VLAN and TRUNK Explained

VIRTUAL LAN (VLAN)

VLAN is a network segment created by software in a network switch, as opposed to a physical network segment created by a network switch or router. VLANs allow network administrators to segment a physical network into logical networks, providing a way to organize and manage network resources.

One of the main advantages of VLANs is the ability to segment a network into smaller, more manageable segments. This can be useful in a large organization with many different departments, as each department can have its own VLAN. This allows for better security and network performance, as traffic between departments is kept separate and does not have to compete for bandwidth.

Another advantage of VLANs is the ability to provide isolation between different users or devices. This can be useful in a shared environment, such as a school or hotel, where different users should not be able to access each other's network resources.

VLANs can also be used to improve network security. By segmenting a network into smaller segments, it is more difficult for an attacker to gain access to the entire network. Additionally, VLANs can be configured to provide additional security features, such as access control lists (ACLs) and port security.

VLANs can also be used to improve network performance. By segmenting a network into smaller segments, it is possible to reduce the amount of broadcast traffic on the network. This can be especially useful in large networks, where broadcast traffic can consume a significant amount of bandwidth.

VLANs can be configured in a number of ways, depending on the needs of the network. One common method is to use a VLAN trunking protocol, such as IEEE 802.1Q, to carry VLAN information between network switches. This allows for the creation of VLANs that span multiple switches.

Another method is to use a VLAN tagging protocol, such as IEEE 802.1ad, to tag packets with VLAN information. This allows for the creation of VLANs that span multiple network devices, such as routers and firewalls.

VLANs can also be configured using a VLAN management protocol, such as the Virtual Router Redundancy Protocol (VRRP) or the Hot Standby Router Protocol (HSRP). These protocols allow for the creation of virtual routers, which can be used to provide redundancy and load balancing for VLANs.

Shortly, VLANs are a powerful tool for network administrators, providing a way to segment a network into smaller, more manageable segments. They can be used to improve network security, performance, and manageability, and can be configured in a number of ways to meet the needs of a network.

TRUNK

A trunk is a networking term that refers to a link between two network devices, such as switches or routers, that carries multiple VLANs over a single physical connection. The VLANs are typically identified by adding a VLAN tag, or identifier, to the packet headers as they travel over the trunk link. This allows for the creation of VLANs that span multiple network devices, providing a way to segment a network into smaller, more manageable segments.

One of the main advantages of trunks is the ability to increase the available bandwidth for VLANs. By carrying multiple VLANs over a single physical link, trunks allow for the efficient use of network resources and can help to reduce the number of physical connections required in a network. This can be especially useful in large networks, where the number of physical connections can quickly become unwieldy.

Another advantage of trunks is the ability to provide redundancy and load balancing for VLANs. By using multiple trunks, it is possible to create a redundant, or backup, link for each VLAN. This can help to ensure that network traffic continues to flow even if one of the trunk links fails. Additionally, trunks can be configured to load balance traffic across multiple links, helping to ensure that network resources are used efficiently.

Trunks can also be used to improve network security. By segmenting a network into smaller segments, it is more difficult for an attacker to gain access to the entire network. Additionally, trunks can be configured to provide additional security features, such as access control lists (ACLs) and port security.

Trunks are typically configured using a VLAN trunking protocol, such as IEEE 802.1Q. This protocol allows for the creation of VLANs that span multiple network devices and is the most widely used trunking protocol in the industry.

Another popular protocol is IEEE 802.1ad, also known as Provider Bridging (Q-in-Q), which allows for multiple VLANs to be carried over a single trunk link. This protocol is commonly used in service provider networks to allow for the creation of multiple customer VLANs that can be carried over a single physical link.

Trunk links can also be configured to provide Quality of Service (QoS) for different types of network traffic. This can be useful in environments where certain types of traffic, such as voice or video, require a higher level of service than other types of traffic.

Trunk links can also be configured to provide Link Aggregation Control Protocol (LACP) which is used to bundle multiple physical links into a single logical link, providing increased bandwidth and redundancy.

So, trunks are a powerful tool for network administrators, providing a way to increase available bandwidth, provide redundancy and load balancing, and improve network security. They can be configured using VLAN trunking protocols such as IEEE 802.1Q and IEEE 802.1ad, and can also be configured to provide Quality of Service (QoS) and Link Aggregation Control Protocol (LACP) for different types of network traffic. Trunk links provide a way to segment a network into smaller, more manageable segments and can help to improve the overall performance and manageability of a network.

HOW TO CONFIGURE

*****Following commands are for CISCO IOS. So these commands may not work properly with other manufacturer devices. You also may need to double check the commands for your own environment device versions.

***** To create a VLAN:

• vlan

***** To assign a name to the VLAN:

• name

***** To assign an interface to a VLAN:

• interface
• switchport access vlan

***** To configure a trunk link

• interface
• switchport mode trunk

***** To configure the VLAN trunking protocol (VTP):

• vtp mode

***** To configure a specific VLAN to be allowed on a trunk link:

• interface
• switchport trunk allowed vlan

***** To configure a range of VLANs to be allowed on a trunk link:

• interface
• switchport trunk allowed vlan

***** To configure the native VLAN on a trunk link:

• interface
• switchport trunk native vlan

***** To configure Quality of Service (QoS) on a trunk:

• interface
• mls qos trust dscp

***** To configure LACP) on a trunk:

interface

channel-group mode active