  1. VLANs Virtual Local Area Networks BA 479

  3. VLAN - Brief Introduction Five W’s and an H…

  4. VLAN Introduction • What? • “Networks in which computers are assigned to LAN segments by software rather than by hardware.” • Who? • Us • Why? • Often faster, while providing greater opportunities to manage the flow of traffic on the LAN and Backbone Network (BN) in comparison to traditional LAN and routed BN architectures.

  5. VLAN Introduction • Where? • Hosting Centers and Ethernet Metropolitan Area Network (MAN) • When? • Due to their complexity, usually only used for large networks. • And the H…

  7. VLAN History • First Products: Segmentable Switches • Allows creation of two or more virtual switches from a single switch. • Assigning individual ports to a specific virtual switch. • First products allowed switching of multiple segments on a single switch, as well as offering a monetary advantage over switched Ethernet ports which cost $700 or more at the time.

  9. VLAN Background • Local Area Networks (LAN) • Generally defined as a broadcast domain. • “Hubs, bridges, or switches on the same physical segment or segments connect end node devices” • A router is not needed for end nodes on the same LAN segment to communicate with each other. • However a router is necessary for these devices to communicate with devices on other LAN segments.

  10. VLAN Background • To the left, a LAN environment connected by routers • Drawback: • Routers add latency that delays the transmission of data • Solution? • Switched Network

  11. VLAN Background • To the right, a LAN environment connected by switches. • Speed and latency advantages. • Drawback: • All end nodes (or hosts) are in same broadcast domain, which adds to the network a significant amount of traffic that is seen by all hosts. • Solution? • Switched Network w/VLANs

  12. Single-Switch VLAN

  13. Single-Switch VLAN • The VLAN operates only inside one switch. • Computers, dozens or even hundreds, on the VLAN are connected into this switch and assigned by software into different VLAN segments. • VLAN segments act as though they are connected to the same physical switchor hub.

  14. Single-Switch VLAN cont. • It’s possible to have one computer only in a VLAN. (Servers) • Four ways in which computers attached to a VLAN can be assigned to specific VLANs inside them…: • Port-based VLANs (layer-1 VLANs) • MAC-based VLANs (layer-2 VLANs) • IP-based VLANs(layer-3 VLANS) • Application-based VLANs (layer-4 or policy-based VLANS)

  15. Port-based VLANs (layer-1 VLANs) • Uses physical layer port number on the front of the VLAN switch to assign computers to VLAN segments. • All computers are physically cabled into a specific port on the VLAN switch. • A software is used to instruct the switch as to which ports are assigned to which VLAN.

  16. MAC-based VLANs (layer-2 VLANs) • Uses data link layer address or physical address to form VLANs. • A software is used to instruct the switch as to which incoming data link layer addresses are assigned to which VLAN segment. • Easier to manage than Port-based.

  17. Multi-Switch VLAN

  18. Multi Switch Approach • Layer 3 • Layer 4 • IEEE 802.1Q

  19. Layer 3 • Network layer • serves as the backbone for network traffic going across different VLANs. • provides logical routing interfaces to VLANs on Layer 2 switches. A traditional network requires a physical interface from a router to a switch to perform inter VLAN routing.

  20. Layer 4 • Transport Layer • Decides on where to send the packets. • sends incoming packets to one or more machines which are hidden behind a single IP address.

  21. IEEE 802.1Q • allows multiple bridged networks to transparently share the same physical network link without leaking information

  23. Benefits • Performance • VLANs can reduce sending traffic to unnecessary destinations • Formation of Virtual Workgroups • Segment sections of business (marketing, accounting, etc) by VLAN • Drawback – distance in physical location, centralized server farms • Simplified Administration • Adding, changing, moving user accounts no new reconfiguration of hubs/routers necessary

  24. Benefits • Reduce Costs • VLANs can be used to create broadcast domains which can eliminate cost of expensive routers • Security • Keep information restricted to only users who need access • Can control boadcast domains, set up firewalls and more

  25. VLAN Drawbacks

  26. Drawbacks • Costs • Purchasing additional hardware • May need to hire new employee to manage • Misc. • New users may encounter new problems they are not familiar with • If users are located on different floors of a building common resources (such as a printer) could be in inconvenient locations