| VLAN CONFIGURATION ON SWITCH 2960 | |||
| Devices | IP Address | VLAN | Connected With |
| PC0 | 10.0.0.2 | VLAN10 | Switch1 on F0/1 |
| PC1 | 20.0.0.2 | VLAN20 | Switch1 on F0/2 |
| PC2 | 10.0.0.3 | VLAN10 | Switch2 on F0/1 |
| PC3 | 20.0.0.3 | VLAN20 | Switch2 on F0/2 |
| PC4 | 10.0.0.4 | VLAN10 | Switch3 on F0/1 |
| PC5 | 20.0.0.4 | VLAN20 | Switch3 on F0/2 |
| 2960 – 24 TTL Switch 1 Configuration | |||
| Port Connected to | VLAN | LINK | STATUS |
| F0/1 With PC0 | VLAN10 | Access | OK |
| F0/2 With PC1 | VLAN20 | Access | OK |
| Gig1/1 With Router | VLAN 10,20 | Trunk | OK |
| Gig 1/2 With Switch2 | VLAN 10,20 | Trunk | OK |
| F0/24 Witch Switch2 | VLAN 10,20 | Trunk | OK |
| 2960 – 24 TTL Switch 2 Configuration | |||
| F0/1 With PC0 | VLAN10 | Access | OK |
| F0/2 With PC1 | VLAN20 | Access | OK |
| Gig 1/2 With Switch1 | VLAN 10,20 | Trunk | OK |
| Gig 1/1 With Switch3 | VLAN 10,20 | Trunk | OK |
| F0/24 Witch Switch1 | VLAN 10,20 | Trunk | Blocked |
| F0/23 Witch Switch3 | VLAN 10,20 | Trunk | OK |
| 2960 – 24 TTL Switch 3 Configuration | |||
| F0/1 With PC0 | VLAN10 | Access | OK |
| F0/2 With PC1 | VLAN20 | Access | OK |
| Gig 1/1 With Switch2 | VLAN 10,20 | Trunk | OK |
| F0/24 Witch Switch1 | VLAN 10,20 | Trunk | Blocked |
Task
You are the administrator at ComputerNetworkingNotes.com. company have two department sales and management. You have given three pc for sales and three pc in management. You created two
VLAN. VLAN 10 for sales and VLAN20 for management. For backup purpose you have
interconnected switch with one extra connection. You have one router for intera VLAN communications.
Let's start configuration first assign IP address to all pc's
To assign IP address double click on pc and select ip configurations from desktop tab and give ip address as shown in table given above
To assign IP address double click on pc and select ip configurations from desktop tab and give ip address as shown in table given above
VLAN Trunking Protocol
Configure VTP Server
We will first create a VTP Server so it can automatically propagate VLAN information to other switch. Double click on Switch1 and select CLI. Set hostname to S1 and create VTP domain name example and set password to vinita ( Remember password is case sensitive ).
Switch 1
Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname S1
S1(config)#vtp mode server
Device mode already VTP SERVER.
S1(config)#vtp domain example
Changing VTP domain name from NULL to example
S1(config)#vtp password vinita
Setting device VLAN database password to vinita
Configure VTP clients
Once you have created a VTP domain. Configure remaining Switch to Client mode.
Switch 2
Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname S2
S2(config)#vtp mode client
Setting device to VTP CLIENT mode.
S2(config)#vtp domain example
Changing VTP domain name from NULL to example
S2(config)#vtp password vinita
Setting device VLAN database password to vinita
S2(config)#
Switch 3
Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname S3
S3(config)#vtp mode client
Setting device to VTP CLIENT mode.
S3(config)#vtp domain example
Changing VTP domain name from NULL to example
S3(config)#vtp password vinita
Setting device VLAN database password to vinita
S3(config)#
Dynamic Trunking Protocol
Configure DTP port
All Switch ports remain by default in access mode. Access port can not transfer the trunk frame. Change mode to trunk on all the port those are used to interconnect the switches
Switch 1
S1(config)#interface fastEthernet 0/24
S1(config-if)#switchport mode trunk
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/24,
changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/24,
changed state to up
S1(config-if)#exit
S1(config)#interface gigabitEthernet 1/1
S1(config-if)#switchport mode trunk
S1(config-if)#exit
S1(config)#interface gigabitEthernet 1/2
S1(config-if)#switchport mode trunk
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/2,
changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/2,
changed state to up
S1(config-if)#exit
S1(config)#
Switch 2
S2(config)#interface gigabitEthernet 1/1
S2(config-if)#switchport mode trunk
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/1,
changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/1,
changed state to up
S2(config-if)#exit
S2(config)#interface gigabitEthernet 1/2
S2(config-if)#switchport mode trunk
S2(config-if)#exit
S2(config)#interface fastEthernet 0/23
S2(config-if)#switchport mode trunk
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/23,
changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/23,
changed state to up
S2(config-if)#exit
S2(config)#interface fastEthernet 0/24
S2(config-if)#switchport mode trunk
S2(config-if)#exit
Switch 3
S3(config)#interface fastEthernet 0/24
S3(config-if)#switchport mode trunk
S3(config-if)#exit
S3(config)#interface gigabitEthernet 1/1
S3(config-if)#switchport mode trunk
S3(config-if)#exit
Virtual LAN (VLAN)
Create VLAN
After VTP server configuration its time to organize VLAN. We need only to create VLAN on VTP server and reset will be done by VTP Server automatically.
Switch 1
S1(config)#vlan 10
S1(config-vlan)#exit
S1(config)#vlan 20
S1(config-vlan)#exit
S1(config)#
As we have already configure VTP server in our network so we don't need to create VLAN on S2 or S3. We need only to associate VLAN with port.
Assign VLAN membership
Switch 1
S1(config)#interface fastEthernet 0/1
S1(config-if)#switchport access vlan 10
S1(config-if)#interface fastEthernet 0/2
S1(config-if)#switchport access vlan 20
Switch 2
S2(config)#interface fastEthernet 0/1
S2(config-if)#switchport access vlan 10
S2(config-if)#interface fastEthernet 0/2
S2(config-if)#switchport access vlan 20
Switch 3
S3(config)#interface fastEthernet 0/1
S3(config-if)#switchport access vlan 10
S3(config-if)#interface fastEthernet 0/2
S3(config-if)#switchport access vlan 20
Now we have two working vlan. To test connectivity do ping form 10.0.0.2 to 10.0.0.3 and 10.0.0.4. if you get successfully replay then you have successfully created VLAN and VTP server.
Spanning-Tree Protocol
In this configuration STP will block these ports F0/24 of S1 , F0/23 and F0/24 of S2 and F0/24 of S3 to avoid loop at layer to two. Verify those ports blocked due to STP functions
Verify STP ports
Switch 2
S2#show spanning-tree active
VLAN0001
Spanning tree enabled protocol ieee
Root ID Priority 32769
Address 0002.174D.7794
Cost 4
Port 26(GigabitEthernet1/2)
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)
Address 00D0.FF08.82E1
Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec
Aging Time 20
Interface Role Sts Cost Prio.Nbr Type
---------------- ---- --- --------- -------- ---------------------------
Fa0/1 Desg FWD 19 128.1 P2p
Fa0/2 Desg FWD 19 128.2 P2p
Fa0/23 Desg FWD 19 128.23 P2p
Fa0/24 Altn BLK 19 128.24 P2p
Gi1/1 Desg FWD 4 128.25 P2p
Gi1/2 Root FWD 4 128.26 P2p
[Output is omitted]
S2#
You can test STP protocols status on S1 and S3also with
show spanning-tree active command
show spanning-tree active command
Router on Stick
At this point of configurations you have two successfully running VLAN but they will not connect each other. To make intra VLAN communications we need to configure router . To do this double click on router and select CLI.
Configure intra VLAN
Router
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface fastEthernet 0/0
Router(config-if)#no ip address
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#interface fastEthernet 0/0.10
Router(config-subif)#encapsulation dot1Q 10
Router(config-subif)#ip address 10.0.0.1 255.0.0.0
Router(config-subif)#exit
Router(config)#interface fastEthernet 0/0.20
Router(config-subif)#encapsulation dot1Q 20
Router(config-subif)#ip address 20.0.0.1 255.0.0.0
Router(config-subif)#exit
To test connectivity between different vlan do ping form any pc to all reaming pc. it should be ping successfully. If you have error download this configured topology and cross check that where you have committed mistake.
VLAN VTP Server STP DTP command reference sheet
| Switch(config)#vlan 10 | Creates VLAN 10 and enters VLAN configuration mode for further definitions. |
| Switch(config-vlan)#name Sales | Assigns a name to the VLAN. The length of the name can be from 1 to 32 characters. |
| Switch(config-vlan)#exit | Applies changes, increases the revision number by 1, and returns to global configuration mode. |
| Switch(config)#interface fastethernet 0/1 | Moves to interface configuration mode |
| Switch(config-if)#switchport mode access | Sets the port to access mode |
| Switch(config-if)#switchport access vlan 10 | Assigns this port to VLAN 10 |
| Switch#show vlan | Displays VLAN information |
| Switch#show vlan brief | Displays VLAN information in brief |
| Switch#show vlan id 10 | Displays information about VLAN 10 only |
| Switch#show vlan name sales | Displays information about VLAN named sales only |
| Switch#show interfaces vlan x | Displays interface characteristics for the specified VLAN |
| Switch#delete flash:vlan.dat Delete filename [vlan.dat]? Delete flash:vlan.dat? [confirm] Switch# | Removes the entire VLAN database from flash. Make sure there is no space between the colon (:) and the characters vlan.dat. You can potentially erase the entire contents of the flash with this command if the syntax is not correct. Make sure you read the output from the switch. If you need to cancel, press ctrl+c to escape back to privileged mode: |
| Switch(config)#interface fastethernet 0/5 | Moves to interface configuration mode. |
| Switch(config-if)#no switchport access vlan 5 | Removes port from VLAN 5 and reassigns it to VLAN 1—the default VLAN. |
| Switch(config-if)#exit | Moves to global configuration mode. |
| Switch(config)#no vlan 5 | Removes VLAN 5 from the VLAN database. |
| Switch#copy running-config startupconfig | Saves the configuration in NVRAM |
| Switch(config-if) #switchport mode trunk | Puts the interface into permanent trunking mode and negotiates to convert the link into a trunk link. |
| Switch(config)#vtp mode server | Changes the switch to VTP server mode. |
| Switch(config)#vtp mode client | Changes the switch to VTP client mode. |
| Switch(config)#vtp mode transparent | Changes the switch to VTP transparent mode. |
| Switch(config)#no vtp mode | Returns the switch to the default VTP server mode. |
| Switch(config)#vtp domain domain-name | Configures the VTP domain name. The name can be from 1 to 32 characters long. |
| Switch(config)#vtp password password | Configures a VTP password . |
| Switch(config)#vtp pruning | Enables VTP pruning |
| Switch#show vtp status | Displays general information about VTP configuration |
| Switch#show vtp counters | Displays the VTP counters for the switch |
This logical diagram explains a simple interVLAN routing scenario. The scenario can be expanded to include a multi-switch environment by first configuring and testing inter-switch connectivity across the network before configuring the routing capability. For such a scenario that uses a Catalyst 3550, refer to Configuring InterVLAN Routing with Catalyst 3550 Series Switches.
Step-by-Step Instructions
Complete these steps to configure a switch to perform interVLAN routing.1. Enable routing on the switch by using the ip routing command. Even if IP routing was previously enabled, this step ensures that it is activated.
2. Switch(config)#ip routing
Note: If the switch does not accept the ip routing command, upgrade to either SMI image Cisco IOS Software Release12.1(11)EA1 or later, or an EMI image, and repeat this step. See the Prerequisites section for more information.
Tip: Check the show running-configuration . Verify whether ip routing is enabled. The command, if enabled, appears towards the top of the output.
hostname Switch!!ip subnet-zeroip routing!vtp domain Ciscovtp mode transparent3. Make note of the VLANs that you want to route between. In this example, you want to route traffic between VLANs 2, 3 and 10.
4. Use the command to verify that the VLANs exist in the VLAN database. If they do not exist, add them on the switch. This is an example of adding VLANs 2, 3, and 10 to the switch VLAN database
5. Switch#vlan database
6. Switch(vlan)#vlan 2
7. VLAN 2 added:
8. Name: VLAN0002
9. Switch(vlan)#vlan 3
10. VLAN 3 added:
11. Name: VLAN0003
12. Switch(vlan)#vlan 10
13. VLAN 10 added:
14. Name: VLAN0010
15. Switch(vlan)#exit
16. APPLY completed.
Exiting....Tip: You can use VLAN Trunking Protocol (VTP) to propagate these VLANs to other switches. Refer to Understanding and Configuring VLAN Trunk Protocol (VTP).
17. Determine the IP addresses you want to assign to the VLAN interface on the switch. For the switch to be able to route between the VLANs, the VLAN interfaces must be configured with an IP address. When the switch receives a packet destined for another subnet/VLAN, the switch looks at the routing table to determine where to forward the packet. The packet is then passed to the VLAN interface of the destination. It is in turn sent to the port where the end device is attached.
18. Configure the VLAN interfaces with the IP address identified in step 4.
19. Switch#configure terminal
20. Enter configuration commands, one per line. End with CNTL/Z.
21. Switch(config)#interface Vlan2
22. Switch(config-if)#ip address 10.1.2.1 255.255.255.0
23. Switch(config-if)#no shutdown
Repeat this process for all VLANs identified in step 1.
24. Configure the interface to the default router. In this scenario you have a Layer 3 FastEthernet port.
25. Switch(config)#interface FastEthernet 0/1
26. Switch(config-if)#no switchport
27. Switch(config-if)#ip address 200.1.1.1 255.255.255.0
28. Switch(config-if)#no shutdown
The no switchport command makes the interface Layer 3 capable. The IP address is in the same subnet as the default router.
Note: This step can be omitted if the switch reaches the default router through a VLAN. In its place, configure an IP address for that VLAN interface.
29. Configure the default route for the switch.
30. Switch(config)#ip route 0.0.0.0 0.0.0.0 200.1.1.2
From the diagram in the Task section, note that the IP address of the default router is 200.1.1.2. If the switch receives a packet for a network not in the routing table, it forwards it to the default gateway for further processing. From the switch, verify that you can ping the default router.
Note: The ip default-gateway command is used to specify the default gateway when routing is not enabled. However, in this case, routing is enabled (from step 1). Therefore, the ip default-gateway command is unnecessary.
31. Configure your end devices to use the respective Catalyst 3550 VLAN interface as their default gateway. For example, devices in VLAN 2 should use the interface VLAN 2 IP address as its default gateway. Refer to the appropriate client configuration guide for more information on how to designate the default gateway.
32. (Optional) When you implement Inter-VLAN routing, you can also isolate some VLANs from being routed. Refer to the Isolation Between Two Layer 3 VLANs section of Creating Ethernet VLANs on Catalyst Switches for more information.
Verify
This section provides the information to confirm that your configuration works properly.Certain show commands are supported by the Output Interpreter Tool (registered customers only) . This allows you to view an analysis of showcommand output.
· show ip route - Provides a snapshot of the routing table entries.
· Cat3550#show ip route
· Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
· D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
· N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
· E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
· i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
· * - candidate default, U - per-user static route, o - ODR
· P - periodic downloaded static route
·
· Gateway of last resort is 200.1.1.2 to network 0.0.0.0
·
· 200.1.1.0/30 is subnetted, 1 subnets
· C 200.1.1.0 is directly connected, FastEthernet0/48
· 10.0.0.0/24 is subnetted, 3 subnets
· C 10.1.10.0 is directly connected, Vlan10
· C 10.1.3.0 is directly connected, Vlan3
· C 10.1.2.0 is directly connected, Vlan2
· S* 0.0.0.0/0 [1/0] via 200.1.1.2
Note that the routing table has an entry for each VLAN interface subnet. Therefore, devices in VLAN 3 can communicate with devices in VLAN 10, VLAN 2 and vice versa. The default route with the next hop 200.1.1.2 allows the switch to forward traffic to the gateway of last resort (for traffic the switch cannot route).
· show ip interface brief - Lists a brief summary of an interface's IP information and status. This command is used to verify that the VLAN interfaces and ports on the switch are up/up.
0 comments:
Post a Comment