UMN:CLI User Manual
V5808
260
8 System Main Functions
8.1 Virtual Local Area Network (VLAN)
The first step in setting up your bridging network is to define VLAN on your switch. VLAN
is a bridged network that is logically segmented by customer or function. Each VLAN
contains a group of ports called VLAN members. On the VLAN network, packets received
on a port are forwarded only to the ports that belong to the same VLAN as the receiving
port. Network devices in different VLANs cannot communicate with one another without a
Layer 3 switching device to route traffic between the VLANs. VLAN reduces the amount
of broadcast traffic so that flow control could be realized. It also has security benefits by
completely separating traffics between different VLANs.
Enlarged Network Bandwidth
Users belonged in each different VLAN can use more enlarged bandwidth than no VLAN
composition because they do not receive unnecessary Broadcast information. A properly
implemented VLAN will restrict multicast and unknown unicast traffic to only those links
necessary to only those links necessary to reach members of the VLAN associated with
that multicast (or unknown unicast) traffic.
Cost-Effective Way
When you use VLAN to prevent unnecessary traffic loading because of broadcast, you
can get cost-effective network composition since switch is not needed.
Enhanced Security
When using a shared-bandwidth LAN, there is no inherent protection provided against
unwanted eavesdropping. In addition to eavesdropping, a malicious user on a shared
LAN can also induce problems by sending lots of traffic to specific targeted users or
network as a whole. The only cure is to physically isolate the offending user. By creating
logical partitions with VLAN technology, we further enhance the protections against both
unwanted eavesdropping and spurious transmissions. As depicted in Figure, a properly
implemented port-based VLAN allows free communication among the members of a
given VLAN, but does not forward traffic among switch ports associated with members of
different VLANs. That is, a VLAN configuration restricts traffic flow to a proper subnet
comprising exactly those links connecting members of the VLAN. Users can eavesdrop
only on the multicast and unknown unicast traffic within their own VLAN: presumably the
configured VLAN comprises a set of logically related users.
User Mobility
By defining a VLAN based on the addresses of the member stations, we can define a
workgroup independent of the physical location of its members. Unicast and multicast
traffic (including server advertisements) will propagate to all members of the VLAN so that
they can communicate freely among themselves.
To Next Page
Loading...
Need help?
General