LAN technology-based LAN Segmentation

LAN technology-based LAN segmentation www.2cto.com LAN segmentation method is to divide the network into smaller segment bridges, switches and routers by dividing the conflicting domain into smaller parts, this reduces bandwidth competition and collision. A vro can also control the broadcast business flow (traffic), that is, it can divide the broadcast domain into smaller domains. For broadcast domains, the word "subnet" and "VLAN" are more common than "segmentation". A subnet may contain several conflicting domains. A vro can separate broadcast domains because it does not forward any broadcast business flow. The router operates at Layer 3rd (Network Layer) of the OSI model. Because it does not forward broadcast services, there is a simple method to reduce the broadcast domain. 1-3. Figure 1-3 The Four broadcast domains separated by routers Fig 1-3 takes the network configured in Figure 1-2 as an example. The difference is that the "Master hub" is changed to a vro. The four networks connected to the router constitute their independent broadcast domains. Node 2 on hub3 broadcasts to all nodes on hub3, and node 4 on hub1 broadcasts to all nodes on hub1. The same is true for the nodes on the other two hubs. Because the router does not forward any broadcast business flow, the broadcast packets sent from one hub cannot be transmitted to any other hub. By reducing the business traffic on each CIDR block, you can reduce the number of conflicts. In this example, broadcast business flows and conflicts are not the cause of slow network speeds. Local area network segments: When a bridge is used to segment a LAN, a bridge can be used to segment conflicting domains to achieve better network performance. However, improper placement of bridges may degrade network performance rather than improve network performance. Unlike a router, a bridge works on the MAC Sub-layer of the Layer 2 (data link layer) of the OSI model. A bridge not only creates a physical network segment, but also an independent logical network segment. The bridge also creates a table that records all known MAC addresses through the bridge and the network segments of these MAC addresses. By checking the target MAC address in the frame, the bridge determines the correct network segment and forwards the frame. However, if the bridge does not know the location of the MAC address, it uses the flood method to forward the frame to all connected CIDR blocks. In section 1-4, the bridge does not know the destination address of the data frame sent by node 2. It then sends the frame to all three network segments connected to it. Note that the bridge will not forward the data to the node that sends the data. Figure 1-4 The three CIDR blocks separated by bridges differ from those of routers in that they can transmit broadcast packets to the connected CIDR blocks. This feature is not conducive to LAN segmentation because broadcast storms may occur. If you do not worry about broadcast storms, it is acceptable to use bridges to segment the LAN. Www.2cto.com local area network segments: using a switch to segment a LAN Using a switch to segment a LAN can improve the performance of end-user devices. A switch is actually a multi-port bridge. It uses hardware consisting of a dedicated integrated circuit to complete the operations performed by the bridge using software. Like a bridge, the switch also uses the destination MAC address to ensure that data is forwarded to the correct port. Figure 1-5 shows an example of using a vswitch to segment a LAN. This method increases the bandwidth compared with the bridge. Because each CIDR Block operates on the vswitch's own dedicated port, only the business flows with the destination address of other CIDR blocks pass through the source port and destination port of the vswitch, other ports irrelevant to the destination address will not be affected. However, pay attention to the above scheme. Because a switch uses a dedicated Integrated Circuit multi-port bridge, it also transmits broadcast business traffic. However, most vswitches can be configured with a "broadcast limit ". When the broadcast limit is reached, all broadcast messages beyond the broadcast limit are discarded. Select "broadcast limit" to discard broadcast packets only when a broadcast storm occurs. Figure 1-5 when using a vswitch to segment a LAN, note that when different hardware devices are used to segment a LAN, it is very important to remember the different effects they produce.