Virtual Local Area Network VLAN Tutorial
Now to the configuration part ^^, in this part I use the “building” topology with two switches at the 1st & 3rd floors and one Main Sw.
VLAN Configuration
Creating VLAN
1st_Floor_Switch#configure terminal
1st_Floor_Switch(config)#vlan 2
1st_Floor_Switch(config-vlan)#name SALES
1st_Floor_Switch(config-vlan)#vlan 3
1st_Floor_Switch(config-vlan)#name TECH
1st_Floor_Switch(config-vlan)#vlan 10
1st_Floor_Switch(config-vlan)#name LEADER
Notice that we don’t need to exit out of “Vlan mode” to create another VLAN.
We also use the above configuration for 3rd_Floor_Switch & Main Sw.
Set VLAN Membership
Assign VLAN to each port:
1st_Floor_Switch(config)#interface f0/0
1st_Floor_Switch(config-if)#switchport access vlan 2
1st_Floor_Switch(config-if)#interface f0/1
1st_Floor_Switch(config-if)#switchport access vlan 3
Notice that for port connecting to host we must configure it as access port.
Create Trunk Ports:
+ On 2950 & 2960 Switches: Switches 2950 & 2960 only have 802.1q encapsulation so to turn it on we simply use this command:
Main_Sw(config-if)#switchport mode trunk
+ On 3550 & 3560 Switches: There are two encapsulation types in 3550 & 3560 Cisco switch: 802.1q and ISL but there are 3 encapsulation methods: 802.1q, ISL and negotiate.The default encapsulation is negotiate. This method signals between the trunk ports to choose an encapsulation method. ISL is preferred over 802.1q so we have to configure to “dot1q” if we want to use this standard.
Main_Sw(config-if)#switchport trunk encapsulation dot1q
Main_Sw(config-if)#switchport mode trunk
In fact, if you use VLAN Trunking Protocol (VTP) then you only need to configure VLAN on the Main Sw, set the Main Sw to “Server” mode and 2 other switches to “Client” mode. To learn more about VTP, please read my VTP tutorial.
VLAN Summaries:
+ VLANs are used to create logical broadcast domains and Layer 3 segments in a given network
+ A VLAN is considered a logical segment because the traffic it carries may traverse multiple physical network segments
Cisco switches support two different trunking protocols, Inter-Switch Link (ISL) and IEEE 802.1q. In 802.1q, native VLAN frames are untagged.
The benefits of VLANs
1. Segment networks into multiple smaller broadcast domains without Layer 3 network devices such as routers. VLANs make switched Ethernet networks more bandwidth-efficient through this segmentation of broadcast domains.
2. Group users together according to function rather than physical location. In a traditional network, users in a given work area are on the same network segment regardless of their job description or department. Using VLANs, however, you could have one salesperson in each work area of the building sitting next to engineers in their work area, yet on a separate logical network segment.
3. The ability to reconfigure ports logically without the need to unplug wires and move them around. If a user takes his or her computer to a new work area, no cables need to be swapped on the switch, just access the switch and issue commands to change the VLAN assignments for the old and new ports. VLANs thus simplify the process of adding, moving, and deleting users on the network. They also improve network security by avoiding cabling mishaps that can arise when users are moved in traditional Ethernet networks.
If you want to learn about VTP, please read my VTP tutorial.
If you want to find out how different VLANs can communicate, please read my InterVLAN Routing tutorial.
Great work with excellent examples
I agree – Very helpful and understandable content!
Finally I understand this topic. Thanks for the examples.:)