Anda di halaman 1dari 40

VLAN

VLAN
VLANVirtual LANLAN
VLAN LAN

MAC 1
Multic
ast FrameUnknown Unicast Frame

VLAN

5 15
A B MAC
A ARP ARP Request
B MAC
1 ARP
Flooding 2 Flooding 345 Flooding
ARP

ARP B MAC
B

CPU CPU

TCP/IP
ARP DHCPRIP

ARP DHCP IP
DHCP RIP 30
RIP
Flooding TCP/IP NetBEUIIPX Apple Talk
Windows Window
s XP

l
l
l
l
l
l

ARP IP MAC
RIP
DHCP IP
NetBEUIWindows
IPXNovell Netware
Apple Talk Macintosh

LAN
VLAN
LAN
Interface
14
IP
4 LAN

VLAN VLAN

VLAN
VLAN
VLAN VLAN

VLAN
Flooding A 234

VLAN 12 VLAN 3
4 VLAN A VLAN
VLAN 2 VLAN
C VLAN
VLAN

VLAN
VLANVLAN ID

VLAN

VLAN
VLAN

VLAN VLAN
VLAN VLAN
VLAN
VLA
N VLAN

VLAN
VLAN

VLAN
VLAN
VLAN
VLAN
VLAN

VLAN

l
l

Access Link
Trunk Link

VLAN VLAN

VLAN

l
l

VLAN
VLAN

VLAN VLAN

VLAN
VLAN VLANPort Based VLAN
VLAN


VLA
N

VLAN
VLAN VLAN
VLAN 3

l
l
l

MAC VLANMAC Based VLAN


VLANSubnet Based VLAN
VLANUser Based VLAN

OSI VLAN
MAC VLAN MAC
MAC A VLAN10 MAC
A VLAN10
1 1 VLAN10 2 2 VLAN10

MAC VLAN OSI

MAC VLAN MAC

VLAN IP VLAN MA
C VLAN MAC IP
VLAN

MAC VLAN IP OSI


VLAN OSI

VLAN
VLAN Windo
ws OSI
VLAN OSI

VLAN VLAN VLAN

VLAN VLAN

VLAN VLAN

VLAN
VLAN
VLAN
VLAN

VLAN
AC BD VLAN

1 2
1 2 VLAN

VLAN
VLAN
VLAN

Trunk Link

Trunk Link VLAN


VLAN

UTP

VLAN
A 1 2 V
LAN
2 VLAN VLAN
VLAN
MAC MAC MAC
VLAN

VLAN

VLAN IEEE 802.1Q Ci


sco ISLInter Switch Link
VLAN
VLAN
100Mbps
VLAN
VLAN
VLAN
VLAN
IEEE802.1Q ISL

IEEE802.1Q ISL

VLAN VLAN
VLAN

l
l

IEEE802.1Q
ISL

VLAN

IEEE802.1Q
IEEE802.1QDot One Q IEEE VLAN

IEEE802.1Q VLAN MAC Type Fi


eld 2 TPID 2 TCI 4
4 CRC CRC
TPIDTCI

TPID TCI CRC


TPID 0x8100 TPID IEEE802.1Q
VLAN VLAN ID TCI 12 12
4096 VLAN
IEEE802.1Q VLAN
VLANTagging VLAN

ISLInter Switch Link


ISL Cisco IEEE802.1Q VLAN

ISL 26 ISL ISL Header


ISL 4 CRC
30
ISL ISL CRC
CRC CRC

ISL ISL CRC VLANEnca


psulated VLAN
IEEE802.1Q Tagging VLAN ISL Encapsulated VLAN

ISL Cisco Cisco

VLAN
VLAN


VLAN VLAN
VLAN
VLAN LAN
MAC MAC TCP/IP ARP
ARP MAC
MAC
VLAN
VLAN VLAN OSI
IP

Layer 3 Switch
VLAN

VLAN
VLAN VLAN

l
l

VLAN
VLAN

VLAN

2 VLAN 2
2 2

VLAN

LAN VLAN VLAN


LAN

VLAN
VLAN

V
LAN Sub Interface

VLAN VLAN
VLAN

VLAN
VLAN
LAN

VLAN
VLAN
IP

VLANVLAN ID=1 192.168.1.0/24 VLANVLAN ID=2


192.168.2.0/24 MAC A/B/C/D MAC
R MAC MAC

A VLAN B
A ARP B MAC MAC
VLAN B 2
2 B VLAN

VLAN
VLAN A C

A IP 192.168.2.1 C
Default GatewayGW ARP
MAC
MAC R C
MAC R IP C

1 MAC 1 VLAN
VLAN 6
MAC R 6
6 VLAN
VLAN VLAN
VLAN VLAN
VLAN

192.168.2.0/24 VLAN
VLAN MAC C
VLAN

VLAN MAC VLAN


C 3 3
VLAN 3 C

VLAN

VLAN
VLAN VLAN
VLAN VLAN

ASICApplication Specified Integrated Circuit


Wired Speed

VLAN

Layer 3 Switch

OSI


ASIC

VLAN VLAN

4 LAN
VLAN VLAN VLAN Interfa
ceVLAN VLAN Cisco Catalyst
VLAN Interface SVISwitched Virtual Interface

VLAN A B
B VLAN MAC
B 2 2

VLAN VLAN
A C IP A
Frame 1
MAC
VLAN VLAN Frame 2
VLAN VLAN
VLAN 192.168.2.0/24
VLAN VLAN
VLAN Frame 3

VLAN MAC 3
3 VLAN Frame 4
C

VLAN
Flow
VLAN

FTPFile Transfer Protocol MB MTU


IP
IP
TCP/UDP IP
Flow

VLAN

VLAN
VLAN

l
l
l
l
l
l
l

IP
IP
TCP/UDP
TCP/UDP

MAC

MAC IP
TTL Check Sum

Wired Speed

VLAN
Cisco Catalyst
Multi Layer Switching
VLAN

WAN

LAN
WAN ATM WAN

IPSec VPN
Virtual Private Network RADIUS
l

TCP/IP

TCP/IP Novell Netware IP


X/SPX Macintosh Appletalk
TCP/IP TCP/IP

Cisco Catalyst6500 W
AN IPSec VPN TCP/IP

LAN
LAN

VLAN TCP/IP VLAN

WAN
VPN Novell Netware TCP/IP

VLAN
VLAN
VLAN
VLAN

VLAN
VLAN
l

VLAN
1 2 VLAN

2 LAN 192.168.1.0/24 192.168.2.0/24


192.168.1.0/24 A 192.168.2.0/24
A
192.168.3.0/24 LAN
2 LAN
3 LAN

VLAN
1 2 VLAN
192.168.1.0/24 VLAN192.168.
2.0/24 VLAN

1 192.168.1.0/24 A 192.168.2.0/24
VLAN A 1 V
LAN
A IP IP
DHCP
VLAN
VLAN
192.168.3.0/24 1
92.168.3.0/24 VLAN

LAN
VLAN

VLAN

VLAN
VLAN

A C

A 1 1 2 C

A 1 VLAN
1 C
1 2 2
C 2
2
VLAN

VLAN

IP
VLAN

VLAN

VLAN
Configuring Mode

D_Lab_2950(config)#vlan 10
D_Lab_2950(config-vlan)#name thinkcentre
D_Lab_2950(config)#no vlan 3 // vlan 3

vlan database
D_Lab_2950#vlan database
D_Lab_2950(vlan)#vlan 10 name thinkcentre
D_Lab_2950(vlan)#no vlan 3
Switch Port Modes
access port access
trunk port trunk

//switchport mode access

//switchport mode trunk

dynamic portaccess trunk // switchport mode dyn


amic
Switch Port DTP Mode
access access DTP
trunk trunk trunk

nonegotiate DTP
DTP
DTP set trunk nonegotiate
DTP
dynamic desirable DTP DTP
ondesirable auto
desirable
dynamic auto DTP DTP
auto
auto

on on

off
VLAN
1.
2.
3.
4.

ISL
802.1Q
LANE (LAN Emulation)
802.10 (FDDI)

ISL and Layer 2 encapsulation

ISL 26
ISL 4 FCS
ISL
ISL
ISL ISL ISL
802.1Q Frame

802.1Q 802.1Q 802.ac V


LAN 4
VLAN
CRC
VLAN TPID 0x8100 Ethertype
TCI 16 3
3 8 0 7
1 802.3 0
VLAN ID12 4096
0x0-00 VID
0x0-01 VLAN
0x-F-FF
trunk
Switch(config)#interface fastethernet 0/2
Switch(config-if)#shutdown
Switch(config-if)#switchport trunk encapsulation dot1q / isl
Switch(config-if)#switchport trunk allowed vlan 1,2,13,15,990-1000
Switch(config-if)#switchport mode trunk
Switch(config-if)#switchport nonegotiate
Switch(config-if)#no shutdown
VLAN

ISL 2-1001 VLAN802.1Q VLAN1025-4094


802.1Q Tunneling

Dot1Q
Switch(config)#interface fastethernet1/5
Switch(config-if)#switchport access vlan 10
Switch(config-if)#switchport mode dot1q-tunnel
Switch(config-if)#exit
!
Switch(config)#vlan dot1q tag native
!
Switch#show dot1q-tunnel interface fastethernet1/5
VTP
1. VLAN
2. VLAN
3. trunk

VTP VLAN
VTP VLAN
VTP

Server Mode
catalyst VTP VTP

1.
2.
3.
4.

VLAN
VTP
VLAN
NVRAM

Client Mode
VTP VTP VTP
VTP
1.
2.
3.
4.

VLAN
VTP
VLAN
NVRAM

Transparent Mode

VTP VTP VLAN VTP


VLAN trunk 2 VTPVTP

1.
2.
3.
4.

VLAN
VTP
VLAN
NVRAM

VLAN
int fa 0/0
no ip add
!
int fa 0/0.1
encap isl 10
ip add 10.10.1.1 255.255.255.0
!
int fa 0/0.2
encap isl 20
ip add 10.20.1.1 255.255.255.0
VTP
VLAN VLAN VTP 5

VTP
CatOS
D_Lab_4000>(enable)set vtp v2 enable
D_Lab_4000>(enable)set vtp domain ccie
D_Lab_4000>(enable)set vtp password 0x8100
D_Lab_4000>(enable)set vtp mode server
D_Lab_4000>(enable)set vtp pruneeligible 2 // vlan
2-1005
D_Lab_4000>(enable)clear vtp pruneeligible 3-1005 // VLAN3-1005 VL
AN2
D_Lab_4000>(enable)sh vtp domain //
D_Lab_4000>(enable)sh vtp statistics // VTP
IOS
D_Lab_2950#vlan database
D_Lab_2950(vlan)#vtp v2 mode
D_Lab_2950(vlan)#vtp mode server
D_Lab_2950(vlan)#vtp domain ccie
D_Lab_2950(vlan)#vtp password ox8035
D_Lab_2950(vlan)#vtp pruning
D_Lab_2950#sh vtp counters // VTP

VLAN
D_Lab_4000>(enable)set vlan 2 name sales
D_Lab_4000>(enable)set vlan 2 2/1-2
D_Lab_4000>(enable)set trunk 2/12 on 1-5 isl
D_Lab_4000>(enable)clear trunk 2/12 5-1005
D_Lab_4000#sh trunk
D_Lab_2950#vlan database
D_Lab_2950(vlan)#vlan 2 name sales
D_Lab_2950(config-if)#switchport mode access
D_Lab_2950(config-if)#switchport access vlan 2
D_Lab_2950(config-if)#switchport mode dynamic auto/desirable
D_Lab_2950#sh vlan
D_Lab_2950#sh mac-address-table int fa0/10 vlan x
D_Lab_2950#sh int fa0/10 switchport
VLAN
D_Lab_2950(config)#int fa0/10
D_Lab_2950(config-if)#switchport trunk allowed vlan remove 2-10 12 15