2 Top 42 VLANs

and Trunking
Interview
Questions and
Answers
 42 Interview Q&A for VLANs and Trunking| info@networkjourney.com | +91 9739521088

Contents
1. What is a VLAN? ........................................................................................................... 4
2. How does VLAN tagging work? ..................................................................................... 4
3. What is the purpose of a trunk link in VLANs? ............................................................... 4
4. Explain the difference between access and trunk ports. ................................................ 4
5. What is the IEEE 802.1Q standard? .............................................................................. 4
6. How does VLAN configuration improve network security? ............................................. 5
7. What is VTP (VLAN Trunking Protocol) and how does it work? ..................................... 5
8. Explain the concept of VLAN pruning. ........................................................................... 5
9. What is a VLAN database, and where is it stored? ........................................................ 5
10. How can you troubleshoot VLAN connectivity issues? ................................................. 5
11. What is the role of a VLAN assignment? ..................................................................... 6
12. Explain the purpose of a native VLAN. ........................................................................ 6
13. What is the impact of incorrect VLAN configuration on network performance? ............ 6
14. Describe the concept of VLAN aggregation. ................................................................ 6
15. What is a voice VLAN, and why is it used? .................................................................. 6
16. How do you configure a VLAN on a Cisco switch? ...................................................... 7
17. What is the function of the `show vlan brief` command? .............................................. 7
18. Explain the concept of VLAN hopping and how to prevent it. ....................................... 7
19. What is an extended VLAN, and how is it different from a standard VLAN? ................. 8
20. How can VLANs be used to improve network performance? ....................................... 8
21. What is a private VLAN, and how does it function? ...................................................... 8
22. Explain the concept of VLAN interface (SVI). ............................................................... 8
23. What is the difference between static and dynamic VLAN assignment? ...................... 8
24. How can you verify VLAN configuration on a switch? .................................................. 9
25. What is the purpose of the `vlan.dat` file in Cisco switches? ........................................ 9
26. Describe how VLANs can be used in a data center environment. ................................ 9
27. What is the function of the `switchport mode trunk` command? ................................... 9
28. How does VLAN filtering work? ................................................................................... 9
29. What is the purpose of the `vlan accessmap` command in VLAN configuration? ....... 10
30. What are the common mistakes to avoid when configuring VLANs? .......................... 10
31. What is VLAN hopping, and how can it be mitigated? ................................................ 10
32. How do you configure a VLAN on a Cisco switch for a specific port?......................... 10
33. What is the difference between a Layer 2 and Layer 3 VLAN? .................................. 11

42 Interview Q&A for VLANs and Trunking | info@networkjourney.com | +91 9739521088

 42 Interview Q&A for VLANs and Trunking| info@networkjourney.com | +91 9739521088

34. How do you configure a voice VLAN on a Cisco switch? ........................................... 11

35. What is the purpose of the `switchport trunk allowed vlan` command? ...................... 12
36. How do you verify VLAN trunking configurations on a Cisco switch? ......................... 12
37. What is the default VLAN for Cisco switches and how is it used? .............................. 12
38. How can you configure a VLAN for a port that will also be used for trunking? ............ 13
39. What is the significance of the `switchport trunk native vlan` command? ................... 13
40. How does a VLAN map work in a network configuration? .......................................... 13
41. What is the purpose of VLAN membership in a switch? ............................................. 13
42. How can you ensure VLAN consistency across multiple switches? ........................... 14

42 Interview Q&A for VLANs and Trunking | info@networkjourney.com | +91 9739521088

 42 Interview Q&A for VLANs and Trunking| info@networkjourney.com | +91 9739521088

1. What is a VLAN?
Answer: A VLAN (Virtual LAN) is a logical subgroup within a network that groups devices into
a single broadcast domain regardless of their physical location. It allows for better network
segmentation, security, and management. For example, VLANs can separate user
workstations from servers to improve network performance and security.

2. How does VLAN tagging work?

Answer: VLAN tagging involves adding a VLAN identifier to Ethernet frames to distinguish
which VLAN the frame belongs to. This is done using IEEE 802.1Q tagging, which inserts a
4byte VLAN tag into the Ethernet frame header. For example, a frame with a VLAN ID of 10
will be tagged as part of VLAN 10.

3. What is the purpose of a trunk link in VLANs?

Answer: A trunk link carries traffic for multiple VLANs between switches or other network
devices. It uses VLAN tags to identify which VLAN each frame belongs to, allowing multiple
VLANs to traverse a single physical link. For example, a trunk link between two switches can
carry traffic for VLAN 10, VLAN 20, and VLAN 30.

4. Explain the difference between access and trunk ports.

Answer: Access ports belong to a single VLAN and are typically used to connect end devices
like PCs and printers. Trunk ports can carry traffic for multiple VLANs and are used to
connect switches or routers. For example, an access port might be assigned to VLAN 10,
while a trunk port can carry traffic for VLAN 10 and VLAN 20.

5. What is the IEEE 802.1Q standard?

Answer: The IEEE 802.1Q standard defines the VLAN tagging protocol used to identify VLANs
in Ethernet frames. It adds a 4byte VLAN tag to the Ethernet frame header, which includes
the VLAN ID. This allows switches to recognize and process VLANtagged frames correctly.

42 Interview Q&A for VLANs and Trunking | info@networkjourney.com | +91 9739521088

 42 Interview Q&A for VLANs and Trunking| info@networkjourney.com | +91 9739521088

6. How does VLAN configuration improve network security?

Answer: VLANs improve network security by isolating broadcast domains and limiting the
scope of network traffic. This reduces the risk of unauthorized access and network attacks.
For example, separating sensitive financial data traffic into its own VLAN prevents it from
being accessed by users in other VLANs.

7. What is VTP (VLAN Trunking Protocol) and how does it

work?
Answer: VTP is a Cisco proprietary protocol used to manage VLANs across multiple switches.
It helps in propagating VLAN configuration changes throughout the network. VTP updates
are sent over trunk links, and switches receiving the updates modify their VLAN
configurations accordingly.

8. Explain the concept of VLAN pruning.

Answer: VLAN pruning is a technique used to reduce unnecessary VLAN traffic on trunk links
by removing VLANs that are not needed on specific links. It helps in optimizing bandwidth
usage. For example, if VLAN 30 is not used on a particular trunk link, VLAN pruning will
prevent VLAN 30 traffic from traversing that link.

9. What is a VLAN database, and where is it stored?

Answer: A VLAN database is a configuration file that stores VLAN information such as VLAN
IDs, names, and associated ports. It is typically stored in the switch’s nonvolatile memory.
For example, on a Cisco switch, the VLAN database is stored in the `vlan.dat` file.

10. How can you troubleshoot VLAN connectivity issues?

Answer: Troubleshooting VLAN connectivity involves checking VLAN configurations,
verifying trunk link settings, and ensuring proper VLAN tagging. Commands like `show vlan`,
`show interfaces trunk`, and `show vlan brief` can help diagnose issues. For example, if
devices in VLAN 10 cannot communicate, checking the VLAN configuration and trunk links
will help identify the issue.

42 Interview Q&A for VLANs and Trunking | info@networkjourney.com | +91 9739521088

 42 Interview Q&A for VLANs and Trunking| info@networkjourney.com | +91 9739521088

11. What is the role of a VLAN assignment?

Answer: VLAN assignment designates which VLAN a port or interface belongs to. This
determines how network traffic is segregated and managed. For example, assigning a port
to VLAN 10 ensures that any device connected to that port is part of VLAN 10 and follows its
network policies.

12. Explain the purpose of a native VLAN.

Answer: The native VLAN is the VLAN assigned to untagged traffic on a trunk link. It ensures
that frames without a VLAN tag are handled correctly. By default, VLAN 1 is the native VLAN
on many switches. For example, if a switch receives untagged traffic on a trunk port, it treats
it as belonging to the native VLAN.

13. What is the impact of incorrect VLAN configuration on

network performance?
Answer: Incorrect VLAN configuration can lead to broadcast storms, increased collisions,
and communication issues between devices. It can also expose sensitive traffic to
unauthorized users. For example, misconfigured VLANs might cause devices in different
VLANs to be able to communicate, violating network segmentation policies.

14. Describe the concept of VLAN aggregation.

Answer: VLAN aggregation refers to combining multiple VLANs into a single logical interface
or trunk link. This allows for efficient management of VLAN traffic over a single physical link.
For example, aggregating VLANs 10, 20, and 30 into one trunk link simplifies network design
and reduces the number of required physical connections.

15. What is a voice VLAN, and why is it used?

Answer: A voice VLAN is a dedicated VLAN designed to carry VoIP traffic separately from
data traffic. It prioritizes voice traffic to ensure highquality voice communication with
minimal latency and jitter. For example, a switch port might be configured with a voice
VLAN to ensure that IP phones connected to it have clear and uninterrupted calls.

42 Interview Q&A for VLANs and Trunking | info@networkjourney.com | +91 9739521088

 42 Interview Q&A for VLANs and Trunking| info@networkjourney.com | +91 9739521088

16. How do you configure a VLAN on a Cisco switch?

Answer: To configure a VLAN on a Cisco switch, you use the following commands:
```plaintext
switch vlan <VLAN_ID>
switch(configvlan) name <VLAN_NAME>
```
For example, to create VLAN 100 named "Sales," you would enter:
```plaintext
switch vlan 100
switch(configvlan) name Sales
```
Then, assign the VLAN to switch ports:
```plaintext
switch(config) interface range <INTERFACE>
switch(configifrange) switchport mode access
switch(configifrange) switchport access vlan 100
```

17. What is the function of the `show vlan brief` command?

Answer: The `show vlan brief` command displays a summary of all VLANs configured on a
switch, including VLAN IDs, names, and the ports assigned to each VLAN. It provides a quick
overview of VLAN configurations and helps verify VLAN settings. For example, running this
command will show if VLAN 100 is active and which ports are assigned to it.

18. Explain the concept of VLAN hopping and how to prevent it.
Answer: VLAN hopping is an attack where a malicious user gains access to VLANs they are
not supposed to by exploiting VLAN tagging or trunking vulnerabilities. It can be prevented
by disabling unused ports, using VLAN access control lists (ACLs), and ensuring proper
configuration of trunk ports. For example, configuring trunk ports with `switchport trunk
allowed vlan` limits which VLANs can traverse the trunk.

42 Interview Q&A for VLANs and Trunking | info@networkjourney.com | +91 9739521088

 42 Interview Q&A for VLANs and Trunking| info@networkjourney.com | +91 9739521088

19. What is an extended VLAN, and how is it different from a

standard VLAN?
Answer: Extended VLANs range from VLAN IDs 1006 to 4095, while standard VLANs use IDs
1 to 1005. Extended VLANs are used in larger networks and are not always supported by all
networking equipment. For example, extended VLANs can be used in large enterprise
networks to create more VLANs beyond the standard range.

20. How can VLANs be used to improve network performance?

Answer: VLANs improve network performance by reducing broadcast traffic, segmenting
networks, and isolating different types of traffic. This minimizes collisions and congestion on
the network. For example, separating user traffic from server traffic using VLANs helps in
optimizing network resources and reducing interference.

21. What is a private VLAN, and how does it function?

Answer: A private VLAN (PVLAN) is a VLAN configuration that provides additional layer of
security by isolating devices within the same VLAN from each other. It is used to limit
communication between devices within a PVLAN while still allowing access to shared
resources. For example, PVLANs can be used in a data center to isolate servers while
allowing access to a common gateway.

22. Explain the concept of VLAN interface (SVI).

Answer: A VLAN interface, or Switch Virtual Interface (SVI), is a virtual interface associated
with a VLAN that allows for routing and management functions. It provides Layer 3 IP
addressing for VLANs. For example, creating an SVI for VLAN 10 allows devices in VLAN 10 to
communicate with other VLANs through a Layer 3 switch.

23. What is the difference between static and dynamic VLAN

assignment?
Answer: Static VLAN assignment manually assigns ports to VLANs through switch
configuration. Dynamic VLAN assignment uses protocols like VLAN Membership Policy
Server (VMPS) to assign VLANs based on criteria such as MAC addresses. For example, static

42 Interview Q&A for VLANs and Trunking | info@networkjourney.com | +91 9739521088

 42 Interview Q&A for VLANs and Trunking| info@networkjourney.com | +91 9739521088

VLAN assignment is used for fixed configurations, while dynamic assignment adapts to
changes in device locations.

24. How can you verify VLAN configuration on a switch?

Answer: Verification of VLAN configuration can be done using commands such as `show
vlan`, `show interfaces trunk`, and `show vlan brief`. These commands provide information
on VLAN status, trunk ports, and assigned VLANs. For example, `show vlan` will list all
configured VLANs and their associated ports.

25. What is the purpose of the `vlan.dat` file in Cisco switches?

Answer: The `vlan.dat` file stores VLAN configuration information on Cisco switches. It
includes details such as VLAN IDs, names, and the mapping of VLANs to switch ports. This
file is essential for maintaining VLAN configurations across reboots.

26. Describe how VLANs can be used in a data center

environment.
Answer: In a data center, VLANs are used to segment different types of traffic, such as
storage, management, and application traffic. This improves security, performance, and
scalability. For example, VLANs can separate traffic for different virtual machines or
applications, ensuring that network resources are optimized and secure.

27. What is the function of the `switchport mode trunk`

command?
Answer: The `switchport mode trunk` command configures a switch port to operate as a
trunk port, allowing it to carry traffic for multiple VLANs. It enables VLAN tagging and
ensures that the port can handle frames from different VLANs. For example, applying this
command on a port connected to another switch will allow VLAN traffic to pass through.

28. How does VLAN filtering work?

Answer: VLAN filtering allows the exclusion of certain VLANs from trunk links, ensuring that
only specified VLANs are transmitted. This is done using commands like `switchport trunk
42 Interview Q&A for VLANs and Trunking | info@networkjourney.com | +91 9739521088
 42 Interview Q&A for VLANs and Trunking| info@networkjourney.com | +91 9739521088

allowed vlan` to specify which VLANs can pass through a trunk port. For example, filtering
can prevent VLAN 20 traffic from being sent over a specific trunk link.

29. What is the purpose of the `vlan accessmap` command in

VLAN configuration?
Answer: The `vlan accessmap` command is used to configure VLAN access maps, which
provide granular control over VLAN traffic by applying policies to specific VLANs. Access
maps allow for advanced traffic filtering and manipulation. For example, you can use VLAN
access maps to apply specific security policies to traffic within a VLAN.

30. What are the common mistakes to avoid when configuring

VLANs?
Answer: Common mistakes include misconfiguring trunk ports, not tagging VLANs correctly,
failing to match VLAN IDs across switches, and neglecting VLAN pruning. To avoid these
issues, ensure consistent VLAN configuration across switches, verify trunk settings, and
check VLAN assignments and tagging. For example, mismatched VLAN IDs on connected
switches can prevent devices from communicating properly.

31. What is VLAN hopping, and how can it be mitigated?

Answer: VLAN hopping is an attack where a malicious user gains access to VLANs they are
not authorized to by exploiting VLAN tagging or trunking vulnerabilities. It can be mitigated
by disabling unused ports, using VLAN access control lists (ACLs), and properly configuring
trunk ports. For example, setting up ACLs to restrict access between VLANs can prevent
unauthorized VLAN hopping.

32. How do you configure a VLAN on a Cisco switch for a

specific port?
Answer: To configure a VLAN for a specific port on a Cisco switch, use the following
commands:
```plaintext
switch configure terminal
switch(config) interface <INTERFACE>

42 Interview Q&A for VLANs and Trunking | info@networkjourney.com | +91 9739521088

 42 Interview Q&A for VLANs and Trunking| info@networkjourney.com | +91 9739521088

switch(configif) switchport mode access

switch(configif) switchport access vlan <VLAN_ID>
```
For example, to assign VLAN 100 to interface FastEthernet 0/1, you would enter:
```plaintext
switch configure terminal
switch(config) interface FastEthernet0/1
switch(configif) switchport mode access
switch(configif) switchport access vlan 100
```

33. What is the difference between a Layer 2 and Layer 3

VLAN?
Answer: A Layer 2 VLAN operates at the Data Link layer (Layer 2) and is used to segment
traffic within a single switch or across multiple switches. A Layer 3 VLAN, or Routed VLAN,
involves Layer 3 routing and allows for interVLAN routing and communication between
different VLANs. For example, Layer 2 VLANs handle broadcast traffic, while Layer 3 VLANs
use a Layer 3 switch or router to route traffic between VLANs.

34. How do you configure a voice VLAN on a Cisco switch?

Answer: To configure a voice VLAN, you need to assign a VLAN for voice traffic and set up
QoS to prioritize it. Use the following commands:
```plaintext
switch configure terminal
switch(config) interface <INTERFACE>
switch(configif) switchport mode access
switch(configif) switchport access vlan <DATA_VLAN>
switch(configif) switchport voice vlan <VOICE_VLAN>
```
For example, to set up VLAN 10 for data and VLAN 20 for voice on interface FastEthernet
0/1:
```plaintext
switch configure terminal
switch(config) interface FastEthernet0/1
switch(configif) switchport mode access
switch(configif) switchport access vlan 10

42 Interview Q&A for VLANs and Trunking | info@networkjourney.com | +91 9739521088

 42 Interview Q&A for VLANs and Trunking| info@networkjourney.com | +91 9739521088

switch(configif) switchport voice vlan 20

```

35. What is the purpose of the `switchport trunk allowed vlan`

command?
Answer: The `switchport trunk allowed vlan` command is used to specify which VLANs are
allowed to pass through a trunk link. This command helps in managing which VLANs can be
transmitted across trunk links, optimizing traffic and enhancing security. For example, to
allow only VLANs 10 and 20 on a trunk port:
```plaintext
switch configure terminal
switch(config) interface <INTERFACE>
switch(configif) switchport trunk allowed vlan 10,20
```

36. How do you verify VLAN trunking configurations on a Cisco

switch?
Answer: To verify VLAN trunking configurations, use the following commands:
`show interfaces trunk` to display information about trunk ports and VLANs allowed on
them.
`show vlan brief` to list VLANs and their assigned ports.
`show interfaces switchport` to check the mode and VLAN configuration of each interface.
For example, `show interfaces trunk` will show active trunk links and their allowed VLANs.

37. What is the default VLAN for Cisco switches and how is it
used?
Answer: The default VLAN on Cisco switches is VLAN 1. It is used for management and
administrative purposes, such as accessing the switch for configuration. By default, all
switch ports are assigned to VLAN 1 until configured otherwise. For example, VLAN 1 may be
used for management traffic if no other VLAN is specified.

42 Interview Q&A for VLANs and Trunking | info@networkjourney.com | +91 9739521088

 42 Interview Q&A for VLANs and Trunking| info@networkjourney.com | +91 9739521088

38. How can you configure a VLAN for a port that will also be
used for trunking?
Answer: To configure a port for both access and trunking, you typically use separate
interfaces for access and trunking configurations. However, if a port needs to handle both
types of traffic, configure it as a trunk and allow specific VLANs for access. For example:
```plaintext
switch configure terminal
switch(config) interface <INTERFACE>
switch(configif) switchport mode trunk
switch(configif) switchport trunk allowed vlan 10,20
```

39. What is the significance of the `switchport trunk native vlan`

command?
Answer: The `switchport trunk native vlan` command specifies the VLAN that untagged
traffic will be assigned to on a trunk port. This ensures that untagged frames are correctly
processed. For example, setting VLAN 99 as the native VLAN:
```plaintext
switch configure terminal
switch(config) interface <INTERFACE>
switch(configif) switchport trunk native vlan 99
```

40. How does a VLAN map work in a network configuration?

Answer: VLAN mapping involves associating VLAN IDs with different VLAN names or tags to
facilitate network management and routing. It allows administrators to map VLANs from
one ID to another for compatibility or organizational purposes. For example, VLAN mapping
might translate VLAN ID 10 to VLAN ID 20 in a multiswitch environment.

41. What is the purpose of VLAN membership in a switch?

Answer: VLAN membership determines which VLAN a switch port belongs to. It defines how
traffic is segregated and routed within the network. For example, assigning a port to VLAN
30 means that any device connected to that port is part of VLAN 30 and adheres to its
policies.
42 Interview Q&A for VLANs and Trunking | info@networkjourney.com | +91 9739521088
 42 Interview Q&A for VLANs and Trunking| info@networkjourney.com | +91 9739521088

42. How can you ensure VLAN consistency across multiple

switches?
Answer: Ensure VLAN consistency across multiple switches by using VLAN Trunking Protocol
(VTP) to propagate VLAN configurations or manually configure each switch with the same
VLAN settings. For example, VTP allows changes made to VLAN configurations on one switch
to be automatically updated on all VTPenabled switches.

42 Interview Q&A for VLANs and Trunking | info@networkjourney.com | +91 9739521088