This tutorial explains VLAN Tagging, VLAN Trunking protocols (ISL & 802.1Q), DTP Modes (ON, DTP Mode Desirable, Auto, No-Negotiate & OFF) and VLAN Trunk configuration in detail. Learn VLAN Tagging process and DTP Protocols step by step with practical example in packet tracer.
In VLAN configuration a switch port can operate in two mode; access and trunk. In access mode it can carry only single VLAN information while in trunk mode it can carry multiple VLANs information. Access mode is used to connect the port with end devices while trunk mode is used to connect two switching devices.
For this tutorial we assume that you have our practice topology running in packet tracer. You can create this topology by following the instruction given in second part of this article or alternatively download the pre created topology from there.
This is the fourth part of our article \”VLAN, VTP, DTP, STP and Router on Stick Explained with Examples\”. You can read other parts of this article here:-
This is the first part of this article. In this part we explained basic concepts of VLAN such as What VLAN is, Advantage of VLAN, VLAN membership Static and Dynamic, VLAN Connections; Access link and trunk links, trunk tagging and how VLAN add additional layer of security with examples.
This is the second part of this article. In this part we setup a practice lab in Packet Tracer. You could create practice lab by following the instruction or alternatively download pre created lab. This lab would be used to demonstrate the configuration part of VLAN, VTP, DTP, STP and router on stick.
This the third part of this article. In this part we explained VTP mode with examples including VTP Server mode, VTP Client mode and VTP transparent mode. Later we configured VTP Server and clients in our practice lab.
This is the last part of this article. In this part we will provide a step by step guide to configure the VLAN. We will also configure the Intra VLAN communication with router on stick example. At end of this article we will provide a summary of all commands used in this tutorial to configure the VLAN VTP and DTP.
Access Link and Trunk Link
An access link can carry single VLAN information while trunk link can carry multiple VLANs information. Configuring VLANs on single switch does not require trunk link. It is required only when you configure VLANs across the multiple switches.
For example if we do not connect all switches in our network, we do not require to configure the trunk link. In this case PC0, PC2 and PC4 cannot communicate with each other. Although they all belongs to same VLAN group but they have no link to share this information.
Trunk link connections are used to connect multiple switches sharing same VLANs information.
You may think why we cannot use access link to connect these switches. Of course we can use access link to connect these switches but in that case we need to use a separate link for each VLAN. If we have two VLANs we need two links.
With this implementation we need links equal to VLANs that does not scale very well. For example if our design require 30 VLANs, we will have to use 30 links to connect switches.
- An access link can carry single VLAN information.
- Theoretically we can use access link to connect switches.
- If we use access link to connect switches, we have to use links equal to VLANs.
- Due to scalability we do not use access link to connect the switches.
- A trunk link can carry multiple VLAN information.
- Practically we use trunk links to connect switches.
Trunk links use VLAN tagging to carry the multiple VLANs traffic separately.
In VLAN tagging process sender switch add a VLAN identifier header to the original Ethernet frame. Receiver switch read VLAN information from this header and remove it before forwarding to the associate ports. Thus original Ethernet frame remains unchanged. Destination PC receives it in its original shape.
VLAN Tagging process with example
- PC1 generates a broadcast frame.
- Office1 switch receives it and know that it is a broadcast frame for VLAN20.
- It will forward this frame from all of its port associated with VLAN20 including trunk links.
- While forwarding frame from access links, switch does not make any change in original frame. So any other port having same VLAN ID in switch will receive this frame in original shape.
- While forwarding frame from trunk links, switch adds a VLAN identifier header to the original frame. In our case switch will add a header indicating that this frame belongs to VLAN20 before forwarding it from trunk link.
- Office2 switch will receive this frame from trunk link.
- It will read VLAN identifier header to know the VLAN information.
- From header it will learn that this is a broadcast frame and belong to VLAN20.
- It will remove header after learning the VLAN information.
- Once header is removed, switch will have original broadcast frame.
- Now office2 switch has original broadcast frame with necessary VLAN information.
- Office2 Switch will forward this frame from all of its ports associated with VLAN20 including trunk links. For trunk link same process will be repeated.
- Any device connected in ports having VLAN20 ID in Office2 switch will receive original frame.
Now we know that in VLAN tagging process sender switch adds VLAN identifier header to the original frame while receive switch removes it after getting necessary VLAN information. Switches use VLAN trunking protocol for VLAN tagging process.
VLAN Trunking Protocol
Cisco switches supports two types of trunking protocols ISL and 802.1Q.
ISL (Inter-Switch Link) is a Cisco proprietary protocol. It was developed a long time before the 802.1Q. It adds a 26-byte header (containing a 15-bit VLAN identifier) and a 4-byte CRC trailer to the frame.
It is an open standard protocol developed by IEEE. It inserts 4 byte tag in original Ethernet frame. Over the time 802.1Q becomes more popular trunking protocols.
Key difference between ISL and 802.1Q
- ISL was developed Cisco while 802.1Q was developed by IEEE.
- ISL is a proprietary protocol. It will works only in Cisco switches. 802.1Q is an open standard based protocol. It will works on all switches.
- ISL adds 26 bytes header and 4 byte trailer to the frame.
- 802.1Q inserts 4 byte tag in original frame.
802.1Q is a lightweight and advance protocol with several enhanced security features. Even Cisco has adopted it as a standard protocol for tagging in newer switches. 2960 Switch supports only 802.1Q tagging protocol.
VLAN Trunk Configuration
We can configure trunking in Cisco switches by two ways statically or dynamically. In static method we need to configure trunking in interface statically while in dynamic mode it automatically done by a DTP trunking protocol.
Dynamic Trunking Protocol
DTP [Dynamic Trunking Protocol] is a Cisco proprietary protocol. It automatically configures trunking on necessary ports. It operates in five modes.
DTP Mode ON
In ON mode interface is set to trunk, regardless remote end supports trunking or not. On mode cause interface to generate DTP messages and tag frames based on trunk type.
DTP Mode Desirable
In Desirable mode interface will generate the DTP messages and send them to other end. Interface will work as access link until it get replies from remote end. If reply messages indicate that remote device is trunking capable, DTP will change connection link in trunk from access link. If other end does not respond to DTP message, the interface will work as access link connection.
DTP Mode Auto
In auto mode interface works as access link and passively listen for DTP messages. Interface will change connection link to trunk, if it receives a DTP message from remote end.
DTP Mode No-Negotiate
In No-Negotiate mode interface is set as trunk connection.
Interface will tag frames but it will not generate DTP messages.
DTP is a Cisco\’s proprietary protocol, thus a non Cisco device will not understand it. This mode is used to trunk connection between Cisco device and a non Cisco device.
DTP Mode OFF
In off mode interface is configured as access-link. No DTP message will be generated nor frames will be tagged.
In our topology we need to configure trunk on following interfaces
|Office 1||Gig1/1, Gig1/2, F0/24|
|Office 2||Gig1/1, Gig1/2, F0/23, F0/24|
|Office 3||Gig1/1, Gig1/2|
By default all interface on switch starts as access link.
switchport mode trunk command is used to change connection link in trunk. Run this command from interface mode. In next section we will change all necessary interfaces [given in above table] connection link in trunk.
Office 1 Switch
S1(config)#interface fastEthernet 0/24 S1(config-if)#switchport mode trunk %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/24, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/24, changed state to up S1(config-if)#exit S1(config)#interface gigabitEthernet 1/1 S1(config-if)#switchport mode trunk S1(config-if)#exit S1(config)#interface gigabitEthernet 1/2 S1(config-if)#switchport mode trunk %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/2, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/2, changed state to up S1(config-if)#exit S1(config)#
Office 2 Switch
S2(config)#interface gigabitEthernet 1/1 S2(config-if)#switchport mode trunk %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/1, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet1/1, changed state to up S2(config-if)#exit S2(config)#interface gigabitEthernet 1/2 S2(config-if)#switchport mode trunk S2(config-if)#exit S2(config)#interface fastEthernet 0/23 S2(config-if)#switchport mode trunk %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/23, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/23, changed state to up S2(config-if)#exit S2(config)#interface fastEthernet 0/24 S2(config-if)#switchport mode trunk S2(config-if)#exit
Office 3 Switch
S3(config)#interface fastEthernet 0/24 S3(config-if)#switchport mode trunk S3(config-if)#exit S3(config)#interface gigabitEthernet 1/1 S3(config-if)#switchport mode trunk S3(config-if)#exit
That\’s all configurations we needs. Now our trunk links are ready to move multiple VLANs traffic.
In previous part of this article we have configure VTP Server and clients. In this part we have changed necessary interface in trunk mode. In next part of this tutorial we will create VLANs and configure Router on stick for Intra VLAN communication.
Prerequisites for 200-301
200-301 is a single exam, consisting of about 120 questions. It covers a wide range of topics, such as routing and switching, security, wireless networking, and even some programming concepts. As with other Cisco certifications, you can take it at any of the Pearson VUE certification centers.
The recommended training program that can be taken at a Cisco academy is called Implementing and Administering Cisco Solutions (CCNA). The successful completion of a training course will get you a training badge.
Full Version 200-301 Dumps