This post will deal with configuring Layer 2 VLANs on Cisco switches. Up
to 4094 VLANs can be configured on Cisco catalyst switches. By default,
only VLAN 1 is configured on the switch, so if you connect hosts on an
out-of-the-box switch they all belong to the same Layer 2 broadcast
domain.
The need to configure several Layer 2 VLANs on a switch arises from the
need to segment an internal Local Area Network (LAN) into different IP
subnetworks. If you want for example to separate the different
departments of your enterprise into different IP subnetworks, then each
department should belong to its own Layer 2 VLAN. For example, let’s
assume the following scenario:
* Accounting Department: IP Subnet 192.168.2.0/24 –> VLAN 2 * Management Department: IP Subnet 192.168.3.0/24 –> VLAN 3 * Engineering Department: IP Subnet 192.168.4.0/24 –> VLAN 4
By separating the internal LAN into different IP subnets (and thus different VLANs) allows the network administrators to enforce traffic restrictions if needed between departments and have better control of internal hosts.
VLAN assignment on a switch is configured on a per-interface basis. That is, each switch port interface is assigned individually into a Layer 2 VLAN. If you have more than one switch connected and you want the same VLANs to belong across all switches, then a Trunk Port must be configured between the switches. The Trunk Port passes all VLANs between the switches. Let’s see the following network scenario to help us clarify some concepts.
On the LAN network above, we have three VLANs. VLAN 2,3, and 4. VLAN 4 belongs both to SWITCH 1 and SWITCH 2, therefore we need a Trunk Port between the two switches in order for hosts in VLAN4 in Switch 1 to be able to communicate with hosts in VLAN4 in Switch 2.
The ports of the two switches shall be configured as following:
SWITCH 1:
Fe0/1 – Fe0/2 –> VLAN 2 (Accounting) Fe0/10 – Fe0/11 –> VLAN 4 (Engineering) Fe0/24 –> Trunk Port
SWITCH 2:
Fe0/1 – Fe0/2 –> VLAN 3 (Management) Fe0/10 – Fe0/11 –> VLAN 4 (Engineering) Fe0/24 –> Trunk Port
Configuration:
Switch 1 Configuration:
! Create VLANs 2 and 4 in the switch databaseSwitch1# configure terminal Switch1(config)# vlan 2 Switch1(config-vlan)# name Accounting Switch1(config-vlan)# end Switch1(config)# vlan 4 Switch1(config-vlan)# name Engineering Switch1(config-vlan)# end ! Assign Ports Fe0/1 and Fe0/2 in VLAN 2 Switch1(config)# interface fastethernet0/1 Switch1(config-if)# switchport mode access Switch1(config-if)# switchport access vlan 2 Switch1(config-if)# end Switch1(config)# interface fastethernet0/2 Switch1(config-if)# switchport mode access Switch1(config-if)# switchport access vlan 2 Switch1(config-if)# end ! Assign Ports Fe0/10 and Fe0/11 in VLAN 4 Switch1(config)# interface fastethernet0/10 Switch1(config-if)# switchport mode access Switch1(config-if)# switchport access vlan 4 Switch1(config-if)# end Switch1(config)# interface fastethernet0/11 Switch1(config-if)# switchport mode access Switch1(config-if)# switchport access vlan 4 Switch1(config-if)# end ! Create Trunk Port Fe0/24 Switch1(config)# interface fastethernet0/24 Switch1(config-if)# switchport mode trunk Switch1(config-if)# switchport trunk encapsulation dot1q Switch1(config-if)# end
Switch 2 Configuration:
! Create VLANs 3 and 4 in the switch databaseSwitch2# configure terminal Switch2(config)# vlan 3 Switch2(config-vlan)# name Management Switch2(config-vlan)# end Switch2(config)# vlan 4 Switch2(config-vlan)# name Engineering Switch2(config-vlan)# end ! Assign Ports Fe0/1 and Fe0/2 in VLAN 3 Switch2(config)# interface fastethernet0/1 Switch2(config-if)# switchport mode access Switch2(config-if)# switchport access vlan 3 Switch2(config-if)# end Switch2(config)# interface fastethernet0/2 Switch2(config-if)# switchport mode access Switch2(config-if)# switchport access vlan 3 Switch2(config-if)# end ! Assign Ports Fe0/10 and Fe0/11 in VLAN 4 Switch2(config)# interface fastethernet0/10 Switch2(config-if)# switchport mode access Switch2(config-if)# switchport access vlan 4 Switch2(config-if)# end Switch2(config)# interface fastethernet0/11 Switch2(config-if)# switchport mode access Switch2(config-if)# switchport access vlan 4 Switch2(config-if)# end ! Create Trunk Port Fe0/24 Switch2(config)# interface fastethernet0/24 Switch2(config-if)# switchport mode trunk Switch2(config-if)# switchport trunk encapsulation dot1q Switch2(config-if)# end
Sumber: http://certcollection.org
0 komentar:
Posting Komentar