BACK

Configuring VLANs

Before you begin creating VLANs, you should determine whether the switch will participate in a VTP domain that will synchronize VLAN configuration with the rest of the network. You must also enable a trunk connection if you want to use VLANs across multiple switches.

The steps to configure a VLAN are:
  1. Enable VTP (optional)
  2. Enable Trunking (optional)
  3. Create VLANs
  4. Assign VLANs to ports
Verifying VLANs Enable VTP

When adding a new switch to an existing domain, it is a good idea to add it in VTP client mode.  This will prevent the switch from propagating any incorrect VLAN information to other switches.  In this example we will setup a new VTP domain and place the switch into server mode.  The password puts VTP into secure mode.  Every switch in the management domain must have a password assigned to it for the management domain to function properly in secure mode.

   Switch1#configure terminal
   Enter configuration commands, one per line. End with CNTL/Z
   Switch1(config)#vtp server
   Switch1(config)#vtp domain ciscotest
   Switch1(config)#vtp password ccna
Enable Trunking

The next step is to create a trunk connection with the other switches that will be sharing VLAN information. To enable trunking on a port, enter interface configuration mode for the desired port, and then use the trunk command with the appropriate option:

   Switch1#configure terminal
   Switch1(config)#interface f 0/26
   Switch1(config-if)#trunk on
trunk Command Options
Option Function
on Puts the port into permanent trunking mode and negotiates to convert the link into a trunk link. The port becomes a trunk port even if the neighboring port does not agree to the change.
off Puts the port into permanent nontrunking mode and negotiates to convert the link into a nontrunk link. The port becomes a nontrunk port even if the neighboring port does not agree to the change.
desirable Makes the port actively attempt to convert the link to a trunk link. The port becomes a trunk port if the neighboring port is set to on, desirable, or auto mode.
auto Makes the port willing to convert the link to a trunk link. The port becomes a trunk port if the neighboring port is set to on or desirable mode. This is the default mode.
negotiate Puts the port into permanent trunking mode but prevents the port from generating DTP frames. You must configure the neighboring port manually as a trunk port to establish a trunk link.

Create VLANs

To create a VLAN, enter global configuration mode and use the vlan command with the VLAN identifier (1-1005) and its name.

   Switch1#configure terminal
   Switch1(config)#vlan 5 name accounting
   Switch1(config)#vlan 6 name management
Assign VLANs to Ports

Now that the VLAN has been created, you can statically assign which ports will be members of the VLAN.  A port can only belong to one VLAN at a time and by default, all ports are members of VLAN 1.  To assign a VLAN to a port, enter interface configuration mode for the port and use the vlan-membership command. 

   Switch1#configure terminal
   Switch1(config)#interface e0/4
   Switch1(config-if)#vlan-membership static 5
   Switch1(config)#interface e0/5
   Switch1(config-if)#vlan-membership static 5
   Switch1(config)#interface e0/6
   Switch1(config-if)#vlan-membership static 6
Verifying the VLAN Configuration

To view the VLANs configured on the switch, use the show vlan command. 

   
   Switch1#show vlan
   
   VLAN    Name               Status            Ports
   --------------------------------------------------
   1       default            Enabled           1-3, 7-24, AUI, A, B
   5       accounting         Enabled           4, 5
   6       management         Enabled           6

Optionally you can view an individual VLAN to see how it's configured by using the show vlan [#] command.

   
   Switch1#show vlan 5
   
   VLAN  Name          Status      Ports
   -------------------------------------
   5     accounting    Enabled     2 
   -------------------------------------
   
   VLAN  Type   SAID   MTU   Parent  RingNo BridgeNo Stp  Trans1 Trans2
   ---------------------------------------------------------------------
   5  Ethernet 100005  1500   0        1       1     Unkn   0     0
Verifying VLAN Membership

To view which ports are assigned to a VLAN, use the following command:

   Switch1#show vlan-membership
      Port  VLAN   Membership
      1        1      Static
      2        1      Static
      3        1      Static
      4        5      Static
      5        5      Static
      6        6      Static
      7        1      Static
      8        1      Static	      
         [Output Cut]
Prevent VLANs from Crossing a Trunk

All VLANs are configured on a trunked link unless you clear it manually.  Use the following command if you don't want a trunk to carry VLAN information:

   Switch1(config)#int f0/26
   Switch1(config-if)#clear trunk
Prevent Individual VLANs from Crossing a Trunk Link

You can clear individual VLANs from crossing a trunk link by using the following command: 

   Switch1(config)#int f0/26
   Switch1(config-if)#no trunk-vlan 5
Verifying Trunk Link

To verify a trunk port use the show trunk [a|b] command.  The a is for port f0/26 while b represents f0/27. 

   Switch1#show trunk a
   DISL state:  Auto, Trunking: On, Encapsulation type:ISL
   
   Switch1#show trunk allowed-vlans
   1-4, 6-1004
Verifying VTP Information

After VTP has been enabled and configured, you can view the configuration with the following command:

   Switch1#show vtp
   VTP Version                     : 2
   Configuration Revision          : 2
   Maximum VLANs supported locally : 1005
   Number of existing VLANs        : 2
   VTP Operating Mode              : Server
   VTP Password                    : ccna
   VTP Domain Name                 : ciscotest
   VTP Pruning Mode                : Disabled
   VTP V2 Mode                     : Disabled
   VTP Traps Generation            : Enabled
   MD5 digest                      : 0xB9 0xC7 0x8D 0xB3 0xD4 0xBA 0x94 0x03
   Configuration last modified by 192.168.1.86 at 7-25-01 01:22:24
Enabling VTP Pruning

If you enable VTP pruning on a VTP server, you will enable it for the entire domain.  Enable VTP pruning with the following command:

   Switch1(config)#vtp pruning enable
Disable VTP pruning with: 
   Switch1(config)#vtp pruning disable
BACK