Latest

Home / ccna / Cisco / Networks / switching / CCNA RnS Article #26: Configuring VLANs

CCNA RnS Article #26: Configuring VLANs

August 02, 2023 , , ,

 

CCNA RnS Article #26: VLAN Configuration

In this article, we are going to see VLAN configuration and the reachability between systems in same VLAN. It’s good if you review the previous related articles on VLANs – Virtual VLAN Concepts, VLAN Tagging, and Inter-VLAN Routing.

Without further due, let’s start our VLAN configuration tasks. You don’t need to configure anything on Cisco switches to work – just unpack the switch plug the right cable and you will be able to build a working network. This is true only when you have just one VLAN. But if you need more than 1 VLAN as required in all customer deployments, you need to do some set of configurations.

Step 1 – Creating a VLAN

To create a VLAN you need to decide a VLAN number that you are going to use for the VLAN and the Name so that it can be identified.

Step 2 – Port/Interface mapping to VLAN

Once the VLAN is created you need to assign a port/interface to the VLAN. An interface that can carry only one VLAN traffic is called the access port. An access port is connected to a laptop, camera, printer etc. I mean any device that is part of a single VLAN connects to the access port.

Step 3 – Configure a Trunk port 

It is required when you have multiple switches and VLAN needs to expand throughout the network. A connection between two switches is called the trunk and it carries multiple VLANs traffic, unlike an access port that is part of a single VLAN.

VLAN configuration Exercise

We have been assigned to configure the below setup where we have a switch with 3 VLANs – Sales, Finance, and Guest VLANs with VLAN ID 10, 20, and 30 respectively.

Figure 1: VLAN Exercise - Topology

First, let’s see what is configured by default on a switch. The show vlan command shows configured VLAN information like VLAN ID, Name, status, and the ports that are mapped to the VLANs.

As you can see in Figure 2, there are 5 VLANs by default configured. VLAN 1 is for Ethernet and the other 4 VLANs are non-Ethernet VLAN (FDDI and token ring). Also, notice all the ports on the switch are assigned to VLAN 1.  

 

Figure 2: Show VLAN Output

Configure VLAN

As per Figure 1, we need to configure VLAN 10, 20, and 30. Configuring VLANs are straight forward and very simple. You just need to execute vlan command from global configuration mode.

Figure 3: Creating VLAN

You can verify whether VLANs are created or not using the – show vlan command.

Figure 4: Show VLAN

You can see VLAN 10, 20, and 30 are created. Notice the default VLAN name is VLANxxxx where xxxx is the VLAN ID you configured. For example, VLAN 10 name is VLAN0010, if you create VLAN 100 it will be VLAN0100, and so on.

Now as per the exercise, let’s configure the VLAN name to each VLAN – VLAN 10 – Sales; VLAN 20 – Finance, and VLAN 30 – Guest.

Figure 5: VLAN Name Configuration

Now we have VLAN with the correct name, the next configuration task is to assign interfaces to the VLAN. We need the first 4 interfaces (fa0/1 – fa0/4) in Sales, the next 4 interfaces (fa0/5 – fa0/8) in Finance, and the next 4 (fa0/9 – fa0/12) in Guest VLAN.

There are multiple ways to assign interfaces to VLAN – one way could be to assign interfaces one by one which is a time-consuming task or use the range keyword to apply the same configuration to multiple interfaces at once. We’ll use both approaches. As one interface is only part of a single VLAN it is an access interface.  The switchport access vlan command is used to assign an interface to the VLAN.

Figure 6: Interface mapping to VLANs

Verification

Till now we have configured, VLAN 10, 20, and 30 on Switch 1. The first 4 interfaces are in VLAN 10, the next 4 are in 20 and the next 4 are in 30 VLANs. We have two hosts connected to the switches and they are in the same VLAN.

As we already discussed sometime back, each VLAN utilizes a unique subnet so we have an IP schema for each VLAN as follows –

Sales Subnet – 192.168.10.0 /24

Finance Subnet – 192.168.20.0 /24

Guest Subnet – 192.168.30.0 /24

There are two PCs in the Sales VLAN and 1 PC in other VLANs. We can verify two PCs in sales are able to reach to each other as they are in the same broadcast domain.

PC 1 IP Configuration



PC 2 IP Configuration



Ping (our friend to check the IP connectivity) – from PC 1 – PC 2



As you can see PC 1 is able to ping PC 2 because they are in the same broadcast domain. Each VLAN represents to a broadcast domain. If we try to pint PC 1 from Guest VLAN PC, the result will be negative as by default two broadcast domains cannot work.

PC 3 Configuration and reachability to PC 1 -


You are right. To make this communication happen we need a router or a multi-layer switch that can perform routing/inter-VLAN routing. Hope you find this informative! See you soon with more topics on more configuration tasks.

Continue Reading...