In computer networking, a single layer-2 network may be partitioned to create multiple distinct
broadcast domains, which are mutually isolated so that packets can only pass between them via one or
more routers; such a domain is referred to as a virtual local area network, virtual LAN or VLAN.
A virtual local area network (VLAN) is a logical group of workstations, servers and network devices that
appear to be on the same LAN despite their geographical distribution. A VLAN allows a network of
computers and users to communicate in a simulated environment as if they exist in a single LAN and are
sharing a single broadcast and multicast domain.
A virtual local area network (VLAN) is a group of hosts with a common set of requirements that communicate as if they were attached to the same broadcast domain regardless of their physical location
1. An introduction of LAN.
2. An introduction of VLAN.
3. Properties of VLAN.
4. Types of VLAN.
5. VLAN Identification Method
6. VLAN Trunking Protocol.
7. Inter-VLAN routing.
in the slide we discuss - VLAN overview, effectiveness, benefits, how VLAN work, memberships mode, operations, creation Guidelines, add VLAN, accessing,managing and verifying .
A virtual local area network (VLAN) is a group of hosts with a common set of requirements that communicate as if they were attached to the same broadcast domain regardless of their physical location
1. An introduction of LAN.
2. An introduction of VLAN.
3. Properties of VLAN.
4. Types of VLAN.
5. VLAN Identification Method
6. VLAN Trunking Protocol.
7. Inter-VLAN routing.
in the slide we discuss - VLAN overview, effectiveness, benefits, how VLAN work, memberships mode, operations, creation Guidelines, add VLAN, accessing,managing and verifying .
Virtual Local Area Network (VLAN) provide a way of grouping different network devices to ensure that those devices can communicate directly with one another.
This chapter will cover how to configure, manage, and troubleshoot VLANs and
VLAN trunks. It will also examine security considerations and strategies relating
to VLANs and trunks, and best practices for VLAN design.
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)Abdelkhalik Mosa
This chapter discusses in detail the VLAN Trunking Protocol (VTP). How the VTP manages the consistency of VLAN configurations? Understanding the different components of the VTP: VTP domain, VTP Advertisements and the different VTP Modes. A switch can be configured in one of three modes: server, client, or transparent.
VTP pruning and the anatomy of VTP advertisements. The different types of VTP advertisements: summary advertisement, subset advertisement and request advertisement. This is followed by showing VTP in action.
Finally, the VTP configuration and the troubleshooting of common VTP connections problems such as incompatible VTP versions, incorrect VTP domain name and the incorrect revision number.
Virtual Local Area Network (VLAN) provide a way of grouping different network devices to ensure that those devices can communicate directly with one another.
This chapter will cover how to configure, manage, and troubleshoot VLANs and
VLAN trunks. It will also examine security considerations and strategies relating
to VLANs and trunks, and best practices for VLAN design.
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)Abdelkhalik Mosa
This chapter discusses in detail the VLAN Trunking Protocol (VTP). How the VTP manages the consistency of VLAN configurations? Understanding the different components of the VTP: VTP domain, VTP Advertisements and the different VTP Modes. A switch can be configured in one of three modes: server, client, or transparent.
VTP pruning and the anatomy of VTP advertisements. The different types of VTP advertisements: summary advertisement, subset advertisement and request advertisement. This is followed by showing VTP in action.
Finally, the VTP configuration and the troubleshooting of common VTP connections problems such as incompatible VTP versions, incorrect VTP domain name and the incorrect revision number.
Wireless networks come in many different forms, cover various distances, and provide a range of low to
high bandwidth depending on the type installed. Wireless LAN – Wireless LAN enable Laptop users to
access the Network of a company.
IP Address is a unique identification given to Host, network device, server for data communication. IP
Address stand for Internet Protocol address, it is an addressing scheme used to identify a system on a
network. It is a unique address that certain electronic devices currently use to communicate with each
other on a network using internet protocol.
A network consists of a collection of computers, printers and other compatible equipment/ hardware
that is connected together so that they can communicate with each other.
Spanning Tree Protocol (STP) resolves physically redundant topologies into loop-free, tree-like
topologies. The biggest issue with STP is that some hardware failures can cause it to fail. This failure
creates forwarding loops (or STP loops). Major network outages are caused by STP loops.
The loop guard STP feature that is intended to improve the stability of the Layer 2 networks. This
document also describes Bridge Protocol Data Unit (BPDU) skew detection. BPDU skew detection is a
diagnostic feature that generates syslog messages when BPDUs are not received in time.
TCP Intercept was developed to protect servers and other resources from Denial-of-Service (DoS)
attacks, specifically TCP SYN attacks.
Just as the name says, TCP Intercept captures incoming TCP requests. Instead of allowing direct access
to the server, TCP Intercept acts as an intermediary, establishing a connection to the server on behalf of
the requesting client.
TCP Intercept will block a client if too many incoming connections are attempted.
Networking Devices are units that mediate data in a computer network and are also called network equipment. Units which are the last receiver or generate data are called hosts or data terminal equipment.
A VPN (Virtual Private Network) extends a private network across a public network, such as the
Internet.
A VPN is a network that uses a public telecommunication infrastructure, such as the Internet, to provide
remote offices or individual users with secure access to their organization's network. A VPN ensures
privacy through security procedures and tunneling protocols such as the Layer Two Tunneling Protocol
(L2TP). Data is encrypted at the sending end and decrypted at the receiving end.
For some very basic VRF configuration follow the steps:
1. Enters VRF configuration mode and assigns a VRF name.
Router(config)#ip vrf vrf-name
2. Creates a VPN route distinguisher (RD) following one of the 16bit-ASN:32bit-number or 32bitIP:16bit-number explained above
Router(config-vrf)#rd route-distinguisher
3. Creates a list of import and/or export route target communities for the specified VRF.
Router(config-vrf)# route-target {import | export | both} route-distinguisher
4. (Optional step) Associates the specified route map with the VRF.
Router(config-vrf)# import map route-map
A Proxy Server is computer that functions as an intermediary between a web browser (such as Internet
Explorer) and the Internet. Proxy servers help improve web performance by storing a copy of frequently
used webpages. When a browser requests a webpage stored in the proxy server's collection (its cache),
it is provided by the proxy server, which is faster than going to the web. Proxy servers also help improve
security by filtering out some web content and malicious software.
A Proxy Server is a server (a computer system or an application) that acts as an intermediary for
requests from clients seeking resources from other servers.
Internet Protocol version 6 (IPv6) is the latest version of the
Internet Protocol (IP), the communications protocol that
provides an identification and location system for computers
on networks and routes traffic across the Internet.
IPv4 & IPv6 are not designed to be interoperable, complicating
the transition to IPv6. However, several IPv6 transition
mechanisms have been devised to permit communication
between IPv4 and IPv6 hosts.
Frame Relay is a high-performance WAN protocol that operates at the physical and data link layers of
the OSI reference model. Frame Relay originally was designed for use across Integrated Services Digital
Network (ISDN) interfaces. Today, it is used over a variety of other network interfaces as well.
Frame relay is a type of WAN connection use to connect one site to many remote sites through a single
physical circuit; this operation makes it easy to construct reliable and inexpensive networks.
Legacy Inter-VLAN routing: This is a legacy solution. It does not scale well.
Router-on-a-Stick: This is an acceptable solution for a small- to medium-sized network.
Layer 3 switch using switched virtual interfaces (SVIs): This is the most scalable solution for medium to large organizations.
Enterprise or campus networks are usually large in size and are difficult to manage. Network administrators are required to frequently perform deliberate changes according to the organizational needs. VLANs are broadly used in enterprise or campus networks to improve scalability, flexibility, ease of management, and to reduce broadcast. Therefore it’s providing layer_2 security as it limits the number of the broadcast domains. Nowadays in this fast-growing industrial age, every company needs the speed of data transfer from one network to another network in manufacturing to cope up with the customer’s requirements. The basic objective of our project is to develop a versatile and low-cost INTER-VLAN-ROUTING which can be utilized in any industry or campus to eliminate this problem. INTER VLAN increases the performance of the network by providing flexibility to the users to log in to any network within the same group without changing their IP address. This also reduces complexity and it also cost-effective
LAN
A Local Area Network (LAN) was originally defined as a network of computers located within the same area
Local Area Networks are defined as a single broadcast domain. This means that if a user broadcasts information on his/her LAN, the broadcast will be received by every other user on the LAN.
Broadcasts are prevented from leaving a LAN by using a router. The disadvantage of this method is routers usually take more time to process incoming data compared to a bridge or a switch
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
VLAN (virtual local area network)
1. VLAN (Virtual Local Area Network)
In computer networking, a single layer-2 network may be partitioned to create multiple distinct
broadcast domains, which are mutually isolated so that packets can only pass between them via one or
more routers; such a domain is referred to as a virtual local area network, virtual LAN or VLAN.
A virtual local area network (VLAN) is a logical group of workstations, servers and network devices that
appear to be on the same LAN despite their geographical distribution. A VLAN allows a network of
computers and users to communicate in a simulated environment as if they exist in a single LAN and are
sharing a single broadcast and multicast domain. VLANs are implemented to achieve scalability, security
and ease of network management and can quickly adapt to change in network requirements and
relocation of workstations and server nodes.
Higher-end switches allow the functionality and implementation of VLANs. The purpose of
implementing a VLAN is to improve the performance of a network or apply appropriate security
features.
A VLAN allows several networks to work virtually as an LAN. One of the most beneficial elements of a
VLAN is that it removes latency in the network, which saves network resources and increases network
efficiency. In addition, VLANs are created to provide segmentation and assist in issues like security,
network management and scalability. Traffic patterns can also easily be controlled by using VLANs.
VLANs are configured through software rather than hardware, which makes them extremely flexible.
One of the biggest advantages of VLANs is that when a computer is physically moved to another
location, it can stay on the same VLAN without any hardware reconfiguration.
Figure 1 Physical View
2. VLAN (Virtual Local Area Network)
Physical n Logical view of a VLAN
VLAN's also allow broadcast domains to be defined without using routers. Bridging software is used
instead to define which workstations are to be included in the broadcast domain. Routers would only
have to be used to communicate between two VLAN's
VLANs can be used to partition a local network into several distinctive segments, for example:
1. Production
2. Voice over IP
3. Network management
4. Storage area network (SAN)
5. Guest network
6. Demilitarized zone (DMZ)
7. Client separation (ISP)
In a common infrastructure shared across VLAN trunks can provide a very high level of security with
great flexibility for a comparatively low cost. Quality of Service schemes can optimize traffic on trunk
links for realtime (VoIP) or low-latency requirements (Storage Area Network).
History?
After successful experiments with Voice over Ethernet from 1981 to 1984, Dr. W. David Sincoskie joined
Bellcore and began addressing the problem of scaling up Ethernet networks. At 10 Mbit/s, Ethernet was
faster than most alternatives at the time; however, Ethernet was a broadcast network and there was no
good way of connecting multiple Ethernet networks together. This limited the total bandwidth of an
Ethernet network to 10 Mbit/s and the maximum distance between any two nodes to a few hundred
feet.
Why use VLAN's?
VLAN's offer a number of advantages over traditional LAN's. They are:
Figure 2 Logical View
3. VLAN (Virtual Local Area Network)
1) Performance
In networks where traffic consists of a high percentage of broadcasts and multicasts, VLAN's can reduce
the need to send such traffic to unnecessary destinations. For example, in a broadcast domain consisting
of 10 users, if the broadcast traffic is intended only for 5 of the users, then placing those 5 users on a
separate VLAN can reduce traffic.
Compared to switches, routers require more processing of incoming traffic. As the volume of traffic
passing through the routers increases, so does the latency in the routers, which results in reduced
performance. The use of VLAN's reduces the number of routers needed, since VLAN's create broadcast
domains using switches instead of routers.
2) Formation of Virtual Workgroups
Nowadays, it is common to find cross-functional product development teams with members from
different departments such as marketing, sales, accounting, and research. These workgroups are usually
formed for a short period of time. During this period, communication between members of the
workgroup will be high. To contain broadcasts and multicasts within the workgroup, a VLAN can be set
up for them. With VLAN's it is easier to place members of a workgroup together. Without VLAN's, the
only way this would be possible is to physically move all the members of the workgroup closer together.
However, virtual workgroups do not come without problems. Consider the situation where one user of
the workgroup is on the fourth floor of a building, and the other workgroup members are on the second
floor. Resources such as a printer would be located on the second floor, which would be inconvenient
for the lone fourth floor user.
Another problem with setting up virtual workgroups is the implementation of centralized server farms,
which are essentially collections of servers and major resources for operating a network at a central
location. The advantages here are numerous, since it is more efficient and cost-effective to provide
better security, uninterrupted power supply, consolidated backup, and a proper operating environment
in a single area than if the major resources were scattered in a building. Centralized server farms can
cause problems when setting up virtual workgroups if servers cannot be placed on more than one VLAN.
In such a case, the server would be placed on a single VLAN and all other VLAN's trying to access the
server would have to go through a router; this can reduce performance.
3) Simplified Administration
Seventy percent of network costs are a result of adds, moves, and changes of users in the network [
Buerger]. Every time a user is moved in a LAN, recabling, new station addressing, and reconfiguration of
hubs and routers becomes necessary. Some of these tasks can be simplified with the use of VLAN's. If a
user is moved within a VLAN, reconfiguration of routers is unnecessary. In addition, depending on the
type of VLAN, other administrative work can be reduced or eliminated [ Cisco white paper]. However
4. VLAN (Virtual Local Area Network)
the full power of VLAN's will only really be felt when good management tools are created which can
allow network managers to drag and drop users into different VLAN's or to set up aliases.
Despite this saving, VLAN's add a layer of administrative complexity, since it now becomes necessary to
manage virtual workgroups.
4) Reduced Cost
VLAN's can be used to create broadcast domains which eliminate the need for expensive routers.
5) Security
Periodically, sensitive data may be broadcast on a network. In such cases, placing only those users who
can have access to that data on a VLAN can reduce the chances of an outsider gaining access to the data.
VLAN's can also be used to control broadcast domains, set up firewalls, restrict access, and inform the
network manager of an intrusion.
VLANs also have some disadvantages and limitations as listed below:
1. High risk of virus issues because one infected system may spread a virus through the whole
logical network.
2. Equipment limitations in very large networks because additional routers might be needed to
control the workload.
3. More effective at controlling latency than a WAN but less efficient than a LAN.
Establishing VLAN Memberships?
The two common approaches to assigning VLAN membership are as follows:
Static VLANs
Dynamic VLANs
Static VLANs are also referred to as port-based VLANs. Static VLAN assignments are created by assigning
ports to a VLAN. As a device enters the network, the device automatically assumes the VLAN of the port.
If the user changes ports and needs access to the same VLAN, the network administrator must manually
make a port-to-VLAN assignment for the new connection.
Dynamic VLANs are created using software. With a VLAN Management Policy Server (VMPS), an
administrator can assign switch ports to VLANs dynamically based on information such as the source
MAC address of the device connected to the port or the username used to log onto that device. As a
device enters the network, the switch queries a database for the VLAN membership of the port that
device is connected to.
5. VLAN (Virtual Local Area Network)
Types of VLAN's
VLAN membership can be classified by port, MAC address, and protocol type:
1) Layer 1 VLAN: Membership by Port
Membership in a VLAN can be defined based on the ports that belong to the VLAN. For example, in a
bridge with four ports, ports 1, 2, and 4 belong to VLAN 1 and port 3 belongs to VLAN 2.
Port VLAN
1 1
2 1
3 2
4 1
Assignment of ports to different VLAN's
The main disadvantage of this method is that it does not allow for user mobility. If a user moves to a
different location away from the assigned bridge, the network manager must reconfigure the VLAN.
2) Layer 2 VLAN: Membership by MAC Address
Here, membership in a VLAN is based on the MAC address of the workstation. The switch tracks the
MAC addresses which belong to each VLAN (see Figure4). Since MAC addresses form a part of the
workstation's network interface card, when a workstation is moved, no reconfiguration is needed to
allow the workstation to remain in the same VLAN. This is unlike Layer 1 VLAN's where membership
tables must be reconfigured.
MAC Address VLAN
1212354145121 1
2389234873743 2
3045834758445 2
5483573475843 1
Assignment of MAC addresses to different VLAN's
The main problem with this method is that VLAN membership must be assigned initially. In networks
with thousands of users, this is no easy task. Also, in environments where notebook PC's are used, the
MAC address is associated with the docking station and not with the notebook PC. Consequently, when
a notebook PC is moved to a different docking station, its VLAN membership must be reconfigured.
3) Layer 2 VLAN: Membership by Protocol Type
VLAN membership for Layer 2 VLAN's can also be based on the protocol type field found in the Layer 2
header.
6. VLAN (Virtual Local Area Network)
Protocol VLAN
IP 1
IPX 2
Assignment of protocols to different VLAN's
4) Layer 3 VLAN: Membership by IP Subnet Address
Membership is based on the Layer 3 header. The network IP subnet address can be used to classify
VLAN membership.
IP Subnet VLAN
23.2.24 1
26.21.35 2
Assignment of IP subnet addresses to different VLAN's
Although VLAN membership is based on Layer 3 information, this has nothing to do with network
routing and should not be confused with router functions. In this method, IP addresses are used only as
a mapping to determine membership in VLAN's. No other processing of IP addresses is done.
In Layer 3 VLAN's, users can move their workstations without reconfiguring their network addresses.
The only problem is that it generally takes longer to forward packets using Layer 3 information than
using MAC addresses.
5) Higher Layer VLAN's
It is also possible to define VLAN membership based on applications or service, or any combination
thereof. For example, file transfer protocol (FTP) applications can be executed on one VLAN and telnet
applications on another VLAN.
The 802.1Q draft standard defines Layer 1 and Layer 2 VLAN's only. Protocol type based VLAN's and
higher layer VLAN's have been allowed for, but are not defined in this standard. As a result, these
VLAN's will remain proprietary.
Types of Connections
Devices on a VLAN can be connected in three ways based on whether the connected devices are VLAN-
aware or VLAN-unaware. Recall that a VLAN-aware device is one which understands VLAN memberships
(i.e. which users belong to a VLAN) and VLAN formats.
1) Trunk Link
All the devices connected to a trunk link, including workstations, must be VLAN-aware. All frames on a
trunk link must have a special header attached. These special frames are called tagged frames.
7. VLAN (Virtual Local Area Network)
2) Access Link
An access link connects a VLAN-unaware device to
the port of a VLAN-aware bridge. All frames on
access links must be implicitly tagged (untagged).
The VLAN-unaware device can be a LAN segment
with VLAN-unaware workstations or it can be a
number of LAN segments containing VLAN-unaware
devices (legacy LAN).
3) Hybrid Link
This is a combination of the previous two links. This is a link where both VLAN-aware and VLAN-unaware
devices are attached. A hybrid link can have both tagged and untagged frames, but all the frames for a
specific VLAN must be either tagged or untagged.
It must also be noted that the network can have a combination of all three types of links.
Figure 3 Trunk link between two VLAN-aware bridges.
Figure 4 Access link between a VLAN-aware
bridge and a VLAN-unaware device.
Figure 5 Hybrid link containing both VLAN-
aware and VLAN-unaware devices.
8. VLAN (Virtual Local Area Network)
Default Ethernet VLAN Configuration
The switch module supports only Ethernet interfaces. Table shows the default configuration for
Ethernet VLANs.
Parameter Default Range
VLAN ID 1 1 to 4094.
Note Extended-range VLANs (VLAN IDs 1006 to
4094) are not saved in the VLAN database.
VLAN name VLANxxxx , where xxxx represents four
numeric digits (including leading zeros)
equal to the VLAN ID number
No range
802.10 SAID 100001 (100000 plus the VLAN ID) 1 to 4294967294
MTU size 1500 1500 to 9198
Translational
bridge 1
0 0 to1005
Translational
bridge 2
0 0 to1005
VLAN state active active, suspend
Remote SPAN disabled enabled, disabled
Private VLANs none configured 2 to 1001, 1006 to 4094.
UNI-ENI VLAN UNI-ENI isolated VLAN 2 to 1001, 1006 to 4094.
VLAN 1 is always a UNI-ENI isolated VLAN.
Protocol-based VLANs?
In a switch that supports protocol-based VLANs, traffic is handled on the basis of its protocol.
Essentially, this segregates or forwards traffic from a port depending on the particular protocol of that
traffic; traffic of any other protocol is not forwarded on the port.
For example, it is possible to connect the following to a given switch:
1. A host generating ARP traffic to port 10
2. A network with IPX traffic to port 20
3. A router forwarding IP traffic to port 30
9. VLAN (Virtual Local Area Network)
If a protocol-based VLAN is created that supports IP and contains all three ports, this prevents IPX traffic
from being forwarded to ports 10 and 30, and ARP traffic from being forwarded to ports 20 and 30,
while still allowing IP traffic to be forwarded on all three ports.
Protocols and design?
1) IEEE 802.1Q
2) Cisco VLAN Trunking Protocol (VTP)
3) Multiple VLAN Registration Protocol
4) Shortest Path Bridging
Creating or Modifying an Ethernet VLAN
To access VLAN configuration mode, enter the vlan global configuration command with a VLAN ID. Enter
a new VLAN ID to create a VLAN, or enter an existing VLAN ID to modify that VLAN. You can use the
default VLAN configuration or enter commands to configure the VLAN.
Switch# configure terminal
Switch(config)# vlan 20
Switch(config-vlan)# name test20
Switch(config-vlan)# end
Assigning Static-Access Ports to a VLAN
You can assign a static-access port to a VLAN.
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# interface fastethernet0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 2
Switch(config-if)# end
Configuring a Trunk Port
Beginning in privileged EXEC mode, follow these steps to configure a port as an 802.1Q trunk port:
Switch# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# interface fastethernet0/2
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk native vlan 33
Switch(config-if)# end