36
intercommunicate directly. Inter-VLAN communication can only be achieved using a router or other layer 3
devices that are able to perform Layer 3 forwarding.
Compared with the traditional Ethernet, VLAN enjoys the following advantages:
(1) Better management and control of broadcast activity
VLANs conserve network resources by segmenting a large broadcast domain into several smaller broadcast
domains or VLAN groups and restrict all broadcast traffic to the VLAN on which the broadcast was initiated.
(2) Reduced cost
The use of VLANs to create broadcast domains eliminates the need for routers to handle this function, permitting
operation at lower latencies and cost compared to routers under heavy load and at high cost.
(3) Ease of network administration
Members of a VLAN group can be geographically dispersed as they are logically related instead of physically on
the same VLAN. Thus network administrators do not need to re-configure the network when a VLAN member
changes its location. For example, in order to better collaborate with staffs from home or abroad on a special
project a workgroup is indispensable. Using VLAN, all workstations and servers that a particular workgroup uses
can be assigned to the same VLAN. For example, in order to better collaborate with staffs from home or abroad on
a special project a workgroup is indispensable. Using VLAN, all workstations and servers that a particular
workgroup uses can be assigned to the same VLAN.
(4) Tighter network security
Different VLANs cannot intercommunicate directly. Inter-VLAN communication can only be achieved using a
router or other layer 3 devices that are able to perform Layer 3 forwarding.
VLAN Mode
The switch provides 2 VLAN modes as below:
802.1Q VLAN Mode
IEEE 802.1Q is the network standard that supports Virtual LANs (VLANs) on an Ethernet network. The standard
defines a system of VLAN tagging for Ethernet frames and the accompanying procedures to be used by bridges and
switches in handling such frames.
Port VLAN
Port VLANs limit traffic that flows into and out of switch ports. Thus, all devices connected to a port are members
of the VLAN(s) the port belongs to, whether there is a single computer directly connected to a switch, or an entire
department. Members of the same VLAN can intercommunicate. A user can belong to multiple VLANs
simultaneously. For example, if you want both user A and user B to communicate with user C while user A and
user B cannot intercommunicate, simply put user A and user C to a VLAN and user B and user C to the other
VLAN.
802.1Q VLAN
VLAN Tag
As defined in IEEE 802.1Q, a four-byte VLAN tag is inserted after the DA&SA field to identify frames of different
VLANs.
Содержание G3224P
Страница 1: ......