VLANs. Traditional Campus Networks. Performance Issues. Broadcast Issues. Bridges terminate collision domains

Similar documents
VLANs. 2003, Cisco Systems, Inc. All rights reserved. 2-1

VLANs. 2003, Cisco Systems, Inc. All rights reserved. 2-1

Maintaining Specific VLAN Identification. Comparing ISL and 802.1Q. VLAN Trunking

Note: Use two 2960 switches for ALS1 and ALS2 and two 3560 switches for DLS1 and DLS2

Chapter 2 Lab 2-1, Static VLANS, VLAN Trunking, and VTP Domains and Modes

Lab Catalyst 2950T and 3550 Series VTP Domain and VLAN Trunking

Lab Catalyst 2950T and 3550 Series VTP Domain and VLAN Trunking

Lab Inter-VLAN Routing with the Internal Route Processor

Configuring VLANs. Understanding VLANs CHAPTER

Configuring VLANs. Understanding VLANs CHAPTER

Configuring VLANs. Understanding VLANs CHAPTER

Lab Catalyst 2950T and 3550 Series Static VLANS

Configuring VLANs. Understanding VLANs CHAPTER

Route between VLANs using a 3560 switch with an internal route processor using Cisco Express Forwarding (CEF).

Understanding and Configuring VTP

Configuring VLANs. Understanding VLANs CHAPTER

Configuring VTP. Understanding How VTP Works CHAPTER

Configuring VLANs. Understanding VLANs CHAPTER

Configuring VLANs. Understanding VLANs CHAPTER

Internetwork Expert s CCNP Bootcamp. VLANs, Trunking, & VTP. VLANs Overview

Chapter 4 Lab 4-1, Inter-VLAN Routing with an External Router

Configuring VLANs. Understanding VLANs CHAPTER

For information about configuring these settings from Cluster Management Suite (CMS), refer to the online help.

Chapter 3: VLANs. Routing & Switching

Configuring VLANs. Understanding VLANs CHAPTER

VLAN Configuration. Understanding VLANs CHAPTER

CCNP SWITCH 6.0 Student Lab Manual

All Transparent VTP Domain to Server Client VTP Domain Migration Configuration Example

The following graphic shows a single switch VLAN configuration.

Upon completion of this chapter, you will be able to perform the following tasks: Identify what a VLAN is and how it operates. Configure a VLAN to

Troubleshooting VLAN Trunk Protocol (VTP)

Question 5.1. Every port on a switch is a collision domain. Every port on a router is a collision domain.

RealCiscoLAB.com. Configure inter-vlan routing with HSRP to provide redundant, fault-tolerant routing to the internal network.

Lab - Configuring VLANs and Trunking (Solution)

Lab 5-1 Hot Standby Router Protocol

VLAN Trunking Protocol (VTP)

Chapter 3 Lab 3-1 Static VLANS, Trunking, and VTP

Configuring VLANs. Finding Feature Information. Prerequisites for VLANs

Configuring VLAN Trunks

Lab 5: Inter-VLANs Routing

VLANs and Trunking C H A P T E R. 6-1: VLAN Configuration. Section 6-1

Extending Switched Networks with Virtual LANs. 2000, Cisco Systems, Inc. 7-1

Configuring Private VLANs

RealCiscoLAB.com. Inter-VLAN Routing with an Internal Route Processor and Monitoring CEF Functions

Configuring VTP. Understanding How VTP Version 1 and Version 2 Work CHAPTER

Lab - Configuring VLANs and Trunking

Lab Routing Between an External Router and an Internal Route Processor

Switches running the LAN Base feature set support only static routing on SVIs.

This chapter describes how to configure VLANs on the Cisco 7600 series routers.

Lab - Configuring VLANs and Trunking

Lab Configuring Fast EtherChannel

Lab 8-2 Securing Spanning Tree Protocol

Cisco Exploration 3 Module 3 LAN Switching and Wireless Jim Johnston Class Notes September 9, 2008

Configuring VLANs. Finding Feature Information. Prerequisites for VLANs

1. Which two statements are true about VLAN implementation? (Choose two.)

Ch. 9 VTP (Trunking, VTP, Inter-VLAN Routing) CCNA 3 version 3.0

Lab 6.4.1: Basic Inter-VLAN Routing

Implement VTP. LAN Switching and Wireless Chapter 4 Modified by Tony Chen 10/01/2008

Configuring EtherChannels and Link-State Tracking

Configuring VTP. Understanding VTP CHAPTER

IEEE 802.1Q Configuration

CCNP SWITCH Lab Manual

Configuring VTP. Understanding VTP CHAPTER

Lab Configure Extended VLANs, VTP, and DTP

Lab 6-1 Configuring a WLAN Controller

PT Activity 4.4.1: Basic VTP Configuration

LAN Troubleshooting. Ethernet Troubleshooting

CCNA Semester 3 labs. Labs for chapters 2 10

the larger the number of users and devices, the more broadcasts and packets each switch must handle.

CCNA Routing & Switching Lab Workbook - Full-Scale Lab 1

VLAN. Command Reference, Cisco IOS XE Everest 16.6.x (Catalyst 3850 Switches) 1

ISP /24. Fas0/0. Fas1/0/1. Fas1/0/22 NYCORE1. Cisco PS. Fas0/1. Lab Nic /24

Lab 9.1.5a Trunking with ISL 2924XL Series

Table of Contents. isco Configuring 802.1q Trunking Between a Catalyst 3550 and Catalyst Switches Running Integrated Cisco IOS (Nativ

Configuring Private VLANs

EtherSwitch Service Module (ES) Configuration Example

VLANs. CCNA Exploration Semester 3 Chapter Sep-13

1 of :22

Configuring SPAN and RSPAN

Configuring EtherChannels and Layer 2 Trunk Failover

Lab - Troubleshooting VLAN Configurations (Instructor Version Optional Lab)

Configuring IEEE 802.1Q Tunneling and Layer 2 Protocol Tunneling

VLAN Commands. Command Reference, Cisco IOS XE Denali 16.3.x (Catalyst 3650 Switches) 1

Behavior of Cisco Discovery Protocol between Routers and Switches

Lab 1 Implementing VLANs

Chapter 4 Lab 4-2 Multiple Spanning Tree INSTRUCTOR VERSION

Lab 6-1 Configuring a WLAN Controller

Table of Contents. Cisco Understanding and Configuring VLAN Trunk Protocol (VTP)

CHAPTER 1 LAN Design

Configuring VLAN Trunk Protocol (VTP)

Configuring Q-in-Q VLAN Tunnels

Chapter 6 Lab 6-1, First Hop Redundancy Protocols HSRP and VRRP INSTRUCTOR VERSION

Configuring Interface Characteristics

CHAPTER 1: VLANS. Routing & Switching

Configuring Interface Characteristics

Configuring EtherChannels and Layer 2 Trunk Failover

Lab 5: Basic VLAN Configuration

Configuring SPAN and RSPAN

Configuring EtherChannels

Chapter 3 Lab 3-3, Per-VLAN Spanning Tree Behavior

Transcription:

Traditional Campus Networks Broadcast Domain VLANs Collision Domain 1 Collision Domain 2 Bridges terminate collision domains 2003, Cisco Systems, Inc. All rights reserved. 2-1 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-2 Performance Issues Broadcast Issues I need to know the MAC address for Server A Server A Multicast, broadcast, and unknown destination events become global events Broadcasts can consume all available bandwidth Each device must decode the broadcast frame Server A 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-3 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-4

VLAN Overview VLAN Operations Layer 2 connectivity Logical organizational flexibility Single broadcast domain Management Basic security A VLAN = A Broadcast Domain = Logical Network (Subnet) Red VLAN Switch A Black VLAN Green VLAN Red VLAN Switch B Black VLAN Green VLAN Each logical VLAN is like a separate physical bridge VLANs can span across multiple switches 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-5 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-6 VLAN Operations VLANs Establish Broadcast Domains Switch A Switch B Trunk Fast Ethernet Red VLAN Black VLAN Green VLAN Red VLAN Black VLAN Green VLAN Each logical VLAN is like a separate physical bridge VLANs can span across multiple switches Trunks carries traffic for multiple VLANs VLANs plus routing limits broadcasts to the domain of origin. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-7 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-8

Solution: Localizing Traffic Solution: Localizing Traffic (Cont.) VLAN1 VLAN2 10.1.1.0 10.1.2.0 10.1.3.0 VLAN3 LAN broadcasts terminate at the router interface VLANs contain broadcast traffic and separate traffic flows 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-9 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-10 Current Campus Networks Layer 2 End-to-End VLANs VLAN1 VLAN2 VLAN3 VLAN5 VLAN6 VLAN7 VLAN8 VLAN9 VLAN10 Switched Ethernet Wiring Closet Fast Ethernet Distribution Layer Layer 3 devices interconnect LAN segments while still containing broadcast domains Workgroup Servers Inter-VLAN Routing Enterprise Servers Fast Ethernet Core Layer Fast or Gigabit Ethernet End-to-end VLANs span the switch fabric 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-11 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-12

Local VLANs. End-to-End or Campus-wide VLANs Local VLANs generally reside in the wiring closet. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-13 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-14. Geographic or Local VLANs Benefits of Local VLANs in the ECNM Deterministic traffic flow Active redundant paths High availability Finite failure domain Scalable design 2003, Cisco Systems, Inc. All rights reserved. 15 BCMSN v2.0 2-15 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-16

Scalable Network Addressing Configuring VLANs in Global Mode Switch#configure terminal Switch(config)#vlan 3 Switch(config-vlan)#name Vlan3 Switch(config-vlan)#exit Switch(config)#end IT, Human Resources Sales, Marketing Finance, Accounting Allocate IP address spaces in contiguous blocks. Allocate one IP subnet per VLAN. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-17 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-18 Configuring VLANs in VLAN Database Mode Deleting VLANs in Global Mode Switch#vlan database Switch(vlan)#vlan 3 VLAN 3 added: Name: VLAN0003 Switch(vlan)#exit APPLY completed. Exiting... Switch#configure terminal Switch(config)#no vlan 3 Switch(config)#end 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-19 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-20

Deleting VLANs in VLAN Database Mode Assigning Access Ports to a VLAN Switch#vlan database Switch(vlan)#no vlan 3 VLAN 3 deleted: Name: VLAN0003 Switch(vlan)#exit APPLY completed. Exiting... Switch(config)#interface gigabitethernet 1/1 Enters interface configuration mode Switch(config-if)#switchport mode access Configures the interface as an access port Switch(config-if)#switchport access vlan 3 Assigns the access port to a VLAN 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-21 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-22 Verifying the VLAN Configuration Verifying the VLAN Port Configuration Switch#show vlan [id name] [vlan_num vlan_name] VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/5, Fa0/7 Fa0/8, Fa0/9, Fa0/11, Fa0/12 Gi0/1, Gi0/2 2 VLAN0002 active 51 VLAN0051 active 52 VLAN0052 active VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ 1 enet 100001 1500 - - - - - 1002 1003 2 enet 100002 1500 - - - - - 0 0 51 enet 100051 1500 - - - - - 0 0 52 enet 100052 1500 - - - - - 0 0 Remote SPAN VLANs ------------------------------------------------------------------------------ Primary Secondary Type Ports Switch#show running-config interface {fastethernet gigabitethernet} slot/port Displays the running configuration of the interface Switch#show interfaces [{fastethernet gigabitethernet} slot/port] switchport Displays the switch port configuration of the interface Switch#show mac-address-table interface interface-id [vlan vlan-id] [ {begin exclude include} expression] Displays the MAC address table information for the specified interface in the specified VLAN ------- --------- ----------------- ------------------------------------------ 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-23 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-24

Troubleshooting VLANs Summary A VLAN is a logical grouping of switch ports connecting nodes of virtually any type with no regard to physical location. An end-to-end VLAN spans the entire switched network, while a local VLAN is restricted to a single switch. Static VLANs involve switch ports that you manually assign to a particular VLAN. You can configure VLANs using Cisco IOS commands in VLAN configuration mode. Once a VLAN has been defined, you can assign switch ports to it. You use show commands to confirm that a VLAN and its associated ports have been configured correctly. To troubleshoot VLANs, you should check the physical connections, switch configuration, and VLAN configuration. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-25 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-26 Maintaining Specific VLAN Identification Implementing VLAN Trunks What is a VLAN trunk? Trunks carry traffic for multiple VLANs across the same physical link. Places a unique identifier in each frame Functions at Layer 2 2003, Cisco Systems, Inc. All rights reserved. 2-27 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-28

Comparing ISL and 802.1Q Trunking with ISL ISL 802.1Q Proprietary Encapsulated Protocol independent Encapsulates the old frame in a new frame ISL (Inter-Switch Link) is no longer supported by Cisco, opting for 802.1 Q. Note: Not all switches support both protocols. Nonproprietary Tagged Protocol dependent Adds a field to the frame header Is a Cisco proprietary protocol Supports PVST Uses an encapsulation process Does not modify the original frame 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-29 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-30 Trunking with 802.1Q 802.1Q Native VLAN An IEEE standard Adds a 4-byte tag to the original frame Additional tag includes a priority field Does not tag frames that belong to the native VLAN Supports Cisco IP telephony Native VLAN frames are carried over the trunk link untagged. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-31 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-32

VLAN Ranges and Mappings Trunking Configuration Commands VLAN Range Range Usage 0, 4095 Reserved For system use only 1 2-1001 Normal Normal Cisco default For Ethernet VLANs Trunks can be configured statically or via DTP. DTP provides the ability to negotiate the trunking method. 1002-1005 1025-4094 Normal Extended Cisco defaults for FDDI and Token Ring For Ethernet VLANs only Configuring a Trunk switchport trunk switchport mode switchport nonegotiate 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-33 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-34 Switch Ports and Trunk Ports Switch Port DTP Modes Command Function Mode Function switchport mode access Access port switchport mode trunk Trunk port Sets the switch port to unconditionally be an access port Sets the switch port to unconditionally become a trunk port access trunk nonegotiate Unconditionally sets a switch port to access mode, regardless of other DTP functions Sets the switch port to unconditional trunking mode and negotiates to become a trunk link, regardless of neighbor interface mode Specifies that DTP negotiation packets are not sent on the Layer 2 interface switchport mode dynamic Dynamic port Sets the switch port to dynamically negotiate the status (access or trunk) dynamic desirable Sets the switch port to actively send and respond to DTP negotiation frames. Default for Ethernet dynamic auto Sets the switch port to respond but not to actively send DTP negotiation frames 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-35 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-36

Switchport Mode Interactions Dynamic Auto Dynamic Desirable Note: Table assumes DTP is enabled at both ends. Dynamic Auto Dynamic Desirable Trunk Access Access Trunk Trunk Access Trunk Trunk Trunk Access Trunk Trunk Trunk Trunk Access Access Access Not recommended Not recommended Access How to Configure Trunking 1. Enter interface configuration mode. 2. Shut down interface. 3. Select the encapsulation (802.1Q or ISL). 4. Configure the interface as a Layer 2 trunk. 5. Specify the trunking native VLAN (for 802.1Q). 6. Configure the allowable VLANs for this trunk. 7. Use the no shutdown command on the interface to activate the trunking process. 8. Verify the trunk configuration. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-37 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-38 802.1Q Trunk Configuration Verifying the 802.1Q Configuration Switch#show running-config interface {fastethernet gigabitethernet} slot/port Switch(config)#interface fastethernet 5/8 Switch(config-if)#shutdown Switch(config-if)#switchport trunk encapsulation dot1q Switch(config-if)#switchport trunk allowed vlan 1,5,11,1002-1005 Switch(config-if)#switchport mode trunk Switch(config-if)#switchport trunk native vlan 99 Switch(config-if)#switchport nonegotiate Switch(config-if)#no shutdown Switch#show interfaces [fastethernet gigabitethernet] slot/port [ switchport trunk ] Switch#show interfaces fastethernet 5/8 switchport Name: fa5/8 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: Off Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 99 (trunk_only) Trunking VLANs Enabled: 1,5,11,1002-1005 Pruning VLANs Enabled: 2-1001... 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-39 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-40

Verifying a 802.1Q Dynamic Trunk Link ISL Trunk Configuration Switch#show running-config interface fastethernet 5/8 Building configuration... Current configuration:! interface FastEthernet5/8 switchport mode dynamic desirable switchport trunk encapsulation dot1q Switch#show interfaces fastethernet 5/8 trunk Port Mode Encapsulation Status Native vlan Fa5/8 desirable 802.1q trunking 99 Switch(config)#interface fastethernet 2/1 Switch(config-if)#shutdown Switch(config-if)#switchport trunk encapsulation isl Switch(config-if)#switchport trunk allowed vlan 1-5,1002-1005 Switch(config-if)#switchport mode trunk Switch(config-if)#switchport nonegotiate Switch(config-if)#no shutdown Port Vlans allowed on trunk Fa5/8 1,5,11,1002-1005 Port Vlans allowed and active in management domain Fa5/8 1,5,1002-1005 Port Vlans in spanning tree forwarding state and not pruned Fa5/8 1,5,1002-1005 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-41 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-42 Verifying ISL Trunking Problem: A Device Cannot Establish a Connection Across a Trunk Link Switch#show running-config interface {fastethernet gigabitethernet} slot/port Switch#show interfaces [fastethernet gigabitethernet] slot/port [ switchport trunk ] Switch#show interfaces fastethernet 2/1 trunk Port Mode Encapsulation Status Native VLAN Fa2/1 trunk isl trunking 99 Port VLANs allowed on trunk Fa2/1 1-5,1002-1005 Port VLANs allowed and active in management domain Fa2/1 1-2,1002-1005 Make sure: The Layer 2 interface mode configured on both ends of the link is valid. The trunk encapsulation type configured on both ends of the link is valid. The native VLAN is the same on both ends of the trunk (802.1Q trunks). Port VLANs in spanning tree forwarding state and not pruned Fa2/1 1-2,1002-1005 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-43 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-44

Summary Trunk links carry traffic from multiple VLANs. ISL is Cisco proprietary and encapsulates the Layer 2 frames. 802.1Q is an IEEE standard for trunking, which implements a 4-byte tag. The 802.1Q native VLANs forward frames without the tag. VLAN numbers have specific ranges and purposes. Various commands are used to configure and verify ISL and 802.1Q trunk links. Allow only required VLANs over the trunk. Implementing VLAN Trunk Protocol 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-45 2003, Cisco Systems, Inc. Inc. All All rights reserved. BCMSN 2.0 2-46 2-46 VTP (VLAN Trunking Protocol) VTP (VLAN Trunking Protocol) VTP Message Configuring VLANs without VTP. VLAN Trunk Protocol (VTP) reduces administration in a switched network. VLAN information can be configured on a VTP server, which is then distributed through all switches in the domain. Do not have to configure on each switch individually. Cisco-proprietary http://www.cisco.com/warp/public/473/vtp_flash/ 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-47 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-48

VTP Protocol Features VTP Modes Advertises VLAN configuration information Maintains VLAN configuration consistency throughout a common administrative domain Sends advertisements on trunk ports only Creates, modifies, and deletes VLANs Sends and forwards advertisements Synchronizes VLAN configurations Saves configuration in NVRAM Cannot create, change, or delete VLANs Forwards advertisements Synchronizes VLAN configurations Does not save in NVRAM Creates, modifies, and deletes VLANs locally only Forwards advertisements Does not synchronize VLAN configurations Saves configuration in NVRAM 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-49 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-50 VTP Operation VTP Pruning VTP advertisements are sent as multicast frames. VTP servers and clients are synchronized to the latest revision number. VTP advertisements are sent every 5 minutes or when there is a change. Increases available bandwidth by reducing unnecessary flooded traffic Example: Station A sends broadcast, and broadcast is flooded only toward any switch with ports assigned to the red VLAN. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-51 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-52

VTP Versions Adding a Switch to an Existing VTP Domain All switches in a management domain must run the same version. Ensure a new switch has VTP revision 0 before adding it to a network. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-53 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-54 VTP Configuration Guidelines Configuring a VTP Server Configure the following: VTP domain name VTP mode (server mode is the default) VTP pruning VTP password VTP trap Use caution when adding a new switch into an existing domain. Add a new switch in client mode to prevent the new switch from propagating incorrect VLAN information. Switch(config)#vtp server Configures VTP server mode Switch(config)#vtp domain domain-name Specifies a domain name Switch(config)#vtp password password Sets a VTP password Switch(config)#vtp pruning Enables VTP pruning in the domain 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-55 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-56

Configuring a VTP Server (Cont.) Verifying the VTP Configuration Switch#show vtp status Switch#configure terminal Switch(config)#vtp server Setting device to VTP SERVER mode. Switch(config)#vtp domain Lab_Network Setting VTP domain name to Lab_Network Switch(config)#end Switch#show vtp status VTP Version : 2 Configuration Revision : 247 Maximum VLANs supported locally : 1005 Number of existing VLANs : 33 VTP Operating Mode : Client VTP Domain Name : Lab_Network VTP Pruning Mode : Enabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x45 0x52 0xB6 0xFD 0x63 0xC8 0x49 0x80 Configuration last modified by 0.0.0.0 at 8-12-99 15:04:49 Switch# 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-57 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-58 Verifying the VTP Configuration (Cont.) Problem: VTP Not Updating Configuration on Other Switches Switch#show vtp counters Switch#show vtp counters VTP statistics: Summary advertisements received : 7 Subset advertisements received : 5 Request advertisements received : 0 Summary advertisements transmitted : 997 Subset advertisements transmitted : 13 Request advertisements transmitted : 3 Number of config revision errors : 0 Number of config digest errors : 0 Number of V1 summary errors : 0 VTP pruning statistics: Trunk Join Transmitted Join Received Summary advts received from non-pruning-capable device ---------------- ---------------- ---------------- --------------------------- Fa5/8 43071 42766 5 Make sure switches are connected through trunk links. Make sure the VTP domain name is the same on the appropriate switches. Check that the switch is not in VTP transparent mode. Verify the same password used on all switches in the VTP domain. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-59 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-60

Summary VTP is used to distribute and synchronize information about VLANs configured throughout a switched network. If you use VTP in your network, you must decide whether to use VTP version 1 or version 2. Verify the supervisor support for VTP before making your decision. When a network device is in VTP server mode, you can change the VLAN configuration and have it propagate throughout the network. Use show commands to verify the VTP configuration. Problems with VTP configuration can frequently be traced to improperly configured trunk links, domain names, VTP modes, or passwords. Case Study 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-61 2003, Cisco Systems, Inc. All rights reserved. 2-62 Topology for this presentation Clearing switches Switch# delete vlan.dat Delete filename [vlan.dat]? Delete flash:vlan.dat? [confirm] Switch# Switch# erase startup-config Erasing the nvram filesystem will remove all configuration files! Continue? [confirm] [OK] Erase of nvram: complete Switch# Basic Switch Configuration Configure VLANs Configure Trunking Configure VTP 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-63 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-64

Configure Hostname and VLAN 1 Configurations for other three switches Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# hostname DLS1 DLS1(config)# interface vlan 1 DLS1(config-if)# ip address 10.1.1.101 255.255.255.0 DLS1(config-if)# no shutdown DLS1(config)# end DLS1# Configure hostname Configure VLAN 1 Default: Management VLAN is VLAN 1 Allows us to communicate with the switch over the network (ping, telnet if priviledge and vty passwords configured) Configure DLS1, DLS2, ALS1 and ALS2 switches on Packet Tracer Hostname VLAN 1 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-65 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-66 Our Topology Note: We will configure 802.1Q between DLS1 and DLS2. Spanning Tree Protocol (More later!)? Redundancy between switches By default, are all links forwarding (active)? Why or why not? No, Spanning Tree Protocol Later we will examine how to make use of these blocked links either with PVST or Etherchannel. How can we determine which links are forwarding and which are blocked? 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-67 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-68

Spanning Tree Protocol Spanning Tree Protocol 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-69 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-70 What does this mean? (All host on same subnet.) Do show vlan on ALS1 Host C pings Host A Host B pings Host D 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-71 Notice default VLAN numbers, names, types. Ports configured to trunk mode will not appear in any of the VLANs. Are there any ports trunking? No All ports are in VLAN 1 by default 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-72

Configure the VTP domain name on DLS1 Do show vtp status on DLS1 DLS1(config)# vtp domain SWLAB Domain is case sensitive. Changing VTP domain name from NULL to SWLAB Will the other switches receive the domain name in a VTP update? We will see in a moment. Hint: Switches transmit VTP messages only over 802.1Q and ISL trunks. How many VLANs does a 3560 switch support? 1005 VLANs (Model and IOS dependent) How many built-in VLANs are there? 5 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-73 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-74 Same show vtp status on DLS1 Do show vtp status on ALS1 ALS1# show vtp status VTP Version : 2 Configuration Revision : 0 Maximum VLANs supported locally : 255 Number of existing VLANs : 5 VTP Operating Mode : Server VTP Domain Name : VTP Pruning Mode : Disabled VTP V2 Mode : Disabled VTP Traps Generation : Disabled MD5 digest : 0x7D 0x5A 0xA6 0x0E 0x9A 0x72 0xA0 0x3A Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00 Local updater ID is 10.1.1.103 on interface Vl1 (lowest numbered VLAN interface found)# How many VLANs does a 2960 switch support? 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-75 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-76

Configure DLS1 as a VTP Server and ALS1 as a VTP Client VTP Server and Clients Why do these switches not have the VTP domain name configured on DLS1? Configure other two switches Configure DLS2 switch as a VTP Server Configure ALS2 switch as a VTP Clients Verify VTP Mode 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-77 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-78 Non-trunking by default DTP (Dynamic Trunking Protocol) and Switchport Mode Interactions Dynamic Auto Dynamic Desirable Trunk Access Dynamic Auto Access Trunk Trunk Access Dynamic Desirable Trunk Trunk Trunk Access Trunk Trunk Trunk Trunk Not recommended Access Access Access Not recommended Access Ports on the 2960 and 3560 are set to dynamic auto by default. Does not try to negotiate a trunk unless one side is configured with command. This results in the interface being in access mode (non-trunking) 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-79 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-80

Non-trunking by default Non-trunking by default 2960 and 3560 switches do not try to negotiate a trunk unless the other side is configured with switchport mode trunk command. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-81 81 Even though trunking is not yet configured between the switches, can the hosts ping each other? Try it! Yes, as long as the hosts are on the same subnet they will be able to ping each other without trunking. (Host A and Host B) This is because all ports are on VLAN 1. Like a switched network with no vlans. So why do we establish VLANs? To segment broadcast domains. Why do we need trunks? To carry traffic for multiple VLANs. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-82 Without VLANS what does this mean? With VLANS what does this mean? X X Request from Host A to Host B. Which hosts will see it? Only Host B is on the same subnet as Host A, but the entire network (all hosts) will receive the broadcast. Why are not all of the links used? Spanning Tree Protocol is keeping the network loop free. Request from Host A to Host B. Which hosts will see it? Only Host B is on the same VLAN as Host A, so other hosts will not receive the broadcast. With VTP pruning broadcasts (dashed lines) within their VLAN will be kept within their VLAN. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-83 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-84

Default Configure DLS1 for Trunking ALS1(config)# interface range fastethernet 0/11-12 ALS1(config-if-range)# switchport mode trunk ALS1(config-if-range)# What will this do to these two links? Does ALS2 need to be configured as a trunk? ALS1(config)# interface range fastethernet 0/11-12 ALS1(config-if-range)# switchport mode trunk Trunking! We will verify this on ALS1 in a moment. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-85 2003, Cisco Systems, Inc. All rights reserved. 86 BCMSN v2.0 2-86 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-87 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-88

ALS2 Default Dynamic Auto ALS2 Default Dynamic Auto Trunk Dynamic Auto Trunk Dynamic Auto What is the DTP setting on ALS2? (This did not change.) Is this the default on a 3560 switch? Yes Notice it is now trunking because the other end is set to trunk. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-89 Verifying trunks on ALS2 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-90 Switches that support both ISL and 802.1Q Configure the rest of the trunk links What happens when we use the switchport mode trunk command without specifying the encapsulation on switches that support both protocols? On switches that support multiple trunking encapsulations (802.1Q and ISL), you must first configure the trunking encapsulation before setting the interface to trunk mode. The switchport trunk encapsulation command must be configured before the switchport mode trunk. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-91 What about the VTP domain names on DLS1 and DLS2? No other trunk links configured so DLS1 and DLS2 still have no VTP domain name. Trunking only configured between ALS1 and ALS2. Configure the rest if the trunk links as shown in the topology. Packet Tracer only supports 802.1Q trunks, not ISL. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-92

Configure the VLAN on the access port for ALS1 ALS1(config)# inter fa 0/6 ALS1(config-if)# switchport mode? access Set trunking mode to ACCESS unconditionally dynamic Set trunking mode to dynamically negotiate access or trunk mode trunk Set trunking mode to TRUNK unconditionally ALS1(config-if)# switchport mode access With a single host attached will we ever need trunking on this port? No, so we configure it for access mode, permanent non-trunking. (We will discuss Voice VLANs later.) Configure access ports on other three switches (DLS1, DLS2, ALS2). Correcting Common VLAN Configuration Errors 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-93 2003, Cisco Systems, Inc. All rights reserved. 2-94 Issues with 802.1Q Native VLAN 802.1Q Native VLAN Considerations Native VLAN must match at ends of trunk; otherwise, frames will leak from one VLAN to another. By default, the native VLAN will be VLAN1. Avoid using VLAN1 for management purposes. Eliminate native VLANs from 802.1Q trunks by making the native VLAN an unused VLAN. Native VLAN frames are carried over the trunk link untagged. A native VLAN mismatch will merge traffic between VLANs. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-95 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-96

Explaining Trunk Link Problems Resolving Trunk Link Problems Trunks can be configured statically or autonegotiated with DTP. For trunking to be autonegotiated, the switches must be in the same VTP domain. Some trunk configuration combinations will successfully configure a trunk, some will not. When using DTP, ensure that both ends of the link are in the same VTP domain. Ensure that the trunk encapsulation type configured on both ends of the link is valid. On links where trunking is not required, DTP should be turned off. Best practice is to configure trunk and nonegotiate where trunks are required. Will any of the above combinations result in an operational trunk? 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-97 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-98 Common Problems with VTP Configuration Example of New Switch Overwriting an Existing VTP Domain Updates not received as expected VTP domain and password must match. Missing VLANs Configuration has been overwritten by another VTP device. Too many VLANs Consider making VTP domain smaller. VTP Version : 2 Configuration Revision : 2 Maximum VLANs supported locally : 1005 Number of existing VLANs : 7 VTP Operating Mode : Client VTP Domain Name : building1 VTP Version : 2 Configuration Revision : 1 Maximum VLANs supported locally : 1005 Number of existing VLANs : 6 VTP Operating Mode : Server VTP Domain Name : building1 New switch not connected 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-99 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-100

Example of New Switch Overwriting an Existing VTP Domain (Cont.) Implementing VTP in the ECNM VTP Version : 2 Configuration Revision : 2 Maximum VLANs supported locally : 1005 Number of existing VLANs : 7 VTP Operating Mode : Client VTP Domain Name : building1 VTP Version : 2 Configuration Revision : 2 Maximum VLANs supported locally : 1005 Number of existing VLANs : 7 VTP Operating Mode : Server VTP Domain Name : building1 New switch connected Plan VTP domain boundaries. Have only one or two VTP servers. Configure a VTP password. Manually configure the VTP domain name on all devices. When setting up a new domain: Configure VTP client switches first so that they participate passively. When cleaning up an existing VTP domain: Configure passwords on servers first because clients may need to maintain current VLAN information until the server is verified as complete. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-101 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-102 Summary 802.1Q native VLAN can cause security issues. Configure the native VLAN to be an unused VLAN. Some trunk link configuration combinations can result in problems on the link. Best practice is to configure trunks statically rather than with DTP. Misconfiguration of VTP can give unexpected results. Make only one or two VTP servers; keep the remainder as clients. 2003, Cisco Systems, Inc. All rights reserved. BCMSN v2.0 2-103

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback