About Me
MikroTik Certified Switching Engineer (MTCSWE)
1 Introduction to Networking
1-1 Basic Networking Concepts
1-2 OSI Model
1-3 TCPIP Model
1-4 Network Devices
2 MikroTik RouterOS Basics
2-1 Introduction to RouterOS
2-2 RouterOS Interface Types
2-3 Basic Configuration
2-4 User Management
2-5 System Logging
3 Switching Fundamentals
3-1 Introduction to Switching
3-2 MAC Addresses
3-3 Ethernet Frame Structure
3-4 VLAN Basics
3-5 Trunking and Inter-VLAN Routing
4 MikroTik SwitchOS Basics
4-1 Introduction to SwitchOS
4-2 SwitchOS Interface Types
4-3 Basic Configuration
4-4 User Management
4-5 System Logging
5 VLAN Configuration
5-1 VLAN Creation and Configuration
5-2 VLAN Trunking Protocol (VTP)
5-3 Inter-VLAN Routing
5-4 VLAN Security
6 Spanning Tree Protocol (STP)
6-1 Introduction to STP
6-2 STP Operation
6-3 Rapid Spanning Tree Protocol (RSTP)
6-4 Multiple Spanning Tree Protocol (MSTP)
6-5 STP Configuration
7 Link Aggregation
7-1 Introduction to Link Aggregation
7-2 Link Aggregation Control Protocol (LACP)
7-3 Static Link Aggregation
7-4 Link Aggregation Configuration
8 Quality of Service (QoS)
8-1 Introduction to QoS
8-2 QoS Models
8-3 Traffic Shaping and Policing
8-4 QoS Configuration
9 Security Features
9-1 Introduction to Network Security
9-2 Port Security
9-3 Access Control Lists (ACLs)
9-4 DHCP Snooping
9-5 Dynamic ARP Inspection (DAI)
10 Advanced Switching Topics
10-1 Layer 3 Switching
10-2 Multicast Routing
10-3 Link Layer Discovery Protocol (LLDP)
10-4 Power over Ethernet (PoE)
11 Troubleshooting and Maintenance
11-1 Common Switching Issues
11-2 Troubleshooting Tools
11-3 Switch Maintenance
11-4 Backup and Restore
12 MikroTik Certification Exam Preparation
12-1 Exam Overview
12-2 Study Tips
12-3 Practice Questions
12-4 Exam Registration and Scheduling
5.1 VLAN Creation and Configuration Explained

5.1 VLAN Creation and Configuration Explained

1. VLAN Creation

VLAN (Virtual Local Area Network) creation involves defining a new VLAN on a network switch. This process requires specifying a unique VLAN ID, which is a number between 1 and 4094. The VLAN ID is essential for identifying and segregating traffic belonging to different VLANs.

Example: To create a VLAN for the HR department with ID 10, you would use the command /interface vlan add name=HR_VLAN vlan-id=10. This command creates a new VLAN interface named "HR_VLAN" with the VLAN ID 10.

2. VLAN Configuration

VLAN configuration involves assigning physical or logical interfaces to a specific VLAN. This ensures that traffic from devices connected to these interfaces is tagged with the appropriate VLAN ID. Configuration can be done on access ports (single VLAN) or trunk ports (multiple VLANs).

Example: Suppose you have a switch with four Ethernet ports. You can configure Port 1 as an access port for the HR VLAN (VLAN 10) using the command /interface ethernet set [interface] vlan-mode=access vlan-id=10. This ensures that all traffic from devices connected to Port 1 is tagged with VLAN 10.

3. VLAN Tagging

VLAN tagging is the process of adding a VLAN tag to Ethernet frames. This tag contains the VLAN ID, allowing network devices to identify and route traffic to the correct VLAN. VLAN tagging is essential for managing traffic in networks with multiple VLANs.

Example: When a device sends data to another device in a different VLAN, the switch adds a VLAN tag to the Ethernet frame. The receiving switch reads the VLAN tag and routes the frame to the appropriate VLAN, ensuring that traffic is isolated and managed correctly.

4. VLAN Trunking

VLAN trunking is a method used to carry multiple VLANs over a single physical link. This is essential for connecting switches in a network, allowing them to communicate across different VLANs without the need for multiple physical connections. Trunk ports are configured to carry traffic for multiple VLANs.

Example: Suppose you have two switches in your network, each managing different VLANs. By configuring a trunk port between the two switches, you can ensure that traffic for all VLANs is transmitted efficiently without the need for multiple physical connections.

5. VLAN Membership

VLAN membership defines which interfaces are members of a specific VLAN. This ensures that only designated interfaces can communicate within the VLAN. VLAN membership can be configured on both access ports and trunk ports.

Example: In a corporate office, each department might have its own VLAN. Computers in the HR department would be connected to an access port configured for the HR VLAN, ensuring that they can only communicate with other HR devices within the same VLAN.

© 2024 Ahmed Baheeg Khorshid. All rights reserved.