VLAN protocol
1. Technical background of VLAN
1.1. Introduction
1.2. VLAN technical background
1.3. Advantages of VLAN
Effective control of the scope of the broadcast domain
Enhance the security of the LAN
Flexible construction of virtual work groups
Simplified network management
2. Basic principles of
VLAN 2.1. Overview of
VLAN
Virtual LAN, virtual local area network A physical LAN is logically divided into multiple broadcast domains
1 VLAN = 1 broadcast domain = 1 subnet
Broadcast will not be in VLAN Forwarding between
different VLANs , but is restricted in their respective VLANs. By default, communication between different VLANs cannot be communicated, and Layer 3 devices are required to communicate
2.2. The range of
VLAN 0-4095, total 4096 (0 and 4095 are reserved, 1 is the default)
2.3. Introduction of VLAN tag
IEEE 802.1q: 802.1q is the official standard of VLAN. The Ethernet frame format is modified, and a 4-byte 802.1q Tag is added between the source MAC address field and the protocol type field.
Each switch supporting the 802.1q protocol sends The data will contain the VLAN ID to indicate which VLAN the data packet belongs to.
Therefore, in a VLAN switching network, the Ethernet frame has the following two forms:
2.4. VLAN link type
Access Link (access link) The link
used to connect the host and the switchThe
access link transmits untagged frames
Trunk Link (Trunk Link) Used
for interconnection between switches or links between switches and routers
Frames transmitted on trunk links are almost all tagged frames for identification at both ends
2.5. PVID
Port VLAN ID, representing the default VLAN ID of the port
Default PVID=1
2.6. VLAN port type
Access (access port) Receive
data: Add VLAN tag after Access port receives the data frame Send
data: Access port remove VLAN tag before forwarding data
Trunk (Trunk Port) The VLAN ID of the frame
sent is
forwarded in the Trunk's allowable forwarding list, otherwise it is discarded
When sending a data frame, if the tag and PVID are the same, the tag is stripped and sent
When sending a data frame, if the tag is Different from PVID, send it directly
Receive data
When the data frame is received, if there is a tag, it will be received directly.
When the data frame is received, if there is no tag, add the PVID of the port
2.7. VLAN port type
Port-based is the most common
2.8. VLAN configuration
3. Inter- VLAN
communication 3.1. Inter-
VLAN communication limitations Each VLAN is an independent broadcast domain, and the second layer between different VLANs has been isolated, so the nodes belonging to different VLANs cannot be directly accessed
Need to be introduced Routing technology to achieve communication between different VLANs. VLAN routing can be implemented using routers or through Layer 3 switches
3.2. Inter-VLAN interconnection solutions
3.2.1. One-arm routing
3.2.2. SVI interface of Layer 3 switch
