Filter
Top Products
1-5
Cisco Aironet 350 Series Bridge Software Configuration Guide
OL-1410-07
Chapter 1 Overview
VLAN Support
A VLAN can be thought of as a broadcast domain that exists within a defined set of switches. A VLAN
consists of a number of end systems, either hosts or network equipment (such as bridges and routers),
connected by a single bridging domain. The bridging domain is supported on various pieces of network
equipment; for example, LAN switches that operate bridging protocols between them with a separate
group for each VLAN.
VLANs are created to provide the segmentation services traditionally provided by routers in LAN
configurations. Routers in VLAN topologies provide broadcast filtering, security, address
summarization, and traffic-flow management. None of the switches within the defined group will bridge
any frames, not even broadcast frames, between two VLANs.
Several key issues must be considered when designing and building switched LAN networks.
• LAN segmentation
• Security
• Broadcast control
• Performance
• Network management
• Communication between VLANs
VLANs are extended into the wireless realm by adding IEEE 802.1Q tag awareness to the bridge. Frames
destined for wireless LAN clients on different VLANs are transmitted by the bridge on different SSIDs
with different WEP keys. The only clients that can receive and process packets are those with the correct
WEP keys. Conversely, packets coming from a client associated with a certain VLAN are 802.1Q tagged
before they are forwarded onto the wired network.
Figure 1-1 illustrates the difference between traditional physical LAN segmentation and logical VLAN
segmentation with wireless devices connected.