From 2566897246177dbb838ee06c39093b4139ce6b03 Mon Sep 17 00:00:00 2001 From: shango-wk Date: Sat, 9 May 2026 23:50:57 +0200 Subject: [PATCH] ajout VLAN (part1) brouillon --- 16. VLAN (Part 1).md | 85 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 85 insertions(+) create mode 100644 16. VLAN (Part 1).md diff --git a/16. VLAN (Part 1).md b/16. VLAN (Part 1).md new file mode 100644 index 0000000..dfc7a32 --- /dev/null +++ b/16. VLAN (Part 1).md @@ -0,0 +1,85 @@ +--- +id: 16. VLAN (Part 1) +aliases: [] +tags: [] +--- + +# VLAN (Part 1) + +## What is a [[LAN]]? + +Previously i said that a LAN is a group of devices (PCs, servers, routers, switches) in a single +location (home office, etc.) + +A more specific definition: A LAN is a single [[broadcast domain]], including all devices in that +broadcast domain. + +## Broadcast domains + +A broadcast domain is the group of devices which will receive a broadcast frame (destination [[MAC]] +FFFF.FFFF.FFFF) sent by any one of the members. + +Perfomance: lots of unnecessary broadcast traffic can reduce network performance +Security : Even within the same office you want to limit who has access to what. You can apply +security policies on a [[router]]/[[firewall]] + +Because this is one LAN, PCs can reach each other directly, without traffic passing through the router +So even if you configure security policies, they won't have any effect. + +Although we separated the three departments into three subnets ([[OSI|Layer 3]]), they are still in +the same broadcast domain ([[OSI|Layer 2]]) + +## What is a [[VLAN]] + +A [[switch]] will not forward traffic between VLANs, including broadcast/unknown unicast traffic + +- VLANs are configured on switches on a **per-interface** basis. +- logically separate end hosts at Layer 2. + +The switch does not perform inter-Vlan routing. It must send the traffic through the router + +### VLAN configuration + +to display all the VLAN's available you can do the command + +```Cisco +SW1#show vlan brief +``` + +By default all interfaces are set to VLAN 1 + +But VLANs1, 10002-1005 exist by default and *cannot be deleted* + +to assign interfaces to a VLAN + +```Cisco +SW1(config)#interface range g1/0 - 3 +SW1(config)#switchport mode access +SW1(config)#switchport access vlan 10 +% Access VLAN does not exist. Creating vlan 10 +``` + +An access port is a switchport which belongs to asingle VLAN, and usually connects to end hosts +like PCs + +Switchports which carry multiple VLANs are called 'trunk ports' (More information on trunks in +the next lesson) + +You can change the name of the VLAN with the command : + +```Cisco +SW1(config)#vlan 10 +SW1(config-vlan)#name ENGINEERING +``` + +This Commang creates a VLAN. +(In this case it was already automatically created when we assigned the interfaces) + +## Review + +- What is a (LAN)? +- Broadcast domains +- What is a Vlan +- What is the purpose of VLANs? +- How to configure VLANs on Cisco switches +