Options
VLAN's
jscimeca715
Member Posts: 280
in CCNA & CCENT
I have a quick question about VLAN's. If a host in VLAN 2 sends a frame to a host in VLAN 1, the host logic tells it to send it to a router first correct? Then the router will check it's ARP table and send it to host in VLAN 1? I'm currently studying for CCENT so this may not be something I'm tested on, but I want to make sure that I understand it.
If that is the case...is it a good comparison to say that a VLAN is like a virtual LAN connection on a router? The only difference being that the VLAN's are implemented at Layer 2, so all Layer 3 addressing rules stay the same?
If that is the case...is it a good comparison to say that a VLAN is like a virtual LAN connection on a router? The only difference being that the VLAN's are implemented at Layer 2, so all Layer 3 addressing rules stay the same?
Comments
-
Optionshypnotoad Banned Posts: 915jscimeca715 wrote: »I have a quick question about VLAN's. If a host in VLAN 2 sends a frame to a host in VLAN 1, the host logic tells it to send it to a router first correct? Then the router will check it's ARP table and send it to host in VLAN 1? I'm currently studying for CCENT so this may not be something I'm tested on, but I want to make sure that I understand it.
If that is the case...is it a good comparison to say that a VLAN is like a virtual LAN connection on a router? The only difference being that the VLAN's are implemented at Layer 2, so all Layer 3 addressing rules stay the same?
You're right. A host in VLAN2 knows (from its mask) that the host in VLAN1 is outside of it's local network, so it sends the packet to the router instead. -
Optionsnetworker050184 Mod Posts: 11,962 Modjscimeca715 wrote: »I don't quite follow what you mean by "(from it's mask)"?
If you had two IP addresses how would you go about finding if they were on the same subnet?An expert is a man who has made all the mistakes which can be made. -
Optionsjscimeca715 Member Posts: 280networker050184 wrote: »If you had two IP addresses how would you go about finding if they were on the same subnet?
Still not following. IP addressing rules state that any hosts connected to a router on the same LAN use the same mask correct? -
Optionsnetworker050184 Mod Posts: 11,962 ModIf you had an IP address of 172.16.1.53/26 and 172.16.1.67/26 how would you know if they were on the same subnet?jscimeca715 wrote:Still not following. IP addressing rules state that any hosts connected to a router on the same LAN use the same mask correct?
What if a device wants to send a packet to a device not on its local LAN?An expert is a man who has made all the mistakes which can be made. -
Optionsrwwest7 Member Posts: 300You're right. A host in VLAN2 knows (from its mask) that the host in VLAN1 is outside of it's local network, so it sends the packet to the router instead.
-
Optionsjbaello Member Posts: 1,191 ■■■□□□□□□□A host doesn't know anything about VLANs. If 10.10.10.8/24 sends something to 10.10.10.9/24, then it sends it directly without using the router. If it's trying to reach 10.10.11.9/24, then it sends it to the router. Then it's the routers job to find the final destination. This all has nothing to do with VLANs though. Think of VLANs as a way to take one physical switch and turn it into many differant "virtual" switches. You do need a router to route between VLANs, but a host does not know or care what VLAN it's on.
I thinks his question is what if?
HostA/VLAN1 10.10.10.8 /24 sends out data to HostB/VLAN2 10.10.10.9 /24 same subnet but let's say both port is found on the same switch but is also connected to a router, how does the data gets handled.
I would luv to put in my input, but I would rather let the expert do it. -
Optionsjbaello Member Posts: 1,191 ■■■□□□□□□□Well anyway my answer will be a "router" has to be involved...
Let me know if I'm wrong smack it at me, I'm ready lol... -
Optionsjmc012 Member Posts: 134jscimeca715 wrote: »Still not following. IP addressing rules state that any hosts connected to a router on the same LAN use the same mask correct?
That's where the router on a stick comes into play, you set up sub-interfaces on the actual interface with a different subnet for each vlan and then you route between them.
Something like this:
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
!
interface FastEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
! -
Optionsjscimeca715 Member Posts: 280A host doesn't know anything about VLANs. If 10.10.10.8/24 sends something to 10.10.10.9/24, then it sends it directly without using the router. If it's trying to reach 10.10.11.9/24, then it sends it to the router. Then it's the routers job to find the final destination. This all has nothing to do with VLANs though. Think of VLANs as a way to take one physical switch and turn it into many differant "virtual" switches. You do need a router to route between VLANs, but a host does not know or care what VLAN it's on.
So if the hosts are in the same subnet, but attached to different ports on a VLAN they packet will have to be forwarded to the router only to be forwarded out the same port but different vlan correct?
I'm studying for the CCENT so right now it's only theory related, so I don't need to know any encapsulation commands or anything. Just a visual representation of the path it takes. I'm understanding it this way. Host to router (VLAN 2), router to host (VLAN 1). -
Optionsjbaello Member Posts: 1,191 ■■■□□□□□□□jscimeca715 wrote: »So if the hosts are in the same subnet, but attached to different ports on a VLAN they packet will have to be forwarded to the router only to be forwarded out the same port but different vlan correct?
I'm studying for the CCENT so right now it's only theory related, so I don't need to know any encapsulation commands or anything. Just a visual representation of the path it takes. I'm understanding it this way. Host to router (VLAN 2), router to host (VLAN 1).
I believe I answered this already, and the answer is yes the router gets involved.
When both hosts are in the same subnet or the same VLAN (remember they can be in the same subnet but different VLAN, in this case router gets involved again), the switch checks it's mac-address-table for the destination, if its found it's unicast/forward if it's not found it's broadcast/flood to every port except the port which the request came from.
You might need to practice more using cisco switch/router or simulator, so it can be clearer just my 2 cents. -
OptionsMikeInMoseley Member Posts: 48 ■■□□□□□□□□I believe I answered this already, and the answer is yes the router gets involved.
When both hosts are in the same subnet or the same VLAN (remember they can be in the same subnet but different VLAN, in this case router gets involved again)
I've not heard of that before, surely a VLAN is a broadcast domain so therefore you have to have seperate subnets for the VLANs, you can't have one subnet spread across to two VLANs?
Maybe I've misunderstood this? -
Optionsrwwest7 Member Posts: 300I believe I answered this already, and the answer is yes the router gets involved.
When both hosts are in the same subnet or the same VLAN (remember they can be in the same subnet but different VLAN, in this case router gets involved again), the switch checks it's mac-address-table for the destination, if its found it's unicast/forward if it's not found it's broadcast/flood to every port except the port which the request came from.
You might need to practice more using cisco switch/router or simulator, so it can be clearer just my 2 cents.
Isn't the whole point of VLANs to seperate broadcast domains, and don't host on the same subnet communicate through initial ARP broadcasts? -
OptionsMikeInMoseley Member Posts: 48 ■■□□□□□□□□If you had same subnets on differant VLANs, wouldn't the host attempt to send the data straight to receiving host (same subnet, so it won't even use the router), but the arp broadcast would get blocked at the router. So even though they're on the same subnet, they wouldn't be able to communicate since broadcast traffic is blocked between VLANs?
Isn't the whole point of VLANs to seperate broadcast domains, and don't host on the same subnet communicate through initial ARP broadcasts?
Exactly how I thought it worked? -
OptionsEdTheLad Member Posts: 2,111 ■■■■□□□□□□If you had same subnets on differant VLANs, wouldn't the host attempt to send the data straight to receiving host (same subnet, so it won't even use the router), but the arp broadcast would get blocked at the router. So even though they're on the same subnet, they wouldn't be able to communicate since broadcast traffic is blocked between VLANs?
Isn't the whole point of VLANs to seperate broadcast domains, and don't host on the same subnet communicate through initial ARP broadcasts?
Yes, you're correct.The only way to get something like that to work would be using proxy arp,but you couldn't use routing on a stick,you would need a minimum of 2 routers.Networking, sometimes i love it, mostly i hate it.Its all about the $$$$ -
Optionsjscimeca715 Member Posts: 280I am beyond confused right now. I'll go back and run some tests to try and figure it out. Thanks for your help everyone.
-
Optionsjbaello Member Posts: 1,191 ■■■□□□□□□□MikeInMoseley wrote: »I've not heard of that before, surely a VLAN is a broadcast domain so therefore you have to have seperate subnets for the VLANs, you can't have one subnet spread across to two VLANs?
Maybe I've misunderstood this?
This is inaccurate, I can have a Class C /24 network and distribute them across different VLAN. what if I have a Class C /21 2046 hosts and I'm not able to segment them? it will literally slow down the network and overwelm the switches goes the saying clients receiving broadcasts reply with another broadcast that's why we create VLAN or subnet.
By "default" No traffic pings, broadcast, datapackets they cannot cross from one VLAN to another unless a routing process gets involved.
But I'll go and test this tonite again, a skepticism is creeping up my premises :P -
Optionsrwwest7 Member Posts: 300jscimeca715 wrote: »I am beyond confused right now. I'll go back and run some tests to try and figure it out. Thanks for your help everyone.
I have my CCENT test scheduled for March 10th, good luck to you on the 7th. -
Optionsjbaello Member Posts: 1,191 ■■■□□□□□□□VLAN's aren't on the CCENT.
I have my CCENT test scheduled for March 10th, good luck to you on the 7th.
There is VLAN questions last time I took it, don't want to go in detail cause it will be violating NDR with Cisco, but I will double check this if I were you, it might be the question that made you pass the exam just my 2 cents... -
OptionsEdTheLad Member Posts: 2,111 ■■■■□□□□□□Jbaello think you need to go back and study subnetting before you move to switching as you're posts indicate a hugh knowledge gap.
If you had a /21 network address you would break it up into multiple subnets, then you would design the network so that each subnet corresponds to a unique vlan id.
If in your design you are planning on assigning hosts within the same subnet range to different vlans(i.e. connect them to switchports which are configured on a different vlan) then you're crazy, why would you want to do this? Wouldn't it be better to readdress the hosts so that they are in a different subnet with a unique vlan.Networking, sometimes i love it, mostly i hate it.Its all about the $$$$ -
OptionsColbyG Member Posts: 1,264This is inaccurate, I can have a Class C /24 network and distribute them across different VLAN. what if I have a Class C /21 2046 hosts and I'm not able to segment them? it will literally slow down the network and overwelm the switches goes the saying clients receiving broadcasts reply with another broadcast that's why we create VLAN or subnet.
By "default" No traffic pings, broadcast, datapackets they cannot cross from one VLAN to another unless a routing process gets involved.
But I'll go and test this tonite again, a skepticism is creeping up my premises :P
Segmenting is breaking a block of addresses into subnets, so his statement is accurate. VLANs are subnets, you don't have put the same subnet on multiple VLANs. -
Optionsjbaello Member Posts: 1,191 ■■■□□□□□□□Jbaello think you need to go back and study subnetting before you move to switching as you're posts indicate a hugh knowledge gap.
If you had a /21 network address you would break it up into multiple subnets, then you would design the network so that each subnet corresponds to a unique vlan id.
If in your design you are planning on assigning hosts within the same subnet range to different vlans(i.e. connect them to switchports which are configured on a different vlan) then you're crazy, why would you want to do this? Wouldn't it be better to readdress the hosts so that they are in a different subnet with a unique vlan.
Ahh Jesus why are people soo critical, I was posting an example no one in their right mind will implement a class C /21 in a production network but it's a true story, I am trying to demonstrate on how crazy broadcast will get given this network accommodates 2046 hosts, and how VLAN limits broadcast through microsegmentation... seriously... I am still studying subnet since I'm doing ICND2, but some of this facts should have been posted along time ago so the OP is no longer confused. -
Optionsdynamik Banned Posts: 12,312 ■■■■■■■■■□You can't have /21 on a class C. I thought it was a typo the first time, but you did it again. Wait, am I being too critical too?
-
Optionsjbaello Member Posts: 1,191 ■■■□□□□□□□You can't have /21 on a class C. I thought it was a typo the first time, but you did it again. Wait, am I being too critical too?
Okay my bad, that would have been a class B...
172.16.0.0 /21
255.255.248.0
172.16.0.0 Subnet ID
172.16.7.255 Broadcast ID
172.16.0.1 - 172.16.7.254 Valid Host Range. -
Optionsgojericho0 Member Posts: 1,059 ■■■□□□□□□□You can't have /21 on a class C. I thought it was a typo the first time, but you did it again. Wait, am I being too critical too?
So would this be a supernetted class C or a subnetted class B? -
Optionsdynamik Banned Posts: 12,312 ■■■■■■■■■□I was just teasing; the subnetting tension seemed to be running high
-
Optionsjbaello Member Posts: 1,191 ■■■□□□□□□□I was just teasing; the subnetting tension seemed to be running high
I'm going back to my fetal position now and suck my thumb... :P -
OptionsAPA Member Posts: 959Just think of a VLAN as a virtual\logical segmentation of hosts over a L3 boundary.
If two sites were physically seperated you would have a router in between correct? Which also means you would seperate them at L3 meaning they would have two totally different subnets. Can have the same subnet mask but based on this subnet mask their network address\range would be given, which will be different between the two sites.
Why would this differ when creating a VLAN? You are essentially creating the same seperation as the above physical example... the hosts are living in the same location but you still want them logically seperated at L3.
To answer your question..... You would never have a subnet spanned across two VLANs... because to route between VLAN's you need a VLAN interface either living on a router or Multilayer switch, and if you tried to create two VLAN interfaces on these devices with the same subnet on each it will result in an EPIC FAIL!!!!
Now I'm not being critical here -> But get stuck into ICND2 and it will all make sense... I think you may be getting ahead of yourself as CCENT as basically all L1 and a bit of L2 stuff correct???
CCNA | CCNA:Security | CCNP | CCIP
JNCIA:JUNOS | JNCIA:EX | JNCIS:ENT | JNCIS:SEC
JNCIS:SP | JNCIP:SP -
OptionsAPA Member Posts: 959dynamik stop stirring the pot
As much fun as it is sometimes...... Now back to my critical ways on other forums!
CCNA | CCNA:Security | CCNP | CCIP
JNCIA:JUNOS | JNCIA:EX | JNCIS:ENT | JNCIS:SEC
JNCIS:SP | JNCIP:SP