|
Home > Archive > alt.certification.cisco > May 2004 > Basic VLAN questions
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Basic VLAN questions
|
|
| pakmaan 2004-04-28, 12:31 pm |
| I have a few simple VLAN questions I'm hoping someone can help me work
out.
1) Does a VLAN need to be assigned an IP address on a switch?
2) If not, are IP assigned to VLANS on switches just for routing
purposes, either via a router of a multilayer switch.
3) When designing a switched network containing multiple VLANS would
one normally assign each VLAN a different IP subnet? How are DHCP
servers usually handled in this situation (one on every subnet or is
there a method of assigning DHCP addresses from one server over many
VLANS)
4) Suppose there is a PC attached to a port on a multilayer switch.
The switch has multiple VLANS and is being used to route VLAN traffic.
Will the default gateway of that PC be the IP address given to the
VLAN on the switch that the PC is a member (I'm sure I could have
worded that better)?
Thanks for any help you can provide.
| |
|
| > 1) Does a VLAN need to be assigned an IP address on a switch?
No (ignoring multilayer switches) There is only 1 Ip address on a switch and
it is for the management of that switch. i.e. So you can Telnet to it and
the IP address should be assigned to the same subnet as the device's
interface that you wish to magage it from. I.e. if you want telnet access
remotely through router R1 to the switch and you have connected R1 to the
switch through the routers interface Fa0/1 and configured the routers
sub-interface fa0/1.1 to belong to VLAN1, then the switches IP address must
be in the same subnet as this sub-interface. the reason for configuring it
as VLAN 1 is that the management VLAN on the switch is usually number 1.
It is the ports on a switch that are configured to be in a particular VLAN
so the hosts (PC's etc.) connected to that port automatically belong to that
particular VLAN and can only comunicate to other hosts in that same VLAN on
other ports either locally or on other switches, unless they pass through a
router, this is termed Inter VLAN Routing.
> 2) If not, are IP assigned to VLANS on switches just for routing
> purposes, either via a router of a multilayer switch.
Ignoring multilayer switches and remember that switches switch MAC addresses
at layer2 and not IP addresses at layer3, They do not even look at the IP
address encapsulated inside the layer2 frame. It is the PC's, routers etc
that need an IP address, these switches are sometimes termed transparent
bridging because at layer3 the 2 hosts can not tell they have passed through
a switch, it is as if the 2 hosts are directly connected to each other on
the LAN so the hosts in the same VLAN need to be in the same subnet as each
other and not the switches.
Regarding multilayer switches I have pasted the concept of their operation
from an earlier post of mine. Bear in mind this is the Cisco way of working.
paste ------------------------
Layer 3 switching is a way of giving the benefits of a layer 2 switch i.e.
speed based on layer 3 routing.
It is achieved in the switch but needs a router to set up each path
originally, either by a remote router or a router module plugged into the
switch. The switch would pass the first packet to the router as normal and
if the router passed the packet back to the same switch (i.e. VLAN routing)
the switch would then modify future frames/packets (i.e. layer2 and 3) and
switch them to the relevent port modifying them so they looked like they
passed through the router.
--------------------------------
> 3) When designing a switched network containing multiple VLANS would
> one normally assign each VLAN a different IP subnet? How are DHCP
> servers usually handled in this situation (one on every subnet or is
> there a method of assigning DHCP addresses from one server over many
> VLANS)
You would configure the devices connected to the switch to be in the
relevent subnets.
i.e.
VLAN 100 is to switch devices in one subnet and VLAN 101 a different subnet
and you could then use Inter VLAN Routing if desired.
You could also use the same subnet for both as long as you never wanted to
route them over a common network as then you would get a conflict of address
space.
As for DHCP the server would be set up on a locally attatched router or
PC/Unix box, the server would have to have either multiple interfaces or
support sub-interfaces, where each interface or sub-interface belonged in a
different VLAN. The server would have a different pool of IP addresses to
allocate depending on which interface/sub-interface the request for an
address came from, so allocating an address in a valid subnet.
>
> 4) Suppose there is a PC attached to a port on a multilayer switch.
> The switch has multiple VLANS and is being used to route VLAN traffic.
> Will the default gateway of that PC be the IP address given to the
> VLAN on the switch that the PC is a member (I'm sure I could have
> worded that better)?
In a multilayer switch where the route processor is built in then. the
router part of the switch would require an ip address in different subnets
for each VLAN and the default gateway of an external device should point to
the relevant address dependant on the VLAN associated with the port it is
connected to. (I probably could have worded that better too)
I hope that lot makes sence
let me know
Toby
| |
| pakmaan 2004-05-01, 11:29 pm |
| It did help. Thanks for the reply.
"Toby" <notavailable@ntlworls.com> wrote in message
news:<IjSjc.367$fp.268@newsfe6-gui.server.ntli.net>...
>
> No (ignoring multilayer switches) There is only 1 Ip address on a switch and
> it is for the management of that switch. i.e. So you can Telnet to it and
> the IP address should be assigned to the same subnet as the device's
> interface that you wish to magage it from. I.e. if you want telnet access
> remotely through router R1 to the switch and you have connected R1 to the
> switch through the routers interface Fa0/1 and configured the routers
> sub-interface fa0/1.1 to belong to VLAN1, then the switches IP address must
> be in the same subnet as this sub-interface. the reason for configuring it
> as VLAN 1 is that the management VLAN on the switch is usually number 1.
>
> It is the ports on a switch that are configured to be in a particular VLAN
> so the hosts (PC's etc.) connected to that port automatically belong to that
> particular VLAN and can only comunicate to other hosts in that same VLAN on
> other ports either locally or on other switches, unless they pass through a
> router, this is termed Inter VLAN Routing.
>
>
> Ignoring multilayer switches and remember that switches switch MAC addresses
> at layer2 and not IP addresses at layer3, They do not even look at the IP
> address encapsulated inside the layer2 frame. It is the PC's, routers etc
> that need an IP address, these switches are sometimes termed transparent
> bridging because at layer3 the 2 hosts can not tell they have passed through
> a switch, it is as if the 2 hosts are directly connected to each other on
> the LAN so the hosts in the same VLAN need to be in the same subnet as each
> other and not the switches.
>
> Regarding multilayer switches I have pasted the concept of their operation
> from an earlier post of mine. Bear in mind this is the Cisco way of working.
>
> paste ------------------------
> Layer 3 switching is a way of giving the benefits of a layer 2 switch i.e.
> speed based on layer 3 routing.
>
> It is achieved in the switch but needs a router to set up each path
> originally, either by a remote router or a router module plugged into the
> switch. The switch would pass the first packet to the router as normal and
> if the router passed the packet back to the same switch (i.e. VLAN routing)
> the switch would then modify future frames/packets (i.e. layer2 and 3) and
> switch them to the relevent port modifying them so they looked like they
> passed through the router.
>
> --------------------------------
>
>
> You would configure the devices connected to the switch to be in the
> relevent subnets.
> i.e.
> VLAN 100 is to switch devices in one subnet and VLAN 101 a different subnet
> and you could then use Inter VLAN Routing if desired.
> You could also use the same subnet for both as long as you never wanted to
> route them over a common network as then you would get a conflict of address
> space.
>
> As for DHCP the server would be set up on a locally attatched router or
> PC/Unix box, the server would have to have either multiple interfaces or
> support sub-interfaces, where each interface or sub-interface belonged in a
> different VLAN. The server would have a different pool of IP addresses to
> allocate depending on which interface/sub-interface the request for an
> address came from, so allocating an address in a valid subnet.
>
>
> In a multilayer switch where the route processor is built in then. the
> router part of the switch would require an ip address in different subnets
> for each VLAN and the default gateway of an external device should point to
> the relevant address dependant on the VLAN associated with the port it is
> connected to. (I probably could have worded that better too)
>
> I hope that lot makes sence
>
> let me know
>
> Toby
|
|
|
|
|