|
|
This chapter describes virtual LAN configurations for the Layer 3 switch router. It describes how to configure Inter-Switch Link (ISL) VLAN encapsulation and how to configure 802.1Q VLAN encapsulation. For more information about the Cisco IOS commands used in this chapter, refer to the Cisco IOS Command Reference publication. This chapter includes the following sections:
 |
Note You are at Step 4 in the suggested process for configuring your Layer 3 switch router (see Table 2-1). This is an optional step. You should have already completed general interface configurations before proceeding with configuring virtual LANs as an optional step. |
Virtual LANs enable network managers to group users logically rather than by physical location. A virtual LAN (VLAN) is an emulation of a standard LAN that allows data transfer and communication to occur without the traditional restraints placed on the network. It can also be considered a broadcast domain set up within a switch. With VLANs, switches can support more than one subnet (or VLAN) on each switch, and give routers and switches the opportunity to support multiple subnets on a single physical link. A group of devices that belong to the same VLAN, but are part of different LAN segments, are configured to communicate as if they were part of the same LAN segment. Layer 3 switching supports up to 244 VLAN subinterfaces per system.
VLANs enable efficient traffic separation and provide excellent bandwidth utilization. VLANs also alleviate scaling issues by logically segmenting the physical LAN structure into different subnetworks so that packets are switched only between ports within the same VLAN. This can be very useful for security, broadcast containment, and accounting.
Layer 3 switching software supports a port-based VLAN on a trunk port, which is a port that carries the traffic of multiple VLANs. Each frame transmitted on a trunk link is tagged as belonging to only one VLAN.
Layer 3 switching software supports VLAN frame encapsulation through the Inter-Switch Link (ISL) protocol and the 802.1Q standard on both the Catalyst 2948G-L3 and the Catalyst 4908G-L3 switch routers.
Figure 5-1 shows a network topology where two VLANs span a Catalyst 5500 switch and a Catalyst 2948G-L3 switch router. Both VLANs in this topology are bridged using the Inter-Switch Link (ISL) protocol.
|
Note Four adjacent Fast Ethernet ports on the Catalyst 2948G-L3 (such as Fast Ethernet 1 through 4 or Fast Ethernet 45 through 48) must all use the same VLAN encapsulation; that is, either ISL or 802.1Q. |
Inter-Switch Link (ISL) is a Cisco protocol for interconnecting multiple switches and maintaining VLAN information as traffic travels between switches.
You can configure VLAN encapsulation on both the Catalyst 2948G-L3 and the Catalyst 4908G-L3 switch routers. The VLAN configuration example for the Catalyst 2948G-L3 in Figure 5-2 shows the following:
|
Note Four adjacent Fast Ethernet ports on the Catalyst 2948G-L3 (such as Fast Ethernet 1 through 4 or Fast Ethernet 45 through 48) must all use the same VLAN encapsulation; that is, either ISL or 802.1Q. |
To configure the ISL VLANs, use the following procedure beginning in global configuration mode:
| Command | Purpose | |
|---|---|---|
Step 1 | Router(config)# interface type number.subinterface-number Router(config-subif)# | Enters subinterface configuration mode to configure the Ethernet subinterface. |
Step 2 | Router(config-subif)# encap isl vlan-id
| |
Step 3 | Router(config-subif)# bridge-group number | Assigns the subinterface to the specified bridge group. When you are configuring VLAN routing, skip this step. |
Step 4 | Router(config-subif)# exit Router(config)# | Returns to global configuration mode. |
Step 5 | Router(config)# bridge number protocol ieee | Specifies that the bridge group will use the IEEE Ethernet Spanning Tree Protocol. |
Step 6 | Router(config)# end Router# | Returns to privileged EXEC mode. |
Step 7 | Router# copy running-config startup-config | Saves your configuration changes to NVRAM. |
The following example shows how to configure the interfaces for VLAN bridging with ISL encapsulation shown in Figure 5-2:
Router(config)#interface fastethernet 2.1Router(config-subif)#encap isl 50Router(config-subif)#bridge-group 1Router(config-subif)#interface fastethernet 1Router(config-if)#bridge-group 1Router(config-if)#exitRouter(config)#bridge 1 protocol ieeeRouter(config)#interface fastethernet 2.2Router(config-subif)#encap isl 100Router(config-subif)#bridge-group 2Router(config-subif)#interface fastethernet 1Router(config-if)#bridge-group 2Router(config-if)#exitRouter(config)#bridge 2 protocol ieeeRouter(config)#endRouter#copy running-config startup-config
To monitor the VLANs once they are configured, refer to the "Monitoring and Verifying VLAN Operation" section.
IEEE 802.1Q VLAN encapsulation uses an internal, or one level, packet tagging scheme to multiplex VLANs across a single physical link, while maintaining strict adherence to the individual VLAN domains. You can use 802.1Q encapsulation on the Layer 3 switch router for routing traffic across the network.
On an IEEE 802.1Q trunk port, all transmitted and received frames are tagged except for those on the VLAN configured as the PVID (port VLAN identifier) or native VLAN for the port. Frames on the native VLAN are always transmitted untagged and are normally received untagged.
You can configure VLAN encapsulation on both the Catalyst 2948G-L3 and the Catalyst 4908G-L3 switch routers. The VLAN configuration example for the Catalyst 2948G-L3 switch router shown in Figure 5-3 depicts the following:
|
Note The Catalyst 2948G-L3 and the Catalyst 4908G-L3 switch routers support 802.1Q routing. |
802.1Q VLANs
|
Note Four adjacent Fast Ethernet ports on the Catalyst 2948G-L3 (such as Fast Ethernet 1 through 4 or Fast Ethernet 45 through 48) must all use the same VLAN encapsulation; that is, either ISL or 802.1Q. |
To configure VLANs for routing using 802.1Q VLAN encapsulation, use the following steps beginning in global configuration mode:
| Command | Purpose | |
|---|---|---|
Step 1 | Router(config)# interface type number.subinterface-number Router(config-subif)# | Enters subinterface configuration mode to configure the Ethernet subinterface. |
Step 2 | Router(config-subif)# encap dot1q vlan-id
| |
Step 3 | Router(config-subif)# ip address ip-address ip-address-mask | Configures an IP address on the subinterface. |
Step 4 | Router(config-subif)# end Router# | Returns to privileged EXEC mode. |
Step 5 | Router# copy running-config startup-config | Saves your configuration changes to NVRAM. |
The following example shows how to configure VLANs for routing using 802.1Q VLAN encapsulation shown in Figure 5-3:
Router(config)#interface fastethernet 2.1Router(config-subif)#encap dot1q 1Router(config-subif)#ip address 10.1.2.3 255.0.0.0Router(config-subif)#exitRouter(config)#interface fastethernet 2.2Router(config-subif)#encap dot1q 2RRouter(config-subif)#ip address 10.1.2.3 255.0.0.1Router(config-subif)#end
Router# copy running-config startup-config
|
Note Untagged packets received on an interface encapsulated with 802.1Q are processed by the central processor. |
Command | Purpose |
|---|---|
|
|
To configure encapsulation over the EtherChannel, see the "About Encapsulation over EtherChannel" section.
Posted: Thu Sep 7 09:18:48 PDT 2000
Copyright 1989-2000©Cisco Systems Inc.