In this article, I will explain to you How to configure the Vlans on a network. Friends this is a very important topic of the CCNA course. So for those students who are looking for CCNA certification and also who want to grow their career in the networking field, Vlan is very important. Now here the question comes that why do we need VLANs. And in beginners mind, there must be a question that what is VLAN. So let’s discuss all these topic –
What are VLANs?
VLANs stand for VIrtual LAN or Virtual Local Area Network. VLANs are the logical grouping of devices in the same broadcast domain. VLANs are usually configured on switches by placing some interfaces into one broadcast domain and some interfaces into another.VLANs can be configured across multiple switches.
So basically, a VLAN acts like a physical LAN but allows hosts to grouped together in the same broadcast domain even if they are not connected to the same switch.
Why do we need VLANs?
- VLANs increase the number of broadcast domains while decreasing their size.
- VLANs reduce security risks by reducing the number of hosts that receive copies of frames that switches flood.
- Hosts that hold sensitive data can be kept on separate VLANs to improve security.
- We can design more flexible networks that group users by department instead of by physical location.
Frame Tagging
- Frame Tagging is used to identify the VLAN that the frame belongs to in a network with multiple VLANs.
- The VLAN ID is placed on the frame when it reaches a switch from an access port, which is a member of the VLAN. That frame can be then forwarded out the trunk link.
- Each Switch can see what VLAN frame belongs to and can forward the frame to corresponding VLAN access ports to another VLAN trunk ports.
- Before forwarding a tagged frame to an end host, the switch will remove the VLAN ID and the VLAN membership information, since the end device doesn’t understand tagging.
Access and Trunk Ports
Each port on a switch can be configured as either access or a trunk port. So whenever we configure VLANs on the switch we use these access and trunk ports. Now the question is what are access and Trunk ports?
- An Access port is a port that can be assigned to a single LAN. This type of interface can be configured on the switch ports that are connected to devices with a normal network card, e.g. a host on a network.
- A trunk interface is an interface that is connected to another switch. This type of interface can carry traffic of multiple VLANs.
So friends, this a basic overview of what is VLAN and Why do we need to configure VLAN and How does VLAN work. Now let’s understand this through a practical. So first check out the below image and
Brief Summary of Topology:-
- 2 switches connected to each other.
- 4 PCs are connected to both switches.
- 2 VLANs are configured on both switches, (i) VLAN 100 [Orange color] (ii) VLAN 200 [ Pink Colour]
- Each VLAN has 2 PCs on each switch.
- VLAN 100 is named as Sales department and VLAN 200 is named as the HR department.
- Interface Fa0/5 is configured as Trunk on both switches.
- 2 subnets of IP address 192.168.1.0/24 are configured
- Subnets are (i) 192.168.1.0/25 on VLAN 100 (ii) 192.168.1.128/25 on VLAN 200
- PCs in the Orange color circle are provided with the IP address of network 192.168.1.0/25
- PCs in Pink color circle are provided with the IP address of network 192.168.1.128/25
Friends this is a brief view of this topology diagram. Now let’s discuss the commands to configure VLANs on the switch.
Switch 1
- Give hostname and make trunk to the port which is connected to another switch.
Switch>en Switch#conf t Switch(config)#hostname sales sales(config)#int fa0/5 sales(config-if)#switchport mode trunk sales(config-if)#exit
- Now Create VLAN 100 and VLAN 200 and give names to each VLAN.
sales(config)#vlan 100 sales(config-vlan)#name sales sales(config-vlan)#exit sales(config)#vlan 200 sales(config-vlan)#name HR sales(config-vlan)#exit
- On the interfaces, fa0 / 1- 2 and fa0 / 3-4, enable the access interface and insert into VLAN 100 and VLAN 200 respectively.
sales(config#int range fa0/1-2 sales(config-if-range)#switchport mode access sales(config-if-range)#switchport access vlan 100 sales(config-if-range)#exit sales(config)#int range fa0/3-4 sales(config-if-range)#switchport mode access sales(config-if-range)#switchport access vlan 200 sales(config-if-range)#exit
- Check interface details or status
sales#show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/6, Fa0/7, Fa0/8, Fa0/9 Fa0/10, Fa0/11, Fa0/12, Fa0/13 Fa0/14, Fa0/15, Fa0/16, Fa0/17 Fa0/18, Fa0/19, Fa0/20, Fa0/21 Fa0/22, Fa0/23, Fa0/24, Gig0/1 Gig0/2 100 sales active Fa0/1, Fa0/2 200 HR active Fa0/3, Fa0/4 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active
Now let’s do the same on the second switch.
Switch 2
- Give hostname and make trunk to the port which is connected to another switch.
Switch>en Switch#conf t Switch(config)#int fa0/5 Switch(config-if)#switchport mode trunk Switch(config-if)#exit
- Now Create VLAN 100 and VLAN 200 and give names to each VLAN.
Switch(config)#vlan 100 Switch(config-vlan)#name sale Switch(config-vlan)#exit Switch(config)#vlan 200 Switch(config-vlan)#name HR Switch(config-vlan)#exit
- On the interfaces, fa0 / 1- 2 and fa0 / 3-4, enable the access interface and insert into VLAN 100 and VLAN 200 respectively.
Switch(config)#int range fa0/1-2 Switch(config-if-range)#switchport mode access Switch(config-if-range)#switchport access vlan 100 Switch(config-if-range)#exit Switch(config)#int range fa0/3-4 Switch(config-if-range)#switchport mode access Switch(config-if-range)#switchport access vlan 200 Switch(config-if-range)#exit
- Check interface details or status
Switch#show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/6, Fa0/7, Fa0/8, Fa0/9 Fa0/10, Fa0/11, Fa0/12, Fa0/13 Fa0/14, Fa0/15, Fa0/16, Fa0/17 Fa0/18, Fa0/19, Fa0/20, Fa0/21 Fa0/22, Fa0/23, Fa0/24, Gig0/1 Gig0/2 100 sale active Fa0/1, Fa0/2 200 HR active Fa0/3, Fa0/4 1002 fddi-default active 1003 token-ring-default active 1004 fddinet-default active 1005 trnet-default active
Friends watch my video, if you have any doubt or confusion. The practical lab is performed in this video.
So friends this is all about How to configure VLANs on switches. Friends, if you have doubts or any queries about this post then don’t hesitate to contact me. If you like my posts please share them with your friends.
Linux Kings 