VLAN scenario

This scenario shows how to assign VLAN IDs to access and trunk interfaces for the following deployment:

In this scenario, VLANs are used to isolate the traffic from different devices.

  • VLAN 25 carries tagged and untagged traffic from computers connected to switch B.
  • VLAN 4 carries tagged traffic from computers connected to switch B.
  • VLAN 6 carries tagged and untagged traffic from computers connected to switch C.
  • VLAN 17 carries tagged traffic from computers connected to switch C.
  • VLAN 100 carries untagged traffic from the server.

Procedure
  1. Execute the following commands on switch A and B.
    1. Create VLANs 4 and 25.
      switch# config
      switch(config)# vlan 4,25
    2. Define LAG 1 and assign the VLANs to it.
      switch(config)# interface lag 1
      switch(config-lag-if)# no shutdown
      switch(config-lag-if)# no routing
      switch(config-lag-if)# vlan trunk native 25
      switch(config-lag-if)# vlan trunk allowed 4,25
    3. Add ports 1/1/1 and 1/2/1 to LAG 1.
      switch(config-lag-if)# interface 1/1/1
      switch(config-if)# no shutdown
      switch(config-lag-if)# no routing
      switch(config-if)# lag 1
      switch(config-if)# interface 1/2/1
      switch(config-if)# no shutdown
      switch(config-lag-if)# no routing
      switch(config-if)# lag 1
  2. Execute the following commands on switch A and C.
    1. Create VLANs 6 and 17.
      switch# config
      switch(config)# vlan 6,17
    2. Define LAG 3 and assign the VLANs to it.
      switch(config)# interface lag 3
      switch(config-lag-if)# no shutdown
      switch(config-lag-if)# no routing
      switch(config-lag-if)# vlan trunk native 6 tag
      switch(config-lag-if)# vlan trunk allowed 6,17
    3. Add ports 1/1/13 and 1/2/13 to LAG 3.
      switch(config-lag-if)# interface 1/1/13
      switch(config-if)# no shutdown
      switch(config-lag-if)# no routing
      switch(config-if)# lag 3
      switch(config-if)# interface 1/2/13
      switch(config-if)# no shutdown
      switch(config-if)# no routing
      switch(config-if)# lag 3
  3. Execute the following commands on switch A to configure the connection to the server.
    1. Configure interface 1/2/13 as an access interface with VLAN ID set to 100.
      switch# config
      switch (config)# vlan 100
      switch(config-vlan-100)# interface 1/2/32
      switch(config-if)# no shutdown
      switch(config-lag-if)# no routing
      switch(config-if)# vlan access 100
      switch(config-if)# exit
  4. Verify VLAN configuration by running the command show vlan. For example:
    switch# show vlan
    
    --------------------------------------------------------------------------------------------------------------
    VLAN  Name                              Status  Reason                Type      Interfaces
    --------------------------------------------------------------------------------------------------------------
    1     DEFAULT_VLAN_1                    down    no_member_port        default
    4     VLAN4                             up      ok                    static    lag1
    6     VLAN6                             up      ok                    static    lag3
    17    VLAN17                            up      ok                    static    lag3
    25    VLAN25                            up      ok                    static    lag1
    100   VLAN100                           up      ok                    static    1/2/32
  5. Verify that the connection to the DHCP server is sending/receiving data with the command show interface. Check that the Rx and Tx fields are incrementing. For example:
    switch# show interface 1/2/32
    Interface 1/2/32 is up
     Admin state is up
     Description:
     Hardware: Ethernet, MAC Address: 70:72:cf:3a:8a:0b
     MTU 1500
     Type SFP+LR
     qos trust none
     Speed 10000 Mb/s
     Auto-Negotiation is off
     Input flow-control is off, output flow-control is off
     VLAN Mode: access
     Access VLAN: 100
     
     Rx
                20 input packets              1280 bytes
                0 input error                0 dropped
                0 CRC/FCS
     Tx
                9 output packets             1054 bytes
                0 input error                0 dropped
                0 collision
  6. Verify LAG interface configuration with the command show interface. Check the fields admin state, MAC address, Aggregated-interfaces, VLAN Mode, Native VLAN, Allowed VLAN, Rx count, and Tx count. For example:
    switch# show interface lag1
    Aggregate-name lag1
     Description :
     Admin state           : up
     MAC Address           : 94:f1:28:21:63:00
     Aggregated-interfaces : 1/1/1 1/2/1
     Aggregation-key       : 1
     Speed 1000 Mb/s
     L3 Counters: Rx Disabled, Tx Disabled
     qos trust none
     VLAN Mode: native-untagged
     Native VLAN: 25
     Allowed VLAN List: 4,25
     Rx
                10 input packets              1280 bytes
                0 input error                0 dropped
                0 CRC/FCS
     Tx
                8 output packets             980 bytes
                0 input error                0 dropped
                0 collision
    switch# show interface lag3
    Aggregate-name lag3
     Description :
     Admin state           : up
     MAC Address           : 94:f1:28:21:63:00
     Aggregated-interfaces : 1/1/13 1/2/13
     Aggregation-key       : 3
     Speed 1000 Mb/s
     L3 Counters: Rx Disabled, Tx Disabled
     qos trust none
     VLAN Mode: native-tagged
     Native VLAN: 6
     Allowed VLAN List: 6,17
     Rx
                19 input packets              1280 bytes
                0 input error                0 dropped
                0 CRC/FCS
    Tx
                15 output packets             1000 bytes
                0 input error                0 dropped
    0	Collision
  7. Verify the physical interfaces (1/1/1, 1/2/1, 1/1/13, 1/2/13) with the command show interface. Check that the Rx and Tx fields are incrementing. For example:
    switch# show interface 1/1/1
    Interface 1/1/1 is up
     Admin state is up
     Description:
     Hardware: Ethernet, MAC Address: 94:f1:28:21:73:ff
     MTU 1500
     Type SFP+LR
     qos trust none
     Speed 1000 Mb/s
     Auto-Negotiation is off
     Input flow-control is off, output flow-control is off
     Rx
                6 input packets              620 bytes
                0 input error                0 dropped
                0 CRC/FCS
     Tx
                4 output packets             422 bytes
                0 input error                0 dropped
    0	collision