Table of Contents
- About the Author
- About the Technical Reviewers
- Chapter 1. Switching Connectivity
- Chapter 2. VLAN Operations
- Chapter 3. Trunking and Bandwidth Aggregation
- Chapter 4. Spanning Tree
- Chapter 5. Inter-VLAN Routing
- Chapter 6. Layer 3 Switching
- Chapter 7. Multicast Routing and Switching
- Chapter 8. Traffic Filtering and Security
- Chapter 9. Quality of Service
- Chapter 10. Maintenance, Monitoring, and Troubleshooting
- Chapter 11. Comprehensive Switching Self-Study Lab
- Appendix A. Comprehensive Switching Self-Study Lab Part I Solution
- Appendix B. Comprehensive Switching Self-Study Lab Part II Solution
Scenario 2-5: Configuring Extended-Range VLANs
Historically, Cisco Catalyst switches have supported only up to 1024 VLANs, with this number being derived from the 10-bit VLAN ID field included in Cisco's original trunking protocol, ISL. 802.1Q is the standards-based trunking protocol defined by the IEEE and is now the recommended trunking protocol for Cisco switched networks. 802.1Q includes a 12-bit VLAN ID field, which means that 802.1Q supports up to 4096 VLANs. Cisco refers to the VLANs between 1025 and 4096 as extended-range VLANs.
Cisco Catalyst switches support extended-range VLANs under the following restrictions:
- VTP cannot be used for VLAN management. In other words, VTP must be configured in transparent mode or off.
- Only Ethernet VLANs are supported.
- The spanning-tree extended system ID feature (also known as MAC address reduction) must be enabled, as the most MAC addresses that are allocated to Catalyst switches is 1024 (see Chapter 4, "Spanning Tree," for more details).
- When configuring extended-range VLANs, always use the highest numbers first because some Catalyst switch modules use VLANs from the lower portion of the extended VLAN range for internal use (e.g., the Catalyst 6000 FlexWAN module allocates VLANs for internal use starting from 1025 for ports on the FlexWAN module).
To create extended-range VLANs, you must perform the following configuration tasks:
- Disable VTP
- Enable MAC address reduction
- Create extended-range VLANs
This scenario continues on from the previous scenarios. In Scenario 2-2, you disabled VTP by configuring a VTP mode of off for Switch-A and a VTP mode of transparent for Switch-B. Since you have already met that VTP requirement for configuring extended-range VLANs, the configuration task of disabling VTP is not presented again in the following sections.
Enabling MAC Address Reduction
On both switches, you must enable MAC address reduction before you can create extended VLANs. An explanation of MAC address reduction is outside the scope of this chapter and is discussed in Chapter 4. For now, understand that MAC address reduction removes the requirement for a switch to possess a unique MAC address per VLAN, meaning a switch does not require 4096 MAC addresses to be allocated to support 4096 VLANs.
On CatOS, MAC address reduction is disabled by default, so you must explicitly enable it to configure extended-range VLANs. To enable MAC address reduction, you use the set spantree macreduction command, as demonstrated in Example 2-29 on Switch-A.
Example 2-83. Enabling MAC Address Reduction on Switch-A
Switch-A> (enable) set spantree macreduction enable MAC address reduction enabled
On Cisco IOS switches, MAC address reduction is enabled by default for switches with limited MAC addresses (e.g., the Catalyst 3550), but is disabled by default for switches with large numbers of MAC addresses (e.g., Catalyst 6000 running native IOS). To enable MAC address reduction (also referred to as extended system ID on Cisco IOS), use the spanning-tree extend system-id global configuration command, as demonstrated in Example 2-30 on Switch-A.
Example 2-84. Enabling MAC Address Reduction on Switch-B
Switch-B(config)# spanning-tree extend system-id
Creating Extended-Range VLANs
Once you have disabled VTP and enabled MAC address reduction, you can create extended-range VLANs. Creating these VLANs is no different than creating standard VLANs, you just simply specify a VLAN ID in the range of 1025 to 4095. Remember that you should avoid using the lower extended VLAN range; use higher VLAN IDs first.
Example 2-31 demonstrates creating VLAN 4000 on Switch-A and assigning port 2/3 to the new VLAN.
Example 2-85. Creating an Extended-Range VLAN on Switch-A
Switch-A> (enable) set vlan 4000 name EXTENDED VTP advertisements transmitting temporarily stopped, and will resume after the command finishes. Not allowed to set name for extended range of vlans. Switch-A> (enable) set vlan 4000 2/3 Vlan 4000 configuration successful VLAN 4000 modified. VLAN 10 modified. VLAN Mod/Ports ---- ----------------------- 4000 2/3
Notice that you cannot configure a name for an extended-range VLAN, as indicated by the shaded line. Example 2-32 shows the output of the show vlan command after the new VLAN has been created.
Example 2-86. Displaying Extended-Range VLANs
Switch-A> (enable) show vlan VLAN Name Status IfIndex Mod/Ports, Vlans ---- -------------------------------- --------- ------- ------------------------ 1 default active 4 2/1-2,2/4-50 10 Engineering active 59 2/1-2,2/4-16 20 Sales active 60 2/17-32 30 Marketing active 61 2/33-48 1002 fddi-default active 5 1003 token-ring-default active 8 1004 fddinet-default active 6 1005 trnet-default active 7 4000 VLAN4000 active 62 2/3 ... <output truncated>
To configure extended-range VLANs on Cisco IOS, you must use global configuration mode to create extended-range VLANs; you cannot use VLAN database configuration mode. Example 2-33 demonstrates creating VLAN 4000 on Switch-B and assigning interface fa0/3 to the new VLAN.
Example 2-87. Creating an Extended-Range VLAN on Switch-B
Switch-B# configure terminal Switch-B(config)# vlan 4000 Switch-B(config-vlan)# name EXTENDED Can't modify name for extended VLAN 4000. Switch-B(config-vlan)# exit Switch-B(config)# interface fastEthernet0/3 Switch-B(config-if)# switchport access vlan 400
Notice that you also cannot configure a name for an extended-range VLAN on Cisco IOS, as indicated by the shaded line.