Netgear GS716Tv3 – ProSAFE 16-Port Gigabit Managed Switch Guia Do Administrador
Configuration Examples
263
GS716Tv3, GS724Tv4, and GS748Tv5 Smart Switches
Virtual Local Area Network Configuration Example
A local area network (LAN) can generally be defined as a broadcast domain. Hubs, bridges,
or switches in the same physical segment or segments connect all end node devices. End
nodes can communicate with each other without the need for a router. Routers connect LANs
together, routing the traffic to the appropriate port.
or switches in the same physical segment or segments connect all end node devices. End
nodes can communicate with each other without the need for a router. Routers connect LANs
together, routing the traffic to the appropriate port.
A virtual LAN (VLAN) is a local area network with a definition that maps workstations on
some basis other than geographic location (for example, by department, type of user, or
primary application). For traffic to flow between different VLANs, it must go through a router,
just as if the VLANs were on two separate LANs.
some basis other than geographic location (for example, by department, type of user, or
primary application). For traffic to flow between different VLANs, it must go through a router,
just as if the VLANs were on two separate LANs.
A VLAN is a group of workstations, servers, and other network resources that behave as if
they were connected to a single network segment—even though they might not be. For
example, all marketing personnel might be spread throughout a building. Yet if they are all
assigned to a single VLAN, they can share resources and bandwidth as if they were
connected to the same segment. The resources of other departments can be invisible to the
marketing VLAN members, accessible to all, or accessible only to specified individuals,
depending on how the IT manager has set up the VLANs.
they were connected to a single network segment—even though they might not be. For
example, all marketing personnel might be spread throughout a building. Yet if they are all
assigned to a single VLAN, they can share resources and bandwidth as if they were
connected to the same segment. The resources of other departments can be invisible to the
marketing VLAN members, accessible to all, or accessible only to specified individuals,
depending on how the IT manager has set up the VLANs.
VLANs have a number of advantages:
•
It is easy to do network segmentation. Users that communicate most frequently with each
other can be grouped into common VLANs, regardless of physical location. Each group’s
traffic is contained largely within the VLAN, reducing extraneous traffic and improving the
efficiency of the whole network.
other can be grouped into common VLANs, regardless of physical location. Each group’s
traffic is contained largely within the VLAN, reducing extraneous traffic and improving the
efficiency of the whole network.
•
They are easy to manage. The addition of nodes, as well as moves and other changes,
can be dealt with quickly and conveniently from a management interface rather than from
the wiring closet.
can be dealt with quickly and conveniently from a management interface rather than from
the wiring closet.
•
They provide increased performance. VLANs free up bandwidth by limiting node-to-node
and broadcast traffic throughout the network.
and broadcast traffic throughout the network.
•
They ensure enhanced network security. VLANs create virtual boundaries that can be
crossed only through a router. So standard, router-based security measures can be used
to restrict access to each VLAN.
crossed only through a router. So standard, router-based security measures can be used
to restrict access to each VLAN.
Packets received by the switch are treated in the following way:
•
When an untagged packet enters a port, it is automatically tagged with the port’s default
VLAN ID tag number. Each port has a default VLAN ID setting that is user configurable
(the default setting is 1). The default VLAN ID setting for each port can be changed in the
Port PVID Configuration screen. See
VLAN ID tag number. Each port has a default VLAN ID setting that is user configurable
(the default setting is 1). The default VLAN ID setting for each port can be changed in the
Port PVID Configuration screen. See
•
When a tagged packet enters a port, the tag for that packet is unaffected by the default
VLAN ID setting. The packet proceeds to the VLAN specified by its VLAN ID tag number.
VLAN ID setting. The packet proceeds to the VLAN specified by its VLAN ID tag number.
•
If the port through which the packet entered does not have membership with the VLAN
specified by the VLAN ID tag, the packet is dropped.
specified by the VLAN ID tag, the packet is dropped.
•
If the port is a member of the VLAN specified by the packet’s VLAN ID, the packet can be
sent to other ports with the same VLAN ID.
sent to other ports with the same VLAN ID.