Pages

Friday 7 February 2014

Virtual LANs

VLANs:



Virtual LANs
Virtual LANs

A VLAN is a logical grouping of devices or users. These devices or users can be grouped by function, department application and so on, regardless of their physical segment location. VLAN configuration is done at the switch via switching fabric. A VLAN can be used to reduce collisions by separating broadcast domains within the switch. In other words, VLANs create separate broadcast domains in a switched network. Frame tagging at layer 2 does this. Frame tagging is a gaining recognition as the standard for implementing VLANs, and is recognized by IEEE 802.1q. Frame tagging uniquely assigns a VLAN ID to each frame. This identifier is understood and examined by each switch prior to any broadcasts or transmissions to other switches, routers, and end-stations devices. When the frame exits the network backbone, the switch removes the identifier before the frame is transmitted to the target end station. This effectively creates an environment with fewer collisions. The key to this is that ports in a VLAN share broadcasts, while ports not in that VLAN cannot share the broadcasts. Thus users in the same physical location can be members of different VLANs. We can plug existing hubs into a switch port and assign them a VLAN of their own to segregates users on the hubs. Frame filtering examines particular information about each frame. A filtering table is developed for each switch; this provides a high level of administrative control because it can examine many attributes of each frame. Frame filtering is slowly being erased and replaced by the frame tagging method. 



VLANs can be complicated to set up. VLANs use layer 2 addressing, meaning that routers are required between separate VLANs. The advantage of deploying layer 2 addresses is that layer 2 addressing is faster to process. It is also quite common for administrators to set up multiple VLANs with multiple access lists to control access. Layer 3 routing provides the ability for multiple VLANs to communicate with each other, which means that users in different locations can reside on the same VLAN. This is a flexible approach to network design. 

VLANs are configured on the switch three ways, port centric, static and dynamically. In port-centric VLANs, all the nodes connected to ports in the same VLAN are assigned the same VLAN ID. Packets do not “leak” into other domains, and are easily administered and provide great security between VLANs. Some say that static configured VLANs are the same as port centric, because static VLANs use the port centric method for assigning them to switch ports. Dynamic VLANs are ports on a switch that can automatically determine their VLAN assignments. Dynamic VLAN functions are based on MAC addresses, logical addressing, or protocol type of the data packets. When a station is initially connected to an unassigned switch port, the appropriate switch checks the MAC entry in the management database and dynamically configures the port with the corresponding VLAN configuration. The major high points of this method are less administration overhead, of course only after the first administration of the database within the VLAN management software.


Enjoy:Virtual LANs

No comments:

Post a Comment