Try our training for free.

Gain instant access to our entire IT training library for 1 week. Train anytime on your desktop, tablet, or mobile devices.

Cisco CCNA certification proves your professional worth. It tells prospective employers that you can handle the day-to-day work of running a mid- to large-sized Cisco network....
Cisco CCNA certification proves your professional worth. It tells prospective employers that you can handle the day-to-day work of running a mid- to large-sized Cisco network.

The two-exam CCNA process covers lots of innovative features, which better reflect the skills and knowledge you'll need on the job. Passing both exams is your first step towards higher-level Cisco certification, and trainer Jeremy Cioara has mapped these CCNA training videos to the 640-816 test. This CCNA training is not to be missed.

Here's how one user described Jeremy's training: "By the way, Jeremy Cioara has to be by far one of the BEST Cisco trainers I have ever had the privilege to learn from overall. He not only keeps your attention but his energy is contagious and he provides the information at a level where you grasp it rather easily."

The last day to take the 640-816 exam is Sept. 30, 2013. After that date, the only ICND2 exam available will be 200-101. CBT Nuggets has a training course for the 200-101 exam here.

All trademarks and copyrights are the property of their respective holders.
1. Review: Rebuilding the Small Office Network, Part 1 (33 min)
2. Review: Rebuilding the Small Office Network, Part 2 (28 min)
3. Review: Rebuilding the Small Office Network, Part 3 (23 min)
4. Switch VLANs: Understanding VLANs (16 min)
5. Switch VLANs: Understanding Trunks and VTP (39 min)
6. Switch VLANs: Configuring VLANs and VTP, Part 1 (35 min)
7. Switch VLANs: Configuring VLANs and VTP, Part 2 (39 min)
8. Switch STP: Understanding the Spanning-Tree Protocol (28 min)
9. Switch STP: Configuring Basic STP (21 min)
10. Switch STP: Enhancements to STP (29 min)
11. General Switching: Troubleshooting and Security Best Practices (29 min)
12. Subnetting: Understanding VLSM (18 min)
13. Routing Protocols: Distance Vector vs. Link State (26 min)
14. Routing Protocols: OSPF Concepts (30 min)
15. Routing Protocols: OSPF Configuration and Troubleshooting (39 min)
16. Routing Protocols: EIGRP Concepts and Configuration (32 min)
17. Access-Lists: The Rules of the ACL (27 min)
18. Access-Lists: Configuring ACLs (34 min)
19. Access-Lists: Configuring ACLs, Part 2 (48 min)
20. NAT: Understanding the Three Styles of NAT (20 min)
21. NAT: Command-line NAT Configuration (35 min)
22. WAN Connections: Concepts of VPN Technology (33 min)
23. WAN Connections: Implementing PPP Authentication (34 min)
24. WAN Connections: Understanding Frame Relay (28 min)
25. WAN Connections: Configuring Frame Relay (30 min)
26. IPv6: Understanding Basic Concepts and Addressing (34 min)
27. IPv6: Configuring, Routing, and Interoperating (23 min)
28. Certification: Some Last Words for Test Takers (13 min)
29. Advanced TCP/IP: Working with Binary (25 min)
30. Advanced TCP/IP: IP Subnetting, Part 1 (55 min)
31. Advanced TCP/IP: IP Subnetting, Part 2 (22 min)
32. Advanced TCP/IP: IP Subnetting, Part 3 (19 min)

Review: Rebuilding the Small Office Network, Part 1

Review: Rebuilding the Small Office Network, Part 2

Review: Rebuilding the Small Office Network, Part 3

Switch VLANs: Understanding VLANs

00:00:00

We're now moving out of the review and into our first major topic of this series which is VLANs. Nothing can be bigger in the network world in the last decade than VLANs and how they've reshape our entire landscape of the network. So, to start things off will take a look at what normal switches do. Some of the challenges that we experience even in normal

00:00:22

switch network, then we'll see how VLANs and trunks address those issues will define what VLANs are, and then we'll talk about the counterpart that goes right with them and that is trunk connections. Finally will look at the flexibility of VLANs and I present the design option of what VLANs can do for business or an organization giving you flexibility with how you use your network.

00:00:46

With that foundation in place let me be the first to welcome you to the world of VLANs. I kind of think of VLANs like I think about my microwave oven. About two weeks ago my microwave broke down and we called the repair guy and he said my first availability is in a week and half and I was like oh yea go ahead and put us on the calendar and my wife said we'll be without a microwave oven. I said, microwave oven, who needs them

00:01:11

right? You now we got a stove. So it's just a laziness factor. I'm telling you after about 3 days without a microwave oven, I need a microwave oven. I couldn't handle it. I called the repair guy, said don't worry about it, we're going to get a new one. we were that desperate for a microwave

00:01:26

oven and we have a little infant to warm up to the food where to put on. It was horrible, horrible. So it's not like you can't survive without microwave ovens. In the same way it's not like networks don't work without VLANs, but they're so convenient and so powerful.

00:01:43

you see the tie in there. That everybody uses them. What a VLAN does is logically group users. Let's get to the official information right here, it logically groups our users together. So, over here imagine that we had two groups of users in our organization, the marketing group, surrounded by pink, and the sales group surrounded by blue. So, what I can do with

00:02:07

VLANs is actually group those people together where the blue ports are now isolated to the blue ports in that and this is the most accurate statement here. It's segments their broadcast domain. So, if a sales PC sends a broadcast it's only going to come out of the blue ports you can see we've got some blue ports on some other switches as well that will receive the broadcast and this guy down here gets to broadcast. It does

00:02:30

not affect the pink ports and if the pink computers sends a broadcast only the pink PCs lined up receiving that. So, you completely isolate all of those broadcasts domain into two separate groups. Now, as a side note, before we get too deep into VLANs. If the

00:02:47

blue users send a broadcast it comes out of the blue ports right? So, pink users send a broadcast it comes out all the pink ports. If that's the case? What VLAN do these ports belong to? You're probably thinking the answer is both, and that is absolutely correct that is what CISCO calls a trunk port. A trunk

00:03:12

just think of it like the trunk of your car. If it's like mine you get everything in there, you know, and everything goes across the trunk port. So, when you were using VLANs the trunk will carry all VLAN traffic between your switches and that's what allows your VLANs to span beyond just a single switch, otherwise without trunk ports we would have a separate VLAN on all our switches that couldn't communicate. So, the VLAN segment broadcast domains

00:03:36

it also correlates to a subnet. Actually saw a statement on CISCO's website when I was looking for some the VLAN information I thought it was great. They said a VLAN equals a broadcast domain equals a subnet. Meaning all of those things are equal terms. So, for our marketing

00:03:57

group we would be 172.16.1.0/24 And our sales group may be 172.16.2.0/24 They are on separate subnets even though all you see here is a switch. Now keep in mind that when you setup VLANs and we use our VLANs in this this kind of design. These people cannot reach each other. Marketing

00:04:20

people cannot reach sales people and vice versa and that provides a great level of access control if that's what we want. Now we'll talk about routing between VLANs and some of the upcoming videos which is something that you need to do and if you want sales people to be able to be able to talk to marketing people, you would have to get a router that's able to route between those two separate VLANs. The blue people would come in the

00:04:44

router and exit on to the red VLANs and so on and that that's a big topic, we'll talk more about that later. The last thing that VLANs are used for is quality of service. So, I can separate the prioritize traffic from the not so prioritize. For example flush the sales and marketing picture out of your mind and imagine that the pink VLAN represented the PCs and the blue VLAN represented phones. Phones you say? Phones I say. We have nowadays

00:05:18

IP phones that plug into a network so these IP phones have traffic that, I mean, it comes out it's very small, IP phones don't generate much traffic but that traffic has to be protected from everything else. All of the computers will step all over your IP phone traffic, I mean think, think of that IP phones traffic as a delicate little flower.

00:05:43

it's so small and pretty and it comes into this switch and is just kind of floating along trying to get to another IP phone that's on the network somewhere and these PCs here are these football players, I can't draw that. And you know they're running all over

00:05:56

the network trying to gobble up as much bandwidth as they can. When you pit a football player against the flower if you don't do something about it that poor flower is going to get crashed. Where am I going with this? Quality of service sometimes I lose myself. Quality of service allows me to say the flower

00:06:14

that the VOIP or wherever my priority traffic is gets carried above all the rushing football players running around my network which is the pink VLAN, the PCs in this case. So, VLANs will allow me to logically separate them and isolate them from each other.

00:06:31

Before we can truly understand and appreciate the benefits of VLANs we need a hit some key points of the normal switching world, review some of those key concepts. First of, if we just have this usual switch here you know any switch so you can pick up from Best Buy or any electronics store, you're automatically going to get one collision domain per port and that's a good thing, that means that every computer that's plugged into that switch can send and recive at the same time if they're operating in full duplex mode as any other. So this computer could be

00:07:03

sending or receiving along with this one and that's okay that's a huge stride forward from the hub world where only one device plugged into the hub could send or receive at a time. Notice I said send or receive that's the half duplex world. Second piece of the

00:07:18

switch world is that we have broadcast sent to all ports by design. when this computer sends a broadcast in the switch, the switch will send it out every single port except the port it received it on and all the devices will receive it, and that's great because broadcasts are necessary they help us locate services it helps computers advertise services and there's a whole other plethora of uses for broadcasts. But as this network grows and we plug

00:07:45

in another switch here and another one here and link one of here, you just start getting more and more clients attach those broadcast start becoming a problem. They cause a network slowdown where everybody receives these broadcasts and starts becoming too overwhelming.

00:08:01

Now different people will tell you different guidelines for how big the network can get. CISCO rule of thumb is once you reach 500 PCs or 500 devices on a network that's where it's time to divide up in separate networks. That's a pretty liberal amounts I've seen most people in practical use somewhere around two to three hundred PCs will segmented of and start another network. Because the broadcast will start

00:08:25

slowing down the network and all devices that are plugged into it. Now down below that you see one subnet per LAN, meaning in the normal switching world if we have all these switches daisy chained together and I said this is the 172.16.1.0 network that means all the PCs plugged into there have to start with 172.16.1. something, that's one might be.50 here, this might be.51. So, If I were to go of a lim and just say well let's let's go out and make this one 172.17.1.50 or 51 slash 24 and so let's just to that that immediately this computer would be isolated from the rest even though it's plugged in to the same switch, it could not reach any one because logically speaking it thinks it's on a separate network then everybody else. So it's going to try

00:09:16

and go to its default gateway to reach things that are in the subnet. Finally, in the normal switching world we have very limited access control, and what that means is that it's very difficult for me to restrict this computer from reaching that computer.

00:09:33

There is virtual well, there's, there's ways to do it but they are extremely painful and involves assigning access list to a each individual port, we'll talk about access lists later on but it's just not something that's practically done. So, in a flat switch network meaning a single broadcast domain where one broadcast can reach everybody it's a very difficult nearly impossible to prevent devices from accessing each other fully. Before we go on let me just mention that a lot of

00:10:04

the analogies you hear me use, I don't really plan they just kind of come to me as an talking. I pause the video between this and the slide in the in the last An I thought, flowers where did that come from. Hopefully it helped demonstrate the purpose of VLANs. So let's talk

00:10:21

more about the flexibility of VLANs and why they're so powerful. With VLANs you get segmentation of users without routers, without without routers before VLANs there is just no way to separate uses apart and also one of the problems of routers is that you were limited to physical location. Let me give you an example

00:10:42

let's say this was a network of yester year we had building A, building B and building C, and let's say it's college campus well if that were the case we would have to have routers going between these buildings that will allow them to connect together and still allow the users to be separate meaning i've got one subnet of people in this building and one subnet of people over here, if we didn't have routers between the buildings and everybody just linked up. One broadcast would flood the whole

00:11:10

network so we were just tie routers together. Well with VLANs, we can segment our users between the buildings without even needing routers in place. I can say building B is isolated to the blue users. Building A is isolated to pink users. Now, you might see well what that blue guy doing there that some more of the flexibility of VLANs. Before if we had a blue user that

00:11:37

was in this building, I mean maybe building A faced a flowing river, and the blue users here represents it's a college right? So it's the college of art. So let's say that one of the users from from this blue network said you know I just feel inspired when I look out the window and I see the water flowing to paint the beautiful paintings and he said I can't sit and be inspired in building B I wanna sit in building A. Well if we were in the old routed

00:12:10

world and we wanted this user to stay on the building B subnet because maybe the red VLAN over here or the red users represent the administration and there's been some you know college of art users hacking into the administration so we wanted separate them. You see where I'm going with this? The point is that if we had

00:12:28

the router the world the only way to get the that user in the building A on building B's network would be to run an extra long the ethernet cable, remember they go hundred meters. An extra long ethernet cable between the two buildings and plug that user in.

00:12:43

Now that we have VLANs I can assign one port in building A to the college of art VLAN and allow that user to connect. So even though he's sitting right next to one of the college administrators he can not access their PC. The user can look out the window be inspired and be on the college of art network without having to be physically plugged into the college of art building. So that's what I mean when

00:13:10

I see no longer limited to the physical location. You can see over here and building C we also have an IP phone that might be on you know some other VLAN that separated from everybody else and we isolate those, and we could put IP phones in every single building that everybody uses and allow those to be all on the same network that cannot be touched by the PC. That's really good because

00:13:33

there's already programs out there that will allow you to sniff the network like tap into the network and capture the VOIP packets and assembled them into a normal WAVE file or mp3 file so I can actually it's kind of like if you come from the telephone background it's like a but set where you tap into the wires and you can hear the conversations that are going on but people can just do it from their own computers unless you separate those phones from the rest the network and that's one of the powers of VLANs. So with VLANs you also

00:14:07

have tighter control of broadcast. One broadcast within the blue VLANs stays within the blue VLANs. Broadcast in the red VLAN or pink VLAN stays in the pink VLAN. Because of their importance to the network world all I wanted to do is we start off into the world of switch VLANs was give you a base understanding of what of a VLAN is and what trunks do will expose more of the technical details as we dig deeper in this this content. So let's review. We first saw

00:14:36

the view of a normal switch where every single port is its own collision domain. The entire switch in all the switches that are plugged in with crossover cables are one broadcast domain. So one broadcast will go through them all and that can cause a lot of congestion the bigger it gets. Its also very difficult to

00:14:53

control access into those normal switches of what devices can access each other is everybody's one subnet. So as we get into VLANs we see those problems solved. The VLANs are our way of segmenting the switches into separate broadcast domains or separate subnets. That gives us more control over where

00:15:12

the broadcasts go. Gives is the ability to do quality of service and prioritize traffic and it gives us the ability to do access control as we divide people in separate subnets. The trunks are the links that are going between the switches that carry all VLAN traffic.

00:15:29

That's where every VLAN will be allowed to traverse that trunk and that's what allows us to have multiple VLANs on one switch that can span down to VLANs on another switch. Now last but not least, we talked about the flexibility of VLANs and saw some of the possible design options where with VLANs you can actually span between buildings and have people in separate buildings that are normally on different subnets.

00:15:53

Be a part of the same subnet. Because we've used VLANs to do our segmentation. It gives us ultimate flexibility with where our users are located because we're no longer limited to the physical location. I hope this is that informative for you and I like to thank you for viewing.

Switch VLANs: Understanding Trunks and VTP

Switch VLANs: Configuring VLANs and VTP, Part 1

Switch VLANs: Configuring VLANs and VTP, Part 2

Switch STP: Understanding the Spanning-Tree Protocol

Switch STP: Configuring Basic STP

Switch STP: Enhancements to STP

General Switching: Troubleshooting and Security Best Practices

Subnetting: Understanding VLSM

Routing Protocols: Distance Vector vs. Link State

Routing Protocols: OSPF Concepts

Routing Protocols: OSPF Configuration and Troubleshooting

Routing Protocols: EIGRP Concepts and Configuration

Access-Lists: The Rules of the ACL

Access-Lists: Configuring ACLs

Access-Lists: Configuring ACLs, Part 2

NAT: Understanding the Three Styles of NAT

NAT: Command-line NAT Configuration

WAN Connections: Concepts of VPN Technology

WAN Connections: Implementing PPP Authentication

WAN Connections: Understanding Frame Relay

WAN Connections: Configuring Frame Relay

IPv6: Understanding Basic Concepts and Addressing

IPv6: Configuring, Routing, and Interoperating

Certification: Some Last Words for Test Takers

Advanced TCP/IP: Working with Binary

Advanced TCP/IP: IP Subnetting, Part 1

Advanced TCP/IP: IP Subnetting, Part 2

Advanced TCP/IP: IP Subnetting, Part 3

Please help us improve by sharing your feedback on training courses and videos. For customer service questions, please contact our support team. The views expressed in comments reflect those of the author and not of CBT Nuggets. We reserve the right to remove comments that do not adhere to our community standards.

comments powered by Disqus
16 hrs 32 videos

COURSE RATING

Basic Plan Features


Speed Control
Included in this course
Play videos at a faster or slower pace.

Bookmarks
Included in this course
Pick up where you left off watching a video.

Notes
Included in this course
Jot down information to refer back to at a later time.

Closed Captions
Included in this course
Follow what the trainers are saying with ease.

NuggetLab
Files/materials that supplement the video training

Premium Plan Features


Practice Exams
These practice tests help you review your knowledge and prepare you for exams.

Virtual Lab
Use a virtual environment to reinforce what you are learning and get hands-on experience.

Offline Training
Included in this course
Our mobile apps offer the ability to download videos and train anytime, anywhere offline.

Accountability Coaching
Included in this course
Develop and maintain a study plan with assistance from coaches.
Jeremy Cioara
Nugget trainer since 2003