Implementing VLAN's and Trunking
What are the additional features found in VTP version 2?
The additional features found in VTP version 2 are as follows: - Token Ring support - Unrecognized type-length-value (TLV) support - Version-dependent transparent mode (forwards VTP messages in transparent mode out all trunk interfaces) - Consistency checks
What are the default Layer 2 Ethernet interface VLAN settings on a Catalyst 2960?
The default Layer 2 Ethernet interface VLAN settings on a Catalyst 2960 are as follows: - Interface mode: switchport mode dynamic auto - Allowed VLANs: 1 to 4094 - Default VLAN: VLAN 1 - VLAN pruning eligible range: 2 to 4094 - Native VLAN: 1
What is the default VTP configuration on a Catalyst 2960 switch?
The default VTP configuration on a Catalyst 2960 switch is as follows: - VTP domain: Null - VTP mode: Server - VTP version: Version 1 - VTP password: (None) - VTP pruning: Disabled
When configuring trunking on a Catalyst 2960, what are the five Layer 2 interface modes supported
The five Layer 2 interface modes supported when configuring trunking on a Catalyst 2960 are as follows: - switchport mode access: Makes the interface a nontrunking access port. - switchport mode dynamic auto: Allows the interface to convert to a trunk link if the connecting neighbor interface is set to trunk or desirable. - switchport mode dynamic desirable: Makes the interface attempt to convert the link to a trunk link. The link becomes a trunk if the neighbor interface is set to trunk, desirable, or auto. - switchport mode trunk: Configures the port to permanent trunk mode and negotiates with the connected device if the other side can convert the link to trunk mode. - switchport nonegotiate: Prevents the interface from generating DTP frames.
What are the four VLAN port membership modes on a Catalyst 2960 switch?
The four VLAN port membership modes on a Catalyst 2960 switch are as follows: - Static-access: Static-access ports belong to only one VLAN and are manually assigned. - Trunk (IEEE 802.1Q): By default, a trunk port is a member of all VLANs. - Dynamic-access: Dynamic-access ports belong to one VLAN and are dynamically assigned by a VMPS. Dynamic-access ports must not connect to another switch. - Voice VLAN: Voice VLAN ports are access ports attached to an IP phone that are configured to use one VLAN for voice traffic and another VLAN for data traffic from a device connected to the IP phone.
What are the four characteristics of a typical VLAN setup?
The four characteristics of a typical VLAN setup are as follows: - Each logical VLAN is like a separate physical bridge. - For different VLANs to communicate with each other, traffic must be forwarded through a router or Layer 3 switch. - Each VLAN is considered to be a separate logical network. - VLANs can span multiple switches.
In 802.1Q, what is the native VLAN?
The native VLAN is VLAN1 by default. 802.1Q does not tag the native VLAN across trunk links.
What is required to configure VTP on a Catalyst switch?
The requirements for configuring VTP on a Catalyst switch are as follows: - VTP domain: All switches must be in the same VTP domain. - Optional password: If a password is configured, all switches in the VTP domain must be configured with the same password. Configuring a password is recommended practice. - VTP version: All switches must run the same VTP version. - Trunk link: VTP propagates on trunk links; thus at least one port must be configured as a trunk link.
What is one of the most important components in the VTP advertisement?
The revision number. Every time a VTP server modifies its VLAN configuration, it increments the configuration number by 1. The largest configuration number in the VTP domain contains the most current information. When a client receives a revision number higher than its current number, it updates its VLAN configuration.
How do you display the trunking interfaces on a Catalyst 2960?
The show interfaces interface-id trunk privilege EXEC command shows the interfaces that are trunking on a switch and the trunk configuration, as follows: Cat2960#show interfaces trunk Port Mode Encapsulation Status Native vlan Gi0/1 on 802.1q trunking 1 Port Vlans allowed on trunk Gi0/1 1-4094 Port Vlans allowed and active in management domain Gi0/1 1-3,5,10,20,30,40,50,60 Port Vlans in spanning tree forwarding state and not pruned Gi0/1 1-3,5,40
One switch in your network is not receiving VLAN information. How do you verify whether the switch is receiving VTP information?
The show vtp counters privilege EXEC command displays VTP statistics about advertisements received and pruning information, as follows: Cat2960#show vtp counters VTP statistics: Summary advertisements received : 426 Subset advertisements received : 1 Request advertisements received : 0 Summary advertisements transmitted : 481 Subset advertisements transmitted : 0 Request advertisements transmitted : 0 Number of config revision errors : 0 Number of config digest errors : 0 Number of V1 summary errors : 0 VTP pruning statistics: Trunk Join Transmitted Join Received Summary advts received from non-pruning-capable device ---------------- ---------------- ---------------- --------------------------- Gi2/2 5043 5036 0 Gi2/3 5043 5033 0 Gi2/4 5043 5032 0 Gi2/5 5043 5033 0 Gi2/6 5043 5038 0 Gi3/1 5043 5035 0 Gi3/2 5043 5034 0 Gi3/4 5044 5033 0 Po1 4903 4903 0
As a network administrator, you try to add a new VLAN to a Catalyst 2960 switch. However, when you add the new VLAN, you get the following error from the switch: Switch(config)#vlan 20 %VTP VLAN configuration not allowed when device is in CLIENT mode. The VLAN is not added to the switch. Why did this error occur?
The switch is a VTP client. A switch can only add, modify, or delete VLANs if it is in server or transparent mode. To remedy the problem, change the switch to server or transparent mode using the vtp mode [server | transparent] global command.
What are the two methods to assign a port to a VLAN?
The two methods to assign a port to a VLAN are as follows: - Statically: Statically assigning a port to a VLAN is a manual process performed by the administrator. - Dynamically: Assigning VLANs dynamically is done using a VLAN Membership Policy Server (VMPS). The VMPS contains a database that maps MAC addresses to VLAN membership. A dynamic port can belong to only one VLAN at a time. A Catalyst 4500 or 6500 switch can be configured to be a VMPS, but a Catalyst 2960 switch cannot.
As a network administrator, you use VLAN 1 for the Sales division. As a result, all users in VLAN 1 cannot access other users assigned to different VLANs. Why is this happening, and how do you enable the users in VLAN 1 to communicate with other users in different VLANs?
The users in VLAN 1 cannot communicate with the other VLANs because, by default, VLAN 1 is the native VLAN. 802.1Q does not encapsulate traffic from the native VLAN. Thus the users in VLAN 1 cannot communicate with other users. To fix the issue, you need to change the native VLAN to a different unused VLAN in your network. To do this, use the switchport trunk native vlan vlan-id interface command. The following command changes the native VLAN on trunking interface g0/1 from 1 to 1000: Cat2960(config-if)#switchport trunk native vlan 1000
Configure a Catalyst 2960 switch with VLAN number 10 and name the VLAN "Accounting."
To configure a VLAN on a Catalyst 2960 switch, first ensure that the switch is in VTP server or transparent mode. When the switch is in one of these modes, the vlan vlan-id global configuration command adds a VLAN. The vlan-id can be a number from 1 to 4094 for normal-range VLANS, as follows: Switch(config)#vlan 10 Switch(config-vlan)#name Accounting
As a network administrator, you want to add ports 1 through 12 to VLAN 10 on your Catalyst 2960 switch. How do you statically assign these ports to the switch?
To configure a range of ports to a VLAN, enter the range command. The following commands assign ports 1[nd]12 to VLAN 10: Cat2960(config)#interface range fastethernet 0/1 - 12 Cat2960(config-if-range)#switchport mode access Cat2960(config-if-range)#switchport access vlan 10 You can assign VLANs to a switch one port at a time or a range of ports at a time. First, enter the interface you want to configure. Second, define the interface as an access port. Finally, assign the port to a VLAN. Notice how the prompt changes to config-if-range mode when you use the range command. The other commands define the ports as an access port and then assign the ports to vlan 10. To assign a port to a different VLAN, enter the switchport access vlan command followed by the VLAN ID you want to change the port to.
How do you enable VTP Version 2 on a Catalyst 2960 switch?
To enable VTP Version 2 on a Catalyst switch, use the vtp version version-number global command, as follows: Cat2960(config)#vtp version 2
How do you enable VTP pruning?
To enable VTP pruning on a Catalyst 2960, use the vtp pruning global configuration command, as follows: Cat2960(config)#vtp pruning Pruning switched on
By default, VLANs 1[nd]4094 are allowed to propagate on all trunk links. How do you limit a trunk to allow only VLANs 10[nd]50 on a trunk link?
To limit the VLANs on a trunk link, enter the switchport trunk allowed vlan {add | all | except | remove} vlan-list interface command. To allow only VLANs 1[nd]50 on a trunk link, you would enter the following: Cat2960(config-if)#switchport trunk allowed vlan 10-50
As a network administrator, you added a new VLAN, VLAN 10 on a switch and called it Accounting. However, you later find out that VLAN 10 is going to be assigned to Sales. How do you modify the VLAN name?
To modify a VLAN name, you need to enter config-vlan mode for the VLAN you want to modify and rename the VLAN, as follows: Switch(config)#vlan 10 Switch(config-vlan)#name Sales Switch(config-vlan)#exit
What are trunk links?
Trunk links allow the switch to carry multiple VLANs across a single link. By default, each port on a switch can belong to only one VLAN. For devices that are in a VLAN (that spans multiple switches) to talk to other devices in the same VLAN, you must use trunking or have a dedicated port for each VLAN. Trunk links encapsulate frames using a Layer 2 protocol. This encapsulation contains information for a switch to distinguish traffic from different VLANs and to deliver frames to the proper VLANs. The Catalyst 2960 supports 802.1Q as its trunking protocol.
What are the two ways that VTP and VLANs are configured on a Catalyst 2960 switch?
Two ways that VTP and VLANs are configured on a Catalyst 2960 switch are as follows: - In global configuration mode - In VLAN database configuration mode
How many VLANs does a Catalyst 2960 switch support?
Up to 255 VLANs.
What is VTP?
VLAN Trunking Protocol (VTP) is a Layer 2 messaging protocol that maintains VLAN configuration consistency throughout a common administrative domain by managing VLAN additions, deletions, and name changes across multiple switches. Without VTP, you would have to manually add VLAN information to each switch in the network.
What are VLANs?
VLANs are broadcast domains in a Layer 2 network. Each broadcast domain is like a distinct virtual bridge within the switch. Each virtual bridge created in a switch defines a broadcast domain. By default, traffic from one VLAN cannot pass to another VLAN. Each user in a VLAN is also in the same IP subnet. Each switch port can belong to only one VLAN. The exception to this is if the port is a trunk port.
What is included in VTP advertisements?
VTP advertisements include the following information: - VTP domain name - VTP configuration revision number - Update identity and update timestamp - MD5 digest VLAN configuration - Frame format
What is the default VTP version on a Catalyst 2960 switch?
Version 1.
How do you verify the VLANs on a Catalyst switch and the ports assigned to each VLAN?
You can use two commands to verify the VLANs on a switch: the more detailed show vlan {name vlan-name | id id} command or the show vlan brief command, as follows: Switch#show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Gi0/2 10 InternetAccess active 20 Operations active Fa0/1, Fa0/2, 30 Administration active Fa0/6, Fa0/7, Fa0/8, Fa0/9 40 Engineering active Fa0/3, Fa0/4, Fa0/5, Fa0/10, Fa0/11, Fa0/12, Fa0/13,Fa0/14, Fa0/15, Fa0/16, Fa0/17, Fa0/18, Fa0/19,Fa0/20 60 Public active Fa0/21, Fa0/22, Fa0/23, Fa0/24 !text-omitted!
What are three ways to verify the ports assigned to VLANs?
You can verify the ports assigned to a VLAN by viewing the entire switch configuration with the show running-config command. You can also check by using the show running-config interface interface-id command and the show vlan command. Here is an example of the show running-config interface command for port F0/1 on the switch: Cat2960#show running-config interface f0/1 Building configuration... Current configuration : 84 bytes! interface FastEthernet0/1 switchport access vlan 10 switchport mode access end
How do you determine the VTP version, domain name, and password on a Catalyst switch?
You determine the VTP version, domain name, and password by issuing the privileged EXEC show vtp status command, which displays the following: - VTP version - Number of existing VLANs on a switch and the maximum number of locally supported VLANs - VTP domain name, password, and operating mode - Whether VTP pruning is enabled - The last time the VLAN configuration was modified
How do you set an interface for 802.1Q trunking on a Catalyst 2960 switch?
You set an interface for 802.1Q trunking by using the switchport mode trunk interface command. To enable an interface for trunking on a Catalyst 2960 switch, use the switchport mode [dynamic {auto | desirable} | trunk] interface command. The following examples configure one interface for trunking and a second interface to trunk only if the neighboring device is set to trunk, desirable, or auto: Cat2960(config)#interface g0/1 Cat2960(config-if)#switchport mode trunk Cat2960(config-if)#interface g0/2 Cat2960(config-if)#switchport mode dynamic desirable
What are the three VTP modes a switch can be in?
A switch can be in the following three VTP modes: - Server - Client - Transparent
What is VTP server mode?
A switch in VTP server mode can add, delete, and modify VLANs and other configuration parameters for the entire VTP domain. It is the default mode for all Catalyst switches. VLAN configurations are saved in NVRAM. When you change VLAN configuration in server mode, the change is dynamically propagated to all switches in the VTP domain.
What is a VTP domain?
Also called a VLAN management domain, a VTP domain is one or more interconnected switches that share the same VTP environment. A switch can be in only one VTP domain, and all VLAN information is propagated to all switches in the same VTP domain.
A Cisco 2950 switch is configured with all ports assigned to VLAN 10. What is the effect of adding switch ports to a new VLAN on this switch?
An additional broadcast domain is created. Because you are adding switch ports to a new VLAN, you are in effect creating a new broadcast domain on the switch.
What is VTP pruning?
By default, a trunk link carries traffic for all VLANs in the VTP domain. Even if a switch has no ports in a specific VLAN, traffic for that VLAN is carried across the trunk link. VTP pruning uses VLAN advertisements to determine when a trunk connection is needlessly flooding traffic to a switch that has no ports in the particular VLAN. VTP pruning increases available bandwidth by restricting flooded traffic to trunk lines that the traffic must use to access the appropriate network devices. By default, VTP pruning is disabled.
How do you disable VTP on a Catalyst 2960 switch?
Configure the switch for VTP transparent mode as follows: Cat2960(config)#vtp mode transparent
What is DTP?
Dynamic Trunking Protocol (DTP) is a point-to-point Layer 2 protocol that manages trunk negotiation.
How do you delete a VLAN from a Catalyst switch?
Enter the no vlan vlan-id global command for the VLAN you want to delete, as follows: Switch(config)#no vlan 10
How often are VTP advertisements flooded throughout the management domain?
Every 5 minutes. VTP advertisements are flooded throughout the management domain to a reserved multicast address every 5 minutes or whenever a change occurs in the VLAN configuration.
Describe 802.1Q tagging?
IEEE 802.1Q tagging provides a standard method of identifying frames that belong to a particular VLAN. 802.1Q does this by using an internal process that modifies the existing Ethernet frame with the VLAN identification.
What is VTP client mode?
In VTP client mode, a switch cannot create, delete, or modify VLANs. In client mode, the switch transmits and receives VTP updates on its trunk links. VLAN configurations are received from the VTP server
How do you configure the VTP operation mode, VTP domain, and VTP password on a Catalyst 2960 switch?
In global configuration mode, the vtp mode [server | client | transparent] global command sets the VTP mode, followed by the vtp domain domain-name to configure the VTP domain and vtp password password to set the VTP password, as follows: Cat2960(config)#vtp mode server Cat2960(config)#vtp domain CiscoPress Changing VTP domain name from NULL to CiscoPress Cat2960(config)#vtp password ICND Setting device VLAN database password to ICND
What is VTP transparent mode?
In transparent mode, a switch does not participate in the VTP domain. However, a switch can add, modify, and delete VLANs locally. A VTP transparent switch does not advertise its VLAN configuration and does not synchronize its VLAN configuration based on received advertisements. In VTP version 2, transparent switches forward VTP advertisements they receive out their trunk ports.
On the VTP server, where is the VLAN configuration stored?
NVRAM. Only on a VTP server is VLAN configuration stored in NVRAM (also called flash). VLAN information is stored in a file called vlan.dat. This is called the VLAN database.
What VLAN ranges does the Catalyst 2960 support?
Normal-range and extended-range VLANs. VLANs are identified by a number from 1 to 4094. VLANs 1 to 1005 are considered normal-range VLANs. Extended-range VLANs are numbered 1006 to 4094.