SlideShare a Scribd company logo

VLAN

Download as PPTX, PDF
ISMT College
ISMT College

Router-on-a-stick is a method of inter-VLAN routing where a single router interface acts as a trunk link to a switch. This interface is divided into multiple logical subinterfaces, each tied to a VLAN and assigned an IP address. When a host in one VLAN sends traffic to a different VLAN, the switch tags it with the VLAN ID. The router routes the traffic to the correct subinterface and VLAN based on the IP addresses and switch port VLAN configurations. This allows a router to interconnect multiple VLANs using only one physical interface, reducing hardware costs compared to using one interface per VLAN.

Technology
1 of 49
Virtual Local Area Network (VLAN) Prepared by: Roshan Kandel Masters in Information & Communication Engineering 1
Introduction • In a layer 2 switched network, each network segment has its own collision domain and all segments are in same broadcast domain. Every broadcast is seen by every device on the network. • A layer 3 device (typically a Router) is used to segment (divide) a broadcast domain to multiple broadcast domains. • By default, all ports on a switch are in the same broadcast domain. • A Virtual Local Area Network, Virtual LAN, or VLAN, can be used to segment (divide) a single broadcast domain to multiple broadcast domains in a layer 2 switched network. • VLANs are not restricted to any physical boundary in the switched network if the devices are interconnected using switches. 2
• A VLAN can span across multiple switches, or it can be limited within a switch. • A VLAN must be configured as a separate Layer 3 IP subnet and you need a Layer 3 device (typically a Router) to enable communication between different VLANs. • Therefor a VLAN = Broadcast Domain = A Separate IP subnet 3
Advantages of Virtual Local Area Network (VLAN) • The main advantages of VLAN are listed below. • Broadcasts are required for the normal function of a network. Many protocols and applications depend on broadcast communication to function properly. • A layer 2 switched network is in a single broadcast domain and the broadcasts can reach the network segments which are so far where a particular broadcast has no scope and consume available network bandwidth. • If we segment a large LAN to smaller VLANs we can reduce broadcast traffic as each broadcast will be sent on to the relevant VLAN only. 4
• Security: VLANs provide enhanced network security. • In a VLAN network environment, with multiple broadcast domains, network administrators have control over each port and user. • A malicious user can no longer just plug their workstation into any switch port and sniff the network traffic using a packet sniffer. • The network administrator controls each port and whatever resources it is allowed to use. • Cost: Segmenting a large VLAN to smaller VLANs is cheaper than creating a routed network with routers because normally routers costlier than switches. 5
Static VLAN and Dynamic VLAN • Two types of VLAN membership methods exists and they are Static and Dynamic. • Static VLANs: In a static VLAN, the network administrator creates a VLAN and then assigns switch ports to the VLAN. Static VLANs are also called port-based VLANs. • The association with the VLAN does not change until the administrator changes the port assignment. • End-user devices become the members of VLAN based on the physical switch port to which they are connected. 6
• The ports on a single switch can be assigned multiple VLANs. • Even though two devices are connected to different ports on a same switch, traffic will not pass between them if the connected ports are on different VLANs. • We need a layer 3 device (typically a Router) to enable communication between two VLANs. • Dynamic VLANs: In a dynamic VLAN, the switch automatically assigns the port to a VLAN using information from the user device like MAC address, IP address etc. 7
• When a device is connected to a switch port, the switch queries a database to establish VLAN membership. • A network administrator must configure VLAN database of a VLAN Membership Policy Server (VMPS). • Dynamic VLANs support instant movability of end devices. When we move a device from a port on one switch to a port on another switch, the dynamic VLANs will automatically configure the membership of the VLAN. 8
How to create and name static VLAN and IOS commands to create VLAN • To create and name a static VLAN, open console connection to Switch 1, and move to global configuration mode. Enter the following IOS commands to create VLAN 10 and name VLAN 10 as 'engineering'. • SW1>enable • SW1#configure terminal • Enter configuration commands, one per line. End with CNTL/Z. • SW1(config)#vlan 10 • SW1(config-vlan)#name engineering • SW1(config-vlan)#exit • SW1(config)#exit • SW1# 9
• To delete the VLAN, just use the no form of the above command. • SW1(config)#no vlan 10 10
How to view VLAN information using 'show vlan' IOS command • To view VLAN configuration information, open console connection to switch and run the "show vlan" IOS command from privileged mode as shown below. • SW1>enable • SW1#show vlan 11
Types of VLAN connection links - Trunk Links and Access Links • There are two types of VLAN connection links and they are Access link and Trunk link. • Access link: An access link is a link that is part of only one VLAN, and normally access links are for end devices. • Any device attached to an access link is unaware of a VLAN membership. • An access-link connection can understand only standard Ethernet frames. • Switches remove any VLAN information from the frame before it is sent to an access-link device. 12
• Trunk link: A Trunk link can carry multiple VLAN traffic and normally a trunk link is used to connect switches to other switches or to routers. • To identify the VLAN that a frame belongs to, Cisco switches support different identification techniques (VLAN Frame tagging). • Our focus is on IEEE 802.1Q. • A trunk link is not assigned to a specific VLAN. Many VLAN traffic can be transported between switches using a single physical trunk link. 13
Trunk Links and Access Links 14 • The access links are part of only one VLAN and carry traffic to only the end devices connected to that particular VLAN. • But a trunk link is used to connect switches to other switches or to routers and can carry traffic from multiple VLANs.
VLAN Frame tagging • VLAN Frame tagging is a technology which is used to identify the VLAN that the packet belongs to. • The VLAN Frame tag is placed on the Ethernet frame when the Ethernet frame reaches a switch from an access port, which is a member of a VLAN. • If the switch has a trunk port, the Ethernet frame can be forwarded out the trunk link port. • This enables each switch to see what VLAN the Ethernet frame belongs to and can forward the Ethernet frame to corresponding VLAN access ports or to another VLAN trunk port. 15
• Before forwarding the frame to a VLAN access port, the switch removes the VLAN identifier and the VLAN membership information is hence transparent to the end devices. • There are different VLAN frame trunking technologies available. • Inter-Switch Link (ISL): Cisco proprietary VLAN frame tagging. No much support from other vendors. Supported only in old Cisco Switch models. • IEEE 802.1Q: IEEE industry standard VLAN frame tagging • (More information on Dot1Q: https://en.wikipedia.org/wiki/IEEE_802.1Q) 16
What is Native VLAN • Normally a Switch port configured as a trunk port send and receive IEEE 801.q VLAN tagged Ethernet frames. • If a switch receives untagged Ethernet frames on its Trunk port, they are forwarded to the VLAN that is configured on the Switch as native VLAN. • Both sides of the trunk link must be configured to be in same native VLAN. 17
How to configure VLAN trunk link and native VLAN • By default, all switch ports in Layer 2 are configured to operate as access links. • To configure the trunk link, open console connection to Switch 1 and enter the commands as shown below. • SW1>enable • SW1#configure terminal • SW1(config-if)#switchport trunk encapsulation dot1q • SW1(config-if)#switchport mode trunk • SW1(config-if)#switchport trunk native vlan 10 18
• To configure trunk link and native VLAN on Switch 2, open console connection to Switch 2 and enter the commands as shown below. • SW2>enable • SW2#configure terminal • SW2(config-if)#switchport mode trunk • SW2(config-if)#switchport trunk native vlan 10 19
How to configure and assign a Cisco switch access port to a VLAN • Access ports in switches are normally used to connect end devices like workstations and printers. • Access ports belong to only a single VLAN and do not provide any identifying marks on the Ethernet frames. • When configuring an access port, you also want to define which VLAN the port belongs to. • To configure and assign a switch access port to a VLAN, open a console connection to the switch and run the following IOS commands from interface configuration mode. 20
• SW1>enable • SW1#configure terminal • SW1(config)#interface fa0/1 • SW1(config-if)#switchport mode access • SW1(config-if)#switchport access vlan 10 • SW1(config-if)#exit • SW1(config)#interface fa0/10 • SW1(config-if)#switchport mode access • SW1(config-if)#switchport access vlan 20 21
What is VLAN Trunking Protocol (VTP) • For a small network VLAN configuration and VLAN trunking configuration is easy to manage. • But configuring VLAN and VLAN trunking for large networks with many interconnected switches can be a very difficult task. • VLAN Trunk Protocol (VTP) is a protocol created by Cisco to create and manage VLANs for a large network with many interconnected switches and to maintain consistency throughout the network. • In other words, switches use VLAN trunking protocol (VTP) to communicate among themselves about VLAN configuration. 22
• The VLAN Trunking Protocol (VTP) is a very useful protocol to create, manage and maintain a large network with many interconnected switches. • The VLAN Trunking Protocol (VTP) can manage the addition, deletion, and renaming of VLANs from a central point without manual intervention and VLAN Trunk Protocol (VTP) thus reduces network administration in a switched network. 23
Scenario: The University School 24 • Suppose you work for a school at a university, and the school is in the process of moving to a different building. In the new building, administrative operations and academic labs will be located on the same floor. In the interest of saving money and time, it has been decided that all of the school's devices will be connected via a single network switch. Since security of the administrative devices is important, the administrative network must be physically or virtually separated from the academic network. • The administrative network devices will be assigned into VLAN 100, and all academic network devices will be assigned into VLAN 200. On the switch, all administrative devices will be connected to switchports Fast Ethernet 0/1–0/12, and all academic devices will be connected to switchports Fast Ethernet 0/13– 0/24. • To set up this design, each interface must be configured into its respective VLAN.
Inter-VLAN Routing • A VLAN is a broadcast domain, which means computers on separate VLANs are unable to communicate without the intervention of a routing device. • Whenever hosts in one VLAN need to communicate with hosts in another VLAN, the traffic must be routed through a routing device. • This process is known as inter-VLAN routing. • To successfully exchange information between VLANs, you need a router or a Layer 3 switch. 25
• There are three possible ways to implement inter-VLAN routing: • 1. Traditional Inter-VLAN Routing • 2. Router-on-a-Stick Inter-VLAN Routing • 3. Multilayer Switch Inter-VLAN Routing 26
1. Traditional Inter-VLAN Routing • This method of inter-VLAN routing relies on a router with multiple physical interfaces. • Each interface is usually connected to the switch, one for each VLAN. • The switch ports connected to the router are placed in access mode and each router interface can then accept traffic from the VLAN associated with the switch interface that it is connected to, and traffic can be routed to the other VLANs connected to the other interfaces. • This means that each of the routers’ interface IP addresses would then become the default gateway address for each host in each VLAN. 27
• Let’s take a look at the diagram shown below. • If Host A on VLAN 10, wants to send a message to Host B on VLAN 20, it would take the following steps: 28
Steps • Host A checks whether the destination IP address is in its VLAN; if it is not, the traffic will be forwarded to its default gateway on interface Fa0/0 on the router. • Host A then sends an ARP request to the switch to determine the MAC address of the Fa0/0 interface on the router. Once the router replies, Host A sends the frame to the router as a unicast message, where it is then directly forwarded out the trunk interface to the router. • When the router receives the frame, it determines the destination IP address and interface from the routing table. • The router then sends an ARP request out the interface connected to the destination VLAN (VLAN 20), which corresponds to interface Fa0/1 on the router. • When the switch receives the message, it floods it to its ports, which then triggers Host B to reply with its MAC address. • The router then uses the information gathered to forward the message finally to Host B on VLAN 20 as a unicast frame through the switch. 29
• Step 1: Create VLANs (VLANs 10 and 20) on the switch • Step 2: Assign the VLANs to switch port • Step 3: Configure the IP addresses on the router • Now at this juncture, if you try to ping between Host A and Host B, it will be successful because the two VLANs are now interconnected through the router. • Traditional inter-VLAN routing happens to be the earliest form of inter- VLAN routing. However, this method of inter-VLAN routing is not efficient. • It is archaic (Old-fashioned), and no longer employed in today’s switched networks. 30
• This is because routers have a limited number of physical interfaces that can be used to connect to different VLANs. • Therefore, as the number of VLANs increases on a network, the approach of having one router physical interface per VLAN becomes unsustainable due to the inherent hardware limitations of a router. • In order to overcome some of the issues associated with traditional inter-VLAN routing, a new method known as router-on-a-stick was invented. 31
2. Router-on-a-Stick Inter-VLAN Routing • A router-on-a-stick is a method of inter-VLAN routing in which the router is connected to the switch using a single physical interface, hence the name router-on-a-stick. • Most modern inter-VLAN routing implementations are designed using this method. • Unlike the traditional inter-VLAN routing method, router-on-stick does not require multiple physical interfaces on both the router and the switch. • Instead, the router’s operating system makes it possible to configure the router interface to operate as a trunk link, which is then connected to a switch port that is configured in trunk mode. 32
• This implies that only one physical interface is required on the router and the switch to route packets between multiple VLANs. • IEEE 802.1Q (Dot1q) protocol—which defines a system of VLAN tagging for Ethernet frames, is used to provide multi-vendor VLAN support. • The single physical interface on the router is linked to logical (virtual) subinterfaces, which can be configured with multiple IP addresses that correspond to the VLANs on the switch. 33
• Each subinterface is configured for different subnets corresponding to their VLAN assignment to facilitate logical routing. • The router performs inter-VLAN routing by accepting traffic from all the VLANs. • It then determines the destination network based on the source and destination IP in the packets. • After a routing decision is made based on the destination VLAN, it then forwards the data frames to the switch with the correct VLAN information through the same physical interface used to receive the traffic. 34
• Let’s take a look at the diagram shown below. • If Host A on VLAN 10, wants to send a message to Host B on VLAN 20, the steps it would take are as follows: 35
Steps • Host A sends its unicast traffic to the switch. • The switch then tags the unicast traffic as originating on VLAN 10 and forwards it out its trunk link to the router. • The router accepts the tagged unicast traffic on VLAN 10 and routes it to VLAN 20 using its configured subinterfaces. • The unicast traffic is tagged with VLAN 20 as it is sent out the router interface to the switch. • The switch removes the VLAN tag of the unicast frame and forwards the frame directly to Host B on port Fa0/3. 36
• Step 1: Create VLANs (VLANs 10 and 20) on the switch • Step 2: Assign the VLANs to switch ports • Step 3: Configure the IP addresses on the router 37 Enter global configuration mode Router# conf t Enter sub-interface config. mode for fa0/1.10 Router(config)# interface fa0/1.10 Set encapsulation type to 802.1Q and assign VLAN 10 to the virtual interface Router(config-subif)# encapsulation dot1Q 10 Configure IP address and subnet mask Router(config-subif)#ip address 192.168.10.1 255.255.255.0 Exit the sub-interface Router(config-subif)#exi
38 Enter sub-interface config. mode for fa0/1.20 Router(config)# interface fa0/1.20 Set the encapsulation type to 802.1Q and assign VLAN 20 to the virtual interface. Router(config-subif)# encapsulation dot1Q 20 Configure IP address and subnet mask Router(config-subif)# ip address 192.168.20.1 255.255.255.0 Exit the sub-interface Router(config-subif)#exit
• A ping between Host A and Host B will be successful because the two VLANs are now interconnected through the router. • The router-on-a-stick method of inter-VLAN routing also has some limitations, such as scalability and latency issues. • To overcome these issues, Cisco developed a better alternative: The Multilayer Switch Inter-VLAN Routing. 39
3. Multilayer Switch Inter-VLAN Routing • Multilayer Switch Inter-VLAN Routing is a method of inter-VLAN routing in which a different kind of switch known as a multilayer switch is used to perform routing functions. • A multilayer switch is a hybrid device that combines the functions of a switch with a router, which enables it to operate on both Layer 2 (L2) and Layer 3 (L3) of the OSI model, hence the name multilayer. • Unlike the router-on-a-stick inter-VLAN routing method, a multilayer switch inter-VLAN routing does not require a dedicated router— everything happens inside the switch. 40
• Multilayer switches perform all VLAN routing functions on the network, thereby replacing the need for dedicated routers or trunk links. • To enable a multilayer switch to perform routing functions, logical (virtual) interfaces known as Switch Virtual Interface (SVI) are used, one for each VLAN. • SVI, also known as the VLAN interface, is a virtual routed interface that connects a VLAN on the device to the Layer 3 routing engine within the same device and can be configured with multiple IP addresses that correspond to the VLANs on the switch. 41
• Each SVI is configured for different subnets corresponding to their assigned VLAN to facilitate logical routing. • When the multilayer switch receives a packet in a VLAN intended at the Layer 2 switch, the multilayer switch performs routing. Let’s take a look at the diagram shown above: 42
Steps • If Host A in VLAN 10, wants to send a message to Host B in VLAN 20, the steps it would take are as follows: • Host A sends its unicast traffic to the directly connected L2 switch. • L2 switch tags the unicast traffic as originating on VLAN 10 and forwards it to the L3 switch via the trunk link. • The L3 switch removes the VLAN tag and forwards the unicast traffic internally to the VLAN 10 virtual interface. • The L3 switch internally routes the unicast traffic to its VLAN 20 virtual interface and then retags the traffic, which it then forwards back to the L2 switch via the trunk link. • L2 switch removes the VLAN tag of the unicast frame and forwards the frame directly to Host B on port fa0/3. 43
• To configure multilayer switch inter-VLAN routing on a Cisco device, in accordance with the diagram, follow the steps below: • Step 1: Create VLANs (VLANs 10 and 20) on the L2 switch • Step 2: Assign the VLANs to the L2 switch ports • Step 3: Enable L3 routing and create VLANs (VLANs 10 and 20) on the L3 switch 44
Step 3: Enable L3 routing and create VLANs (VLANs 10 and 20) on the L3 switch Description Command Enter global configuration mode L2-Switch#conf t Enable L3 routing L3-Switch(config) # ip routing Create VLAN 10 L3-Switch(config)#vlan 10 Give a name to VLAN 10 L3-Switch(config-vlan)# name Admin-dept Create VLAN 20 L3-Switch(config-vlan)# vlan 20 Give a name to VLAN 20 L3-Switch(config-vlan)# name Finance-dept Exit the VLAN config mode L3-Switch(config-vlan)# exit Enter interface configuration for fa0/1 L3-Switch(config)# interface fa0/1 Set the encapsulation type to 802.1Q on the interface L3-Switch(config-if)# switchport trunk encapsulation dot1q Set the port to trunk mode L3-Switch(config-if)#switchport mode trunk 45
Step 4: Configure Switch VLAN Interfaces (SVI) Description Command Enter global configuration mode L3-Switch# conf t Create a virtual interface for VLAN 10 and enter interface configuration mode. L3-Switch(config)# interface vlan10 Configure a static route to reach VLAN 10 L3-Switch(config-if)# ip address 192.168.10.1 255.255.255.0 Activate interface L3-Switch(config-if)# no shut Exit the interface L3-Switch(config-if)# exit Create a virtual interface for VLAN 20 and enter interface configuration mode L3-Switch(config)# interface vlan20 Configure a static route to reach VLAN 20 L3-Switch(config-if)# ip address 192.168.20.1 255.255.255.0 Activate interface L3-Switch(config-if)# no shut 46
• Again, a ping between Host A and Host B will be successful because the two VLANs are now interconnected through the multilayer switch. • Multilayer switch inter-VLAN routing is faster and more scalable than any other inter-VLAN routing implementation. • This is because routers are limited by the number of available physical interfaces or ports, as well as the amounts of traffic that can be accommodated on the trunk link at one time. • However, a multilayer switch does not totally replace the functionality of a router, as routers support a wide range of other supplementary features and capabilities. 47
Comparison of the various inter-VLAN routing method Metric Traditional Inter-VLAN Routing Router-on-a-Stick Multilayer Switch Supported routing protocol on switch Static routing Static routing Static and dynamic routing Port Mode Access mode Trunk mode Trunk mode Bandwidth No bandwidth contention Bandwidth contention No bandwidth contention Latency High Medium Low Scalability Poor Poor Excellent Number of physical interfaces One physical interface per VLAN One physical interface for many VLANs One physical interface for many VLANs TCO High Medium Low Configuration Complexity Low Medium High Acceptability Archaic – No longer implemented Modern–widely implemented Modern–widely implemented Ideal for Legacy networks SME networks Large enterprise networks 48
Thank You 49

Recommended

Vlan
VlanVlan
Vlanilias ahmed
 
vlan
vlanvlan
vlanSunrise Dawn
 
SDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingSDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingThomas Graf
 
Vlan
Vlan Vlan
Vlan sanss40
 
VLAN Trunking Protocol (VTP)
VLAN Trunking Protocol (VTP)VLAN Trunking Protocol (VTP)
VLAN Trunking Protocol (VTP)Naveen Soni
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Diverajdeep
 
Vpc notes
Vpc notesVpc notes
Vpc notesKrunal Shah
 
Vxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalVxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalKwonSun Bae
 

Recommended

Vlan
VlanVlan
Vlanilias ahmed
 
vlan
vlanvlan
vlanSunrise Dawn
 
SDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingSDN & NFV Introduction - Open Source Data Center Networking
SDN & NFV Introduction - Open Source Data Center NetworkingThomas Graf
 
Vlan
Vlan Vlan
Vlan sanss40
 
VLAN Trunking Protocol (VTP)
VLAN Trunking Protocol (VTP)VLAN Trunking Protocol (VTP)
VLAN Trunking Protocol (VTP)Naveen Soni
 
OpenvSwitch Deep Dive
OpenvSwitch Deep DiveOpenvSwitch Deep Dive
OpenvSwitch Deep Diverajdeep
 
Vpc notes
Vpc notesVpc notes
Vpc notesKrunal Shah
 
Vxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalVxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalKwonSun Bae
 
Vlan lab
Vlan labVlan lab
Vlan labtmim8
 
Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch IntroductionHungWei Chiu
 
VLAN
VLANVLAN
VLANVarsha Honde
 
Network Virtualization
Network VirtualizationNetwork Virtualization
Network VirtualizationKingston Smiler
 
CCNA - Routing & Switching Commands
CCNA - Routing & Switching CommandsCCNA - Routing & Switching Commands
CCNA - Routing & Switching CommandsEng. Emad Al-Atoum
 
Vlan
VlanVlan
VlanMadhya Pradesh Madhya Kshetra Vidyut Vitran Co., Ltd.
 
Lab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routingLab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routingMuhd Mu'izuddin
 
Introduction to SDN: Software Defined Networking
Introduction to SDN: Software Defined NetworkingIntroduction to SDN: Software Defined Networking
Introduction to SDN: Software Defined NetworkingAnkita Mahajan
 
The Data Center Network Evolution
The Data Center Network EvolutionThe Data Center Network Evolution
The Data Center Network EvolutionCisco Canada
 
Vlans (virtual local area networks)
Vlans (virtual local area networks)Vlans (virtual local area networks)
Vlans (virtual local area networks)Kanishk Raj
 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNCisco Canada
 
Introduction to OpenFlow, SDN and NFV
Introduction to OpenFlow, SDN and NFVIntroduction to OpenFlow, SDN and NFV
Introduction to OpenFlow, SDN and NFVKingston Smiler
 
Network virtualization
Network virtualizationNetwork virtualization
Network virtualizationDamian Parniewicz
 
Vss vs.vpc
Vss vs.vpcVss vs.vpc
Vss vs.vpcIT Tech
 
VXLAN
VXLANVXLAN
VXLANSAliyev1
 
HSRP ccna
HSRP ccna HSRP ccna
HSRP ccna MohamedJafar5
 
Layer 3 redundancy hsrp
Layer 3 redundancy hsrpLayer 3 redundancy hsrp
Layer 3 redundancy hsrpEdgardo Scrimaglia
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep diveTrinath Somanchi
 
Nfv
NfvNfv
NfvAhmad Hijazi
 
Vxlan control plane and routing
Vxlan control plane and routingVxlan control plane and routing
Vxlan control plane and routingWilfredzeng
 
mod8-VLANs.ppt
mod8-VLANs.pptmod8-VLANs.ppt
mod8-VLANs.pptSAROORNAGARCMCORE
 
Mod8 vlans
Mod8 vlansMod8 vlans
Mod8 vlansMohan Kumaresan
 

More Related Content

What's hot

Vlan lab
Vlan labVlan lab
Vlan labtmim8
 
Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch IntroductionHungWei Chiu
 
CCNA - Routing & Switching Commands
CCNA - Routing & Switching CommandsCCNA - Routing & Switching Commands
CCNA - Routing & Switching CommandsEng. Emad Al-Atoum
 
Lab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routingLab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routingMuhd Mu'izuddin
 
Introduction to SDN: Software Defined Networking
Introduction to SDN: Software Defined NetworkingIntroduction to SDN: Software Defined Networking
Introduction to SDN: Software Defined NetworkingAnkita Mahajan
 
The Data Center Network Evolution
The Data Center Network EvolutionThe Data Center Network Evolution
The Data Center Network EvolutionCisco Canada
 
Vlans (virtual local area networks)
Vlans (virtual local area networks)Vlans (virtual local area networks)
Vlans (virtual local area networks)Kanishk Raj
 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNCisco Canada
 
Introduction to OpenFlow, SDN and NFV
Introduction to OpenFlow, SDN and NFVIntroduction to OpenFlow, SDN and NFV
Introduction to OpenFlow, SDN and NFVKingston Smiler
 
Vss vs.vpc
Vss vs.vpcVss vs.vpc
Vss vs.vpcIT Tech
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep diveTrinath Somanchi
 
Vxlan control plane and routing
Vxlan control plane and routingVxlan control plane and routing
Vxlan control plane and routingWilfredzeng
 

What's hot (20)

Vlan lab
Vlan labVlan lab
Vlan lab
 
Open vSwitch Introduction
Open vSwitch IntroductionOpen vSwitch Introduction
Open vSwitch Introduction
 
VLAN
VLANVLAN
VLAN
 
Network Virtualization
Network VirtualizationNetwork Virtualization
Network Virtualization
 
CCNA - Routing & Switching Commands
CCNA - Routing & Switching CommandsCCNA - Routing & Switching Commands
CCNA - Routing & Switching Commands
 
Vlan
VlanVlan
Vlan
 
Lab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routingLab 6.4.1 InterVLAN routing
Lab 6.4.1 InterVLAN routing
 
Introduction to SDN: Software Defined Networking
Introduction to SDN: Software Defined NetworkingIntroduction to SDN: Software Defined Networking
Introduction to SDN: Software Defined Networking
 
The Data Center Network Evolution
The Data Center Network EvolutionThe Data Center Network Evolution
The Data Center Network Evolution
 
Vlans (virtual local area networks)
Vlans (virtual local area networks)Vlans (virtual local area networks)
Vlans (virtual local area networks)
 
Building DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPNBuilding DataCenter networks with VXLAN BGP-EVPN
Building DataCenter networks with VXLAN BGP-EVPN
 
Introduction to OpenFlow, SDN and NFV
Introduction to OpenFlow, SDN and NFVIntroduction to OpenFlow, SDN and NFV
Introduction to OpenFlow, SDN and NFV
 
Network virtualization
Network virtualizationNetwork virtualization
Network virtualization
 
Vss vs.vpc
Vss vs.vpcVss vs.vpc
Vss vs.vpc
 
VXLAN
VXLANVXLAN
VXLAN
 
HSRP ccna
HSRP ccna HSRP ccna
HSRP ccna
 
Layer 3 redundancy hsrp
Layer 3 redundancy hsrpLayer 3 redundancy hsrp
Layer 3 redundancy hsrp
 
OVN - Basics and deep dive
OVN - Basics and deep diveOVN - Basics and deep dive
OVN - Basics and deep dive
 
Nfv
NfvNfv
Nfv
 
Vxlan control plane and routing
Vxlan control plane and routingVxlan control plane and routing
Vxlan control plane and routing
 

Similar to VLAN

W3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdf
W3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdfW3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdf
W3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdfgummybear37
 
Lecture_Network Design, InterVlan Routing and Trunking_.pptx
Lecture_Network Design, InterVlan Routing and Trunking_.pptxLecture_Network Design, InterVlan Routing and Trunking_.pptx
Lecture_Network Design, InterVlan Routing and Trunking_.pptxSaqibAhmedKhan4
 
Vla ns
Vla nsVla ns
Vla nsUDLA
 
vlaN.pptgfggdfgdrgsegtrgthyrtewgsrdhftjf
vlaN.pptgfggdfgdrgsegtrgthyrtewgsrdhftjfvlaN.pptgfggdfgdrgsegtrgthyrtewgsrdhftjf
vlaN.pptgfggdfgdrgsegtrgthyrtewgsrdhftjfpeterhaile1
 
VLANs_Module_3.pptx
VLANs_Module_3.pptxVLANs_Module_3.pptx
VLANs_Module_3.pptxBOURY1
 
Vlan.pdf
Vlan.pdfVlan.pdf
Vlan.pdfitwkd
 
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram SnehiVLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram SnehiMR. VIKRAM SNEHI
 
VLAN chapters for networking CCNA_RSE_Chp6.pptx
VLAN chapters for networking CCNA_RSE_Chp6.pptxVLAN chapters for networking CCNA_RSE_Chp6.pptx
VLAN chapters for networking CCNA_RSE_Chp6.pptxmuhammadFaheem656405
 
Лекц 9
Лекц 9Лекц 9
Лекц 9Muuluu
 
VIRTUAL LANS
VIRTUAL LANSVIRTUAL LANS
VIRTUAL LANSanilinvns
 
Day 5 VIRTUAL LANS
Day 5 VIRTUAL LANSDay 5 VIRTUAL LANS
Day 5 VIRTUAL LANSanilinvns
 
Ch3 ccna exploration 3 lan switching and wireless
Ch3 ccna exploration 3 lan switching and wirelessCh3 ccna exploration 3 lan switching and wireless
Ch3 ccna exploration 3 lan switching and wirelesskratos2424
 
Virtual Local Area Network
Virtual Local Area NetworkVirtual Local Area Network
Virtual Local Area NetworkAtakan ATAK
 
Inter-VLAN Routing
Inter-VLAN RoutingInter-VLAN Routing
Inter-VLAN Routingrmosate
 

Similar to VLAN (20)

mod8-VLANs.ppt
mod8-VLANs.pptmod8-VLANs.ppt
mod8-VLANs.ppt
 
Mod8 vlans
Mod8 vlansMod8 vlans
Mod8 vlans
 
W3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdf
W3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdfW3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdf
W3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdf
 
Lecture_Network Design, InterVlan Routing and Trunking_.pptx
Lecture_Network Design, InterVlan Routing and Trunking_.pptxLecture_Network Design, InterVlan Routing and Trunking_.pptx
Lecture_Network Design, InterVlan Routing and Trunking_.pptx
 
CCNA_RSE_Chp6.pptx
CCNA_RSE_Chp6.pptxCCNA_RSE_Chp6.pptx
CCNA_RSE_Chp6.pptx
 
Vla ns
Vla nsVla ns
Vla ns
 
vlaN.pptgfggdfgdrgsegtrgthyrtewgsrdhftjf
vlaN.pptgfggdfgdrgsegtrgthyrtewgsrdhftjfvlaN.pptgfggdfgdrgsegtrgthyrtewgsrdhftjf
vlaN.pptgfggdfgdrgsegtrgthyrtewgsrdhftjf
 
VLANs_Module_3.pptx
VLANs_Module_3.pptxVLANs_Module_3.pptx
VLANs_Module_3.pptx
 
Chapter 8 .vlan.pdf
Chapter 8 .vlan.pdfChapter 8 .vlan.pdf
Chapter 8 .vlan.pdf
 
Vlan.pdf
Vlan.pdfVlan.pdf
Vlan.pdf
 
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram SnehiVLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
 
vlan
vlanvlan
vlan
 
VLAN chapters for networking CCNA_RSE_Chp6.pptx
VLAN chapters for networking CCNA_RSE_Chp6.pptxVLAN chapters for networking CCNA_RSE_Chp6.pptx
VLAN chapters for networking CCNA_RSE_Chp6.pptx
 
Лекц 9
Лекц 9Лекц 9
Лекц 9
 
Day 14.2 inter vlan
Day 14.2 inter vlanDay 14.2 inter vlan
Day 14.2 inter vlan
 
VIRTUAL LANS
VIRTUAL LANSVIRTUAL LANS
VIRTUAL LANS
 
Day 5 VIRTUAL LANS
Day 5 VIRTUAL LANSDay 5 VIRTUAL LANS
Day 5 VIRTUAL LANS
 
Ch3 ccna exploration 3 lan switching and wireless
Ch3 ccna exploration 3 lan switching and wirelessCh3 ccna exploration 3 lan switching and wireless
Ch3 ccna exploration 3 lan switching and wireless
 
Virtual Local Area Network
Virtual Local Area NetworkVirtual Local Area Network
Virtual Local Area Network
 
Inter-VLAN Routing
Inter-VLAN RoutingInter-VLAN Routing
Inter-VLAN Routing
 

More from ISMT College

Time delays & counter.ppt
Time delays & counter.pptTime delays & counter.ppt
Time delays & counter.pptISMT College
 
Timing Diagram.pptx
Timing Diagram.pptxTiming Diagram.pptx
Timing Diagram.pptxISMT College
 
4. Instruction Set Of MP 8085.pptx
4. Instruction Set Of MP 8085.pptx4. Instruction Set Of MP 8085.pptx
4. Instruction Set Of MP 8085.pptxISMT College
 
3. Addressing Modes in 8085 microprocessor.pptx
3. Addressing Modes in 8085 microprocessor.pptx3. Addressing Modes in 8085 microprocessor.pptx
3. Addressing Modes in 8085 microprocessor.pptxISMT College
 
2. 8085-Microprocessor.pptx
2. 8085-Microprocessor.pptx2. 8085-Microprocessor.pptx
2. 8085-Microprocessor.pptxISMT College
 
1. Introduction to Microprocessor.pptx
1. Introduction to Microprocessor.pptx1. Introduction to Microprocessor.pptx
1. Introduction to Microprocessor.pptxISMT College
 
Digital Logic BCA TU Chapter 2.2
Digital Logic BCA TU Chapter 2.2Digital Logic BCA TU Chapter 2.2
Digital Logic BCA TU Chapter 2.2ISMT College
 
Chapter 1 Introduction to Digital Logic
Chapter 1 Introduction to Digital LogicChapter 1 Introduction to Digital Logic
Chapter 1 Introduction to Digital LogicISMT College
 
Access Control List (ACL)
Access Control List (ACL)Access Control List (ACL)
Access Control List (ACL)ISMT College
 
Introduction to Counters
Introduction to CountersIntroduction to Counters
Introduction to CountersISMT College
 
Chapter 2.1 introduction to number system
Chapter 2.1 introduction to number systemChapter 2.1 introduction to number system
Chapter 2.1 introduction to number systemISMT College
 
Chapter 1 Introduction to Digital Logic
Chapter 1 Introduction to Digital LogicChapter 1 Introduction to Digital Logic
Chapter 1 Introduction to Digital LogicISMT College
 
Programmable logic devices
Programmable logic devicesProgrammable logic devices
Programmable logic devicesISMT College
 
Basic Gates in Digital Logic
Basic Gates in Digital LogicBasic Gates in Digital Logic
Basic Gates in Digital LogicISMT College
 
Adder & subtractor (Half adder, Full adder, Half subtractor, Full subtractor)
Adder & subtractor (Half adder, Full adder, Half subtractor, Full subtractor)Adder & subtractor (Half adder, Full adder, Half subtractor, Full subtractor)
Adder & subtractor (Half adder, Full adder, Half subtractor, Full subtractor)ISMT College
 
Register in Digital Logic
Register in Digital LogicRegister in Digital Logic
Register in Digital LogicISMT College
 

More from ISMT College (18)

Attack.pptx
Attack.pptxAttack.pptx
Attack.pptx
 
Time delays & counter.ppt
Time delays & counter.pptTime delays & counter.ppt
Time delays & counter.ppt
 
Timing Diagram.pptx
Timing Diagram.pptxTiming Diagram.pptx
Timing Diagram.pptx
 
4. Instruction Set Of MP 8085.pptx
4. Instruction Set Of MP 8085.pptx4. Instruction Set Of MP 8085.pptx
4. Instruction Set Of MP 8085.pptx
 
Instruction.pdf
Instruction.pdfInstruction.pdf
Instruction.pdf
 
3. Addressing Modes in 8085 microprocessor.pptx
3. Addressing Modes in 8085 microprocessor.pptx3. Addressing Modes in 8085 microprocessor.pptx
3. Addressing Modes in 8085 microprocessor.pptx
 
2. 8085-Microprocessor.pptx
2. 8085-Microprocessor.pptx2. 8085-Microprocessor.pptx
2. 8085-Microprocessor.pptx
 
1. Introduction to Microprocessor.pptx
1. Introduction to Microprocessor.pptx1. Introduction to Microprocessor.pptx
1. Introduction to Microprocessor.pptx
 
Digital Logic BCA TU Chapter 2.2
Digital Logic BCA TU Chapter 2.2Digital Logic BCA TU Chapter 2.2
Digital Logic BCA TU Chapter 2.2
 
Chapter 1 Introduction to Digital Logic
Chapter 1 Introduction to Digital LogicChapter 1 Introduction to Digital Logic
Chapter 1 Introduction to Digital Logic
 
Access Control List (ACL)
Access Control List (ACL)Access Control List (ACL)
Access Control List (ACL)
 
Introduction to Counters
Introduction to CountersIntroduction to Counters
Introduction to Counters
 
Chapter 2.1 introduction to number system
Chapter 2.1 introduction to number systemChapter 2.1 introduction to number system
Chapter 2.1 introduction to number system
 
Chapter 1 Introduction to Digital Logic
Chapter 1 Introduction to Digital LogicChapter 1 Introduction to Digital Logic
Chapter 1 Introduction to Digital Logic
 
Programmable logic devices
Programmable logic devicesProgrammable logic devices
Programmable logic devices
 
Basic Gates in Digital Logic
Basic Gates in Digital LogicBasic Gates in Digital Logic
Basic Gates in Digital Logic
 
Adder & subtractor (Half adder, Full adder, Half subtractor, Full subtractor)
Adder & subtractor (Half adder, Full adder, Half subtractor, Full subtractor)Adder & subtractor (Half adder, Full adder, Half subtractor, Full subtractor)
Adder & subtractor (Half adder, Full adder, Half subtractor, Full subtractor)
 
Register in Digital Logic
Register in Digital LogicRegister in Digital Logic
Register in Digital Logic
 

Recently uploaded

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 

Recently uploaded (20)

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 

VLAN

  • 1. Virtual Local Area Network (VLAN) Prepared by: Roshan Kandel Masters in Information & Communication Engineering 1
  • 2. Introduction • In a layer 2 switched network, each network segment has its own collision domain and all segments are in same broadcast domain. Every broadcast is seen by every device on the network. • A layer 3 device (typically a Router) is used to segment (divide) a broadcast domain to multiple broadcast domains. • By default, all ports on a switch are in the same broadcast domain. • A Virtual Local Area Network, Virtual LAN, or VLAN, can be used to segment (divide) a single broadcast domain to multiple broadcast domains in a layer 2 switched network. • VLANs are not restricted to any physical boundary in the switched network if the devices are interconnected using switches. 2
  • 3. • A VLAN can span across multiple switches, or it can be limited within a switch. • A VLAN must be configured as a separate Layer 3 IP subnet and you need a Layer 3 device (typically a Router) to enable communication between different VLANs. • Therefor a VLAN = Broadcast Domain = A Separate IP subnet 3
  • 4. Advantages of Virtual Local Area Network (VLAN) • The main advantages of VLAN are listed below. • Broadcasts are required for the normal function of a network. Many protocols and applications depend on broadcast communication to function properly. • A layer 2 switched network is in a single broadcast domain and the broadcasts can reach the network segments which are so far where a particular broadcast has no scope and consume available network bandwidth. • If we segment a large LAN to smaller VLANs we can reduce broadcast traffic as each broadcast will be sent on to the relevant VLAN only. 4
  • 5. • Security: VLANs provide enhanced network security. • In a VLAN network environment, with multiple broadcast domains, network administrators have control over each port and user. • A malicious user can no longer just plug their workstation into any switch port and sniff the network traffic using a packet sniffer. • The network administrator controls each port and whatever resources it is allowed to use. • Cost: Segmenting a large VLAN to smaller VLANs is cheaper than creating a routed network with routers because normally routers costlier than switches. 5
  • 6. Static VLAN and Dynamic VLAN • Two types of VLAN membership methods exists and they are Static and Dynamic. • Static VLANs: In a static VLAN, the network administrator creates a VLAN and then assigns switch ports to the VLAN. Static VLANs are also called port-based VLANs. • The association with the VLAN does not change until the administrator changes the port assignment. • End-user devices become the members of VLAN based on the physical switch port to which they are connected. 6
  • 7. • The ports on a single switch can be assigned multiple VLANs. • Even though two devices are connected to different ports on a same switch, traffic will not pass between them if the connected ports are on different VLANs. • We need a layer 3 device (typically a Router) to enable communication between two VLANs. • Dynamic VLANs: In a dynamic VLAN, the switch automatically assigns the port to a VLAN using information from the user device like MAC address, IP address etc. 7
  • 8. • When a device is connected to a switch port, the switch queries a database to establish VLAN membership. • A network administrator must configure VLAN database of a VLAN Membership Policy Server (VMPS). • Dynamic VLANs support instant movability of end devices. When we move a device from a port on one switch to a port on another switch, the dynamic VLANs will automatically configure the membership of the VLAN. 8
  • 9. How to create and name static VLAN and IOS commands to create VLAN • To create and name a static VLAN, open console connection to Switch 1, and move to global configuration mode. Enter the following IOS commands to create VLAN 10 and name VLAN 10 as 'engineering'. • SW1>enable • SW1#configure terminal • Enter configuration commands, one per line. End with CNTL/Z. • SW1(config)#vlan 10 • SW1(config-vlan)#name engineering • SW1(config-vlan)#exit • SW1(config)#exit • SW1# 9
  • 10. • To delete the VLAN, just use the no form of the above command. • SW1(config)#no vlan 10 10
  • 11. How to view VLAN information using 'show vlan' IOS command • To view VLAN configuration information, open console connection to switch and run the "show vlan" IOS command from privileged mode as shown below. • SW1>enable • SW1#show vlan 11
  • 12. Types of VLAN connection links - Trunk Links and Access Links • There are two types of VLAN connection links and they are Access link and Trunk link. • Access link: An access link is a link that is part of only one VLAN, and normally access links are for end devices. • Any device attached to an access link is unaware of a VLAN membership. • An access-link connection can understand only standard Ethernet frames. • Switches remove any VLAN information from the frame before it is sent to an access-link device. 12
  • 13. • Trunk link: A Trunk link can carry multiple VLAN traffic and normally a trunk link is used to connect switches to other switches or to routers. • To identify the VLAN that a frame belongs to, Cisco switches support different identification techniques (VLAN Frame tagging). • Our focus is on IEEE 802.1Q. • A trunk link is not assigned to a specific VLAN. Many VLAN traffic can be transported between switches using a single physical trunk link. 13
  • 14. Trunk Links and Access Links 14 • The access links are part of only one VLAN and carry traffic to only the end devices connected to that particular VLAN. • But a trunk link is used to connect switches to other switches or to routers and can carry traffic from multiple VLANs.
  • 15. VLAN Frame tagging • VLAN Frame tagging is a technology which is used to identify the VLAN that the packet belongs to. • The VLAN Frame tag is placed on the Ethernet frame when the Ethernet frame reaches a switch from an access port, which is a member of a VLAN. • If the switch has a trunk port, the Ethernet frame can be forwarded out the trunk link port. • This enables each switch to see what VLAN the Ethernet frame belongs to and can forward the Ethernet frame to corresponding VLAN access ports or to another VLAN trunk port. 15
  • 16. • Before forwarding the frame to a VLAN access port, the switch removes the VLAN identifier and the VLAN membership information is hence transparent to the end devices. • There are different VLAN frame trunking technologies available. • Inter-Switch Link (ISL): Cisco proprietary VLAN frame tagging. No much support from other vendors. Supported only in old Cisco Switch models. • IEEE 802.1Q: IEEE industry standard VLAN frame tagging • (More information on Dot1Q: https://en.wikipedia.org/wiki/IEEE_802.1Q) 16
  • 17. What is Native VLAN • Normally a Switch port configured as a trunk port send and receive IEEE 801.q VLAN tagged Ethernet frames. • If a switch receives untagged Ethernet frames on its Trunk port, they are forwarded to the VLAN that is configured on the Switch as native VLAN. • Both sides of the trunk link must be configured to be in same native VLAN. 17
  • 18. How to configure VLAN trunk link and native VLAN • By default, all switch ports in Layer 2 are configured to operate as access links. • To configure the trunk link, open console connection to Switch 1 and enter the commands as shown below. • SW1>enable • SW1#configure terminal • SW1(config-if)#switchport trunk encapsulation dot1q • SW1(config-if)#switchport mode trunk • SW1(config-if)#switchport trunk native vlan 10 18
  • 19. • To configure trunk link and native VLAN on Switch 2, open console connection to Switch 2 and enter the commands as shown below. • SW2>enable • SW2#configure terminal • SW2(config-if)#switchport mode trunk • SW2(config-if)#switchport trunk native vlan 10 19
  • 20. How to configure and assign a Cisco switch access port to a VLAN • Access ports in switches are normally used to connect end devices like workstations and printers. • Access ports belong to only a single VLAN and do not provide any identifying marks on the Ethernet frames. • When configuring an access port, you also want to define which VLAN the port belongs to. • To configure and assign a switch access port to a VLAN, open a console connection to the switch and run the following IOS commands from interface configuration mode. 20
  • 21. • SW1>enable • SW1#configure terminal • SW1(config)#interface fa0/1 • SW1(config-if)#switchport mode access • SW1(config-if)#switchport access vlan 10 • SW1(config-if)#exit • SW1(config)#interface fa0/10 • SW1(config-if)#switchport mode access • SW1(config-if)#switchport access vlan 20 21
  • 22. What is VLAN Trunking Protocol (VTP) • For a small network VLAN configuration and VLAN trunking configuration is easy to manage. • But configuring VLAN and VLAN trunking for large networks with many interconnected switches can be a very difficult task. • VLAN Trunk Protocol (VTP) is a protocol created by Cisco to create and manage VLANs for a large network with many interconnected switches and to maintain consistency throughout the network. • In other words, switches use VLAN trunking protocol (VTP) to communicate among themselves about VLAN configuration. 22
  • 23. • The VLAN Trunking Protocol (VTP) is a very useful protocol to create, manage and maintain a large network with many interconnected switches. • The VLAN Trunking Protocol (VTP) can manage the addition, deletion, and renaming of VLANs from a central point without manual intervention and VLAN Trunk Protocol (VTP) thus reduces network administration in a switched network. 23
  • 24. Scenario: The University School 24 • Suppose you work for a school at a university, and the school is in the process of moving to a different building. In the new building, administrative operations and academic labs will be located on the same floor. In the interest of saving money and time, it has been decided that all of the school's devices will be connected via a single network switch. Since security of the administrative devices is important, the administrative network must be physically or virtually separated from the academic network. • The administrative network devices will be assigned into VLAN 100, and all academic network devices will be assigned into VLAN 200. On the switch, all administrative devices will be connected to switchports Fast Ethernet 0/1–0/12, and all academic devices will be connected to switchports Fast Ethernet 0/13– 0/24. • To set up this design, each interface must be configured into its respective VLAN.
  • 25. Inter-VLAN Routing • A VLAN is a broadcast domain, which means computers on separate VLANs are unable to communicate without the intervention of a routing device. • Whenever hosts in one VLAN need to communicate with hosts in another VLAN, the traffic must be routed through a routing device. • This process is known as inter-VLAN routing. • To successfully exchange information between VLANs, you need a router or a Layer 3 switch. 25
  • 26. • There are three possible ways to implement inter-VLAN routing: • 1. Traditional Inter-VLAN Routing • 2. Router-on-a-Stick Inter-VLAN Routing • 3. Multilayer Switch Inter-VLAN Routing 26
  • 27. 1. Traditional Inter-VLAN Routing • This method of inter-VLAN routing relies on a router with multiple physical interfaces. • Each interface is usually connected to the switch, one for each VLAN. • The switch ports connected to the router are placed in access mode and each router interface can then accept traffic from the VLAN associated with the switch interface that it is connected to, and traffic can be routed to the other VLANs connected to the other interfaces. • This means that each of the routers’ interface IP addresses would then become the default gateway address for each host in each VLAN. 27
  • 28. • Let’s take a look at the diagram shown below. • If Host A on VLAN 10, wants to send a message to Host B on VLAN 20, it would take the following steps: 28
  • 29. Steps • Host A checks whether the destination IP address is in its VLAN; if it is not, the traffic will be forwarded to its default gateway on interface Fa0/0 on the router. • Host A then sends an ARP request to the switch to determine the MAC address of the Fa0/0 interface on the router. Once the router replies, Host A sends the frame to the router as a unicast message, where it is then directly forwarded out the trunk interface to the router. • When the router receives the frame, it determines the destination IP address and interface from the routing table. • The router then sends an ARP request out the interface connected to the destination VLAN (VLAN 20), which corresponds to interface Fa0/1 on the router. • When the switch receives the message, it floods it to its ports, which then triggers Host B to reply with its MAC address. • The router then uses the information gathered to forward the message finally to Host B on VLAN 20 as a unicast frame through the switch. 29
  • 30. • Step 1: Create VLANs (VLANs 10 and 20) on the switch • Step 2: Assign the VLANs to switch port • Step 3: Configure the IP addresses on the router • Now at this juncture, if you try to ping between Host A and Host B, it will be successful because the two VLANs are now interconnected through the router. • Traditional inter-VLAN routing happens to be the earliest form of inter- VLAN routing. However, this method of inter-VLAN routing is not efficient. • It is archaic (Old-fashioned), and no longer employed in today’s switched networks. 30
  • 31. • This is because routers have a limited number of physical interfaces that can be used to connect to different VLANs. • Therefore, as the number of VLANs increases on a network, the approach of having one router physical interface per VLAN becomes unsustainable due to the inherent hardware limitations of a router. • In order to overcome some of the issues associated with traditional inter-VLAN routing, a new method known as router-on-a-stick was invented. 31
  • 32. 2. Router-on-a-Stick Inter-VLAN Routing • A router-on-a-stick is a method of inter-VLAN routing in which the router is connected to the switch using a single physical interface, hence the name router-on-a-stick. • Most modern inter-VLAN routing implementations are designed using this method. • Unlike the traditional inter-VLAN routing method, router-on-stick does not require multiple physical interfaces on both the router and the switch. • Instead, the router’s operating system makes it possible to configure the router interface to operate as a trunk link, which is then connected to a switch port that is configured in trunk mode. 32
  • 33. • This implies that only one physical interface is required on the router and the switch to route packets between multiple VLANs. • IEEE 802.1Q (Dot1q) protocol—which defines a system of VLAN tagging for Ethernet frames, is used to provide multi-vendor VLAN support. • The single physical interface on the router is linked to logical (virtual) subinterfaces, which can be configured with multiple IP addresses that correspond to the VLANs on the switch. 33
  • 34. • Each subinterface is configured for different subnets corresponding to their VLAN assignment to facilitate logical routing. • The router performs inter-VLAN routing by accepting traffic from all the VLANs. • It then determines the destination network based on the source and destination IP in the packets. • After a routing decision is made based on the destination VLAN, it then forwards the data frames to the switch with the correct VLAN information through the same physical interface used to receive the traffic. 34
  • 35. • Let’s take a look at the diagram shown below. • If Host A on VLAN 10, wants to send a message to Host B on VLAN 20, the steps it would take are as follows: 35
  • 36. Steps • Host A sends its unicast traffic to the switch. • The switch then tags the unicast traffic as originating on VLAN 10 and forwards it out its trunk link to the router. • The router accepts the tagged unicast traffic on VLAN 10 and routes it to VLAN 20 using its configured subinterfaces. • The unicast traffic is tagged with VLAN 20 as it is sent out the router interface to the switch. • The switch removes the VLAN tag of the unicast frame and forwards the frame directly to Host B on port Fa0/3. 36
  • 37. • Step 1: Create VLANs (VLANs 10 and 20) on the switch • Step 2: Assign the VLANs to switch ports • Step 3: Configure the IP addresses on the router 37 Enter global configuration mode Router# conf t Enter sub-interface config. mode for fa0/1.10 Router(config)# interface fa0/1.10 Set encapsulation type to 802.1Q and assign VLAN 10 to the virtual interface Router(config-subif)# encapsulation dot1Q 10 Configure IP address and subnet mask Router(config-subif)#ip address 192.168.10.1 255.255.255.0 Exit the sub-interface Router(config-subif)#exi
  • 38. 38 Enter sub-interface config. mode for fa0/1.20 Router(config)# interface fa0/1.20 Set the encapsulation type to 802.1Q and assign VLAN 20 to the virtual interface. Router(config-subif)# encapsulation dot1Q 20 Configure IP address and subnet mask Router(config-subif)# ip address 192.168.20.1 255.255.255.0 Exit the sub-interface Router(config-subif)#exit
  • 39. • A ping between Host A and Host B will be successful because the two VLANs are now interconnected through the router. • The router-on-a-stick method of inter-VLAN routing also has some limitations, such as scalability and latency issues. • To overcome these issues, Cisco developed a better alternative: The Multilayer Switch Inter-VLAN Routing. 39
  • 40. 3. Multilayer Switch Inter-VLAN Routing • Multilayer Switch Inter-VLAN Routing is a method of inter-VLAN routing in which a different kind of switch known as a multilayer switch is used to perform routing functions. • A multilayer switch is a hybrid device that combines the functions of a switch with a router, which enables it to operate on both Layer 2 (L2) and Layer 3 (L3) of the OSI model, hence the name multilayer. • Unlike the router-on-a-stick inter-VLAN routing method, a multilayer switch inter-VLAN routing does not require a dedicated router— everything happens inside the switch. 40
  • 41. • Multilayer switches perform all VLAN routing functions on the network, thereby replacing the need for dedicated routers or trunk links. • To enable a multilayer switch to perform routing functions, logical (virtual) interfaces known as Switch Virtual Interface (SVI) are used, one for each VLAN. • SVI, also known as the VLAN interface, is a virtual routed interface that connects a VLAN on the device to the Layer 3 routing engine within the same device and can be configured with multiple IP addresses that correspond to the VLANs on the switch. 41
  • 42. • Each SVI is configured for different subnets corresponding to their assigned VLAN to facilitate logical routing. • When the multilayer switch receives a packet in a VLAN intended at the Layer 2 switch, the multilayer switch performs routing. Let’s take a look at the diagram shown above: 42
  • 43. Steps • If Host A in VLAN 10, wants to send a message to Host B in VLAN 20, the steps it would take are as follows: • Host A sends its unicast traffic to the directly connected L2 switch. • L2 switch tags the unicast traffic as originating on VLAN 10 and forwards it to the L3 switch via the trunk link. • The L3 switch removes the VLAN tag and forwards the unicast traffic internally to the VLAN 10 virtual interface. • The L3 switch internally routes the unicast traffic to its VLAN 20 virtual interface and then retags the traffic, which it then forwards back to the L2 switch via the trunk link. • L2 switch removes the VLAN tag of the unicast frame and forwards the frame directly to Host B on port fa0/3. 43
  • 44. • To configure multilayer switch inter-VLAN routing on a Cisco device, in accordance with the diagram, follow the steps below: • Step 1: Create VLANs (VLANs 10 and 20) on the L2 switch • Step 2: Assign the VLANs to the L2 switch ports • Step 3: Enable L3 routing and create VLANs (VLANs 10 and 20) on the L3 switch 44
  • 45. Step 3: Enable L3 routing and create VLANs (VLANs 10 and 20) on the L3 switch Description Command Enter global configuration mode L2-Switch#conf t Enable L3 routing L3-Switch(config) # ip routing Create VLAN 10 L3-Switch(config)#vlan 10 Give a name to VLAN 10 L3-Switch(config-vlan)# name Admin-dept Create VLAN 20 L3-Switch(config-vlan)# vlan 20 Give a name to VLAN 20 L3-Switch(config-vlan)# name Finance-dept Exit the VLAN config mode L3-Switch(config-vlan)# exit Enter interface configuration for fa0/1 L3-Switch(config)# interface fa0/1 Set the encapsulation type to 802.1Q on the interface L3-Switch(config-if)# switchport trunk encapsulation dot1q Set the port to trunk mode L3-Switch(config-if)#switchport mode trunk 45
  • 46. Step 4: Configure Switch VLAN Interfaces (SVI) Description Command Enter global configuration mode L3-Switch# conf t Create a virtual interface for VLAN 10 and enter interface configuration mode. L3-Switch(config)# interface vlan10 Configure a static route to reach VLAN 10 L3-Switch(config-if)# ip address 192.168.10.1 255.255.255.0 Activate interface L3-Switch(config-if)# no shut Exit the interface L3-Switch(config-if)# exit Create a virtual interface for VLAN 20 and enter interface configuration mode L3-Switch(config)# interface vlan20 Configure a static route to reach VLAN 20 L3-Switch(config-if)# ip address 192.168.20.1 255.255.255.0 Activate interface L3-Switch(config-if)# no shut 46
  • 47. • Again, a ping between Host A and Host B will be successful because the two VLANs are now interconnected through the multilayer switch. • Multilayer switch inter-VLAN routing is faster and more scalable than any other inter-VLAN routing implementation. • This is because routers are limited by the number of available physical interfaces or ports, as well as the amounts of traffic that can be accommodated on the trunk link at one time. • However, a multilayer switch does not totally replace the functionality of a router, as routers support a wide range of other supplementary features and capabilities. 47
  • 48. Comparison of the various inter-VLAN routing method Metric Traditional Inter-VLAN Routing Router-on-a-Stick Multilayer Switch Supported routing protocol on switch Static routing Static routing Static and dynamic routing Port Mode Access mode Trunk mode Trunk mode Bandwidth No bandwidth contention Bandwidth contention No bandwidth contention Latency High Medium Low Scalability Poor Poor Excellent Number of physical interfaces One physical interface per VLAN One physical interface for many VLANs One physical interface for many VLANs TCO High Medium Low Configuration Complexity Low Medium High Acceptability Archaic – No longer implemented Modern–widely implemented Modern–widely implemented Ideal for Legacy networks SME networks Large enterprise networks 48