CCNA Enterprise workbook- Switching: Part 3

CCNA Enterprise (200-301) - Cisco Certified Network Associate

Part 3- Switching

Whatsapp/Call: +91 7567504045 (INDIA) | Mail: [email protected] |www.hazynetwork.com

 CCNA Enterprise workbook- Switching: Part 3

Index for Part 2- Switching

1. LAN SWITCHING
2. Transmission Media - Connectivity
3. BASIC LAN SETUP
4. SWTICH - TYPES
5. CONSOLE CONNECTION- SWITCH - ROUTER
6. Virtual LAN (VLAN)
7. VLAN - Configuration
8. LAB -Verify VLAN
9. LAB - VERIFY VLAN Connectivity ( Same Networks)
10. LAB - VERIFY VLAN Connectivity ( Different Networks)
11. LAB - VLAN Design ( Different Networks)
12. VOICE VLAN
13. LAB - VOICE VLAN Configuration
14. Management VLAN
15. LAB - Mangement VLAN
16. Trunking Concepts
17. LAB: TRUNKING
18. INTER-VLAN ROUTING
19. LAB : VLAN Routing using Separate Gateways
20. LAB INTER VLAN-ROUTING USING ROUTER (Router on Stick)
21. LAB: Inter Vlan-Routing - L3 SWITCH
22. LAB: Inter Vlan-Routing - L3 Switch - Multiple Switches
23. LAB - L3 Routed interfaces - L3 SWITCH
24. LAB: Inter Vlan-Routing - L3 Switch - Multiple Switches
25. VLAN TRUNKING PROTOCOL - VTP
26. LAB: VTP
27. Spanning-tree Protocol
28. LAB: VERIFYING SPANNING-TREE
29. SPANNING_TREE PORTFAST
30. LAB: STP PORT FAST
31. ETHERCHANNEL / Link Aggreration / Port Channel
32. LAB : Configuring Ether-Channel Using Pagp Protocol Negotiation
33. Layer 3 Etherchannel
34. STP - BPDU GUARD
35. LAB: BPDU Guard:
36. LAB: BPDU filter (interface level)
37. Rapid Spanning-Tree Protocol - RSTP

Whatsapp/Call: +91 7567504045 (INDIA) | Mail: [email protected] |www.hazynetwork.com

 CCNA Enterprise workbook- Switching: Part 3

Virtual LAN (VLAN) -Trunking

What is Broadcast Domain ?

➢ Switches will also broadcast Ethernet frames if they haven't learned the destination
MAC address yet.
➢ Switches will forward broadcast traffic on all their interfaces, except the one they
received the broadcast on.
➢ Set of all devices that receive broadcast frames originating from any device within the
set.
➢ A LAN includes all devices in the same broadcast domain

Broadcast Domain

➢ Size of the broadcast domain depends on number of devices connected in LAN.

➢ Routers do not forward broadcast traffic, they break broadcast domains.

Broadcast Domain

➢ Number of broadcast domains depends on number of LAN/VLANs network.

➢ Routers do not forward broadcast traffic, they break broadcast domains.
➢ VLANs on switches also allow you to break broadcast domains

Whatsapp/Call: +91 7567504045 (INDIA) | Mail: [email protected] |www.hazynetwork.com

 CCNA Enterprise workbook- Switching: Part 3

Virtual VLAN (VLAN)

➢ Divides one single Broadcast domain into Multiple Broadcast domains. (HOW?)
● One LAN ( divides multiple virtual VLANs)
➢ VLANs provide a way to group devices within a LAN

➢ By default the broadcast goes to each and every device in the network.

➢ As by default there is only one broadcast domain

Virtual LAN (VLAN) – Benefits ( Important)

➢ Limit the number of broadcasts ( as broadcast goes with in the VLAN)

● Flooding of a packet is limited to the switch ports that belong to a VLAN.
● Prevents from listening to or receiving broadcasts not intended for them ( from
other VLAN )
➢ Improves the network performance and reduces network congestion
● Reduces unnecessary traffic on the network and boosts performance.
● Cost saving by making efficient use of existing bandwidth and uplinks.
➢ A higher level of network security can be reached by separating sensitive data traffic
from other network traffic.

Whatsapp/Call: +91 7567504045 (INDIA) | Mail: [email protected] |www.hazynetwork.com

 CCNA Enterprise workbook- Switching: Part 3

VLAN Types
Types of VLANs

➢ Default VLAN
➢ Data VLAN
➢ Voice VLAN
➢ Management VLAN
➢ Native VLAN

Switch# show vlan brief

VLAN Name Status Ports

—- —------------------- —------—-------

1 default active FaO/1, FaO/2, FaO/3, FaO/4

FaO/5, FaO/6, FaO/7, FaO/8

FaO/9, Fao/l0, FaO/11, FaO/12

Fao/13, Fao/14, Fao/15, Fao/16

FaO/17, FaO/18, FaO/19, Fa0/20

Fao/2i, Fao/22, Fao/23, Fao/24

Glo/i, Gio/2

1002 fddi-default act/unsup

1003 token-ring-default act/unsup

1004 fddinet-default act/unsup

1005 trnet-default act/unsup

Whatsapp/Call: +91 7567504045 (INDIA) | Mail: [email protected] |www.hazynetwork.com

 CCNA Enterprise workbook- Switching: Part 3

Default VLAN

➢ On Cisco switches the default VLAN is VLAN 1.

➢ At the initial boot up of the switch, All switch ports become a member of the default
VLAN.
● Makes them all part of the same broadcast domain.
● This allows any network device connected to any of the switch port to
communicate with other devices on other switch ports.
➢ VLAN 1 has all the features of any VLAN, except that you cannot rename or delete it

Data VLAN ( User VLAN)

➢ Also known as a user VLAN.

➢ The link connected to your computer is assigned to a data VLAN.
➢ The data VLAN is designated only for user-generated data.

NOTE

➢ A VLAN carrying voice or management traffic would not be a data VLAN.

➢ It is common practice to separate voice and management traffic from data traffic.

Voice VLAN

➢ A separate VLAN is needed to support Voice over IP (VoIP).

➢ Voice VLAN enables access ports to carry IP voice traffic from an IP phone.
➢ The Voice VLAN is also known as the Auxiliary VLAN (AUX VLAN)
➢ IP phones uses the same UTP cables to connect to Ethernet switch
➢ The computer will be in a data VLAN, the IP phone will be in the voice VLAN.
➢ The Cisco IP Phone contains an integrated three-port 10/100 switch

Whatsapp/Call: +91 7567504045 (INDIA) | Mail: [email protected] |www.hazynetwork.com

 CCNA Enterprise workbook- Switching: Part 3

Management VLAN

➢ Used for managing the switch from a remote location by using protocols such as telnet,
SSH, SNMP, syslog etc.
➢ Normally the Management VLAN is VLAN 1, but you can use any VLAN as a management
VLAN.
➢ A best practice is to set up a separate VLAN for management traffic.
● Provide security to separate management traffic ( from data VLAN)
● Also ensures that bandwidth for management will be available even when user
traffic is high.
➢ Cisco recommends not to use VLAN 1 and not to use any VLAN that carries user data
traffic as Management VLAN.
➢ You must configure IP address and default gateway for Management VLAN.

VLAN Ranges ( Important)

➢ Cisco IOS Software Release 12.2SX supports 4096 VLANs

➢ These VLANs are organized into several ranges; you use each range slightly differently

VLANs Range Usage

0, 4095 Reserved For system use only. You cannot see or use these VLANs.

1 Normal Cisco default You can use this VLAN but you cannot delete it

2-1001 Normal For Ethernet VLANs; you can create, use, and delete these
VLANs.

Whatsapp/Call: +91 7567504045 (INDIA) | Mail: [email protected] |www.hazynetwork.com

 CCNA Enterprise workbook- Switching: Part 3

1002-1005 Normal Cisco defaults for FDDI and Token Ring. You cannot delete
VLANs 1002-1005.

1006-4094 Extended For Ethernet VLANs only

VLAN -Configuration

VLAN - Creating VLAN

Switch(config)# vlan

Switch(config-Vlan)# name

Switch(config-Vlan)# Exit

Switch(config)#vIan 10

Switch(config-vIan)#name Green

Switch(conflg-vlan)#vIan 20

Switch(config-vlan)#name Red

Switch(eonfig-vIan)#vIan 30

Switch(conflg-vlan)#name Blue

VLAN - Assigning Ports

➢ VLAN Assignment is based on port numbers ( host connected)

➢ By Default all ports will be in VLAN 1
➢ Need to manually assign a port on a switch to a VLAN
● One port can be a member of only one VLAN ( data or Voice)
➢ Can be Configured on a Manageable switches only
➢ VLANs are based on logical connections, instead of physical connections.

Whatsapp/Call: +91 7567504045 (INDIA) | Mail: [email protected] |www.hazynetwork.com

 CCNA Enterprise workbook- Switching: Part 3

VLAN - Configuration

➢ PCs are preconfigured with IP address ( from 192.168.1.0/24).

➢ Verify the Reachability between same VLAN / Different VLAN.

LAB -VLAN - Design

Whatsapp/Call: +91 7567504045 (INDIA) | Mail: [email protected] |www.hazynetwork.com

 CCNA Enterprise workbook- Switching: Part 3

LAB: Verify VLAN

Task:

1. Ping between 192.168.1.1 and 192.168.1.3

a. (they can communicate with each other and they are on the same network
(logically) and same VLAN ( default vlan 1)

2. Create VLAN 20

3. Shift port f0/3 , f0/4 in to VLAN 20

4. Ping between 192.168.1.1 and 192.168.1.3

a. they cannot communicate with each other and they are on the same
network (logically) but on different VLAN (VLAN 1 and vlan 20)

Whatsapp/Call: +91 7567504045 (INDIA) | Mail: [email protected] |www.hazynetwork.com

 CCNA Enterprise workbook- Switching: Part 3

TASK: Create Vlan 20 And Shift The Ports 3 And 4 In To Vlan 20

Switch(config)#vlan 20 ( Vlan number)

Switch(config-vlan) #name SALES (Vlan name)

Switch(config-vlan) #exit

Switch(config) #interface fastEthernet 0/ 3 ( Select the port)

Switch(config-if) #switchport mode access ( to carry only one vlan traffic)

Switch(config-if) #switchport access vlan 20 ( define vlan to carry traffic)

Switch(config-if) #exit

Switch(config) #interface fastEthernet 0/4

Switch(config-if) #switchport mode access

Switch(config-if) #switchport access vlan 20

NOTE: You can also use range command here, but if you are doing it first time then must
do manually.

#show vlan ( check the number of vlans in SW1)

Whatsapp/Call: +91 7567504045 (INDIA) | Mail: [email protected] |www.hazynetwork.com

 CCNA Enterprise workbook- Switching: Part 3

Check the communication between PC1 and PC2, both are in same VLAN and Network

Now check the ping from Pc1 to Pc4, both are in same neytwork but in different VLAN

Whatsapp/Call: +91 7567504045 (INDIA) | Mail: [email protected] |www.hazynetwork.com

 CCNA Enterprise workbook- Switching: Part 3

1. Now , before moving next, must learn why PC1 is not able to communicate with
PC4?
2. What are the reasons?
3. It is network issue?
4. It is issue with VLAN?
5. Any cable issue?
6. Check IP addresss are assigned or not?
7. Or any other issue?

TEST TOPOLOGY FOR YOU

TASK:

1. Assign IP address on devices as per topology

2. Create VLAN 10 in both SWs
3. Assign Fa0/2 ports of both switches to VLAN 10 and make it access port
4. Check the communication between PC1 and PC2 ( are able to ping?)
5. Assign fa0/1 and fa0/2 port to vlan 10 and make it access and check are able to
communicate?
Thank you

Whatsapp/Call: +91 7567504045 (INDIA) | Mail: [email protected] |www.hazynetwork.com