[TriLUG] OT help using vlans

Jon Carnes jonc at nc.rr.com
Sat Sep 10 02:19:08 EDT 2005 

On Fri, 2005-09-09 at 23:59, Kevin Miller wrote:
> > My question
> > is that on our switches Do I have to specify an ip address of each vlan,
> > meaning would I have to give vlan 1 and IP address of 10.10.1.x/24 on the
> > switch. My second question is since each switch has an uplink, to another
> 
> 
> No, each switch only requires one IP for management. This can be in any of 
> the vlans, theoretically.
> 

On the Cisco's you have to disable the default Vlan (vlan 1) before you
can create other Vlans. The default Vlan *still* works - though it shows
as being shutdown.

I like to give each vlan segment on a switch it's own IP - especially if
I isolate the Vlan's from each other. This lets me access the switch no
matter which Vlan I'm in.  You might wish to only put IP's in the IT
Vlan of your switches, so only those machines on the IT Vlan can access
the switches directly.

> > switch and each switch contains all 3 vlans must the uplink port be a
> > member of all 3 vlans? Another question is if all 4 switches are a member
> 
> 
> The port should be configured for 802.1q trunking. You'll define one of the 
> vlans to be the "native" (or untagged) vlan. This could even be some other, 
> completely unused vlan (e.g. vlan 100). Some recommend using the vlan that 
> you're using for management as the native vlan.
> 
> Anyway, then the other vlans are just carried across the trunk. You should 
> be able to limit the trunked vlans, if you cared. 
> 
> > of the same stack will the vlan IDs carry over to the other switches? We
> 
> 
> Depends on the stacking technology. I'm not familiar with the procurve's. 
> 
> > do not want to do any modifications on the workstations, so I do not thing
> > the vlans need to be tagged.
> 
> 
> Correct, all of the workstation ports should be in "access" (or untagged) 
> mode, and you assign whatever vlan is appropriate for the connected device.
> 
> -Kevin

Most folks like to run single wire to the desktop (the phones have a
built in switch to extend a network connection from the phone to the
local computer). In that case you'll probably want to tag the voice
traffic - no matter what default you use for the port.

For Cisco switches you use something like this on each port of the
switch (except for the uplink ports):
 switchport trunk encapsulation dot1q
 switchport mode trunk
 switchport voice vlan 10

(where vlan 10 is the Voice Vlan)

Good Luck - Jon Carnes

More information about the TriLUG mailing list