IronPort Systems 4108GL User Manual

14-5

Port-Based Virtual LANs (VLANs) and GVRP

Port-Based Virtual LANs (Static VLANs)

P

o

rt

-Ba

sed V

ir

tual
LANs

(VLANs)

a

n

d

G

V

RP

eliminated and bandwidth is saved by not allowing packets to flood out all
ports. An external router is required to enable separate VLANs on a switch to
communicate with each other.

For example, referring to figure 14-1, if ports A1 through A4 belong to VLAN_1
and ports A5 through A8 belong to VLAN_2, traffic from end-node stations on
ports A2 through A4 is restricted to only VLAN_1, while traffic from ports A5
through A7 is restricted to only VLAN_2. For nodes on VLAN_1 to communi-
cate with VLAN_2, their traffic must go through an external router via ports
A1 and A8.

Figure 14-1. Example of Routing Between VLANs via an External Router

Overlapping (Tagged) VLANs.

A port on the Switch 4108GL can be a mem-

ber of more than one VLAN if the device to which they are connected complies
with the 802.1Q VLAN standard. For example, a port connected to a central
server using a network interface card (NIC) that complies with the 802.1Q
standard can be a member of multiple VLANs, allowing members of multiple
VLANs to use the server. Although these VLANs cannot communicate with
each other through the server, they can all access the server over the same
connection from the switch

. Where VLANs overlap in this way, VLAN “tags”

are used to distinguish between traffic from different VLANs.

External
Router

VLAN_2

VLAN_1

Port A1

Port A8

Port A2
Port A3
Port A4

Port A5
Port A6
Port A7

Switch with Two
VLANs Configured