CCNA 200-301 Thread 3. VLANs and CLI Configuration

CCNA 200-301 Thread 3. VLANs and CLI Configuration
Photo by ThisisEngineering / Unsplash

Hello friends and networking pros. I am currently preparing for the CCNA 200-301 exam. In this article, we'll be working with Virtual Local Area Networks (VLANs) and how to configure them using the Cisco IOS Command Line Interface (CLI).

Introduction to VLANs

VLANs are a powerful tool that allow us to logically segment a switched network into separate broadcast domains. This provides several key benefits:

  • Improved security: VLANs isolate traffic between different groups of devices
  • Better performance: Segmenting reduces unnecessary broadcast traffic
  • Simplified management: VLANs allow logical grouping of devices based on department, function, etc.

By default, Cisco switches place all ports into VLAN 1. To take advantage of VLANs, we need to reassign ports to VLANs that match our network's logical structure. A good analogy is to think of VLANs as separate "containers" or "bubbles" that Ethernet frames are confined to.

Planning a VLAN Scheme

Before configuring any VLANs, it's important to plan out your VLAN scheme. Here are some best practices:

  • Use a consistent VLAN numbering convention. A common approach is to match VLAN IDs to the IP network. For example, use VLAN 10 for the 10.0.10.0/24 network, VLAN 11 for 10.0.11.0/24, and so on. Valid VLAN IDs range from 1-4094.
  • Have a 1-to-1 mapping between VLANs and IP subnets. This constrains broadcast traffic to only the devices that need to see it. For instance, create separate VLANs for your data, voice, management, and server networks.
  • Configure all switches with the full set of VLANs used in your environment. Switches will drop traffic for VLANs they aren't configured for.
  • Give VLANs descriptive names that identify their purpose. This makes troubleshooting much easier!

Configuring VLANs via CLI

Now let's look at how to actually configure VLANs on a Cisco switch using the CLI.

CLI Basics

First, a quick primer on Cisco IOS CLI:

  • User EXEC mode (>): Limited functionality, basic monitoring only
  • Privileged EXEC mode (#): Access to all commands, entered via enable
  • Global configuration mode (config #): Where configuration changes are made, entered via configure terminal

Some handy commands to know:

  • show ? - Lists available commands
  • show vlan - Displays VLAN info
  • show mac address-table - Shows MAC addresses the switch has learned
  • copy running-config startup-config - Saves config changes

Adding VLANs

To add a new VLAN, go into global configuration mode and use the vlan command followed by the VLAN ID. For example:

Switch# configure terminal
Switch(config)# vlan 10
Switch(config-vlan)# name Data
Switch(config-vlan)# end
Switch# show vlan brief

This creates VLAN 10 and gives it a name of "Data". The show vlan brief command lets you verify the VLAN was created.

Assigning Ports to VLANs

With the above, we created the VLANs but they aren't assigned to any ports!

To place a port into a VLAN, use the switchport access vlan command in interface configuration mode:

Switch# configure terminal 
Switch(config)# interface FastEthernet 0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10

This assigns interface Fa0/1 to VLAN 10. Repeat this for all ports you want to assign to each VLAN.

Save Configuration Changes

Remember to save your configuration changes so they persist through a reboot:

Switch# copy running-config startup-config

Wrapping Up

VLANs and proper use of the CLI are essential skills for any network engineer. With practice, you'll be configuring VLANs with confidence! Stay tuned for more topics in networking related to CCNA 200-301 certification.

Note that we configured an access port for vlan 10 above, we'll discuss more about the differences of an access port and trunk port in a later article.

Read more