About Me
Cisco Certified Network Professional (CCNP) - Enterprise
1 Introduction to Enterprise Networks
1-1 Enterprise Network Architecture
1-2 Network Design Principles
1-3 Network Security in Enterprise Environments
1-4 Network Management and Monitoring
2 Network Infrastructure
2-1 Cabling and Connectivity
2-2 Network Topologies
2-3 Network Devices (Switches, Routers, Firewalls)
2-4 Network Addressing (IP, Subnetting)
3 Switching Technologies
3-1 Layer 2 Switching
3-2 VLANs and Trunking
3-3 Spanning Tree Protocol (STP)
3-4 EtherChannel and Link Aggregation
3-5 Virtual Switching Systems (VSS)
4 Routing Technologies
4-1 Static Routing
4-2 Dynamic Routing Protocols (RIP, EIGRP, OSPF, BGP)
4-3 Route Redistribution and Filtering
4-4 IPv6 Routing
4-5 Policy-Based Routing (PBR)
5 Network Automation and Programmability
5-1 Introduction to Network Automation
5-2 Python for Network Automation
5-3 RESTful APIs and NETCONFYANG
5-4 Ansible for Network Automation
5-5 Network Programmability with Cisco DNA Center
6 Network Security
6-1 Network Security Fundamentals
6-2 Access Control Lists (ACLs)
6-3 Intrusion Detection and Prevention Systems (IDSIPS)
6-4 Virtual Private Networks (VPNs)
6-5 Firewalls and Security Zones
7 Wireless Networking
7-1 Wireless LAN Fundamentals
7-2 Wireless Security Protocols (WPA, WPA2, WPA3)
7-3 Wireless Site Surveys
7-4 Wireless Network Design
7-5 Wireless Network Management
8 Network Services
8-1 DHCP and DNS
8-2 Network Time Protocol (NTP)
8-3 Quality of Service (QoS)
8-4 Network Address Translation (NAT)
8-5 Network Management Protocols (SNMP, Syslog)
9 Network Troubleshooting
9-1 Troubleshooting Methodologies
9-2 Common Network Issues
9-3 Troubleshooting Tools (Ping, Traceroute, Wireshark)
9-4 Troubleshooting Wireless Networks
9-5 Troubleshooting Security Issues
10 Enterprise Network Design
10-1 Network Design Models (Hub-and-Spoke, Mesh)
10-2 Network Redundancy and High Availability
10-3 Network Scalability and Performance
10-4 Network Documentation and Diagrams
10-5 Case Studies and Real-World Scenarios
3.2 VLANs and Trunking

3.2 VLANs and Trunking

Key Concepts

Virtual LANs (VLANs)

VLANs are a method of creating separate logical networks within a single physical network. Each VLAN acts as an independent broadcast domain, meaning that devices within one VLAN cannot communicate directly with devices in another VLAN without routing. VLANs are configured on switches to segment the network based on factors such as department, function, or security requirements.

Example: Imagine a large office building where each floor represents a different department (e.g., HR, IT, Sales). Each floor has its own VLAN, so employees on one floor cannot access the resources of another floor without proper authorization. This segmentation enhances security and performance.

Trunking

Trunking is a method used to carry multiple VLANs over a single physical link between switches or between a switch and a router. A trunk link allows data from different VLANs to be transmitted over the same physical connection while maintaining their VLAN identities. This is achieved using protocols like IEEE 802.1Q, which tags each frame with a VLAN ID.

Example: Think of a trunk as a multi-lane highway where each lane represents a different VLAN. Cars (data packets) from different lanes (VLANs) can travel on the same highway (trunk link) but are tagged with a specific lane number (VLAN ID) to ensure they reach their correct destination.

Conclusion

Understanding VLANs and Trunking is crucial for designing and managing scalable and secure enterprise networks. VLANs allow for logical segmentation of the network, enhancing security and performance, while Trunking enables efficient use of physical links by carrying multiple VLANs over a single connection. By mastering these concepts, network professionals can create flexible and robust network architectures.

© 2024 Ahmed Baheeg Khorshid. All rights reserved.