Shulou(Shulou.com)06/02 Report--

VLAN:virtual local area network, virtual local area network

-background

Different broadcast domains can be divided in layer 2 network, thus fault isolation and fast location can be realized.

-definition

A VLAN is a network segment, and its member hosts can be located in different physical locations.

-Management

Create

Sw (config) # vlan 10

Delete

Modify

VLAN configuration

1. Create a VLAN

SW (config) # vlan 12

2. Configure port mode

SW (config) # interface fas0/1

SW (config) # switchport mode access

3. Put the port into the VLAN

SW (config) # intertace fas0/1

SW (config) # switchport access vlan 12

4. Verification and testing

SW# show vlan brief

PC:

Ping 192.168.12.X

Note:

With the concept of VLAN, the working principle of the switch must be modified. In the process of table formation and table lookup

The concept of VLAN has to be taken into account.

Trunk:

Interface fas0/24

Switchport mode trunk

Show interface trunk

Trunk Link:

Data from multiple VLAN can be transmitted simultaneously on the same link.

By default, all VLAN data is allowed to pass through.

The data of each VLAN is distinguished by the label of vlan.

(the data on the link in Access mode is untagged)

-configuration:

Interface fas0/24

Switchport mode trunk

-verify:

Show interface trunk

ISL (inter switch link) Cisco dedicated encapsulation vlan protocol

Traffic security control on Trunk links:

SW (config) # interface fas0/24

SW (config) # switchport trunk allowed vlan?

Word / / indicates only the VLAN allowed on the link. The word at this time represents the vlan number.

Add / / means to add the vlan number followed by it to the list of vlan allowed by the existing trunk.

All / / this is the default action, that is, all vlan are allowed to pass on the trunk link

Excapt// indicates that the link allows all vlan except the vlan following this parameter

None / / indicates that the link does not allow any vlan to pass

Remove// means to remove the vlan following this parameter from the existing vlan list.

Vlans allowed on trunk

1-1005beat / theoretically allowed vlan for this trunk link

Vlans allowed and active in management domain

1meme12pr 34100200 / VLAN that really exists in the current network and is allowed

Vlans in spanning tree forwarding state and not pruned

/ / the VLAN that can actually communicate on the current link

Encapsulation, which is the encapsulation protocol of trunk.

-ISL

Inter switch link, the link between switches

Cisco Private Agreement

Will add 30 bytes to the original data; the ISL tail of 26 bytes of ISLtoubu+4 bytes

-802.1Q

Also known as dot1q

Common standard

Only 4 bytes are added to the original data, where only 12bit represents the vlan number.

So, the range of vlan numbers is 0-4096.

Nativevlan, that is, local vlan or native vlan

-Local vlan, which is a special vlan

# the usual vlan data need to be tagged when passing through trunk

However, native vlan data, through trunk, do not need to be tagged.

# under trunk link, native vlan is 1

-change the native vlan; interfacefas0/24 switchport Trunk native vlan {xx} on the Trunk link

Note:

It is necessary to ensure that the vlan databases on all switches throughout the network are exactly the same.

Trunk configuration mode:

1. Static configuration

Switchport mode trunk

2. Automatic configuration

Both sides of the link, by sending DTP messages, trunk link negotiation

DTP-dynamic trunk protocol, dynamic Trunk Road Protocol

By default, the DTP function on the port is enabled by default

Interface fas0/24 switchport mode dynamicnigotiate negotiation auto: means automatically, can only accept requests passively; desirable: indicates dynamic expectation, and can send requests actively, that is, when trunk links are dynamically formed, as long as both parties are not auto, Trunk links can be successfully formed.

Verify the command:

Show interface 0/12 switchport

/ / View the detailed layer 2 switching configuration information of a port

There are only two final modes of operation for a switch port:

1. Access a vlan message through

2. Trunk has passed multiple vlan messages at the same time

For the sake of security, we generally turn off the DTP function interface fas0/4 switchport nonegotiate / disable the DTP function of the port that is not in dynamic mode or the port and trunk port that is not normally used;-verify show interface fas0/4 switchport

=

Deletion of VLAN

Delete a VLAN

1. Remove the port

Interface fas0/1

No switchport access vlan 100

2. Delete VLAN

Sw (config) # no vlan 100

Delete all VLAN

1. Remove the port

2. Delete VLAN

# delete one by one

# Delete VLAN database files

Sw# dir / / lists the storage paths and files of the current device

Sw# delete vlan.dat / / Delete vlan database files

File type

IOS-flash

Running-config-RAM

Startup-config-NVRAM

Vlan.dat-flash

Note: when restoring a switch device to the factory configuration / initialization configuration, delete "startup-config" and "vlan.dat" at the same time; delete the startup configuration file-sw# erase startup-config erase nvram delete nvram:startup-config

=

The VLAN database is consistent:

1. Manual configuration

2. Automatic configuration

-VTP (virtual trunk protocol)

Automatic synchronization of VLAN information between different switches in the same domain

-switch role

VTP Server- server mode

1. The default VTP mode of the switch

2. All operations can be performed on VLAN in this mode.

3. The switch of this mode will transfer its own VLAN.

The information is transmitted through the VTP message along the trunk link

VTP Client- client mode

1. The switch cannot perform any VLAN operations in this mode.

2. You can only accept VLAN messages sent from the server.

And switches that are transmitted to other client modes behind

VTP Transparent- transparent mode

1. It has the same function as the switch in server mode.

However, I will not talk about the changes of my own VLAN information.

Pass it to other switches

2. When receiving VTP messages from other switches

These messages will be fully transmitted to the following equipment.

Note:

The prerequisite for the success of all of the above operations is:

All devices must be in the same VTP domain

By default, the VTP domain name is null, which is empty. There is no domain name.

In the absence of a domain name, VTP server will not go out in time.

Transmit any information.

And the trunk link between the switches must be intact.

On VTP server, every time the VLAN information changes, the matching of VTP

If you buy the version number, it will be increased by 1.

The higher the VTP configuration version number, the newer the VLAN information. exchange

The opportunity gives priority to the latest VLAN information.

Either configuring VTP mode to transparent mode or changing the VTP domain name

Will cause the VTP configuration version number to quickly "return to zero".

VTP is unique to Cisco

Configuration commands:

Vtp domain (name)

Vtp mode server/client/transparent

Vtp password

Verify the command:

Show vtp status: view VTP related information, such as pattern and configuration version number, domain name

Idea of gvrp configuration

First, configure the port connected to the switch as trunk and allow all vlan to pass through

-- port link type trunk

-- port trunk allow-pass vlan all

Turn on the gvrp function in the switch global mode:

-- gvrp

Enable the gvrp function on each port

-- gvrp- Note: the gvrp function can only be enabled on the port in global mode.

Enable this function on the

In addition: vlan learned through gvrp cannot be used directly, if used, it can only be added manually

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.