Asante Technologies 35160 Switching Concepts, Port-Based VLANs, Vlan ID and Tagged Frames

Page 76

Chapter 7. Switching Concepts

A bridge is a hardware device used to connect multiple networks into one big network. However, when a bridge receives a broadcast from one interface, it will forward the frame to all interfaces and flood the wire, easily overwhelming the network.

The traditional solution to the problem of broadcast flooding is to use a router. The disadvantages of a router include higher cost (the initial purchase price and higher maintenance costs) and slower rate pf processing incoming data, leading to increased latency with decreased network performance. A switch (basically a complex bridge) can process data at a faster rate than a router, and can limit unnecessary flooded traffic by learning the addresses of the stations on the system. A switch can be used to create broadcasts domains (via VLANs), and can be employed as an alternate solution to using routers to contain broadcast flooding.

While a bridge connects network segments via interfaces, a switch connects segments via its ports, like a hub. But, unlike a hub, the ports of a switch can be configured to belong to a specific network, thereby separating traffic, providing security and reducing overall network congestion.

The following sections provide brief explanations of some of the concepts related to switching. If more information is required, please refer to networking books, online resources, or the MIS manager.

7.1 VLANs

A virtual local area network, or VLAN, is a logical grouping that allows stations to communicate as if they were physically connected to a single LAN, independent of the actual physical configuration of a network. A VLAN localizes flooded traffic to parts of LAN segments, rather than to an entire LAN, offering a simple solution to network performance, security, and bandwidth utilization.

7.1.1 Port-Based VLANs

Port-based VLANs are the simplest of many VLAN approaches (others are based on MAC addresses, protocol type, and higher layers that are not currently supported by the IEEE 802.1Q standard) that solve the problem of unnecessary flooding. The switch currently supports port-based VLANs in compliance with the IEEE standard.

A port-based VLAN allows the administrator to assign individual ports to a VLAN. Any broadcast (sent to every user in the network) or multicast (sent to a pre-specified group of users) traffic received on a port in a VLAN is limited by the VLAN boundaries so that only workstations whose ports are members of the same VLAN see those frames.

7.1.2 VLAN ID and Tagged Frames

The IntraCore 35160 supports 1024 manually configurable VLANs. Each VLAN is identified by a 12-bit (1- 4095) VLAN ID (VID). No two VLANs may have the same VID if they reside on the same switch. However, by assigning the same VID to VLANs on multiple switches, the broadcast domain may be extended over a large network. The switch is shipped with a single default VLAN, with a VID of 0.

In a network with only one switch, the switch itself keeps track of which ports belong to which VLAN. In a network with multiple switches, the information about which VLAN an Ethernet frame belongs to must be sent along with the frame. This is done by inserting a tag field, as defined in IEEE 802.1Q, in the frame. The tag includes a VLAN ID field that matches the VID assigned to a VLAN on the switch. The switch will then assign the frame to the VLAN represented by the tag field.

A port map is used to specify which ports are members of each VLAN. Each VLAN has a set of untagged ports that specifies which port members of the VLAN transmit only untagged frames. The untagged set can be a subset of the port map, or it can be the same as the port map. If a port is in the VLAN port map and not in the VLAN untagged set, that port transmits tagged frames only. The switch includes all ports in its untagged set by default.

76

Page 75 Page 77
Image 76
Page 75 Page 77
Contents IntraCore 35160 Series Quick Start Guide Layer 2 Gigabit Switches User’s Manual IntraCore 35160 SeriesTable of Contents Page Features IntroductionPackage Contents SwitchCore CXE2010LEDs 1 IC35160-T 2 IC35160-GManagement and Configuration Front and Back Panel DescriptionsWeb-Based Interface Console InterfaceSnmp Management Hardware Installation and Setup Installation OverviewSafety Overview Recommended Installation ToolsInstallation into an Equipment Rack Power RequirementsEnvironmental Requirements Cooling and AirflowInstalling a Gbic Gbic InterfacesInstalling the Optional Emergency Power Supply Connecting PowerRemoving a Gbic Gbic Care and HandlingConnecting to the Network 1 10/100/1000BaseT Ports Cabling ProceduresGigabit Ethernet Ports Cabling Procedures SetupConnecting to a Console Connecting Via the Web Browser Connecting Via TelnetChanging the Password IP AssignmentSimple Network Management Protocol Snmp Configuration Accessing a SubmenuLogging Exiting a SubmenuConfiguration Menu General InformationAdministration Configuration Changing System Administration InfoPort Configuration System IP ConfigurationChanging System IP Information Page Advanced Port Configuration Enabling or Disabling a PortSetting Port Class of Service Setting Port Default PrioritySetting Port Maximum Packet Length Enabling or Disabling 802.3x Flow ControlUnicast Forwarding Database Configuration Global Port ConfigurationDisplaying the Forwarding Database Setting the MAC Address Age-Out Time Security ManagementVlan Management Searching for a MAC AddressSnmp Configuration Protocol ConfigurationChanging Community Strings Enabling Authentication Traps Adding or Updating a Trap ReceiverSpanning Tree Protocol STP Configuration Deleting a Trap ReceiverSetting Port Priority and Path Cost Spanning Tree Port ConfigurationEnabling and Disabling STP Trunk Group Configuration Defining the Priority List QoS Priority Queue ManagementAssigning Packets to Priority Queues Example Setting Console UI Time-out Period User Interface ConfigurationSetting SSH/Telnet UI Time-out Adding or Deleting an Access Host Change PasswordEnabling or Disabling SSH and Telnet System Utilities Access ControlEnabling or Disabling the Web Server Enabling or Disabling System Port Mirroring Port MirroringAdding or Deleting a Monitor Port Resetting the Switch System ResetSystem Clock Scheduling a System Reset System LogBootstrap Configuration Clearing the System LogTftp File Transfers Statistics Ping UtilitySnmp and Rmon Management Advanced ManagementRmon Management Duplicated IP Detection and Trap Enabling and Disabling Duplicated IP DetectionEnabling and Disabling Duplicated IP Trap Viewing a List of Duplicated IP AddressesConfiguring Port Security Enabling and Disabling Station Movement TrapConfiguring Port New Node Detection Trap Configuring Port Lock and Intruder LockPort-based Network Access Control Configuring Security Level 2 or LevelSetting the Intruder Trap Resetting Security to DefaultsPage Port Control Settings Name DescriptionSetting Timers Radius Server IP Setting Radius ParametersServer Port Other Vlan Features of the switch Vlan Specifications for the IntraCore 35160 SeriesVlan Management Configuring Static Vlan Groups Creating a VlanAdvanced Static Vlan Configuration Configuring Vlan Port Attributes Setting the Port Vlan IDConfiguring Port Receive Frame Type Adding and Deleting VLANs from the PortSetting Port Type Displaying a Summary of Vlan GroupsResetting Vlan Configuration to Defaults IP Multicast Traffic ManagementDisplaying a Vlan Port Summary Multicast AddressesIgmp Snooping Configuring IP Multicast Traffic ManagementEnabling and Disabling Igmp Snooping Advanced Igmp Configuration Displaying a Summary of Group AddressesIP Multicast Forwarding Database Configuration Adding Ports to the Selected AddressInserting a Multicast Group Address Removing a Multicast Group AddressAccessing with a Web Browser Web-Based ManagementGenl Info General Information Button Front Panel ButtonManagement Buttons Port Config Port Configuration Button Span Tree Spanning Tree Button Snmp Button Addr Address Table ButtonVlan Button Vlan ConfigurationVlan Group Create Port Configuration Set Port TypePort Vlan ID Pvid Acceptable Frame TypeTrunking Button Security ButtonPort Ingress Filtering Tag/Untag Port Egress TypePage Snmp Management Operations Snmp ManagementSnmp Protocol MIB Tree Community Name and SecurityName Space Path MIB Groups Supported Switching Concepts VLANsPort-Based VLANs Vlan ID and Tagged FramesSpanning Tree Protocol Port Vlan IDHow It Works Spanning Tree ParametersFull Duplex, Flow Control, and Auto-negotiation Spanning Tree Port ConfigurationFull Duplex Flow Control Auto-NegotiationAppendix A. Troubleshooting Problem Possible SolutionsSpecifications Appendix B. Features and SpecificationsPhysical Characteristics Environmental Range Technical Support and WarrantyStandards Compliance FCC Compliance Statement Important Safety Instructions Appendix C. FCC Compliance and Warranty StatementsIntraCare Warranty Statement Page Pin Number Signal Name Appendix D. Console Port Pin OutsAppendix E. Online Warranty Registration Appendix F. BootP Configuration Bootstrap ConfigurationImage Banks Loading Software LocallyBOOTP-TFTP Loading Software Remotely
Top Page Image Contents