Defining VLANs, Example of a Vlan | Enterasys Networks 2H252, 2E253

Defining VLANs

12.1 DEFINING VLANs

A Virtual Local Area Network is a group of devices that function as a single Local Area Network segment (broadcast domain). The devices that make up a particular VLAN may be widely separated, both by geography and location in the network.

The creation of VLANs allows users located in separate areas or connected to separate ports to belong to a single VLAN group. Users that are assigned to such a group will send and receive broadcast and multicast traffic as though they were all connected to a common network.

VLAN-aware switches isolate broadcast, multicast, and unknown traffic received from VLAN groups, so that traffic from stations in a VLAN are confined to that VLAN.

When stations are assigned to a VLAN, the performance of their network connection is not changed. Stations connected to switched ports do not sacrifice the performance of the dedicated switched link to participate in the VLAN. As a VLAN is not a physical location, but a membership, the network switches determine VLAN membership by associating a VLAN with a particular port or frame type.

Figure 12-1shows a simple example of a port-based VLAN. Two buildings house the Sales and Finance departments of a single company, and each building has its own internal network. The stations in each building connect to a SmartSwitch in the basement. The two SmartSwitches are connected to one another with a high speed link.

Figure 12-1 Example of a VLAN

Building One

Building Two

S	S	S
F		F

A

1

10	9	8 7 6
trunk		8 7 6

S	S	S
F		F

B

SmartSwitchSmartSwitch

S Member of Sales Network

F Member of Finance Network 30691_58

12-2VLAN Operation and Network Applications

Image 334

Enterasys Networks 2H252, 2E253, 2H253, 2H258 manual Defining VLANs, Example of a Vlan

Contents

SmartSwitch 2200 Series Page Page Enterasys NETWORKS, INC Program License Agreement Page Page Contents Device Configuration Menu Screens Port Configuration Menu Screens Configuration Menu Screens Layer 3 Extensions Menu Screens Network Tools Screens Generic Attribute Registration Protocol Garp Figures Xiii Xiv Tables Xvi Tables Using this Guide About This Guide Structure of this Guide Xix Related Documents Document Conventions Typographical and Keystroke Conventions Bold typePage Introduction Overview Management Agent Navigating Local Management Screens In-Band vs. Out-of-BandLocal Management Requirements Local Management Screen Elements None Defined Input Fields Event Message FieldDisplay Fields Selection Fields Command Fields Local Management Keyboard Conventions Getting Help Your email addressPage Management Terminal Setup Local Management Requirements 2H252-25R SmartSwitch device is shown in -1as an example Console Cable Connection Management Terminal Setup Parameters VT100ID Monitoring AN Uninterruptible Power Supply Telnet Connections DB9 Port RJ45 COM Port Page Accessing Local Management 802.1Q Switching Mode, LM Screen Hierarchy Selecting Local Management Menu Screen Items Using the Exit CommandUsing the Return Command Exiting Local Management Screens Password Screen Using the Next and Previous CommandsUsing the Clear Counters Command When to Use How to Access Screen Example Enter Device Menu Screen Screen Navigation Path Device ConfigurationMenu Descriptions Menu Tools NetworkSecurity Cont’d Section Overview of Security Methods Host Access Control Authentication Haca Overview of Security Methods 14Accessing Local Management 2 802.1X Port Based Network Access Control Definitions of Terms and Abbreviations 2.2 802.1X Security Overview Authentication Method Sequence MAC Authentication OverviewAuthentication Method Selection Concurrent Operation of 802.1X and MAC Authentication MAC 20Accessing Local Management MAC Authentication Control Security Menu Screen Refer to -4for a functional description of each menu item Authentication PasswordsName Services Radius Passwords Screen Module Login Passwords Screen Switch Field Descriptions Setting the Module Login Password Radius Configuration Screen Timeout Retries Radius Client Last Resort Action/Local SelectableLast Resort Action/Remote Toggle IP Address Setting the Last Resort Authentication Setting the Local and Remote Servers Name Services Configuration Screen Name Services Configuration Screen Web Authentication Switch Name ModifiableName Services Secure Harbour IP System Authentication Configuration Screen System Authentication Configuration Screen System AuthenticationAuthenticated , or Unauthenticated Port # EAP Port Configuration Screen EAP Port Configuration Screen Port Authentication State Backend State Port Control Force Reauth Initialize PortMaximum Requests EAP Statistics Menu Screen 10 EAP Statistics Menu Screen EAP Diagnostic AuthenticatorEAP Session EAP Session Statistics Screen When to Use 11 EAP Session Statistics Screen SessionOctetsRx Authenticate Server or a local Authentication Server MethodSessionID SessionOctetsTx Session User Name EAP Authenticator Statistics Screen When to UseClear Counters Command Port Number 12 EAP Authenticator Statistics Screen Clear Counters EAP Diagnostic Statistics Screen When to Use 13 EAP Diagnostic Statistics Screen Authenticating Enters ConnectingLogoffs Connecting Timeouts Backend Statistics Responses AuthenticatedAccess Challenges Other Requests To Clear MAC Port Configuration ScreenCounters Port Enable 14 MAC Port Configuration Screen MAC Supplicant Configuration Screen SET ALL Ports Duration MAC Address Plicant Reauthenticate SupInitialize Supplicant False Device Configuration Menu Screens Device Configuration Menu Screen General Configuration Resources GeneralSnmp Information General Configuration Screen 0.0 Tftp Gateway IP Default GatewaySubnet Mask Addr Screen Refresh Operational ModeDevice Time Time IP Fragmentation Agg ModeClear Nvram WebView Setting the IP Address Configuration Warning Screen, IP Address Setting the Subnet Mask Configuration Warning Screen, Subnet Mask Setting the Default Gateway Setting the Tftp Gateway IP Address Setting the Module Name Setting the Device Date Setting the Screen Lockout Time Setting the Device TimeEntering a New Screen Refresh Time Configuring the COM Port Changing the COM Port Application COM Port Warning Clearing Nvram UPS Enabling/Disabling IP Fragmentation Clear Nvram Warning Snmp Configuration Menu Screen Snmp Configuration Menu Screen Snmp Community Names Configuration Screen Snmp Community Names Configuration Screen Establishing Community Names Snmp Traps Configuration Screen Snmp Traps Configuration Screen Trap Destination Configuring the Trap TableEnable Traps Trap Community Access Control List Screen 10 Access Control List Screen Access Control Lists IP Addr Entering Single Addresses Entering IP AddressesMask Entering Ranges of Addresses Enable/Disable ACL System Resources Information Screen XX KB Setting the Reset Peak Switch Utilization Flash Download Configuration Screen 12 Flash Download Configuration Screen Flash Download Configuration Screen Field Descriptions Download Server IP Reboot AfterDownload Download File Image File Download Using Runtime Configuration File Download Using Tftp Configuration File Upload Using Tftp 36Device Configuration Menu Screens Port Configuration Menu Screens Port Configuration Menu Screen Port Configuration Menu Screen in Agg Mode, Huntgroup HSIM/VHSIM EthernetInterface Redirect Ethernet Interface Configuration Screen Intf Port Type Speed ConfigLink Duplex Ethernet Port Configuration Screen HDX FC Refer to -3for a functional description of each screen field Interface Default SpeedDefault Duplex Physical Port 10Port Configuration Menu Screens Half Duplex Flow Full Duplex FlowControl Save to ALL Selecting Field Settings Setting the Advertised Ability Redirect Configuration Menu Screen HSIM/VHSIM Configuration ScreenConfiguration Menu Redirect Configuration Menu Screen Port Redirect Configuration Screen Source Port Destination Port Source Port n Redirect ErrorsFrame Format Status Changing Source and Destination Ports Vlan Redirect Configuration Screen Vlan Redirect Configuration Screen Source Vlan Source Vlan n Changing Source Vlan and Destination Ports Usage Notes Aggregation Menu Rapid Reconfiguration Spanning Tree Definitions to Know Link Aggregation 802.3ad Main Menu Screen 1 802.3ad Port Screen When to Use Aggregator 802.3ad Port Screen OperKey Viewing and Editing 802.3ad Port ParametersAggregator MUX 1.1 802.3ad Port Details Screen When to Use 10 802.3ad Port Details Screen ActorSystemPriority Port Instance PartnerAdminSysID ActorOperState PartnerOperState Lagid Displaying Port StatisticsStats 1.2 802.3ad Port Statistics Screen When to Use 11 802.3ad Port Statistics Screen MarkerPDUsRx LACPDUsRxIllegalRx LACPDUsTx PartnerChurnState LastRxTimedeltaActorChurnState ActorChurnCount 2 802.3ad Aggregator Screen When to Use 12 802.3ad Aggregator Screen AggInst Viewing and Editing 802.3ad Aggregator ParametersDisplaying Aggregator Details SysPri 2.1 802.3ad Aggregator Details Screen When to Use 13 802.3ad Aggregator Details Screen Instance Partner 3 802.3ad System Screen When to Use 14 802.3ad System Screen Number of Ports Broadcast Suppression Configuration ScreenSystem Identifier Number Port # Total RX Setting the Threshold Setting the Reset Peak Configuration Menu Screens 802.1 Configuration Menu Screen 802.1 Configuration Menu Screen 802.1Q Vlan Spanning Tree802.1p Spanning Tree Configuration Menu Screen Tree Configuration Menu Spanning Tree Configuration Screen Vlan AgeTime Priority Current STP ModeConfigured Operation Configuring a Vlan Spanning Tree Spanning Tree Port Configuration Screen Spanning Tree Port Configuration Screen Age Time Switch AddressSTP Vlan ID Pvst Port Configuration Screen Enabling/Disabling the Default Spanning Tree PortsViewing Status of Spanning Tree Ports Port Designated Root CorrespondingPort Designated Port State Port PriorityPort Designated Cost Port Designated PortPage 802.1Q Vlan Configuration Menu Screens Vlan Configuration Menu Preparing for Vlan Configuration Summary of Vlan Local Management 802.1Q Vlan Configuration Menu Screen 802.1Q Vlan Configuration Menu Screen Current Vlan Static VlanVlan Port Static Vlan Configuration Screen Classification Vlan ID FDB ID ADD Creating a Static VlanVlan Name DEL Marked Displaying the Current Static Vlan Port Egress List Renaming a Static Vlan Deleting a Static Vlan Paging Through the Vlan List Static Vlan Egress Configuration Screen Static Vlan Egress Configuration Screen Egress Setting the Egress Type on One or More Ports Individually Setting Egress Types on PortsSetting the Same Egress Type on All Ports Simultaneously Current Vlan Configuration Screen Displaying the Next Group of Ports Vlan Type Read-Only An example of a dynamic Vlan is a Gvrp Vlan Current Vlan Egress Configuration Screen Current Vlan Egress Configuration Screen Vlan Port Configuration Screen Policy Pvid Override is Pvid Changing the Port Mode Configuring the Vlan Ports Vlan Classification Configuration Screen Admit Tagged Frames only VID VID DEL ALL/DEL ClassificationDescription Marked 0x0000 000.000.000.000 0000x00000000 Tftp Http DNS Smtp Src TCP Port FTP Data Nlsp IPX WAN Custom 00-00-00-00-00-00 Classification Precedence Rules Layer Classification Precedence Example Displaying the Current Classification Rule Assignments Assigning a Classification to a VID Deleting All Classification Rules Protocol Port Configuration ScreenDeleting Line Items Deleting One or More Classification Rules Protocol Port Configuration Screen Field Classification RuleClassify Assigning All Ports Simultaneously Assigning Ports to a VID/ClassificationAssigning One or More Ports Individually SET Ports to Assigning VID/Classification to Port Vlan Lists 802.1p Configuration Menu Screen Navigation Paths 802.1p Configuration Menu Screen When to Use Port Priority Configuration Transmit Port PriorityTraffic Class Queues Port Priority Configuration Screen Port Priority Configuration Screen Policy Override Setting Switch Port Priority Port-by-PortSet Setting Switch Port Priority on All Ports Traffic Class Information Screen Traffic Class Information Screen Traffic Class Information Screen Field Descriptions Traffic Class Configuration Screen Traffic Class Configuration Screen Traffic Class Assigning the Traffic Class to Port PrioritySave Transmit Queues Configuration Screen Transmit Queues Configuration Screen Mode Weights Q0, Q1Current Queueing Q2, Q3 Setting the Current Queueing Mode Priority Classification Configuration Screen PID PID 18802.1p Configuration Menu Screens No Change TOS=PID Custom TCP No Change TOS=PID Custom Dest IP Address Mask New IP TOS Tftp Src TCP Port New IP TOS FTP Data IP Fragments New IP TOS IP Fragments2 Start End New IP TOS 00000 Dest TCP Port Start End New IP TOS 00000 SAP 28802.1p Configuration Menu Screens Layer About the IP TOS Rewrite Function Displaying the Current PID/Classification Assignments Assigning a Classification to a PID Deleting All Line Items Deleting PID/Classification/Description Line ItemsDeleting One or More Line Items Protocol Port Configuration Screen See which ports are set to the PID/Classification indicated Assigning Ports to a PID/Classification Solving the Problem Switch Rate Limiting Configuration Screen Priority List Maximum Feature Port Number Modifiable Port Type Direction Configuring a Port 42802.1p Configuration Menu Screens Changing/Deleting Port Line Items Changing One or More Line Items More About Rate Limiting Rate Limiting Configuration Screen Page Layer 3 Extensions Menu Screens Layer 3 Extensions Menu Screen IGMP/VLAN Layer 3 Extensions Menu Screen IGMP/VLAN Configuration Screen Igmp Version 120 Robustness Query IntervalQuery Response Last Member Query Querier Address Switch Query IPMcastMartPoolSize Querier Uptime IGMP/VLAN Configuration Procedure Igmp StatePage Device Statistics Menu Screens Device Statistics Menu Screen Lists the number of frames received, transmitted, filtered, Switch Statistics Screen Rmon Frames Txmtd Frames RcvdFrames Fltrd Interface Statistics Screen Frames Frwded InOctets Interface Statistics Screen InUnicast InErrorsOutErrors InNonUnicast Displaying Interface Statistics MTU Rmon Statistics Screen Rmon Statistics Screen Data Source CRC Align ErrorsRmon Index Owner Jabbers Oversized PktsFragments Total Packets 1024 1518 Octets Displaying Rmon StatisticsIndex nn Network Tools Screens Screen ExampleNetwork Tools Help Screen Refer to -1for a list of the commands Command Alias Examples Alias Stats Arp Arp-a Bridge Syntax Bridge ENABLE/DISABLE IFNUM/ALL OptionsArplearn Syntax Arplearn normal limited status Options Cdp Syntax Cdp enable/disable/status OptionsDefroute Syntax dynamicegress action vid Options action DynamicegressVid Syntax Enable Group Disable Group Trap #ALL Commands for Listing Events Igmpv3drop Syntax igmpv3drop enable disable statusGigabitportmode Syntax gigabitportmode active redundant status Lgframeadmin Linktrap Syntax linktrap enable/disable/status PORT/allSyntax loopbackdetect enable disable state Loopbackdetect Maclock Syntax maclock show port# all Maclock set macaddress port# all create enable disable Syntax Maclock set enable port# all globalMaclock set disable port# all global Maclock set trap port# all enable disable Maclock show Stations Maclock set enable global Netstat Nonbridgeifnum Syntax nonbridgeifnum 0 9999 status PassiveStp Ping Policy show port portnumberorrangeorall PolicySyntax policy show profile profileindex Policy set port portnumberorrangeorall profileindex Examples Contiued Policy show port Radius 11-24Network Tools Screens Character string for the shared secret code. For security Radius client Ratelimitmode Syntax ratelimitmode status highrange default lowrangeExamples Cont’d Reset Syntax reset Options None Example -reset Show SatsizeSyntax Satsize 8 16 status Options Show Appletalk interfaces StpEdgePort SoftresetSyntax softreset Options None Syntax stpEdgePort status StpForceVersion Syntax StpForceVersion 0 2 status Options Recommended Syntax stpLegacyPathCost enable disable statusStpLegacyPathCost Value StpPointToPointMAC StpPort Syntax stpRealTimeMsgAge enable disable statusStpRealTimeMsgAge Telnet Syntax Suppresstopologytraps enable disable OptionsSuppresstopologytraps Syntax Telnet IP address Port # Options Syntax timedsoftreset status t seconds resetnv dontresetnv TimedsoftresetTimedreset Syntax timedreset status t seconds resetnv dontresetnv Traceroute Syntax Traceroute IP address Options VrrpPort EXAMPLE, Effects of Aging Time on Dynamic Egress Done, quit, exit Options None Example -done Vlan Operation and Network Applications Defining VLANs Example of a Vlan 12.2.1 802.1Q VLANs Types of VLANsOther Vlan Strategies Vlan Terms Benefits and RestrictionsIngress Identifier FDB ID Default VlanFiltering Database Tagged Frame Gvrp QcstpGarp Garp Vlan Gmrp Configuration Process Vlan Operation Classifying Frames to a Vlan Vlan Switch OperationDefining a Vlan Customizing the Vlan Forwarding List FID Tagged Frames Receiving Frames from Vlan PortsUntagged Frames Forwarding Decisions Managing the Switch Vlan ConfigurationKnown Unicasts Switch Without VLANs Switch with VLANs Switch Management with VLANs 12-14VLAN Operation and Network Applications 3069162 Quick Vlan Walkthrough Assigning a Vlan ID and Vlan Name Walkthrough Stage One, Static Vlan Configuration Screen Assigning Ports to the Vlan Egress list Walkthrough Stage Two, Port 3 Egress Setting Configuring the Port Parameters Walkthrough Stage Three, Port 10 Egress Setting Walkthrough Stage Four, Vlan Port Configuration Example 1, Single Switch Operation Examples For the Red Vlan 11 Switch Configured for VLANs Frame Handling Example 2, VLANs Across Multiple Switches Redco Blue Industries 12-26VLAN Operation and Network Applications Switch 12-28VLAN Operation and Network Applications Redco Blue Industries User a Blue Industries Redco 15 Transmitting to Bridge Switches 1 Finance Department Example 5, Using Dynamic Egress to Control Traffic PCs 00.00.00.00.00.0A Switch SET ALL Ports no Vlan Operation and Network Applications Page Generic Attribute Registration Protocol Garp HOW IT Works About Igmp Supported Features and Functions Detecting Multicast Routers Page Index Numerics Index-2 Index-3 Index-4 Index-5 Index-6 Index-7 Index-8 Index-9 Index-10 Index-11