CCNP-SWITCHING 300-115
Mohamed Samir YouTube channel
Double CCIEs #27042(R/S&SP)
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
Part II: Building a
Campus Network
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
Virtual LANs
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
Virtual LANs
• A flat network is a single
broadcast domain
• flat networks cannot contain
redundant paths for load
balancing
• To gain any advantage from
additional paths to a destination,
Layer 3 routing functions must be
introduced.
• Management
• Security
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
VLAN Membership
• Static VLAN configuration
• Dynamic VLAN assignment
Configuring Static VLANs
• VLAN 1 is the default VLAN for every switch port.
• VLANs 1002 to 1005 legacy (Token Ring and FDDI switching)
• Catalyst switches can also support extended-range VLAN
numbers 1006 through 4094 vtp mode transparent (VTP
Versions 1 and 2 limitation) no problem with VTP mode v3
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
Configuring Static VLANs
•
•
•
•
•
•
•
•
•
•
Switch(config)# vlan vlan-num
Switch(config-vlan)# name vlan-name
Switch(config)# vlan 2
Switch(config-vlan)# name Engineering
Switch(config-vlan)# vlan 101
Switch(config-vlan)# name Marketing
Switch(config)# interface type member/module/number
Switch(config-if)# switchport
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan vlan-num
Dynamic VLANs
based on the MAC address of an end-user device
• A network administrator also must assign the user’s MAC address to aVLAN in the
database of a VLAN Membership Policy Server (VMPS)
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
Deploying VLANs
• the number of VLANs depends on traffic patterns, application
types, segmentation, and network-management
requirements
• you should not allow VLANs to extend beyond the Layer 2
domain of a distribution switch
• VLANs can be scaled in the switch block by using two basic
methods:
• End-to-end VLANs
• Local VLANs
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
• End-to-End VLANs
• following the 80/20 rule
• End-to-end VLANs are not
recommended
Local VLANs
20/80 rule
L3 functionality in distribution
And core
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
VLAN TRUNK
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
SW2
SW1
FA0/1
FA0/1
FA0/2
FA0/2
FA0/1
FA0/1
FA0/2
FA0/2
SW3
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
SW4
VLAN Trunks
• VLAN Frame Identification
ID as the VLAN number or VLAN “unique color”
• Inter-Switch Link (ISL) protocol
• IEEE 802.1Q protocol
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
Inter-Switch Link Protocol
•
•
•
•
•
•
Cisco-proprietary
ISL adds a 26-byte header and a 4byte trailer to the frame.
The source VLAN is identified with a 15-bit
The trailer contains a cyclic
redundancy check (CRC) value to ensure the data integrity
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
IEEE 802.1Q Protocol
• encapsulating each frame with a VLAN ID header and trailer, 802.1Q
embeds its tagging information within the Layer 2 frame
• 802.1Q also introduces “native VLAN” concept
• 1- 1st (2 byte)tag protocol identifier (TPID) ……0x8100
• 2- 2nd (2byte) Tag Control Information (TCI) field for class of service (CoS)
• The last 12 bits are used as a VLAN identifier (VID)
• ISL adds a total of 30 bytes to each frame, whereas 802.1Q adds 4 bytes
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
Dynamic Trunking Protocol
•
•
•
•
•
•
•
•
•
•
•
•
(DTP) that negotiates a common trunking mode between two switches
VLAN Trunk Configuration
Switch(config)# interface type member/module/number
Switch(config-if)# switchport
Switch(config-if)# switchport trunk encapsulation {isl | dot1q | negotiate}
Switch(config-if)# switchport trunk native vlan vlan-id
Switch(config-if)# switchport trunk allowed vlan {vlan-list | all |
{add | except | remove} vlan-list}
Switch(config-if)# switchport mode {trunk | dynamic {desirable | auto}}
Verification
Switch# show interface gigabitethernet 2/0/1 trunk
show vlan id 2
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
Voice VLANs
• The voice packets
must be carried
over a unique
voice VLAN (known
as the voice VLAN
ID or VVID) or over
the regular data
VLAN (known as
the native VLAN or
the port VLAN ID,
PVID)
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
Switch(config-if)# switchport voice vlan {| dot1p | untagged |
none}
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
Wireless VLANs
• SWITCH exam might not cover wireless AP support
• Cisco APs can operate in one of the two following modes:
• Autonomous mode: The AP operates independently and
directly connects VLANs to WLANs on
• a one-to-one basis.
• Lightweight mode: The AP must join and cooperate with a
wireless LAN controller located
• elsewhere on the network. The AP connects each of its own
WLANs with a VLAN connected to
• the controller. All of the VLAN-WLAN traffic is encapsulated
and carried over a special tunnel
• between the AP and the controller.
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
Any questions ?
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com
Thank you
for your
time ! 
‫شكرا‬
‫جزاكم هللا خير‬
Mohamed Samir
© 2015 Mohamed Samir YouTube channel
All rights reserved.
Email : eng.mohammedsn@gmail.com