What Is Vlan
Essay by review • February 2, 2011 • Research Paper • 3,088 Words (13 Pages) • 1,860 Views
Contents
What is a VLAN?
Advantages of VLANs
Types of VLANs
Requirements to set up VLANs
Communication in a VLAN explained
Creating the VLAN
Maintaining the VLAN
Conclusion
References
What is a VLAN?
According to IT Portal (2002), a Virtual Local Area Network (VLAN) may be defined as a group of LANs that have different physical connections, but which communicate as if they are connected on a single network segment. VLANs were created because IT administrators realised that there was a need for a network segmenting solution, since network traffic increases with network size.
VLANs increase overall network performance by grouping users and resources that communicate most frequently with each other. This means that the use of unicast or broadcast data transmission is limited, and traffic is reduced. It is a software based solution and allows IT administrators to adapt to networking changes.
Advantages of VLANs
VLANs provide the following advantages:
Ease of administration
VLANs enable logical grouping of end-stations that are physically dispersed on a network. When users on a VLAN move to a new physical location but continue to perform the same job function, the end-stations of those users do not need to be reconfigured. Similarly, if users change their job function, they need not physically move: changing the VLAN membership of the end-stations to that of the new team makes the users' end-stations local to the resources of the new team.
Confinement of broadcast domains
VLANs reduce the need to have routers deployed on a network to contain broadcast traffic. Flooding of a packet is limited to the switch ports that belong to a VLAN.
Reduction in network traffic
As a result of confinement of broadcast domains on a network, traffic on the network is significantly reduced.
Enforcement of security policies
By confining the broadcast domains, end-stations on a VLAN can be isolated from listening to or receiving broadcasts not intended for them. Moreover, if a router is not connected between the VLANs, the end-stations of a VLAN cannot communicate with the end-stations of the other VLANs.
Types of VLANs
According to Intel Corporation (2002), in general, there are three basic models for determining and controlling how a packet gets assigned to a VLAN.
Port-based VLANs
In this implementation, the administrator assigns each port of a switch to a VLAN. For example, ports 1-3 might be assigned to the Sales VLAN, ports 4-6 to the Engineering VLAN and ports 7-9 to the Administrative VLAN (see Figure 4). The switch determines the VLAN membership of each packet by noting the port on which it arrives.
When a user is moved to a different port of the switch, the administrator can simply reassign the new port to the user's old VLAN. The network change is then completely transparent to the user, and the administrator saves a trip to the wiring closet. However, this method has one significant drawback. If a repeater is attached to a port on the switch, all of the users connected to that repeater must be members of the same VLAN.
MAC address-based VLANs
The VLAN membership of a packet in this case is determined by its source or destination MAC address. Each switch maintains a table of MAC addresses and their corresponding VLAN memberships. A key advantage of this method is that the switch doesn't need to be reconfigured when a user moves to a different port.
However, assigning VLAN membership to each MAC address can be a time consuming task. Also, a single MAC address cannot easily be a member of multiple VLANs. This can be a significant limitation, making it difficult to share server resources between more than one VLAN. (Although a MAC address can theoretically be assigned to multiple VLANs, this can cause serious problems with existing bridging and routing, producing confusion in switch forwarding tables.)
Layer 3 (or protocol)-based VLANs
With this method, the VLAN membership of a packet is based on protocols (IP, IPX, NetBIOS, etc.) and Layer 3 addresses. This is the most flexible method and provides the most logical grouping of users. An IP subnet or an IPX network, for example, can each be assigned their own VLAN. Additionally, protocol-based membership allows the administrator to assign non-routable protocols, such as NetBIOS or DECnet, to larger VLANs than routable protocols like IPX or IP. This maximizes the efficiency gains that are possible with VLANs.
Another important distinction between VLAN implementations is the method used to indicate membership when a packet travels between switches. Two methods exist вЂ" implicit and explicit.
Implicit
VLAN membership is indicated by the MAC address. In this case, all switches that support a particular VLAN must share a table of member MAC addresses.
Explicit
A tag is added to the packet to indicate VLAN membership. Cisco ISL and the IEEE 802.1q VLAN specifications both use this method.
To summarize, when a packet enters its local switch, the determination
...
...