- Be prepared for the CCNA exam
Verify your knowledge of CCNA exam topics
- Preparing for ICND1, ICND2 or CCNA exams
Labs! Labs! And more Labs! Get the hands on experience to pass your CCNA exam!
Make sure you are ready to pass the CCNA exam! Prepare practically
for the Cisco CCNA certification which is the most in-demand networking
certification in the world today! Make sure you can pass the Cisco CCNA
Routing and Switching 200-125 exam!
This course tests your knowledge of CCNA topics with practical, hands on labs. Labs include both configuration as well as troubleshooting labs.
Ask yourself these questions:
- Are you ready and prepared for the labs in the CCNA exam?
- Are you able to troubleshoot Cisco networks?
- Are you confident with your ability to configure networks as required by Cisco to pass the CCNA?
This course helps you prepare for the exam and gain the confidence to pass the exam!
Networks are all around us and you are using one right now to access this course.
Imagine for a moment, how different your life would be without access to Facebook, Snapchat, Google, YouTube, Whatsapp or any of the other websites on the Internet? How would you live with no Internet?
The Internet is extremely important in modern life today and all websites and Internet communication relies on networking. This reliance is only predicted to continue with the growth of the Internet of Things (IoT) in the next few years.
Without routers, switches, network cabling and protocols like BGP there would be no Internet!
This course will teach you how networks actually work and how you are able to connect to websites like Facebook, Google, and YouTube.
Companies throughout the world (from the smallest to the largest) rely on networks designed, installed and maintained by networking engineers. Join this in demand industry!
Start your journey today learning about networking.
I want to welcome you to this Cisco CCNA course! I'm David Bombal, and I have been teaching networking courses for over 15 years. I qualified as a Cisco Certified Interwork Engineer (CCIE) in 2003 and hold with numerous other networking certifications. I'm also a Cisco and HPE certified instructor where I have trained thousands of networking engineers in many of the largest companies in the world including Fortune 100 companies.
The course covers the topics in the Cisco ICND1, ICND2 and CCNA exams.
At the end of this course, you will be able to confidently discuss networking topics; and be able to start configuring real networking devices such as routers and switches. In this an introductory course, but contains a lot of information that can be directly applied to the CCNA certification.
The ideal student for this course is someone looking to break into the networking field, someone looking to extend their knowledge from PCs and servers to networking, or someone interested in getting knowledge to work in one of the most exciting, most in-demand jobs in IT - networking.
There are no requirements necessary to enroll in this course, I only ask that you come open minded and ready to learn.
Feel free to take a look at the course description and some of the sample free videos.
I look forward to seeing you on the inside
- CCNA 200-125 exam candidates
- ICND1 100-105 exam candidates
- ICND2 200-105 exam candidates
In this a lab we’ve been asked to configure DHCP on Router1 as follows. The excluded address range is going to be from 10.1.1.1 to 10.1.1.100
The pool name is going to be PC, the network to use is 10.1.1.10/24 and the default gateway for the DHCP pool will be Router 1 and the DNS server for the DHCP pool will be Router 1.
You should configure this network and test it. Make sure that PC 0 gets an IP address from the router and is able to ping the loopback of Router 1. So ensure that things actually work so you can configure the router. Download the packet tracer file and see if you can configure the router per these requirements.
In the next video I’m going to show you how to do this but try it first and see if you can do it yourself….
So here’s Router 1 sh ip int brief shows us the IP addresses configured on the router.
Here’s the loopback interface, here’s the IP address on gigabit is 0/0/0
So the first thing we need to do is configure an exclusion range
So ip dhcp excluded-address 10.1.1.1 to 10.1.1.100
The next thing we need to do is configure a DHCP pool called PC. The network to use is 10.1.1.0 with a subnet mask of /24 with I need to configure a default router or default gateway of 10.1.1.1.254 because that’s the IP address of Router 1. So the default route will be that. DNS server will be the router and that looks good.
So show run there is our exclusion range and there’s our DHCP poll show ip dhcp binding. Our plant has already been allocated an IP address 10.1.1.101 so let’s confirm that by opening up a command prompt. IP config, there’s the IP address of the PC, there’s the subnet mask, there’s the default gateway.
Can the PC ping Router1? Yes it can. Can it ping the loopback of Router 1? Yes it can.
And to confirm that, sh ip int brief there’s the loopback of Router 1 and the PC can ping the loopback of Router 1.
Can the router ping the PC? Yes it can. We’ve successfully configured a DHCP on Router 1 and tested that the PC gets an IP address via DHCP and that the PC can ping the loopback of Router 1.
That was a very basic DHCP lab. In the next lab, it gets more complicated.
In this video you’ve been asked to configure Inter VLAN routing by using a router on a stick. Router 1 needs to be configured to do inter VLAN routing between VLAN 10 and VLAN 20 and thus will act as a route on a stick.
In this topology you’ll need to do the full configuration of this lab to get things working.
VLAN 1 is going to be configured with subnet 10.1.1.0 /24
VLAN 10 with a subnet 10.1.10.0. /24 that’s the VLAN, that PC 1 belongs to you and VLAN 20 is going to use subnet 10.1.20 0 /24 that’s the subnet that PC 2 belongs to.
You need to configure the router with the last IP address in each subnet. So configure it with the last IP address in VLAN 1 10 and 20. The switch is going to be configured with IP address 10.1.1.253/24 only. In other words, it’s only going to have a management IP address.
VLAN 1 is our management VLAN, VLAN 10 and 20 or our user VLANS, we need to configure the VLANS on the switch. So again PC 1 needs to be configured in VLAN 10, PC 2 in VLAN 20 we need to configure the link between the switch on the router so we need to configure this link properly. We need to configure these two links properly and then we need to make sure that PC 1 can ping PC 2, PC 2 can ping PC 1 and can ping the router.
For additional credit configure the network so that the PCSs can ping the switch and the switch to the PCs. So can you do it? That’s your challenge and get these networks working. Download the packet tracer file and see if you can get it working. In the next video I’ll show you to configure this network for those instructions.
Okay so let’s start with the router.
At the moment on the router no IP addresses are configured. So the first thing we need to do is going to the gigabit 0.0.0 interface and no shut it.
And then we need to create sub interfaces. So notice I’m going choose .1 as the subinterface for VLAN 1, I’m going to specify an encapsulation of dot1q using VLAN 1 as the native VLAN. The management VLAN is typically your untagged VLAN which by default is VLAN 1.
I can now configure the IP address of the router, the last IP address in subnet 10.1.1.0 / 24 is 10.1.1.254
So do sh run shows us the configuration of the first sub interface. We now need to configure the second sub interface which is VLAN 10. You don’t have to use the same numbers as the VLAN number that just make it easier.
So I’m going to specify VLAN 10 this is not the native VLAN, IP address is 10.1.10.254.
So again sh run there’s the configuration of VLAN 10 and then I need to create a third subinterface for VLAN 20 encapsulation is going to be dot1q VLAN 20 IP address is going to be 10.1.20.254/24.
So again, there’s the configuration of the physical interface. VLAN 1 subinterface, a VLAN 10 subinterface, VLAN 20 subinterface.
The next thing we need to do is configure the switch.
So, on the switch sh ip int brief no IP addresses are configured VLAN 1 is administratively down at the moment.
So, conft interface vlan 1 no shut ip address 10.1.1.253/24
We’ve been told to only configure an IP address in VLAN 1. So let’s confirm that the switch can ping, the router it can but that’s not entirely correct yet. We still need to configure this interface as a trunk port, VLAN 1 will work because it’s the native VLAN but other VLANs will not work.
So switch port mode trunk we need to specify encapsulation.
So switch port trunk encapsulation dot1q and now we can make the port a trunk port.
So those two commands are required. Interface went down it’s now come up again.
So sh run
They are the two commands and gigabit 1/0/1
Can we still ping the router? At the moment it’s not working but now it is, it's just took it a while.
So notice that things have now succeeded, packet traces showing green on the link, so that looks good.
We now need to configure VLAN 10 and VLAN 20 and we need to put our PCs into those VLANs.
So our 2 PCs are connected to ports 102 & 103.
So int g1/0/2 switchport mode access switchport access vlan 10
In this case int g1/0/3 switchport mode access because it’s a PC, switchport access vlan 20
So show run what have we configured?
Gigabit 1/0/1 is a trunk port, Gigabit 1/0/2 & 1/0/3 are access ports, 1/0/2 is in VLAN 10, 1/0/3 is in VLAN 20.
So we can use commands such as sh int g1/0/1 switchport to verify the configuration of an interface.
So this command shows us that gigabit 1/0/1 is configured as a trunk port and is operating as a trunk port, the encapsulation used is dot1q access VLAN is VLAN 1.
If we look at interface gigabit 1/0/2, this port is an access port in VLAN 10. Look at 1/0/3 this port is an access port in VLAN 20, so that’s look good.
We’ve configured the VLANs on the switch, we’ve configured at the link between the route and switch. Now we need to confirm that PCs can ping each other.
So on PC 1, we’ve been told to configure the PC with a static IP address the default gateway will be the router on the PC. So I’ll set both the default gateway and DNS to the router, the IP address will be 10.1.10.1 subnet mask is going to be a /24 subnet mask.
So on the command prompt IP config, we can see the configuration ofthe PC that’s correct per our instructions, default gateway is wrong, I should make that 10. Always good to verify, so that again that looks better.
Can we ping the default gateway? Yes, we can.
So that’s good, do something similar on PC 2, default gateway will be 10.1.20.254 DNS server will be 10.1.2.2.254 IP address of the PC will be 10.1.20.2, subnet mask will be /24 subnet mask.
Open up a command prompt, IP config that looks good. Can we ping the router? Yes we can.
Can we ping PC 1? It’s a ping 10.1.10.1, yes we can. So PC 2 is able to ping PC 1 and can PC 1 ping PC 2? Yes it can.
So we’ve successfully configured this network with VLANs and Inter VLAN routing using a router on a stick.
So now let’s do the extra work for credits. How do we get everyone to talk to everyone?
So on the switch we need to configure an IP default gateway pointing to the router in the same subnet as the switch.
So ping 126.96.36.199.254 that works. Can the switch ping the first PC? At the moment it looks like it can’t.
Can it ping the second PC? At the moment it looks like it can’t.
When you use IP default gateway you need to ensure that routing is disabled. In this example routing is enabled, so we’re going to say no IP routing because this is a layer 2 switch and not a layer 3 switch and that should allow us to ping the PCs which it does.
So this is the lesson if you have IP routing enabled you don’t use the default gateway command. So as soon as I enable IP routing under the switch, the IP default gateway command is ignored by the switch and the switch can’t ping the PCs.
Now typically on switches the default behaviour is to have IP routing disabled. So this is the default behaviour.
In this lab, however it was turned on so we need to verify that it’s off so that we can ping the PCs using the IP default gateway command. So can PC 1 ping the switch ping 10.1.1.253? Yes it can.
Can PC 2 ping the switch? Yes it can.
So we’ve successfully configured this network per our instructions. Don’t forget to save your configurations on your devices. In the exam you may have to use the command copy running- config startup config. Here I’m simply using the old command WR but I would suggest in the exam that when you finished, save your configurations.
I hope you found this video useful.
This is one of multiple CCNA quiz based videos.
These quizzes are practical and use packet tracer to help you test and verify your knowledge of CCNA topics.
So download the attached packet tracer file and see if you can practically answer the questions in these quizzes.
So don’t just answer the questions, prove it by using the packet tracer simulation mode.
So assume that for these questions that all devices have just rebooted.
You can simulate this by clicking the power cycle devices button in packet tracer.
In other words, you can click this button here to power cycle the devices.
Again, don’t just answer these questions, prove it.
The first question is, when PC 1 pings PC 4 in network 1, what type of packet is sent to the hub initially?
Can you prove it?
Who received the packet?
Who received the return traffic from PC 4 to PC 1 and when ping traffic is sent from PC 1 to PC 4, who receives that traffic?
For question 5 to 8, assume that the switches’ MAC address table is empty.
So assume that this layer 2 switch in network 2 has just rebooted and that it’s MAC address table is empty. When PC 5 pings PC 8, in other words this PC here pings the IP address of PC 8.
What type of packet is sent initially to the switch and can you prove it?
And then again, who received the initial packet and who received the return traffic from PC 8 to PC 5?
And then when ICMP traffic or ping traffic is sent from PC 5 to PC 8, who received the traffic?
Question 9,10 and 11 asked about broadcast and collision domains.
How many broadcast domains are there in network 1 and can you prove it?
How many broadcast domains are there in network 2 and can you prove it?
How many collision domains are there in network 1 and network 2 and again can you prove that?
You don’t have to answer these questions from question 1 to question 11. You may want to answer questions 9,10 and 11 first and then answer the other questions. But by the time you finished, you should be able to answer these 11 questions and be able to prove the answers practically.
So download the attached packet tracer file and see if you can answer the questions yourself. But I’m now going to go through the answers to these questions.
I’m going to answer the questions practically now, so either pause the video or continue watching.
Okay so let’s see if we can practically answer these questions.
To do that, I’m going to use simulation mode in packet tracer and I’m going to change the filters to only show up an ICMP messages. I don’t want to see all the other traffic types in the network.
So let’s see what happens when PC 1 pings PC4.
PC 1 has an IP address of 10.1.1.1
PC 4 has an IP address of 10.1.1.4
So we are going to send ICMP traffic. In other words ping traffic from PC 1 to PC 4 and then we’re going to observe what happens.
Now in this example, I’ll only send 2 packets, in other words two pings. Notice what happens in the network. There’s ICMP traffic but there is also an ARP frame that’s generated.
PC 1 needs to learn the MAC address of PC 4. So it sends out an ARP which is a broadcast requesting the target MAC address of PC 4.
So in answer to our first question: What type of packet is sent initially?
The answer is a ARP packet which is a broadcast packet.
We’ve proven that, by running simulation mode in packet tracer.
Now this is a broadcast and in this network, the devices are connected to a hub. So the traffic should be flooded to all devices in the network except the device that sent to the packet.
So who receives the packet?
PC2 does, PC3 does and so does PC4.
PC2 and PC3 will drop the packets because the ARP packet is not for their IP address.
PC2 as an example is configured with IP address 10.1.1.2
So PC2 is going to drop other packet. The ARP request is for IP address 10.1.1.4
So both PC2 and PC3 drop the packet but PC4 will accept the packet.
And what it should do now he sent back on ARP reply. So if we look at this packet, notice the inbound packet to the hub. It’s an ARP reply packet with the MAC address of PC4.
This is PC4’s IP address, this its MAC address. We can verify that by using the ipconfig command and I should say
Notice the MAC address which is the source MAC address of the frame and that’s the source MAC address we see over here.
So the next question is who receives the return traffic?
So if I click capture forward, notice PC1, PC3 and PC2 receive the return traffic.
So PC1 PC2 and PC3, PC2 and PC3 will drop the ARP reply because it’s not destined to them.
When we look at that packet, we can see that the destination MAC address is PC1 and we can confirm that by looking at the config of PC1.
Notice the MAC address is this. So PC2 and PC3 will drop the ARP reply.
We’re then asked when ping traffic is sent from PC1 to PC4, who receives the traffic?
Now it’s a hub, so the traffic will be flooded.
So here’s the ICMP message.
We can see that it’s an Ethernet 2 frame using IP4 at Layer 3 and we can see it’s an ICMP packet and when we click capture forward, notice PC2, PC3 and PC4 receive the traffic. But again PC2 and PC3 will drop the packet because it’s not destined to them.
When we look at the inbound PDU or Protocol Data Unit on PC4, we can see that the destination IP address is PC4 and the destination MAC address is PC4.
We can verify that once again by using the ipconfig/all command and we can see the MAC address of PC4.
So that’s going to continue now.
When PC4 replies to PC1 the traffic is flooded and this is the problem with a hub even though the conversation is between PC1 and PC4, everyone in the network receives the traffic.
We can also answer this question:
How many broadcast domains are there in Network 1?
So if I go back all the way to the original ARP message and then click capture forward, the ARP message is sent to the hub.
Notice it’s broadcast at Layer 2.
So what happens to broadcast traffic? It gets flooded.
So we have one broadcast domain because a broadcast sent to a hub is flooded.
So single broadcast domain in Network 1. We can also prove that by rerunning a simulation.
So let’s rerun the simulation.
I’m only going to look at ARP ICMP traffic. But on PC 1, what I’m going to do now is send a broadcast to 10.1.1.255
So this is a broadcast, I’ll only send two packets.
Notice the broadcast traffic is sent to the hub. When we look at the packet source address is PC 1. We can see that again by looking at the MAC address.
So notice the MAC address is PC 1.
Destination is a broadcast.
So the destination MAC address is set to that.
Destination IP address is set to a broadcast 255.255.255 in packet tracer, source IP address is PC 1.
Notice the broadcast goes to everyone. So it’s a single broadcast domain. These devices will reply back but the traffic is flooded out of all ports. Notice we’re getting a collision here.
So I’ll reset the simulation and let’s look at another problem if PC 1 sends a ping to PC 4 and PC 2 sends a ping to PC 4, what’s going to happen.
So they’re both sending packets into the network.
In this example, PC 2 sent an ARP because it doesn’t know the MAC address of PC 4.
So here’s the actual frame.
A quick recap of terminology to be precise and to be correct for the CCNA exam at Layer 1 in the OSI model, we talked about bits, at Layer 2 in the OSI model we talked about frames, at Layer 3 we talked about packets and at layer 4 we talked about segments and then we typically talk about data at higher layers.
I’m often using terms interchangeably here, but if you want to very precise about terminology, at Layer 1 it’s bits, Layer 2 it’s frames, Layer 3 it’s packets, at layer 4 it’s segments.
So notice at Layer 2 the frame has a destination address of a broadcast. That’s causing problems with the frame that was sent by PC 1.
We’ve got collision taking place here. So there’s a problem with the frames because of the collisions. Only one device can access the network at anytime.
So here, PC 1 is sending the ICMP message and a reply is sent back to PC 1.
So run the simulation again.
Before I do that, I’m going to make sure that PC 2 can ping PC 4. So make sure that it’s ARP cache is populated. So both PC 2 and PC 1 have PC 4’s MAC address in the ARP cache. And then what I’ll do in simulation mode is get PC 1 to ping PC 4 and get PC 2 to ping PC 4. So they both going to send an ICMP packet.
When that hits the hub, we have a collision. You have a single collision domain when you have a hub. So a hub is a single broadcast domain as well as a single collision domain. We’re going to have problems with lots of collisions taking place as you add more and more devices to a hub. So be careful with hubs. There are single collision domains and single broadcast domains.
So we can say question 11, Network 1 equals a single collision domain. Be careful using hubs. Today we don’t use hubs in wide infrastructures. We use switches which we’ll see in a moment have multiple collision domains.
In question 5, we’re told to assume that Switch 1’s MAC address is empty.
We can verify that by looking at the output of the show MAC address table command on the switch. As we can see here the MAC address table is empty.
When PC 5 pings PC 8, what type of packet is sent to the switch initially and can we prove it? So, ipconfig on PC 5 shows us the IP address of PC 5 is 10.1.1.5
PC 8 has IP address 10.1.1.8
So what kind of frame or what kind of packet is sent to the switch?
When using terms such as frames and packets, once again, are we referring to layer 2 or layer 3 or layer 4 of the OSI model?
So what I’ll do on PC 5 is ping 10.1.1.8
Before I do that, notice the ARP cache is empty on PC 5. If it had just rebooted the ARP cache would be empty. So I’m going to send 2 pings into the network. We can see that the first packet that was generated is an ARP packet. Looking at the actual packet or frame, we can see that at layer 2 the frame has a destination address of a broadcast. The type of packet at layer 3 is ARP. So in the layer 3 headers we can see that this is an ARP packet requesting the MAC address of host with IP address 10.1.1.8
So the Ethernet type is 0x0806
In other words it’s an ARP packet.
Capture forward and before I continue the answer to question 5 is this is an ARP packet?
It’s a broadcast packet. We can see that again by looking at the inbound PDU on the switch. Notice destination address is a broadcast.
Who receives the packet because it’s a broadcast, it’s going to be flooded to the other devices in the network and then PC 6 and PC 7 are going to drop it because the packet is not destined to them. So the answer for question 6 is PC 6, PC 7 and PC 8 will receive the packet.
Now here’s where things change who receives the return packet?
So here we’ve got our ARP reply on the inbound PDU to the switch we can see that the target MAC address is this. That’s the MAC address of PC 5. So the MAC address is actually written into the frame. This is a unicast packet sent from PC 8 to PC 5. It’s not a broadcast unlike the ARP request.
So notice what happens now. The packet is only sent to PC 5. It’s not flooded out of all ports.
So the only PC that receives it is PC 5. That is different to our previous example where PC 1, PC 2 and PC 3 received the return traffic.
And notice the difference in question 8: When ping traffic is sent from PC 5 to PC 8, who receives it?
So here’s our ICMP requests or echo request message. We can see that its ICMP destination MAC address is PC 8, source MAC address is PC 5, source IP address is PC 5, destination IP address is PC 8. So notice now that the packet is only sent to PC 8. So that’s very different to what we saw when we were using a hub.
A switch is different to a hub in that, it has a separate collision domain on every port.
So when packets are sent from PC 5 to PC 8, they are sent directly between the devices. They don’t get flooded to the other PCs in the network. That is very different to a hub.
So, to prove that, what I’ll do is populate the ARP cache of PC 6.
So I’ll get it to ping PC 8 and I’ll run this in real time. So if we look at the ARP cache of PC 6 ARP cache is populated. The same is true on PC 5. So both PC 5 and PC 6 know the MAC address of PC 8.
I’ll change this to simulation mode and I’ll get both of these PCs to ping PC 8. Both of them are sending ICMP packets. They both get sent to the switch and notice the first one is sent to PC 8 and then the second one is sent to PC 8. We don’t end up with a collision.
So the switch caches the packets and allows the communication and to show you this in a different way, what I’ll do is get PC 5 to ping PC 8. But get PC 6 to ping PC 7.
So PC 5 is pinging PC 8, PC 6 is pinging PC 7. In this case, PC 6 needs to ARP for the MAC address of PC 7.
Notice however that there is no collision taking place. So now notice the ARP cache of PC 6 is populated with the MAC address of both PC 7 and PC 8. So I’ll run that again and I need to be in simulation mode to do that.
So they’re both sending ICMP packets. These are unicasts they are not broadcasts.
Notice the destination of this frame is PC 7; destination of this frame is PC 8. Both packets can be sent and received by the switch without interference from the other conversation. So the PCs can communicate now without collisions and they are essentially separated from the other conversation. The conversation between PC 5 and PC 8 happens independently of the conversation between PC 7 and PC 6. We have 4 collision domains here.
A hub is a single collision domain; a switch has a collision domain per interface.
But again, if PC 5 sent a broadcast, the broadcast would be forwarded to all devices in the network. This is a layer 2 switch, it’s going to flood that broadcast out of all ports. So everyone is going to receive the broadcast and everyone is going to have to reply and back to that broadcast.
Packet tracer is not perfect software but it allows you to visually see how traffic flows in the network and to learn how to answer question such as these.
So when studying for the CCNA exam, you can use packet tracer to learn how traffic flows, to learn what frames look like, what packets look like, what segments look like and it helps you essentially become a better network engineer.
So were you able to answer these questions?
Do you understand how data flows in a network when you have a switch or when you have a hub?
Make sure that you understand how data flows through networks.
This is a packet tracer VTP configuration lab.
You need to configure VTP or VLAN Trunking Protocol as follows.
Users should be able to add VLANs to switch 1 and switch 2 but not switch 3.
So configure VTP correctly so that VLANs can only be added to the VLAN database on switch 1 and switch 2.
Switch 2 however, should not synchronize its VLAN database with other switches.
You need to use VTP domain of CCNA throughout this lab.
So for verification, prove that VLANs created on switch 1 are replicated to switch 3 but not to switch 2. Prove that you can create VLANs on switch 1 and switch 2 but not on switch 3.
Now I’m purposely not telling you the commands and what’s required to accomplish these tasks. You need to understand how to configure VTP and understand how VTP works to be able to complete this lab.
So can you complete the lab?
Download the packet tracer file and see if you can complete the lab yourself, otherwise watch the next video where I complete the lab.
So in this lab, we need to configure VTP or VLAN Trunking Protocol so that VLANs can be added to switch 1 and switch 2 but not to switch 3. Switch 2 should not synchronize its VLAN database with other switches. So that means, that switch 2 needs to be configured as transparent switch.
If you want to be able to add VLANs to a switch but not synchronize VLANs with other switches, the VTP mode needs to be transparent.
First thing I’m going to do is set the domain.
We’ve been told to use a domain of CCNA.
So vtp domain ccna
VTP mode will be transparent.
So show vtp status
the switch is configured with this domain. It’s configured as a transparent switch.
Switch 1 needs to be configured as a VTP server because we need to be able to add VLANs to the switch and it needs to synchronize its VLANs to switch 3.
So on switch 1
I’ll give this name,
so switch 1
vtp domain is going to be ccna again
Vtp mode is going to be server
That is the default, so we don’t have to configure that.
show vtp status
We can see that the domain is set to CCNA, the mode is server.
So that looks good.
We’ve been told that we should configure switch 3 so that VLANs cannot be added to the switch. That means it needs to be configured as a VTP client.
So host name will be switch 3
vtp domain is ccna
vtp mode is going to be client
show vtp status
We can see that the domain is CCNA, we can see that the mode is client.
So that looks good.
Now, our VLANs actually being synchronized
so on switch 1
show vlan brief
We have VLANs 1, 1000 and 2,3,4 and 5, in other words, the default VLANs in the VLAN database.
We should see that VLAN added, which it has been that shouldn’t be added to switch 2.
So show vlan brief
Switch 2 doesn’t have VLAN 2 in the VLAN database, that’s good.
What about switch 3?
show vlan brief
We don’t see VLAN 2 in the VLAN database.
Now think of the following analogy. VTP stands for VLAN Trunking Protocol.
We need trunk links to send the VTP advertisements.
show interface trunk
shows us that switch 1 has no trunks configured.
So interface gigabit 1/0/1 switchport trunk encapsulation dot1q
switchport mode trunk
I need to have interfaces configured as trunk ports or they need to be negotiated as trunk ports for VTP advertisements to be transmitted across those ports.
On this side, I’m getting inconsistent port type.
So what I’ll do is configure both gigabit 1/0/1 and 1/0/2 as a trunk port
set the encapsulation to dot1q
switchport mode trunk
So I’ve done that on the first port.
I’ll do that on the second port as well
so show interface trunk
Both ports on switch 2 are now configured as trunk ports.
What about switch 3?
Before I configure the switch
show interface trunk
no trunk ports
so interface gigabit 1/0/1 switchport trunk encapsulation dot1q
switchport mode trunk
Now you could use VTP if you prefer. In this example, I’m not doing that.
In this example, I’m manually configuring the trunks.
Notice show vtp status
VTP configuration revision number is now 1
show vlan brief
We’ve learned about VLAN 2 on switch 3.
Switch 2 shouldn’t be learning about that VLAN because the mode is set to transparent.
So show vtp status
because the switch is configured as a transparent switch, it will forward VTP messages between the other switches. But it won’t synchronize its database with the other switches, so that’s good. Switch 3 is configured as a client
So we can’t add VLANs to switch 3.
But on switch 1, if I added another VLAN and let’s say another 2 as well.
show vtp status
VTP revision number or configuration revision number is set to 4.
On switch 2, it’s still set to 0 because the switch is not synchronizing.
But on switch 3, we’ve learned about the additional VLANs.
show vtp status
shows us that the configuration revision number is 4. In other words, the switch has synchronized to switch 1. Both switch 1 and switch 3 have the number of VLANs and the same configuration revision number.
If I add a VLAN to switch 2, let’s say VLAN 100, VLAN 101, VLAN 102, those VLANs will be in switch 2s VLAN database but they shouldn’t appear in switch 1s VLAN database and they shouldn’t appear in switch 3s VLAN database. So they don’t show on switch 1.
What about switch 3?
show vlan brief
they also don’t show on switch 3.
So I’ve successfully configured this lab. I’ve proven that VLANs created on switch 1 are replicated to switch 3 but not to switch 2.
I’ve proven that I can create VLANs on switch 1 and switch 2 but not on switch 3. I’ve also shown you that the VLANs created on switch 2 are not replicated to switch 1 or to switch 3. VLANs created on switch 1 are replicated to switch 3 but not to switch 2 and that’s because switch 2 is configured with VTP transparent mode.
Last thing to do is save the configurations but I’m happy with that the network is working as expected.
So how did you do?
Were you able to complete these tasks?
Did you get VTP working as required?
You need to know VTP for the CCNA exam.