| Finance department within a company, the sales department PC 2 is achieved by a communication switch; Finance and Sales claim PC unit may communicate, but for the sake of data security, finance and sales unit need to be isolated from each other, is to switch on make the appropriate configuration to achieve this goal. |
VLAN (Virtual Local Area Network) in Chinese named "virtual LAN."
Virtual LAN (VLAN) is a set of logical devices and users, and users of these devices is not limited to physical location, the function may be based on factors, sectors and applications organize them together, communication between each other if they are the same segment as the eponymous virtual local area network. VLAN is a relatively new technology, working at Layer 2 and Layer 3 of the OSI reference model, a VLAN is a broadcast domain, the communication between the router VLAN through the third layer to complete. Compared with traditional LAN technology, VLAN technology is more flexible, it has the following advantages: mobile network equipment, additions and modifications to reduce administrative overhead; can control broadcasting activities; to improve network security.
VLAN is used in a physical subnet, logical division, is divided into a plurality of virtual local area networks, VLAN big characteristic is not limited physical locations, it can be flexibly divided. VLAN has the characteristics of a physical segment included. Host can communicate directly with each other, mutual access between the host between different VLAN must be routed within the same VLAN forwarding device, only broadcast packets can be broadcast within the VLAN, the VLAN can not transmit to the other.
Port VLAN is one way to achieve VLAN, which uses port switch divided VALN of a port can only belong to one VLAN.
Tag VLAN is based on another type of switch ports, is mainly used for direct access between the hosts in the same Vlan switch, while the host of different Vlan isolation. IEEE802.1Q VLAN tag when following a standard protocol, using the VLAN tag port configured to transmit data, the tag information needs to be added 8021.Q 4 bytes in the data frame, for indicating the data frame belongs to which VLAN, filtered facilitate accurate peer switch receives the data frame.
New Packet Tracer topology; 
division VLAN;
divide ports corresponding to the VLAN;
provided Tag VLAN Trunk attribute;
Test
Switch_2960 2 sets; PC 4 sets; direct connection
PC1 IP: 192.168.1.2 Submark: 255.255.255.0 Gateway: 192.168.1.1 PC2 IP: 192.168.1.3 Submark: 255.255.255.0 Gateway: 192.168.1.1 PC3 IP: 192.168.1.4 Submark: 255.255.255.0 Gateway: 192.168.1.1 PC4 IP: 192.168.1.5 Submark: 255.255.255.0 Gateway: 192.168.1.1 Switch1 in conf t vlan 2 exit vlan 3 exit Inter is 0/1 switch access vlan 2 exit Inter is 0/2 switch access vlan 3 exit inter ago 0/24 switch mode trunk end show vlan Switch2 in conf t vlan 2 exit vlan 3 exit int fa 0/1 switch access vlan 2 exit int fa 0/2 switch access vlan 3 exit int fa 0/24 switch mode trunk end show vlan PC1 ping PC2 timeout PC1 ping PC3 Reply
Switch1 Switch>en Switch#conf t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#vlan 2 Switch(config-vlan)#exit Switch(config)#vlan 3 Switch(config-vlan)#exit Switch(config)#inter fa 0/1 Switch(config-if)#switch access vlan 2 Switch(config-if)#exit Switch(config)#inter fa 0/2 Switch(config-if)#switch access vlan 3 Switch(config-if)#exit Switch(config)#inter fa 0/24 Switch(config-if)#switch mode trunk %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/24, changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/24, changed state to up Switch(config-if)#end Switch# %SYS-5-CONFIG_I: Configured from console by console Switch#show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6 Fa0/7, Fa0/8, Fa0/9, Fa0/10 Fa0/11, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/18 Fa0/19, Fa0/20, Fa0/21, Fa0/22 Fa0/23, Gig1/1, Gig1/2 2 VLAN0002 active Fa0/1 3 VLAN0003 active Fa0/2 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ 1 enet 100001 1500 - - - - - 0 0 2 enet 100002 1500 - - - - - 0 0 3 enet 100003 1500 - - - - - 0 0 1002 fddi 101002 1500 - - - - - 0 0 --More-- Switch2 Switch>en Switch#conf t Enter configuration commands, one per line. End with CNTL/Z. Switch(config)#vlan 2 Switch(config-vlan)#exit Switch(config)#vlan 3 Switch(config-vlan)#exit Switch(config)#int fa 0/1 Switch(config-if)#switch access vlan 2 Switch(config-if)#exit Switch(config)#int fa 0/2 Switch(config-if)#switch access vlan 3 Switch(config-if)#exit Switch(config)#int fa 0/24 Switch(config-if)#switch mode trunk Switch(config-if)#end Switch# %SYS-5-CONFIG_I: Configured from console by console Switch#show vlan VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/3, Fa0/4, Fa0/5, Fa0/6 Fa0/7, Fa0/8, Fa0/9, Fa0/10 Fa0/11, Fa0/12, Fa0/13, Fa0/14 Fa0/15, Fa0/16, Fa0/17, Fa0/18 Fa0/19, Fa0/20, Fa0/21, Fa0/22 Fa0/23, Gig1/1, Gig1/2 2 VLAN0002 active Fa0/1 3 VLAN0003 active Fa0/2 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2 ---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------ 1 enet 100001 1500 - - - - - 0 0 2 enet 100002 1500 - - - - - 0 0 3 enet 100003 1500 - - - - - 0 0 1002 fddi 101002 1500 - - - - - 0 0 --More--
PC>ipconfig IP Address......................: 192.168.1.2 Subnet Mask.....................: 255.255.255.0 Default Gateway.................: 192.168.1.1 PC>ping 192.168.1.3 Pinging 192.168.1.3 with 32 bytes of data: Request timed out. Request timed out. Ping statistics for 192.168.1.3: Packets: Sent = 2, Received = 0, Lost = 2 (100% loss), Control-C ^C PC>ping 192.168.1.4 Pinging 192.168.1.4 with 32 bytes of data: Reply from 192.168.1.4: bytes=32 time=16ms TTL=128 Reply from 192.168.1.4: bytes=32 time=17ms TTL=128 Reply from 192.168.1.4: bytes=32 time=15ms TTL=128 Reply from 192.168.1.4: bytes=32 time=18ms TTL=128 Ping statistics for 192.168.1.4: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 15ms, Maximum = 18ms, Average = 16ms PC>ipconfig IP Address......................: 192.168.1.3 Subnet Mask.....................: 255.255.255.0 Default Gateway.................: 192.168.1.1 PC>ping 192.168.1.4 Pinging 192.168.1.4 with 32 bytes of data: Request timed out. Ping statistics for 192.168.1.4: Packets: Sent = 2, Received = 0, Lost = 2 (100% loss), Control-C ^C PC>ping 192.168.1.5 Pinging 192.168.1.5 with 32 bytes of data: Reply from 192.168.1.5: bytes=32 time=16ms TTL=128 Reply from 192.168.1.5: bytes=32 time=15ms TTL=128 Reply from 192.168.1.5: bytes=32 time=16ms TTL=128 Reply from 192.168.1.5: bytes=32 time=15ms TTL=128 Ping statistics for 192.168.1.5: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 15ms, Maximum = 16ms, Average = 15ms
Original Address: https://www.linuxprobe.com/switch-vlan-configuration.html