Try our training for free.

Gain instant access to our entire IT training library for 1 week. Train anytime on your desktop, tablet, or mobile devices.

Employers know that CCNP-certified job applicants have a real-world knowledge of networking.  They also know that Cisco awards big discounts to companies that hire Cisco-certified staff. 

After watching Jeremy Cioara's new CCNP 642-813 SWITCH training, you'll be a master-level consultant on Cisco switched networks. You'll also have brighter career prospects and be an important step closer to CCNP certification.

Jeremy covers everything you ever wanted to know about switching in this update to his existing BCMSN course.  In no time, you'll be designing your network for maximum uptime and preparing it for advanced services like WiFi, VoIP and Video over IP. 

Jeremy's training maps to Cisco CCNP certification exam 642-813....
Employers know that CCNP-certified job applicants have a real-world knowledge of networking.  They also know that Cisco awards big discounts to companies that hire Cisco-certified staff. 

After watching Jeremy Cioara's new CCNP 642-813 SWITCH training, you'll be a master-level consultant on Cisco switched networks. You'll also have brighter career prospects and be an important step closer to CCNP certification.

Jeremy covers everything you ever wanted to know about switching in this update to his existing BCMSN course.  In no time, you'll be designing your network for maximum uptime and preparing it for advanced services like WiFi, VoIP and Video over IP. 

Jeremy's training maps to Cisco CCNP certification exam 642-813.
1. Welcome to Cisco Switch: Watch Me First! (17 min)
2. The Switches Domain: Core Concepts and Design (42 min)
3. VLANs: Configuration and Verification (13 min)
4. VLANs: In-Depth Trunking (35 min)
5. VLANs: VLAN Trunking Protocol (33 min)
6. STP: Foundation Per-VLAN Spanning Tree Concepts, Part 1 (23 min)
7. STP: Foundation Per-VLAN Spanning Tree Concepts, Part 2 (34 min)
8. STP: Rapid Spanning Tree Concepts and Configuration (24 min)
9. EtherChannel: Aggregating Redundant Links (24 min)
10. L3 Switching: InterVLAN Routing Extraordinaire (28 min)
11. L3 Switching: Understanding CEF Optimization (16 min)
12. Redundancy in the Campus: HSRP, VRRP, and GLBP Part 1 (43 min)
13. Redundancy in the Campus: HSRP, VRRP, and GLBP Part 2 (23 min)
14. Campus Security: Basic Port Security and 802.1x (32 min)
15. Campus Security: VLAN and Spoofing Attacks (31 min)
16. Campus Security: STP Attacks and Other Security Considerations (15 min)
17. Campus VoIP: Overview, Considerations, and AutoQoS (44 min)
18. Wireless LAN: Foundation Concepts and Design Part 1 (26 min)
19. Wireless LAN: Foundation Concepts and Design Part 2 (22 min)
20. Wireless LAN: Frequencies and 802.11 Standards (34 min)
21. Wireless LAN: Understanding the Hardware (30 min)
22. The Switches Domain: Additional Life-Saving Technology (22 min)
23. Monitoring: Your Pulse on the Network (45 min)
24. Campus Security: VACLs (14 min)

Welcome to Cisco Switch: Watch Me First!

The Switches Domain: Core Concepts and Design

VLANs: Configuration and Verification

00:00:00

VLANs, configuration and verification. Well, we've walked into the first of the major topics of the BCMSN video series and that is VLANs. These things define the fabric of just about every enterprise network that you can find in the world today. They are the separator that divides a network

00:00:22

into multiple broadcast domains Before we get too deep into VLANs and trunking and all the different technologies I thought I'd start off with a simple video explaining the foundations of VLANs, what they are, why you would use them, and some design and focusing on Cisco's recommendation of using local VLANs. The last thing

00:00:41

we'll talk about in here is VLAN configuration. We'll jump into a live interface, talk about set up on Cisco switches and assign ports to them. Just to make sure we're all on the same sheet of music, I'd like to do a little review of the VLAN foundations. What are VLANs?

00:01:02

By default, a Cisco switch sends a broadcast everywhere, right? Every switch does. That's what switches do. But when we set up VLANs, the broadcast traffic is restrained to the VLAN that it was received in. So, for example, you can see on the screen I've

00:01:19

got the blue VLAN and the red VLAN. If the computer sends a broadcast, it only comes out the blue ports. Computer sends a broadcast. It comes out the red ports. That's known as separate broadcast domains. We've completely divided those switches up. Now, with

00:01:35

that being said, as a side note, we've got these blue computers and red computers sending broadcasts. If that's the case, then what VLAN port does that belong to? You probably guessed it. All VLANs. If the broadcast is going to go out all these ports then these ports, this white port, and this is a magic port that has two things connected to it, but you get the point. Those

00:01:59

ports send all VLAN traffic and Cisco calls those a trunk port. Now, I will mention if you jump out of the Cisco world into any other vendor, whether it's 3Com or HP, they actually define those ports as tagged ports. So when you're thinking about tagged ports

00:02:18

and trunk ports, they're kind of equivalent in those two words. So with that in mind, setting up VLAN helps you manage your network to really divide it into logical groups. We talked a little bit about this in the first video that opened this whole series.

00:02:34

Now, these VLANs are correlated directly to a subnet. It is a one to one correlation. So every VLAN that you create needs its own subnet assigned to it. These VLANs can be used for access control to prevent the blue users from reaching the red users. They can be used for quality of service to say, well, the blue VLAN gets better treatment than the red VLAN and they get more priority of the bandwidth. And they can be just used for a great

00:03:02

network design. You won't walk into any modern network that has a large campus environment that is not using VLANs. They are, how do you like that? You won't walk into any network with technology from this year and beyond and the routers and just about everybody.

00:03:19

Let me put it that way uses VLANs. They are a great network design and make it very easy to manage large campus environments. When you are setting up VLANs in your network, Cisco recommends that you design them through a concept called local VLANs. All that means is that the VLANs are constrained to a specific switch block. Now, in the opening video to this whole series we talked

00:03:44

about the enterprise composite network model, remember. And one of the things we talked about there was how we're supposed to design our network in these groups, this access layer, distribution layer, and up here is our core layer devices that really separate the major sections of our network. It could be done by buildings.

00:04:02

It could be done by major departments. It could be done by technology. For example, over here I have the server block and the user blocks. Inside of the server block I have VLAN 10, 11 and 12 that maybe divide up my servers, and I've got the e mail servers in one VLAN, Web servers and so on. And then over on the right I've

00:04:20

got user blocks, maybe the counting and sales department are VLAN 14 and 15. By keeping those VLANs constrained to the switch network, meaning their switch block, I've created local VLANs. And that's good, because now I can implement routing to get to the other destinations. If these guys want to reach the servers,

00:04:42

no worries, I can just route them through the core using my routing table, but these all remain routed links. Because we don't want a broadcast traffic going through the core and hitting other areas of our network. These local VLANs should be created around the physical boundaries.

00:05:02

And usually we don't think about things in physical terms anymore, because VLANs are completely logical. But they should really be created physically speaking with switches that are directly connected. You directly connect access layers to a distribution

00:05:18

layer. Directly connect distribution layers to core layers. Those are your boundaries that should contain your local VLANs. The point is to put it simple, we shouldn't have VLANs that go through the core. They should remain at the distribution layer and stop

00:05:34

there. Well, I'm ready. Let's get into the VLAN configuration. Just the base setup of VLANs on our switch. And logged into a Cisco switch right now, I'm going to type in show VLAN, and just take a look at what VLANs I have on the switch by default. Now,

00:05:50

you can see VLAN 1 right there the default VLAN has all 20 well, 23 ports assigned to it. You can see one through 23. This is a 24 port switch and I'll talk about where port 24 is in just a moment. But below that I have 1,002, three, four, and five VLANs which are not something that we created. They're on there

00:06:11

by default. Those are in order for Cisco to be an industry compliant vendor, they had to have those VLANs, just because the industry standards said you should. Notice it says active but unsupported, because this switch doesn't have FITI interfaces or token rings.

00:06:28

Obviously this is an older standard but they're there by default. All other VLANs we can create. Now, there's two ways to create VLANs. An old way and a new way. I'll show you the old way first. We can do that by typing from privileged mode, and that's where it's kind of funny because we don't start from global config.

00:06:48

You can type in VLAN database. Now, a little paragraph comes up that in short says Cisco's saying this is a mode we used to like but now we don't like it so we're making it go away in future versions of the software that's being deprecated. So this mode

00:07:03

is eventually going away but this is the only mode that many people know. You go into VLAN database and underneath here you can just type in VLAN 100. Followed by name. We'll say IT. VLAN 200. We name it sales. Jump back here. VLAN 200. And so on. Now, this mode and I think one of the reasons why Cisco's trying to make it go away, it's very quirky, in the sense that how do you usually exit from modes? Control Z, right? Some of you are thinking: Type in exit. Most people hit control Z. If

00:07:42

you hit control Z to jump out of this mode it actually undoes everything that you did. It's funny. So when I get out, I have to type in exit. And that's where you get this message Apply Completed. Now when I type in show VLAN I can see default VLAN, IT and sales. So I've created those two VLANs. With the old way

00:08:03

out of the way, let me show you the Cisco preferred way. I go into global config mode and type in VLAN, say a number. We'll say 300. Name. Marketing. You actually go into this VLAN sub configuration mode and name it. You exit back out and do VLAN 400. Name, management. Management. Exit out. Show VLAN and you can see that sure enough

00:08:33

we've added more VLANs to our switch that are available. But no ports have been assigned. So to assign ports I go into global config mode, and I'll just assign the first 10 port. I'll type in interface. Actually, first 10 ports, let's do interface range. Fast ethernet 0/1 through 10. And I'll do first command switch port mode access. Now, let me type the whole command. That command

00:09:00

configures this to be hard coded as an access port. You don't have to do it, but it's very important that you do. Because otherwise it's in a mode known as dynamic, where it will be trying to negotiate a trunk port with the other side. That, by the way, is a horrible

00:09:17

security vulnerability to leave your ports in dynamic mode. You want to either hard code them as access ports or trunk ports. We'll talk about that more in the upcoming video. Actually, it's coming up next where we discuss everything trunking. So we've set these to access ports, which means an end device attaches to them. Then I'll follow that up with switch port access VLAN

00:09:39

and let's throw these guys in 100, they're the IT ports. Do interface range. Fast ethernet. We'll say 11 through 15. Switch port mode access and switch port access VLAN 200. When I jump out, I'll do a show VLAN and I can see that I have a status message splicing up my beautiful output. You can see the IT ports. Whoop.

00:10:02

Right there. With a group of ports underneath it or the ITVLAN. Then I have the sales VLAN with a group of ports underneath it. At this point I have completely segmented my switch. The sales ports cannot reach the IT ports which cannot reach the default VLAN. They are totally separate, a broadcast in those VLAN stays

00:10:23

in those VLANs. So that is how we create VLANs and assign ports to them. Now, the last thing I'll talk about, this is a short video, just on creating VLANs, is where these VLANs are stored. This is a little odd. But Cisco decided not to store the VLANs in the running config. I'll do a show run and do a little scrolling

00:10:46

down. And I can see that there's my spanning tree. All my commands I typed under my interfaces. And interface VLAN one console port nothing. Nothing about VLANs is in the running config. It's all stored in a file in flash called VLAN.dat. You can see the file right there on the bottom. The VLAN database

00:11:09

file holds all the VLANs that we created and their proper names. That is a little bit irksome I'll say. I'm trying to think of the right work. Irksome will do for now. Because you think you clear out your switch. Let's say you erase the config by doing a write erase, or erase startup config and you think you wipe out the config, but when you reboot you'll still see all those VLANs there. That can be an issue when we start getting into

00:11:38

topics like VTP because it may accidently propagate those VLANs when you don't intend. However, when you are properly clearing a switch out, you're erasing its configuration, don't forget not only to do a write erase, which erases the start up config, but also do a delete/colon VLAN.dat. By doing that, that is the only way that you can erase

00:12:05

your VLANs. I'll do a show VLAN. And you can see that they're still there. You might be thinking well Jeremy I thought you just deleted it. They are memory resident. They're sitting in RAM. So we have to reboot this switch. Just power it off and power it back on before those VLANs go away.

00:12:21

So my point in telling you that, this is especially valuable when we get to VTP, when you're clearing a switch, don't forget to erase the VLANs or erase the VLAN database file. And that's about all I have to say about that. So let's wrap up VLANs. This has been the opening video on just creating VLANs.

00:12:41

Modifying ports, assigning them to VLANs. We talked about first off VLAN foundations, what VLANs are. We then got into the VLAN design, which primarily deals with local VLANs. Cisco wants you to make sure that you keep your VLANs constrained to the switch block so they don't go through the core of your network. Last

00:13:02

thing we got into was the VLAN configuration. Walking through first off creating the VLANs from either VLAN database or global config mode. Then assigning your access ports to them. I hope this has been informative for you and I'd like to thank you for viewing.

VLANs: In-Depth Trunking

VLANs: VLAN Trunking Protocol

STP: Foundation Per-VLAN Spanning Tree Concepts, Part 1

STP: Foundation Per-VLAN Spanning Tree Concepts, Part 2

STP: Rapid Spanning Tree Concepts and Configuration

EtherChannel: Aggregating Redundant Links

L3 Switching: InterVLAN Routing Extraordinaire

L3 Switching: Understanding CEF Optimization

Redundancy in the Campus: HSRP, VRRP, and GLBP Part 1

Redundancy in the Campus: HSRP, VRRP, and GLBP Part 2

Campus Security: Basic Port Security and 802.1x

Campus Security: VLAN and Spoofing Attacks

Campus Security: STP Attacks and Other Security Considerations

Campus VoIP: Overview, Considerations, and AutoQoS

Wireless LAN: Foundation Concepts and Design Part 1

Wireless LAN: Foundation Concepts and Design Part 2

Wireless LAN: Frequencies and 802.11 Standards

Wireless LAN: Understanding the Hardware

The Switches Domain: Additional Life-Saving Technology

Monitoring: Your Pulse on the Network

Campus Security: VACLs

Please help us improve by sharing your feedback on training courses and videos. For customer service questions, please contact our support team. The views expressed in comments reflect those of the author and not of CBT Nuggets. We reserve the right to remove comments that do not adhere to our community standards.

comments powered by Disqus
Intermediate 11 hrs 24 videos

COURSE RATING

Basic Plan Features


Speed Control
Included in this course
Play videos at a faster or slower pace.

Bookmarks
Included in this course
Pick up where you left off watching a video.

Notes
Included in this course
Jot down information to refer back to at a later time.

Closed Captions
Included in this course
Follow what the trainers are saying with ease.

NuggetLab
Files/materials that supplement the video training

Premium Plan Features


Practice Exams
These practice tests help you review your knowledge and prepare you for exams.

Virtual Lab
Use a virtual environment to reinforce what you are learning and get hands-on experience.

Offline Training
Included in this course
Our mobile apps offer the ability to download videos and train anytime, anywhere offline.

Accountability Coaching
Included in this course
Develop and maintain a study plan with assistance from coaches.
Jeremy Cioara
Nugget trainer since 2003