What is a LAN?
Okay, most of you already know what a LAN is but let’s give it a definition to make sure. We have to do this because, if you don’t know what a LAN is, you can’t understand what a VLAN is.
A LAN is a local area network and is defined as all devices in the same broadcast domain. If you remember, routers stop broadcasts, switches just forward them.
What is a VLAN?
As I said, a VLAN is a virtual LAN. In technical terms, a VLAN is a broadcast domain created by switches. Normally, it is a router creating that broadcast domain. With VLAN’s, a switch can create the broadcast domain.
This works by, you, the administrator, putting some switch ports in a VLAN other than 1, the default VLAN. All ports in a single VLAN are in a single broadcast domain.
Because switches can talk to each other, some ports on switch A can be in VLAN 10 and other ports on switch B can be in VLAN 10. Broadcasts between these devices will not be seen on any other port in any other VLAN, other than 10. However, these devices can all communicate because they are on the same VLAN. Without additional configuration, they would not be able to communicate with any other devices, not in their VLAN.
Are VLANs required?
It is important to point out that you don’t have to configure a VLAN until your network gets so large and has so much traffic that you need one. Many times, people are simply using VLAN’s because the network they are working on was already using them.
Another important fact is that, on a Cisco switch, VLAN’s are enabled by default and ALL devices are already in a VLAN. The VLAN that all devices are already in is VLAN 1. So, by default, you can just use all the ports on a switch and all devices will be able to talk to one another.
When do I need a VLAN?
You need to consider using VLAN’s in any of the following situations:
- You have more than 200 devices on your LAN
- You have a lot of broadcast traffic on your LAN
- Groups of users need more security or are being slowed down by too many broadcasts?
- Groups of users need to be on the same broadcast domain because they are running the same applications. An example would be a company that has VoIP phones. The users using the phone could be on a different VLAN, not with the regular users.
- Or, just to make a single switch into multiple virtual switches.
Why not just subnet my network?
A common question is why not just subnet the network instead of using VLAN’s? Each VLAN should be in its own subnet. The benefit that a VLAN provides over a subnetted network is that devices in different physical locations, not going back to the same router, can be on the same network. The limitation of subnetting a network with a router is that all devices on that subnet must be connected to the same switch and that switch must be connected to a port on the router.
With a VLAN, one device can be connected to one switch, another device can be connected to another switch, and those devices can still be on the same VLAN (broadcast domain).
How can devices on different VLAN’s communicate?
Devices on different VLAN’s can communicate with a router or a Layer 3 switch. As each VLAN is its own subnet, a router or Layer 3 switch must be used to route between the subnets.
What is a trunk port?
When there is a link between two switches or a router and a switch that carries the traffic of more than one VLAN, that port is a trunk port.
A trunk port must run a special trunking protocol. The protocol used would be Cisco’s proprietary Inter-switch link (ISL) or the IEEE standard 802.1q.
How to configure VLAN on a Cisco Switch?
VLAN stands for virtual LAN and technically we can say, a VLAN is a broadcast domain created by switch. When managing a switch, the management domain is always VLAN 1, the default VLAN. All ports of switch are assigned to VLAN 1 by default. VLAN increase the performance of a network because it divide a network logically in different parts and limit the broadcasts.Any member of VLAN 2 can not talk with any member of VLAN 3 without router but all the members of VLAN 2 and VLAN 3 can talk with other members within their VLANs.This Lab will also help how VLANs can be used to separate traffic and reduce broadcast domains. To create a VLAN, first enter global configuration mode to run the following commands. Configuration to create VLAN 2
| SwitchA(config)#configure terminal | (enter in global configuration mode) |
| SwitchA(config)#vlan 2 | (defining the vlan 2) |
| SwitchA(config)#vlan 2 name marketing | (assigning the name marketing to vlan 2) |
| SwitchA(config)#vlan 2 name marketing | (assigning the name marketing to vlan 2) |
| SwitchA(config)#exit | (exit from vlan 2) |
| Configuration to create VLAN 3 | |
| SwitchA(config)#configure terminal | (enter in global configuration mode) |
| SwitchA(config)#vlan 3 | (defining the vlan 3) |
| SwitchA(config)#vlan 3 name management | (assigning the name management to vlan 3) |
| SwitchA(config)#exit | (exit from vlan 3) |
| Now assigning the ports 2 and 3 to VLAN 2, it must be done from the interface mode. Enter the following commands to add port 2 and 3 to VLAN 2. | |
| SwitchA(config)#configure terminal | (enter in global configuration mode) |
| SwitchA(config)#interface fastethernet 0/2 | (select the Ethernet 0 of port 2) |
| SwitchA(config-if)#switchport access vlan 2 | (allot the membership of vlan 2) |
| SwitchA(config-if)#exit | (exit from interface 2) |
|
Now
adding port 3 to VLAN 2 |
|
| SwitchA(config)#interface fastethernet 0/3 | (select the Ethernet 0 of port 3) |
| SwitchA(config-if)#switchport access vlan 2 | (allot the membership of vlan 2) |
| SwitchA(config-if)#exit | (exit from interface 3) |
| Now assigning the ports 4 and 5 to VLAN 3, enter the following commands to add port 4 and 5 to VLAN 3. | |
| SwitchA(config)#configure terminal | (enter in global configuration mode) |
| SwitchA(config)#interface fastethernet 0/4 | (select the Ethernet 0 of port 4) |
| SwitchA(config-if)#switchport access vlan 3 | (allot the membership of vlan 3) |
| SwitchA(config-if)#exit | (exit from interface 4) |
| Now adding port 5 to VLAN 3 | |
| SwitchA(config)#interface fastethernet 0/5 | (select the Ethernet 0 of port 5) |
| SwitchA(config-if)#switchport access vlan 3 | (allot the membership of vlan 3) |
| SwitchA(config-if)#exit | (exit from interface 5) |
0 comments:
Post a Comment