VLAN3.1 # VLAN CONCEPT EXPLAINED WITH EXAMPLE
VLAN’s are numbered from 1 to 4094. All configured ports belong to the default VLAN when you first bring up the switch. The default VLAN 1 uses only values and you can’t create, delete or suspend activity in the default VLAN (You can’t shut-down the VLAN 1).
| Vlan range | Status | Usage |
|---|---|---|
| 1 | Default | Cisco default vlan1, you can use easily but can’t be modify/delete. |
| 2 – 1005 | Normal | You can create name and use, modify and delete these Vlans. |
| 1006 – 4094 {Note: Vlan’s 3968-4047/4094 (Internal allocated)} | Extended | You can create name and use, modify and delete these Vlans but you can’t change the following parameters:- # Static is always active. # Vlan is always enabled but you can’t shutdown these Vlans. |
Most of the time, VLAN’s are created by a sys-admin who proceeds to assign switch ports to each VLAN. VLAN’s of this type is known as Static VLAN. When you begin this process assign all the host devices hardware addresses into database so your switches can be configured to assign VLAN’s dynamically any time you plug a host into a switch. This type of VLAN is known as Dynamic VLAN and Vlan breakup the broadcast domain. Vlan offer significant benefits in terms of efficient use the bandwidth, flexibility, performance and security. There are five administrative modes in vlan and following: -
- Switchport mode access: This command puts the interface (access port) into permanent non-trunking mode. The interface will generate DTP frames, negotiating with the neighboring interface to convert the link into a non-trunk link. The interface becomes a non-trunk interface even if the neighboring interface doesn’t agree to the change.
- Switchport mode dynamic desirable: This command makes the interface actively attempt to convert the link to a trunk link. The interface becomes a trunk interface if the neighboring interface is set to trunk, desirable or auto mode. This is the default mode for all Ethernet interface. If the neighboring interface is set to the access or non-negotiate mode, the link become a non-trunking link.
- Switchport mode dynamic auto: This command makes the interface willing to convert the link to a trunk link if the neighboring interface is set to trunk and desirable mode. Otherwise, the link will become a non-trunking link.
- Switchport mode trunk: This command puts the interface into permanent trunking mode and negotiates to convert the link into a trunk link. The interface becomes a trunk interface even if the neighboring interface doesn’t agree to the change.
- Switchport Nonegotiate: Prevents the interface from generating DTP frames. You can use this command only when the interface Switchport mode is access or trunk. You must manually configure the neighboring interface as a trunk interface to establish a trunk link. Otherwise the link will be a non-trunking link.
3.2 # DTP COMBINATIONS: Administrative mode combination and their operational modes
| Admin mode | Auto | Desirable | Trunk | Access | Nonegotiate |
|---|---|---|---|---|---|
| Auto | Access | Trunk | Trunk | Access | Access |
| Desirable | Trunk | Trunk | Trunk | Access | Access |
| Trunk | Trunk | Trunk | Trunk | Unexpected | Unexpected |
| Access | Access | Access | Unexpected | Access | Access |
| Nonegotiate | Access | Access | Unexpected | Access | Access |
(i) Switch and Hub has single broadcast domain.
(ii) Router has multiple broadcast domains.
# Collision domain is the number of path support where the data packet goes to every machine. When the collision occurs it effect the whole network.
(i) Hub has single collision domain.
(ii) Router and Switch has multiple collision domains.
# Broadcast IP address is the address used by the application and host to send information to all nodes on the network.
| Broadcast | Collision |
|---|---|
| A data packet that is transmitted to every node on the local network segment. This is destination network and host address with all the bits turned on. | The effect of two nodes sending transmission simultaneously in Ethernet. When they meet on the physical media, the frames from each node collide and on damaged. |
Example: There are twelve collision domains and one broadcast domain is created when you segment a network with a 12-port switch.
3.3 # CARRIER SENSE MULTIPLE ACCESS WITH COLLISION DETECTION (CSMA/CD)
It is to reduce the impact of collision on the network performance, Ethernet uses an algorithm called CSMA/CD, a set of rules determining how network devices respond when two devices attempt to use a data channel simultaneously (called a collision).Standard ethernet network use CSMA/CD to physically monitor the traffic on the line at participating stations.
- If no transmission is taking place at the time, the particular station can transmit.
- If two stations attempt to transmit simultaneously then this causes a collision, which is detected by all participating stations. After a random interval, the stations will collide attempt to transmit again.
- If another collision occurs, the time of intervals from which random waiting time is selected are increased step by step. This is known as exponential back off.
- Router separate broadcast n collision domains.
- Switch separate collision domains.
- Hubs belong to only one collision domain.
- Switches and Hubs both only belong to one broadcast domain.
3.4 # CONFIRMED CONFIGURATION OF VLAN
* A vlan is a logical segment in a switched network.
* A Vlan have same attributes as physical vlan's.
* A Vlan's separate the devices into different broadcast domain and layer3 subnets.
* Devices within a vlan can communicate with routing but devices in different vlans required a routing device to communicate with one another.
* Vlans offer significant benefits in terms of efficient use the bandwidth, flexibility, performance and security.
# Configuration commands for vlan creation
a) Switch #configure terminal
Switch (config) #vlan 10
Switch (config-vlan) #name admin
Switch (config-vlan) #exit
Switch (config) #vlan 20
Switch (config-vlan) #name Mgmt
Switch (config-vlan) #exit
# Configuration for VLAN_access command
b) Switch #configure terminal
Switch (config) #interface ran fastethernet 0/1-11
Switch (config-if) #switchport mode access
Switch (config-if) #switchport access vlan 10
Switch (config-if) #no shutdown
Switch (config-if) #description “It is the access port for vlan 10”
Switch (config-if) #exit
Switch #configure terminal
Switch (config) #interface ran fastethernet 0/11-23
Switch (config-if) #switchport mode access
Switch (config-if) #switchport access vlan 20
Switch (config-if) #no shutdown
Switch (config-if) #description “It is the access port for vlan 10”
Switch (config-if) #exit
# Configuration for VLAN_trunk command
c) Switch #configure terminal
Switch (config) #interface fastethernet 0/24
Switch (config-if) #switchport trunk encapsulation dot1q
Switch (config-if) #switchport mode trunk
Switch (config-if) #switchport trunk allowed vlan all
Switch (config-if) #no shutdown
Switch (config-if) #description “It is the trunk port for all vlan”
Switch (config-if) #exit
# Save the configuration in save-configuration mode
d) Switch #^Z (Ctrl + Z)
Switch #write memory
Building configuration
[ok]…………………
3.5 # INTRODUCTION AND CONFIGURATION OF INTER-VLAN ROUTING
* Inter-vlan routing allow communication between vlan network.
* Devices in defferent vlan's can't communicate without a router to route th traffic between the vlans.
* New breeds of switches incorporate the routing capability within the switch.
* Inter-vlan routing is supported in switch that runs enhanced multilayer image (EMI) software.
* Restrict the communication between vlans with use of access list.
You enable a switch to become a router of IP traffic between different vlan. Inter-VLAN routing is the process of forwarding network traffic from one VLAN to another VLAN. Create vlan on the switches that all participate in the vlan routing and assign vlan membership to switch interface. The router/layer3 device has capability to communicate between two different vlan’s. Inter-vlan routing is supported in the switches that run Enhanced Multilayer Image (EMI). And two protocols are providing the service for inter-vlan routing. There are two type of inter-vlan routing and following below: -
1) Inter Switch Link (ISL): It is a cisco-proprietary frame tagging method that can only be used with cisco switch and router. It is the way of expected tagging of vlan information an ethernet frame. This tagging information allows vlan’s to be multiplexed over a trunk link through an external encapsulation method, which allows the switch to identify the vlan membership of the frame over the link.
* Legacy inter-VLAN routing. ...
* Router-on-a-stick. ...
* Layer 3 switch using Switched Virtual Interface (SVI) ...
* For us to subdivide the network into two subnets, we have to create two VLANS on the switch, VLAN10 and VLAN20 . ...
* Assign switch ports to the VLANS. ...
* Configurations for access ports fa0/1 and fa0/2.
Configuration for ISL:
Switch #configure terminal
Switch (config) #interface fastethernet 0/0
Switch (config-if) #ip address 10.27.107.1 255.255.255.240
Switch (config-if) #no shutdown
Switch (config-if) #encapsulation isl 2
Switch (config-if) #exit
2) Dot 1q (802.1q): It is a non-proprietary IEEE method of frame tagging. If you are trunking between a switch of cisco link and a different brand of switch, you have to use Dot1q for the trunk to work.
Configuration for Dot1q:
Switch #configure terminal
Switch (config) #interface fastethernet 0/0
Switch (config-if) #ip address 10.27.107.1 255.255.255.240
Switch (config-if) #no shutdown
Switch (config-if) #encapsulation dot1q 2
Switch (config-if) #exit # Steps for configuration : -
* Enable IP routing in switch.
* Create the Vlans.
* Assign the associated switch ports to the specific vlans.
* Assign the IP address to the confirmed vlans.
* Assign the truck for communication with Device - to - Device (L3-to-L2 OR L2-to-L2).
# Topology for inter-vlan routing
Steps:
i) Enable IP routing in the layer3 switch.
ii) Create the vlan’s and assign the IP address to vlan’s.
iii) Assign the associated switch ports to the specified vlan’s.
IV) Assign the trunk to communicate with other switches.
1) Configuration of multilayer_1(3560-24PC)
Switch >enable
Switch #configure terminal
Switch (config) #no ip domain lookup
!
Switch (config) #hostname Multilayer_1
!
Multilayer_1 (config) #enable secret password!123
!
Multilayer_1 (config) #line vty 0 4
Multilayer_1 (config-line) #password password@123
Multilayer_1 (config-line) #login
Multilayer_1 (config-line) #exec-timeout 5 0
Multilayer_1 (config-line) #exit
!
Multilayer_1 (config) #line vty 0 4
Multilayer_1 (config-line) #transport input ssh
Multilayer_1 (config-line) #end
Multilayer_1 (config) #username senior
Multilayer_1 (config-if) #ip domain-name ssm.in
Multilayer_1 (config-if) #crypto key generate rsa
Multilayer_1 (config-if) #ip ssh version 1/2
Multilayer_1 (config-if) #ip ssh timeout 90 authentication-retries 2
Multilayer_1 (config-if) #exit
!
Multilayer_1 (config) #ip routing
!
Multilayer_1 (config) #vlan 10
Multilayer_1 (config-vlan) #name admin
Multilayer_1 (config-vlan) #exit
Multilayer_1 (config) #vlan 20
Multilayer_1 (config-vlan) #name Operation
Multilayer_1 (config-vlan) #exit
!
Multilayer_1 (config) #interface vlan 10
Multilayer_1 (config-if) #ip address 10.27.107.1 255.255.255.240
Multilayer_1 (config-if) #no shutdown
Multilayer_1 (config-if) #description “Vlan 10 ip address”
Multilayer_1 (config-if) #exit
Multilayer_1 (config) #interface vlan 20
Multilayer_1 (config-if) #ip address 10.27.107.18 255.255.255.240
Multilayer_1 (config-if) #no shutdown
Multilayer_1 (config-if) #description “Vlan 20 ip address”
Multilayer_1 (config-if) #exit
!
Multilayer_1 (config) #interface GigabitEthernet 0/1
Multilayer_1 (config-if) #no switchport
Multilayer_1 (config-if) #ip address 192.168.1.1 255.255.255.0
Multilayer_1 (config-if) #no shutdown
Multilayer_1 (config-if) #description “It is route link-port for Multilayer_1”
Multilayer_1 (config-if) #exit
!
Multilayer_1 (config) #interface GigabitEthernet 0/2
Multilayer_1 (config-if) #switchport trunk encapsulation dot1q
Multilayer_1 (config-if) #switchport mode trunk
Multilayer_1 (config-if) #switchport trunk allowed vlan all
Multilayer_1 (config-if) #no shutdown
Multilayer_1 (config-if) #description “It is trunk-port for vlan’s Switch_1”
Multilayer_1 (config-if) #exit
!
Multilayer_1 (config) #ip route 20.27.107.0 2555.255.255.192 GigabitEthernet 0/1
Multilayer_1 (config) #ip route 0.0.0.0 0.0.0.0 GigabitEthernet 0/1
Multilayer_1 (config) #exit
!
Multilayer_1 (config) #^Z
Multilayer_1 #write memory
Destination filename [startup-config]?
Building configuration………..
[ok]
2) Configuration of multilayer_2(3560-24PC)
Switch >enable
Switch #configure terminal
Switch (config) #no ip domain lookup
!
Switch (config) #hostname Multilayer_2
!
Multilayer_2 (config) #enable secret pwd!123
!
Multilayer_2 (config) #line vty 0 4
Multilayer_2 (config-line) #password pwd@123
Multilayer_2 (config-line) #login
Multilayer_2 (config-line) #exec-timeout 5 0
Multilayer_2 (config-line) #exit
!
Multilayer_2 (config) #line vty 0 4
Multilayer_2 (config-line) #transport input ssh
Multilayer_2 (config-line) #end
Multilayer_2 (config) #username senior
Multilayer_2 (config-if) #ip domain-name ssm.in
Multilayer_2 (config-if) #crypto key generate rsa
Multilayer_2 (config-if) #ip ssh version 1/2
Multilayer_2 (config-if) #ip ssh timeout 90 authentication-retries 2
Multilayer_2 (config-if) #exit
!
Multilayer_2 (config) #ip routing
!
Multilayer_2 (config) #vlan 30
Multilayer_2 (config-vlan) #name HR_Dept
Multilayer_2 (config-vlan) #exit
Multilayer_2 (config) #vlan 40
Multilayer_2 (config-vlan) #name Helpdesk
Multilayer_2 (config-vlan) #exit
!
Multilayer_2 (config) #interface vlan 30
Multilayer_2 (config-if) #ip address 20.27.107.1 255.255.255.192
Multilayer_2 (config-if) #no shutdown
Multilayer_1 (config-if) #description “Vlan 30 ip address”
Multilayer_2 (config-if) #exit
Multilayer_2 (config) #interface vlan 40
Multilayer_2 (config-if) #ip address 20.27.107.65 255.255.255.192
Multilayer_2 (config-if) #no shutdown
Multilayer_2 (config-if) #description “Vlan 40 ip address”
Multilayer_2 (config-if) #exit
!
Multilayer_2 (config) #interface GigabitEthernet 0/1
Multilayer_2 (config-if) #no switchport
Multilayer_2 (config-if) #ip address 192.168.2.1 255.255.255.0
Multilayer_2 (config-if) #no shutdown
Multilayer_2 (config-if) #description “It is route link-port for Multilayer_2”
Multilayer_2 (config-if) #exit
!
Multilayer_2 (config) #interface GigabitEthernet 0/2
Multilayer_2 (config-if) #switchport trunk encapsulation dot1q
Multilayer_2 (config-if) #switchport mode trunk
Multilayer_2 (config-if) #switchport trunk allowed vlan all
Multilayer_2 (config-if) #no shutdown
Multilayer_2 (config-if) #description “It is trunk-port for vlan’s Switch_2”
Multilayer_2 (config-if) #exit
!
Multilayer_2 (config) #ip route 10.27.107.0 2555.255.255.240 GigabitEthernet 0/1
Multilayer_1 (config) #ip route 0.0.0.0 0.0.0.0 GigabitEthernet 0/1
Multilayer_1 (config) #exit
!
Multilayer_2 (config) #^Z
Multilayer_2 #write memory
Destination filename [startup-config]?
Building configuration………..
[ok]
3) Configuration of switch _1(2950-24)
Switch >enable
Switch #configure terminal
Switch (config) #no ip domain lookup
!
Switch (config) #hostname Switch_1
!
Switch _1 (config) #enable secret mother!123
!
Switch _1 (config) #line vty 0 4
Switch _1 (config-line) #password Queen@123
Switch _1 (config-line) #login
Switch _1 (config-line) #exec-timeout 5 0
Switch _1 (config-line) #exit
!
Switch _1 (config) #line vty 0 4
Switch _1 (config-line) #transport input ssh
Switch _1 (config-line) #end
Switch _1 (config) #username senior
Switch _1 (config-if) #ip domain-name ssm.in
Switch _1 (config-if) #crypto key generate rsa
Switch _1 (config-if) #ip ssh version 1/2
Switch _1 (config-if) #ip ssh timeout 90 authentication-retries 2
Switch _1 (config-if) #exit
!
Switch _1 (config) #vlan 10
Switch _1 (config-vlan) #name admin
Switch _1 (config-vlan) #exit
Switch _1 (config) #interface vlan 10
Switch _1 (config-if) #ip address 10.27.107.2 255.255.255.240
Switch _1 (config-if) #no shutdown
Switch _1 (config-if) #description “Vlan 10 ip address for telnet/ssh”
Switch_1 (config-if) #exit
Switch _1 (config) #vlan 20
Switch _1 (config-vlan) #name Operation
Switch_1 (config-vlan) #exit
Switch _1 (config) #interface vlan 20
Switch _1 (config-if) #ip address 10.27.107.19 255.255.255.240
Switch _1 (config-if) #no shutdown
Switch _1 (config-if) #description “Vlan 20 ip address for telnet/ssh”
Switch _1 (config-if) #exit
!
Switch _1 (config) #interface GigabitEthernet 0/2
Switch _1 (config-if) #switchport mode access
Switch _1 (config-if) #switchport access vlan 10
Switch _1 (config-if) #no shutdown
Switch _1 (config-if) #description “It is access-port for vlan 10”
Switch _1 (config-if) #exit
Switch _1 (config) #interface GigabitEthernet 0/3
Switch _1 (config-if) #switchport mode access
Switch _1 (config-if) #switchport access vlan 20
Switch _1 (config-if) #no shutdown
Switch _1 (config-if) #description “It is access-port for vlan 20”
Switch _1 (config-if) #exit
!
Switch _1 (config) #interface GigabitEthernet 0/1
Switch _1 (config-if) #switchport mode trunk
Switch _1 (config-if) #switchport trunk allowed vlan all
Switch _1 (config-if) #no shutdown
Switch _1 (config-if) #description “It is trunk-port for vlan’s Multilayer_1”
Switch _1 (config-if) #exit
!
Switch _1 (config) #^Z
Switch_1 #write memory
Destination filename [startup-config]?
Building configuration………..
[ok]
4) Configuration of switch _2(2950-24)
Switch >enable
Switch #configure terminal
Switch (config) #no ip domain lookup
!
Switch (config) #hostname Switch_2
!
Switch _2 (config) #enable secret King!123
!
Switch _2 (config) #line vty 0 4
Switch _2 (config-line) #password King@123
Switch _2 (config-line) #login
Switch _2 (config-line) #exec-timeout 5 0
Switch _2 (config-line) #exit
!
Switch _2 (config) #line vty 0 4
Switch _2 (config-line) #transport input ssh
Switch _2 (config-line) #end
Switch _2 (config) #username senior
Switch _2 (config-if) #ip domain-name ssm.in
Switch _2 (config-if) #crypto key generate rsa
Switch _2 (config-if) #ip ssh version 1/2
Switch _2 (config-if) #ip ssh timeout 90 authentication-retries 2
Switch _2 (config-if) #exit
!
Switch _2 (config) #vlan 30
Switch _2 (config-vlan) #name HR_Dept
Switch _2 (config-vlan) #exit
Switch _2 (config) #interface vlan 30
Switch _2 (config-if) #ip address 20.27.107.2 255.255.255.240
Switch _2 (config-if) #no shutdown
Switch _2 (config-if) #description “Vlan 30 ip address for telnet/ssh”
Switch_2 (config-if) #exit
Switch _2 (config) #vlan 40
Switch _2 (config-vlan) #name Helpdesk
Switch_2 (config-vlan) #exit
Switch _2 (config) #interface vlan 40
Switch _2 (config-if) #ip address 20.27.107.66 255.255.255.192
Switch _2 (config-if) #no shutdown
Switch _2 (config-if) #description “Vlan 40 ip address for telnet/ssh”
Switch _2 (config-if) #exit
!
Switch _2 (config) #interface GigabitEthernet 0/2
Switch _2 (config-if) #switchport mode access
Switch _2 (config-if) #switchport access vlan 30
Switch _2 (config-if) #no shutdown
Switch _2 (config-if) #description “It is access-port for vlan 30”
Switch _2 (config-if) #exit
Switch _2 (config) #interface GigabitEthernet 0/3
Switch _2 (config-if) #switchport mode access
Switch _2 (config-if) #switchport access vlan 40
Switch _2 (config-if) #no shutdown
Switch _2 (config-if) #description “It is access-port for vlan 40”
Switch _2 (config-if) #exit
!
Switch _2 (config) #interface GigabitEthernet 0/1
Switch _2 (config-if) #switchport mode trunk
Switch _2 (config-if) #switchport trunk allowed vlan all
Switch _2 (config-if) #no shutdown
Switch _2 (config-if) #description “It is trunk-port for vlan’s Multilayer_2”
Switch _2 (config-if) #exit
!
Switch _2 (config) #^Z
Switch_2 #write memory
Destination filename [startup-config]?
Building configuration………..
[ok]
# Troubleshooting:
Q. Which command to show the vlan status?
Switch #show vlan brief
Q. Which command to show the trunk status?
Switch #show interface trunk
Q. Which command to show the IP interface?
Switch #show ip interface brief
Q. Which command to show the particular port status?
Switch #show interface fastethernet 0/1 switchport
Q. Which command to show the vlan’s IP?
Switch #show ip interface vlan 10
Q. Which command to show the arp status?
Switch #show ip arp
Q. Which command to show the ip routing?
Switch #show ip route
3.6 # DATA COMMUNCATION
Data Communication is a process of exchanging data or information In case of computer networks this exchange is done between two devices over a transmission medium. This process involves a communication system which is made up of hardware and software. When both devices are connected to each other is known as data communication. i.e With a connection from a host to host using a crossover cable. The transmission is characterized by: -
The direction of the exchange is
1) Simplex mode: Data can flow towards only one direction is known as simplex mode
For example > Keyboard.
2) Half-duplex mode: The data will go to one direction on channel but it can come back to another direction after to complete the first data is known as half duplex mode.
For example > Walky – talky
Switch (config-if) #interface fastethernet 0/1
Switch (config) #no shutdown
Switch (config-if) #speed 10
Switch (config-if) #duplex half
Switch (config-if) #exit
3) Full-duplex mode: The data send n received at the same time on channel is known as full duplex mode.
Switch (config) #interface fastethernet 0/1
Switch (config-if) #no shutdown
Switch (config-if) #speed 10
Switch (config-if) #duplex full
Switch (config-if) #exit
# How to come the switch in duplex auto ?
Switch (config) #interface fastethernet 0/1
Switch (config-if) #no shutdown
Switch (config-if) #speed auto
Switch (config-if) #duplex auto
Switch (config-if) #exit
# How to low the bandwidth of fastethernet ?
Switch (config) #interface fastethernet 0/1
Switch (config-if) #no shutdown
Switch (config-if) #speed 1000
Switch (config-if) #duplex half
Switch (config-if) #exit
# How to high the bandwidth of fastethernet?
Switch (config) #interface fastethernet 0/1
Switch (config-if) #no shutdown
Switch (config-if) #speed 11000
Switch (config-if) #duplex full
Switch (config-if) #exit
Be updated into yourself and improve lives through DIT
){kind=link}
0 Comments