Network Bulls
www.networkbulls.com
Best Institute for CCNA CCNP CCSP CCIP CCIE Training in India
M-44, Old Dlf, Sector-14 Gurgaon, Haryana, India
Call: +91-9654672192
Before you create VLANs, you must decide whether to use VTP to maintain global VLAN
configuration information for your network.
The maximum number of VLANs is switch dependent. Many access layer Cisco Catalyst
switches can support up to 250 user-defined VLANs.
Cisco Catalyst switches have a factory default configuration in which various default
VLANs are preconfigured to support various media and protocol types. The default Ethernet
VLAN is VLAN 1. Cisco Discovery Protocol and VTP advertisements are sent on VLAN 1.
For you to be able to communicate remotely with the Cisco Catalyst switch for
management purposes, the switch must have an IP address. This IP address must be in the
management VLAN, which by default is VLAN 1. If VTP is configured, before you can
create a VLAN, the switch must be in VTP server mode or VTP transparent mode.
Table 2-9 lists the commands to use when adding a VLAN.
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
SwitchX# show interfaces fa0/11 trunk
Port Mode Encapsulation Status Native vlan
Fa0/11 desirable 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/11 1-4094
Port Vlans allowed and active in management domain
Fa0/11 1-13
Table 2-9 Commands to Add VLANs
Command/Variable Description
vlan vlan-id ID of the VLAN to be added and configured. For vlan-id, the range
is 1 to 4094 when the enhanced software image is installed and 1 to
1005 when the standard software image is installed. Do not enter
leading zeros. You can enter a single VID, a series of VIDs
separated by commas, or a range of VIDs separated by hyphens.
name vlan-name (Optional) Specify the VLAN name, an ASCII string from 1 to 32
characters that must be unique within the administrative domain.
Example 2-1 Verifying Trunk Configuration, Parameters, and Port VLAN Information (Continued)
36 Chapter 2: Medium-Sized Switched Network Construction
By default, a switch is in VTP server mode so that you can add, change, or delete VLANs.
If the switch is set to VTP client mode, you cannot add, change, or delete VLANs.
Use the vlan global configuration command to create a VLAN and enter VLAN
configuration mode:
SwitchX# configure terminal
SwitchX(config)# vlan 2
SwitchX(config-vlan)# name switchlab99
Use the no form of this command to delete the VLAN.
To add a VLAN to the VLAN database, assign a number and name to the VLAN. VLAN 1
is the factory default VLAN. Normal-range VLANs are identified with a number between
1 and 1001. VLAN numbers 1002 through 1005 are reserved for Token Ring and FDDI
VLANs. If the switch is in VTP server or VTP transparent mode, you can add, modify, or
remove configurations for VLAN 2 to 1001 in the VLAN database. (VIDs 1 and 1002 to
1005 are automatically created and cannot be removed.)
Configurations for VIDs 1 to 1005 are written to the vlan.dat file (VLAN database). You
can display the VLANs by entering the show vlan privileged EXEC command. The
vlan.dat file is stored in flash memory.
To add an Ethernet VLAN, you must specify at least a VLAN number. If no name is entered
for the VLAN, the default is to append the VLAN number to the word vlan. For example,
VLAN0004 would be the default name for VLAN 4 if no name were specified.
After you configure the VLAN, you should validate the parameters for that VLAN.
Use the show vlan id vlan_number or the show vlan name vlan-name command to display
information about a particular VLAN, as demonstrated in Example 2-3.
NOTE When the switch is in VTP transparent mode and the enhanced software image
is installed, you can also create extended-range VLANs (VLANs with IDs from 1006 to
4094), but these VLANs are not saved in the VLAN database.
Example 2-3 Displaying VLAN Information
SwitchX# show vlan id 2
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
2 switchlab99 active Fa0/2, Fa0/12
Implementing VLANs and Trunks 37
Use the show vlan brief command to display one line for each VLAN that displays the
VLAN name, the status, and the switch ports.
Use the show vlan command to display information on all configured VLANs. The show
vlan command displays the switch ports assigned to each VLAN. Other VLAN parameters
that are displayed include the type (the default is Ethernet); the security association ID
(SAID), used for the FDDI trunk; the maximum transmission unit (MTU) (the default is
1500 for Ethernet VLAN); the STP; and other parameters used for Token Ring or FDDI
VLANs.
VLAN Port Assignment
After creating a VLAN, you can manually assign a port or a number of ports to that VLAN.
A port can belong to only one VLAN at a time. When you assign a switch port to a VLAN
using this method, it is known as a static-access port.
On most Cisco Catalyst switches, you configure the VLAN port assignment from interface
configuration mode using the switchport access command, as demonstrated in Example 2-4.
Use the vlan vlan_number option to set static-access membership. Use the dynamic option
to have the VLAN controlled and assigned by a VMPS.
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
2 enet 100002 1500 - - - - - 0 0
. . .
SwitchX#
NOTE By default, all ports are members of VLAN 1.
Example 2-4 Configuring VLAN Port Assignment
SwitchX# configure terminal
SwitchX(config)# interface range fastethernet 0/2 - 4
SwitchX(config-if)# switchport access vlan 2
SwitchX# show vlan
VLAN Name Status Ports
---- -------------------------------- --------- ----------------------
1 default active Fa0/1
2 switchlab99 active Fa0/2, Fa0/3, Fa0/4
Example 2-3 Displaying VLAN Information (Continued)
38 Chapter 2: Medium-Sized Switched Network Construction
Use the show vlan brief privileged EXEC command to display the VLAN assignment and
membership type for all switch ports, as demonstrated in Example 2-5.
Alternatively, use the show interfaces interface switchport privileged EXEC command to
display the VLAN information for a particular interface, as demonstrated in Example 2-6.
Adds, Moves, and Changes for VLANs
As network topologies, business requirements, and individual assignments change, VLAN
requirements also change.
To add, change, or delete VLANs, the switch must be in VTP server or transparent mode.
When you make VLAN changes from a switch that is in VTP server mode, the change is
automatically propagated to other switches in the VTP domain. VLAN changes made from
a switch in VTP transparent mode affect only the local switch; changes are not propagated
to the domain.
Example 2-5 Displaying VLAN Port Assignment and Membership Type
SwitchX# show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1
2 switchlab99 active Fa0/2, Fa0/3, Fa0/4
3 vlan3 active
4 vlan4 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1004 fddinet-default act/unsup
1005 trnet-default
Example 2-6 Displaying VLAN Information for a Specific Interface
SwitchX# show interfaces fa0/2 switchport
Name: Fa0/2
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 2 (switchlab99)
Trunking Native Mode VLAN: 1 (default)
--- output omitted ----
Implementing VLANs and Trunks 39
Adding VLANs and Port Membership
After you create a new VLAN, be sure to make the necessary changes to the VLAN port
assignments.
Separate VLANs typically imply separate IP networks. Be sure to plan the new IP
addressing scheme and its deployment to stations before moving users to the new VLAN.
Separate VLANs also require inter-VLAN routing to permit users in the new VLAN to
communicate with other VLANs. Inter-VLAN routing includes setting up the appropriate
IP parameters and services, including default gateway and DHCP.
Changing VLANs and Port Membership
To modify VLAN attributes, such as VLAN name, use the vlan vlan-id global configuration
command.
To move a port into a different VLAN, use the same commands that you used to make the
original assignments.
You do not need to first remove a port from a VLAN to make this change. After you reassign
a port to a new VLAN, that port is automatically removed from its previous VLAN.
Deleting VLANs and Port Membership
When you delete a VLAN from a switch that is in VTP server mode, the VLAN is removed
from all switches in the VTP domain. When you delete a VLAN from a switch that is in
VTP transparent mode, the VLAN is deleted only on that specific switch. Use the global
configuration command no vlan vlan-id to remove a VLAN.
To reassign a port to the default VLAN (VLAN 1), use the no switchport access vlan
command in interface configuration mode.
Summary of Implementing VLANs and Trunks
The following list summarizes the key points that were discussed in this section.
■ A poorly designed network has increased support costs, reduced service availability,
and limited support for new applications and solutions.
NOTE You cannot change the VLAN number. To use a different VLAN number, create
a new VLAN using a new number and then reassign all ports to this VLAN.
NOTE Before deleting a VLAN, be sure to reassign all member ports to a different
VLAN. Any ports that are not moved to an active VLAN are unable to communicate with
other stations after you delete the VLAN.
40 Chapter 2: Medium-Sized Switched Network Construction
■ VLANs provide broadcast segmentation and organizational flexibility.
■ Ethernet trunks carry the traffic of multiple VLANs over a single link and allow you to
extend VLANs across an entire network.
■ VTP is a Layer 2 messaging protocol that maintains VLAN configuration consistency.
No comments:
Post a Comment