120 likes | 237 Views
VLANs (Virtual LANs). CS 158B Elaine Lim Allison Nham. LANs vs. VLANs…. In a traditional LAN... Users are grouped physically based on the hub they are plugged into Routers segment the LAN and provide broadcast boundaries In VLANs...
E N D
VLANs (Virtual LANs) CS 158B Elaine Lim Allison Nham
LANs vs. VLANs… • In a traditional LAN... • Users are grouped physically based on the hub they are plugged into • Routers segment the LAN and provide broadcast boundaries • In VLANs... • Group users logically by function, department or application • Configuration is done through special software
A sample VLAN network Source: Cisco IOS Switching Services Configuration Guide
How VLANs work When a switch receives data from a workstation, it tags the data with a VLAN identifier that indicates which VLAN the data originally came from A packet can only travel from one broadcast domain to another if both domains have the same identifier To set up VLANs, we need VLAN-aware switching devices that must comply with IEEE 802.1Q standards Intelligent switches (operate at the MAC layer) or Routers (operate at the network layer of the OSI reference model)
Static VLANs • Defined • Static VLANs are when ports on a switch are administratively assigned to a VLAN • Benefits • Secure & easy to configure and monitor • Works well in networks where moves are controlled Source: Cisco IOS Switching Services Configuration Guide
Dynamic VLANs • Defined • Switch ports can automatically determine a user’s VLAN assignment based on: • MAC address • Protocol type • Benefits • Less administration when users are added or moved • Centralized notification of unauthorized user Source: Cisco IOS Switching Services Configuration Guide
Frame Processing • Switches make filtering and forwarding decisions based on data in the frame • There are two techniques used • Frame Filtering - examines particular information about each frame (MAC address or Layer 3 protocol type) • Frame Tagging - places a unique identifier in the header of each frame as it is forwarded throughout the network backbone
Frame Tagging • A preferred way to implement VLANs • Uniquely assigns a VLAN ID to each frame before it is forwarded across the backbone • Is removed by the switch after frame exits the backbone Source: Cisco IOS Switching Services Configuration Guide
Traffic Between VLANs • Switches do not forward frames between different VLANs. A router does this!!! • Trunking – a method that supports multiple VLANs that have members on more than one switch • Two popular trunking protocols: • Cisco Inter-Switch Link (ISL) • IEEE 802.1Q Source: How stuff works
Inter-Switched Link (ISL) • Cisco created ISL before the IEEE standardized a trunking protocol • ISL is Cisco proprietary; it can only be used between two Cisco switches • ISL encapsulates each frame in an ISL header & trailer
IEEE 802.1Q • 802.1Q is an open standard that can be used with multi-vendor switches • 802.1Q does not encapsulate – it adds an extra 4-bytes header to the middle of the original Ethernet header • 802.1Q forces a recalculation of FCS
Disadvantage & Advantages • Disadvantage: • VLANs require significant overhead • Advantages: • More Security • Ease of administration • Broadcast control • Reduction in network traffic