VLAN 2 includes the Main Server, Clients 1 and 2 by means of a shared media segment, and Client 5. This is a software development group.

VLAN 3 includes the Main Server, the Accounting Server, and Client 4. This is an accounting group.

The Main Server is a high-use server that needs to be accessed from all VLANs and IP subnets. The server has a Sun 10-Gigabit Ethernet adapter installed. All three IP subnets are accessed by means of the single physical adapter interface. The server is attached to one of the switch’s Gigabit Ethernet ports, which is configured for VLANs 1, 2, and 3. Both the adapter and the connected switch port have tagging turned on. Because of the tagging VLAN capabilities of both devices, the sever is able to communicate on all three IP subnets in this network, but continues to maintain broadcast separation between all of them. The following list describes the components of this network:

The Accounting Server is available to only VLAN 3. It is isolated from all traffic on VLANs 1 and 2. The switch port connected to the server has tagging turned off.

Clients 1 and 2 are attached to a shared media hub that is then connected to the switch. They belong to only VLAN 2, and are logically in the same IP subnet as the Main Server and Client 5. The switch port connected to this segment has tagging turned off.

Client 3 is a member of VLAN 1, and can communicate only with the Main Server and Client 5. Tagging is not enabled on Client 3’s switch port.

Client 4 is a member of VLAN 3, and can communicate only with the servers. Tagging is not enabled on Client 4’s switch port.

Client 5 is a member of both VLANs 1 and 2, and has a Sun 10-Gigabit Ethernet adapter installed. It is connected to switch port 10. Both the adapter and the switch port are configured for VLANs 1 and 2 and have tagging enabled.

VLAN tagging is only required to be enabled on switch ports that create trunk links to other VLAN-aware Ethernet switches, or on ports connected to tag-capable end- stations, such as servers or workstations with VLAN-aware adapters.

Configuring VLANs

VLANs can be created according to various criteria, but each VLAN must be assigned a VLAN tag or VLAN ID (VID). The VID is a 12-bit identifier between 1 and 4094 that identifies a unique VLAN. For each network interface (ipge0, ipge1, ipge2, and so on), 4094 possible VLAN IDs can be selected. Only 512 unique IDs can be used simultaneously. Because IP subnets are commonly used, it is best to use

Chapter 5 Configuring VLANs 59

Page 93
Image 93
Sun Microsystems Gigabit Ethernet MMF/UTP Adapter manual Configuring VLANs