Inter-VLAN Routing

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hi everyone in this video I'm going over chapter 11 from the CCNA routing and switching study guide written by Todd lamell these will be the hands-on activities with hands-on labs at the end of the chapter chapter 11 was all about VLANs configuring VLANs access ports trunk ports and inter VLAN routing so naturally these labs will all be focused around VLANs and inter VLAN routing there is a topology depicted at the beginning of the hands-on labs that looks pretty similar to this um I did substitute in a layer 3 switch here rather than a layer 2 switch so if you need to go ahead and pause the video for a couple minutes and build this topology all right once you have this built we have s1 is connected through ports 15 and 16 to s3 on ports 1 and 2 and then 17 and 18 here are connected to ports 1 & 2 on the switch and the switches are connected down here together on ports 5 & 6 on the PCs are on ports 3 & 4 respectively 3 & 4 & the router is connected on port 8 I do know that in the topology it shows a layer 2 switch here but the last activity 11.4 revolves around using a layer 3 switch or a multi-layer switch here so I'm just going to start with it so now absolute configurator to switch swap it and then reconfigure the whole thing I'm going to start with a layer 3 switch alright so to begin 11.1 we're just going to configure and verify VLANs really all we're doing is creating the VLANs so when you give the command VLAN 10 and VLAN 20 on each switch alright then once you've done that it does want you to verify with the show VLAN let me go ahead and make this a little bit wider and taller alright so here's my command show VLAN we can see the default VLAN one is always enabled by default with all of the ports assigned to it we now have VLANs 10 and 20 created with a default name so we didn't customize the name or specify a specific name for those if you're in a real production environment this might be the department that you're going to use that VLAN for like marketing or sales it could be a geographical location West Wing something like that I'm going to get a whole bunch of additional information down here and so the alternative to that command is show VLAN brief which is just going to show us this top portion basically this table so we should see the exact same thing down here it's just that table note these bottom three show is active whereas on the regular show VLAN it shows active unsupported sorry bottom four there so that's the slight difference there and then the other difference the VLAN brief is that we don't get these extra tables with information that may or may not be particularly useful unless you want to verify like an MTU in case we can see that they've been created so then in I have eleven point two we're going to configure and verify our trunk links so again we'll start on switch 1 and we had ports 15 16 17 and 18 that are all going to be trunk links and actually to port 8 here will also be a trunk link so we can do an interface range 15 through 18 and 8 all right the first thing we want to give is switchport trunk encapsulation we want to set it to dot1q and then give the command switch port mode trunk we get all them go down get reconfigured and come back online pretty rapidly as a trunk link now rather than an access link so there's our commands again and so the reason we do that is because an access link can only carry data from the same VLAN that it's part of so if I set up an access link for VLAN 10 it can only carry data for VLAN 10 which is good because it'll help reduce our broadcast broadcast domains but between switches I need to be able to transfer data for multiple VLANs and that's exactly what a trunk line does is a trunk line is kind of seen as a member of multiple VLANs so we can transmit for you know any assigned or any authorized VLANs over a trunk link rather than just a single VLAN so that's pretty important you know the difference between an access and a trunk alright so we want to go ahead do the same thing for our other two switches just configure them for trucking on these four ports and you double check one in two and five and six so we'll go ahead and do another interface range and five and six and note on this layer to switch if we try to give the command switch port trunk encapsulation it doesn't recognize it you only have two options for encapsulation the first one is a little bit older it is called inter switch link ISL it was proprietary to Cisco hardware and it functioned very similarly in that it would allow multiple VLAN traffic across a single port but because of this proprietary to Cisco other hardware manufacturers didn't support it and so we ended up transitioning into I Triple E 802 dot1q as the more common method of frame tagging for VLANs and instead of actually encapsulating an entire frame it just inserts a field into the frame to identify the VLAN so if you're using any if using a cisco network that has some non cisco components you have to use 802 dot1q if you're entirely Cisco and you're somewhat older hardware then you can do ISL but even cisco is moving away from ISL and just making the standard 802 dot1q so these switches that I have my layer 2 switches they don't even have ISL on these anymore it's just the 802 one Q which is why it no longer recognizes the command is because there's no other option for these switches so instead of giving the encapsulation command we just need to tell it to be a trunk port and this should go down and come right back up let me see that eight did not go down and one and two have not gone down so once you are not configured on the other switch yet thanks eight sorry eight was be up here and eight did not go down and come back up reconfigure just a trunk port because the line is disabled from the router so it sees that line is down completely right now anyway so we've configured switch to four trunking we need to configure switch three for trunking five and six all right and it looks like STP is automatically enabled so Spanish your protocol to prevent like loopback storms or broadcast storms STP is designed to prevent that and so we have one link that's actually active with backup links as needed across the network and so that helps to prevent those broadcast storms I'm not going to cover a whole lot of in-depth material on STP if you're wondering about that you might have to do some additional research but STP is very important when you are using redundant links like this multiple links to the same sources all right so we now have our ports configured for trunking and lost my place here in the book there we go so we can verify our trunk links we pick a random switch here wouldn't come back out and we'll give the command show interface trunk so make that a little bit bigger so we can see everything here so I have ports one two five and six which are my switch to switch ports by default the only option that was available anymore on these switches is the 802 dot1q encapsulation which where it adds that VLAN tag information into the header of the frame it's just there trunking though native VLAN is default one it allows one through one thousand and five for those VLANs across those ports so it currently allows everything and it currently has three active VLANs one which is a default and then 10 and 20 which we just created a couple minutes ago another command that we can give we want to look at a specific port to see how that trunking is configured let's see what kind of configuration is using for that trunk link we can give the command show interface and then actually specify an interface like f15 or f-16 it is enabled as a trunk mode with dot1q encapsulation again it's the only thing available on the switch the access mode is currently VLAN 1 as the default the native VLAN is 1 as default alright so you can kind of use that to help verify your chunking if you end up having a native mismatch between switches it will display an error stating that there's a native VLAN mismatch and that's a good way to double-check and see what the native is here compared to the other switch if they have different native VLANs then the law sometimes have problems and throw that error where they can't process data between different VLANs and it's not tagged anything it's not tagged is automatically assumed to be part of the native VLAN so if my native VLANs are different and a device connects that's untagged then it will one switch will see it in one VLAN the other switch will see in a different VLAN and so they won't be able to properly handle the data flow for that device all right so look at that covers pretty much everything for 11.2 we're moving into 11.3 which is configuring the router on a stick for routing so now we're actually going to jump up into our router and before I go too far on configuring this let me go ahead and run a little bit of network traffic right so we have no ports so there's one extra thing that the book doesn't mention that we'll need to do is either assign static IP addresses or because I think it would be kind of cool I'm going to set up a DHCP server you could set up DHCP through your router but for the last step here we're actually gonna be disabling the router so I would rather have a local server with DHCP configured on it so the first thing we want to do since we have multiple VLANs I'm going to go ahead and give this server two interfaces that way I can connect it to each VLAN directly fast forward time so that thing boots and then I'm going to enable DHCP here and so one of these is going to be the 10 10 10 0 Network so it's going to be 10 10 10.1 is how I'll configure the Gateway I'll configure the server with a static address of 4 and I'll start assigning IP dhcp addresses at 25 all right so we see the basic configuration there so that's for G 1 G 0 I'll do the same thing for VLAN 20 all right then I do need to go ahead and start giving static addresses to my server which is a good practice anyways so to use itself as a DNS server and then g0 one will be in VLAN 10 alright next I want to go ahead and get it cabled so 0 1 is VLAN 10 I'll go ahead and put it on port 7 there and zero was VLAN 20 again on port seven and I'm going to go ahead and configure port 7x let's go ahead do a range three four and seven as access ports and so on switch three I'm going to go ahead and assign those ports to VLAN 10 move the same thing on switch two but assign them to VLAN 20 so that way I know that my VLANs are configured for specific interfaces now as well give us a moment to configure and become established and now I should be able to get a DHCP address for my server because this doesn't require any routing they're directly connected on the switch alright so I'm going to DHCP error let's come verify the DHCP is on alright let's try it again there we go although it's not starting the correct range there bring that back up to 25 and bring that back up to 25 there we go and again this is just an alternative to static setting addresses but these devices computers are going to need an IP address in order to communicate over the network all right so we have addresses everywhere here now well on our user end at least so next thing we want to do is make it so that our VLAN 10 can communicate with VLAN 20 currently we can as long as we're within the same VLAN we can communicate so we have success pinging across we have communication locally but if we try to cross VLANs we have no way of routing between our VLANs right now so the first way I'm going to show is going to be through the router which is our one in this case so there's a few things that we're going to do the first we are going to go into our Gigabit Ethernet port which is the one connected directly to the multi-layer switch and we're going to assign it a management IP address and that's for the entire port itself this will be IP address 170 216 10.1 for example all right and then we want to go into our sub interfaces because router on a stick uses one physical interface and creates multiple logical interfaces so we're going to head and configure those logical interfaces now so for example sub interface 10 is going to be for VLAN 10 so I need to configure it for encapsulation again as dot1q and VLAN 10 and the next thing I need to do is give it an IP address so that my VLANs can use this router as a gateway all right so that takes care of VLAN 10 next I need to configure for VLAN 20 so I'll create a sub interface 20 again give it the encapsulation dot1q for VLAN 20 and then assign an IP address that my VLAN can use as a gateway movie line devices and I'm going to come back to the physical interface and give the no shutdown command and that should bring all of my sub interfaces online as well all right I'm going to fast forward let it build and configure and we should be ready to start doing a little bit of communicating across the network remember the easy simple PDU is like a single ping so it's quite often that that will fail the first time even if you came in and did an actual ping for example we're going to ping from PC to PC 0 there's been no network traffic in packet tracer from these two devices yet other than getting a DHCP address so we'll go ahead and run an actual ping over to 10 10 10 26 let's go 25 I think was PC 0 25 and even doing command prompt paying which sends for echo requests even if then the first one will still time out in packet tracer because it's updating the ARP table with that first echo request and then the other three are successful so we're good there so that has actually enabled our inter VLAN routing so these two VLANs can communicate if we want we can switch over to the simulation mode here we can actually watch that traffic travel through the network and we'll see how it uses the router as a router on a stick for inter VLAN routing so the PC sends the echo request goes to the local switch because of STP these lines are their pseudo disabled the switches know that these lines exist but they're held more as a backup so they're not going to be active so this the packet is going to come over to our other switch based on how our spanning tree protocol configured within our network so a spanning tree protocol it comes over to the other switch goes up to our multi-layer switch and then goes to the Gateway for VLAN 20 the router set receives it and then wraps it over to VLAN 10 and sends it back down to VLAN 10 so that whole process there PC on VLAN 20 sent an echo request it was routed through the network back down to VLAN 10 and has now been received and then PC in VLAN 10 we'll need to reply and so we'll see that follow the same path back and we're successful so that's how a router on a on a stick works is that the veal and we use it as a gateway and the router itself will just send it back down with the appropriate VLAN tag to come back down to the correct PC all right so that looks like most of 11.3 there is one step there pinging from a PC on one of our VLANs to the router sub interface configured to be the gateway I skipped it but we know it works otherwise we wouldn't have inter VLAN routing if you wanted to go ahead and test it you can go ahead and run a command prompt ping that way you know you're addressing the correct sub interface all right so it looks like that's everything for 11.3 moving forward into 11.4 we're going to configure inter VLAN routing with a layer 3 switch or a multi-layer switch now so we're going to disable the router and this would be the first thing we do and we're going to use a s1 to provide this interview and routing without actually using a physical router so let's go ahead and disconnect that verify that we no longer have connectivity between our VLANs no routing happening between them and now we're going to configure this multi-layer switch to handle that routing between VLANs so make this a little bit larger all right so the first command that we need to give is IP routing and that tells us layer Swit the layer 3 switch that it's going to be handling some basic routing protocols this this command won't work on a layer 2 switch we can come and try it but it just doesn't recognize the command it doesn't have the capability of handling any kind of routing protocols all right so back in our multi-layer switch we then need to create the VLAN interfaces here rather than on our router so we're going to create VLAN tens interface and assign an IP address that will be seen as the gateway by our end devices which is already configured once as 10-10-10 one as a slash 24 and then we're going to go ahead and configure another interface create another interface for VLAN 20 and assign it the gateway address next we want to go ahead and clear our art cash or ARP tables so that way our multi-layer switch won't try to send VLAN communications to the router for routing because it already built that ARP so now it will have to rebuild with new traffic coming through any time traffic comes through it'll have to rebuild its ARP table or our ARP cache so let's go ahead and try to ping up there we go so it's rebuilding that art cache now which requires a little bit of network traffic all right there we go all right the next thing we should be able to do is ping from one VLAN to the other to show that we have connectivity between our two VLANs so in real-time instantly successful and now we can verify in simulation mode to see how exactly that packet will be handled on the network really so go ahead and it looks just like it did before it goes from one switch to the next and then up to our multi-layer switch and now our multi-layer switch is handling the routing protocols which is then routing it over to the other VLAN and it will follow the same path back the only difference here is we're using a multi-layer switch to handle it rather than an actual router whether or not you choose to do that in your environment depends on your network but know that that option is available all right and I think that covers everything from the hands-on labs in chapter 11 here so again we covered a lot of VLAN configurations the difference is between access ports and trunking ports or access links and trunk links specifically we handled router on a stick using a single router interface to route between multiple VLANs and then we handled multi-layer switch routing protocols as always if you have any questions or comments please feel free to leave them for me below and I will try to reply in a timely fashion thank you so much for watching and I hope to see you in my next video

Info

Channel: Scott Marlin

Views: 87,372

Rating: 4.8647885 out of 5

Keywords: IVR, Inter-VLANRouting, VLANRouting

Id: Cto_0IU8KPw

Channel Id: undefined

Length: 30min 7sec (1807 seconds)

Published: Sat Mar 05 2016