- A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2)
VLANs allow network administrators to group hosts together even if the hosts are not on the same network switch.
Without VLANs, grouping hosts according to their resource needs necessitates the labour of relocating nodes and/or rewiring data links.
https://en.wikipedia.org/wiki/Virtual_LAN
- A VLAN is a group of end stations with a common set of requirements, independent of physical location. VLANs have the same attributes as a physical LAN but allow you to group end stations even if they are not located physically on the same LAN segment
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/vlans.html
VLAN Explained
isolating departments via LAN, finance dept uses seperate LAN
hosts must be on different switches in order to seperate LANs
virtual LAN, VLAN is a logical network, logical segmentation
multiple networks/LANs on the same physical network switch
traffic from VLAN1 is logically seperated from VLAN2 inside the same switch, isolated traffic
VLAN logical segmentation, not physical segmentation
deploying 2 different LANs is the same as deploying 2 different VLAN on the same hardware
VLAN reduce HW: router-on-a-stick
interVLAN traffic requires a router or Layer3 switch
VLAN1 as default VLAN
Layer2 frame header contains VLANID(tag)
VLAN ports
port VLAN ID (PVID)
access ports (hosts, single PVID)
trunk ports, connect to other trunk ports on VLAN ready devices like switches,access points
trunk ports can carry untagged traffics if desired, one VLANID should be assigned to untagged traffic
At Layer2 each VLAN is seperate broadcast domain(VLANID in frame header)
At Layer3 each VLAN is assigned IP range.
No comments:
Post a Comment