Static Virtual LANs (VLANs)
Port-Based Virtual LANs (Static VLANs)
General Use and Operation. Port-based VLANs are typically used to
reduce broadcast traffic and to increase security. A group of network users
assigned to a VLAN forms a broadcast domain that is separate from other
VLANs that may be configured on a switch. On a given switch, packets are
forwarded only between ports that belong to the same VLAN. Thus, all ports
carrying traffic for a particular subnet address should be configured to the
same VLAN. Cross-domain broadcast traffic in the switch is eliminated and
bandwidth is saved by not allowing packets to flood out all ports. Separate
VLANs on the switch can communicate with each other through either IP
static routing configured on the switch, or through an external router.
For example, referring to figure 2-1, if ports A1 through A4 belong to VLAN_1
and ports A5 through A8 belong to VLAN_2, traffic from end-node stations on
ports A2 through A4 is restricted to only VLAN_1, while traffic from ports A5
through A7 is restricted to only VLAN_2. For nodes on VLAN_1 to communi-
cate with VLAN_2, their traffic must go through an external router via ports
A1 and A8.
Switch with Two
VLANs Configured
Port A2
Port A3
Port A4
VLAN_1
Port A1
External
Router
Port A5
Port A8
Port A6
Port A7
VLAN_2
Figure 2-1. Example of Routing Between VLANs via an External Router
Overlapping (Tagged) VLANs. A port on the switch can be a member of
more than one VLAN if the device to which it is connected complies with the
802.1Q VLAN standard. For example, a port connected to a central server using
a network interface card (NIC) that complies with the 802.1Q standard can be
a member of multiple VLANs, allowing members of multiple VLANs to use the
server. Although these VLANs cannot communicate with each other through
the server, they can all access the server over the same connection from the
switch. Where VLANs overlap in this way, VLAN “tags” are used to distinguish
between traffic from different VLANs.
2-5
To Next Page
Loading...
