Sunday, December 31, 2017
Cisco CCNP:300-115 - 1.3 Configure and verify VLANs
Recently I needed to renew my Cisco CCNPs, that is both CCNP Routing and Switching as well as CCNP Security. While working with Cisco products (well now they own SourceFire, so exclude these) is not within my daily duties, I still thought it was important for me to maintain these two credentials. As a result, I've put together my notes below focusing on the key points I used to study. I believe that someone else may find them useful.
- Used to divie the network into separate logical area without regard for the physical location of the users
- Each VLAN is its own broadcast domain
- Any switch port can belong to a VLAN
- Unicast, broadcast and multicast packets are only forwarded and flooded to end stations in the VLAN
- Pakcets destined for stations not in the same VLAN must be forwarded via a router
- To communicate between VLANs traffic must be routed
- By default a new VLAN is operational or in an active state as in a "no shutdown" condition and thus can pass traffic
- If you try to create a VLAN with an existing VLAN ID, the switch goes into VLAN submode but does not create the same VLAN again
- Newly created VLANs remain unsused until ports are assigned to the specific VLAN
- By default all ports are in VLAN 1
- You may be able to configure a VLAN name and whether it is "shutdown" or not for all VLANs except VLAN 1
- When you delete a specific VLAN, the ports associated with that VLAN are shutdown and no traffic flows.
- Previously mapped ports which were assigned to VLANs that were deleted are remapped whenever that VLAN is recreated or reenable
- VLANs can be created in a single mode:
SW1(config)#vlan 30
SW1(config-vlan)#name SW1_VLAN_30
OR
- Creating a range of VLANs at once
SW1(config)#vlan 40-50
- Ports in a VLAN can b either physical Ethernet port or a port channel
To assign a port to a VLAN:
SW1(config)#int fa1/0/19
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 30
- To Verify the VLAN configuration we do
- SecurityNik#show running-config vlan
SecurityNik#show vlan brief
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa1/0/9, Fa1/0/11, Fa1/0/15
Fa1/0/16, Fa1/0/17, Fa1/0/18
Fa1/0/20, Fa1/0/21, Fa1/0/22
Fa1/0/23, Fa1/0/24, Gi1/0/1
Gi1/0/2
2 VLAN0002 active
......
30 SW1_VLAN_30 active Fa1/0/19
40 VLAN0040 active
SecurityNik#show vlan summary
Number of existing VLANs : 35
Number of existing VTP VLANs : 35
Number of existing extended VLANS : 0
References:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12-2_52_se/configuration/guide/3560scg/swvlan.html
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/CLIConfigurationGuide/VLANs.html#48831
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment