Introduction
While studying for CompTIA Network+, I couldn't totally understand what "show VLAN command" shows. I have never typed command on my computer and seen the output.
I understood what VLAN was and what the command actually shows, everything clicked. So, I decided to write it down.
What is VLAN
At first, before understanding Show VLAN command, we need to know VLAN.
VLAN = Virtual Local Area Network
It is a mechanism that divides a physical network into virtual segments.
Why VLAN is needed
Without VLAN:
→ Everyone is in the same network
→ All data are shared across the entire organization regardless of department
→ Problem for security and performance
With VLAN:
→ Be able to divide network depend on department
→ Only sales staff can access data managed by the sales department
→ Ensure security
Familiar example
Without VLAN:
→ Everyone work in one room
→ Every conversation can be heard to everyone
With VLAN:
→ Each department has its own private room
→ Conversation cannot be overheard by other departments
Configuration diagram
【Without VLAN】
Switch
├── PC(Sales department)
├── PC(Development department) ← Everyone in the same network
└── PC(Management department)
【With VLAN】
Switch
├── VLAN 10(Sales department)── PC・PC
├── VLAN 20(Development department)── PC・PC ← Divide network into each department
└── VLAN 30(Management department)── PC・PC
What is show VLAN command
It is the *command to verify VLAN information on a Cisco switch *.
Caution:
The show vlan command is exclusive to switches running Cisco IOS
Other vendors use other command:
Juniper → show vlans
HP/Aruba → show vlans
Dell → show vlan
Kinds of the command
There are three main command on this.
1. show vlan
Show All VLAN information in detail
2. show vlan brief
Show VLAN overview simply
→ The most used command
→ Frequently appears in the exam
3. show vlan id [Number]
Just show specific VLAN
例:
show vlan id 10
→ Show only VLAN 10 information
Output images
Output example for show vlan brief.
VLAN Name Status Ports
---- -------------------- --------- ------
1 default active Gi0/1, Gi0/2
10 Sales active Gi0/3, Gi0/4
20 Engineering active Gi0/5, Gi0/6
30 Management active Gi0/7
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
Meanings of each row
VLAN:
→ VLAN ID( Identification number)
→ Available range 1〜4094
Name:
→ VLAN name
Status:
→ active = Work normally
→ act/unsup = Not supported
Ports:
→ Ports assigned to the VLAN
→ Gi = GigabitEthernet
About Default VLAN (VLAN 1)
VLAN 1 is a special case
・All ports belong to VLAN 1 as default
・Cannot be deleted
・Cannot be changed from name "default"
Caution for security
It is dangerous to use VLAN 1 itself
↓
Reason:
Misconfiguration can cause unintended traffic across the network because all ports belong to VLAN 1 as default.
Measure:
It is common to move to other VLAN in production environment
When the command is used
Troubleshooting
Verifying whether VLAN setting are correctly configured .
Example:
PC cannot connect to network
↓
Type "show vlan brief" and confirm the output
↓
Discover problem that this port was not assigned to VLAN
Setting confirmation
After creating a new VLAN, run this command to verify the settings were applied correctly.
Example:
Confirm whether settings success correctly by type this command after new VLANN is created
Adding new devices
Setting after confirming "Which vlan we have to add to"
Example:
We want to add a new PC to the sales department network
↓
Confirming VLAN ID for sales department by typing "show vlan brief"
↓
Assigning the port to the VLAN
Command comparison in each vendor
| Vendor | Command |
|---|---|
| Cisco |
show vlan / show vlan brief
|
| Juniper | show vlans |
| HP / Aruba | show vlans |
| Dell | show vlan |
Summary
VLAN :
To divide physical network into segment virtually
It can ensure security by network segmentation
Show VLAN Command:
The command to confirm VLAN information on Cisco IOS Switch
Main command:
show vlan → Show detailed information
show vlan brief → Show overview( Most frequently used)
show vlan id XX → Show specific VLAN information
Use case:
・Troubleshooting
・Setting confirmation
・Adding new devices to VLAN
Caution:
・Command dedicated to Cisco IOS
・All port belong to VLAN 1 as default
・Don't use VLAN 1 in production environment
Conclusion
At first, I had no idea what the show vlan command was actually displaying. Once I understood that VALN is a mechanism for dividing a network into virtual segments, the output - including the meaning of each column - fell into place naturally.
Top comments (0)