Design A VLAN (Virtual Local Area Network) Based Network: June 2020

See discussions, stats, and author profiles for this publication at: https://www.researchgate.
net/publication/341979907
Design a VLAN (Virtual Local Area Network) Based Network
Technical Report · June 2020

DOI: 10.13140/RG.2.2.29163.57120
CITATIONS READS
0 13,446
1 author:
Md. Humayun Kabir

International Islamic University Chittagong
34 PUBLICATIONS 39 CITATIONS
SEE PROFILE
Some of the authors of this publication are also working on these related projects:
Design and Implementation of a Secured Enterprise Network using Dynamic Multipoint VPN with HSRP Protocol View project
Adaptive Energy Efficient Street Lighting System for Chittagong Area View project
All content following this page was uploaded by Md. Humayun Kabir on 06 June 2020.
The user has requested enhancement of the downloaded file.

Design a VLAN (Virtual Local Area Network)
Based Network
Introduction:
A VLAN (virtual LAN) is a subnetwork which can group together collections of devices on
separate physical local area networks (LANs). A LAN is a group of computers and devices
that share a communications line or wireless link to a server within the same geographical
area.
Figure 1: VLAN Overview
VLANs make it easy for network administrators to partition a single switched network to
match the functional and security requirements of their systems without having to run new
cables or make major changes in their current network infrastructure. VLANs are often set up
by larger businesses to re-partition devices for better traffic management.
VLANs are also important because they can help improve the overall performance of a
network by grouping together devices that communicate most frequently. VLANs also
provide security on larger networks by allowing a higher degree of control over which devices
Page 1 of 9
have access to each other. VLANs tend to be flexible because they are based on logical
connections, rather than physical.
One or more network switches may support multiple, independent VLANs, creating Layer 2
(data link) implementations of subnets. A VLAN is associated with a broadcast domain. It is
usually composed of one or more network switches.
Types of VLANs
Types of VLANs include Protocol based, static and dynamic VLANs.
➢ A Protocol VLAN- which has traffic handled based on its protocol. A switch will
segregate, or forward traffic based on the traffics protocol.
➢ Static VLAN- also referred to as port-based VLAN, needs a network administrator to
assign the ports on a network switch to a virtual network; while:
➢ Dynamic VLAN- allows a network administrator just to define network membership
based on device characteristics, as opposed to switch port location.
How VLAN works

Ports (interfaces) on switches can be assigned to one or more VLANs, enabling systems to be
divided into logical groups -- based on which department they are associated with -- and
establish rules about how systems in the separate groups are allowed to communicate with
each other. These groups can range from the simple and practical (computers in one VLAN
can see the printer on that VLAN, but computers outside that VLAN cannot), to the complex
and legal (for example, computers in the retail banking departments cannot interact with
computers in the trading departments).
Figure 2: VLAN Based Office Network Overview.
Page 2 of 9
Each VLAN provides data link access to all hosts connected to switch ports configured with
the same VLAN ID. The VLAN tag is a 12-bit field in the Ethernet header that provides
support for up to 4,096 VLANs per switching domain. VLAN tagging is standardized in IEEE
(Institute of Electrical and Electronics Engineers) 802.1Q and is often called Dot1Q.
When an untagged frame is received from an attached host, the VLAN ID tag configured on
that interface is added to the data link frame header, using the 802.1Q format. The 802.1Q
frame is then forwarded toward the destination. Each switch uses the tag to keep each VLAN's
traffic separate from other VLANs, forwarding it only where the VLAN is configured. Trunk
links between switches handle multiple VLANs, using the tag to keep them segregated. When
the frame reaches the destination switch port, the VLAN tag is removed before the frame is to
be transmitted to the destination device.
Multiple VLANs can be configured on a single port using a trunk configuration in which each
frame sent via the port is tagged with the VLAN ID, as described above. The neighbouring
device's interface, which may be on another switch or on a host that supports 802.1Q tagging,
will need to support trunk mode configuration to transmit and receive tagged frames. Any
untagged Ethernet frames are assigned to a default VLAN, which can be designated in the
switch configuration.
When a VLAN-enabled switch receives an untagged Ethernet frame from an attached host, it
adds the VLAN tag assigned to the ingress interface. The frame is forwarded to the port of the
host with the destination MAC address (media access control address). Broadcast, unknown
unicast and multicast (BUM traffic) is forwarded to all ports in the VLAN. When a previously
unknown host replies to an unknown unicast frame, the switches learn the location of this
host and do not flood subsequent frames addressed to that host.
The switch-forwarding tables are kept up to date by two mechanisms. First, old forwarding
entries are removed from the forwarding tables periodically, often a configurable timer.
Second, any topology change causes the forwarding table refresh timer to be reduced,
triggering a refresh.
The Spanning Tree Protocol (STP) is used to create loop-free topology among the switches in
each Layer 2 domain. A per-VLAN STP instance can be used, which enables different Layer 2
topologies or a multi-instance STP (MISTP) can be used to reduce STP overhead if the
topology is the same among multiple VLANs. STP blocks forwarding on links that might
produce forwarding loops, creating a spanning tree from a selected root switch. This blocking
means that some links will not be used for forwarding until a failure in another part of the
network causes STP to make the link part of an active forwarding path.
The figure above shows a switch domain with four switches with two VLANs. The switches
are connected in a ring topology. STP causes one port to go into blocking state so that a tree
topology is formed (i.e., no forwarding loops). The port on switch D to switch C is blocking,
as indicated by the red bar across the link. The links between the switches and to the router
are trunking VLAN 10 (orange) and VLAN 20 (green). The hosts connected to VLAN 10 can
Page 3 of 9
communicate with server O. The hosts connected to VLAN 20 can communicate with server
G. The router has an IPv4 subnet configured on each VLAN to provide connectivity for any
communications between the two VLANs.
Learning Objectives
Upon completion of this lab, you will be able to:
✓ Cable a network according to the topology diagram

✓ Erase the startup configuration and reload a switch to the default state
✓ Perform basic configuration tasks on a switch
✓ Create VLANs
✓ Assign switch ports to a VLAN
✓ Add, move, and change ports
✓ Verify VLAN configuration
✓ Enable trunking on inter-switch connections
✓ Verify trunk configuration
✓ Save the VLAN configuration
VLAN Configuration
Figure 3: VLAN Simulation Network Topology
Mother Switch or Core Switch Configuration
Switch>enable
Switch#configure
Switch(config)#hostname CoreSwitch
CoreSwitch(config)#exit
CoreSwitch#wr
Page 4 of 9
CoreSwitch#show vlan
Figure 4: VLAN Activation in Network
CoreSwitch#configure
CoreSwitch(config)#vlan 2
CoreSwitch(config-vlan)#name Sales
CoreSwitch(config-vlan)#exit
CoreSwitch(config-vlan)#name HR
CoreSwitch(config-vlan)#name Accounts
CoreSwitch#wr
CoreSwitch(config)#interface fastEthernet 0/3
CoreSwitch(config-if)#switchport access vlan 2
CoreSwitch(config-if)#exit
CoreSwitch(config)#interface range fastEthernet 0/4-5
CoreSwitch(config-if-range)#switchport access vlan 2
CoreSwitch(config-if-range)#exit
CoreSwitch(config-if-range)#interface range fastEthernet 0/6-8
CoreSwitch(config)#interface range fastEthernet 0/9-11
CoreSwitch#wr
Page 5 of 9
Figure 4: Create VLAN in Network.
CoreSwitch#show vlan
CoreSwitch(config)#interface vlan 2
CoreSwitch(config-if)#ip address 172.16.20.100 255.255.0.0
CoreSwitch(config-if)#no shutdown
CoreSwitch(config)#exit
CoreSwitch#wr
CoreSwitch#show running-config
VLAN Router Configuration

Router>enable
Router#config
Router(config)#hostname R-VLAN
R-VLAN(config)#int gi0/0
R-VLAN(config-if)#no shutdown
R-VLAN(config-if)#int gi0/0.1
R-VLAN(config-subif)#encapsulation dot1Q 2
R-VLAN(config-subif)#ip address 172.16.20.1 255.255.0.0
R-VLAN(config-subif)#no shutdown
R-VLAN(config-subif)#exit
R-VLAN(config)#int gi0/0.2
Page 6 of 9
R-VLAN(config-subif)#no shutdown
R-VLAN(config)#int gi0/0.3
R-VLAN(config)#exit
R-VLAN#wr
Mother Switch or Core Switch Configuration
CoreSwitch >enable
CoreSwitch #config
CoreSwitch (config)#int f0/1
CoreSwitch (config-if)#switchport mode trunk
CoreSwitch (config-if)#exit
CoreSwitch (config)#exit
CoreSwitch #wr
VTP Configuration in Core Switch
CoreSwitch >enable
CoreSwitch #show vlan
CoreSwitch #show vtp status
CoreSwitch #config
CoreSwitch (config)#vtp mode server
CoreSwitch (config)#vtp domain erevo.net
CoreSwitch (config)#vtp password test
CoreSwitch #wr
CoreSwitch >en
CoreSwitch #config
CoreSwitch (config)#int f0/2
CoreSwitch (config-if)#switchport mode trunk
CoreSwitch (config-if)#switchport trunk allowed vlan all
CoreSwitch (config-if)#exit
CoreSwitch #wr
Child Client Switch Configuration

Switch>enable
Switch#config
Page 7 of 9
Switch(config)#hostname C-S-1
C-S-1(config)#exit
C-S-1#show vtp status
C-S-1#show vlan
C-S-1#config
C-S-1(config)#vtp mode client
C-S-1(config)#vtp domain erevo.net
C-S-1(config)#vtp password test
C-S-1(config)#exit
C-S-1#wr
C-S-1#config
C-S-1(config)#int f0/15
C-S-1(config-if)#switchport access vlan 2
C-S-1(config-if)#exit
C-S-1(config)#exit
C-S-1#wr
C-S-1>enable
C-S-1#conf
C-S-1(config-if)#switchport mode trunk
C-S-1(config-if)#no shutdown
C-S-1(config)#exit
C-S-1#wr
Page 8 of 9
C-S-1>enable
C-S-1#config
C-S-1(config-if)#switchport mode access
C-S-1(config)#exit
C-S-1#wr
After Configuration properly, then check by ping test each client PC to another client PC.
Reference:
1. Virtual Local Area Network (VLAN), Definition from WhatIs.com. (2020). Retrieved 6
June 2019, from https://searchnetworking.techtarget.com/definition/virtual-LAN
2. VLAN Implementation Guide: The Basics. (2020). Retrieved 6 June 2019, from
https://www.networkcomputing.com/networking/vlan-implementation-guide-basics
Page 9 of 9
View publication stats

Design A VLAN (Virtual Local Area Network) Based Network: June 2020

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Design A VLAN (Virtual Local Area Network) Based Network: June 2020

Uploaded by

Copyright:

Available Formats

See discussions, stats, and author profiles for this publication at: https://www.researchgate.

Design a VLAN (Virtual Local Area Network) Based Network

Technical Report · June 2020

Md. Humayun Kabir

The user has requested enhancement of the downloaded file.

Figure 1: VLAN Overview

How VLAN works

Figure 2: VLAN Based Office Network Overview.

Upon completion of this lab, you will be able to:

✓ Cable a network according to the topology diagram

Figure 3: VLAN Simulation Network Topology

Mother Switch or Core Switch Configuration

Figure 4: VLAN Activation in Network

VLAN Router Configuration

Child Client Switch Configuration

View publication stats

You might also like