Scribd
Upload
6 views

Chapter 2 Part II Switching Essentials

chapter 2 part ii

Uploaded by

Azizah Md Aziz
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
6 views

Chapter 2 Part II Switching Essentials

chapter 2 part ii

Uploaded by

Azizah Md Aziz
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 44

Chapter 2: Switching Concepts

and Virtual Local Area(VLAN)


Networks
Part II
Module Objectives
Module Title: Protocols and Models
Module Objective: Explain how network protocols enable devices to access local and
remote network resources.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Overview of VLANs

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Overview of VLANs
VLAN Definitions

Virtual LANs (VLANs) provide segmentation


and organizational flexibility in a switched
network.
A group of devices within a VLAN
communicate as if each device was
attached to the same cable.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Overview of VLANs
VLAN Definitions
Placing devices into various VLANs have
the following characteristics:
• Provides segmentation of the various
groups of devices on the same switches
• Provide organization that is more
manageable
• Broadcasts, multicasts and unicasts
are isolated in the individual VLAN
• Each VLAN will have its own unique
range of IP addressing
• Smaller broadcast domains

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Overview of VLANs
Benefits of a VLAN Design

Benefits Description
Smaller Broadcast Dividing the LAN reduces the number of broadcast domains
Domains
Improved Security Only users in the same VLAN can communicate together
Improved IT VLANs can group devices with similar requirements, e.g. faculty
Efficiency vs. students
Reduced Cost One switch can support multiple groups or VLANs
Better Performance Small broadcast domains reduce traffic, improving bandwidth
Simpler Similar groups will need similar applications and other network
Management resources
© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Overview of VLANs
Types of VLANs
Default VLAN
VLAN 1 is the following:
• The default VLAN
• The default Native VLAN
• The default Management
VLAN
• Cannot be deleted or
renamed
• All switch ports are
member of VLAN 1 by
default.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Overview of VLANs
Types of VLANs (Cont.)
Data VLAN
• Dedicated to user-generated traffic (email and web traffic).

• VLAN 1 is the default data VLAN because all interfaces are assigned to this VLAN.

Native VLAN
• This is used for trunk links only.

• This is VLAN that carries all untagged traffic.

Management VLAN
• This is used for SSH/Telnet VTY traffic.

• Typically, the VLAN that is the SVI for the Layer 2 switch.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Overview of VLANs
Types of VLANs (Cont.)
Voice VLAN
• A separate VLAN is required because
Voice traffic requires:
• Assured bandwidth
• High QoS priority(Transmission
priority over other types of network
traffic)
• Ability to avoid congestion
• Delay less that 150 ms from source to
destination
• The entire network must be designed
to support voice.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
VLANs in a
Multi-Switched Environment

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
VLANs in a Multi-Switched Environment
Defining VLAN Trunks
A trunk is a point-to-point link
between two network devices that
carries more than one VLAN.
Cisco trunk functions:
• Allow more than one VLAN

• Extend the VLAN across the


entire network
• By default, supports all VLANs

• Supports 802.1Q trunking

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
VLANs in a Multi-Switched Environment
Networks without VLANs
Without VLANs, all devices connected to the switches will receive all unicast,
multicast, and broadcast traffic.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
VLANs in a Multi-Switched Environment
Networks with VLANs
With VLANs, unicast, multicast, and broadcast traffic is confined to a VLAN.
Without a Layer 3 device to connect the VLANs, devices in different VLANs cannot
communicate.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
VLANs in a Multi-Switched Environment
VLAN Identification with a Tag
• The standard Ethernet frame header does not contain information about the
VLAN .
• Before a Ethernet frames is forwarded across a trunk link ,it must tagged with its
VLAN information.
• This process, called tagging, is accomplished by using the IEEE 802.1Q header.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
VLANs in a Multi-Switched Environment
VLAN Identification with a Tag
• The IEEE 802.1Q header is 4 Bytes

• When the tag is created the FCS must be


recalculated.
• When sent to end devices, this tag must be
removed and the FCS recalculated back to its
original number.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
VLANs in a Multi-Switched Environment
Native VLANs and 802.1Q Tagging
• Tagging is typically done on all VLANs.

• When a Cisco switch trunk port receives


untagged it forwards those frames to
the native VLAN.
• If there are no devices associated with
the native VLAN then the frame is
dropped.
• The default native VLAN is VLAN 1

• Both ends of a trunk link must be


configured with the same native VLAN.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
VLANs in a Multi-Switched Environment
Voice VLAN Tagging
The access port connected to the
Cisco IP phone can be configured to
use two separate VLANs.
• A VLAN is for voice traffic

• A data VLAN to support the host


traffic.
The link between the switch and the IP
phone simulates a trunk link to carry
both voice VLAN traffic and data VLAN
traffic.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
VLANs in a Multi-Switched Environment
Voice VLAN Tagging
The Cisco IP Phone contains an integrated three-port 10/100 switch. The ports
provide dedicated connections to the following devices:
• Port 1 connects to the switch or other VoIP device.

• Port 2 is an internal 10/100 interface that carries the IP phone traffic.

• Port 3 (access port) connects to a PC or other device.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
VLANs in a Multi-Switched Environment
Voice VLAN Verification Example
The show interfaces fa0/18 switchport command can show us both data
and voice VLANs assigned to the interface.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
VLAN Configuration

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
VLAN Configuration
VLAN Ranges on Catalyst Switches
Catalyst switches 2960 and 3650 support
over 4000 VLANs.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
VLAN Configuration
VLAN Creation Commands
VLAN details are stored in the vlan.dat file. You create VLANs in the global
configuration mode.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
VLAN Configuration
VLAN Creation Example
• If the Student PC is going to be in
VLAN 20, we will create the VLAN first
and then name it.
• If you do not name it, the Cisco IOS
will give it a default name of vlan and
the four digit number of the VLAN. E.g.
vlan0020 for VLAN 20.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
VLAN Configuration
VLAN Port Assignment Commands
Once the VLAN is created, we can then assign it to the correct interfaces.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
VLAN Configuration
VLAN Port Assignment Example
We can assign the VLAN to the port
interface.
• Once the device is assigned the VLAN,
then the end device will need the IP
address information for that VLAN
• Here, Student PC receives
172.17.20.22

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
VLAN Configuration
Data and Voice VLANs
An access port may only be
assigned to one data VLAN.
However it may also be assigned to
one Voice VLAN for when a phone
and an end device are off of the
same switchport.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
VLAN Configuration
Data and Voice VLAN Example
• We will want to create and name both
Voice and Data VLANs.
• In addition to assigning the data VLAN,
we will also assign the Voice VLAN and
turn on QoS for the voice traffic to the
interface.

Note: QoS is beyond the scope of this


course. Here we do show the use of the
mls qos trust [cos | device cisco-
phone | dscp | ip-precedence]
command.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
VLAN Configuration
Data and Voice VLAN Example
• The switchport access vlan command forces the creation of a VLAN if it
does not already exist on the switch.
• For example, VLAN 30 is not present in the show vlan brief output of the
switch.
• If the switchport access vlan 30 command is entered on any interface with
no previous configuration, then the switch displays the following:

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
VLAN Configuration
Verify VLAN Information
Use the show vlan command.
The complete syntax is:
show vlan [brief | id vlan-id |
name vlan-name | summary]

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
VLAN Configuration
Change VLAN Port Membership
There are a number of ways to change
VLAN membership:
1. re-enter switchport access vlan
vlan-id command with the correct
VLAN ID.
2. use the no switchport access vlan
to place interface back in VLAN 1
Use the show vlan brief or the show
interface fa0/18 switchport
commands to verify the correct VLAN
association.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
VLAN Configuration
Delete VLANs
Delete VLANs with the no vlan vlan-id command.
Caution: Before deleting a VLAN, reassign all member ports to a different VLAN.
• Delete all VLANs with the delete flash:vlan.dat or delete vlan.dat
commands.
• Reload the switch when deleting all VLANs.

Note: To restore to factory default – unplug all data cables, erase the startup-
configuration and delete the vlan.dat file, then reload the device.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
VLAN Trunks

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
VLAN Trunks
Trunk Configuration Commands
Configure and verify VLAN trunks. Trunks are layer 2 and carry traffic for all VLANs.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
VLAN Trunks
Trunk Configuration Example
The subnets associated with each VLAN
are:
• VLAN 10 - Faculty/Staff -
172.17.10.0/24
• VLAN 20 - Students - 172.17.20.0/24
• VLAN 30 - Guests - 172.17.30.0/24
• VLAN 99 - Native - 172.17.99.0/24

F0/1 port on S1 is configured


as a trunk port.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
VLAN Trunks
Verify Trunk Configuration
Set the trunk mode and native vlan.
Notice sh int fa0/1 switchport
command:
• Is set to trunk administratively

• Is set as trunk operationally


(functioning)
• Encapsulation is dot1q

• Native VLAN set to VLAN 99

• All VLANs created on the switch will


pass traffic on this trunk

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
VLAN Trunks
Reset the Trunk to the Default State
• Reset the default trunk settings with
the no command.
• All VLANs allowed to pass traffic
• Native VLAN = VLAN 1
• Verify the default settings with a sh
int fa0/1 switchport command.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
VLAN Trunks
Reset the Trunk to the Default State (Cont.)
Reset the trunk to an access mode with the
switchport mode access command:
• Is set to an access interface
administratively
• Is set as an access interface
operationally (functioning)

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
Dynamic Trunking Protocol

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
Dynamic Trunking Protocol
Introduction to DTP
Dynamic Trunking Protocol (DTP) is a proprietary Cisco protocol - automatically
negotiate trunking with a neighboring device.
DTP characteristics are as follows:
• On by default on Catalyst 2960 and 2950 switches
• Dynamic-auto is default on the 2960 and 2950 switches

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
Dynamic Trunking Protocol
Introduction to DTP
To enable trunking from a Cisco switch to a device that does not support DTP, use
the switchport mode trunk and switchport nonegotiate interface
configuration mode commands. This causes the interface to become a trunk, but
it will not generate DTP frames.

To re-enable dynamic trunking protocol use the switchport mode dynamic


auto command

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
Dynamic Trunking Protocol
Negotiated Interface Modes
The switchport mode command has additional options.
Use the switchport nonegotiate interface configuration command to stop DTP
negotiation.

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
Dynamic Trunking Protocol
Results of a DTP Configuration

DTP configuration options are as follows:

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
Dynamic Trunking Protocol
Verify DTP Mode
The default DTP configuration is
dependent on the Cisco IOS
version and platform.
 Use the show dtp interface
command to determine the
current DTP mode.
 Best practice recommends that
the interfaces be set to access or
trunk and to turnoff DTP

© 2019, 2021 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43

You might also like