Tuesday, March 8, 2011

VLAN : 5 mintue reading to get the core concept of VLAN implementation

VLAN (Virtual LAN) is the logical technique that enables hosts across various LANs to communicate with each other as if they are on same LAN/wire.

VLAN splits the broadcast domain as host on one VLAN can't talk with host on another VLAN without the help of Layer 3 device.

There are two types of the switch port operation mode:

Trunk Mode: Allows multiple VLAN ID to pass through; Usually FastEthernet 0/24 port or GigabitEthernet port for inter-switch link. Multiple switches are interconnected via link connected to the port in Trunk mode.

Access Mode: Allows only one VLAN ID; Hosts are connected to the ports defined as Access mode. By default all ports on the switch are in Access Mode.



Let's see how to define VLAN, add interface/switch ports to VLAN and define TRUNK port

[ In this example we have FinanceDept and HumanResourceDept and we want to separate them using VLAN]

>en
Switch#config term
Switch#hostname Switch1

Switch1-config# vlan 2
Switch1-config-vlan#name HumanResourceDept

Switch1-config-vlan#vlan 3
Switch1-config-vlan#name FinanceDept

Switch1-config-vlan#exit
Switch1-config#exit

Switch1#show vlan
(Find which ports are being used by HumanResourceDept hosts and FinanceDept hosts; say F0/1,F0/2 are being used by HumanResourceDept hosts and F0/3 and F0/4 are being used by FinanceDept hosts)

Switch1#config term
Switch1-config#int F0/1
Switch1-config-if#switchport access vlan 2
Switch1-config-if#int F0/2
Swtich1-config-if#switchport access vlan 2

Switch1-config#int F0/3
Switch1-config-if#switchport access vlan 3
Switch1-config-if#int F0/4
Swtich1-config-if#switchport access vlan 3

Switch1-config-if# [press Ctrl + z]
Switch1#

Now check, if F0/1 and F0/2 are assigned to VLAN 2 , similarly check if F0/3 and F0/4 are assigned to VLAN 3

Switch1#show vlan

Now, hosts belonging to HumanResourceDept connected to Port F0/1 and F0/2 should be able to talk to each other. Perfom ping test.
Similarly do the test with FinanceDept hosts

VERY VERY IMPORTANT CONCEPTS:
>> Hosts on same vlan *must* has same subnet number. For example HumanResourceDept hosts should be under same subnet e.g 192.168.1.0/24 like Host1 IP: 192.168.1.2/24 Host2 IP: 192.168.1.3/24

>> Layer 3 device is required to establish communication between different VLANs


Now, lets define Trunk port on Switch1 so that we can interconnect it to another switch Switch2.

Switch1#config term
Switch1-config#int F0/24
Switch1-config-if#switchport mode trunk

Switch1-config-if# [Press Ctrl + z]

Switch1#show interface trunk

[This will show that F0/24 passes all the VLAN from one switch to another switch. Thus TRUNK mode is only enabled on FastEthernet port and GigabitEthernet port as it requires high bandwidth to pass all VLAN]

Do the same on Switch2

Switch>en
Switch#hostname Switch2

Switch2#config term
Switch2-config#int F0/24
Switch2-config-if#switchport mode trunk

Switch2-config-if# [Press Ctrl + z]

Switch2#show interface trunk


Let's say there is one host of FinanceDept plugged in on port F0/10 of switch2. For the hosts of FinanceDept on switch1 to talk with host on switch2, you have to define VLAN on switch2 and add the desired access port (here in our example: it's port F0/10 on that vlan 3).

Switch2#config term
Switch2-config#int F0/10
Switch2-config-if#switchport access vlan 3

Now, perform ping test between hosts of FinanceDept plugged in to Switch1 and Switch2. [ Friendly reminder: Hosts on same vlan should have same subnet number.]