Netgear GS716Tv3 – ProSAFE 16-Port Gigabit Managed Switch Guia Do Administrador

Página de 290
Configuration Examples
263
GS716Tv3, GS724Tv4, and GS748Tv5 Smart Switches
Virtual Local Area Network Configuration Example
A local area network (LAN) can generally be defined as a broadcast domain. Hubs, bridges, 
or switches in the same physical segment or segments connect all end node devices. End 
nodes can communicate with each other without the need for a router. Routers connect LANs 
together, routing the traffic to the appropriate port.
A virtual LAN (VLAN) is a local area network with a definition that maps workstations on 
some basis other than geographic location (for example, by department, type of user, or 
primary application). For traffic to flow between different VLANs, it must go through a router, 
just as if the VLANs were on two separate LANs.
A VLAN is a group of workstations, servers, and other network resources that behave as if 
they were connected to a single network segment—even though they might not be. For 
example, all marketing personnel might be spread throughout a building. Yet if they are all 
assigned to a single VLAN, they can share resources and bandwidth as if they were 
connected to the same segment. The resources of other departments can be invisible to the 
marketing VLAN members, accessible to all, or accessible only to specified individuals, 
depending on how the IT manager has set up the VLANs.
VLANs have a number of advantages:
It is easy to do network segmentation. Users that communicate most frequently with each 
other can be grouped into common VLANs, regardless of physical location. Each group’s 
traffic is contained largely within the VLAN, reducing extraneous traffic and improving the 
efficiency of the whole network.
They are easy to manage. The addition of nodes, as well as moves and other changes, 
can be dealt with quickly and conveniently from a management interface rather than from 
the wiring closet.
They provide increased performance. VLANs free up bandwidth by limiting node-to-node 
and broadcast traffic throughout the network.
They ensure enhanced network security. VLANs create virtual boundaries that can be 
crossed only through a router. So standard, router-based security measures can be used 
to restrict access to each VLAN.
Packets received by the switch are treated in the following way:
When an untagged packet enters a port, it is automatically tagged with the port’s default 
VLAN ID tag number. Each port has a default VLAN ID setting that is user configurable 
(the default setting is 1). The default VLAN ID setting for each port can be changed in the 
Port PVID Configuration screen. See 
When a tagged packet enters a port, the tag for that packet is unaffected by the default 
VLAN ID setting. The packet proceeds to the VLAN specified by its VLAN ID tag number.
If the port through which the packet entered does not have membership with the VLAN 
specified by the VLAN ID tag, the packet is dropped.
If the port is a member of the VLAN specified by the packet’s VLAN ID, the packet can be 
sent to other ports with the same VLAN ID.