Page 22 of 22
APPENDIX C: Port-based VLAN
Port-based VLAN will help efficiently confine the broadcast traffic to the switch ports. This switch allows up
to 26 port-based VLAN groups, any one port can belong to different VLAN groups. The default VLAN group
port-based VLAN that have all ports belonging to VLAN 1.
Port-based VLANs
Packets received by the switch will be treated in the following way:
o When a packet enters a port, it only can proceed to the VLAN which the port belongs to. The packet
will be able to be sent to other ports with the same VLAN ID membership.
o If the port in which the packet entered does not have membership with the same VLAN as the
source port does, the packet will be dropped.
Example
This example basically demonstrates how the port-based VLANs work to meet your needs.
Setup the following VLANs, each with defined descriptions:
VLAN 1 (IT department)
VLAN 2 (Sales department)
VLAN 3 (Marketing department)
VLAN 4 (Accounting department).
Configure the VLAN membership. Be sure to set all of them as follows.
Setting up second VLAN group (Sales), VLAN ID = 02, with membership of ports 1~8, 25.
Setting up third VLAN group (Marketing), VLAN ID = 03, with membership of ports 7~14, 25.
Setting up fourth VLAN group (Accounting), VLAN ID = 04, with membership of ports 19~20, 25.
Setting up first VLAN group (IT), VLAN ID = 01, with membership of all ports.
Since VLAN ID 01 has been setup by default, you will have to remove the ports that belong to all other
VLAN group except port 25.
Ports 7 and 8 are kept for the usage of connecting file server and printer server. Sales and Marketing
departments can share file archives and printing services.
Port 25 provides Gigabit speed for email server and Internet connection.
The specific ports above have the following functions:
VLAN 1: Port 15 – Port 18, Port 21 – Port 24, Port 26, for IT department to monitor and control activities on
all other VLANs
VLAN 2: Port 1 – Port 8, for Sales department, port 7 and 8 connect to file archives and printer server.
VLAN 3: Port 7 – Port 14, for Marketing department, port 7 and 8 connect to file archives and printer server.
VLAN 4: Port 19 – Port 20, for Accounting department, its work is kept secret from other departments
except IT.
Scenarios:
If a packet comes in on port 2, it can go to ports 1, 3, 4, 5, 6, 7, 8, and 25, as those are the only ports in
that VLAN. A Sales person on Port 2 can get to the Internet, send and receive email, but cannot access the
marketing department print server or file archives.
To Next Page
Loading...
