DGS-3312SR Stackable Gigabit Layer 3 Switch
81
VLANs
The Switch Web Manager’s VLANs sub-folder is divided into two main windows,
802.1Q Static VLANs
and
802.1Q
Port Settings
. Each is described after a short overview of VLANs.
VLANs can function somewhat differently in a Layer 3 Switch, that is when the VLANs are Layer 3-based, than if they are
strictly based on Layer 2 information. Since IP Switching among VLANs may be unfamiliar to users who are otherwise
well acquainted with conventional VLANs used in standard Ethernet Switches, some explanation of VLANs used in Layer
3 Switching is presented below. It is essential to fully grasp this difference to take advantage of the improved efficiency of
Layer 3 Switching.
VLANs in Layer 2
In normal 802.1Q VLAN implementation, packets cannot cross VLANs in a Switch that is limited to Layer 2 functions. If
a member of one VLAN wants to connect to another VLAN, the link must be through an external router.
Layer 3-Based VLANs
Layer 3-based VLANs use network-layer addresses (subnet address for TCP/IP) to determine VLAN membership. These
VLANs are based on layer 3 information, however this does not constitute a ‘routing’ function.
The DGS-3312SR and associated DGS-3312SR series Switches allow an IP subnet to be configured for each 802.1Q
VLAN that exists on the Switch
.
That is, a VLAN can be associated or attached to an IP subnet. This represents an
improvement in performance since it bypasses any routing functions, packets transferred between subnets are reduced to a
“hardware” decision.
Even though a Switch inspects a packet’s IP address to determine VLAN membership, no route calculation is performed,
the RIP protocol is not employed, and packets traversing the Switch are bridged using the Spanning Tree algorithm.
A Switch that implements layer 3 (or ‘subnet’) VLANs without performing any routing function between these VLANs is
referred to as performing ‘IP Switching’.
Planning VLAN Layout
VLANs on the DGS-3312SR, DES-3226S and he DES-3250TG series of Switches have considerably more functions and
are more complex than on a traditional layer 2 Switch, and must therefore be laid-out and configured with a bit more
forethought. VLANs with an IP interface assigned to them could be thought of as network links – not just as a collection of
associated end users. Further, VLANs assigned an IP network address and subnet mask enables IP routing between them.
VLANs must be configured on the Switch before they can be assigned IP subnets. Furthermore, the static VLAN
configuration is specified on a per port basis. On the DGS-3312SR, a VLAN can consist of end-nodes – just like a
traditional layer 2 Switch, but a VLAN can also consist of one or more Switches – each of which is connected to multiple
end-nodes or network resources.
Therefore, the IP subnets for a network must be determined first, and the VLANs configured on the Switch to
accommodate the IP subnets. Finally, the IP subnets can be assigned to the VLANs.
Assigning IP Network Addresses and Subnet Masks to VLANs
The DGS-3312SR allows the assignment of IP subnets to individual VLANs. This is the fundamental advantage of VLANs
in IP Switching.
Developing an IP addressing scheme is a complex subject, but it is sufficient here to mention that the total number of
anticipated end nodes – for each IP interface – must be accommodated with a unique IP address. It should be noted that the
Switch regards a VLAN with an IP network address and corresponding subnet mask assigned as an IP interface.
Understanding 802.1Q VLANs
This review of 802.1Q VLANs presents some basic background about how VLANs work according to the IEEE 802.1Q
standard. VLANs operate according to the same rules regardless of whether the Switching environment is Layer 2 or Layer
3. The difference is primarily that in a Layer 3 Switch there is an added capability of unique association between a VLAN
and an IP interface or subnet group.
A VLAN is a collection of end nodes grouped by logic rather than physical location. End nodes that frequently
communicate with each other are assigned to the same VLAN, regardless of where they are located physically on the
network. Logically, a VLAN can be equated to a broadcast domain, because broadcast packets are forwarded only to
members of the VLAN on which the broadcast was initiated.