Scribd
Upload
6 views

Lect # 4 - Virtual Local Area Network (VLAN)

Uploaded by

krop6766
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
6 views

Lect # 4 - Virtual Local Area Network (VLAN)

Uploaded by

krop6766
Copyright
© © All Rights Reserved
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 31

Understanding Virtual

LANs and Trunks


Sayed Elham Sadat
[email protected]
Normal Switch
Multiple Collision domain
One subnet
One broadcast domain
Limited security

Sayed Elham Sadat


[email protected]
Virtual LAN
Logically groups users
Segments broadcast
domain
More subnets
Security
Access Control
Quality of Service

Sayed Elham Sadat


[email protected]
Links in Switch Environment
Access Port
 An access port belongs to and carries the traffic of only one
VLAN.
 this can be referred to as the configured VLAN of the port.
Trunk Port
 A trunk link is a 100- or 1000Mbps point-to-point link
between two switches, between a switch and router, or even
between a switch and server, and it carries the traffic of
multiple VLANs—from 1 to 4,094 at a time (though it’s really
only up to 1,005 unless you’re going with extended VLANs).

Sayed Elham Sadat


[email protected]
VLAN Introduction
VLANs logically segment switched networks based on
the functions, project teams, or applications of the
organization regardless of the physical location or
connections to the network.
All workstations and servers used by a particular
workgroup share the same VLAN, regardless of the
physical connection or location.

Sayed Elham Sadat


[email protected]
Cont..
A workstation in a VLAN group is restricted to
communicating with stations in the same VLAN
group.

Sayed Elham Sadat


[email protected]
Cont..

VLANs function by logically segmenting the network


into different broadcast domains so that packets are
only switched between ports that are designated for
the same VLAN.

Routers in VLAN
topologies provide
broadcast filtering,
security, and traffic
flow management.

Sayed Elham Sadat


[email protected]
Cont..
VLANs address scalability, security, and network
management.
Ports that do not belong to that VLAN do not share
these broadcasts
This improves network performance because
unnecessary broadcasts are reduced
Traffic should only be routed between VLANs.

Sayed Elham Sadat


[email protected]
VLAN Operation
Each switch port could be assigned to a different VLAN.
Ports assigned to the same VLAN share broadcasts.
Ports that do not belong to that VLAN do not share these
broadcasts.

Sayed Elham Sadat


[email protected]
VLAN Operation Cont..
Users attached to the same shared segment, share
the bandwidth of that segment.
Each additional user attached to the shared medium
means less bandwidth and deterioration of network
performance.
VLANs offer more bandwidth to users than a shared
network.

Sayed Elham Sadat


[email protected]
Benefits of VLAN

Sayed Elham Sadat


[email protected]
Benefits of VLAN cont’d.
VLANs allow network administrators to organize LANs
logically instead of physically.

Easily move workstations on the LAN


Easily add workstations to the LAN
Easily change the LAN configuration
Easily control network traffic
Improve security

Sayed Elham Sadat


[email protected]
How does it work?
Bridge receives data from a workstation, it tags the
data with a VLAN identifier (This is called explicit
tagging)
In implicit tagging the data is not tagged, VLAN
determine the port on which the data arrived
Tagging can be based on
 The port from which it came
 The source Media Access Control (MAC) field
 The source network address

Sayed Elham Sadat


[email protected]
Frame Tagging Methods

Sayed Elham Sadat


[email protected]
To understand how VLAN's work, there is need to look at the types
of VLAN

TYPES OF VLAN
Virtual Local Area Network

Sayed Elham Sadat


[email protected]
Default VLAN
The default VLAN for every port in the switch is the
management VLAN – VLAN 1.

The management VLAN is always VLAN 1 and may


not be deleted.

At least one port must be assigned to VLAN 1 in


order to manage the switch.

Sayed Elham Sadat


[email protected]
Static VLAN Membership
Static membership VLANs are called port-based and
port- centric membership VLANs

Static VLANs are ports on a switch that are manually


assigned to a VLAN

All moves are controlled and managed.

Sayed Elham Sadat


[email protected]
Dynamic VLAN Membership
Dynamic membership VLANs are created through
network management software
CiscoWorks 2000
Membership is based on the MAC address of the
device connected to the switch port

Network administrator gets all the device’s MAC


addresses and put it into a database.

Sayed Elham Sadat


[email protected]
Types of VLAN
Three basic VLAN memberships for determining and
controlling how a packet entering a switch gets
assigned to a VLAN.

Sayed Elham Sadat


[email protected]
Port driven VLANs
Most common configuration method

User assigned by port association

Easily administered through GUIs

Maximizes security between VLANs

Packets do not “leak” into other domains

Sayed Elham Sadat


[email protected]
Port driven VLANs cont’d.
User assigned port association ???
For example, in a bridge with four ports, ports 1, 2,
and 4 belong to VLAN 1 and port 3 belongs to VLAN 2

Port VLAN
1 1
2 1 Disadvantage:
3 2 • Does not allow for user mobility
4 1
Assignment of ports to different VLAN's.

Sayed Elham Sadat


[email protected]
MAC address driven VLANs
User assigned based on MAC addresses

Offers flexibility
For Example : Since MAC addresses form a
part of the workstation's network interface card,
when a workstation is moved, no reconfiguration is
needed to allow the workstation to remain in the
same VLAN

Impacts performance, scalbility, and administration

Sayed Elham Sadat


[email protected]
MAC address driven VLANs cont’d

MAC Address VLAN

1212354145121 1

2389234873743 2

3045834758445 2

5483579475843 1

Assignment of MAC addresses to different VLAN's

Sayed Elham Sadat


[email protected]
MAC address driven VLANs cont’d
Disadvantage
VLAN membership must be assigned initially.

In networks with thousands of users. Also, in


environments where notebook PC's are used, the
MAC address is associated with the docking station
and not with the notebook PC. Consequently, when a
notebook PC is moved to a different docking station,
its VLAN membership must be reconfigured.

Sayed Elham Sadat


[email protected]
Network address driven VLANs
The network IP subnet address can be used to
classify VLAN membership

IP Subnet VLAN
23.2.24 1
26.21.35 2

Assignment of IP subnet addresses to different VLAN's

Sayed Elham Sadat


[email protected]
VLAN Configuration
Virtual Local Area Network

Sayed Elham Sadat


[email protected]
Configuration of a Static VLAN
Static VLANs are ports on a switch that are manually
assigned to a VLAN

That can be accomplished with a VLAN management


application or configured directly into the switch
through the CLI

Sayed Elham Sadat


[email protected]
VLAN Configuration
Creating VLANs
 The following figure shows the steps to assign a new VLAN to a
port on the Sydney switch.
 Sayed# config terminal
 Sayed(config)#vlan 10
 Sayed(config-vlan)#name BCS
 Sayed(config-vlan)#vlan 20
 Sayed(config-vlan)#name BBA
Assigning ports to VLAN
 The following commands can be used to assign ports to a VLAN.
 Sayed#config terminal
 Sayed(config)#interface fastethernet 0/5
 Sayed(config-if)#switch port access vlan 10

Sayed Elham Sadat


[email protected]
VLAN Configuration
Verification of VLAN Configuration
 The following commands can be used to verify VLAN
configurations
 Sayed# show vlan
 Sayed# show vlan brief
 Sayed# show vlan id 10
Deleting VLAN
 The following commands can be used to Delete VLAN
configurations
 Sayed# vlan database
 Sayed(vlan)# no vlan 10

Sayed Elham Sadat


[email protected]
Question?
How many broadcast domain exist in the scenario
presented in the graphic?

Sayed Elham Sadat


[email protected]
Thank You!
Sayed Elham Sadat
[email protected]

You might also like