Configuring VLANs and VTP

By | June 17, 2013

To configure a trunk port:

conf t
interface fastEthernet 0/24
switchport mode trunk
OR
switchport trunk encapsulation dot1q
switchport mode trunk

To configure all other ports as access ports:

conf
interface range fastEthernet 0/1 – 0/23
switchport mode access

show vtp status – shows everything you need to know about VTP.  In particular the revisions to show you which version your switches are on.  The operating mode shows you if it is client, server, or transparent.  You will also see all VLANs being used listed.

On your main switch, lets configure VTP settings:

conf t
vtp domain kevinfatkin.net – sets the VTP domain to kevinfatkin.net.  All VTP domains should always be kevinfatkin.net 😉 JUST KIDDING.
vtp password yourpasswordhere
vtp mode server – sets the operating mode as server (or client or transparent)

To create a new VLAN on a VTP server:

conf t
vlan 10 – goes into VLAN creation mode
name sales – sets the name for the VLAN.  Highly recommended

show interfaces fastEthernet 0/1 switchport – shows the switchport details to determine what mode it is running in as well as the VLANs permitted.

show interfaces trunk – will show you the interfaces set to trunk.

To put an interface on a particular VLAN:

conf t
interface fa0/8
switchport access vlan 10 – puts the interface on VLAN 10.

As a recommendation, it is smart to create subnet masks that match VLAN numbers.  For instance, 192.168.10.x = VLAN 10.  Remember, one subnet = one VLAN = one broadcast domain.  We also need to route between VLANs which we will discuss below.

The 3 options for routing between VLANs is:

1)  Separate router physical port for each VLAN.  The switch will have an access port assigned to a particular VLAN connecting into the corresponding router port which is on that subnet.  This is usually unpractical or scalable due to amount of router ports and wires needed.

2)  Router on a stick (CCNA level) – a trunk port from a switch connecting into a router port.  This allows you to use one router port for your switch trunks.  The actual router interface does not get an IP address, it gets a sub interface that allows you to break your sub interface into many.

First login to the router:

interface fa0/0.10 – creates the sub port from fa0/0
encapsulation dot1q 10 – sets the sub port to allow VLANs and talk to trunk ports on the switch.  This puts the sub interface on VLAN 10.
ip address 192.168.10.1 255.255.255.0 – sets your IP address (the gateway IP).

interface fa0/0.20 – creates sub port from 0/0
encapsulation dot1q 20 – sets the sub port to allow VLANs and talk to trunk ports on the switch.  This puts the sub interface on VLAN 20.
ip address 192.168.20.1 255.255.255.0 – sets your IP address (the gateway IP).

You have now configured your routers interface fa0/0 to talk to a trunked interface on the switch.  Now just configure the switch interface plugged into the router interface as a standard trunk link and you’ll be good to go.  (Note: your switch needs to be able to support baby giants because of the VLAN shim increasing the packet size by 4 bytes – Cisco does):

conf t
interface fa0/4
switchport mode trunk

3)  Layer 3 switching (CCNP level) – This is a router within a switch.  The VLAN interfaces are created on the layer 3 switch that is reachable by everything on that VLAN.  This virtual interface is usually the gateway of of the PC’s on the VLAN.  The switch will take care of the routing components.  This is ideal for large networks with lots of VLANs that have many “access” switches connected to a “core” switch.

show ip interface brief
conf  t
interface vlan 20
– creates a new layer 3 interface for that VLANip address 192.168.20.1 255.255.255.0 – Assigns an IP to your VLAN interface

Now if you list the interfaces again with show ip interface brief you will see the logical VLAN interface.  To turn on the layer 3 switching one more command is needed:

ip routing – Turns on the routing capabilities of your layer 3 switch!