Netgear M4100-D12G (GSM5212v1h1) - 10‐port GE + 2 GE Combo L2 Managed PD Switch Guía De Administador
VLANs
14
ProSAFE M4100 Managed Switches
VLAN Concepts
Adding virtual LAN (VLAN) support to a Layer 2 switch offers some of the benefits of both
bridging and routing. Like a bridge, a VLAN switch forwards traffic based on the Layer 2
header, which is fast. Like a router, it partitions the network into logical segments, which
provides better administration, security, and management of multicast traffic.
header, which is fast. Like a router, it partitions the network into logical segments, which
provides better administration, security, and management of multicast traffic.
A VLAN is a set of end stations and the switch ports that connect them. You can have
different reasons for the logical division, such as department or project membership. The only
physical requirement is that the end station and the port to which it is connected both belong
to the same VLAN.
physical requirement is that the end station and the port to which it is connected both belong
to the same VLAN.
Each VLAN in a network has an associated VLAN ID, which appears in the IEEE 802.1Q tag
in the Layer 2 header of packets transmitted on a VLAN. An end station might omit the tag, or
the VLAN portion of the tag, in which case the first switch port to receive the packet can either
reject it or insert a tag using its default VLAN ID. A given port can handle traffic for more than
one VLAN, but it can support only one default VLAN ID.
in the Layer 2 header of packets transmitted on a VLAN. An end station might omit the tag, or
the VLAN portion of the tag, in which case the first switch port to receive the packet can either
reject it or insert a tag using its default VLAN ID. A given port can handle traffic for more than
one VLAN, but it can support only one default VLAN ID.
The Private Edge VLAN feature lets you set protection between ports located on the switch.
This means that a protected port cannot forward traffic to another protected port on the same
switch. The feature does not provide protection between ports located on different switches.
This means that a protected port cannot forward traffic to another protected port on the same
switch. The feature does not provide protection between ports located on different switches.
The diagram in this section shows a switch with four ports configured to handle the traffic for
two VLANs. Port 1/0/2 handles traffic for both VLANs, while port 1/0/1 is a member of VLAN 2
only, and ports 1/0/3 and 1/0/4 are members of VLAN 3 only. The script following the diagram
shows the commands you would use to configure the switch as shown in the diagram.
two VLANs. Port 1/0/2 handles traffic for both VLANs, while port 1/0/1 is a member of VLAN 2
only, and ports 1/0/3 and 1/0/4 are members of VLAN 3 only. The script following the diagram
shows the commands you would use to configure the switch as shown in the diagram.
Layer 3 switch
Port 1/0/2 VLAN
Router Port 1/3/1
192.150.3.1
Router Port 1/3/1
192.150.3.1
Port 1/0/3 VLAN
Router Port 1/3/2
192.150.4.1
Router Port 1/3/2
192.150.4.1
Layer 2
Switch
Switch
Layer 2
Switch
Switch
VLAN 10
VLAN 20
Port 1/0/1
Figure 1. Switch with 4 ports configured for traffic from 2 VLANs
The following examples show how to create VLANs, assign ports to the VLANs, and assign a
VLAN as the default VLAN to a port.
VLAN as the default VLAN to a port.