87
CrossFire 8600/8605 Token-Ring Switches v. 1.2, P/N: 710001641 Switch Configuration
VLAN Configuration
The Virtual LAN feature can be used to partition a switch or a stack of switches into
several Virtual LANs, each containing its own set of ports (the terms
Virtual LAN
and
domain
are interchangeable). Packets are forwarded only between ports
belonging to the same. The benefit of Virtual LAN is to restrict access from one
segment to another, either for security purposes or to reduce intersegment traffic.
Figure 21 illustrates a switch with four VLANs.
Figure 21. Switch with four VLANs
To set up domains using the VLAN Configuration menu, specify the ports
belonging to the domains, then set up the IP configurations, trap configuration (trap
receivers are associated with a set of VLANs and a receiver IP address) and STP
configurations specific to the appropriate VLANs. If you have already supplied
configuration information using the main configuration menus, that information
applies to VLAN “default”. Virtual LANs affects other switch features in the
following ways:
•
Spanning Tree Protocol (STP).
If you are using STP in a certain domain, you
must supply STP information for that domain. The STP software treats ports
on other domains as nonexistent. Domains do not affect port priorities and port
costs. You set these parameters using the STP Configuration menu that you
select from the main Configuration menu.
•
SNMP trap tables.
Each domain appears to the network management system
as a physically different Token-Ring switch unit. Certain MIB II objects and
proprietary objects are domain-sensitive, while others are not. For a list of
domain-sensitive objects, see Chapter 7, “Monitoring the Network with the
Console”.
•
IP.
You may give each domain an IP address, subnet mask, and gateway
address definition.
VLAN 3
Ports 4, 7, 9
VLAN 4
Ports 6, 8, 13, 14
VLAN 2
Ports 5, 11, 12
VLAN 1
Ports 1, 2, 3, 10