Microsoft ES4612 User Manual
VLAN Configuration
3-123
3
VLAN Configuration
Configuring IEEE 802.1Q VLANs
In large networks, routers are used to isolate broadcast traffic for each subnet into
separate domains. This switch provides a similar service at Layer 2 by using VLANs
to organize any group of network nodes into separate broadcast domains. VLANs
confine broadcast traffic to the originating group, and can eliminate broadcast
storms in large networks. This also provides a more secure and cleaner network
environment.
separate domains. This switch provides a similar service at Layer 2 by using VLANs
to organize any group of network nodes into separate broadcast domains. VLANs
confine broadcast traffic to the originating group, and can eliminate broadcast
storms in large networks. This also provides a more secure and cleaner network
environment.
An IEEE 802.1Q VLAN is a group of ports that can be located anywhere in the
network, but communicate as though they belong to the same physical segment.
network, but communicate as though they belong to the same physical segment.
VLANs help to simplify network management by allowing you to move devices to a
new VLAN without having to change any physical connections. VLANs can be easily
organized to reflect departmental groups (such as Marketing or R&D), usage groups
(such as e-mail), or multicast groups (used for multimedia applications such as
videoconferencing).
new VLAN without having to change any physical connections. VLANs can be easily
organized to reflect departmental groups (such as Marketing or R&D), usage groups
(such as e-mail), or multicast groups (used for multimedia applications such as
videoconferencing).
VLANs provide greater network efficiency by reducing broadcast traffic, and allow
you to make network changes without having to update IP addresses or IP subnets.
VLANs inherently provide a high level of network security since traffic must pass
through a configured Layer 3 link to reach a different VLAN.
you to make network changes without having to update IP addresses or IP subnets.
VLANs inherently provide a high level of network security since traffic must pass
through a configured Layer 3 link to reach a different VLAN.
This switch supports the following VLAN features:
• Up to 255 VLANs based on the IEEE 802.1Q standard
• Distributed VLAN learning across multiple switches using explicit or implicit tagging
• Distributed VLAN learning across multiple switches using explicit or implicit tagging
and GVRP protocol
• Port overlapping, allowing a port to participate in multiple VLANs
• End stations can belong to multiple VLANs
• Passing traffic between VLAN-aware and VLAN-unaware devices
• Priority tagging
• End stations can belong to multiple VLANs
• Passing traffic between VLAN-aware and VLAN-unaware devices
• Priority tagging
Assigning Ports to VLANs
Before enabling VLANs for the switch, you must first assign each port to the VLAN
group(s) in which it will participate. By default all ports are assigned to VLAN 1 as
untagged ports. Add a port as a tagged port if you want it to carry traffic for one or
more VLANs, and any intermediate network devices or the host at the other end of
the connection supports VLANs. Then assign ports on the other VLAN-aware
network devices along the path that will carry this traffic to the same VLAN(s), either
manually or dynamically using GVRP. However, if you want a port on this switch to
participate in one or more VLANs, but none of the intermediate network devices nor
the host at the other end of the connection supports VLANs, then you should add
this port to the VLAN as an untagged port.
group(s) in which it will participate. By default all ports are assigned to VLAN 1 as
untagged ports. Add a port as a tagged port if you want it to carry traffic for one or
more VLANs, and any intermediate network devices or the host at the other end of
the connection supports VLANs. Then assign ports on the other VLAN-aware
network devices along the path that will carry this traffic to the same VLAN(s), either
manually or dynamically using GVRP. However, if you want a port on this switch to
participate in one or more VLANs, but none of the intermediate network devices nor
the host at the other end of the connection supports VLANs, then you should add
this port to the VLAN as an untagged port.