Faculty of Computer Science and Engineering – HCMC University of Technology

Computer Networks 1
Practice on Cisco devices,
Basics of VLAN
Names: ........................................................................
Student No.: ......................……………………………

Objectives
 Using Cisco IOS command-line interface (CLI) for configuring Switches 2960 Series
and Routers 1800 Series.
 Understanding VLAN basics.

Content and Practice

I. Cisco IOS command-line interface (CLI)
1. Command Modes
The Cisco IOS user interface is divided into many different modes. The commands available to
you depend on which mode you are currently in. Enter a question mark (?) at the system prompt
to obtain a list of commands available for each command mode.

Mode Access Method Prompt Exit Method About This Mode

User EXEC Begin a session with your device> Enter logout or quit. Use this mode to
device.
•Change terminal settings.
•Perform basic tests.
•Display system information.
Privileged While in user EXEC device# Enter disable to exit. Use this mode to verify commands
EXEC mode, enter the enable that you have entered. Use a
command. password to protect access to this
mode.

Global While in privileged device(config)# To exit to privileged Use this mode to configure
configuration EXEC mode, enter the EXEC mode, enter exit parameters that apply to the entire
configure command. or end, or press Ctrl-Z. device.

VLAN While in global device(config-vlan)# To exit to global Use this mode to configure VLAN
configuration configuration mode, configuration mode, parameters. When VTP mode is
enter the vlan vlan-id enter the exit transparent, you can create
command. command. extended-range VLANs (VLAN
IDs greater than 1005) and save
To return to privileged
configurations in the device startup
EXEC mode, press

1
Computer Networks 1 – Laboratories
 Faculty of Computer Science and Engineering – HCMC University of Technology

Ctrl-Z or enter end. configuration file.

Interface While in global device(config-if)# To exit to global Use this mode to configure
configuration configuration mode, configuration mode, parameters for the Ethernet ports.
enter the interface enter exit.
command (with a To return to privileged
specific interface). EXEC mode, press
Ctrl-Z or enter end.

Line While in global device(config-line)# To exit to global Use this mode to configure
configuration configuration mode, configuration mode, parameters for the terminal line.
specify a line with the enter exit.
line vty or line console To return to privileged
command. EXEC mode, press
Ctrl-Z or enter end.

2. Help System
Command Purpose
help Obtain a brief description of the help system in any command mode.

abbreviated-command-entry? Obtain a list of commands that begin with a particular character string.
For example:
device# di?

dir disable disconnect

abbreviated-command- Complete a partial command name.

entry<Tab> For example:
device# sh conf<tab>

device# show configuration

? List all commands available for a particular command mode.

For example:
device> ?

command? List the associated keywords for a command.

For example:
device> show ?

command keyword? List the associated arguments for a keyword.

For example:
device(config)# cdp holdtime ?

<10-255> Length of time (in sec) that receiver must keep this
packet

2
Computer Networks 1 – Laboratories
 Faculty of Computer Science and Engineering – HCMC University of Technology

3. Abbreviated Commands
You need to enter only enough characters for the device to recognize the command as unique.
This example shows how to enter the show configuration privileged EXEC command in an
abbreviated form:
device# show conf

4. “no” and “default” Forms of Commands

Almost every configuration command also has a “no” form. In general, use the “no” form to
disable a feature or function or reverse the action of a command.
Configuration commands can also have a “default” form. The “default” form of a command
returns the command setting to its default. Most commands are disabled by default, so the
“default” form is the same as the “no” form. However, some commands are enabled by default
and have variables set to certain default values. In these cases, the “default” command enables
the command and sets variables to their default values.

5. Searching and Filtering Output of “show” and “more” Commands

You can search and filter the output for show and more commands. This is useful when you need
to sort through large amounts of output or if you want to exclude output that you do not need to
see. Using these commands is optional.
command | {begin | include | exclude} regular-expression
Expressions are case sensitive.
device# show interfaces | include protocol

Vlan1 is up, line protocol is up

Vlan10 is up, line protocol is down

6. Accessing the CLI

You can access the CLI through a console connection, through Telnet, or by using the browser.

a. Accessing the CLI through a Console Connection or through Telnet

You can use one of these methods to establish a connection with the device:
 Connect the device console port to a management station or dial-up modem. For
information about connecting to the console port, see the device getting started guide or
hardware installation guide.
 Use any Telnet TCP/IP or encrypted Secure Shell (SSH) package from a remote
management station. The device must have network connectivity with the Telnet or SSH
client, and the device must have an enable secret password configured.

b. Using Putty on Windows System

 First, connect the terminal using the RJ-45 to DB9 rollover cable

3
Computer Networks 1 – Laboratories
 Faculty of Computer Science and Engineering – HCMC University of Technology

 Then, open Putty and configure the terminal for 9600 baud, 8 data bits, no parity, 1 stop
bit, and no flow control (see Category → Connection → Serial preference)
 Fire up putty, and select the serial radio button, the Serial Line, and Speed boxes will be
populated for you. However, make sure that speed is 9600. And save the connection (give
it a name) and save it
 View Console

Figure 1: Using putty to control network devices

Practice on real Cisco devices:

 Configuring the Device Hostname and Prompt
 Configuring Time and Date Manually
 Configuring the Enable and Enable Secret Passwords
 [Router] Configuring Fast Ethernet and Gigabit Ethernet Interfaces
 [Switch] Manually Assigning IP Information (optional)
 Verifying Network Connectivity
 Saving Your Device Configuration

4
Computer Networks 1 – Laboratories
 Faculty of Computer Science and Engineering – HCMC University of Technology

Configuring the device Hostname and Prompt

SUMMARY STEPS
1. enable
2. configure terminal
3. hostname name (SwLANx, CEx)
4. Verify that the device prompt displays your new hostname.
5.end

Configuring Time and Date Manually

SUMMARY STEPS
1. enable
2. clock set hh:mm:ss day month year or clock set hh:mm:ss month day year

This example shows how to manually set the system clock to 1:32 p.m. on July 23, 2010:
device# clock set 13:32:00 27 Sep 2010

Configuring the Enable and Enable Secret Passwords

SUMMARY STEPS
1. enable
2. configure terminal
3. enable password password (NetLab@switchx, NetLab@routerx)
4. enable secret password (NetLab@switchx, NetLab@routerx)
5. exit
6. enable
7. exit

[Router] Configuring Fast Ethernet and Gigabit Ethernet Interfaces

SUMMARY STEPS
1. enable
2. show ip interface brief
3. configure terminal
4. interface {fastethernet | gigabitethernet} port (0)
5. description string (Port on RouterX connect to SwitchX, NetLab LAN)
6. ip address ip-address mask (172.28.13.2x 255.255.255.0 where x for group number)
7. no shutdown
8. end
9. show ip interface brief

5
Computer Networks 1 – Laboratories
 Faculty of Computer Science and Engineering – HCMC University of Technology

[Switch] Manually Assigning IP Information on SVIs

SUMMARY STEPS
1. enable
2. show ip interface brief
3. configure terminal
4. interface vlan vlan-id (1)
5. ip address ip-address subnet-mask (172.28.13.3x 255.255.255.0)
6. exit
7. ip default-gateway ip-address (172.28.13.2x)
8. end
9. show interfaces vlan vlan-id (1)
10. show ip redirects
11. copy running-config startup-config
When you create an SVI, it does not become active until you associate it with a physical port
Assigning Static-Access Ports to a VLAN
12. interface interface-id (fastethernet0)
13. switchport mode access
14. switchport access vlan vlan-id (1)
15. end
16. copy running-config startup-config

Verifying Network Connectivity

PRE-REQUISITES

 Complete all previous configuration tasks in this document.

 The router must be connected to a properly configured network host.

SUMMARY STEPS
1. enable
2. ping [ip-address | hostname]

Saving Your Router Configuration

SUMMARY STEPS
1. enable
2. copy running-config startup-config

6
Computer Networks 1 – Laboratories
 Faculty of Computer Science and Engineering – HCMC University of Technology

II. Virtual Local Area Network

Figure 2 shows a switched local network connecting three departments, two servers and a
router with four switches. If all switches support only a single LAN, several drawbacks arise:
Lack of traffic isolation. Broadcast traffic (e.g., frames carrying ARP and DHCP messages or
frames whose destination has not yet been learned by a selflearning switch) traverse the entire
LAN. Limiting
the scope of such broadcast traffic would improve LAN performance. Perhaps more importantly,
it also may be desirable to limit LAN broadcast traffic for security/privacy reasons.
Inefficient use of switches. If instead of three groups, the institution had 10 groups, then 10 first-
level switches would be required. If each group were small, say less than 10 people, then a single
96-port switch would likely be large enough to accommodate everyone, but this single switch
would not provide
traffic isolation.
• Managing users. If an employee moves between groups, the physical cabling must be changed
to connect the employee to a different switch. Employees belonging to two groups make the
problem even harder.
Fortunately, these difficulties can be handled by a switch that supports virtual local area
networks (VLANs). As the name suggests, a switch that supports VLANs allows multiple
virtual local area networks to be defined over a single physical local area network infrastructure.
Hosts within a VLAN communicate
with each other as if they (and no other hosts) were connected to the switch. In a port-based
VLAN, the switch’s ports (interfaces) are divided into groups by the network manager. Each
group constitutes a VLAN, with the ports in each VLAN forming a broadcast domain (i.e.,
broadcast traffic from one port can only reach other ports in the group).
To interconnecting VLAN switches, we use VLAN trunking. A special port on each switch is
configured as a trunk port to interconnect the two VLAN switches. The trunk port belongs to all
VLANs, and frames sent to any VLAN are forwarded over the trunk link to the other switch.
Traffic between VLANs must be routed. This relates to configuring the router which is beyond
the scope of this lab.

7
Computer Networks 1 – Laboratories
 Faculty of Computer Science and Engineering – HCMC University of Technology

Figure 2: An institutional network connected together by four switches

Cisco IOS Release 12.2SX supports 4096 VLANs in accordance with the IEEE 802.1Q standard.
These VLANs are organized into several ranges
VLANs Range Usage
0, 4095 Reserved For system use only. You cannot see or use these
VLANs.

1 Normal Cisco default. You can use this VLAN but you cannot
delete it.

2-1001 Normal For Ethernet VLANs; you can create, use, and delete
these VLANs.

1002- Normal Cisco defaults for FDDI and Token Ring. You cannot
1005 delete VLANs 1002-1005.

1006- Extended For Ethernet VLANs only.

4094

Practice 2
1. Connect 2 PCs to 2960 series switch, using Fast Ethernet 1 and Fast Ethernet 2 port,
configure static ip address for each PC, verify that 2 PCs can ping each other.
2. Add Fast Ethernet 1 port to VLAN 2, Fast Ethernet 2 port to VLAN 3, verify that 2 PCs
cannot ping each other.

8
Computer Networks 1 – Laboratories
 Faculty of Computer Science and Engineering – HCMC University of Technology

Solution:
1. enable
2. vlan database
3. vlan 2 name Engineer
4. vlan 3 name Manager
5. exit
6. conf t
7. int fa1
8. switchport access vlan 2
9. int fa2
10. switchport access vlan 3
11. end
12. show vlan

Practice 3
Create network topology in figure 3 in Cisco Packet Tracer.

Figure 3: network layout for practice

Requirements:
Engineers’ compurters are assigned to vlan 2, Managers’ laptops are assigned to vlan 3. Make
sure that computers in the same vlan can ping each other.

Submission
Complete practice 3 and save as lab9.pkt, submit this file to your instructor.

References
http://www.cisco.com/en/US/docs/switches/lan/catalyst2960/software/release/12.2_55_se/configuration/guide/scg_29
60.html

http://www.cisco.com/en/US/docs/routers/access/1800/1841/software/configuration/guide/sw.html

Kurose Ross, “Computer Networking, A Top-Down Approach”, 6th edition

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/vlans.html

9
Computer Networks 1 – Laboratories