Some Facts To Know Virtual LANs Generally

Some Facts To Know Virtual LANs Generally

 

Within a switched internetwork, VLANs provide segmentation and organizational flexibility. VLANs provide a way to group devices within a LAN. A group of devices within a VLAN communicate as if they were connected to the same network segment. VLANs are based on logical connections, instead of physical connections.

 

The figure shows a 3-floor building with a switch on each floor. The switches are connected to another switch that is connected to a router. Each floor has multiple hosts connected to it. There are three VLANs that span all three floors and contain multiple hosts on each floor. The VLANs are: VLAN 2, IT, 10.0.2.0/24; VLAN 3, HR, 10.0.3.0/24; VLAN 4, Sales, 10.0.4.0/24.

VLANs allow an administrator to segment networks based on factors such as function, project team, or application, without regard for the physical location of the user or device, as shown in the figure.

 

Devices within a VLAN act as if they are in their own independent network, even if they share a common infrastructure with other VLANs. Any switch port can belong to a VLAN.

 

Unicast, broadcast, and multicast packets are forwarded and flooded only to end devices within the VLAN where the packets are sourced. Each VLAN is considered a separate logical network.

 

Packets destined for devices that do not belong to the VLAN must be forwarded through a device that supports routing.

 

 

A VLAN creates a logical broadcast domain that can span multiple physical LAN segments. VLANs improve network performance by separating large broadcast domains into smaller ones.
If a device in one VLAN sends a broadcast Ethernet frame, all devices in the VLAN receive the frame, but devices in other VLANs do not.

 

VLANs also prevent users on different VLANs from snooping on each other’s traffic. For example, even though HR and Sales are connected to the same switch in the figure, the switch will not forward traffic between the HR and Sales VLANs.
This allows a router or another device to use access control lists to permit or deny the traffic. Access lists are discussed in more detail later in the chapter. For now, just remember that VLANs can help limit the amount of data visibility on your LANs.

STP

Network redundancy is key to maintaining network reliability. Multiple physical links between devices provide redundant paths.
The network can then continue to operate when a single link or port has failed. Redundant links can also share the traffic load and increase capacity.

 

Multiple paths need to be managed so that Layer 2 loops are not created. The best paths are chosen, and an alternate path is immediately available should a primary path fail.

 

The Spanning Tree Protocol is used to maintain one loop-free path in the Layer 2 network, at any time.

 

Redundancy increases the availability of the network topology by protecting the network from a single point of failure, such as a failed network cable or switch.

 

 

When physical redundancy is introduced into a design, loops and duplicate frames occur. Loops and duplicate frames have severe consequences for a switched network. STP was developed to address these issues.

 

STP ensures that there is only one logical path between all destinations on the network by intentionally blocking redundant paths that could cause a loop.

 

A port is considered blocked when user data is prevented from entering or leaving that port. This does not include bridge protocol data unit (BPDU) frames that are used by STP to prevent loops.

 

Blocking the redundant paths is critical to preventing loops on the network. The physical paths still exist to provide redundancy, but these paths are disabled to prevent the loops from occurring.

 

If the path is ever needed to compensate for a network cable or switch failure, STP recalculates the paths and unblocks the necessary ports to allow the redundant path to become active.

Multilayer Switching

Multilayer switches (also known as Layer 3 switches) not only perform Layer 2 switching but also forward frames based on Layer 3 and 4 information. All Cisco Catalyst multilayer switches support the following types of Layer 3 interfaces:

  • Routed port – A pure Layer 3 interface similar to a physical interface on a Cisco IOS router.
  • Switch virtual interface (SVI) – A virtual VLAN interface for inter-VLAN routing. In other words, SVIs are the virtual-routed VLAN interfaces.

Routed Ports
A routed port is a physical port that acts similarly to an interface on a router, as shown in the figure. Unlike an access port, a routed port is not associated with a particular VLAN.

 

A routed port behaves like a regular router interface. Also, because Layer 2 functionality has been removed, Layer 2 protocols, such as STP, do not function on a routed interface.

 

However, some protocols, such as LACP and EtherChannel, do function at Layer 3. Unlike Cisco IOS routers, routed ports on a Cisco IOS switch do not support subinterfaces.

 

The image is titled Routed ports. The image is a network diagram containing icons representing four multilayer switches, a LAN switch, and two PCs. The four multilayer switches are shown at the top of the diagram arranged in a square.
The multilayer switches are connected in a full mesh environment with lines representing wired connections.
There are two lines connecting the bottom two multilayer switches to a single LAN switch. At the bottom of the diagram are two yellow squares, labelled VLAN 10 and VLAN 20. Inside each square is a PC, with a line connecting the PC to the LAN switch.

Routed Ports

Switch Virtual Interfaces
An SVI is a virtual interface that is configured within a multilayer switch, as shown in the figure. Unlike the basic Layer 2 switches discussed above, a multilayer switch can have multiple SVIs.
An SVI can be created for any VLAN that exists on the switch. An SVI is considered to be virtual because there is no physical port dedicated to the interface.
It can perform the same functions for the VLAN as a router interface would, and can be configured in much the same way as a router interface (i.e., IP address, inbound/outbound ACLs, etc.).
The SVI for the VLAN provides Layer 3 processing for packets to or from all switch ports associated with that VLAN.

 

Action Point
PS: If you would like to have an online course on any of the courses that you found on this blog, I will be glad to do that on an individual and corporate level, I will be very glad to do that because I have trained several individuals and groups and they are doing well in their various fields of endeavour. Some of those that I have trained include staff of Dangote Refinery, FCMB, Zenith Bank, and New Horizons Nigeria among others. Please come on Whatsapp and let’s talk about your training. You can reach me on Whatsapp HERE. Please note that I will be using Microsoft Team to facilitate the training. 

I know you might agree with some of the points that I have raised in this article. You might not agree with some of the issues raised. Let me know your views about the topic discussed. We will appreciate it if you can drop your comment. Thanks in anticipation.

 

Fact Check Policy

CRMNAIJA is committed to fact-checking in a fair, transparent and non-partisan manner. Therefore, if you’ve found an error in any of our reports, be it factual, editorial, or an outdated post, please contact us to tell us about it.

 

     
Fact Check Policy

 

truehost
telegram
CRMNuggets Whatsapp Channel

Leave a Reply

Your email address will not be published. Required fields are marked *