tech:network:vlan:vlan
Table of Contents
VLAN
VLAN = Virtual LAN = Virtual Local Area Network
Pi0 currently connected to DSW2 fa1/0/21.
Default VLAN
DSW2#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa1/0/1, Fa1/0/2, Fa1/0/3
Fa1/0/4, Fa1/0/5, Fa1/0/6
Fa1/0/7, Fa1/0/8, Fa1/0/9
Fa1/0/10, Fa1/0/11, Fa1/0/12
Fa1/0/13, Fa1/0/14, Fa1/0/15
Fa1/0/16, Fa1/0/17, Fa1/0/18
Fa1/0/19, Fa1/0/20, Fa1/0/21
Fa1/0/22, Fa1/0/23, Fa1/0/24
Gi1/0/1, Gi1/0/2
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
Inter-VLAN Security
en conf t vlan 10 name Worker vlan 20 name Network vlan 30 name Server exit
DSW2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
DSW2(config)#vlan 10
DSW2(config-vlan)#name Worker
DSW2(config-vlan)#vlan 20
DSW2(config-vlan)#name Network
DSW2(config-vlan)#vlan 30
DSW2(config-vlan)#name Server
DSW2(config-vlan)#exit
DSW2(config)#
*Mar 1 01:41:29.349: %LINK-3-UPDOWN: Interface FastEthernet1/0/21, changed state to up
*Mar 1 01:41:30.355: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet1/0/21, changed state to up
DSW2(config)#do sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa1/0/1, Fa1/0/2, Fa1/0/3
Fa1/0/4, Fa1/0/5, Fa1/0/6
Fa1/0/7, Fa1/0/8, Fa1/0/9
Fa1/0/10, Fa1/0/11, Fa1/0/12
Fa1/0/13, Fa1/0/14, Fa1/0/15
Fa1/0/16, Fa1/0/17, Fa1/0/18
Fa1/0/19, Fa1/0/20, Fa1/0/21
Fa1/0/22, Fa1/0/23, Fa1/0/24
Gi1/0/1, Gi1/0/2
10 Worker active
20 Network active
30 Server active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
30 enet 100030 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
ping from Desktop to Pi0.
same subnet, same VLAN.
C:\Users\wnogu>ping 172.16.2.250
Pinging 172.16.2.250 with 32 bytes of data:
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Ping statistics for 172.16.2.250:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
now, change the access vlan.
DSW2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
DSW2(config)#int f1/0/21
DSW2(config-if)#swi
DSW2(config-if)#switchport mo
DSW2(config-if)#switchport mode ac
DSW2(config-if)#switchport mode access
DSW2(config-if)#swi
DSW2(config-if)#switchport ac
DSW2(config-if)#switchport access vl
DSW2(config-if)#switchport access vlan 30
DSW2(config-if)#do sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa1/0/1, Fa1/0/2, Fa1/0/3
Fa1/0/4, Fa1/0/5, Fa1/0/6
Fa1/0/7, Fa1/0/8, Fa1/0/9
Fa1/0/10, Fa1/0/11, Fa1/0/12
Fa1/0/13, Fa1/0/14, Fa1/0/15
Fa1/0/16, Fa1/0/17, Fa1/0/18
Fa1/0/19, Fa1/0/20, Fa1/0/22
Fa1/0/23, Fa1/0/24, Gi1/0/1
Gi1/0/2
10 Worker active
20 Network active
30 Server active Fa1/0/21
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
10 enet 100010 1500 - - - - - 0 0
20 enet 100020 1500 - - - - - 0 0
30 enet 100030 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
same subnet. but different VLAN.
C:\Users\wnogu>ping 172.16.2.250
Pinging 172.16.2.250 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 172.16.2.250:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
ping failed.
This behavior absolutely correct.
If you can ping successful, it might be incorrect configuration.(e.g. Design IP Mismatch: pinging self IP ;()
ok, change f1/0/23 access VLAN to 30.
DSW2(config-if)#int f1/0/23
DSW2(config-if)#swi
DSW2(config-if)#switchport mo
DSW2(config-if)#switchport mode a
DSW2(config-if)#switchport mode access
DSW2(config-if)#swi
DSW2(config-if)#switchport ac
DSW2(config-if)#switchport access v
DSW2(config-if)#switchport access vlan 30
DSW2(config-if)#do sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa1/0/1, Fa1/0/2, Fa1/0/3
Fa1/0/4, Fa1/0/5, Fa1/0/6
Fa1/0/7, Fa1/0/8, Fa1/0/9
Fa1/0/10, Fa1/0/11, Fa1/0/12
Fa1/0/13, Fa1/0/14, Fa1/0/15
Fa1/0/16, Fa1/0/17, Fa1/0/18
Fa1/0/19, Fa1/0/20, Fa1/0/22
Fa1/0/24, Gi1/0/1, Gi1/0/2
10 Worker active
20 Network active
30 Server active Fa1/0/21, Fa1/0/23
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
20 enet 100020 1500 - - - - - 0 0
30 enet 100030 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
C:\Users\wnogu>ping 172.16.2.250 -t
Pinging 172.16.2.250 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Reply from 172.16.2.250: bytes=32 time=1ms TTL=64
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Reply from 172.16.2.250: bytes=32 time<1ms TTL=64
Ping statistics for 172.16.2.250:
Packets: Sent = 28, Received = 15, Lost = 13 (46% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms
Control-C
^C
ping successfully.
Management VLAN
DSW2#sh run int vlan1 Building configuration... Current configuration : 38 bytes ! interface Vlan1 no ip address end
assume that management VLAN is 20.
configure swithc IP.
conf t int vlan 20 ip addr 172.16.2.102 255.255.255.0 no shut exit enable secret password line vty 0 15 password password login exit end
DSW2#conf t
Enter configuration commands, one per line. End with CNTL/Z.
DSW2(config)#int vlan 20
DSW2(config-if)#
*Mar 1 14:03:59.567: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to down
DSW2(config-if)#ip addr 172.16.2.102 255.255.255.0
DSW2(config-if)#no shut
DSW2(config-if)#exit
DSW2(config)#enab
DSW2(config)#enable se
DSW2(config)#enable secret password
DSW2(config)#line vty 0
DSW2(config)#line vty 0 15
DSW2(config-line)#pass
DSW2(config-line)#password passwo
DSW2(config-line)#password password
DSW2(config-line)#login
DSW2(config-line)#exit
DSW2(config)#end
DSW2#
*Mar 1 14:04:45.905: %SYS-5-CONFIG_I: Configured from console by console
DSW2#sh int vlan 20
Vlan20 is up, line protocol is down
Hardware is EtherSVI, address is c08c.6045.5241 (bia c08c.6045.5241)
Internet address is 172.16.2.102/24
MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not supported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 packets output, 0 bytes, 0 underruns
0 output errors, 1 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
this time, no port assigned to vlan 20, therefore vlan 20 interface down.
connect pi servers switch to f1/0/13.
let's up.
DSW2(config)#int f1/0/13 DSW2(config-if)#switchport mode access DSW2(config-if)#switchport access vlan 20 DSW2(config-if)# *Mar 1 14:12:47.428: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan20, changed state to up
ping from Desktop.
C:\Users\wnogu>ping 172.16.2.102
Pinging 172.16.2.102 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 172.16.2.102:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
telnet from Desktop.
failed.
now place f1/0/23 to vlan 20.
DSW2(config-if)#int f1/0/23
DSW2(config-if)#swi
DSW2(config-if)#switchport mo
DSW2(config-if)#switchport mode ac
DSW2(config-if)#switchport mode access
DSW2(config-if)#swi
DSW2(config-if)#switchport ac
DSW2(config-if)#switchport access vl
DSW2(config-if)#switchport access vlan 20
DSW2(config-if)#^Z
DSW2#sh vlan
*Mar 1 14:18:08.905: %SYS-5-CONFIG_I: Configured from console by console
DSW2#sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa1/0/1, Fa1/0/2, Fa1/0/3
Fa1/0/4, Fa1/0/5, Fa1/0/6
Fa1/0/7, Fa1/0/8, Fa1/0/9
Fa1/0/10, Fa1/0/11, Fa1/0/12
Fa1/0/14, Fa1/0/15, Fa1/0/16
Fa1/0/17, Fa1/0/18, Fa1/0/19
Fa1/0/20, Fa1/0/22, Fa1/0/24
Gi1/0/1, Gi1/0/2
10 Worker active
20 Network active Fa1/0/13, Fa1/0/23
30 Server active Fa1/0/21
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
10 enet 100010 1500 - - - - - 0 0
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
20 enet 100020 1500 - - - - - 0 0
30 enet 100030 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0
Remote SPAN VLANs
------------------------------------------------------------------------------
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
ping still failed. why?
seems vlan 1 interface not down.
ok, shtudown vlan1.
DSW2#sh run int vlan 20 Building configuration... Current configuration : 63 bytes ! interface Vlan20 ip address 172.16.2.102 255.255.255.0 end DSW2#sh run int vlan 1 Building configuration... Current configuration : 38 bytes ! interface Vlan1 no ip address end DSW2#conf t Enter configuration commands, one per line. End with CNTL/Z. DSW2(config)#int vlan 1 DSW2(config-if)#shut DSW2(config-if)#^Z DSW2# *Mar 1 14:20:09.164: %SYS-5-CONFIG_I: Configured from console by console DSW2#sh run int vlan 1 *Mar 1 14:20:10.707: %LINK-5-CHANGED: Interface Vlan1, changed state to administratively down *Mar 1 14:20:10.716: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down DSW2#sh run int vlan 1 Building configuration... Current configuration : 48 bytes ! interface Vlan1 no ip address shutdown end
C:\Users\wnogu>ping 172.16.2.102
Pinging 172.16.2.102 with 32 bytes of data:
Reply from 172.16.2.102: bytes=32 time=2ms TTL=255
Reply from 172.16.2.102: bytes=32 time=1ms TTL=255
Reply from 172.16.2.102: bytes=32 time=1ms TTL=255
Reply from 172.16.2.102: bytes=32 time=1ms TTL=255
Ping statistics for 172.16.2.102:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 1ms, Maximum = 2ms, Average = 1ms
ping successful.
telnet successful.
yey.
References
tech/network/vlan/vlan.txt · Last modified: 2018/04/02 02:52 by 5.9.98.130
