Netgear M4200-10MG-PoE+ (GSM4210P) - Multigigabit Managed Switch with 8*2.5G and 2x10G SFP+ Layer 3 관리자 가이드
VLANs
19
Managed Switches
VLAN Concepts
Adding virtual LAN (VLAN) support to a Layer 2 switch offers some of the benefits of both
bridging and routing. Like a bridge, a VLAN switch forwards traffic based on the Layer 2
header, which is fast. Like a router, it partitions the network into logical segments, which
provides better administration, security, and management of multicast traffic.
header, which is fast. Like a router, it partitions the network into logical segments, which
provides better administration, security, and management of multicast traffic.
A VLAN is a set of end stations and the switch ports that connect them. You can have
different reasons for the logical division, such as department or project membership. The only
physical requirement is that the end station and the port to which it is connected both belong
to the same VLAN.
physical requirement is that the end station and the port to which it is connected both belong
to the same VLAN.
Each VLAN in a network has an associated VLAN ID, which appears in the IEEE 802.1Q tag
in the Layer 2 header of packets transmitted on a VLAN. An end station might omit the tag, or
the VLAN portion of the tag, in which case the first switch port to receive the packet can
either reject it or insert a tag using its default VLAN ID. A given port can handle traffic for
more than one VLAN, but it can support only one default VLAN ID.
in the Layer 2 header of packets transmitted on a VLAN. An end station might omit the tag, or
the VLAN portion of the tag, in which case the first switch port to receive the packet can
either reject it or insert a tag using its default VLAN ID. A given port can handle traffic for
more than one VLAN, but it can support only one default VLAN ID.
The Private Edge VLAN feature lets you set protection between ports located on the switch.
This means that a protected port cannot forward traffic to another protected port on the same
switch. The feature does not provide protection between ports located on different switches.
This means that a protected port cannot forward traffic to another protected port on the same
switch. The feature does not provide protection between ports located on different switches.
The diagram in this section shows a switch with four ports configured to handle the traffic for
two VLANs. Port 1/0/2 handles traffic for both VLANs, while port 1/0/1 is a member of VLAN
2 only, and ports 1/0/3 and 1/0/4 are members of VLAN 3 only. The script following the
diagram shows the commands you would use to configure the switch as shown in the
diagram.
two VLANs. Port 1/0/2 handles traffic for both VLANs, while port 1/0/1 is a member of VLAN
2 only, and ports 1/0/3 and 1/0/4 are members of VLAN 3 only. The script following the
diagram shows the commands you would use to configure the switch as shown in the
diagram.
Figure 1. Switch with 4 ports configured for traffic from 2 VLANs
The following examples show how to create VLANs, assign ports to the VLANs, and assign a
VLAN as the default VLAN to a port.
VLAN as the default VLAN to a port.
Layer 3 switch
Port 1/0/2 VLAN
Router Port 1/3/1
192.150.3.1
Router Port 1/3/1
192.150.3.1
Port 1/0/3 VLAN
Router Port 1/3/2
192.150.4.1
Router Port 1/3/2
192.150.4.1
Layer 2
Switch
Switch
Layer 2
Switch
Switch
VLAN 10
VLAN 20
Port 1/0/1