Trunking, also known as tagging outside the Cisco-world is how machines connected to two switches can share the same VLAN. Since VLANs operate at the switch, think layer 2, so think Ethernet Frames.
Now all that's needed is your proof of membership. So what you do in town is you shove your VLAN clan information into the Ethernet frame, right between your Source Address and the Type/Length fields. Congratulations, you've now created an 802.1q frame.
Cisco also has a proprietary trunking language, known as ISL which has largely been phased out, and isn't required knowledge for the ICND2.
Going back to our picture, imagine the town is connected to another switch, which has some VLAN20 machines. The machine on VLAN20 sends out a broadcast. Do you think that broadcast will go the forest link, since there are no VLAN20 machines in the mountains? The answer is yes, the broadcast will get to the mountain switch, which will look at their tag and say, I don't have any VLAN20 machines here, sorry, but you can't get in the clan meeting! There's a neat trick to prevent this from happening, and it's called VLAN pruning. Basically, it prevents the town from ever sending VLAN20 broadcasts from crossing the forest link, since there are no VLAN20 machines across it.
Enough with the concepts, let's get down to configuration.
Town(config)#vlan 10
Town(config-vlan)#exit
Town(config)#vlan 20
Town(config-vlan)#exit
Town(config-if)#switchport mode access
Town(config-if)#switchport access vlan 10
Town(config-if)#int fa1/1
Town(config-if)#switchport mode access
Town(config-if)#switchport access vlan 20
Town(config-if)#int fa2/1
Town(config-if)#switchport mode trunk
Town(config-if)#switchport trunk encapsulation dot1q
Mountain#conf t
Mountain(config)#vlan 10
Mountain(config-vlan)#exit
Mountain(config)#int fa0/1
Mountain(config-if)#switchport mode access
Mountain(config-if)#switchport access vlan 10
Mountain(config-if)#int fa 1/1
Mountain(config-if)#switchport mode access
Mountain(config-if)#switchport access vlan 10
Mountain(config-if)#int fa2/1
Mountain(config-if)#switchport mode trunk
Mountain(config-if)#switchport trunk encapsulation dot1q
Now our VLANs have been created, and ports have been assigned to them and configured as trunk/access. Notice that the trunk link is a FastEthernet line; in order to create a trunk link, the speed must be 100Mb/s or greater.
Let's do some verification. We'll try pinging the far right machine from the far left machine.
PC>ping 192.168.1.4
Pinging 192.168.1.4 with 32 bytes of data:
Reply from 192.168.1.4: bytes=32 time=24ms TTL=128
Reply from 192.168.1.4: bytes=32 time=12ms TTL=128
Reply from 192.168.1.4: bytes=32 time=11ms TTL=128
Reply from 192.168.1.4: bytes=32 time=11ms TTL=128
Ping statistics for 192.168.1.4:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 11ms, Maximum = 24ms, Average = 14ms
Success. Now lets try pinging the 2nd PC (the one in VLAN 20).
PC>ping 192.168.1.2
Pinging 192.168.1.2 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.1.2:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
As expected, the ping fails since they are in different VLANs. Let's set up pruning to prevent PC2's broadcasts from crossing the link to the mountain.
Mountain(config)#vtp pruning
Town(config)#vtp pruning
And that's all there is to it!. In my next post I'm going to talk about VTP or the VLAN Trunking Protocol, so don't worry if you don't understand those previous two commands.
The last thing I want to talk about is a popular issue with VLANs called a native VLAN mismatch. A native VLAN mismatch occurs when you change the native VLAN on one switch, but leave it as the default on another switch connected. Basically, you've connected a port in VLAN 1 to a port in VLAN 2, or what ever VLAN you chose. This essentially combines the two VLANs, and leads to broadcasts leaking or seeping into their opposing VLAN. It's generally good practice to leave the native VLAN as VLAN1 (the default) to avoid this problem. At the very least, if you change the native VLAN on one switch, be sure to change it on all the other switches it is connected to.
Say you live in town and are a member of the VLAN10 clan. There's going to be a clan meeting in the mountains. You can't get into the clan meeting without your proof of membership. So you pack all your things up in your Ethernet packet.
Destination Address = Mountains
Source Address = Town
Type/Length = Ethernet II, your total height/weight
Data = Your person
Frame Check = List of what you're supposed to bring to the meeting, just so you know you didn't lose anything along the way.
Now all that's needed is your proof of membership. So what you do in town is you shove your VLAN clan information into the Ethernet frame, right between your Source Address and the Type/Length fields. Congratulations, you've now created an 802.1q frame.
Once you arrive at the Mountain, the gatekeeper (switch) will strip off this VLAN tag, and forward the frame. This way, other members of the VLAN will never see a frame that has a VLAN tag on it, if they did, they would discard it since machines can't speak dot1q.
Cisco also has a proprietary trunking language, known as ISL which has largely been phased out, and isn't required knowledge for the ICND2.
Going back to our picture, imagine the town is connected to another switch, which has some VLAN20 machines. The machine on VLAN20 sends out a broadcast. Do you think that broadcast will go the forest link, since there are no VLAN20 machines in the mountains? The answer is yes, the broadcast will get to the mountain switch, which will look at their tag and say, I don't have any VLAN20 machines here, sorry, but you can't get in the clan meeting! There's a neat trick to prevent this from happening, and it's called VLAN pruning. Basically, it prevents the town from ever sending VLAN20 broadcasts from crossing the forest link, since there are no VLAN20 machines across it.
Enough with the concepts, let's get down to configuration.
Town(config)#vlan 10
Town(config-vlan)#exit
Town(config)#vlan 20
Town(config-vlan)#exit
Town(config-if)#switchport mode access
Town(config-if)#switchport access vlan 10
Town(config-if)#int fa1/1
Town(config-if)#switchport mode access
Town(config-if)#switchport access vlan 20
Town(config-if)#int fa2/1
Town(config-if)#switchport mode trunk
Town(config-if)#switchport trunk encapsulation dot1q
Mountain#conf t
Mountain(config)#vlan 10
Mountain(config-vlan)#exit
Mountain(config)#int fa0/1
Mountain(config-if)#switchport mode access
Mountain(config-if)#switchport access vlan 10
Mountain(config-if)#int fa 1/1
Mountain(config-if)#switchport mode access
Mountain(config-if)#switchport access vlan 10
Mountain(config-if)#int fa2/1
Mountain(config-if)#switchport mode trunk
Mountain(config-if)#switchport trunk encapsulation dot1q
Now our VLANs have been created, and ports have been assigned to them and configured as trunk/access. Notice that the trunk link is a FastEthernet line; in order to create a trunk link, the speed must be 100Mb/s or greater.
Let's do some verification. We'll try pinging the far right machine from the far left machine.
PC>ping 192.168.1.4
Pinging 192.168.1.4 with 32 bytes of data:
Reply from 192.168.1.4: bytes=32 time=24ms TTL=128
Reply from 192.168.1.4: bytes=32 time=12ms TTL=128
Reply from 192.168.1.4: bytes=32 time=11ms TTL=128
Reply from 192.168.1.4: bytes=32 time=11ms TTL=128
Ping statistics for 192.168.1.4:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 11ms, Maximum = 24ms, Average = 14ms
Success. Now lets try pinging the 2nd PC (the one in VLAN 20).
PC>ping 192.168.1.2
Pinging 192.168.1.2 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.1.2:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
As expected, the ping fails since they are in different VLANs. Let's set up pruning to prevent PC2's broadcasts from crossing the link to the mountain.
Mountain(config)#vtp pruning
Town(config)#vtp pruning
And that's all there is to it!. In my next post I'm going to talk about VTP or the VLAN Trunking Protocol, so don't worry if you don't understand those previous two commands.
The last thing I want to talk about is a popular issue with VLANs called a native VLAN mismatch. A native VLAN mismatch occurs when you change the native VLAN on one switch, but leave it as the default on another switch connected. Basically, you've connected a port in VLAN 1 to a port in VLAN 2, or what ever VLAN you chose. This essentially combines the two VLANs, and leads to broadcasts leaking or seeping into their opposing VLAN. It's generally good practice to leave the native VLAN as VLAN1 (the default) to avoid this problem. At the very least, if you change the native VLAN on one switch, be sure to change it on all the other switches it is connected to.
No comments:
Post a Comment