What Is a VLAN?

One way to identify a local-area network is to say that all the devices in the same LAN have a common Layer 3 IP network address and that they also are all located in the same Layer 2 broadcast domain. A virtual LAN (VLAN) is another name for a Layer 2 broadcast domain. VLANs are controlled by the switch. The switch also controls which ports are associated with which VLANs. In Figure 9-1, if the switches are in their default configuration, all ports by default are assigned to VLAN 1, and that means all the devices, including the two users and the router, are all in the same broadcast domain, or VLAN.

As you start adding hundreds of users, you might want to separate groups of users into individual subnets and associated individual VLANs. To do this, you assign the switch ports to the VLAN, and then any device that connects to that specific switch port is a member of that VLAN. Hopefully, all the devices that connect to switch ports that are assigned to a given VLAN also have a common IP network address configured so that they can communicate with other devices in the same VLAN. Often, Dynamic Host Configuration Protocol (DHCP) is used to assign IP addresses from a common subnet range to the devices in a given VLAN.

If you want to move the two users in Figure 9-1 to a new common VLAN, you create the VLAN on the switches, and then assign the individual access ports that connect the users to the network to that new VLAN, as shown in Example 9-1.

Image

Example 9-1 Creating a New VLAN and Placing Switch Ports into That VLAN

Click here to view code image

! Create the new VLAN
SW1(config)# vlan 10

! Assign the port as an access port belonging to VLAN 10
SW1(config-vlan)# interface fa0/1
SW1(config-if)# switchport mode access
SW1(config-if)# switchport access vlan 10

! Verify the VLAN exists, and that Fa0/1 has been assigned to it.
SW1(config-if)# do show vlan brief

VLAN Name               Status           Ports
---- ------------------ ---------------- ----------------------------------
1    default            active           Fa0/2, Fa0/3, Fa0/4, Fa0/5
                                         Fa0/6, Fa0/7, Fa0/8, Fa0/9
                                         Fa0/10, Fa0/11, Fa0/12, Fa0/13
                                         Fa0/14, Fa0/15, Fa0/16, Fa0/17
                                         Fa0/18, Fa0/19, Fa0/20, Fa0/21
                                         Fa0/22, Fa0/23, Fa0/24, Gi0/1
                                         Gi0/2
10   VLAN0010           active           Fa0/1
<snip>

! Another way to verify the port is assigned the VLAN:
SW1# show vlan id 10
VLAN Name               Status           Ports
---- ------------------ ---------------- ----------------------------------
10   VLAN0010           active           Fa0/1

! One more way to verify the same thing:
SW1# show interfaces fa0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
<snip>
Access Mode VLAN: 10 (VLAN0010)
<snip>

Note

You would perform a similar configuration on SW2 with regard to creating VLAN 10 and assigning port Fa0/2 on SW2 as an access port in that VLAN.

Image
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset