in ISL.– ISL header contains source and destination
MAC addresses of the two switches.
CIT 384: Network Administration Slide #8
VLAN Trunking Protocols
802.1Q: IEEE standard VLAN protocol.– Inserts 32-bit tag into Ethernet header.– Requires FCS to be recalculated.
CIT 384: Network Administration Slide #9
VLAN IDs
12-bit number between 1-4094– Lowest and highest VLAN IDs excluded.– Normal range: 1-1005– Extended range: 1006-4094
CIT 384: Network Administration Slide #10
Native VLAN
802.1Q supports one native VLAN per trunk.– Native VLAN is VLAN 1 by default.– Native VLAN packets are not tagged.– Helps support switches that do not understand
VLAN tagging.
CIT 384: Network Administration Slide #11
Subnets and VLANs
• Hosts on a single VLAN must be on the same IP subnet.
• Hosts on different VLANs must be on different IP subnets.
• For hosts on two different VLANs to communicate, a router is needed even if the hosts are plugged into the same switch.
CIT 384: Network Administration Slide #12
Subnets and VLANs
CIT 384: Network Administration Slide #13
VTP: VLAN Trunking Protocol
• Manual configuration requires creating a VLAN individually on each switch.
• VTP will transmit VLAN configuration information from one switch to all other switches using VTP.
• VPT messages sent on configuration change and once every 5 minutes.
• Similar to a routing protocol.
CIT 384: Network Administration Slide #14
VTP Modes
Server Mode– Accepts VLAN configuration.– Sends and receives VTP udpates.
Client Mode– Receives VTP updates.
Transparent Mode– Ignores VTP updates.
CIT 384: Network Administration Slide #15
VTP Updates
• Updates are processes only if VLAN configuration database number in update is higher than current configuration number.
• Each time VLAN configuration is updated, server increments VLAN config number.
• Good practice t
CIT 384: Network Administration Slide #16
VTP Updates
CIT 384: Network Administration Slide #17
VTP Requirements
1. Switches must be connected using a VLAN trunk.
2. Switches must share the same case-sensitive VTP domain name.
3. If a password is configured, switches must share case-sensitive VTP password.
CIT 384: Network Administration Slide #18
VTP Pruning (for VLAN 10)
CIT 384: Network Administration Slide #19
VLAN Configuration DB
VLAN configuration database– Not stored in running-config.– Stored in vlan.dat file in flash RAM.
• Use show commands to access.
CIT 384: Network Administration Slide #20
Creating a VLAN
Configure new VLAN(config)# vlan vlan-id
(config-vlan)# name vlan-name
Configure interfaces for VLAN(config)# interface name
(config-if)# switchport access vlan vlan-id
CIT 384: Network Administration Slide #21
VLAN Configuration Example
CIT 384: Network Administration Slide #22
VLAN Configuration Example
CIT 384: Network Administration Slide #23
VLAN Configuration Example
CIT 384: Network Administration Slide #24
Protecting unused switch ports
Administratively disable unused ports.shutdown
Prevent trunking from being negotiated.switchport nonegotiate
Assign port to unused VLAN.switchport access vlan vlan-id
CIT 384: Network Administration Slide #25
References
1. James Boney, Cisco IOS in a Nutshell, 2nd edition, O’Reilly, 2005.
2. Cisco, Cisco Connection Documentation, http://www.cisco.com/univercd/home/home.htm
3. Cisco, Internetworking Basics, http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/introint.htm
4. Matthew Gast, 802.11 Wireless Networks: The Definitive Guide, O’Reilly, 2005.
5. Wendell Odom, CCNA Official Exam Certification Library, 3rd edition, Cisco Press, 2007.