Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                

Native VLAN and Default VLAN

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 6

1.

Native VLAN and Default VLAN


A native VLAN is assigned to an 802.1Q trunk port. An 802.1Q trunk port supports
traffic coming from many VLANs (tagged traffic) as well as traffic that does not
come from a VLAN (untagged traffic). Frames belonging to the native VLAN are sent
unaltered over the trunk. Untagged traffic is generated by a computer attached to a
switch port that is configured with the native VLAN. Also Jim it is important to note
that a native VLAN serves as a common identifier on opposing ends of a trunk link.

On the other hand Jim, in the case of a default vlan all switch ports are or become a
member of the default vlan after the initial boot up of the switch. This allows any
device connected to any switch port to communicate with other devices on other
switch ports.
Command to assign a Native Vlan
Switch1(config)# interface FastEthernet 0/1
Switch1(config-if)# switchport mode trunk
Switch1(config-if)# switchport trunk native vlan 2
Switch1(config-if)# end

There is also the term VTP (VLAN Trunking Protocol) which is a Cisco proprietary
protocol that manages the addition, deletion, and renaming of VLANs for the entire
network. Information about changes to a VLAN or the addition of a new VLAN to a
network is distributed to all switches on the network simultaneously and does not
need to be done one at a time.

2. According to what you have explained to me Jim, it seems as though there was a
loop created when you configured the network, this may have caused some flooding
to take place on the switch. Below I stated some terms that you should read on and
see how it may help you solve the problem.

Spanning tree
Simply put Jim the Spanning Tree Protocol (STP) runs on layer 2and is designed to
prevent loops on the network that could occur if you connect a number of switches
together. For example, a loop is created if you connect Switch 1 to Switch 2 and
then you also connect Switch 2 back to Switch 1 using a different cable and ports on
the switches.
Doing this Jim can cause the network to go down and creates instability in the
switches, so this is why STP was developed so that it looks at all of the ports used to
create a loop and then places one of those ports in a blocking state so that no data
traffic can pass through the port. Once the port is in a blocking state, the loop is
broken and the network becomes more stable.

There is also Rapid Spanning Tree Protocol (RSTP) which is also known as the IEEE
802.1w standard and is an improvement on STP. With STP, the ports move through
four different states (blocking, listening, learning, and then forwarding), which is
why it could take 52 seconds before the port moves to a forwarding state. RSTP
reduces these states to three, but also introduces an alternative port feature. The
alternative port is used as a backup link when RSTP originally determines which
ports go into a forwarding state. When a port goes down, RSTP simply activates the
alternative port instead of going through a voting process that STP would do (which
takes time).

Here are some terms you should also know Jim:


Flooding- Flooding means that the switch sends the frame to all ports on it in
hopes that the destination system will receive the frame. This happens when the
switch does not know the port that the destination MAC address (of the frame) is
connected to.
Forwarding -This is what the switch does when it knows the port that the
destination system is connected to. The switch forwards the frame to the
appropriate port so that it can be received by the destination system.
Blocking- A port is placed in a blocking state by STP to prevent a layer-2 loop.
Filtering- Switches filter traffic by only sending the data to the port that the
destination system is connected to.

3. Interface Configurations
Jim, Trunking is basically the process of transferring VLAN traffic between two or
more switches. So say you have two switches, each configured with a VLAN1 and a
VLAN2, and you want all of the computers connected to VLAN1 on one switch to talk
to all of the computers connected to VLAN1 on the other switch. And you may want
to do this with VLAN2 aswell, so you configure a port on each switch as a trunk port.
A trunk port is a port on a switch configured to carry all traffic, regardless of VLAN
number, between all switches in a LAN.
Jim in trucking which I have explained to you above, there are tagged and untagged
VLANs. It is similar to what I explained to you about native and default vlan. Here
trunking uses an 802.1Q tags to identify the vlans that the frame that is being sent
over the trunk port is associate with. The untagged is basically known as the native
vlan. This native VLAN will have to been configured so that all frames that are
associated to that vlan it will go over the trunk untagged.
For example we have in our department we have two switches on switch1 we have
2 computer connected to it and the same on switch2. One the computers on switch
one is assigned to vlan1 and the other vlan2 same on switch2. So when the
computer on vlan10 on switch1 wants to communicate with the other on switch2 it
would send the message/packet over the trunk port but in order for the switch to
know where to send the information the 802.1q is used and tags the packet while it
travels over the trunk and when switch2 receives it will be able to read and identify
that it belongs to vlan1 and sends the appropriate computer.

Port bonding (Also known as LACP- Link Aggregation Control Protocol)


This is the process that logically combines multiple ports together on a switch thus
achieving greater through-put and higher accessibility between the two devices.
This would is basically bundling several physical ports into one single channel.

Port mirroring
This is the method by which a copy of an IPv4 or IPv6 packet is sent from the
routing platform to an external host address or a packet analyzer for purposes such
as monitoring compliance, enforcing policies, detecting intrusions, monitoring and
predicting traffic patterns and correlating events. Also known as traffic mirroring, it
is useful in troubleshooting scenarios.
There is Local and remote port mirroring;
Local port mirroring
This is a port-mirroring configuration in which the mirrored packets are sent to an
interface on the same switch.
Remote port mirroring
Flooding mirrored packets to an output (analyzer) VLAN that you create to receive
mirror traffic or sending the mirrored packets to a remote IP address.

Speed and Duplexing


Jim, when you first install a switch some of the first configurations that you would go
about doing is the configuration of the speed and the duplex for the interface. When
doing this you must ensure that the configurations match on both sides.
IP Address Assignment
In an event you need to remotely manage one of the switches for our organization ,
you can just assign an IP address to that switch by configuring VLAN 1 with an IP
address and subnet mask. You may do this by using the following commands to a
switch:
VAN-SW1> enable
VAN-SW1# configure terminal
VAN-SW1(config) # interface vlan1
VAN-SW1(config-if) # ip address 14.0.0.25 255.0.0.0
VAN-SW1(config-if) # no shutdown
VAN-SW1(config-if) # exit
*Always remember Jim, that the switch does not need to have an IP address
assigned to it in order to function properly. The only reason to add an IP address to a
switch is so that you can remotely connect to it to manage the device.

VLAN assignment
When looking to harden the network environment, you can configure your network
for multiple VLANs and then assign ports to specific VLANs. The VLANs act as
communication boundaries and are a great way to control communication between
types of systems on the network.

Switch Management
There are a number of good practices that should be followed when configuring
switches on the network. Here are a list of some Jim:
User Names and Passwords
The first thing you want to do is create user names and passwords on the switch so
that administrators can connect to the switch and either view settings or change
the settings. Here is an example of how you would do that:
VAN-SW1> enable
VAN-SW1# configure term
VAN-SW1(config) # username Admin1 password P@55w0rd

AAA Configuration
The term AAA stands for authentication, authorization, and accounting and is an
important technology used with networks today to ensure that the authentication
and authorization are handled centrally on the network. AAA technologies typically
use a central authentication server known as a Remote Authentication Dial-In User
Server (RADIUS) server.

Console and Virtual Terminal


Once you have configured the user name you can then configure the console port
and telnet ports (known as virtual terminal) to use that user name and password in
order for someone to get access to those configuration ports. In order to configure
the console port to force login with that user name, use the following commands:
For the console: (is used to force someone to log on with the locally
created user name.)
VAN-SW1>enable
VAN-SW1# config term
VAN-SW1 (config) #line con 0
VAN-SW1 (config-line) #login locol
And for the telnet: (This is used to navigate to the first five telnet ports on
the device.)
VAN-SW1 >enable
VAN-SW1 # config term
VAN-SW1 (config) #line vty 0 4
VAN-SW (config-line) #login local

In-Band/Out-of-Band Management
When configuring network devices, you can perform the management of those
devices using in-band management or out-of-band management.
In-band management means that you configure the device using regular network
protocols such as Telnet or Simple Network Management Protocol (SNMP) and
manage the device remotely using a regular network connection. This is not really
recommended to rely on because if the network goes down, you have no way to
connect to the device from across the network in order to change the configuration
and fix the network problem.
Out-of-band management involves creating an alternative method of connecting to
the device for management purposes. This could involve using local ports on the
device to connect to it or installing network controllers for a dedicated management
network connection to the device.

4.
Jim a default gateway acts as an intermediate device that connects your device to
the internet.
Therefore you would need a default gateway when setting up the VOIP phones on
the network because VOIP is basically the transmission of voice and multimedia
content over Internet Protocol (IP) networks.
You would need to use the (PoE+) 802.3at because it supports up to 30watts.

5.
Well Jim finally there is a difference between a managed switch and unmanaged
switch.
A managed switch allows you the network administrator to configure a lot of
features such as port mirroring, port security, VLANs, and configuration of the ports
all which I have already explained to you above.
While an unmanaged switch does not allow you to configure the switch it just simply
acts as a connection point for clients to connect to the network.
So Jim in shorter terms unmanaged switch just allows Ethernet devices to
communicate with one another, such as a PC or network printer. On the other hand
a managed switch provide the ability to configure, manage, and monitor your LAN
which gives you greater control over how data travels over the network and who
has access to it.

You might also like