Brief introduction of virtual local Area network technology

VLAN technology:
VLANs have the following advantages:
Broadcast storm of ① control network
② Ensure network security
③ simplifies network management
1, VLAN overview
VLAN (virtual local area network) is a fictitious LAN, which is a new technology to realize virtual workgroup by dividing the devices in LAN into network segments logically rather than physically. IEEE promulgated in 1999 to mark
The draft 802.1Q protocol standard for the quasi-VLAN implementation scheme.
VLAN (virtual LAN) is a logical segment of the network user connected to the second layer switch port, which is not limited by the physical location of the network user and is segmented according to the user's requirement. A VLAN can be implemented on one switch or across switches. VLANs can be based on the bits of the network user
The placement, role, department, or grouping of applications and protocols that are used by network users. The virtual LAN based on switch can solve the problem of conflict domain, broadcast domain and bandwidth for LAN.
VLAN technology allows network administrators to logically divide a physical LAN into different broadcast domains (or virtual LANs, or VLANs), each containing a set of computer workstations with the same requirements, with the same attributes as a physically formed LAN. But since it is logos
Rather than physically dividing, the workstations within the same VLAN need not be placed in the same physical space, that is, they do not necessarily belong to the same physical LAN segment. Broadcast and unicast traffic within a VLAN is not forwarded to other VLANs, which helps to control
System flow, reduce equipment investment, simplify network management, improve network security.
VLAN is a protocol to solve the broadcast problem and security of Ethernet, it adds VLAN head on the basis of Ethernet frame, divides user into smaller working group with VLAN ID, restricts two levels of mutual visits between different teams, and each workgroup is a virtual LAN.
The advantage of the virtual LAN is that it can limit the broadcast scope and can form virtual workgroup and manage the network dynamically.
VLAN on the switch implementation method, can be roughly divided into 4 categories:
1, based on the port-divided VLAN
This method of dividing the VLAN is based on the port of the Ethernet switch, such as Quidway S3526 1
4 Port for VLAN 10,5
17 for VLAN 20,18
24 is VLAN 30, of course, these belong to the same VLAN port can be discontinuous, how to configure, by the administrator, if there are multiple switches, for example, you can specify the switch 1 of 1
6 port and switch 2 of 1
The 4 port is the same VLAN, that is, the same VLAN can span several Ethernet switches, according to the Port division is currently the most widely defined VLAN, the IEEE 802.1Q specified the Ethernet switch based on the port to divide the VLAN international standards.
The advantage of this partitioning approach is that it is very simple to define a VLAN member, as long as all the ports are defined. The disadvantage is that if a user of VLAN a leaves the original port and has a port on a new switch, it must be redefined.
2, based on MAC address Division VLAN
This method of dividing the VLAN is based on the MAC address of each host, that is, the host of each MAC address is configured which group he belongs to. The biggest advantage of this VLAN-partitioning approach is that when a user moves from one switch to another in a physical location, the VLAN
No reconfiguration, so, you can think this according to the MAC address partition method is based on the user's VLAN, this method is the disadvantage of initialization, all users must be configured, if there are hundreds of or even thousands of users, the configuration is very tired. And this method of division also leads
Reduces the efficiency of switch execution because there may be a number of members of the VLAN group on the ports of each switch, so that broadcast packets cannot be restricted. In addition, for users who use laptops, their network cards may often be replaced, so the VLAN must be constantly configured.

3. Dividing VLAN based on network layer
This method of dividing VLANs is based on the network layer address of each host or protocol type (if multiple protocols are supported), although this partitioning method is based on the network address, such as the IP address, but it is not a route, it has nothing to do with the routing of the Network layer. Although it looks at the IP address of each packet,
However, because it is not routing, there is no routing protocol such as RIP,OSPF, but the bridge exchange based on the spanning tree algorithm,
The advantage of this approach is that the physical location of the user changes, does not need to reconfigure the VLAN to which it belongs, and the VLAN can be partitioned according to the protocol type, which is important to network administrators, and this method does not require additional frame tags to identify the VLAN, which can reduce network traffic
Amount
The disadvantage of this method is the low efficiency, because check each packet's network layer address is to consume processing time (relative to the previous two methods), the general switch chip can automatically check the network packet Ethernet, but to allow the chip to check the IP frame head, need higher technology, with
Time is also more time-consuming. Of course, this is related to the implementation methods of each vendor.
4, according to IP multicast partition VLAN
IP multicast is actually the definition of a VLAN, that is, a multicast group is a VLAN, this division of the method to extend the VLAN to the WAN, so this method has greater flexibility, but also easy to extend through the router, of course, this method is not suitable for LAN
, which is mainly inefficient.
In view of the current trend of the industry VLAN development, taking into account the advantages and disadvantages of various VLAN partitioning methods, in order to meet the needs of users in the specific use process, to reduce the user in the specific use and maintenance of the VLAN workload, Quidway S series switches are based on the port
The way to divide the VLAN.