VLAN (Virtual Local Area Network)

- It is a group of switchport that appear into same lan.

- It is used to isolate traffic at layer 2 i.e. Datalink Layer
- Control broadcast traffic i.e. broadcast of one vlan never goes to another vlan.
- One Vlan = One Broadcast Domain
- By default Vlan 1 exist on all cisco switches.

Switch Without VLAN Switch With VLAN

Vlan Identification

1. Primary
- Defined by number
- It is mandatory
- It is of 12-bit i.e. 2 12 = 4096 (0 to 4095)
Where,
- Vlan 1 = Default Vlan (Also known as Management/Native Vlan)
- Vlan 2 to Vlan 1001 = Standard range of vlan & supported by all cisco switches
- Vlan 1002
Vlan 1003 For Token Ring & FDDI
Vlan 1004
Vlan 1005
- Vlan 1006 to Vlan 4094 = Extended range of Vlan & supported by higher series of switches

2. Secondary
- Define by name
- It is optional
How to create Vlan

switch(config)#vlan 10 switch(config)#vlan #name IT

#shutdown
#vlan 20 #no shutdown
#vlan 30 #state suspend
#name SALES #state active
OR
#vlan 10,11,15,17
#vlan 10-20
Verify
Switch#show vlan brief
Vlan Port Membership

1. Static : Port number is used.

switch(config)#interface fa0/1
#switchport mode access Individually
#switchport access vlan 10

switch(config)#interface range fa0/2-5

#switchport mode access Multiple but continuous
#switchport access vlan 20

switch(config)#interface range fa0/6 , fa0/8 , fa0/10

#switchport mode access Multiple but random
#switchport access vlan 30

2. Dynamic : Physical address of PC or User ID is used

- Require VMPS (On the basis of MAC address) & AAA (On the basis of User ID)
If you intend to use VLANs in your network, you will need to configure
Access Port
- a port that can be assigned to a single VLAN.
- Can not identify tagged frame
- Carry only single Vlan database
Trunk Port
- A port that is connected to another switch.
- This type of interface can carry traffic of multiple VLANs
- Belong to multiple Vlan
- Can identify tagged frame

Tagging Mechanism
- It is used when a link need to carry multiple Vlan database.

- 802.1D : It is used for Token Ring & FDDI

- LANE (LAN Emulation) : For ATM
- ISL (Inter Switch Link) : It is cisco proprietary.
- Dot1q : It is industry standard.
Ethernet Frame Format
- The frame structure adds headers and trailers around the Layer 3 Protocol Data Unit (PDU) to encapsulate
the message.
- It starts with the Preamble which works at the physical layer.

- Frame Size
- Minimum = 64 Byte
Frame < 64 Byte - Runt Frame
- Maximum = 1518 Byte
Frame > 1518 Byte – Giant Frame
- After tagging, ISL add header of 26 Byte & CRC of 4 Byte i.e. 1518 + 26 + 4 = 1548 Byte
- And dot1q add only 4 Byte of header i.e 1518 + 4 = 1522 Byte
Inter Vlan Routing

Method :-

1. Simple
- In this method one port of each vlan is directly
connected to ethernet interface of router.
2. Router-on-Stick

- Trunk link & sub-interface is used.

- Need at least one router.
- Every VLAN must have default gateway
3. Layer - 3 Switching

- L3 switch & SVI is used.

3. Layer-3 Switching
- Layer-3 switch is used
Types of VLAN

1. Management
- A management VLAN is any VLAN you configure to access the management
capabilities of a switch.
- Need to assign an IP address and subnet mask.
2. Native
- It is an untagged vlan on trunk link
- By default Vlan 1 is native vlan, but any vlan can be configured as native vlan.
3. Data
- A data VLAN that can also be referred to as user VLAN.
- This is configured to carry only user-generated traffic.
4. Voice
- Voice VLAN is configured to carry voice traffic.
- Voice VLANs are mostly given transmission priority over other types of network traffic.
5. Private
- It is a type of vlan inside vlan.
Native Vlan
- It is used to support untagged frame on trunk port
- By default Vlan 1 is native Vlan.
- Support only dot1q
- Only one Vlan can be Native Vlan on a trunk port.
- Trunk link send without tagging, the packet of native Vlan.
- Native Vlan must be same on both end on trunk link.
- If a switch receive untagged frame on an trunk port, they are assumed to be part of Vlan that are
designated on the switchport as native Vlan.

Configuration
switch(config)#interface fa0/0
#switchport mode trunk
#switchport trunk native Vlan 20
Voice Vlan
- Most corporate networks today use IP telephony.
- This means that the phones are connect to the same network and use the same cabling as
other network devices.
- IP phones today include a small switch that enable to connect
PC to the phone and then connect phone to local network.

Configuration
SW1(config)#vlan 99
SW1(config)#vlan 10
SW1(config)#int fa0/15
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 10
SW1(config-if)#switchport voice vlan 99

Verify
SW1#show interface fa0/1 switchport
Management VLAN
- It is used for managing the switch from a remote location by using protocols such as telnet, SSH, SNMP,
syslog etc.
- Normally the Management VLAN is VLAN 1, but you can use any VLAN as a management VLAN.
- Cisco recommends not to use VLAN 1 and not to use any VLAN that carries user data traffic as Management
VLAN.
- You must configure IP address and default gateway for Management VLAN.

Configuration
sw01>enable
sw01#configure terminal
sw01(config)#interface vlan 1
sw01(config-if)#ip address 192.168.100.28 255.255.255.0
sw01(config-if)#no shutdown
sw01(config-if)#exit
sw01(config)#ip default-gateway 192.168.100.1