Download Технология на програмирането

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
Document related concepts

Power over Ethernet wikipedia , lookup

IEEE 1355 wikipedia , lookup

Distributed firewall wikipedia , lookup

Wireless security wikipedia , lookup

Parallel port wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Computer network wikipedia , lookup

Zero-configuration networking wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Airborne Networking wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Telephone exchange wikipedia , lookup

Network tap wikipedia , lookup

IEEE 802.1aq wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Spanning Tree Protocol wikipedia , lookup

Virtual LAN wikipedia , lookup

Transcript 
Computer
Networking
Macedonia
VLAN’s, VTP, InterVLAN Routing,
(And if there is enough time - STP)
Presenter
Delyan Genkov, PhD, Principal
Assistant Professor at Technical University of
Gabrovo, Bulgaria
 CCNA, CCNP, CCAI, CCSI#33190
 Working at Lirex BG Ltd – Gold Cisco Partner
 Instructor and Main Contact in the first Bulgarian
Cisco Networking Academy since 1999
 Email: [email protected]

VLAN

Virtual Local Area Networks

Main goal – to divide the network into
smaller parts
Why to divide a LAN?

Benefits:
 Decreases
unnecessary traffic
 Limits broadcasts
 Allows the network to grow
 Increases security

Drawbacks
 More
complicated and expensive devices
 More administrator’s knowledge required
Traditional network division
Depends on geographic locations
 (Sometimes) requires more router
interfaces
 Do not allows
movement

VLAN division
Position independent
 Allows easy movement
 Increases security
(if properly configured)
 May use one or more
router interfaces

Two or more VLANs on a single
switch?
Possible, but not common
 Functions as two or more separate
switches
 I use this when there are free ports and I
need another switch in the same rack
 The true power is when you use more
switches

VLAN’s have

Mandatory number (VLAN ID)
– 1024 Standard VLANs
 1001 – 1024 are reserved
 1025 – 4096 – Extended VLANs (SP)
1
Optional name (Default VLAN0001, …)
 Type (Ethernet)
 MTU (Typical 1500) and so on.

VLAN tasks
Create the VLANs in switch memory
 Assign ports to VLANs


Types of ports:
– resides in only one VLAN
 Voice VLAN – an additional VLAN for access port
 Trunk – allows packets for more than one VLAN
 Access
Typical scenario
Access ports –
connects computers
 Trunk ports –
connects switches


Routers?
VLAN Tagging
IEEE 802.1q (4bytes) - Standard
 ISL (30 bytes) – Cisco proprietary


IEEE 802.1q preferred
Native VLAN – no tag
 Native VLAN must match in both ends

Tagging and Untagging
Cisco defaults
Only VLAN 1 exists
 All ports are assigned in VLAN 1
 All VLANs are allowed on a Trunk (you
can change this)
 Native VLAN on all trunks is VLAN 1
 Security recommendation: Do not leave
computers in the native VLAN!

Deleting a VLAN
If you delete a VLAN and the switch have
ports, assigned to it – these ports remains
in a non-existing VLAN and are shutdown.
 The right way is – first to reassign these
ports in an existing VLAN, then to delete
the VLAN.

VTP
VLAN Trunking Protocol – Cisco
Proprietary
 What was the main tasks when you
configure VLANs?

 Creating
VLANs into the switch memory
 Assign ports into VLANs

VTP can assist you in the first task, but
you still have to complete the second task
Imagine a network with 100
switches
Instead of logging 100 times in every
switch and configure a VLAN, with VTP
you can do it on a single switch
 But be careful – with VTP you can stop the
whole network with one command (or
even with one connection)

VTP Switch modes
Server
 Client
 Transparent


There must be at least one server,
preferably two
Another VTP Parameters
VTP Version – 1, 2 or 3
 VTP Domain name
 VTP Password – optional
 VTP Pruning
 Configuration Revision

VTP Pruning
VTP Defaults
VTP mode: Server
 VTP Domain Name: null
 VTP Password: null
 VTP Version: 1
 Configuration Revision: 0

Correct action
You configure new VLAN on the server
 It increases configuration revision
 All other switches learns for the change
 All other gets new VLAN information and
increases the configuration revision

Incorrect action
You have a production and test networks
 You get a switch from test network and
delete all the test VLANs, except VLAN 1
 You forgot to reset the configuration
revision
 You connect the new switch to the
production network

InterVLAN Routing
When you need to pass traffic between
VLANs
 Not necessary in an ISP, probably needed
in an organizational network
 Needs Layer 3 device(s)
 Normally every VLAN is separate IP
network

Three common scenarios
Separate interface for every VLAN
 “Router-on-a-stick”
 Using a Layer 3 switch

Separate interfaces
Router doesn’t have to
know IEEE 802.1q
 Every interface is
connected to an access
port in correct VLAN
 Every interface is a
Default Gateway for it’s
VLAN

Router-on-a-Stick
One Routers interface,
connected to a trunk port
 Router must speak 802.1q
 You must create subinterfaces
for every VLAN with an IP
address for default gateway
 The single interface may
create bottleneck

Layer 3 switch
Uses virtual interfaces
 There is no practical limitation for VLANs
count
 Most scalable and fastest solution
 Sometimes may not fulfill all the
requirements (i.e. BGP routing with the
ISP’s)

Spanning Tree Protocol
IEEE 802.1D
 Enables redundant topologies
 Blocks the redundant links, enables only one
 If using for two or more links between two
switches, Etherchannel is preferrable
 But STP allows circular or more complex
topologies

Redundant topologies
Broadcast Storm
Spanning Tree Protocol
Избор на Root Bridge
Bridge Identifier (BID)
По – малкият идентификатор печели
Link Cost
Port Roles
Port states
Rapid STP (IEEE 802.1w)
Using STP with VLANs

MSTP,
PVST+,
RPVST+
Related documents
Review Questions of Switching Networks
Review Questions of Switching Networks
Router/Switch Security
Router/Switch Security
document 8758227
document 8758227
ppt
ppt
Securing Network
Securing Network
Class Power Points for Chapter #9
Class Power Points for Chapter #9
Release notes_1.3
Release notes_1.3
ppt in chapter 14
ppt in chapter 14
PPT-2 - Convergence Technology Center
PPT-2 - Convergence Technology Center
Basic Configuration of WAP4410N
Basic Configuration of WAP4410N
VLAN History
VLAN History
trunk - Victoria College
trunk - Victoria College