13. port1 port5
To see the existing VLAN
#Show vlan
To create VLAN
#vlan database
Switch(vlan)#vlan 2 name red
Switch(vlan)#vlan 3 name blue
Assigning ports to VLAN
Sw(config)# int fastEthernet 0/1
Sw(config-if)#switch mode access
Sw(config-if)#switchport access vlan2
13
14. port1 port5
To delete VLAN
Sw(config)# no vlan 2
Sw(config)# no vlan 3
To bring port back to VLAN 1
Sw(config-if)#switchport mode acces
Sw(config-if)#switch port access vlan1
For a Range
Sw(config)#int range fastethernet 0/1 - 5
Sw(config-if)#switch port access vlan1
14
15. VLAN Operation
VLANs can span across multiple switches.
Trunks carry traffic for multiple VLANs.
Trunks use special encapsulation to distinguish between
different VLANs.
15
16. Access links
This type of link is only part of one VLAN
It’s referred to as the native VLAN of the port.
Any device attached to an access link is unaware of a VLAN
Switches remove any VLAN information from the frame before it’s
sent to an access-link device.
Trunk links
Trunks can carry multiple VLANs
These carry the traffic of multiple VLANs
A trunk link is a 100- or 1000Mbps point-to-point link between
two switches, between a switch and router.
16
19. Can create VLANs to span more than one connected switch
Hosts are unaware of VLAN
When host A Create a data unit and reaches switch, the switch adds a
Frame tagging to identify the VLAN
Frame tagging is a method to identify the packet belongs to a particular
VLAN
Each switch that the frame reaches must first identify the VLAN ID from the
frame tag
It finds out what to do with the frame by looking at the information in the
filter table
Once the frame reaches an exit to an access link matching the frame’s VLAN
ID, the switch removes the VLAN identifier
19
20. There are two frame tagging methods
Inter-Switch Link (ISL)
IEEE 802.1Q
Inter-Switch Link (ISL)
proprietary to Cisco switches
used for Fast Ethernet and Gigabit Ethernet links only
IEEE 802.1Q
Created by the IEEE as a standard method of frame tagging
it actually inserts a field into the frame to identify the VLAN
If you’re trunking between a Cisco switched link and a
different brand of switch, you have to use 802.1Q for the
trunk to work.
20
21. ISL trunks enable VLANs across a backbone.
Performed with ASIC
ISL header not seen
by client
Effective between
switches, and between
routers and switches
21
22. 24 12
1 2 3 4 1 2 3 4
10.0.0.1 10.0.0.4
10.0.0.2
10.0.0.3
Create two VLAN's on each switches
Trunk Port Configuration
#vlan database
sw(vlan)#vlan 2 name red sw#config t
sw(vlan)#vlan 3 name blue sw(config)#int fastethernet 0/24
sw(vlan)#exit sw(config-if)#switchport trunk
sw#config t encapsulation dot1q
sw(config)#int fastethernet 0/1 sw(config-if)#switchport mode
sw(config-if)#switch-portaccess trunk
vlan 2
sw(config)#int fastethernet 0/4 * 2950 Only dot1q Encapsulation
sw(config-if)#switch-portaccess
vlan 3
To see Interface status
#show interface status
22
23. Switch(config)#interface gigabitethernet 1/1
• Enters interface configuration mode
Switch(config-if)#switchport mode access
• Configures the interface as an access port
Switch(config-if)#switchport access vlan 3
• Assigns the access port to a VLAN
23
25. Switch#show running-config interface {fastethernet |
gigabitethernet} slot/port
• Displays the running configuration of the interface
Switch#show interfaces [{fastethernet | gigabitethernet}
slot/port] switchport
• Displays the switch port configuration of the interface
Switch#show mac-address-table interface interface-id [vlan
vlan-id] [ | {begin | exclude | include} expression]
• Displays the MAC address table information for the specified
interface in the specified VLAN
25
26. A messaging system that advertises VLAN configuration information
Maintains VLAN configuration consistency throughout a common
administrative domain
Sends advertisements on trunk ports only
27. Benefits of VTP
Consistent VLAN configuration across all switches in
the network
Accurate tracking and monitoring of VLANs
Dynamic reporting of added VLANs to all switches in
the VTP domain
27
28. •Creates VLANs
•Modifies VLANs
•Deletes VLANs
•Sends/forwards
advertisements
•Synchronizes
•Saved in NVRAM
•Creates VLANs
• Forwards •Modifies VLANs
advertisements •Deletes VLANs
• Synchronizes •Forwards
• Not saved in advertisements
NVRAM •Does not
synchronize
•Saved in NVRAM
28
29. VTP Operation
• VTP advertisements are sent as multicast frames.
• VTP servers and clients are synchronized to the latest update identified
revision number.
• VTP advertisements are sent every 5 minutes or when there is a change.
29
30. VTP pruning provides a way for you to preserve
bandwidth by configuring it to reduce the amount of
broadcasts, multicasts, and unicast packets.
If Switch A doesn’t have any ports configured for VLAN
5, and a broadcast is sent throughout VLAN 5, that
broadcast would not traverse the trunk link to Switch A.
By default, VTP pruning is disabled on all switches.
Pruning is enabled for the entire domain
30
31. VTP Pruning
• Increases available bandwidth by reducing unnecessary flooded traffic
• Example: Station A sends broadcast, and broadcast is flooded only toward
any switch with ports assigned to the red VLAN
31
32. ◦ Configure the following:
VTP domain name
VTP mode (server mode is the default)
VTP pruning
VTP password
Switch(config)#vtp mode server
Switch(config)#vtp domain gates
SwitchA#sh vtp status
32
33. Creating a VTP Domain
Catalyst 1900
wg_sw_1900(config)#vtp [server | transparent | client] [domain
domain-name] [trap {enable | disable}] [password password]
[pruning {enable | disable}]
wg_sw_1900#configure terminal
Enter configuration commands, one per line. End with CNTL/Z
wg_sw_1900(config)#vtp transparent
wg_sw_1900(config)#vtp domain switchlab
Catalyst 2950
wg_sw_2950#vlan database
wg_sw_2950(vlan)#vtp [ server | client | transparent ]
wg_sw_2950(vlan)#vtp domain domain-name
wg_sw_2950(vlan)#vtp password password
wg_sw_2950(vlan)#vtp pruning
33
34. Switch#show vtp status
Switch#show vtp status
VTP Version : 2
Configuration Revision : 247
Maximum VLANs supported locally : 1005
Number of existing VLANs : 33
VTP Operating Mode : Client
VTP Domain Name : Lab_Network
VTP Pruning Mode : Enabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x45 0x52 0xB6 0xFD 0x63 0xC8 0x49 0x80
Configuration last modified by 0.0.0.0 at 8-12-99 15:04:49
Switch#
34
35. Switch#show vtp counters
Switch#show vtp counters
VTP statistics:
Summary advertisements received : 7
Subset advertisements received : 5
Request advertisements received : 0
Summary advertisements transmitted : 997
Subset advertisements transmitted : 13
Request advertisements transmitted : 3
Number of config revision errors : 0
Number of config digest errors : 0
Number of V1 summary errors : 0
VTP pruning statistics:
Trunk Join Transmitted Join Received Summary advts received from
non-pruning-capable device
---------------- ---------------- ---------------- ---------------------------
Fa5/8 43071 42766 5
35
36. Ifyou want to connect between two VLANs you
need a layer 3 device
36
37. 10.0.0.1
20.0.0.1
FA0/0
9
24 12
1 2 3 4 1 2 3 4
10.0.0.2 20.0.0.3
20.0.0.2 10.0.0.3
Router Configuration
Create two VLAN's on each switches Trunk Port Configuration R1#config t
R1(config)#int fastethernet 0/0.1
#vlan database sw#config t R1(config-if)#encapsulation dot1q 2
sw(vlan)#vlan 2 name red sw(config)#int fastethernet 0/24 R1(config-if)#ip address 10..0.0.1 255.0.0.0
sw(vlan)#vlan 3 name blue R1(config-if# No shut
sw(config-if)#switchport trunk
sw(vlan)#exit encapsulation dot1q R1(config-Iif)# EXIT
sw#config t R1(config)#int fastethernet 0/0.2
sw(config-if)#switchport mode
sw(config)#int fastethernet 0/1 trunk R1(config-if)# encapsulation dot1q 3
sw(config-if)#switch-portaccess vlan
2 R1(config-if)#ip address 20..0.0.1 255.0.0.0
sw(config)#int fastethernet 0/4 R1(config-if# No shut
sw(config-if)#switch-portaccess vlan Router-Switch Port to be made as Trunk
3
sw(config)#int fastethernet 0/9
sw(config-if)#switchport trunk
To see Interface status enacapsulation dot1q
#show interface status
sw(config-if)#switchport mode trunk
37
