Академический Документы
Профессиональный Документы
Культура Документы
VLAN Background
Local Area Networks (LAN)
Generally defined as a broadcast domain.
Hubs, bridges, or switches on the same physical segment or segments connect end node devices
A router is not needed for end nodes on the same LAN segment to communicate with each other.
However a router is necessary for these devices to communicate with devices on other LAN segments.
VLAN Background
To the left, a LAN environment connected by routers Drawback:
VLAN Background
To the right, a LAN environment connected by switches. Speed and latency advantages.
Drawback: All end nodes (or hosts) are in same broadcast domain, which adds to the network a significant amount of traffic that is seen by all hosts. Solution?
Switched Network w/VLANs
What is VLAN ?
vendor-specific solution and strategy, so defining it is an issue. VLAN's allow a network manager to logically segment a LAN into different broadcast domains. multiple physical LAN segments independent of physical location and can communicate as if they were on a common LAN
6
Simplified Administration
Adding, changing, moving user accounts no new reconfiguration of hubs/routers necessary
Benefits
Reduce Costs
VLANs can be used to create broadcast domains which can eliminate cost of expensive routers
Security
Keep information restricted to only users who need access Can control boadcast domains, set up firewalls and more
Single-Switch VLAN
Single-Switch VLAN
The VLAN operates only inside one switch. Computers, dozens or even hundreds, on the VLAN are connected into this switch and assigned by software into different VLAN segments. VLAN segments act as though they are connected to the same physical switch or hub.
10
Four ways in which computers attached to a VLAN can be assigned to specific VLANs inside them :
1. 2. Port-based VLANs (layer-1 VLANs) MAC-based VLANs (layer-2 VLANs)
3.
4.
11
Multi-Switch VLAN
12
IEEE 802.1Q
13
Layer 3
Network layer
serves as the backbone for network traffic going across different VLANs.
provides logical routing interfaces to VLANs on Layer 2 switches. A traditional network requires a physical interface from a router to a switch to perform inter VLAN routing.
14
Layer 4
Transport Layer
15
VLAN Membershi p
15.16
16
VLAN Membership
Membership by Port Membership by MAC Address Membership by IP Subnet Address
port vlan
1
2 3 4
1
1 2 1
disadvantage of this method is that it does not allow for user mobility.
17
VLAN Membership
Membership by Port Membership by MAC Address Membership by IP Subnet Address
MAC Address 1212354145121 2389234873743 3045834758445 5483573475843 vlan 1 1 2 1
Advantage : no reconfiguration needed Disadvantage : VLAN membership must be assigned initially. performance degradation as members of different VLANs coexist on a single switch port
18
VLAN Membership
Membership by Port Membership by MAC Address Membership by IP Subnet Address
IP Subnet 23.2.24 vlan 1
26.21.35
Advantage: Good for application-based VLAN strategy User can move workstations eliminate the need for frame tagging Disadvantage : Performance/ looking for L3 address in packet. Less effective with protocols such as IPX, DECnet, or AppleTalk unroutable protocols such as NetBIOS
19
15.20
20
15.21
21
15.22
22
23
24