VIRTUAL LOCAL AREA NETWORK(VLAN)

VIRTUAL LOCAL AREA NETWORK(VLAN)

A VLAN is a logical grouping of network users and resources connected to administratively defined ports on switch. When you create  VLANS, you're given the ability to create smaller broadcast domain within a layer2 switched inter-network by assigning different ports on the switch to different sub networks. A VLAN is treated like its own subnet or broadcast domain.

By default, hosts in a specific VLAN cannot communicate with hosts that are members of another VLAN, so even inter communication among different VLANs is also possible by creating trunk port on switch and sub-interfaces on routers.

If you create VLAN many network related problems in Layer 2 can be solved.
Here's short list of ways VLANs simplify network management.
  •  Network adds, moves, and changes are achieved with ease by just configuring aport into the appropriate VLAN.
  • A group of users that need an unusually high level of security can be put into its own VLAN so that users outside of the VLAN can't communicate with them.
  • As a logical grouping of users by function, VLANs can be considered independent from their physical or geographic locations.
  • VLANs greatly enhance network security.
  • VLANs increase the number of broadcast domains while decreasing their size.
 Ports in the VLANs are Access ports and Trunk ports.
Access ports: It belongs and carries traffic of only one VLAN.
Trunk Port: It carries multiple VLANs at a time. A trunk link is a 100 or 1000 Mbps point-to-point link between two switches, between switch and router, or even between a switch and server, and it  carries the traffic of multiple VLANs from 1 to 4,094 at a time(though it's really only up to 1005 unless you're going with extended VLANs)

Creating a VLAN in Switch
Syntax:
Switch(Config)#vlan <vlan no>
Switch(Config)#name <vlan name>
 Moving interfaces under VLAN
Syntax
Switch(config)#interface fastethernet <interface no>
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan <vlan no>

Trunk port configuration
Syntax
Switch(config)#interface fastethernet <interface no>
Switch(config-if)#switchport mode trunk
Switch(config-if)#switchport trunk allowed vlan <all/vlan nos>

Verification commands
Switch#show vlan
Switch#show interface trunk

VLAN TRUNKING PROTOCOL(VTP)

The basic goals of VLAN Trunking Protocol(VTP) are to manage all configured VLANs across a switched inter-network and to maintain consistency throughout that network VTP allows you to add, delete, and rename VLANs- information that is then propagated to all other switches in the VTP domain.
Features of VTP:
  • Consistent VLAN configuration across all switches in the network
  • VLAN trunking over mixed networks, such as Ethernet to ATM LANE or even FDDI
  • Accurate tracking and monitoring of VLANs.
  • Dynamic reporting of added VLANs to all switches in the VTP domain.
  • Plug and play VLAN adding.
A VTP has three modes of configuration.
  1. Server
  2. Client 
  3. Transparent
A server mode always sends the update to clients and Client mode simply accepts the Server information and update in its database. Whereas Transparent will not take any update from server, but bypass the update from Server to it's next Client.

Configuring VTP
Switch(config)#vtp domain <name>
Switch(config)#vtp password <password>
Switch(config)#vtp mode <Server/Client/Transparent>
Verification Commands
Switch#show vtp status
Switch#show vtp password

INTER-VLAN ROUTING

  • It is the process to communicate one VLAN to another VLAN.
  • We need a router
  • Each VLAN should be configured with different IP networks.
  • Based on VLANs should create sub-interfaces on the router(maximum 4.3 billion sub-interfaces can create on one physical interface)
  • On which interface router has connected that port should be trunk port.
Steps for switch configuration
  1. Create VLANs
  2. Moving ports under VLAN
  3. Creating Trunk
Router Configuration
Router(config)#interface ethernet <0.1/0/0.1>
Router(config-if)#encapsulation dot1q <vlan no>
Router(config-Subif)#ip address <ipaddress> <subnetmask>
Router(config-subif)#no shutdown
Router(config-subif)#exit

Port Security
Port security is used to control network access based on the following.
  1. Mac Address
  2. Number of Mac address per port.
If any violation takes place the following actions can be configured.
  • Shutdown
  • Restrict
  • Protect
  • Violation
Shutdown:- The port becomes error disabled and the port LED turns off.
Protect:- Frames with unknown source MAC address are dropped. It does not notifies that a security violation has occurred.
Restrict:- Frames with unknown source address are dropped it gives a notification (log message) that security violation has occurred.
Steps for configuring port security
Switch(config)#interface fastethernet <interface no>
Switch(config-if)# switchport mode access
Switch(config-if)# switchport port-security
Switch(config-if)# switchport port-secuirty maximum <value>
Switch(config-if)# switchport port-security mac-address <mac-address/sticky>
Switch(config-if)# switchport port-security violation {protect/restrict/shutdown}

Verification command
Switch# show port-security

To be continued.....



 

Comments

Post a Comment

Popular posts from this blog

Reasoning-Number Series

Complete the following series 225,224,____,222,221 a)220         b)223         c)219           d)226 Answer: b)      2. 17,19,23,29,31,37,______     a)41               b)43         c)40           d)42    Answer: If you look at the above series they are all prime numbers, next series will be 41        3.225,196,169,____,121,100,81     a)156              b)144         c)136           d)125 Answer: above series can be written as 15^2,14^2,13^2,____,11^2,10^2,9^2. The missing series is 12^2=144.     4.12,14,15,16,18,20     a)22              b)25         c)21           d)23 Answer: consider above series into two alternate parts. Like 12,15,18,____ & 14,16,20. Then the difference of two alternate series as follows: 3,3,3___ & 2,4. Next series after 18 need to be added with 3= 18+3=21.     5.64,125,216,343,__     a)64              b)424         c)317           d)512 Answer: The above series can be written, 4^3,5^3,6^3,7^3, then the next
Read more

Reasoning-Letter Series

Question & Answers 46. abc-a--d-bcdabcd (1)d b b a        (2)d c a a        (3)a b c d     (4)d b c a 47.b-da-cda-c-abc (1)a a b b        (2)d b c a        (3)a d b c     (4)c b b d 48. a a a b -b c - - a a - (1)a b b c        (2)a c b c        (3)b a c a     (4)b c c a 49. -b a b - b c b c - c a - a b (1)a b c c         (2)a b c b        (3)a c a c     (4)a a c b 50.a b c - - c b a a - c d d c - a (1)d b d b        (2)d d b b         (3)b c a d     (4)a d b c 51.E, A _, O, I (1)E        (2)U        (3)X     (4)V 52.D , F ,G, H , J ,K , L, M , N __ (1)O        (2)Q        (3)P     (4)R 53.E, J, O , T, Y, ____ (1)D        (2)Z        (3)C     (4)E 54.G, J, N , Q, U, ____ (1)W        (2)X        (3)Y     (4)Z 55.R, K, F, C, ____ (1)Z        (2)Y        (3)W     (4)A 56. BY,CX,EV, GT, KP,____ (1)JQ        (2)MN        (3)PK     (4)LO 57.AI,EO,IU,__,UE (1)OU        (2)OI        (3)UA     (4)OA 58.AP, BQ, CR, DS, ____ (1)ET        (2)EU        (3
Read more

Multiply Negative numbers in java

For this challenge, you will be given an array and you are asked to count how many numbers are negative and multiply them and print the output to the STDOUT.  Input Format  -  you will be taking a number as an input from STDIN which tells about the length of the array. On another line, array elements should be there with single space between them.  Output Format  -  print the multiplication to the STDOUT.  Sample Test Case:   Sample Input: - 7 -8 -7 6 0 7 -1 6 Sample Output  -  -56  Explanation:   There are three negative numbers present in the array and their multiplication comes out to be -56.
Read more