Planet Technology FGSW-2620VM User Manual

FGSW-2620VM User’s Manual

VLAN Description

A Virtual Local Area Network (VLAN) is a network topology configured according to a logical scheme rather than the

physical layout. VLAN can be used to combine any collection of LAN segments into an autonomous user group that

appears as a single LAN. VLAN also logically segment the network into different broadcast domains so that packets are

forwarded only between ports within the VLAN. Typically, a VLAN corresponds to a particular subnet, although not

necessarily.

VLAN can enhance performance by conserving bandwidth, and improve security by limiting traffic to specific domains.

A VLAN is a collection of end nodes grouped by logic instead of physical location. End nodes that frequently

communicate with each other are assigned to the same VLAN, regardless of where they are physically on the network.

Logically, a VLAN can be equated to a broadcast domain, because broadcast packets are forwarded to only members of

the VLAN on which the broadcast was initiated.

Port-based VLAN

Port-based VLAN limit traffic that flows into and out of switch ports. Thus, all devices connected to a port are members of

the VLAN(s) the port belongs to, whether there is a single computer directly connected to a switch, or an entire

department.

On port-based VLAN.NIC do not need to be able to identify 802.1Q tags in packet headers. NIC send and receive

normal Ethernet packets. If the packet's destination lies on the same segment, communications take place using normal

Ethernet protocols. Even though this is always the case, when the destination for a packet lies on another switch port,

VLAN considerations come into play to decide if the packet is dropped by the Switch or delivered.

IEEE 802.1Q VLANs

IEEE 802.1Q (tagged) VLAN are implemented on the Switch. 802.1Q VLAN require tagging, which enables them to

span the entire network (assuming all switches on the network are IEEE 802.1Q-compliant).

VLAN allow a network to be segmented in order to reduce the size of broadcast domains. All packets entering a VLAN

will only be forwarded to the stations (over IEEE 802.1Q enabled switches) that are members of that VLAN, and this

includes broadcast, multicast and unicast packets from unknown sources.

VLAN can also provide a level of security to your network. IEEE 802.1Q VLAN will only deliver packets between stations

that are members of the VLAN. Any port can be configured as either tagging or untagging. The untagging feature of

IEEE 802.1Q VLAN allows VLAN to work with legacy switches that don't recognize VLAN tags in packet headers. The

tagging feature allows VLAN to span multiple 802.1Q-compliant switches through a single physical connection and

allows Spanning Tree to be enabled on all ports and work normally.

Any port can be configured as either tagging or untagging. The untagging feature of IEEE 802.1Q VLAN allow VLAN to

work with legacy switches that don’t recognize VLAN tags in packet headers. The tagging feature allows VLAN to span

multiple 802.1Q-compliant switches through a single physical connection and allows Spanning Tree to be enabled on all

ports and work normally.

Some relevant terms:

33