Virtual LAN or VLAN is a logical grouping of switchports on a switch or across switches to form logically separated networks. Each VLAN is a logical broadcast domain and ports in different VLAN do not share broadcast. Containing broadcasts within a VLAN improves the overall performance of the network. Switchports can be grouped based by users’ department, teams’ functionality, user groups, etc. Each VLAN has its own subnet. Therefore VLAN provides segmentation and organizational flexibility.
A trunk is a point to point link between an Ethernet switchport and another networking devices such as router or switch. Trunk carries traffic of multiple VLANs over a single link and thus extending the VLANs across an entire network. IEEE 802.1Q is supported by Cisco.
Okay, this following small setup is what I used to practise VLAN and trunking.
The default VLAN on the network devices is VLAN 1. Here I added another a VLAN 2 on SwitchA using the vlan command.
SwitchA(config)#vlan 2
SwitchA(config-vlan)#interface fa0/2
SwitchA(config-if)#switchport access vlan 2
Use the show vlan command to verify the VLAN settings.
SwitchA#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/3, Fa0/4, Fa0/5
Fa0/6, Fa0/7, Fa0/8, Fa0/9
Fa0/10, Fa0/11, Fa0/12, Fa0/13
Fa0/14, Fa0/15, Fa0/16, Fa0/17
Fa0/18, Fa0/19, Fa0/20, Fa0/21
Fa0/22, Fa0/23, Fa0/24, Gig1/1
Gig1/2
2 VLAN0002 active Fa0/2
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
The IP address of RouterA has also been changed to 10.2.2.12.
RouterA(config-if)#ip address 10.2.2.12 255.255.255.0
On the CoreRouter, I am using sub-interfaces to support the multiple VLANs. First I cleared the IP address on fa0/0 using the “no” version of ip address command. Then I configured the sub-interface fa0/0.1 and fa0/0.2 using the interface command. Before, setting IP address on the sub-interface, use the encapsulation command to set the sub-interface to trunk. For example, encapsulation dot1Q 1 enable sub-interface fa0/0.1 to trunk and with a VLAN ID of 1.
CoreRouter(config)#int fa0/0
CoreRouter(config-if)#no ip address
CoreRouter(config-if)#interface fa0/0.1
CoreRouter(config-subif)#encapsulation dot1Q 1
CoreRouter(config-subif)#ip address 10.1.1.3 255.255.255.0
CoreRouter(config-subif)#no shutdown
CoreRouter(config-subif)#interface fa0/0.2
CoreRouter(config-subif)#encapsulation dot1Q 2
CoreRouter(config-subif)#ip address 10.2.2.3 255.255.255.0
CoreRouter(config-subif)#no shutdown
Okay, I have RouterA fa0/0 and CoreRouter fa0/0.2 in VLAN 2. Now if I tried pinging 10.2.2.3 (fa0/0.2 on CoreRouter) from RouterA, it will fail. It is expected because along the path from RouterA to CoreRouter, there is no VLAN tagging. What I need to do is to set the fa0/11 interface on SwitchA and fa0/1 and fa0/23 on CoreSwitch to trunk mode using the switchport mode trunk command.
SwitchA(config)#interface fa0/11
SwitchA(config-if)#switchport mode trunk
CoreSwitch(config)#interface fa0/1
CoreSwitch(config-if)#switchport mode trunk
CoreSwitch(config-if)#interface fa0/23
CoreSwitch(config-if)#switchport mode trunk
Tried to ping 10.2.2.3 from RouterA again and it should work. But if I tried to ping 10.1.1.10 (SwitchA) from RouterA, it will fail. This is because I am trying to communicate from VLAN 2 (from Router A) to VLAN 1 (to SwitchA). To make it works, inter-VLAN communication is needed and that is the role of router. Let’s do a quick test by creating a static route on RouterA using the ip route command to route the communication with 10.1.1.0 subnet to 10.2.2.3.
RouterA(config)#ip route 10.1.1.0 255.255.255.0 10.2.2.3
Tried to ping 10.1.1.10 from RouterA and it should work. This is because now RouterA will route the ping request to CoreRouter. The CoreRouter is able to communicate with SwitchA via the fa0/0.1 sub-interface and SwitchA has its default gateway set as 10.1.1.3 to respond back.
This has pretty much how basic VLAN and switchport trunking work.
No comments:
Post a Comment