Options
VLAN and subnetting question
BennyTheMan
Member Posts: 76 ■■■□□□□□□□
in CCNA & CCENT
Hello everyone,
I am studying for the CCENT ICND 100-105 and using the Wendell Odom book. This is my second time going through this material, since I first studied last summer before the test was changed. I am puzzled about something that is in the VLAN chapter (chapter 11). Odom says that "Without VLANs a switch considers all its interfaces to be in the same broadcast domain." I have used packet traces many times and used subnetting to create multiple broadcast domains on one switch, so I have to disagree with this statement. Am I missing something here? Is this just assuming you are working within the same subnet? Also the bigger picture for me here is why are VLANs so important, since I can create various broadcast domains just by subnetting? Any help greatly appreciated. Thank you,
Benny
I am studying for the CCENT ICND 100-105 and using the Wendell Odom book. This is my second time going through this material, since I first studied last summer before the test was changed. I am puzzled about something that is in the VLAN chapter (chapter 11). Odom says that "Without VLANs a switch considers all its interfaces to be in the same broadcast domain." I have used packet traces many times and used subnetting to create multiple broadcast domains on one switch, so I have to disagree with this statement. Am I missing something here? Is this just assuming you are working within the same subnet? Also the bigger picture for me here is why are VLANs so important, since I can create various broadcast domains just by subnetting? Any help greatly appreciated. Thank you,
Benny
Comments
-
OptionsOctalDump
Member Posts: 1,722
Yeah, the layer 3 broadcast (eg 10.255.255.255, 192.168.0.255 etc) is not the same as the layer 2 broadcast (eg ffff:ffff:ffff). So you can have multiple layer 3 (subnets) on one switch, but they will all share the same layer 2 broadcast address. Layer 2 broadcasts are what is used when sending to an address that isn't in the switch's MAC table yet.
VLANs keep the layer 2 stuff separate. So if you are looking for 192.168.0.26, it will only flood out the ports that are in the VLAN associated with that subnet. This reduces the number of broadcasts, which reduces the number of packets on your network reducing congestion and work for end devices dealing with packets.
Of course, you could put multiple subnets on one VLAN, but that would be stupid.2017 Goals - Something Cisco, Something Linux, Agile PM -
Options
dontstop
Member Posts: 579 ■■■■□□□□□□
You may find what you have witnessed in the lab is a result of MAC Address learning at Layer 2. Subnets on a switch will not isolate layer 2 broadcasts. The switch itself has no concept of IP and only understands frames.
If I have 4 hosts connected to a switch two of which are in Subnet A and two of which are in Subnet B. If the switch has not learnt the MAC Addresses of the devices, it will flood frames for unknown unicasts and all devices will see the frames (regardless of IP Addressing). After this initial flooding behavior the switch will learn the ports on which devices are connected and this may give you the impression that the devices are isolated. This is definitely not the case.
With VLANs configured only the devices in the appropriate VLANs will see these broadcast/flooded unicasts regardless of the state of MAC Address learning.
Edit: With your packet captures what method did you use to verify isolation? Did you have a device generate broadcasts or just unicast traffic (ping/traceroute/etc) -
OptionsBennyTheMan
Member Posts: 76 ■■■□□□□□□□
Thanks for the response. I was saying that the subnets were isolated because I can't ping from one subnet to the next. So maybe the criteria that I'm using to decide if the different subnets are separate broadcast domains is wrong. I get the picture now that subnetting is not the same as VLAN creation. Thanks again,
Benny