The VLAN Trunk Protocol (VTP)


The VLAN Trunking Protocol (VTP) is used to provide administrators an easy way of managing VLANs across a Cisco switched network. VTP enables you to configure a VLAN on one switch and have the information propagate to all of your switches in a VTP domain. This enables an administrator to fairly easily add, delete, and rename VLANs .

One of the best features of VTP is its ability to maintain consistent VLAN configurations throughout the network. VTP keeps an identical VLAN configuration by propagating the VLAN mapping scheme of the VTP domain across the network. VTP provides for a plug-and-play type of connection. When you add additional VLANs, VTP provides tracking, monitoring, and reporting of VLANs in the network.

graphics/note_icon.gif

A Cisco switch can be a member of only one VTP domain.


In IOS version 3.1(1) of the Catalyst software, a second version of VTP was introduced, thereby making two versions: version 1 and version 2. The primary differences between the two versions are significant enough to render them incompatible. They will not work together in the same network.

graphics/alert_icon.gif

Only VTP version 2 will be tested on the exam. Your understanding of Version 1 or the differences between the two versions is not an exam objective.


Version 1 is the default on Cisco Catalyst switches. If all the switches in the network support VTP version 2, then only one switch needs to have version 2 enabled in order to enable version 2 on all the switches participating in a VTP domain.

Version 2 provides the following additional features beyond support for Ethernet:

  • Consistency checks Performed when new information is entered by an administrator through the command-line interface (CLI) or through the Simple Network Management Protocol (SNMP).

  • Token ring support Includes token ring LAN switching and VLANs.

  • Transparent Mode change support Allows switches to forward only messages and advertisements. A switch using this mode will not add any new information received to its own database.

    graphics/note_icon.gif

    In version 1, the switch checks the VTP domain name and version before forwarding. In version 2, the switch forwards the VTP messages and advertisements without checking the version number.


  • Unrecognized type-length value support If a VTP advertisement is received and has an unrecognized type-length value, the VTP server or client will continue to propagate its configuration changes to the configured trunk links, even for TLVs that it is unable to parse. The unrecognized Type Length Value (TLV) is then saved in non-volatile random access memory (NVRAM).

Switches in a VTP management domain share VLAN information through the use of VTP advertisement messages. Three types of advertisement messages exist:

  • Advertisement (Client) request Clients use this type of advertisement to request VLAN information for the current network. A VTP client sends this type of advertisement in response to requests that have the appropriate summary and subset advertisements. The advertisement frame includes a version field, code field, reserved field, management domain name field (up to 32 bytes), and start value field.

  • Summary advertisement This type of advertisement is sent automatically every five minutes (300 seconds) to all the switches on the network. A summary advertisement can also be sent when a topology change to the network occurs, such as a switch drop or addition. The summary advertisement frame contains the version field, the code field, a follower's field, a management domain name field, a configuration revision number field, the updater's identity, the updater 's timestamp, and the MD5 digest field.

  • Subset advertisement This type of advertisement contains very detailed information about the network. It contains the version, code, sequence number, management domain name, configuration revision number, and VLAN information fields.

graphics/caution_icon.gif

VTP will work only if at least one trunk port is configured to carry at least one valid VLAN. A trunk link using ISL encapsulation can carry up to 1024 VLANs.


VTP Advertisements

VTP advertisement frames are sent to a multicast address so that all the VTP devices in the same management domain are able to receive the frames . All VTP management domain clients and servers update their databases regarding all deletions and additions to the network, based on information contained in the VTP advertisements and the revision number contained in the advertisements the switch receives.

Each advertisement contains a revision number, which is one of the most important parts of the VTP advertisement. When a new VTP revision number is sent throughout the VTP domain, the switches believe that the highest revision number has the most up-to-date information about all the VLANs. If a switch participating in a VTP domain receives an advertisement with different VLAN configuration information than it currently has, it updates its information only if the revision number in the received advertisement is higher than the one that allowed the last change.

As a VTP server's database is modified, the VTP server increments the revision number by 1. The VTP server then advertises this information from the database with the new configure revision number.

Inter-VLAN Routing

VTP aids in propagating VLAN information, and trunk links allow for the traffic from more than one VLAN to traverse a link. How do switches use these trunk links to allow VLANs to communicate with one another? Through a process called inter-VLAN routing, which is explained in this section of the chapter.

Trunking protocols are designed to allow VLANs to flow from one networking device to another. These trunking protocols either tag the VLAN frames or add a header that uniquely identifies the source and destinations of the data as well as the VLAN the data is a member of. If data from one VLAN needs to be forwarded to another VLAN, it requires some type of Layer 3 device to do the routing. This process is shown in Figure 9.2, in which switch A is sending data from VLANs 1 through 3 to VLAN 6, which is configured on switch B.

Figure 9.2. An inter-VLAN routing process.

graphics/09fig02.gif

To route VLAN frames between VLANs requires a Layer 3 device, which can be an external router or any number of modules known as internal route processors that are located inside a switch.

When a node needs to communicate with a member of another VLAN on the same network, the node sends a packet to the other node, assuming that it resides on the same network. The packet destined for another VLAN, which can even be another port on the same switch, must find a path on which to send the frame.

Because switches operate at Layer 2 and are designed to isolate traffic to broadcast domains or subnets, they cannot, by default, forward data from one VLAN to another VLAN without some other Layer 3 device, such as an internal or external route processor. The Layer 3 device is known as a "router on a stick." This device is used to route the data and create routing tables of other networks and devices. This also adds a layer of security, because now access lists can be added to permit and deny certain traffic.

Route processors can be used to route data between foreign VLANs and other logically segmented parts of the network, such as subnets. They also route data to remote WAN segments, networks, or the Internet.

An internal route processor uses internal modules or cards located inside the switch chassis that are similar to routers to route data between VLANs. The following are some of the available types of internal route processors for Catalyst switches:

  • NetFlow Feature Card and NetFlow Feature Card II

  • Route Switch Module

  • Multilayer Switch Module

  • Multilayer Switch Feature Card

  • Route Switch Feature Card

  • Cisco Route Processor (x)

  • Cisco Route Processor PR

  • Cisco Route Processor Module (PR, XF, RPM)

graphics/note_icon.gif

The Catalyst 6000 series also uses a FlexWAN module, a description of which is beyond the scope of this book.


The following series of routers are external route processors with 100BaseT interfaces that support ISL:

  • Cisco 1600 series routers

  • Cisco 1700 Series routers

  • Cisco 2600 series routers

  • Cisco 3600 series routers

  • Cisco 3700 series routers

  • Cisco 4000 series routers

  • Cisco 5400 series storage routers

  • Cisco 7000 series routers

  • Cisco 7100 series routers

  • Cisco 7200 series routers

  • Cisco 7500 series routers

  • Cisco 7600 series routers

  • Cisco 8500 series campus switch/routers

  • Cisco 10000 series routers

  • Cisco 12000 series routers

VLAN Configuration

By configuring VLANs, you control the size of your broadcast domains and keep local traffic local. A problem is created, however, when an end station in one VLAN needs to communicate with an end station in another VLAN. To fix the problem, inter-VLAN routing needs to take place to resolve the address, even if the ports belonging to different VLANs are side by side in the same switch. This type of communication is called inter-VLAN routing , where a Layer 3 device resolves the address just as it would if they were nodes residing on two different network segments. You configure one or more routers to route traffic to the appropriate destination VLAN.

All ports on the switch are configured as static access ports to VLAN 1 by default. VLAN 1 is also assigned as the default management VLAN. You can change the VLAN port information using the console, Cisco Visual Switch Manager (CVSM), or SNMP. This section covers the basics of VLAN configuration, as well as how to assign multi-VLAN memberships and how to view the configuration on each type of switch. It also covers configuring VLANs on a Set/Clear commandbased switch, as well as on a CLI-based switch.

The following are the available options for the set vlan command:

 set vlan <vlan_num> [name <name>] [type <type>] [state <state>][said <said>]  [mtu <mtu>] [ring <hex_ring_number>][decring <decimal_ring_number>][bridge  <bridge_number>] [parent <vlan_num>][mode <bridge_mode>] [stp <stp_type>]  [translation <vlan_num>] [backupcrf<offon>][aremaxhop <hopcount>] [stemaxhop <hopcount>] 

To begin configuring the VLANs, you need to be in Privileged Mode on your switch and identify an interface on the switch. If you have a 12-port 10/100 module in slot 7 of a Catalyst 5500 series switch that has 13 available slots, the ports are referred to as "7/112." Most of the commands on this series of switches use this method to identify the interface. Cisco routers begin with slot and port numbers that start at 0. On the Cisco Catalyst 4000, 5000, and 6000 families of switches, the slot and port numbers start at 1. The first port on a Cisco router would be 0/0, but on a Catalyst 5500, it would be 1/1.

To configure the four ports on VLAN 3 for ports 3 through 6 on the module residing in slot 7, use these commands:

 set vlan <vlan_num> <mod/ports>  set vlan 3 7/3   set vlan 3 7/4   set vlan 3 7/5   set vlan 3 7/6  

You could also use a shortcut and configure all the ports at once by using this command:

 set vlan 3 7/3-6 
graphics/caution_icon.gif

Using a space between the numbers in the VLAN configuration command creates an error. The switch views the number following the space as a new command argument.


You can assign a VLAN a name that is up to 32 characters to help identify it when doing troubleshooting. To assign VLAN 3 and identify it as the VLAN that engineers use, use the following command:

 set vlan <vlan_num> name <name>  set vlan 3 name Engineering  

You can set the type of VLAN using one of the valid types, which are ethernet , fddi , fddinet , trcrf , and trbrf . The default is Ethernet if a type is not specified. Use the following command to map VLAN 3 to Ethernet:

 set vlan <vlan_num> type <type>  set vlan 3 type ethernet  

Active is the default state for a configured VLAN, but you can configure it for active or suspend . Use the following command to suspend VLAN 3:

 set vlan <vlan_num> state <state>  set vlan 3 state suspend  

SAIDs are used as a VLAN identifier when trunking across 802.10 FDDI or CDDI networks. The default SAID value is 100000 plus the VLAN number. For example, VLAN 3's SAID would be a value of 100003. You should be able to leave the SAID at the configured default. However, if a conflicting SAID exists in the network, you can use the following command to change the SAID to 100103:

 set vlan <vlan_num> said <said>  set vlan 3 said 100103  

Different media types have different maximum transmission unit (MTU) sizes. Ethernet, for example, is 1,500 bytes. If you need to change the MTU, use the following command:

 set vlan <vlan_num> mtu <mtu>  set vlan 3 mtu 1500  

If a node on the network is attached to a port on the switch and does not have the ability to negotiate the port speed, you can set the speed. To set the port speed manually, use the following command:

 set port speed <mod_num/port_num> <41016100auto>  set port speed 7/1 100  

To set the port duplex on an Ethernet module, use the following command:

 set port duplex <mod_num/port_num> <fullhalf>  set port duplex 7/1 full  
graphics/caution_icon.gif

You cannot set the duplex if the duplex is manually configured to auto, or the port speed has been set manually.


Enabling security on a Catalyst switch means that the switch will accept frames only from a particular MAC address on Ethernet modules. You can identify a specific MAC address. If the MAC address is not identified, the first interface to use the port will be the only interface allowed to use that port. If an unauthorized MAC address attempts to use the port, the port will become disabled and the light on the switch corresponding with that port will change from the color green to orange. To configure port security, use the following command:

 set port security  <mod_num/port_num> <enabledisable> [mac_addr]  set port security 3/1 enable  

To verify the configured VLAN information, at the Privilege EXEC Mode prompt, you can use the show vlan command, which is used for all Catalyst switches:

 show vlan 

To remove a VLAN configured on a port, at the Privilege EXEC Mode prompt, you can use the following command (the VLAN being removed is VLAN 3, affecting all ports that have VLAN 3 configured):

 clear vlan 3 
graphics/note_icon.gif

When you clear a VLAN that has ports assigned to it, by default, those ports revert to VLAN 1. Every port must be assigned to a VLAN.


Configuring VLAN Trunks

VLAN trunks can be configured between two switches, between two routers, or between a switch and a router. In some special circumstances, a file server has an ISL- or 802.1Q-aware NIC card that understands VLAN tagging.

One thing to be aware of when configuring a trunk is that your device needs to be able to handle the load so that the introduction of latency doesn't affect your network devices. This latency will not be noticeable on small data files, but it will be very noticeable when you're using voice or video if your equipment cannot handle the load placed upon it.

Before you create a trunk, you must understand some of the main pieces of the trunk sub variables . You must know whether the trunking method to be used is 802.1Q, 802.10, ISL, LANE, or negotiate.

graphics/note_icon.gif

VLANs can be configured as local VLANs, which means that they are local to one specific geographical area. Trunk links allow VLANs to be created end to end, meaning they can span more than one geographical area.


For Fast Ethernet or Gigabit Ethernet, you set the trunking mode for each port as well as the protocol to use. To configure the domain name and set the password on the switch, use the following command in Privileged Mode (the name DCS refers to the switch domain name, and the password is set to 1234):

 set vtp domain dcs passwd 1234 
graphics/note_icon.gif

The domain can be 1 to 32 characters long, and the password can be 8 to 64 characters long.


To see the VTP domain information, use the following show command from the Privileged Mode prompt:

 show vtp domain 

The output will look similar to this:

 Domain Name Domain Index VTP Version Local Mode  Password DCS    1            2           server      - Vlan-count Max-vlan-storage  Config Revision  Notifications 12         1023              8                disabled Last Updater    V2 Mode   Pruning    PruneEligible on Vlans 172.1.1.1       disabled  disabled   2-1000 

To set the VTP mode to Server, Client, or Transparent Mode, use the following Privileged Mode command ( DCS refers to the domain that the switch will join):

 set vtp domain <domain name> mode [clientservertransparent]  set vtp domain DCS mode server  

Managing Revision Numbers

What happens when a new switch is configured as a server and the revision number is higher than the current revision number used in the domain? Oops! If the rest of the domain gets that information, it will reconfigure every single member with the configuration on that new switch. This event could become a disaster on your network. Unfortunately, any time a switch sees a higher revision number, it takes the information it just received, considers it more current, and overwrites the existing database with the new configuration information.

Many network administrators make the bad mistake of using the clear config all command, believing that it will erase the current revision number. This command doesn't do what it says it doesit doesn't really "clear all." VTP has its own non-volatile random access memory (NVRAM), so the VTP information, as well as the revision number, will still be present if you execute the clear config all command. You can overcome the problem of not clearing the VTP configration in either of two ways, the easiest of which is to cycle the power on the switch after placing the switch in client mode. The switch must be in client mode because the switch will store VTP information in the special NVRAM when the server is in server mode. As a result, merely powering down the switch will not reset the revision number or cause the switch to lose its VTP database.

The other way to address this problem is to make the switch a client. Connect it to the network to get new revisions and then configure the switch as a VTP server. You can also reset the revision number with the set vtp domain name command.

Use the following command to configure a trunk port. The port being configured is on module 3, port 1, and the VLAN range is VLANs 2 through 12:

 set trunk <mod_num/port_num> [onoffdesirableautononegotiate] <vlan_range> [isldot1qdot10lanenegotiate]  set trunk 3/1 desirable 2-12 isl  

To remove a VLAN from a trunk, use the following Privileged Mode command (in this demonstration, the module number is 3 and the port number is 1; the VLAN being removed is 13):

 Clear trunk <mod_num/port_num> <vlan_range>  Clear trunk 3/1 13  

For more than one VLAN, such as VLANs 13 through 200, issue the following Privileged Mode command:

 Clear trunk 3/1 13-200 

To display all the trunks configured on the switch, use the following command in Privileged Mode:

 Switch> (enable) show trunk 

The output should look similar to this:

 Port   Mode             Encapsulation  Status         Native vlan ----   ----             -------------  ------         ----------- 1/1    desirable        isl            trunking       1 2/1    desirable        isl            trunking       1 2/2    desirable        isl            trunking       1 2/3    desirable        isl            trunking       1 3/1    desirable        isl            trunking       1 Port           Vlans allowed on trunk ----           ---------------------- 1/1            1-100,1003-1005 2/1            1-100,1003-1005 2/2            1-100,1003-1005 2/3            1-100,1003-1005 3/1            1-100,1003-1005 Port           Vlans allowed and active in management domain ----           --------------------------------------------- 1/1            1,6-9,1003-1005 2/1            1,6-9,1003-1005 2/2            1,6-9,1003-1005 2/3            1,6-9,1003-1005 3/1            1,6-9,1003-1005 Port           Vlans in spanning tree forwarding state and not pruned ----           ------------------------------------------------------ 1/1            1,1003-1005 2/1            1,1003-1005 2/2            1,1003-1005 2/3            1,1003-1005 3/1            1,1003-1005 

To get a statistical view of the VTP traffic, use the following command:

 show vtp statistics 

VTP Pruning

VTP pruning enhances the network's bandwidth by reducing unnecessary network traffic. VTP restricts flooded data traffic to those trunk links that the traffic must use to access the appropriate network devices. By default, VTP pruning is disabled.

VTP pruning requires all switches to be set to Server Mode, and also requires the establishment of the same common VTP domain between all the switches. To enable pruning on a Set/Clear-based switch, use this command in Privileged Mode:

 set vtp pruning <enabledisable>  set vtp pruning enable  

When you enable VTP pruning, it affects all the VLANs on the switch. If you want to enable VTP pruning only on certain VLANs, first clear the VLAN prune-eligible list using the following command for all VLANs:

 clear vtp pruneeligible <vlan_range>  clear vtp pruneeligible 2-1000  

Next , set the VLANs for which you wish to enable pruning:

 set vtp pruneeligible <vlan_range>  set vtp pruneeligible 2-30  
graphics/note_icon.gif

VTP pruning cannot be enabled on VLAN 1, and every switch participating in VTP pruning must be configured as a VTP server. Enabling VTP pruning on one server enables VTP pruning on all the servers in the management domain. By default, VLANs 2 through 1,000 are eligible for pruning. VTP pruning will not take place on VLANs that are pruning-ineligible.


Assigning a VLAN Membership to a 1900 Series Switch

On the 1900 series switch, you must choose "k" from the initial user interface menu to get into command-line interface for the switch IOS, as shown here:

 1 user(s) now active on Management Console.         User Interface Menu      [M] Menus      [K] Command Line      [I] IP Configuration Enter Selection:  k       CLI session with the switch is open.       To end the CLI session, enter [Exit]. 

To configure the 1900 series switch ports with VLANs, you must enter global configuration mode, as shown next; to help identify the switch, we will give it the hostname 1912EN :

 >  enable  #  config terminal  Enter configuration commands, one per line.  End with CNTL/Z (config)#hostname 1912EN 

To configure VLANs on an IOS-based switch, use the following command:

 vlan <vlan> name <vlan name> 1912E(config)#vlan 3 name engineering 

You can configure each interface (port) on a switch to be in a VLAN by using the vlan-membership command. Unfortunately you must configure VLANs one by one for each port, because no command exists to assign more than one port to a VLAN. The following is the vlan-membership command and its options:

 1912EN(config-if)#  vlan-membership ?  dynamic  Set VLAN membership type as dynamic   static   Set VLAN membership type as static 1912EN(config-if)#  vlan-membership static ?  <1-1005>  ISL VLAN index 

Static and Dynamic VLANs

A static VLAN is the most common type of VLAN and the easiest to administer. The switch port always remains in the VLAN that is assigned by an administrator until an administrator changes the port assignment. Static VLAN configurations allow for VLAN configurations that are easy to configure and monitor, and that work well in a network in which the movement of users within the network remains controlled. You can also use network management software, such as CiscoWorks for Switched Internetworks (CWSI), to configure the ports on the switch. This software is available from any Cisco Value Added Reseller (VAR). If you work for a VAR, you can get this software online from the Cisco CCO Web site.

A dynamic VLAN determines a node's VLAN assignment automatically using a server called a VLAN Management Policy Server (VMPS) to set up a database of MAC addresses that can be used for dynamic addressing of VLANs. VMPS is a MAC-address-to-VLAN mapping database that contains a database of allowable MAC or physical addresses that are mapped to a particular VLAN. When the user boots up, the switch learns the MAC address and checks the database for the appropriate VLAN assigned to that MAC address. This enables a user to remain in the same VLAN throughout the network regardless of the location in which the user resides.

A lot of network management is required to maintain the databases of MAC addresses. Therefore, dynamic VLANs are not very effective in larger networks. Using intelligent network management software enables you to match a VLAN number to a hardware (MAC) address, protocol, or even an application address to create static VLANs.

In the following code, you see that the interface configuration mode has been entered for ports 1 and 2, and then the VLAN is assigned two ports:

 1912EN(config-if)#  interface e0/1  1912EN(config-if)#  vlan-membership static 3  1912EN(config-if)#  interface e0/2  1912EN(config-if)#  vlan-membership static 3  

The Catalyst 1900 switch has the same options as the 5000 and 6000 series do for ISL. The 1900 switch does, however, run the Dynamic Inter-Switch Link (DISL) encapsulation method to create trunks. The Cisco Catalyst 1912EN switch has two trunkable ports that are Fast Ethernet ports: Interface 26 (Port A) and Interface 27 (Port B). The following lists the available options of the trunk command and sets the trunk to on for Port B:

 1912EN(config)#  interface f0/27  1912EN(config-if)#  trunk ?  auto         Set DISL state to AUTO   desirable    Set DISL state to DESIRABLE   nonegotiate  Set DISL state to NONEGOTIATE   off          Set DISL state to OFF   on           Set DISL state to ON 1912EN(config-if)#  trunk on  

Configuring VLAN and Enabling VTP on the 1900EN Series Switch

To remove a VLAN from a trunk port on a 1900EN series switch, use the interface configuration mode command no trunk-vlan command. The following takes a look at the syntaxes available and then removes VLAN 3 from its ability to send VLAN traffic across the trunk:

 1912EN(config-if)#  no trunk-vlan ?  <1-1005>  ISL VLAN index 1912EN(config-if)#  no trunk-vlan 3  
graphics/caution_icon.gif

No command exists to clear more than one VLAN simultaneously .


To view the trunks on a Cisco Catalyst 1900EN, use the show trunk command just as you would on a 5000 series switch. A difference does exist, however: this command can be used only on Fast Ethernet ports 26 (Port A) and 27 (Port B). The following are the show trunk command options:

 1912EN#  show trunk ?  A  Trunk A   B  Trunk B 1912EN#show trunk a ?   allowed-vlans   Display allowed vlans   joined-vlans    Display joined vlans   joining-vlans   Display joining vlans   prune-eligible  Display pruning eligible vlans 

As an example of the show trunk command, look at the allowed VLANs on Port B:

 1900EN#  show trunk b allowed-vlans   1-3, 6-8  

The following lists the options when enabling VTP in global configuration mode on the 1900 series switch:

 1912EN(config)#  vtp ?  client       VTP client   domain       Set VTP domain name   password     Set VTP password   pruning      VTP pruning   server       VTP server   transparent  VTP transparent   trap         VTP trap 

Let's go ahead and configure this switch as a VTP server for the DCS domain, and set the password using the commands in the preceding list:

 1912EN(config)#  vtp server  1912EN(config)#  vtp domain dcs  1912EN(config)#vtp password 1234 

Configuring Inter-VLAN Routing on an External Router

When a switch receives a packet from a port on one VLAN destined for the port of another VLAN, the switch must find a path on which to send the frame. Switches work at Layer 2 and are designed to isolate traffic to collision domains or subnets; they cannot, by default, forward data from one VLAN to another VLAN or network without some other Layer 3 devices. The Layer 3 device known as a router on a stick is used to route the data and create routing tables of other networks and devices.

As discussed earlier in the chapter, route processors can be used to route data between foreign VLANs and other logically segmented parts of the network, such as subnets. They also route data to remote WAN segments, networks, or the Internet.

Layer 3 routing takes place between VLANs. This can become a challenging problem for an administrator to overcome. Two types of route processors exist: external and internal. As you learned in the previous section, an external route processor uses an external router (such as the Cisco devices you are familiar with) to route data from one VLAN to another VLAN. An internal route processor uses internal modules and cards located inside the switch route data between VLANs.

Each type of Layer 3 routable protocol that does not have to be IP can have its own mapping for a VLAN. In an IP network, each subnetwork is mapped to an individual VLAN. In an IPX network, each VLAN is mapped to the IPX network number. With AppleTalk, a cable range and AppleTalk zone name are associated with each VLAN.

By configuring VLANs, you control the size of your broadcast domains and keep local traffic local. However, when an end station in one VLAN needs to communicate with an end station in another VLAN, this communication is supported by inter-VLAN routing. You configure one or more routers to route traffic to the appropriate destination VLAN.

To understand this section, you need to become familiar with Cisco IOS software running on Cisco routers. This demonstration is going to configure a Cisco 7505, with the goal of making the process as clear as possible:

  1. To enable IP routing on the router, enter the global configuration mode and use the ip routing command:

     7505#  configure terminal  Enter configuration commands, one per line.  End with CNTL/Z. 7505 (config)#  ip routing  
  2. Specify an IP routing protocol, such as OSPF, RIP, IGRP, or EIGRP, and identify the network:

     Cisco7505(config)#  router rip  Cisco7505(config-router)#  network 192.1.0.0  
  3. Create a subinterface on a physical interface in interface configuration mode for the port connected to the switch:

     7505(config-router)#interface fastethernet2/0.100 
  4. Specify the encapsulation type and VLAN number to use on the subinterface:

     7505 (config-subif)#encapsulation isl 100 
  5. Assign an IP address and subnet mask to the subinterface:

     7505 (config-subif)#ip address 192.1.1.1 255.255.255.0 
  6. To configure any other interfaces, repeat Steps 3 through 5 for each VLAN you need to become a member of the trunk link or would like to route traffic between:

     7505 (config-router)#  interface fastethernet2/0.200  7505 (config-subif)#  encapsulation isl 200  7505 (config-subif)#ip address 192.1.2.3 255.255.255.0 

To configure inter-VLAN routing for IPX, perform this task beginning in global configuration mode:

  1. To enable IP routing on the router, enter the global configuration mode and use the ipx routing command:

     7505#configure terminal 

    Enter configuration commands, one per line. End with CTRL/Z.

     7505 (config)#  ipx routing  
  2. Specify an IPX routing protocol, such as IPX RIP, and identify all the networks:

     Cisco7505(config)#  ipx router rip  Cisco7505(config-router)#  network all  
  3. Create a subinterface on a physical interface in interface configuration mode for the port connected to the switch:

     7505(config-router)#  interface fastethernet2/0.1  
  4. Specify the encapsulation type and VLAN number to use on the subinterface:

     7505 (config-subif)#  ipx encapsulation isl 1  
  5. Assign a network number to the subinterface and identify an encapsulation type for IPX, such as snap , novell- ether , arpa , or sap :

     7505 (config-subif)#  ipx network 1 encapsulation sap  
  6. To configure any other interfaces, repeat Steps 3 through 5 for each VLAN you need to become a member of the trunk link or would like to route traffic between.

     7505(config-subif)#  interface fastethernet2/0.2  7505(config-subif)#  encapsulation isl 2  7505(config-subif)#  ipx network 2 encapsulation sap  
graphics/note_icon.gif

You need to know what the IP configuration is for each component, and ensure that the switch is configured with the correct default gateway for each VLAN. The show port command is used to find and resolve these types of issues.




CCNP CIT Exam Cram 2 (642-831)
CCNP CIT Exam Cram 2 (Exam Cram 642-831)
ISBN: 0789730219
EAN: 2147483647
Year: 2003
Pages: 213
Authors: Sean Odom

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net