Enterasys Networks 6E2xx, 6G3xx, 6H2xx, 6H3xx 13.2 TYPES OF VLANs, 13.2.1 802.1Q VLANs, 13.2.2 Other VLAN Strategies, 13.3 BENEFITS AND RESTRICTIONS

Types of VLANs

13-4 VLAN Operation and Network Applications

13.2 TYPES OF VLANs

There are a number of different strategies for creating Virtual Local Area Networks, each with

their own approaches to defining a station’s membership in a particular VLAN.

13.2.1 802.1Q VLANs

An 802.1Q VLAN switch determines the VLAN membership of a data frame by its Tag Header,

described later in this chapter. If the frame received is not tagged, the switch classifies the frame

into the VLAN that is assigned as the default VLAN of the switch.

Some or all ports on the switch may be configured to operate as GARP VLAN Registration

Protocol (GVRP) ports. If a frame received is tagged, the frame is forwarded to the GVRP ports

that are configured to transmit frames associated with the frame VLAN ID and protocol. If the

received frame is not tagged, the frame is examined and tagged as belonging to the default VLAN.

Then the frame is forwarded to the GVRP ports that are configured to transmit frames associated

with the default VLAN and the frame protocol.

13.2.2 Other VLAN Strategies

VLANs may also be created by a variety of addressing schemes, including the recognition of

groups of MAC addresses or types of traffic. One of the best-known VLAN-like schemes is the use

of IP Subnets to divide networks into smaller subnetworks.

13.3 BENEFITS AND RESTRICTIONS

The primary benefit of the 802.1Q VLAN technology is that it provides localization of traffic. This

function also offers improvements in security and performance to stations assigned to a VLAN.

While the localization of traffic to VLANs can improve security and performance, it imposes some

restrictions on network devices that participate in the VLAN. Through the use of Filtering

Database IDs (FDB IDs) security can be implemented to enable or prevent users from one or more

VLANs from communicating with each other.

One or more VLANs can be assigned to an FDBID so that all the users that share a common

FDB ID can communicate with each other regardless of their VLAN affiliation. However, for the

sake of security, the members of one FDBID cannot communicate with the members of another

FDB ID.

To set up a VLAN, all the network switch devices that are assigned to the VLAN must support the

IEEE 802.1Q specification for VLANs. Before you attempt to implement a VLAN strategy, ensure

that the switches under consideration support the IEEE 802.1Q specification.