Practice Q's - VLAN Trunking Flashcards
Which VLAN trunking protocol adds four bytes to the Ethernet frames?
A. ISL
B. LANE
C. 802.10
D. 802.1Q
Answer: D
Explanation:
802.1Q adds 4 bytes to the Ethernet frame. The process is known as 802.1Q tagging, and inserts a four-byte field into the Ethernet frame header between the source address and the Len/Etype fields. This tag identifies the frame as an 802.1Q frame and includes bits used to identify both the priority and the VLAN ID. The VLAN ID field indicates which VLAN the frame belongs to. An 802.1q trunk can support 4096 different VLANs. After the new tag field is inserted into the frame, the frame’s previous FCS field is recalculated and replaced. The following graphic shows both the ISL and 802.1Q frame formats as well as the original Ethernet frame:
Inter switch link (ISL) is a Cisco proprietary trunking protocol that handles the frame in a different manner. It adds a 26- byte frame header and 4-byte trailer to the frame.
LANE (LAN Emulation) is an IEEE standard for identifying VLANs on ATM networks.
802.10 is a Cisco proprietary method of identifying VLANs on FDDI media by writing VLAN information to the Security Association Identifier (SAID) of the 802.10 frame.
The following commands have been issued on a Catalyst switch:
Which of the following VLANs is allowed on the trunk?
A. VLAN 1 and VLANs 101 through 200
B. VLANs 101 through 200
C. VLANs 1 through 3000
D. VLANs 1 through 4094
Answer: A Explanation:
Virtual local area network (VLAN) 1 and VLANs 101 through 200 are allowed on the trunk. The switchport trunk allowed vlan command configures a trunk to carry one or more VLANs. The syntax for the switchport trunk allowed vlan command is switchport trunk allowed vlan {vlan-list | all | {add | except | remove} vlan-list}. VLANs specified in the vlan-list parameter should be separated by commas. However, if a contiguous group of VLANs is specified, the starting and ending VLAN numbers can be separated by a hyphen.
If no keywords are specified with the switchport trunk allowed vlan command, then only the VLANs contained within the vlan-list parameter will be allowed on the trunk. The all keyword specifies that all VLANs from 1 through 4094 should be allowed on the trunk. The add keyword specifies the VLANs that should be added to the list of VLANs that are already allowed by the trunk. The except keyword specifies that all VLANs from 1 through 4094 are allowed except the listed VLANs. The remove keyword specifies the VLANs that should be removed from the list of VLANs that are already allowed by the trunk.
In this scenario, the first command issued is switchport trunk allowed vlan all, which allows VLANs 1 through 4094. The second command issued is switchport trunk allowed vlan remove 1,101- 4094, which removes VLAN 1 and VLANs 101-4094. Therefore, VLANs 2 through 100 are allowed. The third command issued is switchport trunk allowed vlan except 3001-4094, which specifies that all VLANs should be allowed except VLANs 3001 through 4094.
Therefore, VLANs 1 through 3000 are allowed. The fourth command issued is switchport trunk allowed vlan 1, which specifies that only VLAN 1 should be allowed. The fifth command issued is switchport trunk allowed vlan add 101-200, which adds VLANs 101 through 200 to the list of allowed VLANs.
Therefore, VLAN 1 and VLANs 101 through 200 are allowed on the trunk.
Which are valid configurable VLAN ID numbers for 802.1Q networks?
A. 0-1005
B. 1-4094
C. 0-4095
D. 1-1001
Answer: B
Explanation:
IEEE 802.1Q supports configuring VLAN IDs 1 through 4094.
The 802.1Q standard specifies support for a maximum of 4,094 VLANs. (IDs 0 and 4095 are reserved.) Therefore, ID values of 1-4094 are assignable. In contrast, the valid range of configurable ISL VLANs is 1-1001. The following is a summary of VLAN IDs:
Recognizing the differences between supported VLAN ID ranges highlights several issues in constructing a network of both ISL and 802.1Q VLAN networks. Ethernet VLAN IDs above the supported ISL range must be mapped to IDs within the range supported by ISL. Among other limitations, you are limited to eight mappings. This process of mapping 802.1Q to ISL VLAN IDs will further restrict and define which IDs are available to be used.
What command configures a port with a voice VLAN using 802.1Q?
A. switch(config-if)# switchport voice vlan 10
B. switch(config-if)# switchport voice vlan 10 q
C. switch(config-if)# switchport voice vlan 10 802.1q
D. switch(config-if)# switchport voice vlan 10 dot1p
Answer: A
Explanation:
The command that configures a port with a voice VLAN using 802.1Q is switchport voice vlan 10. This configuration uses 802.1Q as a default. 802.1P is configured with the command switchport voice vlan 10 dot1p . These are the only two valid commands to configure voice VLANs on a switch port.
The following is an example of voice VLAN configuration and QoS:
- switch(config)# mls qos
- switch(config)# interface fastethernet 0/10
- switch(config-if)# switchport voice vlan 100
- switch(config-if)# switchport access vlan 1
- switch(config-if)# switchport priority extend trust
- switch(config-if)# mls qos trust cos
- switch(config-if)# mls qos trust device cisco-phone
In this example, the mls qos command enables QoS on the switch. The interface command moves the administrator into interface configuration mode. The switchport voice vlan 100 command configures the voice VLAN to be 100 using 802.1Q. If you wanted 802.1P, the command would have been switchport voice vlan 100 dot1p .
The VLAN for data traffic is defined with the fourth command, switchport access vlan 1 . The switchport priority extend trust command instructs the port to trust the CoS of the data traffic being passed from a PC connected to the IP phone. The mls qos trust cos command tells the port to use the CoS value of traffic passed to it from the phone or PC to classify traffic. (It is included here for illustration purposes only, as this command is not necessary when using the switchport priority extend trust command since the CoS value of the PC will be trusted anyway.) The mls qos trust device cisco-phone command tells the port to trust the QoS information provided from the IP phone if it is a Cisco phone.
The other options are incorrect due to invalid syntax.
What commands can be used to verify the trunking configuration of a router performing inter-VLAN routing? (Choose all that apply. Each correct answer is a complete solution.)
A. router# show trunk
B. router# show vlans
C. router# show vtp status
D. router# show ip interface brief
E. router# show ip route
Answer: B,E
Explanation:
The command show vlans verifies the trunking configuration of a router performing inter-VLAN routing. This command will indicate what subinterfaces are associated with what VLANs, the trunking protocol being used, and the IP addresses that the router is using on each of the VLANs.
The show ip route command can also be used to determine the correct configuration of inter-VLAN routing. If routing is configured correctly, there should be a route to each VLAN displayed in the output. If a route to a VLAN is missing, most likely the router is missing the command to assign an IP address to the VLAN in VLAN configuration mode. Below is output of the command on the same router as in the previous sample output, showing a route to both VLANs. If an IP address is not configured for a VLAN, a route to the VLAN will not be present.
The command show trunk is not a valid command to issue on a router. Routers do not understand trunking in the same way switches do. Routers must be configured with a unique subinterface representing each VLAN, mimicking how the router normally connects different network with physical interfaces.
The command show ip interface brief is not used to verify trunking on a router. This command is useful in identifying IP addresses assigned to interfaces, and the state of the interfaces. No VLAN or trunking information is included in the output.
The command show vtp status is not a valid command on a router. The router does not use or understand VTP.
You have executed the following set of commands on a Layer 3 switch:
You have verified that the configuration on all the physical and logical interfaces is correct. All the Layer 2 interfaces configured on the switch are in the up/up state.
What is the state of the VLAN and the line protocol when you execute the show interfaces vlan 5 command?
A. administratively down/down
B. down/down
C. up/up
D. up/down
Answer: C
Explanation:
The VLAN and the line protocol are in the up/up state when you execute the show interfaces vlan 5 command. You can view the state of the VLAN and the line protocol using the show interfaces vlan command, which is as follows:
- switchA# show interfaces vlan 5
Vlan5 is up, line protocol is up
Hardware is Ethernet SVI, address is 031B.70A2.166F (bia 031B.70A2.166F) Internet address is 10.33.3.1/24
As you can see in the given output, the text Vlan5 is up, line protocol is up indicates that VLAN 5 and the Layer 2 line protocol both are in the up state. Both the VLAN and line protocol are in the up/up state if the following conditions are true:
The VLAN is configured on the switch and is enabled in the VLAN database The VLAN is not in the administratively down state
The VLAN has at least one Layer 2 (access or trunk) port in the up state
The VLAN and the line protocol will not be in the administratively down/down state. An interface is in the administratively down state only when the shutdown command is used on that interface. In this case, the no shutdown command is used on the VLAN 5 interface, not the shutdown command. The no shutdown command enables the VLAN 5 interface.
The VLAN and the line protocol will not be in the down/down state. An interface is the down state when there is some Layer 1, Layer 2, or Layer 3 problem such as incorrect cabling used or an incorrect IP address assigned. Interfaces can also be in the down state if the either of the interfaces at the end of a link is in down state due to erroneous configuration. However, in this case, the configuration is correct and the VLAN 5 is in the up state because of the no shutdown command.
The VLAN and the line protocol will not in the up/down state. An interface is the down state when there are some Layer 1, Layer 2, or Layer 3 problems such as incorrect cabling used or an incorrect IP address assigned. In Layer 3 switches, line protocol will be in the down state if all of the Layer 2 ports in the VLAN are in the down state. In this case, the configuration is correct and all the ports in VLAN 5 are in the up state. This implies that that the line protocol cannot be in the down state.
What occurs when an untagged frame is received by an 802.1Q trunk port?
A. It discards the frame.
B. It tags the frame with the identified native VLAN value.
C. It forwards the frame out each port of the switch not assigned to a VLAN.
D. It forwards the frame to a port belonging to the same VLAN as the native VLAN.
Answer: D
Explanation:
IEEE 802.1Q supports configuring native VLANs. A native VLAN is the VLAN a port is in when not in trunking mode. Native VLAN packets are sent untagged. If an 802.1Q trunk receives an untagged frame, it will forward that frame to a port that belongs to the same VLAN as the identified native VLAN. The frame is treated as if it were tagged with the same VLAN ID as the native VLAN. Frames received through ports having the same membership as the identified native VLAN of the trunk will be forwarded untagged out of the trunk.
It is important that the native VLAN settings on each end of an 802.1Q trunk match.
The 802.1Q standard specifies support for a maximum 4094 VLANs (IDs 0 and 4095 are reserved). Therefore, ID values of 1-4094 are assignable. In contrast, the valid range of configurable ISL VLANs is 1-1001. The following is a summary of VLAN IDs:
Recognizing the difference in supported VLAN ID ranges highlights several issues in constructing a network of both ISL and 802.1Q VLAN networks. Ethernet VLAN IDs above the supported ISL range must be mapped to IDs within the range supported by ISL. Among other limitations, you are limited to eight total mappings. This process of mapping 802.1Q to ISL VLAN IDs will further restrict and define what IDs are actually available to be used.
Untagged frames are not discarded, but are sent to the native VLAN.
Untagged frames are not tagged with the tag of the native VLAN. They are simply forwarded to that VLAN. No packets in the native VLAN have tags.
Untagged frames are not forwarded out all ports not assigned to a VLAN. It will only be forwarded to the switchport where the destination MAC address resides.
Which IOS commands do you enter in interface configuration mode to configure a switch port to actively negotiate to be an ISL trunk port if possible? (Choose two.)
A. switchport trunk isl
B. switchport mode dynamic auto
C. switchport trunk allowed vlan
D. switchport mode dynamic desirable
E. switchport trunk encapsulation isl
Answer: D,E
Explanation:
Entering the IOS commands switchport mode dynamic desirable and switchport trunk encapsulation isl in interface configuration mode will allow a switch port to actively negotiate to be an ISL trunk port if possible.
Use the following steps to configure a port as an ISL trunk:
Enter the interface configuration. switch(config)# interface interface-id
Configure the port to use ISL encapsulation.
- switch(config-if)# switchport trunk encapsulation isl
Configure the port as a trunk port.
- switch(config-if)# switchport mode dynamic desirable
Note: Trunking modes can be configured as trunk, dynamic auto, dynamic desirable, nonegotiate, and access.
This allows DTP to actively negotiate to be a trunk if the other side is set to trunk, desirable , or auto. If one side is set to auto and the other side is also set to auto, no negotiations will occur.
The switchport allowed vlan command is also valid for configuring dot1q trunks, but is not required. By default, all VLANs are allowed on the trunk.
The other commands use incorrect syntax.
Which IOS command sets the native VLAN to VLAN3?
A. switchport mode trunk 3
B. switchport native vlan 3
C. switchport trunk native vlan 3
D. switchport trunk allowed vlan 3
E. switchport default native vlan 3
Answer: C
Explanation:
The IOS command switchport trunk native vlan 3 sets the native VLAN to VLAN3. Use the following command to configure the native VLAN on an 802.1Q trunk: switch(config-if)# switchport trunk native vlan vlan_id
The 802.1Q native VLAN is the VLAN from which or to which Layer 2 frames are transmitted untagged on the 802.1Q trunk port. The default native VLAN on an 802.1Q is VLAN 1. The native VLAN IDs should be set to the same value for both sides of an 802.1Q trunk.
The command switchport trunk allowed vlan 3 is used to assign VLANs whose frames are allowed to be passed over the trunk.
The other options are incorrect due to invalid syntax.
Consider the following output from the show interfaces trunk command:
Which two of the following statements can be confirmed regarding the trunking configuration on the switch? (Choose two.)
A. VLAN 44 is allowed on the trunk.
B. VLAN 46 is not allowed on the trunk.
C. VLAN 45 is configured for the VTP domain.
D. VLAN 41 is not configured for the VTP domain.
E. VLAN 43 is pruned or is not in the spanning-tree forwarding state.
F. VLAN 41 is not pruned.
Answer: D,E
Explanation:
Virtual local area network (VLAN) 41 is not configured for the VLAN Trunking Protocol (VTP) domain, and VLAN 43 is pruned or is not in the spanning-tree forwarding state. The show interfaces trunk command can be used to determine which VLANs are allowed, which VLANs are configured for the VTP domain, and which VLANs are in the spanning-tree forwarding state and are not pruned.
The VLANs listed under the Vlans allowed on trunk section are allowed on the trunk. Therefore, VLANs 1 through 43 and 45 through 4094 are allowed on the trunk. VLAN 44 is not allowed on the trunk; VLAN 46 is allowed on the trunk.
The VLANs listed under the Vlans allowed and active in management domain section are allowed on the trunk and configured for the VTP domain. In this scenario, this section includes VLANs 1 through 17, VLAN 40, VLAN 43, and VLANs 101 through 172. Because VLANs 41 and 45 are allowed on the trunk, but are not listed under the Vlans allowed and active in management domain section, VLANs 41 and 45 must not be configured for the VTP domain. VLANs 18 through 43, VLANs 45 through 100, and VLANs 173 through 4094 are not configured for the VTP domain.
VLANs 1 through 12, VLAN 16, VLAN 40, and VLANs 101 through 172 are listed under the Vlans in spanning tree forwarding state and not pruned section. Because VLAN 43 is allowed and is in the spanning-tree forwarding state, but is not listed under the Vlans in spanning tree forwarding state and not pruned section, VLAN 43 must be pruned or must not be in the spanning-tree forwarding state. This is also true of VLANs 13 through 15 and VLAN 17. As stated previously, VLAN 41 is allowed on the trunk but is not configured for the VTP domain. Therefore, it cannot be confirmed whether VLAN 41 has or has not been pruned manually. If VLAN 41 were in the spanning-tree forwarding state, but were not listed under the Vlans in spanning tree forwarding state and not pruned section, then it could be confirmed that VLAN 41 were being pruned.