Support User Manuals

3Com 2000 TR Switch User Manual

Open as PDF

of 58

Virtual LANs (VLANS) 2-7

Virtual LANs (VLANS)

What is a VLAN

A VLAN is deﬁned as a group of location- and topol-

ogy- independent devices that communicate as

though they were on the same physical LAN. This

means that they are not restricted by the hardware

that physically connects them, and segments are

deﬁned by ﬂexible user groups created by the user.

For example, with VLANS, the user can deﬁne a net-

work according to:

Department Groups—A VLAN could be created for

the Marketing Department, another VLAN for the

Finance Department, and still another for the Devel-

opment Department.

Hierarchical Groups—A VLAN could be created for

directors, another for managers, and still another for

general staff.

Usage Groups—A VLAN could be created for Email

users, another for multimedia users, and so on.

Advantages of VLAN

All 802 media and shared media support VLANs. In

addition, implementing VLANs:

■ Eases the change of devices

■ Helps control broadcast trafﬁc

■ Provides extra security

VLANs facilitate the administration of logical groups

of stations that can communicate as though they

were on the same LAN. VLANs also facilitate moves,

adds, and changes of members of logical groups.

Trafﬁc between VLANs is ﬁrewalled. This limits the

propagation of multicast and broadcast trafﬁc

between VLANs.

Each distinct VLAN is uniquely identiﬁed throughout

the bridged LAN. A consistent representation of a

VLAN exists across a VLAN fabric (including FE and

ATM). This means that the shared VLAN knowledge

of a particular packet remains the same as the packet

travels from one point to another.

Port-Based Distribution

The switch uses a port-based approach to VLAN

functionality. This approach allows bridges to classify

all received tagged and untagged frames as belong-

ing to a particular VLAN.

NOTE: In port-based VLAN operation, the VLAN clas-

siﬁcation of an untagged frame is implicitly deter-

mined and bases on the port of arrival of the frame.

This facility requires association of a VLAN ID with

each of the bridge’s ports. Only received frames lack-

ing an explicit VLAN ID are subject to this impilcit clas-

siﬁcation.

Using the port-based approach, a speciﬁc VLAN ID is

associated with each bridge port. This VLAN ID,

known as a Port VLAN Idendtiﬁer (PVID), provides the

VLAN classiﬁcation for frames received through that

port. This value may be manager conﬁgured.

previous next