Virtual Local Area

Network(VLAN)
Compiled By : MISS KIRAN AYUB

VLAN -Introduction

A virtual local area network is a group of

hosts with a common set of requirements
that communicate as if they were attached
to the same broadcast domain, regardless
of their physical location.

A VLAN is independent lan.

VLAN -Introduction
VLANs logically segment switched networks
based on the functions, project teams, or
applications of the organization regardless of
the physical location or connections to the
network.
All workstations and servers used by a
particular workgroup share the same VLAN,
regardless of the physical connection or
location.
Configuration or reconfiguration of VLANs is
done through software.

VLAN -Introduction

Physically connecting or moving cables and

equipment is unnecessary when configuring
VLANs
A workstation in a VLAN group is restricted to
communicating with file servers in the same
VLAN group.
VLANs function by logically segmenting the
network into different broadcast domains so
that packets are only switched between ports
that are designated for the same VLAN.

VLAN operation

Each switch port could be assigned to a different VLAN.

Ports assigned to the same VLAN share broadcasts.
Ports that do not belong to that VLAN do not share these
broadcasts.
This improves the overall performance of the network
Static membership VLANs are called port-based and port-centric
membership VLANs.
As a device enters the network, it automatically assumes the
VLAN membership of the port to which it is attached
The default VLAN for every port in the switch is the management
VLAN.
The management VLAN is always VLAN 1 and may not be
deleted.
All other ports on the switch may be reassigned to alternate
VLAN
VLANs offer more bandwidth to users than a shared network.

Benefits of VLANs

The key benefit of VLANs is that they permit the network

administrator to organize the LAN logically instead of
physically. This means that an administrator is able to do
all of the following:

Easily move workstations on the LAN.

Easily add workstations to the LAN.
Easily change the LAN configuration.
Easily control network traffic.
Improve security.

Types Of Vle VLAN.AN

Static VLAN
Static VLAN works with port numbers.
Administrator manually add ports numbers
in the VLAN.
Configuration is easy to setup and monitor

Types Of VLAN
Dynamic VLAN:
Dynamic VLAN works with MAC address
Administrator adds only MAC address in
VLAN
By using VMPS(VLAN management policy
server)dynamic VLAN will work
VMPS contains MAC Address and respective
VLAN number,

Broadcast domains with VLANs and routers

A VLAN is a broadcast domain created by one or more switches
Figure shows how three separate broadcast domains are created
using three separate switches.
Layer 3 routing allows the router to send packets to the three
different broadcast domains.

10

Broadcast domains with VLANs and routers

In Figure , a VLAN is created using one router and one switch.

However, there are three separate broadcast domains.
three separate broadcast domains are created. The router
routes traffic between the VLANs using Layer 3 routing.

11

Functions of VLAN
It is switching technology
Logically group user
Segmenting Broadcast domain
Access control
VLAN is a logical broadcast domain
QOS(quality of services)=IP Phone
Ease of management Troubleshooting

12

Types Of Links/Ports

1 Access links

2 Trunk links

Connecting to end devices(hosts or router)

part of one VLAN
Do not belong to VLAN
Carry multiple VLANs traffic
Link between two switches.

3 Hybird link

can carry both tagged and untagged frames

13

Frame Tagging/Trunking protocols

ISL (Inter-Switch Link)

IEEE 802.1Q

Its a Cisco proprietary

Open standard

Its works with Ethernet,Token

ring,FDDI

It works only on Ethernet

It adds 30 bytes of tag

Only 4 Byte tag will be added

to original frame

All VLAN traffic is tagged

14

Vlan -Tagging
LAN emulation (LANE) is a way to make an Asynchronous Transfer
Mode (ATM) network simulate an Ethernet network.
There is no tagging in LANE, but the virtual connection used implies
a VLAN ID.
As packets are received by the switch from any attached end-station
device, a unique packet identifier is added within each header.
This header information designates the VLAN membership of each
packet.
The packet is then forwarded to the appropriate switches or routers
based on the VLAN identifier and MAC address.
Upon reaching the destination node the VLAN ID is removed from the
packet by the adjacent switch and forwarded to the attached device.
Packet tagging provides a mechanism for controlling the flow of
broadcasts and applications while not interfering with the network
and applications.

15

Frame Tagging/Trunking protocols

DM

SM

4 Bytes Tag

3 Bit PRI

Ethernet Frame

FCS

VLAN

Cisco Term Trunk

Destination Mac address
Source Mac address

16

Configuring static VLANs

NEW METHOD

OLD METHOD

Switch>enable
Switch#conf t
Switch(config)#vlan <ID>
Switch(config-vlan)#name <
vlan name>

Switch>enable
Switch#vlan database
Switch(vlan)#vlan <ID> name <
vlan name>

17

Example:Configuring static
VLANs
Switch>enable
Switch#conf t
Switch(config)#vlan 20
Switch(config-vlan)#name IT

18

Example:Configuring static VLANs

Switch>enable
Switch#vlan database
% Warning: It is recommended to configure
VLAN from config mode,as VLAN database mode
is being deprecated. Please consult user
documentation for configuring VTP/VLAN in
config mode.
Switch(vlan)#vlan 30 name HR
VLAN 30 added:
Name: HR
19

Assigning single Port to

VLAN
Switch#conf t
Enter configuration commands, one per
line. End with CNTL/Z.
Switch(config)#
Switch(config)#int fa 0/3
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 30
30 is vlan number

20

Assigning multiple Ports to

VLAN

Switch#conf t
Enter configuration commands, one per line.
End with CNTL/Z.
Switch(config)#
Switch(config)#int range fa 0/1-2
Switch(config-if-range)#switchport mode access
Switch(config-if-range)#switchport access vlan
20
20 is vlan ID/number

21

Verifying VLAN configuration

A good practice is to verify VLAN configuration
by using the show vlan, show vlan brief, or
show vlan id id_number commands.
When a VLAN is deleted any ports assigned to
that VLAN become inactive. The ports will,
however, remain associated with the deleted
VLAN until assigned to a new VLAN.
The following facts apply to VLANs:

A created VLAN remains unused until it is mapped to

switch ports.
All Ethernet ports are on VLAN 1 by default.

22

To make a trunk link

Switch>en
Switch#conf t
Switch(config)#int fa0/5
Switch(config-if)#switchport mode trunk
Fa0/5 (fastEthernet 0/5 is port number)

23

Router On A Stick
After assigning the IP add to the PCs
Step 1:

click on the switch and create VLANs

assign ports to the VLAN

Step 2:
Make a Trunk Link
Step 3:
click on the Router and write the following
commands

24

Router On A Stick (Step-1)

Switch>en
Switch#conf t
Switch(config)#vlan 20
Switch(config-vlan)#name hr
Switch(config-vlan)#vlan 30
Switch(config-vlan)#name it
Switch(config-vlan)#exit
Switch(config)#int ra fa0/1-2
Switch(config-if-range)#switchport access vlan 20
Switch(config-if-range)#int ra fa0/3-4
Switch(config-if-range)#switchport access vlan 30
Switch(config-if-range)#do show vlan

25

Router On A Stick (Step 2)

Switch(config)#int fa 0/5
Switch(config-if)#switchport mode trunk
Switch(config-if)#no shutdown

26

Router On A Stick (Step 3)

Click on the Router and write the following commands:
Router(config-subif)#int fa0/0.1
Router(config-subif)#encapsulation dot1q 20
Router(config-subif)#ip address 192.168.1.1
255.255.255.0
Router(config-subif)#exit

Router(config)#int fa0/0.2
Router(config-subif)#encapsulation dot1q 30
Router(config-subif)#ip address 192.168.2.1
255.255.255.0

27