Table of Contents
What is a VLAN?
A Virtual Local Area Network (VLAN) is a logical grouping of network devices that appear to be on the same LAN even if they are not physically located on the same network switch. VLANs are used to segment networks and control broadcast domains.
Benefits of VLANs:
- Improved security – VLANs segment networks logically instead of physically. This prevents access between devices that do not need to communicate with each other.
- Better manageability – VLANs help organize devices into logical groups that are easier to manage. Changes made to devices in a VLAN only affect that VLAN.
- Cost savings – VLANs reduce the need for additional physical switches and cabling. They also reduce broadcast and unicast traffic.
- Flexibility – Devices can be logically grouped into VLANs regardless of physical location. VLANs can span across multiple switches.
VLAN Concepts
- VLAN ID – A unique number between 1-4094 that identifies the VLAN. VLAN ID 1 is the default VLAN.
- Trunking – Carries traffic for multiple VLANs over a physical link between switches. Trunking uses tagging to keep VLAN traffic separate.
- Tagging – Adds a 4-byte VLAN tag to the frame header, allowing VLANs to be multiplexed over a trunk link.
- Native VLAN – The untagged VLAN on a trunk port. Every trunk port must have 1 native VLAN. Traffic on the native VLAN does not get tagged.
VLAN Configuration Steps
VLAN configuration involves configuring VLANs on switches, assigning switch ports to VLANs, and configuring trunk ports.
Step 1: Create VLANs
Use the vlan command in global configuration mode:
Switch(config)# vlan 10
Switch(config-vlan)# name ManagementThis creates VLAN 10 and names it “Management”.
Step 2: Assign Switch Ports
Configure switch ports as access ports to assign them to a VLAN:
Switch(config)# interface fastethernet 0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10This assigns port fa0/1 to VLAN 10.
Step 3: Configure Trunk Ports
Configure trunk ports to carry multiple VLANs:
Switch(config)# interface fastethernet 0/24
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk native vlan 1This sets port fa0/24 as a trunk port and sets the native VLAN to 1.
Verification Commands
Show VLANs:
Switch# show vlanDisplays all configured VLANs on the switch.
Show interfaces trunk:
Switch# show interfaces trunkVerifies VLAN configuration on trunk ports.
Show interfaces status:
Switch# show interfaces statusDisplays interface status and VLAN assignments.
Configuration Example
Topology:
VLAN Topology
Switch A Configuration:
interface FastEthernet0/1
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/2
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/3
switchport access vlan 20
switchport mode access
!
interface FastEthernet0/4
switchport trunk encapsulation dot1q
switchport mode trunk
!
interface Vlan10
ip address 192.168.10.1 255.255.255.0
!
interface Vlan20
ip address 192.168.20.1 255.255.255.0This configures ports fa0/1 and fa0/2 as access ports in VLANs 10 and 20 respectively. It configures fa0/3 as a trunk port to carry multiple VLANs. It also assigns IP addresses to VLAN interfaces 10 and 20.
Conclusion
VLANs improve network performance, security, and manageability by logically segmenting a network. Proper VLAN planning and configuration is vital for effective use. This article covered VLAN concepts, configuration steps, and an example to help you get started with deploying VLANs.
