VLAN creates a logical separation between switch ports. Each VLAN behaves like a separate physical switch.
By default, all the switch ports reside in VLAN 1. A switch will never allow traffic to cross a VLAN boundary.
By default, all the switch ports reside in VLAN 1. A switch will never allow traffic to cross a VLAN boundary.
There are two types of ports on a switch. They are
1.) Access Port
2.) Trunk Port
1.) Access Port:- An access port is a switch port that is a member of only one VLAN traffic.
Syntax:-
Tosif(config-if)# interface Port name
Tosif(config-if)# switchport mode access
Tosif(config-if)# switchport access vlan no.
2.) Trunk Port:- A trunk port is a switch port that is carrying more than one VLAN traffic
Tosif(config-if)# interface Port name
Tosif(config-if)# switchport mode trunk
======================================
Creating the VLAN in the VLAN Database.
Switch(config)# hostname Tosif
Tosif(config)# vlan 10
Tosif(config-vlan)# name HR
Assigning the Switch port to a VLAN
Tosif(config)# interface Ethernet 0/0
Tosif(config-if)# switchport mode access
Tosif(config-if)# switchport access vlan 10
Note:- The switchport mode access command sets the port as an access port, and the switchport access vlan <#> command designates the port as a member of VLAN 10.
=======================================
VLAN Lab Configuration
Switch>en
Switch#configure terminal
Switch(config)#hostname Tosif
Tosif(config)#vlan 10
Tosif(config-vlan)#name HR
Tosif(config-vlan)#EX
------------------------
Tosif(config)#vlan 20
Tosif(config-vlan)#name Account
Tosif(config-vlan)#ex
To verify these two VLAN. Run below command
<Tosif> sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
10 HR active
20 Account active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
------------------------
Create Vlan to Tosif Switch
Switch>en
Switch#configure terminal
Switch(config)#hostname Mizen
Mizen(config)#vlan 10
Mizen(config-vlan)#name HR
Mizen(config-vlan)#EX
------------------------
Mizen(config)#vlan 20
Mizen(config-vlan)#name Account
Mizen(config-vlan)#ex
To verify these two VLAN. Run below command
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
Gig0/1, Gig0/2
10 HR active
20 Account active
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active
-------------------------------------------------------------------------------
Assigning IP & ports to VLAN's
Tosif Switch Vlan Configuration
Tosif(config)#interface vlan 10
Tosif(config-vlan)#ip address 10.0.0.1 255.0.0.0
Tosif(config-vlan)#no shutdown
Tosif(config)#interface fastethernet0/1
Tosif(config-if)switchport mode access
Tosif(config-if)switchport access vlan 10
Tosif(config)#interface vlan 20
Tosif(config-vlan)#ip address 20.0.0.1 255.0.0.0
Tosif(config-vlan)#no shutdown
Tosif(config)#interface fastethernet0/2
Tosif(config-if)switchport mode access
Tosif(config-if)switchport access vlan 20
Mizen Switch Vlan Configuration
Mizen(config)#interface fastethernet0/1
Mizen(config-if)switchport mode access
Mizen(config-if)switchport access vlan 10
Mizen(config)#interface fastethernet0/2
Mizen(config-if)switchport mode access
Mizen(config-if)switchport access vlan 20
To check Vlan IP Address & which ports are assigned to vlan. For this we use these command
Tosif>sh ip int br
Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES manual administratively down down
Vlan10 10.0.0.1 YES manual up up
Vlan20 20.0.0.1 YES manual up up
Tosif>sh vlan
VLAN Name Status Ports
10 HR active Fa0/1
20 Account active Fa0/2
Done. Now ping it to check whether it is working or not.
<Tosif>ping 10.0.0.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 0/0/1 ms
=========================================================================
Inter Vlan Routing Overview
As you know Pc's within the Vlan will be allow to communicate to each other, they will not be able to communicate to Pc's in the other Vlan's.
Inter-Vlan routing allows you the ability to route between 2-vlan(two-vlan).
Inter-Vlan routing could be accomplished either by using a Router or a layer-3 switch.
A layer-3 switch is a switch also has the ability to perform routing functions.
Inter-Vlan Routing using a Router with Multiple ports
In the configuration, we use a Router with 2-ports and connect the 2-ports to 2 ports on the switch.
Step1 :- Vlan Creation
Switch>en
Switch#configure terminal
Switch(config)#hostname Tosif
Tosif(config)#vlan 10
Tosif(config-vlan)#name HR
Tosif(config-vlan)#EX
Tosif(config)#vlan 20
Tosif(config-vlan)#name Account
Tosif(config-vlan)#ex
==========================================================
Step2-: Vlan Assigned on ports
Tosif(config)#interface fastethernet0/1-2
Tosif(config-if)switchport mode access
Tosif(config-if)switchport access vlan 10
Tosif(config)#interface fastethernet0/3-4
Tosif(config-if)switchport mode access
Tosif(config-if)switchport access vlan 20
Switch(config)#int gigabitEthernet 0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config)#int gigabitEthernet 0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 20
==========================================================
Step3:- Router Configuration for Inter-Vlan
Router(config)#int gigabitEthernet 0/0
Router(config-if)#ip address 10.0.0.1 255.0.0.0
Router(config-if)#no shutdown
Router(config)#int gigabitEthernet 0/1
Router(config-if)#ip address 20.0.0.1 255.0.0.0
Router(config-if)#no shutdown
Note :- Done. Now assign IP to PC's & enjoy Inter-Vlan routing
Inter-Vlan Routing using a Router with Sub-Interface
In this configuration, we use a router with a single port. We split the port into two logical interface on the router. These logical interface are called Sub-Interface.
Step1 :- Vlan Creation
Switch>en
Switch#configure terminal
Switch(config)#hostname Tosif
Tosif(config)#vlan 10
Tosif(config-vlan)#name HR
Tosif(config-vlan)#EX
------------------------
Tosif(config)#vlan 20
Tosif(config-vlan)#name Account
Tosif(config-vlan)#ex
==========================================================
Step2-: Vlan Assigned on ports
Tosif(config)#interface fastethernet0/1-2
Tosif(config-if)switchport mode access
Tosif(config-if)switchport access vlan 10
Tosif(config)#interface fastethernet0/3-4
Tosif(config-if)switchport mode access
Tosif(config-if)switchport access vlan 20
Switch(config)#int gigabitEthernet 0/1
Switch(config-if)#switchport mode trunk
==========================================================
Router Configuration for Inter-Vlan routing using a Router with Sub-Interface
Router(config)#int gigabitEthernet 0/0.10
Router(config-subif)#encapsulation dot1Q 10
Router(config-subif)#ip address 10.0.0.1 255.0.0.0
Router(config-subif)#no shutdown
Router(config)#int gigabitEthernet 0/0.20
Router(config-subif)#encapsulation dot1Q 20
Router(config-subif)#ip address 20.0.0.1 255.0.0.0
Router(config-subif)#no shutdown
Done. Now assign IP to PC's & enjoy Inter-Vlan routing using a Router with Sub-Interface
Thank you brother for Nice content about vlan ..it is very usable for me from create vlan to create & work inter-vlan concept thank you so much
ReplyDelete