1
00:00:00,630 --> 00:00:08,670
In this example, we've got two switches and four routers which are acting as PCs in the topology.

2
00:00:09,030 --> 00:00:14,670
We've also got a hub which I'm going to use to capture traffic using Wireshark.

3
00:00:15,330 --> 00:00:19,980
These devices have just booted up, so they have no configuration.

4
00:00:20,490 --> 00:00:29,850
On the first switch, I'll give the switch a hostname of one and on the second switch, give it a hostname

5
00:00:29,850 --> 00:00:30,750
of S2.

6
00:00:32,990 --> 00:00:33,860
Show.

7
00:00:35,610 --> 00:00:36,420
VLAN.

8
00:00:37,530 --> 00:00:43,770
At the moment we only have one ethernet of VLAN configured VLAN one.

9
00:00:44,190 --> 00:00:47,460
All ports in the switch are configured in that VLAN.

10
00:00:47,880 --> 00:00:54,720
Cisco switches also have some older VLANs by default 1002, three, four and five, which were used

11
00:00:54,720 --> 00:00:57,180
previously for FTI and token ring.

12
00:00:57,390 --> 00:01:00,630
Those VLANs are not used any more today.

13
00:01:03,030 --> 00:01:04,620
Switch to shows something similar.

14
00:01:04,620 --> 00:01:06,150
So show vlan brief.

15
00:01:07,020 --> 00:01:08,490
We have vlan one.

16
00:01:08,670 --> 00:01:11,040
All ports are configured in VLAN one.

17
00:01:11,430 --> 00:01:14,280
Here's rather one which is acting as our PC.

18
00:01:15,300 --> 00:01:21,480
I'm going to configure the first Ethernet interface with an IP address of ten 111.

19
00:01:23,470 --> 00:01:25,240
Slash 24 musk and I'll no.

20
00:01:25,260 --> 00:01:26,650
Shut the interface.

21
00:01:29,100 --> 00:01:32,490
On rather to do something similar.

22
00:01:33,850 --> 00:01:34,020
No.

23
00:01:34,020 --> 00:01:37,950
Shut the interface given an IP address of ten 112.

24
00:01:40,870 --> 00:01:47,230
So without any further configuration, we should be able to ping between rather one and rather two.

25
00:01:47,830 --> 00:01:52,030
Notice rather to can ping write a one and write a one.

26
00:01:52,120 --> 00:01:55,150
Can ping rather to the switches.

27
00:01:55,150 --> 00:01:57,610
Just have a default config.

28
00:01:59,440 --> 00:02:02,770
All ports on the switches are in VLAN one.

29
00:02:03,600 --> 00:02:09,570
We can see that by using the command show interface gigabit or zero zero switch port.

30
00:02:10,500 --> 00:02:15,870
The support gigabyte zero zero is using administrative mode.

31
00:02:15,870 --> 00:02:22,440
Dynamic auto operational mode at the moment is static access negotiation of trunking is on.

32
00:02:22,440 --> 00:02:24,330
In other words, FTP is enabled.

33
00:02:24,330 --> 00:02:27,960
But at the moment because there is no switch to negotiate with.

34
00:02:28,840 --> 00:02:31,870
The port is in VLAN one the default VLAN.

35
00:02:32,380 --> 00:02:36,880
Now we can see the traffic by doing a CAPTCHA using Wireshark.

36
00:02:41,010 --> 00:02:42,420
Various traffic is seen here.

37
00:02:42,420 --> 00:02:49,770
We've got a spanning tree beeped you being sent by the switch we can see Cisco discovery protocol messages

38
00:02:49,890 --> 00:02:56,670
being sent by the switch as well, showing the switch port, the platform and other information.

39
00:02:58,790 --> 00:03:03,800
But what I'd like you to see is all traffic is Ethernet frames.

40
00:03:03,980 --> 00:03:08,990
There is no 2 to 1 queue tagging on these frames.

41
00:03:09,530 --> 00:03:12,860
Let's do a search for ICMP traffic.

42
00:03:12,890 --> 00:03:15,380
At the moment there is no ICMP traffic.

43
00:03:16,550 --> 00:03:21,920
I'll get rather one to ping root of two and notice we see the ICMP traffic.

44
00:03:24,130 --> 00:03:28,030
What you'll notice is we have the source Mac address of router one.

45
00:03:28,940 --> 00:03:30,350
Pinging routed to.

46
00:03:32,330 --> 00:03:35,930
Protocol type is IP version for source.

47
00:03:35,930 --> 00:03:38,120
IP version for addresses ten 111.

48
00:03:38,150 --> 00:03:40,610
Destination IP Addresses ten 112.

49
00:03:42,690 --> 00:03:50,130
It's a standard Ethernet frame encapsulating IP and ICMP.

50
00:03:50,430 --> 00:03:54,810
In this case, it's an echo and the reply is an echo reply.

51
00:03:55,510 --> 00:03:59,320
There is no Ethernet tagging on this frame at all.

52
00:03:59,410 --> 00:04:02,320
It's a standard Ethernet frame.

53
00:04:02,350 --> 00:04:04,960
There is no concept of VLAN either.

54
00:04:04,990 --> 00:04:08,740
No VLAN information is transmitted on the frames.

55
00:04:10,240 --> 00:04:18,040
Even the other frames such as CDP don't show any VLAN information whatsoever.

56
00:04:18,800 --> 00:04:20,050
We'll stop that capture.

57
00:04:21,860 --> 00:04:25,280
This is an access port and this is an access port by default.

58
00:04:25,490 --> 00:04:28,490
The same will be true on switch two.

59
00:04:29,120 --> 00:04:35,840
I'll configure router three with an IP address of ten.

60
00:04:35,840 --> 00:04:37,040
One one, two, three.

61
00:04:41,160 --> 00:04:44,970
Shut the interface and I'll do something similar on right of four.

62
00:04:51,080 --> 00:04:51,650
Shut.

63
00:04:52,040 --> 00:04:54,020
IP address ten 114.

64
00:05:00,460 --> 00:05:02,590
Ken wrote for ping router three.

65
00:05:02,830 --> 00:05:04,120
Acting as host three.

66
00:05:04,150 --> 00:05:05,110
Yes, it can.

67
00:05:06,490 --> 00:05:07,780
Start a CAPTCHA here.

68
00:05:09,830 --> 00:05:18,170
We can see various traffic types being captured, including once again CDP en route of three, helping

69
00:05:18,180 --> 00:05:19,070
route of four.

70
00:05:21,090 --> 00:05:22,230
Ping succeeds.

71
00:05:24,210 --> 00:05:25,890
I'll filter for ICMP.

72
00:05:26,520 --> 00:05:30,750
And once again, you can see that this is a standard Ethernet frame.

73
00:05:30,810 --> 00:05:39,660
There is no information about VLANs contained in these frames, just standard Ethernet frames.

74
00:05:43,120 --> 00:05:48,540
So the PCs in the topology are unaware of any VLAN information.

75
00:05:48,550 --> 00:05:50,900
They are sending untagged frames.

76
00:05:50,920 --> 00:05:56,980
In other words, standard ethernet frames to the switches and the switches are sending untagged frames

77
00:05:56,980 --> 00:05:59,170
to the PCs.

78
00:05:59,890 --> 00:06:03,550
Now let's concentrate on switch one for the moment.

79
00:06:05,040 --> 00:06:13,050
I'm going to set the HTTP mode of the device to transparent, which means it won't try and synchronize

80
00:06:13,050 --> 00:06:15,720
VLAN information with the other switch.

81
00:06:17,260 --> 00:06:22,420
Shovlin once again shows us that we have one ethernet vlan configured.

82
00:06:23,650 --> 00:06:25,300
Let's create VLAN two.

83
00:06:26,370 --> 00:06:28,290
Show VLAN brief.

84
00:06:29,830 --> 00:06:36,340
We now have two ethernet vlans, but no ports are configured in VLAN two.