2: Introduction to VLAN
Configuring VLAN and CDP on a GW Series Router
Issue 1.4
Page 4 of 12
© 2012 Virtual Access.
2
Introduction to VLAN
Virtual Access routers support 802.1Q tagged-based VLAN. Tagging is the process of
adding a 4 byte tag containing the VID (VLAN ID) to an Ethernet frame.
Hosts send traffic with or without a VLAN tag. The Virtual Access router assigns this
traffic to a particular Ethernet port based on the 802.1Q tag.
VLANs can be used to group hosts together as if they exist physically on the same wire or
alternatively, hosts that are already physically on the same wire can be logically
separated.
VLANs are used to allow different logical networks to be connected to the same physical
hardware without any cross-leakage of data from one VLAN to any other at layer 2.
For cross-communication between the VLANs, you need a router to route at the layer 3
level. The VLANs can be thought of as layer 2 broadcast domains.
The IEEE 802.1Q Ethernet frame is shown in figure 1. The VLAN ID specifies to which
VLAN the Ethernet traffic belongs. This feature can be used to define a fixed voice VLAN,
so that all VoIP telephones can be kept on a dedicated VLAN, with a higher layer
switching at routers or switches.
Figure 1: IEEE 802.1Q Ethernet tag
VLAN tagging is useful when VoIP telephones are used on internal networks. The QoS
feature can be used to prevent timing-critical services, such as voice, from being
interrupted by other less timing-sensitive services, such as data transmission.
As a security feature, the SMG allows the connection of different VLANs to different
physical interfaces on the SMG, with only the inter-VLAN traffic being passed to the
CPU/router. The allowed VLAN tags are configured on the router and any tagged traffic
that does not belong to the allowed VLAN tags group will not be allowed.
2.1
Configuring the router for VLAN
The Virtual Access router has a 4 port Ethernet switch. This switch can be grouped as a
complete segment or as individual segments.
