The expansion of enterprise scale has created the continuous expansion of enterprise network scale, many enterprises in the expansion of the network scale used in the original network directly to increase the computer method to achieve, followed by the network system has become more and more complex, the network management has become increasingly difficult, the network security index has become increasingly low, and the utilization rate of network resources is greatly reduced, how to manage the network efficiently and make use of network resources reasonably become the biggest problem of the enterprise.
Using VLAN to divide the network system can make the administrator more convenient to manage the enterprise network, and the VLAN network flexible expansion ability also lets the enterprise network scale expand without the network chaos situation, the VLAN network has the control broadcast storm ability to let the enterprise network resources performance to be greatly improved, And VLAN network also has the characteristics of simple management and high security.
Therefore, using VLAN in the initial design of the network can bring great benefits to the future expansion of the network.
In ordinary small enterprises, the use of routers to divide VLAN is a cost-saving method, but in large and medium-sized enterprises, the use of routers to divide the VLAN will seriously affect the performance of the enterprise network, and the communication between VLANs must be routed to achieve, therefore, The three-layer switch with routing function is widely used in large and medium enterprise VLAN networks.
But we must be clear that the use of the three-tier switch VLAN network also requires routers, but the router is only the enterprise network and the Internet Connection tool, the VLAN communication between the routers will not be implemented.
VLAN network structure based on three-layer switch the most characteristic of VLAN network is its flexibility, while VLAN is the main static VLAN and dynamic VLAN, the static VLAN is actually based on the VLAN of the port. This method of partitioning is very complex because the administrator has to configure the ports of each switch, which is not generally used.
Dynamic VLAN is divided into three different ways, based on Subnet VLAN, VLAN based on MAC address, VLAN based on user.
Each of these three ways has its own characteristics, so we can be flexible when dividing the VLAN network, such as mobile users because the external wireless network card can be replaced at any time, so we can use the user's VLAN partition method, this part is zoned as a user based VLAN. And some fixed users we can use the VLAN approach based on the subnet, that is, a segment of the IP divided into a VLAN. Therefore, it is very flexible to divide the VLAN.
The image above shows that the first layer of the network we still adopt a router, which is because the router itself is the only tool to connect intranet and extranet, therefore, routers can not be missing, but the VLAN communication route is not implemented in the router. But we also need to note that the large VLAN network due to the large number of data transmission, the requirements of the router is very high, so we can not simply think that there is a three-tier switch to the router requirements are not high.
Therefore, we choose the router or according to the size of the entire network. The second tier is the three-tier switch, which is the key to the entire large VLAN network. The three-layer switch has two functions, routing and switching, in which the routing function is the key technology to realize VLAN communication.
When the first stream of data flows into the three-tier switch, the three-tier switch will route the data stream, the benefit of a three-tier switch at the same time that it generates a map of the MAC address and IP address is that once the same data flows into the three-tier switch, no three-layer switch is required to route the data stream again , this data flow can realize the VLAN communication only through the three-layer switch, thus effectively lifting the network bottleneck caused by the router.
The three layer switch is also the key to the VLAN network, the administrator only needs to configure the three-tier switch to complete the VLAN network partition. So in the choice of three-layer switch, we must according to their actual situation to make reasonable choices, in order to more effectively ensure the entire VLAN network normal operation.
In the third layer of the network, we choose the two-layer switch, the function of two-layer switch in VLAN network is actually only to ensure the normal operation of the whole network, if the network is very large, then this layer is best to select Gigabit switch, let the next layer of the network continue to connect the switch to expand, if the network is not very large size ( The number of computers connected with a three-tier switch is at least 200 or more, and this layer directly selects the normal switch.
At the bottom of the network is the foundation of the entire network, but also we decide how to divide the VLAN network standards, they are the enterprise's computer terminals, servers and so on.
400 node Enterprise network design below we have to design a 400-node Enterprise VLAN Network, we assume that this enterprise is divided into sales, after-sales service department, design department, Finance department, the server area composition. Among them, the sales department has 20 computers, the after-sales service department has 20 computers, the Finance Department has 20 computers, the server area has 20 servers, the design department has 320 computers.
We can divide the entire enterprise network into 6 VLANs, if the user to the design department of the amount of computer feel a bit large, but also the Department of the computer for the VLAN fine. The following figure is a VLAN partition chart for this 500 node.
Again, the division of VLAN network needs to be configured on the three-tier switch to achieve, the above image is configured after a VLAN structure diagram. We see that in the above figure of the sales department, after-sales service department and the Finance department three VLAN are selected two layer switch, because these departments on the network bandwidth requirements, coupled with a small number of computers, each VLAN only 20, in fact, we choose 24-port switch can achieve VLAN, Users can decide according to their own actual situation.
Design part of the VLAN because of the number of computers, so we use a gigabit switch with a number of common switches to implement VLANs, and in the server we also chose the gigabit switch to connect, mainly because the server on the network bandwidth itself requires very high.
The choice of layer three switches and routers is also based on the actual situation.