In this lab with VLANs we shall look at two main features the first is switch separation of broadcast domains into one for each vlan the second is stacked versus anti-ethernet frames on access and trunk ports so in this lab we have two switches two cisco switches sw1 and sw2 each switch has the same two vlans an orange vlan which is vlan 20 and a green vlan which is vlan 30. so the vlans each have an ipv4 subnet are located which is given by 100.64 dots the vlan number dot zero so the orange vlan is slash twenty and the green vlan is a hundred dot sixty four dot thirty dot zero slash twenty four in each vlan each switch has three nodes three end nodes configured as access ports they're connected to access ports inside the vlan that is depicted by the color so these are all in vlan these nodes here all in vlan 20 these are in vlan 30 and the same thing on this side vlan 20 up and vlan 30 at the bottom the ip address of each node is listed beneath the node and corresponds to adding the pc number to the end of the subnet of the vlan it belongs to so for example pc1 in vlan 20 becomes pc6 in vlan 30 becomes 164 now if i console into pc1 by just double clicking you can see the iep address is listed here you should note that i can ping any ip address of any device inside the orange vlan for example i can ping pc3 which is hiding just here right and i can say ping and that will work i can also ping an ip address of any of these pieces as long as they're inside the orange vlan even if they're on the other switch so for example i can ping pc 9 so 64 to 20.9 and this will work but i cannot ping anything inside a green vlan even if it's inside the same physical switch i cannot ping any one of these three devices so if i try and say ping pc6 which is this does not work 30.6 this doesn't work and the error message that you get is no gateway found this is because when you have a vlan you need a different subnet for each vlan and you need a router to route between the vlans it will have a an ip address in each vlan and that ip address will be set as a default gateway on each of these devices but even if we give pc1 an ip address that belongs to this same subnet 100.64.30 and we say ip100.64.30.1 24. we will still not be able to ping pc6 and the error message that you will get is slightly different it will tell you that the host is not reachable and this means that it has tried it now realizes it says that it should be in the same subnet as these devices so it is trying to find this one using ethernet using arp and that does not work so this switch here is behaving as though these three ports and these three ports are two totally separate physical switches that are not connected at all okay so let us reset this pc ip address to 20.1 make sure that we can ping for example pc2 that works so if we go back to our network diagram these two switches here are linked together by this inter switch link which we've configured as a trunk port and this trunk has been configured to carry frames for both vlan 20 and vlan 30 this is why pc1 can ping pc9 way over there so what we're going to do is start a packet capture application called wire track and this will show us each packet as it goes through the interface that it's paying attention to and we shall start it on this trunk port and we shall as well start it on the port to pc1 okay so let's ask this to open wireshark set wireshark and then we can start wireshack here as well so we have to wash our windows one is on switch one one is on pc1 okay so switch one is on the right pc one is this one on the left to make this a bit cleaner we will restrict it to just display icmp and maybe up so we'll say only to show us a packet if it's a the icmp or arp so now when we go to pc1 and we try a different ping so let's see i want to ping if you look at your diagram i want to ping pc8 which is up here in the corner and i start that here maybe we will keep these windows visible so that you can see what happens if i say ping 100-64-20.8 instantly as each packet goes through you see where shark will capture the packets that it sees on the different links over the trunk link you got an erp asking who has this ip address and you got a response on the trunk link and then after that you start seeing the different icmp pings so if you look at the ping messages or any message that is in between these different devices but it's good to look at the same packet you'll notice that for wire shark this lists a packet on each line the very first window lists a packet on each line the middle side shows you its decoded interpretation of what that packet contains at the different layers right so this is layer two then you can see some layer three information etc down at the bottom you have representation of the bytes itself of the packet that you've selected so this is in hexadecimal and this is when you convert each eight bits into text so if i look at the packet here if we look at the ethernet side this is on pc1 you'll notice that the icmp comes from a mac address which ends in 68.00 and it's going to 68.07 so this is the the source this is a destination and the type of this packet is ipv4 and that is what it looks like in hexadecimal the ipv4 you can see that the source ibrp address is 20.1 and the destination ip address is 20.8 here you can see that this is the same packet source of 20.1 destination of 20.8 and the mac address is the same source 68.00 which is the same as the 68.00 destination is 68.07 same as here and the source and destination ip address you can see them here but if you look at the ethernet layer remember what we said about tagging that for 80.1 q the type length field is instead replaced by a tpi a tag protocol identifier so instead of o800 we have eight one zero zero which is 802.1 q and when you look at the 802.1 queue details you can see these are the three bits for priority or qos which we ignore this is also a flag that we ignore because we don't really need it anymore nobody runs token ring anymore but important for us is these 12 bits um zero zero one zero one and then zeros are the id 20 so this is where the tag is kept as we've seen inside the presentation so this is how on the target site you can see the tag is added but on this side there is no tag for the exact same packet if you look at the last packet inside here you can see the source is 20.8 destination 20.1 same thing here sources 28.8 destination 20.1 there is no tag here there is a tag and the id is 20. okay so if i close this wire track so that we only look at the one that is on the trunk port and what we are going to do is we are going to have a second console from something that is inside the the green vlan as well as as well as pc1 and something that is inside the green vlan and what we shall try to do is we shall try to have icmp packets moving from um on both networks and see what that looks like so from pc4 i will try pinging pc10 right pc10 is right there pc4 is right there so i could ping and on this side i could on pc1 i could try to ping pc7 ping 100.64 to 20.7 and i'll try to start them at about the same time so that we can see what that looks like here um a number of packets run by and maybe i can maximize this so that we can see more information so this was the last bucket from the from the last ping so the next we see arp um 30 some 30.4 is looking for the ethernet address for 30.10 and 30.10 responds by saying so this is a broadcast frame and you can see that the destination is all f's and then 30.10 responds with its mac address and then 30.4 starts pinging then i managed to start the ping for the other side you see an erp broadcast looking for 20.1 20.1 looking for 20.7 and 20.7 responds with its arp this one is a unicast the destination is a unicast so you can see here this is broadcast this is unicast in terms of the destination and then you have packets flowing so this is something that is going on inside vlan 20 and then these are packets going on inside vlan 30 then this is vlan 20 then vlan 30. so it doesn't really matter in which order these packets come in as long as they have the right tag the switches will know which which vlan to put their particular frame in so they keep track of it using the tags not using the order so these frames can arrive in any order that they want to summarize these switches sw1 and sw2 are going to treat each vlan like it is a separate switch of its own so this means that they can only communicate using layer 2 using for example arp to find the address and sending it using the mac address with other members of the same vlan whether it's on the same switch or on a connected switch via a trunk port frames on access ports are normal ethernet frames these access ports here we did a capture on that port and there were no more ethernet frames and then on the trunk port is where they get tags depending on which vlan it comes from now this means that you do not need to configure these nodes with any special information about vlan tagging this is all done in your management on the switches.

© Produced by Philip Smith and the Network Startup Resource Center, through the University of Oregon.

Attribution-NonCommercial 4.0 International (CC BY-NC 4.0)
This is a human-readable summary of (and not a substitute for) the license. Disclaimer. You are free to: Share — copy and redistribute the material in any medium or format Adapt — remix, transform, and build upon the material The licensor cannot revoke these freedoms as long as you follow the license terms. Under the following terms: Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use. NonCommercial — You may not use the material for commercial purposes. No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.