When all of the Catalysts in a network support one VLAN and need connectivity, you can establish links between the Catalysts to transport intra-VLAN traffic. One approach to interconnecting Catalysts uses links dedicated to individual VLANs. For example, the network in Figure 8-1 connects several Catalysts together. All of the Catalyst configurations include only one VLAN—all ports belong to the same VLAN. Catalysts A and B interconnect with two direct links for resiliency. If one link fails, Spanning Tree enables the second link.
Figure 8-1. A Single VLAN Catalyst Design
When you dedicate a link to a single VLAN, this is called an access link. Access links never carry traffic from more than one VLAN. You can build an entire switched network with access links. But as you add VLANs, dedicated links consume additional ports in your network when you extend the VLAN to other switches.
In Figure 8-1, multiple links interconnect the Catalysts, but each link belongs to only 1 VLAN. This is possible because there is only one VLAN in the network. What if there were more than one? To interconnect multiple VLANs, you need a link for each VLAN. The network in Figure 8-2 interconnects six Catalysts and contains three distributed VLANs. Notice that Cat-B has members of all three VLANs, whereas its neighbors only have members of two VLANs. Even though the neighbors do not have members of all VLANs, an access link for all three VLANs is necessary to support Cat-B. Without the VLAN 3 access links attached to Cat-B, VLAN 3 members attached to Cat-B are isolated from VLAN 3 members on other Catalysts.
Figure 8-2. A Multi-VLAN Network Without Trunks
When deploying a network with access links, each link supplies dedicated bandwidth to the VLAN. The link could be a standard 10-Mbps link, a Fast Ethernet, or even a Gigabit Ethernet link. You can select the link speed appropriate for your VLAN requirements. Further, the link for each VLAN can differ. You can install a 10-Mbps link for VLAN 1 and a 100-Mbps link for VLAN 2.
Unfortunately, access links do not scale well as you increase the number of VLANs or switches in your network. For example, the network of Figure 8-1 uses 34 interfaces and 17 links to interconnect the VLANs. Imagine if there were 20 switches in the network with multiple VLANs. Not only does your system cost escalate, but your physical layer tasks as an administrator quickly become unbearable as the system expands.
Alternatively, you can enable a trunk link between Catalysts. Trunks allow you to distribute VLAN connectivity without needing to use as many interfaces and cables. This saves you cost and administrative headaches. A trunk multiplexes traffic from multiple VLANs over a single link. Figure 8-3 illustrates the network from Figure 8-2 deployed with trunks.
Figure 8-3. The Figure 8-2 Network with Trunk Links
In this network, only 12 ports and six links are used. Although VLANs share the link bandwidth, you conserve capital resources in your network by sharing the links. The majority of this chapter focuses on connectivity between switches. As a practical introduction to trunks, the following section describes reasons to attach routers and file servers to switches with trunks.
Trunks, Servers, and Routers
Trunks are not limited to use between Catalysts. They can also connect routers and file servers to switches. You can do this to support multiple VLANs without using additional ports (see Figure 8-4).
Figure 8-4. Connecting File Servers and Routers in a Multi-VLAN Network
In Figure 8-4, workstations belong to VLANs 2, 3, and 4. Because these stations attach to different broadcast domains, they cannot communicate with each other except through a router. Trunks connect a file server and a router to the switched network. The trunk connection to the router enables inter-VLAN connectivity. Without trunks, you can use multiple interfaces on the router and attach each to a different port on the switch as in Figure 8-5. The difficulty you might experience, though, is in the number of VLANs that this configuration supports. If the connections are high-speed interfaces like Fast Ethernet, you might only install a couple of interfaces. If you use 10-Mbps interfaces, you might not have the bandwidth that you want to support the VLANs.
Figure 8-5. A Brute Force Method of Attaching Routers and Servers to Multiple VLANs
Likewise, you could attach a file server to more than one VLAN through multiple interface cards. As when interconnecting switches with dedicated links, this does not scale well and costs more than a trunk link. Therefore, the trunk connectivity used in Figure 8-4 is usually more reasonable.
When a router or file server attaches as a trunk to the switch, it must understand how to identify data from each of the VLANs. The router must, therefore, understand the multiplexing technique used on the link. In a Cisco environment, this can be either ISL or 802.1Q over Ethernet, 802.10 over FDDI, or LANE/MPOA over ATM. In a mixed vendor environment, you must trunk with 802.1Q or LANE/MPOA.
Some vendors such as Intel and others supply ISL-aware adapter cards for workstations allowing you to use Cisco’s trunk protocols. This is beneficial if you want to attach a file server to the Catalyst using a trunk link rather than multiple access links.