Download VLANs Virtual LANs

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
Document related concepts

Remote Desktop Services wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Computer network wikipedia , lookup

Wireless security wikipedia , lookup

Airborne Networking wikipedia , lookup

Distributed firewall wikipedia , lookup

AppleTalk wikipedia , lookup

IEEE 802.1aq wikipedia , lookup

Lag wikipedia , lookup

Telephone exchange wikipedia , lookup

Network tap wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Spanning Tree Protocol wikipedia , lookup

Virtual LAN wikipedia , lookup

Transcript 
VLANs
Virtual LANs
CIS 278
VLAN Definition
• Per Webopedia:
• Short for virtual LAN, a network of
computers that behave as if they are
connected to the same wire even though
they may actually be physically located on
different segments of a LAN.
VLAN Definition
• Broadcast domains are typically constrained
to a set of interconnected switches or
bridges.
• A router defines the end of a broadcast
domain.
• VLANs provide multiple broadcast domains
within what would otherwise be a single
broadcast domain.
VLAN Definition
Continued
• VLANs are configured through software
rather than hardware, which makes them
extremely flexible.
• One of the biggest advantages of VLANs is
that when a computer is physically moved
to another location, it can stay on the same
VLAN without any hardware
reconfiguration.
VLAN Overview
• A LAN traditionally is made up of
workstations all connected to the same wire.
That puts them all in the same collision
domain.
VLAN Overview
Ethernet LAN
Workstation
Workstation
Workstation
Workstation
Workstation
Workstation
Workstation
Workstation
VLAN Overview
• The same network can be built using a hub
instead of backbone cable.
VLAN Overview
Multiport Repeater (hub)
Workstation
Workstation
Workstation
Workstation
Workstation
Workstation
Workstation
Workstation
VLAN Overview
• If network traffic becomes too great and the
number of collisions impacts network
performance, we can often improve
performance by adding a switch
VLAN Overview
Switch
Workstation
Workstation
Workstation
Workstation
Workstation
Workstation
Server
Server
VLAN Overview
• Each workstation is on a collision domain
of two devices; the workstation and the
single port of the switch.
• Access to servers is enhanced by increasing
the port speed on the Server ports
VLAN Overview
100 Mbps
Switch
100 Mpbs
1 Gbps
Workstation
1 Gbps
Workstation
Workstation
Workstation
Workstation
Workstation
Server
Server
VLAN Overview
• All ports on the switch are part of the same
broadcast domain.
• What do we do when broadcasts are starting
to impact network performance? Segment.
VLAN Overview
Router
Switch
100 Mbps
Switch
100 Mbps
1 Gbps
1 Gbps
Workstation
Workstation
Workstation
Workstation
Workstation
Workstation
Server
Server
VLAN Overview
• Notice that we insert a router to provide
connectivity between the two broadcast
domains, while providing the added security
routers can bring and isolation from
broadcasts on the other segment.
VLAN Overview
• Networks continued to grow until the
number of routers required for a network
became cumbersome, often requiring more
than one router per switch. Hardware use
became inefficient.
VLAN Overview
Router
Router
Switch
Switch
100 Mbps
Switch
Switch
100 Mbps
100 Mbps
100 Mbps
1 Gbps
1 Gbps
1 Gbps
1 Gbps
Workstation
Workstation
Workstation
Workstation
Workstation
Workstation
Workstation
Workstation
Workstation
Workstation
Workstation
Server
Server
Workstation
Server
Server
VLAN Overview
• Moving a user to another part of the same
floor would sometimes mean moving them
into a new broadcast domain, which wasn’t
always desirable.
• To address this need, multiple broadcast
domains had to be available in the same
wiring closet.
VLAN Overview
• There was a desire to define a method of
providing separate broadcast domains
within a single closet, and even within a
single switch, so switch ports could be used
more efficiently.
• VLANs were born
• VLANs are broadcast domains that are not
defined by physical location
VLANs
• Network architects had conflicting ideas
about how they wanted to separate their
user broadcast domains.
–
–
–
–
–
By protocol
By name
By services
By IP address
By MAC address
VLANs
• Furthermore, network architects wanted to
be able to make broadcast domain changes
without having to add hardware or move
hardware around. That is, they wanted to
make such changes through configuration
modifications rather than hardware
replacement.
VLANs
• In addition to that, they wanted to make
sure someone couldn’t just plug into an
unused port and start sniffing the broadcasts
to gather information surreptitiously.
Static VLANs
• Static VLANs are assigned by port. Each
port is assigned to a VLAN, so whichever
workstation shows up in that port becomes
part of the VLAN
• VLANs are assigned on a port basis and the
broadcast domains span switches
Static VLANs
• Communication between two adjacent
workstations in the same switch but on
different VLANs involves router.
Dynamic VLANs
• Dynamic VLANs assume that the network
administrator builds a database of all MAC
addresses, then assigns those addresses to
logical VLANs.
• Once built, the workstations can be plugged
into any port on any switch at any time and
it will find its way to the proper VLAN
Dynamic VLANs
Router
Switch
Switch
100 Mbps
Switch
Switch
100 Mbps
100 Mbps
100 Mbps
1 Gbps
1 Gbps
1 Gbps
1 Gbps
A
B
A
A
B
D
A
B
B
D
C
C
B
C
D
D
VLANs
• Trunk connections between the switches
and routers carry traffic for all included
VLANs.
• The traffic from multiple broadcast domains
can quickly cause bottlenecks if the network
is not carefully designed
VLANs
Tagging
• VLANs are identified by special tags
attached to each frame.
• IEEE 802.1Q specifies how these tags are
formatted
• Devices that don’t understand VLANs will
consider these frames improperly formatted
VLANs
Access Link
• Access links are where the end station
connects to the switch. VLAN information
is not included on these links.
• Trunk links carry the VLAN information.
VLANs
Tagging
• ISL (Inter-Switch Link) is the Cisco
proprietary method of tagging, designed
before 802.1Q was standardized. I mention
it for historical reasons, as Cisco no longer
makes hardware that supports ISL.
VLANs
VTP Modes
• VLAN Trunk Protocol is designed to carry
VLAN information across internetworks.
• It requires a central VTP server. Switches
are commonly the servers.
VLANs
Trunk Protocol
• VTP servers can make changes to the VTP
domain
• VTP clients send and receive VTP updates,
but they can’t make changes
• Transparent switches pass VTP updates but
they don’t participate in the protocol.
VLANs
Trunk Protocol
• VTP Pruning is a method of removing
traffic from a link if there is nothing at the
end of that link that requires the VLAN
information. This increases security and
reduces traffic.
VLANs
Advantages
• VLANs can be logically subnetted
• Adds, moves and changes are handled through
configuration rather than physical moves
• VLANs can provide greater security by isolating
broadcasts
• Users can be assigned logically rather than being
imposed by their physical location.
• Broadcast domains can be assigned by reasonable
size rather than by physical port limitations.
VLANs
Disadvantages
• VLANs may take considerably more
configuration
• Broadcast domains aren’t always obvious
• Troubleshooting problems becomes more
difficult
• The network becomes more complex
• Trunk traffic can be hard to predict and
difficult to monitor
Related documents
Slide Show of Our New Office
Slide Show of Our New Office
Network Design Project You have been given the assignment to
Network Design Project You have been given the assignment to
Windows Server 2008 Network Setup For TCP/IP
Windows Server 2008 Network Setup For TCP/IP
VLANS and Other Hardware
VLANS and Other Hardware
[2016-NEW!] 200-120 New Questions and Answers -
[2016-NEW!] 200-120 New Questions and Answers -
Information manager\ manager responsible for designing and
Information manager\ manager responsible for designing and
How CT scanners Work Imagine an upright doughnut. This
How CT scanners Work Imagine an upright doughnut. This
The Windows NT 4.0 Environment
The Windows NT 4.0 Environment
Appropriate handling and use of client data
Appropriate handling and use of client data
What are the Advantages and Disadvantages of a Policy
What are the Advantages and Disadvantages of a Policy
Unit-IV - unit 1
Unit-IV - unit 1
Release notes_1.3
Release notes_1.3