Chapter 9 - Implementing Ethernet Virtual LANs

Question 1

How would you create 2 broadcast domains on one switch?

Answer 1

Configure VLANs on the switch.

Question 2

What are some common reasons for implementing VLANs?

Answer 2

1) Reduce CPU overhead on each device since less devices will receive broadcast frames
2) Reduce security risks by reducing the # of hosts that receive frames.
3) Improve security for hosts that send sensitive data by keeping them on a separate VLAN.
4) Create more flexible designs by grouping users by departments, or groups that work together.
5) To solve problems more quickly, since failures usually are problems experiences by devices in the same broadcast domain.
6) Reduce workload for the Spanning Tree Protocol (STP).

Question 3

When using VLANs in networks that have multiple interconnected switches, what needs to be used on the links between the switches?

Answer 3

VLAN trunking

Question 4

What is VLAN tagging?

Answer 4

The switch adds another header to the frame before sending it over the trunk. This extra header includes a VLAN identifier.

Question 5

What is the purpose of the VLAN identifier?

Answer 5

So the sending and receiving switch can associate the frame with a particular VLAN ID and know which VLAN the frame belongs.

Question 6

What are two trunking protocols that Cisco supports and which one is the most current one?

Answer 6

Inter-Switch Link (ISL) and IEEE 802.1Q (which is the newer standard)

Question 7

What size VLAN header does 802.1Q add to the original frame’s Ethernet header?

Answer 7

4-bytes

Question 8

What’s the size of the actual VLAN ID in the 802.1Q tag?

Answer 8

12 bits

Question 9

Since the Layer 2 switch does not forward frames outside a VLAN, where does the job of forward data between VLANs fall?

Answer 9

Falls with routers.

Question 10

In regards to routing between VLANs, instead of the router connecting an interface to each VLAN on the switch, what can be configured so the router only needs to use one interface connected to the switch?

Answer 10

Use trunking between the router and a switch. This is also known as router-on-a-stick.

Question 11

Other than a router doing all the VLAN routing, what else can be considered when routing between VLANs?

Answer 11

Layer 3 switch

Question 12

What are nontrunking interfaces on a switch also known as?

Answer 12

access interfaces

Question 13

From configuration mode, what is the command to add a vlan?

Answer 13

vlan {vlan-id}

Question 14

What optional command would give the VLAN a name?

Answer 14

name {name} VLAN subcommand

Question 15

If you do not give a VLAN a name, what’s the format that is given by the switch?

Answer 15

VLANZZZZ where ZZZZ is the 4-digit decimal VLAN ID

Question 16

After moving into the interface, what command would you use to assign that interface to a specific VLAN?

Answer 16

switchport access vlan {id-number}

Question 17

What optional command do you use to disable trunking on an interface after assigning it to a VLAN?

Answer 17

switchport mode access - this prevents it from negotiating to trunk

Question 18

How many VLANs does the 802.1Q header support?

Answer 18

4094 {0 and 4095 are reserved}

Question 19

Cisco switches break the range of VLAN IDs into what 2 ranges?

Answer 19

normal and extended range - the normal range is from 1-1005 - the extended is from 1006 to 4094

Question 20

What are the 4 command options for the switchport mode command?

Answer 20

1) access
2) trunk
3) dynamic desirable
4) dynamic auto

Question 21

Which switchport mode command option always acts like a trunk port?

Answer 21

trunk

Question 22

Which switchport mode command option initiates negotiation messages and responds to negotiation messages to dynamically choose whether to start using trunking?

Answer 22

dynamic desirable

Question 23

Which switchport mode command option always acts like an access (nontrunk) port?

Answer 23

access

Question 24

Which switchport mode command option passively waits to receive trunk negotiation messages?

Answer 24

dynamic auto

Question 25

What is the default switchport mode on a switch?

Answer 25

dynamic auto

Question 26

If the administrative mode is “access” on one side and “access” on the other side, what is the result?

Answer 26

access

Question 27

If the administrative mode is “dynamic auto” on one side and “dynamic auto” on the other side, what is the result?

Answer 27

access

Question 28

If the administrative mode is “dynamic auto” on one side and “dynamic desirable” on the other side, what is the result?

Answer 28

trunk

Question 29

If the administrative mode is “access” on one side and “dynamic desirable” on the other side, what is the result?

Answer 29

access

Question 30

What configuration of administrative mode do you not want to use?

Answer 30

trunk on one side and access on the other

Question 31

Which command allows you to control what VLANs are allowed on the trunk?

Answer 31

switchport trunk allowed vlan {add | all | except | remove} vlan-list

Question 32

What are 5 reasons why a switch would prevent a particular VLAN traffic from crossing a trunk?

Answer 32

1) A VLAN has been removed from the trunk’s allowed VLAN list.
2) A VLAN does not exist in the switch’s configuration
3) A VLAN does exist, but has been administratively shut down
4) A VLAN has been automatically pruned by VTP.
5) A VLAN’s STP instance has placed the trunk interface into a blocking state.