Watson-SHDSL-Router-Manual.doc
Version 1.1-07
Watson SHDSL Router
Operating Manual
Revision: 2012-02-15
=
3-7
3.2.8 Security Log
The Security Log displays a list of firewall-related events, including attempts to
establish inbound and outbound connections, attempts to authenticate through
an administrative interface (Web-based management or Telnet terminal), firewall
configuration and system start-up..
3.3 VLAN
Watson SHDSL router supports VLAN functions according to IEEE 802.1q.
3.3.1 Switch VLAN modes
The switch supports two VLAN modes: 802.1q and transparent.
In 802.1q mode each of the eight Ethernet switch ports (Port1 .. Port8) and the
switch trunk port (Trunk), can be member of one or several VLANs. Each port
can be member of maximum 15 VLANs. Each VLAN has a VLAN Identifier (VID)
between 1 and 4094.
Upon reception of an Ethernet packet at a port its VID is checked against the
VIDs of all VLANs this port is a member of. Packets that do not carry one of the-
se VIDs will be discarded.
For untagged packets the default VID for the port is used to determine VLAN
membership.
Packets are only forwarded to ports that are a member of the VLAN of this pack-
et.
Upon transmission the packet will be tagged with the VLAN tag originally re-
ceived. If the packet was untagged then the default tag of the receiving port is
added to the packet. The port can also be configured to send the packets un-
tagged.
In VLAN transparent mode all Ethernet switch ports are member of all VLANs
and untagged packets will not be tagged with a default VID. The packet forward-
ing is only based on MAC addresses.
3.3.2 VLAN interfaces
Watson SHDSL router allows you to create Virtual LAN (VLAN) interfaces on the
router in order to connect to external virtual networks.
It is also possible to create a dedicated VLAN management interface that can be
used for managing the Watson SHDSL router.
3.3.3 VLAN Stacking
A service provider can use VLAN stacking to allow it to distinguish multiple cus-
tomers VLANs, even those with the same (customer-assigned) VLAN ID, within
its network.
Use VLAN stacking to add an outer VLAN tag to the inner IEEE 802.1Q tagged
frames that enter the network. By tagging the tagged frames ("double-tagged"
frames), the service provider can manage up to 4,094 VLAN groups with each