CCNA3_M8_Virtual_LANs (1130771)
Текст из файла
CCNA – Semester3Module 8Virtual LANsObjectives• VLAN concepts• VLAN configuration• Troubleshooting VLANVLAN ConceptsVLAN introduction• A VLAN is a group of network services notrestricted to a physical segment or LAN switch• VLANs logically segment switched networksbased on the functions, project teams, orapplications of the organization.• A workstation in a VLAN group is restricted tocommunicating with other devices in the sameVLAN group.VLAN introductionBroadcast domainVLAN and broadcast domainVLAN Specifications• VLANs work at Layer 2 and Layer 3 of theOSI reference model.• VLANs provide a method of controllingnetwork broadcasts.• Communication between VLANs is providedby Layer 3 routing.• The network administrator assigns users toa VLAN.• VLANs can increase network security.Switch port modeTrunk linkAccess linkAccess linkVLAN operation• Each switch port could be assigned to adifferent VLAN.• Two methods that can be used to assign aswitch port to a VLAN:– Static– DynamicStatic VLANs• Static membership VLANs are called port-based andport-centric membership VLANs.Dynamic VLANs• Dynamic VLANs allow for membership based on theMAC address of the device connected to the switch port.Static and dynamic VLAN assignmentBenefits of VLANs• The key benefit of VLANs is that they permit the networkadministrator to organize the LAN logically instead ofphysically.
This means that an administrator is able todo all of the following:–––––Easily move workstations on the LAN.Easily add workstations to the LAN.Easily change the LAN configuration.Easily control network traffic.Improve security.VLAN types• There are three basic VLAN memberships fordetermining and controlling how a packet getsassigned:– Port-based VLANs– MAC address based VLANs– Protocol based VLANsNumber of VLANs• The number of VLANs in a switch varydepending on several factors:––––Traffic patternsTypes of applicationsNetwork management needsGroup commonality• In addition, an important consideration indefining the size of the switch and the numberof VLANs is the IP addressing scheme.Frames Tagging• Every frame is appended with a tag or VLAN ID.• Each switch examines every frame’s VLAN ID beforeforwarding.• Frame’s VLAN ID is removed before transmitted toend stationsTrunking Protocols• There are two major methods of frame tagging, InterSwitch Link (ISL) and 802.1Q.
ISL used to be themost common, but is now being replaced by 802.1Qframe tagging.Communicating between VLANsVLAN ConfigurationEnd-to-end VLAN•An end-to-end VLAN network comprises the followingcharacteristics:– Users are grouped into VLANs dependent on group or job function.– All users in a VLAN should have the same 80/20 traffic flow patterns.– As a user moves around the campus, VLAN membership for that user shouldnot change.– Each VLAN has a common set of security requirements for all members.– Allow devices to be grouped based upon resource usage.Geographic VLANs•••As many corporate networks have moved to centralize theirresources, end-to-end VLANs have become more difficult tomaintain.VLANs are now more frequently being created around geographicboundaries rather than commonality boundaries.The new 20/80 rule in effect.80 percent of the traffic isremote to the user and 20percent of the traffic is localto the user.Static VLANs• Static VLAN works well in networks where thefollowing is true:– Moves are controlled and managed.– There is robust VLAN management software to configurethe ports.– It is not desirable to assume the additional overheadrequired when maintaining end-station MAC addressesand custom filtering tables.VLANs on Cisco 29xx switches••••The maximum number of VLANs is switch dependent.VLAN 1 is one of the factory-default VLANs.VLAN 1 is the default Ethernet VLAN.Cisco Discovery Protocol (CDP) and VLAN TrunkingProtocol (VTP) advertisements are sent on VLAN 1.• The Catalyst 29xx IP address is in the VLAN 1 broadcastdomain by default.• The switch must be in VTP server mode to create, add,or delete VLANs (default).Create VLANs• If using a Cisco IOS command based switch,enter the VLAN configuration mode.Switch#vlan databaseSwitch(vlan)#vlan vlan_id name vlan_nameSwitch(vlan)#exit• Upon exiting, the VLAN is applied to the switchand VLAN information is stored in flash:vlan.dat(using Ctrl+Z will discard all changes).Assign VLANs• The next step is to assign the VLAN to one ormore interfaces:Switch(config)#interface fastethernet 0/9Switch(config-if)#switchport access vlan vlan_idSwitch(config-if)#switchport mode accessVerifying VLAN configuration• A good practice is to verify VLAN configurationby using:• show vlan• show vlan brief• show vlan id id_number• The following facts apply to VLANs:– A created VLAN remains unused until it is mapped toswitch ports.– All Ethernet ports are on VLAN 1 by default.Show vlanDeleting VLANs• To remove a VLAN from the interface or delete a specificVLAN, simply use the no form of the command.• If a VLAN is deleted, any ports assigned to that VLANbecome inactive.
The ports will remain associated withthe deleted VLAN until assigned to a new VLAN.• To delete all VLAN and VTP configuration use thecommand:Switch#delete flash:vlan.datTroubleshooting VLANVLAN problems isolationSTP problems• STP problems include broadcast storms, loops,dropped BPDUs and packets.• The root bridge is the central point of aspanning-tree configuration that controls howthe protocol operates.• Configuration of root bridge timers setparameters for forwarding delay or maximumage for STP informationPreventing broadcast storms• A broadcast storm occurs when a large numberof broadcast packets are received on a port.• Prevention of broadcast storms by settingthreshold values to high or low discardsexcessive broadcast, multicast, or unicast MACtraffic.• In addition, configuration of values for risingthresholds on a switch will shut the port down.VLANs common problemsShow vlanShow vlan output fieldsVLAN troubleshooting: scenarios 1• A trunk link cannot be established between a switchand a router.VLAN troubleshooting: scenarios 1••••Make sure that the port is connected and not receiving anyphysical-layer, alignment or frame-check-sequence (FCS) errors.Use show interfaceVerify that the duplex and speed are set properly between theswitch and the router.
Use show int status on switch or show interfaceon router.Configure the physical router interface with one subinterface foreach VLAN that will route traffic and make sure that eachsubinterface on the router has the proper encapsulation type, VLANnumber, IP address, and subnet mask configured. Use showinterface and show running-config.Confirm that the router is running an IOS release that supportstrunking. Use show version.VLAN troubleshooting: scenarios 2• VTP is not correctly propagating VLAN configurationchanges.VLAN troubleshooting: scenarios 2••••Make sure the switches are connected through trunk links. VTPupdates are exchanged only over trunk links. Use show int statuscommand.Make sure the VTP domain name is the same on all switches thatneed to communicate with each other.
VTP updates are exchangedonly between switches in the same VTP domain. Use show vtp statuscommand.Check the VTP mode of the switch. If the switch is in VTPtransparent mode, it will not update its VLAN configurationdynamically. Use the show vtp status command.If using VTP passwords, the same password must be configured onall switches in the VTP domain. To clear an existing VTP password,use the no vtp password password command on the VLAN mode.VLAN troubleshooting: scenarios 3• Problems can arise forinternetworks in whichboth IEEE and DECspanning-tree algorithmsare used by bridgingnodes causing droppedpackets and loops.• To resolve this problem,reconfigure all switchesfor IEEE.Summary• The key elements of a redundant networkingtopology• The benefits and risks of a redundanttopology• The role of spanning tree in a redundantpath switched network• The key elements of spanning-treeoperation• The process for root bridge election• Spanning-tree states• Rapid Spanning-Tree ProtocolLab TopologyCCNA3 – Module8.
Характеристики
Тип файла PDF
PDF-формат наиболее широко используется для просмотра любого типа файлов на любом устройстве. В него можно сохранить документ, таблицы, презентацию, текст, чертежи, вычисления, графики и всё остальное, что можно показать на экране любого устройства. Именно его лучше всего использовать для печати.
Например, если Вам нужно распечатать чертёж из автокада, Вы сохраните чертёж на флешку, но будет ли автокад в пункте печати? А если будет, то нужная версия с нужными библиотеками? Именно для этого и нужен формат PDF - в нём точно будет показано верно вне зависимости от того, в какой программе создали PDF-файл и есть ли нужная программа для его просмотра.
![](https://s.studizba.com/z.php?f=/templates/si/i/noavatar.png&w=100&h=100&t=1"){kind=avatar}
