VLAN implementation example
The development of VLAN example computer network technology is like a drama stage, and you just finished singing and I will take the stage. It has only been a few years since the development of traditional Ethernet (10Mb/s) to fast Ethernet (100Mb/s) and Gigabit Ethernet (1000Mb/s), and its rapid momentum is really surprising. Now in the construction of medium and large-scale networks, there are countless mainstream network models with the so-called "gigabit backbone running, 100 megabit to desktop" with Gigabit Layer 3 switch as the core. Now, the network industry is no longer unfamiliar with the terms "layer three-layer switching" and VLAN.
1. What is Layer 3 switching and VLAN to answer this question, let’s take a look at how Ethernet works first. The working principle of Ethernet is to use bytes formed by binary bits to combine them into frames of data (actually some electrical pulses) to propagate in the wire.
First, the nodes on the Ethernet network segment that need to transmit data to monitor the wires. This process is called CSMA/CD (Carrier Sense Multiple Access with Collision Detection with Carrier Sense Multiple Access with Collision Detection). If another node is transmitting data at this time, the listening node will have to wait until the transmission task of the transmission node is completed. If two workstations happen to be ready to transmit data at some point, the Ethernet segment will send a "collision" signal. At this time, all workstations on the node will detect a collision signal because the voltage on the wire exceeds the standard voltage at this time. At this time, any node on the Ethernet network segment must wait until the conflict is over before data can be transmitted. That is to say, in CSMA/CD mode, in a time period, only one node can transmit data on the wire. The networked device that forwards Ethernet data frames is a hub, which is a layer of equipment with relatively low transmission efficiency. The occurrence of conflicts reduces the bandwidth of Ethernet, and this situation is inevitable. Therefore, as more and more nodes on the wires increase, the number of conflicts will increase. The obvious solution is to limit the nodes on the Ethernet wires, requiring physical segmentation of the network. Network devices that physically segment the network are used for bridges and switches. The basic function of bridges and switches is to send only information to other physical network segments. Therefore, if all information is sent to the local physical network segment only, then no information will be passed on the bridge and switch. This can effectively reduce conflicts on the network. Bridges and switches make forwarding decisions based on target MAC (Medium Access Control) addresses, and they are layer two devices.
We already know the shortcomings of Ethernet and the impact of conflicts in physical network segments. Now, let’s take a look at another reason that causes the network to slow down its running speed: broadcasting. Broadcasts exist on all networks, and if they are not properly controlled, they will fill the entire network, resulting in a large amount of network communication. Broadcasting not only consumes bandwidth, but also reduces the processing efficiency of the user's workstation. For various reasons, the Network Operating System (NOS) uses broadcasting, and TCP/IP uses broadcasting to resolve MAC addresses from IP addresses, and also uses broadcasting to announce through RIP and IGRP protocols, so broadcasting is also inevitable. The bridge and switch will forward all broadcast information, while the router will not. Therefore, in order to control broadcasts, a router must be used. The router makes forwarding decisions based on Layer 3 header, target IP addressing, target IPX addressing, or target Appletalk addressing. The router is a layer 3 device.
Here, it is easy for us to understand the three-layer exchange technology. In layman's terms, it is a technology that combines routing and exchange into one. After the router routes the first data stream, it will generate a mapping table of MAC address and IP address. When the same data stream passes again, it will directly exchange from layer 2 instead of routing again according to this mapping table, providing line speed performance, thereby eliminating the network delay caused by router routing and improving the efficiency of packet forwarding. Switches that use this technology are often called layer three switches.
So, what is VLAN? VLAN (Virtual Local Area Network) means virtual local area network. VLANs can be logically divided into relatively independent working groups based on functions and applications, based on functions, applications and other factors. Each user host is connected to a switch port that supports VLAN and belongs to a VLAN. Members in the same VLAN share broadcasts, forming a broadcast domain, while broadcast information between different VLANs is isolated from each other. In this way, the entire network is divided into multiple different broadcast domains (VLANs). Generally speaking, if a workstation in a VLAN sends a broadcast, then all workstations in this VLAN receive this broadcast, but the switch will not send the broadcast to any port on the other VLANs. If you want to send the broadcast to other VLAN ports, you need to use a Layer 3 switch.
2. How to configure a layer three switch to create a VLAN
The following descriptions are all based on the VLAN of Cisco switch. Cisco's VLAN implementation is usually port-centric, and the port connected to the node will determine the VLAN it resides. There are two ways to allocate ports to VLANs, namely static and dynamic.
The process of forming a static VLAN is the process of forcibly allocating ports to the VLAN. That is, we first establish a VLAN on the VTP (VLAN Trunking Protocol) Server and then assign each port to the corresponding VLAN. This is the most common method we use to create a VLAN.
The formation of a dynamic VLAN is very simple, and the specific machine decides which VLAN it belongs to. That is, we first establish a VMPS (VLAN Membership Policy Server) VLAN management policy server, which contains a text file, and the MAC address table mapped to the VLAN is stored. The switch decides to which VLAN to allocate the port according to this mapping table. This approach has great advantages, but creating a database is a very hard and tedious task.
The following example shows how to implement VLAN in a typical fast Ethernet LAN.
The so-called typical LAN refers to a core switch with a layer three switching function connected to several branch switches (not necessarily with layer three switching capabilities). We assume that the core switch name is: COM; the branch switch is: PAR1, PAR2, and PAR3, respectively, and is connected to the core switch through the optical module of Port 1; and assume that the VLAN names are COUNTER, MARKET, and MANAGING respectively...
Work needs to be done:
1. Set VTP DOMAIN (set on core and branch switches)
2. Configure relay (set on core and branch switches)
3. Create a VLAN (set on server)
4. Transfer the switch port to VLAN
5. Configure three-layer exchange
1. Set VTP DOMAIN. VTP DOMAIN is called the administrative domain.
All switches that exchange VTP update information must be configured as the same management domain. If all switches are connected by trunk lines, then as long as a management domain is set up on the core switch, all switches on the network are added to the domain, so that all switches in the management domain can understand each other's VLAN list.
COM#vlan database Enter VLAN configuration mode
COM(vlan)#vtp domain COM Set the VTP management domain name COM
COM(vlan)#vtp server Set the switch to server mode
PAR1#vlan database Enter VLAN configuration mode
PAR1(vlan)#vtp domain COM Set the VTP management domain name COM
PAR1(vlan)#vtp Client Set the switch to client mode
PAR2#vlan database Enter VLAN configuration mode
PAR2(vlan)#vtp domain COM Set the VTP management domain name COM
PAR2(vlan)#vtp Client Set the switch to client mode
PAR3#vlan database Enter VLAN configuration mode
PAR3(vlan)#vtp domain COM Set the VTP management domain name COM
PAR3(vlan)#vtp Client Set the switch to client mode
Note: Setting the core switch to Server mode here means that the VLAN is allowed to be created, modified, and deleted on the switch and some other configuration parameters for the entire VTP domain, synchronize the latest VLAN information passed by other switches in this VTP domain; Client mode means that the switch cannot create, delete, and modify VLAN configuration, nor can it store VLAN configuration in NVRAM, but VLAN information passed by other switches in this VTP domain can be synchronized.
2. Configure relay In order to ensure that the management domain can cover all branch switches, relay must be configured.
Cisco switches can support any medium as a trunk, and their unique ISL tags can be used in order to achieve trunks. ISL (Inter-Switch Link) is a protocol that passes multiple VLAN information and VLAN data flows between switches, between switches and routers, and between switches and servers. By configuring ISL encapsulation on the ports directly connected to the switch, VLAN allocation and configuration of the entire network can be distributed and configured across the switch.
The configuration on the core switch side is as follows:
COM(config)#interface gigabitEthernet 2/1
COM(config-if)#switchport
COM(config-if)#switchport trunk encapsulation isl Configure the relay protocol
COM(config-if)#switchport mode trunk
COM(config)#interface gigabitEthernet 2/2
COM(config-if)#switchport
COM(config-if)#switchport trunk encapsulation isl Configure the relay protocol
COM(config-if)#switchport mode trunk
COM(config)#interface gigabitEthernet 2/3
COM(config-if)#switchport
COM(config-if)#switchport trunk encapsulation isl Configure the relay protocol
COM(config-if)#switchport mode trunk
The configuration on the branch switch side is as follows:
PAR1(config)#interface gigabitEthernet 0/1
PAR1(config-if)#switchport mode trunk
PAR2(config)#interface gigabitEthernet 0/1
PAR2(config-if)#switchport mode trunk
PAR3(config)#interface gigabitEthernet 0/1
PAR3(config-if)#switchport mode trunk
……
At this time, the management domain has been set up.
3. Create a VLAN Once the management domain is established, you can create a VLAN.
COM(vlan)#Vlan 10 name COUNTER Created a VLAN numbered 10 and named COUNTER
COM(vlan)#Vlan 11 name MARKET Created a VLAN numbered 11 and named MARKET
COM(vlan)#Vlan 12 name MANAGING Created a VLAN numbered 12 and named MANAGING
……
Note that the VLAN here is established on the core switch. In fact, as long as the VLAN is established on any switch in the management domain with the VTP attribute Server, it will notify all switches in the entire management domain through VTP. However, if you want to divide the specific switch port into a VLAN, you must set it on the switch to which the port belongs.
4. Transfer the switch port to VLAN.
For example, to transfer port 1 of the branch switch from PAR1, PAR2, PAR3, etc. to COUNTER VLAN, port 2 into MARKET VLAN, and port 3 into MANAGING VLAN...
PAR1(config)#interface fastEthernet 0/1 Configure port 1
PAR1(config-if)#switchport access vlan 10 Attribution COUNTER VLAN
PAR1(config)#interface fastEthernet 0/2 Configure port 2
PAR1(config-if)#switchport access vlan 11 Attribution MARKET VLAN
PAR1(config)#interface fastEthernet 0/3 Configure port 3
PAR1(config-if)#switchport access vlan 12 Attribution MANAGING VLAN
PAR2(config)#interface fastEthernet 0/1 Configure port 1
PAR2(config-if)#switchport access vlan 10 Attribution COUNTER VLAN
PAR2(config)#interface fastEthernet 0/2 Configure port 2
PAR2(config-if)#switchport access vlan 11 Attribution MARKET VLAN
PAR2(config)#interface fastEthernet 0/3 Configure port 3
PAR2(config-if)#switchport access vlan 12 Attribution MANAGING VLAN
PAR3(config)#interface fastEthernet 0/1 Configure port 1
PAR3(config-if)#switchport access vlan 10 Attribution COUNTER VLAN
PAR3(config)#interface fastEthernet 0/2 Configure port 2
PAR3(config-if)#switchport access vlan 11 Attribution MARKET VLAN
PAR3(config)#interface fastEthernet 0/3 Configure port 3
PAR3(config-if)#switchport access vlan 12 Attribution MANAGING VLAN
……
5. Configure layer three switching.
At this point, VLANs have been basically divided. However, how to implement layer three (network layer) switching between VLANs? At this time, each VLAN has to be assigned a network (IP) address. There are two situations for assigning IP addresses to VLANs. First, assigning static IP addresses to all nodes of VLANs; second, assigning dynamic IP addresses to all nodes of VLANs. The following are the two situations.
Assume that the interface Ip address assigned to VLAN COUNTER is 172.16.58.1/24, and the network address is: 172.16.58.0.
The interface IP address assigned by VLAN MARKET is 172.16.59.1/24, and the network address is: 172.16.59.0.
The VLAN MANAGING allocation interface Ip address is 172.16.60.1/24, and the network address is 172.16.60.0
……
If the IP address is assigned dynamically, the IP address of the DHCP server on the network is 172.16.1.11.
(1) Assign static IP addresses to all nodes of the VLAN.
First, set the interface IP addresses of each VLAN on the core switch respectively. The core switch treats vlan as an interface, just like on a router, as shown below:
COM(config)#interface vlan 10
COM(config-if)#ip address 172.16.58.1 255.255.255.0 VLAN10 interface IP
COM(config)#interface vlan 11
COM(config-if)#ip address 172.16.59.1 255.255.255.0 VLAN11 interface IP
COM(config)#interface vlan 12
COM(config-if)#ip address 172.16.60.1 255.255.255.0 VLAN12 interface IP
……
Then, the IP address that is consistent with the network address of the VLAN is set on each computer connected to the VLAN, and the default gateway is set to the interface address of the VLAN. In this way, all VLANs can also be accessed.
(2) Assign dynamic IP addresses to all nodes of VLAN.
First, set the interface IP addresses of each VLAN and the IP addresses of the same DHCP server on the core switch, as shown below:
COM(config)#interface vlan 10
COM(config-if)#ip address 172.16.58.1 255.255.255.0 VLAN10 interface IP
COM(config-if)#ip helper-address 172.16.1.11 DHCP Server IP
COM(config)#interface vlan 11
COM(config-if)#ip address 172.16.59.1 255.255.255.0 VLAN11 interface IP
COM(config-if)#ip helper-address 172.16.1.11 DHCP Server IP
COM(config)#interface vlan 12
COM(config-if)#ip address 172.16.60.1 255.255.255.0 VLAN12 interface IP
COM(config-if)#ip helper-address 172.16.1.11 DHCP Server IP
……
Then set the scopes of network addresses 172.16.58.0, 172.16.59.0, and 172.16.60.0 on the DHCP server, and set the "router" option of these scopes to the interface IP address of the corresponding VLAN. In this way, all VLANs can be accessed together.
Finally, set the network settings on each computer connected to the VLAN, and set the IP address option to automatically obtain the IP address.
3. Summary
This article is a summary of my actual work. The author strives to use easy-to-understand words to explain the entire process of creating a VLAN. And detailed setup steps are given. As long as you have some understanding of the IOS of Cisco switch, it is not difficult to understand this article. Follow the steps shown in this article step by step and you can completely build multiple VLANs for a typical fast Ethernet network. Article entry: csh Editor in charge: csh
The development of VLAN example computer network technology is like a drama stage, and you just finished singing and I will take the stage. It has only been a few years since the development of traditional Ethernet (10Mb/s) to fast Ethernet (100Mb/s) and Gigabit Ethernet (1000Mb/s), and its rapid momentum is really surprising. Now in the construction of medium and large-scale networks, there are countless mainstream network models with the so-called "gigabit backbone running, 100 megabit to desktop" with Gigabit Layer 3 switch as the core. Now, the network industry is no longer unfamiliar with the terms "layer three-layer switching" and VLAN.
1. What is Layer 3 switching and VLAN to answer this question, let’s take a look at how Ethernet works first. The working principle of Ethernet is to use bytes formed by binary bits to combine them into frames of data (actually some electrical pulses) to propagate in the wire.
First, the nodes on the Ethernet network segment that need to transmit data to monitor the wires. This process is called CSMA/CD (Carrier Sense Multiple Access with Collision Detection with Carrier Sense Multiple Access with Collision Detection). If another node is transmitting data at this time, the listening node will have to wait until the transmission task of the transmission node is completed. If two workstations happen to be ready to transmit data at some point, the Ethernet segment will send a "collision" signal. At this time, all workstations on the node will detect a collision signal because the voltage on the wire exceeds the standard voltage at this time. At this time, any node on the Ethernet network segment must wait until the conflict is over before data can be transmitted. That is to say, in CSMA/CD mode, in a time period, only one node can transmit data on the wire. The networked device that forwards Ethernet data frames is a hub, which is a layer of equipment with relatively low transmission efficiency. The occurrence of conflicts reduces the bandwidth of Ethernet, and this situation is inevitable. Therefore, as more and more nodes on the wires increase, the number of conflicts will increase. The obvious solution is to limit the nodes on the Ethernet wires, requiring physical segmentation of the network. Network devices that physically segment the network are used for bridges and switches. The basic function of bridges and switches is to send only information to other physical network segments. Therefore, if all information is sent to the local physical network segment only, then no information will be passed on the bridge and switch. This can effectively reduce conflicts on the network. Bridges and switches make forwarding decisions based on target MAC (Medium Access Control) addresses, and they are layer two devices.
We already know the shortcomings of Ethernet and the impact of conflicts in physical network segments. Now, let’s take a look at another reason that causes the network to slow down its running speed: broadcasting. Broadcasts exist on all networks, and if they are not properly controlled, they will fill the entire network, resulting in a large amount of network communication. Broadcasting not only consumes bandwidth, but also reduces the processing efficiency of the user's workstation. For various reasons, the Network Operating System (NOS) uses broadcasting, and TCP/IP uses broadcasting to resolve MAC addresses from IP addresses, and also uses broadcasting to announce through RIP and IGRP protocols, so broadcasting is also inevitable. The bridge and switch will forward all broadcast information, while the router will not. Therefore, in order to control broadcasts, a router must be used. The router makes forwarding decisions based on Layer 3 header, target IP addressing, target IPX addressing, or target Appletalk addressing. The router is a layer 3 device.
Here, it is easy for us to understand the three-layer exchange technology. In layman's terms, it is a technology that combines routing and exchange into one. After the router routes the first data stream, it will generate a mapping table of MAC address and IP address. When the same data stream passes again, it will directly exchange from layer 2 instead of routing again according to this mapping table, providing line speed performance, thereby eliminating the network delay caused by router routing and improving the efficiency of packet forwarding. Switches that use this technology are often called layer three switches.
So, what is VLAN? VLAN (Virtual Local Area Network) means virtual local area network. VLANs can be logically divided into relatively independent working groups based on functions and applications, based on functions, applications and other factors. Each user host is connected to a switch port that supports VLAN and belongs to a VLAN. Members in the same VLAN share broadcasts, forming a broadcast domain, while broadcast information between different VLANs is isolated from each other. In this way, the entire network is divided into multiple different broadcast domains (VLANs). Generally speaking, if a workstation in a VLAN sends a broadcast, then all workstations in this VLAN receive this broadcast, but the switch will not send the broadcast to any port on the other VLANs. If you want to send the broadcast to other VLAN ports, you need to use a Layer 3 switch.
2. How to configure a layer three switch to create a VLAN
The following descriptions are all based on the VLAN of Cisco switch. Cisco's VLAN implementation is usually port-centric, and the port connected to the node will determine the VLAN it resides. There are two ways to allocate ports to VLANs, namely static and dynamic.
The process of forming a static VLAN is the process of forcibly allocating ports to the VLAN. That is, we first establish a VLAN on the VTP (VLAN Trunking Protocol) Server and then assign each port to the corresponding VLAN. This is the most common method we use to create a VLAN.
The formation of a dynamic VLAN is very simple, and the specific machine decides which VLAN it belongs to. That is, we first establish a VMPS (VLAN Membership Policy Server) VLAN management policy server, which contains a text file, and the MAC address table mapped to the VLAN is stored. The switch decides to which VLAN to allocate the port according to this mapping table. This approach has great advantages, but creating a database is a very hard and tedious task.
The following example shows how to implement VLAN in a typical fast Ethernet LAN.
The so-called typical LAN refers to a core switch with a layer three switching function connected to several branch switches (not necessarily with layer three switching capabilities). We assume that the core switch name is: COM; the branch switch is: PAR1, PAR2, and PAR3, respectively, and is connected to the core switch through the optical module of Port 1; and assume that the VLAN names are COUNTER, MARKET, and MANAGING respectively...
Work needs to be done:
1. Set VTP DOMAIN (set on core and branch switches)
2. Configure relay (set on core and branch switches)
3. Create a VLAN (set on server)
4. Transfer the switch port to VLAN
5. Configure three-layer exchange
1. Set VTP DOMAIN. VTP DOMAIN is called the administrative domain.
All switches that exchange VTP update information must be configured as the same management domain. If all switches are connected by trunk lines, then as long as a management domain is set up on the core switch, all switches on the network are added to the domain, so that all switches in the management domain can understand each other's VLAN list.
COM#vlan database Enter VLAN configuration mode
COM(vlan)#vtp domain COM Set the VTP management domain name COM
COM(vlan)#vtp server Set the switch to server mode
PAR1#vlan database Enter VLAN configuration mode
PAR1(vlan)#vtp domain COM Set the VTP management domain name COM
PAR1(vlan)#vtp Client Set the switch to client mode
PAR2#vlan database Enter VLAN configuration mode
PAR2(vlan)#vtp domain COM Set the VTP management domain name COM
PAR2(vlan)#vtp Client Set the switch to client mode
PAR3#vlan database Enter VLAN configuration mode
PAR3(vlan)#vtp domain COM Set the VTP management domain name COM
PAR3(vlan)#vtp Client Set the switch to client mode
Note: Setting the core switch to Server mode here means that the VLAN is allowed to be created, modified, and deleted on the switch and some other configuration parameters for the entire VTP domain, synchronize the latest VLAN information passed by other switches in this VTP domain; Client mode means that the switch cannot create, delete, and modify VLAN configuration, nor can it store VLAN configuration in NVRAM, but VLAN information passed by other switches in this VTP domain can be synchronized.
2. Configure relay In order to ensure that the management domain can cover all branch switches, relay must be configured.
Cisco switches can support any medium as a trunk, and their unique ISL tags can be used in order to achieve trunks. ISL (Inter-Switch Link) is a protocol that passes multiple VLAN information and VLAN data flows between switches, between switches and routers, and between switches and servers. By configuring ISL encapsulation on the ports directly connected to the switch, VLAN allocation and configuration of the entire network can be distributed and configured across the switch.
The configuration on the core switch side is as follows:
COM(config)#interface gigabitEthernet 2/1
COM(config-if)#switchport
COM(config-if)#switchport trunk encapsulation isl Configure the relay protocol
COM(config-if)#switchport mode trunk
COM(config)#interface gigabitEthernet 2/2
COM(config-if)#switchport
COM(config-if)#switchport trunk encapsulation isl Configure the relay protocol
COM(config-if)#switchport mode trunk
COM(config)#interface gigabitEthernet 2/3
COM(config-if)#switchport
COM(config-if)#switchport trunk encapsulation isl Configure the relay protocol
COM(config-if)#switchport mode trunk
The configuration on the branch switch side is as follows:
PAR1(config)#interface gigabitEthernet 0/1
PAR1(config-if)#switchport mode trunk
PAR2(config)#interface gigabitEthernet 0/1
PAR2(config-if)#switchport mode trunk
PAR3(config)#interface gigabitEthernet 0/1
PAR3(config-if)#switchport mode trunk
……
At this time, the management domain has been set up.
3. Create a VLAN Once the management domain is established, you can create a VLAN.
COM(vlan)#Vlan 10 name COUNTER Created a VLAN numbered 10 and named COUNTER
COM(vlan)#Vlan 11 name MARKET Created a VLAN numbered 11 and named MARKET
COM(vlan)#Vlan 12 name MANAGING Created a VLAN numbered 12 and named MANAGING
……
Note that the VLAN here is established on the core switch. In fact, as long as the VLAN is established on any switch in the management domain with the VTP attribute Server, it will notify all switches in the entire management domain through VTP. However, if you want to divide the specific switch port into a VLAN, you must set it on the switch to which the port belongs.
4. Transfer the switch port to VLAN.
For example, to transfer port 1 of the branch switch from PAR1, PAR2, PAR3, etc. to COUNTER VLAN, port 2 into MARKET VLAN, and port 3 into MANAGING VLAN...
PAR1(config)#interface fastEthernet 0/1 Configure port 1
PAR1(config-if)#switchport access vlan 10 Attribution COUNTER VLAN
PAR1(config)#interface fastEthernet 0/2 Configure port 2
PAR1(config-if)#switchport access vlan 11 Attribution MARKET VLAN
PAR1(config)#interface fastEthernet 0/3 Configure port 3
PAR1(config-if)#switchport access vlan 12 Attribution MANAGING VLAN
PAR2(config)#interface fastEthernet 0/1 Configure port 1
PAR2(config-if)#switchport access vlan 10 Attribution COUNTER VLAN
PAR2(config)#interface fastEthernet 0/2 Configure port 2
PAR2(config-if)#switchport access vlan 11 Attribution MARKET VLAN
PAR2(config)#interface fastEthernet 0/3 Configure port 3
PAR2(config-if)#switchport access vlan 12 Attribution MANAGING VLAN
PAR3(config)#interface fastEthernet 0/1 Configure port 1
PAR3(config-if)#switchport access vlan 10 Attribution COUNTER VLAN
PAR3(config)#interface fastEthernet 0/2 Configure port 2
PAR3(config-if)#switchport access vlan 11 Attribution MARKET VLAN
PAR3(config)#interface fastEthernet 0/3 Configure port 3
PAR3(config-if)#switchport access vlan 12 Attribution MANAGING VLAN
……
5. Configure layer three switching.
At this point, VLANs have been basically divided. However, how to implement layer three (network layer) switching between VLANs? At this time, each VLAN has to be assigned a network (IP) address. There are two situations for assigning IP addresses to VLANs. First, assigning static IP addresses to all nodes of VLANs; second, assigning dynamic IP addresses to all nodes of VLANs. The following are the two situations.
Assume that the interface Ip address assigned to VLAN COUNTER is 172.16.58.1/24, and the network address is: 172.16.58.0.
The interface IP address assigned by VLAN MARKET is 172.16.59.1/24, and the network address is: 172.16.59.0.
The VLAN MANAGING allocation interface Ip address is 172.16.60.1/24, and the network address is 172.16.60.0
……
If the IP address is assigned dynamically, the IP address of the DHCP server on the network is 172.16.1.11.
(1) Assign static IP addresses to all nodes of the VLAN.
First, set the interface IP addresses of each VLAN on the core switch respectively. The core switch treats vlan as an interface, just like on a router, as shown below:
COM(config)#interface vlan 10
COM(config-if)#ip address 172.16.58.1 255.255.255.0 VLAN10 interface IP
COM(config)#interface vlan 11
COM(config-if)#ip address 172.16.59.1 255.255.255.0 VLAN11 interface IP
COM(config)#interface vlan 12
COM(config-if)#ip address 172.16.60.1 255.255.255.0 VLAN12 interface IP
……
Then, the IP address that is consistent with the network address of the VLAN is set on each computer connected to the VLAN, and the default gateway is set to the interface address of the VLAN. In this way, all VLANs can also be accessed.
(2) Assign dynamic IP addresses to all nodes of VLAN.
First, set the interface IP addresses of each VLAN and the IP addresses of the same DHCP server on the core switch, as shown below:
COM(config)#interface vlan 10
COM(config-if)#ip address 172.16.58.1 255.255.255.0 VLAN10 interface IP
COM(config-if)#ip helper-address 172.16.1.11 DHCP Server IP
COM(config)#interface vlan 11
COM(config-if)#ip address 172.16.59.1 255.255.255.0 VLAN11 interface IP
COM(config-if)#ip helper-address 172.16.1.11 DHCP Server IP
COM(config)#interface vlan 12
COM(config-if)#ip address 172.16.60.1 255.255.255.0 VLAN12 interface IP
COM(config-if)#ip helper-address 172.16.1.11 DHCP Server IP
……
Then set the scopes of network addresses 172.16.58.0, 172.16.59.0, and 172.16.60.0 on the DHCP server, and set the "router" option of these scopes to the interface IP address of the corresponding VLAN. In this way, all VLANs can be accessed together.
Finally, set the network settings on each computer connected to the VLAN, and set the IP address option to automatically obtain the IP address.
3. Summary
This article is a summary of my actual work. The author strives to use easy-to-understand words to explain the entire process of creating a VLAN. And detailed setup steps are given. As long as you have some understanding of the IOS of Cisco switch, it is not difficult to understand this article. Follow the steps shown in this article step by step and you can completely build multiple VLANs for a typical fast Ethernet network. Article entry: csh Editor in charge: csh