*Configuring your VLANPresented by Gregory Laffoon

Overview of Networking Terms

Networking Terms OverviewOSI Model Defines a networking framework for implementing protocols in seven layersControl is passed from one layer to the next, starting at the application layer in one station, proceeding to the bottom layer, over the channel to the next station and back up the hierarchy

*

OSI ModelOf the 7 layers, we are concerned with the bottom 3 layers.The top 4 layers are used more on host machines to support TCP/UDP, HTTP, other applications

OSI ModelsOSI Layer 1This layer is the transmission mediaCategory 5e and fiber optic cablingRadio signal in terms of wirelessPerforms transmission of raw bits*

OSI ModelsOSI Layer 2Data packets are encoded and decoded into bits. Divided into 2 sub-layersMAC (Media Access Control)Controls how hosts on the network gain access to the data and permission to transmit itLLC (Logical Link Control)Controls frame synchronization, flow control, and error checking*

OSI ModelsOSI Layer 3Routing and forwarding functionsHandles end to end addressingProvides the mean for separate networks to talk to each otherIP (Internet Protocol) is at this level

*

Definition of Network Device Types*

Network Device TypesThere are 5 general devices:RepeaterHubBridgeSwitchRouter

*

Network Device - RepeaterRepeaterA Layer 1 deviceAn electronic device to receive a signal on a port and retransmits it at a higher level or higher powerUsed when you need to go farther distances than the cabling will allowUsually has 2 ports (IN/OUT)*

Network Device - HubHubA Layer 1 deviceA device that contains multiple portsHas no logic or brainSimply passes data out all other portsIn simple terms, it is a multi-port repeater*

Network Device - BridgeBridgeA Layer 2 deviceConnects multiple Layer 2 segmentsHas logic or brainLearns what Layer 2 MAC addresses are associated with each portReceives frames destined for a particular MAC address and only sends the data out the correct port

*

Network Device - SwitchSwitchA layer 2 deviceBasically a multi-port bridgeLearns MAC Addresses to Port mappingsDoesnt flood data out every port unless the MAC address hasnt been learned

*

Network Device - RouterRouterA Layer 3 deviceConnects multiple Layer 3 networksUses Layer 3 addressing (IP addressing)Allows communication between different Layer 2 segmentsBreaks up broadcast domains

*

Broadcast Domain?A broadcast domain is a network segment in which any network device can transmit data directly to another device without going through a routerA layer 3 device breaks up a broadcast domain*

So what is a VLAN?

What is a VLAN?A virtual local area network (VLAN) is a group of hosts with a common set of requirements that communicate as if they were attached to the same broadcast domain regardless of their physical location.*

Traditional LANA traditional LAN would require all users of the same requirements and same IP subnet (broadcast domain) be connected to the same equipment.*

VLAN-based LANBy utilizing VLANs, the same users can be spread out over various geographical locations and still remain in their same IP subnet (broadcast domain).*

How VLANs work?*

How VLANs Work?VLANs are identified by a numberValid ranges 1-4094On a VLAN-capable switch, you assign ports with the appropriate VLAN numberThe switch then only allows data to be sent between ports with the same VLAN*

How VLANs Work?Since almost every network is larger than a single switch, there needs to be a way to have traffic sent between two different switchesOne way to do it is to assign a port on each switch with a VLAN and run a cable between the switches Not very feasible or cost effective*

How VLANs work?For example, if there were 6 hosts on each switch on 6 different vlans, you would need 6 ports on each switch to connect the switches together. This would mean that if you had 24 different vlans you could only have 24 hosts on a 48 port switch*

How VLANs work?There was a standard develop to make it so that a single connection between two switches could be used to send traffic for all vlans802.1q Provides a VLAN tag in front of the Layer 2 frame*

How VLANs work?You enable 802.1q tagging (trunking) on the ports between the switchesThe switch receives the frame with the 802.1q header and strips it offIt determines what VLAN and sends the data to the appropriate port

*

Benefits of VLANs*

Benefits of VLANsGeographically separated users on the same IP subnet (broadcast domain)Limit the size of broadcast domains and limit broadcast activitySecurity benefits by keep hosts separated by VLAN and limiting what devices can talk to those hosts*

Benefits of VLANsCost savings as you dont need additional hardware and cablingOperational benefits because changing a users IP subnet (Broadcast Domain) is in software

*

Drawbacks of VLANsVLANs were used to allow grouping of users together with the same requirements and allowing them to be in separate locationsThe major drawback is that the general idea is to make all users that need the same requirements be in the same VLAN

*

Drawbacks of VLANsVLANs work at Layer 2 and that layer doesnt handle redundancy in an efficient mannerSo when the network becomes mission critical, it is hard to provide fast convergence times for users when utilizing VLANs that span across multiple buildings

*

Drawbacks of VLANsVLANs were and still are a viable method for separating users into groupsToday, redundancy is very important so to make the network stable the following guidelines should be followed:

*

Drawbacks of VLANsVLANs should still be used to separate and group common usersVLANs shouldnt span across the entire networkThey should remain in a buildingCommon users in another building should be on a separate VLAN

*

Drawbacks of VLANsThen the two common user groups would utilize a router to talk to each other*

Questions & Answers

*