VLAN Flashcards
A virtual local area network (VLAN) helps us subdivide our main LAN into multiple LANs so we can separate our broadcast domains.
A VLAN itself is a network
A VLAN is a broadcast domain
A VLAN provides Layer 2 (Data Link Layer/MAC Address-Switches) and Layer 3 (Network Layer/IP Address-Routers) segmentation
What is a VLAN?
Broadcast do not broadcast from VLAN to another VLAN especially that the router does allow broadcasting to pass it. The router acts as a border police for broadcast domains in the network.
VLANs act the same way by separating the networks/broadcast domains
VLANs allow us to separate network traffic on switches on a switch port by switch port basis
VLAN = Network = Broadcast Domain
What is a VLAN?
Part II
A Trunk carries multiple VLANs
Trunk Encapsulation:
older version: (ISL Cisco Proprietary)
Most commonly used standard trunk encapsulation type: (802.1Q: non-proprietary)
What is a VLAN Trunk? (Trunking)
Cisco’s protocol for exchanging VLAN information over trunks. VTP allows one switch on a network to centrally manage all VLANs.
VTP (VLAN Trunking Protocol)
a process for forwarding network traffic from one VLAN to another using a router
Router Layer 3 (Multi-Layer Switch) traffic from one VLAN to another VLAN
If there is no InterVlan routing than hosts in one VLAN can never talk to the hosts in the other VLAN
In order to enable it simply create the VLAN Interfaces on the switch
(Layer 2 and Layer 3 switches) are different and Layer 2 and has fewer commands than Layer 3. You can do more on Layer 3 like IP routing. Turn on IP routing-(Layer 3)
Inter-VLAN Routing
A Router on a stick is where you have a router hanging off a switch on a trunk link. The router is doing routing for the different VLANs to communicate.
We can have hosts talk to each other on a router.
What is a router on a stick?
Simply add VLANs to a switch
Created by number (VLAN 10, VLAN 100, VLAN 192)
Give the VLAN a name (Data, Voice, Management)
VLAN 5 Name green, VLAN 10 name red
VLAN Database: “show vlan”
VLAN 1 is the Default VLAN and cannot be removed (Do not use VLAN 1 for security reasons)
After creating a VLAN you can assign it to a switchport
Creating VLANs
interface FastEthernet 0/2 switch port access VLAN 5 interface FastEthernet 0/3 switch port access VLAN 10 Cisco IOS(VLAN Database): show VLAN These two VLANs can not talk to each other because they are in two separate broadcast domains/VLAN networks We can create a way for VLAN 10 to be routed to VLAN 5 and communicate traffic back and forth in those two separate networks. It's going to create a Layer 3 switch.
Assigning a port to a VLAN?
We need a trunk whenever we have one switch that has hosts that need to be on multiple VLANs rather than on one VLAN.
Connecting switches together with Multiple VLANs
When we have multiple VLANs we need a trunk
When connecting switches together we need a trunk
Use trunk between the switches and we call this kind of port “Trunk Port”
If it’s not a Trunk port it’s called an Access Port
When do you need a Trunk?
We don’t need a Trunk whenever it’s just a single VLAN.
When we don’t need a Trunk?
Ports that we create are called Access Ports: it is giving the host access to a specific VLAN.
If not a Trunk Port it is an Access Port
Access ports
interface GigabitEthernet 0/1
switchport mode trunk
check which ports are Trunking:
show interfaces trunk
Configure a Port as a Trunk it’s called Trunk Port
configure: give your devices IP addresses connected to the same broadcast domain.
Plug every device into the switch and every device can ping just as long as you give every device the correct ip settings.
If devices haven’t communicated across the network then it sends out an arp message to get the mac address of the ip address that I’m trying to communicate to on the network.
Arp cache: need both mac address and ip address to communicate something on the network.
Pinging
Router interfaces are turned off by default
Switch port interfaces are “turned on” by default so there is no need for a no shut down command
A switch port can be assigned to any VLAN
No shut down (Router) & (Switch)
VLANs can’t communicate with each other without a route to help them communicate. Once on two different VLANs they can’t pass traffic even if they are connected by cables.
VLANs
