VLAN

Integrantes:

Brayan Ramírez
Luis Vallejo
Juan Villacrés
José Guerra
 Introduction

The Local Area Network (LAN) we once knew starts to take a different shape.
Each VLAN created on a switch is a separate network. This means that a separate
broadcast domain is created for each VLAN that exists. Network broadcasts, by default,
are filtered from all ports on a switch that are not members of the same VLAN and this is
why VLANs are very common in today's large network as they help isolate network
segments between each other.

2
Objectives

General purpose:

 Set the basics about Vlans for later use.

Specific objectives:

 Take advantage of the features and advantages provided by VLANs.

 Identifying details of implementation and operation of VLANs.

 Configure basic VLANs.

 Configuring VLANs with truncated link.

 Perform routing between VLANs configuration.

3
4
How VLAN Works?

 VLAN is a logical broadcast domain that can span multiple physical LANsegments.

It is a modern way administrators configure switches into virtual local-area networks
(VLANs) to improve network performance by separating large Layer 2 broadcast
domains into smaller ones.
 By using VLAN,  a network administrator will be able to group together stations by
logical function, or by applications, without regard to physical location of the users.

5
Traffic from multiple VLANs can traverse a link that interconnects two switches by using
VLAN tagging. A VLAN tag is a unique identifier that indicates the VLAN to which a frame
belongs. A VLAN tag is included in the header of every frame sent by an end-station on a
VLAN.
On receiving a tagged frame, the switch inspects the frame header and, based on the
VLAN tag, identifies the VLAN. The switch then forwards the frame to the destination in the
identified VLAN. If the destination MAC address is unknown, the switch limits the flooding
of the frame to ports that belong to the identified VLAN.

6
For example, in this figure, if a member of VLAN
10 on Floor 1 sends a frame for a member of
VLAN 10 on Floor 2, Switch 1 inspects the frame
header for the VLAN tag (to determine the VLAN)
and the destination MAC address. The
destination MAC address is not known to Switch
1.

Therefore, the switch forwards the frame to all

other ports that belong to VLAN 10, that is, port
4 of Switch 2 and Switch 3. Similarly, Switch 2
and Switch 3 inspect the frame header. If the
destination MAC address on VLAN 10 is known to
either switch, that switch forwards the frame to
the destination. The end-station on Floor 2 then
receives the frame.

7
Tipes of VLANs

 Management VLAN

A best practice is to set up a separate VLAN for management traffic like monitoring,
system logging, SNMP, and other potentially sensitive management tasks. In addition
to the security benefits, this ensures that bandwidth for management will be available
even when user traffic is high.

8
 Data VLAN

Also known as a user VLAN, the data VLAN is designated only for user-generated data.
How you group your data VLANs (such as by department or workgroup, for example) will
depend on your organization’s structure and business processes.

 Voice VLAN

If your organization uses voice over IP (VoIP), you’ll want to have a separate voice VLAN.
This will preserve bandwidth for other applications and ensure VoIP quality.

9
 Default VLAN

This can refer to one of two types. Typically, the default VLAN refers to the one that all of
the ports on a device belong to when it is switched on. On most switches, this default is
VLAN 1 and should be changed for security reasons.

 Native VLAN

The native VLAN is the one into which untagged traffic will be put when it’s received on a
trunk port. This makes it possible for your VLAN to support legacy devices or devices that
don’t tag their traffic like some wireless access points and simply network attached
devices.

10
 Benefits

 Performance

In networks where traffic consists of a high percentage of broadcasts and multicasts,

VLAN's can reduce the need to send such traffic to unnecessary destinations

 Formation of Virtual Workgroups

It is easier to communicate users from diferent departments by setting up a VLAN.

11
 Simplified Administration

Most of the Network costs are result of adding, moving and changing users. If a user is
moved within a VLAN, reconfiguration of routers is unnecessary. In addition, depending on
the type of VLAN, other administrative work can be reduced or eliminated.

 Reduced Costs

VLAN's can be used to create broadcast domains which eliminate the need for expensive
routers.

12
 Security

VLAN's can also be used to control broadcast domains, set up firewalls, restrict access,
and inform the network manager of an intrusion

13
 VLAN Trunking Protocol

protocolo de mensajes de nivel 2

usado para configurar y administrar VLANs en equipos Cisco.

centralizar y simplificar la administración en un domino de VLANs.

reduciendo así la necesidad de configurar la misma VLAN en todos

los nodos.

14
VTP opera en 3 modos distintos:

VTP Client
VTP Server VTP Client Transparen
t

15
VTP Server

Modo por
defecto

Crear,
Autenticacion
eliminar o
MD5
modificar

Configuració
Debe existir 1
n Switch
servidor al
mismo
menos
domino
16
VTP Client

No puede crear,
Sincronizar esta SMS VTP
eliminar o
información. recibidos.
modificar Vlans.

Guarda Reinicio del Switch

información de la borra la
Vlan para dominio información de la
completo Vlan.

17
 
Cliente VTP Transparente

Información se No procesa las Reenvia a los

puede actualizaciones Switches de
modificar VTP recibidas. mismo
localmente . dominio.

18
Dominio del VTP

Uno o mas Switches de un

Configuración
Switches dominio
VLAN
interconectados. comparten

Router o Switch
capa 3 define
Publicaciones VTP
limite de cada
dominio.

19
Publicaciones del VTP

Distribuir y sincronizar
Configuraciones
Jerarquía de publicaciones
de la VLAN

20
Depuración del VTP

Aumenta el ancho de banda.

Restricción del tráfico saturado.

Switch satura el broadcast, multicast y unicast.

Enlaces troncales dentro de un dominio VTP.

21
Enlace Troncal

Enlace Extender Estándar

punto a una Vlan IEEE
punto a través 802.1Q
de toda
la red

22
23
 Detalles de Trama 802.1Q.

24
 Verification problems with VLANs
Inconsistencies of the native VLAN: The ports are configured with different native VLAN

Inconsistencies the trunking mode: A trunk port is configured with trunk mode "off" link and
the other with the mode "active" trunk.

VLAN and IP subnets: End user devices configured with incorrect IP addresses will not have
network connectivity.

VLAN trunking permittedThe list of allowed VLAN on a trunk has not been updated with
current requirements link VLAN trunk.

25
 Drawbacks of Vlans
Proprietary solutions.

Standardizing up.

It is not a plug-and-play technology. - You must configure the bridges.

26
 Routing between VLANs

 The VLAN hosts reside in their own broadcast

domain and can interact /communicate quite
freely.
 You want any other device to interact between
VLANs.
 The division of the LAN into multiple VLAN is
basically the same like separating them into
different physical LANs.

27
Routing between VLANs

 Therefore, in order to carry out this function, a router

with an interface for each VLAN is needed.
 The route switch module (RSM) can easily run on the
backplane of the switch and it can support up to the
range of 1005 VLANs.

28
 Routing between VLANs

 The best alternate of router interface for every

VLAN is one Fast Ethernet interface and you can
run trunk link for routing.
 This makes it possible for all VLANs to interact
through single interface. It is called “a router-on-
a-stick” by Cisco.

29
 Process

 Each VLAN is its own subnet and broadcast domain, which means that frames broadcast
onto the network are only switched between the ports within the same VLAN.

Use a router, with Use one route Use a layer 3

one router LAN interface with switch, a device
interface enable. that performs both

30
 En una red tradicional que utiliza VLAN múltiples para segmentar el tráfico de la red en
dominios de broadcast lógicos, el enrutamiento se realiza mediante la conexión de
diferentes interfaces físicas del router a diferentes puertos físicos del switch

31
Enrutador
Las subinterfaces son interfaces virtuales múltiples, asociadas a una interfaz física. Estas
interfaces están configuradas en software en un router configurado en forma
independiente.

32
 El router realiza el enrutamiento entre VLAN al aceptar el tráfico etiquetado de la VLAN
en la interfaz troncal proveniente del switch adyacente y enrutar en forma interna entre
las VLAN, mediante subinterfaces.

33
 El Switch capa 3 realiza el enrutamiento entre VLAN al aceptar el tráfico etiquetado de
la VLAN en la interfaz SVI para cada vlan.

34
Conclusions

 The use of vlan’s is very important in the management of network, this concept
allows us to distribute the necessary IPs to each of the devices in the network.
Therefore, it is important to know how to route the packets within that network, and
how the hosts communicate according to their needs.
 Implementing routing between networks is very easy, assigning a LAN interface to
the VLAN router, then enabling them to communicate and finally a device that
commutes the packets.
 It is important to know that the entanglement between networks is not supported by
very old series of routers, such as the past 1600, 1700 and 2500. In contrast, the
current ones already allow it, taking into account that the number is limited, and if
there are more interfaces For routing that VLAN, you can use additional protocols
such as 802.10q or use a superior switch.

35
Bibliography

 Íñigo, G. J., Barceló, O. J. M., & Cerdà, A. L. (2008). Estructura de redes de computadores. Retrieved from
http://bibliotecavirtual.ups.edu.ec:2619
 Anderson, E. (7 de 10 de 2010). severfault.com. Obtenido de
https://serverfault.com/questions/188350/how-do-vlans-work

 NETGEAR. (22 de 05 de 2016). netgear.com. Obtenido de https://kb.netgear.com/21574/What-is-a-virtual-LAN-

VLAN-and-how-does-it-work-with-my-managed-switch

 IBM. (13 de Junio de 2018). Enlaces Troncales. Obtenido de Enlaces Troncales:

https://www.ibm.com/support/knowledgecenter/es/SS2GNX_7.2.1/com.ibm.tivoli.tpm.scenario.doc/network/
cnet_trunking.html

 Muso. (14 de Junio de 2018). Descripcion General del VTP. Obtenido de Descripcion General del VTP:
http://musso.blogspot.com/

 Cisco Systems, Inc. (2007-2009) .

 Fireall.cx. (29 de Mayo de 2011). Firewall.ex. Obtenido de http://www.firewall.cx/network

ing-topics/vlan-networks/222-intervlan-routing.html 2.

36