-
8/6/2019 Tong Quan Ve VLAN
1/41
Tng quan vVLAN (VLAN Overview)Tng quan vVLAN (VLAN Overview)
Segmentation
Flexibility
Security
3rd floor
2nd floor
1st floor
SALES HR ENG
A VLAN = A broadcast domain = Logical network (subnet)
-
8/6/2019 Tong Quan Ve VLAN
2/41
Tng quan vVLAN (VLAN Overview)
-
8/6/2019 Tong Quan Ve VLAN
3/41
Ni DungNi Dung
Khi nim vVLAN
Khi nim v Trunking
VLAN Trunking Protocol (VTP)
Cu hnh switch for trunking
Thay i kt ni VLAN
Thay i spanning-tree
-
8/6/2019 Tong Quan Ve VLAN
4/41
Tng quan vVLAN (VLAN Overview)
L mt nhm cc thit b mng
khng b gii hn v a lMi cng vic cu hnh Vlan uc thc hin bng phn
mm
Mi Vlan l mt min qung b
C kh nng m rng v bo mt
-
8/6/2019 Tong Quan Ve VLAN
5/41
Hot ng ca VLAN (VLAN Operations)Hot ng ca VLAN (VLAN
Operations)
Switch A
Green
VLAN
Black
VLAN
Red
VLAN
Each logical VLAN is like a separate physical bridge
-
8/6/2019 Tong Quan Ve VLAN
6/41
Switch A
Green
VLAN
Black
VLAN
Red
VLAN
Switch B
Green
VLAN
Black
VLAN
Red
VLAN
Each logical VLAN is like a separate physical bridge
VLANs can span across multiple switches
Hot ng ca VLAN (VLAN Operations)Hot ng ca VLAN (VLAN
Operations)
-
8/6/2019 Tong Quan Ve VLAN
7/41
Switch A
Green
VLAN
Black
VLAN
Red
VLAN
Switch B
Green
VLAN
Black
VLAN
Red
VLAN
Trunk
Each logical VLAN is like a separate physical bridge
VLANs can span across multiple switches
Trunks carries traffic for multiple VLANs
Fast Ethernet
Hot ng ca VLAN (VLAN Operations)Hot ng ca VLAN (VLAN
Operations)
-
8/6/2019 Tong Quan Ve VLAN
8/41
VLAN5
Static VLAN Dynamic VLAN
MAC = 1111.1111.1111
Trunk
VMPS
1111.1111.1111 = vlan 10
VLAN10
Port e0/9Port e0/4
Cc loi Vlan
VMPS=Vlan Management plicy sever
-
8/6/2019 Tong Quan Ve VLAN
9/41
Hot ng ca ng Trunk
-
8/6/2019 Tong Quan Ve VLAN
10/41
Hot ng ca ng Trunk
-
8/6/2019 Tong Quan Ve VLAN
11/41
Hot ng ca ng Trunk
-
8/6/2019 Tong Quan Ve VLAN
12/41
Hot ng ca ng Trunk
-
8/6/2019 Tong Quan Ve VLAN
13/41
-
8/6/2019 Tong Quan Ve VLAN
14/41
ISL TaggingISL Tagging
-
8/6/2019 Tong Quan Ve VLAN
15/41
ISL EncapsulationISL Encapsulation
ISL HeaderISL Header
26 bytes26 bytesEncapsulated Ethernet frame
CRCCRC
4 bytes4 bytes
Frames encapsulated withISL header and CRC
Support for
many VLANs (1024)
-
8/6/2019 Tong Quan Ve VLAN
16/41
Giao thc Vlan trunking (VTP)Giao thc Vlan trunking (VTP)
1.new vlan added
3.Sync to the latest vlan information
2
VTP Domain
-
8/6/2019 Tong Quan Ve VLAN
17/41
G
iao th
c Vlan trunking (VTP)G
iao th
c Vlan trunking (VTP)
Duy tr cu hnh Vlan thng nht trong mt min qun
tr
VTP l mt giao thc thng ip s dng gi trunk lp
2 qun l s thm xo v t tn cc Vlan trong mt
min nht nhH tr trunks trn mi trng mng hn hp
Tp trung cc thng tin v s thay i t tt c cc
Switch trong mng
-
8/6/2019 Tong Quan Ve VLAN
18/41
Cc ch hot ng ca VTPCc ch hot ng ca VTP
Transparent
Sends/forwards
advertisements Synchronize
Not saved inNVRAM
Create vlansModify vlansDelete
vlansSends/forwardsadvertisementsSynchronizeSaved in NVRAM
Forwardsadvertisements
Does not
synchronize
Saved in NVRAM
-
8/6/2019 Tong Quan Ve VLAN
19/41
Hot ng ca VTPHot ng ca VTP
VTP advertisement c gi ra nh l multicast frames
VTP servers v clients ng b ho ch s thay i cuhnh theo ch s mi
C sau 5 pht hoc khi c thay i cu hnh th VTP
advertisement c gi ti cc switch
-
8/6/2019 Tong Quan Ve VLAN
20/41
Hot ng ca VTPHot ng ca VTP
1.Add new VLAN
2.Rev 3 --> Rev 4
Server
Client Client
4.Rev 3 --> Rev 45.Sync new vlan info
3 3
4.Rev 3 --> Rev 45.Sync new vlan info
-
8/6/2019 Tong Quan Ve VLAN
21/41
VTP PruningVTP Pruning
Tng bng thng bng cch gim v ct bnhng ti khng cn thit
Example: Station A gi broadcast, broadcastch cchuyn n cc port c
gn cho redVLAN
-
8/6/2019 Tong Quan Ve VLAN
22/41
VTP PruningVTP Pruning
Switch 4
Switch 2
Switch 6 Switch 3 Switch 1
Port 2
Floodedtraffic ispruned
RedVLAN
Port 1
Switch 5
A
B
-
8/6/2019 Tong Quan Ve VLAN
23/41
Cu Hnh VLAN
Cu Hnh Vlan trn Catalyst1900 v 2950
-
8/6/2019 Tong Quan Ve VLAN
24/41
Rcs-Sud-Est
Configurations can come frommany sources
Configurations will act indevice memory
Console port
Auxiliary port
Interfaces
PC or Unix server
Web or NetworkManagementserver
Virtual terminal
External Configuration SourcesExternal Configuration Sources
Telnet
TFTP
-
8/6/2019 Tong Quan Ve VLAN
25/41
Kt ni vo cng qun l trn router
-
8/6/2019 Tong Quan Ve VLAN
26/41
-
8/6/2019 Tong Quan Ve VLAN
27/41
1900 switch>en
Switch#config t
Switch(config)#hostname 1900
1900(config)#vlan 2 name khoatoan
1900(config)#vlan 3 nam
e khoaly1900(config)#exit
-
8/6/2019 Tong Quan Ve VLAN
28/41
2950 SwitchSwitch>en
Switch#config t
Switch(config)#hostname 29502950#vlan database
2950(vlan)#vlan 22950(vlan)#name khoatoan
2950(vlan)#vlan 3
2950(vlan)#name khoaLy
2950(vna)#exit
-
8/6/2019 Tong Quan Ve VLAN
29/41
Xem thng tin cu hnh Vlan1900#sh vlan
1900#sh vlan brief
Switch_2#show vlan VLAN Name Status Ports
1 default active e0/1 e0/2, e0/3, e0/4, e0/5,
e0/10, e0/11, e0/122 khoatoan active
3 Khoaly active
4 vlan0004 active
5 vlan0005 active
-
8/6/2019 Tong Quan Ve VLAN
30/41
Cu hnh vlan c nh i vi switch 1900
1900(config)#int e0/2
1900(config-if)#vlan-m
em
bership static 21900(config)#int e0/3
1900(config-if)#vlan-membership static 2
1900(config)#int e0/41900(config-if)#vlan-membership static
3
-
8/6/2019 Tong Quan Ve VLAN
31/41
2950(config)#intport
2950(config-if)#switchport acess vlan vlan-id
V d2950(config)#int e0/2
2950(config-if)#switchport acess vlan 2
2950(config)#int e0/3
2950(config-if)#switchport acess vlan 2
2950(config)#int e0/4
2950(config-if)#switchport acess vlan 3
Cu hnh vlan c nh i vi switch 2950
-
8/6/2019 Tong Quan Ve VLAN
32/41
Xem thng tin cu hnh Vlan1900#sh vlan
1900#sh vlan brief
Switch_2#show vlan VLAN Name Status Ports
1 default active e0/1, e0/5, e0/10, e0/11,
Fa0/122 khaotoan active e0/2, e0/3
3 Khoaly active e0/4
4 vlan0004 active
5 vlan0005 active
-
8/6/2019 Tong Quan Ve VLAN
33/41
-
8/6/2019 Tong Quan Ve VLAN
34/41
-
8/6/2019 Tong Quan Ve VLAN
35/41
Interface fa0/1.1Encapsulation dot1q 1I
p address 192
.168.1.652
55.2
55.2
55.192
Interfact fa0/1.2Encapsulation dot1q 2Ip address 192.168.1.129
255.255.255.224
Port1 dot1q TrunkPort 2, 3 Vlan1, Port 4 Vlan2
-
8/6/2019 Tong Quan Ve VLAN
36/41
Khai bo kiu ng gi trn trunk port
Mc nh th catalyst 1900 ch h ch kiu ng giISL, v 2950 ch h ch
802.1q (dot1q)
Catalyst 3550 h ch c hai v th bn c th sdng kiu ng gi thch hp
switch(config-if)# switchport encapsulation dot1q
Hocswitch(config-if)# switchport encapsulation isl
-
8/6/2019 Tong Quan Ve VLAN
37/41
Cu hnh kiu ng gi trn cc cng logic
ca router2600# config t
2600(config)# int f0/0.1
2600(config-subif)# encapsulation dot1q vlan-number
Hoc
2600(config-subif)# encapsulation islvlan-number
-
8/6/2019 Tong Quan Ve VLAN
38/41
V d
2950#vlan database
2950(vlan)#vlan 22950(vlan)#exit
2950#config t
2950(config)#int fa0/12950(config-if)#switchportmode
trunk2950(config-if)#
-
8/6/2019 Tong Quan Ve VLAN
39/41
2950#config t2950(config)#int fa0/32950(config-if)#switchport
acess vlan 2
2950#config t2950(config)#int fa0/22950(config-if)#switchport
acess vlan 1
2950#config t2950(config)#int vlan 12950(config-if)# ip address
172.16.10.2
255.255.255.128
V d
-
8/6/2019 Tong Quan Ve VLAN
40/41
V d
Router#config tRouter(config)# int f0/0Router(config-if)#no ip
addressRouter(config-if)#no shutdownRouter(config-if)# int
f0/0.1Router(config-subif)# encapsulation dot1q
1Router(config-subif)# ip address 172.16.10.1
255.255.255.128Router(config-if)# int f0/0.2Router(config-subif)#
encapsulation dot1q 2Router(config-subif)# ip address 172.16.10.254
255.255.255.128
-
8/6/2019 Tong Quan Ve VLAN
41/41
Cu hnh VTP2950#vtp domain dhbk
2950#vtp password abcd
2950#vtp mode client
2950#vtp mode server
2950#vtp mode transparent
