VLAN Definitions

VLANs are logical connections with other similar devices.

Placing devices into various VLANs have the following characteristics:

  • Provides segmentation of the various groups of devices on the same switches
  • Provide organization that is more manageable
  • Broadcasts, multicasts and unicasts are isolated in the individual VLAN
  • Each VLAN will have its own unique range of IP addressing
  • Smaller broadcast domains
Benefits of a VLAN
BenefitsDescription
Smaller Broadcast DomainsDividing the LAN reduces the number of broadcast domains
Improved SecurityOnly users in the same VLAN can communicate together
Improved IT EfficiencyVLANs can group devices with similar requirements, e.g. faculty vs. students
Reduced CostOne switch can support multiple groups or VLANs
Better PerformanceSmall broadcast domains reduce traffic, improving bandwidth
Simpler ManagementSimilar groups will need similar applications and other network resources
Types of VLANs

Default VLAN

   VLAN 1 is the following:

  • The default VLAN
  • The default Native VLAN
  • The default Management VLAN
  • Cannot be deleted or renamed

Note: While we cannot delete VLAN1 Cisco will recommend that we assign these default features to other VLANs

Data VLAN

  • Dedicated to user-generated traffic (email and web traffic).
  • VLAN 1 is the default data VLAN because all interfaces are assigned to this VLAN.

Native VLAN

  • This is used for trunk links only.
  • All frames are tagged on an 802.1Q trunk link except for those on the native VLAN.

Management VLAN

  • This is used for SSH/Telnet VTY traffic and should not be carried with end user traffic.
  • Typically, the VLAN that is the SVI for the Layer 2 switch.

Voice VLAN 

    • A separate VLAN is required because Voice traffic requires:
    • Assured bandwidth
    • High QoS priority
    • Ability to avoid congestion
    • Delay less that 150 ms from source to destination
Defining VLAN Trunks
  • A trunk is a point-to-point link between two network devices.

Cisco trunk functions:

  • Allow more than one VLAN
  • Extend the VLAN across the entire network
  • By default, supports all VLANs
  • Supports 802.1Q trunking

Without VLANs, all devices connected to the switches will receive all unicast, multicast, and broadcast traffic.

With VLANs, unicast, multicast, and broadcast traffic is confined to a VLAN. Without a Layer 3 device to connect the VLANs, devices in different VLANs cannot communicate.

VLAN Identification with a Tag
  • The IEEE 802.1Q header is 4 Bytes
  • When the tag is created the FCS must be recalculated.
  • When sent to end devices, this tag must be removed and the FCS recalculated back to its original number.
  • VID :12-bit VLAN identifier that can support up to 4096 VLANs
Native VLANs and 802.1Q Tagging

802.1Q trunk basics:

    • Tagging is typically done on all VLANs.
    • The use of a native VLAN was designed for legacy use, like the hub in the example.
    • Unless changed, VLAN1 is the native VLAN.
    • Both ends of a trunk link must be configured with the same native VLAN.
    • Each trunk is configured separately, so it is possible to have a different native VLANs on separate trunks.
VLAN Ranges on Catalyst Switches
Negotiated Interface Modes

Dynamic Trunking Protocol (DTP) is a proprietary Cisco protocol.

DTP characteristics are as follows:

    • On by default on Catalyst 2960 and 2950 switches
    • Dynamic-auto is default on the 2960 and 2950 switches
    • May be turned off with the nonegotiate command
    • May be turned back on by setting the interface to dynamic-auto
    • Setting a switch to a static trunk or static access will avoid negotiation issues with the switchport mode trunk or the switchport mode access commands.
Download VLAN Config LAB
VLAN And Trunk LAB
VLAN Config Commands LAB1

Create VLANs on S1,S2,S3
S1
vlan 10
name Faculty/Staff
vlan 20
name Students
vlan 30
name Guest(Default)
vlan 99
name Management&Native
vlan 150
name VOICE

S2
vlan 10
name Faculty/Staff
vlan 20
name Students
vlan 30
name Guest(Default)
vlan 99
name Management&Native
vlan 150
name VOICE

S3
vlan 10
name Faculty/Staff
vlan 20
name Students
vlan 30
name Guest(Default)
vlan 99
name Management&Native
vlan 150
name VOICE

Assign VLANs to the active ports on S2
interface f0/11
switchport mode access
switchport access vlan 10
interface f0/18
switchport mode access
switchport access vlan 20
interface f0/6
switchport mode access
switchport access vlan 30

Assign VLANs to the active ports on S3
interface f0/11
switchport mode access
switchport access vlan 10
mls qos trust cos
switchport voice vlan 150
interface f0/18
switchport mode access
switchport access vlan 20
interface f0/6
switchport mode access
switchport access vlan 30

ON S1 Configure Trunk 
interface range g0/1-2
switchport mode trunk

Test connectivity between All PCs 

VLAN and Trunk Lab2 Config

SWB Config
vlan 10
name Admin
vlan 20
name Accounts
vlan 30
name HR
vlan 40
name Voice
vlan 99
name Management
vlan 100
name Native

interface f0/1
switchport mode access
switchport access vlan 10

interface f0/2
switchport mode access
switchport access vlan 20

interface f0/3
switchport mode access
switchport access vlan 30

interface vlan 99
ip address 192.168.99.253 255.255.255.0

interface G0/1
switchport mode trunk
switchport nonegotiate
switchport trunk native vlan 100

———————————–
SWA Config
vlan 10
name Admin
vlan 20
name Accounts
vlan 30
name HR
vlan 40
name Voice
vlan 99
name Management
vlan 100
name Native

interface vlan 99
ip address 192.168.99.252 255.255.255.0

interface G0/1
switchport mode trunk
switchport nonegotiate
switchport trunk native vlan 100

interface G0/2
switchport mode dynamic desirable
switchport trunk native vlan 100
————————————-
SWC Configuration

vlan 10
name Admin
vlan 20
name Accounts
vlan 30
name HR
vlan 40
name Voice
vlan 99
name Management
vlan 100
name Native

interface f0/1
switchport mode access
switchport access vlan 10

interface f0/2
switchport mode access
switchport access vlan 20

interface f0/3
switchport mode access
switchport access vlan 30

interface f0/4
switchport mode access
switchport access vlan 10
mls qos trust cos
switchport voice vlan 40

interface vlan 99
ip address 192.168.99.254 255.255.255.0

interface G0/2
switchport mode dynamic Auto
switchport trunk native vlan 100