Hey guys, I have a question here:
As I learned, vlan=subnet=broadcast domain.
I will add a topology from packet tracer:
Lets say pc0 is 192.168.0.1/24, and its connected to port fa0/24 to switch 0.
now, that por is in vlan 1.
the port that connect switch0 to switch1 is fa0/1 and is set to vlan1.
the port that connect switch1 to switch0 is also fa0/1 and is set to vlan2.
the pc1 ip is 192.168.0.2/24 and is connected to port fa0/24 on switch1 and is set to vlan2.
if I ping from pc0 to pc1, every networking bone in my body says it wont work, but it does working...
I don't see why it should be working?
The VLAN-ID itself means nothing if it's only locally defined.
If you take VLAN 2 or VLAN 999 or any other number, both ports are in the same vlan, so incoming traffic on one port can reach any other port on that switch in the same vlan.
Incoming traffic is not flagged with a vlan so the switch defines it as the VLAN defined on the port.
Incoming on Switch 0 it is VLAN 1, outgoing it no longer has a VLAN as it leaves the port. Incoming Switch 1 it is defined as VLAN 2 since the Port is in VLAN2, so it can leave at Port 24 which is in VLAN 2 too.
The only possibility to stop it from working is defining the link between Switch 0 and 1 as a Trunk. Then it arrives at switch 1 in VLAN 1 and can't get to Port 24 in VLAN 2.
Edit: Killed the bee - changed it to be
I didnt only locally created the vlans, I also assign the ports to the vlans.
if port 0/24 and 0/1 on switch0 are assign to vlan 1
and ports 0/24 and 0/1 on switch1 are assign to vlan 2
a ping between host 1 and host 2 shouldnt be possible since there is routing between vlans..
I should mention, that the link between switch 0 to switch 1 is set to access and not trunk.
I think since it is set to access and not trunk, the packets are not tagged with their vlan tag, and therefor the hosts can reach eachother.
There is no routing between the vlans and there does not have to be a routing between to let the hosts ping the other one.
A packet going out an access port is not tagged with a vlan as you posted yourself and thats also why you need no routing and why the vlan-id does not matter. It is tagged with the vlan of the access-port going in and why should a switch not forward a vlan2 packet to a vlan2 port?
Routing is only necessary if you link the switches together with a trunk as I mentioned before.
Yes, that is the key here - because the link between switches is an access port and not a trunk when a packet leaves switch0 it has no VLAN identifier so the fact that you are using different VLANs on the two switches is irrelevant.
If I have 2 hosts in different vlans on the same switch, a ping wont reach from one to the other, so What do you mean by there is no L-3 device?
What is happening here is that PC0 is sending it's ping into its connected switch on VLAN 1, as the link between the switches at this end is also on VLAN 1, this will traverse the link and end up on VLAN 2 at the other end.
As you have configured both PCs on the same subnet, and the other PC is on VLAN 2, this will work.
Now, change the link to a trunk and see what happens??
Sent from Cisco Technical Support iPhone App
You have basically bridged vlan 1 and 2 togethr the way you have it. All your connections are access ports. I will guarantee if you had made the ports between switches trunks allowing vlan 1 and vlan 2 you would not be able to ping between vlan 1 and vlan 2 without a l3 device in between . Also in your current setup I bet if you put a device into vlan 1 on the far end it will not ping because you have it plugged into vlan 2