Probably a really stupid CCNA VLAN & IP address question

[DanielRu]

Hi, I am starting my CCENT/CCNA track and I have a couple questions regarding VLANs that I can't get my head around:

1. Why do you assign an IP address to a VLAN? Is it just for management purposes?

2. If I have 2 Cisco Switches and create VLAN 10 on both Switches manually what happens if I want to assign an IP address to VLAN10..?

Would you use the same IP address say 192.168.10.10/24 and go to each switch and and assign this IP to VLAN 10 on both switches?

Many thanks for your help

 

[Cluebird]

VLANs on switches simply allow a switch to identify broadcast domains (subnets) and have a group of ports operate at Layer 2 as if they are on their own network. However, the switch has no concept of L3 (IP addressing) since forwarding is based on the destination MAC address in the frame header.

You do not assign an address to the VLAN however. When you need a L3 identity (IP address) on the switch, typically so you can manage the device remotely, you have to make the switch a host on the network you associated with the VLAN. That is done when you assign an IP address to a L3 SVI (switched virtual interface) that is accessible through any of the L2 switchports assigned to the VLAN. You configure the SVI with the "interface VLAN xxxx" command.

For your second question, remember that each host on a network requires a unique IP address. Therefore, when you add an IP address to the SVI of different switches for the same VLAN, that address must be unique.

I won't confuse you with more advanced scenarios where we implement redundancy mechanisms that allow devices to "share" the same IP.

HTH

 

[PScottC]

Since you're just starting out, let's think about a couple of things...

What's a LAN? I would say that it's 2 or more nodes connected by a hub or switch. Agree?

What's a Hub? A hub is a device that repeats a signal it receives out of all ports except the one on which the signal was received.

What is a switch? A switch is a device that selectively forwards a signal to one other port (there's a bunch of rules, so let's agree to the high level).

Ok... How do I make 2 LANs? You have 2 options. 1) Set up 2 hubs or switches, or 2) create 2 VLANs on 1 switch.

That doesn't say much... What's a VLAN? Simply put, it makes 1 device do the work of 2 or more. You are "virtualizing" the LANs and keeping their traffic physically separate.

How is the traffic kept separate? Each port on the switch is configured to participate in a specific VLAN. Traffic that is in a particular VLAN will only reach ports that are configured for it, and no others.

Why would I do this? Performance and cost. To get better performance you need to restrict the number of nodes on each LAN. To save money, you need to do this with as few switches as possible.

If a switch is manageable, what are we managing? We are connecting to a computer (or network node) that is contained within the physical device. This computer is responsible for making the device perform its functions.

How do we connect to the embedded computer? Either by a physical connection to a serial port, or by IP address.

Where do I assign the IP address on a switch? Well... that's a tougher question. Cluebird addressed it above reasonably well. In Cisco, since there is no physical interface port on which the IP can be assigned, you have to assign the IP to a VLAN interface. The VLAN interface connects the specified LAN to the embedded computer. When connecting by telnet to the switch, your computer needs to be connected to a port in the same VLAN.

Last... How do I connect 2 LANs together? For that you will need a router. That is off topic, so I won't get into it.

What's this Layer 3 switch thingy I keep hearing about? This simply means a switch that has a router embedded in it.

PSC
[—] CCNP[sub][blue]x3[/blue][/sub] (Security/R&S/Wireless) [•] MCITP: Enterprise Admin [•] MCSE [—]

Governments and corporations need people like you and me. We are samurai. The keyboard cowboys. And all those other people out there who have no idea what's going on are the cattle. Mooo! --from "Hackers

 

[DanielRu]

Hi Guys

Just wanted to say thank you for the extremely quick and helpful responses. I have managed to get my self a copy of Cisco Packet Tracer and have had a play around with some different VLAN scenarios.

Again thank you for you help and have a great new year