---

@rabbdavid wrote:

So a non-capable VLAN switch corresponds to a L2 domain, correct?

---

Only if it's the only switch.  If you connect multiple such switches, all of them, together, provide the L2 domain.  BTW, depending on how many ports you want the switched L2 domain to support, and how many ports each switch hosts, you could have lots of switches in the L2 domain.

For example, if you were using 8 port switches, each providing 7 edge ports and 1 uplink, 37 switches would provide 259 edge ports.  Then you would need another 6 8 port switches to provide a distribution layer and a final 8 port switch for the core.  I.e. 44 to support that L2 domain.

What VLANs provide you, we can divide up the ports on a VLAN capable switch to provide multiple L2 domains.  Again, same rules for interconnecting the VLANs.

For example, if we were using 48 ports switches, and the edge switches providing, each, 7 VLAN ports, we would still have 37 edge switches, but the distribution and core switches could all be replaced by one 48 port switch using trunk links.  We also then have 40 other ports on the edge switches to use as we wish.

Ok Joseph, still thanks for your availability.

As for first statement, I can't figure out how devices on VLAN5 on one switch could belong to a different subnet than devices to same VLAN5 on another switch. How could this possible?

How packets could reach devices in different subnets but on same VLAN without L3 device?

I was taught in my CCNA course that between subnet and VLAN a relationship exists.

Also, in my PT files I asked you if management VLAN has something to do with forwarding packets between devices on same VLAN but spread on two switches, or among different VLANs or it has no effect at all.

I am confused on the management VLAN role. What I remember is only that management VLAN needs for allowing you to make a remote connection on a switch so that you can configure it and configure the end devices belonging to that VLAN, via SSH or Telent i.g., but I am not so much sure now.

"As for first statement, I can't figure out how devices on VLAN5 on one switch could belong to a different subnet than devices to same VLAN5 on another switch. How could this possible?"

Because, unless you interconnection the L2 domain between switches,  VLAN 5 on two different switches is two different VLANs, just numbered the same.

Consider non-VLAN capable switches.  If you have two of them, not connected with L2, there one or two L2 domains?  It's two domains.  If you do interconnect them, how many L2 domains do you then have, one or two.  It's one.  VLANs follow the same rules, but you can have multiple VLAN per switch.

For example, you have on one switch, VLANs 3, 4 and 5.  On another switch, VLANs 4, 5 and 6.  No interconnections.  How many L2 domains are there between the two switches?  Correct answer is 6; same as if you had 6 non-VLAN capable switches, without any interconnections.

On a switch with 3 VLANs, 3, 4 and 5, how many L2 domains?  Answer is 3.  But, what if you interconnect a VLAN 3 port and a VLAN 5 port, on that switch?  How many L2 domains then?  You'll have 2, because VLANs 3 and 5 have be joined.

"How packets could reach devices in different subnets but on same VLAN without L3 device?"

If there's not gateway defined, host ARP for any IP, and as that's sent as broadcast, within the same L2 domain, other hosts on different networks will "see" the ARP, and respond.  (Basically, same process for hosts within the same network, which presumes other hosts will be in the same L2 domain.)

"I was taught in my CCNA course that between subnet and VLAN a relationship exists."

A VLAN (L2 domain) can contain multiple subnets, but a subnet cannot be split across L2 domains.

"I am confused on the management VLAN role."

The only thing special about management VLANs are they are generally used just for hosting management IPs and often have additional security to access that VLAN/subnet.  In principal, not much different from a "voice" VLAN, i.e. another VLAN dedicated for a functional purpose.  But a VLAN is a VLAN is a VLAN.  You could mix management IPs, VoIP phone IPs and PCs all on the same VLAN/subnet.

On a switch with 3 VLANs, 3, 4 and 5, how many L2 domains? Answer is 3. But, what if you interconnect a VLAN 3 port and a VLAN 5 port, on that switch? How many L2 domains then? You'll have 2, because VLANs 3 and 5 have be joined.

when you say joined, do you mean port 3 and 5 have been associated to the same VLAN, I.g. VLAN 3 so VLAN5 in such a case ceseas to exist, right?

Consider non-VLAN capable switches. If you have two of them, not connected

when you say L2 domains not connected on NON-VLAN cable switches, do you mean there are no physical links between switches?

If not, in case you want to interconnect this type of non-vlan capable switch,  what do you need to do?

Commands on CLI of non-vlan switch mentions always "vlan" words?

Basically vlan and L2 domain in my head is the same, so how can you set up an L2 domain in this old type of switches?

Is it correct if I say L2 domain = vlan? 

A VLAN (L2 domain) can contain multiple subnets, but a subnet cannot be split across L2 domains

does it mean I can have only VLAN 5 on a switch with 3 PCs belonging to subnet 10.10.10.0/24 and 3 PCs belonging to subnet 20.10.10.0/24 but I can't have these subnets (connected to a VLAN) on another switch?

If so, how can I spread my VLAN5 on another switch?

I can but associating to differiant subnets?

What does this for hosting management IPs mean?

Maybe I can get English meaning here.

Management VLAN can be set with one ip address only, correct? 

I can't understand well this point also sorry:

You could mix management IPs, VoIP phone IPs and PCs all on the same VLAN/subnet

I always imagined voice vlan and a PCs vlan were separated but travel on same port...

A VLAN (L2 domain) can contain multiple subnets, but a subnet cannot be split across L2 domains

does it mean I can have only VLAN 5 on a switch with 3 PCs belonging to subnet 10.10.10.0/24 and 3 PCs belonging to subnet 20.10.10.0/24 but I can't have these subnets (connected to a VLAN) on another switch?

If so, how can I spread my VLAN5 on another switch?

I can but associating to different subnets?

I re-write my question because maybe my English is not correct enough to let you understand what I mean, sometimes:

I can span my VLAN on other switch but only if associating that same VLAN to different subnets?

What does this for hosting management IPs mean? IPs here implicitly means ip addresses of PCs.

Maybe I can get English meaning here. Sorry, I meant CAN’T  not can. I did not understand IPs in your statement implied ip address of PCs.

Management VLAN can be set with one ip address only, correct? I suppose the answer is yes. Instead a vlan interface can have more ip address. But we will get into too deep matter and I don’t think is the case now. I heard about VIP which maybe is always involved in the subject about one only VLAN per multiple subnets, but maybe is better now not to go down so deeply, because maybe I would not understand.

I can't understand well this point also sorry:

You could mix management IPs, VoIP phone IPs and PCs all on the same VLAN/subnet

I always imagined voice vlan and a PCs vlan were separated but travel on same port... here, I confirm you I find hard to understand.

Joseph, I just resend you one of my previous message where I asked for your usual help to understand some implications in VLAN subject. Maybe you lost it.

However I want to thank you becasue now the basic concepts are all more clear to me.

You have been very kind and patient, I think you have been on these subjects for long time, and I do think you have been working with them also for a long time. Thanks again. Luigi (my name)

"What I tried to do is this:

Port f0/6 on both switches was joined/associated with VLAN6

Port f0/7…. On VLAN5

But I don’t know if it is a problem of PT but did not work."

What exactly didn't work.  Do just that should allow pinging between hosts, between the switches, if the SAME VLAN.  For ping between VLANs, you need that and the "fix" for router access.

"What I wanted to verify, was what you told me in your pre-last message, meaning that L2 segments can interconnect and communicate between them without need of L3 device, if I place as many link as VLANs I have configured.

When I say “communicate between them” I mean devices in one VLAN on Swith #1 can forward frames to devices on the same VLAN on Switch #2.

Communication among different VLANs is not possible if not for L3 device.

This is to demonstrate that in case of few VLANs I could even avoid trunk links, but using as many links as VLANs."

Correct.

"I know this theoretically, but I would have liked to find a solution – maybe even with more routers involved – to get different VLANs communicated one each other without using trunk links, otherwise I’d configure trunk link between the two switches and one trunk link only from router to the switch #1."

Sure, as the router has two interfaces, and you have two VLANs, you can use one link per VLAN to each router port, with the correct IP.  I.e. In you PT file, no need to use trunks at all.

Further, those two switch<>router links don't need to be on the same switch.  You already have two router port links, one to each switch, just need to make some configuration changes to make it work.  Take a try at that change, and if you get stuck, I'll provide the necessary changes.

Just reading the rest of the reply I'm replying to, I'm going to provide the changes:

router:

no interface GigabitEthernet0/0.5
no interface GigabitEthernet0/0.6

interface GigabitEthernet0/0
ip address 10.10.10.1 255.255.255.224

interface GigabitEthernet0/1
ip address 11.10.10.1 255.255.255.224

switch0:

default interface GigabitEthernet0/1
interface GigabitEthernet0/1
switchport access vlan 5
switchport mode access

switch1:

interface GigabitEthernet0/2
switchport access vlan 6
switchport mode access

Yes I arrived at your same configuration in my second PT files I had sent you yesterday. Thanks.

When before I said it didn't work when it was supposed to do, was because of buggy PT. Closing and reopening PT the the access links between switches (one with ports associated to VLAN5, and one with its ports associated to VLAN 6) as we said 2/3 days ago, all worked fine.

Hi Joseph,

as mentioned before PT is buggy. 

if you see picture below, I associated as I thought at the beginning and you confirmed in your last messag, port f0/6 to VLAN5 on both swithces, and f0/7 port to VLAN6 on both switches, and VLAN5 devices on SW1 can communicate with same vlan devices on SW2.

The same for VLAN6 devices.

Also I sorted out the communication between the two different VLANs devices with one router only.

It was not like I said before.

Even if I spread devices of one VLAN on two switches, they can communicate by L3 device (router).

If I have two VLANs and two links from switches to router, and I configure gateway for one VLAN on one interface, and the other gateway of the other VLAN on the other interface, they can communicate - CLASSIC INTERVLAN works! - because for the router those two subnets are directly connected to it.

I think we sorted out evertying.

I try to attach the PT file for you to check on your own.