*** NOTE: this was written several years ago – but may still be useful ***
Increase security and ease administration and relocation.
Break up broadcast domains.
VLANS work at layer 2 and 3 of OSI model.
Communication between VLANs uses layer 3 routing.
3 ways of assigning a switched port to VLANs:
Port-Centric - All nodes connected to ports in the same VLAN are assigned to the same VLAN ID.
Static VLANs - Statically assign ports to a VLAN.
Dynamic VLANs - Ports that can automatically determine their VLAN assignments based on MAC addresses.
Trunk Links - Trunks can carry multiple VLANS. Supported on fast or gigabit links only.
Trunking is used to transport VLANS between devices.
NB: Switches segment LANs into individual collision domains, VLANs break up broadcast domains as well.
Spanning Tree Protocol
Spanning Tree Protocol (STP) is a Layer 2 (L2) protocol that runs on bridges and switches.
The specification for STP is IEEE 802.1D.
The main purpose of STP is to ensure that you do not create loops when you have redundant paths
in your network.
Loops are deadly to a network. (cause broadcast storms)
STP runs on bridges and switches that are 802.1D-compliant. There are different flavors of STP,
but 802.1D is the most popular and widely implemented. You implement STP on bridges and switches
in order to prevent loops in the network. Use STP in situations where you want redundant links,
but not loops.
Redundant links are as important as backups in the case of a failover in a network.
A failure of your primary activates the backup links so that users can continue to use the network.
Without STP on the bridges and switches, such a failure can result in a loop.
Private Address Range
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix) (/12=255.240.0.0)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
100Base-T Cabling Guidelines
The following cabling guidelines apply to a 100Base-T network:
The maximum length for an Unshielded Twisted Pair (UTP) cable segment is 100 meters.
Any cable segment longer than 100 meters must be fiber.
A 100Base-T repeater is equivalent to 95 meters of cable.
The maximum cable length between any two nodes on a repeated network is 305 meters.
To determine your cable budget, use the following formula:
400 - (R x 95) = Maximum cable length between any two nodes (in meters)
R represents the number of 100Base-T repeaters.
Table 3-2 lists the maximum cable length between two nodes in a 100Base-T network.
Table 3-2: Cabling Limits in a 100Base-T Network
Number of Repeaters Maximum Cable Length Between Two Nodes
0 400 meters
1 305 meters
2 210 meters
Note For switch-to-switch or switch-to-server (0 repeaters) and full duplex operation, the maximum
cable length between any two nodes extends to two kilometers using fiber.
FDDI Cabling Guidelines
The following cabling guidelines apply to an FDDI network:
The maximum length for an unshielded twisted pair (UTP) cable segment is 100 meters.
The maximum length for a fiber cable is 2 km.
Layer 2 Switching
Layer 2 switching breaks up collision domains making a flatter network than an ordinary 10BaseT network.
Store and Forward - Entire frame is received before forwarding is commenced.
Error detection is high, latency low.
Cut through - Comes in 2 types (Fast Forward and Fragment Free).
Fast Forward - Forwards frame after receiving destination address, error prone.
Fragment Free - Filters out collision packets (If packet data > 64bytes ok)
Ethernet frame maximum size = 1518bytes (All of this is received before forwarding by Store and Forward)
Ethernet frame minimum size = 64 bytes (Only this much of packet read by Fragment Free)
Show ip protocol - routing update times, networks active on, neighbour routers, administrative distances, AS number.
SHOW COMMANDS - 1900 SWITCH
Show ip - like ipconfig
Show port system - shows switching method
Show trunk A allowed-vlans - shows which VLANS allowed on trunk link
Show vlan 2
Show vlan - verify VLAN config
Show history - shows last 10 commands entered by default
Show terminal - shows terminal config + history buffer size
1900 SWITCH CONFIGURATION
(Config)#enable password level 1 nikolas - usermode password
(Config)#enable password level 15 makris - enable password
(Config)#enable secret nik2 - precedes the enable p/w
(Config)#vtp pruning enable - enables pruning on whole switch
(Config)#delete vtp - deletes VTP database
(Config)#vtp server (client/transparent)
(Config)#vtp domain nikolas
(Config)#vtp password cisco
(Config)#ip address 172.17.1.63 255.255.255.0
(Config)#ip default-gateway 172.17.1.50
(Config)#switching-mode store-and-forward (fragment-free)
(Config)#vlan 2 name sales
(Config)#vlan 3 name marketing
(Config)#int Ethernet 0/1 - slot 0/port 1
(Config-if)#vlan-membership static 2
(Config-if)#port secure max-mac-count 1 - allows only one mac address per port
(Config-if)#trunk on - enables trunking of all VLANS not just VLAN 1
(Config-if)#no trunk-vlan 3 - stops trunking vlan 3
(Config-if)#duplex full - sets to full duplex (auto sense default)
(Config)#copy tftp://192.168.0.120/cat1900EN_9_00.bin opcode - download into flash memory
(Config)#copy nvram tftp://192.168.0.120/cat1900EN
(Config)#copy tftp://192.168.0.120/cat1900EN nvram
(Config)#delete nvram - deletes config
(Config)#delete vtp - deletes VTP database
(Config)#clear mac-address-table [dynamic]