Introduction to management and testing of VLAN Technology

In the past, vrouters and hubs were often used in the network, but now many networks use vswitches. How do we face the challenges of routing networks and switching technologies?
Currently, vswitches are dominant in the network market, because of their high cost effectiveness and flexible structure. They can be flexibly configured with future application changes.
Numbers can best indicate problems. In a vswitch with a 100 Mbps uplink, the cost of each 10 Mbps controlled vswitch port is USD. The routing technology does not really assign a user to each port to segment the network. The cost of each router port is at least three or four times that of the switch port, so the management burden is astonishing. Although the vro segment network only has TCP/IP traffic, due to the high cost, low performance, too many subnets, and heavy configuration workload, it will soon fail. In comparison, a vswitch and a hub are plug-and-play devices. Currently, a routing device with the "self-taught" function is available, and the port is automatically configured using the Supported Protocol. By default, a pure switching network is a flat network. If each node has its own switch port, it is difficult for the Network to compete. That is, the incoming traffic and the outgoing traffic of the node compete for resources, and vice versa. In contrast, in traditional shared network segments or loops, the throughput of each node decreases with the increase of nodes. For example, the 10BaseT network with 25 nodes can only provide an average bandwidth of Kbps to each node, while a node with a dedicated switching port has 10 Mbps throughput.
Generally, nodes are used to advertise or find unknown broadcast technologies, which can greatly provide the network throughput. Generally, single-site broadcast frames can only be broadcast to one destination node and intermediate exchange port. Since the day when bridges became popular, we know that we do not really want broadcast domains with thousands of nodes, because broadcast storms are unpredictable and difficult to control.
Changing a flat network into a smaller broadcast domain is tantamount to turning a switching network into a colorful palette. Instead of using a vro to define subnets of any size, it is better to use a vswitch to create a Virtual Local Area Network (VLAN ).
VLAN management
VLAN is inseparable from the switch network, but the management environment must be redefined for implementing VLAN. The VLAN-defined logical domain involves the possible view in the network. Therefore, the network management platform can display IP addresses and sometimes IPX-based images. If a VLAN is deployed, its topology may not match the preceding view. After deploying a VLAN, you may be interested in monitoring traffic and generating alarms based on the VLAN.
Currently, most vswitch-based VLANs are dedicated. The IEEE 802.1P Committee has developed a multi-access broadcast standard that enables VLAN members to communicate without the VLAN broadcast suppression task. Prior to implementing the above standards in interoperable software and hardware, VLAN configuration will still require the maintenance of a single vendor switch environment.
Even in a single supplier VLAN, network management is also a challenge. For example, checking VLAN dialogs requires that the statistical information processed by the management software be different from checking common LAN or IP subnet dialogs: rmon mib and RMON-2 MIB provide a framework for determining the LAN and subnet information, respectively, and VLAN configurations must define their own MIB, or how the configuration gets the above information based on other MIB. In addition, to provide a coherent VLAN behavior characteristic diagram, management software must collect and merge data from multiple RMON detectors.
If the above problem is serious, it is necessary to consider capturing the VALN data of multiple switches only for intermediate switch links or backbone networks. In a large network, the trunk is almost Mbps or above, and the deployment of high-speed controllers is different from common VLANs, and the cost is very high.
VLAN configuration

If a VLAN is defined based on the switch port, it is usually easy to assign one or more users to a specific VLAN using a drag-and-drop software. In a non-switched environment, it is difficult to move, add, or change the patch cord on the wiring board to move one hub port to another. However, changing VLAN allocation still relies on manual operations: in large networks, this is time-consuming, so many network providers advocate VLAN-based operations to simplify movement, addition, and modification.
The VLAN allocation scheme based on MAC addresses can automate some operations such as moving, adding, and changing. If a user is assigned to one or more VLANs Based on the MAC address, their computer can connect to any port of the switching network, and all traffic can reach the destination correctly. Obviously, the administrator needs to perform initial VLAN allocation, but manual intervention is not required for users to move to different physical connections. For example, there are many mobile users' websites, they are not always connected to the same port-maybe because the office is temporary, using a VLAN Based on the MAC address can avoid a lot of trouble. What about traditional Layer3 technology? The IP subnet nearest to the VLAN is used: Each subnet requires a router port, because traffic can only be transferred from one subnet to another through one router. Because the IP 32-bit address provides limited address space, it is difficult to allocate a subnet address and check whether you are familiar with the binary algorithm. Therefore, it is difficult, slow, error-prone, and costly to move, add, and modify IP addresses. In addition, it may be necessary for the company to re-number the network when changing ISP or adopting new security policies, which is unimaginable for large networks.
In fact, if someone uses an existing subnet-Based IP address and accesses any VLAN member based on the IP address, the router may be overwhelmed by unnecessary traffic.
If many subnets have VALN members, common VLAN broadcasts must be routed to all members. In addition, the wide area link generates additional broadcast traffic; the number of VLAN members with WAN connection services should usually be kept at the lowest level. In fact, the VLAN member value based on the Layer3 address may be useful in enhancing and modifying the existing subnet distribution. For example, you can add two new nodes to the VLAN through a full subnet, alternatively, you can use two subnets to form a VLAN without re-numbering.
Cabletron's SecureFast Virtual Networking Layer3 switching technology uses a Routing Server model instead of a traditional routing model. The first information packet is transmitted to the Routing Server for regular route computing, but the switch can remember the path. Therefore, the subsequent information packet can be exchanged in Layer2 without checking the route table. Because a VLAN based on a pure Layer3 address is available, the IP address can be used as a common network ID, allowing anyone to connect to any data link for full network access, greatly simplifying the tasks of moving, adding, and changing the network.
However, there are other ways to solve the management problem caused by IP subnet. DHCP Dynamic Host Configuration Protocol) other technologies that have allocated addresses to users during connection can be used to solve the above problems.

VLAN Testing
Traditionally, shared media, such as Ethernet conflicting network segments or card rings, have become a unit in network management. Protocol analyzers connecting network segments or links anywhere can capture all conversations that occur on the node itself. The SNMP proxy of the hub captures the entire network segment traffic, error and broadcast statistics. RMON detector is a network monitor or handheld troubleshooting device that detects all major events that occur on shared media. These devices provide testing means, that is, basic data capture jobs, to effectively manage networks.
The switching network must be equipped with similar tools. As the number of networks or rings doubles, the necessary devices also multiply accordingly. For older 10BaseT, most independent RMON detectors are expensive.
At the same time, the traffic of any network segment may only have one source and one destination, making it difficult to analyze the problem. Even if it is a very simple problem, such as observing whether the broadcast is correctly transmitted to VLAN members rather than to other nodes, you also need to connect the protocol analyzer and a three-port repeater to each network segment of the VLAN.
But the situation is not very bad. Common connection components such as NICs, connectors, cables and ports can be tested using previous methods and they are not affected by the switching structure. Problems with servers, routers, printers, and workstations may be difficult to solve. You can diagnose any node in a VLAN if the vro uses NetBIOS to bridge the VLAN improperly. Other problems, such as conflicts, should be eliminated, because the media is no longer a shared media, or the degree of sharing is not as high as before.
The switch supplier has done a lot of work to solve the problem of insufficient exchange network testing equipment. Many switches can configure one monitoring port to connect to the protocol analyzer or other monitors. In some vswitches, you can configure the monitoring port to check the traffic between any two ports. In a few basebased switches, the monitoring port can be used to capture all traffic transmitted by the switch. These monitoring tasks can be achieved through magic electronic technology without affecting the performance of the switch. If your switch does not have a monitoring port and each port has no RMON, you cannot perform monitoring tasks, even if it can be executed, it is difficult and expensive. Therefore, you must consider whether a vswitch has a monitoring port.
In addition, many vswitch vendors also provide RMON agents for each port. If the basic switch hardware is not integrated with the RMON device, it will not weaken the overall performance of the system.
Conclusion
Major vendors aim to support VLAN creation based on ports, MAC addresses, and Layer3 addresses. There is also a saying that it supports multi-access broadcast support for compressing video or audio data streams by applying VLAN members. When VLAN definitions are rich and flexible, other interesting Management Services may become mature. In particular, the Administrator no longer needs to drag an icon to an image to create a VLAN member. The VLAN can be dynamically defined using policy management.
With the launch and implementation of VLAN products and solutions that can be dynamically defined, the challenges for configuring and managing network nodes will also be fundamentally changed. For administrators who are heavily engaged in management, VLAN does not seem to change their predicament because they must forget some router-based networking principles. However, in any case, every administrator will face a switched network, and VLAN is an important tool to achieve business goals.

Related Articles]

• Large-scale Ethernet applications break through the bottleneck of VLAN Division
  

• How can VLAN be prevented from causing disasters?
  

• Research on the Application of VLAN Technology in Wired Broadband Networks