1. 3_1- VLAN and Trunking Applications in Campus Network
In this section, we are going to talk about VLAN and tracking applications in Compass Networks. Let’s take a look at the overview of Villain. First, VLAN stands for “virtual local area network,” as you know, and each VLAN is one broadcast domain. And as we discussed before, they provide isolation for us. A virtual local area network (VLAN) works in the same way as a physical local area network, with the exception that the hosts don’t need to be located on the same physical network to be linked. Segmentation is the division of the network into groups, both for connecting specific groups with each other regardless of network affiliation and for isolating groups for security reasons. Using a best-practices approach to segmentation makes it possible to maximize bandwidth use while securing sensitive data. Reliance can be segmented due to first, maybe traffic patterns; secondly, traffic types; and third, a geographic group. I’m writing wonderful things, as you can see. The fourth type is departmental, such as the headquarters of a corporate building. And this is the red villain. Blue land and the Gray Villain In a network design,
if I segment the villains based on department information, red villain users could be Human Resources, blue could be IT, and grey could be Finance. A network administrator can design a campus network with one of two modules. The first one is “Local Villain.” The next is and to and Villain. in the local villa module. The local switch is connected to a distribution or core switch. This is where the routing is performed. Actually, local villains will only exist between the local access switch and the distribution or core switch. In this module, you use different villains for different geographical regions. For example, as you can see in the picture, we have an accounting villain—that’s Villain Ten for this location. But for another location, we are using Villain 30 and 40 accounting, for example, with engineering using Villain 20 in this location and Villain 40 in the other location of the carbon building. End-to-end villains are dispersed throughout the network on multiple switches. No matter where the user plugs in, they will always be assigned to the same villain. Membership resources for this user will be on the same subnet.
Management of entrant villains typically uses VTP through Tracing Switch, and this allows for easier management. and you can see that in the picture. Again, this building could be in Paris, the other in Amsterdam, and this one in Tokyo. And if I’m using Villain One for engineering in here, Villain Two is it, and Villain Three is financing, is going to be the same for Amsterdam and Tokyo too. And let’s take a look at the voice villain concept. Now, usually, IP phones sit next to computers on the same desk. They require the same UTP cables that computers use, and they use Ethernet. If you want to connect them to a switch, we usually use the method in the picture. As you can see, you probably want to separate voice and data traffic, and this is something we can do with voice cables. As you can see in our figure, just one cable is coming to the IP phone, and the IP phone has two parts. The first part is the local area network port, which we plug. Actually, this cable is coming from the switch, and the other port is connected to the PC, so that port is known as the PC port. And we are using different networks to carry data and voice traffic.
In this example, we are using Villan 30 and Villan Ten. Villan 30 is carrying the voice traffic, and Ten is carrying the PC data. And here are the configuration steps. For example, if we are using the Festive Turnout 00:16 port, we are going to the interface mode by typing interfacefast Eternal Net 16, we are typing the accessport switch port access VLAN 10, we are defining the PC data, and we are using the switch port voice VLAN command and writing the voice VLAN as well. Let’s take a look at the VLAN ranking again. As we discussed in our previous sections, an access port can carry just one villain, while trunk ports can carry multiple villains. We can use Villain 100 and just Villain 200 for these two ports, but this guy can carry both of them. Here are the configuration steps for the villains. First, we are creating the villains in configuration mode, for example, Villain 100, and we can define a name. This is arbitrary, and we are defining VLAN 200 and calling it Two. Then we’ll enter interface mode by typing interface gig zero one, which is this port. And we are defining it as an access port by typing Switchboard Mode Access. And we are making the villain configuration by typing “Switch Port Access Villain” and “Villain Number.” To configure a trunk port, return to the interface mode and enter Switch port trunk and an encapsulation protocol, which is currently a monkey. And we are defining the trunk port by typing “Switch Port Mode Trunk.”
And we are defining the villains that we want to carry in this trunk, and that’s it. We can use two tranking protocols when we want to implement traning, and they are ISL and Q. ISL is a Cisco proprietary tracking protocol that provides tracking for us, and TopOne Q is an industry standard protocol. Dot one Q has less frame load than ISL, and as a result, dot one Q is more effective than ISL, especially in small frames. ISL is 30 bytes when dot one Q load is four bytes. Let’s take a look at the One-Q native villain concept. A transport can normally send and receive the One Q villain tag into Ethernet frames. If the switch receives an antecedent frame from the transport, these frames are forwarded to another villain configured as the native villain. The native villains between the two different switches must be the same; otherwise, the native villain mismatch warning is taken, and Cisco uses the Cisco discovery protocol (CDP) when doing this. And please keep in mind that the default native VLAN is one.
Here is how we can configure a trunk. We are going under interface mode, we are typing the encapsulation protocol, and we are using the switchboard mode trunk, and this line is actually optional. We can define it as better if we can, but if not, all other villains will be transported from the trunk port to a fire transport. We are using show interfaces, the interface name, and the switchboard. Actually, we are seeing that the administrative mode, which means what we configured for this port, and the operational mode, which means how this port is actually behaving right now, Is it the trunk, or is there a problem? We can see by using this command and the other comment that we can verify the trunk port with Show Interfaces Trunk, which shows us the interfaces making actual tracking at that moment for us. And let’s take a look at the dynamic tracking protocol (DTP).
DTP is a Cisco priority networking protocol developed by Cisco Systems for the purpose of negotiating tracking on a link between two villain-aware switches and for negotiating the type of tracking encapsulation to be used. It works on layer two of the OSI module, and VLAN trunks formed using TTP may utilise either one Q or Cisco ISL in DTP. The following switch port mode settings exist and are accessible: Trunk, Dynamic Auto, and Dynamic Deserve deserve it, but it’s better to emphasise this guy’s. Okay. dynamic auto disabled trunk and access. Access puts the Ethernet port into permanent non-tracking mode and negotiates to convert the link into a non-trunk link. The Ethernet port becomes a nontracking port even if the neighbouring port does not agree to the change. Trunk puts the Ethernet port into permanent trunking mode and negotiates to convert the link into a trunk link. The port becomes a trunk port even if the neighbouring port does not agree to the change.
The dynamic auto makes the Ethernet port willing to convert the link to a trunk link. The port becomes a trunk port if the neighbouring port is set to trunk or dynamic desert mode. This is the default mode for all Ethernet ports. And lastly, we’re going to talk about the dynamic desirable, which makes the port actively attempt to convert the link to a trunk link. The port becomes a trunk port if the neighbouring Ethernet port is set to trunk, dynamic disable, or dynamic auto mode. And here are the best practises for VLANs and tracking. First, we need to avoid using VLAN 1 to avoid security issues because it is the default VLAN. Second, we need to configure transports manually. Don’t use DTP, please. You can face big problems if you use DTP, actually. And third, we need to use Dotlink instead of ISL. We need to use SSH instead of a terminal for remote connections because SSH uses encryption for the connection. And we need to make the native villain different from Villain Man to prevent TTP spoofing.
2. 3_2- VLAN Trunking Protocol (VTP)
VTP VLAN ranking protocol is a Cisco proprietary protocol that propagates the definition of VLANs on the HU network in the same VTP domain and provides easier management because you do not manually add or delete VLANs in VTP protocol. We have a VTP server switch that distributes and synchronises the villain information. You can propagate the normal-range villains with VTP, but if you want to propagate the extended-range villains, you should use VTP version 3. This extended range should be distributed using VTP version three. Guys, let’s go ahead with the VTP modes. We have three modes. They are a server, a client, and a transparent switch. In the server modes, you can create, modify, and delete villains and specify other configuration parameters such as VTP version and VTP pruning switch. In transparent mode, Google just forwards VTP advertisements and does not participate in VTP.
Villains that are created, renamed, or delayed on a transparent switch are local to that switch. Only switches in the clients’ mode can create, modify, or delete villains. Guys, we’re going to make an excellent packet tracer lab about the VTP modes, and you’ll see the difference between the server client and the transparent on our lab exercise, and you will understand what is going on between these guys better. Let’s go ahead with the VTP versions. We have three versions of the VTP: VTP version 1, VDP version 2, and VTP version 3. VTP version one is the default VTP mode. VTP version two is similar to VTP version one and additionally supports the torque ring, and VTP version three is the version that provides more security enhancements with the capability of supporting extended wheels and range. And let’s go ahead with the configuration revision number term. A configuration revision number is a 32-bit number that indicates the level of revision for a VTP packet and is used to determine whether the received information is more recent than the current version.
This number is incremented by one for each VLAN change, and if the switch receives an update with a higher revision number, this update is always used. For example, let’s say that we have a VTP server here, and let’s say that we just switched one, and let’s say that this is switch two, and this guy is switch three. And let’s say that when we create a villain here, for example, let’s create wheel and 20 in herebecause this is a VTP server villain, 20 will be created automatically on this switch as well as on this switch three, as you can see in here. And as soon as I add New England to this guy, the revision number will change from 16 to 17 everywhere. As you can see, Let’s go ahead with the VTP message types. We have three VDP message types: summary advertisement, advertisement request, and the subset advertisement. Summary advertisement is sent by the VTP server in five-minute intervals to its adjacent switch and includes the VTP domain name and the configuration revision number.
A request for advertising is sent. If the summary advertisement includes a higher configuration number than the current value and the subset advertisement holds the villain information, Let’s go ahead and see how we can configure the VTP. To configure the VTP villa tracking protocol on Aswitch, first we need to choose the VTP mode. VTP modes can be server, client, or transparent, as you know. And VTP is the default mode. Okay, to configure the VTP mode and server, we are typing VTP mode and the VTP mode server, client, or transparent, and then we are defining the VTP domain by typing VTP domain and the VTP domain name. Because all the switches should have the same domain name to share the VTP advertisements, we can also define a VTP password that should match on the switches to share the VTP advertisements again. And to verify the VTP configuration, we are using the show VTP status command, and we can check the VTP version, configuration, revision number, number of existing villains, maximum villain supported locally in VTP operating mode, domain name, pruning mode, and something like that.
3. 3_3- Etherchannel
Link aggregation is a method for combining multiple network connections in parallel in order to increase throughput beyond what a single connection could sustain and to provide redundancy in case the links should fail. A type of link aggregation is Ether Channel. Please keep in mind that if you want to create an Ether Channel between two endpoints, the interface types on both sides must be the same. For example, gigabits to gigabits All right, as you can see in this diagram, we have four separate gigabit links connecting these switches to each other. And by using the ITER Channel, we are combining them, so we are getting a 4-gigabit per second Ether Channel link. Let’s go ahead with the benefits of link aggregation. We have some significant benefits from using link aggregation, guys. And, first, instead of configuring four separate links as shown here, you configure only a PO portchannel interface.
Secondly, the ITER channel is just one logical link, as you can see here for STP spanning three protocols. For example, if gigabit link 10 fails, STP is not recalculated. Third, we can do load balancing between separate links. And lastly, we can provide higher bandwidth—up to eight gigabits per second. We are using two main protocols while we are creating the ITER Channel, and they are PAGP and LACP. PAGP is a Cisco proprietary protocol that is used for Ether Channel and can be configured to operate in three different modes. And they are automatic and desirable. Auto mode refers to passive negotiation of the channel; desirable mode refers to active negotiation of the channel; and on mode refers to no protocols being used. It assumes the other side has enabled link aggregation. So what this means is that we have two switches connected to each other, and if I want to create an ITER channel between these two guys by using the PGP protocol, we are choosing the Channel Modules guys. And if I’m using Switch One to create an Ether channel, I also need to choose the symbol for the switch too.
Because if I’m using Alto and want to create an Ether Channel, I can’t use Auto or, for example, Desirable on this site; instead, I should use Auto or Desirable on Switch Two to create an ETR channel using PHP. Let’s create the LACP. LACP is the ITER Police specification, which is used for creating Ether Channel and can be configured to operate in three different modes. They are also active and passive. The channel member without the protocol is on the modem-activated port. Active mode enables LACP unconditionally for unrelated interfaces, and passive mode enables LACP only when an LACP device is detected. For example, let’s say that we have Switch One and Switch Two again in here. We have separate gig links, for example, and we can create an ITER channel between these two guys using LACP, which is an industry standard. For this time, if I’m choosing the channel mode only in here, for example, for a switch to “I should use on just if I’m using active on this side,” I need to choose active or passive.
And if I choose the passive, I should use the active on the other end to configure the ITER channel. Firstly, we need to check if our chef supports Ether Channel or Nutcase. Secondly, we need to make sure that duplex mods, which may be half duplex or full duplex, support port speeds that can be gigabit ethernet or fast ethernet or something like that. And the villains, perhaps Villain 2030 or whatever, should match on both sides’ ports. Okay, guys, let’s say that we have four separate ports on each of the two switches, as you can see here: gig 10 one and gig 10 three for Switch One, and gig 102104 for Switch Two. Okay? If I’m using a gigabit switch on this side, I should not use fast ethernet, for example, on this side. If I’m using full duplex on this side, I cannot use half duplex on this side. For example, if this port is attached to villain 20, this port should not be attached to villain 30 for example.
OK, to create an ITER channel with duplex modes, port speeds, and villain numbers that match, And we also need to choose the right channel mode. As you know, the configuration is pretty straightforward to establish an Ether channel between two separate switches; what I’m using is the switch-once configuration. First, I’m getting into the interface mode by typing “interface range faster one and two,” which means I’m going to apply these commands for both fast eternal one and two. Okay, I’m configuring the switch port modes as trunk, trunk, and trunk. Then I’m choosing the channel mode. For example, channel group, channel group number, and mode will be active for the switch. All right, cool. and on the switch too. I’m doing the same thing with the interface range, switching ports, and motor rank as before, but please note that this time the channel group numbers are also matching, and I’m using the passive for this site.
Okay, let’s go ahead in here. As we can see, if I select active, I must use active or passive to create the ether channel, and I cannot use on. Okay, I’m going back to my scenario, and because of this, to create an ether channel, we are using active on this side and passive on the other end. I should not use it for this end. And to verify the Ether Channel configuration, our command is “Show Ether Channel Summary,” and we are seeing the ports, the groups, the port channel if it is in use or not, and the protocol or something like that. Okay, let’s go ahead and switch to typing the Show Ethernet Channel Summary Command. Cool. And I’m seeing the bundle ports in the ITER channel. And, as you can see, there are faster ones and faster twos. All right, pretty good. and I’m seeing a P value in here. P indicates that these ports are in portchannel, which is great news. The protocol type is then displayed. We can use PAGP or LACP, as you know. And here we are using LACP. Our output says that. And I’m seeing the port channel number, which is PO 1. And I’m seeing an S and a u. What they mean S means this channel is related to the ITER channel. And you mean our ITER channel is working fine?
