Uccn1003 -may10_-_lab_05_-_vlan_and_vtp-updated-14.7.2010

1

UCCN1003 Data Communications and Networks

Lab 05: Virtual LAN (VLAN) and VLAN Trunking Protocol (VTP) Instructions:

1. Read the “Introduction” section for the background.

2. Perform all the lab exercises, starting with exercise 1.

3. Follow all the steps.

4. Record the results in all italic bold actions (by screen capture or copying).

5. Paste your screen captures on a Word Document and save it.

6. Answer all the questions in italic. 7. Write your answer in the same Word Document.

8. Please follow the sequence of the exercises, and don’t skip any step. 9. Please keep your word document. You will need it for your tests and exam.

10. Please try to understand the exercises and the commands, and don’t just type the commands “blindly” without much studies and understanding.

Introduction to VLAN and VTP

This lab introduces the configuration for Cisco managed switch. One of the major function

provided by managed switch is the configuration of virtual LAN.

A virtual LAN, commonly known as a VLAN, is a group of hosts with a common set of

requirements that communicate as if they were attached to the “broadcast domain”, regardless of

their physical location. A VLAN has the same attributes as a physical LAN, but it allows for end

stations to be grouped together even if they are not located on the same network switch. Network reconfiguration can be done through software instead of physically relocating devices.

VLANs are created to provide the segmentation services traditionally provided by routers in

LAN configurations. VLANs address issues such as scalability, security, and network

management. Routers in VLAN topologies provide broadcast filtering, security, address

summarization, and traffic flow management. By definition, switches may not bridge IP traffic

between VLANs as it would violate the integrity of the VLAN broadcast domain.

VLAN Trunking Protocol (VTP) is a Cisco proprietary Layer 2 messaging protocol that manages the addition, deletion, and renaming of Virtual Local Area Networks (VLAN) on a network-wide

basis. Cisco's VLAN Trunk Protocol reduces administration in a switched network. When a new VLAN is configured on one VTP server, the VLAN is distributed through all switches in the

domain. This reduces the need to configure the same VLAN everywhere.

Exercise 1: Some Introductory Switch Commands

2

A managed switch, such as Cisco 2950 and 2960 series switch, can be configured to suit certain LAN requirement.

1. Drag a Cisco 2960 switch (not 2950-24) and a PC into the Packet Tracer workspace.

2. Connect a rollover cable between PC0 (RS-232) and Swich0 (console port).

3. Double click on PC0, click on “Desktop” tab, and then click on “Terminal”. Set the

parameters as the following figure and click “OK”.

4. Again, this is to remind you that, as in router, CLI tab of switch does not exist in the real

world. To configure a managed switch such Cisco 2960, you have to use Hyperterminal (or similar software) to access the switch console port with a rollover cable. Now, you are

ready for some basic switch commands

3

5. Some of the switch commands are quite similar to the router commands. Please try out

some of the following commands.

Switch>en

Switch#show flash:

Switch#show version

Switch#show run

Switch#show history

6. As in router, you can also put the “enable” password in the switch.

Switch#conf t

Switch(config)#hostname Switch0

Switch0(config)#enable password uccn1003

Switch0(config)#exit

Switch0#disable

Switch0>en

Password: (type in “uccn1003”)

Switch0#show run

Exercise 2: Checking MAC Address Table

1. Connect 4 PCs to Switch0 as shown in the following figure. Connect PC1 to Fa0/1 of

Switch0. Then connect PC2 to Fa0/2. Connect PC3 to Fa0/3 and PC4 to Fa0/4. Set the IP

address and subnet mask to PCs according to the figure.

4

2. Type the following commands in Switch0. What do you observe?

Switch0#clear mac-address-table

Switch0#show mac-address-table

3. Ping all other PCs from PC1. If the pings are not successful, troubleshoot the network. If

the pings are successful, type “show mac-address-table” at Switch0 again. What do you observe this time?


4. Now check the MAC addresses of all the PCs and compare the MAC addresses with the

MAC addresses of the MAC table of Switch0. Do the MAC addresses match with switch ports?

PC>ipconfig /all

Exercise 3: Configuring Static VLANs

If you create 2 VLANs within a managed switch, you have actually two LANs that do not communicate with each other though 2 LANs share the same switch physically.

1. Type the following command to check the current status of VLANs in Switch0.

Switch0#show vlan

2. Type the following to create two VLANs with names.

Switch0#config t

Switch0(config)#vlan 2

Switch0(config-vlan)#name Finance

Switch0(config-vlan)#exit

5


Switch0(config-vlan)#name Marketing


Switch0(config)#exit

3. Type the following commands in Switch0 and compare the output with ex3.1. You

should observe the two “new” VLANs.

Switch0#show vlan

4. Assign switch port fa0/1 and fa0/2 to VLAN 2 by typing the following commands.

Switch0#config t

Switch0(config)#int fa0/1

Switch0(config-if)#switchport access vlan 2

Switch0(config-if)#exit




5. Type “show vlan” again. Recording the difference.

6. If you feel that assigning switch ports one by one to a particular VLAN is rather tedious

and inconvenient. The following commands provide “batch assigning” of switch ports to a particular VLAN. We assign Fa0/3 to Fa0/5 to VLAN 3.

Switch0(config)#int range fa0/3–5

Switch0(config-if-range)#switchport access vlan 3

Switch0(config-if-range)#end

6

7. Type “show vlan” again. Recording the difference. You should observe that various

switch ports have been assigned to VLAN 2 and VLAN 3.

8. Ping all other PCs with PC1. Do you successfully ping all the PCs? If not, use PC3 to

ping all other PCs too. What have you noticed with the pings?

9. Type “show mac-address-table” to check the status of MAC address table.


Exercise 4: Routing between VLANs You need a router for the VLANs to communicate with each other. However, to do that, we have

to make a few changes to the original configuration. Please note that routing of VLANs DO NOT VIOLATE the subnet rules. On the contrary, VLANs follow all the subnet rules.

1. Drag a Cisco 2811 router into the workspace. Connect Fa0/1 of Router0 to Fa0/5 of

Switch0. Then, connect Fa0/0 of Router0 to Fa0/6 of Switch0.

2. Set switch Fa0/6 of Switch0 to VLAN 2 (from VLAN 1). Now Fa0/1, Fa0/2, and Fa0/6

belong to VLAN 2. Fa0/5 of Switch0 has already been set to VLAN 3. Switch0#config t




7

3. Change the IP address of PC3 to 192.168.2.3, and the IP of PC4 to 192.168.2.4. Set the default gateway of both PCs to 192.168.2.254. (Note: We have to change the IP addresses

of PC3 and PC4 so that they have a different network ID as compared to PC1 and PC2. Remember the subnet rule that stated clearly that router won’t accept IP address of

different router ports with the same network ID).

4. Also, set the default gateway of PC1 and PC2 to 192.168.1.254.

5. For Router0, set the IP of Fa0/1 to 192.168.2.254. Set the IP of Fa0/0 to 192.168.1.254.

6. Use PC1 to ping all other PCs. You should be able to ping them. If not, please troubleshoot the network.

Exercise 5: Routing with Trunking Mode

Instead of connecting 2 cables from Switch0 to the router, we will use only 1 cable to connect

between Switch0 and router. By using a special “trunk”, we are able to “link” all the VLANs to the router with just 1 cable. You can imagine a “trunk” as a big pipe loaded with a few Ethernet

cables.

1. Erase the two cables connecting between Switch0 and Router0.

2. Connect Fa0/24 of Switch0 to Fa0/0 of Router0

3. Change Fa0/5 and Fa0/6 of Switch0 back to VLAN 1. Use “show vlan brief” to check

and to make sure these two switch ports have been assigned to VLAN 1.

Switch0(config)#int range fa 0/5 – 6

Switch0(config-range)#switchport access vlan 1

Switch0(config-range)#end

8

Switch0#show vlan brief

4. In Router0, type the following command to “clean up” the IP addresses.

Router(config)#int fa0/0

Router(config-if)#no ip addr

Router(config-if)#int fa0/1

Router(config-if)#no ip addr

Router(config-if)#exit

5. Now, we need to set the connection between Switch0 and Router0 to trunk mode. It

comes in two parts: the switch and the router.

6. In Switch0, type the following command to turn Fa0/24 into trunk mode.

Switch0#conf t


Switch0(config-if)#switchport mode trunk


7. At Router0, type in the following commands. Router#config t

Router(config)#int fa0/0

Router(config-if)#no shutdown

Router(config-if)#int fa0/0.1

Router(config-subif)#encapsulation dot1q 2

Router(config-subif)#ip address 192.168.1.254 255.255.255.0

Router(config-subif)#int fa0/0.2



Router(config-subif)#end

Router#show run

8. Explanation for the router commands: i) “int fa0/0.1” and “int fa0/0.2” = sub-interfaces of the physical port “fa0/0”. One

physical port can have many sub-interfaces (e.g “int fa0/0.3” to “int fa0/0.100”). ii) “encapsulation dot1q 3” = “encapsulation dot1q” is the command for the special

trunking mode in router. “3” = VLAN number. iii) Since we have two “virtual” cable in 1 physical cable, we still require two

gateway IP addresses for two VLANs.

9. Use PC1 to ping all other PCs. PC1 should be able to ping all other PCs. If not, please

troubleshoot the network.

10. After you have successfully ping all the PCs. Type “show mac-address-table” to examine the status of the MAC address table of Switch0.

9


Exercise 6: Integrated VLAN with other Switches

We use 2 switches to form an integrated VLAN 2 and VLAN 3.

1. Add another switch (2960) to the network according to the above diagram. (Note: Though Router0 has been moved, the function still remains as in Exercise 5).

2. Connect Gig1/1 (GigabitEthernet, 1000Mbps) of Switch0 to Gig1/1 of Switch1. Connect

PC5 to Fa0/12 of Switch1. Connect PC6 to Fa0/13 of Switch1. (Note: We can connect a trunk between the FastEthernet ports of two switches. However, GigabitEthernet ports

provide better bandwidth for a trunk.)

3. Set the IP address, subnet mask, and gateway IP of PC5 and PC6.

4. Set Gig1/1 of both Switch1 and Switch0 to trunk mode. As in the trunk of Switch0 and

Router0. This trunk of Switch0 and Switch1 will act like a “big” pipe that carries a few

virtual cables for the VLANs.

Switch0#conf t

Switch0(config)#int gig1/1



switch#conf t

switch(config)#hostname Switch1

Switch1(config)#int gig1/1

10



5. Set VLAN 2 and VLAN 3 in Switch1. Set the Fa0/12 to VLAN 2 and Fa0/13 to VLAN 3.

Type “show vlan brief” to check whether the VLANs and the port assignment have been done properly.

Switch1#conf t






Switch1(config-if)#switchport access VLAN 2



Switch1(config-if)#switchport access VLAN 3

Switch1(config-if)#end


6. Use PC5 to ping all other PCs. PC5 should be able to ping all other PCs. If not, please troubleshoot the network.

7. Use the “simulation mode” (as shown in the following figure) to trace how the ICMP

data packet travel from PC6 to PC5.

Exercise 7: VLAN Trunking Protocol (VTP)

11

VTP is a Cisco proprietary Layer 2 messaging protocol that manages the addition, deletion, and

renaming of Virtual Local Area Networks (VLAN) on a network-wide basis. Which means if you add (or delete or rename) a VLAN in a switch, and every other switch will have the new

VLAN. Without VTP, the addition and deletion of VLAN have to be done one switch by one switch. VTP only works with switches linking together via trunk mode.

1. Add a third switch (2960) to the network according to the above diagram. (Note: Though

PC6 has been moved, the function still remains as in Exercise 6).

2. Connect Gig1/2 of Switch1 to Gig1/2 of Switch2. Connect PC7 to Fa0/20 of Switch1. Connect PC8 to Fa0/2 of Switch2. Connect PC9 to Fa0/10 of Switch2.

3. Set Gig1/2 of Switch1 and Switch2 to trunk mode.

4. Set the IP address of PC7 and PC9 according to the above figure. Put the gateway IP of

PC7 and PC9 to be 192.168.10.254. Set IP address and gateway IP of PC8 too.

5. Check the VLAN status of three switches (“show vlan brief”) and make a record.




6. Check the VTP status of three switches and make a record.

Switch0#show vtp status

12



7. Set VTP client and VTP domain name in Switch2. (Note: A VTP client in a particular

domain can’t add, delete or rename VLAN. Only a VTP server of the domain can perform the task of adding, deleting and renaming VLAN. VTP clients just “follow” VTP

server of the same domain. Same domain means both VTP server and VTP client must have the same VTP domain name.)

Switch2#conf t

Switch2(config)#vtp mode client

Switch2(config)#vtp domain uccn1003

8. Set VTP client and VTP domain name in Switch1.

Switch1#conf t

Switch1(config)#vtp mode client


9. Set VTP server and VTP domain name in Switch0. (Note: Switch0 may have automatically been set to domain uccn1003. Please type the commands just to make

sure…)

Switch0#conf t

Switch0(config)#vtp mode server


10. Check the VLAN status of three switches (“show vlan brief”) and make a record.

Compare this record with the record you have made in ex7.5. Switch0#show vlan brief



11. You should have notice that Switch1 and Switch2 have the “additional” VLAN (VLAN 2

and VLAN 3) as in Switch0. However, the “switch port assignment” is different. (Please

note that VTP does not perform the switch port assignment to VLAN for you. VTP

ONLY perform addition, deletion, and rename of VLAN, NOT switch port assignment).

12. Add VLAN 10 and VLAN 20 to Switch0.

Switch0#conf t




Switch0(config-vlan)#end

13

13. Check the VLAN status of three switches again.




14. Delete VLAN 20 and rename VLAN 10 to “Technical”. Switch0#conf t

Switch0(config)#no VLAN 20


Switch0(config-vlan)#name Technical

Switch0(config-vlan)#end

15. Check the VLAN status of three switches again. VLAN 20 should be deleted and the

name VLAN 10 has been changed to “Technical” for all three switches. Switch0#show vlan brief



16. Assign Fa0/20 of Switch1 to VLAN 10.

Switch1#conf t





17. Assign Fa0/2 of Switch2 to VLAN 2. Assign Fa0/10 of Switch2 to VLAN 10 Switch2#conf t








18. VLAN 10 is still unknown to Router0. Type in the following commands in Router0 so

that VLAN 10 will have the gateway IP in Router0.

Router#config t

14

Router(config)#int fa0/0.3



Router(config-subif)#end

Router#show ip int brief

8. Use PC9 to ping all other PCs. PC9 should be able to ping all other PCs. If not, please

troubleshoot the network.

9. Use the “simulation mode” to trace how the ICMP data packet travel from PC9 to PC8.

Exercise 8: VLAN Routing with 2 Routers (Homework)

Build and configure the following network so that PC13 can ping any PC in the network (Add on top of what you have finished in Exercise 7). Use RIP for dynamic routing. Configure the

appropriate gateway IP, VLANs, trunking, and subnets based on your own design choice, if it is not indicated in the following figure.

Uccn1003 -may10_-_lab_05_-_vlan_and_vtp-updated-14.7.2010

Documents

Transcript of Uccn1003 -may10_-_lab_05_-_vlan_and_vtp-updated-14.7.2010