Professional Documents
Culture Documents
Configuring InterVLAN Routing - PPT Real One
Configuring InterVLAN Routing - PPT Real One
Configuring VLANs helps control the size of the broadcast domain and keeps local traffic local. However, when an end station in one VLAN needs to communicate with an end station in another VLAN, interVLAN communication is required. This communication is supported by interVLAN routing. You configure one or more routers to route traffic to the appropriate destination VLAN.
However, the real power of virtual networking comes from its ability to affect VLAN topologies that extend beyond single sites to combine multiple LANs across an organization's backbone network. Cisco Systems now offers a comprehensive VLAN solution that can bring together geographically dispersed users across an enterprise network to form VLAN workgroup topologies. Regardless of whether the network comprises Asynchronous Transfer Mode (ATM), Fiber Distributed Data Interface (FDDI), Ethernet/Fast Ethernet, Token Ring, or serial links, the Cisco product line now offers the advantages of virtualization.
The degree of flexibility and control that virtual networking offers is unprecedented. Regardless of physical location or interface type, network managers can define workgroups based on logical function rather than physical location through simple port configuration. Using switches and routers that have embedded VLAN intelligence obviates the need for expensive, time-consuming recabling to extend connectivity in switched LAN environments.
Virtual LANs (VLANs) offer significant benefits in terms of efficient use of bandwidth, flexibility, performance, and security. VLAN technology functions by logically segmenting the network into different broadcast domains so that packets are only switched between ports that are designated for the same VLAN. Thus, by containing traffic originating on a particular LAN only to other LANs within the same VLAN, switched virtual networks avoid wasting bandwidth, a drawback inherent in traditional bridged/switched networks where packets are often forwarded to LANs that do not require them. This approach also improves scalability, particularly in LAN environments that support broadcast- or multicast-intensive protocols and applications that flood packets throughout the network. Figure 1 depicts a typical VLAN, where traffic is only switched between LAN interfaces that belong to the same VLAN. Here, the criteria for VLAN membership is departmental function; however, users could also be combined in VLAN topologies based upon a common protocol or subnet address.
Understanding VLANs
A VLAN is a switched network that is logically segmented by function, project team, or application, without regard to the physical locations of the users. VLANs have the same attributes as physical LANs, but you can group end stations even if they are not physically located on the same LAN segment. Any switch port can belong to a VLAN, and unicast, broadcast, and multicast packets are forwarded and flooded only to end stations in the VLAN. Each VLAN is considered a logical network, and packets destined for stations that do not belong to the VLAN must be forwarded through a router or bridge.
Because a VLAN is considered a separate logical network, it contains its own bridge Management Information Base (MIB) information and can support its own implementation of spanning tree.
In order to create VLANs, you must decide how to configure the following items:
What VLAN Trunking Protocol (VTP) domain name and VTP mode will be used on this switch? What ports on the switch will belong to which VLAN? Will you need to have communication between VLANs, or will they be isolated? If you require communication between VLANs, you will need to use a L3 routing device, such as an external Cisco router or an internal router module such as a Route Switch Module (RSM) or a Multilayer Switch Feature Card (MSFC).
Catalyst 2950-12 Catalyst 2950-24 Catalyst 2950C-24 Catalyst 2950G-12-EI Catalyst 2950G-24-EI Catalyst 2950G-48-EI Catalyst 2950G-24-EI-DC Catalyst 2950T-24
Because a trunk link carries traffic, or frames, from multiple VLANs, the switch must have a method of identifying which VLAN a frame belongs to. Cisco supports four methods of frame identification: Cisco Inter-Switch Link (ISL)The Cisco proprietary trunking method used over Fast Ethernet, Gigabit Ethernet, and EtherChannel IEEE 802.1QThe IEEE industry standard trunking method, also used over Fast Ethernet, Gigabit Ethernet, and EtherChannel 802.10The Cisco proprietary method of trunking over Fiber Distributed Data Interface (FDDI) LAN Emulation (LANE)The IEEE standard for trunking over Asynchronous Transfer Mode (ATM) networks
While configuring 802.1Q trunking it is very important to match the native VLAN across the link. In the Cisco IOS software versions earlier than 12.1(3)T, you cannot define the native VLAN explicitly, as the encapsulation dot1Q 1 native command under the sub-interface is not available. In the earlier Cisco IOS versions, it is important not to configure VLAN1 interface as a subinterface. The router then expects a tag dot1q frame on VLAN1 and the switch is not expecting a tag on VLAN1. As a result, no traffic will pass between VLAN1 on the switch and the router.
By default, a Catalyst 2950, 2900 XL, or 3500 XL switch is in the no-managementdomain state until it receives an advertisement for a domain over a trunk link (a link that carries the traffic of multiple VLANs) or until you configure a domain name. The default VTP mode is server mode, but VLAN information is not propagated over the network until a domain name is specified or learned
VTP server
In this mode, you can create, modify, and delete VLANs and specify other configuration parameters (such as VTP version) for the entire VTP domain. VTP servers advertise their VLAN configurations to other switches in the same VTP domain and synchronize their VLAN configurations with other switches based on advertisements received over trunk links. In VTP server mode, VLAN configurations are saved in nonvolatile RAM. VTP server is the default mode.
VTP client
In this mode, a VTP client behaves like a VTP server, but you cannot create, change, or delete VLANs on a VTP client. In VTP client mode, VLAN configurations are saved in nonvolatile RAM.
VTP transparent
In this mode, VTP transparent switches do not participate in VTP. A VTP transparent switch does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements. However, transparent switches do forward VTP advertisements that they receive from other switches. You can create, modify, and delete VLANs on a switch in VTP transparent mode. In VTP transparent mode, VLAN configurations are saved in nonvolatile RAM, but they are not advertised to other switches.
VLAN Colors
VLAN switching is accomplished through frame tagging where traffic originating and contained within a particular virtual topology carries a unique VLAN identifier (VLAN ID) as it traverses a common backbone or trunk link. The VLAN ID enables VLAN switching devices to make intelligent forwarding decisions based on the embedded VLAN ID. Each VLAN is differentiated by a color, or VLAN identifier. The unique VLAN ID determines the frame coloring for the VLAN. Packets originating and contained within a particular VLAN carry the identifier that uniquely defines that VLAN (by the VLAN ID).
The VLAN ID allows VLAN switches and routers to selectively forward packets to ports with the same VLAN ID. The switch that receives the frame from the source station inserts the VLAN ID and the packet is switched onto the shared backbone network. When the frame exits the switched LAN, a switch strips header and forwards the frame to interfaces that match the VLAN color. If you are using a Cisco network management product such as VlanDirector, you can actually color code the VLANs and monitor VLAN graphically.
Issues regarding benefits of creating VLANs should have been addressed when you developed your network design. Issues to consider include Scalability
Performance improvements Security