Configuration of Advanced VLAN Switching

Advanced VLAN Switching

Today network engineers are employing more and more multilayer switched networks. These networks have the advantage of high throughput level 2 switching while retaining the level 3 routing functionality. The secret to the high performance of these networks is the hierarchical design model employing 3 layers Core, Distribution, and Access. This coupled with the advent of VLAN which breaks up collision domains has made the multilayer switched networks the design of choice.

In this Lab Scenario we will configure a complex multilayer switched network employing two switch blocks and all three level of this design topology. We will explore VLANs, Trunking, EtherChannel, and MLS as well as inter VLAN routing.

Before we get started with the lab I would like provide a short description of each of the layers in the hierarchical model.

Core:

The Core layer or Network Backbone primary function is to switch traffic as fast as possible. There should be no manipulation of data at this level such as packet filtering or routing. This layer provides connectivity between switch blocks and access to other blocks like WANs. But the main job is to switch packets as quickly as possible.

Distribution: 

The distribution layer provide connectivity between the core and access layers it also differentiate the cor. This layer provides a boundary definition and designates where potentially expensive packet manipulations are handled. The distribution layer is responsible VLAN aggregation, workgroup access, broadcast or multicast domain definition, inter-VLAN routing, media translation, and security. Routing and packet filtering is handled at this layer.

Access:

The access layer provides connectivity for the end users to the network. This layer can provide filtering in the form of access list: however, the key function of this layer is to provide access for the end users to the network. This layer provides shared bandwidth, switched bandwidth, layer 2 services such as VLAN membership, and traffic filtering.

Configure the Network scenario given below using packet tracer

Connect the switches as shown in the network drawing.

Using the following chart configure management access on VLAN1 to the access level switches.

Access Layer:

Device	IP Address	Subnet
ASW141	172.16.1.41	255.255.0.0
ASW142	172.16.1.42	255.255.0.0
ASW143	172.16.1.43	255.255.0.0
ASW241	172.16.2.41	255.255.0.0
ASW242	172.16.2.42	255.255.0.0
ASW243	172.16.2.43	255.255.0.0

Using the following chart configure management access on VLAN1 to the distribution level switches.

Distribution:

Device	IP Address	Subnet
DSW151	172.16.1.151	255.255.0.0
DSW152	172.15.1.152	255.255.0.0
DSW251	172.16.2.151	255.255.0.0
DSW252	172.16.2.152	255.255.0.0

Configure the VTP domain on all access layer switches and change the VTP mode to server.

Configure all interfaces on access layer switches to the distribution layer switches as trunks.

Remove VLANs 51 and 52 from the trunk lines.

Create the following VLAN from one of the access switches on each of the switch blocks.

Device	VLAN	VLAN NAME
ASW141	141	Administration
ASW142	142	Engineering
ASW143	143	Accounting
ASW241	241	Production
ASW242	242	ShippingReceiving
ASW243	243	DataCenter

Assign VLAN to interfaces connecting to end user devices.

Add the distribution switches to the VTP management domain

Enable trunking on interfaces connecting to access switches.

Remove VLANs 51 and 52 from the trunk lines.

Configure trunking on the interfaces between distribution switches in both switching blocks.

Remove VLANs 51 and 52 from the trunk lines.

Create the following VLANs on the distribution switches.

Device	VLAN	VLAN NAME
CSW51	51	Core51
CSW52	52	Core52

Configure DSW142 and 241 as the primary root bridge for the VLANs.

Configure DSW142 and 242 as the secondary root bridge for the VLANs.

Configure Fast EtherChannel on interfaces between distribution switches.

Configure Fast EtherChannel on links to the core switches.

Inter-VLAN Routing:

Using the following table configure Inter-VLAN routing on the distribution switches.

Device	VLAN	Network	Subnet	Gateway
DSW151	1	172.16.1.0	255.255.255.0	172.16.1.153
DSW152	1	172.16.1.0	255.255.255.0	172.16.1.154
DSW251	1	172.16.2.0	255.255.255.0	172.16.2.153
DSW252	1	172.16.2.0	255.255.255.0	172.16.2.154
DSW151	51	172.16.51.0	255.255.255.0	172.16.51.153
DSW152	51	172.16.51.0	255.255.255.0	172.16.51.154
DSW151	52	172.16.52.0	255.255.255.0	172.16.52.153
DSW152	52	172.16.52.0	255.255.255.0	172.16.52.154
DSW251	51	172.16.51.0	255.255.255.0	172.16.51.253
DSW252	51	172.16.51.0	255.255.255.0	172.16.51.254
DSW251	52	172.16.52.0	255.255.255.0	172.16.52.253
DSW252	52	172.16.52.0	255.255.255.0	172.16.52.254
ASW141	141	172.16.141.0	255.255.255.0	172.16.141.143
ASW142	142	172.16.142.0	255.255.255.0	172.16.142.143
ASW143	143	172.16.143.0	255.255.255.0	172.16.143.143
ASW241	241	172.16.241.0	255.255.255.0	172.16.241.243
ASW242	242	172.16.242.0	255.255.255.0	172.16.242.243
ASW243	243	172.16.243.0	255.255.255.0	172.16.243.243

Using Ping verify inter-VLAN connectivity between the VLANs.

MLS:

Configure the distribution switches to participate in multilayer switching.

Verify MLS flow cache.

Packet Tracer Bonus Steps:

Configure the end device as shown in the network drawing

Configure the DC server to provide DHCP scopes for all the domains.

Configure all servers with static IP addresses.

Configure all other devices to use DHCP.

Configure server in Engineering with a static IP address.

Verify devices are receiving IP addresses from the DHCP server

Verify HTTP communications with the web server.   

This concludes this lab but I am sure you can expand on this lab. Try adding some filtering.

Download the Packer tracer 5.3.2.zip

Download the Advanced_VLAN_Switching.zip with configuration