SlideShare a Scribd company logo

VLAN (virtual local area network)

Netwax Lab
Netwax Lab

In computer networking, a single layer-2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them via one or more routers; such a domain is referred to as a virtual local area network, virtual LAN or VLAN. A virtual local area network (VLAN) is a logical group of workstations, servers and network devices that appear to be on the same LAN despite their geographical distribution. A VLAN allows a network of computers and users to communicate in a simulated environment as if they exist in a single LAN and are sharing a single broadcast and multicast domain.

Technology
1 of 9
Download to read offline
VLAN (Virtual Local Area Network) In computer networking, a single layer-2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them via one or more routers; such a domain is referred to as a virtual local area network, virtual LAN or VLAN. A virtual local area network (VLAN) is a logical group of workstations, servers and network devices that appear to be on the same LAN despite their geographical distribution. A VLAN allows a network of computers and users to communicate in a simulated environment as if they exist in a single LAN and are sharing a single broadcast and multicast domain. VLANs are implemented to achieve scalability, security and ease of network management and can quickly adapt to change in network requirements and relocation of workstations and server nodes. Higher-end switches allow the functionality and implementation of VLANs. The purpose of implementing a VLAN is to improve the performance of a network or apply appropriate security features. A VLAN allows several networks to work virtually as an LAN. One of the most beneficial elements of a VLAN is that it removes latency in the network, which saves network resources and increases network efficiency. In addition, VLANs are created to provide segmentation and assist in issues like security, network management and scalability. Traffic patterns can also easily be controlled by using VLANs. VLANs are configured through software rather than hardware, which makes them extremely flexible. One of the biggest advantages of VLANs is that when a computer is physically moved to another location, it can stay on the same VLAN without any hardware reconfiguration. Figure 1 Physical View
VLAN (Virtual Local Area Network) Physical n Logical view of a VLAN VLAN's also allow broadcast domains to be defined without using routers. Bridging software is used instead to define which workstations are to be included in the broadcast domain. Routers would only have to be used to communicate between two VLAN's VLANs can be used to partition a local network into several distinctive segments, for example: 1. Production 2. Voice over IP 3. Network management 4. Storage area network (SAN) 5. Guest network 6. Demilitarized zone (DMZ) 7. Client separation (ISP) In a common infrastructure shared across VLAN trunks can provide a very high level of security with great flexibility for a comparatively low cost. Quality of Service schemes can optimize traffic on trunk links for realtime (VoIP) or low-latency requirements (Storage Area Network). History? After successful experiments with Voice over Ethernet from 1981 to 1984, Dr. W. David Sincoskie joined Bellcore and began addressing the problem of scaling up Ethernet networks. At 10 Mbit/s, Ethernet was faster than most alternatives at the time; however, Ethernet was a broadcast network and there was no good way of connecting multiple Ethernet networks together. This limited the total bandwidth of an Ethernet network to 10 Mbit/s and the maximum distance between any two nodes to a few hundred feet. Why use VLAN's? VLAN's offer a number of advantages over traditional LAN's. They are: Figure 2 Logical View
VLAN (Virtual Local Area Network) 1) Performance In networks where traffic consists of a high percentage of broadcasts and multicasts, VLAN's can reduce the need to send such traffic to unnecessary destinations. For example, in a broadcast domain consisting of 10 users, if the broadcast traffic is intended only for 5 of the users, then placing those 5 users on a separate VLAN can reduce traffic. Compared to switches, routers require more processing of incoming traffic. As the volume of traffic passing through the routers increases, so does the latency in the routers, which results in reduced performance. The use of VLAN's reduces the number of routers needed, since VLAN's create broadcast domains using switches instead of routers. 2) Formation of Virtual Workgroups Nowadays, it is common to find cross-functional product development teams with members from different departments such as marketing, sales, accounting, and research. These workgroups are usually formed for a short period of time. During this period, communication between members of the workgroup will be high. To contain broadcasts and multicasts within the workgroup, a VLAN can be set up for them. With VLAN's it is easier to place members of a workgroup together. Without VLAN's, the only way this would be possible is to physically move all the members of the workgroup closer together. However, virtual workgroups do not come without problems. Consider the situation where one user of the workgroup is on the fourth floor of a building, and the other workgroup members are on the second floor. Resources such as a printer would be located on the second floor, which would be inconvenient for the lone fourth floor user. Another problem with setting up virtual workgroups is the implementation of centralized server farms, which are essentially collections of servers and major resources for operating a network at a central location. The advantages here are numerous, since it is more efficient and cost-effective to provide better security, uninterrupted power supply, consolidated backup, and a proper operating environment in a single area than if the major resources were scattered in a building. Centralized server farms can cause problems when setting up virtual workgroups if servers cannot be placed on more than one VLAN. In such a case, the server would be placed on a single VLAN and all other VLAN's trying to access the server would have to go through a router; this can reduce performance. 3) Simplified Administration Seventy percent of network costs are a result of adds, moves, and changes of users in the network [ Buerger]. Every time a user is moved in a LAN, recabling, new station addressing, and reconfiguration of hubs and routers becomes necessary. Some of these tasks can be simplified with the use of VLAN's. If a user is moved within a VLAN, reconfiguration of routers is unnecessary. In addition, depending on the type of VLAN, other administrative work can be reduced or eliminated [ Cisco white paper]. However
VLAN (Virtual Local Area Network) the full power of VLAN's will only really be felt when good management tools are created which can allow network managers to drag and drop users into different VLAN's or to set up aliases. Despite this saving, VLAN's add a layer of administrative complexity, since it now becomes necessary to manage virtual workgroups. 4) Reduced Cost VLAN's can be used to create broadcast domains which eliminate the need for expensive routers. 5) Security Periodically, sensitive data may be broadcast on a network. In such cases, placing only those users who can have access to that data on a VLAN can reduce the chances of an outsider gaining access to the data. VLAN's can also be used to control broadcast domains, set up firewalls, restrict access, and inform the network manager of an intrusion. VLANs also have some disadvantages and limitations as listed below: 1. High risk of virus issues because one infected system may spread a virus through the whole logical network. 2. Equipment limitations in very large networks because additional routers might be needed to control the workload. 3. More effective at controlling latency than a WAN but less efficient than a LAN. Establishing VLAN Memberships? The two common approaches to assigning VLAN membership are as follows:  Static VLANs  Dynamic VLANs Static VLANs are also referred to as port-based VLANs. Static VLAN assignments are created by assigning ports to a VLAN. As a device enters the network, the device automatically assumes the VLAN of the port. If the user changes ports and needs access to the same VLAN, the network administrator must manually make a port-to-VLAN assignment for the new connection. Dynamic VLANs are created using software. With a VLAN Management Policy Server (VMPS), an administrator can assign switch ports to VLANs dynamically based on information such as the source MAC address of the device connected to the port or the username used to log onto that device. As a device enters the network, the switch queries a database for the VLAN membership of the port that device is connected to.
VLAN (Virtual Local Area Network) Types of VLAN's VLAN membership can be classified by port, MAC address, and protocol type: 1) Layer 1 VLAN: Membership by Port Membership in a VLAN can be defined based on the ports that belong to the VLAN. For example, in a bridge with four ports, ports 1, 2, and 4 belong to VLAN 1 and port 3 belongs to VLAN 2. Port VLAN 1 1 2 1 3 2 4 1 Assignment of ports to different VLAN's The main disadvantage of this method is that it does not allow for user mobility. If a user moves to a different location away from the assigned bridge, the network manager must reconfigure the VLAN. 2) Layer 2 VLAN: Membership by MAC Address Here, membership in a VLAN is based on the MAC address of the workstation. The switch tracks the MAC addresses which belong to each VLAN (see Figure4). Since MAC addresses form a part of the workstation's network interface card, when a workstation is moved, no reconfiguration is needed to allow the workstation to remain in the same VLAN. This is unlike Layer 1 VLAN's where membership tables must be reconfigured. MAC Address VLAN 1212354145121 1 2389234873743 2 3045834758445 2 5483573475843 1 Assignment of MAC addresses to different VLAN's The main problem with this method is that VLAN membership must be assigned initially. In networks with thousands of users, this is no easy task. Also, in environments where notebook PC's are used, the MAC address is associated with the docking station and not with the notebook PC. Consequently, when a notebook PC is moved to a different docking station, its VLAN membership must be reconfigured. 3) Layer 2 VLAN: Membership by Protocol Type VLAN membership for Layer 2 VLAN's can also be based on the protocol type field found in the Layer 2 header.
VLAN (Virtual Local Area Network) Protocol VLAN IP 1 IPX 2 Assignment of protocols to different VLAN's 4) Layer 3 VLAN: Membership by IP Subnet Address Membership is based on the Layer 3 header. The network IP subnet address can be used to classify VLAN membership. IP Subnet VLAN 23.2.24 1 26.21.35 2 Assignment of IP subnet addresses to different VLAN's Although VLAN membership is based on Layer 3 information, this has nothing to do with network routing and should not be confused with router functions. In this method, IP addresses are used only as a mapping to determine membership in VLAN's. No other processing of IP addresses is done. In Layer 3 VLAN's, users can move their workstations without reconfiguring their network addresses. The only problem is that it generally takes longer to forward packets using Layer 3 information than using MAC addresses. 5) Higher Layer VLAN's It is also possible to define VLAN membership based on applications or service, or any combination thereof. For example, file transfer protocol (FTP) applications can be executed on one VLAN and telnet applications on another VLAN. The 802.1Q draft standard defines Layer 1 and Layer 2 VLAN's only. Protocol type based VLAN's and higher layer VLAN's have been allowed for, but are not defined in this standard. As a result, these VLAN's will remain proprietary. Types of Connections Devices on a VLAN can be connected in three ways based on whether the connected devices are VLAN- aware or VLAN-unaware. Recall that a VLAN-aware device is one which understands VLAN memberships (i.e. which users belong to a VLAN) and VLAN formats. 1) Trunk Link All the devices connected to a trunk link, including workstations, must be VLAN-aware. All frames on a trunk link must have a special header attached. These special frames are called tagged frames.
VLAN (Virtual Local Area Network) 2) Access Link An access link connects a VLAN-unaware device to the port of a VLAN-aware bridge. All frames on access links must be implicitly tagged (untagged). The VLAN-unaware device can be a LAN segment with VLAN-unaware workstations or it can be a number of LAN segments containing VLAN-unaware devices (legacy LAN). 3) Hybrid Link This is a combination of the previous two links. This is a link where both VLAN-aware and VLAN-unaware devices are attached. A hybrid link can have both tagged and untagged frames, but all the frames for a specific VLAN must be either tagged or untagged. It must also be noted that the network can have a combination of all three types of links. Figure 3 Trunk link between two VLAN-aware bridges. Figure 4 Access link between a VLAN-aware bridge and a VLAN-unaware device. Figure 5 Hybrid link containing both VLAN- aware and VLAN-unaware devices.
VLAN (Virtual Local Area Network) Default Ethernet VLAN Configuration The switch module supports only Ethernet interfaces. Table shows the default configuration for Ethernet VLANs. Parameter Default Range VLAN ID 1 1 to 4094. Note Extended-range VLANs (VLAN IDs 1006 to 4094) are not saved in the VLAN database. VLAN name VLANxxxx , where xxxx represents four numeric digits (including leading zeros) equal to the VLAN ID number No range 802.10 SAID 100001 (100000 plus the VLAN ID) 1 to 4294967294 MTU size 1500 1500 to 9198 Translational bridge 1 0 0 to1005 Translational bridge 2 0 0 to1005 VLAN state active active, suspend Remote SPAN disabled enabled, disabled Private VLANs none configured 2 to 1001, 1006 to 4094. UNI-ENI VLAN UNI-ENI isolated VLAN 2 to 1001, 1006 to 4094. VLAN 1 is always a UNI-ENI isolated VLAN. Protocol-based VLANs? In a switch that supports protocol-based VLANs, traffic is handled on the basis of its protocol. Essentially, this segregates or forwards traffic from a port depending on the particular protocol of that traffic; traffic of any other protocol is not forwarded on the port. For example, it is possible to connect the following to a given switch: 1. A host generating ARP traffic to port 10 2. A network with IPX traffic to port 20 3. A router forwarding IP traffic to port 30
VLAN (Virtual Local Area Network) If a protocol-based VLAN is created that supports IP and contains all three ports, this prevents IPX traffic from being forwarded to ports 10 and 30, and ARP traffic from being forwarded to ports 20 and 30, while still allowing IP traffic to be forwarded on all three ports. Protocols and design? 1) IEEE 802.1Q 2) Cisco VLAN Trunking Protocol (VTP) 3) Multiple VLAN Registration Protocol 4) Shortest Path Bridging Creating or Modifying an Ethernet VLAN To access VLAN configuration mode, enter the vlan global configuration command with a VLAN ID. Enter a new VLAN ID to create a VLAN, or enter an existing VLAN ID to modify that VLAN. You can use the default VLAN configuration or enter commands to configure the VLAN. Switch# configure terminal Switch(config)# vlan 20 Switch(config-vlan)# name test20 Switch(config-vlan)# end Assigning Static-Access Ports to a VLAN You can assign a static-access port to a VLAN. Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface fastethernet0/1 Switch(config-if)# switchport mode access Switch(config-if)# switchport access vlan 2 Switch(config-if)# end Configuring a Trunk Port Beginning in privileged EXEC mode, follow these steps to configure a port as an 802.1Q trunk port: Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface fastethernet0/2 Switch(config-if)# switchport mode trunk Switch(config-if)# switchport trunk native vlan 33 Switch(config-if)# end

Recommended

Vlan
VlanVlan
VlanMadhya Pradesh Madhya Kshetra Vidyut Vitran Co., Ltd.
 
Vlan
Vlan Vlan
Vlan
Said Rahim Manandoy
 
Vlan
VlanVlan
Vlan
Ardhendu Nandi
 
Benefits of vlan
Benefits of vlanBenefits of vlan
Benefits of vlan
Logitrain
 
Virtual LAN
Virtual LANVirtual LAN
Virtual LAN
Lilesh Pathe
 
VLAN
VLANVLAN
VLAN
Varsha Honde
 
Vlan
VlanVlan
Vlan
ilias ahmed
 
Vlans (virtual local area networks)
Vlans (virtual local area networks)Vlans (virtual local area networks)
Vlans (virtual local area networks)
Kanishk Raj
 

Recommended

Vlan
VlanVlan
VlanMadhya Pradesh Madhya Kshetra Vidyut Vitran Co., Ltd.
 
Vlan
Vlan Vlan
Vlan
Said Rahim Manandoy
 
Vlan
VlanVlan
Vlan
Ardhendu Nandi
 
Benefits of vlan
Benefits of vlanBenefits of vlan
Benefits of vlan
Logitrain
 
Virtual LAN
Virtual LANVirtual LAN
Virtual LAN
Lilesh Pathe
 
VLAN
VLANVLAN
VLAN
Varsha Honde
 
Vlan
VlanVlan
Vlan
ilias ahmed
 
Vlans (virtual local area networks)
Vlans (virtual local area networks)Vlans (virtual local area networks)
Vlans (virtual local area networks)
Kanishk Raj
 
vlan
vlanvlan
vlan
Mohammadnoor Noori
 
Virtual lan
Virtual lanVirtual lan
Virtual lanAbhishek Kesharwani
 
VLAN
VLANVLAN
VLANAlberto Jimenez
 
Vlan final
Vlan finalVlan final
Vlan finalVeena Rao
 
Advantages of VLAN
Advantages of VLANAdvantages of VLAN
Advantages of VLAN
NetProtocol Xpert
 
Vlan
VlanVlan
VlanMayank Saxena
 
Virtual LAN
Virtual LANVirtual LAN
Virtual LAN
Darshan Dalwadi
 
Virtual local area networks
Virtual local area networksVirtual local area networks
Virtual local area networks
Anonymouscb2blyVKFr
 
Lan & vlan
Lan & vlanLan & vlan
Lan & vlan
Bharat Sanchar Nigam Limited
 
Vlan
Vlan Vlan
Vlan sanss40
 
Presentation
PresentationPresentation
Presentation
Ismail Miah
 
Vlan Types
Vlan TypesVlan Types
Vlan Types
IT Tech
 
VLAN Network for Extreme Networks
VLAN Network for Extreme NetworksVLAN Network for Extreme Networks
VLAN Network for Extreme Networks
Dani Royman Simanjuntak
 
Day 14.2 inter vlan
Day 14.2 inter vlanDay 14.2 inter vlan
Day 14.2 inter vlan
CYBERINTELLIGENTS
 
Virtual Local Area Network (VLAN)
Virtual Local Area Network (VLAN)Virtual Local Area Network (VLAN)
Virtual Local Area Network (VLAN)
Mohammad Javad Abdolmaleki
 
Vlans and inter vlan routing
Vlans and inter vlan routingVlans and inter vlan routing
Vlans and inter vlan routing
Mohammedseleim
 
Mod8 vlans
Mod8 vlansMod8 vlans
Mod8 vlans
Mohan Kumaresan
 
Vlans
VlansVlans
Vlans
Raghu Udiyar
 
Lesson 16 vlan
Lesson 16 vlanLesson 16 vlan
Lesson 16 vlan
Anisur Rahman
 
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)
Abdelkhalik Mosa
 
Virtual local area network
Virtual local area networkVirtual local area network
Virtual local area networkVeena Rao
 
Eincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iiiEincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iii
Netwax Lab
 

More Related Content

What's hot

vlan
vlanvlan
vlan
Mohammadnoor Noori
 
Advantages of VLAN
Advantages of VLANAdvantages of VLAN
Advantages of VLAN
NetProtocol Xpert
 
Virtual LAN
Virtual LANVirtual LAN
Virtual LAN
Darshan Dalwadi
 
Virtual local area networks
Virtual local area networksVirtual local area networks
Virtual local area networks
Anonymouscb2blyVKFr
 
Lan & vlan
Lan & vlanLan & vlan
Lan & vlan
Bharat Sanchar Nigam Limited
 
Presentation
PresentationPresentation
Presentation
Ismail Miah
 
Vlan Types
Vlan TypesVlan Types
Vlan Types
IT Tech
 
VLAN Network for Extreme Networks
VLAN Network for Extreme NetworksVLAN Network for Extreme Networks
VLAN Network for Extreme Networks
Dani Royman Simanjuntak
 
Day 14.2 inter vlan
Day 14.2 inter vlanDay 14.2 inter vlan
Day 14.2 inter vlan
CYBERINTELLIGENTS
 
Virtual Local Area Network (VLAN)
Virtual Local Area Network (VLAN)Virtual Local Area Network (VLAN)
Virtual Local Area Network (VLAN)
Mohammad Javad Abdolmaleki
 
Vlans and inter vlan routing
Vlans and inter vlan routingVlans and inter vlan routing
Vlans and inter vlan routing
Mohammedseleim
 
Mod8 vlans
Mod8 vlansMod8 vlans
Mod8 vlans
Mohan Kumaresan
 
Vlans
VlansVlans
Vlans
Raghu Udiyar
 
Lesson 16 vlan
Lesson 16 vlanLesson 16 vlan
Lesson 16 vlan
Anisur Rahman
 
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)
Abdelkhalik Mosa
 

What's hot (20)

vlan
vlanvlan
vlan
 
Virtual lan
Virtual lanVirtual lan
Virtual lan
 
VLAN
VLANVLAN
VLAN
 
Vlan final
Vlan finalVlan final
Vlan final
 
Advantages of VLAN
Advantages of VLANAdvantages of VLAN
Advantages of VLAN
 
Vlan
VlanVlan
Vlan
 
Virtual LAN
Virtual LANVirtual LAN
Virtual LAN
 
Virtual local area networks
Virtual local area networksVirtual local area networks
Virtual local area networks
 
Lan & vlan
Lan & vlanLan & vlan
Lan & vlan
 
Vlan
Vlan Vlan
Vlan
 
Presentation
PresentationPresentation
Presentation
 
Vlan Types
Vlan TypesVlan Types
Vlan Types
 
VLAN Network for Extreme Networks
VLAN Network for Extreme NetworksVLAN Network for Extreme Networks
VLAN Network for Extreme Networks
 
Day 14.2 inter vlan
Day 14.2 inter vlanDay 14.2 inter vlan
Day 14.2 inter vlan
 
Virtual Local Area Network (VLAN)
Virtual Local Area Network (VLAN)Virtual Local Area Network (VLAN)
Virtual Local Area Network (VLAN)
 
Vlans and inter vlan routing
Vlans and inter vlan routingVlans and inter vlan routing
Vlans and inter vlan routing
 
Mod8 vlans
Mod8 vlansMod8 vlans
Mod8 vlans
 
Vlans
VlansVlans
Vlans
 
Lesson 16 vlan
Lesson 16 vlanLesson 16 vlan
Lesson 16 vlan
 
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)
 

Viewers also liked

Virtual local area network
Virtual local area networkVirtual local area network
Virtual local area networkVeena Rao
 
Eincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iiiEincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iii
Netwax Lab
 
OSPF (open shortest path first) part ii
OSPF (open shortest path first) part iiOSPF (open shortest path first) part ii
OSPF (open shortest path first) part ii
Netwax Lab
 
Wireless Technology
Wireless TechnologyWireless Technology
Wireless Technology
Netwax Lab
 
IP Address
IP AddressIP Address
IP Address
Netwax Lab
 
Introduction of Networking
Introduction of NetworkingIntroduction of Networking
Introduction of Networking
Netwax Lab
 
119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut
nicolelemmimg
 
STP Protection
STP ProtectionSTP Protection
STP Protection
Netwax Lab
 
TCP Intercept
TCP InterceptTCP Intercept
TCP Intercept
Netwax Lab
 
Nxll24 i pv6
Nxll24 i pv6Nxll24 i pv6
Nxll24 i pv6
Netwax Lab
 
SSL Web VPN
SSL Web VPNSSL Web VPN
SSL Web VPN
Netwax Lab
 
Nxll23 i pv6
Nxll23 i pv6Nxll23 i pv6
Nxll23 i pv6
Netwax Lab
 
OSPF (open shortest path first) part iii
OSPF (open shortest path first) part iiiOSPF (open shortest path first) part iii
OSPF (open shortest path first) part iii
Netwax Lab
 
OSPF Route Filtering
OSPF Route FilteringOSPF Route Filtering
OSPF Route Filtering
Netwax Lab
 
Networking Devices
Networking DevicesNetworking Devices
Networking Devices
Netwax Lab
 
VPN (virtual private network)
VPN (virtual private network) VPN (virtual private network)
VPN (virtual private network)
Netwax Lab
 
VRF Configuration
VRF ConfigurationVRF Configuration
VRF Configuration
Netwax Lab
 
Proxy Server
Proxy ServerProxy Server
Proxy Server
Netwax Lab
 
Why We Need IPv6
Why We Need IPv6Why We Need IPv6
Why We Need IPv6
Netwax Lab
 
Frame Relay
Frame RelayFrame Relay
Frame Relay
Netwax Lab
 

Viewers also liked (20)

Virtual local area network
Virtual local area networkVirtual local area network
Virtual local area network
 
Eincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iiiEincop Netwax Lab: EIGRP iii
Eincop Netwax Lab: EIGRP iii
 
OSPF (open shortest path first) part ii
OSPF (open shortest path first) part iiOSPF (open shortest path first) part ii
OSPF (open shortest path first) part ii
 
Wireless Technology
Wireless TechnologyWireless Technology
Wireless Technology
 
IP Address
IP AddressIP Address
IP Address
 
Introduction of Networking
Introduction of NetworkingIntroduction of Networking
Introduction of Networking
 
119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut119163798 icnd1-practice-questions-9tut
119163798 icnd1-practice-questions-9tut
 
STP Protection
STP ProtectionSTP Protection
STP Protection
 
TCP Intercept
TCP InterceptTCP Intercept
TCP Intercept
 
Nxll24 i pv6
Nxll24 i pv6Nxll24 i pv6
Nxll24 i pv6
 
SSL Web VPN
SSL Web VPNSSL Web VPN
SSL Web VPN
 
Nxll23 i pv6
Nxll23 i pv6Nxll23 i pv6
Nxll23 i pv6
 
OSPF (open shortest path first) part iii
OSPF (open shortest path first) part iiiOSPF (open shortest path first) part iii
OSPF (open shortest path first) part iii
 
OSPF Route Filtering
OSPF Route FilteringOSPF Route Filtering
OSPF Route Filtering
 
Networking Devices
Networking DevicesNetworking Devices
Networking Devices
 
VPN (virtual private network)
VPN (virtual private network) VPN (virtual private network)
VPN (virtual private network)
 
VRF Configuration
VRF ConfigurationVRF Configuration
VRF Configuration
 
Proxy Server
Proxy ServerProxy Server
Proxy Server
 
Why We Need IPv6
Why We Need IPv6Why We Need IPv6
Why We Need IPv6
 
Frame Relay
Frame RelayFrame Relay
Frame Relay
 

Similar to VLAN (virtual local area network)

Virtual local area networks
Virtual local area networksVirtual local area networks
Virtual local area networksRavi Kodoli
 
VLAN and its implementation
VLAN and its implementation VLAN and its implementation
VLAN and its implementation
Mohit Kumar
 
A backbone network can be constructed as a switched backbone, a route.docx
A backbone network can be constructed as a switched backbone, a route.docx A backbone network can be constructed as a switched backbone, a route.docx
A backbone network can be constructed as a switched backbone, a route.docx
ajoy21
 
VIRTUAL LANS (VLANS).pptx
VIRTUAL LANS (VLANS).pptxVIRTUAL LANS (VLANS).pptx
VIRTUAL LANS (VLANS).pptx
KISHOYIANKISH
 
Inter vlan routing plus configuration
Inter vlan routing plus configurationInter vlan routing plus configuration
Inter vlan routing plus configuration
Mohammedseleim
 
2.pptx
2.pptx2.pptx
2.pptx
ssuser06efe61
 
Transceviers
TransceviersTransceviers
Transceviers
vinay mp
 
Design and Implementation of Network Security using Inter-VLAN-Routing and DHCP
Design and Implementation of Network Security using Inter-VLAN-Routing and DHCPDesign and Implementation of Network Security using Inter-VLAN-Routing and DHCP
Design and Implementation of Network Security using Inter-VLAN-Routing and DHCP
Associate Professor in VSB Coimbatore
 
Vlan configuration in medium sized network
Vlan configuration in medium sized networkVlan configuration in medium sized network
Vlan configuration in medium sized network
Arnold Derrick Kinney
 
4270 vlan-tutorial
4270 vlan-tutorial4270 vlan-tutorial
4270 vlan-tutorial
jagacisco
 
4270-vlan-tutorial.ppt
4270-vlan-tutorial.ppt4270-vlan-tutorial.ppt
4270-vlan-tutorial.ppt
JordanJohmMallillin
 
VLAN _SLAN and VSAN.pptx
VLAN _SLAN and VSAN.pptxVLAN _SLAN and VSAN.pptx
VLAN _SLAN and VSAN.pptx
Venneladonthireddy1
 
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram SnehiVLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
MR. VIKRAM SNEHI
 
Vlan.pdf
Vlan.pdfVlan.pdf
Vlan.pdf
itwkd
 
W3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdf
W3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdfW3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdf
W3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdf
gummybear37
 
CCNP Switching Chapter 3
CCNP Switching Chapter 3CCNP Switching Chapter 3
CCNP Switching Chapter 3
Chaing Ravuth
 
mod8-VLANs.ppt
mod8-VLANs.pptmod8-VLANs.ppt
mod8-VLANs.ppt
SAROORNAGARCMCORE
 
VLAN -VIRTUAL LAN -COMPUTER NETWORKS
VLAN -VIRTUAL LAN -COMPUTER NETWORKSVLAN -VIRTUAL LAN -COMPUTER NETWORKS
VLAN -VIRTUAL LAN -COMPUTER NETWORKS
NITHIN KALLE PALLY
 

Similar to VLAN (virtual local area network) (20)

Virtual local area networks
Virtual local area networksVirtual local area networks
Virtual local area networks
 
Virtual lan
Virtual lanVirtual lan
Virtual lan
 
VLAN and its implementation
VLAN and its implementation VLAN and its implementation
VLAN and its implementation
 
A backbone network can be constructed as a switched backbone, a route.docx
A backbone network can be constructed as a switched backbone, a route.docx A backbone network can be constructed as a switched backbone, a route.docx
A backbone network can be constructed as a switched backbone, a route.docx
 
VIRTUAL LANS (VLANS).pptx
VIRTUAL LANS (VLANS).pptxVIRTUAL LANS (VLANS).pptx
VIRTUAL LANS (VLANS).pptx
 
28 VLAN.pptx
28 VLAN.pptx28 VLAN.pptx
28 VLAN.pptx
 
Inter vlan routing plus configuration
Inter vlan routing plus configurationInter vlan routing plus configuration
Inter vlan routing plus configuration
 
2.pptx
2.pptx2.pptx
2.pptx
 
Transceviers
TransceviersTransceviers
Transceviers
 
Design and Implementation of Network Security using Inter-VLAN-Routing and DHCP
Design and Implementation of Network Security using Inter-VLAN-Routing and DHCPDesign and Implementation of Network Security using Inter-VLAN-Routing and DHCP
Design and Implementation of Network Security using Inter-VLAN-Routing and DHCP
 
Vlan configuration in medium sized network
Vlan configuration in medium sized networkVlan configuration in medium sized network
Vlan configuration in medium sized network
 
4270 vlan-tutorial
4270 vlan-tutorial4270 vlan-tutorial
4270 vlan-tutorial
 
4270-vlan-tutorial.ppt
4270-vlan-tutorial.ppt4270-vlan-tutorial.ppt
4270-vlan-tutorial.ppt
 
VLAN _SLAN and VSAN.pptx
VLAN _SLAN and VSAN.pptxVLAN _SLAN and VSAN.pptx
VLAN _SLAN and VSAN.pptx
 
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram SnehiVLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
VLAN Virtual Area Network ,Switch,Ethernet ,VIkram Snehi
 
Vlan.pdf
Vlan.pdfVlan.pdf
Vlan.pdf
 
W3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdf
W3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdfW3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdf
W3-Presentation-VLANs-AMA COMPUTER COLLEGE.pdf
 
CCNP Switching Chapter 3
CCNP Switching Chapter 3CCNP Switching Chapter 3
CCNP Switching Chapter 3
 
mod8-VLANs.ppt
mod8-VLANs.pptmod8-VLANs.ppt
mod8-VLANs.ppt
 
VLAN -VIRTUAL LAN -COMPUTER NETWORKS
VLAN -VIRTUAL LAN -COMPUTER NETWORKSVLAN -VIRTUAL LAN -COMPUTER NETWORKS
VLAN -VIRTUAL LAN -COMPUTER NETWORKS
 

More from Netwax Lab

Eincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static routeEincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static route
Netwax Lab
 
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Netwax Lab
 
Eincop Netwax Lab: Redistribution
Eincop Netwax Lab: RedistributionEincop Netwax Lab: Redistribution
Eincop Netwax Lab: Redistribution
Netwax Lab
 
Eincop Netwax Lab: Route Redistribution
Eincop Netwax Lab: Route RedistributionEincop Netwax Lab: Route Redistribution
Eincop Netwax Lab: Route Redistribution
Netwax Lab
 
Nxll12 zone based firewall
Nxll12 zone based firewallNxll12 zone based firewall
Nxll12 zone based firewall
Netwax Lab
 
Nxll11 bgp
Nxll11 bgpNxll11 bgp
Nxll11 bgp
Netwax Lab
 
Nxll09 access list
Nxll09 access listNxll09 access list
Nxll09 access list
Netwax Lab
 
Nxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarizationNxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarization
Netwax Lab
 
Nxll10 v lan and trunking
Nxll10 v lan and trunkingNxll10 v lan and trunking
Nxll10 v lan and trunking
Netwax Lab
 
Nxll16 basic asa v8.2
Nxll16 basic asa v8.2Nxll16 basic asa v8.2
Nxll16 basic asa v8.2
Netwax Lab
 
Nxll20 na ting
Nxll20 na ting Nxll20 na ting
Nxll20 na ting
Netwax Lab
 
Nxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asaNxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asa
Netwax Lab
 
Nxll17 dynamic routing with asa
Nxll17 dynamic routing with asaNxll17 dynamic routing with asa
Nxll17 dynamic routing with asa
Netwax Lab
 
Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)
Netwax Lab
 
Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)
Netwax Lab
 
Nxll22 role based cli
Nxll22 role based cliNxll22 role based cli
Nxll22 role based cli
Netwax Lab
 
Nxll25 hsrp with failover
Nxll25 hsrp with failoverNxll25 hsrp with failover
Nxll25 hsrp with failover
Netwax Lab
 
Nxll26 bgp ii
Nxll26 bgp iiNxll26 bgp ii
Nxll26 bgp ii
Netwax Lab
 
Nxll28 ospf iii
Nxll28 ospf iiiNxll28 ospf iii
Nxll28 ospf iii
Netwax Lab
 
Eincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking iiEincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking ii
Netwax Lab
 

More from Netwax Lab (20)

Eincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static routeEincop Netwax Lab: Lab 1 static route
Eincop Netwax Lab: Lab 1 static route
 
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
Eincop Netwax Lab: HSRP (Hot Standby Router Protocol)
 
Eincop Netwax Lab: Redistribution
Eincop Netwax Lab: RedistributionEincop Netwax Lab: Redistribution
Eincop Netwax Lab: Redistribution
 
Eincop Netwax Lab: Route Redistribution
Eincop Netwax Lab: Route RedistributionEincop Netwax Lab: Route Redistribution
Eincop Netwax Lab: Route Redistribution
 
Nxll12 zone based firewall
Nxll12 zone based firewallNxll12 zone based firewall
Nxll12 zone based firewall
 
Nxll11 bgp
Nxll11 bgpNxll11 bgp
Nxll11 bgp
 
Nxll09 access list
Nxll09 access listNxll09 access list
Nxll09 access list
 
Nxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarizationNxll21 ospf filtering & summarization
Nxll21 ospf filtering & summarization
 
Nxll10 v lan and trunking
Nxll10 v lan and trunkingNxll10 v lan and trunking
Nxll10 v lan and trunking
 
Nxll16 basic asa v8.2
Nxll16 basic asa v8.2Nxll16 basic asa v8.2
Nxll16 basic asa v8.2
 
Nxll20 na ting
Nxll20 na ting Nxll20 na ting
Nxll20 na ting
 
Nxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asaNxll14 cut through-proxy on asa
Nxll14 cut through-proxy on asa
 
Nxll17 dynamic routing with asa
Nxll17 dynamic routing with asaNxll17 dynamic routing with asa
Nxll17 dynamic routing with asa
 
Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)Nxll18 vpn (s2 s gre & dmvpn)
Nxll18 vpn (s2 s gre & dmvpn)
 
Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)Nxll19 vrrp (virtual router redundancy protocol)
Nxll19 vrrp (virtual router redundancy protocol)
 
Nxll22 role based cli
Nxll22 role based cliNxll22 role based cli
Nxll22 role based cli
 
Nxll25 hsrp with failover
Nxll25 hsrp with failoverNxll25 hsrp with failover
Nxll25 hsrp with failover
 
Nxll26 bgp ii
Nxll26 bgp iiNxll26 bgp ii
Nxll26 bgp ii
 
Nxll28 ospf iii
Nxll28 ospf iiiNxll28 ospf iii
Nxll28 ospf iii
 
Eincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking iiEincop Netwax Lab: Vlan and Trunking ii
Eincop Netwax Lab: Vlan and Trunking ii
 

Recently uploaded

PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
UiPathCommunity
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 

Recently uploaded (20)

PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 

VLAN (virtual local area network)

  • 1. VLAN (Virtual Local Area Network) In computer networking, a single layer-2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them via one or more routers; such a domain is referred to as a virtual local area network, virtual LAN or VLAN. A virtual local area network (VLAN) is a logical group of workstations, servers and network devices that appear to be on the same LAN despite their geographical distribution. A VLAN allows a network of computers and users to communicate in a simulated environment as if they exist in a single LAN and are sharing a single broadcast and multicast domain. VLANs are implemented to achieve scalability, security and ease of network management and can quickly adapt to change in network requirements and relocation of workstations and server nodes. Higher-end switches allow the functionality and implementation of VLANs. The purpose of implementing a VLAN is to improve the performance of a network or apply appropriate security features. A VLAN allows several networks to work virtually as an LAN. One of the most beneficial elements of a VLAN is that it removes latency in the network, which saves network resources and increases network efficiency. In addition, VLANs are created to provide segmentation and assist in issues like security, network management and scalability. Traffic patterns can also easily be controlled by using VLANs. VLANs are configured through software rather than hardware, which makes them extremely flexible. One of the biggest advantages of VLANs is that when a computer is physically moved to another location, it can stay on the same VLAN without any hardware reconfiguration. Figure 1 Physical View
  • 2. VLAN (Virtual Local Area Network) Physical n Logical view of a VLAN VLAN's also allow broadcast domains to be defined without using routers. Bridging software is used instead to define which workstations are to be included in the broadcast domain. Routers would only have to be used to communicate between two VLAN's VLANs can be used to partition a local network into several distinctive segments, for example: 1. Production 2. Voice over IP 3. Network management 4. Storage area network (SAN) 5. Guest network 6. Demilitarized zone (DMZ) 7. Client separation (ISP) In a common infrastructure shared across VLAN trunks can provide a very high level of security with great flexibility for a comparatively low cost. Quality of Service schemes can optimize traffic on trunk links for realtime (VoIP) or low-latency requirements (Storage Area Network). History? After successful experiments with Voice over Ethernet from 1981 to 1984, Dr. W. David Sincoskie joined Bellcore and began addressing the problem of scaling up Ethernet networks. At 10 Mbit/s, Ethernet was faster than most alternatives at the time; however, Ethernet was a broadcast network and there was no good way of connecting multiple Ethernet networks together. This limited the total bandwidth of an Ethernet network to 10 Mbit/s and the maximum distance between any two nodes to a few hundred feet. Why use VLAN's? VLAN's offer a number of advantages over traditional LAN's. They are: Figure 2 Logical View
  • 3. VLAN (Virtual Local Area Network) 1) Performance In networks where traffic consists of a high percentage of broadcasts and multicasts, VLAN's can reduce the need to send such traffic to unnecessary destinations. For example, in a broadcast domain consisting of 10 users, if the broadcast traffic is intended only for 5 of the users, then placing those 5 users on a separate VLAN can reduce traffic. Compared to switches, routers require more processing of incoming traffic. As the volume of traffic passing through the routers increases, so does the latency in the routers, which results in reduced performance. The use of VLAN's reduces the number of routers needed, since VLAN's create broadcast domains using switches instead of routers. 2) Formation of Virtual Workgroups Nowadays, it is common to find cross-functional product development teams with members from different departments such as marketing, sales, accounting, and research. These workgroups are usually formed for a short period of time. During this period, communication between members of the workgroup will be high. To contain broadcasts and multicasts within the workgroup, a VLAN can be set up for them. With VLAN's it is easier to place members of a workgroup together. Without VLAN's, the only way this would be possible is to physically move all the members of the workgroup closer together. However, virtual workgroups do not come without problems. Consider the situation where one user of the workgroup is on the fourth floor of a building, and the other workgroup members are on the second floor. Resources such as a printer would be located on the second floor, which would be inconvenient for the lone fourth floor user. Another problem with setting up virtual workgroups is the implementation of centralized server farms, which are essentially collections of servers and major resources for operating a network at a central location. The advantages here are numerous, since it is more efficient and cost-effective to provide better security, uninterrupted power supply, consolidated backup, and a proper operating environment in a single area than if the major resources were scattered in a building. Centralized server farms can cause problems when setting up virtual workgroups if servers cannot be placed on more than one VLAN. In such a case, the server would be placed on a single VLAN and all other VLAN's trying to access the server would have to go through a router; this can reduce performance. 3) Simplified Administration Seventy percent of network costs are a result of adds, moves, and changes of users in the network [ Buerger]. Every time a user is moved in a LAN, recabling, new station addressing, and reconfiguration of hubs and routers becomes necessary. Some of these tasks can be simplified with the use of VLAN's. If a user is moved within a VLAN, reconfiguration of routers is unnecessary. In addition, depending on the type of VLAN, other administrative work can be reduced or eliminated [ Cisco white paper]. However
  • 4. VLAN (Virtual Local Area Network) the full power of VLAN's will only really be felt when good management tools are created which can allow network managers to drag and drop users into different VLAN's or to set up aliases. Despite this saving, VLAN's add a layer of administrative complexity, since it now becomes necessary to manage virtual workgroups. 4) Reduced Cost VLAN's can be used to create broadcast domains which eliminate the need for expensive routers. 5) Security Periodically, sensitive data may be broadcast on a network. In such cases, placing only those users who can have access to that data on a VLAN can reduce the chances of an outsider gaining access to the data. VLAN's can also be used to control broadcast domains, set up firewalls, restrict access, and inform the network manager of an intrusion. VLANs also have some disadvantages and limitations as listed below: 1. High risk of virus issues because one infected system may spread a virus through the whole logical network. 2. Equipment limitations in very large networks because additional routers might be needed to control the workload. 3. More effective at controlling latency than a WAN but less efficient than a LAN. Establishing VLAN Memberships? The two common approaches to assigning VLAN membership are as follows:  Static VLANs  Dynamic VLANs Static VLANs are also referred to as port-based VLANs. Static VLAN assignments are created by assigning ports to a VLAN. As a device enters the network, the device automatically assumes the VLAN of the port. If the user changes ports and needs access to the same VLAN, the network administrator must manually make a port-to-VLAN assignment for the new connection. Dynamic VLANs are created using software. With a VLAN Management Policy Server (VMPS), an administrator can assign switch ports to VLANs dynamically based on information such as the source MAC address of the device connected to the port or the username used to log onto that device. As a device enters the network, the switch queries a database for the VLAN membership of the port that device is connected to.
  • 5. VLAN (Virtual Local Area Network) Types of VLAN's VLAN membership can be classified by port, MAC address, and protocol type: 1) Layer 1 VLAN: Membership by Port Membership in a VLAN can be defined based on the ports that belong to the VLAN. For example, in a bridge with four ports, ports 1, 2, and 4 belong to VLAN 1 and port 3 belongs to VLAN 2. Port VLAN 1 1 2 1 3 2 4 1 Assignment of ports to different VLAN's The main disadvantage of this method is that it does not allow for user mobility. If a user moves to a different location away from the assigned bridge, the network manager must reconfigure the VLAN. 2) Layer 2 VLAN: Membership by MAC Address Here, membership in a VLAN is based on the MAC address of the workstation. The switch tracks the MAC addresses which belong to each VLAN (see Figure4). Since MAC addresses form a part of the workstation's network interface card, when a workstation is moved, no reconfiguration is needed to allow the workstation to remain in the same VLAN. This is unlike Layer 1 VLAN's where membership tables must be reconfigured. MAC Address VLAN 1212354145121 1 2389234873743 2 3045834758445 2 5483573475843 1 Assignment of MAC addresses to different VLAN's The main problem with this method is that VLAN membership must be assigned initially. In networks with thousands of users, this is no easy task. Also, in environments where notebook PC's are used, the MAC address is associated with the docking station and not with the notebook PC. Consequently, when a notebook PC is moved to a different docking station, its VLAN membership must be reconfigured. 3) Layer 2 VLAN: Membership by Protocol Type VLAN membership for Layer 2 VLAN's can also be based on the protocol type field found in the Layer 2 header.
  • 6. VLAN (Virtual Local Area Network) Protocol VLAN IP 1 IPX 2 Assignment of protocols to different VLAN's 4) Layer 3 VLAN: Membership by IP Subnet Address Membership is based on the Layer 3 header. The network IP subnet address can be used to classify VLAN membership. IP Subnet VLAN 23.2.24 1 26.21.35 2 Assignment of IP subnet addresses to different VLAN's Although VLAN membership is based on Layer 3 information, this has nothing to do with network routing and should not be confused with router functions. In this method, IP addresses are used only as a mapping to determine membership in VLAN's. No other processing of IP addresses is done. In Layer 3 VLAN's, users can move their workstations without reconfiguring their network addresses. The only problem is that it generally takes longer to forward packets using Layer 3 information than using MAC addresses. 5) Higher Layer VLAN's It is also possible to define VLAN membership based on applications or service, or any combination thereof. For example, file transfer protocol (FTP) applications can be executed on one VLAN and telnet applications on another VLAN. The 802.1Q draft standard defines Layer 1 and Layer 2 VLAN's only. Protocol type based VLAN's and higher layer VLAN's have been allowed for, but are not defined in this standard. As a result, these VLAN's will remain proprietary. Types of Connections Devices on a VLAN can be connected in three ways based on whether the connected devices are VLAN- aware or VLAN-unaware. Recall that a VLAN-aware device is one which understands VLAN memberships (i.e. which users belong to a VLAN) and VLAN formats. 1) Trunk Link All the devices connected to a trunk link, including workstations, must be VLAN-aware. All frames on a trunk link must have a special header attached. These special frames are called tagged frames.
  • 7. VLAN (Virtual Local Area Network) 2) Access Link An access link connects a VLAN-unaware device to the port of a VLAN-aware bridge. All frames on access links must be implicitly tagged (untagged). The VLAN-unaware device can be a LAN segment with VLAN-unaware workstations or it can be a number of LAN segments containing VLAN-unaware devices (legacy LAN). 3) Hybrid Link This is a combination of the previous two links. This is a link where both VLAN-aware and VLAN-unaware devices are attached. A hybrid link can have both tagged and untagged frames, but all the frames for a specific VLAN must be either tagged or untagged. It must also be noted that the network can have a combination of all three types of links. Figure 3 Trunk link between two VLAN-aware bridges. Figure 4 Access link between a VLAN-aware bridge and a VLAN-unaware device. Figure 5 Hybrid link containing both VLAN- aware and VLAN-unaware devices.
  • 8. VLAN (Virtual Local Area Network) Default Ethernet VLAN Configuration The switch module supports only Ethernet interfaces. Table shows the default configuration for Ethernet VLANs. Parameter Default Range VLAN ID 1 1 to 4094. Note Extended-range VLANs (VLAN IDs 1006 to 4094) are not saved in the VLAN database. VLAN name VLANxxxx , where xxxx represents four numeric digits (including leading zeros) equal to the VLAN ID number No range 802.10 SAID 100001 (100000 plus the VLAN ID) 1 to 4294967294 MTU size 1500 1500 to 9198 Translational bridge 1 0 0 to1005 Translational bridge 2 0 0 to1005 VLAN state active active, suspend Remote SPAN disabled enabled, disabled Private VLANs none configured 2 to 1001, 1006 to 4094. UNI-ENI VLAN UNI-ENI isolated VLAN 2 to 1001, 1006 to 4094. VLAN 1 is always a UNI-ENI isolated VLAN. Protocol-based VLANs? In a switch that supports protocol-based VLANs, traffic is handled on the basis of its protocol. Essentially, this segregates or forwards traffic from a port depending on the particular protocol of that traffic; traffic of any other protocol is not forwarded on the port. For example, it is possible to connect the following to a given switch: 1. A host generating ARP traffic to port 10 2. A network with IPX traffic to port 20 3. A router forwarding IP traffic to port 30
  • 9. VLAN (Virtual Local Area Network) If a protocol-based VLAN is created that supports IP and contains all three ports, this prevents IPX traffic from being forwarded to ports 10 and 30, and ARP traffic from being forwarded to ports 20 and 30, while still allowing IP traffic to be forwarded on all three ports. Protocols and design? 1) IEEE 802.1Q 2) Cisco VLAN Trunking Protocol (VTP) 3) Multiple VLAN Registration Protocol 4) Shortest Path Bridging Creating or Modifying an Ethernet VLAN To access VLAN configuration mode, enter the vlan global configuration command with a VLAN ID. Enter a new VLAN ID to create a VLAN, or enter an existing VLAN ID to modify that VLAN. You can use the default VLAN configuration or enter commands to configure the VLAN. Switch# configure terminal Switch(config)# vlan 20 Switch(config-vlan)# name test20 Switch(config-vlan)# end Assigning Static-Access Ports to a VLAN You can assign a static-access port to a VLAN. Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface fastethernet0/1 Switch(config-if)# switchport mode access Switch(config-if)# switchport access vlan 2 Switch(config-if)# end Configuring a Trunk Port Beginning in privileged EXEC mode, follow these steps to configure a port as an 802.1Q trunk port: Switch# configure terminal Enter configuration commands, one per line. End with CNTL/Z. Switch(config)# interface fastethernet0/2 Switch(config-if)# switchport mode trunk Switch(config-if)# switchport trunk native vlan 33 Switch(config-if)# end