VLANs and VLAN Trunking- Notes

Here are my notes on the VLANs and VLAN Trunking chapter of the Cisco Press Exam Certification Guide book.  This is foundational knowledge for switching that needs to be known backwards and forwards.

Best practices dictate a 1-to-1 relationship between VLANs and IP subnets

For a VLAN to be operational, the following must be true

• VLAN has been created
• Switchports must be assigned to VLAN

VLANs can be created in VLAN Database mode (depreciated), global config mode, and interface config mode

Private VLANs

• Requires a Primary VLAN and one or more Secondary VLANs
• Ports in a primary VLAN are promiscuous and can talk with any secondary VLAN ports
• Secondary Community VLAN ports can talk to other community ports in the same secondary VLAN and ports in the primary VLAN. Need a community secondary VLAN for each community group.
• Secondary Isolated VLAN ports can only talk to ports in the primary VLAN. Only need one isolated secondary VLAN.

VTP Modes

• Server
  • Can create/edit VLANs (1-1005)
  • Can act upon and originate VLAN updates
  • Default VTP mode
  • Stores info in vlan.dat file on flash

• Client
  • Can learn VLANs (1-1005)
  • Can act upon and originate VLAN updates
  • Stores info in vlan.dat file on flash

• Transparent
  • Can create/edit VLANs (1-4094)
  • Can not originate or act upon VLAN updates
  • Will forward on received updates from other switches
  • Stores info in vlan.dat file on flash  and also in config

Switches are in server mode by default.

They do not send out advertisements until they have a domain configured.

They will learn a domain from the first advertisement that they receive.

For switches to be able to update each other, VTP domain and password must match.

VTP updates only sent over trunks

VTP version 2 really only needed for Token Ring support

VLANs 1, 1002-1005 are special and cannot be deleted

ISL trunk adds a 26 byte header and a 4 byte trailer.

ISL header destination address is 0100.0C00.0000 or 0300.0C00.0000

ISL is the preferred trunking encapsulation if both ISL and 802.1Q are supported

802.1Q adds 4 byte tag after source address field. First 2 bytes is an ethernet type value of 0×8100.

802.1Q supports native VLAN concept (does not insert a tag).

Dynamic Trunk Protocol (DTP)

• Trunk- always sets up a trunk
• Desirable- will set up a trunk with Trunk, Desirable, and Auto
• Auto- will setup a trunk with Trunk and Desirable
• Access- will not setup a trunk
• No-negotiate- used with Access and Trunk. Does not negotiate using DTP. If used with Trunk, the other side must also be Trunk in order for a trunk to be fully operational

Trunking on routers

• Routers do not support DTP. So trunk must be statically configured on both ends.
• Typically uses subinterfaces for each VLAN on the router
• Uses the encapsulation command under each subinterface
• Native VLANs configured on subinterfaces require the native keyword in the encapsulation command
• If native VLAN is not configured on a subinterface, the router assumes it is on the physical interface. In this case, the physical interface does not need the encapsulation command

802.1Q-in-Q trunking

• Allows a service provider to preserve 802.1Q VLAN tags across a WAN service
• CDP and VTP traffic passes transparently over the Q-in-Q service