What is a VLAN?
A VLAN is configured on a layer 2 switch. It allows a group of multiple devices to be combined into one logical network and administered like a physical network on a single logical interface. VLANs are represented by a number, common ranges are between 1-4094. A configured VLAN keeps network traffic within a broadcast domain to reduce CPU overhead and increase security.
Advantages of VLANS
- Reduces CPU overhead
- Reduces cabling costs
- Simplified management
- Traffic management
- Separate devices into groups regardless of location
Types of VLANs
A default VLAN is assigned to VLAN1. This cannot be renamed or deleted. It is the default VLAN, the default Native VLAN (a native VLAN doesn't originate from a VLA N port) and the default VLAN management VLAN (for remote SSH and telnet connections)
Data VLAN
The data VLAN is dedicated for user specific traffic such as web or email, again VLAN1 is the default interface for this type of traffic.
Native VLAN
A Native VLAN is used for trunk links and all frames are tagged with Cisco's propriety protocol 802.1Q
Management VLAN
Used for SSH and telnet connections and should not be used to carry end user traffic as a security measure
Voice VLAN
A voice VLAN is a separate VLAN for voice traffic. High bandwidth and QOS rules are applied to avoid congestion. For a voice VLAN to be effective the entire network and supporting infrastructure needs to be designed around high performance.
Inter VLAN communication
VLANS on a layer 2 switch keep traffic within a single broadcast domain. But what if you want inter vlan communication and not use a router? For this to be possible you need to have access to layer 3 switch or multi layer switch. Here you create a layer 2 vlan and then assign an IP address to the layer 3 switch much like you would on a router. This interface is call a switch virtual interface (SVI). This interface will handle the communication between vlans within sperate broadcast domains.
Viewing VLAN configurations
Below the show vlan brief command is used to show VLAN statuses.
VLAN configurations
VLAN creation
For starting to configure a VLAN follow the below steps. In this example the vlan id is 10 and the name assigned to it is FOC.
When you enter the show vlan brief command you can now see VLAN 10 in the list at the bottom.
Assigning a VLAN to a port
In the below example, VLAN 15 has been assigned to the FA0/18 port
Again when the show vlan brief command is entered we can see the assignment
Data and Voice VLAN creation
For creating data and voice vlans we will need to name and assign both. In the below example we have turned on qos for voice traffic for the interface.
Now when the show vlan brief is entered we get the below information and both voice and data have been assigned to FA0/10
VLAN trunks
If you want to group VLANS together into one single physical interface you use the trunking method. Here we have assigned VLAN 10,15,30 and 40 to interface FA0/1 . This could merge staff, students, marketing and hr departments together into one single physical interface.
Now when we look at the interface in more detail through the show interface fa0/1 switchport command we can see all the details. Note 802.1q is enabled which is assumed on a layer 2 switch but on a layer 3 switch 802.1q will need to be configured before the trunk mode.
Dynamic trunking
Other switch port commands
Use the switchport mode command + the below to get the desired outcomes
access - permanent access mode and converts neighbouring link into an access link
dynamic auto - will become a trunk interface if the neighbouring link is set to trunk or desirable mode
dynamic auto - will become a trunk interface if the neighbouring link is set to trunk or desirable mode
dynamic desirable - actively seeks to become a trunk by negotiating with other trunks with auto or desirable configured
trunk - permanent trunking mode and negotiates to convert the neighbouring link into a trunk link
For basic vlan configurations follow the below video;
No comments:
Post a Comment