We will be covering VLANs this week. In addition we will do a practical involving setting up a router and how to create a VLAN.
The acronym VLAN expands to Virtual Local Area Network. A VLAN is a logical local area network (or LAN) that extends beyond a single traditional LAN to a group of LAN segments, given specific configurations. Because a VLAN is a logical entity, its creation and configuration is done completely in software. How Is a VLAN Identified Since a VLAN is a software concept, identifiers and configurations for a VLAN must be properly prepared for it to function as expected. Frame colouring is the process used to ensure that VLAN members or groups are properly identified and handled. With frame colouring, packets are given the proper VLAN ID at their origin so that they may be properly processed as they pass through the network. The VLAN ID is then used to enable switching and routing engines to make the appropriate decisions as defined in the VLAN configuration. What is a VLAN?
Traditional network designs use routers to create broadcast domains and limit broadcasts between multiple subnets. This prevents broadcast floods in larger networks from consuming resources, or causing unintentional denials of service unnecessarily. Unfortunately, the traditional network design methodology has some flaws in design Geographic Focus - Traditional network designs focus on physical locations of equipment and personnel for addressing and LAN segment placement. Because of this there are a few significant drawbacks: Network segments for physically disjointed organizations cannot be part of the same address space. Each physical location must be addressed independently, and be part of its own broadcast domain. This can force personnel to be located in a central location, or to have additional latency or connectivity shortfalls. Relocations of personnel and departments can become difficult, especially if the original location retains its network segments. Relocated equipment will have to be reconfigured based on the new network configuration. A VLAN solution can alleviate both of these drawbacks by permitting the same broadcast domain to extend beyond a single segment. Additional Bandwidth Usage - Traditional network designs require additional bandwidth because packets have to pass through multiple levels of network connectivity because the network is segmented. A proper VLAN design can ensure that only devices that have that VLAN defined on it will receive and forward packets intended as source or destination of the network flow. Benefits of VLANs
Sample VLAN Diagram
There are only two types of VLAN possible today, cell-based VLANs and frame-based VLANs. Cell-based VLANs are used in ATM (Asynchronous Transfer Mode) switched networks with LAN Emulation (or LANE). LANE is used to allow hosts on legacy LAN segments to communicate using ATM networks without having to use special hardware or software modification. Frame-based VLANs are used in ethernet networks with frame tagging. The two primary types of frame tagging are IEEE and ISL (Inter Switch Link is a Cisco proprietary frame-tagging). Keep in mind that the standard makes it possible to deploy VLANs with (Ethernet), (Token-Ring), and FDDI, but ethernet is most common. Types of VLANs
There are three different modes in which a VLAN can be configured. These modes are covered below: VLAN Switching Mode - The VLAN forms a switching bridge in which frames are forwarded unmodified. VLAN Translation Mode - VLAN translation mode is used when the frame tagging method is changed in the network path, or if the frame traverses from a VLAN group to a legacy or native interface which is not configured in a VLAN. When the packet is to pass into a native interface, the VLAN tag is removed so that the packet can properly enter the native interface. VLAN Routing Mode - When a packet is routed from one VLAN to a different VLAN, you use VLAN routing mode. The packet is modified, usually by a router, which places its own MAC address as the source, and then changes the VLAN ID of the packet. VLAN Modes
Most of your normal cheap switches will not have VLAN functionality, they will have a default pool of all ports as one. It’s only when you look at the higher end switches that you see VLAN functionality. Often these switches will have a 9-pin Serial Port. This port is used to configure the switch via command line. For most switches you’ll use Telnet to dial into them, nearly every current operating system supports Telnet. In Windows XP, you can go to Accessories and System Tools and open up Hyper Terminal to get access. Telnet is falling off in favour due to not being all that secure, Secure Shell (SSH). SSH allows for secure data exchange between two networked devices. The operating system on a switch is generally called a Internetworking Operating System (IOS). What kind of Switches have VLAN functionality?
What does IOS look like?
VLAN Trunking Protocol (VTP) is a Cisco proprietary Layer 2 messaging protocol that manages the addition, deletion, and renaming of Virtual Local Area Networks (VLAN) on a network-wide basis. Cisco's VLAN Trunk Protocol reduces administration in a switched network. When a new VLAN is configured on one VTP server, the VLAN is distributed through all switches in the domain. This reduces the need to configure the same VLAN everywhere. To do this, VTP carries VLAN information to all the switches in a VTP domain. VTP advertisements can be sent over ISL, 802.1q, IEEE and LANE trunks. VTP is available on most of the Cisco Catalyst Family products VLAN Trunking Protocol