Trunking and VLANs

Trunking and VLANs

VLANs create separate broadcast domains and isolates traffic to it's own VLAN. Switches will not forward traffic out ports that aren't in their VLAN. Basically, traffic from VLAN 10 cannot reach VLAN 20.

Trunking carries data from multiple VLANs over a medium. So a trunk port is a port capable of carrying traffic from specified/any VLANs. This is useful if in a multi-switch environment or inter-vlan routing / RoAS w/out a Layer3 Switch.

Notes

ISL is largely unsupported. 802.1Q is the IEEE standard and most adopted.

switchport trunk encapsulation isl|dot1q

802.1Q:

-Frames are tagged with a VLAN ID Field
- Both ISL and .1Q tag a 12bit VLAN Field
-Untagged frames are sent to the NATIVE VLAN on the receiving port.
-It's best practice to have the same NATIVE VLANs set on each side to avoid inconsistencies.

Configuration

We'll configure this topology as shown.

VLANS

We'll configure ports 4 and 8 on the switch into their VLANs, also 4 and 8 to keep it simple.

** Configure VLANs
Switch>en
Switch#conf t
Switch(config)#interface fastEthernet 0/8
Switch(config-if)#switchport access vlan 8
% Access VLAN does not exist. Creating vlan 8

Switch(config-if)#int fa0/4
Switch(config-if)#switchport access vlan 4
% Access VLAN does not exist. Creating vlan 4

Switch# show vlan brief
 ** WILL CONFIRM VLANs

Trunking

At this point the PCs are in their own VLAN. In order for them to communicate we must set up a trunk port to the router to allow for inter-VLAN routing.

Set switchport Fa0/1 to TRUNK mode to carry all our VLAN traffic. Remember that the switchport mode by default is dynamic desirable which will enable trunking by default if connected to another switch, AKA BAD.

** Setup trunk port to Router
Switch(config-if)#int fa0/1
Switch(config-if)#switchport mode trunk 
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up

Now to configure trunking on the router. We do so with subinterfaces to put an interface in each VLAN we want to route traffic on.

 ** Set trunk on Router with Sub-Interfaces
Router(config)#interface fastEthernet 0/0
Router(config-if)#no shutdown 
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up

Configuring our subinterfaces by creating them, setting the encapsulation (dot1q = trunking), and finally an IP address.

Router(config)#interface fastEthernet 0/0.4
Router(config-subif)#
%LINK-5-CHANGED: Interface FastEthernet0/0.4, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.4, changed state to up

Router(config-subif)#encapsulation dot1Q 4
Router(config-subif)#ip address 10.0.4.1 255.255.255.0



Router(config-subif)#int fa0/0.8
%LINK-5-CHANGED: Interface FastEthernet0/0.8, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0.8, changed state to up


Router(config-subif)#encapsulation dot1Q 8
Router(config-subif)#ip address 10.0.8.1 255.255.255.0

 ** Ensure our networks are connected and in the table
Router#show ip route
 ** CODES OMITTED

     10.0.0.0/24 is subnetted, 2 subnets
C       10.0.4.0 is directly connected, FastEthernet0/0.4
C       10.0.8.0 is directly connected, FastEthernet0/0.8

Command reference

Switch(config-if)#switchport mode ?
  access   Set trunking mode to ACCESS unconditionally
  dynamic  Set trunking mode to dynamically negotiate access or trunk mode
  trunk    Set trunking mode to TRUNK unconditionally
  
Switch(config-if)#switchport mode dynamic ?
  auto       Set trunking mode dynamic negotiation parameter to AUTO
  desirable  Set trunking mode dynamic negotiation parameter to DESIRABLE

  
Switch(config-if)#switchport trunk allowed vlan add 99

Switch#show interfaces trunk 
Port        Mode         Encapsulation  Status        Native vlan
Fa0/24      desirable    n-802.1q       trunking      1
Gig0/1      on           802.1q         trunking      1

Port        Vlans allowed on trunk
Fa0/24      1-1005
Gig0/1      1-1005

Port        Vlans allowed and active in management domain
Fa0/24      1,2,3,900,990
Gig0/1      1,2,3,900,990

Port        Vlans in spanning tree forwarding state and not pruned
Fa0/24      1,2,3,900,990
Gig0/1      1,2,3,900,990

Switch#show vlan brief 

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                Fa0/17, Fa0/18, Fa0/19, Fa0/20
                                                Fa0/21, Fa0/22, Fa0/23, Gig0/2
2    VLAN0002                         active    Fa0/13, Fa0/14
3    VLAN0003                         active    Fa0/15, Fa0/16
900  ENG                              active    
990  TEST                             active    
1002 fddi-default                     active    
1003 token-ring-default               active    
1004 fddinet-default                  active    
1005 trnet-default                    active