Table of Contents
Advertisement
A
p
p
e
n
d
i
x
I
:
V
A
p
p
e
n
d
i
x
I
:
V
Virtual Local Area Network is so-called VLAN. It offers the logical grouping technique to
separate the physical ports of Ethernet switches, thus we can manage our local network
easier, more flexible and secure. For instance, you're a networking administrator in your
company and you're planning to isolate the visitors' traffics from your private network for
security considerations because you cannot ensure that visitors' computer is clean. Or you
want to separate your private network into several parts by divisions because there are too
many computers in the same network segment and it results in the local traffics heavily.
VLAN helps you to solve these situations, and DrayTek's products support bellow two popular
types:
P
o
r
t
-
b
a
s
P
o
r
t
-
b
a
s
It uses a matrix table of the physical ports to define the traffics how to exchange between
each port, and the traffics will be isolated from the ports are not being ticked in the same
line. It is the easiest way to setup an isolate network, but not a flexible way to maintain a
growing network. Because the idea of port-based VLAN is grouping by physical ports, but the
difficulty is how to handle the traffics between two or more Ethernet switches. Thus, VLAN is
suitable for some circumstances, for example, the rental apartment, SOHO office...and so on.
These clients may need two or three isolated networks only and setup a network in a simple
way.
T
T
a
a
g
g
-
-
b
b
a
a
s
s
The idea of tag-based VLAN is to identify a virtual LAN with a specific ID, therefore, VLAN ID
introduced by tag-based VLAN. Through VLAN ID, ports with different VID (VLAN ID) will be
identified as in different LANs, so the traffics also will be isolated from each of VLANs. Many
administrators who manage an enterprise network or even the internet service providers (ISP)
adopt Tag-based VLAN popularly because it is convenient to maintain and manage a
distributed network. Setting a large-scale network is easy by giving each of them with
different VID and isolating the traffics at the same time. Besides the VLAN ID, there is another
feature, Trunk, introduced. While the role of a port on an Ethernet switch is setup as a Trunk
port, it means the VLAN ID will be kept while forwarding the packets between switches. By
this feature, VLANs are able to distribute over two or more Ethernet switches easily,
moreover design a large and secured network is possible through Trunk port. When VLAN is
being enabled on Vigor routers, the LAN ports are being turned into Trunk mode automatically.
Therefore, a VLAN supported switch, like VigorSwitch G2260/P2261, or VigorSwitch G1240, is
needed.
508
L
A
N
A
p
p
l
i
c
a
L
A
N
A
p
p
l
i
c
a
e
d
e
d
e
e
d
d
t
i
o
n
s
o
n
V
i
g
o
t
i
o
n
s
o
n
V
i
g
o
r
R
o
u
t
e
r
r
R
o
u
t
e
r
Vigor3220 Series User's Guide
Advertisement
Table of Contents
