Scribd
Upload
21 views

NetLabT2 L1

Network

Uploaded by

bdalrhmnahmdftah11
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
21 views

NetLabT2 L1

Network

Uploaded by

bdalrhmnahmdftah11
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

IBB University Department of Electrical Engineering

Level: 4
Faculty of Engineering
Networks Lab

Virtual LAN
Lect 1

Eng. Abeer Mohammed


֎ Virtual Local Area Network or a Virtual LAN (VLAN)

A VLAN is a virtual LAN that allows you to segment your network without the need for physical
segmentation logically. VLANs are very flexible and can be used to provide security, flexibility, and
performance benefits. VLANs work by encapsulating Ethernet frames with a VLAN header that
contains the VLAN ID. This ID is used to identify which devices are on which VLAN.
VLANs are created by adding switch ports to a particular VLAN. Devices on the same VLAN can
communicate with each other without the need for a router. By default, all devices are assigned to
VLAN 1, known as the default VLAN.
❖ Implementing VLAN reduces CPU overhead on each device and improves host performance, by
reducing the number of devices that send broadcast frames.

❖ Implementing VLAN enhances network security. A malicious user can no longer just plug their
workstation into any switch port and sniff the network traffic using a packet sniffer.

❖ Implementing VLAN creates more flexible designs that group users by department, or by groups
that work together, instead of by physical location

Ѻ VLAN ranges:

VLAN ID: The most critical component of the VLAN tag is the VLAN Identifier (VLAN ID), a 12-bit
field. The VLAN ID is used to identify the specific VLAN to which the frame belongs. This identifier
ranges from 1 to 4095, with some IDs reserved for specific purposes.

▪ VLAN 0, 4095: These are reserved VLAN which cannot be seen or used.
▪ VLAN 1: It is the default VLAN of switches. By default, all switch ports are in VLAN. This
VLAN can’t be deleted or edit but can be used.
▪ VLAN 2-1001: This is a normal VLAN range. We can create, edit and delete these VLAN.
▪ VLAN 1002-1005: These are CISCO defaults for fddi and token rings. These VLAN can’t be
deleted.
▪ Vlan 1006-4094: This is the extended range of Vlan.
Ѻ Configuration

Can simply create VLANs by simply assigning the vlan-id and Vlan name.
#switch1(config)#vlan 2

#switch1(config-vlan)#vlan accounts

Eng. Abeer Mohammed 2


Here, 2 is the Vlan I’d and accounts is the Vlan name. Now, assign Vlan to the switch ports.e.g

Switch(config)#int fa0/0

Switch(config-if)#switchport mode access

Switch(config-if)#switchport access Vlan 2

Also, switchport range can be assigned to required vlans.

Switch(config)#int range fa0/0-2

Switch(config-if)#switchport mode access

Switch(config-if) #switchport access Vlan 2

By this, switchport fa0/0, fa0/1, fa0-2 will be assigned Vlan 2.

VLAN Configuration

Switch>enable
Switch# configure terminal
Switch(config)#vlan 10
Switch(config-vlan)#name ENG
Switch(config-vlan)# exit

Switch(config)#vlan 20
Switch(config-vlan)#name IT
Switch(config-vlan)#exit
Switch# show vlan

witch# configure terminal


Switch(config)#interface range f0/1 - 12
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 10
Switch(config-if-range)#exit

Eng. Abeer Mohammed 3


Switch(config)#interface range f0/13 - 24
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 20
Switch(config-if-range)#end
Switch# show vlan brief

Ѻ The configuration
Switch>enable
Switch# configure terminal
Switch(config)#vlan 10
Switch(config-vlan)#name Chemistry_Lab
Switch(config-vlan)#exit
Switch(config)#vlan 20
Switch(config-vlan)#name Physics_Lab
Switch(config-vlan)#exit
Switch(config)#vlan 30
Switch(config-vlan)#name Biology_Lab
Switch(config-vlan)#exit
Switch(config)#exit
Switch#show vlan brief

Eng. Abeer Mohammed 4


Switch# configure terminal
Switch(config)#interface range f0/1 - 8
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 10
Switch(config-if-range)#exit

Switch(config)#interface range f0/9 - 16


Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 20
Switch(config-if-range)#exit
Switch(config)#interface range f0/17 - 24
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan 30
Switch(config-if-range)#end
Switch#show vlan brief

Switch# configure terminal


Switch(config)#int vlan 10
Switch(config-if)#ip add 192.168.10.1 255.255.255.0
Switch(config-if)#no shutdown
Switch(config-if)#int vlan 20
Switch(config-if)#ip add 192.168.20.1 255.255.255.0
Switch(config-if)#no shut
Switch(config-if)#int vlan 30
Switch(config-if)#ip add 192.168.30.1 255.255.255.0
Switch(config-if)#no shutdown
Switch(config-if)#end

Switch# configure terminal


Switch(config)#ip dhcp pool Netvlan10
Switch(dhcp-config)#network 192.168.10.0 255.255.255.0
Switch(dhcp-config)#default-router 192.168.10.1

Eng. Abeer Mohammed 5


Switch(dhcp-config)#exit
Switch(config)#ip dhcp excluded-address 192.168.10.1

Switch(config)#ip dhcp pool Netvlan20


Switch(dhcp-config)#network 192.168.20.0 255.255.255.0
Switch(dhcp-config)#default-router 192.168.20.1
Switch(dhcp-config)#exit
Switch(config)#ip dhcp excluded-address 192.168.20.1

Switch(config)#ip dhcp pool Netvlan30


Switch(dhcp-config)#network 192.168.30.0 255.255.255.0
Switch(dhcp-config)#default-router 192.168.30.1
Switch(dhcp-config)#exit
Switch(config)#ip dhcp excluded-address 192.168.30.1
Switch(config)#end
Switch#copy running-config startup-config
Switch# show ip int brief

❖ VLAN Trunking
Trunking and Frame Forwarding: Trunking, enabled by IEEE 802.1Q, allows switches to transmit
frames from multiple VLANs over a single physical link. Each frame is tagged before transmission.
On the receiving end, switches extract the VLAN tag, allowing them to direct the frame to the
appropriate VLAN or perform inter-VLAN routing.

VLAN Tagging: When a switch receives an Ethernet frame that needs to be transmitted across a trunk
link or to a device in a different VLAN, it adds the appropriate VLAN tag to the frame’s header. This
tag encapsulates the frame with the necessary VLAN information.

Eng. Abeer Mohammed 6


Trunk Encapsulation
There are two Ethernet trunking methods:
1. Cisco's proprietary InterSwitch Link (ISL) protocol for Ethernet.
2. IEEE's 802.1Q, commonly referred to as dot1q for Ethernet.
IEEE 802.1Q is a foundational protocol that enables the effective implementation of VLANs. By
facilitating VLAN tagging and trunking, IEEE 802.1Q empowers network administrators to create
flexible, efficient, and secure networks.

SW2> enable
SW2# configure terminal
SW2(config)# interface gigethernet 0/1
SW2(config-if)# switchport trunk encapsulation ?
dot1q Interface uses only 802.1q trunking encapsulation when trunking
isl Interface uses only ISL trunking encapsulation when trunking
negotiate Device will negotiate trunking encapsulation with peer on interface

Ѻ The configuration
In SW1

SW1> enable
SW1# configure terminal
SWl(config)# vlan 10
SWl(config-vlan)# exit
SWl(config)# vlan 11
SWl(config-vlan)# exit
SWl(config)# interface range f0/1 - 8
SWl(config-if)#switchport mode access
SWl(config-if)# switchport access vlan 1
SWl(config-if)# exit
SWl(config)# interface range f0/9 -16
SWl(config-if)# switchport mode access
SWl(config-if)# switchport access vlan 10

Eng. Abeer Mohammed 7


SWl(config-if)# exit
SWl(config)# interface range fa0/17 - 24
SWl(config-if)# switchport mode access
SWl(config-if)# switchport access vlan 11
SWl(config-if)# exit

SWl(config)# interface gig 0/1


SW1(config-if)# switchport trunk encapsulation dot1q
SW1 (config-if)#switchport trunk allowed vlan 10,11
SWl(config-if)# switchport mode trunk
SWl(config-if)# end
SWl# show interface trunk
SWl #conf t
SWl (config)#int vlan 1
SWl (config-if)#ip add 192.168.1.1 255.255.255.0
SWl (config-if)#no shutdown
SWl (config-if)#int vlan 10
SWl (config-if)#ip add 192.168.2.1 255.255.255.0
SWl (config-if)#no shutdown
SWl (config-if)#int vlan 11
SWl (config-if)#ip add 192.168.3.1 255.255.255.0
SWl (config-if)#no shutdown
SWl (config-if)#exit

In SW2

SW2> enable
SW2# configure terminal
SW2(config)# vlan 10
SW2(config-vlan)# exit
SW2(config)# vlan 11
SW2(config-vlan)# exit

Eng. Abeer Mohammed 8


SW2(config)# interface range f0/1 - 8
SW2 (config-if-range) #switchport mode access
SW2 (config-if-range) #switchport access vlan 1
SW2 (config-if-range) #exit
SW2(config)# interface range f0/9 -16
SW2 (config-if-range) #switchport mode access
SW2 (config-if-range) #switchport access vlan 10
SW2 (config-if-range) #exit
SW2(config)# interface range fa0/17 - 24
SW2 (config-if-range) #switchport mode access
SW2 (config-if-range) #switchport access vlan 11
SW2 (config-if-range) #exit
SW2(config)# interface gig 0/1
SW2(config-if)# switchport trunk encapsulation dot1q
SW2 (config-if)#switchport trunk allowed vlan 10,11
SW2(config-if)# switchport mode trunk
SW2(config-if)# end
SW2# show interface trunk
SW2 #conf t
SW2 (config)#int vlan 1
SW2 (config-if)#ip add 192.168.1.1 255.255.255.0
SW2 (config-if)#no shutdown
SW2 (config-if)#int vlan 10
SW2 (config-if)#ip add 192.168.2.1 255.255.255.0
SW2 (config-if)#no shutdown
SW2 (config-if)#int vlan 11
SW2 (config-if)#ip add 192.168.3.1 255.255.255.0
SW2 (config-if)#no shutdown
SW2 (config-if)#exit

Eng. Abeer Mohammed 9

You might also like