VLAN Workshop. Presenter: Paul Eriksson. VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 1



Similar documents
TotalCloud Phone System

VLAN in MikroTik. By Mohammed Khomeini Bin ABU MUM Indonesia, 2013

Switching in an Enterprise Network

BLADE PVST+ Spanning Tree and Interoperability with Cisco

Abstract. MEP; Reviewed: GAK 10/17/2005. Solution & Interoperability Test Lab Application Notes 2005 Avaya Inc. All Rights Reserved.

BRI to PRI Connection Using Data Over Voice

Configure IOS Catalyst Switches to Connect Cisco IP Phones Configuration Example

Lab Use Network Inspector to Observe STP Behavior

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

CT5760 Controller and Catalyst 3850 Switch Configuration Example

CCT vs. CCENT Skill Set Comparison

What is VLAN Routing?

Management Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version Rev.

IP Routing Between VLANs

Course Contents CCNP (CISco certified network professional)

Cisco Certified Network Associate Exam. Operation of IP Data Networks. LAN Switching Technologies. IP addressing (IPv4 / IPv6)

MPLS for ISPs PPPoE over VPLS. MPLS, VPLS, PPPoE

Deployment Guide: Cisco Guest Access Using the Cisco Wireless LAN Controller

The Use of Mikrotik Router Boards With Radius Server for ISPs.

Installation of the On Site Server (OSS)

Lab 3.5.1: Basic VLAN Configuration (Instructor Version)

Configuring EtherChannel and 802.1Q Trunking Between Catalyst L2 Fixed Configuration Switches and Catalyst Switches Running CatOS

Configuring InterVLAN Routing and ISL/802.1Q Trunking on Catalyst 2900XL/3500XL/2940/2950/2970 Series Switches Using an External Router

Table of Contents. Cisco Using the Cisco IOS Firewall to Allow Java Applets From Known Sites while Denying Others

Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide. Revised February 28, :32 pm Pacific

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches

How To Configure InterVLAN Routing on Layer 3 Switches

Objectives. The Role of Redundancy in a Switched Network. Layer 2 Loops. Broadcast Storms. More problems with Layer 2 loops

Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance

CHAPTER 10 LAN REDUNDANCY. Scaling Networks

Performance Evaluation of Linux Bridge

Welcome to Todd Lammle s CCNA Bootcamp

Fundamentals of Switching

Brocade to Cisco Comparisons

Relaying DHCP Packets to a Remote Server

VLANs. Application Note

Felix Rohrer. PT Activity 7.5.3: Troubleshooting Wireless WRT300N. Topology Diagram

WISP 101. The DO s and DON T s of becoming a Wireless ISP

ICND IOS CLI Study Guide (CCENT)

Chapter 7 Lab 7-1, Configuring Switches for IP Telephony Support

Apple Airport Extreme Base Station V4.0.8 Firmware: Version 5.4

Overview of Routing between Virtual LANs

CCNA Exploration 4.0: ESwitching Basic Switching / Wireless PT Practice SBA. Switch S1 S1#sh ru Building configuration...

Configuration Professional: Site to Site IPsec VPN Between Two IOS Routers Configuration Example

- Virtual LANs (VLANs) and VTP -

Lab 7-1 Configuring Switches for IP Telephony Support

Objectives. Explain the Role of Redundancy in a Converged Switched Network. Explain the Role of Redundancy in a Converged Switched Network

Cisco Networking Professional-6Months Project Based Training

Migrate from Cisco Catalyst 6500 Series Switches to Cisco Nexus 9000 Series Switches

AT-S60 Version Management Software for the AT-8400 Series Switch. Software Release Notes

CORPORATE NETWORKING

Copyright 2008 Link Technologies,Inc. A Proud Vendor Member of the

CHAPTER 6 DESIGNING A NETWORK TOPOLOGY

VLAN 802.1Q. 1. VLAN Overview. 1. VLAN Overview. 2. VLAN Trunk. 3. Why use VLANs? 4. LAN to LAN communication. 5. Management port

Cisco - Configure the 1721 Router for VLANs Using a Switch Module (WIC-4ESW)

Configuring DHCP Snooping

MikroTik Training Module Understanding VLAN Translation/Rewrites using Switches and Routers

Understanding VLAN Translation/Rewrites using Switches and Routers

Juniper Networks EX Series/ Cisco Catalyst Interoperability Test Results. May 1, 2009

Table of Contents. Cisco Configuring IPSec Cisco Secure VPN Client to Central Router Controlling Access

Cisco Certified Network Associate (CCNA) 120 Hours / 12 Months / Self-Paced WIA Fee: $

VMware ESX Server Q VLAN Solutions W H I T E P A P E R

P and FTP Proxy caching Using a Cisco Cache Engine 550 an

Basic Wireless Configuration

Configuring a Cisco 2509-RJ Terminal Router

IT-AD08: ADD ON DIPLOMA IN COMPUTER NETWORK DESIGN AND INSTALLATION

Troubleshooting an Enterprise Network

Lab Organizing CCENT Objectives by OSI Layer

Network Detector Setup and Configuration

Catalyst Layer 3 Switch for Wake On LAN Support Across VLANs Configuration Example

Dynamic LACP Trunking

Interconnecting Cisco Networking Devices Part 2

HP0-Y30: IMPLEMENTING HP NETWORKING TECHNOLOGIES

Cisco CCNA Exam

How to Configure Web Authentication on a ProCurve Switch

Lab Creating a Network Map using CDP Instructor Version 2500

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

Abstract. Avaya Solution & Interoperability Test Lab

Device Interface IP Address Subnet Mask Default Gateway

JOB READY ASSESSMENT BLUEPRINT COMPUTER NETWORKING FUNDAMENTALS - PILOT. Test Code: 4514 Version: 01

RESILIENT NETWORK DESIGN

LANs and VLANs A Simplified Tutorial

CAPsMAN Case Study. Uldis Cernevskis MikroTik, Latvia. MUM Pittsburgh September 2014

GregSowell.com. Mikrotik Basics

Local Area Networking technologies Unit number: 26 Level: 5 Credit value: 15 Guided learning hours: 60 Unit reference number: L/601/1547

Configuring the Transparent or Routed Firewall

Juniper / Cisco Interoperability Tests. August 2014

A New Approach to Developing High-Availability Server

How To Understand and Configure Your Network for IntraVUE

Switching Basics and Intermediate Routing CCNA 3 Labs and Study Guide Allan Johnson

LAN-Cell to Cisco Tunneling

Configuring the Cisco Secure PIX Firewall with a Single Intern

16-PORT POWER OVER ETHERNET WEB SMART SWITCH

PIX/ASA 7.x and above : Mail (SMTP) Server Access on Inside Network Configuration Example

Configuring the Switch with the CLI-Based Setup Program

Brest. Backup : copy flash:ppe_brest1 running-config

Hosting more than one FortiOS instance on. VLANs. 1. Network topology

IP Routing in a RIP Network

AlliedWare Plus OS How To Configure interoperation between PVST+ and RSTP or MSTP

How To Learn Cisco Cisco Ios And Cisco Vlan

Transcription:

VLAN Workshop. Presenter: Paul Eriksson VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 1

About this presentation A seed from the forum by Randy (Graham)?: http://forum.mikrotik.com/viewtopic.php?f=2&t=24352 This Workshop could last for hours..., but there is only 45 min. VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 2

RoamingNet Sweden. About the company Helps organizations to increase the ROI in networking. Designing and deployment of wired and wireless networks. Network analysis and problem solving. Project managing. Worldwide support for different clients in different countries. Cooperates with Roamingwire Inc. VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 3

About me Have a technical degree as a Electric Engineer Been in networking since 1989. Senior networking consultant Certified MikroTik network consultant. (MTCZ0016). Certified MikroTik Trainer. (TR0027). VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 4

Topics Why VLANs.? Brief Ethernet fundamentals. Brief VLAN fundamentals Switch configurations. How VLANs are built in MikroTik RouterOS. VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 5

Topics How VLANs are built in a wireless environment. Demo system. Summary. Questions. VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 6

Why VLANs Segment traffic, Tripple Play Limiting broadcast domains Provide unique traffic shaping opportunities (firewall, QoS, etc.) Secure the network Provide remote maintenance without interfering with the running network. VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 7

Why VLANs Providing a single HotSpot model VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 8

Ethernet fundamentals The two types of Ethernet frames used in networking are similar. The DIX V2.0 frame, frequently referred to as the Ethernet II frame, and the IEEE 802.3 frame. Both providing OSI level 3 with the needed data field. This field is also sometimes referred to as the MTU size of the packet. VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 9

VLAN fundamentals VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 10

VLAN fundamentals 802.1Q working group provided a VLAN standard that inserts a four byte tag into a standard Ethernet frame. Since 802.1Q arrived more then 20 years after the invention of Ethernet, there are plenty of VLAN unaware devices. There still are lots of NICs that do not support the 4 byte extra field. These devices are not suitable for VLAN tagging because the MTU (layer 3 packet ) size needs to be limited. VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 11

Switch configurations There are two different types of switch ports. Edge ports: (Untagged, Cisco: Access Port) A switch port is configured to be part of a VLAN without sending the 4 byte tag. Used with VLAN unaware devices i.e client computer, printer. Core port: (Tagged, Cisco: Trunk Port) A switch port is configured to send out the 4 byte tag. Used with VLAN aware devices i.e switches, routers and servers. VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 12

Switch configurations Core switches interconnect with other switches. Edge switches connects to the core and to client computers, printers and other non VLAN aware devices. VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 13

How VLANs are built in RouterOS Commands: /interface bridge add name=br2 /interface bridge port add bridge=br2 interface=ether2 /interface bridge port add bridge=br2 interface=ether3 /interface vlan add name=br2 vl2 interface=br2 vlan id=2 disabled=no But now we cannot use untagged interfaces in the VLAN VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 14

How VLANs are built in a wireless environment. Create a WDS interface on both ends. Wlan2 Wlan1 Wlan1 Wlan2 Add the WDS interface into the bridge. Ether1 Ether1 VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 15

How VLANs are built in a wireless environment. Commands: /interface wireless wds add name=wds mt2 master interface=wlan1 wdsaddress=01:02:03:04:05:06 disabled=no /interface bridge port add bridge=br2 interface=wds rt rnet 02 VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 16

STP and RSTP The problems with multiple bridge and STP/RSTP seem to caused of un mature linux kernel 2.6 software. The configuration works well, but the RSTP PVST (PVST=Per VLAN Spanning Tree), meaning Per Bridge Spanning Tree in ROS function would be great. Support for MST 802.1s Multiple Spanning Tree are needed. VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 17

Demo network The network are built with: 2 RouterBoard 532A 1 Cisco Catalyst 2950 (SW RNET 01) 1 HP Procurve 2512 (SW RNET 02) There is one main switch network (SW SW GE) and tree redundant networks (SW SW FE), (RT RT Cable) and (RT RT WDS) Test traffic from LAP RNET 01 to LAP RNET 02 VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 18

Demo network VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 19

VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 20

VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 21

SW SW GE cable disconnected VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 22

SW SW FE disconnected VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 23

RT RT Cable disconnected VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 24

Configuration of RT RNET 01 #Script for configuring the Mikrotik to have one single bridge and create the VLAN ontop of that bridge. /sys id set name=rt RNET 01 #Set up wireless /int wire set wlan1 mode ap country="czech republic" band=5ghz hide yes wds mode static disabled no /int wire wds add master wlan1 name=wds rt rnet 02 wds address=00:0c:42:05:aa:b5 /int wire acc add auth yes forw yes int wlan1 mac=00:0c:42:05:aa:b5 #Adding the bridges /int br add name br2 prot rstp pri 0xffff #Adding interfaces to the bridges /int br po add bridge br2 int ether2 path 10000 /int br po add bridge br2 int ether3 path 30000 /int br po add bridge br2 int wds rt rnet 02 path 40000 #Adding the VLAN interfaces /int vlan add name br2 vl2 int br2 vlan 2 dis no /int vlan add name br2 vl5 int br2 vlan 5 dis no /int vlan add name br2 vl10 int br2 vlan 10 dis no #Adding an mgmt IP /ip addr add add 172.30.99.1/24 int br2 vl2 #Setup SNMP /snmp set contact=noc@roamingnet.com enabled=yes location="prag MuM 2009" VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 25

Configuration of RT RNET 02 #Script for configuring the Mikrotik to have one single bridge and create the VLAN ontop of that bridge. /sys id set name=rt RNET 02 #Set up wireless /int wire set wlan1 mode ap country="czech republic" band=5ghz hide yes wds mode static disabled no /int wire wds add master wlan1 name=wds rt rnet 01 wds address=00:0c:42:05:aa:b0 disabled no /int wire acc add auth yes forw yes int wlan1 mac=00:0c:42:05:aa:b0 #Adding the bridges /int br add name br2 prot rstp pri 0xffff #Adding interfaces to the bridges /int br po add bridge br2 int ether2 path 10000 /int br po add bridge br2 int ether3 path 30000 /int br po add bridge br2 int wds rt rnet 01 path 40000 #Adding the VLAN interfaces /int vlan add name br2 vl2 int br2 vlan 2 dis no /int vlan add name br2 vl5 int br2 vlan 5 dis no /int vlan add name br2 vl10 int br2 vlan 10 dis no #Adding an mgmt IP /ip addr add add 172.30.99.2/24 int br2 vl2 #Setup SNMP /snmp set contact=noc@roamingnet.com enabled=yes location="prag MuM 2009" VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 26

Configuration of SW RNET 01 SW RNET 01#sho conf Using 2181 out of 32768 bytes version 12.1 no service pad service timestamps debug uptime service timestamps log uptime no service password encryption hostname SW RNET 01 enable secret 5 xxxxxxxxxxxxxxxxxxxxxxxxxxx ip subnet zero ip ssh time out 120 ip ssh authentication retries 3 vtp mode transparent spanning tree mode mst no spanning tree optimize bpdu transmission spanning tree extend system id vlan 2 name mgmt vlan 5 name ISP 1 vlan 10 name ISP 2 vlan 97 interface FastEthernet0/1 switchport trunk allowed vlan 1,2,5,10 switchport mode trunk spanning tree cost 10000 interface FastEthernet0/2 switchport trunk allowed vlan 2,5,10 switchport mode trunk spanning tree cost 10000 interface FastEthernet0/3 interface FastEthernet0/4 interface FastEthernet0/5 interface FastEthernet0/6 interface FastEthernet0/7 interface FastEthernet0/8 interface FastEthernet0/9 interface FastEthernet0/10 interface FastEthernet0/11 interface FastEthernet0/12 interface FastEthernet0/13 interface FastEthernet0/14 interface FastEthernet0/15 interface FastEthernet0/16 interface FastEthernet0/17 interface FastEthernet0/18 interface FastEthernet0/19 interface FastEthernet0/20 interface FastEthernet0/21 interface FastEthernet0/22 interface FastEthernet0/23 interface FastEthernet0/24 interface GigabitEthernet0/1 switchport trunk allowed vlan 2,5,10 switchport mode trunk spanning tree cost 1000 interface GigabitEthernet0/2 switchport trunk allowed vlan 1,2,5,10 switchport mode trunk interface Vlan1 no ip address no ip route cache shutdown interface Vlan2 ip address 172.30.99.11 255.255.255.0 no ip route cache interface Vlan5 no ip address no ip route cache shutdown interface Vlan10 no ip address no ip route cache shutdown ip http server snmp server community public RO snmp server location Prag MuM 2009 snmp server contact noc@roamingnet.com line con 0 line vty 0 4 password RoamingNet login line vty 5 15 password RoamingNet login end VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 27

Configuration of SW RNET 02 Startup configuration: ; J4812A Configuration Editor; Created on release #F.05.69 hostname "SW RNET 02" snmp server contact "noc@roamingnet.com" snmp server location "Prag MuM 2009" max vlans 16 cdp run snmp server community "public" Unrestricted vlan 1 name "DEFAULT_VLAN" forbid 1 2,13 untagged 5 12,14 no ip address no untagged 1 4,13 exit vlan 2 name "mgmt" ip address 172.30.99.12 255.255.255.0 tagged 1 2,5 6,12 13 exit vlan 5 name "ISP 1" untagged 3 4 tagged 1 2,5 6,12 13 exit vlan 10 name "ISP 2" tagged 1 2,5 6,12 13 exit management vlan 2 no aaa port access authenticator active spanning tree spanning tree priority 5 spanning tree 13 path cost 1000 spanning tree 1 4 path cost 10000 password manager password operator exit VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 28

Summary VLANs segments the broadcast domain. VLANs helps you secure the network. For VLAN in wireless networks, create WDS connections first, then layer on the VLAN Spanning Tree can only be used on bridges with physical and WDS interfaces. Support for MST 802.1s (Multiple Spanning Tree) is a need if different pathcosts on physical and VLAN interfaces shall be used. VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 29

Thank You Paul Eriksson Mobile: +46706210055 email: periksson@roamingnet.com Fax: +46696129010 CV: http://www.linkedin.com/in/periksson VLAN Workshop 2009 RoamingNet Sweden (www.roamingnet.com) 30

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information