10.9 C
Karachi
Monday, January 30, 2023
HomeNetworkingCCNA
NetworkingCCNA

CCNA 200-301 – VLAN Configuration

Gulraeez Gulshan
By Gulraeez Gulshan
0
995

In this article, we will demonstrate how to configure Virtual LAN (VLAN) on Cisco Catalyst Switch using a Cisco Packet Tracer.

What is VLAN?

Virtual LANs (VLANs) are configured on switches by placing interfaces into different broadcast domains. Each VLAN acts as a logical subgroup of the switch ports in an Ethernet LAN.

Broadly speaking, A single broadcast domain created by a switch is called a VLAN (Virtual LAN).

ccna-200-301-campus-lan-vlans
Campus Lan using VLANs

Broadcast Domain

A Local Area Network (LAN) can include user devices, servers, switches, routers, and wireless access points in one location. When any of the devices sends a broadcast frame, all the other devices get a copy of the frame. Then all these devices are said to be part of one Broadcast Domain. In other words, a LAN includes all devices in a single or same broadcast domain.

Broadcast Domains with No VLAN

By default, the switch includes all of its interfaces in the same broadcast domain. With no VLANs at our disposal, we had to buy two different physical switches to create two broadcast domains.

ccna-200-301-broadcast-domain-of-two-different-switches
Two Broadcast Domains with Two Physical Switches and No VLANs

Broadcast Domains with VLAN

A single switch can logically create two or more broadcast domains by using VLANs. We can configure some interfaces into one broadcast and some in another. Since two VLANs mean two different subnets, we will need a Router or Layer 3 Switch to communicate between the two subnets/VLANs.

ccna-200-301-creating-two-broadcast-domains-using-one-switch-and-vlans
Two Broadcast Domains Using One Switch and VLANs

Forwarding Traffic between Switches

VLAN Trunking

For a single switch, we just need to configure each port to what VLAN it belongs to. But when we have multiple interconnected switches, we also need to configure VLAN Trunking on the links that are joining switches.

  • Multiswitch VLAN without Trunking
  • Multiswith VLAN with Trunking

The design without trunking works but it is not scalable as the number of VLANs grows. We will need one separate link to support each VLAN between switches.

VLAN Tagging

The switch adds a smaller header to the ethernet frame so that each frame is identified by VLAN number as it crosses the trunk. This concept is called VLAN Tagging that helps to keep each VLAN traffic separate. Like in the diagram below, VLAN 1 frame will not go to VLAN 2 and vice versa.

VLAN Trunking Protocol

Cisco Switches support two trunking protocols: Inter-Switch Link (ISL) and 802.1Q. ISL is Cisco’s proprietary protocol while 802.1Q is a project of IEEE which is more popular.

Advantages of VLAN

  • We can improve the security of hosts by applying different security policies on different VLANs.
  • A network design becomes more flexible by grouping hosts logically through VLANs instead of grouping hosts physically.
  • Problem fixing becomes quick as the failure domain becomes short.
  • Host performance also improves by reducing the number of devices that receive broadcasts.

VLAN Configuration Without Trunk

Logical Topoloy in Cisco Packet Tracer

Links details diagram

# Origin Port Destination Port
1 Switch0:GigabitEthernet0/1 Switch1:GigabitEthernet0/1
2 Switch0:GigabitEthernet0/2 Switch1:GigabitEthernet0/2
3 Switch0:FastEthernet0/1 PC0:FastEthernet0
4 Switch0:FastEthernet0/2 PC1:FastEthernet0
5 Switch0:FastEthernet0/3 PC2:FastEthernet0
6 Switch0:FastEthernet0/4 PC3:FastEthernet0
7 Switch1:FastEthernet0/1 PC4:FastEthernet0
8 Switch1:FastEthernet0/2 PC5:FastEthernet0
9 Switch1:FastEthernet0/3 PC6:FastEthernet0
10 Switch1:FastEthernet0/4 PC7:FastEthernet0

Lab Objectives

  • Create two virtual LANs named VLAN 10 and VLAN 20.
  • Network IP is 192.168.10.0 and all PCs are configured with IP address in range (192.168.10.1 to 192.168.10.8).
  • Configure switchports of both switches for VLAN 10 & VLAN 20 in Access Mode.
  • For switch (Switch0), the ports gi0/1, fa0/3 and fa0/4 are configured to be accessed in VLAN 10, while the ports gi0/2, fa0/1 and fa0/2 in VLAN 20.
  • For switch (Switch1), the ports gi0/1, fa0/1 and fa0/2 are configured to be accessed in VLAN 10, while the ports gi0/2, fa0/3 and fa0/4 in VLAN 20.
  • Show the results by pinging between the devices in both VLANs.
  • There is no trunk port in both switches. But we will use two links for VLAN 10 and VLAN 20.

Configuring Switch0 for VLAN

Switch0>enable
Switch0#configure terminal
Switch0(config)#interface range f0/3-4, gi0/1
Switch0(config-if-range)#switchport mode access
Switch0(config-if-range)#switchport access vlan 10
Switch0(config-if-range)#exit
Switch0(config)#interface range f0/1-2, gi0/2
Switch0(config-if-range)#switchport mode access
Switch0(config-if-range)#switchport access vlan 20
Switch0(config-if-range)#exit
Switch0(config)#do show vlan

The “show vlan” command verifies that VLAN 10 and 20 have been created and each VLAN includes the desired ports.

Configuring Switch1 for VLANs

Switch1>enable
Switch1#configure terminal
Switch1(config)#interface range f0/1-2, gi0/1
Switch1(config-if-range)#switchport mode access
Switch1(config-if-range)#switchport access vlan 10
Switch1(config-if-range)#exit
Switch1(config)#interface range f0/3-4, gi0/2
Switch1(config-if-range)#switchport mode access
Switch1(config-if-range)#switchport access vlan 20
Switch1(config-if-range)#exit
Switch1(config)#do show vlan

Pinging the devices in Same VLANs

To verify that traffic flow between the same VLAN, we ping different PC from the same VLAN and find that PING is successful.

Pinging the devices between Different VLANs

Since the two VLANs are two different subnets, so there will no communication between the devices unless we use a Router or a Layer 3 Switch. Hence, PING is not successful.

VLAN Configuration With Trunk

Logical Topology in Cisco Packet Tracer

Link Details

# Origin Port Destination Port
1 Switch0:GigabitEthernet0/1 Switch1:GigabitEthernet0/1
2 Switch0:FastEthernet0/1 PC0:FastEthernet0
3 Switch0:FastEthernet0/2 PC1:FastEthernet0
4 Switch0:FastEthernet0/3 PC2:FastEthernet0
5 Switch0:FastEthernet0/4 PC3:FastEthernet0
6 Switch1:FastEthernet0/1 PC4:FastEthernet0
7 Switch1:FastEthernet0/2 PC5:FastEthernet0
8 Switch1:FastEthernet0/3 PC6:FastEthernet0
9 Switch1:FastEthernet0/4 PC7:FastEthernet0

Lab Objectives

  • Creating two virtual LANs named VLAN 10 and VLAN 20.
  • Network IP is 192.168.10.0 and all PCs are configured with IP address in range (192.168.10.1 to 192.168.10.8).
  • Configuring switchports of both switches for VLAN 10 & VLAN 20 in Access Mode and Trunk Mode.
  • For Switch0, the ports fa0/3 and fa0/4 are configured to be accessed in VLAN 10, while the ports fa0/1 and fa0/2 in VLAN 20.
  • For Switch1, the ports fa0/1 and fa0/2 are configured to be accessed in VLAN 10, while the ports fa0/3 and fa0/3 in VLAN 20.
  • For Switch0 and Switch1, gi0/1 is a Trunk Port.

Configuring Switch0 for VLAN and Trunking

Switch0>enable
Switch0#configure terminal
Switch0(config)#interface range fastEthernet 0/3-4
Switch0(config-if-range)#switchport mode access
Switch0(config-if-range)#switchport access vlan 10
Switch0(config-if-range)#exit
Switch0(config)#interface range fastEthernet 0/1-2
Switch0(config-if-range)#switchport mode access
Switch0(config-if-range)#switchport access vlan 20
Switch0(config-if-range)#exit
Switch0(config)#interface gigabitEthernet 0/1
Switch0(config-if)#switchport mode trunk
Switch0(config-if)#exit
Switch0(config)#do show vlan
Switch0(config)#do show interface trunk

The “show interface trunk” verifies that the desired port is in a trunking state and the protocol it is using is 802.1Q.

Configuring Switch1 for VLAN and Trunking 

Switch1>enable
Switch1#configure terminal
Switch1(config)#interface range fastEthernet 0/1-2
Switch1(config-if-range)#switchport mode access
Switch1(config-if-range)#switchport access vlan 10
Switch1(config-if-range)#exit
Switch1(config)#interface range fastEthernet 0/3-4
Switch1(config-if-range)#switchport mode access
Switch1(config-if-range)#switchport access vlan 20
Switch1(config-if-range)#exit
Switch1(config)#interface gigabitEthernet 0/1
Switch1(config-if)#switchport mode trunk
Switch1(config-if)#exit
Switch1(config)#do show vlan
Switch1(config)#do show interface trunk

Pinging the devices between VLANs

Now, you can ping the devices between the same VLAN and you will see that PING is successful as discussed above.

On the other hand, the PING will not succeed between the two different VLANs.

Previous article
CCNA 200-301 – Cisco Switch Basic Configuration
Next article
Network Automation Lab on GNS3
Gulraeez Gulshan
Gulraeez Gulshan
I am an engineer, programmer, tech-savvy professional, and very passionate about the latest technologies for the modern web, mobile, cloud-native, machine learning, and network automation. I have a bachelor's degree in Electronics Engineering and a Master's degree in Computer Science and Information Technology from a renowned university in Pakistan. I have not limited myself to a certain set of skills in this era where technology is in a state of flux; I have experience working with an extensive range of technologies and learning daily to update my skills and adapt to the latest technologies

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

GulraizGulshan is a blogging website. We provide you with the articles from Information Technology industry. Our articles range from Artificial Intelligence, Blockchain, Web Development, Mobile Development, and much more.

Contact us: contact@gulraizgulshan.com

© 2022 GulraizGulshan - All Rights Reserved.