«
»

Network + LAN Technologies 3 of 3

By technotes2

Virtual LANs: VLAN Operation

A VLAN is a network of computers tha have different physical locations, but they communicate as if they are connect to the same segment of a LAN. The computers share the same IP network number. Network components are grouped logically into broadcast domains in a virtual LAN. All devices can send and receive broadcast frames from another device within that particular domain.

Benefits of VLANs:

  • Efficient utilization of bandwidth: Reduce the need to have routers control broadcast traffic. Flooding of a packet is limited to the switchports in the VLAN
  • Enforcement of Network Security Policy: Broadcast domain is confined to VLAN – devices are isolated from listening to or recieving broadcast that are not intend for them. Devices of one VLAN cannot communicate with the device on other VLANs if a router is not connected between them.
  • Reduced Administration Costs: Devices that are physically scattered can be logically grouped on the network. If a user moves you don’t need to reconfigure the device. If a user changes job function you can change the device’s VLAN membership.
  • Reduced Network Traffic: traffic is reduced because of the confinment of the broadcast domains on the network.

Frames are forwarded between VLANs in 3 steps:

  1. The IP address of the packets destination is not on the smae VLAN as the host
  2. The host sends the packet to its IP default gateway’s MAC address
  3. The packet is forwarded to this MAC address by a router.

IEEE 802.1Q Standard establishes the method for inserting VLAN membership information in the Ethernet frames using trunking encapsulation

VLAN components:

  • Switches: Entry point into the network for end-station devices
  • Trucks: Create a point-to-point link between multiple switch ports
  • Routers: Enable communication between VLANs

VLAN membership can be configured using

  • port-based: each port is assigned to a VLAN
  • MAC address-based: switch does not need to be reconfigured if a user moves to a different port. Can be time consuming. single MAC addresses can not easily be a member of multiple VLANs. (This makes it difficult to share server resources between multiple VLANs.)

This entry was posted on January 2, 2009 at 2:15 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply