Intellinet 519021 User Guide
Modularized 24+2G Switch
101
Appendix B
802.1Q Tag-VLAN Application Example
An IEEE 802.1Q VLAN is a group of ports that can be located anywhere in the
network, but communicate as though they belong to the same physical segment.
VLANs help to simplify network management by allowing you to move devices
to a new VLAN without having to change any physical connections. VLANs can
be easily organized to reflect departmental groups (such as Marketing or R&D),
usage groups (such as e-mail), or multicast groups (used for multimedia
applications such as videoconferencing).
VLANs provide greater network efficiency by reducing broadcast traffic, and
allow you to make network changes without having to update IP addresses or IP
subnets. VLANs inherently provide a high level of network security since traffic
must pass through a configured Layer 3 link to reach a different VLAN. Figure 1
demonstrate a VLAN example with 2 switches and 4 VLAN groups. Below are
details and configuration steps .
network, but communicate as though they belong to the same physical segment.
VLANs help to simplify network management by allowing you to move devices
to a new VLAN without having to change any physical connections. VLANs can
be easily organized to reflect departmental groups (such as Marketing or R&D),
usage groups (such as e-mail), or multicast groups (used for multimedia
applications such as videoconferencing).
VLANs provide greater network efficiency by reducing broadcast traffic, and
allow you to make network changes without having to update IP addresses or IP
subnets. VLANs inherently provide a high level of network security since traffic
must pass through a configured Layer 3 link to reach a different VLAN. Figure 1
demonstrate a VLAN example with 2 switches and 4 VLAN groups. Below are
details and configuration steps .
IP: 137.92.254.10
Internet
2
16
20
22
24
18
14
12
10
8
6
4
1
15
19
21
23
17
13
11
9
7
5
3
25
26
1
15
19
21
23
17
13
11
9
7
5
3
2
16
20
22
24
18
14
12
10
8
6
4
25
26
PC 201
PC 205
PC 203
PC 202
Router
tag frame
vid 254, 176, 102, 2
untag-frame
tag frame
vid 254, 176, 102, 2
254
176
102
2
Color
SW1
SW2
tag frame
vid 254, 176, 102, 2
PC 204
PC 101
PC 103
PC 102
PC 104
IP: 137.92.254.11
Port 25, 26 are members of
VLAN v254, v176, v102 and v2
v254
v176
v102
v2
VID
Name
VLAN define
Port 25, 26 are members of
VLAN v254, v176, v102 and v2
v176
v102
v2
v176
v102
v2
Figure 1. 802.1Q Tag-VLAN example
Modularized 24+2G Switch
102
Netwrok topology
In Fig 1, we will have a fibre (1000SX) carrying tagged VLANs with trivial
VIDs (254,176,102,2) only. This will be connected to the uplink port (26) on a
switch SW1. The internal management interface of this SW1 will have an IP
address on VLAN VID 254 (e.g. 137.92.254.10). A 1000SX port (25) on this
SW1 will then be connected to the uplink port (26) on SW2 and it will carry
tagged packets VIDS (254.176.102.2). Again the management port of the SW2
will be on VLANs VID 254 (e.g. 137.92.254.11). We will have a few ports on
the 550+ to egress untagged packets on VLANs 254.76.102.2. And we can
telnet/SNMP the management interfaces of both the SW1 and the SW2. That a
laptop on either VLANs 254.176.102.3 can see the rest of the network(s).
VIDs (254,176,102,2) only. This will be connected to the uplink port (26) on a
switch SW1. The internal management interface of this SW1 will have an IP
address on VLAN VID 254 (e.g. 137.92.254.10). A 1000SX port (25) on this
SW1 will then be connected to the uplink port (26) on SW2 and it will carry
tagged packets VIDS (254.176.102.2). Again the management port of the SW2
will be on VLANs VID 254 (e.g. 137.92.254.11). We will have a few ports on
the 550+ to egress untagged packets on VLANs 254.76.102.2. And we can
telnet/SNMP the management interfaces of both the SW1 and the SW2. That a
laptop on either VLANs 254.176.102.3 can see the rest of the network(s).
IP: 137.92.254.10
Internet
2
16
20
22
24
18
14
12
10
8
6
4
1
15
19
21
23
17
13
11
9
7
5
3
25
26
1
15
19
21
23
17
13
11
9
7
5
3
2
16
20
22
24
18
14
12
10
8
6
4
25
26
PC 201
Router
untag-frame
SW1
SW2
PC 101
IP: 137.92.254.11
Port 25, 26 are members of
VLAN v254, v176, v102 and v2
Port 25, 26 are members of
VLAN v254, v176, v102 and v2
v176
v102
v2
v176
v102
v2
IP: 137.92.254.x /24
tag-frame
untag-frame
IP: 137.92.254.x /24
untag-frame
untag-frame
tag-frame
254
176
102
2
Color
v254
v176
v102
v2
VID
Name
VLAN define
Figure 2. Communications between PC101 & PC201 with tagged-VLAN
.