View
249
Download
0
Category
Preview:
Citation preview
7/27/2019 17.Vlan Trunking VTP
1/22
1 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
Implementing VLANs,
Trunks and VTP
7/27/2019 17.Vlan Trunking VTP
2/22
2 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
These issues are often found inpoorly designed networks:
Large broadcast domains
Management and supportchallenges
Possible security vulnerabilities
Issues in a Poorly Designed Network
7/27/2019 17.Vlan Trunking VTP
3/22
3 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
A VLAN is a virtual LAN. VLAN = broadcast domain
VLAN = logical network(subnet)
VLANs address these needs: Segmentation
Security
Network flexibility
VLAN Introduction
7/27/2019 17.Vlan Trunking VTP
4/22
4 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
Network Traffic Types
Traffic types to considerwhen designating VLANs:
Network management
IP telephony
IP Multicast Normal data
Scavenger class
7/27/2019 17.Vlan Trunking VTP
5/22
5 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
Creating a VLAN
SwitchX# configure terminal
SwitchX(config)# vlanvlan-id
SwitchX(config-vlan)# nametext
7/27/2019 17.Vlan Trunking VTP
6/22
6 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
SwitchX# show vlan id 2
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------2 switchlab99 active Fa0/2, Fa0/12
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
2 enet 100002 1500 - - - - - 0 0
. . .
SwitchX#
Verifying a VLAN
SwitchX# show vlan [brief | idvlan-id|| name vlan-name]
7/27/2019 17.Vlan Trunking VTP
7/227 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
Assigning Switch Ports to a VLAN
SwitchX# configure terminal
SwitchX(config)# interface range fastethernet 0/2 - 4SwitchX(config-if)# switchport access vlan2
SwitchX# show vlan
VLAN Name Status Ports
---- -------------------------------- --------- ----------------------
1 default active Fa0/1
2 switchlab99 active Fa0/2, Fa0/3, Fa0/4
switchport access vlanvlan-id
SwitchX(config-if)#
7/27/2019 17.Vlan Trunking VTP
8/228 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
SwitchX# show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/12 switchlab99 active Fa0/2, Fa0/3, Fa0/43 vlan3 active
4 vlan4 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------1004 fddinet-default act/unsup
1005 trnet-default act/unsup
SwitchX# show vlan brief
Verifying VLAN Membership
7/27/2019 17.Vlan Trunking VTP
9/229 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
Verifying VLAN Membership (Cont.)
SwitchX# show interfaces fa0/2 switchportName: Fa0/2Switchport: EnabledAdministrative Mode: dynamic autoOperational Mode: static accessAdministrative Trunking Encapsulation: dot1qOperational Trunking Encapsulation: native
Negotiation of Trunking: OnAccess Mode VLAN: 2 (switchlab99)Trunking Native Mode VLAN: 1 (default)--- output omitted ----
show interfacesinterfaceswitchport
SwitchX(config-if)#
7/27/2019 17.Vlan Trunking VTP
10/2210 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
Running many VLANs between switches would require thesame number of interconnecting links.
Trunking with 802.1Q
7/27/2019 17.Vlan Trunking VTP
11/2211 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
Combining many VLANs on the same port is called trunking. A trunk allows the transportation of frames from different VLANs.
Each frame has a tag that specifies the VLAN that it belongs to.
Frames are forwarded to the corresponding VLAN based on the tag
information.
Trunking with 802.1Q (Cont.)
7/27/2019 17.Vlan Trunking VTP
12/2212 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
802.1Q Frame
7/27/2019 17.Vlan Trunking VTP
13/2213 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
Understanding Native VLANs
7/27/2019 17.Vlan Trunking VTP
14/2214 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
Configuring an 802.1Q Trunking
Configures the port as a VLAN trunk
SwitchX(config-if)#
switchport mode trunk
switchport mode {access | dynamic {auto | desirable} | trunk}
SwitchX(config-if)#
Configures the trunking characteristics of the port
7/27/2019 17.Vlan Trunking VTP
15/2215 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
SwitchX# show interfaces fa0/11 trunk
Port Mode Encapsulation Status Native vlanFa0/11 desirable 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/11 1-4094
Port Vlans allowed and active in management domain
Fa0/11 1-13
SwitchX# show interfaces fa0/11 switchport
Name: Fa0/11
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: down
Administrative Trunking Encapsulation: dot1qNegotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
. . .
Verifying a Trunk
SwitchX# show interfacesinterface [switchport | trunk]
7/27/2019 17.Vlan Trunking VTP
16/2216 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
VTP Features
7/27/2019 17.Vlan Trunking VTP
17/2217 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
Cannot create,change, or deleteVLANs
Sends andforwardsadvertisements
Synchronizes
Create VLANs
Modify VLANs Delete VLANs
Sends and forwardsadvertisements
Synchronizes
Create local VLANs only
Modify local VLANs only
Delete local VLANs only
Forwards advertisements
Does notsynchronize
VTP Modes
7/27/2019 17.Vlan Trunking VTP
18/2218 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
VTP Operation
VTP advertisements are sent as multicast frames. VTP servers and clients are synchronized to the latest revision number.
VTP advertisements are sent every 5 minutes or when there is achange.
7/27/2019 17.Vlan Trunking VTP
19/2219 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
SwitchX# configure terminal
SwitchX(config)# vtp mode [ server | client | transparent ]
SwitchX(config)# vtp domaindomain-nameSwitchX(config)# vtp passwordpassword
SwitchX(config)# end
Creating a VTP
7/27/2019 17.Vlan Trunking VTP
20/2220 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
SwitchX(config)# vtp domain ICND
Changing VTP domain name to ICND
SwitchX(config)# vtp mode transparent
Setting device to VTP TRANSPARENT mode.
SwitchX(config)# end
SwitchX# show vtp status
VTP Version : 2Configuration Revision : 0
Maximum VLANs supported locally : 64
Number of existing VLANs : 17
VTP Operating Mode : Transparent
VTP Domain Name : ICND
VTP Pruning Mode : Disabled
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x7D 0x6E 0x5E 0x3D 0xAF 0xA0 0x2F 0xAA
Configuration last modified by 10.1.1.4 at 3-3-93 20:08:05
SwitchX#
VTP Configuration and Verification Example
7/27/2019 17.Vlan Trunking VTP
21/2221 2013 Cisco Systems, Inc. All rights reserved. Cisco PublicDesign by H V Anh Tun
Summary
A poorly designed network has increased support costs, reducedservice availability, and limited support for new applications andsolutions.
VLANs provide segmentation and organizational flexibility.
Ethernet trunks carry the traffic of multiple VLANs over a single linkand allow you to extend VLANs across an entire network.
VTP is a Layer 2 messaging protocol that maintains VLANconfiguration consistency.
7/27/2019 17.Vlan Trunking VTP
22/22
Recommended