Chapter 7. switching concepts, 1 vlans – Asante Technologies 3524 Series User Manual
Page 70
70
Chapter 7. Switching Concepts
A bridge is a hardware device used to connect multiple networks into one big network. However, when a
bridge receives a broadcast from one interface, it will forward the frame to all interfaces and flood the wire,
easily overwhelming the network.
The traditional solution to the problem of broadcast flooding is to use a router. The disadvantages of a router
include higher cost (the initial purchase price and higher maintenance costs) and slower rate pf processing
incoming data, leading to increased latency with decreased network performance. A switch (basically a
complex bridge) can process data at a faster rate than a router, and can limit unnecessary flooded traffic by
learning the addresses of the stations on the system. A switch can be used to create broadcasts domains
(via VLANs), and can be employed as an alternate solution to using routers to contain broadcast flooding.
While a bridge connects network segments via interfaces, a switch connects segments via its ports, like a
hub. But, unlike a hub, the ports of a switch can be configured to belong to a specific network, thereby
separating traffic, providing security and reducing overall network congestion.
The following sections provide brief explanations of some of the concepts related to switching. If more
information is required, please refer to networking textbooks, online resources (i.e.
your MIS manager.
7.1 VLANs
A virtual local area network, or VLAN, is a logical grouping that allows stations to communicate as if they
were physically connected to a single LAN, independent of the actual physical configuration of a network. A
VLAN localizes flooded traffic to parts of LAN segments, rather than to an entire LAN, offering a simple
solution to network performance, security and bandwidth utilization.
7.1.1 Port-Based VLANs
Port-based VLANs are the simplest of many VLAN approaches (others are based on MAC addresses,
protocol type, and higher layers that are not currently supported by the IEEE 802.1Q standard) that solve the
problem of unnecessary flooding. The switch currently supports port-based VLANs in compliance with the
IEEE standard.
A port-based VLAN allows the administrator to assign individual ports to a VLAN. Any broadcast (sent to
every user in the network) or multicast (sent to a pre-specified group of users) traffic received on a port in a
VLAN are limited by the VLAN boundaries so that only workstations whose ports are members of the same
VLAN see those frames.
7.1.2 VLAN ID and Tagged Frames
The IntraCore 3524 supports 64 manually configurable VLANs. Each VLAN is identified by a 12-bit (1-4095)
VLAN ID (VID). No two VLANs may have the same VID if they reside on the same switch. However, by
assigning the same VID to VLANs on multiple switches, the broadcast domain may be extended over a large
network. The switch is shipped with a single default VLAN, with a VID of 0.
In a network with only one switch, the switch itself keeps track of which ports belong to which VLAN. In a
network with multiple switches, the information about which VLAN an Ethernet frame belongs to must be
sent along with the frame. This is done by inserting a tag field, as defined in IEEE 802.1Q, in the frame. The
tag includes a VLAN ID field that matches the VID assigned to a VLAN on the switch. The switch will then
assign the frame to the VLAN represented by the tag field.
A port map is used to specify which ports are members of each VLAN. Each VLAN has a set of untagged
ports that specifies which port members of the VLAN transmit only untagged frames. The untagged set can
be a subset of the port map, or it can be the same as the port map. If a port is in the VLAN port map and not
in the VLAN untagged set, that port transmits tagged frames only. The switch includes all ports in its
untagged set by default.