Complete Cisco Nexus VLAN, Trunking & Layer 3 Configuration Lab Guide for Beginners

Complete Cisco Nexus Switching Lab Configuration Guide

This educational Cisco Nexus networking tutorial explains every configuration task in detail. The guide covers hostname configuration, VLAN creation, switchport modes, trunking, Layer 3 links, SVI interfaces, IP addressing, verification techniques, troubleshooting concepts, and mathematical networking calculations.

Key Takeaway: This lab teaches the foundations of enterprise switching using Cisco Nexus switches and routers. You will understand both Layer 2 switching and Layer 3 routing concepts in a practical environment.

---

Table of Contents

• 1. Lab Overview
• 2. Devices Used
• 3. Task 1 - Configure Default Admin Password
• 4. Task 2 - Configure Hostnames
• 5. Task 3 - Configure Trunk Links
• 6. Task 4 - Configure VLANs and Access Ports
• 7. Task 5 - Configure R1 and R2 Connectivity
• 8. Task 6 - Configure R1 and NX-01 Connectivity
• 9. Task 7 - Configure R1 and NX-02 Connectivity
• 10. Task 8 - Configure NX-01 and NX-03 Connectivity
• 11. Task 9 - Configure NX-02 and NX-04 Layer 3 Link
• 12. Networking Mathematics
• 13. Verification Commands
• 14. Troubleshooting Techniques
• 15. Related Articles
• 16. Conclusion

---

1. Lab Overview

Cisco Nexus switches are designed for modern data center environments. They support high-speed Ethernet connectivity, virtualization technologies, storage networking, advanced security, and scalable Layer 2 and Layer 3 functionality.

In this lab, multiple Nexus switches communicate using:

• Access ports
• Trunk ports
• VLANs
• SVIs (Switch Virtual Interfaces)
• Layer 3 routed ports
• IP connectivity

The topology demonstrates how enterprise switches can carry multiple VLANs across trunks while also supporting routing functionality.

Networking Mathematics

Subnet mask conversion:

\[ 255.255.255.0 = /24 \]

Available hosts calculation:

\[ 2^{(32-24)} - 2 = 254 \]

Therefore, each /24 network supports 254 usable IP addresses.

---

2. Devices Used

Device	Purpose
NX-01	Nexus Layer 2/Layer 3 Switch
NX-02	Nexus Layer 2/Layer 3 Switch
NX-03	Nexus Layer 2/Layer 3 Switch
NX-04	Layer 3 Routed Nexus Switch
R1	Router 1
R2	Router 2

---

3. Task 1 - Configure Default Admin Password

The first task initializes the administrator account on all Nexus switches. Security is critical in enterprise networks because unauthorized access can compromise infrastructure.

Important: Always configure secure passwords in production environments. Avoid weak passwords such as admin123 or password.

Configuration Example

configure terminal
username admin password Cisco123 role network-admin

Detailed Explanation

The username command creates a local user account. The role network-admin parameter provides full administrative privileges.

Cisco Nexus switches use Role-Based Access Control (RBAC), unlike some older Cisco IOS devices.

Sample CLI Output

NX-OS#
NX-OS# configure terminal
Enter configuration commands, one per line.
NX-OS(config)# username admin password Cisco123 role network-admin
NX-OS(config)#

---

4. Task 2 - Configure Hostnames

Hostnames identify devices in a network. Without meaningful hostnames, troubleshooting becomes extremely difficult.

Operational Efficiency Mathematics

If a network engineer spends 2 extra minutes identifying each unnamed device and there are 50 devices:

\[ 50 \times 2 = 100 \text{ minutes} \]

Proper naming conventions save operational time and reduce troubleshooting complexity.

NX-01 Hostname Configuration

configure terminal
hostname NX-01

NX-02 Hostname Configuration

configure terminal
hostname NX-02

NX-03 Hostname Configuration

configure terminal
hostname NX-03

NX-04 Hostname Configuration

configure terminal
hostname NX-04

Why Hostnames Matter

• Improves troubleshooting
• Helps identify devices in logs
• Improves monitoring visibility
• Simplifies SSH management
• Supports automation scripts

---

5. Task 3 - Configure Trunk Links

Trunk ports carry traffic from multiple VLANs simultaneously. This allows efficient use of physical links.

Core Concept: A trunk link uses VLAN tagging to separate traffic from different VLANs across a single physical connection.

802.1Q Tagging Mathematics

Ethernet frame size:

\[ 1518 + 4 = 1522 \text{ bytes} \]

The additional 4 bytes represent the 802.1Q VLAN tag.

NX-01 Trunk Configuration

interface ethernet 1/3
switchport
switchport mode trunk
no shutdown

interface ethernet 1/5
switchport
switchport mode trunk
no shutdown

NX-02 Trunk Configuration

interface ethernet 1/3
switchport
switchport mode trunk
no shutdown

interface ethernet 1/4
switchport
switchport mode trunk
no shutdown

NX-03 Trunk Configuration

interface ethernet 1/4
switchport
switchport mode trunk
no shutdown

interface ethernet 1/5
switchport
switchport mode trunk
no shutdown

Understanding Trunking Deeply

A trunk port differs from an access port because it carries multiple VLANs. Frames are tagged using IEEE 802.1Q encapsulation.

The switch inserts VLAN IDs into Ethernet frames. Receiving switches examine the tag and place frames into the correct VLAN.

Verification Command

show interface trunk

---

6. Task 4 - Configure VLANs and Access Ports

A VLAN creates a separate broadcast domain inside a switch. Devices in different VLANs cannot communicate directly without Layer 3 routing.

Broadcast Domain Mathematics

If one broadcast frame reaches 100 devices:

\[ 100 \times 1 = 100 \text{ broadcast deliveries} \]

Dividing the network into 4 VLANs of 25 devices:

\[ 25 \times 1 = 25 \]

Broadcast traffic reduces significantly.

NX-01 VLAN Configuration

vlan 10
vlan 12
vlan 20
vlan 30

interface ethernet 1/1
switchport mode access
switchport access vlan 10

NX-02 VLAN Configuration

vlan 10
vlan 12
vlan 20
vlan 30

interface ethernet 1/1
switchport mode access
switchport access vlan 20

interface ethernet 1/2
switchport mode access
switchport access vlan 12

NX-03 VLAN Configuration

vlan 10
vlan 12
vlan 20
vlan 30

interface ethernet 1/1
switchport mode access
switchport access vlan 12

Access Ports vs Trunk Ports

Access Port	Trunk Port
Single VLAN	Multiple VLANs
Used for PCs	Used between switches
No VLAN tagging	Uses 802.1Q tagging

---

7. Task 5 - Configure R1 and R2 Connectivity

This task establishes Layer 3 communication between routers.

R1 Configuration

interface ethernet 0/0
ip address 192.1.12.1 255.255.255.0
no shutdown

R2 Configuration

interface ethernet 0/0
ip address 192.1.12.2 255.255.255.0
no shutdown

Ping Verification

R1# ping 192.1.12.2

!!!!!
Success rate is 100 percent

Subnet Mathematics

Network Address:

\[ 192.1.12.0 \]

Broadcast Address:

\[ 192.1.12.255 \]

Usable Host Range:

\[ 192.1.12.1 \text{ to } 192.1.12.254 \]

---

8. Task 6 - Configure R1 and NX-01 Connectivity

This task introduces Switch Virtual Interfaces (SVIs). An SVI allows a VLAN to have Layer 3 functionality.

Important Concept: An SVI acts as a virtual routed interface for a VLAN.

R1 Configuration

interface ethernet 0/1
ip address 192.1.10.1 255.255.255.0
no shutdown

NX-01 Configuration

feature interface-vlan

interface vlan 10
ip address 192.1.10.21 255.255.255.0
no shutdown

Why Enable feature interface-vlan?

NX-OS uses modular features. Unlike traditional IOS, features must often be enabled manually.

The command:

feature interface-vlan

enables SVI functionality.

---

9. Task 7 - Configure R1 and NX-02 Connectivity

This task extends Layer 3 communication into VLAN 20.

R1 Configuration

interface ethernet 0/2
ip address 192.1.20.1 255.255.255.0
no shutdown

NX-02 Configuration

feature interface-vlan

interface vlan 20
ip address 192.1.20.22 255.255.255.0
no shutdown

Verification Example

NX-02# ping 192.1.20.1

64 bytes from 192.1.20.1: icmp_seq=0 ttl=255 time=1.23 ms

---

10. Task 8 - Configure NX-01 and NX-03 Connectivity

This section demonstrates Layer 3 communication between switches using VLAN 30.

NX-01 Configuration

interface vlan 30
ip address 192.1.30.21 255.255.255.0
no shutdown

NX-03 Configuration

feature interface-vlan

interface vlan 30
ip address 192.1.30.23 255.255.255.0
no shutdown

Latency Mathematics

If propagation delay is:

\[ 2ms \]

and switching delay is:

\[ 1ms \]

Total latency:

\[ 2 + 1 = 3ms \]

---

11. Task 9 - Configure NX-02 and NX-04 Layer 3 Link

This task converts switch ports into routed interfaces using the no switchport command.

Critical Concept: The command no switchport transforms a Layer 2 switch interface into a Layer 3 routed interface.

NX-02 Configuration

interface ethernet 1/5
no switchport
ip address 192.1.40.22 255.255.255.0
no shutdown

NX-04 Configuration

interface ethernet 1/6
no switchport
ip address 192.1.40.24 255.255.255.0
no shutdown

Layer 2 Port vs Layer 3 Port

Layer 2 Port	Layer 3 Port
Uses VLANs	Uses IP addressing directly
Switching	Routing
MAC forwarding	IP forwarding

Verification Output

NX-02# ping 192.1.40.24

64 bytes from 192.1.40.24: icmp_seq=1 ttl=255 time=0.9 ms

---

12. Networking Mathematics and Binary Fundamentals

Networking heavily depends on binary mathematics. Understanding subnetting and IP allocation requires mathematical precision.

Binary Conversion Example

Decimal:

\[ 192 \]

Binary:

\[ 11000000 \]

Subnet Formula

Number of subnets:

\[ 2^n \]

Where:

• \(n\) = borrowed bits

Example:

\[ 2^4 = 16 \]

Therefore, borrowing 4 bits creates 16 subnets.

Host Formula

Usable hosts:

\[ 2^h - 2 \]

Where:

• \(h\) = host bits

Example:

\[ 2^8 - 2 = 254 \]

---

13. Verification Commands

Verification is one of the most important networking skills. Configuration without verification is incomplete.

Command	Purpose
show vlan brief	Displays VLANs
show ip interface brief	Displays interface status
show interface trunk	Displays trunk interfaces
show running-config	Displays current configuration
ping	Tests connectivity

Example show vlan brief Output

NX-01# show vlan brief

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------
10   VLAN0010                         active    Eth1/1
12   VLAN0012                         active
20   VLAN0020                         active
30   VLAN0030                         active

---

14. Troubleshooting Techniques

Network troubleshooting requires a structured methodology.

Best Practice: Always troubleshoot from Layer 1 upward using the OSI model.

Common Problems

• Interfaces shutdown
• Wrong VLAN assignment
• Incorrect IP addresses
• Missing trunk configuration
• Missing feature enablement
• Subnet mismatch

Troubleshooting Checklist

1. Verify cables
2. Check interface status
3. Verify VLAN existence
4. Check trunk links
5. Verify IP configuration
6. Use ping tests
7. Check routing tables

Useful Troubleshooting Commands

show interface status
show ip route
show mac address-table
show cdp neighbors
show logging

---

15. Related Networking Articles

Below are additional networking tutorials and guides related to Cisco networking, routing, switching, VPNs, and security technologies.

• Part 2 - Complete Cisco Nexus Static Routing Lab Guide | Loopback Interfaces, Default Routes & End-to-End Connectivity
• Configuring Trunk Interfaces and VLANs
• Evolution of EIGRP Configuration
• Modern Static Route Configuration
• Simplifying OSPF Configuration
• Configuring EIGRP for Simple Networks
• Mastering OSPF Router ID Configuration
• Mastering Passive Interface in OSPF
• OSPF Adjacency Debugging
• Reliable BGP Peering
• Basic Site-to-Site VPN Configuration

---

16. Conclusion

This Cisco Nexus lab demonstrated foundational enterprise networking concepts including:

• Administrative security
• Hostname configuration
• Trunking
• VLAN creation
• SVIs
• Layer 3 routed ports
• IP addressing
• Connectivity verification
• Troubleshooting techniques

By mastering these technologies, engineers build the foundation for advanced networking concepts such as:

• VXLAN
• EVPN
• OSPF
• BGP
• MPLS
• Data center fabrics
• Cloud networking

Final Learning Point: Networking is not only about memorizing commands. Understanding the logic behind VLAN separation, Layer 2 switching, and Layer 3 routing creates strong engineering fundamentals.