Content Networking Fundamentals

Virtual LANs (VLANs) provide you a flexible means to logically separate devices that are physically attached to the same Layer 2 switch or across different switches. Broadcast traffic originating on a VLAN is not propagated to other VLANs. You need a Layer 3 device capable of inter-VLAN routing, such as a router or multilayer switch, to route traffic between VLANs.

With multilayer switches, such as the Catalyst 3550 and Catalyst 6500, a logical VLAN interface serves as the default gateway for all devices attached to the switch ports that are assigned to that particular VLAN. That is, the VLAN interface IP address is the default gateway for devices in the VLAN. Clients in different VLANs will have a different default gateway. For example, if three VLANs are configured on a Layer 3 switch, there will be three default gateways for your clients. Traffic destined to different VLANs is routed by the multilayer switching engine between VLAN interfaces.

Example 3-1 shows you how a VLAN interface and the switch ports that reside in the VLAN are configured on a Cisco Catalyst 3550 Layer 3 switch.

Example 3-1. Configuring VLAN Interfaces and Switch Ports

Router1#configure terminal Router1(config)#interface vlan 100 Router1(config)#ip address 10.1.1.1 255.255.255.0 Router1(config)#no shut Router1(config)# Router1(config)#interface fastethernet 3/1 Router1(config)#switchport access vlan 100 Router1(config)# Router1(config)#interface fastethernet 3/2 Router1(config)#switchport access vlan 100 Router1(config)#Ctrl-Z Router1#

Configuring VLAN Trunking

VLAN trunking enables multiple VLANs to traverse a single link, thus providing multiple logical links. Either the Cisco-developed Inter-Switch Link (ISL) or the standard IEEE 802.1Q is available to you for configuring trunks. You can configure trunks between Cisco switches or, in order to perform inter-VLAN routing, between Cisco switches and routers. With both ISL and 802.1Q, an additional VLAN identification field is inserted into Ethernet frames, which indicates the VLAN that the frame belongs to. Figure 3-2 shows where the 802.1Q VLAN tag is added to the 802.3 frame.

Figure 3-2. 802.3 Frame Format with 802.1Q Tagging

Table 3-1 defines the fields in the 802.1Q tag field.

Table 3-1. Fields in 802.1Q Tag Field

Field

Description

Protocol Identifier

The tagging protocol used. This field is set to a value of 0x8100 to identify the frame as an IEEE 802.1Q tagged frame.

802.1P Priority

The priority field used for class of service (CoS) priority assignments.

Canonical Format Indicator (CFI)

Indicates the canonical form of the MAC address in the frame. If the value is zero, the MAC address is stored in canonical format. If the value of this field is one, the MAC address is in non-canonical format.

VLAN ID

The VLAN number.

Example 3-2 shows how a switch port is configured with an 802.1Q trunk on a Cisco Catalyst 3550 switch.

Example 3-2. Configuring an ISL Trunk on a Port

Router1#configure terminal Router1(config)#interface GigabitEthernet 4/1 Router1(config)#switchport mode trunk Router1(config)#switchport trunk encapsulation dot1q Router1(config)#switchport trunk vlan add 100 Router1(config)#switchport trunk vlan add 200 Router1(config)#Ctrl-Z Router1#

Exploring MAC Learning with Multiple VLANs

Figure 3-3 illustrates how MAC learning is performed after segmenting the network from Figure 3-1 into two different VLANs.

Figure 3-3. MAC Learning with Two VLANs and Inter-VLAN Routing

VLAN 10 is configured on all ports of Switch A and Port 1 of Switch B. VLAN 20 is configured on Port 2 Switch B. Switch B is configured with a VLAN interface for VLAN 10 and another for VLAN 20 in order to route between the two VLANs.

Note

For more information on IP routing, see the section "Understanding IP Routing" later in this Chapter.

Because Switch B is a Layer 3 switch, it maintains its own ARP cache in addition to a Layer 2 MAC table and serves as the default gateway for Client B. For example, Client B sends an ARP request for Switch B's IP address, instead of Router A's IP address as shown previously in Figure 3-1. Therefore, Switch B originates an ARP request for the IP address of router A in order to determine where to route the client's upcoming application request to the Internet. Notice how the resulting MAC table for Switch A is slightly adjusted in Figure 3-3 from Figure 3-1. Switch A no longer has an entry for Client B but instead has the entry [0030.4a3e.4d13 via Port 2] for the VLAN 10 interface of Switch B.

VLAN Trunking Protocol

VLAN trunking protocol (VTP) is used to manage the creation, removal, and availability of VLANs in a switched network. You can configure your switches with VTP by assigning them as servers, clients, or transparent. You can create, change, and delete VLAN information on a VTP server, including the VLAN number and name. The VLAN information is permanently stored in a VTP database within non-volatile RAM (NVRAM) of the VTP server. VLANs are not created on VTP clientsVTP servers advertise the VLAN information to the VTP clients over trunk links, in the form of VTP messages. The VTP clients store the information dynamically in RAM and in turn forward the VTP message out all VLAN trunks, except the trunk that the VTP message was received on.

You must add VLANs to the VTP server before assigning the VLANs to ports on either VTP servers or clients. However, switches assigned as VTP transparent do not participate in VTP but will relay the VTP updates to other switches in the domain. You must create and remove VLANs locally on transparent switches. The VLANs are stored in NVRAM on the VTP transparent switch, but they are not advertised to the VTP domain. Figure 3-4 illustrates how VLAN information is advertised over VLAN trunks using VTP.

Figure 3-4. A Simple VTP Domain with a VTP Server Sending Updates to VTP Clients

In this example, a new VLAN is added to the VTP server for the human resources department. The update is sent out on all VLAN trunk ports, to all switches in the domain. The transparent switch simply forwards the update to its downstream neighbor.

Important facts that you should know about VTP are

  • VTP Administration VTP is a VLAN administration protocol for ensuring VLAN configuration consistency across switches in your network. Additionally, VTP saves configuration time in large networks because VLANs need not be added to every switch in the network.

  • VLAN Flood Prevention VTP pruning prevents broadcast and multicast traffic from being flooded over trunks to switches that do not have any ports assigned to the VLAN.

  • Decrease NVRAM NVRAM space is better used in large networks, as only a single copy of the VTP database is stored centrally in the NVRAM of the VTP server, not in every switch in the network.

  • Human Readable VLAN Names VTP is useful for providing human readable names for VLANs.

  • CLI and SNMP Configuration Support You can administer VTP on your switches using both the command-line interface (CLI) and Simple Network Management Protocol (SNMP).

Категории