Solved

How does VLANs communicate?

Posted on 2012-03-13
8
511 Views
Last Modified: 2012-05-18
Hello,

Can someone tell us how VLANs talk to each between switches or even from the router how it routes between one VLAN to another?

Thanks,
Goraek
0
Comment
Question by:goraek
8 Comments
 
LVL 2

Expert Comment

by:wherami
ID: 37718328
VLANs can not talk to each other unless they are routed. So it requires a router orlayer 2 3 switch. If you have a layer 2 3 switch enable routing and give your VLAN an IP this IP becomes the gateway to the VLAN
0
 
LVL 2

Author Comment

by:goraek
ID: 37718469
How do we route these VLANs on L2/3 switches? They are CISCO switches, I believe they are the 2960s.
0
 
LVL 14

Expert Comment

by:Otto_N
ID: 37718656
By creating a Layer 3 interface (also called and SVI - Switched Virtual Interface) for the VLANs you want to route, using the "interface vlan <vlan-id>"-command, and assigning it an IP address.  If you have two or mo0re SVI's up, the Layer2/3 switch will add both to its routing table, which you can augment with static routes or by configuring routing protocols, depending on the features supported by the switch.

However, the Cisco Catalyst 2960 family of switches are Layer-2 only, and does not support multiple SVI's and routing - You can only have one SVI active at any time, intended for remote access to the switch: The moment you create another SVI, the switch software disables the first SVI.
0
 
LVL 2

Author Comment

by:goraek
ID: 37718835
@Otto_N

Thanks for the info, although I'm not quite the a networking guru - with one SVI, will it still be able to do VLAN'ing? And what are the benefits or downs to this?
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 14

Assisted Solution

by:Otto_N
Otto_N earned 166 total points
ID: 37719408
Note that VLANs (VLAN = Virtual LAN) emulates seperate LAN segments, each being a seperate IP subnet. To interconnect LAN segments (whether the LAN segments are physical or virtual), you will require a Layer3 device that can connect to each of the different LAN segments with an IP out of the particular sunbet, and configure all hosts on that LAN segment with the gateway IP address (the IP of the host on the segment that "knows how to get out of here") of the Layer3 device.

A Layer2/3 switch accomplishes this by having multiple SVI's (one for each LAN segment it must connect to), and having the relevant IP assigned to these SVI's.  If there isn't an SVI for a particular VLAN, a Layer2/3 switch will still transport the VLAN, but on Layer 2 only: Hosts in that VLAN will only be able to communicate with each other, as the switch is not connected to the segment to act as the gateway device.

As the 2960 only support a single SVI, this switch cannot interconnect different VLAN segments, but can only look like a host on the segment. This is provided mainly for remote management, to allow the network administrator to connect to the switch from somewhere else on the network, in order to shut/unshut ports, change VLANs on ports, and so on. You can still have multiple VLANs on the switch, although you will need another device (such as a router or a Layer2/3 switch) to enable routing between the VLANs.

I hope this explains it a bit...
0
 
LVL 10

Assisted Solution

by:mat1458
mat1458 earned 167 total points
ID: 37719417
@goraek: the C2960 is a layer 2 switch and cannot route between VLAN. You need to connect it to a router or to a layer 3 switch (C3750, C3560) on which you configure more than one VLAN interface. If ip routing is enabled on the L3 switch then you can route between the VLAN.

On the C2960 you still can have multiple VLAN that are completely separate from eachother.
0
 
LVL 4

Accepted Solution

by:
schmitty007 earned 167 total points
ID: 37720663
As above poster states the 2960s are only a Layer 2 switch, which means they can not perform layer 3 routing functions. So yes you would need a router to actually route the traffic from one VLAN to another. VLANs create different virtual LANs across your switch/s in order to separate traffic. Just to give you an example of a config with a Cisco router and your switches would be as follows.

Router LAN interfaces, with your one physical interface you now have multiple Virtual interfaces one for each VLAN.
You create them with the following commands
router#config t
router(config)#int gi0/1.101   (this will create the VSI)
router(config-subif)#encap dot1q 101
router(config-subif)#ip add 192.168.1.1 255.255.255.0 (this will assign this ip to this interface)
after this point you would repeat these configs for each SVI you would need.


So if you needed say four VLANs when you were done your running-config for that interface would look like this.

interface GigabitEthernet0/1
 no ip address
 duplex auto
 speed auto
!
interface GigabitEthernet0/1.101
 encapsulation dot1Q 101
 ip address 192.168.1.1 255.255.255.0
!
interface GigabitEthernet0/1.102
 encapsulation dot1Q 102
 ip address 192.168.2.1 255.255.255.0
!
interface GigabitEthernet0/1.103
 encapsulation dot1Q 103
 ip address 192.168.3.1 255.255.255.0
!
interface GigabitEthernet0/1.104
 encapsulation dot1Q 104
 ip address 192.168.4.1 255.255.255.0

Switch
switch#config t
switch(config)#vlan 101                   (this will create VLAN 101 on your switch)
switch(config-vlan)#name my-vlan   (or what ever name you want to associate with this vlan)
repeat this for each VLAN you need.
to manage your switch off one of these vlans you will need to configure the vlan with an IP for example:
switch(config)#int vlan 101
switch(config-if)#ip add 192.168.1.2 255.255.255.0

you will also want to set your IP default gateway for your switch as well
switch(config)#ip default-gateway 192.168.1.1

At his point you would just need to assign your switch ports to whatever VLAN you would like them on.
switch(config)#int gi0/1
switch(config-if)#switchport access vlan 101

The switch ports that connect your switch to your router will need to be in trunk mode and any switch ports that connect from your switch to another switch also needs to be in trunk mode.

switch(config)#int gi0/49
switch(config-if)#switchport mode trunk
that will make gig interface 49 a trunk port. You need a trunk port to pass multiple VLANs.


If you need assistance with configs you may find help here but, if you are not familiar with Cisco commands you may want to have someone who is config these for you.
0
 
LVL 2

Author Closing Comment

by:goraek
ID: 37984267
Thanks
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now