SWITCH VLAN
Switch configuration commands sheet Command descriptions:switch>?
The ? works here the same as in a router Used to get the list of all available commands
switch>enable
User mode, same as a router
switch#
Privileged mode
switch#disable
Leaves privileged mode
switch>exit
Leaves user mode
switch#show version
Displays information about software and hardware.
switch#show flash:
Displays information about flash memory (will work only for the 2900/2950 series).
switch#show mac-address-table
Displays the current MAC address forwarding table
switch#show running-config
Displays the current configuration in DRAM.
switch#show startup-config
Displays the current configuration in NVRAM.
switch#show vlan
Displays the current VLAN configuration.
switch#show interfaces
Displays the interface configuration and status of line: up/up, up/down, admin down.
switch#show interface vlan1
Displays setting of virtual interface VLAN 1, the default VLAN on the switch.
To Reset Switch Configuration
Switch#delete
flash:vlan.dat
Removes the VLAN database from flash memory.
Delete filename
[vlan.dat]?
Press Enter
Delete flash:vlan.dat?
[confirm]
Press Enter
Switch#erase startup-config
Erases the file from NVRAM.
Switch#reload
Restarts the switch.
To Set Host Names
Switch#configure terminal
Moves to global configuration mode
Switch(config)#hostname Switch1
Creates a locally significant host name of the switch. This is the same command as the router.
Switch1(config)#
To Set Passwords
Switch(config)#enable password ratnesh
Sets the enable password to ratnesh
Switch(config)#enable secret ratnesh123
Sets the encrypted secret password to ratnesh123
Switch(config)#line console 0
Enters line console mode
Switch(config-line)#login
Enables password checking
Switch(config-line)#password ratnesh
Sets the password to ratnesh
Switch(config-line)#exit
Exits line console mode
Switch(config-line)#line vty 0 4
Enters line vty mode for all five virtual ports
Switch(config-line)#login
Enables password checking
Switch(config-line)#password ratnesh
Sets the password to ratnesh
Switch(config-line)#exit
Exits line vty mode
Switch(config)#
To Set IP Addresses and Default Gateways
Switch(config)#interface vlan1
Enters the virtual interface for VLAN 1, the default VLAN on the switch
Switch(config-if)#ip address 192.168.0.10 255.255.255.0
Sets the IP address and netmask to allow for remote access to the switch
Switch(config-if)#exit
Switch(config)#ip default-gateway 192.168.0.5
Allows IP information an exit past the local network
To Set Interface Descriptions
Switch(config)#interface fastethernet 0/1
Enters interface configuration mode
Switch(config-if)#description Finance VLAN
Adds a description of the interface
To Set Duplex Operation
Switch(config)#interface fastethernet 0/1
Moves to interface configuration mode
Switch(config-if)#duplex full
Forces full-duplex operation
Switch(config-if)#duplex auto
Enables auto-duplex config
Switch(config-if)#duplex half
Forces half-duplex operation
To Set Operation Speed
Switch(config)#interface fastethernet 0/1
Switch(config-if)#speed 10
Forces 10-Mbps operation
Switch(config-if)#speed 100
Forces 100-Mbps operation
Switch(config-if)#speed auto
Enables autospeed configuration
MAC Address Table
switch#show mac address-table
Displays current MAC address forwarding table
switch#clear mac address-table
Deletes all entries from current MAC address forwarding table
switch#clear mac address-table dynamic
Deletes only dynamic entries from table
A virtual LAN (VLAN) is a logical grouping of network devices in the same broadcast domain that can span multiple physical segments.
Advantages of VLANs:
· Increase the number of broadcast domains while reducing their size.
· Provide additional security.
· Increase the flexibility of network equipment.
· Allow a logical grouping of users by function, not location.
· Make user adds, moves, and changes easier.
VLAN Membership
A device's membership in a VLAN can be determined by one of two methods: static or dynamic
· Static: - you have to assign manually
· Dynamic:- Configure VTP server and it will automatically do rest
VLAN identification can be performed using two methods, each using a different frame
identifier mechanism:
■ Inter-Switch Link (ISL) protocol
■ IEEE 802.1Q protocol
Inter-Switch Link Protocol
IEEE 802.1Q protocol
Dynamic Trunking Protocol
You can manually configure trunk links on Catalyst switches for either ISL or 802.1Q mode. In addition, Cisco has implemented a proprietary, point-to-point protocol called Dynamic Trunking Protocol (DTP) that negotiates a common trunking mode between two switches. The negotiation covers the encapsulation (ISL or 802.1Q) and whether the link becomes a trunk at all. This allows trunk links to be used without a great deal of manual configuration or administration.
Dynamic Trunk Protocol (DTP) DTP supports five trunking modes
· On or Trunk interface always assumes the connection is a trunk, even if the remote end does not support trunking.
· Desirable the interface will generate DTP messages on the interface, but it make the assumption that the other side is not trunk-capable and will wait for a DTP message from the remote side. In this state, the interface starts as an access-link connection. If the remote side sends a DTP message, and this message indicates that trunking is compatible between the two switches, a trunk will be formed and the switch will start tagging frames on the interface. If the other side does not support trunking, the interface will remain as an access-link connection
· Auto-negotiate interface passively listens for DTP messages from the remote side and leaves the interface as an access-link connection. If the interface receives a DTP message, and the message matches trunking capabilities of the interface, then the interface will change from an access-link connection to a trunk connection and start tagging frames
· No-negotiate, interface is set as a trunk connection and will automatically tag frames with VLAN information; however, the interface will not generate DTP messages: DTP is disabled. This mode is typically used when connecting trunk connections to non-Cisco devices that don't understand Cisco's proprietary trunking protocol and thus won't understand the contents of these messages.
· Off If an interface is set to off, the interface is configured as an access link. No DTP messages are generated in this mode, nor are frames tagged.
VLAN FEATURED LAB :
sw0#sh run
Building configuration...
Current configuration : 1687 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname sw0
!
!
!
interface FastEthernet0/1
switchport access vlan 10
!
interface FastEthernet0/2
switchport access vlan 20
!
interface FastEthernet0/3
switchport access vlan 30
!
interface FastEthernet0/4
switchport trunk allowed vlan 10,30
switchport mode trunk
!
interface FastEthernet0/5
switchport access vlan 99
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface Vlan1
no ip address
shutdown
!
!
line con 0
!
line vty 0 4
login
line vty 5 15
login
!
!
end
------------------------------------------------------------------------
!
hostname sw1
!
interface FastEthernet0/1
switchport access vlan 10
!
interface FastEthernet0/2
switchport access vlan 20
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface Vlan1
no ip address
shutdown
!
interface Vlan99
no ip address
!
!
line con 0
!
line vty 0 4
login
line vty 5 15
login
!
!
end
-----------------------------------------------------------------------
No comments:
Post a Comment