A VLAN is a broadcast domain created by one or more switches. VLAN implementation on a switch causes certain actions to occur: * The switch maintains a separate bridging table for each VLAN. * If the frame comes in on a port in VLAN 1, the switch searches the bridging table for VLAN 1. * When the frame is received, the switch adds the source address to the bridging table if it is currently unknown. * The destination is checked so a forwarding decision can be made. * For learning and forwarding, the search is made against the address table for that VLAN only. Dynamic membership VLANs are created through network management software. The default VLAN for every port in the switch is the management VLAN. In port-based or port-centric VLAN membership, the port is assigned to a specific VLAN membership independent of the user or system attached to the port. If the MAC address is unknown, it floods the frame to all ports in the broadcast domain, or VLAN, except the source port where the frame was received. Switches are considered multiport bridges VLANs allow network administrators to organize LANs logically instead of physically. This is a key benefit. This allows network administrators to perform several tasks: * Easily move workstations on the LAN * Easily add workstations to the LAN * Easily change the LAN configuration * Easily control network traffic * Improve security * Port-based VLANs * MAC address based VLANs * Protocol-based VLANs [indsæt andet her] Configuring static VLANs * All moves are controlled and managed. * There is robust VLAN management software to configure the ports. * The additional overhead required to maintain end-station MAC addresses and custom filtering tables is not acceptable. Dynamic VLANs do not rely on ports assigned to a specific VLAN. To configure VLANs on Cisco 2900 series switches, specific guidelines must be observed: * The maximum number of VLANs is switch dependent. * One of the factory-default VLANs is VLAN 1. * The default Ethernet VLAN is VLAN 1. * Cisco Discovery Protocol (CDP) and VLAN Trunking Protocol (VTP) advertisements are sent on VLAN 1 (VTP will be discussed in Module 9). * The IP address of the switch is in the VLAN 1 broadcast domain by default. * The switch must be in VTP server mode to create, add, or delete VLANs. The commands show vlan, show vlan brief, or show vlan id id_number can be used to verify VLAN configurations. * A created VLAN remains unused until it is mapped to switch ports. * All Ethernet ports are assigned to VLAN 1 by default. The command below is used to remove a VLAN from a switch: Switch#vlan database Switch(vlan)#no vlan 300 A broadcast storm occurs when a large number of broadcast packets are received on a port. Prevention of broadcast storms by setting threshold values to high or low discards excessive broadcast, multicast, or unicast MAC traffic. In addition, configuration of values for rising thresholds on a switch will shut the port down. The show commands on both the router and the switch can display root-bridge information. f it becomes necessary to reduce BPDU traffic, put the timers on the root bridge at their maximum values. Specifically, set the forward delay parameter to the maximum of 30 seconds, and set the max_age parameter to the maximum of 40 seconds Scenario 1: A trunk line cannot be established between a switch and a router 1. Make sure that the port is connected and not receiving any physical-layer, alignment or frame-check-sequence (FCS) errors. This can be done with the show interfaces command on the switch. 2. Verify that the duplex and speed are set properly between the switch and the router. This can be done with the show interface status command on the switch or the show interfaces command on the router. 3. Configure the physical router interface with one subinterface for each VLAN that will route traffic. Verify this with the show interfaces IOS command. Also, make sure that each subinterface on the router has the proper encapsulation type, VLAN number, IP address, and subnet mask configured. This can be done with the show interfaces or show running-config IOS commands. 4. Confirm that the router is running an IOS release that supports trunking. This can be verified with the show version command. There can be only one root bridge per bridged network.