VLAN settings on a layer-3 Switch
1) Method 1: General Configuration
- Switch# configure terminal
-
- Switch(config)# vlan 20
-
- Switch(config-vlan)# name test20
-
- Switch(config-vlan)#ip address 1.1.1.1 255.255.255.0
-
- Switch(config-vlan)# end
Method 2: enable VLAN configuration:
- Switch # vlan database // enter the VLAN configuration status
-
- Switch (vlan) # vlan 20 name test20 // Add the vlan id and VLAN name
-
- Switch (vlan) # exit update the VLAN database and exit
2) allocate a port to a VLAN
- Switch # configure terminal
-
- Switch (config) # interface fastethernet0/1
-
- Switch (config-if) # switchport mode access // defines the working mode of the L2 port as the access mode
-
- Switch (config-if) # switchport access vlan 2 // assign a port to a VLAN
-
- Switch (config-if) # end
-
- Switch #
3) Configure VLAN Trunks
- Switch # configure terminal
-
- Switch (config) # interface fastethernet0/4
-
- Switch (config-if) # switchport mode trunk
-
- Switch (config-if) # switchport trunk encapsulation dot1q
-
- Switch (config-if) # end
-
- Appendix: switchport trunk encapsulation {isl | dot1q | negotiate} // configure trunk to encapsulate ISL or 802.1Q or automatically negotiate
Switchport mode {dynamic {auto | desirable} | trunk} is generally not used). Configure the layer-2 trunk mode. Dynamic auto-automatically negotiate whether it is a trunk; dynamic desirable-set the port to trunk if the peer port is trunk, desirable, or automatic mode; trunk-set the port to the forced trunk mode, regardless of whether the other port is trunk)
4) define the VLAN allowed by the trunk
- Switch (config) # interface fastethernet0/1
-
- Switch (config-if) # switchport trunk allowed vlan remove 2 // configure the VLAN allowed by the trunk
-
- Switch (config-if) # end
-
- Appendix: switchport trunk allowed vlan {add | all | unique T | remove} vlan-list
5) Configure Native VLAN802.1q)
- Switch (config-if) # switchport trunk native vlan-num
-
- // The trunk port that encapsulates 802.1q can accept tagged and unlabeled data streams. The switch transfers unlabeled data streams to the native vlan, by default, the native VLAN is VLAN 1. Use the no switchport trunk native vlan port configuration command to return to the default status.
6) configure a group of Ports
- 4006 # configure terminal
-
- 4006 (config) # interface range fastethernet2/1-5
-
- 4006 (config-if-range) # no shutdown
-
- // Note: a space must be added between the port numbers. For example, interface range fastethernet 2/1-5 is valid, while interface range fastethernet 2/1-5 is invalid.
-
- The following example shows how to configure groups with different port types using commas:
-
- 4006 # configure terminal
-
- 4006 (config) # interface range fastethernet2/1-3, gigabitethernet3/1-2
-
- 4006 (config-if-range) # no shutdown
7) Other Common commands
- Duplex {auto | full | half}
-
- // Set full or half duplex.
-
- Speed {10 | 100 | 1000 | auto | nonegotiate}
-
- // Note: 1000 only works on Gigabit ports. The GBIC module only works at 1000 Mbps. nonegotiate can only use 1000BASE-SX,-LX, and-zx gbic on these GBIC.
-
- Copy running-config startup-config
-
- // Save settings
8) Configure EtherChannel
Several Ethernet ports are bound to an independent Logical Link. For example, you can bind a 4006 vswitch to a maximum of eight compatible ports with the same speed on any 4006 module. Each Ethernet channel has a port-channel port number. To bind an Ethernet channel, a logical port-channel is generated. The configuration under the logical port may affect the physical port bound with it, however, the configuration of physical ports does not affect the configuration of logical ports.
1) layer-3 Ethernet channel logical port-channe) Configuration
- Switch # configure terminal
-
- Switch (config) # interface port-channel 1 // create a logical port
-
- Switch (config-if) # ip address 172.32.52.10 255.255.255.0
-
- Switch (config-if) # end
2) layer-3 physical port configuration
- Switch # configure terminal
-
- Switch (config) # interface range fastethernet 5/4-5 (Note: spaces are required)
-
- Switch (config-if) # no switchport // change the port to a layer-3 Interface
-
- Switch (config-if) # no ip address // confirm that the interface is not configured with an ip address
-
- Switch (config-if) # channel-group 1 mode desirable
-
- Switch (config-if) # end
-
- Appendix: Switch (config-if) # channel-group port_channel_number mode {auto | desirable | on} // Add the physical port to an Ethernet channel and determine the PagP mode.
3) layer-2 Ethernet Channel Configuration
- Switch # configure terminal
-
- Switch (config) # interface range fastethernet 5/6-7 (Note: spaces are required)
-
- Switch (config-if-range) # channel-group 2 mode desirable
-
- Switch (config-if-range) # end
-
- Switch # show running-config interface port-channel 2
-
- Building configuration...
-
- Current configuration:
-
- !
-
- Interface Port-channel2
-
- Switchport access vlan 10
-
- Switchport mode access
-
- End
-
- Switch #
The configurations of VLAN on a layer-3 Switch have been described.
- Typical VLAN-VPN Configuration
- Typical configurations of multicast VLAN
- Port-based VLAN Configuration Guide
- Basic configuration: cisco switch configuration vlan1)
- Basic configuration: cisco switch configuration vlan2)