Free CCNA | VLANs (Part 2) | Day 17 | CCNA 200-301 Complete Course

Welcome to Jeremy’s IT Lab. This is a free, complete course for the CCNA. If you like these videos, please subscribe to follow along with the series.

Also, please like and leave a comment, and share the video to help spread this free series of videos. Thanks for your help. In this video we will continue with the topic of VLANs, Virtual Local Area Networks.

In the last video, Day 16, we covered the absolute basics of VLANs, what a VLAN is, what their purpose is, and the most basic VLAN configurations. However, that’s not really enough information, there is still more basic knowledge you need to be able to understand and use VLANs. That’s what we’ll cover in today’s video.

So let’s take a look at what we’ll cover, exactly. This will be a fairly long video I think, but let’s take it step by step. First of all, what is a trunk port?

I mentioned trunk ports briefly in the last video. Whereas an access port belongs to a single VLAN, trunk ports carry traffic from multiple VLANs on a single interface. Next, what is the purpose of trunk ports?

How are they actually used? Next I will talk about 802. 1Q encapsulation.

This is an additonal tag added to an Ethernet frame which is used to identify which VLAN traffic belongs to on a trunk. Next, we’ll go into trunk port configuration, it’s not so complicated, you only need to learn a few more commands. Finally, we’ll cover ‘router on a stick’.

It’s a bit of an odd name, but this is something you really need to know for your CCNA. It’s a more efficient way of performing inter-VLAN routing, an alternative to using a separate router interface for every VLAN. So, let’s get started.

For a quick review, here is the network topology used in the last video. There is a single switch, and three VLANs. All of the switch interfaces are access ports which belong to a single VLAN, either VLAN10, VLAN20, or VLAN30.

Three interfaces are used to connect to the router, one for each VLAN. For this video, let’s use a different network topology. Here’s the network topology we’ll start with for this lesson.

This time, there are two switches used. Note that VLAN10, the VLAN for the engineering department, is split between the two switches. This is very common, as departments in a company aren’t always split up exactly by location.

You might have some engineers on one floor of the building, for example, and some on another floor. We are still using only access ports. There are two links between SW1 and SW2, one for VLAN10, and one for VLAN30.

There must be a link in VLAN10 between the two switches because VLAN10 PCs are connected to both SW1 and SW2, and also because the PCs connected to SW1 need to be able to reach R1 via SW2. As for the link in VLAN30, it is necessary because PCs in VLAN30 also need to be able to reach R1 via SW2. There is no link in VLAN20 between SW1 and SW2.

This is because there are no PCs in VLAN20 connected to SW1. PCs in VLAN20 can still reach PCs connected to SW1, R1 will perform the inter-VLAN routing. Let me demonstrate that inter-VLAN routing.

Let’s say this PC in VLAN20 wants to send traffic to one of the VLAN10 PCs connected to SW1. It will send the frame with a destination MAC address of R1, its default gateway. R1 then forwards it back to SW2.

Note that this traffic arrived at SW2 on the VLAN10 interface, the traffic is now in VLAN10, so it forwards it to SW1 on the VLAN10 connection between them, and then SW1 forwards the traffic to the destination PC. So, you can see that, even though there isn’t a VLAN20 connection between SW2 and SW1, the PC in VLAN20 can still send traffic to the PC in VLAN10, because the router performs inter-VLAN routing. In a small network with few VLANs, it is possible to use a separate interface for each VLAN when connecting switches to switches, and switches to routers.

However, when the number of VLANs increases, this is not viable. It will result in wasted interfaces, and often routers won’t have enough interfaces for each VLAN. You can use 'trunk ports' to carry traffic from multiple VLANs over a single interface.

Once again, these are different than access ports, which belong to a single VLAN only. Let’s take a quick look at how trunk ports work. So, now I’ve replaced those separate connections for each VLAN, with a single connection between SW1 and SW2, and SW2 and R1.

However, to make it more clear, let’s add those colors back. Okay, so now you can see which VLANs are allowed on each trunk. Remember, these are single physical connections, but traffic from multiple VLANs is allowed over each trunk.

Let’s say this PC in VLAN10 wants to send some data to this other PC in VLAN 10. It sends the traffic to SW2, which then sends it to SW1. Now here’s a question.

How does SW1 know which VLAN the traffic belongs to? Both VLANs 10 and 30 are allowed on the interface the traffic was received on, but how does SW1 know which VLAN it belongs to? The answer is VLAN tagging.

Switches will ‘tag’ all frames that they send over a trunk link. This allows the receiving switch to know which VLAN the frame belongs to. In fact, another name for a trunk port is a ‘tagged’ port, and another name for an access port is an ‘untagged’ port.

Frames sent over access ports aren’t tagged, they don’t need to be tagged because the interface belongs to a single VLAN. If a frame arrives on a switchport in VLAN10, the switch knows the frame is in VLAN10. Let’s talk about those VLAN tags.

There are two main trunking protocols: ISL (Inter-Switch Link) and IEEE 802. 1Q. Usually, we call 802.

1Q ‘dot1q’. ISL is an old Cisco proprietary protocol, created before the industry standard IEEE 802. 1Q.

Dot1q is an industry standard protocol created by the IEEE (Institute of Electrical and Electronics Engineers). Remember the IEEE? How about IEEE 802.

3? That’s Ethernet, another industry standard protocol. You will probably NEVER use ISL in the real world.

Even modern Cisco equipment doesn’t support it. For the CCNA, you only need to learn dot1q. You should know what ISL is, but you don’t have to study it like dot1q.

Okay here’s an old slide, back from Day 5 on Ethernet switching. Do you remember the fields of the Ethernet header and trailer? If you don’t, I recommend going back to check out Day 5’s video, I won’t waste time explaining it all again here.

However, the reason I am showing this is because the dot1q tag is actually inserted between two fields of the Ethernet header. So, here’s just the Ethernet header. Dot1q inserts a 4-byte, or 32-bit field between two fields of this Ethernet header.

Let’s take a look. As you can see here, the dot1q tag is inserted between the source MAC address and the type or length fields of the Ethernet header. Let’s go over some basics.

As I just said, the 802. 1Q tag is inserted between the Source and Type/Length fields of the Ethernet frame. The tag is 4 bytes, or 32 bits, in length.

The tag consists of two main fields. Those are the Tag Protocol Identifier, TPID, and the Tag Control Information, TCI. The TCI itself consists of three sub-fields.

Let’s quickly take a look at each field of the dot1q tag. Here’s a diagram of the dot1q tag format, thanks to wikipedia. Notice that it can be divided into two halves, the TPID and TCI I mentioned before.

Also, the TCI can be divided into three sub fields, the PCP, DEI, and VID. Okay first up lets look at the TPID field. The field is 16 bits, or 2 bytes, in length, taking up half of the 802.

1Q tag’s length. The TPID is ALWAYS set to a value of 0x8100. Remember, 0x just means hexadecimal, so the actual value in the field is 8 1 0 0, four hexadecimal digits.

Each hexadecimal digit is 4 bits, so 4 x 4 is 16, the total length of the field. This value of 8 1 0 0 indicates that the frame is dot1q-tagged. As I just showed you, the dot1q tag comes after the source MAC field of the Ethernet frame.

This is where the TYPE field is usually located. When the switch sees this value of 8 1 0 0 here, it knows it’s a dot1q-tagged frame. Okay, that’s all for the TPID field.

Next up let’s look at the first field of the TCI, which is the PCP, or Priority Code Point. The field is 3 bits in length. It is used for Class of Service, CoS, which prioritizes important traffic in congested networks.

Don’t worry about this field too much, just know the name and that it is used for CoS. Next up is the DEI, Drp Eligible Indicator. This field is just a single bit in length.

It is used to indicate frames that can be dropped if the network is congested, which makes sure more important network traffic gets through. Once again, you don’t really need to worry about this field too much for your CCNA, just know the name and it’s basic purpose. Okay, finally is a very important field, the VID, or VLAN ID field.

It is 12 bits in length. It is the field that actually identifies the VLAN the frame belongs to, so you could say this is the most important field of the dot1q tag. Because this field is 12 bits in length, that means there are 4096 total VLANs, because 2 to the power of 12 equals 4096.

However, the first and last VLANs, 0 and 4095, are reserved and can’t be used. Therefore, the actual range of VLANs that can be used is 1 to 4094. By the way, Cisco’s proprietary ISL, which is an alternative protocol for VLAN tagging over trunk connections, also uses a VLAN range of 1 to 4094.

As I mentioned before, however, you don’t really need to know ISL, it’s almost been completely replaced by the industry standard dot1q. So, those are the fields of the dot1q tag. Take a look at this diagram, do you remember the names of each section and their basic function?

If you want to read a little bit about dot1q, I recommend checking out the wikipedia page for a solid overview of it. Okay let me talk about the VLAN ranges a little bit more. The range of VLANs, which as I mentioned is 1 to 4094, is divided into two sections.

'normal VLANs', which are numbered from 1 to 1005, and 'extended VLANs', which are numbered from 1006 to 4094. Some older devices cannot use the extended VLAN range, however it’s safe to expect that modern switches will support the extended VLAN range. I work with Cisco switches a lot in my job, and I’ve never encountered a switch that doesn’t support the entire range, from 1 to 4094.

Just be aware that some older switches might not support the extended range. Okay, so let’s look at this diagram once again. So, this PC in VLAN10 wants to send traffic to this other PC in VLAN10.

The traffic goes to SW2, which then forwards it to SW1, with a tag indicating that the traffic belongs to VLAN10. SW1 receives the frame, and because the destination is also in VLAN10, it will forward the traffic to the destination. Remember, a standard layer 2 switch like this will only forward traffic in the same VLAN, it will not forward traffic between VLANs.

Let me introduce another concept of dot1q. Dot1q has a feature called the NATIVE VLAN. Cisco’s ISL does not have this feature, by the way.

The native VLAN is VLAN 1 by default on all trunk ports, however this can be manually configured on each trunk port. It’s important to remember that this has to be configured on each trunk port separately, it’s not a global configuration on the switch. Now, what exactly does the native VLAN do?

The switch does not add an 802. 1Q tag to frames in the native VLAN. It will forward the frame normally, without adding the dot1q tag to it.

So, what does the receiving switch do when it receives this untagged frame on a trunk port? When a switch receives an untagged frame on a trunk port, it assumes the frame belongs to the native VLAN. So, it’s very important that the native VLAN matches between switches!

Switches will still forward traffic if there is a native VLAN mismatch, but problems may occur. Let’s look at an example. This time, let’s say I’ve configured the native VLAN to be VLAN10 on the trunk link between SW1 and SW2.

Let’s follow some traffic on the same path as usual. This PC sends the traffic to SW2. It will send the traffic to SW1, but because it is in the native VLAN, VLAN10, it won’t tag it as being in VLAN10.

The untagged frame arrives at SW1, which assumes that the traffic belongs to VLAN10, so it forwards it to the destination. This time, let’s look at if there is a native VLAN mismatch configuration. On SW2’s interface I’ve configured VLAN10 as the native VLAN.

However, on SW1’s interface I’ve configured VLAN30 as the native VLAN. Let’s see what happens. Up to the point the traffic reaches SW1, it’s the same.

However, when SW1 receives the frame this is what it will think. This frame has no VLAN tag. Therefore, it must belong to VLAN30.

But, the destination is in VLAN10, not VLAN30. So, I won’t forward the frame. So, I think you can see why it is important that the native VLAN configuration matches between switches.

Okay, let's finally get into the configuration of trunk ports. I’ve added the interface numbers to the diagram to make it easier to understand. So, we will be configuring G0/0 on SW1, and G0/0 and G0/1 on SW2 as trunk ports.

Let’s go on SW1 first. First let’s look at the most basic trunk configuration, manually configuring the interface as a trunk. After entering interface configuration mode, use this command, SWITCHPORT MODE TRUNK to manually configure the interface as a trunk.

However, in this case we got an error message. Command rejected, an interface whose trunk encapsulation is ‘AUTO’ can not be configured to ‘trunk’ mode. This is a little tricky.

Many modern switches do not support Cisco’s ISL at all. They only support dot1q. Even though ISL is a proprietary Cisco protocol, even Cisco switches are moving toward supporting only dot1q.

However, switches that do support both dot1q and ISL (like the one I’m using in this example) have a trunk encapsulation of ‘Auto’ by default. To manually configure the interface as a trunk port, you must first set the encapsulation to 802. 1Q or ISL.

On switches that only support dot1q, this is not necessary. After you set the encapsulation type, you can then configure the interface as a trunk. So, let’s see how to set the encapsulation type.

You use the SWITCHPORT TRUNK ENCAPSULATION command. I used the question mark to see the options. There are dot1q, isl, and negotiate.

Negotiate sets it to AUTO mode, so we cant choose that. I will talk more about AUTO mode in the next lecture video, by the way, so if you have questions I will answer them there. I set the encapsulation to dot1q, and then this time the SWITCHPORT MODE TRUNK command is accepted.

On switches that only support dot1q, you will ONLY need the switchport mode trunk command, but on some switches you will need to set the encapsulation first. I used the SHOW INTERFACES TRUNK command to confirm. First up, the trunk interfaces are listed here.

'Mode on' means that the interface was manually configured as a trunk. In the next lecture we will look at how a port can automatically become a trunk without configuration, but we’ll forget about that for the moment. Encapsulation is dot1q as we configured, status is trunking, and the native VLAN, which I mentioned before, is the default of 1.

Under that, the VLANs allowed on the trunk are displayed. By the default, ALL VLANs, 1 to 4094, are allowed on the trunk. However, for security purposes, we might want to limit which VLANs can be forwarded on the trunk, so we’ll look at that configuration next.

Next up is VLANs allowed and active in management domain. This includes the default VLAN of 1, as well as VLANs 10 and 30, which I already configured on this switch. Note that, although VLAN1, which exists by default, appears here, VLANs 1002 to 1005, which I showed you in the previous lecture video, do not.

As I mentioned before, don’t worry about those VLANs, they’re not really used in modern networks. The last field of the SHOW INTERFACES TRUNK command is ‘Vlans in spanning tree forwarding state and not pruned’. I’ll talk about this in a future lecture, we don’t know about spanning tree and VLAN pruning yet.

Here is the command to configure the VLANs allowed on a trunk. SWITCHPORT TRUNK ALLOWED VLAN, and then there are some options. WORD allows you to simply configure the list of VLANs allowed.

Let’s see how that works. So, I used the command SWITCHPORT TRUNK ALLOWED VLAN 10 comma 30. Notice that the SHOW INTERFACES TRUNK command now only shows VLANs 10 and 30 as being allowed on the trunk.

Now let’s take a look at the ADD option. This allows you to add allowed VLANs to the currently existing list. Currently VLANs 10 and 30 are allowed, let’s say I also want to add 20, even though no hosts in VLAN20 are connected to SW1.

This time I used the command SWITCHPORT TRUNK ALLOWED VLAN ADD 20. The SHOW INTERFACES TRUNK command now shows vlans 10,20, and 30 as allowed, so 20 was added to the list. Note that, because I haven’t actually created VLAN20 on this switch, VLAN20 still isn’t displayed in the VLANs allowed and active in management domain section.

Next up I’ll show you the ‘remove’ option. VLAN20 isn’t necessary on this trunk, so let’s remove it. I used the command SWITCHPORT TRUNK ALLOWED VLAN REMOVE 20.

Now, as you can see, VLAN20 has been removed from the list of allowed VLANs, leaving only VLANs 10 and 30. Next up lets look at the ALL option. I think this one is fairly obvious, but lets take a look anyway.

This time I used the command SWITCHPORT TRUNK ALLOWED VLAN ALL. Now all VLANs are allowed on the trunk. This is the same as the default state, as all VLANs are allowed by default.

Next up lets look at the EXCEPT option. It allows all VLANS except the ones you specify. Let’s check it out.

I used the command SWITCHPORT TRUNK ALLOWED VLAN EXCEPT 1 to 5, comma 10. As you can see it allows all VLANs except those, so 6 to 9, and 11 to 4094… Okay, finally let’s look at the NONE option, which is also pretty easy to understand. This time I used the command SWITCHPORT TRUNK ALLOWED VLAN NONE, and as you can see no VLANs are allowed on the trunk.

This effectively allows no traffic to pass over the trunk, so now let’s do the actual settings we want for this network. Here’s the diagram once more. SW1 has hosts in VLAN 10 and VLAN 30 connected to it.

No hosts in VLAN20 are connected, so there’s no need to allow VLAN20 on the trunk between SW1 and SW2. So, let’s set the allowed VLANs to 10 and 30 like we did before. Okay, there we go.

Now the only VLANs allowed on the trunk are VLANs 10 and 30. The reason to do this is for security purposes, to make sure only traffic in the necessary VLANs can use that connection. Also, for network performance purposes, this avoids unncessary traffic, because broadcasts and such in other VLANs won’t be sent over the trunk.

Now, I said I’d show you how to change the native VLAN. For security purposes, it is best to change the native VLAN to an unused VLAN. Network security will be explained more in-depth later in the course.

This video is already getting long so I won’t explain the detailed reasons, but again it’s about limiting unnecessary traffic in the network, and controlling what traffic is allowed. Also, remember to make the native VLAN match between switches. Now let’s look at how to change the native VLAN.

The command to change the native VLAN is SWITCHPORT TRUNK NATIVE VLAN, followed by the VLAN number. I chose an unused VLAN, 1001. As you can see, the native VLAN has now been changed to 1001.

After configuring this trunk port, I did the SHOW VLAN BRIEF command. Notice that G0/0 is not listed anywhere. Not in VLAN10 or VLAN30, even though those are the VLANs allowed on the trunk.

This is because the SHOW VLAN BRIEF command shows the access ports assigned to each VLAN, not the trunk ports that allow each VLAN. Use the SHOW INTERFACES TRUNK command instead to confirm trunk ports. Now that we’ve seen the configurations on SW1, I’ll quickly do the configurations on SW2 as well.

On SW2’s G0/0 interface, we must allow VLANs 10 and 30. On SW2’s G0/1 interface, however, we must allow VLAN 20 as well. Here are the configurations for SW2’s G0/0 interface, the interface connected to SW1.

These are the same as before, so I won’t go through each one. You can pause the video if you want to take a look at them to review. Now let’s move on to G0/1, which is connected to R1.

Okay, here are the configurations. Almost identical to G0/0, except I allowed VLAN20 in addition to VLAN 10 and 30. Now, both G0/0 and G0/1 are displayed in the output of the SHOW INTERFACES TRUNK command.

So, that’s all for the switch configurations for this lesson. However, you may be wondering about the router. In the previous lecture, we used three separate interfaces for the connection from SW2 to R1, and assigned a separate IP address to each one on R1.

Each one served as the default gateway address for the PCs in each VLAN. However, now we are using only one physical connection between the two devices. So, we must use ‘subinterfaces’ on R1.

Let’s take a look. First of all, look at the title of the slide. ROUTER ON A STICK, also written as ROAS.

It’s a bit of a strange name, but it’s the name used for this method of inter-VLAN routing, as there is only a single physical interface connecting the router and the switch, and it looks like a ‘stick’ on the network topology diagram. So, in this case that one physical interface being used on R1 to connect to SW2 is G0/0. It’s connected to G0/1 on SW2.

But, we can actually divide this one physical interface into three separate subinterfaces, which will allow us to perform inter-VLAN routing with only one physical interface. So, it would look like this. G0/0.

10 for VLAN10, G0/0. 20 for VLAN20, and G0/0. 30 for VLAN30.

These three logical subinterfaces are really one physical interface, G0/0 which is connected to SW2’s G0/1 interface, but they can operate like three separate interfaces. Before we look at the router configurations, note that we don’t need to do any additional configurations on SW2. We already configured G0/1 as a trunk, and made sure that VLANs 10, 20, and 30 are allowed.

That’s all you need to do on the switch, configure the interface like a regular trunk. Now let’s look at the router configurations. Here are the configurations.

First, make sure the interface is enabled with ‘no shutdown’, as router interfaces are disabled by default. Next up is the first subinterface. Notice how to enter subinterface configuration mode.

Interface g0/0 DOT 10. This subinterface number does not have to match the VLAN number. However it is highly recommended that they do match, to make it easier to understand.

If each subinterface’s number matches the VLAN number, it’s easy to see which subinterface is used for each VLAN. The next command after that is ENCAPSULATION DOT1Q, followed by the VLAN number, which is 10 in this case. This tells the router to treat any arriving frames tagged with the specified VLAN number as if they arrived on this sub interface.

If a frame arrives tagged with VLAN10, R1 will behave as if it arrived on interface G0/0. 10. It will also tag all frames leaving this subinterface with VLAN10 using dot1q.

Finally, after the encapsulation dot1q command, simply assign the IP address to the subinterface. Once again, I have assigned the last usable address of the subnet. And that’s all for this subinterface.

Then I did the same thing with the other two subinterfaces. Again, I made the subinterface and VLAN numbers match, and configured the last usable IP address of each subnet as the IP address of the subinterface. If you confirm with the SHOW IP INTERFACE BRIEF command, you can see that each of the subinterfaces appears, as well as the physical interface, although the physical interface itself has no IP address assigned to it.

And here is the routing table. Notice the connected and local routes are added just like when IP addresses are added to regular physical interfaces. When R1 sends frames out of these subinterfaces, it adds the VLAN tag configured on the subinterface.

For example, if a packet arrives destined for the 192. 168. 1.

64/26 subnet, it will send the packet out of it’s G0/0 interface tagged with VLAN20. Okay, let’s review the important points about router on a stick. ROAS is used to route between multiple VLANs using a single interface on the router and switch.

The switch interface is configured as a regular trunk. The router interface is configured using subinterfaces. You configure the VLAN tag and IP address on each subinterface.

The router will behave as if frames arriving with a certain VLAN tag have arrived on the subinterface configured with that VLAN tag. Finally, the router will tag frames sent out of each subinterface with the VLAN tag configured on the subinterface. Now that we have configured the router, let’s return to this diagram to see how interVLAN routing works with these subinterfaces.

This PC in VLAN10 is trying to reach this PC in VLAN30. The frame is sent to SW2. SW2 sends the frame on its G0/1 interface to R1, tagging it as being in VLAN10.

R1 receives it on its G0/0 interface, identifying it as arriving on the G0/0. 10 subinterface because of the VLAN10 tag. The destination is in the subnet 192.

168. 1. 128/26, which is connected to R1’s G0/0.

30 subinterface, so it sends the frame out of its G0/0 interface. It tags it as VLAN30 because that is what was configured on the G0/0. 30 subinterface.

SW2 then forwards it to SW1, tagging it as VLAN30 over the trunk. SW1 then forwards the frame to the destination. Okay, let’s quickly review before moving on to today’s quiz.

I think I say this after every video these days, but there was a lot of information in this video. Please rewatch certain parts of the video if you need to, and use the supplementary materials to help you practice and review as well. First off, we answered the question WHAT IS A TRUNK PORT?

It’s a switch interface that carries traffic over multiple VLANs. We also answered what the purpose of a trunk port is. It allows switches to forward traffic from multiple VLANs over a single physical interface, instead of having to use a separate physical interface for every single VLAN.

I also introduced 802. 1Q encapsulation, which is a tag inserted into the Ethernet frame and is used to identify which VLAN the frame belongs to when sent over a trunk port. I showed how to configure trunk ports on a Cisco switch, including the encapsulation type, allowed VLANs, and native VLAN.

Finally, I showed you how to configure ROUTER ON A STICK, which involves configuring multiple subinterfaces on a single physical interface, which again allows for traffic from multiple VLANs and subnets to be routed without having to use a separate physical interface for each one. It’s like a trunk port on a router. Finally, let’s move on to today’s quiz.

First up, question 1. You want to configure SW1 to send VLAN10 frames untagged over its GigabitEthernet0/1 interface, a trunk. Which command is appropriate?

A, encapsulaton dot1q 10. B, switchport trunk allowed vlan 10. C, switchport trunk allowed vlan add 10.

D, switchport trunk native vlan 10. Pause the video to think about your answer. The answer is D, switchport trunk native VLAN10.

A, encapsulation dot1q 10 is used on a router subinterface to specify which VLAN it belongs to. B and C are used to modify the VLANs allowed on the trunk. D is used to specify the native VLAN, and traffic in the native VLAN is sent untagged over the trunk.

Next let’s go to question 2. After modifying the VLANs allowed on a trunk interface, you want to return it to the default state. Which command will do this?

A, switchport trunk allowed vlan default. B, switchport trunk allowed vlan all. C, switchport trunk allowed vlan none.

Or D, switchport trunk allowed vlan 1 and 1001 to 1005. Pause the video to think about your answer. The answer is B, switchport trunk allowed VLAN all.

By default all VLANs are allowed on a trunk port, so switchport trunk allowed vlan all will return it to the default state. Answer D, by the way, lists the VLANs that exist on a Cisco switch by default, but that’s different than the VLANs allowed on a trunk by default. Okat, let's go to question 3.

You try to configure an interface on a Cisco switch as a trunk port with the command switchport mode trunk, but the command is rejected. Which command might fix this issue? A, switch port mode trunk.

B, switchport trunk encapsulation 802. 1q. C, switchport trunk encapsulation dot1q.

Or D, switchport trunk encapsulation auto. Pause the video to think about your answer. The answer is C, switchport trunk encapsulation dot1q.

On Cisco switches that support both 802. 1Q and ISL encapsulations for trunk ports, if you want to manually configure the interface as a trunk you have to manually specify the encapsulation type with SWITCHPORT TRUNK ENCAPSULATION DOT1Q. You could use ISL instead, but ISL is almost never used.

Okay, let’s go to question 4. Which field of the 802. 1Q tag identifies the VLAN ID of the frame?

A, TPID. B, VID. C, TCI.

Or D, VLN. Pause the video to think about your answer. The answer is B, VID.

VID stands for VLAN ID, it is 12 bits long and identifies the VLAN number. TPID stands for tag protocol identifier, and uses a hexadecimal value of 8100 to identify the frame as 802. 1Q-tagged.

PCP stands for priority code point and is used for class of service, not to tag the VLAN ID. D, VLN, is not a real field of the 802. 1Q tag.

Let’s go to the last question, question 5. You configured switchport trunk allowed vlan add 10 on an interface, but VLAN10 doesn’t appear in the Vlans allowed and active in management domain section of the show interfaces trunk command output. What might be the reason?

A, VLAN10 doesn’t exist on the switch. B, the command is invalid. C, the command should be switchport trunk allowed vlan 10.

or D, vlan10 is reserved and cannot be used. Pause the video to think about your answer. The answer is A, VLAN10 doesn’t exist on the switch.

If a VLAN doesn’t exist on the switch, even if it is allowed on the trunk, it won’t appear in the 'Vlans allowed and active in management domain' section of the show interfaces trunk command output. That’s all for the quiz. Okay, so as always there will be supplementary materials for this video.

There will be flash cards to use with the software ANKI, to help you remember things learned in this video. There will also be a packet tracer practice lab so you can practice the configurations learned in this video. That will be in a separate video.

Before finishing this video, I want to think all of my JCNP-level channel members. Thank you to Charlsetta, Lito, Yonatan, Mike, Aleksander, Vance, Yousif, Samil, Boson Software, Sidi, Magrathea, and Devin. Sorry if I pronounced your names incorrectly, but thank you so much for your support.

Extra shoutout to Boson software, I absolutely love their ExSim practice exams and NetSim network simulator, check out the links in the video description for their products. Thank you for watching. Please subscribe to the channel, like the video, leave a comment, and share the video with anyone else studying for the CCNA.

If you want to leave a tip, check the links in the description. I'm also a Brave verified publisher and accept BAT, or Basic Attention Token, tips via the Brave browser. That's all for now.