Overview
Virtual LAN; a logical, not physical, group of devices, defined by software. VLANs allow network administrators to resegment their networks without physically rearranging the devices or network connections¹. A VLAN (Virtual LAN) is a network composed of logical broadcast domains. For example, let us say you have a two story building, with 3 different departments on each floor. Each department [on both floors] must communicate together directly. They also produce a large amount local traffic. What is the best solution for this situation? A Virtual LAN (VLAN) is the best way to reduce overall network traffic spawning from each department. Normally, connecting these users would be challenging because these users would lie on 2 different switches, and possibly different subnets or gateways creating network latency. Specifying VLAN rules in both switches logically groups each department together. See the image below:
This diagram gives you the basic idea of VLAN membership. You can see how the floors of the building are seperate and that each department is represted by a different color. The switches lie below and the trunk link is represented by the lightning bolt.
Types of Membership
There are several different types of memberships associated with VLANs:
- Static VLANs
- Dynamic VLANs
Static VLANs are specified by switch port. For example, let us say a 12 port fast ethernet switch is split for the creation of 2 VLANs. The first 6 ports are associated with VLAN1 and the last 6 ports are associated with VLAN2. If a machine is moved from port 3 to port 11, it will effectively change VLANs.
Dynamic VLANs are specified by MAC address. Assuming the same scenario, a system administrator will enter MAC addresses for all machines connecting to the switch. These addresses will be stored in a memory chip inside the switch that forms a database of local MAC addresses. Each MAC address can then be associated with a certain VLAN. This way, if a machine is moved, it will retain the original VLAN membership reguardless of it's port number.
Dynamic VLANs are specified by MAC address. Assuming the same scenario, a system administrator will enter MAC addresses for all machines connecting to the switch. These addresses will be stored in a memory chip inside the switch that forms a database of local MAC addresses. Each MAC address can then be associated with a certain VLAN. This way, if a machine is moved, it will retain the original VLAN membership reguardless of it's port number.
VLAN Tagging
Moving VLAN data over multiple subnets and routers requires a special process called VLAN tagging. The act of VLAN tagging simply adds extra information in the packet header of ethernet frames so routers know how to pass along the data. This method is commonly used in large networks, or with VLANs that span across wide geographic areas.
VLAN Enabled Switches
Not all switches support VLANs. While most expensive switches do, you won't get "the works" unless your using a Cisco Catalyst. Cisco has created proprietary protocols to manage VLANs. VLAN Trunking Protocol (VTP) enables Cisco switches to advertise VLAN routes to other VTP enabled switches. It also allows a system administrator to manage all VLANs from a central point and order all switches to update the VLAN information along the entire network. 3com Superstack switches also have great VLAN support. However, there have been some compatibility issues associated with mutli-vendor VLAN devices. Most orgainizations using VLANs have figured out it is worth shelling out the extra cash to go with Cisco equipment and get the extra features and fuctionality.
No comments:
Post a Comment