7/24/2019 VLANs LAYER 2 & LAYER 3

1/2

VLAN is a virtual LAN. In technical terms, a VLAN is a broadcast domain createdby switches. Normally, it is a router creating that broadcast domain. With VLANs,a switch can create the broadcast domain.

This works by, you, the administrator, putting some switch ports in a VLAN otherthan 1, the default VLAN. All ports in a single VLAN are in a single broadcastdomain.

Because switches can talk to each other, some ports on switch A can be in VLAN 10 and other ports on switch B can be in VLAN 10. Broadcasts between these devices will not be seen on any other port in any other VLAN, other than 10. However,these devices can all communicate because they are on the same VLAN. Without additional configuration, they would not be able to communicate with any other devices, not in their VLAN.

Please find the details below:

Vlan on Switches:-

Two types of Vlan(Layer 2 - Layer3)

Layer 2 vlan:

config t# vlan

Eg:

Lets say we wanted to create VLANs 5 and 10. We want to put ports 2 in VLAN 5 (Marketing) and port 3 in VLAN 10 (Human Resources). On a Cisco 2950 switch, here ishow you would do it:

# vlan 5

#name marketing

vlan 10

name humanresouces

exit

int f0/2

switchport mode access

switchport access vlan 5

int f0/3

switchport mode access

switchport access vlan 10

7/24/2019 VLANs LAYER 2 & LAYER 3

2/2

Layer 3:

conf t# interface vlan 2

followed by ip address.

Please find below link which explains complete info on VLans.

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_9_ea1/configuration/guide/swvlan.html

2- Vlan on Router:

A vlan configuration on a router is slightly different than on a switch. On a switch, you would create the vlan and then the routed vlan interface.

On a router you tie a vlan to a subinterface. You need to create the subinterface and then do the encapsulation dot1q command. This command basicall

y assigned the vlan to the subinterface. In this example, there are 2 vlans, vlan 100 and 201. On the eth 0/0 interface, I created two subinterfaces. fastethernet0/0.100 and f0/0.201. Notice that I matched the subinterface number with the vlan ID. You do not have to do this, but it is a best practice and really helps you as the administrator keep things organized. So, under f0/0.100, there is the encapsulation dot1q 100, which basically binds vlan 100 to subinterface f0/0.100, then I assigned the IP. The same is for the other subinterface. So therouter is trunking two vlans on its f0/0 interface, vlan's 100 and 201.

interface FastEthernet0/0no ip addressspeed 100

full-duplex!interface FastEthernet0/0.100description test Networkencapsulation dot1Q 100ip address 192.168.102.1 255.255.255.128no snmp trap link-status!interface FastEthernet0/0.201description Officeencapsulation dot1Q 201ip address 205.127.102.129 255.255.255.128no snmp trap link-status