Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1063
Views
10
Helpful
10
Replies

how vlan work?

tinchan2010
Level 1
Level 1

‎09-08-2014 08:51 PM - edited ‎03-07-2019 08:40 PM

i have some confusion in my network environment, as i previously understanding was, access port allow only 1 vlan. 

 

but, in my situation, i got 2 switch, sw-01 and sw-02 connect directly, using access mode, configuration goes like this, 

sw-02#sh run int fa0/12

Building configuration...

 

Current configuration : 128 bytes

!

interface FastEthernet0/12

 description ## to m cloud##

 switchport access vlan 104

 switchport mode access

 duplex full

end

 

 

 

sw-01#sh run int gi0/39

Load for five secs: 7%/0%; one minute: 7%; five minutes: 6%

Time source is NTP, 02:36:29.334 UTC Tue Sep 9 2014

 

Building configuration...

 

Current configuration : 88 bytes

!

interface GigabitEthernet0/39

 switchport access vlan 50

 switchport mode access

end

 

even though, both end carry different vlan, they could communicate well between another end, even on diff vlan, i'm confuse.

anyone care to explain?

 

thanks a lot. 

Labels:
0 Helpful
10 Replies 10

InayathUlla Sharieff
Cisco Employee
Cisco Employee

‎09-08-2014 09:32 PM

This below might help:

We should always use the terminology of network and subnet properly. When we talk about networks we should always remember it is a classful either /8, /16, or /24 ex: 192.168.10.0 ; 172.16.0.0 ; 10.0.0.0

 

And for the subnets it means a major network is divided into smaller networks.

Example: Network: 192.168.10.0/24

                 Subnet: 192.168.10.32/27

                               192.168.10.64/27

                               192.168.10.96/27 and so on...

 

So to answer your question, I think you cannot configure two switches with different vlan within same subnet because it will overlap other vlan or the ip address that was already configured.

 

I made and example for this situation, you can create different vlans in both switches and still communicate if they are in the same vlans. For example in switch1 have vlan 10, 20 and 30 same as in the switch2  and pc1(192.168.10.40) can ping with pc2 in switch2 (192.168.10.41) because both are in the same vlan. In switch1 there are 2 pc in vlan 30 and they ping each other together with the laptop in switch2 (192.168.11.12).

 

 

I hope this will help you understand.

0 Helpful

InayathUlla Sharieff
Cisco Employee
Cisco Employee
In response to InayathUlla Sharieff

‎09-08-2014 09:34 PM

Simple way:

If the link between the switches is access link it will work

 

PC1--------(Vlan 10)-SW1-(Vlan 10)-------Accesslink---------------(Vlan 100)--SW2--(Vlan 100)------------PC2

 

 

Think both  the ports on SW1 are in Vlan 10 and all the ports on SW2 are in VLAN  100, and PC1 and PC2 are in same subnet, they can communicate each other

 

HTH

0 Helpful

InayathUlla Sharieff
Cisco Employee
Cisco Employee
In response to InayathUlla Sharieff

‎09-08-2014 09:39 PM

Some more information on this:

Vlan is a single broadcast domain.

But your understanding is correct you cant ping the networks between the vlan if you dont have the layer 3 device.

But understand the reason suggested above only this is the way it will work else the other option would be that if the vlans 10 and vlan 100 of other side is in native vlan configured then it will again works.

 

When it would not work:

===================

PC1--Vlan 10--Sw1======Trunk Port========Sw2---Vlan 20--PC2

Above diagram though you have the same network confiugred on PC's still you wont be able to ping each other.

Ping only works when you configured the switches interconnect links to be part of respective access vlan port or native vlan for that respective vlan configuration.

 

HTH

 

 

tinchan2010
Level 1
Level 1
In response to InayathUlla Sharieff

‎09-08-2014 09:51 PM

tq, now i undesrtand well.. :)

0 Helpful

Akash Agrawal
Cisco Employee
Cisco Employee

‎09-08-2014 09:38 PM

Hi,

 

VLAN matters when frame enters to switch and this is to limit the broadcast scope on that switch for frame coming on particular vlan. To retain information of vlan, if frame goes out of a trunk, switch tags the frame with that particular vlan. But when frame goes out an access port (vlan A), it goes untagged and other switch receives the untagged packet. For the other switch frame is part of that clan only (vlan B).

 

—Pls don’t forget to rate helpful posts—

Regards,

Akash

tinchan2010
Level 1
Level 1
In response to Akash Agrawal

‎09-08-2014 09:46 PM

tq.. i understand well now.. untagged is the key point...

highly appreciate

0 Helpful

tinchan2010
Level 1
Level 1
In response to Akash Agrawal

‎09-09-2014 07:12 PM

hi akash,

 

in my situation, on this connecting link, only vlan 10 and 20 traffic reside on this link (untagged packet), am i correct?

 

0 Helpful

pranaweshk
Level 1
Level 1
In response to tinchan2010

‎09-10-2014 05:40 AM

Hi Tin,

In your case , 50 and 104 tagged traffic will flow between Sw-01 and Sw-02

Suppose Packet-A flow from Sw-02 to Sw-01

 Sw-02 port @ fe0/12 only accept   104 tagged packet-A  and send untagged traffic towards Sw-01 port @ Gi 0/39

And Sw-01 port @ Gi 0/39  will tag 50 to this packet-A and forward it to Vlan 50 tagged (Access or trunk ) port

 

and Vice versa for Sw-01 to Sw-02

0 Helpful

pranaweshk
Level 1
Level 1
In response to pranaweshk

‎09-10-2014 05:51 AM

This type of desigh is used for P2P connectvity through switch

0 Helpful

tinchan2010
Level 1
Level 1
In response to pranaweshk

‎09-11-2014 08:23 PM

mistakenly quote vlan 10 and 20, :P

 

ok understood, tq 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card