BSIG: Fast Notes - VLANs

What are VLANs?

VLANs are broadcast domains in a Layer 2 network. Each broadcast domain is like a distinct virtual bridge within the switch. Each virtual bridge you create in a switch defines a broadcast domain. By default, traffic from one VLAN cannot pass to another VLAN. Each of the users in a VLAN is also in the same IP subnet, and each switch port can belong to only one VLAN.

What are the three characteristics of a typical VLAN setup?

The three characteristics of a typical VLAN setup are:

  • Each logical VLAN is like a separate physical bridge.
  • VLANs can span multiple switches.
  • Trunks carry traffic for multiple VLANs.

What are trunk links?

By default, each port on a switch can belong to only one VLAN. For devices that are in VLANs (that span multiple switches) to talk to other devices in the same VLAN, you must use trunking or have a dedicated port per VLAN. Trunk links allow the switch to carry multiple VLANs across a single link.

What are the two methods you can use to assign a port to a VLAN?

The two methods to assign a port to a VLAN are

  • Statically
  • Dynamically

What is Inter-Switch Link (ISL)?

ISL is a Cisco proprietary protocol used to interconnect switches that have multiple VLANs. It maintains VLAN information as traffic goes between switches, allowing the traffic to enter the correct VLAN. ISL operates in a point-to-point environment.

At which layer of the OSI model does ISL function?

ISL functions at Layer 2 of the OSI model. It encapsulates a data frame with a new ISL header and CRC. Because ISL operates at Layer 2 of the OSI model, it is protocol-independent.

What type of tagging method does ISL use?

Many network professions refer to the way ISL tags frames as an external tagging mechanism. This is because ISL encapsulates each frame and does not modify the original packet.

Many network professions refer to the way ISL tags frames as an external tagging mechanism. This is because ISL encapsulates each frame and does not modify the original packet.

How many extra bytes does ISL add to an existing Ethernet frame?

ISL adds a 26-byte ISL header and a 4-byte CRC to each frame, extending each Ethernet frame by 30 bytes. ISL tagging is implemented in ASICs, so tagging is done at wire speed.

What is VTP?

VLAN Trunking Protocol (VTP) is a Layer 2 messaging protocol that maintains VLAN configuration consistency throughout a common administrative domain by managing VLANs' additions, deletions, and name changes across multiple switches. Without VTP, you would have to add VLAN information in all switches in your network.

What is a VTP domain?

A VTP domain is one or more interconnected switches that share the same VTP environment. A switch can be in only one VTP domain, and all VLAN information is propagated to all switches in the same VTP domain.

What are the three VTP modes?\

The three VTP modes are

  • Server
  • Client
  • Transparent

What is VTP server mode?

A switch in VTP server mode can add, delete, and modify VLANs and other configuration parameters for the entire VTP domain. This is the default mode for all Catalyst switches. VLAN configurations are saved in NVRAM. When you change VLAN configuration in server mode, the change is dynamically propagated to all switches in the VTP domain.

What is VTP client mode?

In VTP client mode, a switch cannot create, delete, or modify VLANs. Also, a VTP client does not save VLAN information and configuration in NVRAM. In client and server mode, VLAN information is synchronized between switches in the VTP domain.

What is VTP transparent mode?

In transparent mode, a switch can add, modify, and delete VLANs. This information is not transmitted to other switches in the VTP domain. They affect only the local switch. VTP transparent mode is used when a switch does not need to participate in the VTP domain but needs to propagate VTP information to other switches.

How often are VTP advertisements flooded throughout the management domain?

VTP advertisements are flooded throughout the management domain every 5 minutes or whenever a change occurs in VLAN configuration.

What is included in VTP advertisements?

VTP advertisements include the following:

  • VTP revision number
  • VLAN names and numbers
  • Information about switches that have ports assigned to each VLAN

What is one of the most important components of the VTP advertisement?

The revision number is one of the most important components of the VTP advertisement. Every time a VTP server modifies its VLAN configuration, it increments the configuration number by 1. The largest configuration number in the VTP domain contains the most current information. When a client receives a revision number higher than its current number, it updates its VLAN configuration.

On a Catalyst 1900 switch, how do you reset the configuration number?

To reset the configuration numbers on a Catalyst 1900, use the delete vtp privileged EXEC command, and then reset the switch.

What is VTP pruning?

By default, a trunk link carries traffic for all VLANs in the VTP domain. Even if a switch does not have any ports in a specific VLAN, traffic for that VLAN is carried across the trunk link. VTP pruning uses VLAN advertisements to determine when a trunk connection is needlessly flooding traffic to the trunk links that the traffic must use to access the appropriate network device.

How many VLANs with a separate spanning tree per VLAN does the Catalyst 1900 support?

The Catalyst 1900 supports 64 VLANs with a separate spanning tree per VLAN.

What VLAN number are CDP and VTP advertisements sent across?

CDP and VTP advertisements are sent on VLAN 1, which is also known as the management VLAN.

What must you remember before you create VLANs on a Catalyst switch?

Before you create VLANs on a Catalyst 1900 switch, the switch must be in VTP server mode or VTP transparent mode.

How do you configure the VTP operation mode on a Catalyst 1900?

To configure VTP on a Catalyst 1900, use the vtp [server | transparent | client] global configuration command: 

Cat1900(config)#vtp server

How do you configure a VTP domain on a Catalyst 1900 switch?

To configure a VTP domain on a Catalyst 1900 switch, use the vtp domain domain-name global command: 

Cat1900(config)#vtp domain cisco

How do you configure a VTP domain password on a Catalyst 1900?

Use the vtp password password global command to configure a VTP domain password. This example sets the VTP password to cisco: 

Cat1900(config)#vtp password cisco

What does the show vtp privileged EXEC command display?

The show vtp privileged EXEC command displays the following:

  • VTP version
  • The number of existing VLANs on a switch and the maximum number of locally supported VLANs
  • VTP domain name, password, and operating mode
  • Whether VTP pruning is enabled
  • The last time VLAN configuration was modified.

Here's an example of show vtp output: 

Cat1900#show vtp
VTP version: 1
     Configuration revision: 0
     Maximum VLANs supported locally: 1005
     Number of existing VLANs: 5
     VTP domain name         : cisco
     VTP password            : cisco
     VTP operating mode      : Server
     VTP pruning mode        : Disabled
     VTP traps generation    : Enabled
     Configuration last modified by: 192.168.0.2 at 00-00-0000 00:00:00

How do you set a Fast Ethernet interface to trunk mode? 

To set a Fast Ethernet interface to trunk mode, use the trunk [on | off |desirable | auto | nonnegotiate] interface configuration command. The options for the trunk command are as follows:

· on             Configures the link in permanent trunking mode.
· off            Disables trunking on the interface if it is on.
· desirable      Tells the port to enable trunking if the
                 opposite switch port that is connected is set
                 to on, desirable, or auto.
· auto           Enables trunking on the port if the opposite
                 switch port is set to on or desirable.
· nonnegotiate   Configures the trunk to be in permanent ISL
                 trunk mode with no negotiation.

Here's an example:

Cat1900(config)#int f0/27
Cat1900(config-if)#trunk on

On a Catalyst 1900, how do you view trunk configuration?

To view trunk configuration, use the show trunk [a | b] command, where a represents Fast Ethernet port 0/26 and b represents Fast Ethernet port 0/27. The following example shows that trunking is enabled on Fast Ethernet port 0/27: 

Cat1900#show trunk b
DISL state: On, Trunking: On, Encapsulation type: ISL

What command do you use to add a VLAN on a Catalyst switch?

To add a VLAN on a Catalyst switch, use the vlan vlan-number [name vlan_name] global command. The following example adds VLAN 10 with a name of Sales: 

Cat1900(config)#vlan 10 name Sales

What Catalyst 1900 command can you use to verify VLAN information?

To verify VLAN information, use the show vlan vlan-number privileged EXEC command. The output in the following example shows the VLAN information for VLAN 10: <[? 

Cat1900#show vlan 10

VLAN Name             Status     Ports
--------------------------------------
10   Sales            Enabled
--------------------------------------

VLAN Type           SAID   MTU    Parent RingNo BridgeNo Stp  Trans1 Trans2
---------------------------------------------------------------------------
10   Ethernet       100010 1500   0      1      1        Unkn 0      0
---------------------------------------------------------------------------

After you create your VLANs on a switch, how do you add a port to a VLAN?

To add a port to a VLAN, use the vlan-membership {static {vlan-number} | dynamic } interface configuration command. The following example adds port 4 to VLAN 10: 

Cat1900(config)#int e0/4
Cat1900(config-if)#vlan-membership static 10

How do you view what VLANs the ports on your switch belong to?

To view what VLAN the ports on your switch belong to, use the show vlan-membership privileged EXEC command: 

Cat1900#show vlan-membership
   Port  VLAN    Membership Type     Port  VLAN    Membership Type
   -----------------------------     -----------------------------
   1        1       Static           13       1       Static
   2        1       Static           14       1       Static
   3        1       Static           15       1       Static
   4       10       Static           16       1       Static
   5        1       Static           17       1       Static
   6       10       Static           18       1       Static
   7        1       Static           19       1       Static
   8        1       Static           20       1       Static
   9        1       Static           21       1       Static

How do you view spanning tree information for a particular VLAN?

A Catalyst 1900 switch can have a maximum of 64 VLANs with a separate instance of spanning tree per VLAN. To view spanning tree information for a particular VLAN use the "show spandtree vlan-id" command. The following example shows the spanning tree information for VLAN 10. 

Cat1900#show spantree 10
VLAN10 is executing the IEEE compatible Spanning Tree Protocol
   Bridge Identifier has priority 32768, address 0010.F621.F681
   Configured hello time 2, max age 20, forward delay 15
   Current root has priority 0, address 0010.F621.F681
   Root port is N/A, cost of root path is 0
   Topology change flag not set, detected flag not set
   Topology changes 0, last topology change occurred 0d00h00m00s ago
   Times:  hold 1, topology change 8960
           hello 2, max age 20, forward delay 15
   Timers: hello 2, topology change 35, notification 2
Port Ethernet 0/4 of VLAN10 is Forwarding
   Port path cost 100, Port priority 128
   Designated root has priority 0, address 0010.F621.F681
   Designated bridge has priority 32768, address 0010.F621.F681
   Designated port is 4, path cost 0
   Timers: message age 20, forward delay 15, hold 1
Port Ethernet 0/6 of VLAN10 is Forwarding
   Port path cost 100, Port priority 128
   Designated root has priority 32768, address 0010.F621.F681
   Designated bridge has priority 32768, address 0010.F621.F681
   Designated port is 6, path cost 0
   Timers: message age 20, forward delay 15, hold 1