Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Broadcast and Vlan

Hi 

 

Broadcasts and IP networks are not limited to VLANs. Then why we would say vlans  are separate broadcast domains 

 

Thanks 

16 REPLIES
VIP Super Bronze

Hi,

Hi, you can have multiple subnets in one vlan by using a secondary address, but that is not a very common. Most common designs use one subnet per vlan and in this case each vlan is a separate broadcast domain HTH
New Member

 vlan id 5 and vlan 10 assign


 vlan id 5 and vlan 10 
assign one port in vlan 5 and another port in vlan 10 ,
assign ip address 192.168.1.1  and 192.168.1.2, they will communicate 
why is that ?

 

They should not communicate

They should not communicate if your VLANs are not interconnected somewhere.

 

How is your switch configured in details?

 

Best regards,

Milan
 

New Member

There is no routing  between

There is no routing  between the vlans , and there is no ip address assigned to the vlan interface 

In that case I believe there

In that case I believe there might be some port in VLAN5 connected by a cable to other port in VLAN10 somewhere.

Don't you see the MAC addresses assigned to 192.168.1.1 and 192.168.1.2 in both VLANs?

 


 

New Member

Yes i can see , The thing is

Yes i can see , The thing is i was not clear about  how a vlan separating a broadcast domain ?

If you can see both MACs in

If you can see both MACs in both VLANs, it's another symptom your VLANs are interconnected somewhere.

Try to create a new VLAN and assign one of the PCs to it (no other port).

You will not be able to Ping from that PC to the other then!


 

VLAN separate broadcast easy way: No frame from one VLAN (including broadcasts) is forwarded to other VLANs.


 

Best regards,

Milan


 

New Member

Hi Thanks for your reply , i

Hi 

Thanks for your reply , i think i could not make clear the question . 

What i understand vlan separate broadcast domain . PC A is in vlan5 , pc b is in vlan 6 . but both are in the same network . from PC -A i can PING PC-B .i can ping broadcast address 192.168.1.255 , from PC-B i ll get reply . Maybe the question is very dump . Please help 

Please find the attached topology 

Hi, I still think this should

Hi,

 

I still think this should not happen.

Are there any other devices connected to the same switch?

Can you provide the switch config?

 

Best regards,

Milan
 

New Member

Hi milan Sorry for the wrong

Hi milan 

Sorry for the wrong  attachment , i have corrected it . Please check it 

Hi, let me ask one simple

Hi,


 

let me ask one simple question then:

How is the connection between your switches configured?

As you say: "All ports are in VLAN5" on the first switch and "All ports are in VLAN6" on the second switch, does that mean there is no trunk configured to connect the switches together?

And simply one access port in VLAN5 on the first switch is connected by a cable to one port in VLAN6 on the second switch?

That would explain everything: As the access ports don't tag the frames with any VLAN tag, you have created one common VLAN5-6 this way!


 

Just change the ports which are connecting the switches together into trunks and you will not be able to Ping from one PC to the other anymore!


 

Best regards,

Milan

 

New Member

"All ports are in VLAN5" on

"All ports are in VLAN5" on the first switch and "All ports are
in VLAN6" on the second switch, does that mean there is no trunk configured
to connect the switches together?

yes


And simply one access port in VLAN5 on the first switch is connected by a
cable to one port in VLAN6 on the second switch?

yes 

That would explain everything: As the access port don't tag the frames with
any VLAN tag, you have created one common VLAN5-6 this way!


Does it mean broadcasts are not limited to vlans ?

Broadcasts ARE limited to

Broadcasts ARE limited to VLANs.

But you are creating one big VLAN here!

Let me explain once more:

From the first switch point of view:

All ports are within VLAN5. So a broadcast received on one port is sent out to all other ports.

One of the ports is physically connected to the second switch. As all ports on the second switch are assigned to VLAN6 on the second switch, it simply receives the broadcast from the first switch and forwards it to all ports within the same VLAN to which the ports which received the broadcast belongs to (VLAN 6).

The switches are having no chance to realize YOU have connected one port assigned to VLAN5 on the first switch to a port assigned to VLAN6 on the second switch.

This is something which should not be done unless absolutely necessary.

YOU are creating one common VLAN composed of two parts per switch. No matter how you call it per switch, it's still one VLAN!

 

Am I clear now?

 

Best regards,

Milan


 

New Member

Thanks milan For your great

Thanks milan 

For your great explanation . 

As per the diagram attached , 

PC-A sends frame . When it leaves the port which is connected , it tags vlan 5 .

The switch already learned the mac-address of the PC-B on port fa0/8 ( fa0/8 (vlan 5) connected second switch fa0/8(vlan 6)

since it identified the destination port is fa0/8 , it removes the vlan information and send to port fa0/8 

is it correct 

or  


PC-A sends frame . When it leaves the port which is connected it does not tag any vlan information to the frame 

The switch already learned the mac-address of the PC-B on port fa0/8 

since it identified the destination port is fa0/8 ,it sends the frame to fa0/8 

Thanks 

New Member

Thanks milan For your great

Thanks milan 

For your great explanation . 

As per the diagram attached , 

PC-A sends frame . When it leaves the port which is connected , it tags vlan 5 .

The switch already learned the mac-address of the PC-B on port fa0/8 ( fa0/8 (vlan 5) connected second switch fa0/8(vlan 6)

since it identified the destination port is fa0/8 , it removes the vlan information and send to port fa0/8 

is it correct 

or  


PC-A sends frame . When it leaves the port which is connected it does not tag any vlan information to the frame 

The switch already learned the mac-address of the PC-B on port fa0/8 

since it identified the destination port is fa0/8 ,it sends the frame to fa0/8 

Thanks 

 

Hi,in your case (all ports

Hi,

in your case (all ports configured as access ones) no VLAN tags are sent on the wires.

PC-A sends an untagged frame to the switch.

The switch knows the destinatiom MAC address is visible on port fa0/8.

It only checks if this port belongs to the same VLAN 5.

It does, so it forwards the frame (untagged) out of the port fa 0/8.

The second switch receives this untagged frame on his port (fa0/8?) which belongs to VLAN 6.

He knows the destination MAC address, so again it only checks if the destination port belongs to the same VLAN 6. And forwards the frame to the PC-B.

 

As I said already, connecting switches this way creates one common VLAN5-6.

 

Best regards,

Milan

 

 

 

295
Views
0
Helpful
16
Replies
CreatePlease to create content