VLAN Topic Notes

VLAN Overview

Standard VLANs
- 1-1005
- VLAN 1 is the default VLAN and default native
  - Can not be deleted
  - Can be manually pruned from trunks
- VLANs 1002-1005
  - Default VLANs for legacy TokenRing and FDDI
  - Can not be deleted
  - Can be manually pruned from trunks
Extended
- 1006-4094
- Only supported with VTPv3
- Not all VLANs can be used as some are reserved for internal usage

Creating a VLAN automatically creates a Spanning Tree instance and MAC address table
VLAN information is stored in vlan.dat in NVRAM
To create a VLAN:
- Command:
  - (config)#vlan <vlan ID>
Removing a VLAN from the database doesn’t remove the configuration from the interface

VLAN Internal

Uses extended VLAN range
VLANs are reserved for internal use
Example of use is when a port is converted to a Layer3 port, an internal VLAN is created for use.
Not all platforms agree on the same internal range
Some platforms use ascending order, some decending
- e.g. Start at 1006 and increment or start at 4094 and decrement
- Can cause issues creating same VLANs on other switches if already reserved for internal use on other switch
- Can be manually configured on some platforms
  - Command:
    - (config)#vlan internal allocation policy <ascending | descending>
Can confirm which VLANs are being used
- Command:
  - #show vlan internal usage

VLAN Local vs End-to-End

Local VLANs

[_/su_spoiler]

End-to-End VLANs

Geographically dispersed users appear on same segment
- Not recommended design
- Slow convergence
Same policy (QoS, Security)
80/20 rule
- 80% of traffic stays local
Locally independent
Leverages on Spanning Tree
VTP mode Client or Server
Broadcasts flood all switches
Requires Spanning Tree convergence for uplink failure and recovery
More complex as STP root and HSRP active should match
Provide L2 Trunk between 2 distribution switches to avoid unexpected traffic paths and multiple convergence events

[_/su_spoiler]

VLAN Trunking

Layer 2 Switch port modes:
1. DTP Dynamic Auto
  - Passively listen for trunk
  - Command:
    - (config-if)#switchport mode dynamic auto
2. DTP Dynamic Desirable
  - Initiates trunk request
  - Command:
    - (config-if)#switchport mode dynamic desirable
3. Trunk
  - Static trunk port
  - Command:
    - (config-if)#switchport mode trunk
4. Access
  - Static access port
  - Command:
    - (config-if)#switchport mode access
5. Tunnel
  1. Transparent Layer 2 VPN
  2. Command:
    1. (config-if)#switchport mode dot1q-tunnel
On links not using trunks, Dynamic Trunking Protocol (DTP) should be disabled
- Command:
  - (config-if)#switchport nonegotiate

Trunking Encapsulation

ISL - Inter-Switch Link
- Only supports 1000 VLANs
- Do not use Native VLAN concept
- Depreciated
- Command:
  - (config-if)#switchport trunk enacapsulation isl
802.1q
- Open standard
- Preferred method of trunking encapsulation
- Command:
  - (config-if)#switchport trunk encapsulation dot1q

[_/su_spoiler]

Trunking Allowed List

[_/su_spoiler]

Native VLAN

The Native VLAN is the untagged VLAN
- Frames that don't have a VLAN tag use the native VLAN
A matching Native VLAN must be configured either end of a trunk link
If an access port receives 802.1q frame
- The VLAN tag is ignored and packet processed
Default Native VLAN is 1
To change the default native VLAN
- Commands:
  - Change globally on all trunk links
    - (config)#vlan dot1q tag native
  - Change per-trunk interface
    - (config-if)#switchport trunk native vlan <vlan>

[_/su_spoiler]

VLAN Troubleshooting Commands

#show vlan [brief] – Displays if VLANs exist in database

#show interface status – displays port mode and vlan assignment

#show interface switchport

#show interface trunk – Displays if VLANs are active and being forwarded on switch

#show spanning-tree [vlan interface] – Displays STP information