D-Link DGS-3200-10 Product Manual - Page 76
VLAN Description, Notes about VLANs on the Switch, IEEE 802.1Q VLANs
UPC - 790069306310
View all D-Link DGS-3200-10 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 76 highlights
xStack® DGS-3200 Series Layer 2 Gigabit Ethernet Managed Switch VLAN Description A Virtual Local Area Network (VLAN) is a network topology configured according to a l ogical scheme rather than the physical layout. VLANs can be used to combine any collection of LAN segments into an a utonomous user group that appears as a si ngle LAN. VLANs also log ically segment th e netw ork into different broadcast domains so that packets are forwarded only between ports within the VLAN. Typically, a VLAN corresponds to a particular subnet, although not necessarily. VLANs can enhance performance by conserving bandwidth, and improve security by limiting traffic to specific domains. A VLAN is a collection of end nodes grouped by logic instead of physical location. End nodes that frequently communicate with each other are assigned to t he same VLAN, regardless of where they are physically on the network. Logically, a VL AN can be equated to a broadca st domain, because broadcast packets are forwarded to only members of th e VLAN on which t he broadcast was initiated. Notes about VLANs on the Switch No matter what basis is u sed to uniquely identify end nodes and assign these nodes VLAN membership, packets cannot cross VLANs without a network device performing a routing function between the VLANs. The Sw itch supports I EEE 802.1Q VLANs. Th e por t un tagging f unction ca n be u sed t o rem ove t he 8 02.1Q t ag f rom packet headers to maintain compatibility with devices that are tag-unaware. The Switch's default is to assign all ports to a single 802.1Q VLAN named "default." The "default" VLAN has a VID = 1. The member ports of Port-based VLANs may overlap, if desired. IEEE 802.1Q VLANs Some relevant terms: Tagging - The act of putting 802.1Q VLAN information into the header of a packet. Untagging - The act of stripping 802.1Q VLAN information out of the packet header. Ingress port - A port on a switch where packets are flowing into the Switch and VLAN decisions must be made. Egress p ort - A por t on a sw itch where pack ets ar e flowing out of t he Switch , either to an other s witch or t o a n en d station, and tagging decisions must be made. IEEE 802.1Q (tagged) VLANs are implemented on the S witch. 802.1Q VLANs require tagging, which enables them to span the entire network (assuming all switches on the network are IEEE 802.1Q-compliant). VLANs allow a network to be segmented in order to reduce the size of broadcast domains. All packets entering a VLAN will only be forwarded to the stations (over IEEE 802.1Q enabled switches) that are members of that VLAN, and this includes broadcast, multicast and unicast packets from unknown sources. VLANs can also provide a level of security to your network. IEEE 802.1Q VLANs will only deliver packets between stations that are members of the VLAN. Any port can be configured as either tagging or untagging. The untagging feature of IEEE 802.1Q VLANs allows VLANs to work with leg acy switch es t hat do n't recog nize VLAN tag s i n packet headers. Th e tag ging feature allows VLANs to sp an m ultiple 802.1Q-compliant switches through a si ngle physical connection and allows Spanning Tree to be enabled on all ports and work normally. The IEEE 802.1Q standard restricts the forwarding of untagged packets to the VLAN the receiving port is a member of. The main characteristics of IEEE 802.1Q are as follows: Assigns packets to VLANs by filtering. Assumes the presence of a single global spanning tree. Uses an explicit tagging scheme with one-level tagging. 802.1Q VLAN Packet Forwarding Packet forwarding decisions are made based upon the following three types of rules: Ingress rules - rules relevant to the classification of received frames belonging to a VLAN. 63