270 likes | 310 Views
Switching and VLANs. Switching Tasks. Switching operation Configure a VLAN Configure VLAN Trunking Protocol (VTP) Configure a switch for trunking Verify VLAN connectivity Verify spanning-tree operations. Switching operation. Switches forward frames based on destination MAC address
E N D
Switching Tasks • Switching operation • Configure a VLAN • Configure VLAN Trunking Protocol (VTP) • Configure a switch for trunking • Verify VLAN connectivity • Verify spanning-tree operations
Switching operation • Switches forward frames based on destination MAC address • Switches store MAC addresses in the MAC address table • Switches populate the table from the source MAC address from frames that enter the switch • If the destination MAC address is not in the table the switch forwards the frame out all ports in the same VLAN except the receiving port • By default all ports are in VLAN 1
VLAN Overview • Segmentation • Flexibility • Security 3rd floor 2nd floor 1st floor SALES HR ENG A VLAN = A broadcast domain = Logical network (subnet)
Switch A Red VLAN Black VLAN Green VLAN VLAN Operations • Each logical VLAN is like a separate physical bridge
Switch A Red VLAN Black VLAN Green VLAN VLAN Operations Switch B Red VLAN Black VLAN Green VLAN • Each logical VLAN is like a separate physical bridge • VLANs can span across multiple switches
Switch A Red VLAN Black VLAN Green VLAN VLAN Operations Switch B Trunk Fast Ethernet Red VLAN Black VLAN Green VLAN • Each logical VLAN is like a separate physical bridge • VLANs can span across multiple switches • Trunks carries traffic for multiple VLANs
VLAN Membership Modes Static VLAN Dynamic VLAN Trunk Port e0/4 Port e0/9 VLAN5 VLAN10 VMPS 1111.1111.1111 = vlan 10 MAC = 1111.1111.1111
802.1q Tagging • Not intrusive to client stations, client does not see the 8-2.q header • Effective between switches, routers and switches, switches and servers with 802.1q network interface cards VLAN Tag added by outgoing port 802.1q carries VLAN identifier VLAN Tag stripped by forwarding port
VTP Pruning • Reduces unnecessary flooded (broadcast/unknown address) traffic • Example: Station A sends broadcast. Broadcast is only flooded toward any switch with ports assigned to the green VLAN Port 2 B Switch 4 Floodedtraffic ispruned Switch 2 GreenVLAN Switch 5 Port 1 A Switch 6 Switch 3 Switch 1
VLAN Configuration Guidelines • Maximum number of VLANs is switch-dependent • VLAN1 is One of the factory default VLANs • CDP and VTP advertisements are sent on VLAN1 • Must be in VTP server or transparent mode to create, add, or delete VLANs
VLAN Configuration Steps • Enable VTP (optional) • Enable trunking • Create VLANs • Assign VLAN to ports
Defining a Trunk Many Options… • On = Set trunk on and negotiate with other side • Result - Trunk on if other side is on, desirable, or auto • Desirable = Negotiate with other side. Result - Trunk on if other side is on, desirable, or auto • Auto = Will be a trunk only if the other side is on or desirable • Non-negotiate = Set trunk on and will not negotiate
Defining a Trunk • On = Set trunk on and negotiate with other side • Result =Trunk on if other side is on, desirable, or auto Switch1(config-if)# switchport mode trunk
Defining a Trunk • Desirable = Negotiate with other side • Result =Trunk on if other side is on, desirable, or auto Switch1(config-if)# switchport mode dynamic desirable
Defining a Trunk • Auto = Default setting • Result =Trunk on if other side is on or desirable Switch1(config-if)# switchport mode dynamic auto
Defining a Trunk • Non-negotiate = Do not send DTP frames to negotiate with other side • Result =Trunk on if other side set on or non-negotiate Switch1(config-if)# switchport nonegotiate
Verifying a Trunk wg_sw_a#show interface trunk Switch#sh int trunk Port Mode Encapsulation Status Native vlan Fa0/1 on 802.1q trunking 1 Port Vlans allowed on trunk Fa0/1 1-1005 Port Vlans allowed and active in management domain Fa0/1 1,1002,1003,1004,1005 Port Vlans in spanning tree forwarding state and not pruned Fa0/1 1,1002,1003,1004,1005
Adding a VLAN Switch1(config)# vlan vlan# Switch1#conf terminal Enter configuration commands, one per line. End with CNTL/Z Switch1(config)#vlan 9 Switch1(config-vlan)#name Accounting VLAN
Verifying a VLAN wg_sw_a#show vlan [vlan#]
Assigning Switch Ports to a VLAN Switch1(config-if)# switchport access vlan 2
1. What is a VLAN? 2. How do switches learn MAC addresses? 3. Across a trunk the VLAN ID is carried in the ________ header. 4. How do we assign a VLAN to a port? Review Questions
Lab • Lab file • Module 17 – Switch Configuration Lab-1.doc • Module 17 – Switch Configuration Lab-2.doc • Lab scenario • Module 17 – Switch Configuration Lab-1.pkt • Module 17 – Switch Configuration Lab-2.pkt