Chapter 4 – VLANs and Trunks

  • How do you configure a VLAN?
    • vlan VLAN-NUMBER
         name VLAN-NAME
      interface NAME
      switchport mode access
      switchport access vlan
  • What is a dynamic VLAN? 
    • When a VLAN is assigned to a MAC address rather than a port.
  • What is an End-to-End VLAN?
    • When a VLAN is spanned the entire switch network, not only one switch block.
    • It is not recommended as the broadcast messages cause high CPU usage in the core layer. Also a broadcast storm could take down the whole campus.
  • What is the 80/20 rule?
    • Roughly it expects that 80% of traffic will stay in the local workgroup, whereas 20% is destined for a remote resource in the campus network.
  • What is the 20/80 rule?
    • 20% local, 80% remote
    • ie.: the users have to reach central resources
  • What is a local VLAN?

    • The VLANs stay within the switch block borders.


VLAN Trunks

  • What happens when a trunk sends frames but the other side is a simple access port?
    • The VLAN identifier is removed before the frame is transmitted to the destination host.
  • What protocols are used for making trunks?
    • Inter-Switch Link (ISL) – cisco proprietary
    • IEEE 802.1Q
  • What is 802.1Q native vlan?
    • In this case the frames do not have any tagging information as if a trunk link was not being used.
  • What is the effect of “vlan dot1q tag native” command?
    • All outgoing frames are going to be tagged with the corresponding VLAN ID (even native).
    • The trunk will drop all untagged frames.
  • Where does the control traffic traverse on a trunk?
    • Control traffic (DTP, CDP, VTP and PAgP) is using Vlan1 (doesn’t matter if tagged or untagged)
  • How big is the overhead in case of ISL and in case of .1Q?
    • ISL: 30 bytes
    • 802.1Q: 4 bytes (expect native VLAN, since it is untagged)
  • How big is the VLAN ID field inside a 802.1Q frame?
    • 12 bit
  • How do you configure a VLAN trunk? 
switch(config-if)#switchport trunk encapsulation { isl | dot1q | negotiate }
switch(config-if)#switchport trunk native vlan VLAN-ID
switch(config-if)#switchport trunk allowed vlan { VLAN-LIST | all | add | except | remove }
switch(config-if)#switchport mode {trunk | dynamic {desirable | auto }}
  • What are the options of “switchport trunk encapsulation …” ?
    • isl
    • dot1q
    • negotiate (default): The encapsulation will select ISL or dot1q, whichever both ends of the trunk support. If both end supports both types, ISL is favored.
  • What is the default native VLAN used by 802.1Q?
    • vlan 1
  • What is the point of “switchport trunk allowed vlan” ?
    • Defines which VLANs can be trunked over the link.
    • Default: all vlans allowed
  • How do you configure dynamic trunking protocol (DTP)?
    • (interface)switchport mode …
    • trunk
      The port is configured as trunk statically. If the other side is trunk, dynamic desirable or dynamic auto, trunking will be negotiated successfully.
    • dynamic desirable (default)
      The port actively attempts to convert the link into trunking mode. If the other side is trunk, dynamic desirable or dynamic auto, trunking will be negotiated successfully.
    • dynamic auto
      The port can be converted into a trunk link, but only if the far-end switch actively requests it. If  the other side is trunk or dynamic desirable, trunking will be negotiated successfully.
  • How often DTP frames are sent?
    • every 30 seconds
  • What happens to DTP when “switchport access” is configured?
    • DTP will still send frames. If you want to disable DTP entirely use:
      switchport nonegotiate
  • What happens when DTP communicates to a non-cisco device?
    • It cannot communicate to a non-cisco device since DTP is Cisco proprietary protocol.
      You should always disable DTP
  • What happens when you prune a vlan from the “allowed vlan” list, but only one side?
    • The other side will still flood broadcast using the bandwidth.
  • What command can you use for troubleshooting?
    • show interface Fa1/0 switchport
    • show interface status
    • show interface Fa1/0 trunk

Voice VLANs

  • What are the options for carrying the voice traffic?
C3750-mid(config-if)#switchport voice vlan ?
 <1-4094> Vlan for voice traffic
 dot1p Priority tagged on PVID. Tagged as VLAN 0
 none (Default) Don't tell telephone about voice vlan. Tagged same as the access VLAN.
 untagged Untagged on PVID. Native VLAN


  • How can you check whether a VLAN is carried over the trunk link?
    • show spanning-tree interface

Wireless VLANs

  • What operational modes do switches have?
    • Autonomous mode: The AP operates independently and directly connects VLANs to WLANs on a one-to-one basis.
    • Lightweight mode: The AP must join with a wireless LAN controller. The AP connects each of its own WLANs with a VLAN connected to the controller. All of the VLAN-WLAN traffic is encapsulated and carried over a special tunnel between the AP and the controller.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

Create a free website or blog at

Up ↑