VLAN's

jscimeca715jscimeca715 Member Posts: 280
I have a quick question about VLAN's. If a host in VLAN 2 sends a frame to a host in VLAN 1, the host logic tells it to send it to a router first correct? Then the router will check it's ARP table and send it to host in VLAN 1? I'm currently studying for CCENT so this may not be something I'm tested on, but I want to make sure that I understand it.

If that is the case...is it a good comparison to say that a VLAN is like a virtual LAN connection on a router? The only difference being that the VLAN's are implemented at Layer 2, so all Layer 3 addressing rules stay the same?
«1

Comments

  • hypnotoadhypnotoad Banned Posts: 915
    I have a quick question about VLAN's. If a host in VLAN 2 sends a frame to a host in VLAN 1, the host logic tells it to send it to a router first correct? Then the router will check it's ARP table and send it to host in VLAN 1? I'm currently studying for CCENT so this may not be something I'm tested on, but I want to make sure that I understand it.

    If that is the case...is it a good comparison to say that a VLAN is like a virtual LAN connection on a router? The only difference being that the VLAN's are implemented at Layer 2, so all Layer 3 addressing rules stay the same?

    You're right. A host in VLAN2 knows (from its mask) that the host in VLAN1 is outside of it's local network, so it sends the packet to the router instead.
  • jscimeca715jscimeca715 Member Posts: 280
    I don't quite follow what you mean by "(from it's mask)"?
  • networker050184networker050184 Mod Posts: 11,962 Mod
    I don't quite follow what you mean by "(from it's mask)"?


    If you had two IP addresses how would you go about finding if they were on the same subnet?
    An expert is a man who has made all the mistakes which can be made.
  • jscimeca715jscimeca715 Member Posts: 280
    If you had two IP addresses how would you go about finding if they were on the same subnet?

    Still not following. IP addressing rules state that any hosts connected to a router on the same LAN use the same mask correct?
  • networker050184networker050184 Mod Posts: 11,962 Mod
    If you had an IP address of 172.16.1.53/26 and 172.16.1.67/26 how would you know if they were on the same subnet?
    Still not following. IP addressing rules state that any hosts connected to a router on the same LAN use the same mask correct?

    What if a device wants to send a packet to a device not on its local LAN?
    An expert is a man who has made all the mistakes which can be made.
  • rwwest7rwwest7 Member Posts: 300
    hypnotoad wrote: »
    You're right. A host in VLAN2 knows (from its mask) that the host in VLAN1 is outside of it's local network, so it sends the packet to the router instead.
    A host doesn't know anything about VLANs. If 10.10.10.8/24 sends something to 10.10.10.9/24, then it sends it directly without using the router. If it's trying to reach 10.10.11.9/24, then it sends it to the router. Then it's the routers job to find the final destination. This all has nothing to do with VLANs though. Think of VLANs as a way to take one physical switch and turn it into many differant "virtual" switches. You do need a router to route between VLANs, but a host does not know or care what VLAN it's on.
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    rwwest7 wrote: »
    A host doesn't know anything about VLANs. If 10.10.10.8/24 sends something to 10.10.10.9/24, then it sends it directly without using the router. If it's trying to reach 10.10.11.9/24, then it sends it to the router. Then it's the routers job to find the final destination. This all has nothing to do with VLANs though. Think of VLANs as a way to take one physical switch and turn it into many differant "virtual" switches. You do need a router to route between VLANs, but a host does not know or care what VLAN it's on.

    I thinks his question is what if?

    HostA/VLAN1 10.10.10.8 /24 sends out data to HostB/VLAN2 10.10.10.9 /24 same subnet but let's say both port is found on the same switch but is also connected to a router, how does the data gets handled.

    I would luv to put in my input, but I would rather let the expert do it.
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    Well anyway my answer will be a "router" has to be involved...

    Let me know if I'm wrong smack it at me, I'm ready lol...
  • jmc012jmc012 Member Posts: 134
    Still not following. IP addressing rules state that any hosts connected to a router on the same LAN use the same mask correct?

    That's where the router on a stick comes into play, you set up sub-interfaces on the actual interface with a different subnet for each vlan and then you route between them.
    Something like this:

    interface FastEthernet0/0
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet0/0.10
    encapsulation dot1Q 10
    ip address 192.168.10.1 255.255.255.0
    !
    interface FastEthernet0/0.20
    encapsulation dot1Q 20
    ip address 192.168.20.1 255.255.255.0
    !
  • jscimeca715jscimeca715 Member Posts: 280
    rwwest7 wrote: »
    A host doesn't know anything about VLANs. If 10.10.10.8/24 sends something to 10.10.10.9/24, then it sends it directly without using the router. If it's trying to reach 10.10.11.9/24, then it sends it to the router. Then it's the routers job to find the final destination. This all has nothing to do with VLANs though. Think of VLANs as a way to take one physical switch and turn it into many differant "virtual" switches. You do need a router to route between VLANs, but a host does not know or care what VLAN it's on.

    So if the hosts are in the same subnet, but attached to different ports on a VLAN they packet will have to be forwarded to the router only to be forwarded out the same port but different vlan correct?

    I'm studying for the CCENT so right now it's only theory related, so I don't need to know any encapsulation commands or anything. Just a visual representation of the path it takes. I'm understanding it this way. Host to router (VLAN 2), router to host (VLAN 1).
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    So if the hosts are in the same subnet, but attached to different ports on a VLAN they packet will have to be forwarded to the router only to be forwarded out the same port but different vlan correct?

    I'm studying for the CCENT so right now it's only theory related, so I don't need to know any encapsulation commands or anything. Just a visual representation of the path it takes. I'm understanding it this way. Host to router (VLAN 2), router to host (VLAN 1).

    I believe I answered this already, and the answer is yes the router gets involved.

    When both hosts are in the same subnet or the same VLAN (remember they can be in the same subnet but different VLAN, in this case router gets involved again), the switch checks it's mac-address-table for the destination, if its found it's unicast/forward if it's not found it's broadcast/flood to every port except the port which the request came from.

    You might need to practice more using cisco switch/router or simulator, so it can be clearer just my 2 cents.
  • MikeInMoseleyMikeInMoseley Member Posts: 48 ■■□□□□□□□□
    jbaello wrote: »
    I believe I answered this already, and the answer is yes the router gets involved.

    When both hosts are in the same subnet or the same VLAN (remember they can be in the same subnet but different VLAN, in this case router gets involved again)


    I've not heard of that before, surely a VLAN is a broadcast domain so therefore you have to have seperate subnets for the VLANs, you can't have one subnet spread across to two VLANs?

    Maybe I've misunderstood this?
  • rwwest7rwwest7 Member Posts: 300
    jbaello wrote: »
    I believe I answered this already, and the answer is yes the router gets involved.

    When both hosts are in the same subnet or the same VLAN (remember they can be in the same subnet but different VLAN, in this case router gets involved again), the switch checks it's mac-address-table for the destination, if its found it's unicast/forward if it's not found it's broadcast/flood to every port except the port which the request came from.

    You might need to practice more using cisco switch/router or simulator, so it can be clearer just my 2 cents.
    If you had same subnets on differant VLANs, wouldn't the host attempt to send the data straight to receiving host (same subnet, so it won't even use the router), but the arp broadcast would get blocked at the router. So even though they're on the same subnet, they wouldn't be able to communicate since broadcast traffic is blocked between VLANs?

    Isn't the whole point of VLANs to seperate broadcast domains, and don't host on the same subnet communicate through initial ARP broadcasts?
  • MikeInMoseleyMikeInMoseley Member Posts: 48 ■■□□□□□□□□
    rwwest7 wrote: »
    If you had same subnets on differant VLANs, wouldn't the host attempt to send the data straight to receiving host (same subnet, so it won't even use the router), but the arp broadcast would get blocked at the router. So even though they're on the same subnet, they wouldn't be able to communicate since broadcast traffic is blocked between VLANs?

    Isn't the whole point of VLANs to seperate broadcast domains, and don't host on the same subnet communicate through initial ARP broadcasts?


    Exactly how I thought it worked?
  • EdTheLadEdTheLad Member Posts: 2,111 ■■■■□□□□□□
    rwwest7 wrote: »
    If you had same subnets on differant VLANs, wouldn't the host attempt to send the data straight to receiving host (same subnet, so it won't even use the router), but the arp broadcast would get blocked at the router. So even though they're on the same subnet, they wouldn't be able to communicate since broadcast traffic is blocked between VLANs?

    Isn't the whole point of VLANs to seperate broadcast domains, and don't host on the same subnet communicate through initial ARP broadcasts?

    Yes, you're correct.The only way to get something like that to work would be using proxy arp,but you couldn't use routing on a stick,you would need a minimum of 2 routers.
    Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
  • jscimeca715jscimeca715 Member Posts: 280
    I am beyond confused right now. I'll go back and run some tests to try and figure it out. Thanks for your help everyone.
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    I've not heard of that before, surely a VLAN is a broadcast domain so therefore you have to have seperate subnets for the VLANs, you can't have one subnet spread across to two VLANs?

    Maybe I've misunderstood this?

    This is inaccurate, I can have a Class C /24 network and distribute them across different VLAN. what if I have a Class C /21 2046 hosts and I'm not able to segment them? it will literally slow down the network and overwelm the switches goes the saying clients receiving broadcasts reply with another broadcast that's why we create VLAN or subnet.

    By "default" No traffic pings, broadcast, datapackets they cannot cross from one VLAN to another unless a routing process gets involved.

    But I'll go and test this tonite again, a skepticism is creeping up my premises :P
  • rwwest7rwwest7 Member Posts: 300
    I am beyond confused right now. I'll go back and run some tests to try and figure it out. Thanks for your help everyone.
    VLAN's aren't on the CCENT.

    I have my CCENT test scheduled for March 10th, good luck to you on the 7th.
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    rwwest7 wrote: »
    VLAN's aren't on the CCENT.

    I have my CCENT test scheduled for March 10th, good luck to you on the 7th.

    There is VLAN questions last time I took it, don't want to go in detail cause it will be violating NDR with Cisco, but I will double check this if I were you, it might be the question that made you pass the exam :) just my 2 cents...
  • EdTheLadEdTheLad Member Posts: 2,111 ■■■■□□□□□□
    Jbaello think you need to go back and study subnetting before you move to switching as you're posts indicate a hugh knowledge gap.
    If you had a /21 network address you would break it up into multiple subnets, then you would design the network so that each subnet corresponds to a unique vlan id.

    If in your design you are planning on assigning hosts within the same subnet range to different vlans(i.e. connect them to switchports which are configured on a different vlan) then you're crazy, why would you want to do this? Wouldn't it be better to readdress the hosts so that they are in a different subnet with a unique vlan.
    Networking, sometimes i love it, mostly i hate it.Its all about the $$$$
  • nevolvednevolved Member Posts: 131
    As Jeremy says: a VLAN = a Subnet = a Broadcast Domain
  • ColbyGColbyG Member Posts: 1,264
    jbaello wrote: »
    This is inaccurate, I can have a Class C /24 network and distribute them across different VLAN. what if I have a Class C /21 2046 hosts and I'm not able to segment them? it will literally slow down the network and overwelm the switches goes the saying clients receiving broadcasts reply with another broadcast that's why we create VLAN or subnet.

    By "default" No traffic pings, broadcast, datapackets they cannot cross from one VLAN to another unless a routing process gets involved.

    But I'll go and test this tonite again, a skepticism is creeping up my premises :P

    Segmenting is breaking a block of addresses into subnets, so his statement is accurate. VLANs are subnets, you don't have put the same subnet on multiple VLANs.
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    EdTheLad wrote: »
    Jbaello think you need to go back and study subnetting before you move to switching as you're posts indicate a hugh knowledge gap.
    If you had a /21 network address you would break it up into multiple subnets, then you would design the network so that each subnet corresponds to a unique vlan id.

    If in your design you are planning on assigning hosts within the same subnet range to different vlans(i.e. connect them to switchports which are configured on a different vlan) then you're crazy, why would you want to do this? Wouldn't it be better to readdress the hosts so that they are in a different subnet with a unique vlan.

    Ahh Jesus why are people soo critical, I was posting an example no one in their right mind will implement a class C /21 in a production network but it's a true story, I am trying to demonstrate on how crazy broadcast will get given this network accommodates 2046 hosts, and how VLAN limits broadcast through microsegmentation... seriously... I am still studying subnet since I'm doing ICND2, but some of this facts should have been posted along time ago so the OP is no longer confused.
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    You can't have /21 on a class C. I thought it was a typo the first time, but you did it again. Wait, am I being too critical too? icon_eek.gificon_lol.gif
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    dynamik wrote: »
    You can't have /21 on a class C. I thought it was a typo the first time, but you did it again. Wait, am I being too critical too? icon_eek.gificon_lol.gif

    Okay my bad, that would have been a class B...

    172.16.0.0 /21
    255.255.248.0

    172.16.0.0 Subnet ID
    172.16.7.255 Broadcast ID
    172.16.0.1 - 172.16.7.254 Valid Host Range.
  • gojericho0gojericho0 Member Posts: 1,059 ■■■□□□□□□□
    dynamik wrote: »
    You can't have /21 on a class C. I thought it was a typo the first time, but you did it again. Wait, am I being too critical too? icon_eek.gificon_lol.gif

    So would this be a supernetted class C or a subnetted class B?
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    I was just teasing; the subnetting tension seemed to be running high :D
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    dynamik wrote: »
    I was just teasing; the subnetting tension seemed to be running high :D

    I'm going back to my fetal position now and suck my thumb... :P
  • APAAPA Member Posts: 959
    Just think of a VLAN as a virtual\logical segmentation of hosts over a L3 boundary.

    If two sites were physically seperated you would have a router in between correct? Which also means you would seperate them at L3 meaning they would have two totally different subnets. Can have the same subnet mask but based on this subnet mask their network address\range would be given, which will be different between the two sites.

    Why would this differ when creating a VLAN? You are essentially creating the same seperation as the above physical example... the hosts are living in the same location but you still want them logically seperated at L3.

    To answer your question..... You would never have a subnet spanned across two VLANs... because to route between VLAN's you need a VLAN interface either living on a router or Multilayer switch, and if you tried to create two VLAN interfaces on these devices with the same subnet on each it will result in an EPIC FAIL!!!!

    Now I'm not being critical here -> But get stuck into ICND2 and it will all make sense... I think you may be getting ahead of yourself as CCENT as basically all L1 and a bit of L2 stuff correct???

    CCNA | CCNA:Security | CCNP | CCIP
    JNCIA:JUNOS | JNCIA:EX | JNCIS:ENT | JNCIS:SEC
    JNCIS:SP | JNCIP:SP
  • APAAPA Member Posts: 959
    dynamik stop stirring the pot :p

    As much fun as it is sometimes...... Now back to my critical ways on other forums! :)

    CCNA | CCNA:Security | CCNP | CCIP
    JNCIA:JUNOS | JNCIA:EX | JNCIS:ENT | JNCIS:SEC
    JNCIS:SP | JNCIP:SP
Sign In or Register to comment.