A VLAN is a broadcast domain formed by switches.VLAN’s also provide security because you are essentially putting one group of devices, in one VLAN, on their own network. By using VLAN’s you are containing broadcasts. As the amount of traffic and the number of devices grow, so does the number of broadcast packets. VLAN’s offer higher performance for medium and large LAN’s because they limit broadcasts. For the device on port 2 to communicate with the device on port 4, you would have to configure a trunk port to a router so that it can strip off the VLAN information, route the packet, and add back the VLAN information. That is because each of these is in its own VLAN. On a Cisco 2950 switch, here is how you would do it:Īt this point, only ports 2 and 3 should be able to communicate with each other and ports 4 & 5 should be able to communicate. We want to put ports 2 & 3 in VLAN 5 (Marketing) and ports 4 and 5 in VLAN 10 (Human Resources). Let’s say we wanted to create VLAN’s 5 and 10. Your goals, no matter what the commands are, is to: How do I create a VLAN?Ĭonfiguring VLAN’s can vary even between different models of Cisco switches. The protocol used would be Cisco’s proprietary Inter-switch link (ISL) or the IEEE standard 802.1q. When there is a link between two switches or a router and a switch that carries the traffic of more than one VLAN, that port is a trunk port.Ī trunk port must run a special trunking protocol. As each VLAN is its own subnet, a router or Layer 3 switch must be used to route between the subnets. How can devices on different VLAN’s communicate?ĭevices on different VLAN’s can communicate with a router or a Layer 3 switch. With a VLAN, one device can be connected to one switch, another device can be connected to another switch, and those devices can still be on the same VLAN (broadcast domain). The limitation of subnetting a network with a router is that all devices on that subnet must be connected to the same switch and that switch must be connected to a port on the router. The benefit that a VLAN provides over a subnetted network is that devices in different physical locations, not going back to the same router, can be on the same network. Or, just to make a single switch into multiple virtual switches.Ī common question is why not just subnet the network instead of using VLAN’s? Each VLAN should be in its own subnet.
The users using the phone could be on a different VLAN, not with the regular users. An example would be a company that has VoIP phones.
Many times, people are simply using VLAN’s because the network they are working on was already using them.Īnother important fact is that, on a Cisco switch, VLAN’s are enabled by default and ALL devices are already in a VLAN. It is important to point out that you don’t have to configure a VLAN until your network gets so large and has so much traffic that you need one. Without additional configuration, they would not be able to communicate with any other devices, not in their VLAN. However, these devices can all communicate because they are on the same VLAN. Broadcasts between these devices will not be seen on any other port in any other VLAN, other than 10. Because switches can talk to each other, some ports on switch A can be in VLAN 10 and other ports on switch B can be in VLAN 10.
0 kommentar(er)
