Virtual LANs Notes

Virtual LAN Concepts

All LAN devices are in the same broadcast domain.

Common reasons to use vlans:

• flexible designs by departments or groups instead of by location
• reduce overhead to each host in a vlan by segmenting
• reduce workload of STP by limiting a vlan to a single access switch
• enforce better security
• separate traffic sent from an IP phone

Trunking with ISL and 802.1Q

VLAN trunking is used on segments to share VLAN information between multiple connected switches.

Two types of trunking protocols:

• ISL (Inter-Switch Link)
• 802.1Q

ISL

Inter-switch link. Cisco proprietary
Only used between Cisco switches
Encapsulates original ethernet frame in an ISL header and trailer
Supports normal & extended vlan range
Allows multiple spanning trees
Doesnt use native vlan

802.1Q

IEEE Standard
Inserts extra 4-byte VLAN header into original Ethernet frame
Supports normal & extended vlan range
Allows multiple spanning trees
Uses native vlan

VLAN Trunking Protocol (VTP)

Cisco proprietary way of sharing vlan information with other cisco switches.

There are three VTP modes:

• Server
• Client
• Transparent

To disable VTP put switch in transparent mode.

VTP Server has the capabilities of creating new vlans & the vtp server distributes that information over ISL or 802.1Q trunks.

Updates are based on revision numbers and are incremented by 1.

VTP clients simply receive and forward VTP messages and update the local vlan.dat to a newer revision, if available.

VTP servers & clients send VTP messages every 5 minutes

VTP Transparent switches don’t update their vlan configuration but they do forward along VTP messages to other switches (done with VTP version 2)

Three requirements for VTP to work between two switches:

1. Link between switches must be operating as a trunk, either ISL or 802.1Q
2. Both switches must have matching, case-sensitive, VTP domain name
3. Switches VTP, case-sensitive, passwords must match

VLAN information is stored in the vlan.dat database.
To delete the contents use command:

delete flash:vlan.dat

VTP Pruning

Allows VTP to dynamically determine which switches don’t need frames from certain vlans.

VTP prunes vlans from the appropriate trunks.

VTP pruning increases the available bandwidth in a network.

VLAN & VLAN Trunking Configuration & Verification

Configuring a VLAN Trunk

switchport trunk encapsulation {dot1q | isl | negotiate} an interface subcommand

Administrative mode refers to the configuration setting on an interface which means “what is configured”

Operational mode refers to what is currently happening on the switch.

Trunking Administrative Modes

• access – prevents trunking and puts interface as always nontrunk
• trunk – always uses trunking
• dynamic desirable – initiates negotiation of deciding to start using trunking and defines the encapsulation
• dynamic auto – waits for the negotiation of trunking

Reasons why a switch could prevent a particular vlan from crossing a trunk:

• vlan was removed from the trunk’s allowed vlan list
• the vlan doesn’t exist or it is inactive
• the vlan was pruned
• STP placed the trunk interface into a state other than forwarding

VTP Configuration & Verification

Configuring VTP

vtp mode {server | client}
vtp domain domain-name
vtp password password (optional)
vtp pruning (optional)
vtp version 2 (optional)

Where VTP Clients and Servers Store VLAN Related Configuration

Troubleshooting VTP

Step 1: Confirm switch names, tpology and vtp modes

Step 2: Use show vlan command on two sets of neighboring switches and see if the vlan database differs

Step 3: On differing databases, verify the following:

Related posts:

1. How To Configure a Router-on-a-Stick
2. 5 Easy Steps to Securing Your Cisco Switch or Router
3. User VLAN Do Not Acquire DHCP Address
4. Ethernet Cables & Speeds

Tagged as: ICND2, notes, vlans