ZyXEL Communications NXC8160 3.3 VLAN, 3.3.1VLAN Tagging, 3.3.2VLAN Application Example

Chapter 3 LAN Screen

3.3 VLAN

A VLAN (Virtual Local Area Network) allows a physical network to be partitioned into multiple logical networks. Stations on a logical network can belong to more than one group. Only stations within the same group can talk to each other. With VLAN, a device cannot directly talk to or hear from devices that are not in the same group(s) unless such traffic first goes through a router.

In traditional switched environments, all broadcast packets go to each and every individual port. With VLAN, all broadcasts are confined to a specific broadcast domain. SSIDs in the same VLAN group share the same broadcast domain thus increase network performance through reduced broadcast traffic.

VLAN on the NXC-8160 allows you to:

•Provide security and isolation among the LAN IP addresses and SSIDs.

•Stop an SSID from accessing the Internet.

•Prevent two SSIDs from communicating with each other or allow specific SSIDs to communicate with each other.

•Improve network performance.

•Provide different services to different VLAN groups by connecting to another VLAN- aware switch.

3.3.1VLAN Tagging

The NXC-8160 supports IEEE 802.1q VLAN tagging. Tagged VLAN uses an explicit tag (VLAN ID) in the MAC header of a frame to identify VLAN membership. The NXC-8160 can identify VLAN tags for incoming Ethernet frames and add VLAN tags to outgoing Ethernet frames.

"When VLAN is enabled, you must connect the NXC-8160 to a VLAN-aware device.

3.3.2VLAN Application Example

In this example, there is an NXC-8160 and a VLAN-aware switch A in your network. The NXC-8160 is connected to port 4 on switch A. Port 5 on switch A is the uplink port and connected to the Internet. You configure the following VLAN settings on switch A and the NXC-8160.