VTP's Effects on VLAN Configuration
Before we get into the commands themselves, let's examine how VLANs have been implemented on Cisco switches historically. Since the lat 1990s, Cisco switches have supported a proprietary protocol that is intended to help engineers configure the same VLANs across multiple switches: the Virtual Trunking Protocol (VTP). For this article, you will not need to know the details of how VTP works, but we will look at how VTP affects how VLANs can be configured.
Cisco's original Catalyst switches supported a single trunking protocol: the Cisco Inter-Switch Link (ISL). Because ISL supported only VLANs from 1–1005, early versions of VTP also supported only those VLANs. This means that when using VTP version 1 or 2 (the default), the only supported VLANs would be from this standard range. This range was further limited by the fact that VLANs 1002–1005 were reserved, leaving only VLANs 1–1001 for user allocations.
The IEEE 802.1Q standard caused a lot of changes. One change related to this conversation is that the standard provided a trunking mechanism that supported up to 4,094 VLANs (minus the reserved ones). This welcome improvement provided additional flexibility to network engineers. However, VTP still didn't support the VLANs from this extended range until version 3, which wasn't released until 2009. This delay gave engineers a considerable amount of time to find—and learn to prefer—VLAN assignment (using the extended range) without using VTP.
How does this history affect how you configure VLANs? While all current Cisco switches support IEEE 802.1Q (some only support IEEE 802.1Q), they still ship with VTP server mode enabled, which means that they will support only the initial standard range of VLANs out of the box. To gain access to the extended range of VLANs, you must first configure VTP version 3, place the switch into VTP transparent mode, or disable VTP completely.
NOTE
Not all Cisco Catalyst switches support the configuration of all 4,090 VLANs (4,094 minus the four reserved); this is a limitation in the hardware of the switch. Keep this fact in mind when purchasing a lower-end switch, to ensure that the switch will support the number of VLANs required for your specific implementation.
VLAN Configurations Commands
Table 1
NOTE
The VLAN isn't added until you leave VLAN configuration mode.
Table 2
Table 2 shows another method of creating a VLAN: assigning an interface into a VLAN.
Table 3: Deleting a VLAN
Table 4: Verifying Existing Vlan
Because VTP is configured into server mode by default on most switches (as of this writing), the creation of extended VLANs will fail using either of the methods shown in Tables 1 and 2. Keep in mind that this failure will not occur until you leave VLAN configuration mode, so the command itself will be accepted.
To fix this problem, either the VTP version must be changed to 3, or the VTP mode must be changed to transparent or off. VTP version differences are a bit outside the scope of this article. Table 5 shows only the command to alter the VTP mode.
Table 5: Altering VTP Mode
Scenario: The University School
Suppose you work for a school at a university, and the school is in the process of moving to a different building. In the new building, administrative operations and academic labs will be located on the same floor. In the interest of saving money and time, it has been decided that all of the school's devices will be connected via a single network switch. Since security of the administrative devices is important, the administrative network must be physically or virtually separated from the academic network.
The administrative network devices will be assigned into VLAN 100, and all academic network devices will be assigned into VLAN 200. On the switch, all administrative devices will be connected to switchports Fast Ethernet 0/1–0/12, and all academic devices will be connected to switchports Fast Ethernet 0/13–0/24.
To set up this design, each interface must be configured into its respective VLAN. For purposes of this scenario, we will use the interface range command to assign switchports, as shown in Table 6.
Table 6: VLAN Configuration
Summary
Once you understand the essentials, configuring VLANs is not all that complex. Where you can be blindsided is with the caveats of a specific switch mode. Make sure to do your homework on the switch mode before attempting configuration. It is best to know early what you have to configure, instead of finding out when the configuration is actually happening and scheduled to function.
This article covers VLAN configuration basics, but we have addressed only one small piece of a typical VLAN configuration. Different sections of a department typically want to communicate outside their own little part of the world. For that capability, you will need to know about the configuration of a router on a stick (ROAS), multilayer switching, and trunking (IEEE 802.1Q). We will cover those details in later articles.
Post a Comment