Category Archives: 1.3 Configure and verify VLANs

SWITCH 300-115 1.4 Configure and verify trunking

1.4.b dot1Q

https://en.wikipedia.org/wiki/IEEE_802.1Q

http://www.ieee802.org/1/pages/802.1Q.html

http://bradhedlund.com/2007/11/27/vlan-trunking-using-ieee-8021q/

http://www.firewall.cx/cisco-technical-knowledgebase/cisco-routers/336-cisco-router-8021q-router-stick.html

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-1_13_ea1/configuration/guide/3550scg/swtunnel.html

http://www.firewall.cx/networking-topics/vlan-networks/219-vlan-tagging.html

SWITCH 300-115: 1.3 Configure and verify VLANs

1.3.c Normal, extended VLAN, voice VLAN

Normal, extended, voice vlan VIDEO

https://www.youtube.com/watch?v=sfEzCkPnZZQ

Normal Vlans

The range of vlans between 1 and 1005 is considered normal, however vlan 1 is obviously special, and 1002 through 1005 are reserved for ancient technologies like FDDI and token ring that nobody uses anymore and these  cannot be modified.
There are quite a few parameters that can be set on the vlan as shown here:

config t
vlan 10
?

But mostly you will give the vlan an id and name and little else. Private-vlan and remote-span might be an occasional use case.

Extended Vlans

Extended VLANs are VLANs that fall in the range 1006 to 4094. They are mainly used in service provider networks to allow for the provisioning of large numbers of customers.
Extended Vlans differ from normal vlans because they have higher numbers.
Extended Vlans must be configured in VTP transparent mode
Extended Vlans are saved to the running-config

If you are actually in need of that many Vlans on your enterprise network you should have your head examined just before rewriting your resume.

There is one interesting note here.

Getting ahead a little, if you make a switchport a routed port with:

int f0/22
no switchport
ip add 172.16.1.1 255.255.255.0
no shut

You will see that the routed port will use up the next available extended vlan id, in this case 1006:
show vlan internal usage.
Something to be aware of in case you suddenly go off the deep end and make a thousand vlans.

Voice Vlan.

As we discussed in the Vlan database video, an access port may be provisioned for both data and voice with:
config t
vlan 10
name data
vlan 25
name voice
int f0/21
sw mode acc
sw acc vlan 10
sw voice vlan 25
show vlan brief

SWITCH 300-115 1.3 Configure and verify VLANs

1.3.a Access ports

Typically, an access port is used by a host to gain entry onto the network via an access layer switch.

An access port can have only one VLAN configured on an interface, meaning it can carry traffic for only a single vlan.

However, for completeness there is also an access port type known as muliti-vlan access  whereby the voice vlan feature is enabled along with the switchport access vlan X command to support data and voice simultaneously. But that is another discussion.

Let’s default the interface first

and sh vlan brief

Shows us all of the ports are assigned to vlan 1 out of the box

Then examine the operational mode GOT season 7 with show interface f0/11 switchport

other useful interface commands are

sh int f0/11

sh run int f0/11

sh int f0/11 status

sh int descr

To enable a port for use with a Vlan use

switchport mode access,

Note that if the vlan has not already been created using the vlan X command, it will be created as a result of the switchport access vlan X command as demonstrated here:

switchport access vlan 10

There is also a macro command that will cause an access port to become a host port immediately

switchport host

This will set it as access, enable spanning-tree portfast and will not allow it to become a member of an etherchannel