Asante Technologies 40240/40480-10G Chapter 11: VLAN Configuration

Chapter 11: VLAN Configuration

In large networks, routers are used to isolate broadcast tr affic for eac h subnet int o

separate domains. This switch provides a similar service at Layer 2 by using VLANs

to organize any group of network nodes into separate broadcast domains. VLANs

confine broadcast traffic to the originating group, and can eliminate broad cast

storms in large networks. This also provides a more secure and cleaner network

environment.

An IEEE 802.1Q VLAN is a group of ports that can be located anywhere in the

network, but communicate as though they belong to the same physical segment.

VLANs help to simplify network management by allowing you to move de vices to a

new VLAN without having to change any physical connections. VLA Ns can be easily

organized to reflect departmental groups (such as Marketing or R& D), us age gr oups

(such as e-mail), or multicast groups (used for multimedia applications such as

videoconferencing).

VLANs provide greater network efficiency by reducing broadcast traffic, and allow

you to make network changes without having to update IP ad dresses or IP subnets.

VLANs inherently provide a high level of network security since traffic must pas s

through a configured Layer 3 link to reach a different VLAN.

This switch supports the following VLAN features:

• Up to 4093 VLANs based on the IEEE 802.1Q standard

• Distributed VLAN learning across multiple switches using explicit or implicit tagging

and GVRP protocol

• Port overlapping, allowing a port to participate in multiple VLANs

• End stations can belong to multiple VLANs

• Passing traffic between VLA N-aware a nd VLAN-u naware dev ices

• Priority tagging

Before enabling VLANs for the switch, you must first a ssign each port to the VLAN

group(s) in which it will participate. By default all ports are assigned to VLAN 1 as

untagged ports. Add a port as a tagged port if you want it to carry traffic for one or

more VLANs, and any intermediate network devices o r the host at the oth er end of

the connection supports VLANs. Then assign ports on the other VLAN-aware

network devices along the path that will carry this traffic to the same VLAN (s), e ither

manually or dynamically using GVRP. However, if you want a port on this switch to

participate in one or more VLANs, but none of the intermediat e netwo rk de vices nor

the host at the other end of the connection supports VLANs, the n you should add

this port to the VLAN as an untagged port.