CCIE R&S Written Overview: VLANs/Trunking/VTP

VLANs/Trunking/VTP

VLAN Numbering

• VLAN membership defined by number

• 12-bit field (0-4095)

– 0 & 4095 reserved per 802.1Q standard

• Normal VLANs 1-1005

– 1 – Default Ethernet VLAN

– 1002/1004 – Default FDDI VLANs

– 1003/1005 – Default Token Ring VLANs

• Extended VLANs 1006-4094

VLAN Trunks

• Traffic sent over a trunk link receives special trunking encapsulation

– Normal Ethernet header does not have a field for VLAN number

– ISL or 802.1Q headers are added to include this information

Trunking Encapsulations

• Both ISL and 802.1Q accomplish the same goal of encoding VLAN number in frame header to separate traffic

• The key differences are…

– ISL

• Cisco proprietary

• 30-byte encapsulation for all frames

– 26-byte header

– 4-byte trailer (FCS)

• Does not modify original frame

802.1Q

• IEEE standard

• 4-byte tag except for “native” VLAN

• Modifies original frame

– See Inter-Switch Link and IEEE 802.1Q Frame Format for more info

DTP – Dynamic Trunking Protocol

• Dynamic switchports automatically choose whether to run in access or trunking mode

• Runs Dynamic Trunking Protocol (DTP) to negotiate, in order…

– ISL trunk

– 802.1Q trunk

– Access port

• Configured as switchport mode dynamic [auto|desirable]

• Disabled with switchport nonegotiate or switchport mode access

Auto vs Desirable

  • Auto will not initiate but will accept
  • Desirable will initiate a negotiation and also accept one

VTP Overview

• VLAN Trunk Protocol

• Cisco proprietary

• Used to dynamically…

– Advertise addition, removal, modification of VLAN properties

• Number, name, etc.

– Negotiate trunking allowed lists

• “VTP Pruning”

• Does not affect actual VLAN assignments

– Still manually needed with switchport access vlan [vlan]

How VTP Works

• VTP Domain

– To exchange information, switches must belong to the same

domain

• VTP Mode

– Controls who can advertise new/modified information

– Modes are…

• Server

• Client

• Transparent

• VTP Revision Number

– Sequence number to ensure consistent databases

– Higher revision indicates newer database

VTP Domains

• VTP domain name controls which devices can exchange VTP advertisements

• VTP domain does not define broadcast domain

– Switches in different VTP domains that share same VLAN numbers hosts’ are still in the same broadcast domain

• Configured as vtp domain [name]

• Defaults to null value

– Switch inherits VTP domain name of first advertisement it hears

VTP Pruning

• Broadcasts and unknown unicast/multicast frame are flooded everywhere in the broadcast domain

– Includes trunk links

• Editing allowed list limits this flooding, but large administrative overhead

• VTP pruning automates this procedure

– Switches advertise what VLANs they need

– All other VLANs are pruned (removed) off the trunk link

• Does not work for transparent mode

Advertisements

VLAN: Details, Details, Details

VLAN Database Mode

Enter at enable prompt, not global configuration mode.

You must use the word ‘apply’ or ‘exit’ to have changes saved, otherwise VLANs will not show in database.

VLAN Design Rules

Keep core switches available purely for switching

VLAN scheme should keep broadcasts and multicasts away from core

End to end VLAN 80/20 rule 80 percent of the local traffic stays within the local area and the other 20 will traverse the network.

Local VLANs 20/80 – 20 local in scope and 80 percent to traverse network

Users are grouped by location with local VLAN design