vlan configuration

durairaj29

hi,
i am doing ccna, iam decided to give exam before november, iam still now iam really confused vlan configuration, pls i need assistane from the expert i have just sended the vlan config diagram, i was able tolan config

this is switch config file, pls i need assistance from the expert & i need some information about the "switchport mode access" command "switchport mode trunk" command & when we want to exactly use the following command, its might be a silly doubt but don't harsh on me,

& my 2nd doubt is
whenever we are using two switches one has to be as a server, one has to be clint & one has to be in transparant mode,
my concern is at that time how this "swithchport mode access" & "Switchport mode trunk" is used in vtp server mode encapsulate the interface, but iam not able to ping the inter-vlan connection, pls help : [/b][/url]

mikearama

Hey, welcome to the board. Good to have you with us.

I'll see if I can help out a bit...

1) "switchport mode access" versus "switchport mode trunk"

"access" limits the port to one vlan... usually one client. You would use the "access" command most often on every port that an end user is directly connected.

A "trunk" isn't limited to one vlan... in fact, they are designed to carry traffic for all vlans. So, you'd typically use a trunk between switches... most often between access and distribution switches, or distribution and core switches/routers. From your studies, you would have learned that in order for traffic to cross vlans, a layer-3 device is required. Well, so is a trunk, since it can carry the traffic from the source vlan to the layer-3 device, and then carry the traffic out to the destination vlan.

2) You mention Server, Client, and Transparent. These are VTP (Vlan Trunking Protocol) modes.

There are two ways to run VTP... one is using a Server and Clients, the other is without Server and Clients, using Transparent mode. The suggested way is where you have a Server (on which you create/modify your Vlan schema), and Clients that listen to the Server. The other way is where each and every switch is responsible for its own vlans... Transparent.

So don't get confused and think that you need to have a Server, plus a switch as a Client and another as Transparent... not the case. You'll most often have a Server and Client(s).

As for encapsulation, what would you like to know? Do you want the specifics of what 1.q versus ISL adds to the payload?

And as for pinging the "inter-vlan connection"... does this mean you have a router (layer-3 switch) routing between your vlans? If so, have you established the trunk to the interface? Assigned an IP? Have a routing protocol running? or using static routes?

How about posting the show run from both devices? Lots of brilliant techies on here to pull it apart for ya.

Mike

remyforbes777

Also you need to know that you can only have one VLAN up at as a time as far as administratively so you are not going to be able to ping the vlan unless you have a node connected to it. For example if you have vlan1 vlan2 and vlan3, vlan1 being your administrative one, you can ping that from a router using 802.1q and subinterfaces, but you wont be able to ping vlan2 unless you have a node connected to it and configured with the IP scheme of vlan2.

bighornsheep

remyforbes777 wrote:

For example if you have vlan1 vlan2 and vlan3, vlan1 being your administrative one, you can ping that from a router using 802.1q and subinterfaces, but you wont be able to ping vlan2 unless you have a node connected to it and configured with the IP scheme of vlan2.

Are you talking about the VLAN 1, 2, 3? Or the Interfaces VLAN 1, 2, 3? I believe what you've said is only true for the interface VLANs on layer 2 switches, layer 3 devices can support more than one management VLANs.

networker050184

You can have up more than one VLAN active at a time. On certain switch models you can only have one SVI (interface VLAN 1) up at a time which is used for management. Do not get that confused with only one VLAN active. You need a layer three device (a router or if you are using a multilayer switch) to ping between VLANs as stated.

When using VTP you must have a trunk link between switches in order for VTP to comunicate.

remyforbes777

You can have many vlans active but only one used for management. What I am trying to say is this. If you have vlan1 up for management the other vlans are down. So if you have
192.168.1.1 vlan1
192.168.2.1 vlan2

Vlan1 is up and you will be able to ping it. When you try to ping vlan2 you won't be able to. If you plug a node into vlan2 with , lets say an IP of 192.168.2.20, you can ping that node. If you manually bring vlan2 up, vlan1 will go down and you won't be able to ping it.

networker050184

^That depends on the model of the switch.

remyforbes777

What model? I would like to know this.

networker050184

2950 only one up at a time. Multilayer switches (3750 etc) can have multiple up.

APA

L3 devices can have multiple vlan interfaces up.........and accessible......

remyforbes777

Ahh ok. Nice to know. I was thinking purely layer 2 switches. Thanks for the clarification.

remyforbes777

So you can assigne vlan1 an IP of 192.168.1.1 and vlan2 an ip of 192.168.2.1 and have them both up and access them both? Nice to know. That would make sense with a layer 3 device.

networker050184

Yes especially nice if you are using the switches as your gateway. It would not be practical to have to set up a different switch for every VLANs gateway!!!!!

datchcha

remyforbes777 wrote:

Also you need to know that you can only have one VLAN up at as a time as far as administratively so you are not going to be able to ping the vlan unless you have a node connected to it. For example if you have vlan1 vlan2 and vlan3, vlan1 being your administrative one, you can ping that from a router using 802.1q and subinterfaces, but you wont be able to ping vlan2 unless you have a node connected to it and configured with the IP scheme of vlan2.

you will have to configure a router for intervlan communication.

machines on VLAN 1 will only communicate with machines assigned to VLAN1, while machines assigned to VLAN2 will only be able to communicate with machines on VLAN2 if a router is not implemented.

networker050184

datchcha wrote:

remyforbes777 wrote:

Also you need to know that you can only have one VLAN up at as a time as far as administratively so you are not going to be able to ping the vlan unless you have a node connected to it. For example if you have vlan1 vlan2 and vlan3, vlan1 being your administrative one, you can ping that from a router using 802.1q and subinterfaces, but you wont be able to ping vlan2 unless you have a node connected to it and configured with the IP scheme of vlan2.

you will have to configure a router for intervlan communication.

machines on VLAN 1 will only communicate with machines assigned to VLAN1, while machines assigned to VLAN2 will only be able to communicate with machines on VLAN2 if a router is not implemented.

Thats what he said.........