Shulou(Shulou.com)06/02 Report--

VLAN Concept and Experiment

The Chinese name of VLAN (Virtual Local Area Network) is "Virtual local area network."

Virtual local area network (VLAN) is a logical group of devices and users, these devices and users are not limited by physical location, they can be organized according to functions, departments and applications and other factors, communication between each other as if they are in the same network segment, hence the name virtual local area network. VLAN is a relatively new technology, working at Layer 2 and Layer 3 of the OSI reference model. A VLAN is a broadcast domain, and communication between VLANs is completed through Layer 3 routers. VLAN technology is more flexible than traditional local area network technology.

Advantages: Management overhead for moving, adding and modifying network devices is reduced; broadcast activities can be controlled to prevent network storms; network security can be improved.

port-based VLAN

Static VLAN, also known as port-based VLAN, is currently the most common VLAN method:

Meaning: Static VLAN means explicitly specifying which VLAN the port of the switch belongs to, which requires manual configuration by the administrator. When the host is connected to the port of the interactive machine, it is assigned to the corresponding VLAN.

VLAN based on MAC address

MAC address-based VLANs are VLANs defined by the MAC address of the end system. MAC address refers to the identifier of the network card, and the MAC address of each network card is unique. This approach allows workstations to move to other physical segments of the network while automatically retaining their VLAN membership. When the network scale is small, this scheme can be said to be a good method, but with the expansion of the network scale, the increase of network equipment and users will greatly increase the difficulty of management.

Routing Based VLAN

Routing protocols operate at Layer 3, the network layer, of Layer 7 protocols, such as IP and IPX-based routing protocols, which include routers and routing switches. In IP VLAN, it is easy to implement routing, that is, switch function and routing function into VLAN switch. This approach achieves the most basic purpose of controlling broadcast storms as a VLAN without the need for external routers. However, this method is not ideal for communication speed between VLAN members.

Vlan's experiment

One network segment of the same VLAN, the experiment is relatively simple, but considering that when a department hosts more than 254, it needs a VLAN multiple network segments, here set up a VLAN two network segments, planning as shown in the figure, they are required to be able to communicate.

Experimental planning:

1. All PCs can communicate, four PCs are on different IPs, PC1, PC3 are vlan 10, PC2, PC4 are vlan20

2. The ip values of PC1-PC4 are 10.2, 20.2, 30.2 and 40.2 respectively.

Experimental procedure:

SW1 configuration, configure vlan for each port

sw1(config)#vlan 10,20 Create vlan10 and vlan20

sw1(config)#int f1/0

sw1(config-if)#switchport mode access

sw1(config-if)#switchport access vlan 10

sw1(config-if)#int f1/1

sw1(config-if)#switchport mode access

sw1(config-if)#switchport access vlan 20

sw1(config-if)#int f1/14 Change port f1/14 to trunk port

sw1(config-if)#switchport trunk encapsulation dot1q

sw1(config-if)#switchport mode trunk

2. Sw2 configuration, configure vlan for each port

sw2(config)#vlan 10,20

sw2(config-vlan)#int f1/0

sw2(config-if)#sw

sw2(config-if)#switchport mo

sw2(config-if)#switchport mode a

sw2(config-if)#switchport mode access

sw2(config-if)#sw

sw2(config-if)#switchport a

sw2(config-if)#switchport access vlan 10

sw2(config-if)#int f1/1

sw2(config-if)#sw mo acc

sw2(config-if)#sw acc vlan 20

sw2(config-if)#int f1/13

sw2(config-if)#sw

sw2(config-if)#switchport t

sw2(config-if)#switchport trunk en

sw2(config-if)#switchport trunk encapsulation d

sw2(config-if)#switchport trunk encapsulation dot1q

sw2(config-if)#sw

sw2(config-if)#switchport m

sw2(config-if)#switchport mode t

sw2(config-if)#switchport mode trunk

3. IP for PC

4. Configure the router.

R3(config)#int range f1/13 -14 Configure multiple ports,

R3(config-if-range)#switchport trunk encapsulation dot1q

R3(config-if-range)#switchport mode trunk Turns f1/13 and f1/14 into trunk ports

R3(config)#int vlan 10

R3(config-if)#ip add 192.168.10.1 255.255.255.0 vlan 10 with IP

R3(config-if)#no shut Open port, must

R3(config-if)#ip add 192.168.30.1 255.255.255.0 secondary vlan 10 with a second IP

R3(config-if)#no shut

R3(config-if)#int vlan 20

R3(config-if)#ip add 192.168.20.1 255.255.255.0

R3(config-if)#no shut

R3(config-if)#ip add 192.168.40.1 255.255.255.0 secondary

R3(config-if)#no shut

R3(config-if)#exit

R3#sh running-config View all port information

。。。。。。。

interface Vlan1

no ip address

!

interface Vlan10

ip address 192.168.30.1 255.255.255.0 secondary

ip address 192.168.10.1 255.255.255.0

!

interface Vlan20

ip address 192.168.40.1 255.255.255.0 secondary

ip address 192.168.20.1 255.255.255.0

5. test

Make some changes to add vlan 20 to the port

R3(config-if-range)#int f1/11

R3(config-if)#switchport mode access

R3(config-if)#switchport access vlan 20

R3(config)#int vlan 20

R3(config-if)#ip add 192.168.20.1 255.255.255.0

R3(config-if)#no shut

R3(config-if)#ip add 192.168.40.1 255.255.255.0 se

R3(config-if)#ip add 192.168.40.1 255.255.255.0 secondary

R3(config-if)#no shut

R3#sh ip int b View all port info and IP info

Interface IP-Address OK? Method Status Protocol

FastEthernet0/0 unassigned YES unset administratively down down

FastEthernet0/1 unassigned YES unset administratively down down

FastEthernet1/0 unassigned YES unset up down

FastEthernet1/1 unassigned YES unset up down

FastEthernet1/2 unassigned YES unset up down

FastEthernet1/3 unassigned YES unset up down

FastEthernet1/4 unassigned YES unset up down

FastEthernet1/5 unassigned YES unset up down

Test again. Okay.

Summary: This applies to how to add multiple network segments to the vlan. In the Layer 3 switch, when setting up the vlan, you need to add the vlan to a port, otherwise there will be bugs, and multiple port configuration commands at the same time. How to set up the trunk port, how to set up the static vlan, you can refer to the script file.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.