From Hubs to VLANs

1
From Hubs to VLANs
2
Using Hubs

• Layer 1 devices
• Inexpensive
• In one port, out the others
• One collision domain
• One broadcast domain

3
Hub 1
172.30.1.21
172.30.1.24
255.255.255.0
255.255.255.0
172.30.1.22
172.30.1.23
255.255.255.0
255.255.255.0
Single Hub

One Network (IP Network Address - usually)

One Collision Domain

One Broadcast Domain
This is fine for small workgroups, but does not
scale well for larger workgroups or heavy traffic.
4
Hub 1
172.30.1.21
172.30.1.24
255.255.255.0
255.255.255.0
172.30.1.22
172.30.1.23
255.255.255.0
255.255.255.0
Single Hub - Two subnets

Two subnets

One Collision Domain

One Broadcast Domain

• What if the computers were on two different
  subnets? Could they communicate within their own
  subnet? Yes Between subnets? No, need a router.

5
Hub 1
Hub 2
172.30.1.21
255.255.255.0
172.30.1.27
172.30.1.23
255.255.255.0
255.255.255.0
172.30.1.22
255.255.255.0
All Hubs
172.30.1.24

One Network Address
255.255.255.0
172.30.1.26

One Collision Domain
172.30.1.25
255.255.255.0
255.255.255.0

One Broadcast Domain

• Same issues as before, with more of an impact on
  the network.

6
Using Switches

• Layer 2 devices
• Moderate expense for common access switches, but
  can be very expensive.
• Layer 2 filtering based on Destination MAC
  addresses and Source Address Table
• One collision domain per port
• One broadcast domain

7
Two virtual circuits (complete SAT tables) Data
traffic from 172.30.1.24 to 172.30.1.25 and from
172.30.1.26 to 172.30.1.27
Hub
172.30.1.21
255.255.255.0
172.30.1.27
172.30.1.23
Switch
255.255.255.0
255.255.255.0
172.30.1.22
255.255.255.0
Switch and Hub Network
172.30.1.24

One Network
255.255.255.0
172.30.1.26

Several Collision Domains
172.30.1.25
255.255.255.0
One per switch port

255.255.255.0

One for the entire Hub

One Broadcast Domain
8
As opposed to the Hub Data traffic from
172.30.1.21 to 172.30.1.22 and from 172.30.1.23
to 172.30.1.24
Collision!
Hub
Switch
172.30.1.21
255.255.255.0
172.30.1.27
172.30.1.23
255.255.255.0
255.255.255.0
172.30.1.22
255.255.255.0
Switch and Hub Network
172.30.1.24

One Network
255.255.255.0

Several Collision Domains
172.30.1.26
172.30.1.25
255.255.255.0
One per switch port

255.255.255.0

One for the entire Hub

One Broadcast Domain
9
Collisions and Switches What happens when two
devices on a switch, send data to another device
on the switch. 172.30.1.24 to 172.30.1.25 and
172.30.1.26 to 172.30.1.25
Hub
Switch
172.30.1.21
255.255.255.0
172.30.1.27
172.30.1.23
255.255.255.0
255.255.255.0
172.30.1.22
255.255.255.0
Switch and Hub Network
172.30.1.24

One Network
255.255.255.0

Several Collision Domains
172.30.1.26
172.30.1.25
255.255.255.0
One per switch port

255.255.255.0

One for the entire Hub

One Broadcast Domain
10
The switch keeps the frames in buffer memory, and
queues the traffic for the host 172.30.1.25.
This means that the sending hosts do not know
about the collisions and do not have to re-send
the frames.
Hub
Frames in buffer
172.30.1.21
255.255.255.0
172.30.1.27
172.30.1.23
Switch
255.255.255.0
255.255.255.0
172.30.1.22
255.255.255.0
Switch and Hub Network
172.30.1.24

One Network
255.255.255.0

Several Collision Domains
172.30.1.26
172.30.1.25
255.255.255.0
One per switch port

255.255.255.0

One for the entire Hub

One Broadcast Domain
11
Other Switching Features

• Review
• Asymmetric ports 10 Mbps and 100 Mbps
• Full-duplex ports
• Cut-through versus Store-and-Forward switching

12
Ports between switches and server ports are good
candidates for higher bandwidth ports (100 Mbps)
and full-duplex ports.
Switch 1
172.30.1.21
255.255.255.0
Switch 2
172.30.1.28
255.255.255.0
172.30.1.22
172.30.1.23
172.30.1.24
255.255.255.0
255.255.255.0
255.255.255.0
All Switched Network
172.30.1.25

One Network
255.255.255.0

Several Collision Domains
172.30.1.27
172.30.1.26
255.255.255.0

One per switch port
255.255.255.0

One Broadcast Domain
13
Introducing Multiple Subnets/Networks without
Routers

• Switches are Layer 2 devices
• Router are Layer 3 devices
• Data between subnets/networks must pass through a
  router.

14
A Switched Network with two subnets What are the
issues? Can data travel within the subnet? Yes
Can data travel between subnets? No, need a
router! What is the impact of a layer 2
broadcast, like an ARP Request?
ARP Request
Switch 1
172.30.1.21
255.255.255.0
Switch 2
172.30.2.16
255.255.255.0
172.30.2.10
172.30.1.23
172.30.2.12
255.255.255.0
255.255.255.0
255.255.255.0
All Switched Network - Two Networks

Two Subnets
172.30.1.25

Several Collision Domains
255.255.255.0
172.30.1.27

One per switch port
172.30.2.14
255.255.255.0

One Broadcast Domain
255.255.255.0
15
All devices see the ARP Request. One broadcast
domain means the switches flood all broadcast out
all ports, except the incoming port. Switches
have no idea of the layer 3 information contained
in the ARP Request. This consumes bandwidth on
the network and processing cycles on the hosts.
Switch 1
172.30.1.21
255.255.255.0
Switch 2
172.30.2.16
255.255.255.0
172.30.2.10
172.30.1.23
172.30.2.12
255.255.255.0
255.255.255.0
255.255.255.0
All Switched Network - Two Networks

Two Subnets
172.30.1.25

Several Collision Domains
255.255.255.0
172.30.1.27

One per switch port
172.30.2.14
255.255.255.0

One Broadcast Domain
255.255.255.0
16
One Solution Physically separate the subnets.
But still no data can travel between the subnets.
How can we get the data to travel between the two
subnets?
Switch 1
172.30.1.21
255.255.255.0
Switch 2
172.30.2.16
255.255.255.0
172.30.1.23
172.30.1.25
172.30.1.26
255.255.255.0
255.255.255.0
255.255.255.0
Two Switched Networks
Two Subnets

172.30.2.10

Several Collision Domains
255.255.255.0
172.30.2.14

One per switch port
172.30.2.12
255.255.255.0

Two Broadcast Domain
255.255.255.0
17
Introducing Multiple Subnets/Networks with Routers

• Switches are Layer 2 devices
• Router are Layer 3 devices
• Data between subnets/networks must pass through a
  router.

18
Routed Network Two separate broadcast domains,
because the router will not forward the layer 2
broadcasts such as ARP Requests.
Switch 1
172.30.1.1
255.255.255.0
172.30.2.1
172.30.1.21
255.255.255.0
255.255.255.0
Router
Switch 2
172.30.2.16
255.255.255.0
172.30.1.23
172.30.1.25
172.30.1.26
255.255.255.0
255.255.255.0
255.255.255.0
Routed Networks

Two Subnets
172.30.2.10

Several Collision Domains
255.255.255.0
172.30.2.14

One per switch port
172.30.2.12
255.255.255.0

Communication between subnets
255.255.255.0
19
Switches with multiple subnets

• So far this should have been a review.
• Lets see what happens when we have two subnets
  on a single switch and we want to route between
  the two subnets.

20
Router-on-a-stick When a single interface is
used to route between subnets or networks, this
is known as a router-on-a-stick. To assign
multiple ip addresses to the same interface,
secondary addresses or subinterfaces are used.
Router
interface e 0 ip address 172.30.1.1
255.255.255.0 ip address 172.30.2.1 255.255.255.0
secondary
172.30.1.1
172.30.2.1 sec
255.255.255.0
Switch 1
172.30.1.21
172.30.2.12
255.255.255.0
255.255.255.0
172.30.2.10
172.30.1.23
Routed Networks
255.255.255.0
255.255.255.0

Two Subnets

Communication between subnets
21

• Router-on-a-stick
• Advantages
• Useful when there are limited Ethernet interfaces
  on the router.
• Disadvantage
• Because a single link is used to connect multiple
  subnets, one link is having to carry the traffic
  for multiple subnets.
• Be sure this is link can handle the traffic. You
  may wish to use a high-speed link (100 Mbps) and
  full-duplex.

22

• Gotchas
• 1. Remember to have the proper default gateway
  set for each host.
• 172.30.1.0 hosts - default gateway is 172.30.1.1
• 172.30.2.0 hosts - default gateway is 172.30.2.1
• 2. The router must still route between subnets,
  so you must include
• Router (config) router rip
• Router (config-router) network
  172.30.0.0

23
Multiple interfaces Two Ethernet router ports
may be used instead of one. However this may be
difficult if you do not have enough Ethernet
ports on your router.
E0
E1
Router
172.30.1.1
172.30.2.1
255.255.255.0
255.255.255.0
Switch 1
172.30.1.21
172.30.2.12
255.255.255.0
255.255.255.0
Routed Networks
172.30.2.10
172.30.1.23
255.255.255.0
255.255.255.0

Two Subnets

Communication between subnets
24
One switch two subnets Good News Data can
travel between subnets and we have two separate
broadcast domains. Bad News Hosts are on
different subnets but on a single layer 2
broadcast domain.
Router
172.30.1.1
172.30.2.1 sec
255.255.255.0
ARP Request
Switch 1
172.30.1.21
172.30.2.12
255.255.255.0
255.255.255.0
172.30.2.10
172.30.1.23
Routed Networks
255.255.255.0
255.255.255.0

Two Subnets

Communication between subnets
25
An ARP Request from 172.30.1.21 for 172.30.1.23
will still be seen by all hosts on the switch.
The switch is a layer 2 device and will flood
broadcast traffic out all ports, except the
incoming port.
Router
172.30.1.1
172.30.2.1 sec
255.255.255.0
Switch 1
172.30.1.21
172.30.2.12
255.255.255.0
172.30.2.10
172.30.1.23
Routed Networks
255.255.255.0
255.255.255.0

Two Subnets

Communication between subnets
26
Introducing VLANs

• VLANs create separate broadcast domains
• Routers are needed to pass information between
  different VLANs
• VLANs are not necessary to have separate subnets
  on a switched network, but as we will see they
  give us more advantages when it comes to things
  like data link (layer 2) broadcasts.

27
Layer 2 broadcast control An ARP Request from
172.30.1.21 for 172.30.1.23 will only be seen by
hosts on that VLAN. The switch will flood
broadcast traffic out only those ports belonging
to that particular VLAN, in this case VLAN 1.
Switch 1
172.30.1.21
172.30.2.12
255.255.255.0
255.255.255.0
VLAN 1
VLAN 2
172.30.2.10
172.30.1.23
255.255.255.0
255.255.255.0
VLAN 2
VLAN 1
Two VLANs

Two Subnets
28
Port-centric VLAN Switches Remember, as the
Network Administrator, it is your job to assign
switch ports to the proper VLAN. This assignment
is only done at the switch and not at the host.
Note The following diagrams show the VLAN below
the host, but it is actually assigned within the
switch.
Port
1 2 3 4 5 6 .
VLAN
1 2 1 2 2 1 .
29
Catalyst 1900 - VLAN Membership Configuration
M Membership type
V VLAN assignment R Reconfirm
dynamic membership X Exit to previous menu
Enter Selection
30
Layer 2 broadcast control Without VLANs, the ARP
Request would be seen by all hosts. Again,
consuming unnecessary network bandwidth and host
processing cycles.
Switch 1
172.30.1.21
172.30.2.12
255.255.255.0
255.255.255.0
172.30.2.10
172.30.1.23
255.255.255.0
255.255.255.0
No VLANs
Same as a single VLAN

Two Subnets

31
With VLANs Data will only travel within the
VLAN. Remember that switches are Layer 2 devices
and they can only pass traffic within the VLAN.
Switch 1
172.30.1.21
172.30.2.12
255.255.255.0
255.255.255.0
VLAN 1
VLAN 2
172.30.2.10
172.30.1.23
255.255.255.0
255.255.255.0
VLAN 2
VLAN 1
Two VLANs

Two Subnets
32
Switch Port VLAN ID
Port
1 2 3 4 5 6 .
VLAN
1 2 1 2 2 1 .
33
With VLANs A switch cannot route data between
different VLANs. Example Data from 172.30.1.21
to 172.30.2.12
Switch 1
X
Switch Port VLAN ID
172.30.1.21
172.30.2.12
255.255.255.0
255.255.255.0
VLAN 1
VLAN 2
172.30.2.10
172.30.1.23
255.255.255.0
255.255.255.0
VLAN 2
VLAN 1
Two VLANs

Two Subnets
34

• Gotchas
• Remember that VLAN IDs (numbers) are assigned to
  the switch port and not to the host.
  (Port-centric VLAN switches)
• Be sure to have all of the hosts on the same
  subnet belong to the same VLAN, or you will have
  problems.
• Hosts on subnet 172.30.1.0/24 - VLAN 1
• Hosts on subnet 172.30.2.0/24 - VLAN 2
• etc.

35
Routing and VLANs

• In the previous example data could travel within
  the VLAN, but not between VLANs.
• Just like subnets, a router is needed to route
  information between different VLANs.
• The advantage is the switch propagates broadcast
  traffic only within the VLAN.

36
Data between VLANs is routed through the router.
Data from 172.30.1.21 to 172.30.2.12
172.30.1.1
172.30.2.1
255.255.255.0
255.255.255.0
Router
VLAN 1
VLAN 2
Switch 1
172.30.1.21
172.30.2.12
255.255.255.0
255.255.255.0
VLAN 1
VLAN 2
172.30.2.10
172.30.1.23
VLANs
255.255.255.0
255.255.255.0
VLAN 2
VLAN 1

Two Subnets

Communication between VLANs
NOTE

VLANs assigned only to the
ports
37

• Gotchas
• 1. Remember to have the proper default gateway
  set for each host.
• 172.30.1.0 hosts - default gateway is 172.30.1.1
• 172.30.2.0 hosts - default gateway is 172.30.2.1
• 2. The router must still route between subnets,
  so you must include
• Router (config) router rip
• Router (config-router) network
  172.30.0.0
• 3. The switch ports to the router must have the
  corresponding VLAN ID to that subnet.
• Switch port to 172.30.1.1 must be on VLAN
  1
• Switch port to 172.30.2.1 must be on VLAN
  2

38
Switch Port VLAN ID
(VLAN ID not set at router.)
172.30.1.1
172.30.2.1
255.255.255.0
255.255.255.0
Router
(VLAN 1)
(VLAN 2)
39
So, whats the difference?

• One of the main differences between subnets with
  VLANs and subnets without VLANs on switched
  networks, is that VLANs offer layer 2 broadcast
  control.

40
Here is an ARP Request example without VLANs.
Router
172.30.1.1
172.30.2.1
255.255.255.0
255.255.255.0
ARP Request
Switch 1
172.30.1.21
172.30.2.12
255.255.255.0
255.255.255.0
172.30.2.10
172.30.1.23
255.255.255.0
255.255.255.0
Routed Networks

Two Subnets

Communication between subnets
41
Here is an ARP Request example with VLANs.
Notice that the broadcast is isolated only to the
VLAN that it came from, in this case VLAN 1.
Router
172.30.1.1
172.30.2.1
255.255.255.0
255.255.255.0
VLAN 1
VLAN 2
ARP Request
Switch 1
172.30.1.21
172.30.2.12
255.255.255.0
255.255.255.0
VLAN 1
VLAN 2
172.30.2.10
172.30.1.23
VLANs
255.255.255.0
255.255.255.0
VLAN 2
VLAN 1

Two Subnets

Communication between VLANs

NOTE
VLANs assigned only to the
ports
42

• Can I use the Router-on-a-stick method with
  multiple VLANs?
• Can you remind me what Router-on-a-stick is?

43
What is Router-on-a-stick? When a single
interface is used to route between subnets or
networks, this is know as a router-on-a-stick.
To assign multiple ip addresses to the same
interface, secondary addresses or subinterfaces
are used.
Router
interface e 0 ip address 172.30.1.1
255.255.255.0 ip address 172.30.2.1 255.255.255.0
secondary
172.30.1.1
172.30.2.1 sec
255.255.255.0
Switch 1
172.30.1.21
172.30.2.12
255.255.255.0
255.255.255.0
172.30.2.10
172.30.1.23
Routed Networks
255.255.255.0
255.255.255.0

Two Subnets

Communication between subnets
44
With Router-on-a-stick, ISL or 802.1Q trunking is
needed. We will talk about tagging and trunking
in the next section.
172.30.1.1
172.30.2.1 secondary
Router
255.255.255.0
Trunking ISLor 802.1Q
Trunking ISL or 802.1Q
Switch 1
172.30.1.21
172.30.2.12
255.255.255.0
255.255.255.0
VLAN 1
VLAN 2
172.30.2.10
172.30.1.23
255.255.255.0
255.255.255.0
VLANs
VLAN 2
VLAN 1

Two Subnets

Communication between VLANs using trunking
NOTE
VLANs assigned only to the ports

45

• Non-tagging Switches
• Lets first see how multiple VLANs are
  interconnected using switches that do not have
  the tagging capability.

46
Non-tagging Switches For each VLAN, there must be
a link between the two switches. One link per
VLAN. Be sure the switch ports on the switches
are configured for the proper VLAN.
100BaseT Ports
Port 1 VLAN 1 Port 2 VLAN 2
Moe
1 2
VLAN 1 Port 1 on switch Moe is connected to
Port 1 on Switch Larry. VLAN 2 Port 2 on switch
Moe is connected to Port 2 on Switch Larry.
1 2
Larry
Port 1 VLAN 1 Port 2 VLAN 2
47

• Advantages
• Each VLAN gets its own dedicated link with its
  own bandwidth.
• Disadvantages
• This requires a separate link for each VLAN.
  There may not be enough ports on the switch to
  accommodate a lot of different VLANs.