Systems and Network Management Switching and VLANs. Section 1: Configuring the Catalyst 3500 Switch Configuring the 3500 switch is similar to configuring a router. 1. You need to start HyperTerminal – using the settings: ? 9600bps ? 8 bit No parity 1 Stop bit ? Connect your PC using the console cable to the console port of the switch. 2. Once connected you: ? Type enable -- to get into privileged mode. 3. To see the current configurations enter: ? Type show running-config 4. To start configuring the switch you: ? Type configure terminal ? to enter the configuration mode 5. Give the switch a name: ? Type hostname SwitchA 6. To give it an IP address: ? Type interface VLAN1 ip address 172.19.70.1 255.255.192.0 7. Now verify the parameters you just entered: ? Type cntl Z ? to exit the configuration mode. ? Type show running-config ? to see the detail configurations. Section 2: Configuring VLANs – on Catalyst 3500 Switch Introduction. A switch provides a number of Ethernet ports. In the 3500 switch, the ports are fast Ethernet ports (100 Mbps). The C3524-XL-EN has 24 fast-Ethernet ports; the bigger C3548-XL-EN has 48 fast Ethernet ports. Here are the first 16 ports on a C3548-XL-EN: f0/1 f0/3 f0/5 f0/7 f0/9 f0/11 f0/13 f0/15 f0/2 f0/4 f0/6 f0/8 f0/10 f/0/12 f/014 f/016 Each of the port can be configured as either access port or trunk port. Note access port only carries traffic for one VLAN, whereas trunk carries traffic for multiple VLANs. In addition, each port can be configured to be belonging to different VLAN. e.g. f0/1 can be assigned as VLAN 2, while f0/2 can be assigned as VLAN 3. To configure each port into a VLAN, perform the following: 1. To start configuring the switch ports you: ? Type config t ? to enter the configuration mode 2. To config a port, you enter the interface-config mode: ? Type int f0/1 ? configuring the interface fast-ethernet 0/1 o Type switchport access VLAN 2 ? an access port with vlan=2 For linkage between switches you need a trunk port: 3. To set a port as a trunk port: (e.g. port 0/16) ? Type int f0/16 o Type switchport mode trunk ? set the port as a trunk port o Type switchport trunk allowed VLAN 1-16 ? a trunk port allowing vlans 1 to 16 Now we have 2 switches each switch will be assigned the following vlans, with port 16 assigned as the trunk port. The ports 16 of the switches are interconnected using a crossed Ethernet cable to form the trunk link. port 1 2 3 4 5 6 7 8 9 10 11 … 16 vlan 2 2 3 3 4 4 5 5 6 6 7 … all Trunk port port 1 2 3 4 5 6 7 8 9 10 11 … 16 vlan 2 2 3 3 4 4 5 5 6 6 7 … all 4. Now using a long straight Ethernet cable, plug your computer into one of the switch ports and configure the switch port to the vlan as shown in the table above. 5. For testing, record your own ip-address and ask your friends ip address on same switch. Try pinging each other. 6. Are you successful? Record the following: Your ip Your Vlan Neighbour's ip Neighbour's VLAN ping- Y/N 7. Try pinging people from a different switch. Record: Your ip Your Vlan Neighbour's ip Neighbour's VLAN ping- Y/N SNM LAB – Inter-Vlan routing. A switch can be configure include many VLANs. Each VLAN is in its own subnet. In order for two VLANs to communicate with each other, a router is needed. The following figure demonstrates how communications between VLAN 1 and VLAN 2 is achieved using inter-vlan routing facitiated with a router. Network Diagram The configuration for the 3512 switch is as follows: Catalyst 3512-XL Note: The following screen captures show the commands that were entered on the 3512XL switch. Comments between the commands are added in blue italics to explain certain commands and steps. !-- Set the privileged mode !-- and Telnet password on the switch. switch#configure terminal Enter configuration commands, one per line. End with CNTL/Z. switch(config)#hostname 3512xl 3512xl(config)#enable password mysecret 3512xl(config)#line vty 0 4 3512xl(config-line)#login 3512xl(config-line)#password mysecret 3512xl(config-line)#exit 3512xl(config)#no logging console 3512xl(config)#^Z !-- Set the IP address and default gateway for VLAN1 for management purposes. 3512xl#configure terminal Enter configuration commands, one per line. End with CNTL/Z. 3512xl(config)#int vlan 1 3512xl(config-if)#ip address 10.10.10.2 255.255.255.0 3512xl(config-if)#exit 3512xl(config)#ip default-gateway 10.10.10.1 3512xl(config)#end !-- Set the VTP Mode. !-- In our example, we have set the mode to be transparent. !-- Depending on your network, set the VTP Mode accordingly. !-- For details on VTP, !-- refer to !-- Configuring VTP, VLANs, and VLAN Trunks on Catalyst 2900XL and 3500XL Switches .3512xl#vlan database 3512xl(vlan)#vtp transparent Setting device to VTP TRANSPARENT mode. !-- Adding VLAN2. VLAN1 already exists by default. 3512xl(vlan)#vlan 2 VLAN 2 added: Name: VLAN0002 3512xl(vlan)#exit APPLY completed. Exiting.... !-- Enable trunking on the interface fastEthernet 0/1. 3512xl#configure terminal Enter configuration commands, one per line. End with CNTL/Z. 3512xl(config)#int fastEthernet 0/1 3512xl(config-if)#switchport mode trunk !-- Enter the trunking encapsulation as either isl 3512xl(config-if)#switchport trunk encapsulation isl 3512xl(config-if)#switchport trunk allowed vlan all 3512xl(config-if)#exit !-- The following set of commands will place FastEthernet 0/2 !-- into VLAN2 and enable portfast on the interface. 3512xl(config)#int fastEthernet 0/2 3512xl(config-if)#switchport access vlan 2 3512xl(config-if)#spanning-tree portfast 3512xl(config-if)#exit !-- FastEthernet 0/3 is already in VLAN1 by default. !-- Enable portfast on the interface. 3512xl(config)#int fastEthernet 0/3 3512xl(config-if)#spanning-tree portfast 3512xl(config-if)#^Z !-- For details on why to enable portfast, !-- refer to: !-- Using Portfast and Other Commands to Fix Workstation Startup Connectivity Delays .!-- Remember to save the configuration. 3512xl#write memory Building configuration... 3512xl# To facilitate inter-vlan routing the ethernet port is configured as 2 logical (virtual) sub- interfaces, denoted by 0/0.1, 0/0.2. Each of them is configured to be in the subnet belonging to VLAN 1 or VLAN 2. (Note the .1 and .2 refer to the number of the sub- interface). The two sub-interfaces are also configured with trunking with isl encapsulation. The configuration for the 2600 router is as follows: Cisco 2600 Router Note: The following screen captures show the commands that were entered on the Cisco 2600 router. Comments between the commands are added in blue italics to explain certain commands and steps. !-- Set the privileged mode !-- and Telnet password on the router. Router#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router(config)#hostname c2600 c2600(config)#enable password mysecret c2600(config)#line vty 0 4 c2600(config-line)#login c2600(config-line)#password mysecret c2600(config-line)#exit c2600(config)#no logging console c2600(config)#^Z c2600#configure terminal Enter configuration commands, one per line. End with CNTL/Z. !-- Select FastEthernet 0/0 for the trunk configuration. !-- No L2 or Layer 3 (L3) configuration is done here. c2600(config)#int fastEthernet 0/0 c2600(config-if)#no shut c2600(config-if)#exit !-- Enable trunking on the sub-interface FastEthernet 0/0.1. !-- Note that actual trunks are configured on the sub-interfaces. c2600(config)#int fastEthernet 0/0.1 !-- Enter the trunking encapsulation as either isl (note 1 referred to the VLAN 1) c2600(config-subif)#encapsulation isl 1 !-- Configure L3 information on the sub-interface 0/0.1. c2600(config-subif)#ip address 10.10.10.1 255.255.255.0 c2600(config-subif)#exit !-- Enable trunking on the sub-interface FastEthernet 0/0.2. !-- Note that actual trunks are configured on the sub-interfaces. c2600(config)#int fastEthernet 0/0.2 !-- Enter the trunking encapsulation as either isl (note 2 referred to the VLAN 2) c2600(config-subif)#encapsulation isl 2 !-- Configure L3 information on the sub-interface 0/0.2. c2600(config-subif)#ip address 10.10.11.1 255.255.255.0 c2600(config-subif)#exit c2600(config)#^Z !-- Remember to save the configuration. c2600#write memory Once the above configuration is completed workstation 1 and 2 should be able ping each other. Systems and Network Management: Switching and VLANs 1