Vlan Description; Ieee 802.1Q Vlans - D-Link xStack DES-3800 Series User Manual

VLAN Description

A Virtual Local Area Network (VLAN) is a network topology configured according to a logical
scheme rather than the physical layout. VLANs can be used to combine any collection of LAN
segments into an autonomous user group that appears as a single LAN. VLANs also logically segment
the network into different broadcast domains so that packets are forwarded only between ports within
the VLAN. Typically, a VLAN corresponds to a particular subnet, although not necessarily.
VLANs can enhance performance by conserving bandwidth, and improve security by limiting traffic
to specific domains.
A VLAN is a collection of end nodes grouped by logic instead of physical location. End nodes that
frequently communicate with each other are assigned to the same VLAN, regardless of where they are
physically on the network. Logically, a VLAN can be equated to a broadcast domain, because
broadcast packets are forwarded to only members of the VLAN on which the broadcast was initiated.
Notes About VLANs on the DES-3800 Series
No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN mem-
bership, packets cannot cross VLANs without a network device performing a routing function between
the VLANs.
The DES-3800 Series supports IEEE 802.1Q VLANs and Port-Based VLANs. The port untagging
function can be used to remove the 802.1Q tag from packet headers to maintain compatibility with
devices that are tag-unaware.
The Switch's default is to assign all ports to a single 802.1Q VLAN named "default."
The "default" VLAN has a VID = 1.
The member ports of Port-based VLANs may overlap, if desired.

IEEE 802.1Q VLANs

Some relevant terms:
Tagging - The act of putting 802.1Q VLAN information into the header of a packet.
•
Untagging - The act of stripping 802.1Q VLAN information out of the packet header.
•
Ingress port - A port on a switch where packets are flowing into the Switch and VLAN
•
decisions must be made.
Egress port - A port on a switch where packets are flowing out of the Switch, either to
•
another switch or to an end station, and tagging decisions must be made.
IEEE 802.1Q (tagged) VLANs are implemented on the Switch. 802.1Q VLANs require tagging,
which enables them to span the entire network (assuming all switches on the network are IEEE
802.1Q-compliant).
VLANs allow a network to be segmented in order to reduce the size of broadcast domains. All packets
entering a VLAN will only be forwarded to the stations (over IEEE 802.1Q enabled switches) that are
members of that VLAN, and this includes broadcast, multicast and unicast packets from unknown
sources.
VLANs can also provide a level of security to your network. IEEE 802.1Q VLANs will only deliver
packets between stations that are members of the VLAN.
Any port can be configured as either tagging or untagging. The untagging feature of IEEE 802.1Q
VLANs allows VLANs to work with legacy switches that don't recognize VLAN tags in packet
xStack DES-3800 Series Layer 3 Stackable Fast Ethernet Managed Switch
68