computer networking macedonia vlan’s, vtp, intervlan routing, (and if there is enough time - stp)
TRANSCRIPT
Presenter Delyan Genkov, PhD, Principal
Assistant Professor at Technical University of Gabrovo, Bulgaria
CCNA, CCNP, CCAI, CCSI#33190 Working at Lirex BG Ltd – Gold Cisco Partner Instructor and Main Contact in the first Bulgarian
Cisco Networking Academy since 1999 Email: [email protected]
Why to divide a LAN?
Benefits:Decreases unnecessary trafficLimits broadcastsAllows the network to grow Increases security
DrawbacksMore complicated and expensive devicesMore administrator’s knowledge required
Traditional network division
Depends on geographic locations (Sometimes) requires more router
interfaces Do not allows
movement
VLAN division
Position independent Allows easy movement Increases security
(if properly configured) May use one or more
router interfaces
Two or more VLANs on a single switch? Possible, but not common Functions as two or more separate
switches I use this when there are free ports and I
need another switch in the same rack The true power is when you use more
switches
VLAN’s have
Mandatory number (VLAN ID)1 – 1024 Standard VLANs1001 – 1024 are reserved1025 – 4096 – Extended VLANs (SP)
Optional name (Default VLAN0001, …) Type (Ethernet) MTU (Typical 1500) and so on.
VLAN tasks
Create the VLANs in switch memory Assign ports to VLANs
Types of ports:Access – resides in only one VLANVoice VLAN – an additional VLAN for access portTrunk – allows packets for more than one VLAN
VLAN Tagging
IEEE 802.1q (4bytes) - Standard ISL (30 bytes) – Cisco proprietary
IEEE 802.1q preferred
Native VLAN – no tag Native VLAN must match in both ends
Cisco defaults
Only VLAN 1 exists All ports are assigned in VLAN 1 All VLANs are allowed on a Trunk (you
can change this) Native VLAN on all trunks is VLAN 1 Security recommendation: Do not leave
computers in the native VLAN!
Deleting a VLAN
If you delete a VLAN and the switch have ports, assigned to it – these ports remains in a non-existing VLAN and are shutdown.
The right way is – first to reassign these ports in an existing VLAN, then to delete the VLAN.
VTP VLAN Trunking Protocol – Cisco
Proprietary What was the main tasks when you
configure VLANs?Creating VLANs into the switch memoryAssign ports into VLANs
VTP can assist you in the first task, but you still have to complete the second task
Imagine a network with 100 switches Instead of logging 100 times in every
switch and configure a VLAN, with VTP you can do it on a single switch
But be careful – with VTP you can stop the whole network with one command (or even with one connection)
Another VTP Parameters
VTP Version – 1, 2 or 3 VTP Domain name VTP Password – optional VTP Pruning Configuration Revision
VTP Defaults
VTP mode: Server VTP Domain Name: null VTP Password: null VTP Version: 1 Configuration Revision: 0
Correct action
You configure new VLAN on the server It increases configuration revision All other switches learns for the change All other gets new VLAN information and
increases the configuration revision
Incorrect action
You have a production and test networks You get a switch from test network and
delete all the test VLANs, except VLAN 1 You forgot to reset the configuration
revision You connect the new switch to the
production network
InterVLAN Routing
When you need to pass traffic between VLANs
Not necessary in an ISP, probably needed in an organizational network
Needs Layer 3 device(s) Normally every VLAN is separate IP
network
Separate interfaces Router doesn’t have to
know IEEE 802.1q Every interface is
connected to an access port in correct VLAN
Every interface is a Default Gateway for it’s VLAN
Router-on-a-Stick One Routers interface,
connected to a trunk port Router must speak 802.1q You must create subinterfaces
for every VLAN with an IP address for default gateway
The single interface may create bottleneck
Layer 3 switch
Uses virtual interfaces There is no practical limitation for
VLANs count Most scalable and fastest solution Sometimes may not fulfill all the
requirements (i.e. BGP routing with the ISP’s)
Spanning Tree Protocol
IEEE 802.1D Enables redundant topologies Blocks the redundant links, enables only one If using for two or more links between two
switches, Etherchannel is preferrable But STP allows circular or more complex
topologies