Scribd
Upload
14 views

VLAN Config

Uploaded by

Shahid Mehmood
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
14 views

VLAN Config

Uploaded by

Shahid Mehmood
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 8

Cisco Packet Tracer VLAN Configuration

Overview of VLANs
A VLAN is a group of devices on one or more LANs that are configured to communicate as if they were attached
to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are
based on logical instead of physical connections, they are extremely flexible.
VLANs define broadcast domains in a Layer 2 network. A broadcast domain is the set of all devices that will
receive broadcast frames originating from any device within the set. Broadcast domains are typically bounded by
routers because routers do not forward broadcast frames. Layer 2 switches create broadcast domains based on
the configuration of the switch. Switches are multiport bridges that allow you to create multiple broadcast
domains. Each broadcast domain is like a distinct virtual bridge within a switch.
You can define one or many virtual bridges within a switch. Each virtual bridge you create in the switch defines a
new broadcast domain (VLAN). Traffic cannot pass directly to another VLAN (between broadcast domains) within
the switch or between two switches. To interconnect two different VLANs, you must use routers or Layer 3
switches.
Figure 10-1 Sample VLANs

VLANs are often associated with IP subnetworks. For example, all of the end stations in a particular IP subnet
belong to the same VLAN. Traffic between VLANs must be routed. You must assign LAN interface VLAN
membership on an interface-by-interface basis (this is known as interface-based or static VLAN membership).
You can set the following parameters when you create a VLAN in the management domain:
• VLAN number
• VLAN name
• VLAN type
• VLAN state (active or suspended)
• Maximum transmission unit (MTU) for the VLAN
• Security Association Identifier (SAID)
• VLAN number to use when translating from one VLAN type to another

Packet Tracer VLAN Configuration


In this VLAN Cisco Packet Tracer Example, we will learn how to configure VLANs on Cisco switches. For this
lesson, we will use the VLAN topology below. In this topology, 2 Cisco Catalyst 2950-24 switches and
6 PCs are used. After this VLAN Packet Tracer Example, you can configure VLANs on your network.

PC Configurations
For our VLAN Configuration example, we will set our PC IP addresses as below. These ip addresses will be
required at the end of this configuration example to test our configuration.
PC 1 –> 192.168.1.2 VLAN 2
PC 2 –> 192.168.1.3 VLAN 2
PC 3 –> 192.168.1.4 VLAN 3
PC 4 –> 192.168.1.6 VLAN 3
PC 5 –> 192.168.1.7 VLAN 3
PC 6 –> 192.168.1.8 VLAN 2

VLAN Configuration on Switch 1


After PC IP configurations, now, we can start our VLAN Packet Tracer Configuration steps. Here, we will follow
the below steps:

1. We will set access ports that will access specific VLANs. We will do this with “switchport mode access”
command under these interfaces.
2. We will also set the VLAN, that this port will access.
3. After that, we will set the trunk port that will carry multiple VLANs with “swithcport mode trunk”
command.
4. Then we will also set this port with “no negotiate” command to prevent negotiation about the port role.
5. Laslty, we will set the allowed VLANs with “switchport trunk allowed vlan” command on this trunk and
save our configuration.

Switch 1(config)# interface fastEthernet 0/2


Switch 1(config-if)# switchport mode access
Switch 1(config-if)# switchport access vlan 2
Switch 1(config)# interface fastEthernet 0/3
Switch 1(config-if)# switchport mode access
Switch 1(config-if)# switchport access vlan 2
Switch 1(config)# interface fastEthernet 0/4
Switch 1(config-if)# switchport mode access
Switch 1(config-if)# switchport access vlan 3
Switch 1(config)# interface fastEthernet 0/1
Switch 1(config-if)# switchport mode trunk
Switch 1(config-if)# switchport nonegotiate
Switch 1(config-if)# switchport trunk allowed vlan 2-4
Switch 1# copy running-config startup-config

VLAN Configuration on Switch 2


After configuring the first switch, we will configure switch 2 similar to switch 1 as below.
Switch 2(config)# interface fastEthernet 0/2
Switch 2(config-if)# switchport mode access
Switch 2(config-if)# switchport access vlan 3
Switch 2(config)# interface fastEthernet 0/3
Switch 2(config-if)# switchport mode access
Switch 2(config-if)# switchport access vlan 2
Switch 2(config)# interface fastEthernet 0/4
Switch 2(config-if)# switchport mode access
Switch 2(config-if)# switchport access vlan 2
Switch 2(config)# interface fastEthernet 0/1
Switch 2(config-if)# switchport mode trunk
Switch 2(config-if)# switchport nonegotiate
Switch 2(config-if)# switchport trunk allowed vlan 2-4
Switch 2# copy running-config startup-config

Checking VLAN Configuration


Our last step of VLAN Packet Tracer Example is configuration verification. to verify our VLAN Packet Tracer
Configuration, we will use verification commands like “show vlan brief“, “show interfaces“, “show interfaces
trunk” etc.
Switch# show vlan brief
VLAN Name Status Ports
—- ——————————– ——— ——————————-
1 default active Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9,
Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/14,
Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19,
Fa0/20 Fa0/21, Fa0/22, Fa0/23, Fa0/24
2 VLAN0002 active Fa0/2, Fa0/3
3 VLAN0003 active Fa0/4
1002 fddi-default active
1003 token-ring-default active
1004 fddinet-default active
1005 trnet-default active

Switch# show interfaces fasthernet 0/1 switchport


Name: Fa0/1 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: Off Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default) Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed:
ALL Protected: false
Switch# show interfaces fastEthernet 0/2 switchport
Name: Fa0/2
Switchport: Enabled Administrative Mode: static access Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 2 (VLAN0002)
Trunking Native Mode VLAN: 1 (default) Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed:
ALL Protected: false Appliance trust: none

Switch# show interfaces fastEthernet 0/3 switchport


Name: Fa0/3 Switchport:
Enabled Administrative Mode: static access Operational Mode: static access
Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: native Negotiation of
Trunking: Off Access Mode VLAN: 2 (VLAN0002) Trunking Native Mode VLAN: 1 (default) Voice VLAN:
none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs:
none
Administrative private-vlan trunk private VLANs: none Operational private-vlan: none Trunking VLANs
Enabled: ALL Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL
Protected: false Appliance trust: none

Switch# show interfaces fastEthernet 0/4 switchport


Name: Fa0/4
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off Access Mode VLAN: 3 (VLAN0003)
Trunking Native Mode VLAN: 1 (default) Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed:
ALL Protected: false Appliance trust: none

Switch# show interfaces trunk


Port Mode Encapsulation Status Native vlan Fa0/1 on 802.1q trunking 1
Port Vlans allowed on trunk Fa0/1 2-4
Port Vlans allowed and active in management domain Fa0/1 2,3
Port Vlans in spanning tree forwarding state and not pruned Fa0/1 2,3

You can check the same outputs for switch 2. The outputs for both switch 1 and swicth too are also in the below
configuration documents.
Switch 2# show vlan brief
Switch 2#show interfaces fastEthernet 0/1 switchport
Switch 2#show interfaces fastEthernet 0/2 switchport
Switch 2#show interfaces fastEthernet 0/3 switchport
Switch 2#show interfaces fastEthernet 0/4 switchport
Switch 2#show interfaces trunk
To verify the communication between same VLANs now we will use ping command to check the communication
between two PCs in the same VLAN. Here, if the PCs are in the same VLAN, the ping will successfull. If they are
in different VLANs, ping will not be successful.
PC 1>ipconfig
FastEthernet0 Connection:(default port)
Link-local IPv6 Address………: FE80::2D0:BCFF:FED8:3229
IP Address………………….: 192.168.1.2
Subnet Mask…………………: 255.255.255.0
Default Gateway……………..: 0.0.0.0

PC>ping 192.168.1.3
Pinging 192.168.1.3 with 32 bytes of data:
Reply from 192.168.1.3: bytes=32 time=0ms TTL=128
Reply from 192.168.1.3: bytes=32 time=0ms TTL=128
Reply from 192.168.1.3: bytes=32 time=0ms TTL=128
Reply from 192.168.1.3: bytes=32 time=0ms TTL=128
Ping statistics for 192.168.1.3: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms

PC>ping 192.168.1.4
Pinging 192.168.1.4 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.1.4: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)

PC>ping 192.168.1.6
Pinging 192.168.1.6 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.1.6: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)

PC>ping 192.168.1.7
Pinging 192.168.1.7 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.1.7: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss)

PC>ping 192.168.1.8
Pinging 192.168.1.8 with 32 bytes of data:
Reply from 192.168.1.8: bytes=32 time=0ms TTL=128
Reply from 192.168.1.8: bytes=32 time=0ms TTL=128
Reply from 192.168.1.8: bytes=32 time=0ms TTL=128
Reply from 192.168.1.8: bytes=32 time=0ms TTL=128
Ping statistics for 192.168.1.8: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms

As you can see above, the PC 1 can ping the PCs in the same VLAN, even if it is connected to a different
switch. You can find the packet tracer example (.pkt), switches’ and PCs’ configurations below.

You might also like