IOS VLAN create

IOS VLAN create

Postby stephen » Wed Nov 10, 2010 5:18 am

Config t
vlan 2
name PHONE-VLAN
media ethernet
exit

interface vlan2
ip address 192.168.32.1 255.255.255.0
description Phone Vlan
exit

interface FastEthernet 0
description Phones
switchport access vlan 2
switchport mode access
exit

do show vlan-switch



Firstly Set the IP Addresses of each of the Router ports that match the vlan ip address
Router(config)#interface fastethernet 0
Router(config)#ip address 192.168.31.1 255.255.255.0
(The above gave the error error % IP addresses may not be configured on L2 links.
the solution was to configure the vlan 1 interface as
opposed to each individual FastEthernet interface because the first four are
L2 switch ports. All or nothing on this model
)

Router(config)#no shutdown

Router# show vlan-switch

Router# vlan database
Router(vlan)# show


Router# vlan database
Router(vlan)# vlan 2 media ethernet name VLAN0002


Assign a Switch Port to a VLAN
Perform these steps to assign a switch port to a VLAN, beginning in global configuration mode:

Router(config)# interface FastEthernet 2
Router(config-if)# switchport access vlan 2
Router(config-if)# end
Router#

This web site has an excellent description of VLAN's and configuring
http://www.tech-faq.com/vlan.html
Cisco VLAN implementations
VLAN Definition

To define a VLAN on a cisco device, you need a VLAN ID, a VLAN name, ports you would like to participate in the VLAN, and the type of membership the port will have with the VLAN.

Step 1 - Log into the router or switch in question and get into enable mode.
Step 2 - Get into configuration mode using "conf t".
Step 3 - Create your VLAN by entering "vlan X" where X is the ID you would like to assign the VLAN.
Step 4 - Name your VLAN by entering "name ". Replace with the string you would like to identify your VLAN by.
Step 5 - If you want your new VLAN to be a private-vlan, you now enter "private-vlan primary" and "private-vlan association Y" where Y is the secondary VLAN you want to associate with the primary vlan. If you would like the private VLAN to be community based, you enter "private-vlan community" instead.
Step 6 - Exit configuration mode by entering "end".
Step 7 - Save your configuration to memory by entering "wr mem" and to the network if you have need using "wr net". You may have to supply additional information to write configurations to the network depending on your device configuration.
You have now created a vlan by assigning it an ID, and giving it a name. At this point, the VLAN has no special configuration to handle IP traffic, nor are there any ports that are members of the VLAN. The next section describes how you complete your vlan configuration.

VLAN Configuration

A VLAN isn't much use if you haven't assigned it an IP Address, the subnet netmask, and port membership. In normal network segment configurations on routers, individual interfaces or groups of interfaces (called channels) are assigned IP addresses. When you use VLANs, individual interfaces are members of VLANs and do not have individual IP addresses, and generally don't have access lists applied to them. Those features are usually reserved for the VLAN interfaces. The following steps detail one method of creating and configuring your VLAN interface. NOTE: These steps have already assumed that you have logged into the router, gotten into enable mode, and entered configuration mode. These specific examples are based on the Cisco 6500 series devices.

Step 1 - Enter "Interface VlanX" where X is the VLAN ID you used in the VLAN definition above.
Step 2 - This step is optional. Enter "description VLAN" where VLAN description details what the VLAN is going to be used for. You can just simply re-use the VLAN name you used above if you like.
Step 3 - Enter "ip address
" where
is the address you want to assign this device in the VLAN, and is the network mask for the subnet you have assigned the VLAN.
Step 4 - The step is optional. Create and apply an access list to the VLAN for inbound and outbound access controls. For a standard access list enter "access-group XXX in" and "access-group YYY out" where XXX and YYY corresponds to access-lists you have previously configured. Remember that the terms are taken in respect to the specific subnet or interface, so "in" means from the VLAN INTO the router, and "out" means from the router OUT to the VLAN.
Step 5 - This step is optional. Enter the private VLAN mapping you would like to use if the port is part of a private VLAN. This should be the same secondary VLAN you associated with the primary VLAN in VLAN definition above. Enter "private-vlan mapping XX" where XX is the VLAN ID of the secondary VLAN you would like to associate with this VLAN.
Step 6 - This step is optional. Configure HSRP and any other basic interface configurations you would normally use for your Cisco device.
Step 7 - Exit configuration mode by entering "end".
Step 8 - Save your configuration to memory by entering "wr mem" and to the network if you have need using "wr net". You may have to supply additional information to write configurations to the network depending on your device configuration.
Now you have your vlan defined and configured, but no physical ports are a member of the VLAN, so the VLAN still isn't of much use. Next port membership in the VLAN is described. IOS devices describe interfaces based on a technology and a port number, as with "FastEthernet3/1" or "GigabitEthernet8/16". Once you have determined which physical ports you want to be members of the VLAN you can use the following steps to configure it. NOTE: These steps have already assumed that you have logged into the router, gotten into enable mode, and entered configuration mode.

For access ports

Step 1 - Enter "Interface " where is the name Cisco has assigned the interface you would like to associate with the VLAN.
Step 2 - This step is optional. Enter "description " where is text describing the system connected to the interface in question. It is usually helpful to provide DNS hostname, IP Address, which port on the remote system is connected, and its function.
Step 3 - This step depends on your equipment and IOS version, and requirements. Enter "switchport" if you need the interface to act as a switch port. Some hardware does not support switchport mode, and can only be used as a router port. Check your documentation if you don't know the difference between a router port and a switch port.
Step 4 - Only use this step if you used step 3 above. Enter "switchport access vlan X" where X is the VLAN ID of the VLAN you want the port to be a member of.
Step 5 - Only use this step if you used step 3 above. Enter "switchport mode access" to tell the port that you want it to be used as an access port.
Step 6 - Exit configuration mode by entering "end".
Step 7 - Save your configuration to memory by entering "wr mem" and to the network if you have need using "wr net". You may have to supply additional information to write configurations to the network depending on your device configuration.
For trunk ports

Step 1 - Enter "Interface " where is the name Cisco has assigned the interface you would like to associate with the VLAN.
Step 2 - This step is optional. Enter "description " where is text describing the system connected to the interface in question. It is usually helpful to provide DNS hostname, IP Address, which port on the remote system is connected, and its function.
Step 3 - This step depends on your equipment and IOS version, and requirements. Enter "switchport" if you need the interface to act as a switch port. Some hardware does not support switchport mode, and can only be used as a router port. Check your documentation if you don't know the difference between a router port and a switch port.
Step 4 - Only use this step if you used step 3 above. Enter "switchport trunk encapsulation dot1q". This tells the VLAN to use dot1q encapsulation for the VLAN, which is the industry standard encapsulation for trunking. There are other encapsulation options, but your equipment may not operate with non Cisco equipment if you use them.
Step 5 - Only use this step if you used step 3 above. Enter "switchport trunk allowed vlan XX, YY, ZZ" where XX, YY, and ZZ are VLANs you want the trunk to include. You can define one or more VLANs to be allowed in the trunk.
Step 6 - Only use this step if you used step 3 above. Enter "switchport mode trunk" to tell the port to operate as a VLAN trunk, and not as an access port.
Step 7 - Exit configuration mode by entering "end".
Step 8 - Save your configuration to memory by entering "wr mem" and to the network if you have need using "wr net". You may have to supply additional information to write configurations to the network depending on your device configuration.
For private VLAN ports

Step 1 - Enter "Interface " where is the name Cisco has assigned the interface you would like to associate with the VLAN.
Step 2 - This step is optional. Enter "description " where is text describing the system connected to the interface in question. It is usually helpful to provide DNS hostname, IP Address, which port on the remote system is connected, and its function.
Step 3 - This step depends on your equipment and IOS version, and requirements. Enter "switchport" if you need the interface to act as a switch port. Some hardware does not support switchport mode, and can only be used as a router port. Check your documentation if you don't know the difference between a router port and a switch port.
Step 4 - Enter "switchport private-vlan host association XX YY" where XX is the primary VLAN you want to assign, YY is the secondary VLAN you want to associate with it.
Step 5 - Enter "switchport mode private-vlan host" to force the port to operate as a private-vlan in host mode.
Step 6 - Exit configuration mode by entering "end".
Step 7 - Save your configuration to memory by entering "wr mem" and to the network if you have need using "wr net". You may have to supply additional information to write configurations to the network depending on your device configuration.


:
stephen
 
Posts: 507
Joined: Thu Feb 09, 2006 9:37 am
Location: Brisbane

Return to Cisco

Who is online

Users browsing this forum: No registered users and 3 guests

cron