VLAN Management
Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4 223
12
VLANs on a device can be created statically or dynamically, based on the GVRP information
exchanged by devices. A VLAN can be static or dynamic (from GVRP), but not both. For
more information about GVRP, refer to the GVRP Settings section.
Some VLANs can have additional roles, including:
• Voice VLAN: For more information refer to the Voice VLAN section.
• Guest VLAN: Set in the Properties page.
• Default VLAN: VLAN1.
QinQ
QinQ provides isolation between service provider networks and customers' networks. The
device is a provider bridge that supports port-based c-tagged service interface.
With QinQ, the device adds an ID tag known as Service Tag (S-tag) to forward packets into the
provider network. The S-tag is used to segregate traffic between various customers, while
preserving the customer VLAN tags.
Customer traffic is encapsulated with an S-tag with TPID 0x8100, regardless of whether it was
originally c-tagged or untagged. The S-tag enables this traffic to be treated as an aggregate
within a provider bridge network, where the bridging is based on the S-tag VID (S-VID) only.
The S-Tag is preserved while traffic is forwarded through the network service provider's
infrastructure, and is later removed by an egress device.
An additional benefit of QinQ is that there is no need to configure customers' edge devices.
QinQ is enabled in the Interface Settings page.
Private VLAN
The Private VLAN feature provides layer-2 isolation between ports. This means that at the
level of bridging traffic, as opposed to IP routing, ports that share the same Broadcast domain
cannot communicate with each other. The ports in a private VLAN can be located anywhere in
the layer 2 network, meaning that they do not have to be on the same switch. The private
VLAN is designed to receive untagged or priority-tagged traffic and transmit untagged traffic.
The following types of ports can be members in a private VLAN:
• Promiscuous—A promiscuous port can communicate with all ports of the same
private VLAN. These ports connect servers and routers.
To Next Page
Loading...
