About VLAN

Matro

I've a question about VLANs....

When hosts transmit frames inside the vlan, are these tagged (by 802.1q protocol) or not?

I think that tag are only used in trunks, for recognize the different destination VLAN; frames are untagged when flows on the access port of the vlan.
If this vere true (frames inside a VLAN are untagged), connecting two VLAN together with a crossover cable (on access ports, not by a trunk) should connect two different hosts and be able to ping each other, if they are in the same subnet.

HOST A (192.168.1.1/24, VLAN 1) -->cross cable--> HOST B (192.168.1.2/24, VLAN 2)

I did this test, but it doesn't work.


What's wrong?

Thanks guys

Matro

https://learningnetwork.cisco.com/thread/21665

As I thought, in this thread they confirm that on a trunk port frames are tagged, otherwise on access port are untagged.. Why my test did not work?

xnx

Get Wireshark and check out the frames...?

Adam B

Regardless of the fact that they're in the same subnet, theyre in a different vlan, which means trunking is necessary. Also, do you have a router connected? You will need one unless youre doing layer 3 switching, in which case, the pings will not work. Correct me if I'm wrong and if you have any questions just reply. I'm currently studying for my CCENT still so any question I can answer to the best of my knowledge will hopefully reinforce it. "Routers in VLAN topologies provide broadcast filtering, security, address summarization, and traffic flow management. None of the switches within the defined group will bridge any frames, not even broadcast frames, between two VLANs. Several key issues described in the following sections need to be considered when designing and building switched LAN internetworks: "<--- Reason why Routers are needed in VLAN topologies, if you are using Layer 2 Switches.

RouteMyPacket

You have made it more complicated than it is, why use 192.168.1.1/24 for VLAN 1 and 192.168.1.2/24 for VLAN 2? These IP's belong to the same network so why would you ever use another VLAN? You wouldn't...ok so do this

VLAN 1 - 192.168.1.0/24
VLAN 2 - 192.168.2.0/24

Ok, now how can a client on VLAN 1 communicate with a client on VLAN 2? What is needed to allow this communication to take place? You could make it even easier and use one L3 switch for this test but again, what do we need for this to take place?

d4nz1g

That's because you created a broadcast limitation, that way arp broadcasts won't be heard from vlan 1 on vlan 2

Adam B

RouteMyPacket wrote: »

You have made it more complicated than it is, why use 192.168.1.1/24 for VLAN 1 and 192.168.1.2/24 for VLAN 2? These IP's belong to the same network so why would you ever use another VLAN? You wouldn't...ok so do this

VLAN 1 - 192.168.1.0/24
VLAN 2 - 192.168.2.0/24

Ok, now how can a client on VLAN 1 communicate with a client on VLAN 2? What is needed to allow this communication to take place? You could make it even easier and use one L3 switch for this test but again, what do we need for this to take place?

Good Point about the IP addresses, didnt catch that.

Matro

It's not an error, i know that i should use different subnet on different VLAN.
It's only for learning reason, i want to understand why frame that go out from and go into ACCESS ports, so untagged frame, can't reach another VLAN!
I will never use this configutation, it's only to better understand how it works

Matro

It works!!! Now I'm happy.

I made a mistake, I thought switch ports were in access mode, but all were dynamic desiderable. So, connecting the two dynamic desiderable ports made a trunk connection. Clearly hosts can't ping, due to the tag.
Modified ports to access mode... ping ok 100%!

Sorry for the stupid scenario, but i like to understand well what bits do inside the cables

no!all!

RouteMyPacket wrote: »

You have made it more complicated than it is, why use 192.168.1.1/24 for VLAN 1 and 192.168.1.2/24 for VLAN 2? These IP's belong to the same network so why would you ever use another VLAN? You wouldn't...ok so do this

VLAN 1 - 192.168.1.0/24
VLAN 2 - 192.168.2.0/24

Ok, now how can a client on VLAN 1 communicate with a client on VLAN 2? What is needed to allow this communication to take place? You could make it even easier and use one L3 switch for this test but again, what do we need for this to take place?

^This is what I was thinking, too...

networker050184

As your test has shown (when you do it right ) tags are only carried on trunks. So you can bridge two VLANs together by doing this. Probably not the best thing to do in a production environment, but it will work.