How many VLANs can you have?
There are several
VLAN ranges that are in effect. First and foremost there are VLANs 0 and 4095
which are reserved for system use only. Than you have the default VLAN 1, cannot
be modified or deleted. Important thing to know is that you can change your default
VLAN on a switch, so it is not always the case that 1 is default. VLANs 2-1001
are regular VLANs which can be used normally; 1002-1005 are FDDI and token ring
VLANs and cannot be deleted. In the end there are extended VLANs which range
from 1006 to 4094 which are normally not available for use.
What’s a native VLAN?
A native VLAN is a
the default VLAN for every port that is not assigned one and a must when
configuring a 802.1Q trunk. When you have a trunk link and if you want it to
communicate well it is imperative that you have the same native VLAN on both
sides of your trunk. In dot1q trunking packets which travel the link untagged
(since each packet is tagged with a VLAN number) are understood by switches as
native VLAN packets, so you see if two switches understand differently which is
native you can have a real mess on your hands with the link not forming.
Why are VLANs important, can they be good and bad?
VLANs help us
separate parts of a network. Every VLAN is a new broadcast domain which helps
prevent broadcast storms. Unknown MAC unicast traffic is a problem in large
networks where switches who don’t know the receiver flood the packet to all
ports. Finding and isolating problems is much easier in a nicely designed VLAN
so why not have it?
How should you divide your VLANs?
Depending on your
needs you can separate it geographically or by business function, it’s all up
to you and your needs.
What is an end-to-end VLAN?
This is a term
usually associated with a geographically dispersed network where people which
are far apart belong to the same VLAN. Another good thing that is
characteristic of an end-to-end VLAN is that as a user moves it remains in the
same VLAN no matter where he is.
What is a local VLAN?
A local VLAN is
constricted to a single building usually and is always routed away to reach
other networks. It does not extend beyond the Building distribution module.
Three layers of a hierarchical network?
Access – switches
connected to users
Distribution –
routers connecting parts of the network
Core – fast
switching, no routing for best performance
VLAN config modes?
Logically global
config mode. Another mode to configure is “vlan database” mode which is great
for use with Dynamips/Dynagen simulator if you need switching modification.
This mode is getting deprecated and will be kicked out soon from IOSs.
Types of ports on a switch?
Access port –
connecting to a user
Trunk port –
connecting two switches, switch and a router or switch and a trunk-capable
network card
VLAN Trunks?
A way to push more
than one VLAN through a link. Every packet is tagged/encapsulated as it goes
through the link.
ISL vs dot1q Trunking?
ISL is Cisco
proprietary and does not play with others. Dot1Q is cross-vendor. The first
encapsulates frames and second tags them. Tagging a frame in dot1q can lead to
“giants” a frame that exceeds the 1518 byte maximum size because it adds
another 4 bytes with the tag.
VTP Domains?
VTP management
domains are a great way to more easily administer more switches at once. When
several switches are in the same domain you can change configuration on the
“server” switch and all other will follow through and change also.
VTP Server/Client/Transparent Status?
Three modes connected
to management domains are:
Server – commands
client switches
Client – listens to
server
Transparent – listens
to no one but forwards orders from servers
VTP Pruning?
A way to discover
whether switches are over using their links and leaking traffic where they
should not. When pruning is done every time a flood is going to a particular
VLAN, the switch will not flood it to subnets where there is no one using that
VLAN.
Trunk Link Negotiation?
Several modes of
trunk link negotiations exist:
Auto – will accept
someone trying to establish a trunk
Desirable – will
attempt to make a trunk
Access – will never
become a trunk
Trunk negotiate – no
DTP packets will be sent so you must setup the other side as a trunk to get one
0 comments:
Post a Comment