CompTIA® Network+ : Vlan & Common Tcp And Udp Default Ports

VLAN - Virtual Local Area Networks:

VLAN derives it's name from the fact that there is only one physical network, but two or more logical networks. A VLAN may be created by any of these methods:

• VLAN by port association - Membership in a VLAN can be defined based on the ports that belong to the VLAN. For example, in a bridge with four ports, ports 1, 2, and 4 belong to VLAN 1 and port 3 belongs to VLAN 2. The main disadvantage of this method is that it does not allow for user mobility. If a user moves to a different location away from the assigned bridge, the network manager must reconfigure the VLAN.

• VLAN by MAC address association: Here, membership in a VLAN is based on the MAC address of the workstation. The switch tracks the MAC addresses which belong to each VLAN (see Figure4). Since MAC addresses form a part of the workstation's network interface card, when a workstation is moved, no reconfiguration is needed to allow the workstation to remain in the same VLAN. This is unlike Layer 1 VLAN's where membership tables must be reconfigured. The main problem with this method is that VLAN membership must be assigned initially. In networks with thousands of users, this is no easy task. Also, in environments where notebook PC's are used, the MAC address is associated with the docking station and not with the notebook PC. Consequently, when a notebook PC is moved to a different docking station, its VLAN membership must be reconfigured.

• VLANs by Protocol Type - VLAN membership for Layer 2 VLAN's can also be based on the protocol type field found in the Layer 2 header. For example, VLANs that carry only IP traffic and those that carry only IPX traffic. However this type of VLANs are not popular.

• VLANs by IP subnet address - Membership is based on the Layer 3 header. The network IP subnet address can be used to classify VLAN membership. Although VLAN membership is based on Layer 3 information, this has nothing to do with network routing and should not be confused with router functions. In this method, IP addresses are used only as a mapping to determine membership in VLAN's. No other processing of IP addresses is done. In Layer 3 VLAN's, users can move their workstations without reconfiguring their network addresses. The only problem is that it generally takes longer to forward packets using Layer 3 information than using MAC addresses. This is the most widely used VLAN type.

The 802.1Q draft standard defines Layer 1 and Layer 2 VLAN's only.

The following are the important terms associated with VLANs:

• VLAN 1 is the management VLAN.

• Static VLAN : VLAN is statically assigned to the physical port and never changes.

• Dynamic VLAN : VMPS automatically assigns VLAN based on MAC

• Access Link : An access link can carry only one VLAN (used between host and switch port)

• Trunk Link : A trunk link can carry multiple VLANs. Used to connect to other switches, routers, or servers

• Two types of Trunk framing: ISL (Cisco only) and 802.1.q