AT-S63 Management Software Features Guide
Section VI: Virtual LANs 351
Overview
As explained in “Overview” on page 313, VLANs are a means for creating
independent LAN segments within a network and are typically employed to
improve network performance and security.
The AT-S63 Management Software offers several different types of
VLANs, including port-based, tagged, and protected ports. Membership in
these VLANs is determined either by the port VLAN identifier (PVID)
assigned to a port on a switch or, in the case of tagged traffic, by the VLAN
identifier within the packets themselves.
This chapter describes VLANs that are based on the source MAC
addresses of the end nodes that are connected to the switch. With a MAC
address-based VLAN, only those nodes whose source MAC addresses
have been entered as members of the VLAN can share and access the
VLAN resources. This is in contrast to a port-based or tagged VLAN where
any node that has access a switch port can join a VLAN as a member.
One of the principle advantages of this type of VLAN is that it can make it
easier to manage network users that roam. These are users who access
the network from different points at different times. The challenge for a
network administrator is providing these users with the same resources
regardless of the point at which they access the network. If you employed
port-based or tagged VLANs for roaming users, you might have to
reconfigure the VLANs, moving ports to and from different virtual LANs, so
that the users always have access to the same network resources. But
with a MAC address-based VLAN, the switch can assign a network user to
the same VLAN and network resources regardless of the port from which
the user accesses the network.