Skip to main content

VLAN CONFIGURATION

 

 CISCO SWITCHECLI INTERFACE HIS 3 MODE

1.USER MODE
                            switch>
2. ENABLE MODE
                                    switch#
3. CONFIGURATION TERMINAL MODE
                                                                           switch(config)#

_________________________

WHEN FIRST TIME ROUTER HIS OPEN THE FIST MODE HIS APPEARS

   switch>   AND WHEN TO ENABLE MODE TO ENTER    switch> enable

SEE  TO ENABLE MODE    switch#

AND WHEN TO CONFIGURATION MODE TO ENTER  switch# config t

AND SEE THE CONFIGURATION MDE  switch(config)#

_______________________

THE PURPOSE OF ENABLE MODE IS ALL THE CONFIGURATION YOU PERFORMS A SWITCH TO SEE IT AND ANY IP PING IN ENABLE MODE
AND CHECK COMMUNICATION.

THE PURPOSE OF CONFIGURATION TERMINAL MODE ALL THE PROTOCOLS AND CONFIGURATION POERFORMED HIS MODE.

_________________________

 WHAT IS VLAN 

DEVIDED SINGLE BROADCAST DOMAIN INTO LOGICALLY  MULTYPAL BROADCAST DOMAINS IS CALLED VLAN.

THE VIRTUAL LOCAL AREA NATWORK IS LAN CONFIGURED NOT BY PHYSICAL WIRING LIKE CONVENTIONAL LAN BUT IS CONFIGURED BY SWITCHES.

THERE ARE 32 BITS IN A VLAN HEADER. THIS IS BROKEN DOWN AS FOLLOWS:

TPID (TAG PROTOCOL IDENTIFIER): 16 BITS

PCP (PRIORITY CODE POINT): 3 BITS

DEI (DROP ELIGIBLE INDICATOR): 1 BIT

VID (VLAN IDENTIFIER): 12 BITS



BENEFIT OF VLAN
1. SECURITY PURPOSE.

2. CONTROLL BROADCASTING.

ADDVANTAGES OF VLAN

1. REDUCTION IN COST

2. SAVING OF TIME REQURID FOR REWIRING

3. VLAN PROVIDES ADDITIONAL SECURITY

4. THE MESSAGE BROADCAST INONE GROUP CANNOT BE LISTEN BY ANOTHER GROUPS.

________________________________________

CONFIGURATION VLAN 

FIRST STEP

GO TO SWITCH CLI INTERFACE

WE WILL  CONFIGURED VLAN THIS BASED ON YOUR COMPUTER PORTS ATTACHED ON A SWITCH.

WE WILL CONFIGURED VLAN'S

VLAN 10      NAME IT   PORTS ASSIGN inter fa0/1-3

VLAN 20   NAME  HR  PORT ASSIGN  inter fa0/4-7

VLAN 30   NAME SALE   PORT ASSIGN   inter fa0/8-10

SECOND STEP

COMMUNICATION BETWEEN VLAN 10 VLAN 20 AND VLAN 30

__________________________________

FIRST STEP


CONFIGURE VLAN COMMANDS

GO TO SWITCH CONFIGURATION MODE

Switch(config)#  Vlan 10
Switch(config)#  name it
Switch(config)#  vlan 20
Switch(config)#   name hr
Switch(config)#   vlan 30
Switch(config)#   name sale
Switch(config)#  inter range fa0/1-3
Switch(config-if-range)#  switchport mode access
Switch(config-if-range)#   switchport access vlan 10
Switch(config-if-range)#   inter range fa0/4-7
Switch(config-if-range)#   switchport mode access
Switch(config-if-range)#    switchport access vlan 20
Switch(config-if-range)#   inter range fa0/8-10
Switch(config-if-range)#    switchport mode access
Switch(config-if-range)#    switchport access vlan 30

SEE THE VLAN GO TO SWITCH ENABLE MODE AND ENTER THE COMMAND

Switch# show vlan


TO SEE CONFIGURED THE VLAN'S. BUT DIFFERENT VLAN'S PC CANNOT COMMINICATION BETWEEN THEM.

GO TO  VLAN 30  LAPTOP AND CLICK DESKTOP AND GO TO COMMAND PORMOT

WE PING THE VLAN 10  PC AND VLAN 30 LAPTOP  IP IS 192.168.1.2 AND 192.168.1.9

SO ENTER THE COMMAND 

 C:\> PING 192.168.1.2

SECOND STEP

COMMUNICATION BETWEEN VLAN 10 VLAN 20 AND VLAN 30
AGEN GO TO SWITCH CLI INTERFACE AND ENTER THE COMMAND.

Switch(config)#  inter range fa0/1-10

Switch(config-if-range)#  switchport mode trunk 


AND AGAIN PING SAME VLAN 10 AND VLAN 30 DEVICES


 C:\> PING 192.168.1.2



COMPLETE THE ALL STEPS AND DONE THE CONFIGURATION.

______________________________________







Comments

Post a Comment

Popular posts from this blog

BRIDGE MODE AND NAT MODE AP

  BOTH BRIDGE MODE AND NAT MODE ARE WAYS TO CONFIGURE AN ACCESS POINT (AP) TO EXTEND A NETWORK, BUT THEY DIFFER IN HOW THEY HANDLE IP ADDRESSES AND NETWORK TRAFFIC: BRIDGE MODE: CONCEPT: ACTS AS A TRANSPARENT BRIDGE, SIMPLY RELAYING DATA BETWEEN WIRED AND WIRELESS DEVICES. IP ADDRESS: DEVICES OBTAIN THEIR IP ADDRESSES FROM AN UPSTREAM DHCP SERVER, TYPICALLY THE MAIN ROUTER ON THE NETWORK. NETWORK TRAFFIC: ALL DEVICES, BOTH WIRED AND WIRELESS, ARE SEEN AS PART OF THE SAME NETWORK AND CAN DIRECTLY COMMUNICATE WITH EACH OTHER. BENEFITS: SEAMLESS ROAMING: DEVICES CAN EFFORTLESSLY SWITCH BETWEEN APS WITHOUT LOSING THEIR IP ADDRESS OR CONNECTION. SIMPLIFIED NETWORK MANAGEMENT: ALL DEVICES ARE ON THE SAME SUBNET, MAKING CONFIGURATION AND TROUBLESHOOTING EASIER. INCREASED COMPATIBILITY: WORKS WITH DEVICES THAT DON'T SUPPORT NAT TRAVERSAL (E.G., SOME VPN CLIENTS). DRAWBACKS: LESS SECURITY : ALL DEVICES ARE DIRECTLY EXPOSED TO EACH OTHER, POTENTIALLY INCREAS
Post a Comment
Read more

What Is A Ip Excluded Address

  AN IP EXCLUDED ADDRESS IS AN IP ADDRESS THAT HAS BEEN CONFIGURED ON A DHCP SERVER TO BE EXCLUDED FROM THE POOL OF ADDRESSES THAT CAN BE ASSIGNED TO DHCP CLIENTS.  THIS IS TYPICALLY DONE TO RESERVE IP ADDRESSES FOR SPECIFIC DEVICES, SUCH AS PRINTERS, SERVERS, OR OTHER NETWORK DEVICES THAT NEED TO HAVE A STATIC IP ADDRESS. IP EXCLUDED ADDRESSES CAN ALSO BE USED TO PREVENT DHCP CLIENTS FROM RECEIVING IP ADDRESSES THAT ARE ALREADY IN USE BY OTHER DEVICES ON THE NETWORK.  THIS CAN HELP TO AVOID IP ADDRESS CONFLICTS AND IMPROVE NETWORK PERFORMANCE. TO CONFIGURE AN IP EXCLUDED ADDRESS ON A DHCP SERVER, YOU WILL NEED TO KNOW THE IP ADDRESS THAT YOU WANT TO EXCLUDE. ONCE YOU HAVE THE IP ADDRESS, YOU CAN USE THE APPROPRIATE DHCP SERVER CONFIGURATION COMMANDS TO ADD THE IP ADDRESS TO THE EXCLUSION LIST. SOME EXAMPLES OF WHEN YOU MIGHT WANT TO USE IP EXCLUDED ADDRESSES: TO RESERVE AN IP ADDRESS FOR A SPECIFIC DEVICE, SUCH AS A PRINTER OR SERVER. TO PREVENT DHCP CLIENTS FROM RECEIVING I
Post a Comment
Read more

DOS AND DDOS ATTACK

A Dos (Denial-Of-Service) Attack and A DDOS (Distributed Denial-Of-Service) Attack Are Both Attempts to Make a Computer System or Network Resource Unavailable to Legitimate Users. However, They Differ in How They Achieve This: Dos Attack: Imagine A Single Person Throwing Rocks at A Castle Gate. A This Person Represents the Attacker, And the Rocks Represent the Malicious Traffic. The Castle Gate Represents the Target System or Network Resource. The Attacker Keeps Throwing Rocks, Trying to Overwhelm the Gate's Defenses and Gain Entry. Dos Attacks Are Typically Launched from A Single System. They Can Be Effective Against Small Systems or Networks, But Larger Systems Can Often Withstand Them. DDos Attack: Imagine An Army Throwing Rocks at A Castle Gate. This Army Represents the Attacker, And the Rocks Represent the Malicious Traffic. The Castle Gate Represents the Target System or Network Resource. The Attackers Coordinate Their Attack, Throwing Rocks from Multiple Directions at Once.
Post a Comment
Read more