Explanation of VLAN principles that Tom can understand (1)

Explanation of VLAN principles that Tom can understand (1)

Why VLAN?

1. What is a VLAN?

VLAN (Virtual LAN), translated into Chinese as "Virtual LAN ". A lan can be a network composed of a few home computers or an enterprise network composed of hundreds of computers. A VLAN refers to a LAN that uses a router-separated network, that is, a broadcast domain.

Here, let's first review the concept of broadcast domains. The broadcast domain refers to the range in which a broadcast frame (the target MAC address is all 1) can be transmitted, that is, the range in which direct communication can be performed. Strictly speaking, it is not just a broadcast Frame. The Multicast Frame and the Unknown Unicast Frame can also be freely transmitted in the same broadcast domain.

Originally, a L2 Switch can only build a single broadcast domain. However, after using the VLAN function, it can divide the network into multiple broadcast domains.

2. When the broadcast domain is not split ......

So why do we need to split the broadcast domain? That's because if there is only one broadcast domain, it may affect the overall transmission performance of the network. For more information, see the attached figure.

In the figure, there is a layer-2 switch (switch 1 ~ 5) connect to a network composed of a large number of clients. Assume that computer A needs to communicate with computer B. In Ethernet-based communication, the target MAC address must be specified in the data frame to communicate normally. Therefore, computer A Must broadcast the "ARP Request information" first ", to obtain the MAC address of computer B.

After receiving the broadcast frame (ARP request), switch 1 will forward it to all ports except the receiver port, that is, Flooding. Then, vswitch 2 will also Flooding after receiving the broadcast frame. Vswitches 3, 4, and 5 will also be Flooding. Eventually, ARP requests are forwarded to all clients in the same network.

Please note that this ARP request was originally sent to obtain the MAC address of computer B. That is to say, as long as computer B can receive it, everything will be fine. But in fact, data frames spread throughout the network, so that all computers receive them. In this way, on the one hand, broadcast information consumes the overall bandwidth of the network, and on the other hand, computers that receive broadcast information consume part of the CPU time to process it. This results in significant unnecessary consumption of network bandwidth and CPU computing power.

3. is broadcast information frequently sent?

After reading this, you may ask: is broadcast information so frequently?

The answer is: yes! In fact, broadcast frames appear very frequently. When using the TCP/IP protocol stack for communication, in addition to the preceding ARP, many other types of broadcast information such as DHCP and RIP may need to be sent.

ARP broadcast is sent when it needs to communicate with other hosts. When the client requests an IP address from the DHCP server, it must broadcast DHCP. When RIP is used as the routing protocol, the router broadcasts route information to other neighboring routers every 30 seconds. Other routing protocols other than RIP use multicast to transmit route information, which is also forwarded by the switch (Flooding ). In addition to TCP/IP, protocols such as NetBEUI, IPX, and Apple Talk often require broadcast. For example, in Windows, When you double-click to open "Network Computer", the broadcast (Multicast) information is sent. (Except Windows XP ......)

In short, broadcast is around us. Below are some common broadcast communication:

(1) ARP request: Establishes the ing between the IP address and the MAC address.

(2) RIP: A routing protocol.

(3) DHCP: the protocol used to automatically set IP addresses.

(4) NetBEUI: The network protocol used in Windows.

(5) IPX: The network protocol used by NovellNetware.

(6) Apple Talk: The network protocol used by Apple's Macintosh computers.

If the entire network has only one broadcast domain, once the broadcast information is sent, it will spread throughout the network and bring additional burden to the hosts on the network. Therefore, when designing a LAN, you must be aware of how to effectively split the broadcast domain.

4. The necessity of dividing broadcast domains and VLAN

Generally, vrouters must be used to separate broadcast domains. After using a vro, you can divide the broadcast domain by the network Interface on the vro.

However, generally, there are not too many network interfaces on the vro, and the number of interfaces is larger than 1 ~ About 4. With the popularization of broadband connections, broadband routers (or IP sharing devices) become more common, but it should be noted that although they carry multiple (generally about 4) the network interface connecting the LAN side, but it is actually a vswitch built in the router, and cannot be divided into broadcast domains.

In addition, if you use a vro to separate the broadcast domains, the number of the segments depends entirely on the number of vro network interfaces, making it impossible for you to split the broadcast domains as needed.

Compared with vrouters, L2 switches generally have multiple network interfaces. Therefore, if you can use it to separate broadcast domains, the flexibility of application will undoubtedly be greatly improved.

The technology used to divide broadcast domains on L2 switches is VLAN. With VLAN, We can freely design the composition of broadcast domains to improve the freedom of network design.