Ethernet LAN Switching Concepts

Operating Cisco LAN Switches

Ethernet Switch Configuration
Wireless LANs
Virtual LANs
Spanning Tree Protocol
Ethernet Switch Troubleshooting
Troubleshooting LAN Switching
Reza Izadi
Virtual LAN Concepts
A LAN includes all devices in the same broadcast domain

Reza Izadi
most common reasons for VLANing
• more flexible designs that group users by department, or by
groups that work together, instead of by physical location
• segment devices into smaller LANs (broadcast domains) to
reduce overhead caused to each host in the VLAN
• reduce the workload for the Spanning Tree Protocol (STP) by
limiting a VLAN to a single access switch
• To enforce better security by keeping hosts that work with
sensitive data on a separate VLAN
• To separate traffic sent by an IP phone from traffic sent by PCs
connected to the phones

Reza Izadi
Trunking with ISL and 802.1Q

VLAN tagging, VLAN ID

Reza Izadi
Inter-Switch Link (ISL)

Reza Izadi
IEEE 802.1Q

Reza Izadi
ISL and 802.1Q Compared

Reza Izadi
IP Subnets and VLANs

Reza Izadi
VLAN Trunking Protocol (VTP)
– VTP advertises about the existence of each VLAN based on
its VLAN ID and the VLAN name
– Cisco-proprietary
– VTP modes:
• server mode
• client mode
• transparent
– Cisco switches cannot disable VTP

Reza Izadi
VTP Operation Using VTP Server and Client Modes

Reza Izadi
VTP three different types of messages
• summary advertisements
– Revision number, domain name, and other information, but no
VLAN information
– periodic VTP messages every 5 minutes

• subset advertisements
– Rev No. +1 then, the summary advertisement + one or more
subset advertisements, (each advertises some subset of the
VLAN database)
• advertisement requests
– allows a switch to immediately request VTP messages from a
neighboring switch as soon as a trunk comes up

Reza Izadi
Requirements for VTP to Work Between Switches
• The link between the switches must be operating as a VLAN
trunk (ISL or 802.1Q).
• The two switches’ case-sensitive VTP domain name must match.
• If configured on at least one of the switches, the two switches’
case-sensitive VTP password must match.

Creation of multiple groups of VTP switches, called domains

Reza Izadi
Storing VLAN Configuration
– vlan.dat in flash memory
– If a switch loose power?
– erase startup-config & delete flash:vlan.dat
– Transparents store VLAN configuration in both the running-
config & vlan.dat (also in some older IOS versions)

Reza Izadi
VTP Versions
– versions 1, 2, and 3
– VTP version 1
• check a received VTP update’s domain name and password
• If not checked discarded the VTP update
– VTP version 2
• ignoring the domain name and password
• Allow to forward all received VTP updates

Reza Izadi
VTP Pruning

Reza Izadi
Reza Izadi
 VLAN & VLAN Trunking
Configuration and Verification

Reza Izadi
Creating and Assigning Access
• Step 1 To configure a new VLAN
– a. vlan vlan-id global configuration command
– b. (Optional) name name VLAN subcommand the VLAN name is
VLANZZZZ, where ZZZZ is the 4-digit decimal VLAN ID.
• Step 2 To configure a VLAN for each access interface
– a. interface
– b. switchport access vlan id-number
– c. (Optional) To disable trunking: switchport mode access

• VLAN databasemode
• VLAN Management Policy Server (VMPS)

Reza Izadi
Default setting for VTP
– VTP server mode.
– No VTP domain name.
– VLAN 1 and VLANs 1002–1005 are automatically configured
(and cannot be deleted).
– All access interfaces are assigned to VLAN 1
• switchport access vlan 1

Reza Izadi
VLAN Configuration Example 1: Full VLAN Configuration

Reza Izadi
VLAN Configuration Example 2: Shorter VLAN Configuration
SW1#configure terminal
SW1(config)#interface range Fastethernet 0/15 - 16
SW1(config-if-range)#switchport access vlan 3
% Access VLAN does not exist. Creating vlan 3
SW1(config-if-range)#^Z

Reza Izadi
VLAN Trunking Configuration
• The type of trunking
– IEEE 802.1Q
– ISL
– negotiate which one to use
• (default type using Dynamic Trunking Protocol (DTP))
• The administrative mode
– trunk
– not trunk
– negotiate

Switchport mode { dynamic [desirable,auto], trunk access }

switchport trunk encapsulation {dot1q | isl | negotiate}
Reza Izadi
switchport mode ……..

Reza Izadi
Controlling Which VLANs Can Be Supported on a Trunk
switchport trunk allowed vlan {add | all | except | remove} vlan-list

• A VLAN has been removed from the trunk’s allowed VLAN list.
• A VLAN does not exist, or is not active, in the switch’s VLAN
database (as seen with the show vlan command).
• A VLAN has been automatically pruned by VTP.
• A VLAN’s STP instance has placed the trunk interface into a state
other than a Forwarding State.

Reza Izadi
Trunking to Cisco IP Phones

Reza Izadi
Reza Izadi
Using VTP: Configuring Servers and Clients
• Step 1 vtp mode {server | client} global configuration command
• Step 2 vtp domain domain-name global configuration command
• Step 3 (Optional but recomanded) vtp password password-value
global configuration command
• Step 4 (Optional) vtp pruning global configuration command
• Step 5 (Optional) vtp version 2 global configuration command
• Step 6 Bring up trunks between the switches .

Reza Izadi
 Caveats When Moving Away from Default
VTP Configuration
• switch is in VTP server mode with a null domain name.
• switch does not send VTP
• receives a VTP update -no password-, the receiving switch starts
using that VTP domain name.
• When the previous step occurs, the switch with the higher VLAN
database revision number causes the switch with the lower revision
number to overwrite its VLAN database.
• After configuring a domain name, that switch immediately starts
sending VTP updates over all its trunks.

Reza Izadi
• Avoiding VTP: Configuring Transparent Mode
vtp mode transparent
• Determining Why VTP Is Not Currently Working
• Problems When Connecting New Switches and Bringing Up
Trunks

Reza Izadi