Enterasys 6000 用户指南
Types of VLANs
13-4
VLAN Operation and Network Applications
13.2 TYPES OF VLANs
There are a number of different strategies for creating Virtual Local Area Networks, each with
their own approaches to defining a station’s membership in a particular VLAN.
their own approaches to defining a station’s membership in a particular VLAN.
13.2.1
802.1Q VLANs
An 802.1Q VLAN switch determines the VLAN membership of a data frame by its Tag Header,
described later in this chapter. If the frame received is not tagged, the switch classifies the frame
into the VLAN that is assigned as the default VLAN of the switch.
described later in this chapter. If the frame received is not tagged, the switch classifies the frame
into the VLAN that is assigned as the default VLAN of the switch.
Some or all ports on the switch may be configured to operate as GARP VLAN Registration
Protocol (GVRP) ports. If a frame received is tagged, the frame is forwarded to the GVRP ports
that are configured to transmit frames associated with the frame VLAN ID and protocol. If the
received frame is not tagged, the frame is examined and tagged as belonging to the default VLAN.
Then the frame is forwarded to the GVRP ports that are configured to transmit frames associated
with the default VLAN and the frame protocol.
Protocol (GVRP) ports. If a frame received is tagged, the frame is forwarded to the GVRP ports
that are configured to transmit frames associated with the frame VLAN ID and protocol. If the
received frame is not tagged, the frame is examined and tagged as belonging to the default VLAN.
Then the frame is forwarded to the GVRP ports that are configured to transmit frames associated
with the default VLAN and the frame protocol.
13.2.2
Other VLAN Strategies
VLANs may also be created by a variety of addressing schemes, including the recognition of
groups of MAC addresses or types of traffic. One of the best-known VLAN-like schemes is the use
of IP Subnets to divide networks into smaller subnetworks.
groups of MAC addresses or types of traffic. One of the best-known VLAN-like schemes is the use
of IP Subnets to divide networks into smaller subnetworks.
13.3 BENEFITS AND RESTRICTIONS
The primary benefit of the 802.1Q VLAN technology is that it provides localization of traffic. This
function also offers improvements in security and performance to stations assigned to a VLAN.
function also offers improvements in security and performance to stations assigned to a VLAN.
While the localization of traffic to VLANs can improve security and performance, it imposes some
restrictions on network devices that participate in the VLAN. Through the use of Filtering
Database IDs (FDB IDs) security can be implemented to enable or prevent users from one or more
VLANs from communicating with each other.
restrictions on network devices that participate in the VLAN. Through the use of Filtering
Database IDs (FDB IDs) security can be implemented to enable or prevent users from one or more
VLANs from communicating with each other.
One or more VLANs can be assigned to an FDB ID so that all the users that share a common
FDB ID can communicate with each other regardless of their VLAN affiliation. However, for the
sake of security, the members of one FDB ID cannot communicate with the members of another
FDB ID.
FDB ID can communicate with each other regardless of their VLAN affiliation. However, for the
sake of security, the members of one FDB ID cannot communicate with the members of another
FDB ID.
To set up a VLAN, all the network switch devices that are assigned to the VLAN must support the
IEEE 802.1Q specification for VLANs. Before you attempt to implement a VLAN strategy, ensure
that the switches under consideration support the IEEE 802.1Q specification.
IEEE 802.1Q specification for VLANs. Before you attempt to implement a VLAN strategy, ensure
that the switches under consideration support the IEEE 802.1Q specification.