CCNA Class 12: VLAN and Inter-VLAN Configuration

-

 What is the VLAN In Details

VLAN (Virtual Local Area Network) is a network configuration concept that allows multiple logical networks to exist on a single physical network. By segmenting a network into VLANs, you can group devices logically, regardless of their physical location, to improve network performance, security, and management.

 

Key Features of VLAN:

  • Segmentation: VLANs divide a large network into smaller, manageable segments.

  • Isolation: Devices in different VLANs cannot communicate directly without a router or Layer 3 device.

  • Security: Isolating sensitive data to specific VLANs reduces the risk of unauthorized access.

  • Improved Performance: VLANs reduce broadcast traffic by confining it to specific segments.

  • Flexibility: Users and devices can be grouped logically, independent of their physical locations.


There are multiple types of VLAN, and each serves different purposes: 

  1. Default VLAN: The initial VLAN to which all switch ports are assigned by default. On most switches, this is VLAN 1

  2. Data VLAN: A VLAN designated for user-generated data traffic, isolating it from other types of traffic like voice or management.

  3. Voice VLAN: A VLAN specifically for carrying voice traffic from IP phones, ensuring higher priority and quality of service (QoS).

  4. Management VLAN: A VLAN used for network management traffic, such as SNMP, SSH, or Telnet. This provides a secure channel for managing network devices.

  5. Native VLAN: The VLAN assigned to untagged traffic on a trunk port 802.1Q. It is typically used for backward compatibility with devices that don't support VLAN tagging. 

For Tagging, VLAN information in the trunk port have two protocol they are used, 

  1. Cisco's proprietary ISL (Inter-Switch Link)

  2. IEEE 802.1Q


3 Different Methods to Assign VLAN Membership to Network Devices

  1. Port-based VLAN assignment: This method assigns VLAN membership based on the physical switch port. Each port is statically assigned to a VLAN, and any device connected to that port becomes part of the assigned VLAN. This is one of the simplest methods to separate network traffic and limit access to sensitive data. 

  2. MAC address-based VLAN assignment: allows a switch to dynamically assign devices to VLANs based on their MAC addresses. To achieve MAC-based VLAN assignment, a VLAN Management Policy Server (VMPS) is typically required. VMPS maps MAC addresses to VLANs and communicates this information to the switches.

  3. Protocol-based VLAN assignment: automates the process by classifying traffic according to the protocols (e.g., IP, IPX, AppleTalk) and assigning VLANs accordingly. This method allows traffic from different protocols to be segregated into different VLANs, helping optimize traffic management and improving security.


Basic VLAN Configuration

Step01: VLAN creation & Assign to Sw Port (all switches are same):

switch>enable

switch#show vlan brief

switch#hostname 1F-Core-SW

1F-Core-SW#conf t

1F-Core-SW(config)#vlan 10

1F-Core-SW(config-vlan)#name HR

1F-Core-SW(config)#vlan 20

1F-Core-SW(config-vlan)#name IT

1F-Core-SW(config)#vlan 30

1F-Core-SW(config-vlan)#name Payroll

1F-Core-SW(config)#vlan 99

1F-Core-SW(config-vlan)#name management

1F-Core-SW(config)#Interface range fa0/1-5

1F-Core-SW(config)#switchport mode access

1F-Core-SW(config)#switchport access vlan 10

1F-Core-SW(config)#Interface range fa0/6-10

1F-Core-SW(config)#switchport mode access

1F-Core-SW(config)#switchport access vlan 20

1F-Core-SW(config)#Interface range fa0/11-15

1F-Core-SW(config)#switchport mode access

1F-Core-SW(config)#switchport access vlan 30

1F-Core-SW#show vlan brief


Step 02: Assign Management VLAN IP and SW port (for both).


1F-Core-SW(config)#interface vlan 99

1F-Core-SW(config-if)#ip address 192.168.99.100 255.255.255.0

1F-Core-SW(config)#no shutdown

1F-Core-SW(config)#interface range fa0/20-24

1F-Core-SW(config)#switchport mode trunk

1F-Core-SW(config)#switchport trunk native vlan 99

1F-Core-SW(config)#no shutdown

1F-Core-SW(config)#show interface trunk


Step 03: Test to ping all PCs



Inter-VLAN Configuration


#Activate/up the interface

Router(config)#interface fa0/0

Router(config-if)#no shutdown


#Create sub-interface for VLAN 10

Router(config)#interface fa0/0.10

Router(config-subif)#encapsulation dot1Q 10

Router(config-subif)#ip address 192.168.10.1 255.255.255.0

Router(config-subif)#no shutdown



#Create sub interfeace for VLAN 20

Router(config)#interface fa0/0.20

Router(config-subif)#encapsulation dot1Q 20

Router(config-subif)#192.168.20.1 255.255.255.0

Router(config-subif)#no shutdown


#Create sub interfeace for VLAN 30

Router(config)#interface fa0/0.30

Router(config-subif)#encapsulation dot1Q 30

Router(config-subif)#ip address 192.168.30.1 255.255.255.0

Router(config-subif)#no shutdown


#Create sub interfeace for VLAN 99

Router(config)#interface fa0/0.99

Router(config-subif)#encapsulation dot1Q 99

Router(config-subif)#ip address 192.168.99.1 255.255.255.0

Router(config-subif)#no shutdown


#Configure the concerned trunk port of the switch

Switch(config)#interface fa2/1

Switch(config-if)#switchport mode trunk

Switch(config-if)#switchport trunk native vlan 99

Switch(config-if)#no shutdown



Referral Link: 

https://drive.google.com/file/d/1c_pF6KdS9K40FfSkMgurldQvJKYrX6i6/view?usp=sharing 

Popular posts from this blog

RHCSA-EX200: Vendor Exam Problem Solving

-
Image
Vendor Exam Module List following this link:  https://www.redhat.com/en/services/training/ex200-red-hat-certified-system-administrator-rhcsa-exam?section=objectives   Question-01: Manage basic networking  Configure network and set the static parameters. Consider a machine configured as DHCP, and need to configure it with static parameters. IP-ADDRESS= 172.25.250.10 | 192.168.213.10/24 NETMASK= 255.255.255.0 GATEWAY= 172.25.250.254 | 192.168.213.1 Nameserver= 172.24.254.254 | 192.168.213.1 Hostname= servera.lab.example.com Solution Step-01: Changed the hostname of Linux Machine.  #hostnamectl set-hostname servera.lab.example.com #hostname or hostnamectl #cat /etc/hostname Step-02: Changed/Create/Modify Network Adapter following information #nmcli connection show #nmcli device status #nmcli connection modify <profile_name> ipv4.addresses 172.25.250.10/24 ipv4.gateway 172.24.250.254 ipv4.dns 172.24.254.254 ipv4.method manual connection.autoconnect yes #systemctl r...
Read more

CCNA Class 11: Distance vector Routing Protocol (RIPv1 & RIPv2) Configuration

-
Image
DISTANCE VECTOR ROUTING PROTOCOL RIP is known as Distance Vector Routing Protocol. Here Distance means number of hop counts which is calculated by Router to reach traffic source to destination and Vector means direction. In a word, RIP - to choose the least path by calculating metric value from the entire network direction while travelling traffic from source to destination. Here the scenario, when the traffic travels from R1 to destination subnet X via the upper path (R1=>R2....R8=>Subnet-X) of Network, It takes the Metric 4 value. Or, the metric will be 3 while traveling R1 to Destination Subnet X via the middle path (R1=> R5...R8=>Subnet-X) of the network and Vice versa. How to RIP Work - RIP is a distance vector protocol that exchanges routing information between routers periodically. Each router maintains a routing table that contains the next hop and the hop count for each destination network. Every 30 seconds, the router sends its entire routing table to its dir...
Read more

CCNA Class 10: Introduction of Routed & Routing Protocols and Configuration

-
Image
Introduction of Routing Protocols Routing Fundamental Routing is the process of forwarding data packets from their source to their destination across interconnected networks. It is a critical function in both small-local area networks (LANs) and large-scale wide-area networks (WANs), including the Internet. There are two types of data packets - Routed Protocols and Routing Protocols.   Fig: Basic Routing Key Concepts in Routing Router: A router is a networking device responsible for forwarding data packets between networks based on their IP addresses. It operates at the network layer (Layer 3) of the OSI model. Routing Table: A database stored in a router that contains information about network destinations and how to reach them. Consists of: Destination network Next hop: The next router or device to which the packet should be sent. Metric: A value indicating the "Cost" of reaching a destination (hop count, bandwidth, latency, reliability, load). Interface: The router i...
Read more