Collision vs. Broadcast Domains
A collision domain is simply defined as any physical segment where a collision can occur. Hubs can only operate at half-duplex, and thus all ports on a hub belong to the same collision domain. Layer-2 switches can operate at full duplex. Each individual port on a switch belongs to its own collision domain. Thus, Layer-2 switches create more collision domains, which results in fewer collisions. Like hubs though, Layer-2 switches belong to only one broadcast domain. A Layer-2 switch will forward both broadcasts and multi-casts out every port but the originating port. Only Layer-3 devices separate broadcast domains.
VLAN (Virtual Local Area Network)
A virtual LAN (VLAN) abstracts the idea of the LAN. A VLAN might comprise a subset of the ports on a single switch or subsets of ports on multiple switches. By default, systems on one VLAN don't see the traffic associated with systems on other VLANs on the same network.
VLANs allow network administrators to partition their networks to match the functional and security requirements of their systems without having to run new cables or make major changes in their current network infrastructure. IEEE 802.1Q is the standard defining VLANs; the VLAN identifier or tag consists of 12 bits in the Ethernet frame, creating an inherent limit of 4,096 VLANs on a LAN.
Advantages of VLANs
Broadcast Control – eliminates unnecessary broadcast traffic, improving network performance and scale-ability.
Security – logically separates users and departments, allowing administrators to implement access-lists to control traffic between VLANs.
Flexibility – removes the physical boundaries of a network, allowing a user or device to exist anywhere.
Access & trunk ports
Each port on a switch can be
configured as either an access or a trunk port. An access port is a port that
can be assigned to a single VLAN. This type of interface is configured on
switch ports that are connected to devices with a normal network card, for
example a host on a network. A trunk interface is an interface that is
connected to another switch. This type of interface can carry traffic of multiple VLANs.
Standard range – VLANs number is 1 – 1005
Extended range – VLANs number is 1006 – 4094
Standard VLAN Vs Extended VLAN
VLANs numbered from 1 to 1005 are considered as Standard VLANs and the VLANs range from 1006 to 4094 are considered as Extended VLANs. Extended VLANs are not stored in the vlan.dat file they are stored in running config.
Secondly, if you create extended VLANs in Version 1 & 2, then your switch must be in transparent mode as these VLANs cannot be sent in VTP updates.
VLAN 0 is reserved and not available for use
The VLAN 0 is used when a device needs to send priority tagged frames but does not know in which particular VLAN it resides.
VLAN 1 is reserved and not available for use
VLAN 2 to 1001 Normal range VLANs (Standard VLANs)
VLAN 1002 to 1005 are used for FDDI and TR (Token Ring) translational bridging and shouldn’t be used for anything other than these purposes, they are not advertised by VTP
VLAN 1006 to 4094 are extended VLANs which can’t be advertised by VTP and the switch must be configured in VTP transparent mode, epically if you using VTP version 1 & 2.
It’s also important to know that when a switch starts up it checks the VTP mode and domain name from the startup and vlan.dat file; if they are different it ignores the startup config and uses the vlan.dat file.
0 comments:
Post a Comment