Catalyst 2948G-L3 and Catalyst 4908G-L3 Software Feature and Configuration Guide IOS Software, Release 12.0(18)W5(22a)
Configuring Virtual LAN Encapsulation
Downloads: This chapterpdf (PDF - 161.0KB) | Feedback

Configuring VLAN Encapsulation

Table Of Contents

Configuring VLAN Encapsulation

Understanding VLANs

Configuring ISL VLAN Encapsulation

Configuring 802.1Q VLAN Encapsulation

Configuring 802.1Q VLAN Bridging

Monitoring and Verifying VLAN Operation


Configuring VLAN Encapsulation


This chapter describes VLAN configurations for the Layer 3 switch router. It describes how to configure Inter-Switch Link (ISL) VLAN encapsulation and how to configure 802.1Q VLAN encapsulation. For more information about the Cisco IOS commands used in this chapter, refer to the Cisco IOS Command Reference publication.

This chapter contains the following major sections:

Understanding VLANs

Configuring ISL VLAN Encapsulation

Configuring 802.1Q VLAN Encapsulation

Configuring 802.1Q VLAN Bridging

Monitoring and Verifying VLAN Operation

This chapter takes you through Step 4 of the suggested process for configuring your Layer 3 switch router (see the "Preparing to Configure the Layer 3 Switch Routers" section).


Note This is an optional step. You should have already completed general interface configurations before proceeding with configuring VLANs as an optional step.


Understanding VLANs

VLANs enable network managers to group users logically rather than by physical location. A VLAN is an emulation of a standard LAN that allows data transfer and communication to occur without the traditional restraints placed on the network. It can also be considered a broadcast domain set up within a switch. With VLANs, switches can support more than one subnet (or VLAN) on each switch and give routers and switches the opportunity to support multiple subnets on a single physical link. A group of devices that belong to the same VLAN, but are part of different LAN segments, are configured to communicate as if they were part of the same LAN segment. Layer 3 switching supports up to
244 VLAN subinterfaces per system.

VLANs enable efficient traffic separation and provide excellent bandwidth utilization. VLANs also alleviate scaling issues by logically segmenting the physical LAN structure into different subnetworks so that packets are switched only between ports within the same VLAN. This can be very useful for security, broadcast containment, and accounting.

Layer 3 switching software supports a port-based VLAN on a trunk port, which is a port that carries the traffic of multiple VLANs. Each frame transmitted on a trunk link is tagged as belonging to only one VLAN.

Layer 3 switching software supports VLAN frame encapsulation through the ISL protocol and the 802.1Q standard on both the Catalyst 2948G-L3 and the Catalyst 4908G-L3 switch routers.

Figure 5-1 shows a network topology in which two VLANs span a Catalyst 5500 switch and a Catalyst 2948G-L3 switch router. Both VLANs in this topology are bridged with the ISL protocol.

Figure 5-1 VLANs Spanning Devices in a Network


Note Four adjacent Fast Ethernet ports on the Catalyst 2948G-L3 switch router (such as Fast Ethernet 1 through 4 or Fast Ethernet 45 through 48) must all use the same VLAN encapsulation; that is, either ISL or 802.1Q.


Configuring ISL VLAN Encapsulation

ISL is a Cisco protocol for interconnecting multiple switches and maintaining VLAN information as traffic travels between switches.

You can configure VLAN encapsulation on both the Catalyst 2948G-L3 and the Catalyst 4908G-L3 switch routers. The VLAN configuration example for the Catalyst 2948G-L3 switch router in Figure 5-2 shows the following:

Fast Ethernet port 1 and Fast Ethernet subinterface 2.1 on the switch router are in bridge group 1. Fast Ethernet subinterface 2.1 is part of VLAN 50, which uses ISL encapsulation.

Fast Ethernet port 3 and Fast Ethernet subinterface 2.2 are in bridge group 2. Fast Ethernet subinterface 2.2 is part of VLAN 100, which uses ISL encapsulation.

Figure 5-2 An ISL VLAN Bridging Configuration


Note Four adjacent Fast Ethernet ports on the Catalyst 2948G-L3 switch router (such as Fast Ethernet 1 through 4 or Fast Ethernet 45 through 48) must all use the same VLAN encapsulation; that is, either ISL or 802.1Q.


To configure the ISL VLANs, perform the following procedure, beginning in global configuration mode:

 
Command
Purpose

Step 1 

Router(config)# interface type number.subinterface-number

Router(config-subif)#

Enter subinterface configuration mode to configure the Ethernet subinterface.

Step 2 

Router(config-subif)# encap isl vlan-id

Use ISL to encapsulate the Ethernet frames sent from the subinterface with a header that maintains the VLAN ID between network nodes.

Step 3 

Router(config-subif)# bridge-group number

Assign the subinterface to the specified bridge group.


Note When you are configuring VLAN routing, skip this step.


Step 4 

Router(config-subif)# exit

Router(config)#

Return to global configuration mode.

Step 5 

Router(config)# bridge number protocol ieee

Specify that the bridge group will use the IEEE Ethernet Spanning Tree Protocol.

Step 6 

Router(config)# end

Router#

Return to privileged EXEC mode.

Step 7 

Router# copy running-config startup-config

Save your configuration changes to NVRAM.

The following example shows how to configure the interfaces for VLAN bridging with ISL encapsulation shown in Figure 5-2:

Router(config)# interface fastethernet 2.1
Router(config-subif)# encap isl 50
Router(config-subif)# bridge-group 1
Router(config-subif)# interface fastethernet 1
Router(config-if)# bridge-group 1
Router(config-if)# exit
Router(config)# bridge 1 protocol ieee
Router(config)# interface fastethernet 2.2
Router(config-subif)# encap isl 100
Router(config-subif)# bridge-group 2
Router(config-subif)# interface fastethernet 2
Router(config-if)# bridge-group 2
Router(config-if)# exit
Router(config)# bridge 2 protocol ieee
Router(config)# end
Router# copy running-config startup-config

To monitor the configured VLANs, see the "Monitoring and Verifying VLAN Operation" section.

Configuring 802.1Q VLAN Encapsulation

On an 802.1Q trunk port, all transmitted and received frames are tagged except for those on the VLAN configured as the native VLAN for the port. Frames on the native VLAN are always transmitted untagged and are normally received untagged.

You can configure VLAN encapsulation on both the Catalyst 2948G-L3 and the Catalyst 4908G-L3 switch routers. The VLAN configuration example for the Catalyst 2948G-L3 switch router shown in Figure 5-3 depicts the following:

Fast Ethernet subinterface 2.1 is in the 802.1Q native VLAN 1.

Fast Ethernet subinterface 2.2 is in the 802.1Q VLAN 2.

Figure 5-3 Routing Between 802.1Q VLANs


Note Four adjacent Fast Ethernet ports on the Catalyst 2948G-L3 switch router (such as Fast Ethernet 1 through 4 or Fast Ethernet 45 through 48) must all use the same VLAN encapsulation; that is, either ISL or 802.1Q.


To configure VLANs for routing using 802.1Q VLAN encapsulation, perform the following procedure, beginning in global configuration mode:

 
Command
Purpose

Step 1 

Router(config)# interface type number.subinterface-number

Router(config-subif)#

Enter subinterface configuration mode to configure the Ethernet subinterface.

Step 2 

Router(config-subif)# encap dot1q vlan-id native

Use 802.1Q to send the Ethernet frames from the subinterface to the assigned VLAN ID without any encapsulation. Native VLAN frames transmitted on the interface are untagged. All untagged frames received on the interface are associated with the native VLAN.

Step 3 

Router(config-subif)# ip address ip-address ip-address-mask

Configure an IP address on the subinterface.

Step 4 

Router(config-subif)# end

Router#

Return to privileged EXEC mode.

Step 5 

Router# copy running-config startup-config

Save your configuration changes to NVRAM.

The following example shows how to configure VLANs for routing using 802.1Q VLAN encapsulation shown in Figure 5-3:

Router(config)# interface fastethernet 2.1
Router(config-subif)# encap dot1q 1 native
Router(config-subif)# ip address 10.1.2.3 255.0.0.0
Router(config-subif)# end
Router(config)# interface fastethernet 2.2
Router(config-subif)# encap dot1q 2
Router(config-subif)# ip address 10.1.2.3 255.0.0.1
Router(config-subif)# end
Router# copy running-config startup-config

Note Beginning with Release 12.0(10)W5(18e), untagged packets received on an interface configured with an 802.1Q native VLAN subinterface are switched by the network processor. Network processor switching of untagged packets improves the forwarding performance of the switch router.


Configuring 802.1Q VLAN Bridging

802.1Q VLAN bridging is a protocol for interconnecting multiple switches and maintaining VLAN information as traffic travels between switches. You can configure VLAN bridging on both the Catalyst 2948G-L3 and the Catalyst 4908G-L3 switch routers.

The VLAN configuration example for the Catalyst 2948G-L3 in Figure 5-4 shows the following:

Fast Ethernet port 1 and Fast Ethernet subinterface 2.1 on the Layer 3 switch router are in Bridge-group 1. Fast Ethernet subinterface 2.1 is part of VLAN 50, which uses 802.1Q VLAN bridging.

Fast Ethernet port 3 and Fast Ethernet subinterface 2.2 are in Bridge-group 2. Fast Ethernet subinterface 2.2 is part of VLAN 100, which uses 802.1Q bridging.

Figure 5-4 An ISL VLAN Bridging Configuration


Note Four adjacent Fast Ethernet ports on the Catalyst 2948G-L3 switch router (such as Fast Ethernet 1 through 4 or Fast Ethernet 45 through 48) must all use the same VLAN encapsulation; that is, either ISL or 802.1Q.


To configure the 802.1Q bridging VLANs, perform the following procedure, beginning in global configuration mode:

 
Command
Purpose

Step 1 

Router(config)# interface type number.subinterface-number

Router(config-subif)#

Enter subinterface configuration mode to configure the Ethernet subinterface.

Step 2 

Router(config-subif)# encap dot1q vlan-id native

Use 802.1Q bridging to encapsulate the Ethernet frames sent from the subinterface with a header that maintains the
VLAN ID between network nodes. Native VLAN frames transmitted on the interface are untagged. All untagged frames received on the interface are associated with the native VLAN.

Step 3 

Router(config-subif)# bridge-group number

Assign the subinterface to the specified bridge group.


Note When you are configuring VLAN routing, skip this step.


Step 4 

Router(config-subif)# exit

Router(config)#

Return to global configuration mode.

Step 5 

Router(config)# bridge number protocol ieee

Specify that the bridge group will use the IEEE Ethernet Spanning Tree Protocol.

Step 6 

Router(config)# end

Router#

Return to privileged EXEC mode.

Step 7 

Router# copy running-config startup-config

Save your configuration changes to NVRAM.

The following example shows how to configure the interfaces for VLAN bridging with 802.1Q bridging shown in Figure 5-4:

Router(config)# interface fastethernet 2.1
Router(config-subif)# encap dot1q 50 native
Router(config-subif)# bridge-group 1
Router(config-subif)# interface fastethernet 1
Router(config-if)# bridge-group 1
Router(config-if)# exit
Router(config)# bridge 1 protocol ieee
Router(config)# interface fastethernet 2.2
Router(config-subif)# dot1q 100
Router(config-subif)# bridge-group 2
Router(config-subif)# interface fastethernet 2
Router(config-if)# bridge-group 2
Router(config-if)# exit
Router(config)# bridge 2 protocol ieee
Router(config)# end
Router# copy running-config startup-config

To monitor the configured VLANs, see the "Monitoring and Verifying VLAN Operation" section.

Monitoring and Verifying VLAN Operation

After the VLANs are configured on the Layer 3 switch router, you can monitor their operation by performing the following task, in privileged EXEC mode:

Task
Command

Display information on all configured VLANs or on a specific VLAN (by VLAN ID number).

Router# show vlan vlan-id


To configure encapsulation over the EtherChannel, see the "Understanding Encapsulation over EtherChannel" section.