VLANs Vlans are a logical grouping of devices, grouped together regardless of physical location.

This limits broadcasts, improves security, stability, and management. To communicate between VLANs, traffic must pass through a layer 3 device. Static Vlans are assigned to ports, regardless of what device is plugged into them. Dynamic Vlans are assigned to a MAC address, so you can actually move the device around without it changing Vlans. Vlan 1 is the default Vlan on Cisco switches Vlans 2-1001 are for ethernet vlans. Vlans 1002-1005 are for FDDI Vlans 1006-1024 are for system use Vlans 1025-4094 are for ethernet vlans Private Vlans (pVLANs) are isolated ports within a Vlan while still being on the same subnet. The primary vlan is the main vlan that encompasses the secondary vlans. Secondary vlans can have community vlans, which can communicate which other devices within it, or the can be isolated, which cannot communicate with anything but promiscuous ports. Promiscuous ports can be reached by community vlans as well, and are usually servers and routers that everyone needs access to. Trunking Trunking allows VLANs to span multiple switches. ISL is a Cisco proprietary encapsulation for vlan traffic. 802.1q is an industry standard that tags the traffic with the vlan information. ISL is being phased out by Cisco. Native VLANs are a default vlans that 802.1q trunks tag when there is no vlan specified. Dynamic Trunking Protocol (DTP) is a cisco proprietary protocol that negotiates trunk ports between switches, and selects the trunking protocol to be used. Vlan mapping allows to limit vlans across a trunk, and allows you to control what is dropped. This can improve bandwidth and processor utilization. It also automatically will map extended 802.1q vlans to ISL vlan numbers if necessary. 802.1q also supports a feature called 802.1q-in-q tunneling. This allows service providers to transport Vlan traffic across their network, without the vlan information having to be unique. VTP Vlan Trunking Protocol is used to distribute and synchronize vlan information throughout the network. When a switch is configured as a Server in a vtp domain, it is able to create, modify and send vlan information to other switches using the latest information it receives from other switches. In transparent mode, a switch is able to modify vlan information and forward it, but it does not synchronize with other switches. When in client mode, a switch will receive and synchronize with the vtp information it receives, but it will not save them in nvram, and cannot modify them. When VTP is turned off, it simply drops vtp information. By default, VTP is flooded every 5 minutes, or whenever a change occurs. VTP pruning is when a switch determines certain information from the vtp floods does not need to go out. If a switch does not have any vlans from an advertisement, it will not be forwarded the unnecessary information. To secure vtp you can use authenticated passwords inside of vtp advertisements. -Configuration To configure a new VLAN use vlan 2 where 2 is the vlan ID to use You can name the vlan with name department You need to type exit to save the configs To assign a device port to a VLAN use switchport access vlan 2 To configure a trunk port, from the interface assign switchport trunk encapsulation dot1q Then switchport mode trunk To set the native vlan, switchport trunk native vlan 3 To configure VTP mode to server, use vtp server To set the domain, use vtp domain myname For authentication, use vtp password mypass And vtp pruning to enable pruning -Show Commands show id vlan 2 – displays information about a vlan show int fasteth 0/1 switchport – shows detained switchport information show int eth0/1 trunk – displays trunk information for the port show vtp status – displays vtp configurations show vtp counters – displays statistics on the vtp process By gt-rob Read more

Sign up to vote on this title
UsefulNot useful