Example 3, 1D Trunk Connection to 802.1Q VLAN Network

The Green Incorporated Network Administrators want to continue to separate normal network traffic between the Blue and Red VLANs, and create a new isolated VLAN for Green, Incorporated users. All divisions in the facility are to have equal access to the Mail Server on the first floor.

4.3.1Solving the Problem

Much of the existing network configuration can remain as it was for Example 2, VLANs Across Multiple Switches. However, the Forward Default VLAN Out All Ports must be set to YES on Switch 4 and 2, and a new 1Q Trunk port must be activated and configured on Switch 2. There are no other real changes to the network above the first floor.

Switch 4

Switch 4 is set as follows:

1.The Forward Default VLAN Out All Ports is set to YES using the Device/VLAN Configuration screen. This adds the Default VLAN to the Port VLAN List of every switch port and all VLANs become members of FID 1. This allows all traffic received from the mail server via Switch 2 and Switch 1 to be received and classified to the Default VLAN of Switch 4.

Switch 2

Switch 2 is set as follows:

1.The Forward Default VLAN Out All Ports is set to YES using the Device/VLAN Configuration screen. This adds the Default VLAN to the Port VLAN List of every switch port and all VLANs become members of FID 1.

2.The port mode of Port 4 is set using the Port Assignment screen:

Port 4, Port Mode: 1Q Trunk

This causes Port 4 to be set as an additional 802.1Q Trunk port, which makes its Port VLAN List contain all VLANs, and all frames forwarded out this port are forwarded as tagged frames.

Switch 1

Switch 1 needs to be added to the network backbone to handle traffic from the Green Incorporated network and the mail server. To accomplish this Switch 1 is configured as follows:

1.One VLAN is added to the list of VLANs in the Device/VLAN Configuration screen. In this example, Switch 1 is set as follows:

VLAN ID 4, FID 4, with a VLAN Name of Green

2.The Forward Default VLAN Out All Ports is set to YES using the Device/VLAN Configuration screen. This adds the Default VLAN to the Port VLAN List of every switch port and all VLANs become members of FID 1.

4-10Examples

Page 70
Image 70
Enterasys Networks 802.1Q manual Switch 4 is set as follows

802.1Q specifications

Enterasys Networks, a subsidiary of the Siemens Group, is widely recognized for its comprehensive networking solutions, with a strong emphasis on security, reliability, and performance. One of the key technologies offered by Enterasys is 802.1Q, a critical component of Ethernet networking that establishes standards for VLAN (Virtual Local Area Network) tagging. This technology is essential for enhancing network performance and managing traffic efficiently.

The primary feature of 802.1Q is its ability to create VLANs, which segment a physical network into multiple logical networks. This segmentation improves network security by isolating sensitive data and restricting access to specific users or devices. With VLANs, organizations can reduce broadcast traffic, thereby enhancing overall network efficiency. Different departments within an organization can operate on their own VLAN, ensuring that their traffic is kept separate from others.

One significant technological aspect of 802.1Q is its tagging method. When a frame passes through a switch port configured for IEEE 802.1Q, the switch appends a VLAN tag to the frame. This tag contains important information, such as the VLAN ID, enabling switches and devices throughout the network to identify which VLAN the frame belongs to. This tagging is especially critical in environments where multiple VLANs share the same physical infrastructure.

Another characteristic of Enterasys Networks' implementation of 802.1Q is interoperability with existing network standards and protocols. This means that organizations can implement VLAN tagging without requiring major upgrades or replacements of their switch hardware. Enterasys ensures that its switches are compliant with various industry standards, making it easier for enterprises to integrate these solutions into their existing network settings.

Security is another vital feature of Enterasys Networks’ 802.1Q offering. By leveraging VLANs, organizations can enforce stricter access controls and policies, reducing the risk of unauthorized access to sensitive network segments. This is particularly beneficial for industries with stringent compliance requirements, such as finance and healthcare.

In summary, Enterasys Networks' 802.1Q technology plays a pivotal role in modern networking by facilitating VLAN creation, enabling efficient traffic management, ensuring interoperability, and bolstering network security. As organizations increasingly rely on connected devices and data-driven processes, technologies like 802.1Q are essential for building robust, scalable, and secure networking environments.