Thursday, June 30, 2011

What is VLAN?

How to Setup a VLAN on a Cisco Switch
Have you ever wondered what a Virtual LAN (or VLAN) is or been unclear as to why you would want one? If so, I have been in your place at one time too. Since then, I have learned a lot about what a VLAN is and how it can help me. In this article, I will share that knowledge with you.

Okay, most of you already know what a LAN is but let’s give it a definition to make sure. We have to do this because, if you don’t know what a LAN is, you can’t understand what a VLAN is.

A LAN is a local area network and is defined as all devices in the same broadcast domain. If you remember, routers stop broadcasts, switches just forward them.

As I said, a VLAN is a virtual LAN. In technical terms, a VLAN is a broadcast domain created by switches. Normally, it is a router creating that broadcast domain. With VLAN’s, a switch can create the broadcast domain.
This works by, you, the administrator, putting some switch ports in a VLAN other than 1, the default VLAN. All ports in a single VLAN are in a single broadcast domain.

Because switches can talk to each other, some ports on switch A can be in VLAN 10 and other ports on switch B can be in VLAN 10. Broadcasts between these devices will not be seen on any other port in any other VLAN, other than 10. However, these devices can all communicate because they are on the same VLAN. Without additional configuration, they would not be able to communicate with any other devices, not in their VLAN.

Are VLANs required?
It is important to point out that you don’t have to configure a VLAN until your network gets so large and has so much traffic that you need one. Many times, people are simply using VLAN’s because the network they are working on was already using them.
Another important fact is that, on a Cisco switch, VLAN’s are enabled by default and ALL devices are already in a VLAN. The VLAN that all devices are already in is VLAN 1. So, by default, you can just use all the ports on a switch and all devices will be able to talk to one another.

When do I need a VLAN?
You need to consider using VLAN’s in any of the following situations:
You have more than 200 devices on your LAN
You have a lot of broadcast traffic on your LAN
Groups of users need more security or are being slowed down by too many broadcasts?
Groups of users need to be on the same broadcast domain because they are running the same applications. An example would be a company that has VoIP phones. The users using the phone could be on a different VLAN, not with the regular users.
Or, just to make a single switch into multiple virtual switches.

Why not just subnet my network?
A common question is why not just subnet the network instead of using VLAN’s? Each VLAN should be in its own subnet. The benefit that a VLAN provides over a subnetted network is that devices in different physical locations, not going back to the same router, can be on the same network. The limitation of subnetting a network with a router is that all devices on that subnet must be connected to the same switch and that switch must be connected to a port on the router.
With a VLAN, one device can be connected to one switch, another device can be connected to another switch, and those devices can still be on the same VLAN (broadcast domain).

How can devices on different VLAN’s communicate?
Devices on different VLAN’s can communicate with a router or a Layer 3 switch. As each VLAN is its own subnet, a router or Layer 3 switch must be used to route between the subnets.

What is a trunk port?
When there is a link between two switches or a router and a switch that carries the traffic of more than one VLAN, that port is a trunk port.
A trunk port must run a special trunking protocol. The protocol used would be Cisco’s proprietary Inter-switch link (ISL) or the IEEE standard 802.1q.

How do I create a VLAN?
Configuring VLAN’s can vary even between different models of Cisco switches. Your goals, no matter what the commands are, is to:
Create the new VLAN’s
Put each port in the proper VLAN
Let’s say we wanted to create VLAN’s 5 and 10. We want to put ports 2 & 3 in VLAN 5 (Marketing) and ports 4 and 5 in VLAN 10 (Human Resources). On a Cisco 2950 switch, here is how you would do it:

At this point, only ports 2 and 3 should be able to communicate with each other and ports 4 & 5 should be able to communicate. That is because each of these is in its own VLAN. For the device on port 2 to communicate with the device on port 4, you would have to configure a trunk port to a router so that it can strip off the VLAN information, route the packet, and add back the VLAN information.

What do VLAN’s offer?
VLAN’s offer higher performance for medium and large LAN’s because they limit broadcasts. As the amount of traffic and the number of devices grow, so does the number of broadcast packets. By using VLAN’s you are containing broadcasts.
VLAN’s also provide security because you are essentially putting one group of devices, in one VLAN, on their own network.

Article Summary
Here is what we have learned:
A VLAN is a broadcast domain formed by switches
Administrators must create the VLAN’s then assign what port goes in what VLAN, manually.
VLAN’s provide better performance for medium and large LAN’s.
All devices, by default, are in VLAN 1.
A trunk port is a special port that runs ISL or 802.1q so that it can carry traffic from more than one VLAN.
For devices in different VLAN’s to communicate, you must use a router or Layer 3 switch.

How a Cisco Switch functions on an Ethernet network

Many of us use switches every day but never really think about how they work. Whether you are studying to become a CCNA or just want to learn more about how a switch really functions, this article is for you.

Hubs vs. Switches
Prior to switches, Hubs were the standard for connecting devices on a local area network (LAN). The problem with hubs was that everything that went through them had to share the bandwidth of the link, bandwidth was wasted because all traffic was sent to all devices, and there were a lot of collisions because the hub didn’t do anything to prevent them. A switch fixes these problems.

What do switches do?
Here are some facts about switches that you should know:

•Switches work at Layer 2 of the OSI model, not Layer 1 like a hub

•Switches switch Ethernet frames

•Switches don’t look at IP address information, only Ethernet MAC addresses

•Switches keeps a table of all MAC addresses traversing the switch and what port they are on (this table is called the bridge forwarding table or CAM table)

•Switches only sends traffic to the devices that are the destination for that traffic, saving bandwidth

•Each device connected to the switch gets the full bandwidth of the switch port because the switch prevents collisions

Flooding
Now that you know that the switch has the bridge forwarding table and uses that to intelligently send traffic, a common question is, “what if the destination MAC address for the traffic that the switch receives is not in the bridge forwarding table?” What does the switch do with that Ethernet frame? The answer is that the switch will flood that frame out all ports on the switch. The switch will then monitor the traffic for the response from that frame and see what device, on what port, responded to that flooded frame. That information will be put in the bridge forwarding table so that, next time, the switch won’t have to flood that traffic.

Bridge forwarding table
To see the bridge forwarding table on a Cisco switch, just type show mac-address-table

Port speed & Duplex
Of particular importance when it comes to switches are port speed and duplex. The speed of a port can be set to 10Mb, 100Mb, or 1000Mb (1GB), or Auto negotiate, depending on what the switch and the connecting device offers. Most switch ports and devices use auto negotiate to find the best speed and duplex available. However, this doesn’t always work. Some devices have trouble with this and you may have to go in to the switch and hardcode the speed or duplex.

Speaking of duplex, what is duplex? Duplex is set to either half, full, or is auto negotiated. A half duplex connection is where only one device can send or receive at a time. A full duplex connection is where both devices can send and receive at the same time.

Thus, if you have a 100Mb half-duplex connection, only sending at 100Mb OR receiving at 100Mb can happen at the same time. If you have a 100Mb full duplex connection, you can effectively get 200Mb out of the link because you could be sending 100Mb and receiving 100Mb at the same time.

Here is how you see the current speed and duplex of a switch port using the show interface command:

Most administrators will hard-code the port speed and duplex of servers to prevent auto negotiation. You don’t want your switch to reboot one night and, in the morning, have the email server connecting to the network at 10Mb half-duplex. You want the email server to either run at 1GB full duplex (for example) or not work at all.

Types of Switches
There are a number of different types of switches. You can buy a “dumb” switch for about $10 these days. It has no manageability and probably only 4-8 ports. From there, you can go up to an unmanaged 24 or 48 port switch.

However, most business users prefer a managed switch so that you can get statistics on switch traffic, see your bridge forwarding table, troubleshoot connections, and hard-code port speeds and duplex.

There are many brands of managed switches including, of course, Cisco. These managed switches come in sizes from just a few ports, all the way up to over 96 ports. You can even buy chassis-based switches, costing tens of thousands of dollars, like a Cisco Catalyst 6500 series switch. The chassis-based switches can have blades (cards) that perform not just switching but also routing, intrusion detection, and other services.

Another type of switch is called a Layer 3 switch. A Layer 3 switch is a switch that also has the routing functionality of a router but no WAN ports. Layer 3 switches are used primarily when a large company wants to use VLAN’s to segregate their network into logical networks.

Article Summary
Here is what we have learned:

•Switches work at Layer 2 of the OSI model, data-link

•Switches switch Ethernet frames

•Flooding is when a switch doesn’t have a destination MAC in its bridge forwarding table and it has to send that frame out to all ports

•Port speed and duplex are critical settings when it comes to connecting devices.

•There are many types of switches, managed, unmanaged, chassis-based, and layer 3.

beach

beach
cottesloe beach restaurant

City of Perth

City of Perth
view from King's park

Houston TX

Houston TX

San antonio

San antonio
Powered By Blogger