Featured Posts

CCIE-Journals

CCIE-Journals
From Student to Engineer,a journey of discovery.

Configure and verify VLANs

February 14, 2023    1 comment

 Configure and verify VLANs



Virtual Local Area Networks (VLANs) enable network administrators to segment a LAN into smaller, independent networks to improve network efficiency, security, and performance. In this blog post, we will look at how to configure and verify VLANs that span multiple switches.


Create VLANs on each switch:

You can create VLANs on a Cisco switch using the vlan command followed by the VLAN ID. For example, to create VLAN 10, you can use the following command:

 Switch(config)# vlan 10

Assign switch ports to the VLAN:


After creating VLANs, you need to assign switch ports to the respective VLANs. You can do this using the interface configuration mode on the switch. For example, to assign interface GigabitEthernet1/0/1 to VLAN 10, you can use the following commands:

Switch(config)# interface GigabitEthernet1/0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10

Verify the VLAN configuration:

You can verify the VLAN configuration using the show vlan command. This command shows the VLAN configuration on the switch, including VLAN IDs, names, and ports. For example, to show the VLAN configuration on a switch, you can use the following command:
 
 
Switch# show vlan

Access ports (data and voice):

Access ports are switch ports that are part of a single VLAN. You can configure access ports on a switch using the switchport mode access command. For example, to configure an access port for data traffic, you can use the following command:

Switch(config)# interface GigabitEthernet1/0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10

You can also configure access ports for voice traffic using the switchport voice vlan command. For example, to configure an access port for voice traffic, you can use the following command:

Switch(config)# interface GigabitEthernet1/0/2
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 20
Switch(config-if)# switchport voice vlan 30


In the above example, the access port is assigned to VLAN 20 for data traffic and VLAN 30 for voice traffic.

Here's an example of how an access port might work in a real-world scenario:




Suppose you have a small business with two departments: sales and support. You want to keep their traffic separate to improve network efficiency and security. You have a switch, and you want to create two VLANs: VLAN 10 for sales and VLAN 20 for support.

You would configure your switch to create two VLANs, and assign each port on the switch to one of the two VLANs. You would then connect a computer in the sales department to an access port that is assigned to VLAN 10, and a computer in the support department to an access port that is assigned to VLAN 20.

When a computer in the sales department sends a packet, the switch examines the VLAN assignment of the access port and forwards the packet only to other ports that are also assigned to VLAN 10. The same process occurs for the support department computer and VLAN 20.

This allows traffic to be separated between the two departments and prevents unnecessary traffic from being sent to devices that do not need to see it. It also improves security, as devices in one department cannot see the traffic of devices in another department without special routing rules.

Overall, using access ports and VLANs can help improve network management, efficiency, and security.

1 comments:

Subscribe to: Post Comments (Atom)