We know that the traditional LAN Ethernet adopts the CSMA/CD method with conflict detection. In the CSMA/CD network, nodes can use the network whenever they have data to be sent. Before a node transmits data, it performs a "listener" to check whether the network is busy. If not, the node starts to transmit data. If the network is in use, the node waits. If the two nodes do not hear anything and start to use the line at the same time, a conflict will occur. When sending data, if it uses a broadcast address, all the PCs in this network segment will receive data packets, so that if there are many PCs in this network segment, it is easy to cause a broadcast storm. Conflicts and broadcast storms are important factors affecting network performance. To solve this problem, the concept of VLAN is introduced.
A virtual network is a virtual working group established by a network switching device in the entire network. The virtual network is logically equal to the Layer 2 broadcast domain of the OSI model, and has nothing to do with the specific physical network and geographical location. A virtual workgroup can contain departments and working groups in different locations, without having to reconfigure any ports physically, thus realizing that network users are not related to their physical locations. The Virtual Network Technology divides traditional broadcast domains into independent sub-broadcast domains as needed, and limits broadcast in virtual working groups. Due to the narrowing of the broadcast domains, the proportion of bandwidth consumed by broadcast packets in the network is greatly reduced, and the network performance is significantly improved. Let's take a look at the figure below. Figure 1 shows that departments of the same nature in the two floors are divided into one VLAN, so that the accounting data will not be broadcast to the machines on the market, there will be no data conflicts with machines in the market. Therefore, VLAN effectively separates conflicting domains and broadcast domains.
We can define VLANs on a port of a vswitch. All terminals connected to this specific port are part of the virtual network, and the entire network can support multiple VLANs. VLAN uses a network firewall to minimize unnecessary data traffic and isolate transmission between VLANs and possible problems. This greatly increases network throughput and reduces network latency. In a virtual network environment, you can divide different virtual networks to control the communication between users in the same physical network segment. In this way, data confidentiality is effectively realized, and configuration is not troublesome. The network administrator can logically reconfigure the network to quickly, easily, and effectively balance load traffic, you can easily add, delete, and modify users without physically adjusting network configurations. Since VLAN has so many advantages, why don't we understand it and apply the VLAN technology to our real network management. Let's take an example of configuring static VLANs on a Catalyst 1900 switch to see how to configure VLANs on the switch.
After configuring the Super Terminal, you can refer to 1900 Series Ethernet switch Quick Start Guide or other CISCO references after connecting to the 1900 switch. The following main configuration interface is displayed:
1 user(s) now active on Management Console. User Interface Menu [M] Menus [K] Command Line [I] IP Configuration Enter Selection: |
We will briefly introduce the three options shown here. [M] Menus is the main menu, mainly the initial configuration of the switch and monitoring the running status of the switch. [K] Command Line is a Command Line. It is similar to configuring and monitoring a vro using commands in a vro. [I] IP Configuration is an option for configuring IP addresses, subnet masks, and default network management. This is the first interface displayed when you connect to the vswitch. If you have configured the IP Configuration, this option will not be available for the next login. Because the Command configuration is concise, clear, and easy to understand, we use [K] Command Line to implement VLAN configuration.
After configuring the Super Terminal, you can refer to 1900 Series Ethernet switch Quick Start Guide or other CISCO references after connecting to the 1900 switch. The following main configuration interface is displayed:
1 user(s) now active on Management Console. User Interface Menu [M] Menus [K] Command Line [I] IP Configuration Enter Selection: |
We will briefly introduce the three options shown here. [M] Menus is the main menu, mainly the initial configuration of the switch and monitoring the running status of the switch. [K] Command Line is a Command Line. It is similar to configuring and monitoring a vro using commands in a vro. [I] IP Configuration is an option for configuring IP addresses, subnet masks, and default network management. This is the first interface displayed when you connect to the vswitch. If you have configured the IP Configuration, this option will not be available for the next login. Because the Command configuration is concise, clear, and easy to understand, we use [K] Command Line to implement VLAN configuration.
Select [K] Command Line and Enter the Command Line To configure enter Selection: K press Enter CLI session with the switch is open. To end the CLI session, enter [Exit].> |
Now we enter the common user mode of the vswitch, just like a vro. In this mode, we can only view the current configuration, but cannot change the configuration, and the commands that can be used are very limited. We enter enable to enter the privileged mode:
> Enable # config t Enter configuration commands, one per line. end with CNTL/Z (config) # for security and convenience, we give this switch a name and set the login password. (Config) # hostname 1900 Switch 1900 Switch (config) # enable password level 15 goodwork 1900 Switch (config )# |
Note: The password must be 4-8 characters long. The vswitch password is slightly different from the vro. The vswitch uses the level to determine the password permission. Level 1 is the password for entering the command line interface. That is to say, after you set the password for level 1, you will be asked to enter the password next time you connect to the switch and enter K, this password is the password set for level 1. Level 15 is the privileged mode password that you enter after you enter the enable command. Enable password and enable screet are used in the vro to distinguish between them.
Well, we have already set the name and password to ensure security. Let's set the VLAN. The VLAN settings are divided into the following two steps:
1. Set the VLAN name
2. Application to Port