1 00:00:02,431 --> 00:00:06,598 (light music with digital sounds) 2 00:00:09,177 --> 00:00:11,667 - In the last video, I introduced you to the 3 00:00:11,667 --> 00:00:13,584 concept of VLAN Trunks. 4 00:00:14,456 --> 00:00:18,175 Which is really just on a switch, a formal way of 5 00:00:18,175 --> 00:00:21,292 identifying different broadcast domains that that one 6 00:00:21,292 --> 00:00:23,897 switch is keeping track of, and keeping isolated 7 00:00:23,897 --> 00:00:24,875 from each other. 8 00:00:24,875 --> 00:00:28,430 In the context of VLANs, we also learned that 9 00:00:28,430 --> 00:00:31,135 all the devices that are in one VLAN are also at 10 00:00:31,135 --> 00:00:34,076 layer three in the same IP subnet. 11 00:00:34,076 --> 00:00:35,754 Now the switch is not aware of that. 12 00:00:35,754 --> 00:00:37,921 If we're talking about just a regular layer two switch, 13 00:00:37,921 --> 00:00:39,552 the switch does not really know anything 14 00:00:39,552 --> 00:00:40,811 about IP and subnetting. 15 00:00:40,811 --> 00:00:43,878 All it knows is that this group of ports here 16 00:00:43,878 --> 00:00:46,362 is contained in one broadcast domain. 17 00:00:46,362 --> 00:00:48,913 This group of ports is in a different broadcast domain. 18 00:00:48,913 --> 00:00:51,448 And the two are not allowed to talk. 19 00:00:51,448 --> 00:00:55,764 Now that being the case, what if you have a situation 20 00:00:55,764 --> 00:01:00,170 like this, and I have worked this up here in GNS3 21 00:01:00,170 --> 00:01:03,230 so you could replicate this if you want. 22 00:01:03,230 --> 00:01:05,147 Where I have two VLANs. 23 00:01:06,448 --> 00:01:10,615 So in this particular case, I have VLAN 1 here and here, 24 00:01:13,277 --> 00:01:16,411 and it's separated between two different switches. 25 00:01:16,411 --> 00:01:21,104 So if all I had was VLAN 1, then this connection between 26 00:01:21,104 --> 00:01:24,515 the switches could also be placed in VLAN 1, 27 00:01:24,515 --> 00:01:27,438 and these guys would be able to communicate. 28 00:01:27,438 --> 00:01:30,447 And in order to make this more of a real-world scenario, 29 00:01:30,447 --> 00:01:33,652 I've also incorporated DHCP server, which in this case 30 00:01:33,652 --> 00:01:35,130 is my router. 31 00:01:35,130 --> 00:01:37,424 Later on in some of the later videos when we talk a little 32 00:01:37,424 --> 00:01:39,436 bit more extensively about DHCP, you'll actually learn 33 00:01:39,436 --> 00:01:43,754 how to configure a router or a switch as a DHCP server. 34 00:01:43,754 --> 00:01:46,507 The configuration's pretty easy and it's the same whether 35 00:01:46,507 --> 00:01:49,699 you do it on a router or on a switch. 36 00:01:49,699 --> 00:01:52,830 Usually in real life, you would have in a regular network 37 00:01:52,830 --> 00:01:56,377 a real server like a Windows server or a Linux server, 38 00:01:56,377 --> 00:01:59,384 or something like that, acting as your DHCP server. 39 00:01:59,384 --> 00:02:02,464 But in some smaller networks, you can get away with just 40 00:02:02,464 --> 00:02:05,975 having your router or your switch double up as a DHCP server 41 00:02:05,975 --> 00:02:08,908 so that's what I'm doing here to make this simple. 42 00:02:08,908 --> 00:02:12,752 So these two PCs here are going to have to get their 43 00:02:12,752 --> 00:02:14,709 IP information from the DHCP server. 44 00:02:14,709 --> 00:02:18,681 You can see that they are going to be in the 1.1.1.x network 45 00:02:18,681 --> 00:02:22,514 and the server itself, the router, is 1.1.1.1. 46 00:02:24,294 --> 00:02:26,421 Now to make things a little bit more interesting, 47 00:02:26,421 --> 00:02:27,973 I also incorporated a second VLAN. 48 00:02:27,973 --> 00:02:31,039 VLAN 2, as you can see right here, and that's also 49 00:02:31,039 --> 00:02:32,759 split across the switches. 50 00:02:32,759 --> 00:02:35,596 Now that poses an interesting dilemma. 51 00:02:35,596 --> 00:02:39,153 Because I only have a single connection here 52 00:02:39,153 --> 00:02:41,188 between these switches. 53 00:02:41,188 --> 00:02:44,271 If I put that connection into a VLAN 1, and I put this 54 00:02:44,271 --> 00:02:46,827 connection here between the switch and the router 55 00:02:46,827 --> 00:02:50,086 and VLAN 1, then these two PCs will be happy. 56 00:02:50,086 --> 00:02:52,633 We'll have one big broadcast domain that will, they'll 57 00:02:52,633 --> 00:02:55,891 be able to communicate with each other via ARP. 58 00:02:55,891 --> 00:02:58,769 Their DHCP broadcast will be able to go down here to the 59 00:02:58,769 --> 00:03:01,121 router and they'll get their DHCP information. 60 00:03:01,121 --> 00:03:04,941 Well that'll leave the people in VLAN 2 out in the cold. 61 00:03:04,941 --> 00:03:09,276 So for VLAN 2, one option I could do is I could connect 62 00:03:09,276 --> 00:03:12,470 another connection between these switches, 63 00:03:12,470 --> 00:03:13,855 put that in VLAN 2. 64 00:03:13,855 --> 00:03:16,763 Connect another connection from the switch to the router. 65 00:03:16,763 --> 00:03:18,908 Put that also in the 2 subnet. 66 00:03:18,908 --> 00:03:21,850 And then our VLAN 2 people would be happy. 67 00:03:21,850 --> 00:03:23,880 They could communicte across the second link. 68 00:03:23,880 --> 00:03:26,847 They could get to their DHCP server across this link. 69 00:03:26,847 --> 00:03:31,145 Now that might be okay if we're only talking about two VLANs 70 00:03:31,145 --> 00:03:34,025 but in a real network, most likely you're going to have 71 00:03:34,025 --> 00:03:37,615 dozens, if not hundreds of VLANs, depending on how large 72 00:03:37,615 --> 00:03:38,925 your network is. 73 00:03:38,925 --> 00:03:42,756 And you're not going to have enough scalability to just 74 00:03:42,756 --> 00:03:46,749 assign individual ports for something like this. 75 00:03:46,749 --> 00:03:50,190 So in this particular case, it's a more scalable solution. 76 00:03:50,190 --> 00:03:52,396 If you haven't heard that term scalable before, 77 00:03:52,396 --> 00:03:55,832 what I'm talking about is designing your network in such 78 00:03:55,832 --> 00:03:59,080 a way that it has room for future growth. 79 00:03:59,080 --> 00:04:01,946 It has room to add more subnets in the future, or room 80 00:04:01,946 --> 00:04:04,209 to add more VLANs in the future. 81 00:04:04,209 --> 00:04:07,203 So you're thinking about, what features can I use, how can I 82 00:04:07,203 --> 00:04:09,033 configure things that will allow me to grow in 83 00:04:09,033 --> 00:04:11,639 the future more easily. 84 00:04:11,639 --> 00:04:14,273 That's what we mean by scalability. 85 00:04:14,273 --> 00:04:16,571 So in this particular case, adding some extra links 86 00:04:16,571 --> 00:04:18,614 isn't really an option for me. 87 00:04:18,614 --> 00:04:21,651 So, what we need to do is we need to figure out some way 88 00:04:21,651 --> 00:04:24,971 that this one link here between the two switches 89 00:04:24,971 --> 00:04:28,396 is actually capable of being in more than 90 00:04:28,396 --> 00:04:30,146 one broadcast domain. 91 00:04:31,001 --> 00:04:34,109 You see, these access ports going to the hosts, 92 00:04:34,109 --> 00:04:37,460 well an access port by definition is only in 93 00:04:37,460 --> 00:04:39,226 one broadcast domain. 94 00:04:39,226 --> 00:04:41,496 This access port right here is in the broadcast domain 95 00:04:41,496 --> 00:04:42,957 known as VLAN 2. 96 00:04:42,957 --> 00:04:45,966 And this access port up here is in the broadcast domain 97 00:04:45,966 --> 00:04:47,896 known as VLAN 1. 98 00:04:47,896 --> 00:04:50,570 But in the middle here, between the switches and from 99 00:04:50,570 --> 00:04:53,458 the switch to the router, I have a need to actually put 100 00:04:53,458 --> 00:04:56,476 those links into multiple VLANs. 101 00:04:56,476 --> 00:04:59,732 And this is where the concept of VLAN Trunks 102 00:04:59,732 --> 00:05:01,065 comes into play. 103 00:05:01,975 --> 00:05:06,142 So a VLAN Trunk Port has two or more VLANs across it. 104 00:05:09,118 --> 00:05:12,062 So look at the last bullet point here. 105 00:05:12,062 --> 00:05:16,610 By default all VLAN traffic is allowed from a trunk port. 106 00:05:16,610 --> 00:05:18,496 Now, we know that on the switch, let me ask you 107 00:05:18,496 --> 00:05:19,957 a review question: 108 00:05:19,957 --> 00:05:22,028 What was the default VLAN? 109 00:05:22,028 --> 00:05:25,278 VLAN number "what" is the default VLAN? 110 00:05:26,129 --> 00:05:28,718 Hopefully you said VLAN 1, that's right. 111 00:05:28,718 --> 00:05:31,745 Now, what is the highest numbered VLAN that 112 00:05:31,745 --> 00:05:33,162 you could create? 113 00:05:34,803 --> 00:05:36,386 That was VLAN 4094. 114 00:05:37,682 --> 00:05:41,338 So you had from VLAN 1 to VLAN 4094. 115 00:05:41,338 --> 00:05:46,142 Now, all those VLANs don't exist by default on a switch. 116 00:05:46,142 --> 00:05:48,908 The only ones that exist by default are VLAN 1, and then 117 00:05:48,908 --> 00:05:53,058 those sort of VLANs in the middle, like 1002 - 1005, 118 00:05:53,058 --> 00:05:54,474 and that's it. 119 00:05:54,474 --> 00:05:59,271 So, what Trunk Ports do, is, as you create a new VLAN, 120 00:05:59,271 --> 00:06:03,080 let's say you create VLAN 17, or VLAN 333, 121 00:06:03,080 --> 00:06:06,619 before you even apply it to any access ports, 122 00:06:06,619 --> 00:06:10,810 because remember using a VLAN is a two-step process. 123 00:06:10,810 --> 00:06:15,034 You create the VLAN globally, config T, and then VLAN 25, 124 00:06:15,034 --> 00:06:16,708 and VLAN 17. 125 00:06:16,708 --> 00:06:18,884 Then, if you actually have any ports on the switch 126 00:06:18,884 --> 00:06:21,946 connecting to hosts, you have to go to that port and say 127 00:06:21,946 --> 00:06:26,113 switch port access VLAN 25, or switch port access VLAN 333. 128 00:06:29,500 --> 00:06:33,343 But, even before you apply a VLAN to an access port, 129 00:06:33,343 --> 00:06:37,263 the moment you type in VLAN 5 or VLAN 99, and that becomes 130 00:06:37,263 --> 00:06:39,549 a VLAN in the switch, 131 00:06:39,549 --> 00:06:42,762 if that switch has any functional VLAN Trunks, so now we're 132 00:06:42,762 --> 00:06:44,931 talking about a different mode now. 133 00:06:44,931 --> 00:06:47,781 Previously we talked about switchport mode access, 134 00:06:47,781 --> 00:06:50,029 now we're talking about a different mode: 135 00:06:50,029 --> 00:06:51,960 switchport mode trunk. 136 00:06:51,960 --> 00:06:54,441 And when an interface is considered as a trunk, 137 00:06:54,441 --> 00:06:57,398 whatever VLANs are on that switch are automatically 138 00:06:57,398 --> 00:06:59,693 allowed to go across that trunk. 139 00:06:59,693 --> 00:07:02,943 So if I've got five broadcast domains, VLANs one, two, 140 00:07:02,943 --> 00:07:05,931 three, four, and five, all five of them will automatically 141 00:07:05,931 --> 00:07:07,961 be carried by that trunk. 142 00:07:07,961 --> 00:07:10,376 Now that raises and interesting question if we go back 143 00:07:10,376 --> 00:07:12,543 to our diagram right here. 144 00:07:13,930 --> 00:07:15,263 If this PC, PC 1 145 00:07:19,205 --> 00:07:20,705 generates a frame, 146 00:07:22,063 --> 00:07:24,249 actually let's forget about PC 1 for a second. 147 00:07:24,249 --> 00:07:26,408 Let's take a look at PC 2. 148 00:07:26,408 --> 00:07:31,343 If PC 2 generates a frame that needs to go across this trunk 149 00:07:31,343 --> 00:07:35,888 and then go down here to PC 4, let's say it's a broadcast, 150 00:07:35,888 --> 00:07:38,397 maybe he is sending and ARP request saying, 151 00:07:38,397 --> 00:07:41,653 "Hey PC 4, I need to know what your MAC is." 152 00:07:41,653 --> 00:07:45,820 Once that ethernet frame arrives here on fast ethernet 0/15 153 00:07:46,659 --> 00:07:49,618 of ether switch 2, and let me go ahead and zoom in on that 154 00:07:49,618 --> 00:07:50,701 a little bit. 155 00:07:52,433 --> 00:07:55,332 Right there, okay, let's move this guy out of the way. 156 00:07:55,332 --> 00:07:58,940 Once it comes in right here, switch 2 has to have 157 00:07:58,940 --> 00:08:02,294 some way of knowing, okay this a broadcast that just came in 158 00:08:02,294 --> 00:08:06,188 and I have actually two broadcast domains that I'm aware of, 159 00:08:06,188 --> 00:08:08,105 VLAN 1 and VLAN 2. Hmm. 160 00:08:08,939 --> 00:08:11,441 Which broadcast domain am I allowed to put 161 00:08:11,441 --> 00:08:13,560 this broadcast into? 162 00:08:13,560 --> 00:08:15,204 Because when the broadcast comes across here, 163 00:08:15,204 --> 00:08:19,316 this ARP request, we don't want him to flood it into VLAN 1 164 00:08:19,316 --> 00:08:22,752 because it originated over here in VLAN 2, so it has to be 165 00:08:22,752 --> 00:08:24,419 flooded into VLAN 2. 166 00:08:25,313 --> 00:08:27,819 So that means that as frames go back and forth across 167 00:08:27,819 --> 00:08:31,512 this trunk, there has to be some way of identifying 168 00:08:31,512 --> 00:08:34,679 which broadcast domain they belong to. 169 00:08:36,040 --> 00:08:40,123 And 802.1Q has a very creative way of doing this. 170 00:08:41,913 --> 00:08:46,080 802.1Q applies an extra field to the layer to header called 171 00:08:48,799 --> 00:08:49,966 an 802.1Q tag. 172 00:08:52,147 --> 00:08:55,186 Sometimes they just shorten it as a .1Q tag. 173 00:08:55,186 --> 00:08:57,758 So if were actually to look at what this looks like, 174 00:08:57,758 --> 00:09:00,258 if this was my IP packet here, 175 00:09:03,298 --> 00:09:07,366 so from the perspective of ethernet that's just the data. 176 00:09:07,366 --> 00:09:11,533 And we know that ethernet as a trailer, we call it an FCS 177 00:09:15,070 --> 00:09:16,874 to the end of it. 178 00:09:16,874 --> 00:09:21,041 And then here is my ethernet header at the front end. 179 00:09:24,624 --> 00:09:28,828 Review question: very first field of an ethernet header, 180 00:09:28,828 --> 00:09:31,360 what do we call that field? 181 00:09:31,360 --> 00:09:32,884 That is the preamble. 182 00:09:32,884 --> 00:09:36,299 I'll just put PRE. That's the preamble. 183 00:09:36,299 --> 00:09:38,863 What follows the preamble? 184 00:09:38,863 --> 00:09:41,821 That is the destination MAC. 185 00:09:41,821 --> 00:09:44,878 What follows the destination MAC? 186 00:09:44,878 --> 00:09:47,210 That is the source MAC. 187 00:09:47,210 --> 00:09:50,907 Now, in a regular ethernet frame, what typically follows 188 00:09:50,907 --> 00:09:52,157 the source MAC? 189 00:09:53,291 --> 00:09:56,958 That would be the type code, the type field. 190 00:09:58,142 --> 00:10:00,356 So there would be a number that we would put in here 191 00:10:00,356 --> 00:10:02,431 if this is IP version 4. 192 00:10:02,431 --> 00:10:04,861 There would be a number, a different number we would put 193 00:10:04,861 --> 00:10:06,566 here if it's IP version 6. 194 00:10:06,566 --> 00:10:10,405 well, if this ethernet frame is going across a VLAN Trunk, 195 00:10:10,405 --> 00:10:12,531 and it has to be identified as belonging to 196 00:10:12,531 --> 00:10:14,008 a particular VLAN, 197 00:10:14,008 --> 00:10:16,925 we actually put our tag right here. 198 00:10:19,623 --> 00:10:22,331 So the type field actually contains the tag. 199 00:10:22,331 --> 00:10:26,498 So now here we have a special number, a type number 200 00:10:28,291 --> 00:10:30,458 that says "This is 802.1Q" 201 00:10:32,478 --> 00:10:35,886 So instead of the type field saying "Oh I'm carrying IPv4, 202 00:10:35,886 --> 00:10:39,717 or I'm carrying IPv6," there's actually another number, 203 00:10:39,717 --> 00:10:43,183 a reserve number that says "This is a .1Q tag." 204 00:10:43,183 --> 00:10:44,996 Then there's a couple of other fields in here that we 205 00:10:44,996 --> 00:10:49,300 don't really care about all that much, and then here 206 00:10:49,300 --> 00:10:51,448 is where we put the VLAN. 207 00:10:51,448 --> 00:10:55,118 So if this frame belongs to VLAN 55, you would see 208 00:10:55,118 --> 00:10:57,350 the number 55 in here. 209 00:10:57,350 --> 00:11:02,228 If it belongs to VLAN 6, you would see the number 6 in here. 210 00:11:02,228 --> 00:11:05,199 If I just left it that way, I would be doing you 211 00:11:05,199 --> 00:11:07,643 a disservice because I'd be letting you think, 212 00:11:07,643 --> 00:11:10,981 "Okay, every frame that goes across the VLAN trunk has 213 00:11:10,981 --> 00:11:14,237 a special tag that actually indicates the number 214 00:11:14,237 --> 00:11:15,229 of the VLAN." 215 00:11:15,229 --> 00:11:18,460 And that is true 99% of the time. 216 00:11:18,460 --> 00:11:20,693 But take a look at the second bullet here. 217 00:11:20,693 --> 00:11:23,505 It says all traffic except the native VLAN is inserted 218 00:11:23,505 --> 00:11:25,088 with an 802.1Q tag. 219 00:11:26,476 --> 00:11:29,643 By default, the native VLAN is VLAN 1. 220 00:11:30,995 --> 00:11:34,597 Which means, that when, if I'm a switch, and let's say 221 00:11:34,597 --> 00:11:37,614 I just got a frame on VLAN 1 and I say okay I need 222 00:11:37,614 --> 00:11:40,696 to send it to you, you're another switch, and we have 223 00:11:40,696 --> 00:11:42,613 a 802.1Q tag between us 224 00:11:43,764 --> 00:11:48,071 I'm sorry, we have an 802.1Q VLAN trunk between us, 225 00:11:48,071 --> 00:11:51,400 well if I'm going to put a VLAN 1 frame on here, I'm not 226 00:11:51,400 --> 00:11:52,884 going to tag it. 227 00:11:52,884 --> 00:11:55,246 So when you receive it, it's just going to look like 228 00:11:55,246 --> 00:11:56,993 any other ethernet frame. 229 00:11:56,993 --> 00:11:59,292 It'll have some type code in there that says IPv4, 230 00:11:59,292 --> 00:12:02,550 or maybe a type code that says IPv6, but it'll just look 231 00:12:02,550 --> 00:12:05,841 like a normal ethernet frame to you. 232 00:12:05,841 --> 00:12:10,089 Now if I receive a frame on VLAN 7, as an example, 233 00:12:10,089 --> 00:12:13,535 then before I put on this wire, I'm going to modify 234 00:12:13,535 --> 00:12:17,848 the type code to say this is 802.1Q and this frame 235 00:12:17,848 --> 00:12:19,348 belongs to VLAN 7. 236 00:12:20,234 --> 00:12:22,904 So when you get it, you'll actually see that tag, 237 00:12:22,904 --> 00:12:25,430 and you'll explicitly know it belongs to VLAN 7. 238 00:12:25,430 --> 00:12:29,796 So every frame I put in this VLAN trunk will have a tag 239 00:12:29,796 --> 00:12:33,963 unless it belongs to the broadcast domain known as VLAN 1. 240 00:12:34,892 --> 00:12:37,562 Those frames are untouched, they go across the trunk 241 00:12:37,562 --> 00:12:39,551 in their native format. 242 00:12:39,551 --> 00:12:40,719 They are untouched. 243 00:12:40,719 --> 00:12:43,277 That's why we call it the native VLAN. 244 00:12:43,277 --> 00:12:45,915 Now as with pretty much everything else, if you have 245 00:12:45,915 --> 00:12:48,467 a desire to do so you can change the native VLAN 246 00:12:48,467 --> 00:12:50,356 to something else. 247 00:12:50,356 --> 00:12:52,570 But the main thing is that if we change it, you and I 248 00:12:52,570 --> 00:12:54,452 both have to agree. 249 00:12:54,452 --> 00:12:56,891 If I decide that okay the frames I put on this trunk are 250 00:12:56,891 --> 00:12:59,766 going to be untagged, just regular frames that belong 251 00:12:59,766 --> 00:13:03,667 to VLAN 99, you need to know that, you need to have that 252 00:13:03,667 --> 00:13:07,123 configured, because, how else would you know? 253 00:13:07,123 --> 00:13:09,559 Like, let's say that I kept that as a secret. 254 00:13:09,559 --> 00:13:12,913 Let's say that on my switch I decide, okay, I'm not going 255 00:13:12,913 --> 00:13:15,290 to use VLAN 1 as the native VLAN, I'm going to use 256 00:13:15,290 --> 00:13:17,516 VLAN 99 as a native VLAN. 257 00:13:17,516 --> 00:13:20,231 So whenever I get a frame here from VLAN 99, when I put on 258 00:13:20,231 --> 00:13:23,593 this trunk, I'm going to leave it alone, I'm not going to 259 00:13:23,593 --> 00:13:25,171 tag it at all. 260 00:13:25,171 --> 00:13:28,097 Well if you didn't know that, and you still thought that 261 00:13:28,097 --> 00:13:30,908 VLAN 1 was the native VLAN, once you receive that plain 262 00:13:30,908 --> 00:13:35,075 old ethernet frame without a tag, what broadcast domain 263 00:13:36,179 --> 00:13:40,124 do you think you would assume it belongs to? 264 00:13:40,124 --> 00:13:43,289 You would assume it belongs to VLAN 1 because you didn't 265 00:13:43,289 --> 00:13:46,122 know what I was thinking, you didn't know what I configured. 266 00:13:46,122 --> 00:13:49,660 That's why if you change the native VLAN on one side 267 00:13:49,660 --> 00:13:52,179 of the trunk, you have to make sure it matches on 268 00:13:52,179 --> 00:13:53,342 the other side of the trunk. 269 00:13:53,342 --> 00:13:56,958 If it doesn't, like in that example where I think VLAN 99 270 00:13:56,958 --> 00:14:00,525 is the native VLAN; you think VLAN 1 is the native VLAN, 271 00:14:00,525 --> 00:14:01,711 guess what's going to happen? 272 00:14:01,711 --> 00:14:04,961 Here comes in the broadcast on VLAN 99. 273 00:14:05,943 --> 00:14:10,704 I put on that trunk untagged, regular ethernet frame, 274 00:14:10,704 --> 00:14:13,732 and guess what, when it comes to you, you dump that 275 00:14:13,732 --> 00:14:15,565 broadcast into VLAN 1. 276 00:14:16,793 --> 00:14:18,758 Because you didn't know it came from VLAN 99. 277 00:14:18,758 --> 00:14:21,951 So here's a broadcast that started in VLAN 99, and on your 278 00:14:21,951 --> 00:14:24,820 side is now being dumped into VLAN 1. 279 00:14:24,820 --> 00:14:26,935 That is a bad situation. 280 00:14:26,935 --> 00:14:30,176 So that is why the native VLAN has to match. 281 00:14:30,176 --> 00:14:32,750 And in just a second, one of the reasons why I created 282 00:14:32,750 --> 00:14:35,569 this whole thing in GNS3, is because like I said in some of 283 00:14:35,569 --> 00:14:39,061 the earlier videos, GNS3 has Wireshark built into it, 284 00:14:39,061 --> 00:14:41,801 so we'll actually do a packet capture of some packets going 285 00:14:41,801 --> 00:14:44,030 across the trunk so I can show you what that tag 286 00:14:44,030 --> 00:14:46,176 actually looks like. 287 00:14:46,176 --> 00:14:49,309 So 802.1Q as you can see just by the fact it was created 288 00:14:49,309 --> 00:14:52,766 by the IEEE is a standard VLAN trunking. 289 00:14:52,766 --> 00:14:55,344 This is not a CISCO-proprietary method. 290 00:14:55,344 --> 00:14:59,511 So any switch should be able to suport 802.1Q trunking. 291 00:15:02,530 --> 00:15:05,656 And we've talked about all this. 292 00:15:05,656 --> 00:15:07,817 If you want to change the native VLAN, it is 293 00:15:07,817 --> 00:15:09,295 an interface command. 294 00:15:09,295 --> 00:15:11,326 So you would go into the interface that's your trunk, 295 00:15:11,326 --> 00:15:14,903 whatever interface fast ethernet 0/7 or whatever it is, 296 00:15:14,903 --> 00:15:19,070 and then you'd say switchport trunk navtive VLAN 99, 297 00:15:19,953 --> 00:15:21,172 like in my example. 298 00:15:21,172 --> 00:15:23,730 And both of us would have that in these interfaces that 299 00:15:23,730 --> 00:15:26,147 were connected to each other. 300 00:15:27,151 --> 00:15:32,043 Okay, so the simplest way to configure trunking is to 301 00:15:32,043 --> 00:15:33,978 go into the interface. 302 00:15:33,978 --> 00:15:38,829 And then say switchport trunk encapsulation dot1q. 303 00:15:38,829 --> 00:15:42,323 Now you might be wondering, "Well, why do I need that?" 304 00:15:42,323 --> 00:15:46,321 If 802.1Q is the way of adding tags, why do I 305 00:15:46,321 --> 00:15:48,071 have to specify that? 306 00:15:48,908 --> 00:15:53,809 The reason for that is CISCO a while ago, many many years 307 00:15:53,809 --> 00:15:57,234 ago actually came up with this idea of trunking before 308 00:15:57,234 --> 00:15:58,988 the IEEE did. 309 00:15:58,988 --> 00:16:01,027 And they had their own proprietary way of 310 00:16:01,027 --> 00:16:02,776 doing trunking called ISL. 311 00:16:02,776 --> 00:16:05,776 It stood for Inter-Switch Link, ISL. 312 00:16:06,669 --> 00:16:11,094 And the IEEE came up with, later on, 802.1Q. 313 00:16:11,094 --> 00:16:14,014 So there's some CISCO switches out there today, 314 00:16:14,014 --> 00:16:18,181 still quite a few of them, that support either ISL or 802.1Q 315 00:16:19,625 --> 00:16:22,580 And so if you're on a switch like that, you have to specify 316 00:16:22,580 --> 00:16:26,268 this command to let it know, I want you to do the IEEE way 317 00:16:26,268 --> 00:16:28,119 of doing 802.1Q. 318 00:16:28,119 --> 00:16:30,906 Now if you're on a switch that does not support that command 319 00:16:30,906 --> 00:16:32,358 let's say you're on a switch and you type in 320 00:16:32,358 --> 00:16:36,525 switchport trunk encapsulation ? and it says "unrecognized," 321 00:16:37,411 --> 00:16:38,844 well then you don't have to worry about it. 322 00:16:38,844 --> 00:16:41,709 That is a switch that is only doing 802.1Q. 323 00:16:41,709 --> 00:16:43,862 It doesn't even do ISL, so it's not even 324 00:16:43,862 --> 00:16:46,068 giving you that command. 325 00:16:46,068 --> 00:16:48,375 But it's just, sort of like I've been saying, there's 326 00:16:48,375 --> 00:16:50,589 certain things you should do in network, and it's just like 327 00:16:50,589 --> 00:16:52,128 a knee-jerk reaction, like write memory. 328 00:16:52,128 --> 00:16:55,180 Every time I make a change to my configuration write memory, 329 00:16:55,180 --> 00:16:58,392 save it, just get in the habit of doing that. 330 00:16:58,392 --> 00:17:00,851 Going on to an interface and before you leave it, 331 00:17:00,851 --> 00:17:03,426 doing no shutdown, just doing that by habit. 332 00:17:03,426 --> 00:17:06,439 You should do this also, whenever configuring a trunk 333 00:17:06,439 --> 00:17:08,406 just by habit you should type in 334 00:17:08,406 --> 00:17:11,553 switchpot trunk encapsulation dot1q 335 00:17:11,553 --> 00:17:14,746 If it doesn't recognize the command, nothing lost, 336 00:17:14,746 --> 00:17:18,665 no worries, it's just a good habit to get into. 337 00:17:18,665 --> 00:17:20,212 But then we have to change the mode. 338 00:17:20,212 --> 00:17:23,487 Here we type switchport mode trunk. 339 00:17:23,487 --> 00:17:25,625 And now that makes sure that this is operating 340 00:17:25,625 --> 00:17:26,958 as a VLAN trunk. 341 00:17:29,770 --> 00:17:32,593 Probably should do no shutdown, that's not in the slide here 342 00:17:32,593 --> 00:17:36,293 but once again, just as a habit, you should type no shutdown 343 00:17:36,293 --> 00:17:39,075 before you leave the interface. 344 00:17:39,075 --> 00:17:43,694 And there's a couple of ways that we can verify trunking. 345 00:17:43,694 --> 00:17:47,033 Show VLAN actually doesn't show you if an interface 346 00:17:47,033 --> 00:17:50,169 is a trunk, it just shows you what VLANs you've got. 347 00:17:50,169 --> 00:17:51,853 We looked at that in the previous video. 348 00:17:51,853 --> 00:17:55,686 The command that I use the most often to see, do I have 349 00:17:55,686 --> 00:17:57,981 any interfaces that are trunking and what interfaces 350 00:17:57,981 --> 00:18:00,986 are they, is show interface trunk. 351 00:18:00,986 --> 00:18:02,272 That's a command I use a lot. 352 00:18:02,272 --> 00:18:04,480 You can also use show interface status 353 00:18:04,480 --> 00:18:06,779 or show interface switchport. 354 00:18:06,779 --> 00:18:09,862 (quick, light tones)