Information Technology Reference
In-Depth Information
VLANs allow you to break up switched environments into multiple broadcast domains.
Here is the basic summary of a VLAN:
A VLAN = A Broadcast Domain = An IP Subnet
There are many benefits to using VLANs in an organization, some of which include the
following:
Increased performance:
By reducing the size of the broadcast domain, network
devices run more efficiently.
■
Improved manageability:
The division of the network into logical groups of users,
applications, or servers allows you to understand and manage the network better.
■
Physical topology independence:
VLANs allow you to group users regardless of
their physical location in the campus network. If departments grow or relocate to a
new area of the network, you can simply change the VLAN on their new ports with-
out making any physical network changes.
■
Increased security:
A VLAN boundary marks the end of a logical subnet. To reach
other subnets (VLANs), you must pass through a routed (Layer 3) device. Any time
you send traffic through a router, you have the opportunity to add filtering options
(such as access lists) and other security measures.
■
VLAN Trunking/Tagging
VLANs are able to transcend individual switches, as shown in Figure 3-4.
If a member of VLAN_GRAY sends a broadcast message, it goes to all VLAN_GRAY
ports on both switches. The same holds true for VLAN_WHITE. To accommodate this,
the connection between the switches must carry traffic for multiple VLANs. This type of
port is known as a trunk port.
Trunk ports are often called tagged ports because the switches send frames between each
other with a VLAN “tag” in place. Figure 3-5 illustrates the following process:
1.
HostA (in VLAN_GRAY) wants to send data to HostD (also in VLAN_GRAY).
HostA transmits the data to SwitchA.
2.
SwitchA receives the data and realizes that HostD is available through the FastEther-
net 0/24 port (because HostD's MAC address has been learned on this port). Because
FastEthernet 0/24 is configured as a trunk port, SwitchA puts the VLAN_GRAY tag
in the IP header and sends the frame to SwitchB.
3.
SwitchB processes the VLAN_GRAY tag because the FastEthernet 0/24 port is con-
figured as a trunk. Before sending the frame to HostD, the VLAN_GRAY tag is re-
moved from the header.
4.
The tagless frame is sent to HostD.
