D-Link DES-3624 Product Manual - Page 33

Stackable NWay Ethernet Switch User's Guide setup on your network and configure the Switch accordingly. 802.1Q VLANs support IEEE 802.1Q tagging, which enables them to span the entire network (assuming all switches on the network are IEEE 802.1Qcompliant). In contrast, MAC-based broadcast domains are limited to the Switch and devices directly connected to them. All VLANs allow a network to be segmented in order to reduce the size of broadcast domains. All broadcast, multicast, and unknown packets entering the Switch on a particular VLAN will only be forwarded to the stations or ports (802.1Q and port-based) that are members of that VLAN. 802.1Q and port-based VLANs also limit unicast packets to members of the VLAN, thus providing a degree of security to your network. Another benefit of 802.1Q and port-based VLANs is that you can change the network topology without physically moving stations or changing cable connections. Stations can be 'moved' to another VLAN and thus communicate with its members and share its resources, simply by changing the port VLAN settings from one VLAN (the sales VLAN, for example) to another VLAN (the marketing VLAN). This allows VLANs to accommodate network moves, changes and additions with the utmost flexibility. MAC-based broadcast domains, on the other hand, allow a station to be physically moved yet still belong to the same broadcast domain without having to change and configuration settings. The untagging feature of IEEE 802.1Q VLANs allows VLANs to work with legacy switches that don't recognize VLAN tags in packet headers. The tagging feature allows VLANs to span multiple 802.1Qcompliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally (BPDU packets are not tagged). MAC-Based Broadcast Domains The Switch supports up to 12 MAC-based broadcast domains, which are by their nature, limited to the Switch itself and the devices connected directly to it. Since MAC addresses are hard-wired into a station's network interface card (NIC), MAC-based broadcast domains enable network managers to move a station to a different physical location on the network and have that station automatically retain its broadcast domain membership. This provides the network with a high degree of flexibility since even notebook PC's can plug into any available port on a network and communicate with the same people and use the same resources that have been allocated to the broadcast domain in which it is a member. Since MAC-based broadcast domains do not restrict the transmission of known unicast frames to other broadcast domains, they can only be used to define limited broadcast domains. As such, they are best implemented on networks where stations are frequently moving, for example where people using notebook PCs are constantly plugging into different parts of the network. Setting up MAC-based broadcast domains is a relatively straightforward process. Simply create the broadcast domain by assigning it a name (description) and add MAC addresses for the stations that will be members. IEEE 802.1Q VLANs The Switch supports up to 2000 802.1Q VLANs. 802.1Q VLANs limit traffic that flows into and out of switch ports. Thus, all devices connected to a port are members of the VLAN(s) the port belongs to, whether there is a single computer directly connected to a switch, or an entire department. On 802.1Q VLANs, NICs do not need to be able to identify 802.1Q tags in packet headers. NICs send and receive normal Ethernet packets. If the packet's destination lies on the same segment, communications take place using normal Ethernet protocols. Even though this is always the case, when the destination for a packet lies on another Switch port, VLAN considerations come into play to decide if the packet gets dropped by the Switch or delivered. Switch Management Concepts 37