Profile
What is VLAN? A virtual local area network (VLAN) is made by logically grouping network users and resources on a local area network (LAN) and assigning them to ports on the switch. By using VLANs in CiscoPods, each VLAN receives its own broadcast only, thus reducing bandwidth and increasing bandwidth. VLAN identifications can be used to apply to the location, department, persons, or even application used. A virtual local area network (VLAN) is made by logically grouping network users and resources on a local area network (LAN) and assigning them to ports on the switch. By using VLAN, since each VLAN receives only its own broadcast, bandwidth is increased by reducing broadcast traffic. VLAN identifications can be defined by location, department, individuals, or even by the application or protocol used. By implementing VLANs over the network, many of the problems associated with level 2 switching are eliminated. We can basically group them under 3 headings: 1. Broadcast Control Broadcast is generated by each protocol. However, the intensity varies depending on the protocol, application, and how the service is used. For level 2 switching devices that are used flat (no VLANs), the incoming broadcast packet is sent to each port, regardless of whether the terminal will receive it. If the number of devices on the network is high in the Cisco Packet Tracer, broadcasting will increase exponentially and these packets will be sent to every device on the network. A well-designed network should be segmented according to criteria. The most convenient way to do this is through switching and routing. This prevents broadcast traffic between VLANs. 2. Security Another disadvantage of a flat network without a VLAN is security. On a non-switch network (via a distribution coax cable or hub), the data flow between the two computers is transmitted to all devices connected to the network (collision). This leads to traffic problems and is very insecure due to software and even hardware that listens on all the packets passing through the network and decodes the data. When the switch is used as a distribution device, this vulnerability can be prevented by separating each port into its own collision segment. However, in a flat switch topology, broadcasting is sent to all ports, which means that all devices on the network receive each other's broadcast traffic. A second point is that, on this network, user groups that will not have network relations with others are accessed by other devices and broadcast packets are sent. When the network devices on the switch are separated into VLANs, such vulnerabilities will be eliminated. In this way, a user will not have the chance to connect to any end on the network and listen to the entire network. However, it will be able to operate on the VLAN to which it will connect. 3. Flexibility Broadcast groups are actually created on a network created by creating VLANs. Regardless of the physical location on the switches, you have the flexibility to assign a user to the desired VLAN. Likewise, a VLAN that grows over time can be transferred to newly created VLANs. This is possible with a new port definition on the switch. When the same operation is attempted without using VLAN support, the connection to the central router must be physically ensured for the new subnet to be created. In a VLAN-enabled network, a router or another layer 3 device is needed for routing between VLANs. For each VLAN used on the switch, one end must come from the switch to the router. Relationships between VLANs There are two types of VLANs: 1. Static VLANs: Defined by the network administrator, assigned to switch ports. The switch's port belongs to that VLAN, unless it is changed again by the administrator. This method facilitates network management and monitoring. 2. Dynamic VLANs: In the dynamic VLAN, it recognizes the device connected to the switch port and automatically assigns that port to the recognized VLAN. Network management programs can define dynamic VLANs based on hardware address (MAC), protocol, or even application. For example, suppose MAC addresses are entered in a central VLAN management application. When a device is connected to a non-VLAN port of a switch on the network, the VLAN management database is asked for the MAC address and the received VLAN value is assigned to that port of the switch. If the user changes or the connected device changes, the new VLAN value is requested and assigned to the port. In this case, after careful preparation of the database, the administration and configuration of the network administrator is reduced. For dynamic VLAN usage on Cisco devices, VMPS (VLAN Management Policy Server) provides VLAN map database service against MAC addresses. My Website: https://www.ciscopods.com/
Forum Role: Participant
Topics Started: 0
Replies Created: 0