RSS
Twitter
Facebook
• In a typical shared LAN...
– Users are grouped physically
based on the hub they are plugged into
– Routers segment the LAN and
provide broadcast firewalls
• In VLANs...
– you can group users logically
by function, department or application in use
– configuration is done through
proprietary software
– VLANs can logically segment
users into different subnets (broadcast
domains)
– Broadcast frames are only
switched between ports on the switch or
switches with the same VLAN ID.
– Users can be logically group
via software based on:
• port number
• MAC address
• protocol being used
• application being used
The above figure shows the
difference between a LAN and a VLAN
• VLANs...
– work at Layer 2 & 3
– control network broadcasts
– allow users to be assigned by
net admin.
– provide tighter network
security
The figure shows the formation of a VLAN
• A router provides connection
between different VLANs
• For example, you have VLAN1 and
VLAN2.
– Within the switch, users on
separate VLANs cannot talk to each other
(benefit of a VLAN!)
– However, users on VLAN1 can
email users on VLAN2 but they need a
router to do it.
• Switches make filtering and
forwarding decisions based on data in the frame.
• There are two techniques used.
– Frame Filtering--examines
particular information about each frame (MAC
address or layer 3 protocol type)
– Frame Tagging--places a unique
identifier in the header of each frame as it
is forwarded throughout the network backbone.
• Three methods for implementing
VLANs
– Port-Centric
– Static
– Dynamic
• Each switched port can be
assigned to a VLAN. This...
– ensures ports that do not share
the same VLAN do not share broadcasts.
– ensures ports that do share the same VLAN will
share broadcasts.
0 comments